last executing test programs: 3.845184575s ago: executing program 0 (id=1417): prctl$auto_PR_SET_CHILD_SUBREAPER(0x24, 0x7, 0x4061, 0x1, 0xffffffff80000000) prctl$auto_PR_SET_CHILD_SUBREAPER(0x24, 0xffffffffffffffff, 0x4, 0x7, 0x8) r0 = clone$auto(0x0, 0xe000, &(0x7f0000000000)=0x6e7e, &(0x7f0000000040)=0x8, 0x9) prctl$auto_PR_SET_CHILD_SUBREAPER(0x24, 0xfffffffffffffffb, 0xffffffffffffffff, 0xc7, 0x0) r1 = pidfd_getfd$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x6) r2 = syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f00000000c0), 0xffffffffffffffff) r3 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/io\x00', 0x2, 0x0) fstat$auto(0xffffffffffffffff, &(0x7f0000000140)={0x8000000000000000, 0x1c8fb00e, 0x6, 0x8, 0xee00, 0x0, 0x0, 0x40, 0x8, 0x441, 0x5, 0x100, 0xdc2, 0xffff, 0x9, 0x7, 0x100000000}) sendmsg$auto_MAC802154_HWSIM_CMD_DEL_EDGE(r1, &(0x7f0000000800)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000007c0)={&(0x7f0000000200)={0x5b4, r2, 0x429, 0x70bd27, 0x25dfdbfd, {}, [@MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0x10000}, @MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0xf0}, @MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0x5}, @MAC802154_HWSIM_ATTR_RADIO_EDGE={0x98, 0x2, 0x0, 0x1, [@generic="1f104476ccecca5ca89f792e022e6aad36aaa3043120d18f224b016acf2b54840acfdf99bb3176a7b6f7efdc0c986033993b4883e78481c2d8ddc7c8876b0a1ac1ad90630e3416e532fa78c0a9c0e60c547e3f65f1b35aa450506a83de327f615a7c59525f9d79d016dfed", @typed={0x4, 0xc4}, @typed={0x14, 0x104, 0x0, 0x0, @ipv6=@remote}, @generic=',', @typed={0x8, 0x116, 0x0, 0x0, @fd=r3}, @nested={0x8, 0xed, 0x0, 0x1, [@nested={0x4, 0x4c}]}]}, @MAC802154_HWSIM_ATTR_RADIO_EDGES={0x1f0, 0x3, 0x0, 0x1, [@nested={0x59, 0x10b, 0x0, 0x1, [@generic="9804e495a3f97d74ab1fa23459aad89f84e4ddd6d871d31a12709ac3cf652ce145df9dea7e2959c04635cbcb2abbfab323f18e748050cae3972aaa065e", @typed={0x8, 0xbd, 0x0, 0x0, @u32=0x3ff}, @nested={0x4, 0xf4}, @typed={0x4, 0x3d}, @nested={0x4, 0xe0}, @typed={0x4, 0x13f}]}, @generic="d31c476221f85062b802f804b023817365d9f1a12729ca4d59552c85b8d0a8592fcaa61a0f545be1a93b5607632d7b12b3cfc37f8348e8c4dba60a988e49bfe5a029e135521ca2ef96b1bee46c222d0ff4a65f672943827994ca387efd29d8a85c5b05ce86daa5d1775c7e56286da592aad00668", @typed={0x8, 0x86, 0x0, 0x0, @u32}, @nested={0x112, 0x3b, 0x0, 0x1, [@nested={0x4, 0x61}, @generic="70719151631fd3a988002b9a9a1065febf1606f60e34a890d5af967843792281ddde18ca910465e0b904d865c50302f4389cc35f661e41cc0c59d5a0eb36cc9184b4898c16fb3cef18b3bf37eee0b61b993f8f8fd9611c40a0758d572f", @generic="299664d23030b43425bade8ded553b1dbd42338c144d4b4a908ca6870c5b062a2481b3a3bf6744c1cd7baed41d39efe7b72e775e511ea7b3b27087f51df2bf3e8ce4ef53f07a984beb8e62a9716c0a19cca52ef1e018ea8bf63928f66dd517af98c6c77e5f5e2a3d99a9a4dcf6ed1d971b77faee884a13c85f2671f55c55f3d65634d854b63214e78cc1875258fa04a9cb46e5f0f0cb05600480174c671e8cbe6fefa08fc35f559166", @nested={0x4, 0x27}]}]}, @MAC802154_HWSIM_ATTR_RADIO_EDGES={0xc, 0x3, 0x0, 0x1, [@typed={0x8, 0x109, 0x0, 0x0, @u32=0x5}]}, @MAC802154_HWSIM_ATTR_RADIO_EDGE={0x2f4, 0x2, 0x0, 0x1, [@nested={0x2ef, 0xc0, 0x0, 0x1, [@generic="a998a5eeb5106f7e08529a76e5f85984c80ca40358cf9bfcb0bf0c54459505168ccb3444f3ffd5c4a52c47fb9b29b148bd4830faf479fcfcda37136423ab5af692bd880dfc1ba792816d0684e67c7d467648f1b4da34e2f864a8fcdce8566e995b305f4787f9222c8b", @typed={0x8, 0x19, 0x0, 0x0, @uid=r4}, @typed={0xe4, 0x68, 0x0, 0x0, @binary="1863206dc3b6bf19157f3c7ef6c47598432edcc9a772d44817d0d2d79f0258f21978593e467ff0ee8159291424dd9971082143051304da0420227b155d89286a9831257c1694a933bbd059470d7fdf2f157b8b8a4b4be90d0a6c3502f792136d2a6b3f250e12be0b0062bbf0183c88705ef887f624d05c81c5d34d7a5f598667b31208cca63d664bde3553c1b09c1f454f5077ca9fd717d38348cc370f62da0837340dcee0446438f739c7bc8e9de758c8a8dffac5233d2e4f5a720c9829cea83bff91fe4985bdf9939b13cecc15391438210a2b04e02122485fe11693a4b125"}, @typed={0x14, 0x104, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @empty}}, @nested={0x4, 0x91}, @generic="a81a5ef36060612779c588ce35fb3be5bda5476428489ca468b9d1ee360432fd7fc78a7b2bb75e992754b1ec1d2225852c6fe1b986ba2d953c2a018f94dfb2f5b4939e6475b4e12daad7530c08ca0493d34d23a1b2ec78eb2e668fb5b6b558cdea91b3780f5dac6ad52955a79691ecb633bb801ff0ff33b659aef21af69e75ac353fda8a186ec46058b30b30c0b70b2575d963fc9d42a80645a136d11a85bbbd9faddb78b090c7d3381323c6806507c35a4161132e4d2be039f8ddea8631", @nested={0x4, 0x139}, @typed={0x8, 0x56, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x4, 0x1f}, @typed={0xad, 0x139, 0x0, 0x0, @binary="ca9e9084f891068aba0d866c1052238a341a10df3d2c8496445ddda7b6f9d472b0f4b1c7c51f78f8ab420b63ffb6e75e76c84a6558ac83eb834b8d0803450bea042ec3e8d21f8a4e1480b115b0b1b289b2bade36d405ea2826938cc04ff449c8c12bf489cabe8aefb72c768ebb52ed62a3de30e33d60c6aabd927f5ccba133a8834be6fcafc3c743ce01d4d86ba7223cda4905241150cbb6135dfbb279863a60fd052dcc4d88c24b3c"}]}]}]}, 0x5b4}, 0x1, 0x0, 0x0, 0x80}, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000840)='/dev/bus/usb/040/001\x00', 0x22200, 0x0) ptrace$auto_PTRACE_SYSEMU(0x1f, r0, 0x0, 0x8000000000000001) r6 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000008c0), r1) r7 = openat$auto_clear_warn_once_fops_(0xffffffffffffff9c, &(0x7f0000000900), 0x3150c3, 0x0) msgctl$auto_MSG_STAT(0x6e35, 0xb, &(0x7f00000009c0)={{0x9, r4, r5, 0x3, 0x3, 0x5, 0x4}, &(0x7f0000000940)=0x81, &(0x7f0000000980)=0x9, 0x4, 0x200, 0x2a0, 0x6, 0x0, 0x83d, 0x40, 0x9, @raw=0xff, @inferred=r0}) sendmsg$auto_NL802154_CMD_DEL_SEC_DEVKEY(r1, &(0x7f00000036c0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000003680)={&(0x7f0000000a40)={0x2c04, r6, 0x1, 0x70bd25, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY_CAPS={0x14b7, 0x18, 0x0, 0x1, [@generic="fe33b019b66d0f4320d92fbe58dfde0a09d291dc7534c8fc287c12a6cacdea7bf0175a5290dfe9362cbe518d0fb16fda71e36e3efb2f4b686a523d29228d1b0290475925b3685b4c609a518bec7bd54cf631b4e1c2c47ddc922caed43ba97f240474b461f0265904db88dcc394769a603b515a4bf30ff1670c259ed5b2e65b7625dcce53075ad0a2eef34a471fced07d8e752b6d67b573ba985a25c6a45a1e5c833c4cd520f15ca7d5018532c302d6bf165bc44c74e7298bfd2eeca812c198180384ad1adf33760d5da1c5e42d59048e2d0d39eda7a3f0bfd7a5493727", @generic="2e9839c0cf9e447457428fe12fbe3b581abcd4566486fe2d5b1d3030459d19beaf20f344871b33a4942950a5a5b479a161d1a3199a08200d466f870fb80f7949123f5b431646b10cb7d147b1374ec57c827bd168d9fcf03c5ab6f36b9defee9b5f0727cb1ba2e5443ddc0331daea523b7b89f29c3116671233bf111ad651d381d0e2b5006ecac8c2e87d31dd98237c9fae5288341206d60bb6653b97a1ca4aa04b6478edd7b35fe5b0d5e6cac93bb11a011594fbc99515239051962878030c31443933bdecc38014ed41de70ada109e123c70b4ea9f85d04ca12dcce38e713268acd6f21482761afc55e2bf2d6df0f20db4fc00357aed445b5f2d51bc97c81eb03e4bf959378aa976c8eedf7ebae9cd2e76c283f6543b9c6d999055e009526a402709346d3ba445190ecc12d6805ee923c09481b951f9e726ddb1402a3ed404f0934f38a4bbb32ebdfcc060126c129efbd52aaf2c4305b91886ab4da0c5670a46651ae6b6f268c3dbdcd9b9a9247f7fb70209efc2642cf5837a5e9c7f358c7516e2ba2a809415a88eb637d69fab45cdd5361be2a3537c7f13ffb24fbaa839e6db609a51813fc3c02ca08f24b4810a5bc83b9a3731d231cc938eeff0958e53d42615b3a476425e176bde2dc83a34d4f0262f81af582699f13419c16191a2dc50d56d828fb7403fd398da7d67045d2474f77e4186231398e6ed56433ddd9315534fda9a3c75e2750c238ff39f4ea9afa10612f51264a063342f291559151090b200f34414931c2eb8fc85ecbc861d6543dffc6bd082efc45427f7d95d3ef011ef216e924284e0b2cfc1433bf425ba87b6d5d42229b2d3c7a0a9028042d4411035787f7127a9109a4b3d3184be49848ae8a613aa813f26e54e85bedfee138ab05a71c646425175ae66482884b8f7b6dfa282212443db12a4fa0f77372367874fd6e1dafa4d470e6437ec386ac5c4a6fff20e888717f15043897b9be74903a37ac04c4aa85bf16026859a53b1fd9f3aa20b8cb53f76c5ecb371435cefcb2d577cf1fe518f989c04b2b8891737aae3c97cc7460de0c3a014b0fb49ec83e773a907393b4efd2f016901f3e44bb2ffd198a4c574a91a56d5d744ae114cf28b2f8f6cb3e4994ed3deacb1b2084d00203335beb2fe71a82eb418fc6b5a1a42d03af75fdde0a6ee7062f8fac0aa0ab6f6cb2ff22f941d6ed7bd62251e2eee94e89bfdd937f511cd8b513d8d3e6997e20efdce0e4ebc4b03678bd4acf7e4cd9764c79beecb0fbf4817bcd36c0e4d41c1b67e7273d42b1647ff945b6cc5440978aee7dbcbd045c159c90f8e4162e6dfd7599f8a263bbc0c8a26905cc77cce87860b9b2ba14667296f3e1a5a241f564555906d732321d2462a7ab01e65ba0ff8f031332bafb8fe46efb01adb8532378b338f66731552380a3422ec0873c6b83b66f2531da04827d05f720363e4edabc91138688e04cf64d5763ef133259572c43c487e356cdadb284d909923fea08c3f152cc0047f92e37648a6fa78adf5dbd9ae91c30f86841070f16f7ef3fc8535c781472d6f7c575c223d11840bdfd816fd389489e08341fa3e59e4ba227e589e228de3823b9eef4aea24323bc461bc678ee0f71f9e800f31f05f9683aa8da97dc17a2d823cdfcec76b8fcaf78127840626af00a680519532bd58cce0571b2e087ffd9e697f9291a467eb1cacc73eea757712bb9aafcfaebb2d3423372a97f4be4345cf801604575a11baae650f98a9ce3633691b1ddd94e828988bf05e84bdd284a1e7f802de31ea129acac2bfc594b96eaeab16a659f73d32578b3140406fff12f12b99431fbec0bef850c246fd5079930214ebe35e410a1d2167af17c8cfe934c1db831040f9900a9f137d5ca5420d7bfa32744d067de4630ed4abbd21270d0384926b3fc6dc82013491742fff3661c9bf04f02498b79659513e7a95ffc423d9ed1a2d3ea5f7eb14852fcbfed08f9590adad62feff837899ce02eefd8679f977af242cce517e70ea1f13bf7015e7c3b091b524d20ac075a5ebf2c3f251d19ebd2d6a3098aff5b2a195063f15654a0c9d68999c32a787b371f34c4a2a05a87257761089a8fe7be9be94cff7e4227cb255b80d6b7ed11406a2297771d10de5fb9feca1db8ef1f8ab30283cd75d23c8b74b2399b3b3e313f343ebaa591412bc6490c83e253cd20603b758f7d808cd0ef7752e8c474a9976d83ffd12aaf65653a5cf237f980f1530972487d18604c1c8b8d96604f722d93f408fcaa9ef028edccd40fb60a5899f3e882895faed2f73e96263f5d7a01b87febce1733805690d9b0f73022792f4e40d8d0c884271a02b729850225b5f9a19712038a52e53baaf5cbeaacd7db1e281d2f9c130b87b9ce35253a8197223b35261ff72498e07abf54bbf4507bf24912956e2a2b77ffe93da68cec751b74ac3eaaa240c965f38ad6e036c9a80fac53b11f271d7a43f10abe67d27634e95af09a8206c4945287a858d904e3c733a3a4b3d987f867d10f8a955041c9a9093323d2424b5f40d1883f27b3c48b4e98d094655878bee50986187fe8823874c62ede4db8d3347da80227ffd8b523d44be924b91f39892de521243902489d9384e8d7593fd693fb078300ac2a45d6ac16e17c564c351db4a9d69b497484b6bec1206ff80dc70efa3c74b2d8f72fc538f8f2acfca48ada532357ef2b9872e0197ee0ae145fe2aae74376a3a6014a75a2ba57b9093a98bbf4c227af8fcbcd8b8ed31bab86066360895dc75acc3e055d83a74b1fa8fd4633403bdbdf6e267056e49f7e3cd58cfa043d13205fe57fe42bbe18ee5e0bbc5beb93c525e093d03940a37e3e9c4be9a8c3fda932c9725dfe4d6877b63f088290a8b5cf498806d4150eff1981c450ba34e6b8931034a8ae3c139f4d13bd222d6d65b0a3c2de93c87c9b14e75cfb0de08f97f3a9ab2773070dfa997c60bdc50c54bc807d27444fcbfd10a4ab02d735f9895b20a502320399bc4668b03dd8f6e4f3d816c87d553d379ef70f47511fad958073d75a3a18c610bd913aa114ee9058483c9d78bc0183c86f82aefd6d9b446a2889ac7ed2bd5565f4651812fed1021ed22a2800a4c3c0328fe1d6f22d854cfd42946693b3509c5b9fdd41992cb59f6e88ecbf372fbe98626544bbfea9039e93cc5e66c1916bb91e1ea0785dcfcd7dad5dc389652d23160f05e65073118ff51dbfe63e7801d0d65fbbe5177f9d66b97b85bbcf846200ff979880e48bb3eb662779b441954a09ddc1c8658af2639459bfe5605db87d4edb359bb22e13f95168c56e36caa32e98bfc99124aac13b0d1a35fe0adae4b4698f457d42e3f46dfa40ccd0e90f07257f1d54afc544474fb6b0bdf2f12d2f2f98824463664f9bd30f1a424333a99f08a50902c2ed90e0dcb7772554657c5e73b90149493157697f62a7638cc6e59f9fbcd938eb44cd982126ba7df3556fcda30cc09d0388e900e95711d8b1cd32ab0050ee05083bf7b76f83d1821bf73d3c2efcc421125e9e620924c2667c832933ea08b6c7289e3dadaba5a8296e1f82beb1bd032bff371f590ce32c5f5844060009d4246184a7a1a82c1bca8dd9b3a96527909ba3ea4ab9332a236d1cdb0e1996de2e3f04f51b282faa5be9ad5abaf01c74b82f4e17ad05082e382054c323737e1763cdbf605aca1d72050dc4b001fcf083c269f80a35a3e85d86f7c2f8fcb30cae26c78e92e6ba9a33757dd17485b958902c543262aedec50ca071e5a4aa843e64d747bf5802b36259f63d88a7f4d76c7e9c6d859dd7d5ecdbe99707bd470f2886e6c00f43e2aeb726456ffb200d430ce4ef87d7498fefd06f571f44d913fa71ffa6a67de46c3826d8e03b04b1c896b0013e878cfd188249d61d1951f5f2527855f50d82b24cffb3519a7c0ba21afbe5356ed0264ad79baa49ef10d0b31a9d547c0623f891174a1d2a0e02ff898045aac3c906b3425a9acf2d79180d213f465cb6c4ec3a812ce4e5e8c991f5089b4649557791a449b01ad13249efb50bc17b82882dd64eee900ad4d6abe67d174c88a1a12e72d2a6b1cedcad6723ccaaef79fdc05a2124de22b4404e16027c7ec880160dadbe5f0e77716d85999df686b61b03626dee1c98eda0425a655f56450163028c3f0de3718616adb3c1bbabbf729706053d65ffaa479910faf51e9611982cc392152b3e5227d61bb267113fe52f14688c0243379c8dd73f862014113506432a0a82eb09e334070c36f3237f385a679e550a404a7a8df85e004d426eb77151c532563e56b409b57e16f8fd09d188ba9ba20ea7bc6a186fbdd1046d032623e840613da327807a1834753ce7b3cdbc2b45fab1ce0eef39110953fefb33055f7c74597be6ff98208fed09ab300e7931cf30510c3eb942875dc576db735ed58d802c3f8c59d5850ee917b8030a3ec21e4d9176c68ff67a4859fbf777f5fc7f5455a18e5bfd0c6f9756df63bb33dd8b975f5f454cb2b37b36a61bc96f47f8b176d28fbb91bb06ca9df6cf7a7aba2379b9807a6559ff6d3e3ca488b2c1856cacbb621bc86e3570354e2ff697f2b81792c5a5daea59a3be240cc20a912f3886c59e88a495e035a6e57a53e4dff806b9bcba45a7025141430c97976102737cca740fc6e53ac390dd224f7ad348985500b5c69ad7abf265823962c1dcc486f41e1614959e8b2ae6f04c5ae8df14f04847172195e8e708bb8893b9a1f115b040987b646c2d84823ecc267183e8266c50f12657d7d16a67fd984c97d4e08886b6d3287517049f22328990de32a7b586ab267973e2fd336285ebedd02b1426ba0294be07c9105b7c7ad251141786740f85173cc5b00b667b957f39537d3ea9f5b13c78d2e0b5d6d6f0fc639507d965b82552b92df95bbd92dfaa96d471cc7b60f8d270015a22a9d72ca51e0c1851f0d58d305b26b92275ea931493ea8f7e0d996e36df13dcb288a8b9b235957948a42e26bf3ce0a1ea1283fdcd9386bdad4a3f4e4bba1fbcd1e70f35b3ca22454b22be1e3b3c0b16cb22a0c23b25bb6075c9672e6798e1892cedd731b7aa107e7344d6c5d94e2b7d21a1cf61827e24996f0029027e4d5b4c9f6ad3119ebc9ac6d8e4383079f3e302c238c4cdb9591fd0843669da0763771c0928a8bdb1a20216ead98690875be311b91346de9da1009b03ab228ad24a61b4443bd68906650505a0500d6ed051ea4dc4c2298b690c631e6a8570438a76b83a0a864c7a2e9fc84087ead9032b6e470232c115903383c15a7eb4d817fadf3a5938e7176865b87fec2acf869fbbf0bd93d1e939cea6ee77070fc9e5d20c85b0c7477d73f702abe9caf23a4077facd3f7321fe3a5c35e9dcb142b7eb26d7350f705d7ccd89c76a895637280462c7043b9a222be67c73ef6eabf70ca82acbf79e27df3a5811f88a55b2f767817ec02d3ebc7386919655c46c1a10a37d5d8b77d6d01202d67547fdd108796706e2bf3993024ef1ac161d3653fcc84b6102a489bac83d85c8a2ef09d4f2191c8b6a90cefd4fc8fc8d2bf71463dedb70cea4a69cf0819ce3f9362af789dfaff4f469a2f3df499b4cf65f1dc007f61a5190a6ea34be18d14601f5b1db8f4b45d7d6626ae24e8aa47184e5c6c673a8c90da0ac2ca0854ca154f49f2012b6690f0560ff906ec2378d9b6d025536e39412e5d21b5dc2b9ceee4d630b20bb05fe7c1f4efc0ed236bc2ec213f33055282873e8ec7defccaef44af8ef36bfcaf1b516fbdd3de0042e6b2def5c77209cdc56d19820d6d2c95f5e44f9578b9b7f08c09ccd99d986f2", @generic="cacd6ca5e319d4bf91d6b75ed309f0441c4044cceb3db5be3ec93c996b19c0e29600a309cdba7e52b8b5519ddef564e95e265fe1407b9f1e866a9c3fb09f86ebde4804c7aa6949bc804bf20372572a3da02e45d60792d723b136a7f2d11912226c457bb44e91f9e0d9f672b7fd3f7eb46e5d951bb886dfdb53810a9acd3780509513ba4fd0ac1381afb2dec5e2fe58b24d2f3587c8dd5e814f9d2808", @nested={0x1f0, 0x9a, 0x0, 0x1, [@typed={0xc, 0xa7, 0x0, 0x0, @u64=0x8}, @generic="a26c48107d9018d8cc1783da7083ed63d973c70d40427a3d4292f896af124cec17eb37cfe1b55f8823ba81256f6aef12d81d1a5e67524458c130a08807255837dbc78f5c30477dc7fe7a1287188981a0a65e37", @typed={0x5, 0x3e, 0x0, 0x0, @str='\x00'}, @nested={0x4, 0xaf}, @generic="65a171a9db763daf1fc80e9324f2a7561a7d56d9791790d0db994f50ec73abc7b13694ddd77ec043f0408e1d5c61b03dff0c1f412ecbb0cf3684094322a27aa00fc21fc9a12c14f9e28c7985570a61e6bbb5ab4a008e6f60857bcb6fb44e2b3c56269354957406193803c323c3c5300d1943acc231c75540792649eba7b8cf4ff344c4f8914f23581e5d89ca005dad099c3226283bbe5269c342336f5156d575c63dd62b60e1c4920e8a", @generic="1f485a4fcdbbc252b2b2c760030806a15fbdb3f918b771837135a9ffa83570eb3475caeea246df52eb02c047aef814349becf773959e805d4a7eaa88e7ba7f110337d87eaf7994f3e8bb5103f12541b720f4fa7df89c34929023deb5383f1e5eb47b49e746a6a014096699273f65ebe9f68bc72dec46b637bd11e85c76195710884145a03728459e74488eb09523a7f11cf286f45ddf283173e8f013036f47f8e1e143dca82d398a84c2159ceb5a3404a9c217385994a1afe9ec96c067bc470ed3d595d995d632db80534e1d00ad2d", @typed={0x8, 0x7c, 0x0, 0x0, @fd=r7}]}, @nested={0x20, 0x9e, 0x0, 0x1, [@typed={0xc, 0x108, 0x0, 0x0, @u64=0x10}, @typed={0xc, 0x51, 0x0, 0x0, @u64=0x8}, @nested={0x4, 0x8a}]}, @generic="5677a06b94f095f09ab2f27686d43663f89396eabbf1ca6de01169306c1547f0ab0170ba648ec9a38e2205610507674ebe5a57dfeef20f4ec3a3f47ca3e77e3ad9e6d689a06f9a0ae1ebfe6ee23ddd850a5ec924d0b3ff1cfb577afb265420f2606540", @generic="658b47e54e5209afc733e2ddab7f7e26ab00dc948f320db940bac7300fb7a8bbba9a87cb6d73aeb19cc4438fab1d0a8e1dbd45871f5de4cf9d3e9e079093517f3c6a79c817b0b70b1fad9df54e59032425c7f25a279e30f4174fb22bca4eaf087a69ff7d12b4a082b2c9b0db11811f1aeb5ee73ee4d7e1817045790846d3739e3472a29fa1fabab8d43b77c6c409ca40d70803392360d026382e136b671f5a8a6d8d807e700a3e90c28171e11f473bb339ef3f676eb5c93986fdc3fc9c9c8b1aaf7d66f9c9dab4"]}, @NL802154_ATTR_MAX_ASSOCIATIONS={0x8, 0x27, 0x1}, @NL802154_ATTR_SEC_OUT_KEY_ID={0xb7, 0x2b, 0x0, 0x1, [@generic="f10a27956c526c1489df07c1584275daee6528c3c0a0569aa3a7738991659362caf92e88fc830adbf1a7fa9af4f4ae8db777ffa899a55f0ac142af738e8bee671216605b2243966975b2732ec9db4569cbca28163e4967c731fdff3abff4b31123f92a75d8b3530f2681a4b1a367488f58b78e51a177d78b3260804622f5503a3bce354a894f825dade63cff4ceec94e1ae1ad101ae7115d82de10439454448f21d500e7b0893eee9e61675e04f4e8c450e8f3"]}, @NL802154_ATTR_PID={0x8, 0x1c, r0}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r1}, @NL802154_ATTR_SEC_KEY={0x164b, 0x30, 0x0, 0x1, [@typed={0x4, 0x81}, @typed={0x14, 0x13e, 0x0, 0x0, @ipv6=@empty}, @nested={0x1271, 0xbc, 0x0, 0x1, [@nested={0x4, 0x11a}, @generic="c5d0cb7941335b447586042c431fa0a136f174c851bc9f632c35462f9442257c08eb67982df1c21fe63efca55e880b032460c3d5a8220018530aedd464d0d178ef90f6cf61d5bbb302318978c3751722457e2ce706a30fecc7ead7623bdfeb392ed6f0eea803883efd84070e437dfb2b9e8e9caf4b18f4924c849ef0bea8659575ff00026fb013f608cea909adc2d18f7efc828fd4a8dd20d18fcd181c66dcb10802f52ce5199093ce93cd0c5ca6ee7e61d9b8618f86fa5c5c88a1d3a8830381396d8a251c11325ea476", @typed={0xfb, 0xdd, 0x0, 0x0, @binary="41152ae9f033421e95290068b8b876e0505b8eedeb69730c2bf8aa4013b2703f7e3b2136216baafb62dbeb61d2ae7bf139e75ae2ae0543b42b95f703a8549ec364d01072b9c49d11ac7582364ac29dbfab67e8801fd3aa9331d125ee95f1ed5ebb7259ab23c581d5ded83e0ec6987637f9f8a4f168f601395da38101f7f6420e1f16ba697f85ce5a981f6d9210c964b042618e7fd5c47050cc90a1e91d31ff0b49d875af09de71f0da2b4613aef3b199f15745e1a03136f083dc121662cbd3568c71435b7ddb8cacd4e8c74db8eae6278799c0ca175725d1641a26ef565af243e6ddba4fb00d4956c6f0316fefe0277233e7bb0253efa6"}, @generic="679a82e00124e92e72b6c47545b45fcc1f21fa099e9708fa33c79763254ad5699f69ff1f3ffaef544a6e67f4ef489234df7ca86215792a718bf4607a674a5f9ee2f9eed00692d15e325dac3e33554bebd54604e4d3574437c6a6", @generic, @typed={0x8, 0x41, 0x0, 0x0, @uid=r8}, @nested={0x4, 0x12c}, @nested={0x4, 0xe9}, @generic="e8e562a07c87e47374f6d1d879aab8841bf8d27619096d5da350890bd1acff0135c1f8d48907aa3ff28ad7b7b36fd7e4d09a585130eff93237", @generic="569643c8cf41ad51d7192f3bd83003e822ae740d2ecd058c6771d1419d65d2f9043b35df5347bc526452fecd87190ebc48777ae43b508fcc1c4348f8e136c29bdfd4285353b96542b311c8cf1bf102f4428d60788f7ef4cb43243de5017babe64bab3faeec5d022bc517d316a088a596fcc32631d37ace433280eb6fd9f7ce09b0f66c8e72496123bfc0c93f0c59a3f0a298b8eac06e8facc787ace705fd49d193a1b3aa07c9037ba36a2e2c9eed427f698c9ff097f19893e19755781910a0ded0c11a535de4483e2600f3ebe2c73c9df5dc3e9c13132b764f70387e65cc3bb378abe1a908f80ae9d9e4ddc3ea1493e589ad38acd61d89458c74eed2c78b4ba1ce0b94a848eac048a88be13c19144d3cfc64df9a8ec0721c41b841a16fc0ec053b11546ddfa2765ee6ce0b53219f89bc2877f1fa5599fc1b1f8473f8d626b117b77b3f1147619b6535bcac48172030b1ef294290484202f876938d7031306b2d65ce82c1f3f6c9546a261e2cb5080d7c457e08ecec1fb24d179a5dd8fa73dfeacdc2694dc137de59154b11c6a386eb38bef71e2d4a74e9bf7a4f5c7f20c97ac5a720c65bf22bdf046ebb5040390a9aeecd8d627ab530e5c6b0f5a5e6c1c33040088ab4a43ca3da56e191c5e65ea2a1c3a0cb02928f920e17190650da35274610d40abed4edb1141aacfe7c3d2245f8e564e954072b82a47ed5f763b44b00fe9ab51fac09d8d7ee5636544b9ce42687474bd29ce84f9df38f3b8724d00407004b08a99ec87ff161efa4252cb697419965b0f4966f66b1189068542caea3abab5b68287826bb4d6e8523c9c36683addd64868e600faba0b3cc542fefe3db046c874833f112d1f594da12a6ce66a035188ddbd9dbb18ef98230c53c67bc91880112b87a5e5c33a87217a01568e4f20930276148a7a59e5003fb9d5d44f3fc6522cb0de64a71e7afb69dd0421e777023bebd53089955dae7f72229aca051bbe5f0e6990d3b4ed8b75cabdd840c456e67592d032ebc881e0be60cd7cd019ede2cab52b90c5974dcf0b5cdd8e3465c33d918e8a98df57f437c5ddca258e6823a6b178c8618945cd02efe47e8032402a18d806827540f43fb706acfee8ccd64ac840558096625f9cd98dc198f2e72069840a4f5284745b2dbab68b05fdda39183d3f41110929e9e67709bf274451816c337903508a0d44e444492fbfa119b8bf2ce4fac701b37a9f96ce95c57356c08f8294068ec28cd80d34311d59254473e268c3b549f2f47ba53055769ffd190885c1a442a89a974b3f52fc3919b140e3f0ba320e7a3a059ef0739b539b749a55c142c1711f44f7692b4e9a82d305eb250a7dc50238bd6c98c4ca43b624847d95559c9623665a2f9276e8a0473463b5c06b94e5127ef6d7c7dbffd64fc58e993a425ca65694ad73aa3e9c6b0301c34626626ae9fbf096fe9e7aa2281cc97f2991f8cd55ae519e993498cb6f5ae3d8ee9e6c5d2ce88f3dbf94be7d5c74c61b3722b064e48a6230bf8b58cdbb0f620df08a82edf517800e61b3364f0c514afdc1ac6d67bb859fb659ac9210cef70e9d8fa6317c2d14654b5aaad25329bc94f45ae7fb279169b7e0c038747ecfb24e37c067010f87549128bf04d723433b6fbbe0bde7fbff2ec48359fad6c6c95bfbd2c8034330876ac5202d0300064b4e65a5f7b92ede807a77604b00590ba060a69a62d816081b45f45e661478748c3bbd4ffc45386c0692cfd66875785cfd5009faf036add5bdc1ab1c4fe2cd0e1a2a589ae204e10e976b36f97121acec3f802599cdc8f0a4795724f95492253a06381733bacd389e46bf3c7a2c4c3cea245aa78374454057dbcf4f254376b00e861d23249d4584e1fffd1b7b0641756cde29e1962525058b2a101b37d80d5a641a888d9663c3c8146c7fa06f5655fb0c1cd686d955f5531ed083f7190c26af81f53d7740ddb9cf1972bf99b64f8a51d900289551daa5b04b7d21f01a306d11f23068b5356839eb1b4ee9d91573dccf8dae493939f508eb173d1037fe6d4071e075e0a05d642446bc43d7f4d27501474935faff8f6ea6d603c9478c2adaea97279175e40d5af25aaa1eaa1871367348b991e56101b3deae0c114095c4421db5ddd38d4d22f386085228666c32677f35b94723eba98ed2bf131d01a53c986195484fcaf4bfff9f1bc21598ac2c628fd0bfcce93df258b53afda08f7c9902f10670a058df1528d9e1e67b42296eb7ca6f6055ca70e8f508da69f46ef3e342e2315bbc93b87ad07771abe1bebd9ed20699b5672c5bd3bcd63ea2006d069efdd1081318d645b06b5ec2b8cd3212805d94e21edcd90655ef4a06fbf201fd594afdf7be4dd633dc748b1a94c5ef52afa5992acd019276b5cfeb17d022def83ac8ba2bcbeee9470ae65270a6acccc6919b0f5130d7847e300395a073d0a9234f7d47647105caff4a6759de776d81284c634f5966e9dfada4646bf1e20ebfc2c7760d969bf4f19151bfabcaad3ae5d3ffbf18d47f39df60053636c68fbced86893567758107bcd9e352ada13f9d8471e03cf17d45b8e655679805a7271819e71240eb046cfb8a293a37912141906055e51e8b4df3c0aa43df5bc6afafb8166e694184c8799abe5562edd60761c53b687514efce60dbd23d8643d11beaf316b80230f7409ffd7e500690f56475614cd732eb2acb2c6db069c9f5bba6ae780c5766070da3783c000da3ab642c06e91d7cf39ac06ad5d83f6c58f17a1634b4e1172abcfffd35559f28da79880f745fc33e4e90b3b6389265b29cf04971512aa3e5d2b84a81466e4ed55be9c2bf13236a6f62d9df207499ab1cc9f017a54b996dab68a9754189cf9f1515ee5f7740dbd7c546a4458b34d52e3b965aaac307bd62d4313030f95a5fea2cc4397cf30a67b1c00b8a8cb0ab7bf73c388a38a17a8719af4cdad4290ebb9cf3b059f2bfb5c1208b1d8599a496426c8bdd08e59d3282263497f2c46921811ddd37556428c8061448c5d8873e0f9d7657d4359cf914736a7800e6aa380e3bc0922d156f9331739f332a8201b70d793b60a8cbdbf314f4edd5ea23e1ab6b754cd58293e79211e0917b1f20667e0942bce8f2ac75ce1065ed00bfd5dc1c277980ba4cd07315f7f3728ff93146b56461a162e5b0a83a1fd166623c2f98d6cf0ee8262dfbc2f23e834d243367aa595e2f74a4b495e0bea12510c3aa60c18d7e4acd7781550abc6b3afc1d4101c442531c3644d500f63f9a1fc4129df0c0016a2e1c2921e8cb417fc483f46f409161c0eede1a3069d9e0c3b38af13d52fefdb6766b41a39258a01f0baf56029c243b02ee5941581c4bd4be7583f8011b1c259997e3be3b88d382c8286615e3b0d743a2f0f123037e1be3e5b58c9d8e3d5e0845bc7759ba71e6cc86a8e55ab50253efe0f481282a32bc86bb4b5ab17405866eb287a265a849ed1d83755ac2f47571e57c15c91c215943874a385efabc93f8e008b7981fc6d8a3e7935bde6215af943ce7f9b7070e1dfc5e190ebb84b0f081e6b2d2b1b803db252d9b5cb8a94d56eac5447f78a21bd992617a4adaa33b411b22855e3d184028b1f7a7bea2145e7adba765bdb726790b6b4f715c5226ca40ff09a7e24510be5d007a9f6d5e12a351a708a3dfe0b9196b6a2c7c13ba56aca9c1d7d01fb439f3f318fd143e12fdcb1c73638761833531cb37a4497ca7180f87edbdfa91f37f2fb7838ca0963adaac46a6510ab7d37a18d64bdb303afc975624ba21938d2dc56c8061164b977598280afe09743cf8afe3e3236153a0483225892b529b8de831822ce27257ebd678371daa2cb11f137f7e8de72fafb9b9f2c5b8ee937699e2f06185720b8d6e7114d343d2088d8f1f7c5553c1c85b0dc3df48bfe7a268b89bd42c6db12dc1b841d606c2b78f6fee435a73dfde3a228932a2cd3f02464a91550b35f37bb4520bb5f9d3a1cf146542473fb4c5f6d25d94bf51ea2a96f320f667f3f6ec216342e3dc4b581106636b59553ac16687205c05cf8a324c3876179bf60eb4ec5d98afb947fdce5703200744c478dfe4b1ca2224f1cd5e9c99f1ae54d9148a4c87a2ef3589e819d3ca30da30e6c87015e72dac74b8d8cb6c58007f26d0f562e427bbafc42f5bd7e7868b1071975e2f466134d9d688b2eb1708b47fef7eac324c93326d03065ace59c42e30f4cf404dcdf1a0e7ebd3d783534333c494dd4f084200af4805dfada39cfc818477ccf67e7d7957c119fc0f52215c17c4f4d8d9fe4c204861406878d19cafd8a6f9e0c616d8f47c792c69c5eb9d216a170253fba460fd51bf7d4c27283f248e5c03ad8654797ac5eca106729dcc81c7cc0d520e0868ad8a2e3bf6c5018e677efcd80d6611f33a3a61fe689d4bd9f7b9461d015905e684227d04af0ce11d017cf5804e11e8574dd7e38a5c734ee979987e446d049181dc5978c44950482a440faf657b521ff59bf8ff315c443918dd62231f4195257090869b0a876c2a72650be05feffa50cd0093df5a2adc05a9cf669ad4bb8b4148337572fcc453cf6e8a8015f314b06779f0dcaf041b05e2bc07bec03463fef7d15aa24722b6702e29a44deb981ee625541d40ea34ad35c26dce900eb23d2976ef93c4ef46a2241a402ad054bda4bcbd11ad73f8b9729e01fcef3b569f3b62e3095b5c584f94a0d385c9e2892a81c2798b80ad1b696011d006c29b184f041f0bc68508246dc5e9c66fc51f46eb79a751ca310897f20b3f84f930d03788bc29c3d3210bf2a3d47f5ff369679799778538d410b6abafb76c4bf3634c1e4a8b7415540bafd3997420250dfdeedab57411da986439ee3826338adf2d64f60759723e3158dedcdb8ca4653f7c48cb784a130bbc90ec8c5a84b9a852e87c97e66e94d6be65a04d1757e93308c9d6bb5f4d8b70030255aa74ca12f0696038e4ff07aefcff1cd00238fc34d9bcecd1ffa6fce404ef0f0717000b81ec763a2374cc9d71da4d1fcd151990852d58e8ef11a6005c6fd8146d9b78099d4b1304aabfd369d70950540a76ff1440e7c62b203025df8930e4aa43382c2727f416c98e8766798a048a3ad8a2fb0713bedc885702d535729c852e5612207d180b12878a042fb577e38212a248f06aecdc24c1e7ca185ec302b84f9a386c69b01c816d8069fb851be62635c023f7c6dfab6071cf5fbbc0effd9029f850ea1c01eca6d5c9ec2cc37c8a88229265e50d27b1e25e1a3cf37d7b65787bcacd4578c88e6ce8b265ccd15ff99fdf1df12b6775d6a9dfde0ce5f846ec2486493a999a96c2aca1481b1863ef1d4c5c7b29e3d5024d34690f9e5041279488e81c115e8d255db72f0ff1414c225495759a019e6c25f441821a7354b6fe4eead0ef173fe5a62eecbf83b3cd315194a35d976a5fdbd90bc5a31aadd483c140fa3d031e9204f6fcef84eb54a414d75a9b86f165feac45519864b526965c9ede21db150d5020c9717d6c9719300eac52204a1d9cc444876835e2dc47b8ec728991060b6bcb8e6ce9bb602877058b31cc5e0497d9dd0d4d35d673f6bafbbe0ea776c351399409a6d66e0b9a0e53cadcb682984e6616c3d271b1c62ca565d42536cb80ba8461248210f2b285a2e92d314e86846e7ea1b4d8cbf7c4804bdd421a341a468acda897a36949f5ee18985a1daaf7c469e2beb9bf94c08b7c0d8f3a3e8771764ab340275fd17aa96f16f7d28f58fd67c4e79e02e254d9ffea883b5447def571f1e496581488dcce29f0e1e99dbca48b1df66f2928bef8c37ad2f148a1549709080c2472c"]}, @nested={0x297, 0xc2, 0x0, 0x1, [@nested={0x4, 0xb3}, @typed={0xc, 0xbe, 0x0, 0x0, @u64=0x2}, @generic="02eade54e126a6c8e3d199c6e84769dd595a6518faa7ce092afa19fe5c2ed9b8d0a701c762304eb904e568ecc1676914cc400f4f1540f64fb5d3485c288d24f764c30b7b8836ec51e6f33c66751d4e8ba7ed33edee5094bda4c6addc7a7596dd9baff5df0a6e2da8cadf1ac3ff99e20cccae851c15a39883e7bd0f9383079ea7a7294783313db0945a9e97857adc4e025540eb0a6566a8a77a8c0fbc4b6aa03dc3fb067d9323f84d662846347f7c4b8350a6066914f3d9c65a7699b4de7ae13632d5c0c3ebe68bacb0ff928d5b242fdc5b78105ebc55030de8346e055edb11222ebd126cff0ab6b9ce85add1819a", @typed={0x8, 0x13, 0x0, 0x0, @uid=r4}, @generic="da64f2e38a25701bcdd06101454143ad1ee104b7e7b3101d20df835617f6d455d878e773372e0efffe0ba2f0f770955b7f03034533de957ad68074b60465699c8b48b81a9c363e453e75cc67d0a3935eff5ee5e7de018879bf2757eb36aa714c7d5938328dd6758bd64c995495c37bc070b51923933788e0e260a99c82597a7ce20432a29dfa0af03cb141e8c3b5ea11f6517a974b62eea4613463c27d132682c873fed7", @generic="04764984d543288dbf4b537cf8fb5b1de8c3336d6cf39229913bdd842f973cf582e28d11bb50f657", @typed={0x14, 0xb9, 0x0, 0x0, @ipv6=@loopback}, @generic="abc50cc3e6dcd8567d", @typed={0xa4, 0x22, 0x0, 0x0, @binary="a7284cada3615717d6179a0ab850e85bd81fe0a2642e2313dd83a947220519877a72117c65f0b9cdac375393d030cfe4cc111941fdfc81ada1a2ca82db1c953e59133fab4334eba3f1cc4f5ee2af3172c8281cc7cf442fa4b6978cbe911e25592364fa9c0af51d34415fabbcb2c93927e32f7eadc648f2571882bc0330513f56a8545131ea044f43a6f49a1bf8f4c97a749a810f559ef2f5aea0b9ec989970cc"}]}, @generic="744c634bebd762dd44b6fdc0803c2f082197af6c63ba3f6d39abb449d8bee111f87ab44e96ba68163397bbfbf4fff48fe1f2880936c214239b93c31b43932a8ab6583f813307209f0acdbc1c498adac00df351796f546d8650f69824c11eb403b85daec6337cf706d06f802d1fadda687c1e041eac29afb64eb89580de0f5a45b3436d330890c6377a049ed88a1f95282547b2502634ddcd007f1fa0d80ea3dc5e", @generic="e5d34e0ddfc1112cdebb8a5dcd5f52a73fdecd9e260f5a93c30369e97d71030b36f9894c06ef200d26c2ed9542a4ec005fe81b2b9a1731bee469d2da6f99b3d8862ab73e1c8b7f40e9035ae596eb0bb15374cc7ebacd60a4cf75736965a51e553425b984b274b13d0cc6a4b40845f0f7aaea3547c423b8863a3f6486f3574220b8e1"]}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x3}, @NL802154_ATTR_WPAN_PHY_NAME={0x5, 0x2, '\x00'}]}, 0x2c04}, 0x1, 0x0, 0x0, 0x40000}, 0x20004000) ioperm$auto(0xd, 0x2, 0x800) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000003700)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x80, 0x0) clone$auto(0xe, 0xa, &(0x7f0000003740)=0x5, &(0x7f0000003780)=0x8, 0xd) r10 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) prctl$auto_PR_SET_CHILD_SUBREAPER(0x24, 0x1, 0x40, 0x10000, 0x0) r11 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000003800), r10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000003840)={'vcan0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000003880)={'bridge_slave_0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000038c0)={'team_slave_1\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000003900)={'team0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_DELETE(0xffffffffffffffff, &(0x7f0000003a80)={&(0x7f00000037c0)={0x10, 0x0, 0x0, 0xe300c480}, 0xc, &(0x7f0000003a40)={&(0x7f0000003940)={0xe4, r11, 0x400, 0x70bd26, 0x25dfdbfc, {}, [@NET_SHAPER_A_IFINDEX={0x8, 0x8, r12}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r13}, @NET_SHAPER_A_HANDLE={0x1c, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x7}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x984}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x8}]}, @NET_SHAPER_A_HANDLE={0x4}, @NET_SHAPER_A_HANDLE={0x4c, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x1000}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x3}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x7}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x8}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x3}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x4}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x8001}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x9}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x8}]}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r14}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r15}, @NET_SHAPER_A_HANDLE={0x44, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x326}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x100}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x6}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x2493}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x9}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0xf54}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x5}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x1}]}]}, 0xe4}, 0x1, 0x0, 0x0, 0x1000}, 0x4000) madvise$auto(0xcc, 0x85ff, 0xffffffff) bpf$auto_BPF_BTF_LOAD(0x12, &(0x7f0000003ac0)=@task_fd_query={0xffffffffffffffff, r7, 0x6, 0x5, 0x1ff, 0x9, r7, 0x1000, 0x1}, 0x7f) ioctl$auto_BLKBSZGET(r16, 0x80081270, &(0x7f0000003b80)=0x4) getsid$auto(r9) 3.342006688s ago: executing program 0 (id=1423): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="04000000", @ANYRES16=r1, @ANYBLOB="1b0026bd7400fddbdf2503000000040008001400038010000b8008008e00", @ANYRES32=r0, @ANYBLOB="040050801200010089877148000000000000000000"], 0x44}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyq0\x00', 0x511081, 0x0) ioctl$auto_TIOCSETD2(r4, 0x5423, &(0x7f0000000280)="51ad66484e052e8e962ef5d450cd86ea5c238b106884269b76ea12bffc62a506f75778511ca725d89ca4432b640b46441174ae362b6bbbda8863e99a38fbcdcd09ec0af774b202511769df25e0e90cef6074f940dff173b1fce1f5fdc774a987fd2dbd4c74df8e6e42481bc6355e2c10ba3ebe0fde2958c0ee0d22e78e4037dbd13c5ab51625f4aa8851635219f229e091af5c35e9a550b341f96756ba7a8c009030d1d7f7699e7de258e2696b91a297f587609f7c8add8fa06bd446ab0ca903ad1583ccaea8b5ae4bd296952991faea0154575444421d1cce24905d9a1346f6cc53c9308137cd39d8a0deb9672da54a0e27cb6c1ceb") mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) mincore$auto(0x1000, 0x8001, 0x0) socket(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000015c0)={'rose0\x00', 0x0}) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000002440), 0x80c02, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7114}, 0x8) bpf$auto(0x0, &(0x7f0000001500)=@bpf_attr_5={@target_ifindex=r5, r3, 0x9, 0x1, r3, @relative_fd=r2, 0x1}, 0x64) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r6 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000140), 0xffffffffffffffff) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000000, 0xd77, 0x6, 0x7181, 0x81, 0x2000007, 0x3, 0x9a89, 0x5, 0x80005, 0x800, 0x1fffffffffff, 0xb4, 0x3, 0x2, 0x10007, 0x80, 0x0, 0x0, 0xa, 0x22004, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0x1, [0x0, 0x0, 0xea4, 0x4, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x5, 0x0, 0x0, 0x100000002, 0x0, 0x3, 0x4, 0x5, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x100000000]}, 0x1fe, 0xd) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010025bd7000fbdbdf0002"], 0x1c}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000) r7 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(r7, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xda5c}, 0x800}, 0x7, 0x4008) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) r8 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r8, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0x0, 0x0) 3.254576414s ago: executing program 2 (id=1424): mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) r0 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000140), 0xffffffffffffffff) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000000, 0xd77, 0x6, 0x7181, 0x81, 0x2000007, 0x3, 0x9a89, 0x5, 0x80005, 0x800, 0x1fffffffffff, 0xb4, 0x3, 0x2, 0x10007, 0x80, 0x0, 0x0, 0xa, 0x22004, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0x1, [0x0, 0x0, 0xea4, 0x4, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x5, 0x0, 0x0, 0x100000002, 0x0, 0x3, 0x4, 0x5, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x100000000]}, 0x1fe, 0xd) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0], 0x1c}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xda5c}, 0x800}, 0x7, 0x4008) 3.062535667s ago: executing program 2 (id=1427): close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = socket(0x11, 0x3, 0x9) socket(0xa, 0x2, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) socket(0x22, 0x3, 0x0) socket(0xa, 0x5, 0x0) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/smaps_rollup\x00', 0x2400, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x128102, 0x0) socket(0xa, 0x2, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x787806, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r0, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x2000c082) write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef) 2.798651866s ago: executing program 1 (id=1430): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyq0\x00', 0x511081, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, &(0x7f0000000280)="51ad66484e052e8e962ef5d450cd86ea5c238b106884269b76ea12bffc62a506f75778511ca725d89ca4432b640b46441174ae362b6bbbda8863e99a38fbcdcd09ec0af774b202511769df25e0e90cef6074f940dff173b1fce1f5fdc774a987fd2dbd4c74df8e6e42481bc6355e2c10ba3ebe0fde2958c0ee0d22e78e4037dbd13c5ab51625f4aa8851635219f229e091af5c35e9a550b341f96756ba7a8c009030d1d7f7699e7de258e2696b91a297f587609f7c8add8fa06bd446ab0ca903ad1583ccaea8b5ae4bd296952991faea0154575444421d1cce24905d9a1346f6cc53c9308137cd39d8a0deb9672da54a0e27cb6c1ceb") mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) mincore$auto(0x1000, 0x8001, 0x0) socket(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000015c0)={'rose0\x00', 0x0}) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, 0x0, 0x80c02, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7114}, 0x8) bpf$auto(0x0, &(0x7f0000001500)=@bpf_attr_5={@target_ifindex=r3, r1, 0x9, 0x1, r1, @relative_fd=r0, 0x1}, 0x64) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r4 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000140), 0xffffffffffffffff) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000000, 0xd77, 0x6, 0x7181, 0x81, 0x2000007, 0x3, 0x9a89, 0x5, 0x80005, 0x800, 0x1fffffffffff, 0xb4, 0x3, 0x2, 0x10007, 0x80, 0x0, 0x0, 0xa, 0x22004, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0x1, [0x0, 0x0, 0xea4, 0x4, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x5, 0x0, 0x0, 0x100000002, 0x0, 0x3, 0x4, 0x5, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x100000000]}, 0x1fe, 0xd) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010025bd7000fbdbdf0002"], 0x1c}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000) r5 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xda5c}, 0x800}, 0x7, 0x4008) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) setsockopt$auto(0x1, 0x1, 0x12, &(0x7f0000000480)='\x00\x89e\xad\x97\xc5\xe8\x91g\xc1\xceE\xea=\x0f\xf4\xba4\x05>y/21\xfd\'\xc7\x1c\xaeV`\xc7^\x05\"H\xb8\x12\x99\x1fF\xdc\xc4\x02FV\x04D&9?\xa8d\xc97B\x9f)\xc6\xbb\x15_\xfd\xa5\xaf\xf8\xb8\x8a\x186\xa9\x0eY;\x9a\xe32T\xddn\xa6zK\xef\xf7\x04\x81\xb4\xb7;\x12\x1ch$\xbd\xd1x\x15\xa8\x9c\xba\x83\xa7\xbdwf8\xc03z|\xcd\xbc\xa1+8\xcet\x960\a\x80\x88!\x9e\x96\xcd\xb5oB\xc1L\xb2\xb1\xe6\xf9\x92\xd4\xcd\v0|G\xb7\xc3+\xb5\xa9\xb4\x05>ry\xa1\xf1)#\xc0\x8d(', 0xbb) r6 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r6, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 2.767301206s ago: executing program 2 (id=1431): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xb03840, 0x0) sendfile$auto(r0, 0xffffffffffffffff, 0x0, 0x1) mmap$auto(0x3, 0x2000d, 0x102, 0xeb1, r0, 0x10008000) epoll_create$auto(0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/scsi_mod/parameters/default_dev_flags\x00', 0x401, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_MON_GET(r1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24008000}, 0x4000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS0\x00', 0x1, 0x0) ioctl$auto(r2, 0x5408, r2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x48041, 0x0) unshare$auto(0x40000080) r3 = socket(0xa, 0x1, 0x1ff) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8081, 0x0) close_range$auto(r3, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open(&(0x7f0000000140)='./file0\x00', 0x40, 0xa2) fadvise64$auto_POSIX_FADV_SEQUENTIAL(r3, 0xca, 0x7, 0x2) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp\x00', 0x100, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40102, 0x0) pread64$auto(r4, 0x0, 0x40000000f42c, 0x585) 2.423385589s ago: executing program 0 (id=1432): syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r0, 0x0, 0x20040894) 2.258194948s ago: executing program 1 (id=1433): statmount$auto(0x0, 0x0, 0x9, 0xd) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x44}, 0x40) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) r0 = io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(r0, 0x17, &(0x7f0000000000), 0x1) 1.661780296s ago: executing program 1 (id=1436): mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) r0 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000140), 0xffffffffffffffff) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000000, 0xd77, 0x6, 0x7181, 0x81, 0x2000007, 0x3, 0x9a89, 0x5, 0x80005, 0x800, 0x1fffffffffff, 0xb4, 0x3, 0x2, 0x10007, 0x80, 0x0, 0x0, 0xa, 0x22004, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0x1, [0x0, 0x0, 0xea4, 0x4, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x5, 0x0, 0x0, 0x100000002, 0x0, 0x3, 0x4, 0x5, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x100000000]}, 0x1fe, 0xd) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0], 0x1c}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xda5c}, 0x800}, 0x7, 0x4008) 1.584409007s ago: executing program 2 (id=1437): ioctl$auto_TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000040)=0x5) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x3, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x1, 0x6) socket(0x11, 0x80003, 0x300) socket(0x10, 0x2, 0x0) socket(0x2, 0x3, 0x2) socket(0x2, 0x3, 0x104) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x40, 0x0) socketpair$auto(0x3, 0x5, 0x7, 0x0) bind$auto(0x3, 0x0, 0x6b) 1.554818102s ago: executing program 0 (id=1438): close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = socket(0x11, 0x3, 0x9) socket(0xa, 0x2, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) socket(0x22, 0x3, 0x0) socket(0xa, 0x5, 0x0) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/smaps_rollup\x00', 0x2400, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x128102, 0x0) socket(0xa, 0x2, 0x0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x787806, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x10, 0x2, 0x4) ioctl$auto_XFS_IOC_READLINK_BY_HANDLE(0xffffffffffffffff, 0xc038586c, &(0x7f0000000300)={r0, &(0x7f0000000080)="bc95717040f2580aa6cbea2f12421b7606b0164191087ceffce8fb3d183135514a9116cb4538d2f1500818bb0b5b4cf428b36bec5ebe93d3f4a61d15fe89ca98783412925e0fa2ad7ac9e159a2713926e509f38f", 0x80000000, &(0x7f0000000180)="7b31d228584c8dde021f5884c27894cc99d471b7a3b689f70a7de0719b29b459183f4f4952086083797c99864310e1596909bfdc18ff4128f4af3228a2b704423af93513aa8ae12d23df0f9bfeb095e398f40683a35385dcbaa4704be2e2605a53196d51745627604d08c28ca82443bfd69ffe1fe7ede121daa9fd54c8264796478a21790d2901da830465d07644edfff832da2ff1b39641629c109d56625e2bbb9a64c9e190a762f956f5d13b31d3744e8b6c035c6d6abb45aeec", 0x6, &(0x7f0000000240)="a26bfb28b0f1b7035f4e32c8802255da182f56e053fde2c248bcbb95428f8782ca3530a7abae5c494cda5fc2dccd04f38bd34e0eedbcac26bfb916f72318", &(0x7f0000000280)=0x6}) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r4, &(0x7f0000000340)=""/178, 0xb2) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r1, @ANYRES8=r2], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x2000c082) write$auto(r3, &(0x7f0000000000)='-\x00', 0xfdef) 1.434746609s ago: executing program 3 (id=1439): sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x24, 0x0, 0x300, 0x70bd26, 0x25dfdbfe, {}, [@BATADV_ATTR_MCAST_FLAGS_PRIV={0x8, 0x27, 0x8}, @BATADV_ATTR_TT_FLAGS={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x24008000) socket(0x10, 0x2, 0x0) (async) r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000100), r0) r2 = socket(0xa, 0x2, 0x88) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000280)={'bond0\x00'}) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000280)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x4, 0x1, r2, @relative_id=0x13, 0xe600}, 0xf) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'hsr0\x00', 0x0}) r6 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff) (async) r7 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000002c0)={'macsec0\x00', 0x0}) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r6, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x34, r7, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@MACSEC_ATTR_RXSC_CONFIG={0x18, 0x2, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x3f}, @typed={0x8, 0x2, 0x0, 0x0, @pid}]}, @MACSEC_ATTR_IFINDEX={0x8, 0x1, r8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000040) (async) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r6, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x34, r7, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@MACSEC_ATTR_RXSC_CONFIG={0x18, 0x2, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x3f}, @typed={0x8, 0x2, 0x0, 0x0, @pid}]}, @MACSEC_ATTR_IFINDEX={0x8, 0x1, r8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000040) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wg0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'team_slave_1\x00'}) (async) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'team_slave_1\x00', 0x0}) sendmsg$auto_NETDEV_CMD_QUEUE_GET2(r0, &(0x7f00000003c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x54, r1, 0x8, 0x70bd2a, 0x25dfdbfc, {}, [@NETDEV_A_QUEUE_IFINDEX={0x8}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r4}, @NETDEV_A_QUEUE_IFINDEX={0x8}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r5}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r8}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r9}, @NETDEV_A_QUEUE_IFINDEX={0x8}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r10}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.434142561s ago: executing program 1 (id=1440): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="04000000", @ANYRES16=r1, @ANYBLOB="1b0026bd7400fddbdf2503000000040008001400038010000b8008008e00", @ANYRES32=r0, @ANYBLOB="040050801200010089877148000000000000000000"], 0x44}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyq0\x00', 0x511081, 0x0) ioctl$auto_TIOCSETD2(r4, 0x5423, &(0x7f0000000280)="51ad66484e052e8e962ef5d450cd86ea5c238b106884269b76ea12bffc62a506f75778511ca725d89ca4432b640b46441174ae362b6bbbda8863e99a38fbcdcd09ec0af774b202511769df25e0e90cef6074f940dff173b1fce1f5fdc774a987fd2dbd4c74df8e6e42481bc6355e2c10ba3ebe0fde2958c0ee0d22e78e4037dbd13c5ab51625f4aa8851635219f229e091af5c35e9a550b341f96756ba7a8c009030d1d7f7699e7de258e2696b91a297f587609f7c8add8fa06bd446ab0ca903ad1583ccaea8b5ae4bd296952991faea0154575444421d1cce24905d9a1346f6cc53c9308137cd39d8a0deb9672da54a0e27cb6c1ceb") mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) mincore$auto(0x1000, 0x8001, 0x0) socket(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000015c0)={'rose0\x00', 0x0}) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000002440), 0x80c02, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7114}, 0x8) bpf$auto(0x0, &(0x7f0000001500)=@bpf_attr_5={@target_ifindex=r5, r3, 0x9, 0x1, r3, @relative_fd=r2, 0x1}, 0x64) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r6 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000140), 0xffffffffffffffff) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000000, 0xd77, 0x6, 0x7181, 0x81, 0x2000007, 0x3, 0x9a89, 0x5, 0x80005, 0x800, 0x1fffffffffff, 0xb4, 0x3, 0x2, 0x10007, 0x80, 0x0, 0x0, 0xa, 0x22004, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0x1, [0x0, 0x0, 0xea4, 0x4, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x5, 0x0, 0x0, 0x100000002, 0x0, 0x3, 0x4, 0x5, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x100000000]}, 0x1fe, 0xd) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010025bd7000fbdbdf0002"], 0x1c}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000) r7 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(r7, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xda5c}, 0x800}, 0x7, 0x4008) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) r8 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r8, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0x0, 0x0) 1.396898893s ago: executing program 2 (id=1441): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyq0\x00', 0x511081, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, &(0x7f0000000280)="51ad66484e052e8e962ef5d450cd86ea5c238b106884269b76ea12bffc62a506f75778511ca725d89ca4432b640b46441174ae362b6bbbda8863e99a38fbcdcd09ec0af774b202511769df25e0e90cef6074f940dff173b1fce1f5fdc774a987fd2dbd4c74df8e6e42481bc6355e2c10ba3ebe0fde2958c0ee0d22e78e4037dbd13c5ab51625f4aa8851635219f229e091af5c35e9a550b341f96756ba7a8c009030d1d7f7699e7de258e2696b91a297f587609f7c8add8fa06bd446ab0ca903ad1583ccaea8b5ae4bd296952991faea0154575444421d1cce24905d9a1346f6cc53c9308137cd39d8a0deb9672da54a0e27cb6c1ceb") mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) mincore$auto(0x1000, 0x8001, 0x0) socket(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000015c0)={'rose0\x00', 0x0}) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, 0x0, 0x80c02, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7114}, 0x8) bpf$auto(0x0, &(0x7f0000001500)=@bpf_attr_5={@target_ifindex=r3, r1, 0x9, 0x1, r1, @relative_fd=r0, 0x1}, 0x64) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r4 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000140), 0xffffffffffffffff) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000000, 0xd77, 0x6, 0x7181, 0x81, 0x2000007, 0x3, 0x9a89, 0x5, 0x80005, 0x800, 0x1fffffffffff, 0xb4, 0x3, 0x2, 0x10007, 0x80, 0x0, 0x0, 0xa, 0x22004, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0x1, [0x0, 0x0, 0xea4, 0x4, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x5, 0x0, 0x0, 0x100000002, 0x0, 0x3, 0x4, 0x5, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x100000000]}, 0x1fe, 0xd) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010025bd7000fbdbdf0002"], 0x1c}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000) r5 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xda5c}, 0x800}, 0x7, 0x4008) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) setsockopt$auto(0x1, 0x1, 0x12, &(0x7f0000000480)='\x00\x89e\xad\x97\xc5\xe8\x91g\xc1\xceE\xea=\x0f\xf4\xba4\x05>y/21\xfd\'\xc7\x1c\xaeV`\xc7^\x05\"H\xb8\x12\x99\x1fF\xdc\xc4\x02FV\x04D&9?\xa8d\xc97B\x9f)\xc6\xbb\x15_\xfd\xa5\xaf\xf8\xb8\x8a\x186\xa9\x0eY;\x9a\xe32T\xddn\xa6zK\xef\xf7\x04\x81\xb4\xb7;\x12\x1ch$\xbd\xd1x\x15\xa8\x9c\xba\x83\xa7\xbdwf8\xc03z|\xcd\xbc\xa1+8\xcet\x960\a\x80\x88!\x9e\x96\xcd\xb5oB\xc1L\xb2\xb1\xe6\xf9\x92\xd4\xcd\v0|G\xb7\xc3+\xb5\xa9\xb4\x05>ry\xa1\xf1)#\xc0\x8d(', 0xbb) r6 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r6, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 1.002129712s ago: executing program 0 (id=1442): io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x0, 0x6}, {0x100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ptype\x00', 0x101000, 0x0) syslog$auto(0x3, 0x0, 0x5) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0x5}, 0x5, 0x80000000) 967.276196ms ago: executing program 3 (id=1443): mmap$auto(0x6, 0x400008, 0xdf, 0x9b72, 0x2, 0x7ffe) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = socket(0x2, 0x1, 0x100) getsockopt$auto(r0, 0x0, 0x42, 0x0, &(0x7f00000000c0)=0x1e) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) setrlimit$auto(0xb, 0x0) timer_create$auto(0x0, 0x0, 0x0) 916.703396ms ago: executing program 1 (id=1444): statmount$auto(0x0, 0x0, 0x9, 0xd) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x44}, 0x40) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) r0 = io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(r0, 0x17, &(0x7f0000000000), 0x1) 823.490719ms ago: executing program 2 (id=1445): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xb03840, 0x0) sendfile$auto(r0, 0xffffffffffffffff, 0x0, 0x1) mmap$auto(0x3, 0x2000d, 0x102, 0xeb1, r0, 0x10008000) epoll_create$auto(0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/scsi_mod/parameters/default_dev_flags\x00', 0x401, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_MON_GET(r1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24008000}, 0x4000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS0\x00', 0x1, 0x0) ioctl$auto(r2, 0x5408, r2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x48041, 0x0) unshare$auto(0x40000080) r3 = socket(0xa, 0x1, 0x1ff) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8081, 0x0) close_range$auto(r3, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open(&(0x7f0000000140)='./file0\x00', 0x40, 0xa2) fadvise64$auto_POSIX_FADV_SEQUENTIAL(r3, 0xca, 0x7, 0x2) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp\x00', 0x100, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40102, 0x0) pread64$auto(r4, 0x0, 0x40000000f42c, 0x585) 682.130094ms ago: executing program 3 (id=1446): syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r0, 0x0, 0x20040894) 649.167178ms ago: executing program 3 (id=1447): socket(0x2, 0x3, 0x6) ioctl$auto_VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000001180)={0x8, 0xffffffffffffffff}) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)={0x2c, r1, 0x13, 0x70bd26, 0x25dfdbdd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r3}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x3}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x7ff}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r6) sendmsg$auto_NL80211_CMD_STOP_AP(r6, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x1c, r7, 0x129, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x5a88314c8e109829}, 0x14) r8 = waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000001280)={@siginfo_0_0={0x2, 0x0, 0x2, @_sigchld={0xffffffffffffffff, 0x0, 0x0, 0x7, 0x5}}}, 0x4, &(0x7f0000001300)={{0x7, 0x7}, {0x5, 0xffff}, 0x6, 0xf, 0xfff, 0x16280000000, 0x3, 0x8000000000000000, 0x7, 0x9, 0x10800, 0xbb0, 0x7, 0x9, 0x3, 0x9}) shmctl$auto_SHM_LOCK(0x1, 0xb, &(0x7f0000001580)={{0x8, 0xffffffffffffffff, 0xffffffffffffffff, 0x7, 0x7, 0x812f, 0x9}, 0x5, 0x80, 0x1ff, 0x6, @inferred=0xffffffffffffffff, @inferred, 0x8, 0x0, &(0x7f00000013c0)="ad0f73b2ab625f53f8e32c59", &(0x7f0000001480)="e64b1d1aca7239d0409811f1a09776545897aa79b9875c81e6ce4766dbe1459ddb8a9e5e3e4cd3d99b819dcfd271533a9b32b9feb1cf166afd4be8a65b534842a3b29380cbd1ff06290cfa70695a50cbf5f4c6d39dadaf34aa846508b6f09c169968b0f3dd2f7184d02f21349eb16412e69a7ef05ddf7de33e4a1e934e8a4cedf3619b9d1d906072612fdb56da526bcceb176f3d2875bbe447fd058dde9b78a798c0ffe5f405e42f14b484cd72e54db20475eb9cdc53ca5cbf9cf3c8295f19df2bae77046a131e8bbd27fd2e4781e001e885781a33c0bdb6135a3150902409fbbe608cdc502f64b66e"}) sendmsg$auto_NL80211_CMD_TDLS_MGMT(r2, &(0x7f0000001a80)={&(0x7f0000001240)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001a40)={&(0x7f0000001600)={0x410, r7, 0x4, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_KEY_DEFAULT_TYPES={0x3eb, 0x6e, 0x0, 0x1, [@generic="de28bc2e1904062051f8e91d8169b5d9f1597989892a6704318222835b4469896f3dd09a159bd15283858639aa6f2c88bac7b855721953ae3795606626037c3ae89ce81ba8d4d3112d6bae2022d16340696897ab798e64e7a44ab26700649c3d41096208437595641bb71018d56c92e98f02fc3d89e107a5e7b2067273941e31209b94f9db579d28105c102afe049c2d8f8e46edb26e94c3fe8f202311258f56aa7cd774afed1c95ad4efd90d40124238d54fccbfbb609f1ea00175151ce3ea08549a9279f255c3411e95da1b71dd521338cac3ea3ecdb8020d8", @nested={0x114, 0xa5, 0x0, 0x1, [@nested={0x4, 0x2}, @nested={0x4, 0x8f}, @generic="65fdbe61", @typed={0x103, 0x2c, 0x0, 0x0, @binary="87a239ccb8eaa07ad9f736f13a890cfb9bcf448114134aad295f3ace3ce50c0db3f8463bf3e05bc0370d29843432a38d6acfac22c1d4f6d565bfd69fa47481d0ae01859866d0d01aca87ed656ffcfaf719e88a8acf0cbb07ad412d837e90897a5e0cdd532b9f0db4a1d5d47742d5eec507c5d5e06df80a28b1b1e92d36aeb95472e3f013ac10bc0fe30e9b2f824a8f9b8b142465771decff3fbfa0f7e5d185f71fdd51373f2acca7e6d8302d422bc1ea6681a12e7447fb5175b7db3a944e4f2f05d8dd35ff2cc77d246f4955b8206f60828684b9522e9d7d4722615180bdd1f7ace47e1e20a70f7163a2ea2bb2f209529b006ee58a38aee60a5821366fa7be"}]}, @nested={0x82, 0x104, 0x0, 0x1, [@generic="7e7748021a2f24f0814232b02dfc06b67891e807ab87807d0d914c4908755692d533564c8bce1d789c03", @generic="aff9d7f8a0f26b904df2e13769f43fa9fe148036ca58eb83c10b9ce16722bcb40e4a853beb6f499559744b406f450df5b2d2e106240281e5e64eb5d809f490e7", @typed={0x8, 0x123, 0x0, 0x0, @u32=0x2}, @nested={0x4, 0x34}, @typed={0x8, 0x3, 0x0, 0x0, @pid}]}, @typed={0x8, 0x8f, 0x0, 0x0, @pid=r8}, @typed={0x14, 0xea, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @empty}}, @nested={0x14, 0x98, 0x0, 0x1, [@nested={0x4, 0x13d}, @typed={0xa, 0xe0, 0x0, 0x0, @str='&%:[,\x00'}]}, @nested={0xd0, 0x139, 0x0, 0x1, [@nested={0x4, 0x112}, @nested={0x4, 0x134}, @generic="06ca8787b036e0776bfb8ea8e4268cf88210403071ad4dceeb827cbce09612fca6437ffdea632cb9a16b3cdb3f6a0636ce7a1e376479059403093306d9f15949b706ff3bbabd10e9268e8f97975f65ea42c8335d0fd3a4823d026f44e8e3848b0211d6ccb80f8f7f51e5f644064e94218a6a6f73a848b87f182f4a57320853086cd519a0ef8eff1bd45e1b287b98b3e19030b4ccba022df53a17aee2d69f3d52ddc9a4bae498456852c47ba619e7173ac03b3a84237b717e9826fe3cfc84602aeb4e617e"]}, @nested={0x8, 0x95, 0x0, 0x1, [@nested={0x4, 0x124}]}, @generic="dabb80d7cfb6baef6dc74dc975af01983f6a621c593a80f0e3b643aa97be642bb748974eaff3d525b78fad166db9b89d698ed539615c51494480ee1a1ce07a6a382f281d5062637dc668168ddcb42d9816e822938786173be7", @nested={0x14, 0x108, 0x0, 0x1, [@typed={0x8, 0x26, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @typed={0x8, 0x138, 0x0, 0x0, @uid=r9}]}]}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x5}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x5}]}, 0x410}, 0x1, 0x0, 0x0, 0x40004}, 0x18) sendmsg$auto_NL80211_CMD_ADD_NAN_FUNCTION(r0, &(0x7f0000001280)={&(0x7f00000011c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001240)={&(0x7f0000001200)={0x24, r7, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, 0x80}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000540), r10) r12 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_DELETE(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)={0x1c, r11, 0x9, 0x70bd27, 0x25dfdbfb, {}, [@NET_SHAPER_A_IFINDEX={0x8, 0x8, r13}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44000}, 0xc050) r14 = socket$nl_generic(0x10, 0x3, 0x10) r15 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000140), r14) sendmsg$auto_OVS_VPORT_CMD_SET(r14, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)={0x28, r15, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@OVS_VPORT_ATTR_OPTIONS={0x4}, @OVS_VPORT_ATTR_NAME={0xf, 0x3, 'netdevsim0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x8080}, 0x40) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/netstat\x00', 0x100, 0x0) add_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000001040)='\x01\x00\x00\x00\x00\x00\x00\x00ar\x00', &(0x7f0000001080)='\x01', &(0x7f00000010c0)="5235c542fe63ee80e2660f65490b0f0ec539da9ae91cc5fb9c27a27ccfefcd1bd43280cde0ee6c3dd5e4590bb88bf0ddfa65be173b6f29fb2b003731406153b22c71a0fa9a21ad37293991934f7776218922695d6a940328ba180ee3daa45e85dd6c489f7f8bdd5ccbdeca9d99ef51062c0a3344863767c9f600d4847b4ca016db9881389e9d596c49f8c96d2fd0b4c07b94a878ffda1569917342d30a4ec3", 0x7, 0xfffffffffffffffb) brk$auto(0x7fffffffefff) r16 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r17 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r17, 0x8933, &(0x7f0000000000)={'virt_wifi0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r17, &(0x7f0000000080)={0x0, 0xfffffffffffffd72, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r16, 0x13, 0x70bd26, 0x25dfdbfd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r18}, @NL80211_ATTR_WIPHY_NAME={0xc, 0x2, '\x00\x00\x00\x00\x00\x00\x00\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004080}, 0x0) 534.556205ms ago: executing program 1 (id=1448): bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0xffffffffffffffff, 0x9) unshare$auto(0x40000080) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) socket(0x12, 0x4, 0x440a) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20b42, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\x80\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\x00\x0e\v9\xb5j\x00\x04\xc8\x1fa\x1c\x1a\x05 \xfdr/D\xbf\x98\x06\xe5\xf6\x8d\x1fX\xe5\xbc\xbc\"}$', 0x7fffffff) ioctl$auto_SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000040)) sendfile$auto(0x6, 0x3, 0x0, 0xfdef) mmap$auto(0x2000000000000, 0xfffffffffffffffe, 0x8, 0x810, r0, 0x5d63) io_setup$auto(0x80002, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/afs/addr_prefs\x00', 0x102, 0x0) writev$auto(r2, &(0x7f0000000080)={&(0x7f0000000040), 0x6}, 0x3) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) mmap$auto(0xfffffffffffffff8, 0xef3f, 0x0, 0x17, r3, 0x7) mmap$auto(0x3, 0x20009, 0x1, 0xeb1, r2, 0x108000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r4, 0x4b47, 0x1) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/usbmon6\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r5 = socket(0x2, 0x5, 0x0) connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x0, @rand_addr=0xfffffffe}, 0x55) sendto$auto(0x3, 0x0, 0x2000f, 0x13f, &(0x7f0000000000)=@in={0x2, 0x4e22, @loopback}, 0x1c) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000700), 0xffffffffffffffff) sendmsg$auto_WG_CMD_SET_DEVICE(r6, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x88, r7, 0x100, 0x70bd28, 0x25dfdbff, {}, [@WGDEVICE_A_PUBLIC_KEY={0x73, 0x4, "81b601f698910f2290e1128f05a2a0e4b51c1e995cbe987ea6b1fd58fb030c64b5efbabb4c818e5cf32cbe02a0d8d54032be7f3cf19a566eb2785a41fd189760a2c25ad4532be395d08449ed2b7edc359e8d4f3cbb4725bbcfafcd5412218e55a82c75197bcf6a582b9af912a738fe"}]}, 0x88}, 0x1, 0x0, 0x0, 0x20000080}, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'veth1_macvtap\x00'}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'vlan0\x00'}) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x20400, 0x0) 414.356982ms ago: executing program 0 (id=1449): mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) r0 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000140), 0xffffffffffffffff) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000000, 0xd77, 0x6, 0x7181, 0x81, 0x2000007, 0x3, 0x9a89, 0x5, 0x80005, 0x800, 0x1fffffffffff, 0xb4, 0x3, 0x2, 0x10007, 0x80, 0x0, 0x0, 0xa, 0x22004, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0x1, [0x0, 0x0, 0xea4, 0x4, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x5, 0x0, 0x0, 0x100000002, 0x0, 0x3, 0x4, 0x5, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x100000000]}, 0x1fe, 0xd) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0], 0x1c}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xda5c}, 0x800}, 0x7, 0x4008) 254.117284ms ago: executing program 3 (id=1450): ioctl$auto_TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000040)=0x5) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x3, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x1, 0x6) socket(0x11, 0x80003, 0x300) socket(0x10, 0x2, 0x0) socket(0x2, 0x3, 0x2) socket(0x2, 0x3, 0x104) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x40, 0x0) socketpair$auto(0x3, 0x5, 0x7, 0x0) bind$auto(0x3, 0x0, 0x6b) 0s ago: executing program 3 (id=1451): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x80802, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x3, 0x1c) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.145' (ED25519) to the list of known hosts. [ 90.052662][ T5836] cgroup: Unknown subsys name 'net' [ 90.165504][ T5836] cgroup: Unknown subsys name 'cpuset' [ 90.174784][ T5836] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 92.062998][ T5836] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 94.304389][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 94.321014][ T5856] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 94.330293][ T5856] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 94.338624][ T5856] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 94.347093][ T5856] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 94.355041][ T5856] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 94.362657][ T5856] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 94.371140][ T5856] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 94.378782][ T5856] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 94.387208][ T5856] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 94.392347][ T5861] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 94.402807][ T5856] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 94.415214][ T5856] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 94.432858][ T5856] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 94.436182][ T5858] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 94.441915][ T5856] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 94.448551][ T5858] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 94.462130][ T5856] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 94.469871][ T5856] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 94.479199][ T5853] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 94.949553][ T5848] chnl_net:caif_netlink_parms(): no params data found [ 95.142542][ T5845] chnl_net:caif_netlink_parms(): no params data found [ 95.228696][ T5846] chnl_net:caif_netlink_parms(): no params data found [ 95.243065][ T5847] chnl_net:caif_netlink_parms(): no params data found [ 95.283747][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.291681][ T5848] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.299022][ T5848] bridge_slave_0: entered allmulticast mode [ 95.307278][ T5848] bridge_slave_0: entered promiscuous mode [ 95.354584][ T5848] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.363771][ T5848] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.371048][ T5848] bridge_slave_1: entered allmulticast mode [ 95.378709][ T5848] bridge_slave_1: entered promiscuous mode [ 95.500671][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.510051][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.517895][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.525713][ T5845] bridge_slave_0: entered allmulticast mode [ 95.532873][ T5845] bridge_slave_0: entered promiscuous mode [ 95.569632][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.579404][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.586814][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.594154][ T5845] bridge_slave_1: entered allmulticast mode [ 95.601391][ T5845] bridge_slave_1: entered promiscuous mode [ 95.620516][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.627880][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.635142][ T5846] bridge_slave_0: entered allmulticast mode [ 95.642390][ T5846] bridge_slave_0: entered promiscuous mode [ 95.675656][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.685149][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.692782][ T5847] bridge_slave_0: entered allmulticast mode [ 95.700029][ T5847] bridge_slave_0: entered promiscuous mode [ 95.708208][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.715657][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.723085][ T5846] bridge_slave_1: entered allmulticast mode [ 95.730315][ T5846] bridge_slave_1: entered promiscuous mode [ 95.765035][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.772669][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.779875][ T5847] bridge_slave_1: entered allmulticast mode [ 95.787489][ T5847] bridge_slave_1: entered promiscuous mode [ 95.824649][ T5848] team0: Port device team_slave_0 added [ 95.833649][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.875241][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.886387][ T5848] team0: Port device team_slave_1 added [ 95.909481][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.921624][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.933999][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.994566][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.018322][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.027237][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.053983][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.094260][ T5846] team0: Port device team_slave_0 added [ 96.101060][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.108459][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.134563][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.156838][ T5845] team0: Port device team_slave_0 added [ 96.178697][ T5846] team0: Port device team_slave_1 added [ 96.202666][ T5845] team0: Port device team_slave_1 added [ 96.210749][ T5847] team0: Port device team_slave_0 added [ 96.263534][ T5847] team0: Port device team_slave_1 added [ 96.270051][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.278248][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.304662][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.316937][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.324279][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.350263][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.385983][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.393228][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.419494][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.431425][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.438394][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.464809][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.464932][ T5858] Bluetooth: hci3: command tx timeout [ 96.491551][ T5851] Bluetooth: hci0: command tx timeout [ 96.521736][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.528806][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.555324][ T5858] Bluetooth: hci2: command tx timeout [ 96.555527][ T5858] Bluetooth: hci1: command tx timeout [ 96.567057][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.580443][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.587496][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.613748][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.631685][ T5848] hsr_slave_0: entered promiscuous mode [ 96.638316][ T5848] hsr_slave_1: entered promiscuous mode [ 96.718816][ T5846] hsr_slave_0: entered promiscuous mode [ 96.726696][ T5846] hsr_slave_1: entered promiscuous mode [ 96.733099][ T5846] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.740824][ T5846] Cannot create hsr debugfs directory [ 96.789175][ T5845] hsr_slave_0: entered promiscuous mode [ 96.796270][ T5845] hsr_slave_1: entered promiscuous mode [ 96.803397][ T5845] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.811003][ T5845] Cannot create hsr debugfs directory [ 96.859810][ T43] cfg80211: failed to load regulatory.db [ 96.872753][ T5847] hsr_slave_0: entered promiscuous mode [ 96.879122][ T5847] hsr_slave_1: entered promiscuous mode [ 96.885951][ T5847] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.893613][ T5847] Cannot create hsr debugfs directory [ 97.366693][ T5848] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 97.380316][ T5848] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 97.400819][ T5848] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 97.415165][ T5848] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 97.495898][ T5845] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 97.507494][ T5845] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 97.520430][ T5845] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 97.532711][ T5845] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 97.634274][ T5846] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 97.650990][ T5846] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 97.668105][ T5846] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 97.680303][ T5846] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 97.802906][ T5847] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 97.829222][ T5847] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 97.841118][ T5847] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 97.865034][ T5847] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 97.896718][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.914939][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.936716][ T5848] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.967221][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.974526][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.005479][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.012632][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.053090][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.084227][ T3529] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.091466][ T3529] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.123061][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.148762][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.156045][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.239327][ T5846] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.312921][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.320240][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.360929][ T3584] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.368121][ T3584] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.450454][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.500082][ T5847] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.531671][ T5851] Bluetooth: hci3: command tx timeout [ 98.537160][ T5851] Bluetooth: hci0: command tx timeout [ 98.541123][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.549763][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.596696][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.603919][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.611754][ T5851] Bluetooth: hci1: command tx timeout [ 98.617287][ T5851] Bluetooth: hci2: command tx timeout [ 98.740120][ T5847] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 98.757001][ T5847] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 98.827200][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.848018][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.977341][ T5845] veth0_vlan: entered promiscuous mode [ 99.033377][ T5848] veth0_vlan: entered promiscuous mode [ 99.049633][ T5845] veth1_vlan: entered promiscuous mode [ 99.089038][ T5848] veth1_vlan: entered promiscuous mode [ 99.178691][ T5845] veth0_macvtap: entered promiscuous mode [ 99.200131][ T5845] veth1_macvtap: entered promiscuous mode [ 99.269497][ T5848] veth0_macvtap: entered promiscuous mode [ 99.300120][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.316023][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.326528][ T5848] veth1_macvtap: entered promiscuous mode [ 99.344080][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.363465][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.403027][ T5845] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.413807][ T5845] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.424455][ T5845] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.434035][ T5845] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.452765][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.474278][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.489392][ T5848] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.500006][ T5848] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.511523][ T5848] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.520262][ T5848] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.638991][ T5847] veth0_vlan: entered promiscuous mode [ 99.654899][ T5846] veth0_vlan: entered promiscuous mode [ 99.707786][ T5847] veth1_vlan: entered promiscuous mode [ 99.731001][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.736307][ T5846] veth1_vlan: entered promiscuous mode [ 99.745673][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.779968][ T1161] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.794711][ T1161] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.846498][ T5847] veth0_macvtap: entered promiscuous mode [ 99.880417][ T3584] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.895259][ T3584] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.903115][ T5847] veth1_macvtap: entered promiscuous mode [ 99.944581][ T5846] veth0_macvtap: entered promiscuous mode [ 99.962115][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.970965][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.993504][ T5846] veth1_macvtap: entered promiscuous mode [ 100.027972][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.053719][ T5845] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 100.095660][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.112219][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.139232][ T5847] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.161424][ T5847] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.170281][ T5847] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.211226][ T5847] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.228735][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.277370][ T5846] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.290278][ T5846] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.301136][ T5943] program syz.1.2 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 100.310805][ T5846] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.320342][ T5846] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.537192][ T3529] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.551355][ T3529] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.621679][ T5851] Bluetooth: hci0: command tx timeout [ 100.621702][ T5858] Bluetooth: hci3: command tx timeout [ 100.693193][ T5851] Bluetooth: hci2: command tx timeout [ 100.695969][ T5858] Bluetooth: hci1: command tx timeout [ 100.720334][ T1161] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.767422][ T1161] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.855528][ T3529] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.889877][ T3529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.908397][ T5943] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 100.931018][ T1112] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.966191][ T1112] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.174226][ T30] audit: type=1800 audit(1753008663.823:2): pid=5951 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.5" name="lu_gp_id" dev="configfs" ino=7431 res=0 errno=0 [ 101.209212][ T5951] netlink: 72 bytes leftover after parsing attributes in process `syz.3.5'. [ 101.578001][ T5959] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6'. [ 101.716256][ T5957] Zero length message leads to an empty skb [ 101.754996][ T5959] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 101.805306][ T5959] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 101.835694][ T5959] bond0 (unregistering): Released all slaves [ 102.093175][ T5966] FAULT_INJECTION: forcing a failure. [ 102.093175][ T5966] name failslab, interval 1, probability 0, space 0, times 1 [ 102.127871][ T5966] CPU: 1 UID: 0 PID: 5966 Comm: syz.0.8 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 102.127917][ T5966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 102.127939][ T5966] Call Trace: [ 102.127950][ T5966] [ 102.127966][ T5966] dump_stack_lvl+0x16c/0x1f0 [ 102.128006][ T5966] should_fail_ex+0x512/0x640 [ 102.128037][ T5966] ? __kvmalloc_node_noprof+0x124/0x620 [ 102.128072][ T5966] should_failslab+0xc2/0x120 [ 102.128109][ T5966] __kvmalloc_node_noprof+0x137/0x620 [ 102.128141][ T5966] ? alloc_fdtable+0x158/0x2b0 [ 102.128196][ T5966] ? alloc_fdtable+0x158/0x2b0 [ 102.128242][ T5966] alloc_fdtable+0x158/0x2b0 [ 102.128293][ T5966] dup_fd+0x83b/0xb90 [ 102.128328][ T5966] ? apparmor_task_alloc+0x2c2/0x3b0 [ 102.128373][ T5966] copy_process+0x230c/0x7650 [ 102.128413][ T5966] ? __pfx___futex_wait+0x10/0x10 [ 102.128478][ T5966] ? __pfx_copy_process+0x10/0x10 [ 102.128520][ T5966] ? __pfx_map_create+0x10/0x10 [ 102.128563][ T5966] ? __might_fault+0xe3/0x190 [ 102.128600][ T5966] ? __futex_hash.constprop.0+0x1e9/0x440 [ 102.128646][ T5966] kernel_clone+0xfc/0x960 [ 102.128690][ T5966] ? __pfx_kernel_clone+0x10/0x10 [ 102.128754][ T5966] __do_sys_clone+0xce/0x120 [ 102.128801][ T5966] ? __pfx___do_sys_clone+0x10/0x10 [ 102.128863][ T5966] ? xfd_validate_state+0x61/0x180 [ 102.128923][ T5966] do_syscall_64+0xcd/0x490 [ 102.128958][ T5966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.128990][ T5966] RIP: 0033:0x7fb77fd8e9a9 [ 102.129023][ T5966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 102.129053][ T5966] RSP: 002b:00007fb780b34038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 102.129083][ T5966] RAX: ffffffffffffffda RBX: 00007fb77ffb6080 RCX: 00007fb77fd8e9a9 [ 102.129103][ T5966] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001 [ 102.129121][ T5966] RBP: 00007fb77fe10d69 R08: 0000000000000000 R09: 0000000000000000 [ 102.129139][ T5966] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000000 [ 102.129157][ T5966] R13: 0000000000000000 R14: 00007fb77ffb6080 R15: 00007ffd8981b208 [ 102.129194][ T5966] [ 102.419900][ T5972] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 102.584740][ T5966] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8'. [ 102.695983][ T5858] Bluetooth: hci3: command tx timeout [ 102.695996][ T5851] Bluetooth: hci0: command tx timeout [ 102.772665][ T5858] Bluetooth: hci2: command tx timeout [ 102.778278][ T5858] Bluetooth: hci1: command tx timeout [ 103.034935][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.278710][ T6005] netlink: 20 bytes leftover after parsing attributes in process `syz.0.19'. [ 104.343919][ T6007] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 104.350602][ T6007] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 104.384132][ T6007] netlink: 12 bytes leftover after parsing attributes in process `syz.0.19'. [ 104.505325][ T6005] hsr_slave_0 (unregistering): left promiscuous mode [ 104.653600][ T6015] netlink: 4 bytes leftover after parsing attributes in process `syz.1.21'. [ 104.665004][ T6009] vhci_hcd: invalid port number 16 [ 104.670191][ T6009] vhci_hcd: invalid port number 16 [ 104.694118][ T6015] netlink: 4 bytes leftover after parsing attributes in process `syz.1.21'. [ 104.708353][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 104.951742][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.994238][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 105.031436][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 105.172906][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 105.196355][ T6023] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 105.252026][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.455042][ T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!! [ 105.641588][ T6023] zram: Added device: zram1 [ 107.827090][ T6055] netlink: 338 bytes leftover after parsing attributes in process `syz.2.32'. [ 107.986564][ T6063] debugfs: Directory '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' with parent 'ieee80211' already present! [ 108.236211][ T6063] zram: Added device: zram2 [ 108.272310][ T6064] netlink: 338 bytes leftover after parsing attributes in process `syz.0.43'. [ 108.394226][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 108.691766][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 108.766606][ T6073] vhci_hcd: invalid port number 16 [ 108.785859][ T6073] vhci_hcd: invalid port number 16 [ 110.527785][ T6094] netlink: 20 bytes leftover after parsing attributes in process `syz.1.40'. [ 110.614302][ T6096] hsr_slave_0 (unregistering): hsr_addr_subst_dest: Unknown node [ 110.622245][ T6096] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 110.709394][ T6096] netlink: 12 bytes leftover after parsing attributes in process `syz.1.40'. [ 110.846679][ T6094] hsr_slave_0 (unregistering): left promiscuous mode [ 111.203157][ T6110] netlink: 4 bytes leftover after parsing attributes in process `syz.3.45'. [ 111.646356][ T6113] netlink: 338 bytes leftover after parsing attributes in process `syz.2.46'. [ 111.708434][ T6125] debugfs: Directory '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' with parent 'ieee80211' already present! [ 111.728596][ T6124] netlink: 24 bytes leftover after parsing attributes in process `syz.0.57'. [ 111.806396][ T6128] zram: Added device: zram3 [ 111.910830][ T6123] netlink: 338 bytes leftover after parsing attributes in process `syz.1.50'. [ 112.039803][ T6124] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 112.054736][ T6124] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 112.069672][ T6124] bond0 (unregistering): Released all slaves [ 113.295309][ T6169] netlink: 4 bytes leftover after parsing attributes in process `syz.2.58'. [ 113.833050][ T6175] netlink: 322 bytes leftover after parsing attributes in process `syz.1.60'. [ 114.738984][ T6206] netlink: 4 bytes leftover after parsing attributes in process `syz.1.70'. [ 114.757516][ T6207] netlink: 4 bytes leftover after parsing attributes in process `syz.0.71'. [ 115.491563][ T6217] netlink: 322 bytes leftover after parsing attributes in process `syz.1.74'. [ 115.888125][ T6235] program syz.1.80 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 117.121812][ T6264] binder: 6263:6264 ioctl 40046210 0 returned -14 [ 118.816092][ T6300] netlink: 4 bytes leftover after parsing attributes in process `syz.1.100'. [ 118.854454][ T6300] netlink: 4 bytes leftover after parsing attributes in process `syz.1.100'. [ 119.694101][ T6316] program syz.0.109 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 125.180334][ T6411] netlink: 330 bytes leftover after parsing attributes in process `syz.3.136'. [ 125.600195][ T6420] netlink: 330 bytes leftover after parsing attributes in process `syz.2.140'. [ 125.693416][ T6425] netlink: 330 bytes leftover after parsing attributes in process `syz.1.141'. [ 125.845138][ T6427] netlink: 330 bytes leftover after parsing attributes in process `syz.3.142'. [ 126.048257][ T6433] netlink: 330 bytes leftover after parsing attributes in process `syz.2.145'. syzkaller syzkaller login: syzkaller syzkaller login: [ 130.648897][ T6535] workqueue: max_active 109890355 requested for writeback is out of range, clamping between 1 and 2048 [ 131.333415][ T6553] workqueue: max_active 109945241 requested for writeback is out of range, clamping between 1 and 2048 [ 132.033998][ T6578] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 syzkaller syzkaller login: [ 134.036250][ T6593] blktrace: Concurrent blktraces are not allowed on sda1 [ 134.834862][ T6565] kexec: Could not allocate control_code_buffer [ 136.396392][ T6619] random: crng reseeded on system resumption [ 137.632749][ T6636] netlink: 24 bytes leftover after parsing attributes in process `syz.1.210'. [ 137.829554][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.838405][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.506634][ T6611] kexec: Could not allocate control_code_buffer [ 139.118749][ T6660] netlink: 24 bytes leftover after parsing attributes in process `syz.1.219'. [ 139.915006][ T6678] blktrace: Concurrent blktraces are not allowed on sda1 [ 140.843440][ T6695] binder: 6694:6695 ioctl 40046210 0 returned -14 [ 141.618905][ T6663] kexec: Could not allocate control_code_buffer [ 141.645316][ T6712] netlink: 4 bytes leftover after parsing attributes in process `syz.1.237'. [ 142.757406][ T6731] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 142.763934][ T6731] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 143.331188][ T6725] random: crng reseeded on system resumption [ 143.562885][ T6752] netlink: 4 bytes leftover after parsing attributes in process `syz.1.249'. [ 144.339186][ T6718] kexec: Could not allocate control_code_buffer [ 144.671995][ T6769] binder: 6767:6769 ioctl 40046210 0 returned -14 [ 145.602923][ T6791] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 146.123391][ T6809] netlink: 24 bytes leftover after parsing attributes in process `syz.1.268'. [ 146.428695][ T6811] binder: 6810:6811 ioctl 40046210 0 returned -14 [ 147.950693][ T6792] kexec: Could not allocate control_code_buffer [ 148.055407][ T6844] netlink: 24 bytes leftover after parsing attributes in process `syz.3.279'. syzkaller syzkaller login: [ 148.398850][ T6849] binder: 6848:6849 ioctl 40046210 0 returned -14 [ 148.481087][ T6844] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 148.511865][ T6844] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 148.548715][ T6844] bond0 (unregistering): Released all slaves [ 149.261093][ T6874] blktrace: Concurrent blktraces are not allowed on sda1 [ 150.222255][ T6893] netlink: 24 bytes leftover after parsing attributes in process `syz.1.302'. syzkaller syzkaller login: [ 151.489596][ T6911] binder: 6910:6911 ioctl 40046210 0 returned -14 [ 151.695390][ T6921] netlink: 24 bytes leftover after parsing attributes in process `syz.3.304'. [ 151.928134][ T6930] netlink: 4 bytes leftover after parsing attributes in process `syz.1.306'. [ 151.938674][ T6930] netlink: 4 bytes leftover after parsing attributes in process `syz.1.306'. [ 153.030823][ T6966] netlink: 4 bytes leftover after parsing attributes in process `syz.0.319'. [ 153.069649][ T6966] netlink: 4 bytes leftover after parsing attributes in process `syz.0.319'. [ 153.185939][ T6972] netlink: 24 bytes leftover after parsing attributes in process `syz.2.321'. [ 153.407133][ T6972] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 153.435086][ T6972] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 153.454975][ T6977] blktrace: Concurrent blktraces are not allowed on sda1 [ 153.469004][ T6972] bond0 (unregistering): Released all slaves [ 155.057155][ T7003] nbd: must specify a size in bytes for the device [ 155.330074][ T7007] binder: 7006:7007 ioctl 40046210 0 returned -14 [ 155.562112][ T7009] workqueue: max_active 109857177 requested for writeback is out of range, clamping between 1 and 2048 [ 156.109125][ T7036] nbd: must specify a size in bytes for the device [ 156.147119][ T7040] blktrace: Concurrent blktraces are not allowed on sda1 [ 156.522245][ T7047] binder: 7046:7047 ioctl 40046210 0 returned -14 [ 157.484290][ T7084] binder: 7083:7084 ioctl 40046210 0 returned -14 [ 157.692099][ T7087] blktrace: Concurrent blktraces are not allowed on sda1 [ 158.088946][ T7100] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 158.095540][ T7100] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 158.546107][ T7111] binder: 7110:7111 ioctl 40046210 0 returned -14 [ 158.810728][ T7124] netlink: 24 bytes leftover after parsing attributes in process `syz.0.373'. [ 159.030560][ T7132] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 159.752383][ T7149] binder: 7148:7149 ioctl 40046210 0 returned -14 [ 159.824825][ T7153] netlink: 24 bytes leftover after parsing attributes in process `syz.0.385'. [ 160.010323][ T7163] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 160.851029][ T7185] binder: 7184:7185 ioctl 40046210 0 returned -14 syzkaller syzkaller login: [ 161.972555][ T7218] binder: 7217:7218 ioctl 40046210 0 returned -14 [ 162.700134][ T7236] netlink: 24 bytes leftover after parsing attributes in process `syz.1.415'. [ 163.172667][ T7246] binder: 7245:7246 ioctl 40046210 0 returned -14 syzkaller syzkaller login: [ 164.305249][ T7283] netlink: 4 bytes leftover after parsing attributes in process `syz.3.429'. [ 164.335108][ T7283] netlink: 4 bytes leftover after parsing attributes in process `syz.3.429'. [ 164.624254][ T7292] netlink: 24 bytes leftover after parsing attributes in process `syz.2.441'. syzkaller syzkaller login: [ 165.344611][ T7317] netlink: 4 bytes leftover after parsing attributes in process `syz.3.442'. [ 165.414995][ T7317] netlink: 4 bytes leftover after parsing attributes in process `syz.3.442'. [ 165.583876][ T7325] netlink: 24 bytes leftover after parsing attributes in process `syz.2.446'. [ 166.458447][ T7357] netlink: 4 bytes leftover after parsing attributes in process `syz.3.456'. [ 166.511020][ T7357] netlink: 4 bytes leftover after parsing attributes in process `syz.3.456'. [ 167.667703][ T7397] netlink: 8 bytes leftover after parsing attributes in process `syz.2.472'. [ 167.780705][ T7403] netlink: 4 bytes leftover after parsing attributes in process `syz.1.471'. [ 169.487791][ T7458] __nla_validate_parse: 5 callbacks suppressed [ 169.487823][ T7458] netlink: 8 bytes leftover after parsing attributes in process `syz.3.495'. [ 169.579514][ T7460] netlink: 24 bytes leftover after parsing attributes in process `syz.1.496'. syzkaller syzkaller login: [ 170.146675][ T7481] netlink: 4 bytes leftover after parsing attributes in process `syz.1.504'. [ 170.157362][ T7481] netlink: 4 bytes leftover after parsing attributes in process `syz.1.504'. [ 170.204993][ T7483] netlink: 4 bytes leftover after parsing attributes in process `syz.2.503'. [ 170.253970][ T7483] netlink: 4 bytes leftover after parsing attributes in process `syz.2.503'. [ 170.769548][ T7500] netlink: 24 bytes leftover after parsing attributes in process `syz.2.510'. [ 170.925937][ T7496] netlink: 330 bytes leftover after parsing attributes in process `syz.3.509'. [ 171.215912][ T7514] netlink: 4 bytes leftover after parsing attributes in process `syz.3.514'. [ 171.268669][ T7519] netlink: 4 bytes leftover after parsing attributes in process `syz.3.514'. [ 174.948805][ T7625] __nla_validate_parse: 14 callbacks suppressed [ 174.948827][ T7625] netlink: 330 bytes leftover after parsing attributes in process `syz.0.553'. syzkaller syzkaller login: [ 175.400604][ T7654] netlink: 4 bytes leftover after parsing attributes in process `syz.1.563'. [ 175.410853][ T7654] netlink: 4 bytes leftover after parsing attributes in process `syz.1.563'. [ 176.455008][ T7689] netlink: 4 bytes leftover after parsing attributes in process `syz.0.576'. [ 176.507193][ T7689] netlink: 4 bytes leftover after parsing attributes in process `syz.0.576'. syzkaller syzkaller login: [ 178.029679][ T7745] netlink: 4 bytes leftover after parsing attributes in process `syz.2.598'. [ 178.069269][ T7745] netlink: 4 bytes leftover after parsing attributes in process `syz.2.598'. [ 179.111547][ T7784] netlink: 4 bytes leftover after parsing attributes in process `syz.3.612'. [ 179.140677][ T7784] netlink: 4 bytes leftover after parsing attributes in process `syz.3.612'. [ 180.420746][ T7814] netlink: 4 bytes leftover after parsing attributes in process `syz.0.624'. [ 180.450606][ T7814] netlink: 4 bytes leftover after parsing attributes in process `syz.0.624'. [ 180.815619][ T7826] netlink: 4 bytes leftover after parsing attributes in process `syz.3.627'. [ 180.852788][ T7826] netlink: 4 bytes leftover after parsing attributes in process `syz.3.627'. [ 181.750456][ T7853] netlink: 4 bytes leftover after parsing attributes in process `syz.2.636'. [ 181.790196][ T7853] netlink: 4 bytes leftover after parsing attributes in process `syz.2.636'. [ 182.034583][ T7863] netlink: 4 bytes leftover after parsing attributes in process `syz.0.638'. [ 182.083025][ T7863] netlink: 4 bytes leftover after parsing attributes in process `syz.0.638'. [ 182.881975][ T7893] netlink: 4 bytes leftover after parsing attributes in process `syz.1.649'. [ 182.902971][ T7893] netlink: 4 bytes leftover after parsing attributes in process `syz.1.649'. syzkaller syzkaller login: [ 185.430563][ T7963] __nla_validate_parse: 4 callbacks suppressed [ 185.430588][ T7963] netlink: 4 bytes leftover after parsing attributes in process `syz.1.673'. [ 185.465862][ T7963] netlink: 4 bytes leftover after parsing attributes in process `syz.1.673'. [ 185.569547][ T7970] netlink: 4 bytes leftover after parsing attributes in process `syz.3.674'. [ 185.579839][ T7970] netlink: 4 bytes leftover after parsing attributes in process `syz.3.674'. [ 185.795883][ T7975] program syz.2.678 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 186.718485][ T8005] netlink: 4 bytes leftover after parsing attributes in process `syz.1.687'. [ 186.719965][ T8007] netlink: 4 bytes leftover after parsing attributes in process `syz.0.686'. [ 186.756830][ T8007] netlink: 4 bytes leftover after parsing attributes in process `syz.0.686'. [ 186.778144][ T8005] netlink: 4 bytes leftover after parsing attributes in process `syz.1.687'. [ 187.764888][ T8036] program syz.2.699 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 187.991775][ T8043] netlink: 4 bytes leftover after parsing attributes in process `syz.0.701'. [ 188.079045][ T8043] netlink: 4 bytes leftover after parsing attributes in process `syz.0.701'. [ 189.861986][ T8108] program syz.3.725 is using a deprecated SCSI ioctl, please convert it to SG_IO syzkaller syzkaller login: [ 190.746921][ T8135] __nla_validate_parse: 4 callbacks suppressed [ 190.746944][ T8135] netlink: 4 bytes leftover after parsing attributes in process `syz.0.736'. [ 190.768812][ T8135] netlink: 4 bytes leftover after parsing attributes in process `syz.0.736'. [ 190.996510][ T8146] netlink: 4 bytes leftover after parsing attributes in process `syz.3.739'. [ 191.043251][ T8146] netlink: 4 bytes leftover after parsing attributes in process `syz.3.739'. [ 191.403451][ T8161] netlink: 4 bytes leftover after parsing attributes in process `syz.2.743'. [ 191.438690][ T8161] netlink: 4 bytes leftover after parsing attributes in process `syz.2.743'. [ 191.923703][ T8171] binder: 8170:8171 ioctl 40046210 0 returned -14 syzkaller syzkaller login: [ 192.229504][ T8191] netlink: 4 bytes leftover after parsing attributes in process `syz.0.751'. [ 192.252829][ T8191] netlink: 4 bytes leftover after parsing attributes in process `syz.0.751'. [ 194.292779][ T8236] binder: 8235:8236 ioctl 40046210 0 returned -14 [ 194.355614][ T8247] netlink: 4 bytes leftover after parsing attributes in process `syz.1.771'. [ 194.374999][ T8247] netlink: 4 bytes leftover after parsing attributes in process `syz.1.771'. syzkaller syzkaller login: [ 196.094711][ T8298] __nla_validate_parse: 2 callbacks suppressed [ 196.094732][ T8298] netlink: 4 bytes leftover after parsing attributes in process `syz.2.787'. [ 196.135429][ T8298] netlink: 4 bytes leftover after parsing attributes in process `syz.2.787'. syzkaller syzkaller login: [ 197.580852][ T8346] netlink: 4 bytes leftover after parsing attributes in process `syz.2.802'. [ 197.623659][ T8346] netlink: 4 bytes leftover after parsing attributes in process `syz.2.802'. [ 197.835221][ T8355] netlink: 4 bytes leftover after parsing attributes in process `syz.0.806'. [ 197.864176][ T8355] netlink: 4 bytes leftover after parsing attributes in process `syz.0.806'. [ 198.244229][ T8372] netlink: 4 bytes leftover after parsing attributes in process `syz.0.811'. [ 198.254539][ T8372] netlink: 4 bytes leftover after parsing attributes in process `syz.0.811'. [ 198.725024][ T8387] netlink: 4 bytes leftover after parsing attributes in process `syz.0.815'. [ 198.748821][ T8387] netlink: 4 bytes leftover after parsing attributes in process `syz.0.815'. [ 198.859239][ T8391] program syz.3.818 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 199.257289][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.264780][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.066381][ T8433] program syz.3.832 is using a deprecated SCSI ioctl, please convert it to SG_IO syzkaller syzkaller login: [ 201.412100][ T8475] __nla_validate_parse: 10 callbacks suppressed [ 201.412120][ T8475] netlink: 4 bytes leftover after parsing attributes in process `syz.0.846'. [ 201.448206][ T8475] netlink: 4 bytes leftover after parsing attributes in process `syz.0.846'. [ 202.242719][ T8500] binder: 8498:8500 ioctl 40046210 0 returned -14 [ 203.323525][ T8546] binder: 8545:8546 ioctl 40046210 0 returned -14 [ 203.574331][ T8560] netlink: 4 bytes leftover after parsing attributes in process `syz.1.877'. [ 203.584917][ T8560] netlink: 4 bytes leftover after parsing attributes in process `syz.1.877'. [ 203.970610][ T8573] netlink: 4 bytes leftover after parsing attributes in process `syz.0.879'. [ 203.981086][ T8573] netlink: 4 bytes leftover after parsing attributes in process `syz.0.879'. syzkaller syzkaller login: [ 204.580154][ T8593] netlink: 4 bytes leftover after parsing attributes in process `syz.1.886'. [ 204.597632][ T8593] netlink: 4 bytes leftover after parsing attributes in process `syz.1.886'. [ 205.116343][ T8615] netlink: 4 bytes leftover after parsing attributes in process `syz.0.892'. [ 205.155784][ T8615] netlink: 4 bytes leftover after parsing attributes in process `syz.0.892'. [ 205.597121][ T8632] program syz.2.899 is using a deprecated SCSI ioctl, please convert it to SG_IO syzkaller syzkaller login: [ 207.187976][ T8696] __nla_validate_parse: 2 callbacks suppressed [ 207.187999][ T8696] netlink: 4 bytes leftover after parsing attributes in process `syz.1.919'. [ 207.252714][ T8696] netlink: 4 bytes leftover after parsing attributes in process `syz.1.919'. [ 207.653989][ T8713] netlink: 4 bytes leftover after parsing attributes in process `syz.1.923'. [ 207.665386][ T8713] netlink: 4 bytes leftover after parsing attributes in process `syz.1.923'. [ 207.678321][ T8711] program syz.0.925 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 208.290399][ T8740] netlink: 4 bytes leftover after parsing attributes in process `syz.3.932'. [ 208.322952][ T8740] netlink: 4 bytes leftover after parsing attributes in process `syz.3.932'. syzkaller syzkaller login: [ 209.173347][ T8772] program syz.1.944 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 209.260596][ T8774] netlink: 4 bytes leftover after parsing attributes in process `syz.2.945'. [ 209.305306][ T8774] netlink: 4 bytes leftover after parsing attributes in process `syz.2.945'. [ 209.880576][ T8801] netlink: 4 bytes leftover after parsing attributes in process `syz.1.952'. [ 209.925982][ T8801] netlink: 4 bytes leftover after parsing attributes in process `syz.1.952'. syzkaller syzkaller login: [ 210.231747][ T5858] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 210.231784][ T5858] Bluetooth: hci2: unexpected subevent 0x0a length: 725 > 30 [ 211.552640][ T8871] program syz.2.972 is using a deprecated SCSI ioctl, please convert it to SG_IO syzkaller syzkaller login: [ 212.195099][ T5851] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 212.195136][ T5851] Bluetooth: hci1: unexpected subevent 0x0a length: 725 > 30 [ 212.481865][ T8900] __nla_validate_parse: 7 callbacks suppressed [ 212.481885][ T8900] netlink: 4 bytes leftover after parsing attributes in process `syz.0.981'. [ 212.525475][ T8900] netlink: 4 bytes leftover after parsing attributes in process `syz.0.981'. [ 213.057615][ T8924] netlink: 4 bytes leftover after parsing attributes in process `syz.3.987'. [ 213.314167][ T8929] program syz.2.989 is using a deprecated SCSI ioctl, please convert it to SG_IO syzkaller syzkaller login: [ 214.244146][ T8954] netlink: 4 bytes leftover after parsing attributes in process `syz.1.993'. [ 214.336679][ T8957] netlink: 4 bytes leftover after parsing attributes in process `syz.1.993'. [ 215.060505][ T8976] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1005'. [ 215.071367][ T8976] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1005'. [ 215.211542][ T8979] netlink: 4 bytes leftover after parsing attributes in process `syz.0.999'. [ 215.272269][ T8979] netlink: 4 bytes leftover after parsing attributes in process `syz.0.999'. syzkaller syzkaller login: [ 215.701456][ T8985] program syz.3.1000 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 216.391067][ T9007] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1007'. [ 216.444640][ T9007] hsr_slave_1: left promiscuous mode [ 216.693463][ T5862] Bluetooth: hci0: command 0x0406 tx timeout [ 216.700068][ T5862] Bluetooth: hci3: command 0x0406 tx timeout [ 216.707923][ T5862] Bluetooth: hci1: command 0x0406 tx timeout [ 216.714826][ T5863] Bluetooth: hci2: command 0x0406 tx timeout syzkaller syzkaller login: [ 218.172788][ T9046] __nla_validate_parse: 2 callbacks suppressed [ 218.172810][ T9046] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1026'. [ 218.213545][ T9046] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1026'. syzkaller syzkaller login: [ 221.355293][ T9128] FAULT_INJECTION: forcing a failure. [ 221.355293][ T9128] name failslab, interval 1, probability 0, space 0, times 0 [ 221.401652][ T9128] CPU: 1 UID: 0 PID: 9128 Comm: syz.3.1042 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 221.401696][ T9128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 221.401714][ T9128] Call Trace: [ 221.401724][ T9128] [ 221.401736][ T9128] dump_stack_lvl+0x16c/0x1f0 [ 221.401775][ T9128] should_fail_ex+0x512/0x640 [ 221.401811][ T9128] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 221.401851][ T9128] should_failslab+0xc2/0x120 [ 221.401888][ T9128] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 221.401919][ T9128] ? ktime_get_coarse_real_ts64_mg+0x240/0x300 [ 221.401966][ T9128] ? __d_alloc+0x31/0xaa0 [ 221.402005][ T9128] __d_alloc+0x31/0xaa0 [ 221.402036][ T9128] ? look_up_lock_class+0x59/0x150 [ 221.402071][ T9128] d_alloc_pseudo+0x1c/0xc0 [ 221.402114][ T9128] alloc_file_pseudo+0xcf/0x230 [ 221.402157][ T9128] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 221.402196][ T9128] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 221.402238][ T9128] create_pipe_files+0x364/0x930 [ 221.402278][ T9128] do_pipe2+0xaf/0x1c0 [ 221.402310][ T9128] ? __pfx_do_pipe2+0x10/0x10 [ 221.402344][ T9128] ? xfd_validate_state+0x61/0x180 [ 221.402386][ T9128] ? __pfx_ksys_write+0x10/0x10 [ 221.402435][ T9128] __x64_sys_pipe+0x33/0x50 [ 221.402467][ T9128] do_syscall_64+0xcd/0x490 [ 221.402501][ T9128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.402538][ T9128] RIP: 0033:0x7fa241f8e9a9 [ 221.402562][ T9128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.402592][ T9128] RSP: 002b:00007fa23fdb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 221.402620][ T9128] RAX: ffffffffffffffda RBX: 00007fa2421b6160 RCX: 00007fa241f8e9a9 [ 221.402639][ T9128] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 221.402656][ T9128] RBP: 00007fa242010d69 R08: 0000000000000000 R09: 0000000000000000 [ 221.402674][ T9128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 221.402690][ T9128] R13: 0000000000000000 R14: 00007fa2421b6160 R15: 00007ffc8ae59e08 [ 221.402725][ T9128] [ 221.938675][ T9134] netlink: 'syz.2.1046': attribute type 10 has an invalid length. [ 222.102200][ T9132] netlink: 'syz.1.1045': attribute type 21 has an invalid length. [ 222.110963][ T9132] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1045'. [ 222.138110][ T9132] IPv6: NLM_F_CREATE should be specified when creating new route [ 222.161534][ T9140] syz.2.1048 uses obsolete (PF_INET,SOCK_PACKET) syzkaller syzkaller login: [ 222.425603][ T9146] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1049'. [ 222.443172][ T9146] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1049'. [ 222.929136][ T9158] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1053'. [ 223.499343][ T9172] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1056'. [ 223.570748][ T9172] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1056'. [ 223.796860][ T9184] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1060'. [ 223.835359][ T9184] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1060'. [ 224.285070][ T9203] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1064'. [ 224.712371][ T9224] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1070'. [ 224.784643][ T9224] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1070'. [ 225.089907][ T9235] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1072'. [ 225.135118][ T9235] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1072'. syzkaller syzkaller login: [ 226.699244][ T9269] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1079'. [ 228.692185][ T9319] __nla_validate_parse: 4 callbacks suppressed [ 228.692204][ T9319] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1091'. [ 228.725802][ T9321] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1093'. [ 228.762592][ T9322] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1091'. [ 228.977900][ T9328] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1094'. [ 228.988503][ T9328] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1094'. syzkaller syzkaller login: [ 230.375970][ T9372] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1108'. [ 230.387074][ T9372] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1108'. [ 231.181017][ T9392] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1113'. [ 232.065279][ T9414] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1120'. [ 232.080033][ T9414] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1120'. [ 233.626144][ T9450] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 234.210776][ T9460] __nla_validate_parse: 3 callbacks suppressed [ 234.210797][ T9460] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1133'. [ 234.385134][ T9468] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1145'. [ 234.417726][ T9468] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1145'. [ 235.024653][ T9486] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1151'. [ 235.066199][ T9486] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1151'. [ 235.446494][ T9497] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1148'. [ 236.990146][ T9538] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1154'. [ 237.030439][ T9538] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1154'. [ 237.368616][ T9548] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1157'. [ 239.272736][ T9591] FAULT_INJECTION: forcing a failure. [ 239.272736][ T9591] name failslab, interval 1, probability 0, space 0, times 0 [ 239.314931][ T9591] CPU: 1 UID: 0 PID: 9591 Comm: syz.1.1171 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 239.314969][ T9591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 239.314985][ T9591] Call Trace: [ 239.314994][ T9591] [ 239.315004][ T9591] dump_stack_lvl+0x16c/0x1f0 [ 239.315039][ T9591] should_fail_ex+0x512/0x640 [ 239.315067][ T9591] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 239.315101][ T9591] should_failslab+0xc2/0x120 [ 239.315134][ T9591] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 239.315164][ T9591] ? __alloc_skb+0x2b2/0x380 [ 239.315198][ T9591] __alloc_skb+0x2b2/0x380 [ 239.315229][ T9591] ? __pfx___alloc_skb+0x10/0x10 [ 239.315262][ T9591] ? __lock_acquire+0xb8a/0x1c90 [ 239.315308][ T9591] netlink_alloc_large_skb+0x69/0x130 [ 239.315354][ T9591] netlink_sendmsg+0x6a1/0xdd0 [ 239.315397][ T9591] ? __pfx_netlink_sendmsg+0x10/0x10 [ 239.315448][ T9591] ____sys_sendmsg+0xa95/0xc70 [ 239.315490][ T9591] ? copy_msghdr_from_user+0x10a/0x160 [ 239.315521][ T9591] ? __pfx_____sys_sendmsg+0x10/0x10 [ 239.315567][ T9591] ? __pfx__kstrtoull+0x10/0x10 [ 239.315618][ T9591] ___sys_sendmsg+0x134/0x1d0 [ 239.315651][ T9591] ? __pfx____sys_sendmsg+0x10/0x10 [ 239.315700][ T9591] ? find_held_lock+0x2b/0x80 [ 239.315755][ T9591] __sys_sendmmsg+0x200/0x420 [ 239.315792][ T9591] ? __pfx___sys_sendmmsg+0x10/0x10 [ 239.315836][ T9591] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 239.315884][ T9591] ? fput+0x70/0xf0 [ 239.315918][ T9591] ? ksys_write+0x1ac/0x250 [ 239.315944][ T9591] ? __pfx_ksys_write+0x10/0x10 [ 239.315978][ T9591] __x64_sys_sendmmsg+0x9c/0x100 [ 239.316008][ T9591] ? lockdep_hardirqs_on+0x7c/0x110 [ 239.316036][ T9591] do_syscall_64+0xcd/0x490 [ 239.316070][ T9591] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.316099][ T9591] RIP: 0033:0x7f410938e9a9 [ 239.316122][ T9591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 239.316149][ T9591] RSP: 002b:00007f410a182038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 239.316174][ T9591] RAX: ffffffffffffffda RBX: 00007f41095b5fa0 RCX: 00007f410938e9a9 [ 239.316192][ T9591] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 239.316208][ T9591] RBP: 00007f410a182090 R08: 0000000000000000 R09: 0000000000000000 [ 239.316223][ T9591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 239.316238][ T9591] R13: 0000000000000000 R14: 00007f41095b5fa0 R15: 00007ffcce045b88 [ 239.316274][ T9591] [ 239.692731][ T9597] random: crng reseeded on system resumption [ 239.739182][ T9595] FAULT_INJECTION: forcing a failure. [ 239.739182][ T9595] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 239.830954][ T9595] CPU: 0 UID: 0 PID: 9595 Comm: syz.0.1174 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 239.830988][ T9595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 239.831004][ T9595] Call Trace: [ 239.831012][ T9595] [ 239.831021][ T9595] dump_stack_lvl+0x16c/0x1f0 [ 239.831063][ T9595] should_fail_ex+0x512/0x640 [ 239.831097][ T9595] _copy_to_user+0x32/0xd0 [ 239.831131][ T9595] simple_read_from_buffer+0xcb/0x170 [ 239.831174][ T9595] proc_fail_nth_read+0x197/0x270 [ 239.831218][ T9595] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 239.831258][ T9595] ? rw_verify_area+0xcf/0x680 [ 239.831299][ T9595] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 239.831337][ T9595] vfs_read+0x1e4/0xc60 [ 239.831367][ T9595] ? __pfx___mutex_lock+0x10/0x10 [ 239.831396][ T9595] ? __pfx_vfs_read+0x10/0x10 [ 239.831430][ T9595] ? __fget_files+0x20e/0x3c0 [ 239.831465][ T9595] ksys_read+0x12a/0x250 [ 239.831490][ T9595] ? __pfx_ksys_read+0x10/0x10 [ 239.831517][ T9595] ? fput+0x70/0xf0 [ 239.831554][ T9595] do_syscall_64+0xcd/0x490 [ 239.831584][ T9595] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.831611][ T9595] RIP: 0033:0x7fb77fd8d3bc [ 239.831632][ T9595] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 239.831655][ T9595] RSP: 002b:00007fb780b55030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 239.831679][ T9595] RAX: ffffffffffffffda RBX: 00007fb77ffb5fa0 RCX: 00007fb77fd8d3bc [ 239.831695][ T9595] RDX: 000000000000000f RSI: 00007fb780b550a0 RDI: 0000000000000005 [ 239.831709][ T9595] RBP: 00007fb780b55090 R08: 0000000000000000 R09: 0000000000000000 [ 239.831724][ T9595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 239.831738][ T9595] R13: 0000000000000000 R14: 00007fb77ffb5fa0 R15: 00007ffd8981b208 [ 239.831771][ T9595] [ 240.046012][ T9603] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1176'. [ 240.056372][ T9603] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1176'. syzkaller syzkaller login: [ 240.813226][ T9630] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1184'. [ 240.830237][ T9630] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1184'. [ 240.885891][ T9636] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1186'. [ 240.915727][ T9636] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1186'. syzkaller syzkaller login: [ 242.481392][ T9668] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1195'. [ 242.504253][ T9668] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1195'. [ 242.794268][ T9683] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1197'. [ 242.804817][ T9683] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1197'. syzkaller syzkaller login: [ 245.203045][ T9740] __nla_validate_parse: 5 callbacks suppressed [ 245.203066][ T9740] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1216'. [ 246.060498][ T9759] FAULT_INJECTION: forcing a failure. [ 246.060498][ T9759] name failslab, interval 1, probability 0, space 0, times 0 [ 246.116103][ T9759] CPU: 0 UID: 0 PID: 9759 Comm: syz.0.1221 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 246.116134][ T9759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 246.116165][ T9759] Call Trace: [ 246.116172][ T9759] [ 246.116183][ T9759] dump_stack_lvl+0x16c/0x1f0 [ 246.116210][ T9759] should_fail_ex+0x512/0x640 [ 246.116233][ T9759] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 246.116260][ T9759] should_failslab+0xc2/0x120 [ 246.116287][ T9759] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 246.116311][ T9759] ? security_file_alloc+0x34/0x2b0 [ 246.116352][ T9759] security_file_alloc+0x34/0x2b0 [ 246.116389][ T9759] init_file+0x93/0x4c0 [ 246.116417][ T9759] alloc_empty_file+0x73/0x1e0 [ 246.116448][ T9759] path_openat+0xda/0x2cb0 [ 246.116468][ T9759] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.116501][ T9759] ? __pfx_path_openat+0x10/0x10 [ 246.116537][ T9759] ? __lock_acquire+0xb8a/0x1c90 [ 246.116570][ T9759] do_filp_open+0x20b/0x470 [ 246.116595][ T9759] ? __pfx_do_filp_open+0x10/0x10 [ 246.116652][ T9759] ? alloc_fd+0x471/0x7d0 [ 246.116699][ T9759] do_sys_openat2+0x11b/0x1d0 [ 246.116732][ T9759] ? __pfx_do_sys_openat2+0x10/0x10 [ 246.116767][ T9759] ? __fget_files+0x20e/0x3c0 [ 246.116793][ T9759] __x64_sys_openat+0x174/0x210 [ 246.116826][ T9759] ? __pfx___x64_sys_openat+0x10/0x10 [ 246.116858][ T9759] ? ksys_write+0x1ac/0x250 [ 246.116890][ T9759] do_syscall_64+0xcd/0x490 [ 246.116917][ T9759] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.116946][ T9759] RIP: 0033:0x7fb77fd8d310 [ 246.116963][ T9759] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 246.116985][ T9759] RSP: 002b:00007fb780b54f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 246.117006][ T9759] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fb77fd8d310 [ 246.117021][ T9759] RDX: 0000000000000002 RSI: 00007fb780b54fa0 RDI: 00000000ffffff9c [ 246.117036][ T9759] RBP: 00007fb780b54fa0 R08: 0000000000000000 R09: 0000000000000000 [ 246.117050][ T9759] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 246.117063][ T9759] R13: 0000000000000001 R14: 00007fb77ffb5fa0 R15: 00007ffd8981b208 [ 246.117092][ T9759] [ 247.942575][ T9798] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1234'. [ 247.995386][ T9803] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1234'. [ 248.384429][ T9809] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1236'. [ 249.126588][ T9825] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1241'. [ 249.184284][ T9828] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1241'. [ 249.292192][ T9830] mmap: syz.1.1242 (9830) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 250.246264][ T9860] FAULT_INJECTION: forcing a failure. [ 250.246264][ T9860] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 250.265094][ T9860] CPU: 1 UID: 0 PID: 9860 Comm: syz.0.1252 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 250.265132][ T9860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 250.265148][ T9860] Call Trace: [ 250.265156][ T9860] [ 250.265166][ T9860] dump_stack_lvl+0x16c/0x1f0 [ 250.265198][ T9860] should_fail_ex+0x512/0x640 [ 250.265231][ T9860] _copy_from_iter+0x29f/0x16f0 [ 250.265267][ T9860] ? __alloc_skb+0x200/0x380 [ 250.265294][ T9860] ? __pfx__copy_from_iter+0x10/0x10 [ 250.265328][ T9860] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 250.265373][ T9860] netlink_sendmsg+0x829/0xdd0 [ 250.265413][ T9860] ? __pfx_netlink_sendmsg+0x10/0x10 [ 250.265469][ T9860] ____sys_sendmsg+0xa95/0xc70 [ 250.265508][ T9860] ? copy_msghdr_from_user+0x10a/0x160 [ 250.265538][ T9860] ? __pfx_____sys_sendmsg+0x10/0x10 [ 250.265581][ T9860] ? __pfx__kstrtoull+0x10/0x10 [ 250.265627][ T9860] ___sys_sendmsg+0x134/0x1d0 [ 250.265658][ T9860] ? __pfx____sys_sendmsg+0x10/0x10 [ 250.265704][ T9860] ? find_held_lock+0x2b/0x80 [ 250.265756][ T9860] __sys_sendmmsg+0x200/0x420 [ 250.265790][ T9860] ? __pfx___sys_sendmmsg+0x10/0x10 [ 250.265832][ T9860] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 250.265877][ T9860] ? fput+0x70/0xf0 [ 250.265909][ T9860] ? ksys_write+0x1ac/0x250 [ 250.265935][ T9860] ? __pfx_ksys_write+0x10/0x10 [ 250.265967][ T9860] __x64_sys_sendmmsg+0x9c/0x100 [ 250.266005][ T9860] ? lockdep_hardirqs_on+0x7c/0x110 [ 250.266029][ T9860] do_syscall_64+0xcd/0x490 [ 250.266058][ T9860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.266084][ T9860] RIP: 0033:0x7fb77fd8e9a9 [ 250.266103][ T9860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 250.266126][ T9860] RSP: 002b:00007fb780b55038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 250.266149][ T9860] RAX: ffffffffffffffda RBX: 00007fb77ffb5fa0 RCX: 00007fb77fd8e9a9 [ 250.266166][ T9860] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 250.266180][ T9860] RBP: 00007fb780b55090 R08: 0000000000000000 R09: 0000000000000000 [ 250.266197][ T9860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 250.266211][ T9860] R13: 0000000000000000 R14: 00007fb77ffb5fa0 R15: 00007ffd8981b208 [ 250.266245][ T9860] [ 250.772806][ T9866] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1253'. [ 250.835816][ T9863] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1253'. [ 251.426885][ T9889] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1260'. [ 251.442711][ T9889] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1260'. [ 252.104409][ T9904] syz.1.1265 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 252.274640][ T9916] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1266'. [ 252.357839][ T9916] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1266'. [ 253.734346][ T9949] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1277'. [ 253.840617][ T9956] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1279'. [ 253.868509][ T9956] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1279'. [ 254.082353][ T9961] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1282'. [ 254.543354][ T9991] FAULT_INJECTION: forcing a failure. [ 254.543354][ T9991] name failslab, interval 1, probability 0, space 0, times 0 [ 254.658034][ T9991] CPU: 0 UID: 0 PID: 9991 Comm: syz.2.1286 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 254.658074][ T9991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 254.658091][ T9991] Call Trace: [ 254.658100][ T9991] [ 254.658119][ T9991] dump_stack_lvl+0x16c/0x1f0 [ 254.658154][ T9991] should_fail_ex+0x512/0x640 [ 254.658185][ T9991] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 254.658222][ T9991] should_failslab+0xc2/0x120 [ 254.658258][ T9991] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 254.658300][ T9991] ? __alloc_skb+0x2b2/0x380 [ 254.658330][ T9991] __alloc_skb+0x2b2/0x380 [ 254.658355][ T9991] ? __pfx___alloc_skb+0x10/0x10 [ 254.658386][ T9991] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 254.658425][ T9991] netlink_alloc_large_skb+0x69/0x130 [ 254.658460][ T9991] netlink_sendmsg+0x6a1/0xdd0 [ 254.658499][ T9991] ? __pfx_netlink_sendmsg+0x10/0x10 [ 254.658547][ T9991] ____sys_sendmsg+0xa95/0xc70 [ 254.658584][ T9991] ? copy_msghdr_from_user+0x10a/0x160 [ 254.658612][ T9991] ? __pfx_____sys_sendmsg+0x10/0x10 [ 254.658655][ T9991] ? __pfx__kstrtoull+0x10/0x10 [ 254.658701][ T9991] ___sys_sendmsg+0x134/0x1d0 [ 254.658732][ T9991] ? __pfx____sys_sendmsg+0x10/0x10 [ 254.658777][ T9991] ? find_held_lock+0x2b/0x80 [ 254.658829][ T9991] __sys_sendmmsg+0x200/0x420 [ 254.658862][ T9991] ? __pfx___sys_sendmmsg+0x10/0x10 [ 254.658902][ T9991] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 254.658947][ T9991] ? fput+0x70/0xf0 [ 254.658979][ T9991] ? ksys_write+0x1ac/0x250 [ 254.659002][ T9991] ? __pfx_ksys_write+0x10/0x10 [ 254.659032][ T9991] __x64_sys_sendmmsg+0x9c/0x100 [ 254.659059][ T9991] ? lockdep_hardirqs_on+0x7c/0x110 [ 254.659084][ T9991] do_syscall_64+0xcd/0x490 [ 254.659121][ T9991] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.659148][ T9991] RIP: 0033:0x7fa45778e9a9 [ 254.659168][ T9991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 254.659193][ T9991] RSP: 002b:00007fa4585ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 254.659216][ T9991] RAX: ffffffffffffffda RBX: 00007fa4579b5fa0 RCX: 00007fa45778e9a9 [ 254.659233][ T9991] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 254.659247][ T9991] RBP: 00007fa4585ad090 R08: 0000000000000000 R09: 0000000000000000 [ 254.659262][ T9991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 254.659277][ T9991] R13: 0000000000000000 R14: 00007fa4579b5fa0 R15: 00007ffd7bd53448 [ 254.659310][ T9991] [ 254.946065][ T9976] cgroup: fork rejected by pids controller in /syz0 [ 256.510360][T10168] sg_write: process 913 (syz.2.1294) changed security contexts after opening file descriptor, this is not allowed. [ 256.874930][T10177] __nla_validate_parse: 3 callbacks suppressed [ 256.874952][T10177] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1297'. [ 259.289966][T10214] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1306'. [ 259.338272][T10214] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1306'. [ 259.714184][T10224] FAULT_INJECTION: forcing a failure. [ 259.714184][T10224] name failslab, interval 1, probability 0, space 0, times 0 [ 259.768715][T10224] CPU: 0 UID: 0 PID: 10224 Comm: syz.3.1309 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 259.768754][T10224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 259.768771][T10224] Call Trace: [ 259.768779][T10224] [ 259.768790][T10224] dump_stack_lvl+0x16c/0x1f0 [ 259.768824][T10224] should_fail_ex+0x512/0x640 [ 259.768854][T10224] ? __kmalloc_node_noprof+0xc5/0x500 [ 259.768888][T10224] should_failslab+0xc2/0x120 [ 259.768922][T10224] __kmalloc_node_noprof+0xd8/0x500 [ 259.768953][T10224] ? alloc_slab_obj_exts+0x41/0xa0 [ 259.769001][T10224] alloc_slab_obj_exts+0x41/0xa0 [ 259.769061][T10224] __memcg_slab_post_alloc_hook+0x255/0x960 [ 259.769103][T10224] ? kasan_save_track+0x14/0x30 [ 259.769134][T10224] kmem_cache_alloc_node_noprof+0x312/0x3b0 [ 259.769163][T10224] ? __alloc_skb+0x2b2/0x380 [ 259.769194][T10224] __alloc_skb+0x2b2/0x380 [ 259.769220][T10224] ? __pfx___alloc_skb+0x10/0x10 [ 259.769246][T10224] ? find_held_lock+0x2b/0x80 [ 259.769276][T10224] ? process_measurement+0x4a6/0x23e0 [ 259.769305][T10224] ? down_write+0x14d/0x200 [ 259.769340][T10224] alloc_skb_with_frags+0xe0/0x860 [ 259.769374][T10224] ? aa_label_sk_perm+0x19b/0x5a0 [ 259.769419][T10224] sock_alloc_send_pskb+0x7fb/0x990 [ 259.769465][T10224] ? __lock_acquire+0x622/0x1c90 [ 259.769511][T10224] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 259.769574][T10224] unix_dgram_sendmsg+0x3e9/0x17a0 [ 259.769623][T10224] ? aa_sk_perm+0x2f4/0xb10 [ 259.769663][T10224] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 259.769706][T10224] ? __pfx_aa_sk_perm+0x10/0x10 [ 259.769762][T10224] ____sys_sendmsg+0xa95/0xc70 [ 259.769801][T10224] ? copy_msghdr_from_user+0x10a/0x160 [ 259.769829][T10224] ? __pfx_____sys_sendmsg+0x10/0x10 [ 259.769871][T10224] ? __pfx__kstrtoull+0x10/0x10 [ 259.769919][T10224] ___sys_sendmsg+0x134/0x1d0 [ 259.769950][T10224] ? __pfx____sys_sendmsg+0x10/0x10 [ 259.769996][T10224] ? find_held_lock+0x2b/0x80 [ 259.770058][T10224] __sys_sendmmsg+0x200/0x420 [ 259.770093][T10224] ? __pfx___sys_sendmmsg+0x10/0x10 [ 259.770134][T10224] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 259.770177][T10224] ? fput+0x70/0xf0 [ 259.770209][T10224] ? ksys_write+0x1ac/0x250 [ 259.770234][T10224] ? __pfx_ksys_write+0x10/0x10 [ 259.770266][T10224] __x64_sys_sendmmsg+0x9c/0x100 [ 259.770295][T10224] ? lockdep_hardirqs_on+0x7c/0x110 [ 259.770321][T10224] do_syscall_64+0xcd/0x490 [ 259.770352][T10224] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.770380][T10224] RIP: 0033:0x7fa241f8e9a9 [ 259.770401][T10224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 259.770426][T10224] RSP: 002b:00007fa23fdf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 259.770450][T10224] RAX: ffffffffffffffda RBX: 00007fa2421b5fa0 RCX: 00007fa241f8e9a9 [ 259.770467][T10224] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 259.770481][T10224] RBP: 00007fa23fdf6090 R08: 0000000000000000 R09: 0000000000000000 [ 259.770496][T10224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 259.770510][T10224] R13: 0000000000000000 R14: 00007fa2421b5fa0 R15: 00007ffc8ae59e08 [ 259.770544][T10224] [ 260.697645][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.706984][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.110139][T10244] block nbd7: not configured, cannot reconfigure [ 262.212142][T10235] ptrace attach of "./syz-executor exec"[5845] was attempted by "./syz-executor exec"[10235] [ 262.832572][T10259] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1317'. [ 262.884345][T10261] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1317'. [ 262.949189][ T5853] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 262.998191][T10265] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1320'. [ 263.052674][T10265] macsec0: entered allmulticast mode [ 263.058023][T10265] veth1_macvtap: entered allmulticast mode [ 264.794605][T10280] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1318'. [ 265.190909][T10291] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1318'. [ 265.240154][T10307] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1329'. [ 265.292414][T10309] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1329'. [ 265.516032][T10312] FAULT_INJECTION: forcing a failure. [ 265.516032][T10312] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 265.642211][T10312] CPU: 0 UID: 0 PID: 10312 Comm: syz.1.1330 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 265.642247][T10312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 265.642262][T10312] Call Trace: [ 265.642271][T10312] [ 265.642281][T10312] dump_stack_lvl+0x16c/0x1f0 [ 265.642312][T10312] should_fail_ex+0x512/0x640 [ 265.642346][T10312] _copy_from_iter+0x29f/0x16f0 [ 265.642380][T10312] ? __alloc_skb+0x200/0x380 [ 265.642413][T10312] ? __pfx__copy_from_iter+0x10/0x10 [ 265.642447][T10312] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 265.642491][T10312] netlink_sendmsg+0x829/0xdd0 [ 265.642529][T10312] ? __pfx_netlink_sendmsg+0x10/0x10 [ 265.642575][T10312] ____sys_sendmsg+0xa95/0xc70 [ 265.642614][T10312] ? copy_msghdr_from_user+0x10a/0x160 [ 265.642641][T10312] ? __pfx_____sys_sendmsg+0x10/0x10 [ 265.642695][T10312] ___sys_sendmsg+0x134/0x1d0 [ 265.642726][T10312] ? __pfx____sys_sendmsg+0x10/0x10 [ 265.642751][T10312] ? __lock_acquire+0x622/0x1c90 [ 265.642832][T10312] __sys_sendmsg+0x16d/0x220 [ 265.642863][T10312] ? __pfx___sys_sendmsg+0x10/0x10 [ 265.642914][T10312] do_syscall_64+0xcd/0x490 [ 265.642945][T10312] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.642971][T10312] RIP: 0033:0x7f410938e9a9 [ 265.642991][T10312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 265.643017][T10312] RSP: 002b:00007f410a182038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 265.643041][T10312] RAX: ffffffffffffffda RBX: 00007f41095b5fa0 RCX: 00007f410938e9a9 [ 265.643058][T10312] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003 [ 265.643073][T10312] RBP: 00007f410a182090 R08: 0000000000000000 R09: 0000000000000000 [ 265.643088][T10312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 265.643103][T10312] R13: 0000000000000000 R14: 00007f41095b5fa0 R15: 00007ffcce045b88 [ 265.643137][T10312] [ 268.587990][T10347] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1342'. [ 268.658802][T10348] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1342'. [ 269.851465][T10356] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1344'. [ 269.903851][T10358] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1344'. [ 271.954844][T10382] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1352'. [ 272.242085][T10389] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1354'. [ 272.482366][T10394] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1355'. [ 272.543761][T10386] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1354'. [ 272.612454][T10395] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1355'. [ 274.810171][T10425] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1364'. [ 274.872268][T10426] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1364'. [ 274.995916][T10430] FAULT_INJECTION: forcing a failure. [ 274.995916][T10430] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 275.042460][T10430] CPU: 0 UID: 0 PID: 10430 Comm: syz.1.1365 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 275.042498][T10430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 275.042514][T10430] Call Trace: [ 275.042523][T10430] [ 275.042534][T10430] dump_stack_lvl+0x16c/0x1f0 [ 275.042568][T10430] should_fail_ex+0x512/0x640 [ 275.042603][T10430] _copy_from_iter+0x29f/0x16f0 [ 275.042640][T10430] ? __alloc_skb+0x200/0x380 [ 275.042667][T10430] ? __pfx__copy_from_iter+0x10/0x10 [ 275.042702][T10430] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 275.042749][T10430] netlink_sendmsg+0x829/0xdd0 [ 275.042791][T10430] ? __pfx_netlink_sendmsg+0x10/0x10 [ 275.042839][T10430] ____sys_sendmsg+0xa95/0xc70 [ 275.042878][T10430] ? copy_msghdr_from_user+0x10a/0x160 [ 275.042908][T10430] ? __pfx_____sys_sendmsg+0x10/0x10 [ 275.042963][T10430] ___sys_sendmsg+0x134/0x1d0 [ 275.042995][T10430] ? __pfx____sys_sendmsg+0x10/0x10 [ 275.043023][T10430] ? __lock_acquire+0x622/0x1c90 [ 275.043115][T10430] __sys_sendmsg+0x16d/0x220 [ 275.043146][T10430] ? __pfx___sys_sendmsg+0x10/0x10 [ 275.043202][T10430] do_syscall_64+0xcd/0x490 [ 275.043234][T10430] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.043263][T10430] RIP: 0033:0x7f410938e9a9 [ 275.043285][T10430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 275.043311][T10430] RSP: 002b:00007f410a182038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 275.043337][T10430] RAX: ffffffffffffffda RBX: 00007f41095b5fa0 RCX: 00007f410938e9a9 [ 275.043354][T10430] RDX: 0000000008018880 RSI: 0000200000001400 RDI: 0000000000000003 [ 275.043370][T10430] RBP: 00007f410a182090 R08: 0000000000000000 R09: 0000000000000000 [ 275.043385][T10430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 275.043400][T10430] R13: 0000000000000000 R14: 00007f41095b5fa0 R15: 00007ffcce045b88 [ 275.043435][T10430] [ 276.465029][T10452] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1371'. [ 276.565688][T10454] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1371'. [ 276.601372][T10440] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1370'. [ 276.930044][T10315] syz.1.1331 (10315) used greatest stack depth: 19432 bytes left [ 278.676377][T10482] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1375'. [ 278.686879][T10482] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1375'. [ 279.646602][T10505] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1382'. [ 279.669011][ T9982] syz.0.1285 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 279.672114][T10505] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1382'. [ 280.132204][T10523] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1384'. [ 280.257449][T10525] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1384'. [ 280.349074][ T9982] CPU: 0 UID: 0 PID: 9982 Comm: syz.0.1285 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 280.349113][ T9982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 280.349129][ T9982] Call Trace: [ 280.349138][ T9982] [ 280.349149][ T9982] dump_stack_lvl+0x16c/0x1f0 [ 280.349185][ T9982] dump_header+0x101/0x930 [ 280.349220][ T9982] oom_kill_process+0x270/0xa60 [ 280.349249][ T9982] ? mem_cgroup_out_of_memory+0x8e/0x130 [ 280.349296][ T9982] out_of_memory+0x350/0x1700 [ 280.349336][ T9982] ? __pfx_out_of_memory+0x10/0x10 [ 280.349380][ T9982] mem_cgroup_out_of_memory+0x118/0x130 [ 280.349424][ T9982] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 280.349485][ T9982] ? do_raw_spin_unlock+0x172/0x230 [ 280.349520][ T9982] try_charge_memcg+0x72b/0xd50 [ 280.349562][ T9982] ? __pfx_try_charge_memcg+0x10/0x10 [ 280.349597][ T9982] ? __print_lock_name+0x41/0xe0 [ 280.349630][ T9982] ? rcu_read_unlock+0x17/0x60 [ 280.349677][ T9982] charge_memcg+0x8a/0x230 [ 280.349713][ T9982] __mem_cgroup_charge+0x2b/0x1e0 [ 280.349754][ T9982] shmem_alloc_and_add_folio+0x514/0xc20 [ 280.349813][ T9982] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 280.349869][ T9982] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 280.349906][ T9982] shmem_get_folio_gfp+0x67f/0x1600 [ 280.349944][ T9982] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 280.349977][ T9982] ? filemap_map_pages+0xf6f/0x1680 [ 280.350031][ T9982] shmem_fault+0x1fe/0xa30 [ 280.350073][ T9982] ? __lock_acquire+0x622/0x1c90 [ 280.350114][ T9982] ? __pfx_shmem_fault+0x10/0x10 [ 280.350149][ T9982] ? __pfx_filemap_map_pages+0x10/0x10 [ 280.350193][ T9982] __do_fault+0x10a/0x490 [ 280.350229][ T9982] __handle_mm_fault+0x3c2a/0x5490 [ 280.350286][ T9982] ? __pfx___handle_mm_fault+0x10/0x10 [ 280.350334][ T9982] ? __pte_offset_map_lock+0x174/0x310 [ 280.350371][ T9982] ? find_held_lock+0x2b/0x80 [ 280.350400][ T9982] ? find_held_lock+0x2b/0x80 [ 280.350441][ T9982] ? follow_page_pte+0x3af/0x14c0 [ 280.350498][ T9982] handle_mm_fault+0x589/0xd10 [ 280.350552][ T9982] __get_user_pages+0x589/0x3b80 [ 280.350610][ T9982] ? __pfx___get_user_pages+0x10/0x10 [ 280.350654][ T9982] ? __kernel_write_iter+0x5a5/0xa90 [ 280.350692][ T9982] get_dump_page+0x257/0x3d0 [ 280.350734][ T9982] ? __pfx_get_dump_page+0x10/0x10 [ 280.350777][ T9982] ? dump_user_range+0x745/0xb60 [ 280.350831][ T9982] dump_user_range+0x195/0xb60 [ 280.350881][ T9982] ? __pfx_dump_user_range+0x10/0x10 [ 280.350935][ T9982] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 280.351001][ T9982] ? __pfx_writenote+0x10/0x10 [ 280.351056][ T9982] elf_core_dump+0x288a/0x3a90 [ 280.351121][ T9982] ? __pfx_elf_core_dump+0x10/0x10 [ 280.351164][ T9982] ? kasan_save_stack+0x42/0x60 [ 280.351191][ T9982] ? kasan_save_stack+0x33/0x60 [ 280.351218][ T9982] ? kasan_save_track+0x14/0x30 [ 280.351244][ T9982] ? __kasan_kmalloc+0xaa/0xb0 [ 280.351271][ T9982] ? do_coredump+0x1c9a/0x4f10 [ 280.351316][ T9982] ? get_signal+0x22e3/0x26d0 [ 280.351345][ T9982] ? arch_do_signal_or_restart+0x8f/0x790 [ 280.351385][ T9982] ? 0xffffffffff600000 [ 280.351469][ T9982] ? do_coredump+0x399c/0x4f10 [ 280.351509][ T9982] do_coredump+0x399c/0x4f10 [ 280.351560][ T9982] ? __pfx_do_coredump+0x10/0x10 [ 280.351599][ T9982] ? find_held_lock+0x2b/0x80 [ 280.351628][ T9982] ? is_bpf_text_address+0x8a/0x1a0 [ 280.351672][ T9982] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 280.351707][ T9982] ? is_bpf_text_address+0x94/0x1a0 [ 280.351746][ T9982] ? kernel_text_address+0x8d/0x100 [ 280.351772][ T9982] ? __kernel_text_address+0xd/0x40 [ 280.351797][ T9982] ? unwind_get_return_address+0x59/0xa0 [ 280.351864][ T9982] ? stack_depot_save_flags+0x28/0xa40 [ 280.351896][ T9982] ? __lock_acquire+0xb8a/0x1c90 [ 280.351938][ T9982] ? kasan_save_stack+0x42/0x60 [ 280.351963][ T9982] ? kasan_save_stack+0x33/0x60 [ 280.351988][ T9982] ? kasan_save_track+0x14/0x30 [ 280.352013][ T9982] ? kasan_save_free_info+0x3b/0x60 [ 280.352051][ T9982] ? __kasan_slab_free+0x51/0x70 [ 280.352078][ T9982] ? kmem_cache_free+0x2d1/0x4d0 [ 280.352102][ T9982] ? __sigqueue_free+0xba/0x2a0 [ 280.352139][ T9982] ? get_signal+0xcba/0x26d0 [ 280.352168][ T9982] ? arch_do_signal_or_restart+0x8f/0x790 [ 280.352251][ T9982] ? proc_coredump_connector+0x2d1/0x4f0 [ 280.352293][ T9982] ? __pfx_proc_coredump_connector+0x10/0x10 [ 280.352343][ T9982] ? rcu_is_watching+0x12/0xc0 [ 280.352378][ T9982] get_signal+0x22e3/0x26d0 [ 280.352424][ T9982] ? __pfx_get_signal+0x10/0x10 [ 280.352468][ T9982] arch_do_signal_or_restart+0x8f/0x790 [ 280.352510][ T9982] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 280.352553][ T9982] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 280.352597][ T9982] ? do_error_trap+0x214/0x240 [ 280.352637][ T9982] irqentry_exit_to_user_mode+0x12a/0x270 [ 280.352669][ T9982] asm_exc_invalid_op+0x1a/0x20 [ 280.352695][ T9982] RIP: 0033:0x13 [ 280.352713][ T9982] Code: Unable to access opcode bytes at 0xffffffffffffffe9. [ 280.352725][ T9982] RSP: 002b:0000000000000adb EFLAGS: 00010202 [ 280.352746][ T9982] RAX: 0000000000000000 RBX: 00007fb77ffb6320 RCX: 00007fb77fd8e9a9 [ 280.352761][ T9982] RDX: 0000000000000000 RSI: 0000000000000ad3 RDI: 0000000000003fff [ 280.352776][ T9982] RBP: 00007fb77fe10d69 R08: 0000000008000002 R09: 0000000000000000 [ 280.352790][ T9982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 280.352804][ T9982] R13: 0000000000000001 R14: 00007fb77ffb6320 R15: 00007ffd8981b208 [ 280.352838][ T9982] [ 281.080282][ T9982] memory: usage 307200kB, limit 307200kB, failcnt 23103 [ 281.132413][ T9982] memory+swap: usage 432064kB, limit 9007199254740988kB, failcnt 0 [ 281.204239][ T9982] kmem: usage 3668kB, limit 9007199254740988kB, failcnt 0 [ 281.289671][ T9982] Memory cgroup stats for /syz0: [ 281.289920][ T9982] cache 310288384 [ 281.298591][ T9982] rss 290816 [ 281.301862][ T9982] rss_huge 0 [ 281.305086][ T9982] shmem 310288384 [ 281.308741][ T9982] mapped_file 42016768 [ 281.312863][ T9982] dirty 0 [ 281.315844][ T9982] writeback 0 [ 281.327667][ T9982] workingset_refault_anon 182 [ 281.332451][ T9982] workingset_refault_file 60 [ 281.364797][ T9982] swap 127860736 [ 281.368402][ T9982] swapcached 114688 [ 281.503847][ T9982] pgpgin 255182 [ 281.507389][ T9982] pgpgout 179329 [ 281.510973][ T9982] pgfault 183085 [ 281.552765][ T9982] pgmajfault 76 [ 281.556288][ T9982] inactive_anon 142753792 [ 281.560660][ T9982] active_anon 167931904 [ 281.613326][ T9982] inactive_file 0 [ 281.617027][ T9982] active_file 0 [ 281.620511][ T9982] unevictable 0 [ 281.702990][ T9982] hierarchical_memory_limit 314572800 [ 281.708429][ T9982] hierarchical_memsw_limit 9223372036854771712 [ 281.737424][ T9982] total_cache 310288384 [ 281.742337][ T9982] total_rss 290816 [ 281.746102][ T9982] total_rss_huge 0 [ 281.749855][ T9982] total_shmem 310288384 [ 281.801251][ T9982] total_mapped_file 42016768 [ 281.805924][ T9982] total_dirty 0 [ 281.809413][ T9982] total_writeback 0 [ 281.832620][ T9982] total_workingset_refault_anon 182 [ 281.845835][ T9982] total_workingset_refault_file 60 [ 281.861298][ T9982] total_swap 127860736 [ 281.865404][ T9982] total_swapcached 114688 [ 281.869753][ T9982] total_pgpgin 255182 [ 281.879496][T10547] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1387'. [ 281.914907][T10547] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1387'. [ 281.951244][ T9982] total_pgpgout 179329 [ 281.955355][ T9982] total_pgfault 183085 [ 281.959456][ T9982] total_pgmajfault 76 [ 282.016073][ T9982] total_inactive_anon 142753792 [ 282.022109][ T9982] total_active_anon 167931904 [ 282.033593][ T9982] total_inactive_file 0 [ 282.046753][ T9982] total_active_file 0 [ 282.068033][ T9982] total_unevictable 0 [ 282.077307][ T9982] anon_cost 0 [ 282.080646][ T9982] file_cost 0 [ 282.087574][ T9982] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1285,pid=10008,uid=0 [ 282.117556][ T9982] Memory cgroup out of memory: Killed process 10008 (syz.0.1285) total-vm:164312kB, anon-rss:1080kB, file-rss:21668kB, shmem-rss:41088kB, UID:0 pgtables:256kB oom_score_adj:1000 [ 282.579486][T10564] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1395'. [ 282.583033][ T5853] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 282.588919][ T5853] Bluetooth: hci1: unexpected subevent 0x0e length: 725 > 15 [ 282.589893][T10564] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1395'. [ 282.596869][ T5853] Bluetooth: hci1: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 282.811515][T10563] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1393'. [ 283.957536][T10581] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1399'. [ 284.009466][T10583] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1399'. [ 284.308890][ T32] oom_reaper: reaped process 10008 (syz.0.1285), now anon-rss:88kB, file-rss:20548kB, shmem-rss:3304kB [ 285.164377][T10006] syz.0.1285 (10006) used greatest stack depth: 18984 bytes left [ 286.390371][T10600] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1404'. [ 286.442053][T10602] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1404'. [ 287.194677][T10620] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1410'. [ 287.313512][T10620] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1410'. [ 288.049630][T10636] FAULT_INJECTION: forcing a failure. [ 288.049630][T10636] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 288.088291][T10636] CPU: 1 UID: 0 PID: 10636 Comm: syz.3.1415 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 288.088328][T10636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 288.088343][T10636] Call Trace: [ 288.088352][T10636] [ 288.088362][T10636] dump_stack_lvl+0x16c/0x1f0 [ 288.088394][T10636] should_fail_ex+0x512/0x640 [ 288.088427][T10636] _copy_from_iter+0x29f/0x16f0 [ 288.088464][T10636] ? __alloc_skb+0x200/0x380 [ 288.088491][T10636] ? __pfx__copy_from_iter+0x10/0x10 [ 288.088525][T10636] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 288.088572][T10636] netlink_sendmsg+0x829/0xdd0 [ 288.088612][T10636] ? __pfx_netlink_sendmsg+0x10/0x10 [ 288.088660][T10636] ____sys_sendmsg+0xa95/0xc70 [ 288.088699][T10636] ? copy_msghdr_from_user+0x10a/0x160 [ 288.088727][T10636] ? __pfx_____sys_sendmsg+0x10/0x10 [ 288.088782][T10636] ___sys_sendmsg+0x134/0x1d0 [ 288.088813][T10636] ? __pfx____sys_sendmsg+0x10/0x10 [ 288.088839][T10636] ? __lock_acquire+0x622/0x1c90 [ 288.088919][T10636] __sys_sendmsg+0x16d/0x220 [ 288.088949][T10636] ? __pfx___sys_sendmsg+0x10/0x10 [ 288.089000][T10636] do_syscall_64+0xcd/0x490 [ 288.089040][T10636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.089066][T10636] RIP: 0033:0x7fa241f8e9a9 [ 288.089087][T10636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 288.089112][T10636] RSP: 002b:00007fa23fdf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 288.089137][T10636] RAX: ffffffffffffffda RBX: 00007fa2421b5fa0 RCX: 00007fa241f8e9a9 [ 288.089153][T10636] RDX: 0000000024008080 RSI: 000020000000a5c0 RDI: 0000000000000003 [ 288.089168][T10636] RBP: 00007fa23fdf6090 R08: 0000000000000000 R09: 0000000000000000 [ 288.089182][T10636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 288.089196][T10636] R13: 0000000000000000 R14: 00007fa2421b5fa0 R15: 00007ffc8ae59e08 [ 288.089228][T10636] [ 288.371444][ T9997] syz.0.1285 (9997) used greatest stack depth: 18008 bytes left [ 288.573425][T10647] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1418'. [ 288.597724][T10647] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1418'. [ 289.254255][T10664] aoe: can't write to that file. [ 289.308420][T10667] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1427'. [ 289.441794][T10671] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1423'. [ 289.597210][T10663] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1423'. [ 289.698627][T10685] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1430'. [ 290.996300][T10720] netlink: 'syz.3.1439': attribute type 2 has an invalid length. [ 291.048701][T10721] netlink: 'syz.3.1439': attribute type 2 has an invalid length. [ 292.274658][T10751] ================================================================== [ 292.282845][T10751] BUG: KASAN: slab-out-of-bounds in afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 292.291565][T10751] Read of size 1 at addr ffff888022aa45e7 by task syz.1.1448/10751 [ 292.299464][T10751] [ 292.301796][T10751] CPU: 0 UID: 0 PID: 10751 Comm: syz.1.1448 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 292.301828][T10751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 292.301842][T10751] Call Trace: [ 292.301849][T10751] [ 292.301858][T10751] dump_stack_lvl+0x116/0x1f0 [ 292.301886][T10751] print_report+0xcd/0x610 [ 292.301912][T10751] ? __virt_addr_valid+0x81/0x610 [ 292.301938][T10751] ? __phys_addr+0xe8/0x180 [ 292.301964][T10751] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 292.301998][T10751] kasan_report+0xe0/0x110 [ 292.302024][T10751] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 292.302060][T10751] afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 292.302091][T10751] ? __lock_acquire+0xb8a/0x1c90 [ 292.302128][T10751] ? __pfx_afs_proc_addr_prefs_write+0x10/0x10 [ 292.302162][T10751] ? find_held_lock+0x2b/0x80 [ 292.302185][T10751] ? __might_fault+0xe3/0x190 [ 292.302207][T10751] ? __might_fault+0xe3/0x190 [ 292.302227][T10751] ? __might_fault+0x13b/0x190 [ 292.302256][T10751] ? proc_simple_write+0x117/0x1b0 [ 292.302284][T10751] proc_simple_write+0x117/0x1b0 [ 292.302312][T10751] ? __pfx_proc_simple_write+0x10/0x10 [ 292.302341][T10751] proc_reg_write+0x23d/0x330 [ 292.302365][T10751] ? __pfx_proc_reg_write+0x10/0x10 [ 292.302387][T10751] vfs_writev+0x5dc/0xde0 [ 292.302423][T10751] ? __pfx___mutex_trylock_common+0x10/0x10 [ 292.302461][T10751] ? __pfx_vfs_writev+0x10/0x10 [ 292.302497][T10751] ? __mutex_lock+0x1ca/0xb90 [ 292.302520][T10751] ? kmem_cache_free+0x2d1/0x4d0 [ 292.302544][T10751] ? __pfx___mutex_lock+0x10/0x10 [ 292.302573][T10751] ? __fget_files+0x20e/0x3c0 [ 292.302596][T10751] ? do_writev+0x132/0x340 [ 292.302631][T10751] do_writev+0x132/0x340 [ 292.302666][T10751] ? __pfx_do_writev+0x10/0x10 [ 292.302706][T10751] do_syscall_64+0xcd/0x490 [ 292.302737][T10751] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.302761][T10751] RIP: 0033:0x7f410938e9a9 [ 292.302780][T10751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 292.302803][T10751] RSP: 002b:00007f410a161038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 292.302823][T10751] RAX: ffffffffffffffda RBX: 00007f41095b6080 RCX: 00007f410938e9a9 [ 292.302838][T10751] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000005 [ 292.302853][T10751] RBP: 00007f4109410d69 R08: 0000000000000000 R09: 0000000000000000 [ 292.302867][T10751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 292.302881][T10751] R13: 0000000000000000 R14: 00007f41095b6080 R15: 00007ffcce045b88 [ 292.302903][T10751] [ 292.302911][T10751] [ 292.562736][T10751] Allocated by task 10751: [ 292.567161][T10751] kasan_save_stack+0x33/0x60 [ 292.571877][T10751] kasan_save_track+0x14/0x30 [ 292.576578][T10751] __kasan_kmalloc+0xaa/0xb0 [ 292.581180][T10751] __kmalloc_node_track_caller_noprof+0x221/0x510 [ 292.587624][T10751] memdup_user_nul+0x2b/0x120 [ 292.592361][T10751] proc_simple_write+0xc7/0x1b0 [ 292.597236][T10751] proc_reg_write+0x23d/0x330 [ 292.601934][T10751] vfs_writev+0x5dc/0xde0 [ 292.606291][T10751] do_writev+0x132/0x340 [ 292.610563][T10751] do_syscall_64+0xcd/0x490 [ 292.615089][T10751] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.621012][T10751] [ 292.623342][T10751] The buggy address belongs to the object at ffff888022aa45e0 [ 292.623342][T10751] which belongs to the cache kmalloc-8 of size 8 [ 292.637062][T10751] The buggy address is located 0 bytes to the right of [ 292.637062][T10751] allocated 7-byte region [ffff888022aa45e0, ffff888022aa45e7) [ 292.651400][T10751] [ 292.653738][T10751] The buggy address belongs to the physical page: [ 292.660165][T10751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x22aa4 [ 292.668938][T10751] anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 292.676509][T10751] page_type: f5(slab) [ 292.680507][T10751] raw: 00fff00000000000 ffff88801b841500 0000000000000000 dead000000000001 [ 292.689110][T10751] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 292.697729][T10751] page dumped because: kasan: bad access detected [ 292.704187][T10751] page_owner tracks the page as allocated [ 292.709935][T10751] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 3509951087, free_ts 0 [ 292.727506][T10751] post_alloc_hook+0x1c0/0x230 [ 292.732311][T10751] get_page_from_freelist+0x1321/0x3890 [ 292.737882][T10751] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 292.743805][T10751] alloc_pages_mpol+0x1fb/0x550 [ 292.748677][T10751] new_slab+0x23b/0x330 [ 292.752863][T10751] ___slab_alloc+0xd9c/0x1940 [ 292.757570][T10751] __slab_alloc.constprop.0+0x56/0xb0 [ 292.762991][T10751] __kmalloc_noprof+0x2f2/0x510 [ 292.767879][T10751] acpi_ut_create_package_object+0x13f/0x220 [ 292.773890][T10751] acpi_ut_copy_eobject_to_iobject+0x2b5/0x950 [ 292.780063][T10751] acpi_evaluate_object+0x4e0/0xa90 [ 292.785285][T10751] acpi_evaluate_dsm+0x194/0x290 [ 292.790267][T10751] pci_acpi_setup+0x14e/0x6e0 [ 292.794983][T10751] acpi_device_notify+0x27e/0x480 [ 292.800037][T10751] device_add+0x2a8/0x1a70 [ 292.804477][T10751] pci_device_add+0x793/0x1360 [ 292.809264][T10751] page_owner free stack trace missing [ 292.814632][T10751] [ 292.816962][T10751] Memory state around the buggy address: [ 292.822601][T10751] ffff888022aa4480: 05 fc fc fc 05 fc fc fc fa fc fc fc fa fc fc fc [ 292.830667][T10751] ffff888022aa4500: 05 fc fc fc 05 fc fc fc fa fc fc fc fa fc fc fc [ 292.838741][T10751] >ffff888022aa4580: 05 fc fc fc 05 fc fc fc fa fc fc fc 07 fc fc fc [ 292.846816][T10751] ^ [ 292.854019][T10751] ffff888022aa4600: 05 fc fc fc 05 fc fc fc 05 fc fc fc 05 fc fc fc [ 292.862087][T10751] ffff888022aa4680: 05 fc fc fc 05 fc fc fc fa fc fc fc fa fc fc fc [ 292.870152][T10751] ================================================================== [ 292.991399][T10751] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 292.998657][T10751] CPU: 1 UID: 0 PID: 10751 Comm: syz.1.1448 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 293.010753][T10751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 293.020839][T10751] Call Trace: [ 293.024140][T10751] [ 293.027097][T10751] dump_stack_lvl+0x3d/0x1f0 [ 293.031737][T10751] panic+0x71c/0x800 [ 293.035679][T10751] ? __pfx_panic+0x10/0x10 [ 293.040149][T10751] ? mark_held_locks+0x49/0x80 [ 293.044969][T10751] ? preempt_schedule_thunk+0x16/0x30 [ 293.050388][T10751] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 293.056412][T10751] ? preempt_schedule_common+0x44/0xc0 [ 293.061964][T10751] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 293.067986][T10751] check_panic_on_warn+0xab/0xb0 [ 293.072984][T10751] end_report+0x107/0x170 [ 293.077367][T10751] kasan_report+0xee/0x110 [ 293.081836][T10751] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 293.087882][T10751] afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 293.093741][T10751] ? __lock_acquire+0xb8a/0x1c90 [ 293.098729][T10751] ? __pfx_afs_proc_addr_prefs_write+0x10/0x10 [ 293.104940][T10751] ? find_held_lock+0x2b/0x80 [ 293.109666][T10751] ? __might_fault+0xe3/0x190 [ 293.114387][T10751] ? __might_fault+0xe3/0x190 [ 293.119117][T10751] ? __might_fault+0x13b/0x190 [ 293.123943][T10751] ? proc_simple_write+0x117/0x1b0 [ 293.129113][T10751] proc_simple_write+0x117/0x1b0 [ 293.134113][T10751] ? __pfx_proc_simple_write+0x10/0x10 [ 293.139631][T10751] proc_reg_write+0x23d/0x330 [ 293.144367][T10751] ? __pfx_proc_reg_write+0x10/0x10 [ 293.149618][T10751] vfs_writev+0x5dc/0xde0 [ 293.154017][T10751] ? __pfx___mutex_trylock_common+0x10/0x10 [ 293.159989][T10751] ? __pfx_vfs_writev+0x10/0x10 [ 293.164906][T10751] ? __mutex_lock+0x1ca/0xb90 [ 293.169643][T10751] ? kmem_cache_free+0x2d1/0x4d0 [ 293.174636][T10751] ? __pfx___mutex_lock+0x10/0x10 [ 293.179749][T10751] ? __fget_files+0x20e/0x3c0 [ 293.184473][T10751] ? do_writev+0x132/0x340 [ 293.188950][T10751] do_writev+0x132/0x340 [ 293.193240][T10751] ? __pfx_do_writev+0x10/0x10 [ 293.198057][T10751] do_syscall_64+0xcd/0x490 [ 293.202595][T10751] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 293.208519][T10751] RIP: 0033:0x7f410938e9a9 [ 293.212971][T10751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 293.232614][T10751] RSP: 002b:00007f410a161038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 293.241064][T10751] RAX: ffffffffffffffda RBX: 00007f41095b6080 RCX: 00007f410938e9a9 [ 293.249065][T10751] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000005 [ 293.257066][T10751] RBP: 00007f4109410d69 R08: 0000000000000000 R09: 0000000000000000 [ 293.265071][T10751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 293.273073][T10751] R13: 0000000000000000 R14: 00007f41095b6080 R15: 00007ffcce045b88 [ 293.281096][T10751] [ 293.284493][T10751] Kernel Offset: disabled [ 293.288828][T10751] Rebooting in 86400 seconds..