last executing test programs: 9.001836996s ago: executing program 3 (id=800): r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/event1\x00', 0x40, 0x0) setsockopt$auto_SO_SNDTIMEO_OLD(r0, 0xff, 0x15, &(0x7f0000000040)='*$[*\x00', 0x2) ioctl$auto(r0, 0x5, r0) capget$auto(&(0x7f0000000080)={0xffffffff, 0xffffffffffffffff}, &(0x7f00000000c0)={0x81, 0x6f5, 0x7}) r2 = prctl$auto_PR_SET_MM_ENV_END(0xffffffff, 0xb, r1, 0x2, 0x8) r3 = openat$auto_supply_map_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x40081, 0x0) ioctl$auto_FS_IOC_FSSETXATTR(r3, 0x401c5820, 0x81) ioctl$auto_RNDGETENTCNT2(r2, 0x80045200, &(0x7f0000000140)=0x4) getsockopt$auto_SO_PEERNAME(0xffffffffffffffff, 0x83f7, 0x1c, &(0x7f0000000180)='*$[*\x00', &(0x7f00000001c0)=0x1) r4 = eventfd2$auto(0x0, 0x3) capget$auto(&(0x7f0000000200)={0x68, r1}, &(0x7f0000000240)={0x7, 0x1, 0x7f}) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000002c0), r2) sendmsg$auto_NL80211_CMD_SET_REKEY_OFFLOAD(r0, &(0x7f0000000640)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000600)={&(0x7f0000000300)={0x2d4, r5, 0x4, 0x70bd2a, 0x25dfdbfb, {}, [@NL80211_ATTR_MLO_LINK_DISABLED={0x4}, @NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0x2}, @NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_WIPHY_RTS_THRESHOLD={0x8, 0x40, 0x5}, @NL80211_ATTR_PMK={0x33, 0xfe, "e251ec214869195bf30fe145a313bf55904705895ed1f638fbf3aef4a1367ab1039c5a562825fc68a8b7c4db8b0734"}, @NL80211_ATTR_KEY={0x272, 0x50, 0x0, 0x1, [@typed={0x8, 0x9c, 0x0, 0x0, @fd=r2}, @generic="7d913ea7fa956984d9df5fa2858f93322da7dcb30d5219ceec5a66b88e59777382503fdfb149139c9a9968ac28bbf0bcfa1ee5a936f671e13aae2d918302b0", @typed={0x8, 0x24, 0x0, 0x0, @pid=r1}, @typed={0x8, 0x93, 0x0, 0x0, @ipv4=@local}, @typed={0x9, 0x46, 0x0, 0x0, @str='*$[*\x00'}, @generic="008183bc4d85327f0a30aa631b49112ffc57ad17be76bf61f232fd52d6fbec1927239706066f4d53336c17692dd4b43dcd95d6144d3aed03bd46e286d4bc65d556a40d31910761d0a680e0", @typed={0x2c, 0xc8, 0x0, 0x0, @binary="74323c6a237b48b32ad4cd130348edd349e385a3690629b177d7fd95a996586c5c179ab03fec2eef"}, @nested={0x18b, 0x52, 0x0, 0x1, [@generic="4a231aeaa61abb284f956d5ea9598f49a5b48dd04f8cd091eaf6f2dad7e44fdb9003656c109e5f1f184c0a9e78f4e87bcfbdad68fef6ddb89b229115afd811bf2c520bfd07e9d8f69eace8db09a9e980549fcb7985c84d6b567f", @nested={0x4, 0x3e}, @nested={0x4, 0x80}, @generic="ca40434db00cb8a5bd29de9a6c38343e4158123dd4fcb43307b8a0874ec99911c815c75eba711c59bc07e9649cfc4316dbb1e2466212efb778b46f201ef5994f648140366307ab45a6036d8780863740ae75c70e21c0320bd4ec11a19300bf05459e693a53285c829ebfd0eec2bfe8741a76363e0da42c36db68497534f6ef712e12deadfab17f19bc4bee2ff25c990e370bb7ced216d2e64f97fa68eb99cbdc4c988b8448b4f90aa1828ea71272eb3db596d374624c252132fc7b38a8db87d684b2590d47191022b5a761c79d", @generic="878289f3052bae0a1de65e174d52797b042a9339869e378bd135bfdd4ee866129347c60f", @typed={0x8, 0x6c, 0x0, 0x0, @ipv4=@empty}, @nested={0x4, 0x12b}, @generic="a9f18d614ca6510e6a52998a", @typed={0x6, 0xe1, 0x0, 0x0, @str=':\x00'}, @typed={0x14, 0xf1, 0x0, 0x0, @ipv6=@mcast1}]}, @typed={0x8, 0x9, 0x0, 0x0, @ipv4=@multicast1}]}]}, 0x2d4}, 0x1, 0x0, 0x0, 0x10}, 0x4001) sendmsg$auto_NL80211_CMD_CRIT_PROTOCOL_STOP(r4, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x20, r5, 0xa31, 0x70bd25, 0x25dfdbff, {}, [@NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x9}]}, 0x20}, 0x1, 0x0, 0x0, 0x4040000}, 0x4000) r6 = mq_open$auto(&(0x7f0000000780)='nl80211\x00', 0x7fffffff, 0x200, &(0x7f00000007c0)={0x80000000, 0x9, 0x2, 0xe94f}) io_uring_register$auto(r0, 0xfffffff8, &(0x7f0000000800)="f82fdf186d978e1ba0639652df80371d3d8ff924ba90c65681a5d2240e5af9a2f3de1610a5d0e0188c74a8e86a19e7c8e3231a2aaa4956855d21f177e1a554e34b3ca1e58cb91e24e12c3dad4fdb59e1154bdbe223adcb7b1c85e8998a6cd54389c7ffedfa3b0afad8bee604924273414819f7b56e560609db536ccd7f10daf96bb68ce53d56eeda05c8fb06f21624a4c55e34592008d488b37f846f4f34346934d9689da83c5810ad7ffa4cfba67a45874489aefb3bee70e42be93ba992e54c8f9e710b7ee3a4b04800f5b6f0", 0x9) r7 = openat$auto_mon_fops_stat_usb_mon(0xffffffffffffff9c, &(0x7f0000000900)='/sys/kernel/debug/usb/usbmon/28s\x00', 0x101841, 0x0) read$auto_mon_fops_stat_usb_mon(r7, &(0x7f0000000940)=""/237, 0xed) sendmsg$auto_NL802154_CMD_SET_CHANNEL(r6, &(0x7f0000002e00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000002dc0)={&(0x7f0000000a80)={0x2318, 0x0, 0x400, 0x70bd27, 0x25dfdbff, {}, [@NL802154_ATTR_SUPPORTED_COMMANDS={0x22f3, 0x19, 0x0, 0x1, [@nested={0x95, 0x53, 0x0, 0x1, [@nested={0x4, 0x16}, @typed={0x9, 0xb7, 0x0, 0x0, @binary="af423b687d"}, @typed={0x8, 0x4a, 0x0, 0x0, @u32=0x3df7}, @generic="260f0355b7901876c8033da134237ae05614e1a58453ff541a17a4ca4c4851389482ab9ab281dfa1a929f4695c1b83b6743c92a759c4afc26ca091ebca6b095471935fa55c6dc88dacfc4f3aa0616cad30988b84fb16dbd7d5d3a90105841b7ec6b5a2d07aab75c3be2f9fddae45e29c44fb502612", @nested={0x4, 0x3f}]}, @nested={0x1093, 0x59, 0x0, 0x1, [@generic="56f34e5492c1b4404805cfa6803ed778027d94ef23352834afc0ff9b36c90a742b14a3eaaf6da83c3d101ba498e81ed649232f544e5f322fd21125fd8f3420a6cfaf67051b5eb2c1b3c7d378528c2dbd6ec950a4dde45d408a081e4362b206dfdeba1921607bd6101ac15a48819f4f2704e72955f72387875c0f6c1502fa1aad3193649ffc797120decd4aa80fc5437e748349f2f7b52a23df6ca78c4cb2b761390178a5c5c55dcb3527074be6e13ec1d899bf78348ce67dcde74dcdce991947623586de3a887f1b9308c98237d42ace41f0ba5f8a72f551e6d1ad92900698c78ebf0fce9985e9027bcc99820caa2e56bc96afb1dd0b5084d56ad86e489a7304a57d8c128a0a898053ccf9cf24ad14719dbf2728bd2f69f09958b24fa0cc3a7ef34704d879d131642320a42a8571739c5977a4425cbaeb8be1ed581c994ed82815ce1875070ff675e23541adf47a989489dac3751653fb8b52955e1e5497f0267a5bc011c864d1aedb4b25ffedfb6577f6f9f209a6fd4d3c9404f77bba9a013de19337b02ce9aee05ca0c0dfedfc9a1f4f9bac1d679d79b48728d7245b290362fb23cc9e98aab721194808bdf4fac5d1853eb1bae12d42818f8fd8f8a55ef758f2feb2ca932459d9497e53f509fb938f6d7139dc96caa0f6e497466bb75b4e0b2456d15fe3de714a6cfd7578ded858d15b116baa811b658baba5c103df282de5caf828560ba1bb13f076fbc439b4a3c87638dc326ef8d2172d501b336f861ac1a2354bac24d30b41c66c01b45524e7b844a8ead4522547f42352bf81d9cb540fe055c8ca548aa27b5f873bed9e88cfb0efc924c9df808d3aba31d57f7231e3ef87d82f5536cb934390213bde5c2c10f2a30e4be447f198816edae65cc9f770908b99e3a2764e3a8a4db0a88f63d9714a6111e886105e1881f2829d50130da269cfb6a0c87c195e2c7c5aa12ab188e6712c4cc7aa83f5eb4229378c6a6ffbd9a48b9e601135b73d5d43ead85997f586fb3f1b53a9ed1aacb6e9b59456f023a8c523d210355608eb7ec32e405631fad9c28e6e49c9150d0251b71489c22a953a91d3d3b7306fdfe69ab2b2f0a7e41de9067e8a715ce2f11e88fb3e44ca5d53fb06fefc1717bbed13661ff7d253079a545cb25d94d51f1925f11373fe92bbedeb76785377845a3c27c2c1bcd5cc2b072111a59007a5d6a50e78e637f58487118d742e7bdcaed46901e007b300fa2c87a380afaf00ec85a0bc2c9b4271dbab96aa033aa8e7c4b57856bba113046bce3d94ca072fdc405d62da1b78a5cd42dd3c0187187a87f09507d4fbb6333091cbaca12c44922cb71c78a4b1c1da78f6c1a1af61ccec5e900f55a4c68d4f377965d472cf9d7ea7060e83f4d2613a6592f49933688f77cc80929cfb0856a99582538a43f861d0ef77d3d0bc72a79a529b7f345dd5e65b0ce174cc2f1b9abfd17ebcef66c0d0848d985eb261762a8baa9606db76dc04305405813ccb67074e334dc5f0e2697837d9ade15be4f7fe656389ae56a578b284bc77b4916492ef89ebdc6b13bf4788e4fdf99fbfc7d36882c0b5f559edec0acee7124691b8ffefe2fc2f382bda03ac0aae4aa7a7802f3022e77080464945b5fa5b24bf90e182999df7c600934fefab247c3ae9fd6c790e6194de37224c751fcffa30caffde39a2b3926bcbacecf0513d44667023428e2c8bb2a2c3ae9b290473e86382afbb34d2fdb9d522d194536f17d0a582a7d613a173ac0171d665fe6981211e55480d418309cac96c66e3957977fddcdfab1ded8bf3f9a990f6f313af01986c9131fd38cd49c4042466a68922ad0690d75f0e58532629417a9694f15e3095c34f9b0fa46102e4428b8dd6b6f757da42202df2b41d9ca524716eb6053b896c2fb5ccdaa7253ebb9583881933e7fb4dd185b6e21ba6794b1671a5a5921a3f146dd9865a7a85582aa4d3de5f6b767c2bc904641ab33d33ac59823332d800c4216938bb0da0270375ef0bd5a3fba24ad07b3ee581f5f69730b2b4ec0ac84223a8d77611c02e36e42dc0e65833f2052674d0d6d978c57198371a7d58201b6c2dec18d0720349422d85df29662f4bd8055f6d033edc577743d8656ccdd4cffc57dc861ed8637726a6df7a3e06a06c2d45c17e81306485e7504ca7056dedfc0f016793e4b3a7d321bb85c455322237a6dbb8b4e435e3bf13454085a5d4c77276803e15e57c269ba88a9f8f15ed6632700637a446436d71dfc695d9dbbef5662dc4d86dde1b36485eb21ef9aeb46617d52b003f00723f824278da3bcae05eff8ff3ddc19db4d17cda78f70806d8667516a8d772203afd840530ee317f49ba639ccb81ac06d0cc22027181724a659caa10d97203c51cb30b068a8c2445b14e557f5fc1840ca277717ee2749bc6733392ac401d48963de428b0f699221ad3443ec0ec39bb628ed868a76dc77046585ccd261a7793bf50a1346b2a9e062672ace445342a1ffde5c075f56f0ad9f8bcbc80f37891c6838a5272d8bb84169d8b7bbf3c27768c7e606a06397abc1754f25e3f395367d8b62642d45ed35d4873f15b27ab8e3f3b64a06ab5bccd1b62563a28378a4625c0bcbb8fc70f548c11657bebcfb391258ced5485f17ba9900140bf536fdd2ba1b719fc09c13c585baeefa1c716196e979271fdab0ccb077cfea1706a80ad9584b520ac0d24a304b9729e9acac5a5ac6c270e30df5e87ea737abe56ffb2bb770da1daf985e9bea895f2e0006bd7337c0928d0a0c4d849c21f10ac5ee43551cd30473aeebe1deac9f8e6416b064ed1c1aef6cff0b86a81db9a6d017a3fbbbaebb63e1f7d42169b53c74aa378305c924884b04fccf1c838e11aa9dbc96e4e2e16af68047fdab70d2521bec60384ffa39c5007d744b88856067b6a6fd17d81e6b1f84c65f725dc9e71943a70750dca6c266b384aba6f8401e4b287aea23c342d0afb427a41f7e2f9953287302b09248e66cd43992033b56deececb1705e819157510a7bd51da6c42c750956f2ebc637045be856ac0cf2a7cc11db1e012d96df1d2237cc754bcbf520c8d22d369e3e000ebaa69314747b5af4293cf5f04cc3acbdc51b26b7ca1be251dc44f38b4bc2d7793e4ecbd1042e39bdda143a74718410234bc099b0f22075123fde9f10b5e74282e8ecefc0c6b9996e2d1febea7e01df7a934cf30cc75bd9b700d1ab6bcdedc863b97bd0eec9f44871cc611af40224036044b4acc02d8f753c405605a291eeeaef09abb0b7cf0589982c0e732f9963140c0e5e645bc6d697ef028963db40f3d6e206c5bdb3e5fcc4966e2db92cd4333e5e4b92b88ebefdaafa0ead8fa5a878268572af9283ab7ec51046e2b44edabfd9d1f2c51ceeb920b70f2056c5693c524418c018f07275814e6fedfa588cd6df6b6d81d75abac942efeda0990a23c3984fc310d881c320a788c6d6fe35dfca06d2726ac6725c00e56093b54f94a4bd480ccf1693f07f06d1d67b51f040e8c239a58194afee8c6d17e3bf78c90e56f5d31af9ac62e06461bee0ece229f5a5b8b0b09ace3af7a09300e9d4f547098886c85c963d042ff0f2bfda80feacc71b66f995394dd72b694d55eed1d0fa6111a1856bd402d1cea91da22b973d4b2be3f5e70bbde38d5aaca9ada2291680153384868f3efb7b4d7fd27ee45195d2a107d6fc929245e8cd81d54fb2010b08553c22ad57c6a9408f879b427bcc94ac5a168a9b69818c02f7902f1c41172c2342ec8ec4e9aed2704958773e811ec5c743dd414acd63ad866862d03f7857b38501a9698da1c2210672f1b319612b061b833df70678ff77488c91314040dbff59f0e66202fd3f46a458758767c45d8076cff3265eaf5dd982690e15cafe4b84b8e32cbef93df179fb5beb7f14e3f58a86ca3bfdc4f04d3168e82c3056dfa9bf0f6093d3c8cf6b31615f6c2bfdf51311eb47565c338621a163bbea1ce501a6c5e23802ee3e62d38809a82f877713c8e61b6ee295b1b8a794ac82b0c982c46b75dc5bd1db3879e4aad34e1166330bdf48f26a933553f1127bee8814cbac25e533414e6ef59f605c1e16d787862dc17e62260c6760361dac7b4610ad07107ecc129a4efc05657a732d4cbab695b8b47d25af52ec4fa2d0f7fd46cc002f1f2d93a829a294c1182cd4295b4a4e5f94d5d6756cb1d5dc97ebfd64d99531ef6e036fd895c13ba61d9beb9f19cc2810065087cea398cba64be4f004538301a63e66e4a445dffc457a676f76ca04ee9f542aec45dd45ca0c1a56bfd8c4a6152e5ef2948e94ba9dd43d980115c33c08d3b92db697f4df2aaaa63b3a21b3bd50519c91ba62a69ff49e68f2acb591d2c2cbe350639716dafa3c83cff783668615477b369c81f46254c5b0bb650a7510e47fba6fa6857b7214928bd3482fa283e1125007f116428af16b91fa3e26abef7ac4963d1491fa6ca5589ac8ae23398014ed74ff9268d337adfccc0a107e39ef2e5f32a7ac073e8e44d301236df087f9545447e1cafd4ad2e772ced1cc633ab69e7f1370c3664931799163aa72ccf6dd1f9e01a5e0eedaa8e483246e853de46130846b2aa80c32bc4bd71faf27ee86a9fb44612d8cbb119027908feab7604dbc0a40275d3cbbf823214712de04e5ef2cd52e07bbde715776af47adec87c65bc6692e9f8a08b011c2b1a44d2d1f4992647d5914952d0098eb413d97e581de7a2944b815ea22213299c6433dc6cc2f2eafe88dca3ee52c8a3389e37a8539e2df42052a3b60b1135c205029b5fdfcdde2a1414b5f542eb5f60f45dd51e714a97f1eafdf177319ec5d98d724e1b3ab91e2960c6fc64cf2f6c9fd4ad3cb6e40a7db59179bf13de5add7c5dd6fa563aecd00fab8a1239e2d786300598d4cf5ce414e995f9750172abd67de183b73e15dbafb4f824aa508a414a4b82708f1bfc899947e633d5f800806eb42091a90d0d9cb5e91684103273d325b2ec1b15182dc64a94d4fb408de433c0e0defda6187d7fe2c4deb196dcaf5665e9cf44963e70760303d8c79f3ee213b233d5347239b41615b8db5c7320f52ae714d78df3028cc2915ca7473b9ac53c0a954818d1287e9e5518bcf732f0a9e68012eef30baad3d96340d4f4ca8a684b272443f944a2a5e0e98f470642ccfff55dde9f49db1c713b009fb84fa7915fc139510a9fc188c18c866df604c70d1e5b07c523730178e694d74a551efb039d409c1c429de93c2f1b73de0a082c28dcfda102c8b9e1b0a7e23dde57a6310ca2398fa8792d550852560c52fbbbf9f513d6d485949aa35a217f99a66042877b99a9e714a00c1d19fe2f219b95bd83ce1f8eb4e993ed524a15f13ba7cf0aaf8bf3e7bc0aff1d2d4bf83545e0d919795c3cb8e1ee570bebc2dfb12a4baccfe8a31314ea7d82e57f3d6a40e3d4fcb8e1fe4dd0bd407b087a5a8d935c28c1210e1da1b855abd14887e581752d3011ed59136577560c0e51177d9f827916bcbf6d05bb6969b2265f21ebf931cb3092b46f88717ec39118bed70c1e0a9d502131fee257001189f8e41bac110b6147744a99f9616850ed65e31d19a5a92f1ab87863692f3185a32a574f6e3bd97fd6d231c2e95665e4d5ba7a463ddb5c0f9431adbf383a11c0a6046419c17d860d52f30c9c74f8019983054f4cc653ea48f750ed322b93d9b062f7e2b5de143fa8f96c5da656ab0648bcc2ddc202247be5b21555d16129fc0a12bf8e448d37e501e632e14391627917c1a2d4ec89300c1fdbd94f1beb081236c2720f4a009d8e65236f561f73e45e5f6dee11017b", @generic="ca08d1b1e27ebb84ded2241588f7437c73add15482f1c76b42c6e661b4accb09012b517a3d4726573509b56994fc814757c8539c1c5c215238f6bd9e9261fc34a3f832f3529c23b198c68bf88c2334c378ac9551f40c3e15e816ece7a86fa268088eafe45e366cfe9806360c9bb7fbc2ec12ea680d50b0437397350123479f1a53ca9dbc2b357d", @nested={0x4, 0xfc}, @nested={0x4, 0xc7}]}, @generic="fc363153a423c6d80e53da573ffb17fa51879b9ed3d5f95b9c72eb89fe186861449748228b5aab19f11d9859efbb417ead5fcafed2cba13eeb6f74c4588c64eee6cbf22291eff7dd3fe03c5f1a97d2442ec1dc97ca5c166a6b7f3735c665f7d1b81ccc7300790c2bffaae8a01d888ca0d07033a518cb246f2a7932eb4c7e5c5c4769add16a5ff43259eaf2ace31ba4aeb6f62914af40f477494627cdf326b0f7af31469fd41e75fa08d245d0315cd93040225a642da040e6861f805d859abbb2f2ad62eae6319ed2681d9cd37af6e8c34ad58d790de91db3ab1e31127fac7ff02376b9626ad2b821fa5513d0ac0839252da9f80ea3e7a70b3bf6bb150d889956d1bf3e21e8440c8c92965ec599103b95ff64861eb98740e07db782f410b75e8029820c3fc82a25679775f2c15c30da52b7aa7c1ddd05a0e8f44e2c2c8a9d7a7ab8be20710336e462bc727dc7b86429d8e6e8657627e03cbe30292934b008cafed807713e8ead12f47eaa2830a2240b4e7dbf648835dd3b0e4f7b8f9bb57359edcacd7a4564a610b2a60f7b191d2ec1eebfc1816f733e4c7d626609cd8532368fb6c92deb87be8bf515d7ac4a3d494624db0d90b38de620f0c10d5a10d9030dbbaffca7383651b5c8dec99cf40a56ee3da4ba18a5b1cd92537e34279effcc70250b702dc282c253b2b02d6588dad2489c4c45c9f25927714a83f68ab6c8dffb8bc1515a90d42edf332f70ba34c1a3da8e6310d42737d52cb4fb35ff665449f499cc6b631e25ef94dc98797a6f07fb206bd0dac57fd6fe2c49af368f458cf9ec06873434a4ecdc228c06b93a84c7fe1738a751af8061e2b76f5f3a9743695302250f183b0999eeb84a110a81682fc7021b8574a645148709ae676a3427490a854fe5c5e1f0e2e1f72d2be8d47f56f6f1074d94cc4d1106e5fb221bd3d3a5821da7bab1e3125f6b1b8b5e9fc62464587765519360f8489d28f6754d0d72af341bfe40a880912c9911209baaad779865a3de2ce3a1c0045bc1e04210b4e87267b336a7518b8304a500ec3d70e00ab9a37a271c3484dc03773a9cf8d8fa58af8bcaf8ce92e49e11cf22791cc9c7bb13a1103cae1bb5873115156552afcd40ce7c55cd3bc5fabb59d5a794d29708795d3c0c3e6f59e4700843a340fac98cf91b87eb44e28a3c30528e1f269ec2063c4dc51f19af8043d78b93e75e83c2ce480c6054e8f8e67297c56d6e4a06bdff3153a4e9018a9537f490dacf360294ff91208e482c9d91b36f703aefa124592c9057245d3dfa62e3bff683c9eb7c58145f1cd070aac66d06cf84f569a16d9fe28b38cf5b048f1f280bf39b294cb588d3762c2f56506dc3d1efa65a92a7a09d7daf97bb8298bea530b66f68a8619b2a4562ebf2536daba6280666140d68efbd29d217335672f728c1fec251236353473e663def3331f04a1f0c9a8e6d5074a42238a2f5afa6065f46728431bfe48777d9a1be205dc0385554ecd9e7def32feea3d896bdbaf987546bab89eb2925c9f9350746cd6217ae9d1c67325bf6536d605266cc64243889ab7c9658c3d9a31d2879ce1c4951e16b091118066bc617ce3ef690ebe7eeb7f8cc0ea96df1226a7f0524537a473eb56dedb45ce425b667b07c03068c40fa19066311896d9c839fd8b49eb889432ae4722e06d09b180fd0a5b7dcdb5d330918fb75ed68b23c65c9dc05e24bdf3af46a1ccb28c1faace53b5636f0033e2f4adbc41308e677b009f911d4c5c7ba1d0b685ea09513976696d34970a99b59ddf9a00277f4390d4c102f84c391cf5534db1024da3a206adedc82021a6ba3beb55585c4514367aac384e29d8117d26cbdf4ef4e87f0720b96515a8e34ee720662fe89a3da1659479bc72003e3d7163f4af3614b12d76f5189d86696a904eeabc1f57e4b33791fdf6cf8ef2b68b901f1965cf2cb6e4a8d657a3df66ce4e48c702c85fffd2191422d1bd119c79c7ec50c41b42a7df388677f1486f401887f81908786ae0e525dbca08865b1303c751f8e7885dca4439363188dc22262def1ec7ea95dd965b5069263837693927300e93bb21c01fe6e0db3d521866b86dc3636f0c83c7eff53c0b89bc9e2e8cf56c81092875be76d7782792166512e523e651ceb175a05ca425f8b966151132b5ecfc56cca87bf0d0846782f76ee7ece664fc99fb0386b2f4ce62dbb932a920ad69098d21505c2489640e9c23c6a25801b30af8eef56b2947e3d5fdbb3f8ed85d397da6459d0aa30cce07c6d5403b7de2db6ef4a96bceb890c119ac074ec2cadd41041dedff3e5c96b3f14ae4cbc6c934ea05bf7a03c635111e0cfbf255fc46d4585a2adceedbe55510d6b290b0e00086b741582c73b3b7ee89f1153a83a4fee3790c54ff29e344b2bba901896dcd31282a34183b2b00e8821d9eb27f130e04bdbad0d36cf8ac8e376cd0cfe2a9a45d28903ecd02a6a15ce0d177aa4f88b0671ab30b17d2e7eaa6cb4afa5de52309364d25c54518ca0614a7e01f015a50529e2f1f6ef5f15fccd33d112faa4a631f7ca08392df976e28335fb70f9b59540ca83b1b22f04931b5537570ee0d9a1cf81c9fadacfc71cf0cad5517db89acc357cfa45e2eacc9957b5522a92d4c57187415d2e6ff1b75ef9d2212506eec97e84877b70fd0b2425a6e1c6c42c7b789df6ef461977cef63464b8370cd3ead8332f59edab210d19ec908aea4283ec65117fedf95cb88c05ac5791986baa5506f12c12e4e081b45f7628874e5658f09b2b0fd1f9f2253b874471ea68c44a9afd1185083bcb8494d7e0a57b7dd2af3e6665e89cc52f681e3abccf87e975b8fb28d04461e1504e102d8555e7085774978f2bed8c8ef02dc03803dc8dfcc970502d430461d0daf1ebcdd66945a5dee2197dd8c76708d3dd7598bdef61823a64757d1a3ac46acaf275df1678e1f142ae461a3b01c6a7bae7a3f840121aa8f810aaa9bc899ed8910b6c5622045e4258ca9e1eebfa87ba5f61cd02279e22f7b2b628361784b3a02cf4dcbb3f1e07db689d3665b7fc52eeca399cbc5d91d62eacf2e80fa33001c6d7b14ae3fcf6ad4e78f696264258af741e5aaffc709f250927a15fa05efe05c191361ce6d556885d79e818a90aa80a409bd0cb4a1c61b29360f019648757bda50934041a7a2a3a56a8d9f9e6b97d1956db277c351443f78c5da26e63c52a55e24ad216ec277a24d9f7e0e20637d14ccc5566d0d769c0d4d0a868c740ca7adbc31eb67cb2d73827b8b65a89e6091716e3731c759d7de5f2667eca0a0aadb81243b6e114442385d2d7504663a017600c4d6eb6c3a04a2b47ee09bc533fa5417272d76b65d176ea7ece589deffdda50ee7135e65df9f7844fdd4348e0432415dc78b14ec1e3fef4d2f409ac5acf680e4fbcd95aee529ec353024b6152cba5818004a1fa3e30d7b2c92e3c8ccc89df24f9fba0a67866d4c6ccffcc3090625bbf52f5570927495425f24f9cfc67d1279f5b343182ee7ae0a778ad6368b1972d91237b3ea6f4f1f1fd2776c0db69b65b779ed61dd72a387f3261472992b12c16136bc578e84169c59f2d391049077fe3b324b29ad7d7c244b91390844ce7d33249b52d4e0ac54600f00f2a299804f3509b73cde95a3dc123c2a1ec0350579a6c1152e26808f45543f962c515bd306ff34a7d42acd41bd013ab6f48904b6f33e579415d9c7ee448f532349e63a14c7e2c32d0639f97a469ae03e7483fa8ca33013b20c96320b433623d292dbf5cc6b80b8c1db05627e77ed360770c597e2975092c7919ae4e3a04cb80b495b0927b8ecc6c293beb44f27e43f15ac13fe73688137dfc8b070dfd9b6a330924ca6a4e7c5ce37ab257250b4fe7771ca406c4327e55da4088290d3d2d98e782e04b9acd68948080eeb4db625182c82cd368a8eb0ce75c3d758867bb272f2c81d93ebfb8f484c588892027e5b108eba955da6fe9657ee975b5e8b7bdac18cc168d789df6f17c3d8a51fd1955e2a8b2846f1b42fc8c4a0d417c01ee75b7eb5e1849c6fc37111886682e0ae53d08993a85bf678421f699482cc814c3c1434b388467287352a604324697c36c564d09c902dc072ae216f807f5ef191c4a7ca1d6bb9ea2c98fd44a181f94e5d8bd311955a3a8f7c96773711ecfd3916a6b0a04a638c753bc1f41d5167ae7d071ef8430126ebe5203d121d03ede00a751156869c2c0b25e2ee411d902ef31726407f51fba104c6daaae7391395b2c0018090a44ba6b255061949a8da59619e21760dcf0ebe9ce429e6572ea158521e8f20c39034cf668603532cb31e058de1c00ce90eefb2c4d09cf2114b3d7bbe093477139d6fa3b455241411105d91da637d7319d5490797af52a342483a0b8c8f7f10a47dfcf29444b84f95803e9e35e542c27f4e94da542db77284d25834be0174c4e03a8c77396096f0405aabdfac79fec8505fd5fc809b30f4784efba5f94a189b3563e18f42b750b1d32b16cd5df4956de6e3e42c2bfeff964fbe69cfa889cd92e002a7c1ab86528395abeef607ca8ad3a7fb574eec913c2ef04ba17731666b4bae4b665b1d1609e82fd53a1a17e984cbac46c500a005b2961e54cf9cc525226986a3249e7d0a83363b9ffafe9b253e797dc6bbbc7c4a47ad69dc706be45681c1c2b5ca5819a61be2c31de13507166db714f2b5e0d355097bd46482e6c5fec199c39c3f720f6b8584b7ef72e8912059e9758b0f39f410a85c096ec456246b47504ca85d671c414c293c9a5038e6da45a438d0f0ba391ed3790e0b5415e6cc6105356216a27e301946bad13ad0d6b08fcfd56ef511c4d06f3d482ee1f72e37e5d989ed213ec41a6aa01c3c27a0b5dadf66b5b09c288106e7297683ff2e9d7cdbf0ec9cc568c88bb260a7c814ecb056ddae2c73bb03c813d871ed2a3ebb7753f69f186b83adb173c6568f43601ae3783bd02c4aeb942b8fc42b47b054990bb9be3c85c9a28eeadcaeafeabfd6c8db12b1058b1bfd5f1de9910a7d4d8ce827b1cbff29b82a3821a80c3bbacb342ee8fb757a14d3ecb64d39e32dffd70bd14f8c27c43da11ec116c6434a897493860dec3f30fbcf3d4438ea067cbddb7535a8a2b0ea9db131c18efa29e204d3b835f445e1452f5b56ea5b4627a357dde2a257760b09447d9067403c61f02c2c10d207b6d95a042524db830b323a81f84cf8ea0b37936d4512a976f8f4704da5c0cc5aabab0faed2f4b8ee26cdbce84637b42034eb83d4b2b3206d39467ca9b5123513d03f5b3f81772986800e3742f00cd2fe251bbde8a8eae4745f0418cc8909eb25761c46feee581438f2783e958ae96954fc0371340dda2e5b7c41a7566e7da28da127951069f5de7dda72ee5e448f8f42a8b5a11832dd98e5706d36b66c3384b2b29573ea710716c95dd70c876c327595444713b57b2ef9dc4722030339e123bac447c40af2b1ced6c95c51af490158bb2055b5d4105daa4ecc10421ca8ca005ae72c2eb1496dae0bc69793ce854fac8c7617a40ae9b370906728fab14912e9b8b52d1ffc0a5e63cc49b84664bf02d6c0d9509ce643972447089fea19f4d0ee1933f4bd2e7c7f06ba2f450def020be527920bf7a7fc4a010a3a5ffa47488f2e8e65e92454d57cec4f30a25477fdcb08f184d574cd5623e559afc6c9188dd0e3937df4e12cddcabfc4d38c5c37ae7038131b4fa634102d2c2ea392846acd2baf343462b931d0265b353295b82b458d0b2f69920431d5d2be6a204b2aa673313fd61046d214c33695bcbde25a50e517bae8a951bddf7e1eb88", @generic="64ff77715edd114636ea11f5a79907279b357c2ecdd78f0cd8dad81acab756947017601ec7b7c25d0d1d17f7b93dfc69d8f9990f1c216d645e6eb819f461802525f02a428a7f", @typed={0x4, 0x30}, @generic="b753a0f9431baf83500c3000a4c5c2387c00e4d755dc58f2a8990ca2e926e503e0e00e41149e1a737f03b18e72b430ee6955731dda7c839ead694996f2d91f53cbd28b130de7098cfd2bfcadee9a9e231b6f09bda48b15576bafedb1152363f7741a8b953ca02087adae3ce1afe7928d90b42fc608adaa2715bd42fc8377be4f083948bbf4f7d3d8aa0eb6ec4c185a8ff693e68679e1ab3562f54e1ce3f8b0fa7baf4c0d6aed36ac04d2104f04", @nested={0xc9, 0xb5, 0x0, 0x1, [@generic="1e142586138cf6ad6cb37c8d8310a508df50e1137838bff871e53c78b81054495211d3e13af6a64ec01167cf9c32e53b4679ac0c6edf24afd2d2489be9178497cef15a5a7a6e16c47dc869852a2e0d526bda4746d82d9a23e9651338acc50f02128c5ee5cb9ddc68c2e8f82069f9f8570bcf8dfebdbfe49c4a877dfdf2143b47642bce214f67f770c702c8ee0eb23a38bb1a96b37f068f906d107958d836f90ac0067c52d311678bf9075f44d92439ffef3883fceb5463160fdc732dc0deda26ce", @nested={0x4, 0x9c}]}]}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x5}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xfe00}]}, 0x2318}}, 0x80) r8 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000002e80), r4) sendmsg$auto_BATADV_CMD_TP_METER(r2, &(0x7f0000002f40)={&(0x7f0000002e40)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000002f00)={&(0x7f0000002ec0)={0x1c, r8, 0x400, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_BANDWIDTH_DOWN={0x8, 0x1c, 0x200}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040840}, 0x20) io_uring_setup$auto(0x3, &(0x7f0000002f80)={0x3, 0x0, 0x288, 0xe047, 0x3, 0x5, r4, [0xa, 0x7ff, 0x3], {0x1, 0x9, 0x7bf, 0x8, 0x7fffffff, 0x9, 0x5, 0x4, 0x4}, {0x1, 0x1, 0x2, 0x8, 0x6, 0x7, 0x2, 0x4, 0x10}}) r10 = mq_open$auto(&(0x7f0000003000)=':\x00', 0x4, 0x889c, &(0x7f0000003040)={0x5, 0x10000, 0x1, 0x47}) mmap$auto(0x100000000, 0x4, 0xc, 0xfa, r9, 0x1) r11 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000030c0), r10) sendmsg$auto_NL80211_CMD_DISASSOCIATE(r9, &(0x7f0000003180)={&(0x7f0000003080)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000003140)={&(0x7f0000003100)={0x2c, r11, 0x2, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x20}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x3}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x14}, 0x40000) clone$auto(0x3, 0x9, &(0x7f00000031c0)=0x6, &(0x7f0000003200)=0x7fff, 0x7) r12 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000003280), r4) sendmsg$auto_HWSIM_CMD_DEL_RADIO(r6, &(0x7f0000003340)={&(0x7f0000003240)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000003300)={&(0x7f00000032c0)={0x20, r12, 0x0, 0x70bd26, 0x25dfdbfd, {}, [@HWSIM_ATTR_ADDR_TRANSMITTER={0x4}, @HWSIM_ATTR_RX_RATE={0x8, 0x5, 0x5}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000015}, 0x4100) setsockopt$auto_SO_PEEK_OFF(r6, 0x835, 0x2a, &(0x7f0000003380)='\x00', 0x8) 8.847041756s ago: executing program 1 (id=802): close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/security/tomoyo/profile\x00', 0x48802, 0x0) read$auto(r0, 0x0, 0xb4d3) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000040), 0x2003, 0x0) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000003c0), 0x80303, 0x0) select$auto(0xa, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x5, 0x3, 0x5, 0x2000000000000002, 0x200, 0x8, 0x400000000ff, 0xa, 0x4, 0xaab, 0x5, 0x7]}, 0x0, 0x0) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x8440, 0x0) close_range$auto(0x2, 0x8, 0x0) 8.702044286s ago: executing program 3 (id=803): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_hcd.3/usb4/4-0:1.0/usb4-port1/quirks\x00', 0xa081, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x42, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa083, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) close_range$auto(0x2, 0x8, 0x0) readv$auto(0xffffffffffffffff, 0x0, 0x5) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0x18000) 8.589599187s ago: executing program 1 (id=805): openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r0 = getpid() statmount$auto(0x0, &(0x7f0000000180)={0x1, 0x1, 0x1000009, 0x3, 0x22, 0x940, 0x9ffde, 0x5, 0x7, 0x3ff, 0x9, 0x400005, 0xfff, 0x4, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x6, 0xffffffff, 0x0, 0x4000003, 0x80, 0x100000}, 0xcfa, 0x81) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = socket(0xa, 0x1, 0x84) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0xbb, 0x0, 0x4, &(0x7f0000000040), 0x81, 0x9}, 0x4}, 0x5, 0x6586, 0x0) process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) socket(0x2, 0x1, 0x106) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x4, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000002c00), 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_GET(r4, &(0x7f0000004480)={0x0, 0x0, &(0x7f0000004440)={&(0x7f0000000380)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010027bd7000fddbdf2503000000040001800c00018008000a8004000680137698dc303069fefe62d2551edc39bb669706a9362c74a75de5c0a8f2ae1c"], 0x24}, 0x1, 0x0, 0x0, 0x20000840}, 0x840) mmap$auto(0x0, 0x929abd6, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) memfd_create$auto(0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000140), 0x20000, 0x0) 8.046703925s ago: executing program 2 (id=807): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0xe0742, 0x0) mmap$auto(0x80000001, 0x580f, 0x112f4a03, 0x8000000008011, 0x3, 0x3) getresgid$auto(0x0, &(0x7f0000000a40)=0x2, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xe0002, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x40, 0x0) setsockopt$auto(r0, 0x1, 0x10, 0x0, 0xba) shmctl$auto_SHM_LOCK(0x1, 0xb, 0x0) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x810}, 0x4000080) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r1, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/attr/apparmor/exec\x00', 0x220b80, 0x0) socket(0xa, 0x1, 0x0) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x400000000000003, 0x29, 0x2c, 0x0, 0x56b) mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) write$auto(r2, 0x0, 0x6) 7.504176604s ago: executing program 3 (id=808): socket(0x27, 0x1, 0x106) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x540b, 0xfffffffffffffffd) r0 = socket(0xf, 0x3, 0x2) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r2 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r2, 0xc0603d06, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) bind$auto(r0, 0x0, 0x4) ptrace$auto(0x5, 0x0, 0x200000000000008, 0x6) socket(0xa, 0x5, 0x94) mmap$auto(0x0, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x84) setsockopt$auto(0x3, 0x9, 0x18, 0x0, 0xdd9) socket(0x26, 0x6, 0x3) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x108000, 0x800034, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) futex$auto(0x0, 0x85, 0x10005, 0x0, 0x0, 0x10000007) set_mempolicy_home_node$auto(0x0, 0x4, 0x7f, 0x1) 6.978539651s ago: executing program 2 (id=810): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x2, 0x88) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18"], 0x18}, 0x1, 0x0, 0x0, 0x64048001}, 0x80) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000000)) r2 = socket(0x6, 0x800, 0x8) sendmsg$auto_SMC_NETLINK_ENABLE_SEID(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x2d, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={0x0, 0xa0}}, 0x20040804) ioctl$auto_SNDCTL_DSP_GETISPACE(r1, 0x8010500d, &(0x7f0000000040)) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3ff, 0x8000) connect$auto(0x3, 0x0, 0x54) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x10, 0x2, 0x4) sendmsg$auto_SEG6_CMD_SETHMAC(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c1d00d0", @ANYRES16=0x0, @ANYBLOB="83177f346adddee2c4c14f54a57eef904d103ffc00771fd802dc4716d4231b1996ec2597f98d06ef9de1419ae803894d500082994206039d4c2890e3360ef1b3af3e3308e458b2e5ea51d57c1471e4be89a94d70e57e371884f91a9769ac4ef1e9f46a6319f07cc2b81d5eaad4eb51f920f5245050766ec255ea2925ab305544fb6f4005b696120a8897f6428bce853208680ac92b5daa37429d4fed851168ded1dac6c56f325b480efb25455fd7304710d2153b93155bf75f"], 0x1c}, 0x1, 0x0, 0x0, 0x40012}, 0x24000090) r4 = socket(0x10, 0x2, 0x0) ioperm$auto(0xcf2b, 0x449a52c1, 0x2) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='Z'], 0x1ac}}, 0x40000) r5 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) sendmmsg$auto(r5, &(0x7f0000000400)={{&(0x7f0000000100)="cd9f86836774c6244664be9c2de7e56d979277dd20854ba35eb00cd9e172babc82d47873f8a9781d0a1bd6dc8cb4260445b9d43a2fb9b9643d184c012fa1b8c0bebaf70f8e8b5c5b10317efc40aa10eefeb5f64a4171330de3ac8c62c3a307617995c800e926398e41f4a10867ab4f692cd6f9f0b72e519eb600fef167012908fceaa9048ee500dd6b42971cf250a7a153d0cd27343eb641e8eb415f32a23bb0e513d46597db08520676ff98d097242119ba8345b1cd", 0x9, &(0x7f00000001c0)={&(0x7f0000000300)="4986e6dec79ce19a318e19f782e2ffdee339ef8081b280dbb67c7d807a0780c7283f4dfddce0e2ec1e58d21b96999a2aadd7932174da7e7007799e8d29c43181cbe7dd8fcfeb2d7a974ff876ab4484be74e800e4ad1ce915279111b1a426bd04250952ce248b3bd0964211f74eb5c11d96390703b8b9f68c5d635888df4b61c3a0f1489b320672fb5f60535eb06c7cda4aba4ba83aa8bfe8b13e73785338efb4723786f28fa3866eb4510d67118dc9c97347dd7e492c5198a8bcdbe64d118fedaf2cff153486c798acedc5c0e49d03520b", 0x5}, 0x200, &(0x7f0000000280), 0x2, 0x3}, 0x3}, 0x5, 0x5) ioctl$auto(r6, 0x4b49, r5) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x7fffffff) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000480), r4) socket(0x10, 0x3, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) move_pages$auto(0x0, 0x0, &(0x7f0000000680)=&(0x7f0000000440)="0b230f8b2b30ea4e56b239bd", &(0x7f00000006c0)=0x1000, &(0x7f0000000700)=0x8, 0xfffffff8) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40040}, 0x800) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)={0x6c, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_NODE_ADDR_B={0xa, 0x5, @multicast}, @HSR_A_IF1_SEQ={0x6, 0x6, 0xe}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x80d}, @HSR_A_NODE_ADDR={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x18}}, @HSR_A_NODE_ADDR={0xa, 0x1, @random="064cbce38d85"}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_IF1_AGE={0x8, 0x3, 0x3e}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x7fff}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x81}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20040084}, 0x40090) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYRES8=r0, @ANYBLOB="1ca17a4bb54bba9061b146c196094fe5a63e349c57439766d67b7ac104b5f649f2514074e1ae59e4660674760603fdb1af96b6dc4797fe1a648f985fdb0c07c335f1c4f2767918f03c2fa5b774881f412765c79465bc4c10105e233f8d7378b610035755caedc1abd7f9bdbd195e6b466c3fe738f0ed4407957048dca84ca9045e034c2f16783f7f06b01a5fe30237363e0cc561f80cfc203f7cd90e9683df496fe790c945ad85ade638727b7fc08bb49b9e4d17f4e0ea58ea3555ced5845c33b2726348000e839ee0cce6b1bbdfab682ed30e608d69b756cb2c44fad45838067b81b7f2b0a93bd0db9e8d", @ANYRES8], 0x20}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="db002cbd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008851) 6.042838854s ago: executing program 2 (id=811): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0) mmap$auto(0x1, 0x202000b, 0x3, 0xeb1, r0, 0x8000) socket(0x2000000000000021, 0x2, 0x10000000000002) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mlock$auto(0x1000, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) read$auto_proc_single_file_operations_base(0xffffffffffffffff, &(0x7f00000000c0)=""/41, 0x11) bind$auto(0xffffffffffffffff, 0x0, 0x0) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) r1 = mq_open$auto(0x0, 0x7e, 0x9, 0x0) mq_notify$auto(r1, 0x0) mq_timedsend$auto(r1, &(0x7f0000000080)='\\*)A\x00', 0x6, 0xa, 0x0) unshare$auto(0x40000080) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xa0202, 0x0) close_range$auto(0x2, 0x8, 0x0) bpf$auto(0xfff, 0x0, 0x800) madvise$auto(0xfffffffffffffffc, 0x20000f, 0x12) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060007000100000008000200", @ANYRES32=0x0, @ANYBLOB="0c001a"], 0x68}, 0x1, 0x0, 0x0, 0x4044080}, 0x40090) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) openat$auto_fops_atomic_t_(0xffffffffffffff9c, 0x0, 0xa0000, 0x0) 5.927075265s ago: executing program 0 (id=812): close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000040), 0x2003, 0x0) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x8440, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) prctl$auto_PR_GET_TIMING(0xd, 0x0, 0x0, 0x757, 0xfffffffffffffffa) (async) prctl$auto_PR_GET_TIMING(0xd, 0x0, 0x0, 0x757, 0xfffffffffffffffa) copy_file_range$auto(r0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x0, 0x10000, 0x2) (async) copy_file_range$auto(r0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x0, 0x10000, 0x2) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) socket(0x23, 0x805, 0x70) (async) socket(0x23, 0x805, 0x70) r1 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec2\x00', 0x321900, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000000380)={"0000f4ff", 0x8, 0x0, 0x0, 0xd, 0x5, "4e82f500", "c00900", "f9e6c492", "a0ed9959", ["cd9196b8fe1a8a7eb90401a9", "2f9c30c77db90000001a00", "d3feec57878d0000211c9b69", "ea334f1f1e5e23a1320d6edb"]}) socket(0x1, 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/admmidi2\x00', 0x309180, 0x0) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000280), 0x400, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/netstat\x00', 0x0, 0x0) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/netstat\x00', 0x0, 0x0) r3 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x20201, 0x0) select$auto(0x1, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x5, 0xfffffffffffffffe, 0x9489, 0x3, 0x800095f4da0c, 0xffffffffffffffff, 0x3, 0x3, 0x80000001, 0x7, 0x6d3f, 0xd, 0x2, 0xfffffffffffffffe]}, 0x0) sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r1, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x3000000}, 0x240400c1) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_NL80211_CMD_SET_MULTICAST_TO_UNICAST(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000080)=ANY=[@ANYBLOB="01000000", @ANYRES16=0x0, @ANYBLOB="01002bbd7000fcdbdf257900000028000e00897e0a7490f7effb140d438a8eae340bf77102d3c53cb142c465a15d2c373494dae88356"], 0x3c}, 0x1, 0x0, 0x0, 0x24000804}, 0x0) (async) sendmsg$auto_NL80211_CMD_SET_MULTICAST_TO_UNICAST(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000080)=ANY=[@ANYBLOB="01000000", @ANYRES16=0x0, @ANYBLOB="01002bbd7000fcdbdf257900000028000e00897e0a7490f7effb140d438a8eae340bf77102d3c53cb142c465a15d2c373494dae88356"], 0x3c}, 0x1, 0x0, 0x0, 0x24000804}, 0x0) getpgrp(0xffffffffffffffff) (async) getpgrp(0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r1, &(0x7f0000000400)={&(0x7f0000001440)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYRESHEX=r3], 0x60}, 0x1, 0x0, 0x0, 0x240c8040}, 0x4) (async) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r1, &(0x7f0000000400)={&(0x7f0000001440)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYRESHEX=r3], 0x60}, 0x1, 0x0, 0x0, 0x240c8040}, 0x4) r4 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r4, &(0x7f0000000080)={{0x0, 0x4c, 0x0, 0x1, 0x0, 0x20, 0x1}, 0x8}, 0x200, 0x101) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="130069575d338cfa0ab4830000", @ANYBLOB="1200", @ANYRES16=r3], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x400c0) pipe$auto(&(0x7f0000000040)=0xffffffffffffffff) read$auto_proc_auxv_operations_base(r5, &(0x7f0000000440)=""/4096, 0x1000) close_range$auto(0x2, 0xa, 0x0) (async) close_range$auto(0x2, 0xa, 0x0) recvmmsg$auto(r4, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x1fe, 0x8, 0x0) (async) recvmmsg$auto(r4, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x1fe, 0x8, 0x0) 5.158646516s ago: executing program 3 (id=813): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/freezer.state\x00', 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ram0\x00', 0x40742, 0x0) write$auto(r1, 0x0, 0x7fffffff) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nbd4\x00', 0x180c0, 0x0) ioctl$auto_BLKROTATIONAL(r2, 0x127e, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/nr12/broadcast\x00', 0x7693c3, 0x0) write$auto(r0, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x60000, 0x0) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/controlC0\x00', 0x458140, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_READ(r4, 0xc008551a, &(0x7f0000000040)={0x0, 0x2000}) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, r3, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x62c00, 0x0) ioctl$auto(r5, 0x4b30, 0x20000009) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket(0xa, 0x2, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xe2f41, 0x0) r6 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) fadvise64$auto_POSIX_FADV_RANDOM(r6, 0x8, 0x6, 0x1) write$auto(0xca, &(0x7f0000000000)='\x04\x1d\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa4Cn\xb2./jn>9\xd2\xdb\x88\xf4\x1aVj\x13j\xe1\x96\xf7\xc2\xd3qm\xe6q\xf9\xa6u\x8eZ\x00\xf8*C]\xfd)/\xf3\xa1\x92|\x06|\xd0\x82\x93\xa5\x9a5if\xd0\x8e%g,\xc5\xec\xef\x87\x19\x17\xb0\xe1s\xf6U\xc0\x90r\xc5\xc8H\xa3\x9d\xce\x98\xe7\xb1B:\x179\xdc8\xa8) \x15\xce\xd8\x86\xff-\x80\xf5jMj\xda\x8f\x03EO\xe6\xa4Q\x81+v\xc9\xb8\x00\xcf\x94_\xa7\xadV\xc9\x7f;1R\xa0\x7f\xbe\x1e\x83\an/w[i\th\x9c\xb8\xd1\xed\xba\\\v\xe1\v\x81\xcc\xba\x03-N@ \x14\x1e\n\xe9g\x9fF\x05\xc8\x9f\xe5[\xba\xd2V\x9b\xc1\x9f\xf1%\x9c\xba\xf9\xb4\xa8\xd4\x05G\xf6\x82\xf3m\xe6V\xba\xa0\xf9K\x15\xcc_H\xce\xfd\xe2\x88\"\xe0\xd5Ld\x7f\x1c\x90^\x8d%\xb4', 0x9) r7 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) write$auto(r7, &(0x7f0000000400)='\x00Ez\x00\x00\x00\x00\x95\x9dg\xf4\x00', 0x100000a3d9) mprotect$auto(0x10000, 0xd4, 0x7ff) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x2c6a81, 0x0) socket(0x1e, 0x2, 0x4) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="16400000", @ANYRES8=r3, @ANYBLOB="21022cbd7000ebdbdf2501000000"], 0x14}, 0x1, 0x0, 0x0, 0x400c050}, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c00000014"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) 4.84993995s ago: executing program 1 (id=814): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x806, 0x0) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55) sysinfo$auto(0x0) setsockopt$auto(0x3, 0x1, 0xd, 0x0, 0x8) close_range$auto(0x2, 0xa, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x53a425bc) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/security/tomoyo/profile\x00', 0x48802, 0x0) clone$auto(0x400000000000008, 0x8000000000000007, 0xffffffffffffffff, 0x0, 0x5) mmap$auto(0x0, 0x2000005, 0x2, 0x1fc, 0x401, 0x300000000000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x7c3543, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xc004ae02, 0x88) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r0, 0xc008ae88, 0x88) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/fs/lockd/nlm_end_grace\x00', 0x8282, 0x0) write$auto(0x3, 0x0, 0x7) unshare$auto(0x1) write$auto(0x3, 0x0, 0xe) socket(0x2, 0x801, 0x84) 4.494641051s ago: executing program 0 (id=815): close_range$auto(0x2, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, 0x38) unshare$auto(0x40000080) close_range$auto(0x0, 0xfffffffffffff000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) openat$auto_o2hb_debug_fops_heartbeat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/o2hb/failed_regions\x00', 0x80000, 0x0) r1 = io_uring_setup$auto(0x100, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) socket(0x11, 0x3, 0x9) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r3 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000200)='/proc/fs/ext4/sda1/mb_stats\x00', 0x200, 0x0) socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x8) lseek$auto(r3, 0x5, 0x0) socket(0x15, 0x5, 0x0) r4 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="6ffd4e837bd05022edbda325e19ba382765764a70d797a83bfeb2b50d8f14241dbff2f229c42ffc2e72c5f66973d2ee94b2490138d95551f3a16a3c56002ef88bf03e7dc1c9df6c7ea3205b598606eff37eb9ddd6f99dceac6e9b5d9293e900c2d37c3869ad0f222e99bf334eb69f6a66c0c28ca3eaa33e17fce56218b5a7550d8effb5c79f1d4d1b5336bc05c2edd610ef8b8995bc19f40a1d68bfb3b2468939aeff5d2", @ANYRES8=r4, @ANYRES8=r2, @ANYRES32], 0x18}}, 0x80) 3.681526962s ago: executing program 1 (id=816): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_ADD_TX_TS(r0, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)=ANY=[@ANYBLOB='b\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="20002cbd7000ffdbdf25690000002c002680080001007f00000008000100080000000800020007000000080002000010000008000200070000000800c90007000000"], 0x48}, 0x1, 0x0, 0x0, 0x20000004}, 0x48004) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto_PR_MCE_KILL(0x21, 0xdeb7, 0xffffffffffffffff, 0x211, 0x3) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) ioctl$auto_XFS_IOC_ATTRMULTI_BY_HANDLE(r1, 0x4048587b, 0x0) finit_module$auto(0xffffffffffffffff, 0x0, 0x3bc) rename$auto(&(0x7f0000000180)='n\xd0T\xf2 x1\x18\xa4\xf8\x9b\xab\xf5\xfaH_8\x1d\x12FL\t\x84\xb2s\x1b\xde\xd5\xe7P\xab-\xfeL\x0f\x98\xf15\xee\xb6\x9e\x01-\xbc\x0e.\',\xd0\x8d\xc3\xa4\x06\x03\xb0\xb9\xb0V\xf2\x0fM\x16_\x8d\x83\xc9\xb7JD\xe2t\xe9\xc4\xa1y\xe0\'\xb3ev\xcfJs\aX\xb5\xa6\x95\xfd\xe6[\x14\xb9\x1f\xdd\x05\xe2kn\x1d\xec]{\xe6Z\x19\xcaG\x12r\xd6.L\x953m\xd8\xb5\t\x01a\xf2\xc3\xd8Si\x02Gt\x83N\x9ch\xd4W*\"\x0e\xcb\x9c3\xe1\x9aG`\x12-^\xac\xea\xbf\x19\xae\xc6{\x19&z\xd9u\xf2C\x1b\xd2\xabWG\x9a\xcf\xc4\x96\xad?y\xdb\xb3`\x87G8\xf1\x81\x10\x15;F\xf0\xbe@?\xc4\x19\xa2Y:\x9bLCW\xad\x9d\xd7tk7\xda\xe5\r\x80\xbd_\x87N\xcb\xc9&\x8f8\x9a\x9a\xd7\xa0\xdd\x91\xdd\x1d\x1e\x8f\xc1\xf768\b[\x88)\xb7\x05\xd7H\x84\xf6\xdd\xa7i8\x105\xa5\xf9\fNG\x84\xb1t\xa4#\x0f\x03\x89\xbcA\xca.\xbc\xc0\xf6w\xc1 \xb7\xb2\x7f\x12\xcfF\xae', &(0x7f0000000480)='4\\\xa6.\x00\x00\x00\x00\x00\x00\xf2\x0f\x1bN\xeam_\xa3\xf8\xe3Y\"X\xcd\r\xc5\xf8\'\xb8\xc5\xdc/\xd6\xb7\x16$<\xd5\xf3\xf7@16\xfb\xbf[\xee\xd7Ey\xbfD\xb4f\x1bn\xbf\xbb\x8f\x13\x13O\xa2\x87\xaa\xe2k\x11hv\xdarY\x10I%\x93\x95\xe3_\xf6*\x10T\x06\ahem\xecb\x94\xb3\xb8Y\xe5z\x18+\x8e\x0e\xc6Zb\xf8\xbc\xd2\xee4bth,5`\xda\xc3\x91\xad\x18\xc8M\t\xc9\x96\x12\xdbcJ\x01\xa5%\a\x00\x00\x00\x00\x00\x00\x00\x16\xa5\xce,\xb6i\x80Hu\xf4U\xde\xa02\x8c\"\xc5T\x15]\xdb9C!\xd3}\xca5\x88\xe5\"?\\\x95\x1f\xf1?\xae\xba~\xe3\xceA\x03\x93\xea\x14/\xc1\x05\xae\xa5\xbe\xfbD\x92Ck\xb6\x96\xd1\xaeYj\x14s\xb8\xd7)R\xcfa\x1a1|\xfa\xce\xd1A\xd6\x1b\xa7\x90\xef\x1e <\xd9\xe1N\xc9$\xbd\r8\xf1\xef\x85\xe7\xe4@\x11]B:\xa9F<\xf6\x1e\x03o\x1a\x1f\xa2\x87\xf3h\xeccr\x8a\x17\xa7\xd3\x10\x86\x82\x87$E\xdf\xa4\x9bQ\xac\x8b\x93$\x1e\x86p\xbaq\xfe\"\xe2\xb5\xdc\x90\x8c\xdd\xa18Vg\x8a@k`\x94\x81\xbd\x94\xb6\"\xc9\xeb.+B\xcaf\x00'/338) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) r2 = socket(0x1d, 0x2, 0x7) r3 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r2) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r4}, 0x6a) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r6}, 0x18) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffcc}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xe, 0x940, 0x1ffde, 0x3, 0x2000000000000006, 0x3, 0x8, 0x5, 0x2, 0x7, 0x1, 0x9, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x3bc}, 0x1fe, 0x5) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x1d, 0x2, 0x7) r7 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) bind$auto(0x3, &(0x7f0000000040)=@xdp={0x2c, 0x1, r5, 0x26}, 0x6) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) socket(0x10, 0x2, 0x0) r8 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='n\xd0T\xf2 x1\x18\xa4\xf8\x9b\xab\xf5\xfaH_8\x1d\x12FL\t\x84\xb2s\x1b\xde\xd5\xe7P\xab-\xfeL\x0f\x98\xf15\xee\xb6\x9e\x01-\xbc\x0e.\',\xd0\x8d\xc3\xa4\x06\x03\xb0\xb9\xb0V\xf2\x0fM\x16_\x8d\x83\xc9\xb7JD\xe2t\xe9\xc4\xa1y\xe0\'\xb3ev\xcfJs\aX\xb5\xa6\x95\xfd\xe6[\x14\xb9\x1f\xdd\x05\xe2kn\x1d\xec]{\xe6Z\x19\xcaG\x12r\xd6.L\x953m\xd8\xb5\t\x01a\xf2\xc3\xd8Si\x02Gt\x83N\x9ch\xd4W*\"\x0e\xcb\x9c3\xe1\x9aG`\x12-^\xac\xea\xbf\x19\xae\xc6{\x19&z\xd9u\xf2C\x1b\xd2\xabWG\x9a\xcf\xc4\x96\xad?y\xdb\xb3`\x87G8\xf1\x81\x10\x15;F\xf0\xbe@?\xc4\x19\xa2Y:\x9bLCW\xad\x9d\xd7tk7\xda\xe5\r\x80\xbd_\x87N\xcb\xc9&\x8f8\x9a\x9a\xd7\xa0\xdd\x91\xdd\x1d\x1e\x8f\xc1\xf768\b[\x88)\xb7\x05\xd7H\x84\xf6\xdd\xa7i8\x105\xa5\xf9\fNG\x84\xb1t\xa4#\x0f\x03\x89\xbcA\xca.\xbc\xc0\xf6w\xc1 \xb7\xb2\x7f\x12\xcfF\xae\x00', &(0x7f0000000140)={0x0, 0xa0, 0x4}, 0x18) getxattrat$auto(r8, &(0x7f00000002c0)='n\xd0T\xf2 x1\x18\xa4\xf8\x9b\xab\xf5\xfaH_8\x1d\x12FL\t\x84\xb2s\x1b\xde\xd5\xe7P\xab-\xfeL\x0f\x98\xf15\xee\xb6\x9e\x01-\xbc\x0e.\',\xd0\x8d\xc3\xa4\x06\x03\xb0\xb9\xb0V\xf2\x0fM\x16_\x8d\x83\xc9\xb7JD\xe2t\xe9\xc4\xa1y\xe0\'\xb3ev\xcfJs\aX\xb5\xa6\x95\xfd\xe6[\x14\xb9\x1f\xdd\x05\xe2kn\x1d\xec]{\xe6Z\x19\xcaG\x12r\xd6.L\x953m\xd8\xb5\t\x01a\xf2\xc3\xd8Si\x02Gt\x83N\x9ch\xd4W*\"\x0e\xcb\x9c3\xe1\x9aG`\x12-^\xac\xea\xbf\x19\xae\xc6{\x19&z\xd9u\xf2C\x1b\xd2\xabWG\x9a\xcf\xc4\x96\xad?y\xdb\xb3`\x87G8\xf1\x81\x10\x15;F\xf0\xbe@?\xc4\x19\xa2Y:\x9bLCW\xad\x9d\xd7tk7\xda\xe5\r\x80\xbd_\x87N\xcb\xc9&\x8f8\x9a\x9a\xd7\xa0\xdd\x91\xdd\x1d\x1e\x8f\xc1\xf768\b[\x88)\xb7\x05\xd7H\x84\xf6\xdd\xa7i8\x105\xa5\xf9\fNG\x84\xb1t\xa4#\x0f\x03\x89\xbcA\xca.\xbc\xc0\xf6w\xc1 \xb7\xb2\x7f\x12\xcfF\xae\x00', 0xa3, &(0x7f0000000400)='%.!\\%}(=@+\x00', &(0x7f0000000440)={0xffffffffffffffff, 0xac26, 0x7fffffff}, 0x9) 2.992422673s ago: executing program 0 (id=817): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), r0) recvmmsg$auto(r0, &(0x7f0000000240)={{&(0x7f0000000000)="ce774601dd2406b342194e01f9906266dd1cdeca9b5a726abbe72f42b592b92c8d2f0966b3dc2137f294accca61de185ee0aeb29f94fcb0d44ed6056ca6aa796d941a45f296d9ad7728748ec856b9f9a4f9c3e68ced4cd3ff1f8c12b7853bfaf71737437384203384c7b4a8a31ff60bc42114fb05304985a19d47dd45c26fe68fe08bc73fd8fd0abe27f76cf919a17891628f89b9e0932beb208ab60a9aef189ea71aa6c478dc46477f2d881a90a0d", 0x5, &(0x7f00000000c0)={&(0x7f00000001c0)="dec510fef283a0ad180443945cb6849a913dec4dda49529ec38dca193aba578f566dca58416ffb6bf984a3870e0beee7e6d860f7f670e8f19de6976f72a1a54bf7a98046a5fc0b86206f1f76ce2cf47265cce91200a9d8096599e7c465cabda5d466ee3c72038775ad41b14018daf11d725907be5d3962", 0x4}, 0x3, &(0x7f0000000140)="fa1086ffe701ec04c8", 0x2}, 0x2}, 0x1, 0x5, &(0x7f00000002c0)) (async) recvmmsg$auto(r0, &(0x7f0000000240)={{&(0x7f0000000000)="ce774601dd2406b342194e01f9906266dd1cdeca9b5a726abbe72f42b592b92c8d2f0966b3dc2137f294accca61de185ee0aeb29f94fcb0d44ed6056ca6aa796d941a45f296d9ad7728748ec856b9f9a4f9c3e68ced4cd3ff1f8c12b7853bfaf71737437384203384c7b4a8a31ff60bc42114fb05304985a19d47dd45c26fe68fe08bc73fd8fd0abe27f76cf919a17891628f89b9e0932beb208ab60a9aef189ea71aa6c478dc46477f2d881a90a0d", 0x5, &(0x7f00000000c0)={&(0x7f00000001c0)="dec510fef283a0ad180443945cb6849a913dec4dda49529ec38dca193aba578f566dca58416ffb6bf984a3870e0beee7e6d860f7f670e8f19de6976f72a1a54bf7a98046a5fc0b86206f1f76ce2cf47265cce91200a9d8096599e7c465cabda5d466ee3c72038775ad41b14018daf11d725907be5d3962", 0x4}, 0x3, &(0x7f0000000140)="fa1086ffe701ec04c8", 0x2}, 0x2}, 0x1, 0x5, &(0x7f00000002c0)) sendmsg$auto_ETHTOOL_MSG_PSE_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)={0x34, r1, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@ETHTOOL_A_PSE_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x400c0c4) 2.397241556s ago: executing program 1 (id=818): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000000), r0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000280)={0x0, 0x34, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1b0026bd7000fedbdf2503000000040003801800028014001a00fc02000000000000000000000000000112000100898771f1c19f17790485908280350000200003"], 0x64}, 0x1, 0x0, 0x0, 0x4004040}, 0x4000) (async) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) (async) r2 = openat$auto_dfs_cpu_ops_debugfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/x86/topo/cpus/0\x00', 0x800, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x2, 0x0) (async) socketpair$auto(0x1e, 0x5, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) open(0x0, 0x22240, 0x155) (async) socket(0x2, 0x2, 0x0) (async) r3 = socket(0x2, 0x1, 0x0) (async) r4 = socket(0x2a, 0x2, 0x0) ioctl$auto(r4, 0x8912, 0x38) (async) close_range$auto(0x2, 0x8, 0x0) (async) open(0x0, 0x22240, 0x155) socket(0x2, 0x1, 0x106) (async) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) (async) socket(0x2, 0x1, 0x106) (async) listen$auto(0x3, 0x81) (async) socket(0xa, 0x1, 0x84) (async) accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd) ustat$auto(0x801, 0x0) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) syz_genetlink_get_family_id$auto_nfc(0x0, 0xffffffffffffffff) (async) mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async) read$auto_dfs_cpu_ops_debugfs(r2, &(0x7f00000000c0)=""/128, 0x80) mmap$auto(0x0, 0x40000a, 0x8, 0x9b72, 0x2, 0x8000) (async) set_mempolicy_home_node$auto(0x0, 0x2010001, 0x0, 0x0) 1.902701826s ago: executing program 0 (id=819): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x24e802, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x183681, 0x0) write$auto_proc_pid_attr_operations_base(r1, 0x0, 0x0) pipe2$auto(0x0, 0x80) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20b42, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) ioctl$auto_SNDCTL_DSP_SETFMT(r2, 0xc0045005, 0x0) mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) write$auto(r3, 0x0, 0x6) 1.609926914s ago: executing program 2 (id=820): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0xfa3, 0x0) modify_ldt$auto(0x1, 0x0, 0x10) setsockopt$auto(0x3, 0x1, 0x3c, 0x0, 0x9) socket(0x1e, 0x4, 0x0) socket(0x1e, 0x4, 0x0) rseq$auto(&(0x7f0000000040)={0xe, 0x400, 0x0, 0x20006, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) fanotify_init$auto(0x200065, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) read$auto(r0, 0x0, 0xf) sendmsg$auto_TIPC_NL_NAME_TABLE_GET(r0, &(0x7f000000ca40)={0x0, 0x0, &(0x7f000000ca00)={&(0x7f0000000740)=ANY=[@ANYBLOB="b8050000", @ANYRES16, @ANYBLOB, @ANYBLOB, @ANYRES32, @ANYRES32=0x0, @ANYBLOB='\f\x00w', @ANYBLOB, @ANYRES32=0x0, @ANYBLOB, @ANYBLOB, @ANYRES32=0x0], 0x5b8}, 0x1, 0x0, 0x0, 0x841}, 0x4) modify_ldt$auto(0x1, 0x0, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(r1, 0x0, 0x1, 0x4013b, 0x0, 0xfffffffffffffffd) r2 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x400, 0x0) ioctl$auto_RTC_RD_TIME(r2, 0x80247009, 0x0) write$auto(0x3, 0x0, 0xfffffdef) shutdown$auto(0x200000003, 0x2) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x68}, 0x1, 0x0, 0x0, 0x4008045}, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x8002, 0x0) socket(0x2, 0x5, 0x0) 1.208603404s ago: executing program 0 (id=821): mmap$auto(0x0, 0x2020009, 0x87, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) fadvise64$auto_POSIX_FADV_DONTNEED(r0, 0x8, 0x6, 0x4) ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/nvme_core/parameters/iopolicy\x00', 0x2400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/7, 0x7) r2 = openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000000900)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x1, 0x0) writev$auto(r2, &(0x7f0000000bc0)={0x0, 0x81}, 0x3) ioctl$auto(r0, 0x4008af30, r0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2000000000000021, 0x2, 0x10000000000002) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x0) listen$auto(0x3, 0xfffffffa) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty30\x00', 0x62c00, 0x0) r3 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xdff1, 0xfffffffffffffffd, 0xd4, 0xffffffffffffffc0, 0x6, 0x0, 0x80009, 0x1, 0x2, {0x2100000000, 0x10000}, 0x3, 0x6, 0xffffffffffffffdd, 0x1008000, 0x0, 0x80000004, 0x8, 0x5, 0x29a, 0xdeb1, 0x1800}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) r4 = fcntl$getown(r3, 0x9) r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r5, 0x4, 0x7ff) ptrace$auto_PTRACE_SET_THREAD_AREA(0x1a, r4, 0x4, 0x8) setpgid$auto(r4, r5) r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r6, &(0x7f0000000400)='/d\x00v&a\x00dio1\x00', 0x100000a3d9) socket$nl_generic(0x10, 0x3, 0x10) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) 802.596561ms ago: executing program 1 (id=822): unshare$auto(0x40000080) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x8080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$auto_NCSI_CMD_PKG_INFO(r0, 0x0, 0x44088) madvise$auto(0x3, 0xfffffffffffffffb, 0x1c) r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0x43403d05, 0x0) madvise$auto(0x0, 0x53, 0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x1fc000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0xd, 0x20006, 0x2, 0xeb1, r1, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r2 = socket(0x10, 0x2, 0x4) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r3, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43344b15bd494886e355cf6d92c8fe670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014100005800c00c50003000000000000000c02368008027a8087010c800800e8", @ANYRES32=r2, @ANYBLOB='\b\x00'], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu0/hotplug/target\x00', 0x201, 0x0) write$auto(r4, 0x0, 0x1) mlockall$auto(0x7) migrate_pages$auto(0x0, 0x3, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) socket(0x10, 0x2, 0x4) socket(0x10, 0x3, 0x6) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x3, 0x0, 0x0, 0x8}, 0x7}, 0x3, 0x0) 692.465397ms ago: executing program 3 (id=823): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd2a, 0x25dfdbfb, {}, [@NFSD_A_SERVER_LEASETIME={0x8}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x81f}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {0xa, 0x0, 0xa00}}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYRESDEC=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x40001}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 520.26864ms ago: executing program 2 (id=824): r0 = socket(0x25, 0x1, 0x0) setsockopt$auto_SO_PRIORITY(r0, 0x1, 0xc, &(0x7f0000000080)='\x9d\xb7\x00\xa1H\x03\xc6\xb6@d\x00M\x8e5\x8abp\xbb\x17\x9aB41\xd5\x9e\xad\xe4\xffD\\a,\x99\x93\x9f\x17\\[F\x03 1 [ 95.094057][ T5855] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 95.102100][ T5854] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 95.103006][ T5855] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 95.117514][ T5854] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 95.118470][ T5855] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 95.132241][ T5859] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 95.133862][ T5855] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 95.149042][ T5855] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 95.175022][ T5857] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 95.191992][ T5859] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 95.202643][ T5859] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 95.212118][ T5857] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 95.231153][ T5859] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 95.239678][ T5857] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 95.250463][ T5858] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 95.258909][ T5857] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 95.267701][ T5858] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 95.267984][ T5845] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 95.281695][ T5858] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 95.791385][ T5843] chnl_net:caif_netlink_parms(): no params data found [ 95.905079][ T5844] chnl_net:caif_netlink_parms(): no params data found [ 96.037326][ T5842] chnl_net:caif_netlink_parms(): no params data found [ 96.092075][ T5841] chnl_net:caif_netlink_parms(): no params data found [ 96.160873][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.169032][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.176931][ T5843] bridge_slave_0: entered allmulticast mode [ 96.185668][ T5843] bridge_slave_0: entered promiscuous mode [ 96.237247][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.244513][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.251859][ T5843] bridge_slave_1: entered allmulticast mode [ 96.260004][ T5843] bridge_slave_1: entered promiscuous mode [ 96.322359][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.329603][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.337652][ T5844] bridge_slave_0: entered allmulticast mode [ 96.345215][ T5844] bridge_slave_0: entered promiscuous mode [ 96.402955][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.412954][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.420161][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.427645][ T5844] bridge_slave_1: entered allmulticast mode [ 96.435046][ T5844] bridge_slave_1: entered promiscuous mode [ 96.488261][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.525957][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.533428][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.540653][ T5841] bridge_slave_0: entered allmulticast mode [ 96.548450][ T5841] bridge_slave_0: entered promiscuous mode [ 96.558023][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.565674][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.573930][ T5842] bridge_slave_0: entered allmulticast mode [ 96.581779][ T5842] bridge_slave_0: entered promiscuous mode [ 96.606256][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.615810][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.623847][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.631158][ T5841] bridge_slave_1: entered allmulticast mode [ 96.638519][ T5841] bridge_slave_1: entered promiscuous mode [ 96.645936][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.653411][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.660716][ T5842] bridge_slave_1: entered allmulticast mode [ 96.669428][ T5842] bridge_slave_1: entered promiscuous mode [ 96.692237][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.735256][ T5843] team0: Port device team_slave_0 added [ 96.775529][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.800603][ T5843] team0: Port device team_slave_1 added [ 96.827078][ T5844] team0: Port device team_slave_0 added [ 96.835767][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.848267][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.862648][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.901728][ T5844] team0: Port device team_slave_1 added [ 96.952009][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.959011][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.985543][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.033381][ T5841] team0: Port device team_slave_0 added [ 97.054577][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.064197][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.091043][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.103795][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.110772][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.137154][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.150687][ T5841] team0: Port device team_slave_1 added [ 97.170272][ T9] cfg80211: failed to load regulatory.db [ 97.184895][ T5842] team0: Port device team_slave_0 added [ 97.194552][ T5842] team0: Port device team_slave_1 added [ 97.207928][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.215092][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.241823][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.252554][ T5852] Bluetooth: hci1: command tx timeout [ 97.277577][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.284746][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.310783][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.325273][ T5153] Bluetooth: hci0: command tx timeout [ 97.331108][ T5858] Bluetooth: hci2: command tx timeout [ 97.333159][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.336915][ T5852] Bluetooth: hci3: command tx timeout [ 97.347998][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.375989][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.420340][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.427454][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.453952][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.467956][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.475061][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.501542][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.654125][ T5843] hsr_slave_0: entered promiscuous mode [ 97.663538][ T5843] hsr_slave_1: entered promiscuous mode [ 97.675151][ T5842] hsr_slave_0: entered promiscuous mode [ 97.682000][ T5842] hsr_slave_1: entered promiscuous mode [ 97.688214][ T5842] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 97.696171][ T5842] Cannot create hsr debugfs directory [ 97.707743][ T5841] hsr_slave_0: entered promiscuous mode [ 97.714701][ T5841] hsr_slave_1: entered promiscuous mode [ 97.720828][ T5841] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 97.728527][ T5841] Cannot create hsr debugfs directory [ 97.748092][ T5844] hsr_slave_0: entered promiscuous mode [ 97.755073][ T5844] hsr_slave_1: entered promiscuous mode [ 97.761418][ T5844] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 97.769014][ T5844] Cannot create hsr debugfs directory [ 98.303784][ T5841] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 98.318582][ T5841] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 98.331230][ T5841] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 98.355130][ T5841] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 98.408833][ T5842] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 98.431740][ T5842] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 98.446496][ T5842] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 98.457664][ T5842] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 98.549584][ T5844] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 98.565190][ T5844] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 98.578195][ T5844] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 98.589565][ T5844] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 98.753769][ T5843] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 98.771773][ T5843] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 98.797906][ T5843] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 98.822355][ T5843] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 98.855239][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.929238][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.946615][ T5841] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.988605][ T1038] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.995986][ T1038] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.034186][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.041406][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.066704][ T5842] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.082267][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.115030][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.122254][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.143773][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.151072][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.190317][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.229512][ T4505] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.236692][ T4505] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.302502][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.309661][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.331761][ T5852] Bluetooth: hci1: command tx timeout [ 99.342087][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.401885][ T5852] Bluetooth: hci3: command tx timeout [ 99.407389][ T5852] Bluetooth: hci2: command tx timeout [ 99.413675][ T5858] Bluetooth: hci0: command tx timeout [ 99.436346][ T5843] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.500639][ T1038] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.507886][ T1038] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.550631][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.557928][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.789625][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.848382][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.991045][ T5842] veth0_vlan: entered promiscuous mode [ 100.009260][ T5841] veth0_vlan: entered promiscuous mode [ 100.032642][ T5842] veth1_vlan: entered promiscuous mode [ 100.054739][ T5841] veth1_vlan: entered promiscuous mode [ 100.139703][ T5842] veth0_macvtap: entered promiscuous mode [ 100.158669][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.184275][ T5842] veth1_macvtap: entered promiscuous mode [ 100.199392][ T5841] veth0_macvtap: entered promiscuous mode [ 100.213127][ T5841] veth1_macvtap: entered promiscuous mode [ 100.238963][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.279807][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.309445][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.325006][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.335832][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.347385][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.383619][ T5844] veth0_vlan: entered promiscuous mode [ 100.390417][ T5842] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.400555][ T5842] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.410543][ T5842] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.420019][ T5842] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.436189][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.447723][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.459430][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.471631][ T5841] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.480398][ T5841] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.489802][ T5841] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.498948][ T5841] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.557066][ T5844] veth1_vlan: entered promiscuous mode [ 100.584891][ T5843] veth0_vlan: entered promiscuous mode [ 100.598454][ T5843] veth1_vlan: entered promiscuous mode [ 100.700273][ T5843] veth0_macvtap: entered promiscuous mode [ 100.736831][ T5844] veth0_macvtap: entered promiscuous mode [ 100.746840][ T5843] veth1_macvtap: entered promiscuous mode [ 100.775982][ T5844] veth1_macvtap: entered promiscuous mode [ 100.800092][ T4505] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.809260][ T4505] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.848951][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.859908][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.870556][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.881937][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.895165][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.910217][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.922645][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.933370][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.938437][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.953224][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.964011][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.975897][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.008303][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 101.019185][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.029330][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 101.039938][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.050170][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 101.060651][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.073546][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.101901][ T5843] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.110689][ T5843] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.120704][ T5843] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.129749][ T5843] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.147208][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 101.158341][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.175165][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 101.185759][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.195880][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 101.206474][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.218282][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.229951][ T5844] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.239666][ T5844] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.249106][ T5844] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.258042][ T5844] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.279050][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.290137][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.368133][ T152] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.388438][ T152] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.401942][ T5852] Bluetooth: hci1: command tx timeout [ 101.483026][ T5858] Bluetooth: hci0: command tx timeout [ 101.488597][ T5852] Bluetooth: hci2: command tx timeout [ 101.496049][ T5858] Bluetooth: hci3: command tx timeout [ 101.560899][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.589095][ T5841] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 101.590174][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.664042][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.687574][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.738707][ T4505] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.757973][ T4505] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.893731][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.910676][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.136380][ T5919] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 102.477757][ T5912] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 103.482172][ T5858] Bluetooth: hci1: command tx timeout [ 103.563345][ T5858] Bluetooth: hci3: command tx timeout [ 103.568894][ T5852] Bluetooth: hci2: command tx timeout [ 103.574556][ T5153] Bluetooth: hci0: command tx timeout [ 104.154253][ T5932] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2'. [ 104.920703][ T5959] ======================================================= [ 104.920703][ T5959] WARNING: The mand mount option has been deprecated and [ 104.920703][ T5959] and is ignored by this kernel. Remove the mand [ 104.920703][ T5959] option from the mount to silence this warning. [ 104.920703][ T5959] ======================================================= [ 104.960417][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 105.231129][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 105.261355][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 106.093692][ T1038] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.297381][ T1038] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.468319][ T1038] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.615040][ T1038] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.875902][ T5971] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 106.876139][ T5971] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 106.924166][ T5971] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 106.983912][ T5971] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 106.984048][ T5971] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 106.984538][ T1038] bridge_slave_1: left allmulticast mode [ 106.984602][ T1038] bridge_slave_1: left promiscuous mode [ 106.985463][ T1038] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.005918][ T5971] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 107.016128][ T1038] bridge_slave_0: left allmulticast mode [ 107.016159][ T1038] bridge_slave_0: left promiscuous mode [ 107.016398][ T1038] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.017300][ T5971] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 107.017780][ T5971] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 107.022220][ T5971] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 107.066694][ T5977] Zero length message leads to an empty skb [ 107.107317][ T5858] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 107.108980][ T5858] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 107.117571][ T5858] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 107.129678][ T5858] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 107.135178][ T5858] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 108.197116][ T5999] FAULT_INJECTION: forcing a failure. [ 108.197116][ T5999] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 108.197191][ T5999] CPU: 0 UID: 0 PID: 5999 Comm: syz.0.16 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 108.197239][ T5999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 108.197262][ T5999] Call Trace: [ 108.197273][ T5999] [ 108.197289][ T5999] dump_stack_lvl+0x16c/0x1f0 [ 108.197341][ T5999] should_fail_ex+0x512/0x640 [ 108.197384][ T5999] should_fail_alloc_page+0xe7/0x130 [ 108.197418][ T5999] prepare_alloc_pages+0x3c2/0x610 [ 108.197466][ T5999] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 108.197522][ T5999] ? stack_trace_save+0x8e/0xc0 [ 108.197577][ T5999] ? __lock_acquire+0xaa4/0x1ba0 [ 108.197630][ T5999] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 108.197685][ T5999] ? fb_var_to_videomode+0x4c9/0x690 [ 108.197731][ T5999] ? __pfx_fb_match_mode+0x10/0x10 [ 108.197773][ T5999] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 108.197816][ T5999] ? lockdep_hardirqs_on+0x7c/0x110 [ 108.197865][ T5999] ? vc_allocate+0x489/0x880 [ 108.197912][ T5999] __alloc_pages_noprof+0xb/0x1b0 [ 108.197958][ T5999] ___kmalloc_large_node+0x82/0x1e0 [ 108.197994][ T5999] ? con_is_visible+0x65/0x150 [ 108.198038][ T5999] __kmalloc_large_node_noprof+0x1c/0x70 [ 108.198082][ T5999] __kmalloc_noprof.cold+0xc/0x61 [ 108.198136][ T5999] vc_allocate+0x489/0x880 [ 108.198187][ T5999] ? __pfx_vc_allocate+0x10/0x10 [ 108.198263][ T5999] con_install+0xa1/0x600 [ 108.198327][ T5999] ? __pfx_con_install+0x10/0x10 [ 108.198384][ T5999] ? __pfx_con_install+0x10/0x10 [ 108.198434][ T5999] tty_init_dev.part.0+0x99/0x500 [ 108.198470][ T5999] tty_open+0xa50/0xf90 [ 108.198509][ T5999] ? __pfx_tty_open+0x10/0x10 [ 108.198540][ T5999] ? chrdev_open+0x58c/0x6a0 [ 108.198594][ T5999] ? __pfx_tty_open+0x10/0x10 [ 108.198623][ T5999] chrdev_open+0x231/0x6a0 [ 108.198673][ T5999] ? __pfx_chrdev_open+0x10/0x10 [ 108.198744][ T5999] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 108.198799][ T5999] do_dentry_open+0x741/0x1c10 [ 108.198846][ T5999] ? __pfx_chrdev_open+0x10/0x10 [ 108.198906][ T5999] vfs_open+0x82/0x3f0 [ 108.198943][ T5999] path_openat+0x1e5e/0x2d40 [ 108.199006][ T5999] ? __pfx_path_openat+0x10/0x10 [ 108.199065][ T5999] do_filp_open+0x20b/0x470 [ 108.199117][ T5999] ? __pfx_do_filp_open+0x10/0x10 [ 108.199212][ T5999] ? alloc_fd+0x471/0x7d0 [ 108.199271][ T5999] do_sys_openat2+0x11b/0x1d0 [ 108.199304][ T5999] ? __pfx_do_sys_openat2+0x10/0x10 [ 108.199355][ T5999] __x64_sys_openat+0x174/0x210 [ 108.199390][ T5999] ? __pfx___x64_sys_openat+0x10/0x10 [ 108.199427][ T5999] ? rcu_is_watching+0x12/0xc0 [ 108.199478][ T5999] do_syscall_64+0xcd/0x260 [ 108.199527][ T5999] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.199559][ T5999] RIP: 0033:0x7f6fb7b8d169 [ 108.199583][ T5999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 108.199612][ T5999] RSP: 002b:00007f6fb89ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 108.199638][ T5999] RAX: ffffffffffffffda RBX: 00007f6fb7da6080 RCX: 00007f6fb7b8d169 [ 108.199657][ T5999] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 108.199675][ T5999] RBP: 00007f6fb7c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 108.199693][ T5999] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 108.199710][ T5999] R13: 0000000000000000 R14: 00007f6fb7da6080 R15: 00007fffdabfa808 [ 108.199750][ T5999] [ 108.591877][ T6004] ptrace attach of "./syz-executor exec"[5843] was attempted by "./syz-executor exec"[6004] [ 108.627660][ T1038] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 108.631496][ T1038] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 108.633696][ T1038] bond0 (unregistering): Released all slaves [ 108.842747][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout [ 109.012104][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 109.071332][ T6014] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 109.082148][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 109.323603][ T5852] Bluetooth: hci2: command tx timeout [ 109.456482][ T1038] hsr_slave_0: left promiscuous mode [ 109.493699][ T1038] hsr_slave_1: left promiscuous mode [ 109.502491][ T1038] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 109.523750][ T1038] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 109.581824][ T1038] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 109.589342][ T1038] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 109.675903][ T1038] veth1_macvtap: left promiscuous mode [ 109.693030][ T1038] veth0_macvtap: left promiscuous mode [ 109.698849][ T1038] veth1_vlan: left promiscuous mode [ 109.719467][ T1038] veth0_vlan: left promiscuous mode [ 110.336815][ T6039] Invalid ELF header magic: != ELF [ 110.431557][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 110.696583][ T1038] team0 (unregistering): Port device team_slave_1 removed [ 110.752578][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 110.782725][ T1038] team0 (unregistering): Port device team_slave_0 removed [ 110.931244][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout [ 111.083020][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 111.161190][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 111.403502][ T5852] Bluetooth: hci2: command tx timeout [ 111.866685][ T5976] chnl_net:caif_netlink_parms(): no params data found [ 112.231411][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 112.276158][ T5976] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.306012][ T5976] bridge0: port 1(bridge_slave_0) entered disabled state [ 112.320811][ T5976] bridge_slave_0: entered allmulticast mode [ 112.329704][ T5976] bridge_slave_0: entered promiscuous mode [ 112.343053][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 112.359219][ T5976] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.368601][ T5976] bridge0: port 2(bridge_slave_1) entered disabled state [ 112.381961][ T5976] bridge_slave_1: entered allmulticast mode [ 112.390109][ T5976] bridge_slave_1: entered promiscuous mode [ 112.579357][ T5976] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 112.606216][ T5976] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 112.823137][ T5976] team0: Port device team_slave_0 added [ 112.920439][ T5976] team0: Port device team_slave_1 added [ 113.002040][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout [ 113.151623][ T5976] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 113.158647][ T5976] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 113.191230][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 113.205345][ T5976] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 113.241767][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 113.379337][ T5976] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 113.391930][ T5976] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 113.477675][ T5976] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 113.490161][ T5852] Bluetooth: hci2: command tx timeout [ 113.593542][ T6069] tipc: Started in network mode [ 113.598645][ T6069] tipc: Node identity ee00, cluster identity 4711 [ 113.608532][ T6069] tipc: Node number set to 60928 [ 113.740412][ T5976] hsr_slave_0: entered promiscuous mode [ 113.775932][ T5976] hsr_slave_1: entered promiscuous mode [ 113.832590][ T5976] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 113.847051][ T5976] Cannot create hsr debugfs directory [ 115.256135][ T6096] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 115.559877][ T6109] FAULT_INJECTION: forcing a failure. [ 115.559877][ T6109] name failslab, interval 1, probability 0, space 0, times 1 [ 115.577331][ T5852] Bluetooth: hci2: command tx timeout [ 115.626389][ T6109] CPU: 0 UID: 0 PID: 6109 Comm: syz.0.27 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 115.626436][ T6109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 115.626455][ T6109] Call Trace: [ 115.626465][ T6109] [ 115.626476][ T6109] dump_stack_lvl+0x16c/0x1f0 [ 115.626529][ T6109] should_fail_ex+0x512/0x640 [ 115.626563][ T6109] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 115.626616][ T6109] should_failslab+0xc2/0x120 [ 115.626645][ T6109] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 115.626692][ T6109] ? find_held_lock+0x2b/0x80 [ 115.626729][ T6109] ? __alloc_skb+0x2b2/0x380 [ 115.626773][ T6109] __alloc_skb+0x2b2/0x380 [ 115.626813][ T6109] ? __pfx___alloc_skb+0x10/0x10 [ 115.626856][ T6109] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 115.626910][ T6109] netlink_alloc_large_skb+0x69/0x130 [ 115.626959][ T6109] netlink_sendmsg+0x6a1/0xdd0 [ 115.627021][ T6109] ? __pfx_netlink_sendmsg+0x10/0x10 [ 115.627082][ T6109] __sys_sendto+0x495/0x510 [ 115.627121][ T6109] ? __pfx___sys_sendto+0x10/0x10 [ 115.627188][ T6109] ? xfd_validate_state+0x5d/0x180 [ 115.627225][ T6109] ? rcu_is_watching+0x12/0xc0 [ 115.627268][ T6109] __x64_sys_sendto+0xe0/0x1c0 [ 115.627304][ T6109] ? do_syscall_64+0x91/0x260 [ 115.627349][ T6109] ? lockdep_hardirqs_on+0x7c/0x110 [ 115.627392][ T6109] do_syscall_64+0xcd/0x260 [ 115.627451][ T6109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 115.627480][ T6109] RIP: 0033:0x7f6fb7b8effc [ 115.627503][ T6109] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 115.627530][ T6109] RSP: 002b:00007f6fb8a0cec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 115.627557][ T6109] RAX: ffffffffffffffda RBX: 00007f6fb8a0cfc0 RCX: 00007f6fb7b8effc [ 115.627575][ T6109] RDX: 0000000000000028 RSI: 00007f6fb8a0d010 RDI: 0000000000000008 [ 115.627592][ T6109] RBP: 0000000000000000 R08: 00007f6fb8a0cf14 R09: 000000000000000c [ 115.627608][ T6109] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000008 [ 115.627624][ T6109] R13: 00007f6fb8a0cf68 R14: 00007f6fb8a0d010 R15: 0000000000000000 [ 115.627659][ T6109] [ 115.897178][ T5976] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 115.967989][ T5976] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 116.008249][ T6118] netlink: 'syz.3.28': attribute type 11 has an invalid length. [ 116.035508][ T5976] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 116.047362][ T6118] netlink: 330 bytes leftover after parsing attributes in process `syz.3.28'. [ 116.103020][ T5976] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 116.850829][ T6123] netlink: 28 bytes leftover after parsing attributes in process `syz.3.28'. [ 117.066350][ T5976] 8021q: adding VLAN 0 to HW filter on device bond0 [ 117.211289][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 117.403476][ T5976] 8021q: adding VLAN 0 to HW filter on device team0 [ 117.439185][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.446473][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 117.528299][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.535543][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 117.702422][ T5976] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network syzkaller syzkaller login: [ 118.354885][ T6155] netlink: 28 bytes leftover after parsing attributes in process `syz.1.33'. [ 118.559150][ T6155] team0: Port device team_slave_0 removed [ 118.792207][ T5976] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 119.259988][ T5976] veth0_vlan: entered promiscuous mode [ 119.429901][ T5976] veth1_vlan: entered promiscuous mode [ 119.632488][ T5976] veth0_macvtap: entered promiscuous mode [ 119.677526][ T5976] veth1_macvtap: entered promiscuous mode [ 119.823089][ T5976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 119.856295][ T5976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 119.871095][ T5976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 119.910832][ T5976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 119.929360][ T5976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 119.955909][ T5976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.007430][ T5976] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 120.073689][ T5976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 120.109927][ T5976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.130954][ T5976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 120.181167][ T5976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.212581][ T5976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 120.238225][ T5976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.263598][ T5976] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 120.308589][ T5976] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.334514][ T5976] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.348294][ T5976] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.357691][ T5976] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.557313][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.601717][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.664666][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.678846][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.971739][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 120.981626][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 122.300746][ T6219] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 122.605341][ T6238] tipc: Started in network mode [ 122.631145][ T6238] tipc: Node identity ee00, cluster identity 4711 [ 122.645233][ T6238] tipc: Node number set to 60928 [ 122.836664][ T6241] FAULT_INJECTION: forcing a failure. [ 122.836664][ T6241] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 122.836729][ T6241] CPU: 0 UID: 0 PID: 6241 Comm: syz.3.40 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 122.836771][ T6241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 122.836789][ T6241] Call Trace: [ 122.836799][ T6241] [ 122.836810][ T6241] dump_stack_lvl+0x16c/0x1f0 [ 122.836862][ T6241] should_fail_ex+0x512/0x640 [ 122.836906][ T6241] _copy_from_iter+0x2a4/0x15b0 [ 122.836951][ T6241] ? __alloc_skb+0x200/0x380 [ 122.836993][ T6241] ? __pfx__copy_from_iter+0x10/0x10 [ 122.837038][ T6241] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 122.837100][ T6241] netlink_sendmsg+0x829/0xdd0 [ 122.837168][ T6241] ? __pfx_netlink_sendmsg+0x10/0x10 [ 122.837233][ T6241] __sys_sendto+0x495/0x510 [ 122.837286][ T6241] ? __pfx___sys_sendto+0x10/0x10 [ 122.837354][ T6241] ? xfd_validate_state+0x5d/0x180 [ 122.837391][ T6241] ? rcu_is_watching+0x12/0xc0 [ 122.837437][ T6241] __x64_sys_sendto+0xe0/0x1c0 [ 122.837474][ T6241] ? do_syscall_64+0x91/0x260 [ 122.837521][ T6241] ? lockdep_hardirqs_on+0x7c/0x110 [ 122.837566][ T6241] do_syscall_64+0xcd/0x260 [ 122.837615][ T6241] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.837647][ T6241] RIP: 0033:0x7f8908b8effc [ 122.837670][ T6241] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 122.837699][ T6241] RSP: 002b:00007f8909a0aec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 122.837728][ T6241] RAX: ffffffffffffffda RBX: 00007f8909a0afc0 RCX: 00007f8908b8effc [ 122.837747][ T6241] RDX: 0000000000000028 RSI: 00007f8909a0b010 RDI: 0000000000000008 [ 122.837765][ T6241] RBP: 0000000000000000 R08: 00007f8909a0af14 R09: 000000000000000c [ 122.837783][ T6241] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000008 [ 122.837800][ T6241] R13: 00007f8909a0af68 R14: 00007f8909a0b010 R15: 0000000000000000 [ 122.837839][ T6241] [ 125.520738][ T6290] netlink: 28 bytes leftover after parsing attributes in process `syz.0.43'. [ 125.614256][ T6290] team0: Port device team_slave_0 removed [ 126.915541][ T6315] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 127.662288][ T5858] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 127.675303][ T5858] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 127.683471][ T5858] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 127.693931][ T5858] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 127.702345][ T5858] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 128.050973][ T6337] chnl_net:caif_netlink_parms(): no params data found [ 128.216984][ T6337] bridge0: port 1(bridge_slave_0) entered blocking state [ 128.246661][ T6337] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.267691][ T6337] bridge_slave_0: entered allmulticast mode [ 128.374340][ T6337] bridge_slave_0: entered promiscuous mode [ 128.395506][ T6337] bridge0: port 2(bridge_slave_1) entered blocking state [ 128.583974][ T6337] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.592973][ T6337] bridge_slave_1: entered allmulticast mode [ 128.607253][ T6337] bridge_slave_1: entered promiscuous mode [ 128.731810][ T6337] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 128.759070][ T6337] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 128.791874][ T6358] netlink: 28 bytes leftover after parsing attributes in process `syz.3.59'. [ 128.881168][ T6358] team0: Port device team_slave_0 removed [ 129.023459][ T6337] team0: Port device team_slave_0 added [ 129.039159][ T6337] team0: Port device team_slave_1 added [ 129.139737][ T6337] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 129.160035][ T6337] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.204207][ T6337] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 129.225016][ T6337] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 129.232349][ T6337] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.258760][ T6337] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 129.378642][ T6337] hsr_slave_0: entered promiscuous mode [ 129.388922][ T6337] hsr_slave_1: entered promiscuous mode [ 129.410117][ T6337] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 129.440618][ T6337] Cannot create hsr debugfs directory [ 129.578737][ T6376] random: crng reseeded on system resumption [ 129.616908][ T6376] FAULT_INJECTION: forcing a failure. [ 129.616908][ T6376] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 129.680136][ T6376] CPU: 0 UID: 0 PID: 6376 Comm: syz.0.65 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 129.680181][ T6376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 129.680200][ T6376] Call Trace: [ 129.680210][ T6376] [ 129.680222][ T6376] dump_stack_lvl+0x16c/0x1f0 [ 129.680277][ T6376] should_fail_ex+0x512/0x640 [ 129.680320][ T6376] should_fail_alloc_page+0xe7/0x130 [ 129.680355][ T6376] prepare_alloc_pages+0x3c2/0x610 [ 129.680397][ T6376] ? rcu_is_watching+0x12/0xc0 [ 129.680440][ T6376] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 129.680495][ T6376] ? mark_held_locks+0x49/0x80 [ 129.680545][ T6376] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 129.680589][ T6376] ? lockdep_hardirqs_on+0x7c/0x110 [ 129.680634][ T6376] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 129.680676][ T6376] ? stack_depot_save_flags+0x3e6/0xa50 [ 129.680718][ T6376] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 129.680773][ T6376] ? kasan_save_stack+0x42/0x60 [ 129.680815][ T6376] ? kasan_save_stack+0x33/0x60 [ 129.680856][ T6376] ? kasan_save_track+0x14/0x30 [ 129.680907][ T6376] ? vfs_open+0x82/0x3f0 [ 129.680955][ T6376] ? path_openat+0x1e5e/0x2d40 [ 129.681000][ T6376] ? do_filp_open+0x20b/0x470 [ 129.681040][ T6376] ? do_sys_openat2+0x11b/0x1d0 [ 129.681087][ T6376] ? __x64_sys_openat+0x174/0x210 [ 129.681120][ T6376] ? do_syscall_64+0xcd/0x260 [ 129.681165][ T6376] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.681201][ T6376] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 129.681234][ T6376] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 129.681270][ T6376] ? policy_nodemask+0xea/0x4e0 [ 129.681325][ T6376] alloc_pages_mpol+0x1fb/0x550 [ 129.681356][ T6376] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 129.681399][ T6376] alloc_pages_noprof+0x131/0x390 [ 129.681431][ T6376] get_zeroed_page_noprof+0x14/0x50 [ 129.681466][ T6376] get_image_page+0x18/0x190 [ 129.681506][ T6376] alloc_rtree_node+0x3c/0xb0 [ 129.681545][ T6376] memory_bm_create+0x515/0x810 [ 129.681604][ T6376] create_basic_memory_bitmaps+0xc1/0x680 [ 129.681657][ T6376] snapshot_open+0x235/0x2b0 [ 129.681701][ T6376] ? __pfx_snapshot_open+0x10/0x10 [ 129.681750][ T6376] misc_open+0x35a/0x420 [ 129.681792][ T6376] ? __pfx_misc_open+0x10/0x10 [ 129.681831][ T6376] chrdev_open+0x231/0x6a0 [ 129.681880][ T6376] ? __pfx_apparmor_file_open+0x10/0x10 [ 129.681921][ T6376] ? __pfx_chrdev_open+0x10/0x10 [ 129.681985][ T6376] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 129.682038][ T6376] do_dentry_open+0x741/0x1c10 [ 129.682085][ T6376] ? __pfx_chrdev_open+0x10/0x10 [ 129.682146][ T6376] vfs_open+0x82/0x3f0 [ 129.682184][ T6376] path_openat+0x1e5e/0x2d40 [ 129.682259][ T6376] ? __pfx_path_openat+0x10/0x10 [ 129.682316][ T6376] do_filp_open+0x20b/0x470 [ 129.682363][ T6376] ? __pfx_do_filp_open+0x10/0x10 [ 129.682438][ T6376] ? alloc_fd+0x471/0x7d0 [ 129.682494][ T6376] do_sys_openat2+0x11b/0x1d0 [ 129.682528][ T6376] ? __pfx_do_sys_openat2+0x10/0x10 [ 129.682579][ T6376] __x64_sys_openat+0x174/0x210 [ 129.682613][ T6376] ? __pfx___x64_sys_openat+0x10/0x10 [ 129.682651][ T6376] ? rcu_is_watching+0x12/0xc0 [ 129.682701][ T6376] do_syscall_64+0xcd/0x260 [ 129.682752][ T6376] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.682803][ T6376] RIP: 0033:0x7f6fb7b8d169 [ 129.682829][ T6376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 129.682859][ T6376] RSP: 002b:00007f6fb8a0e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 129.682889][ T6376] RAX: ffffffffffffffda RBX: 00007f6fb7da5fa0 RCX: 00007f6fb7b8d169 [ 129.682910][ T6376] RDX: 0000000000184b01 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 129.682929][ T6376] RBP: 00007f6fb7c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 129.682955][ T6376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 129.682974][ T6376] R13: 0000000000000000 R14: 00007f6fb7da5fa0 R15: 00007fffdabfa808 [ 129.683018][ T6376] [ 129.722265][ T5858] Bluetooth: hci3: command tx timeout [ 130.224975][ T6337] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 syzkaller syzkaller login: [ 130.556484][ T6337] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.800779][ T6393] process 'syz.2.68' launched ':,' with NULL argv: empty string added [ 130.898230][ T6337] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.948277][ T6391] zswap: compressor not available [ 131.074495][ T6337] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.290571][ T6385] netlink: 334 bytes leftover after parsing attributes in process `syz.0.67'. [ 131.353964][ T5858] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5 [ 132.121389][ T5858] Bluetooth: hci3: command tx timeout [ 132.256095][ T6337] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 132.451707][ T6337] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 132.494885][ T6337] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 132.555453][ T6337] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 132.917323][ T6337] 8021q: adding VLAN 0 to HW filter on device bond0 [ 132.995610][ T6337] 8021q: adding VLAN 0 to HW filter on device team0 [ 133.023601][ T4505] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.030837][ T4505] bridge0: port 1(bridge_slave_0) entered forwarding state [ 133.092665][ T4505] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.099945][ T4505] bridge0: port 2(bridge_slave_1) entered forwarding state [ 133.918421][ T6337] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 134.027885][ T6337] veth0_vlan: entered promiscuous mode [ 134.049371][ T6337] veth1_vlan: entered promiscuous mode [ 134.156145][ T6337] veth0_macvtap: entered promiscuous mode [ 134.170031][ T6337] veth1_macvtap: entered promiscuous mode [ 134.200399][ T6337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.212869][ T5858] Bluetooth: hci3: command tx timeout [ 134.220212][ T6337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.230880][ T6337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.247138][ T6337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.260290][ T6337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.271378][ T6337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.288781][ T6337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.300773][ T6337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.313916][ T6337] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 134.330376][ T6337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 134.348269][ T6337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.370462][ T6337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 134.386737][ T6337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.396706][ T6337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 134.412782][ T6337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.433445][ T6337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 134.449592][ T6337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.466785][ T6337] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 134.490762][ T6337] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.499691][ T6337] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.514553][ T6337] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.528600][ T6337] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.775047][ T6445] Invalid ELF header magic: != ELF [ 134.881528][ T152] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.889559][ T152] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 135.051549][ T4505] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.139005][ T4505] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.281713][ T5858] Bluetooth: hci3: command tx timeout [ 138.131653][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.138238][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 syzkaller syzkaller login: [ 139.332971][ T6507] random: crng reseeded on system resumption [ 140.730673][ T6524] Process accounting resumed [ 141.094330][ T6535] Console: switching to colour VGA+ 80x25 [ 141.239134][ T6533] Invalid ELF header magic: != ELF [ 141.860875][ T6547] netlink: 28 bytes leftover after parsing attributes in process `syz.1.100'. [ 142.198935][ T6554] mmap: syz.1.102 (6554) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 145.181730][ T6589] netlink: 346 bytes leftover after parsing attributes in process `syz.1.111'. [ 147.527357][ T6631] netlink: 4 bytes leftover after parsing attributes in process `syz.3.117'. [ 147.538539][ T6632] netlink: 28 bytes leftover after parsing attributes in process `syz.3.117'. [ 148.133730][ T6639] usbip-vudc usbip-vudc.0: gadget not bound [ 149.960307][ T6674] netlink: del zone limit has 8 unknown bytes [ 150.946446][ T6681] can: request_module (can-proto-3) failed. [ 153.541161][ T30] audit: type=1400 audit(6039474177.388:2): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=6705 comm="syz.3.129" [ 154.710168][ T6742] syz.1.136 uses obsolete (PF_INET,SOCK_PACKET) [ 159.007052][ T6798] bridge0: port 3(team0) entered blocking state [ 159.014540][ T6798] bridge0: port 3(team0) entered disabled state [ 159.036977][ T6798] team0: entered allmulticast mode [ 159.101060][ T6798] team_slave_1: entered allmulticast mode [ 159.109034][ T6798] team0: entered promiscuous mode [ 159.232166][ T6798] team_slave_1: entered promiscuous mode [ 159.269852][ T6798] bridge0: port 3(team0) entered blocking state [ 159.277032][ T6798] bridge0: port 3(team0) entered forwarding state [ 161.839247][ T6822] netlink: 8 bytes leftover after parsing attributes in process `syz.2.153'. [ 162.241372][ T6831] netlink: zone id is out of range [ 162.241407][ T6831] netlink: zone id is out of range [ 162.241421][ T6831] netlink: zone id is out of range [ 162.241433][ T6831] netlink: zone id is out of range [ 162.241446][ T6831] netlink: zone id is out of range [ 162.241458][ T6831] netlink: zone id is out of range [ 162.241469][ T6831] netlink: zone id is out of range [ 162.241481][ T6831] netlink: zone id is out of range [ 162.241493][ T6831] netlink: zone id is out of range [ 162.241505][ T6831] netlink: zone id is out of range [ 162.865311][ T5858] Bluetooth: hci3: Unable to find connection for big 0xd2 [ 162.957377][ T6832] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 162.957964][ T6832] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 163.036575][ T6832] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 163.045041][ T6832] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 163.229202][ T6832] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 163.281674][ T6832] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 163.330052][ T6832] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 163.639696][ T6832] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 164.841451][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout [ 165.026585][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 165.091382][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout [ 165.321479][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 166.707041][ T6874] random: crng reseeded on system resumption [ 167.161491][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout [ 167.405941][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 167.989079][ T6888] [U] [ 167.991983][ T6888] [U] use_profile 0 [ 167.995840][ T6888] [U] file mkdir/chmod /dev/ 0755 [ 168.000897][ T6888] [U] file chown/chgrp /dev/ 0 [ 168.005696][ T6888] [U] file mkchar /dev/console 0600 5 1 [ 168.149447][ T6891] netlink: 'syz.3.167': attribute type 1 has an invalid length. [ 168.377982][ T6883] [U] f [ 169.110760][ T6913] netlink: 8 bytes leftover after parsing attributes in process `syz.2.168'. [ 169.241823][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout [ 169.413263][ T6918] net_ratelimit: 75 callbacks suppressed [ 169.413288][ T6918] openvswitch: netlink: Key type 261 is out of range max 32 [ 169.484733][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 170.406122][ T6946] netlink: 8 bytes leftover after parsing attributes in process `syz.1.173'. [ 172.653874][ T6675] syz.3.120 (6675) used greatest stack depth: 21096 bytes left [ 173.316826][ T6951] Process accounting paused [ 174.146787][ T5858] Bluetooth: hci2: Unable to find connection for big 0xd2 [ 174.553079][ T7007] [U]  [ 174.555966][ T7007] [U] [ 174.558722][ T7007] [U] [ 174.561486][ T7007] [U] [ 174.572594][ T7007] [U] [ 174.575371][ T7007] [U] [ 174.578143][ T7007] [U] [ 174.580895][ T7007] [U] [ 174.597570][ T7007] [U] [ 174.600380][ T7007] [U] [ 174.603158][ T7007] [U] [ 174.605931][ T7007] [U] [ 174.616604][ T7007] [U] [ 174.619429][ T7007] [U] [ 174.622193][ T7007] [U] [ 174.624966][ T7007] [U] [ 174.629338][ T7007] [U] [ 174.632118][ T7007] [U] [ 174.634870][ T7007] [U] [ 174.637631][ T7007] [U] [ 174.640734][ T7007] [U] [ 174.643521][ T7007] [U] [ 174.646274][ T7007] [U] [ 174.649029][ T7007] [U] [ 174.654976][ T7007] [U] [ 174.657741][ T7007] [U] [ 174.660489][ T7007] [U] [ 174.663250][ T7007] [U] [ 174.676611][ T7007] [U] [ 174.679476][ T7007] [U] [ 174.682243][ T7007] [U] [ 174.685005][ T7007] [U] [ 174.702650][ T7004] [U] [ 176.431228][ T7047] ICMPv6: process `syz.0.198' is using deprecated sysctl (syscall) net.ipv6.neigh.macsec0.base_reachable_time - use net.ipv6.neigh.macsec0.base_reachable_time_ms instead [ 177.297560][ T5858] Bluetooth: hci2: Unable to find connection for big 0xd2 [ 178.518317][ T7090] netlink: 16 bytes leftover after parsing attributes in process `syz.2.207'. [ 178.560153][ T7090] netlink: 330 bytes leftover after parsing attributes in process `syz.2.207'. [ 179.192296][ T7101] FAULT_INJECTION: forcing a failure. [ 179.192296][ T7101] name failslab, interval 1, probability 0, space 0, times 0 [ 179.208630][ T7101] CPU: 0 UID: 0 PID: 7101 Comm: syz.2.210 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 179.208678][ T7101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 179.208697][ T7101] Call Trace: [ 179.208708][ T7101] [ 179.208720][ T7101] dump_stack_lvl+0x16c/0x1f0 [ 179.208774][ T7101] should_fail_ex+0x512/0x640 [ 179.208810][ T7101] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 179.208872][ T7101] should_failslab+0xc2/0x120 [ 179.208903][ T7101] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 179.208957][ T7101] ? mark_held_locks+0x49/0x80 [ 179.209008][ T7101] ? kstrdup_const+0x63/0x80 [ 179.209045][ T7101] kstrdup+0x53/0x100 [ 179.209079][ T7101] kstrdup_const+0x63/0x80 [ 179.209110][ T7101] kvasprintf_const+0x10f/0x1a0 [ 179.209165][ T7101] kobject_set_name_vargs+0x5a/0x140 [ 179.209200][ T7101] dev_set_name+0xc7/0x100 [ 179.209239][ T7101] ? __pfx_dev_set_name+0x10/0x10 [ 179.209284][ T7101] ? lockdep_init_map_type+0x5c/0x280 [ 179.209316][ T7101] ? __init_waitqueue_head+0xca/0x150 [ 179.209366][ T7101] netdev_register_kobject+0xc5/0x3a0 [ 179.209423][ T7101] register_netdevice+0x13dc/0x2270 [ 179.209485][ T7101] ? __pfx_register_netdevice+0x10/0x10 [ 179.209536][ T7101] ? alloc_netdev_mqs+0xe7e/0x1570 [ 179.209585][ T7101] ? __pfx_loopback_net_init+0x10/0x10 [ 179.209619][ T7101] register_netdev+0x34/0x50 [ 179.209665][ T7101] loopback_net_init+0x7a/0x170 [ 179.209698][ T7101] ? __pfx_loopback_net_init+0x10/0x10 [ 179.209727][ T7101] ops_init+0x1df/0x5f0 [ 179.209778][ T7101] setup_net+0x21e/0x850 [ 179.209829][ T7101] ? __pfx_setup_net+0x10/0x10 [ 179.209871][ T7101] ? lockdep_init_map_type+0x5c/0x280 [ 179.209903][ T7101] ? __pfx_down_read_killable+0x10/0x10 [ 179.209941][ T7101] ? debug_mutex_init+0x37/0x70 [ 179.209988][ T7101] copy_net_ns+0x2a6/0x5f0 [ 179.210043][ T7101] create_new_namespaces+0x3ea/0xad0 [ 179.210100][ T7101] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 179.210161][ T7101] ksys_unshare+0x45b/0xa40 [ 179.210213][ T7101] ? __pfx_ksys_unshare+0x10/0x10 [ 179.210262][ T7101] ? xfd_validate_state+0x5d/0x180 [ 179.210301][ T7101] ? rcu_is_watching+0x12/0xc0 [ 179.210353][ T7101] __x64_sys_unshare+0x31/0x40 [ 179.210403][ T7101] do_syscall_64+0xcd/0x260 [ 179.210455][ T7101] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.210488][ T7101] RIP: 0033:0x7fa10cd8d169 [ 179.210515][ T7101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 179.210545][ T7101] RSP: 002b:00007fa10dc52038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 179.210574][ T7101] RAX: ffffffffffffffda RBX: 00007fa10cfa5fa0 RCX: 00007fa10cd8d169 [ 179.210594][ T7101] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 179.210612][ T7101] RBP: 00007fa10ce0e990 R08: 0000000000000000 R09: 0000000000000000 [ 179.210631][ T7101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 179.210649][ T7101] R13: 0000000000000000 R14: 00007fa10cfa5fa0 R15: 00007ffd54881a58 [ 179.210690][ T7101] [ 179.522052][ T7095] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 179.531650][ T7095] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 179.537887][ T7095] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 179.554864][ T7095] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 179.779845][ T7108] vivid-007: ================= START STATUS ================= [ 179.788717][ T7108] vivid-007: Enable Output Cropping: true [ 179.798073][ T7108] vivid-007: Enable Output Composing: true [ 179.810584][ T7108] vivid-007: Enable Output Scaler: true [ 179.817670][ T7108] vivid-007: Tx RGB Quantization Range: Automatic [ 179.824309][ T7108] vivid-007: Transmit Mode: HDMI [ 179.829327][ T7108] vivid-007: Hotplug Present: 0x00000000 [ 179.836116][ T7108] vivid-007: RxSense Present: 0x00000000 [ 179.841935][ T7108] vivid-007: EDID Present: 0x00000000 [ 179.847464][ T7108] vivid-007: ================== END STATUS ================== [ 180.841364][ T5858] Bluetooth: hci0: command 0x0c1a tx timeout [ 181.019348][ T7129] random: crng reseeded on system resumption [ 181.561831][ T5858] Bluetooth: hci2: command 0x0c1a tx timeout [ 181.568019][ T5858] Bluetooth: hci1: command 0x0c1a tx timeout [ 181.642070][ T5858] Bluetooth: hci3: command 0x0c1a tx timeout [ 182.784668][ T5858] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 186.147650][ T7206] Invalid ELF header magic: != ELF [ 188.132238][ T7231] tipc: Enabling of bearer rejected, media not registered [ 188.414949][ T7237] netlink: 338 bytes leftover after parsing attributes in process `syz.1.237'. [ 188.428837][ T7242] netlink: 28 bytes leftover after parsing attributes in process `syz.2.239'. [ 188.568677][ T7242] bond0: (slave bond_slave_1): Releasing backup interface [ 188.617418][ T7237] macsec0: entered allmulticast mode [ 188.617463][ T7237] veth1_macvtap: entered allmulticast mode [ 188.845982][ T7251] netlink: 350 bytes leftover after parsing attributes in process `syz.2.241'. [ 188.846188][ T7251] netlink: 350 bytes leftover after parsing attributes in process `syz.2.241'. [ 188.846377][ T7251] netlink: 350 bytes leftover after parsing attributes in process `syz.2.241'. [ 188.846566][ T7251] netlink: 350 bytes leftover after parsing attributes in process `syz.2.241'. [ 188.846781][ T7251] netlink: 350 bytes leftover after parsing attributes in process `syz.2.241'. [ 188.846974][ T7251] netlink: 350 bytes leftover after parsing attributes in process `syz.2.241'. [ 188.847166][ T7251] netlink: 350 bytes leftover after parsing attributes in process `syz.2.241'. [ 188.847358][ T7251] netlink: 350 bytes leftover after parsing attributes in process `syz.2.241'. [ 190.526840][ T5852] Bluetooth: hci0: Unable to find connection for big 0xd2 [ 191.502617][ T7294] tipc: Enabling of bearer rejected, media not registered [ 191.932327][ T7294] macsec0: entered allmulticast mode [ 191.937730][ T7294] veth1_macvtap: entered allmulticast mode [ 192.092645][ T7308] could not allocate digest TFM handle [ 194.308273][ T7348] tipc: Enabling of bearer rejected, media not registered [ 194.698850][ T7367] __nla_validate_parse: 17 callbacks suppressed [ 194.698876][ T7367] netlink: 338 bytes leftover after parsing attributes in process `syz.0.265'. [ 194.698915][ T7367] macsec0: entered allmulticast mode [ 194.698937][ T7367] veth1_macvtap: entered allmulticast mode [ 195.149513][ T7374] netlink: 330 bytes leftover after parsing attributes in process `syz.3.272'. [ 196.745676][ T5858] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5 [ 199.378440][ T7454] could not allocate digest TFM handle [ 199.565080][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.572625][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.586463][ T7459] netlink: 330 bytes leftover after parsing attributes in process `syz.1.289'. [ 199.757604][ T7468] Unable to find swap-space signature [ 201.415608][ T30] audit: type=1800 audit(6039474229.267:3): pid=7493 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.296" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0 [ 202.587744][ T7533] netlink: 330 bytes leftover after parsing attributes in process `syz.0.303'. [ 202.697520][ T7535] ima: policy update failed [ 202.708290][ T30] audit: type=1802 audit(6039474230.567:4): pid=7535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="" res=0 errno=0 [ 202.818106][ T7537] could not allocate digest TFM handle [ 202.943304][ T7547] sctp: [Deprecated]: syz.1.307 (pid 7547) Use of int in maxseg socket option. [ 202.943304][ T7547] Use struct sctp_assoc_value instead [ 203.783128][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 203.791036][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 204.244752][ T7573] vivid-003: ================= START STATUS ================= [ 204.262329][ T7573] vivid-003: Radio HW Seek Mode: Bounded [ 204.279165][ T7573] vivid-003: Radio Programmable HW Seek: false [ 204.289277][ T7573] vivid-003: RDS Rx I/O Mode: Block I/O [ 204.299718][ T7573] vivid-003: Generate RBDS Instead of RDS: false [ 204.312691][ T7573] vivid-003: RDS Reception: true [ 204.327861][ T7573] vivid-003: RDS Program Type: 0 inactive [ 204.341054][ T7573] vivid-003: RDS PS Name: inactive [ 204.346378][ T7573] vivid-003: RDS Radio Text: inactive [ 204.361553][ T7573] vivid-003: RDS Traffic Announcement: false inactive [ 204.368460][ T7573] vivid-003: RDS Traffic Program: false inactive [ 204.401052][ T7573] vivid-003: RDS Music: false inactive [ 204.431030][ T7573] vivid-003: ================== END STATUS ================== [ 205.268362][ T7537] Process accounting resumed [ 206.658218][ T5858] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5 [ 208.054874][ T7640] Invalid ELF header magic: != ELF [ 210.925782][ T7705] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 213.715491][ T7805] cgroup: fork rejected by pids controller in /syz3 [ 216.041900][ T7801] Invalid ELF header magic: != ELF [ 220.502129][ T7924] netlink: 20 bytes leftover after parsing attributes in process `syz.0.363'. [ 223.094630][ T7961] ubi0: attaching mtd0 [ 223.111639][ T7961] ubi0: scanning is finished [ 223.116351][ T7961] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 223.314520][ T7961] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 224.153061][ T7961] Invalid ELF header magic: != ELF [ 224.701362][ T7974] vivid-003: ================= START STATUS ================= [ 224.709502][ T7974] vivid-003: Radio HW Seek Mode: Bounded [ 224.715770][ T7974] vivid-003: Radio Programmable HW Seek: false [ 224.722468][ T7974] vivid-003: RDS Rx I/O Mode: Block I/O [ 224.728096][ T7974] vivid-003: Generate RBDS Instead of RDS: false [ 224.752550][ T7977] FAULT_INJECTION: forcing a failure. [ 224.752550][ T7977] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 224.759693][ T7974] vivid-003: RDS Reception: [ 224.770894][ T7977] CPU: 1 UID: 0 PID: 7977 Comm: syz.2.379 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 224.770940][ T7977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 224.770957][ T7977] Call Trace: [ 224.770966][ T7977] [ 224.770976][ T7977] dump_stack_lvl+0x16c/0x1f0 [ 224.771025][ T7977] should_fail_ex+0x512/0x640 [ 224.771084][ T7977] _copy_from_user+0x2e/0xd0 [ 224.771125][ T7977] vcs_write+0x2e7/0xdb0 [ 224.771185][ T7977] ? __pfx_vcs_write+0x10/0x10 [ 224.771226][ T7977] ? apparmor_file_permission+0x251/0x400 [ 224.771263][ T7977] ? bpf_lsm_file_permission+0x9/0x10 [ 224.771303][ T7977] ? security_file_permission+0x71/0x210 [ 224.771357][ T7977] ? rw_verify_area+0xcf/0x680 [ 224.771399][ T7977] vfs_write+0x25c/0x1180 [ 224.771438][ T7977] ? __pfx_vcs_write+0x10/0x10 [ 224.771483][ T7977] ? __pfx_vfs_write+0x10/0x10 [ 224.771521][ T7977] ? find_held_lock+0x2b/0x80 [ 224.771561][ T7977] ? __fget_files+0x204/0x3c0 [ 224.771611][ T7977] ? __fget_files+0x20e/0x3c0 [ 224.771651][ T7977] ? __fget_files+0x120/0x3c0 [ 224.771705][ T7977] __x64_sys_pwrite64+0x1f4/0x250 [ 224.771752][ T7977] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 224.771814][ T7977] ? rcu_is_watching+0x12/0xc0 [ 224.771872][ T7977] do_syscall_64+0xcd/0x260 [ 224.771922][ T7977] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 224.771953][ T7977] RIP: 0033:0x7fa10cd8d169 [ 224.771977][ T7977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 224.772006][ T7977] RSP: 002b:00007fa10dc52038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012 [ 224.772035][ T7977] RAX: ffffffffffffffda RBX: 00007fa10cfa5fa0 RCX: 00007fa10cd8d169 [ 224.772055][ T7977] RDX: 0000000000007b05 RSI: 0000200000000040 RDI: 0000000000000003 [ 224.772074][ T7977] RBP: 00007fa10dc52090 R08: 0000000000000000 R09: 0000000000000000 [ 224.772094][ T7977] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001 [ 224.772112][ T7977] R13: 0000000000000000 R14: 00007fa10cfa5fa0 R15: 00007ffd54881a58 [ 224.772160][ T7977] [ 224.798091][ T7974] true [ 225.013449][ T7974] vivid-003: RDS Program Type: 0 inactive [ 225.019404][ T7974] vivid-003: RDS PS Name: inactive [ 225.029995][ T7974] vivid-003: RDS Radio Text: inactive [ 225.036876][ T7974] vivid-003: RDS Traffic Announcement: false inactive [ 225.261019][ T7974] vivid-003: RDS Traffic Program: false inactive [ 225.267448][ T7974] vivid-003: RDS Music: false inactive [ 225.332444][ T7974] vivid-003: ================== END STATUS ================== [ 225.584982][ T7987] netlink: 4 bytes leftover after parsing attributes in process `syz.2.381'. [ 227.830739][ T8020] FAULT_INJECTION: forcing a failure. [ 227.830739][ T8020] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 227.873146][ T8020] CPU: 1 UID: 0 PID: 8020 Comm: syz.0.388 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 227.873189][ T8020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 227.873207][ T8020] Call Trace: [ 227.873218][ T8020] [ 227.873229][ T8020] dump_stack_lvl+0x16c/0x1f0 [ 227.873281][ T8020] should_fail_ex+0x512/0x640 [ 227.873323][ T8020] _copy_to_user+0x32/0xd0 [ 227.873366][ T8020] simple_read_from_buffer+0xcb/0x170 [ 227.873413][ T8020] proc_fail_nth_read+0x197/0x270 [ 227.873457][ T8020] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 227.873503][ T8020] ? rw_verify_area+0xcf/0x680 [ 227.873539][ T8020] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 227.873584][ T8020] vfs_read+0x1de/0xc70 [ 227.873631][ T8020] ? __pfx___mutex_lock+0x10/0x10 [ 227.873677][ T8020] ? __pfx_vfs_read+0x10/0x10 [ 227.873731][ T8020] ? __fget_files+0x20e/0x3c0 [ 227.873788][ T8020] ksys_read+0x12a/0x240 [ 227.873831][ T8020] ? __pfx_ksys_read+0x10/0x10 [ 227.873878][ T8020] ? rcu_is_watching+0x12/0xc0 [ 227.873929][ T8020] do_syscall_64+0xcd/0x260 [ 227.873985][ T8020] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.874017][ T8020] RIP: 0033:0x7f6fb7b8bb7c [ 227.874054][ T8020] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 227.874082][ T8020] RSP: 002b:00007f6fb8a0e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 227.874110][ T8020] RAX: ffffffffffffffda RBX: 00007f6fb7da5fa0 RCX: 00007f6fb7b8bb7c [ 227.874129][ T8020] RDX: 000000000000000f RSI: 00007f6fb8a0e0a0 RDI: 0000000000000004 [ 227.874147][ T8020] RBP: 00007f6fb8a0e090 R08: 0000000000000000 R09: 0000000000000000 [ 227.874166][ T8020] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001 [ 227.874183][ T8020] R13: 0000000000000000 R14: 00007f6fb7da5fa0 R15: 00007fffdabfa808 [ 227.874223][ T8020] [ 229.516762][ T8046] vivid-003: ================= START STATUS ================= [ 229.519522][ T8047] [U] [ 229.527221][ T8047] [U] [ 229.529970][ T8047] [U] [ 229.532726][ T8047] [U] [ 229.541318][ T8046] vivid-003: Radio HW Seek Mode: Bounded [ 229.544280][ T8045] netlink: 'syz.0.403': attribute type 10 has an invalid length. [ 229.555048][ T8045] netlink: 230 bytes leftover after parsing attributes in process `syz.0.403'. [ 229.564406][ T8046] vivid-003: Radio Programmable HW Seek: false [ 229.564865][ T8047] [U] [ 229.573368][ T8047] [U] [ 229.576116][ T8047] [U] [ 229.578873][ T8047] [U] [ 229.591921][ T8046] vivid-003: RDS Rx I/O Mode: Block I/O [ 229.609256][ T8045] team_slave_1: left promiscuous mode [ 229.612477][ T8046] vivid-003: Generate RBDS Instead of RDS: false [ 229.625356][ T8045] team_slave_1: left allmulticast mode [ 229.632739][ T8047] [U] [ 229.635506][ T8047] [U] [ 229.638430][ T8047] [U] [ 229.640291][ T8046] vivid-003: RDS Reception: [ 229.641159][ T8047] [U] [ 229.658421][ T8047] [U] [ 229.661091][ T8046] true [ 229.661189][ T8047] [U] [ 229.666714][ T8047] [U] [ 229.668321][ T8046] vivid-003: RDS Program Type: 0 inactive [ 229.669440][ T8047] [U] [ 229.698794][ T8046] [ 229.701483][ T8047] [U] [ 229.701914][ T8046] vivid-003: RDS PS Name: inactive [ 229.704226][ T8047] [U] [ 229.704286][ T8047] [U] [ 229.714901][ T8047] [U] [ 229.731014][ T8046] [ 229.733446][ T8046] vivid-003: RDS Radio Text: inactive [ 229.738995][ T8046] vivid-003: RDS Traffic Announcement: false inactive [ 229.812794][ T8047] [U] [ 229.815586][ T8047] [U] [ 229.818326][ T8047] [U] [ 229.819836][ T8046] vivid-003: RDS Traffic Program: [ 229.821043][ T8047] [U] [ 229.821572][ T8047] [U] [ 229.826170][ T8046] false [ 229.828889][ T8047] [U] [ 229.837082][ T8047] [U] [ 229.839831][ T8047] [U] [ 229.840723][ T8045] team0: Port device team_slave_1 removed [ 229.855035][ T8047] [U] [ 229.857857][ T8047] [U] [ 229.860604][ T8047] [U] [ 229.863356][ T8047] [U] [ 229.876470][ T8046] inactive [ 229.879668][ T8046] vivid-003: RDS Music: false inactive [ 229.899641][ T7852] bridge0: port 3(team0) entered disabled state [ 229.917056][ T8046] vivid-003: ================== END STATUS ================== [ 229.979644][ T8047] [U] [ 229.982461][ T8047] [U] [ 229.985232][ T8047] [U] [ 229.987985][ T8047] [U] [ 230.035962][ T8047] [U] [ 230.038769][ T8047] [U] [ 230.041531][ T8047] [U] [ 230.044282][ T8047] [U] [ 230.121542][ T8047] [U] [ 230.124344][ T8047] [U] [ 230.127090][ T8047] [U] [ 230.129834][ T8047] [U] [ 230.171577][ T8047] [U] [ 230.174381][ T8047] [U] [ 230.177133][ T8047] [U] [ 230.179888][ T8047] [U] [ 230.201606][ T8047] [U] [ 230.204407][ T8047] [U] [ 230.207174][ T8047] [U] [ 230.209905][ T8047] [U] [ 230.241288][ T8047] [U] [ 230.244089][ T8047] [U] [ 230.246840][ T8047] [U] [ 230.249590][ T8047] [U] [ 230.262968][ T8047] [U] [ 230.265761][ T8047] [U] [ 230.268515][ T8047] [U] [ 230.271259][ T8047] [U] [ 230.341096][ T8047] [U] [ 232.564866][ T8081] capability: warning: `syz.1.402' uses 32-bit capabilities (legacy support in use) [ 232.807856][ T8081] netlink: 32 bytes leftover after parsing attributes in process `syz.1.402'. [ 234.499429][ T8111] dlm: plock device version mismatch: kernel (1.2.0), user (1489226698.240317300.1121487582) [ 234.977627][ T8121] netlink: 28 bytes leftover after parsing attributes in process `syz.3.413'. [ 235.169027][ T8125] can: request_module (can-proto-0) failed. [ 235.591127][ T8126] Process accounting paused [ 235.773737][ T8135] netlink: 'syz.3.416': attribute type 1 has an invalid length. [ 236.175162][ T30] audit: type=1800 audit(6039474264.037:5): pid=8143 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.416" name="discovery_nqn" dev="configfs" ino=18512 res=0 errno=0 [ 236.615054][ T8153] netlink: 206 bytes leftover after parsing attributes in process `syz.2.422'. [ 237.683988][ T8171] usb usb34: usbfs: process 8171 (syz.2.427) did not claim interface 0 before use [ 238.175462][ T8187] FAULT_INJECTION: forcing a failure. [ 238.175462][ T8187] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 238.385061][ T8187] CPU: 0 UID: 0 PID: 8187 Comm: syz.3.430 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 238.385106][ T8187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 238.385124][ T8187] Call Trace: [ 238.385142][ T8187] [ 238.385155][ T8187] dump_stack_lvl+0x16c/0x1f0 [ 238.385208][ T8187] should_fail_ex+0x512/0x640 [ 238.385251][ T8187] should_fail_alloc_page+0xe7/0x130 [ 238.385286][ T8187] prepare_alloc_pages+0x3c2/0x610 [ 238.385332][ T8187] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 238.385384][ T8187] ? __kernel_text_address+0xd/0x40 [ 238.385422][ T8187] ? unwind_get_return_address+0x59/0xa0 [ 238.385465][ T8187] ? arch_stack_walk+0xa6/0x100 [ 238.385521][ T8187] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 238.385572][ T8187] ? stack_trace_save+0x8e/0xc0 [ 238.385615][ T8187] ? __pfx_stack_trace_save+0x10/0x10 [ 238.385658][ T8187] ? stack_depot_save_flags+0x28/0xa50 [ 238.385706][ T8187] ? kasan_save_stack+0x42/0x60 [ 238.385751][ T8187] ? kasan_save_stack+0x33/0x60 [ 238.385795][ T8187] ? kasan_save_track+0x14/0x30 [ 238.385838][ T8187] ? __kasan_slab_alloc+0x89/0x90 [ 238.385885][ T8187] ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0 [ 238.385935][ T8187] ? alloc_vmap_area+0x613/0x2970 [ 238.385967][ T8187] ? __get_vm_area_node+0x1a7/0x300 [ 238.386003][ T8187] ? __vmalloc_node_range_noprof+0x277/0x1540 [ 238.386044][ T8187] ? __kvmalloc_node_noprof+0x2ff/0x600 [ 238.386092][ T8187] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 238.386130][ T8187] ? policy_nodemask+0xea/0x4e0 [ 238.386198][ T8187] alloc_pages_mpol+0x1fb/0x550 [ 238.386230][ T8187] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 238.386272][ T8187] alloc_pages_noprof+0x131/0x390 [ 238.386304][ T8187] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 238.386349][ T8187] get_free_pages_noprof+0xc/0x40 [ 238.386381][ T8187] kasan_populate_vmalloc_pte+0x2d/0x160 [ 238.386427][ T8187] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 238.386472][ T8187] __apply_to_page_range+0x5f9/0xd30 [ 238.386516][ T8187] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 238.386569][ T8187] ? __pfx___apply_to_page_range+0x10/0x10 [ 238.386612][ T8187] ? alloc_vmap_area+0x872/0x2970 [ 238.386656][ T8187] alloc_vmap_area+0x919/0x2970 [ 238.386710][ T8187] ? __pfx_alloc_vmap_area+0x10/0x10 [ 238.386758][ T8187] __get_vm_area_node+0x1a7/0x300 [ 238.386805][ T8187] __vmalloc_node_range_noprof+0x277/0x1540 [ 238.386850][ T8187] ? __do_sys_listmount+0x1c2/0xed0 [ 238.386907][ T8187] ? __do_sys_listmount+0x1c2/0xed0 [ 238.386959][ T8187] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 238.387020][ T8187] __kvmalloc_node_noprof+0x2ff/0x600 [ 238.387067][ T8187] ? __do_sys_listmount+0x1c2/0xed0 [ 238.387111][ T8187] ? __do_sys_listmount+0x1c2/0xed0 [ 238.387168][ T8187] ? __do_sys_listmount+0x1c2/0xed0 [ 238.387209][ T8187] __do_sys_listmount+0x1c2/0xed0 [ 238.387260][ T8187] ? __x64_sys_futex+0x1e0/0x4c0 [ 238.387305][ T8187] ? __x64_sys_futex+0x1e9/0x4c0 [ 238.387351][ T8187] ? __pfx___do_sys_listmount+0x10/0x10 [ 238.387394][ T8187] ? xfd_validate_state+0x5d/0x180 [ 238.387447][ T8187] do_syscall_64+0xcd/0x260 [ 238.387499][ T8187] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.387532][ T8187] RIP: 0033:0x7f8908b8d169 [ 238.387557][ T8187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 238.387588][ T8187] RSP: 002b:00007f89099ca038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 238.387617][ T8187] RAX: ffffffffffffffda RBX: 00007f8908da6160 RCX: 00007f8908b8d169 [ 238.387638][ T8187] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 238.387658][ T8187] RBP: 00007f8908c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 238.387678][ T8187] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 238.387696][ T8187] R13: 0000000000000000 R14: 00007f8908da6160 R15: 00007ffd28060cd8 [ 238.387754][ T8187] [ 238.774865][ T8187] syz.3.430: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 238.790608][ T8187] CPU: 0 UID: 0 PID: 8187 Comm: syz.3.430 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 238.790651][ T8187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 238.790669][ T8187] Call Trace: [ 238.790680][ T8187] [ 238.790692][ T8187] dump_stack_lvl+0x16c/0x1f0 [ 238.790744][ T8187] warn_alloc+0x248/0x3a0 [ 238.790796][ T8187] ? __pfx_warn_alloc+0x10/0x10 [ 238.790847][ T8187] ? kfree+0x2b6/0x4d0 [ 238.790898][ T8187] ? __get_vm_area_node+0x1e5/0x300 [ 238.790952][ T8187] __vmalloc_node_range_noprof+0xd31/0x1540 [ 238.791008][ T8187] ? __do_sys_listmount+0x1c2/0xed0 [ 238.791060][ T8187] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 238.791122][ T8187] __kvmalloc_node_noprof+0x2ff/0x600 [ 238.791176][ T8187] ? __do_sys_listmount+0x1c2/0xed0 [ 238.791221][ T8187] ? __do_sys_listmount+0x1c2/0xed0 [ 238.791273][ T8187] ? __do_sys_listmount+0x1c2/0xed0 [ 238.791314][ T8187] __do_sys_listmount+0x1c2/0xed0 [ 238.791365][ T8187] ? __x64_sys_futex+0x1e0/0x4c0 [ 238.791409][ T8187] ? __x64_sys_futex+0x1e9/0x4c0 [ 238.791456][ T8187] ? __pfx___do_sys_listmount+0x10/0x10 [ 238.791498][ T8187] ? xfd_validate_state+0x5d/0x180 [ 238.791551][ T8187] do_syscall_64+0xcd/0x260 [ 238.791602][ T8187] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.791635][ T8187] RIP: 0033:0x7f8908b8d169 [ 238.791660][ T8187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 238.791690][ T8187] RSP: 002b:00007f89099ca038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 238.791719][ T8187] RAX: ffffffffffffffda RBX: 00007f8908da6160 RCX: 00007f8908b8d169 [ 238.791741][ T8187] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 238.791760][ T8187] RBP: 00007f8908c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 238.791779][ T8187] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 238.791797][ T8187] R13: 0000000000000000 R14: 00007f8908da6160 R15: 00007ffd28060cd8 [ 238.791837][ T8187] [ 238.994042][ T8187] Mem-Info: [ 238.997214][ T8187] active_anon:41114 inactive_anon:7020 isolated_anon:0 [ 238.997214][ T8187] active_file:4391 inactive_file:49969 isolated_file:0 [ 238.997214][ T8187] unevictable:768 dirty:287 writeback:0 [ 238.997214][ T8187] slab_reclaimable:11046 slab_unreclaimable:130196 [ 238.997214][ T8187] mapped:28094 shmem:36637 pagetables:937 [ 238.997214][ T8187] sec_pagetables:0 bounce:0 [ 238.997214][ T8187] kernel_misc_reclaimable:0 [ 238.997214][ T8187] free:1252619 free_pcp:6374 free_cma:0 [ 239.042918][ T8187] Node 0 active_anon:140636kB inactive_anon:22960kB active_file:17564kB inactive_file:199868kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:112308kB dirty:1156kB writeback:0kB shmem:111328kB shmem_thp:10240kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:13764kB pagetables:3748kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 239.078597][ T8187] Node 1 active_anon:18920kB inactive_anon:5120kB active_file:0kB inactive_file:8kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:30340kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 239.111167][ T8187] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 239.111255][ T8187] lowmem_reserve[]: 0 2482 2483 2483 2483 [ 239.111316][ T8187] Node 0 DMA32 free:1149916kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:136492kB inactive_anon:22960kB active_file:17564kB inactive_file:198304kB unevictable:1536kB writepending:1156kB present:3129332kB managed:2541672kB mlocked:0kB bounce:0kB free_pcp:3412kB local_pcp:1664kB free_cma:0kB [ 239.111403][ T8187] lowmem_reserve[]: 0 0 1 1 1 [ 239.111462][ T8187] Node 0 Normal free:20kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1564kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 239.111547][ T8187] lowmem_reserve[]: 0 0 0 0 0 [ 239.111608][ T8187] Node 1 Normal free:3870300kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:18920kB inactive_anon:5120kB active_file:0kB inactive_file:8kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:6052kB local_pcp:0kB free_cma:0kB [ 239.111699][ T8187] lowmem_reserve[]: 0 0 0 0 0 [ 239.111760][ T8187] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 239.111959][ T8187] Node 0 DMA32: 7749*4kB (UME) 2233*8kB (UME) 892*16kB (UME) 883*32kB (UME) 670*64kB (UME) 266*128kB (UME) 128*256kB (UME) 35*512kB (UME) 5*1024kB (M) 4*2048kB (UME) 224*4096kB (M) = 1149820kB [ 239.112241][ T8187] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 239.112432][ T8187] Node 1 Normal: 154*4kB (UM) 39*8kB (UME) 55*16kB (UME) 208*32kB (UME) 114*64kB (UME) 38*128kB (UME) 22*256kB (UM) 14*512kB (UME) 3*1024kB (UME) 4*2048kB (UME) 934*4096kB (M) = 3870352kB [ 239.112715][ T8187] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 239.112743][ T8187] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 239.112769][ T8187] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 239.112794][ T8187] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 239.112819][ T8187] 88841 total pagecache pages [ 239.112831][ T8187] 89 pages in swap cache [ 239.112842][ T8187] Free swap = 124384kB [ 239.112853][ T8187] Total swap = 124996kB [ 239.112865][ T8187] 2097051 pages RAM [ 239.112875][ T8187] 0 pages HighMem/MovableOnly [ 239.112885][ T8187] 429591 pages reserved [ 239.112895][ T8187] 0 pages cma reserved [ 239.140396][ C1] vkms_vblank_simulate: vblank timer overrun [ 239.246567][ C1] vkms_vblank_simulate: vblank timer overrun [ 241.688164][ T8227] Invalid ELF header magic: != ELF [ 244.171062][ T5858] Bluetooth: hci2: ACL packet too small [ 244.198982][ T5858] Bluetooth: hci2: ACL packet too small [ 245.827943][ T8327] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 246.455713][ T5858] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 246.455758][ T5858] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 246.471214][ T5858] Bluetooth: hci0: adv larger than maximum supported [ 246.471249][ T5858] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 246.478180][ T5858] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 246.485346][ T5858] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 246.492453][ T5858] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 246.499530][ T5858] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 246.507265][ T5858] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 246.780112][ T8346] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 247.113710][ T8331] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 249.194741][ T8394] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input9 [ 249.239288][ T8400] FAULT_INJECTION: forcing a failure. [ 249.239288][ T8400] name failslab, interval 1, probability 0, space 0, times 0 [ 249.256382][ T8400] CPU: 1 UID: 0 PID: 8400 Comm: syz.1.478 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 249.256423][ T8400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 249.256442][ T8400] Call Trace: [ 249.256450][ T8400] [ 249.256462][ T8400] dump_stack_lvl+0x16c/0x1f0 [ 249.256500][ T8400] should_fail_ex+0x512/0x640 [ 249.256525][ T8400] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 249.256558][ T8400] should_failslab+0xc2/0x120 [ 249.256579][ T8400] __kmalloc_cache_noprof+0x6a/0x3e0 [ 249.256610][ T8400] ? acct_on+0x57/0x870 [ 249.256634][ T8400] acct_on+0x57/0x870 [ 249.256655][ T8400] __x64_sys_acct+0xaf/0x230 [ 249.256674][ T8400] ? lockdep_hardirqs_on+0x7c/0x110 [ 249.256705][ T8400] do_syscall_64+0xcd/0x260 [ 249.256740][ T8400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.256763][ T8400] RIP: 0033:0x7ff52fd8d169 [ 249.256780][ T8400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 249.256800][ T8400] RSP: 002b:00007ff52dbf6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 249.256821][ T8400] RAX: ffffffffffffffda RBX: 00007ff52ffa5fa0 RCX: 00007ff52fd8d169 [ 249.256836][ T8400] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 249.256850][ T8400] RBP: 00007ff52fe0e990 R08: 0000000000000000 R09: 0000000000000000 [ 249.256863][ T8400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 249.256876][ T8400] R13: 0000000000000000 R14: 00007ff52ffa5fa0 R15: 00007ffdd814a488 [ 249.256904][ T8400] [ 250.882976][ T8425] openvswitch: netlink: IP tunnel dst address not specified [ 250.946477][ T8427] syz.3.486: vmalloc error: size 1863680, failed to allocate pages, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 251.005033][ T8427] CPU: 0 UID: 0 PID: 8427 Comm: syz.3.486 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 251.005076][ T8427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 251.005094][ T8427] Call Trace: [ 251.005104][ T8427] [ 251.005115][ T8427] dump_stack_lvl+0x16c/0x1f0 [ 251.005167][ T8427] warn_alloc+0x248/0x3a0 [ 251.005217][ T8427] ? __pfx_warn_alloc+0x10/0x10 [ 251.005269][ T8427] ? alloc_pages_mpol+0x25a/0x550 [ 251.005302][ T8427] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 251.005334][ T8427] ? trace_kmalloc+0x2b/0xd0 [ 251.005391][ T8427] __vmalloc_node_range_noprof+0x12d2/0x1540                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  [ 265.716645][ T8698] Process accounting resumed [ 266.547232][ T8711] random: crng reseeded on system resumption [ 268.297464][ T8763] netlink: 4 bytes leftover after parsing attributes in process `syz.2.559'. [ 270.119464][ T8810] netlink: 4 bytes leftover after parsing attributes in process `syz.2.569'. [ 271.181020][ T8831] could not allocate digest TFM handle [ 272.832961][ T8869] netlink: 326 bytes leftover after parsing attributes in process `syz.1.581'. [ 273.605803][ T8888] netlink: 28 bytes leftover after parsing attributes in process `syz.3.586'. [ 273.666181][ T8888] veth0_macvtap: left promiscuous mode [ 274.124120][ T8897] netlink: 28 bytes leftover after parsing attributes in process `syz.2.590'. [ 274.311281][ T8897] hsr_slave_1 (unregistering): left promiscuous mode [ 277.434963][ T8575] syz.0.518 (8575) used greatest stack depth: 21016 bytes left [ 277.790534][ T8955] netlink: 28 bytes leftover after parsing attributes in process `syz.3.598'. [ 277.824270][ T5858] Bluetooth: hci2: Unable to find connection for big 0xd2 [ 278.114047][ T8955] bond0: (slave bond_slave_1): Releasing backup interface [ 279.301986][ T9001] netlink: 4 bytes leftover after parsing attributes in process `syz.0.612'. [ 279.332389][ T9001] netlink: 25 bytes leftover after parsing attributes in process `syz.0.612'. [ 279.850894][ T9008] can: request_module (can-proto-0) failed. [ 284.397355][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 284.415117][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 286.531013][ T9111] netlink: 8 bytes leftover after parsing attributes in process `syz.2.636'. [ 286.915958][ T9118] netlink: 93 bytes leftover after parsing attributes in process `syz.0.638'. [ 287.383930][ T4505] [drm:drm_crtc_add_crc_entry] *ERROR* Overflow of CRC buffer, userspace reads too slow. [ 290.928706][ T9182] vivid-007: ================= START STATUS ================= [ 290.986231][ T9182] vivid-007: Generate PTS: true [ 291.024561][ T9182] vivid-007: Generate SCR: true [ 291.030012][ T9182] tpg source WxH: 640x360 (Y'CbCr) [ 291.107995][ T9182] tpg field: 1 [ 291.161329][ T9182] tpg crop: (0,0)/640x360 [ 291.212578][ T9182] tpg compose: (0,0)/640x360 [ 291.218903][ T9182] tpg colorspace: 8 [ 291.245934][ T9188] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input12 [ 291.286672][ T9182] tpg transfer function: 0/0 [ 291.351041][ T9182] tpg Y'CbCr encoding: 0/0 [ 291.382863][ T9182] tpg quantization: 0/0 [ 291.387589][ T9182] tpg RGB range: 0/2 [ 291.462285][ T9182] vivid-007: ================== END STATUS ================== [ 292.173169][ T9203] netlink: 93 bytes leftover after parsing attributes in process `syz.2.653'. [ 292.890631][ T9216] netlink: 4 bytes leftover after parsing attributes in process `syz.1.654'. [ 293.036157][ T30] audit: type=1800 audit(4294967305.300:6): pid=9219 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.656" name=04 dev="tmpfs" ino=876 res=0 errno=0 [ 294.222461][ T9242] netlink: 'syz.3.663': attribute type 7 has an invalid length. [ 294.427847][ T5858] Bluetooth: hci2: Malformed Event: 0x02 [ 295.771434][ T9271] FAULT_INJECTION: forcing a failure. [ 295.771434][ T9271] name failslab, interval 1, probability 0, space 0, times 0 [ 295.811656][ T9271] CPU: 0 UID: 0 PID: 9271 Comm: syz.0.670 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 295.811702][ T9271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 295.811720][ T9271] Call Trace: [ 295.811740][ T9271] [ 295.811752][ T9271] dump_stack_lvl+0x16c/0x1f0 [ 295.811803][ T9271] should_fail_ex+0x512/0x640 [ 295.811837][ T9271] ? __kmalloc_noprof+0xbf/0x510 [ 295.811885][ T9271] ? cache_create_net+0x9d/0x220 [ 295.811916][ T9271] should_failslab+0xc2/0x120 [ 295.811945][ T9271] __kmalloc_noprof+0xd2/0x510 [ 295.811999][ T9271] cache_create_net+0x9d/0x220 [ 295.812037][ T9271] ip_map_cache_create+0x60/0x130 [ 295.812073][ T9271] ? __pfx_sunrpc_init_net+0x10/0x10 [ 295.812101][ T9271] sunrpc_init_net+0x55/0x190 [ 295.812133][ T9271] ops_init+0x1df/0x5f0 [ 295.812182][ T9271] setup_net+0x21e/0x850 [ 295.812231][ T9271] ? __pfx_setup_net+0x10/0x10 [ 295.812273][ T9271] ? lockdep_init_map_type+0x5c/0x280 [ 295.812303][ T9271] ? __pfx_down_read_killable+0x10/0x10 [ 295.812338][ T9271] ? debug_mutex_init+0x37/0x70 [ 295.812382][ T9271] copy_net_ns+0x2a6/0x5f0 [ 295.812432][ T9271] create_new_namespaces+0x3ea/0xad0 [ 295.812497][ T9271] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 295.812547][ T9271] ksys_unshare+0x45b/0xa40 [ 295.812596][ T9271] ? __pfx_ksys_unshare+0x10/0x10 [ 295.812642][ T9271] ? xfd_validate_state+0x5d/0x180 [ 295.812680][ T9271] ? rcu_is_watching+0x12/0xc0 [ 295.812736][ T9271] __x64_sys_unshare+0x31/0x40 [ 295.812785][ T9271] do_syscall_64+0xcd/0x260 [ 295.812843][ T9271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.812893][ T9271] RIP: 0033:0x7f6fb7b8d169 [ 295.812918][ T9271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 295.812949][ T9271] RSP: 002b:00007f6fb8a0e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 295.812978][ T9271] RAX: ffffffffffffffda RBX: 00007f6fb7da5fa0 RCX: 00007f6fb7b8d169 [ 295.812998][ T9271] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 295.813015][ T9271] RBP: 00007f6fb7c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 295.813033][ T9271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 295.813050][ T9271] R13: 0000000000000000 R14: 00007f6fb7da5fa0 R15: 00007fffdabfa808 [ 295.813090][ T9271] [ 296.075453][ C0] vkms_vblank_simulate: vblank timer overrun [ 296.789557][ T9266] netlink: 334 bytes leftover after parsing attributes in process `syz.2.668'. [ 296.987085][ T9265] Process accounting paused [ 297.802812][ T9308] netlink: 4 bytes leftover after parsing attributes in process `syz.1.677'. [ 299.562536][ T9364] nbd: illegal input index -65536 [ 299.807988][ T9376] netlink: 16 bytes leftover after parsing attributes in process `syz.0.687'. [ 300.066880][ T9376] netlink: 93 bytes leftover after parsing attributes in process `syz.0.687'. [ 300.371161][ C0] vcan0: j1939_tp_rxtimer: 0xffff888028621c00: rx timeout, send abort [ 300.881499][ C0] vcan0: j1939_tp_rxtimer: 0xffff888028621c00: abort rx timeout. Force session deactivation [ 301.226103][ T9401] Invalid ELF header magic: != ELF [ 301.356555][ T9345] delete_channel: no stack [ 302.967125][ T9430] netlink: 206 bytes leftover after parsing attributes in process `syz.0.699'. [ 305.481214][ T9474] FAULT_INJECTION: forcing a failure. [ 305.481214][ T9474] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 305.511141][ T9474] CPU: 1 UID: 0 PID: 9474 Comm: syz.0.711 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 305.511182][ T9474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 305.511199][ T9474] Call Trace: [ 305.511209][ T9474] [ 305.511219][ T9474] dump_stack_lvl+0x16c/0x1f0 [ 305.511265][ T9474] should_fail_ex+0x512/0x640 [ 305.511314][ T9474] _copy_from_user+0x2e/0xd0 [ 305.511355][ T9474] memdup_user_nul+0x6c/0x120 [ 305.511390][ T9474] proc_simple_write+0xc7/0x1b0 [ 305.511428][ T9474] ? __pfx_proc_simple_write+0x10/0x10 [ 305.511466][ T9474] proc_reg_write+0x23d/0x330 [ 305.511501][ T9474] vfs_write+0x25c/0x1180 [ 305.511540][ T9474] ? __pfx_proc_reg_write+0x10/0x10 [ 305.511574][ T9474] ? __pfx___mutex_lock+0x10/0x10 [ 305.511618][ T9474] ? __pfx_vfs_write+0x10/0x10 [ 305.511672][ T9474] ? __fget_files+0x20e/0x3c0 [ 305.511728][ T9474] ksys_write+0x12a/0x240 [ 305.511769][ T9474] ? __pfx_ksys_write+0x10/0x10 [ 305.511808][ T9474] ? rcu_is_watching+0x12/0xc0 [ 305.511859][ T9474] do_syscall_64+0xcd/0x260 [ 305.511907][ T9474] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.511938][ T9474] RIP: 0033:0x7f6fb7b8d169 [ 305.511962][ T9474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 305.511990][ T9474] RSP: 002b:00007f6fb8a0e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 305.512017][ T9474] RAX: ffffffffffffffda RBX: 00007f6fb7da5fa0 RCX: 00007f6fb7b8d169 [ 305.512035][ T9474] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000003 [ 305.512052][ T9474] RBP: 00007f6fb8a0e090 R08: 0000000000000000 R09: 0000000000000000 [ 305.512070][ T9474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 305.512087][ T9474] R13: 0000000000000000 R14: 00007f6fb7da5fa0 R15: 00007fffdabfa808 [ 305.512127][ T9474] [ 306.973362][ T5858] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 307.497912][ T9520] FAULT_INJECTION: forcing a failure. [ 307.497912][ T9520] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 307.551110][ T9520] CPU: 0 UID: 0 PID: 9520 Comm: syz.1.723 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 307.551151][ T9520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 307.551168][ T9520] Call Trace: [ 307.551178][ T9520] [ 307.551188][ T9520] dump_stack_lvl+0x16c/0x1f0 [ 307.551237][ T9520] should_fail_ex+0x512/0x640 [ 307.551278][ T9520] _copy_to_user+0x32/0xd0 [ 307.551321][ T9520] simple_read_from_buffer+0xcb/0x170 [ 307.551367][ T9520] proc_fail_nth_read+0x197/0x270 [ 307.551422][ T9520] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 307.551464][ T9520] ? rw_verify_area+0xcf/0x680 [ 307.551497][ T9520] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 307.551538][ T9520] vfs_read+0x1de/0xc70 [ 307.551582][ T9520] ? __pfx___mutex_lock+0x10/0x10 [ 307.551625][ T9520] ? __pfx_vfs_read+0x10/0x10 [ 307.551675][ T9520] ? __fget_files+0x20e/0x3c0 [ 307.551726][ T9520] ksys_read+0x12a/0x240 [ 307.551765][ T9520] ? __pfx_ksys_read+0x10/0x10 [ 307.551801][ T9520] ? rcu_is_watching+0x12/0xc0 [ 307.551848][ T9520] do_syscall_64+0xcd/0x260 [ 307.551894][ T9520] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.551923][ T9520] RIP: 0033:0x7ff52fd8bb7c [ 307.551952][ T9520] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 307.551979][ T9520] RSP: 002b:00007ff52dbf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 307.552005][ T9520] RAX: ffffffffffffffda RBX: 00007ff52ffa5fa0 RCX: 00007ff52fd8bb7c [ 307.552023][ T9520] RDX: 000000000000000f RSI: 00007ff52dbf60a0 RDI: 0000000000000004 [ 307.552040][ T9520] RBP: 00007ff52dbf6090 R08: 0000000000000000 R09: 0000000000000000 [ 307.552058][ T9520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 307.552074][ T9520] R13: 0000000000000000 R14: 00007ff52ffa5fa0 R15: 00007ffdd814a488 [ 307.552112][ T9520] [ 309.949136][ T9549] bridge0: port 3(team0) entered blocking state [ 310.011145][ T9549] bridge0: port 3(team0) entered disabled state [ 310.095115][ T9549] team0: entered allmulticast mode [ 310.145338][ T9549] team_slave_0: entered allmulticast mode [ 310.175239][ T9549] team_slave_1: entered allmulticast mode [ 310.231244][ T9549] team0: entered promiscuous mode [ 310.280386][ T9549] team_slave_0: entered promiscuous mode [ 310.388552][ T9549] team_slave_1: entered promiscuous mode [ 310.404047][ T9549] bridge0: port 3(team0) entered blocking state [ 310.411151][ T9549] bridge0: port 3(team0) entered forwarding state [ 312.418404][ T9610] netlink: 4 bytes leftover after parsing attributes in process `syz.3.743'. [ 313.833609][ T9638] usb usb39: usbfs: interface 0 claimed by hub while 'syz.3.750' sets config #0 [ 313.862576][ T9636] FAULT_INJECTION: forcing a failure. [ 313.862576][ T9636] name failslab, interval 1, probability 0, space 0, times 0 [ 313.886115][ T9636] CPU: 1 UID: 0 PID: 9636 Comm: syz.1.749 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 313.886157][ T9636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 313.886174][ T9636] Call Trace: [ 313.886183][ T9636] [ 313.886194][ T9636] dump_stack_lvl+0x16c/0x1f0 [ 313.886244][ T9636] should_fail_ex+0x512/0x640 [ 313.886280][ T9636] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 313.886333][ T9636] should_failslab+0xc2/0x120 [ 313.886363][ T9636] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 313.886411][ T9636] ? __d_alloc+0x31/0xaa0 [ 313.886445][ T9636] __d_alloc+0x31/0xaa0 [ 313.886487][ T9636] path_from_stashed+0x500/0xb00 [ 313.886543][ T9636] ? __pfx_path_from_stashed+0x10/0x10 [ 313.886595][ T9636] ? do_raw_spin_unlock+0x172/0x230 [ 313.886639][ T9636] ns_get_path+0x5f/0x80 [ 313.886684][ T9636] proc_ns_get_link+0x121/0x260 [ 313.886732][ T9636] ? __pfx_proc_ns_get_link+0x10/0x10 [ 313.886781][ T9636] ? __pfx___might_resched+0x10/0x10 [ 313.886831][ T9636] ? __pfx_proc_ns_get_link+0x10/0x10 [ 313.886879][ T9636] step_into+0x1b22/0x2270 [ 313.886934][ T9636] ? __pfx_step_into+0x10/0x10 [ 313.886973][ T9636] ? find_held_lock+0x2b/0x80 [ 313.887024][ T9636] path_openat+0x749/0x2d40 [ 313.887104][ T9636] ? __pfx_path_openat+0x10/0x10 [ 313.887163][ T9636] do_filp_open+0x20b/0x470 [ 313.887211][ T9636] ? __pfx_do_filp_open+0x10/0x10 [ 313.887287][ T9636] ? alloc_fd+0x471/0x7d0 [ 313.887343][ T9636] do_sys_openat2+0x11b/0x1d0 [ 313.887377][ T9636] ? __pfx_do_sys_openat2+0x10/0x10 [ 313.887426][ T9636] __x64_sys_openat+0x174/0x210 [ 313.887471][ T9636] ? __pfx___x64_sys_openat+0x10/0x10 [ 313.887509][ T9636] ? rcu_is_watching+0x12/0xc0 [ 313.887561][ T9636] do_syscall_64+0xcd/0x260 [ 313.887613][ T9636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 313.887646][ T9636] RIP: 0033:0x7ff52fd8bad0 [ 313.887671][ T9636] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 313.887701][ T9636] RSP: 002b:00007ff52dbf5f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 313.887732][ T9636] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007ff52fd8bad0 [ 313.887753][ T9636] RDX: 0000000000000002 RSI: 00007ff52dbf5fa0 RDI: 00000000ffffff9c [ 313.887773][ T9636] RBP: 00007ff52dbf5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 313.887792][ T9636] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 313.887811][ T9636] R13: 0000000000000000 R14: 00007ff52ffa5fa0 R15: 00007ffdd814a488 [ 313.887853][ T9636] [ 315.245535][ T9661] nbd: must specify a size in bytes for the device [ 315.921101][ T9673] netlink: 28 bytes leftover after parsing attributes in process `syz.3.759'. [ 316.223569][ T9689] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 316.242339][ T9687] ima: policy update failed [ 316.253978][ T30] audit: type=1802 audit(4294967344.522:7): pid=9687 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.763" res=0 errno=0 [ 317.375068][ T9740] netlink: 330 bytes leftover after parsing attributes in process `syz.0.769'. [ 317.423206][ T9741] netlink: 28 bytes leftover after parsing attributes in process `syz.3.771'. [ 318.025622][ T9730] ptrace attach of "./syz-executor exec"[6337] was attempted by "./syz-executor exec"[9730] [ 318.523315][ T9759] netlink: 4 bytes leftover after parsing attributes in process `syz.0.773'. [ 318.540673][ T9759] netlink: 25 bytes leftover after parsing attributes in process `syz.0.773'. [ 318.617132][ T9763] netlink: 12 bytes leftover after parsing attributes in process `syz.1.775'. [ 320.148763][ T9811] netlink: 8 bytes leftover after parsing attributes in process `syz.0.784'. [ 320.360673][ T9813] netlink: 28 bytes leftover after parsing attributes in process `syz.1.783'. [ 322.446452][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.453913][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.582586][ T9914] netlink: 28 bytes leftover after parsing attributes in process `syz.1.805'. [ 323.680391][ T9918] netlink: 4 bytes leftover after parsing attributes in process `syz.0.804'. [ 323.730680][ T9918] netlink: 6 bytes leftover after parsing attributes in process `syz.0.804'. [ 323.771043][ T9918] netlink: 4 bytes leftover after parsing attributes in process `syz.0.804'. [ 324.326980][ T9928] netlink: get zone limit has 8 unknown bytes [ 324.614923][ T9914] bond0: (slave bond_slave_1): Releasing backup interface [ 325.465184][ T9940] netlink: 8 bytes leftover after parsing attributes in process `syz.2.810'. [ 327.581051][ T5858] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5 [ 330.377959][ T9946] Process accounting resumed [ 330.425002][ T9979] FAULT_INJECTION: forcing a failure. [ 330.425002][ T9979] name failslab, interval 1, probability 0, space 0, times 0 [ 330.523902][ T9979] CPU: 0 UID: 0 PID: 9979 Comm: syz.0.819 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 330.523945][ T9979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 330.523962][ T9979] Call Trace: [ 330.523971][ T9979] [ 330.523982][ T9979] dump_stack_lvl+0x16c/0x1f0 [ 330.524036][ T9979] should_fail_ex+0x512/0x640 [ 330.524074][ T9979] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 330.524136][ T9979] should_failslab+0xc2/0x120 [ 330.524166][ T9979] __kmalloc_cache_noprof+0x6a/0x3e0 [ 330.524210][ T9979] ? snd_pcm_oss_change_params_locked+0x247/0x3b40 [ 330.524280][ T9979] ? kasan_save_track+0x14/0x30 [ 330.524331][ T9979] snd_pcm_oss_change_params_locked+0x247/0x3b40 [ 330.524389][ T9979] ? rcu_is_watching+0x12/0xc0 [ 330.524432][ T9979] ? __mutex_lock+0x1ca/0xb90 [ 330.524475][ T9979] ? lockdep_hardirqs_on+0x7c/0x110 [ 330.524523][ T9979] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 330.524578][ T9979] ? __pfx___mutex_lock+0x10/0x10 [ 330.524621][ T9979] ? tomoyo_path_number_perm+0x295/0x580 [ 330.524668][ T9979] ? __lock_acquire+0xaa4/0x1ba0 [ 330.524729][ T9979] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 330.524767][ T9979] snd_pcm_oss_get_formats+0x7e/0x340 [ 330.524796][ T9979] ? find_held_lock+0x2b/0x80 [ 330.524835][ T9979] ? __pfx_snd_pcm_oss_get_formats+0x10/0x10 [ 330.524863][ T9979] ? __might_fault+0x13b/0x190 [ 330.524921][ T9979] snd_pcm_oss_ioctl+0x2efb/0x37a0 [ 330.524952][ T9979] ? find_held_lock+0x2b/0x80 [ 330.524990][ T9979] ? hook_file_ioctl_common+0x145/0x410 [ 330.525025][ T9979] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 330.525059][ T9979] ? __fget_files+0x20e/0x3c0 [ 330.525108][ T9979] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 330.525142][ T9979] __x64_sys_ioctl+0x190/0x200 [ 330.525183][ T9979] do_syscall_64+0xcd/0x260 [ 330.525230][ T9979] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.525272][ T9979] RIP: 0033:0x7f6fb7b8d169 [ 330.525298][ T9979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.525327][ T9979] RSP: 002b:00007f6fb8a0e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 330.525356][ T9979] RAX: ffffffffffffffda RBX: 00007f6fb7da5fa0 RCX: 00007f6fb7b8d169 [ 330.525378][ T9979] RDX: 0000000000000000 RSI: 00000000c0045005 RDI: 0000000000000008 [ 330.525397][ T9979] RBP: 00007f6fb7c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 330.525416][ T9979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 330.525434][ T9979] R13: 0000000000000000 R14: 00007f6fb7da5fa0 R15: 00007fffdabfa808 [ 330.525475][ T9979] [ 330.709148][ C1] vcan0: j1939_tp_rxtimer: 0xffff888087a9e800: rx timeout, send abort [ 330.973833][ T9989] Line length is too long: Should be less than 4094 [ 331.322122][ C1] vcan0: j1939_tp_rxtimer: 0xffff888087a9e800: abort rx timeout. Force session deactivation [ 332.066994][T10003] [ 332.069609][T10003] ====================================================== [ 332.077361][T10003] WARNING: possible circular locking dependency detected [ 332.085103][T10003] 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 Not tainted [ 332.092950][T10003] ------------------------------------------------------ [ 332.100703][T10003] syz.0.825/10003 is trying to acquire lock: [ 332.107310][T10003] ffff88803507c5d8 (sk_lock-AF_INET){+.+.}-{0:0}, at: sockopt_lock_sock+0x54/0x70 [ 332.117548][T10003] [ 332.117548][T10003] but task is already holding lock: [ 332.125677][T10003] ffffffff9012daa8 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_getsockopt+0x1843/0x2220 [ 332.135722][T10003] [ 332.135722][T10003] which lock already depends on the new lock. [ 332.135722][T10003] [ 332.147197][T10003] [ 332.147197][T10003] the existing dependency chain (in reverse order) is: [ 332.157284][T10003] [ 332.157284][T10003] -> #2 (rtnl_mutex){+.+.}-{4:4}: [ 332.165284][T10003] __mutex_lock+0x199/0xb90 [ 332.170869][T10003] do_ipv6_setsockopt+0x2042/0x4420 [ 332.177208][T10003] ipv6_setsockopt+0xcb/0x170 [ 332.182979][T10003] tcp_setsockopt+0xa4/0x100 [ 332.188645][T10003] smc_setsockopt+0x1b3/0xa00 [ 332.194431][T10003] do_sock_setsockopt+0x221/0x470 [ 332.200560][T10003] __sys_setsockopt+0x1a0/0x230 [ 332.206502][T10003] __x64_sys_setsockopt+0xbd/0x160 [ 332.212748][T10003] do_syscall_64+0xcd/0x260 [ 332.218330][T10003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.225524][T10003] [ 332.225524][T10003] -> #1 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 332.235051][T10003] __mutex_lock+0x199/0xb90 [ 332.240649][T10003] smc_switch_to_fallback+0x2d/0x9f0 [ 332.247082][T10003] smc_sendmsg+0x13d/0x520 [ 332.252558][T10003] ____sys_sendmsg+0xa95/0xc70 [ 332.258412][T10003] ___sys_sendmsg+0x134/0x1d0 [ 332.264182][T10003] __sys_sendmsg+0x16d/0x220 [ 332.269854][T10003] do_syscall_64+0xcd/0x260 [ 332.275441][T10003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.282538][T10003] [ 332.282538][T10003] -> #0 (sk_lock-AF_INET){+.+.}-{0:0}: [ 332.290986][T10003] __lock_acquire+0x1173/0x1ba0 [ 332.296926][T10003] lock_acquire+0x179/0x350 [ 332.302464][T10003] lock_sock_nested+0x41/0xf0 [ 332.308203][T10003] sockopt_lock_sock+0x54/0x70 [ 332.314034][T10003] do_ip_getsockopt+0x13e4/0x2220 [ 332.320180][T10003] ip_getsockopt+0x9b/0x1e0 [ 332.325774][T10003] raw_getsockopt+0x4d/0x1f0 [ 332.331423][T10003] do_sock_getsockopt+0x3fc/0x800 [ 332.337656][T10003] __sys_getsockopt+0x12f/0x260 [ 332.343583][T10003] __x64_sys_getsockopt+0xbd/0x160 [ 332.349800][T10003] do_syscall_64+0xcd/0x260 [ 332.355353][T10003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.362419][T10003] [ 332.362419][T10003] other info that might help us debug this: [ 332.362419][T10003] [ 332.373790][T10003] Chain exists of: [ 332.373790][T10003] sk_lock-AF_INET --> &smc->clcsock_release_lock --> rtnl_mutex [ 332.373790][T10003] [ 332.388743][T10003] Possible unsafe locking scenario: [ 332.388743][T10003] [ 332.396954][T10003] CPU0 CPU1 [ 332.402880][T10003] ---- ---- [ 332.408796][T10003] lock(rtnl_mutex); [ 332.413269][T10003] lock(&smc->clcsock_release_lock); [ 332.421970][T10003] lock(rtnl_mutex); [ 332.429146][T10003] lock(sk_lock-AF_INET); [ 332.434021][T10003] [ 332.434021][T10003] *** DEADLOCK *** [ 332.434021][T10003] [ 332.442982][T10003] 1 lock held by syz.0.825/10003: [ 332.448512][T10003] #0: ffffffff9012daa8 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_getsockopt+0x1843/0x2220 [ 332.458983][T10003] [ 332.458983][T10003] stack backtrace: [ 332.465462][T10003] CPU: 1 UID: 0 PID: 10003 Comm: syz.0.825 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 332.465495][T10003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 332.465510][T10003] Call Trace: [ 332.465518][T10003] [ 332.465527][T10003] dump_stack_lvl+0x116/0x1f0 [ 332.465567][T10003] print_circular_bug+0x275/0x350 [ 332.465628][T10003] check_noncircular+0x14c/0x170 [ 332.465673][T10003] __lock_acquire+0x1173/0x1ba0 [ 332.465718][T10003] ? do_ip_getsockopt+0x1843/0x2220 [ 332.465746][T10003] lock_acquire+0x179/0x350 [ 332.465768][T10003] ? sockopt_lock_sock+0x54/0x70 [ 332.465807][T10003] lock_sock_nested+0x41/0xf0 [ 332.465840][T10003] ? sockopt_lock_sock+0x54/0x70 [ 332.465873][T10003] sockopt_lock_sock+0x54/0x70 [ 332.465906][T10003] do_ip_getsockopt+0x13e4/0x2220 [ 332.465935][T10003] ? __pfx_do_ip_getsockopt+0x10/0x10 [ 332.465964][T10003] ? cgroup_rstat_updated+0x2a/0xb20 [ 332.466000][T10003] ? find_held_lock+0x2b/0x80 [ 332.466032][T10003] ? count_memcg_events_mm.constprop.0+0x138/0x340 [ 332.466061][T10003] ? __up_read+0x1f8/0x750 [ 332.466088][T10003] ? __pfx___up_read+0x10/0x10 [ 332.466117][T10003] ? do_user_addr_fault+0x829/0x1370 [ 332.466150][T10003] ? do_user_addr_fault+0x843/0x1370 [ 332.466185][T10003] ip_getsockopt+0x9b/0x1e0 [ 332.466210][T10003] ? __pfx_ip_getsockopt+0x10/0x10 [ 332.466240][T10003] raw_getsockopt+0x4d/0x1f0 [ 332.466264][T10003] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 332.466306][T10003] do_sock_getsockopt+0x3fc/0x800 [ 332.466349][T10003] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 332.466395][T10003] ? fd_install+0x225/0x750 [ 332.466435][T10003] ? __x64_sys_futex+0x1e0/0x4c0 [ 332.466472][T10003] ? __x64_sys_futex+0x1e9/0x4c0 [ 332.466511][T10003] __sys_getsockopt+0x12f/0x260 [ 332.466547][T10003] __x64_sys_getsockopt+0xbd/0x160 [ 332.466579][T10003] ? do_syscall_64+0x91/0x260 [ 332.466617][T10003] ? lockdep_hardirqs_on+0x7c/0x110 [ 332.466659][T10003] do_syscall_64+0xcd/0x260 [ 332.466698][T10003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.466725][T10003] RIP: 0033:0x7f6fb7b8d169 [ 332.466745][T10003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 332.466770][T10003] RSP: 002b:00007f6fb8a0e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 332.466794][T10003] RAX: ffffffffffffffda RBX: 00007f6fb7da5fa0 RCX: 00007f6fb7b8d169 [ 332.466811][T10003] RDX: 0000000000000029 RSI: 0000000000000000 RDI: 0000000000000000 [ 332.466827][T10003] RBP: 00007f6fb7c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 332.466843][T10003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 332.466858][T10003] R13: 0000000000000000 R14: 00007f6fb7da5fa0 R15: 00007fffdabfa808 [ 332.466883][T10003]