last executing test programs: 3m30.19544695s ago: executing program 2 (id=456): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x4d, 0x0) r1 = socket(0xa, 0x2, 0x88) setsockopt$auto(r1, 0x11, 0xa, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x3, 0x5e61) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, &(0x7f00000001c0)={0x3}, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x1, 0x7, 0x9) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) read$auto(0x3, 0x0, 0x9) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) r2 = gettid() readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) tkill$auto(r2, 0x7) 3m29.238067504s ago: executing program 2 (id=462): r0 = openat$auto_debug_help_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) getsockopt$auto_SO_TIMESTAMP_NEW(r0, 0x3, 0x3f, &(0x7f0000000040)='/dev/infiniband/rdma_cm\x00', &(0x7f0000000080)=0xeb81) openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="a8080000", @ANYRES16, @ANYBLOB="040027bd7000fbdbdf2509000000c6010980d9002700ff5e3c1337b1cd188ce8be6a7f1a653bd1db8c4cd86913dacf4efd7094107a35b412806b62b34a88fb23b4d7d81a6ff35076c15c7a13a263c4ed6e831b7768d5d2b13c43618f6775f5f64e9696d51acf7725e9ddefd1e29f37a4b06d659b72088e9d288e7fc4dcd75948c4177e18b960b89c5c3a3b65ba5f9cd16adbe1c58b8101e9acb53637c3197a59e0a03baf5f597010e72ae4f14a32d7180e8fd53207bcf92571aded72993046f805c4179b8626ffdfa9290f4a7880c9f3d0f66f6ea36697b3b3059229b8433d3e94fa45916e29c8049563f6000000080023"], 0x8a8}, 0x1, 0x0, 0x0, 0x10}, 0x40000800) socket(0x10, 0x3, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r1 = socket(0x10, 0x2, 0x4) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000300), 0x28000, 0x0) read$auto_ppp_device_fops_ppp_generic(r2, &(0x7f0000000580)=""/162, 0xa2) pipe2$auto(&(0x7f00000001c0)=r1, 0xa02a) write$auto_ucma_fops_ucma(r3, &(0x7f0000000280)="8202e6685e65c2d69029320ef8ad08a03ac006", 0x13) futex$auto(&(0x7f0000000000)=0x1, 0x6, 0x9, &(0x7f0000000040)={0x2}, 0x0, 0x6) r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r4, 0x8008551c, 0x38) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) r5 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0) getpid() process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) mmap$auto(0x20000005a, 0x20009, 0xdf, 0xeb9, 0x401, 0x8001) socketpair$auto(0x3475, 0x2, 0x8000000000000000, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SET_TUNSRC(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="280000005c02943765da83a71ea540bc702da056c28b2066dba135b9d0eff9c03db61bcfe7ecb464ca8a5a7664880d02ef043adf7b04562425e8a6435d91161c6506df550da43ab4f693ba35cd50631263b174277e5b5f9538ab30113366eaa0a333e052e57ec4730fb310e90bbb7ac64f5f", @ANYRES16=r7, @ANYBLOB="010028bd7000fbdbdf250300000014000100200100"/34], 0x28}, 0x1, 0x0, 0x0, 0x814}, 0x4) close_range$auto(0x2, 0x8, 0x0) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000100), r6) epoll_ctl$auto(r5, 0x4, r5, &(0x7f00000000c0)={0x9, 0xe}) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x8080, 0x0) 3m28.754284631s ago: executing program 2 (id=467): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) (async) ioctl$auto(0x3, 0xae41, r1) (async, rerun: 32) ioctl$auto_KVM_CREATE_VM(r0, 0xc008ae91, 0x0) (async, rerun: 32) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) (async) sendmmsg$auto(0x3, 0x0, 0x9a4, 0xffff) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) (async) madvise$auto(0x405, 0xffffffffffff0001, 0x3) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r2) (async, rerun: 32) sendmsg$auto_NL80211_CMD_RADAR_DETECT(0xffffffffffffffff, 0x0, 0x4008000) (async, rerun: 32) sendmsg$auto_NL80211_CMD_STOP_NAN(0xffffffffffffffff, 0x0, 0x815) (async, rerun: 32) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (rerun: 32) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async) adjtimex$auto(&(0x7f00000005c0)={0xf332b6e, 0x0, 0x2000000000000000, 0x8, 0xd4, 0x7, 0x5, 0x0, 0x10001, 0x1, 0x2, {0x8, 0x10001}, 0x1, 0x6, 0xfffffffffffffffd, 0x1007ffe, 0x0, 0x80000004, 0xa, 0xffffefffffff628e, 0xa747, 0x1, 0x1800}) (async) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) (async) openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, 0x0, 0x20100, 0x0) (async, rerun: 64) socket(0x2, 0x80002, 0x73) (rerun: 64) bind$auto(r3, 0x0, 0x6a) (async) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) io_uring_setup$auto(0x6, 0x0) (async, rerun: 64) write$auto(r4, &(0x7f0000000340)='\xa3o\a`\f\f4\xc6\xe7\x8a\x16h\x80\xb5\xed\xe4\xec\xfe\xe50\xb9\xbb1/#\xdc\xdd\xed\xa2\x85\xa1\xd5\xf5\xfeG\xdcI\xe3c\xb8BS\x04Y\xc9N\x98\xc6I_E \xc8^T\x84Mh\xf4Y\xcc\xe4\x9al\x88\x8fX\xcb\xad\x1d*\xec\x1dG@H/N\xaa\x1b\xce\x8b\xff\xcfe\xac\xda\xb0\xbe;-y\x12\x13\x93\x1d\xb5>\x1c\x02Tv\x92\xc0\x1c\xaa\x8a8\x0e_Fv\x00\xdc\nfd\x16\xa6d\xa3z\xdf\xc7o+1\xf4Q\xf7i\xd6.\t\x10\x99\xc4\x06\xa3\xbf*\xbb\xe0H\xc9u+\x17\x93!\x1c\xc3\xcd\xc1y\xaf\xf1\xd1B\xaa[\x9d\xb6\xad\xe2\xff\x9b[{\xd1z\x18\xba\x7f\xb5\x10\xdd1\xf2\x9c\xb0=\xf09\r\xc3\x1b9\xbe\xa8\xe76[/<,\xe1\x90\xb3G}\x85E\xc6\x8ak4\xc3+\xf0\x9f\xe0F\x1b\xdb\x84\x17\xc0\x99\xf1\xb5,\x1f\x8a\xe7\x0f\xd7\xc2{>\xb9q\xc3\xa7\xaaF|\\4\x03Z\xecH\x99\xber\xab\xe6+>\x95\x86\x83\xfb\x16o\x98\xe0\xe9d\xa1z^}\xc7\x12\xe6b\xa2\xb1X\x062\x12\xec\x12.\xbb\x10\x11\xdb_Xo\xfc\xcd\x8av\x80\xf0!n\x8d\xee)\rm\xc5\xee\xd6\xde\xc7\xf8\xdf\xc1?\x82\xca\xb6X\xe3\xfc\xf8\x1a\xe7U\xd6\f\x8e\x98+\x99\x1dqtV\xb4\x05\xa4ge', 0x110000a3d9) (rerun: 64) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) 3m27.516985679s ago: executing program 2 (id=471): syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_0={0x8200, 0x1, 0x9, 0x7, 0x5, 0xffffffffffffffff, 0x80000001, "7829000000000000000200", 0x0, 0xffffffffffffffff, 0x7, 0x7d, 0x2, 0x1}, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6b) listen$auto(0x3, 0x81) shutdown$auto(0x200000003, 0x2) poll$auto(&(0x7f0000000d40)={0x3, 0x1, 0xa}, 0x5, 0x400) 3m26.458769144s ago: executing program 2 (id=476): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) socket(0x25, 0x1, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x20040000}, 0x880) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_tracing_saved_cmdlines_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/saved_cmdlines\x00', 0x800, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x3}, 0xed7138c}, 0x7, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x2ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) tgkill$auto(0x1, 0x1, 0x5) socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x6, 0x0) r3 = socket(0x2, 0x3, 0xa) getsockopt$auto(r3, 0x0, 0x29, 0x0, &(0x7f0000000040)=0xdbb) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000001140), 0x404102, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) sendmsg$auto_TIPC_NL_PEER_REMOVE(r2, &(0x7f0000001440)={&(0x7f00000010c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001400)={&(0x7f0000001200)={0x1ec, 0x0, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0xfa, 0x4, 0x0, 0x1, [@generic="150fc888a6b8224fa0e796326b", @nested={0xda, 0xee, 0x0, 0x1, [@generic="9d3a22e2e13e90aa03b9ac8dcef1dca1f2ebd9879e8ca204e80bc1012463340bf51cf1398b9c4984f742dec24a11941f5c5489484e2782cc08fbcbc3967552c015b0c972b91c84f8e80f778212aa5e886592469523f8d2627e032ef7e2a74c21b0660ac3fc4509589c3134dbf53c282587153a718eec333cae6e7261a19f7f4d4672148b0ffb045ad5bc8b6fbf3c6f333e526c67c6f7c7e298f432168ba636b2cd05d28d40ab162d22d6c722008f33c9b40083a63693547f03c540e3ad2305eac5998731cb710f0b0cb7907d3899d89ac3a4b10ebafb"]}, @generic="61e202a1ed3f9e8156b05dc0c6"]}, @TIPC_NLA_LINK={0xd9, 0x4, 0x0, 0x1, [@generic="a400fabaa5", @typed={0xc, 0xa1, 0x0, 0x0, @u64=0x7}, @nested={0xc3, 0x13, 0x0, 0x1, [@generic="9edbd19cc9694a60802462828da0785b0184dd733e1735206c767121e63948fcdce17b14926e25e0a25b5a3a492d33f83242a863eabe38cb1f1b342902c69027d7b8160c5587e0cee5960952d37ff3bc61a4f8236b2306d364d58a92dbb0da0c927f10e1a3fe941db75ce31907feb65be1ab7a4f2b55cf4466ebe5eb7bae36e3dfd27bc9d95ea3791cea642e7e0487e0fca87cc0ea1f90463cd6ee693c8a136f4bd00e3bb60306e10736dfb8b5737b3264eb64898d1289", @nested={0x4, 0x85}, @nested={0x4, 0x92}]}]}]}, 0x1ec}, 0x1, 0x0, 0x0, 0x24000084}, 0x40040) io_uring_enter$auto(r2, 0x1, 0x82400004, 0x4b, 0x0, 0xd) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x8001fa, 0x400, 0x9}]}) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001100)='/sys/devices/virtual/block/ram2/queue/minimum_io_size\x00', 0xa000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f00000000c0)=""/4096, 0x1000) 3m25.784979297s ago: executing program 2 (id=481): r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)={0x24, r1, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x4a}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x11}]}, 0x24}}, 0x4000) socket(0xa, 0x2, 0x73) socket(0xa, 0x2, 0x73) (async) close_range$auto(0x2, 0xffffffffffffffff, 0x0) 3m10.665388849s ago: executing program 32 (id=481): r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)={0x24, r1, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x4a}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x11}]}, 0x24}}, 0x4000) socket(0xa, 0x2, 0x73) socket(0xa, 0x2, 0x73) (async) close_range$auto(0x2, 0xffffffffffffffff, 0x0) 2m43.434785969s ago: executing program 0 (id=661): iopl$auto(0x2) iopl$auto(0x1) mmap$auto(0x0, 0x400, 0xdf, 0x10000009b72, 0x7, 0x28000) signalfd$auto(0xffffffff, 0x0, 0x8) openat$dir(0xffffffffffffff9c, 0x0, 0x840, 0xc) socket(0x1d, 0x2, 0x6) socket(0x1f, 0x2, 0x1) io_uring_setup$auto(0x6, 0x0) io_uring_setup$auto(0xaa7, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) io_uring_setup$auto(0x1, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) 2m42.75361721s ago: executing program 0 (id=664): socket(0x2000000000000021, 0x2, 0x10000000000002) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) socket(0x2, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x12, 0x401, 0x82) bind$auto(0x3, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @my=0x0}, 0x6e) connect$auto(0x3, &(0x7f0000000080)=@sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x54) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) syz_clone(0x40114900, 0x0, 0xe, 0x0, 0x0, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0xfffffffffffffffd, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4) mmap$auto(0x5906, 0xfffffffffffffffe, 0x1, 0x17, r1, 0x8000) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) pwrite64$auto(r2, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x89\x06s\x1cJ\x99\x00:\x00!\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x1010, 0x6) ioctl$auto_TIOCSTI2(r3, 0x5412, &(0x7f0000000840)="12915fb9d5") recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000bc0), r2) socket$nl_generic(0x10, 0x3, 0x10) r4 = socketcall$auto(0xd634, &(0x7f00000000c0)=0x7) read$auto(r4, &(0x7f0000000180)='+(]^!+{)}\x00', 0xa962) sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000280)={&(0x7f0000000140), 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x4018) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f00000001c0), 0xffffffffffffffff) unshare$auto(0x40000080) open(0x0, 0x0, 0x64) socket(0x2, 0x1, 0x0) rmdir$auto(&(0x7f0000000300)='./cgroup\x00') 2m42.142636656s ago: executing program 0 (id=666): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xfffffffd, 0x401bf, 0x7352, 0x3c, 0x65f, 0x1ffde, 0x4, 0x3, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb2, 0x80000000009, 0x2, 0x10003, 0xb, 0x4, 0x0, 0x7, 0x2000, 0x203, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa6]}, 0x1fe, 0xd) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf25030000000600070008000000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060006004000000006000600070000000a0010"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2m41.75191645s ago: executing program 0 (id=670): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xfffffffd, 0x401bf, 0x7352, 0x3c, 0x65f, 0x1ffde, 0x4, 0x3, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb2, 0x80000000009, 0x2, 0x10003, 0xb, 0x4, 0x0, 0x7, 0x2000, 0x203, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa6]}, 0x1fe, 0xd) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2m41.457038969s ago: executing program 0 (id=672): r0 = openat$auto_wakeup_sources_stats_fops_wakeup(0xffffffffffffff9c, &(0x7f0000000000), 0x240000, 0x0) readv$auto(r0, &(0x7f0000000140)={&(0x7f0000000080)="1434c2aa43b84015ea908c024280ab8fdb144094e75a9be9efa14e0a945adf6e7f897201619c7db523e11e9cdc4d97ec963ea14b225b1b12c88083b5331719e590ad765b53848786704c115c1ffff6bee19a45e0695e93431fc2f3c2a8ec8f0194fd4a1b44f4183bbb45c4beab2f84c3fcc174ac818e2d3df8d38e2362a3e8273c22febccf95cf10ba587a02a14ea4c5bbc37c5bfb17b686c127068df47af9a041ab5648e0039b99d5dec333565f8b8b97ed166959", 0x10001}, 0xfffffffffffffffc) (async) readv$auto(r0, &(0x7f0000000140)={&(0x7f0000000080)="1434c2aa43b84015ea908c024280ab8fdb144094e75a9be9efa14e0a945adf6e7f897201619c7db523e11e9cdc4d97ec963ea14b225b1b12c88083b5331719e590ad765b53848786704c115c1ffff6bee19a45e0695e93431fc2f3c2a8ec8f0194fd4a1b44f4183bbb45c4beab2f84c3fcc174ac818e2d3df8d38e2362a3e8273c22febccf95cf10ba587a02a14ea4c5bbc37c5bfb17b686c127068df47af9a041ab5648e0039b99d5dec333565f8b8b97ed166959", 0x10001}, 0xfffffffffffffffc) socket(0x10, 0x3, 0x6) (async) r1 = socket(0x10, 0x3, 0x6) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) ioctl$auto(0x3, 0x80111500, 0x38) (async) ioctl$auto(0x3, 0x80111500, 0x38) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="fc000000", @ANYRES16=r2, @ANYBLOB="01002dbd7000fedbdf2505000000e60003800800c000e000000204002a000400110008000f00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b33dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43344b15bd494886e355cf6d92c8fe670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014100005800c00c5000300000000000000180040801400130000000000000000000000ffffffffffff0000"], 0xfc}}, 0x50) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/ieee80211/phy9/netdev:wlan1/stations/08:02:11:00:00:00/flags\x00', 0x280, 0x0) 2m40.417133925s ago: executing program 0 (id=675): r0 = socket$nl_generic(0x10, 0x3, 0x10) setgroups$auto(0xc00000000, 0xfffffffffffffffc) getgroups$auto(0xc5f1, 0x0) landlock_create_ruleset$auto(&(0x7f0000000000)={0x8, 0x5, 0x8}, 0xad73, 0xffff) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), r0) sendmsg$auto_NFSD_CMD_VERSION_SET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x28, r1, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NFSD_A_SERVER_PROTO_VERSION={0x14, 0x1, 0x0, 0x1, [@NFSD_A_VERSION_MAJOR={0x8, 0x1, 0x4}, @NFSD_A_VERSION_MINOR={0x8, 0x2, 0x7}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x24000001}, 0x4010) 2m25.041818424s ago: executing program 33 (id=675): r0 = socket$nl_generic(0x10, 0x3, 0x10) setgroups$auto(0xc00000000, 0xfffffffffffffffc) getgroups$auto(0xc5f1, 0x0) landlock_create_ruleset$auto(&(0x7f0000000000)={0x8, 0x5, 0x8}, 0xad73, 0xffff) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), r0) sendmsg$auto_NFSD_CMD_VERSION_SET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x28, r1, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NFSD_A_SERVER_PROTO_VERSION={0x14, 0x1, 0x0, 0x1, [@NFSD_A_VERSION_MAJOR={0x8, 0x1, 0x4}, @NFSD_A_VERSION_MINOR={0x8, 0x2, 0x7}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x24000001}, 0x4010) 2m18.530382437s ago: executing program 3 (id=739): r0 = openat$auto_page_owner_stack_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, r0, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) syz_genetlink_get_family_id$auto_nlbl_cipsov4(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001b80)='/dev/input/event2\x00', 0x40800, 0x0) ioctl$auto_EVIOCSKEYCODE(r1, 0x40084504, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x1, 0x0) mmap$auto(0x0, 0x4, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, 0x0}, 0x4000) vmsplice$auto(0x1, &(0x7f0000000000)={0x0, 0x5}, 0x6, 0x8) bind$auto(0x3, 0x0, 0x6b) listen$auto(0x3, 0x81) openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy14/hw_conf\x00', 0xc000, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/erspan0/queues/tx-0/byte_queue_limits/inflight\x00', 0x88040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000001100)=""/4106, 0x100a) shutdown$auto(0x200000003, 0x2) r3 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r3, 0x107, 0x5, 0x0, 0x8) poll$auto(&(0x7f0000000d40)={0x3, 0x1, 0xa}, 0x5, 0x400) 2m17.124215637s ago: executing program 3 (id=741): syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x4000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x0) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x3, 0x6, 0x0, 0x200000000000001, 0x368e, 0x2, {0x100000000, 0x4}, 0xff, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x8000000c, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) socket(0x15, 0x5, 0x0) ustat$auto(0x801, 0x0) r3 = socket(0x11, 0xa, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0) bpf$auto(0x0, 0x0, 0x6f4) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x200) listmount$auto(&(0x7f0000000040)={0x200, @inferred=r1, 0x7f, 0x81, 0x400}, &(0x7f0000000140)=0x10000, 0xf, 0x5) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) write$auto(r4, &(0x7f0000000300)='*o\xd3\xa49\xaf\xa9\xe4\xe17\x12\xb3Z\x17I\x82\xdc\xbeiw\xc1\xd1\x8d\x9b\r\x9aR\xe7\x9f\xd8\xab\x16`f\nT\xaa\xfap \xe6\xdaV\xdeD\x8dR5\xd2\xe58\n\xff\x19+\xeb\xb3+\xf6\xc6\a\x00\x00\x00\xf1A\xa5\x95\x1fk\x1f\xff\x99gP\x9e\x88\x97]\x93\xf4\xdd<\xe7p\x0e\xd4C\xdc\x84\v\xafz\xfd\x81\xa3\xb2\xbb\xa4\xd9\xf2P\xa8\xe9\x8f\x13\xa7\x98\x85\xf8\v\aB\xfc\xfa\x14E\xb8y\x884<\xa7\xffyb\x8a\b\xbb\x1b\x13W\xe3\xf7\xd8\x83\xc9\xd7\x8c', 0x6) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)={0x1c, r6, 0x301, 0x70b52c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x17}]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0) socket(0x2, 0x6, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) 2m15.723544645s ago: executing program 3 (id=745): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x3, 0x5, 0x7, 0x0) (async) socket(0xa, 0x1, 0x0) (async) socket(0x2, 0x1, 0x84) connect$auto(0x3, 0x0, 0x55) listen$auto(0x3, 0x81) (async) accept$auto(0x3, 0x0, 0x0) (async) listen$auto(0x3, 0x0) connect$auto(0x3, 0x0, 0x55) (async) r0 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) write$auto(r0, &(0x7f0000000700)='!dev_\x00\x00\x00\x00\x00', 0x1) 2m14.80966909s ago: executing program 5 (id=752): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.7/usb8/remove\x00', 0xa001, 0x0) write$auto(r0, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x200000000000404, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x11, 0x3, 0x1) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/sctp/remaddr\x00', 0x101d00, 0x0) socketpair$auto(0x1e, 0x0, 0x7, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0xa042, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) timerfd_create$auto_CLOCK_BOOTTIME(0x7, 0x5) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) ioctl$auto(r2, 0x2, 0x9) ioctl$auto(r2, 0x400c4d00, r2) close_range$auto(0x2, 0x8, 0x0) 2m14.560770068s ago: executing program 3 (id=753): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ram3\x00', 0x8001, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) sendfile$auto(r0, r1, 0x0, 0xfdef) readv$auto(0x6, &(0x7f00000000c0)={0x0, 0x3df0}, 0x1) 2m14.467041703s ago: executing program 5 (id=754): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) shmat$auto(0x59, &(0x7f0000000580)='(\x04', 0xfffffffd) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (async) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2, 0x1, 0x0) epoll_create$auto(0x4) mq_open$auto(&(0x7f0000000000)='/dev/sequencer2\x00', 0x5, 0x3, &(0x7f0000000040)={0xe7a2, 0x0, 0x1, 0xa}) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/module/lockd/parameters/nlm_tcpport\x00', 0x20040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000500)=""/4096, 0x1000) sendmsg$auto_NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="200028bd7000ffdbd510000000000000190077000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/vm/dirty_background_ratio\x00', 0x80000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) (async) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) (async) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) setsockopt$auto_SO_RXQ_OVFL(r2, 0x7, 0x28, &(0x7f0000000100)='/proc/thread-self/mounts\x00', 0x3) sched_get_priority_min$auto(0x40) (async) sched_get_priority_min$auto(0x40) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0x101002, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) gettimeofday$auto(&(0x7f0000000040)={0xb1c3, 0x401}, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x800006, 0x7) openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/mounts\x00', 0x40800, 0x0) mkdir$auto(0x0, 0xe34e) chroot$auto(&(0x7f0000000200)='./file0\x00') openat2$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x40, 0x10, 0xc}, 0x18) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) (async) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) (async) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) 2m14.338553926s ago: executing program 3 (id=756): socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x8000000401, 0x8000) clock_adjtime$auto(0x0, &(0x7f0000000040)={0xfbb, 0x0, 0x7f, 0xfffffffff7fffffe, 0x602, 0x8, 0x7, 0x0, 0x7, 0xb, 0x1, {0x3ff, 0x7}, 0xfffffffffffffffa, 0x200000a5, 0xa, 0x13c, 0x0, 0xc3, 0x7, 0x2, 0x5, 0x90, 0xfffffff5}) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00211459a600fbdbf4250200080008000300000000001b0004"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x80) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_SURVEY(0xffffffffffffffff, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000002740)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="3d0725bd7000fedbdf25320000008e78e1c9f12b3ce92160d4e65aa06d14b4c5973347a1708927b5f2cefee9af7325b40e08adda5edbd2c11b4b8359d9313c92c0c3d7fcab3fe1f171d03f5edaeae27152d331b00f7bbe86e5bd959c9e8f2794176edc856f2aa4aa0061a797673f6877749b865114c4e9007815421dc659d42f3437aeb9a041d6d490ec085ae31c041ff704a889d1316f16efabe4cdbb8851ff79a3e3a088c1ea38c8c72301cb182cdc7ea44acca37903ed7f3159a9b2"], 0x14}}, 0x8010) r0 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) r1 = memfd_create$auto(0x0, 0xb) openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/dynamic_events\x00', 0x109041, 0x0) write$auto(r1, 0x0, 0xfdef) fcntl$auto(0xff80000000000000, 0x409, 0x3f) sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="8b632abd7000fedbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2m14.193374729s ago: executing program 3 (id=758): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event2\x00', 0x581941, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) eventfd$auto(0x8c) socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x2020009, 0xe2, 0xeb1, 0x8, 0x8000) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x4, &(0x7f0000000000), 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0xad02, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x0, 0x401, 0x7}, 0x9, 0x0) landlock_restrict_self$auto(r2, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) umount2$auto(&(0x7f0000000040)='.\x00', 0x4) umount2$auto(&(0x7f0000000000)='.\x00', 0x4) ioctl$auto(0x3, 0xae41, r1) semget$auto(0x8, 0x3, 0xfffffffe) semget$auto(0x8, 0x9, 0x2) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) mmap$auto(0x0, 0x7fff, 0x3, 0xeb0, 0xfffffffffffffffa, 0x208000) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) listmount$auto(&(0x7f0000000100)={0xba, @raw, 0xffffffffffffffff, 0xfffffffffffffff7}, 0x0, 0xf4240, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 2m13.352969324s ago: executing program 5 (id=761): syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x4000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x0) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x3, 0x6, 0x0, 0x200000000000001, 0x368e, 0x2, {0x100000000, 0x4}, 0xff, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x8000000c, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) socket(0x15, 0x5, 0x0) ustat$auto(0x801, 0x0) r3 = socket(0x11, 0xa, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'vxcan1\x00', 0x0}) bpf$auto(0x0, &(0x7f0000000100)=@query={@target_ifindex=r4, 0x0, 0x8, 0x9, 0x0, @prog_cnt, 0x0, 0x3, 0x5a3522aa, 0xffffffff, 0x9}, 0x6f4) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x200) listmount$auto(&(0x7f0000000040)={0x200, @inferred=r1, 0x7f, 0x81, 0x400}, &(0x7f0000000140)=0x10000, 0xf, 0x5) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) write$auto(r5, &(0x7f0000000300)='*o\xd3\xa49\xaf\xa9\xe4\xe17\x12\xb3Z\x17I\x82\xdc\xbeiw\xc1\xd1\x8d\x9b\r\x9aR\xe7\x9f\xd8\xab\x16`f\nT\xaa\xfap \xe6\xdaV\xdeD\x8dR5\xd2\xe58\n\xff\x19+\xeb\xb3+\xf6\xc6\a\x00\x00\x00\xf1A\xa5\x95\x1fk\x1f\xff\x99gP\x9e\x88\x97]\x93\xf4\xdd<\xe7p\x0e\xd4C\xdc\x84\v\xafz\xfd\x81\xa3\xb2\xbb\xa4\xd9\xf2P\xa8\xe9\x8f\x13\xa7\x98\x85\xf8\v\aB\xfc\xfa\x14E\xb8y\x884<\xa7\xffyb\x8a\b\xbb\x1b\x13W\xe3\xf7\xd8\x83\xc9\xd7\x8c', 0x6) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)={0x1c, r7, 0x301, 0x70b52c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x17}]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c01d}, 0x100000000000000) socket(0x2, 0x6, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) 2m11.400188226s ago: executing program 5 (id=765): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ram3\x00', 0x8001, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) sendfile$auto(r0, r1, 0x0, 0xfdef) readv$auto(0x6, &(0x7f00000000c0)={0x0, 0xfdef}, 0x1) 2m11.328349263s ago: executing program 5 (id=766): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r0) sendmsg$auto_ETHTOOL_MSG_FEC_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)={0x2c, r1, 0x1, 0x70bd2b, 0x25dfdc01, {}, [@ETHTOOL_A_FEC_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4010}, 0x800) select$auto(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$auto_KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, &(0x7f0000000280)={0x42, 0xffffffffffffffff, 0x2, 0x2}) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0) ioperm$auto(0xd44, 0x6, 0x8) tkill$auto(0x80000000000001, 0x7) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r2, 0x4b67, 0x1) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) acct$auto(0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) read$auto(r3, 0x0, 0x1ff) write$auto(0x3, 0x0, 0xfdef) 2m10.734071584s ago: executing program 5 (id=772): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000002400)='/sys/devices/virtual/mtd/mtd0/mtdblock0/ro\x00', 0x20000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sysfs$auto(0x2, 0x10000000000002a, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) mbind$auto(0x0, 0x764, 0x4, &(0x7f0000000280)=0x1, 0x3, 0x4) close_range$auto(0x2, 0x8, 0xffffffff) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) r0 = openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, 0x0, 0x2000, 0x0) read$auto_proc_pid_cmdline_ops_base(r0, &(0x7f0000000040)=""/159, 0x9f) read$auto_proc_pid_cmdline_ops_base(r0, &(0x7f0000000180)=""/78, 0x4e) bind$auto(0xffffffffffffffff, &(0x7f0000000100)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00', @ANYRES16, @ANYBLOB="010027bd7000fddbdf250a0005000700000000000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) madvise$auto(0x110c230000, 0x8031ca, 0x9) sendmsg$auto_TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYBLOB="01007050a7f82fc634b10f00003460fac93497d76d"], 0x1c}, 0x1, 0x0, 0x0, 0x40010}, 0x2) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x400a, 0x4}, 0x77, 0x8, 0x0, 0x60bd) r1 = socket(0x10, 0x2, 0x0) madvise$auto(0x80000001, 0x101, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) write$auto(0x3, 0x0, 0xfdef) write$auto(0x3, 0x0, 0xfdef) select$auto(0x5, &(0x7f0000000080)={[0x20000009, 0xfffffffffffbfffc, 0x9, 0x5, 0xc, 0x3, 0x3, 0x1ffe000, 0x2, 0x2, 0x9, 0xf, 0xa657, 0x202, 0x6, 0x1]}, 0x0, 0x0, 0x0) setfsuid$auto(0x1) unshare$auto(0x40000080) madvise$auto(0x0, 0x20200, 0x15) close_range$auto(0x2, 0x8, 0x0) 2m10.370215078s ago: executing program 34 (id=772): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000002400)='/sys/devices/virtual/mtd/mtd0/mtdblock0/ro\x00', 0x20000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sysfs$auto(0x2, 0x10000000000002a, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) mbind$auto(0x0, 0x764, 0x4, &(0x7f0000000280)=0x1, 0x3, 0x4) close_range$auto(0x2, 0x8, 0xffffffff) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) r0 = openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, 0x0, 0x2000, 0x0) read$auto_proc_pid_cmdline_ops_base(r0, &(0x7f0000000040)=""/159, 0x9f) read$auto_proc_pid_cmdline_ops_base(r0, &(0x7f0000000180)=""/78, 0x4e) bind$auto(0xffffffffffffffff, &(0x7f0000000100)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00', @ANYRES16, @ANYBLOB="010027bd7000fddbdf250a0005000700000000000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) madvise$auto(0x110c230000, 0x8031ca, 0x9) sendmsg$auto_TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYBLOB="01007050a7f82fc634b10f00003460fac93497d76d"], 0x1c}, 0x1, 0x0, 0x0, 0x40010}, 0x2) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x400a, 0x4}, 0x77, 0x8, 0x0, 0x60bd) r1 = socket(0x10, 0x2, 0x0) madvise$auto(0x80000001, 0x101, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) write$auto(0x3, 0x0, 0xfdef) write$auto(0x3, 0x0, 0xfdef) select$auto(0x5, &(0x7f0000000080)={[0x20000009, 0xfffffffffffbfffc, 0x9, 0x5, 0xc, 0x3, 0x3, 0x1ffe000, 0x2, 0x2, 0x9, 0xf, 0xa657, 0x202, 0x6, 0x1]}, 0x0, 0x0, 0x0) setfsuid$auto(0x1) unshare$auto(0x40000080) madvise$auto(0x0, 0x20200, 0x15) close_range$auto(0x2, 0x8, 0x0) 1m58.492968979s ago: executing program 35 (id=758): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event2\x00', 0x581941, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) eventfd$auto(0x8c) socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x2020009, 0xe2, 0xeb1, 0x8, 0x8000) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x4, &(0x7f0000000000), 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0xad02, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x0, 0x401, 0x7}, 0x9, 0x0) landlock_restrict_self$auto(r2, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) umount2$auto(&(0x7f0000000040)='.\x00', 0x4) umount2$auto(&(0x7f0000000000)='.\x00', 0x4) ioctl$auto(0x3, 0xae41, r1) semget$auto(0x8, 0x3, 0xfffffffe) semget$auto(0x8, 0x9, 0x2) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) mmap$auto(0x0, 0x7fff, 0x3, 0xeb0, 0xfffffffffffffffa, 0x208000) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) listmount$auto(&(0x7f0000000100)={0xba, @raw, 0xffffffffffffffff, 0xfffffffffffffff7}, 0x0, 0xf4240, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 9.20116084s ago: executing program 7 (id=1167): mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x4001) (async) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x24, 0x0, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x6}, @BATADV_ATTR_TT_CRC32={0x8, 0x13, 0x10001}]}, 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x4c800) (async) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 32) socket(0x2, 0x1, 0x106) (async, rerun: 32) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) (async) socketpair$auto(0x3, 0x5, 0x7, 0x0) setsockopt$auto(0x3, 0x0, 0x13, 0x0, 0x9) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="02000000", @ANYBLOB='!'], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090) (async) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) 8.945083787s ago: executing program 7 (id=1168): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001440)={0x1028, r1, 0x1, 0x70bd29, 0x25dffbfc, {}, [@HWSIM_ATTR_REG_STRICT_REG={0x4}, @HWSIM_ATTR_IFTYPE_SUPPORT={0x8, 0x17, 0x4}, @HWSIM_ATTR_MLO_SUPPORT={0x4}, @HWSIM_ATTR_ADDR_RECEIVER={0x1004, 0x1, "e81987787362b2e08c3d370feaeaa679bc5331ef4bba9ed1d14bf4bd10bd916506388b131ad5182178390ddc9c92ef1124b57b7f016c7c18979af51bb8c7660ea962e6e0b28770ea4d95454d1aa8c3079fe849fa8d4580f6d217973786e68b0e8771faacdb3664ff8f3ebb2920d65f8713a214985fc1aa335b5ab54e5dd59a2944aa68a39f1cdcfc79416ea4c3cc93f5020a3f02bced0cbcdb521b534fe16c5aac9b43f0029eb24b145e389d4bc781785e032fa0654e862ad4106683e86cc855265425241f3a86d1cee8517c4135e9587124fe33c8523774170af20cdc0d86291c04268c08169e5796e36d2e713500c3cd100a35b062f90174001bafa1c84bea1c117191e04c3084730521d3518c07aeba9d7a8eee4c2dbcbb167959c90c48aacd0b7c147fb8630b80703a88fe6710728d3ca48117d9a192f22713f66ba7ffa7fd8a3dbb4fd297bb6428be10bdde14bf4ce78cd0f7485ca94e79fd1bd18567f6c6e05b9110f6f3d5d45e5ff9efa6b979bbb29c55cb1313e03f24ba273ffef447d7cbddc3f39222acf86b7dcafeb1ae54d2d9e0664eb503d9f24eb041dab702ca5154e2772f8b3d4d6834214e840640b564ad0417840d3eae534125a43cde655f3bf1e3ad0fab827401d9dc797dc379bcf45e87d54f723b71e45121685137697bd308e6be3094dd36137ea2fdb431bc9a4f377209c5bb3ba973d0bca68d1a8772697864fe8c31154198e3e0c243944942e041043d1f01d93e021de84396009c8aa0528f7f7a38b93e57d690d29c5a06e5150f276842cd5e5e2ac6009552199e483720101282336784cb961baf79b063cd10f2312f833a9c190fd66bec1939d8fdd8d35fff33a929e9e68688e70578ff2349f7cfa74caec7c520c81b6fb7800cc0b147c6b62be3358c1a4d0157ba2e0f19fc534bde2f70aaba47ee87369165bf58b6b8ba93eebea0506f379ccaea9dbea2b39b4f6fbcb0820f64006ca7351014c8265e5adf4de80cceed0e6a467b9b6578014f89436fbadfddcfb627394f17ecbd665c0126f22c6fb5b353f5e435e52d6b86120aa3ac3c50b8892ed1f2df208b6936932774a877074f08ac6e086d0f92e6759918c94d125be951ff66c92f0cea709706662377a5d2a826549a2a797f580eaf9f8658d2b1acd04949e36de0238322e93c9b2f7ee125f54297f571ca52dd6c594156c1757c34dc84e646bc77c49b7fdf8284117bb3be101f31aabc7821e7929b53614e4b6066e5ff5fe052f34e23cc2fc60b4f60b0ba47365a5119d7c7f399fd56c9dd90cd7628b42d436dfeb9d60ca33a0e9bb1c72b0fe306fe4515a6240c3f4289b1dc4a67efca6c536e50519484820e2d6066b086566dc3f95c4dee89cf7bc2b425f261c94cf3a736aa4470e33c44df127cd69167d7494d8026eafd6bbe9747c34fdcf50561036394d09c37b07fc068893a2eea89b9edaa7d56f81fd6f0163aaaac81e6265b912d51aae6d26fced759472875cf875dc32e79e38ca8c8dece1edbb695b317b7f948bdeb61e3fb2c16955eb6ecafe8c04feb47979e9dbed25a5b4560ebba8b98c6fe3d828c51c547e5bd40e2f28bbdcdbf64a98a51c1067bc1e3bfa31355f2c12e077440bd15ab88e52bd3db87059fbdbb8f327cacfa3339db562f4e1dbf0fe40e36f0a33375102bba0d694c10f85141bed0dcbc1d6187e7ffd46991d54de13ae54ef2187eeda4fddf9f42bc5b05334e75525359e64f74de7b51b6790e2e76a71f8933b0dd59af3b174179e00928eee399f4fef1d85389df9090be42ec814bafc6d183128baa55227751dbb10d7d467499a02e7e6e5bd9631a10d846ebb1f9eeb95951b2660ce7fc4f711af8958eb5136afb74cc464b4b701d619cb6e254ad5613eb67c8fb78662f3bcf45cde20568ca0aef2df2d08f4f813e21390af33d6871ef21de26b82a06f56682d0eed8f30a93443407ab921f373be0fe878df54d750fcd262dd8963b319d8228063749e6fd1916c831eebf16235a276b83a58d34d6e8079ffc13a02f1c1d757686ae2f42b4517c04a8baf610e16a6c10cedec845d4d628058c5480b9e1666983e6e545945e016b8f0b6b3966803f5041ed8d1dc1eb32ae55a447a80a1ba3a587a1162ac976ac0170a30a78d0f3ac91e01e0aad7f50a211dd62fdabaf602d199e2b6f0a18902eb5c51698b9afb695650103b7fb746c10e1ed0e7ecf02e05b7247703ef7710767b2b3b69fa1f0dc62bf03970d595fdaa8bba0a6b83d2988905030dd7347492cf7a3941152c66637fe76fe1e22c3e7666c2e9ec0c929810e0fe9c85b67f57cf6551b6c77d6458e1a1d30102e52d5fe4e9bc195deed7e01ed0f952726fc5c7cab383d460aba815e1affbc5dde9cea619df761d3b493d1ba423af085226f5475f425d44e369bb05f027679bad77268badb7a50b987350cbb57c728adf3c06a8513943ad18fdd158734a34a2927f93a37568c08e0d0c880e5ee666a231d7493bd7fa7c2e0d25141dc43f7fad4d6bed539ad85e3f213d68089fcadbafa2d2f02ffc10f72ee997f5e32965f02833001bdec53767da8dd95865dac9634a7be5fbd2ec3e1633446f4ce44e15cad28c17f6c6d1827f1e56493f9502bf4a439e4a0354742749cb9917e0cc60818200e73caf493f8f3c827a79dfd1b89af4f52af2ba0095c000c5c1d2e2503e4281fc10f4718ef6bb0af6d1edee32d8b6a8e4a09c4e08a11b89735622539c9720b7031de08510ad2bf23a50f0532e88d55ce022bc0a1522ca7e78fc68523203c815b299015adbde7e347b374eec5b65468f84aa9af65724e20ae5765195444f738c5af3ae80edf94e0bb68a925194725b6cb506070e038516c553acf8fdea44015d1edc9aba869a68746bef473805efab86e818305018a8a29898bad0ae762f368bd89d9f574d7d5e914ff421a383f9900e3e86875961bedbf06881317fc069dfdd72235db21a8617137077ceefee9e886e44f3feb48e21a1a9795efdc64ecfdbcd5c243922085ea5451feb73d2e6df422b74b7d7de384c2aeb8dfbf604cb3b0eeb05309aaa00c1a3ded1adaed30055f5670900006b920561d63650dbfcec0904a6d26576223bb32cd593dee9f4ec259c23b4ea526527e01765335f7d56c6ae60454ed25efa808be5a46a759f00631302549b7918592a412034fbe89ba7de0d38479279c7eadb30d0fb68d44e31a42538c60ebac9764b918d226c5232b843346e214aaed4bd27d30b24009cea14a21de309bf35d1d219d8f7bd67c5aa4d283d5737345f4ebc0dd04dae310c0b9c53e291b15b049437b876c10baa4dd58a26de3e4290ae2a3adeda8f69fd65094fcea6c0821f597c899a04f24520a58becb42e1e35bba0e1525f568fd0cab6b6f66609ab7b602f24691e1955d42eb7e156fc4ccf6a5e74d3b6a36fb3f56967545bef94ae5966eb2c7d963ee7d72330fa83112610c7f320f6c74d2474802c8f8070ff9b5348452c68caa662fce86ebbbfa6657db7ad0af1999b94a71c99dfbd2f5f0f51935570319c5f80508cbb664d57ef3ea5a50e759ffaa74fd54c1716d9d6de8084a62ce82ec7d08bf6ba44519b27dad8c4dc3be3ef3fea137783c7736ca5613128915e5406b8f9efe251742068ef1c286a23a5a2b090ada0880d62e4b6b205a26eccebe1cf4595e0efeb232492915fdbd76eecb509858221068277864c9f79fc724af348a7bc2dbfe5afe316f662f383c003ef5eaa04031402896e3467dd91cc5fa4f64dec00f9faf1ff189b9b552d159c858408ff8671d66caa95d8406b75509c5afdf0d5ce35657f501c769ad714c5bf72207cb4ad3703bd52685ee220e921998455bbf1e574f8fecdfddf2a55cf40db58af7c7e4e71295ba81cd3d28ea675b7992c54e2dfc1e7bf82aa95c5c1fa9a1e3c98960aebad21342f5e5915106835241cbe0e760b8cbcb1ab8277f2d6b2e7853b88826e50f383a8cc5e133b9003f074e89126364467da3adcc716f0b36c0f917dd020a2f14975c586cbf9bf69423f2acecf1ecb09bafed0bd095b806e9002eaa65f65a9aa20d6c1eb540762c43575049d6d978e8fd123be38fec9c8f4e2be5aa395922d64d400bb19a07ff10b150176d9b325308c1ddc1bbff123dea4f5cf1396d9458ca80eda38a03014a737b91fb75de088ad374ef8a76854e3adca82438edeebac2b00ad0ff4d95d717fdaa5bb96318179e93e374c05f2730deaced5074fdf4ff69d4434db78df98a49620bbc8ec56c8de90d75c9a7f3fc6d4c5397ae34511e7a1389973319bb4ec01ea21a19f3867a373b28881ec091b429f53a8318e45fc1fdf054d58a12131d801f863d65e3add70b4fb39076680913b09d2e1f581b811f382bfc1e90ef6c4bc84464fc2bd92f6ee11bd02819a0280fd09519ea7f7d439345f096259803af7d3e3226eef14b9179e8e2d8a261791163cef2f4dad0a4140715cd768a348a775ac5b7f2a260b4fb8f79c4b1744c6623f3a196f1d337f251c7c73b5ee3ca5e97ea4a7e5d457548c0f78989b2288fec56bc4d2b5f703808e9412fa1e3f58557b1efe918327c7049e7227935858c082afd7f053e4735e65cf75902b8dec5249c56426dadb7c8b34ac361d3bf7974f36da917b3409c346485e606fc85512bdb945150817303a8a173e4302bd7f7e0ef291a82b86d8fee7510158e45810e99c4f3e616a34c03cc9db12aba801b47a46476f2f010257c7b4a1b6ea49fef37c62530ead651d887957bd1ad476e65271a9a891915a824630d9d0fa3b8cf8fd5a23b5b960da0229c9c3dc148247aa6a962f0b3bcd6fc6b9e54664504199fcef110dcee3ef39787f334e11f2e266a7913f42de157e9c9d0edb29b7792fd99a9d949d1a5d2e38e982b14c6e4df43b478d60dd0d62e2ca250675e7320aeb652232bbf94ada196337a6eb7c181dfc3b9179ef53068e69e8b78665d611b8341444f83c598b9c5057e16ef974c54f82aad0a7abc86df9b698057fc14baecb858ba9d4067177e71aa6127bc2d2fda64ef90cffa40b552199f8b5d1c28e18f629ef3dce1c7e03dbef29ab518eba8d9292d2dd9658359231a16f44f3a54409aa62a24555e955bf2707d3a723138090f87fb8eac65006d182d5722a47036c9ccef275af7fd5b3355d8d9344a3e7c012489dbf3f718f363cc10c003daa5b5819c824614cf7b337404d13cf682a80338131d1069535e6879e501ee90c5a74b4f633e66526797a4e39a2c1f2d2dcc198ccbe573196ad1f2eaf9b4a378a882aa92097824334a9d6f117f536c5fc83e59aa059997982ac68d38a5116f8928543f5cd689f49030a2d280a8c2ab557d1bc6125daafc06f6c4cf2bbbac669b70e9278a9e1cbf650bed441a1ecae6e7dd9d715d7be341e16dc5cf536e3bbed5c197f436181b939173c57f98674103b7bdda8d72c9b2dcd47868e9f2ddbcc430e1ebff47a0322be60b9f891faf6688c4ac18ed9f04fc79ea9ec95203050924bdd6a795bef0158481dfd84194bf69aeca264d11aaaefd1bfe51d8ec844ed79047c339b38d17b2cf5c0290dce749e3b30d07a74367ac5703615c73e0aa67f5e16272fdf31fa6b8bcffa019849863bc53c6185a221cfdaaadcc7a81312dfcb0d443903b69282f83b403ef0c0d4d800755c61545c06cdb2df2cadcac8e22cd564fd8fe1da59eaf1f39658a3ba37b7798a8f77d5c365e8afcf36ea424cfb4d7918c7c4230b73ea45a44a5df3f9574fd9f3bffc684af0b69e1d0373c19be1a494b6c364e3c11910b3135650d2c5a7df4056e384478597615dbd4"}]}, 0x1028}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) ioctl$auto(0x3, 0xff05, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open(0x0, 0x161342, 0x122) socket(0x1d, 0x2, 0x6) r2 = socket(0x2, 0x800, 0x1) fdatasync$auto(r2) add_key$auto_KEY_SPEC_USER_SESSION_KEYRING(0x0, 0x0, 0x0, 0x1, 0xfffffffffffffffb) add_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000000)='/dev/ttyS2\x00', &(0x7f0000000040)='%:]\x00', &(0x7f0000000080)="5d8f0a407da0410126cacb68e1f1a257387ce94368d7080fc88a4507f2faff2126a2722e8a2a8f92166fb9abe89759f7631c05e7c426b5805c064d1e2137d541035f3c413a5027683d5ccc2084b1ff2665cc28af0b42d8431d9b6743f062b7babc6f5a3a58fd5c42d843840670f7c8e538931d595bb5bc6965b3f7352e890d11391330502f5d482457eb4afcff0e1a88a004921331826d99bf9fc778b0d6742aac8b99a452059b6c4cfb827dca129b6c6570c9141e5aa019d630e14f8a1ee09b29534ac144ca032b57e5948d", 0xd, 0xfffffffffffffffb) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000180), 0xffffffffffffffff) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa101, 0x0) io_uring_setup$auto(0x2, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) mprotect$auto(0x110c238000, 0x1, 0x3) socket(0x8, 0x4, 0x7e) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'team_slave_1\x00'}) 7.898165342s ago: executing program 7 (id=1172): r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0x10, 0x6, 0x0) read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000040)=""/153, 0x99) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) madvise$auto(0x7, 0x3, 0xe) mlockall$auto(0x7) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) sendmsg$auto_NFC_CMD_DISABLE_SE(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000240)=ANY=[@ANYRES64=r0, @ANYRESHEX=r1, @ANYBLOB="200027bd7000fbdbdf2512000000a500138056cbfa42c40766659aa29e5e977fd8c0c5ea07452724775bbe2a991a68ffcde27d30d9539f5af41857c946a10ab75d4455ff05a8c7e2dd82a1b193c14603e7d524459341b3e50ef2aa9f0036e435055f7ced71ecabd242d2772183e1ecccd5862bebfb0c8f2d4aeb08712114c79f828805a9f502ad2cf56faf93edaa4aed6a9f231f9ebe64ef8a62707c3d2a42aedbf90b43fa34f4d09b7d0ddf851881011ee196000000369d7c7bb77a80ef34d5264f437c77dc3c5801be321b62f55347c95a130d67"], 0xbc}, 0x1, 0x0, 0x0, 0x8000}, 0x24004c89) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x842, 0x0) write$auto(r2, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/extra\x00', 0xa142, 0x0) sendfile$auto(r3, r3, 0x0, 0x1000010000001fd) writev$auto(r1, &(0x7f0000000080)={0x0, 0x1000}, 0x3) socket(0x2a, 0xa, 0x3) epoll_create$auto(0x3f) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), r4) sendmsg$auto_ETHTOOL_MSG_COALESCE_GET(r4, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="00000000d8fc52a82bacba35d4b24b9b46bc5c1f2263a2cf38aab317ef", @ANYRES16=r5, @ANYBLOB="02002dbd7000fcdbdf2513000000"], 0x14}, 0x1, 0x0, 0x0, 0x6000091}, 0x20000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) r6 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r6, 0x400, 0x1) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) socket(0xa, 0x2, 0x0) unshare$auto(0x40000080) r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ip6_mr_vif\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r7, 0x0, 0x0) 6.209911589s ago: executing program 4 (id=1175): socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000000c0), r1) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)={0x9c, r2, 0x4, 0x70bd2d, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x58}, @L2TP_ATTR_STATS={0x65, 0x1e, 0x0, 0x1, [@generic="d9380001148ed1d847b304208d8a41c149eff2958bb5e401ff2e1d7200fa5f855c9c61b8abf2e44343daae9b7d61bbf92ff1e301cc4aa1d5c630df333841dd7809", @typed={0x8, 0xc, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x14, 0x145, 0x0, 0x0, @ipv6=@private2}, @typed={0x4, 0xc}]}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_FD={0x8}]}, 0x9c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) (async) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)={0x9c, r2, 0x4, 0x70bd2d, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x58}, @L2TP_ATTR_STATS={0x65, 0x1e, 0x0, 0x1, [@generic="d9380001148ed1d847b304208d8a41c149eff2958bb5e401ff2e1d7200fa5f855c9c61b8abf2e44343daae9b7d61bbf92ff1e301cc4aa1d5c630df333841dd7809", @typed={0x8, 0xc, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x14, 0x145, 0x0, 0x0, @ipv6=@private2}, @typed={0x4, 0xc}]}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_FD={0x8}]}, 0x9c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) fanotify_mark$auto(0xffffffffffffffff, 0x1, 0x2, 0xffffffffffffffff, &(0x7f0000000100)='./file0\x00') close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000000), r3) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000500)={'netdevsim0\x00'}) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000500)={'netdevsim0\x00', 0x0}) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NET_SHAPER_CMD_CAP_GET(r6, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000fbdbdf250500000008000100", @ANYRES32=r5, @ANYBLOB="0800020001000000"], 0x24}, 0x1, 0x0, 0x0, 0x20044080}, 0x20000000) socket$nl_generic(0x10, 0x3, 0x10) (async) r7 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000080), 0x48801, 0x0) (async) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000080), 0x48801, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mount$auto(0x0, 0xfffffffffffffffd, 0xfffffffffffffffe, 0x2, 0x0) (async) mount$auto(0x0, 0xfffffffffffffffd, 0xfffffffffffffffe, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) clone$auto(0x20003b46, 0x1, 0x0, 0x0, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000000), r7) close_range$auto(0x2, 0x8000, 0x0) r8 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/net/rpc/nfs4.idtoname/channel\x00', 0x8f3b7a51b80ebd01, 0x0) write$auto_proc_reg_file_ops_compat_inode(r8, &(0x7f0000000040)="205c20d1027e0dc0023af10e9bfa1babfa203753ca9a202d0a", 0x19) io_uring_setup$auto(0x6, 0x0) (async) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xd1, 0x0, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001b40)={'batadv0\x00'}) 5.700142665s ago: executing program 1 (id=1178): r0 = openat$auto_fops_atomic_t_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/fail_iommufd/space\x00', 0x68201, 0x0) write$auto_fops_atomic_t_(r0, &(0x7f0000000040)="e1357039fa8afae9e9a8e9de663e957e9e8fcfd026af90da140f341ef8778a76b6bd1352955032b5f1ce79c0d203f6505c363fd01ca59b2c6212f7d7ba3e692791325b41f4e0ae8e0c77d5032a23ce951ec28974b14fc0d628510cc27b3070910fd7c8e0bee14e476f4a1e125f5b6abdb4834ce50eeec73266acf5b395c0b1c59d174812456e50d1", 0x88) 5.471208307s ago: executing program 4 (id=1180): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xfffffffd, 0x401bf, 0x7352, 0x3c, 0x65f, 0x1ffde, 0x4, 0x3, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb2, 0x80000000009, 0x2, 0x10003, 0xb, 0x4, 0x0, 0x7, 0x2000, 0x203, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa6]}, 0x1fe, 0xd) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 5.470508134s ago: executing program 1 (id=1181): mmap$auto(0x5, 0x101, 0xdf, 0x1b, 0xffffffffffffffff, 0x10) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, 0x0, 0x7fffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/nbd13\x00', 0x180c0, 0x0) (async) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/nbd13\x00', 0x180c0, 0x0) ioctl$auto_BLKROTATIONAL(r1, 0x127e, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ptyv9/power/autosuspend_delay_ms\x00', 0xa001, 0x0) write$auto(r2, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/controlC0\x00', 0x60000, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/controlC0\x00', 0x458140, 0x0) (async) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/controlC0\x00', 0x458140, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x62c00, 0x0) ioctl$auto(r4, 0x4b30, 0x20000009) (async) ioctl$auto(r4, 0x4b30, 0x20000009) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x8080, 0x0) ioctl$auto(r3, 0xffffff41, 0xffffffffffffffff) socket(0xa, 0x2, 0x0) (async) socket(0xa, 0x2, 0x0) io_uring_setup$auto(0x6, 0x0) (async) io_uring_setup$auto(0x6, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0) fstat$auto(0x8, 0xfffffffffffffffd) (async) fstat$auto(0x8, 0xfffffffffffffffd) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer2\x00', 0x80002, 0x0) (async) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer2\x00', 0x80002, 0x0) write$auto(0xca, &(0x7f0000000980)='\x04\x1d\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa4Cn\xb2./jn>9\xd2\xdb\x88\xf4\x1aVj\x13j\xe1\x96\xf7\xc2\xd3qm\xe6q\xf9\xa6u\x8eZ\x00\xf8*C]\xfd)/\xf3\xa1\x92|\x06|\xd0\x82\x93\xa5\x9a5if\xd0\x8e%g,\xc5\xec\xef\x87\x19\x17\xb0\xe1s\xf6U\xc0\x90r\xc5\xc8H\xa3\x9d\xce\x98\xe7\xb1B:\x179\xdc8\xa8) \x15\xce\xd8\x86\xff-\x80\xf5jMj\xda\x8f\x03EO\xe6\xa4Q\x81+v\xc9\xb8\x00\xcf\x94_\xa7\xadV\xc9\x7f;1R\xa0\x7f\xbe\x1e\x83\an/w[i\th\x9c\xb8\xd1\xed\xba\\\v\xe1\v\x81\xcc\xba\x03-N@ \x14\x1e\n\xe9g\x9fF\x05\xc8\x9f\xe5[\xba\xd2V\x9b\xc1\x9f\xf1%\x9c\xba\xf9\xb4\xa8\xd4\x05G\xf6\x82\xf3m\xe6V\xba\xa0\xf9K\x15\xcc_H\xce\xfd\xe2\x88\"\xe0\xd5Ld\x7f\x1c\x90^\x8d%\xb4', 0x101) unshare$auto(0x10000) (async) unshare$auto(0x10000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mprotect$auto(0x100200001, 0xd4, 0x9) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x2c6a81, 0x0) getsockopt$auto_SO_BPF_EXTENSIONS(r5, 0x1, 0x30, &(0x7f0000000740)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', &(0x7f0000000180)=0x4) (async) getsockopt$auto_SO_BPF_EXTENSIONS(r5, 0x1, 0x30, &(0x7f0000000740)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', &(0x7f0000000180)=0x4) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) shmctl$auto(0x12f9563d, 0x4, &(0x7f00000006c0)={{0xbb, 0xee01, 0xee00, 0xb, 0x4, 0x4, 0xff7f}, 0x400, 0x2, 0xaa, 0xf664, @inferred, @raw=0x495, 0x5, 0x0, &(0x7f0000000240)="044a92095fdb8b46aca493ad4b5d5932aa5b384069d232ad64de7e333d2500a327bd0d4e6e10422871f94ea50da45887846f1fb5a03ed71023160a68204bd7e0c0eeaf104a7500e684b804fa33eb4d5eab271cfc1f19b637d5bb39d2cfac47a61cb894e6c72c5b0e84ca671890a653dd0c3dfa0e4f2620082cb89a72de1b3e91fead20b614c2e07d3a18f98fb75a21bde8077e3d2a9878d910fd3d7b7dc69d078a59ca2656d248839d8790f932bcda4a07615140a641d533d387dfb0111f89c19b8c99759b3126f7def3a32da48b73b1b6c9aa332251e9d807b032c6d48bb5d30b0e9feb856eec3ac7eedc2f9495dec8eb63", &(0x7f00000005c0)="d6e0b96b8b8b90c1b8ceabee3c3cc052ccd140bba32e8d0cd9ab7289713a2040a62549112d65ae42a482a8f9f56f582e112a27b6eaefece7095b304397aa4a75396b8eeaccbb8df9673ce6b299077401e9de94beca9b98f1bedbc61d99c9ef39669b309361da9ca9df2056120c02fbd93c8ed9081d4982e3c87cef4d434a9a5fdf36cefce8f4ab96e52cc68cd90098b8b58c1445bd55ec152c00723f398bf587cd1a9610804037f1340b7f496858a2549f6101fb75f9059542a43a6ced247df420d7b869dcffcdaa6d02d7700cf00656a52d1bbbb9228c460f99ee5137fb81d3f94826b8b5e51626bbe57f78e5a9eca44215"}) setreuid$auto(0x0, r6) 4.901522587s ago: executing program 4 (id=1182): socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x29, 0x4, 0xd) socket(0x1d, 0x2, 0x7) setsockopt$auto(0x3, 0xef0e, 0x4, 0x0, 0x6) r0 = socket(0xa, 0x5, 0x84) r1 = socket(0x2c, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="13042dbd7000fbdbdf250b00000008000300", @ANYRES32=r2], 0x20}, 0x1, 0x0, 0x0, 0x4804}, 0x80) mmap$auto(0x0, 0x4, 0xe2, 0x13, 0xdd, 0x100008000) sendto$auto(r0, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) 4.169053178s ago: executing program 4 (id=1185): r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card1\x00', 0x2000, 0x0) ioctl$auto(r0, 0x961064a0, 0x600000000200007) 3.858507988s ago: executing program 4 (id=1187): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0x2, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) renameat2$auto(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x7) r1 = socket(0xa, 0x5, 0x0) setsockopt$auto(r1, 0x10000000084, 0x13, 0x0, 0x8008) ioctl$auto(0xc8, 0x800454d7, 0x5c8d) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000200)={{@raw=0xffffb282, 0x1, 0x1, 0x400008, "3112d585005a614d19e22af9ffb683dbede3d0bf820400ba40f035f4be6b7fe5e2f94bd90484b0755015e48d", @raw}, 0x2, 0x5, 0x4, @inferred, @integer={0x7, 0x5, 0x5}, "7a9fc199a16a2311eacf2fc7ae1da978dc3e8090334fdd73340238d212b6debe0eda71bdd70925450e24e87212f0bcab84a16f7ce8cbce0bb32777702b8d7c2d"}) r2 = socket(0x2b, 0x1, 0x1) getsockopt$auto_SO_LOCK_FILTER(r2, 0x6, 0x2c, &(0x7f0000000040)='%%!\x00', &(0x7f0000000080)=0x8) socket(0xa, 0x801, 0x106) setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x2) rt_sigqueueinfo$auto(0x0, 0x4, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x7e73, @_timer={0x0, 0x80000001, @sival_ptr=0x0, 0x5}}}) r3 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r3, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x49}, 0x5, &(0x7f0000000180), 0x5, 0xe}, 0x5}, 0x2, 0x100) mmap$auto(0x0, 0x4, 0x14000000000df, 0x40eb2, r0, 0x300000000000) lsm_get_self_attr$auto(0x64, &(0x7f0000001400)={0x10, 0x3, 0x7fffffffffffffff}, &(0x7f0000002440)=0x1ff, 0x0) select$auto(0x101, &(0x7f0000000080)={[0x96b, 0x80000001, 0x7fff, 0x1, 0xff8d, 0x4, 0x3, 0x3, 0x4, 0x9, 0x1000, 0x4, 0x2, 0x7ff, 0xdcea, 0x4]}, &(0x7f0000000140)={[0x8, 0x340, 0x100000000, 0x6, 0x400, 0x3, 0x735, 0x10, 0x2, 0x4, 0xd273, 0x1, 0xd, 0x3e, 0x2c52, 0x2]}, &(0x7f0000000340)={[0x556, 0x9, 0x95ddcb0, 0xb, 0x2, 0x8bd, 0x8001, 0x3c8000000000000, 0x5, 0x40000000000000, 0x1000, 0x0, 0xee13, 0x2, 0xb, 0x3]}, &(0x7f00000003c0)={0x8, 0x7}) fremovexattr$auto(r0, &(0x7f0000000000)='}{(\x00') 3.754093795s ago: executing program 7 (id=1188): setrlimit$auto(0x7, &(0x7f0000001380)={0x5, 0x6}) socket(0x2, 0x1, 0x0) r0 = socketpair$auto(0x3, 0x5, 0x7, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video63\x00', 0x80800, 0x0) read$auto_v4l2_fops_v4l2_dev(r1, &(0x7f00000001c0)=""/191, 0x1f8) ioctl$auto_MON_IOCQ_URB_LEN(r0, 0x9201, 0x0) 3.650836819s ago: executing program 6 (id=1189): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/mpls/platform_labels\x00', 0x202, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x465, 0xffffffffffffffff, 0x38, 0xffffffffffffffff, 0x828001) socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0xc0a82, 0x0) write$auto(r0, &(0x7f0000000500)='\x80\xa3\xf3.\x80UX\xb3\xec4\xfbX+\xa7\xbd\xaa\x10\x9c\xaa\xcaT\xdf\xa1@\xa7J:\x8ao\x8c\x90VBt\x93\x8f\xe19\x9cg\xaa\xb5w\x10\xba9\"T\xfa\'\x1aJz\xf9\x97\x1e\xba\x90\xa1\xc2K\x8f\x1aok\x88\x87\x1d\xdc\x149\b\x15\xb4\xeai\xd2\\ak\xd0O#f[\xff\x8d[\x83[\x00\xaa\xcdc\xae:\"\x1f\x95\xaa\x17\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x9e\x00\x00\x00\xe5\x0f\xe8&\xc4M\x94\xd6Y9\xebA1\x8b.\xd9\xe0\x83\t?&\x00\x00\x00\x00\x00\x00', 0x2d00) shmctl$auto_SHM_INFO(0x3, 0xe, &(0x7f0000000100)={{0x600, 0x0, 0xee00, 0x80000001, 0x10000000, 0x3cf4c3, 0x7ccb}, 0x9f, 0x2, 0x5, 0x4, @inferred=0xffffffffffffffff, @raw=0xfffffffe, 0x3, 0x0, &(0x7f00000003c0)='\x00', 0x0}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = epoll_create$auto(0x5a5d) epoll_ctl$auto(r2, 0x1, r1, 0x0) read$auto(0x3, 0x0, 0x80) statmount$auto(0x0, &(0x7f00000005c0)={0xa, 0x1, 0x44f, 0x807, 0x5, 0x7181, 0x1ffde, 0x80000001, 0xf1c, 0xfffffffffffffffe, 0x9, 0x80003, 0x4, 0x200000000003, 0x384, 0x9, 0x8, 0x10006, 0x400007f, 0xffffffffffffffff, 0x0, 0xf, 0x22000, 0x200, 0x4, 0x84, 0x0, 0x2, 0x0, 0x0, 0x0, [0x800000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x6, 0x0, 0x4000000000, 0x2, 0x2, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x2000, 0x100000000, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x4000000000000]}, 0x0, 0xd) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'veth0_to_batadv\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r3, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r3, @ANYBLOB="060006ff05000000080003"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) close_range$auto(0x2, 0x8, 0x0) r4 = socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_VENDOR(r4, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0008acbd7000fddbdf256700000ae20099003540000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x10) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004004) sendmmsg$auto(0x3, &(0x7f0000000300)={{0x0, 0x0, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x20000009}, 0x7}, 0x0, 0xfffffffa) mmap$auto(0xffffffffffffff18, 0x40000000002000c, 0x7, 0x13, 0x403, 0x20000008000) r5 = socket(0x15, 0x4, 0x0) bind$auto(r5, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) ustat$auto(0x801, 0x0) 3.26010763s ago: executing program 7 (id=1190): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xfffffffd, 0x401bf, 0x7352, 0x3c, 0x65f, 0x1ffde, 0x4, 0x3, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb2, 0x80000000009, 0x2, 0x10003, 0xb, 0x4, 0x0, 0x7, 0x2000, 0x203, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa6]}, 0x1fe, 0xd) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.096384347s ago: executing program 6 (id=1191): keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) shmctl$auto_IPC_INFO(0xcea5, 0x3, &(0x7f0000000180)={{0xfffffff9, 0xee01, 0xffffffffffffffff, 0x1, 0xbffc, 0x9, 0xfe00}, 0x9, 0x8, 0x10, 0x15d315ab, @inferred, @raw=0xd72, 0x8, 0x0, &(0x7f0000000000)="616b174c88297dcea4bc9e6967f0f96cb6c0d256e8b00b50dc9e4aace2c88faaafa2e09f2c86ca3dfd70c4050421c9d746e245e3898a228d3e1c296ef3a315a02feeae8d02035a8e6799e170bd53e58974bba8de766d7f2d7784506e682bf3f77eb1870f7c227cdbac66db0d73e0fbe76a447e33d6b70a56aaf7268fcae5d93158bfadcfa82118765afd3fcf4e23c34f", &(0x7f00000000c0)="fa8ea1c22783ee6847e722f8472f09ec9433ccd388203acd62dc53046d36a9527eff5f02b0a0c0683f1391d85baba3f6104c91dc1aa059432a95de6a9ec18bb5953ab21297b277c6712240c3939e5c9586f9ae4e49f252646f5f2dd82a68fcef93bd2232e16f9fcdfbf121b63bde10e43c6cbb7c6ef1b0a4df335e0ed9450a4377023436eb969d0b95fe5c5e6217"}) keyctl$auto(0x9, 0x0, r0, r1, 0x0) keyctl$auto(0xba, 0xffffffffffffffff, 0x0, 0x0, 0x6) 2.970797245s ago: executing program 1 (id=1192): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8004) sysfs$auto(0x2, 0x4d, 0x0) r1 = socket(0xa, 0x2, 0x88) setsockopt$auto(r1, 0x11, 0xa, 0x0, 0x8) connect$auto(0x3, 0x0, 0x55) r2 = socket(0x10, 0x2, 0x6) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x5, 0xfffffffffffffffd, 0x9, 0x1, 0x6, 0x0, 0x0, 0x20009, 0x2, {0x7, 0x10000}, 0x5, 0x6, 0xcb70, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0x3, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) r5 = mq_open$auto(&(0x7f00000005c0)='\x12\xe6D\b\x9e\x00\x80\x8d\f\xb9w-\xbd!\x9eb\xed\xfb\x0f\xe5\x9dZ\xc2\xd1\x01wBV\x91\x8f_\xc0.\x84\xfe\x84\xd1se\x01\x06\x00\xb3\x13_Y&\xa9\x88\xe4\xa2\xb0V\x85\x92<\xb6\xdcT \\\xf2\v\xb1\xe2\xd8\xfa\xd8V\xe5\x00\xfa\xe9!\xc5<\xce\x18=\x06\xdagq\xb5\r\t\xb2\xde\x99\xd50\xbb\x192\x1c4\x86\xc0\xc1-\xd5\x10\xc3\xfc*[8\x89h\xc5\xba\xff\xc8u50x0, 0xf, 0x9, 0x2, 0x6, 0x8, 0x1, {0x9, 0xae6}, {0x0, 0xa00}, {0x4, 0xffff}, {0x2, 0x1}, 0x3, 0x400, 0xfffffff8, 0x80000001, 0x200, 0x59, 0xf, 0x7fffffff, 0x2, 0xffff, 0xf47, 0x6, [0x6, 0x7, 0x3, 0x2, 0x8, 0xc, 0x80, 0x3, 0x4]}) (rerun: 32) ioctl$auto_KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f00000001c0)={0x7, r2, 0xbd0e, 0x9}) (async) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r3 = fsopen$auto(0x0, 0x1) fsconfig$auto(r3, 0x8, 0x0, 0x0, 0x0) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 32) set_mempolicy$auto(0x2002, &(0x7f0000000080)=0x7e, 0x4) (async, rerun: 32) get_mempolicy$auto(0x0, 0xfffffffffffffffc, 0x400, 0x0, 0x0) (async) mknod$auto(0x0, 0x1081, 0x9) (async, rerun: 64) timer_delete$auto(0x7f) (async, rerun: 64) ioctl$auto_TIOCSTI2(0xffffffffffffffff, 0x5412, &(0x7f0000000000)="1c4d57") (async) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0) 0s ago: executing program 6 (id=1201): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x2000000000, 0x400008, 0xdf, 0x9b72, 0x2, 0xf3) r0 = socket(0x2, 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop10/mq/0/nr_tags\x00', 0x20000, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x127640, 0x10d) socket(0x6, 0x805, 0x0) socket(0x21, 0x0, 0x4) mount_setattr$auto(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000000c0)={0x10002c, 0x3, 0x0, @inferred=r1}, 0x0) bind$auto(0x3, &(0x7f0000000040)=@llc={0x1a, 0x18, 0x4d, 0x6, 0x0, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x28}}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x132, 0x0, 0xfffffffffffffffd) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x8000, 0x13d) fcntl$auto_F_GETPIPE_SZ(0xffffffffffffffff, 0x408, 0x100000001) ioctl$auto_IOCTL_VMCI_CTX_ADD_NOTIFICATION(r2, 0x7af, 0x0) r3 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x400, 0x0) ioctl$auto_RTC_RD_TIME(r3, 0x80247009, 0x0) write$auto(0x3, 0x0, 0xfffffdef) shutdown$auto(r3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r4, &(0x7f0000000500)={0x0, 0xffffffffffffff10, &(0x7f00000004c0)={0x0}, 0x1, 0x0, 0x0, 0x24004045}, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x8002, 0x0) socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000dd, 0xeb1, 0x401, 0x7ffd) bind$auto(0x3, 0x0, 0x6a) readv$auto(0x3, &(0x7f0000000080)={0x0, 0x8}, 0x4) kernel console output (not intermixed with test programs): and 0x0c1a tx timeout [ 223.028424][ T7614] ecryptfs_parse_packet_length: Error parsing packet length [ 223.074712][ T7614] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 223.099821][ T7618] block nbd0: not configured, cannot reconfigure [ 223.306627][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 223.598527][ T7626] input: f¬ as /devices/virtual/input/input7 [ 223.830226][ T7604] netlink: zone id is out of range [ 223.835446][ T7604] netlink: zone id is out of range [ 223.872344][ T7604] netlink: zone id is out of range [ 223.948251][ T7604] netlink: zone id is out of range [ 223.960758][ T7604] netlink: zone id is out of range [ 223.967818][ T7604] netlink: zone id is out of range [ 223.972999][ T7604] netlink: zone id is out of range [ 223.978615][ T7604] netlink: zone id is out of range [ 223.983863][ T7604] netlink: zone id is out of range [ 223.989578][ T7604] netlink: zone id is out of range [ 224.006155][ T7631] netlink: 28 bytes leftover after parsing attributes in process `syz.3.429'. [ 224.498240][ T7637] FAULT_INJECTION: forcing a failure. [ 224.498240][ T7637] name failslab, interval 1, probability 0, space 0, times 0 [ 224.536674][ T7637] CPU: 1 UID: 0 PID: 7637 Comm: syz.1.430 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 224.536747][ T7637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 224.536789][ T7637] Call Trace: [ 224.536799][ T7637] [ 224.536815][ T7637] dump_stack_lvl+0x16c/0x1f0 [ 224.536868][ T7637] should_fail_ex+0x512/0x640 [ 224.536903][ T7637] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 224.536955][ T7637] should_failslab+0xc2/0x120 [ 224.536984][ T7637] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 224.537031][ T7637] ? __kernfs_new_node+0xd2/0x8a0 [ 224.537086][ T7637] __kernfs_new_node+0xd2/0x8a0 [ 224.537140][ T7637] ? __pfx___kernfs_new_node+0x10/0x10 [ 224.537199][ T7637] ? find_held_lock+0x2b/0x80 [ 224.537250][ T7637] ? kernfs_root+0xee/0x2a0 [ 224.537309][ T7637] kernfs_new_node+0x13c/0x1e0 [ 224.537350][ T7637] __kernfs_create_file+0x53/0x350 [ 224.537396][ T7637] sysfs_add_file_mode_ns+0x207/0x3c0 [ 224.537453][ T7637] internal_create_group+0x578/0xf30 [ 224.537515][ T7637] ? __pfx_internal_create_group+0x10/0x10 [ 224.537572][ T7637] ? kernfs_create_link+0x1bd/0x240 [ 224.537620][ T7637] internal_create_groups+0x9d/0x150 [ 224.537675][ T7637] device_add+0x731/0x1a70 [ 224.537710][ T7637] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 224.537753][ T7637] ? __pfx_device_add+0x10/0x10 [ 224.537788][ T7637] ? sprintf+0xcc/0x100 [ 224.537830][ T7637] ? __pfx_sprintf+0x10/0x10 [ 224.537898][ T7637] add_disk_fwnode+0x468/0x13a0 [ 224.537944][ T7637] loop_add+0x909/0xb70 [ 224.537974][ T7637] ? do_vfs_ioctl+0x512/0x1990 [ 224.538013][ T7637] ? __pfx_loop_add+0x10/0x10 [ 224.538042][ T7637] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 224.538101][ T7637] ? find_held_lock+0x2b/0x80 [ 224.538139][ T7637] loop_control_ioctl+0x13c/0x630 [ 224.538168][ T7637] ? __pfx_loop_control_ioctl+0x10/0x10 [ 224.538202][ T7637] ? __pfx_loop_control_ioctl+0x10/0x10 [ 224.538242][ T7637] __x64_sys_ioctl+0x190/0x200 [ 224.538277][ T7637] do_syscall_64+0xcd/0x260 [ 224.538322][ T7637] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 224.538348][ T7637] RIP: 0033:0x7f422138d169 [ 224.538371][ T7637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 224.538396][ T7637] RSP: 002b:00007f422222e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 224.538421][ T7637] RAX: ffffffffffffffda RBX: 00007f42215a5fa0 RCX: 00007f422138d169 [ 224.538439][ T7637] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000006 [ 224.538456][ T7637] RBP: 00007f422140e990 R08: 0000000000000000 R09: 0000000000000000 [ 224.538472][ T7637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 224.538487][ T7637] R13: 0000000000000000 R14: 00007f42215a5fa0 R15: 00007ffd135a4f38 [ 224.538519][ T7637] [ 224.819377][ C1] vkms_vblank_simulate: vblank timer overrun [ 224.876004][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 224.906791][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 225.067108][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 225.113037][ T7645] FAULT_INJECTION: forcing a failure. [ 225.113037][ T7645] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 225.132160][ T7645] CPU: 1 UID: 0 PID: 7645 Comm: syz.3.431 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 225.132208][ T7645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 225.132226][ T7645] Call Trace: [ 225.132236][ T7645] [ 225.132247][ T7645] dump_stack_lvl+0x16c/0x1f0 [ 225.132297][ T7645] should_fail_ex+0x512/0x640 [ 225.132338][ T7645] _copy_to_user+0x32/0xd0 [ 225.132380][ T7645] simple_read_from_buffer+0xcb/0x170 [ 225.132425][ T7645] proc_fail_nth_read+0x197/0x270 [ 225.132468][ T7645] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 225.132513][ T7645] ? rw_verify_area+0xcf/0x680 [ 225.132549][ T7645] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 225.132591][ T7645] vfs_read+0x1de/0xc70 [ 225.132638][ T7645] ? __pfx___mutex_lock+0x10/0x10 [ 225.132683][ T7645] ? __pfx_vfs_read+0x10/0x10 [ 225.132736][ T7645] ? __fget_files+0x20e/0x3c0 [ 225.132792][ T7645] ksys_read+0x12a/0x240 [ 225.132833][ T7645] ? __pfx_ksys_read+0x10/0x10 [ 225.132887][ T7645] do_syscall_64+0xcd/0x260 [ 225.132936][ T7645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.132966][ T7645] RIP: 0033:0x7fc522f8bb7c [ 225.132990][ T7645] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 225.133018][ T7645] RSP: 002b:00007fc523d5c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 225.133046][ T7645] RAX: ffffffffffffffda RBX: 00007fc5231a5fa0 RCX: 00007fc522f8bb7c [ 225.133065][ T7645] RDX: 000000000000000f RSI: 00007fc523d5c0a0 RDI: 0000000000000006 [ 225.133082][ T7645] RBP: 00007fc523d5c090 R08: 0000000000000000 R09: 0000000000000000 [ 225.133100][ T7645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 225.133117][ T7645] R13: 0000000000000000 R14: 00007fc5231a5fa0 R15: 00007ffda26c59f8 [ 225.133154][ T7645] [ 225.317870][ C1] vkms_vblank_simulate: vblank timer overrun [ 225.386495][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 226.664639][ T7661] FAULT_INJECTION: forcing a failure. [ 226.664639][ T7661] name failslab, interval 1, probability 0, space 0, times 0 [ 226.678330][ T7661] CPU: 0 UID: 0 PID: 7661 Comm: syz.2.440 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 226.678371][ T7661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 226.678388][ T7661] Call Trace: [ 226.678399][ T7661] [ 226.678410][ T7661] dump_stack_lvl+0x16c/0x1f0 [ 226.678470][ T7661] should_fail_ex+0x512/0x640 [ 226.678505][ T7661] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 226.678553][ T7661] should_failslab+0xc2/0x120 [ 226.678580][ T7661] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 226.678624][ T7661] ? __proc_create+0xc3/0x8c0 [ 226.678657][ T7661] ? __proc_create+0x2ce/0x8c0 [ 226.678696][ T7661] __proc_create+0x2ce/0x8c0 [ 226.678731][ T7661] ? __pfx___proc_create+0x10/0x10 [ 226.678770][ T7661] ? snprintf+0xc7/0x100 [ 226.678811][ T7661] ? __pfx_snprintf+0x10/0x10 [ 226.678859][ T7661] proc_mkdir+0x81/0x170 [ 226.678892][ T7661] ? __pfx_proc_mkdir+0x10/0x10 [ 226.678926][ T7661] ? mark_held_locks+0x49/0x80 [ 226.678983][ T7661] register_handler_proc+0x2d9/0x3d0 [ 226.679024][ T7661] ? __pfx_register_handler_proc+0x10/0x10 [ 226.679076][ T7661] ? mark_held_locks+0x49/0x80 [ 226.679125][ T7661] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 226.679174][ T7661] __setup_irq+0x1197/0x1f30 [ 226.679228][ T7661] ? kasan_save_track+0x14/0x30 [ 226.679278][ T7661] request_threaded_irq+0x2b4/0x3e0 [ 226.679342][ T7661] univ8250_setup_irq+0x547/0x6a0 [ 226.679390][ T7661] serial8250_do_startup+0x85f/0x3ab0 [ 226.679436][ T7661] ? mark_held_locks+0x49/0x80 [ 226.679489][ T7661] serial8250_startup+0x62/0x80 [ 226.679526][ T7661] uart_startup+0x507/0x1300 [ 226.679568][ T7661] uart_port_activate+0xe8/0x190 [ 226.679600][ T7661] ? __pfx_uart_port_activate+0x10/0x10 [ 226.679629][ T7661] tty_port_open+0x153/0x1f0 [ 226.679663][ T7661] ? __pfx_uart_open+0x10/0x10 [ 226.679705][ T7661] uart_open+0x41/0x60 [ 226.679745][ T7661] tty_open+0x3de/0xf90 [ 226.679786][ T7661] ? __pfx_tty_open+0x10/0x10 [ 226.679817][ T7661] ? chrdev_open+0x10b/0x6a0 [ 226.679869][ T7661] ? __pfx_tty_open+0x10/0x10 [ 226.679899][ T7661] chrdev_open+0x231/0x6a0 [ 226.679945][ T7661] ? __pfx_apparmor_file_open+0x10/0x10 [ 226.679987][ T7661] ? __pfx_chrdev_open+0x10/0x10 [ 226.680039][ T7661] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 226.680093][ T7661] do_dentry_open+0x741/0x1c10 [ 226.680139][ T7661] ? __pfx_chrdev_open+0x10/0x10 [ 226.680198][ T7661] vfs_open+0x82/0x3f0 [ 226.680236][ T7661] path_openat+0x1e5e/0x2d40 [ 226.680299][ T7661] ? __pfx_path_openat+0x10/0x10 [ 226.680364][ T7661] do_filp_open+0x20b/0x470 [ 226.680410][ T7661] ? __pfx_do_filp_open+0x10/0x10 [ 226.680490][ T7661] ? alloc_fd+0x471/0x7d0 [ 226.680548][ T7661] do_sys_openat2+0x11b/0x1d0 [ 226.680582][ T7661] ? __pfx_do_sys_openat2+0x10/0x10 [ 226.680633][ T7661] __x64_sys_openat+0x174/0x210 [ 226.680668][ T7661] ? __pfx___x64_sys_openat+0x10/0x10 [ 226.680705][ T7661] ? rcu_is_watching+0x12/0xc0 [ 226.680758][ T7661] do_syscall_64+0xcd/0x260 [ 226.680809][ T7661] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.680841][ T7661] RIP: 0033:0x7f6fd0b8d169 [ 226.680866][ T7661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.680895][ T7661] RSP: 002b:00007f6fd1a88038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 226.680924][ T7661] RAX: ffffffffffffffda RBX: 00007f6fd0da5fa0 RCX: 00007f6fd0b8d169 [ 226.680944][ T7661] RDX: 0000000000002001 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 226.680963][ T7661] RBP: 00007f6fd0c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 226.680981][ T7661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 226.680998][ T7661] R13: 0000000000000000 R14: 00007f6fd0da5fa0 R15: 00007ffc54717bb8 [ 226.681039][ T7661] [ 227.701580][ T7713] netlink: 36 bytes leftover after parsing attributes in process `syz.3.453'. [ 228.175859][ T7721] netlink: 306 bytes leftover after parsing attributes in process `syz.3.454'. [ 229.492926][ T7757] netlink: 'syz.1.463': attribute type 2 has an invalid length. [ 229.547633][ T7757] netlink: 'syz.1.463': attribute type 2 has an invalid length. [ 232.684608][ T7836] busy [ 233.591975][ T7847] netlink: 12 bytes leftover after parsing attributes in process `syz.0.482'. [ 235.246094][ T7864] busy [ 237.367538][ T7900] busy [ 239.030480][ T7923] busy [ 240.785768][ T7944] vivid-003: ================= START STATUS ================= [ 240.836481][ T7944] vivid-003: Radio HW Seek Mode: Bounded [ 240.842458][ T7944] vivid-003: Radio Programmable HW Seek: false [ 240.900747][ T7944] vivid-003: RDS Rx I/O Mode: Block I/O [ 240.907961][ T7944] vivid-003: Generate RBDS Instead of RDS: false [ 240.914519][ T7944] vivid-003: RDS Reception: true [ 240.919918][ T7944] vivid-003: RDS Program Type: 0 inactive [ 240.949750][ T7944] vivid-003: RDS PS Name: inactive [ 240.955465][ T7944] vivid-003: RDS Radio Text: inactive [ 240.983255][ T7944] vivid-003: RDS Traffic Announcement: false inactive [ 241.015276][ T7944] vivid-003: RDS Traffic Program: false inactive [ 241.047649][ T7944] vivid-003: RDS Music: false inactive [ 241.084231][ T7944] vivid-003: ================== END STATUS ================== [ 241.247125][ T7966] busy [ 241.634274][ T7969] netlink: 24 bytes leftover after parsing attributes in process `syz.1.513'. [ 241.883119][ T7976] busy [ 243.625627][ T8002] netlink: 28 bytes leftover after parsing attributes in process `syz.3.521'. [ 243.636914][ T8002] vxcan1: entered promiscuous mode [ 243.825728][ T8005] netlink: 'syz.0.522': attribute type 2 has an invalid length. [ 244.332424][ T8023] busy [ 246.316834][ T8056] FAULT_INJECTION: forcing a failure. [ 246.316834][ T8056] name failslab, interval 1, probability 0, space 0, times 0 [ 246.329651][ T8056] CPU: 1 UID: 0 PID: 8056 Comm: syz.1.536 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 246.329694][ T8056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 246.329712][ T8056] Call Trace: [ 246.329723][ T8056] [ 246.329735][ T8056] dump_stack_lvl+0x16c/0x1f0 [ 246.329787][ T8056] should_fail_ex+0x512/0x640 [ 246.329822][ T8056] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 246.329875][ T8056] should_failslab+0xc2/0x120 [ 246.329905][ T8056] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 246.329961][ T8056] ? __proc_create+0xc3/0x8c0 [ 246.329994][ T8056] ? __proc_create+0x2ce/0x8c0 [ 246.330032][ T8056] __proc_create+0x2ce/0x8c0 [ 246.330068][ T8056] ? __pfx___proc_create+0x10/0x10 [ 246.330100][ T8056] ? proc_register+0x30f/0x5f0 [ 246.330142][ T8056] ? _raw_write_unlock+0x28/0x50 [ 246.330192][ T8056] proc_create_reg+0x7d/0x180 [ 246.330232][ T8056] proc_create_net_data+0x8e/0x1b0 [ 246.330270][ T8056] ? __pfx_proc_create_net_data+0x10/0x10 [ 246.330307][ T8056] ? __pfx_ndisc_net_init+0x10/0x10 [ 246.330361][ T8056] ? __pfx_if6_proc_net_init+0x10/0x10 [ 246.330393][ T8056] if6_proc_net_init+0x53/0x70 [ 246.330424][ T8056] ops_init+0x1df/0x5f0 [ 246.330473][ T8056] setup_net+0x21e/0x850 [ 246.330522][ T8056] ? __pfx_setup_net+0x10/0x10 [ 246.330564][ T8056] ? lockdep_init_map_type+0x5c/0x280 [ 246.330596][ T8056] ? __pfx_down_read_killable+0x10/0x10 [ 246.330631][ T8056] ? debug_mutex_init+0x37/0x70 [ 246.330675][ T8056] copy_net_ns+0x2a6/0x5f0 [ 246.330730][ T8056] create_new_namespaces+0x3ea/0xad0 [ 246.330785][ T8056] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 246.330835][ T8056] ksys_unshare+0x45b/0xa40 [ 246.330883][ T8056] ? __pfx_ksys_unshare+0x10/0x10 [ 246.330931][ T8056] ? xfd_validate_state+0x5d/0x180 [ 246.330974][ T8056] ? syscall_user_dispatch+0x78/0x140 [ 246.331019][ T8056] __x64_sys_unshare+0x31/0x40 [ 246.331068][ T8056] do_syscall_64+0xcd/0x260 [ 246.331119][ T8056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.331151][ T8056] RIP: 0033:0x7f422138d169 [ 246.331177][ T8056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.331207][ T8056] RSP: 002b:00007f422222e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 246.331236][ T8056] RAX: ffffffffffffffda RBX: 00007f42215a5fa0 RCX: 00007f422138d169 [ 246.331256][ T8056] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 246.331274][ T8056] RBP: 00007f422140e990 R08: 0000000000000000 R09: 0000000000000000 [ 246.331293][ T8056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 246.331311][ T8056] R13: 0000000000000000 R14: 00007f42215a5fa0 R15: 00007ffd135a4f38 [ 246.331351][ T8056] [ 246.654762][ T8063] busy [ 248.424230][ T5842] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 248.436967][ T5842] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 248.447137][ T5842] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 248.459267][ T5842] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 248.470565][ T5842] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 249.054341][ T8084] chnl_net:caif_netlink_parms(): no params data found [ 249.281536][ T8104] busy [ 249.703882][ T8110] busy [ 250.225756][ T8084] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.237915][ T8084] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.245757][ T8084] bridge_slave_0: entered allmulticast mode [ 250.254191][ T8084] bridge_slave_0: entered promiscuous mode [ 250.264271][ T8084] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.272916][ T8084] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.280454][ T8084] bridge_slave_1: entered allmulticast mode [ 250.289409][ T8084] bridge_slave_1: entered promiscuous mode [ 250.506533][ T5843] Bluetooth: hci3: command tx timeout [ 250.574051][ T8084] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 250.597683][ T8084] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 250.710510][ T8084] team0: Port device team_slave_0 added [ 250.733453][ T8084] team0: Port device team_slave_1 added [ 250.874151][ T8084] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 250.892316][ T8084] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 250.923680][ T8084] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 250.963798][ T8084] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 250.974926][ T8084] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 251.002867][ T8084] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 251.083664][ T8084] hsr_slave_0: entered promiscuous mode [ 251.092443][ T8084] hsr_slave_1: entered promiscuous mode [ 251.100000][ T8084] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 251.114152][ T8084] Cannot create hsr debugfs directory [ 251.533072][ T8084] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 251.562472][ T8084] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 251.679077][ T8084] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 251.782147][ T8084] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 252.586054][ T5843] Bluetooth: hci3: command tx timeout [ 253.292447][ T8084] 8021q: adding VLAN 0 to HW filter on device bond0 [ 253.484321][ T8084] 8021q: adding VLAN 0 to HW filter on device team0 [ 253.560550][ T7791] bridge0: port 1(bridge_slave_0) entered blocking state [ 253.567768][ T7791] bridge0: port 1(bridge_slave_0) entered forwarding state [ 253.623022][ T7791] bridge0: port 2(bridge_slave_1) entered blocking state [ 253.630296][ T7791] bridge0: port 2(bridge_slave_1) entered forwarding state [ 253.917245][ T8169] netlink: 338 bytes leftover after parsing attributes in process `syz.3.568'. [ 254.549916][ T8084] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 254.666074][ T5843] Bluetooth: hci3: command tx timeout [ 255.305201][ T8084] veth0_vlan: entered promiscuous mode [ 255.355340][ T8084] veth1_vlan: entered promiscuous mode [ 255.626752][ T8218] input input11: cannot allocate more than FF_MAX_EFFECTS effects [ 255.712242][ T8084] veth0_macvtap: entered promiscuous mode [ 255.835462][ T8084] veth1_macvtap: entered promiscuous mode [ 256.069075][ T8084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 256.138195][ T8084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.175674][ T8084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 256.214166][ T8084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.251644][ T8084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 256.294180][ T8084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.307488][ T8084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 256.341564][ T8084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.373750][ T8084] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 256.475237][ T8084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.496071][ T8084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.526302][ T8084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.545909][ T8084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.565877][ T8084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.576664][ T8084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.600229][ T8084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.625905][ T8084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.647575][ T8084] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 256.746085][ T5843] Bluetooth: hci3: command tx timeout [ 256.815160][ T8084] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.838921][ T8084] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.865876][ T8084] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.882626][ T8084] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.095028][ T8223] random: crng reseeded on system resumption [ 257.424045][ T7783] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 257.441792][ T7783] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 257.532068][ T7783] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 257.547397][ T7783] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 257.713423][ T8243] FAULT_INJECTION: forcing a failure. [ 257.713423][ T8243] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 257.751897][ T8243] CPU: 1 UID: 0 PID: 8243 Comm: syz.3.581 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 257.751940][ T8243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 257.751956][ T8243] Call Trace: [ 257.751965][ T8243] [ 257.751976][ T8243] dump_stack_lvl+0x16c/0x1f0 [ 257.752025][ T8243] should_fail_ex+0x512/0x640 [ 257.752067][ T8243] _copy_from_user+0x2e/0xd0 [ 257.752106][ T8243] do_sys_poll+0x1d5/0xe00 [ 257.752149][ T8243] ? kernel_text_address+0x8d/0x100 [ 257.752191][ T8243] ? arch_stack_walk+0xa6/0x100 [ 257.752236][ T8243] ? __pfx_do_sys_poll+0x10/0x10 [ 257.752277][ T8243] ? __lock_acquire+0x5ca/0x1ba0 [ 257.752362][ T8243] ? __lock_acquire+0x5ca/0x1ba0 [ 257.752484][ T8243] ? __pfx_timespec64_add_safe+0x10/0x10 [ 257.752517][ T8243] ? ktime_get_ts64+0x2d2/0x400 [ 257.752563][ T8243] ? read_tsc+0x9/0x20 [ 257.752606][ T8243] ? ktime_get_ts64+0x256/0x400 [ 257.752661][ T8243] __x64_sys_poll+0x1a6/0x450 [ 257.752709][ T8243] ? __pfx___x64_sys_poll+0x10/0x10 [ 257.752751][ T8243] ? rcu_is_watching+0x12/0xc0 [ 257.752800][ T8243] do_syscall_64+0xcd/0x260 [ 257.752849][ T8243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.752888][ T8243] RIP: 0033:0x7fc522f8d169 [ 257.752913][ T8243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 257.752942][ T8243] RSP: 002b:00007fc523d5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 257.752970][ T8243] RAX: ffffffffffffffda RBX: 00007fc5231a5fa0 RCX: 00007fc522f8d169 [ 257.752990][ T8243] RDX: 0000000000000400 RSI: 0000000000000005 RDI: 0000200000000d40 [ 257.753008][ T8243] RBP: 00007fc523d5c090 R08: 0000000000000000 R09: 0000000000000000 [ 257.753025][ T8243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 257.753042][ T8243] R13: 0000000000000000 R14: 00007fc5231a5fa0 R15: 00007ffda26c59f8 [ 257.753080][ T8243] [ 258.807433][ T8250] erspan0: entered allmulticast mode [ 260.199556][ T8278] busy [ 260.540809][ T8277] busy [ 260.939495][ T8285] FAULT_INJECTION: forcing a failure. [ 260.939495][ T8285] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 260.956950][ T8285] CPU: 0 UID: 0 PID: 8285 Comm: syz.4.590 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 260.956991][ T8285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 260.957009][ T8285] Call Trace: [ 260.957019][ T8285] [ 260.957030][ T8285] dump_stack_lvl+0x16c/0x1f0 [ 260.957081][ T8285] should_fail_ex+0x512/0x640 [ 260.957124][ T8285] _copy_to_user+0x32/0xd0 [ 260.957166][ T8285] simple_read_from_buffer+0xcb/0x170 [ 260.957218][ T8285] proc_fail_nth_read+0x197/0x270 [ 260.957267][ T8285] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 260.957311][ T8285] ? rw_verify_area+0xcf/0x680 [ 260.957348][ T8285] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 260.957393][ T8285] vfs_read+0x1de/0xc70 [ 260.957444][ T8285] ? __pfx_vfs_read+0x10/0x10 [ 260.957489][ T8285] ? __pfx_timespec64_add_safe+0x10/0x10 [ 260.957524][ T8285] ? ktime_get_ts64+0x2d2/0x400 [ 260.957572][ T8285] ? read_tsc+0x9/0x20 [ 260.957617][ T8285] ? ktime_get_ts64+0x256/0x400 [ 260.957680][ T8285] ksys_read+0x12a/0x240 [ 260.957724][ T8285] ? __pfx_ksys_read+0x10/0x10 [ 260.957765][ T8285] ? rcu_is_watching+0x12/0xc0 [ 260.957820][ T8285] do_syscall_64+0xcd/0x260 [ 260.957872][ T8285] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.957904][ T8285] RIP: 0033:0x7f01c378bb7c [ 260.957929][ T8285] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 260.957958][ T8285] RSP: 002b:00007f01c457c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 260.957987][ T8285] RAX: ffffffffffffffda RBX: 00007f01c39a5fa0 RCX: 00007f01c378bb7c [ 260.958006][ T8285] RDX: 000000000000000f RSI: 00007f01c457c0a0 RDI: 0000000000000004 [ 260.958025][ T8285] RBP: 00007f01c457c090 R08: 0000000000000000 R09: 0000000000000000 [ 260.958043][ T8285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 260.958060][ T8285] R13: 0000000000000000 R14: 00007f01c39a5fa0 R15: 00007ffe06715468 [ 260.958099][ T8285] [ 261.161747][ C0] vkms_vblank_simulate: vblank timer overrun [ 261.248399][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.254851][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 262.540628][ T8322] busy [ 263.437609][ T8340] Invalid ELF header magic: != ELF [ 264.292798][ T8347] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 266.038232][ T8401] busy [ 267.384280][ T8419] mkiss: ax0: crc mode is auto. [ 267.394728][ T8421] busy [ 269.800172][ T8474] kAFS: Invalid Command on /proc/fs/afs/cells file [ 269.847313][ T8477] netlink: 330 bytes leftover after parsing attributes in process `syz.1.639'. [ 271.922529][ T8496] kexec: Could not allocate control_code_buffer [ 274.175997][ T8554] can: request_module (can-proto-3) failed. [ 274.436494][ T8564] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 276.279513][ T8600] netlink: 'syz.0.666': attribute type 16 has an invalid length. [ 276.287955][ T8600] netlink: 326 bytes leftover after parsing attributes in process `syz.0.666'. [ 276.717667][ T8618] busy [ 277.420288][ T8623] netlink: 4 bytes leftover after parsing attributes in process `syz.0.672'. [ 277.546901][ T8633] netlink: 28 bytes leftover after parsing attributes in process `syz.4.669'. [ 278.614214][ T8654] netlink: 8 bytes leftover after parsing attributes in process `syz.1.674'. [ 279.650628][ T8657] netlink: 338 bytes leftover after parsing attributes in process `syz.1.676'. [ 279.651232][ T8664] syz.3.678 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 279.664602][ T8659] netlink: 338 bytes leftover after parsing attributes in process `syz.1.676'. [ 279.992698][ T8668] netlink: 'syz.1.679': attribute type 16 has an invalid length. [ 280.002551][ T8668] netlink: 326 bytes leftover after parsing attributes in process `syz.1.679'. [ 280.042025][ T8668] veth1_macvtap: left promiscuous mode [ 280.368174][ T8675] FAULT_INJECTION: forcing a failure. [ 280.368174][ T8675] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 280.394758][ T8675] CPU: 1 UID: 0 PID: 8675 Comm: syz.4.682 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 280.394800][ T8675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 280.394818][ T8675] Call Trace: [ 280.394828][ T8675] [ 280.394839][ T8675] dump_stack_lvl+0x16c/0x1f0 [ 280.394890][ T8675] should_fail_ex+0x512/0x640 [ 280.394930][ T8675] copy_fpstate_to_sigframe+0x878/0xb10 [ 280.394966][ T8675] ? __pfx_copy_fpstate_to_sigframe+0x10/0x10 [ 280.395007][ T8675] ? collect_signal+0x263/0x540 [ 280.395044][ T8675] get_sigframe+0x4a8/0x9c0 [ 280.395094][ T8675] ? __pfx_get_sigframe+0x10/0x10 [ 280.395143][ T8675] ? _raw_spin_unlock_irq+0x23/0x50 [ 280.395183][ T8675] ? siginfo_layout+0x1d2/0x290 [ 280.395226][ T8675] x64_setup_rt_frame+0x12e/0xcf0 [ 280.395291][ T8675] ? __pfx_x64_setup_rt_frame+0x10/0x10 [ 280.395349][ T8675] arch_do_signal_or_restart+0x5e6/0x7d0 [ 280.395396][ T8675] ? __fget_files+0x160/0x3c0 [ 280.395457][ T8675] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 280.395525][ T8675] ? __pfx_do_readv+0x10/0x10 [ 280.395564][ T8675] ? rcu_is_watching+0x12/0xc0 [ 280.395611][ T8675] syscall_exit_to_user_mode+0x150/0x2a0 [ 280.395660][ T8675] do_syscall_64+0xda/0x260 [ 280.395710][ T8675] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.395742][ T8675] RIP: 0033:0x7f01c378d169 [ 280.395766][ T8675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 280.395800][ T8675] RSP: 002b:00007f01c457c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 280.395827][ T8675] RAX: 0000000000000238 RBX: 00007f01c39a5fa0 RCX: 00007f01c378d169 [ 280.395845][ T8675] RDX: 0000000000000001 RSI: 0000200000000a80 RDI: 0000000000000003 [ 280.395862][ T8675] RBP: 00007f01c457c090 R08: 0000000000000000 R09: 0000000000000000 [ 280.395879][ T8675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 280.395895][ T8675] R13: 0000000000000000 R14: 00007f01c39a5fa0 R15: 00007ffe06715468 [ 280.395933][ T8675] [ 280.650731][ T8681] busy [ 281.340664][ T8693] netlink: 4 bytes leftover after parsing attributes in process `syz.3.686'. [ 281.467849][ T8699] netlink: 'syz.3.688': attribute type 16 has an invalid length. [ 281.481995][ T8699] netlink: 326 bytes leftover after parsing attributes in process `syz.3.688'. [ 281.553960][ T8701] FAULT_INJECTION: forcing a failure. [ 281.553960][ T8701] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 281.587241][ T8701] CPU: 0 UID: 0 PID: 8701 Comm: syz.1.689 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 281.587284][ T8701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 281.587302][ T8701] Call Trace: [ 281.587312][ T8701] [ 281.587323][ T8701] dump_stack_lvl+0x16c/0x1f0 [ 281.587373][ T8701] should_fail_ex+0x512/0x640 [ 281.587415][ T8701] _copy_from_iter+0x2a4/0x15b0 [ 281.587456][ T8701] ? __alloc_skb+0x200/0x380 [ 281.587496][ T8701] ? __pfx__copy_from_iter+0x10/0x10 [ 281.587539][ T8701] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 281.587584][ T8701] ? __lock_acquire+0xaa4/0x1ba0 [ 281.587645][ T8701] netlink_sendmsg+0x829/0xdd0 [ 281.587698][ T8701] ? __pfx_netlink_sendmsg+0x10/0x10 [ 281.587760][ T8701] ____sys_sendmsg+0xa95/0xc70 [ 281.587790][ T8701] ? copy_msghdr_from_user+0x10a/0x160 [ 281.587836][ T8701] ? __pfx_____sys_sendmsg+0x10/0x10 [ 281.587872][ T8701] ? __pfx__kstrtoull+0x10/0x10 [ 281.587929][ T8701] ___sys_sendmsg+0x134/0x1d0 [ 281.587972][ T8701] ? __pfx____sys_sendmsg+0x10/0x10 [ 281.588033][ T8701] ? find_held_lock+0x2b/0x80 [ 281.588097][ T8701] __sys_sendmmsg+0x200/0x420 [ 281.588143][ T8701] ? __pfx___sys_sendmmsg+0x10/0x10 [ 281.588205][ T8701] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 281.588270][ T8701] ? fput+0x70/0xf0 [ 281.588299][ T8701] ? ksys_write+0x1b9/0x240 [ 281.588342][ T8701] ? __pfx_ksys_write+0x10/0x10 [ 281.588383][ T8701] ? rcu_is_watching+0x12/0xc0 [ 281.588428][ T8701] __x64_sys_sendmmsg+0x9c/0x100 [ 281.588469][ T8701] ? lockdep_hardirqs_on+0x7c/0x110 [ 281.588512][ T8701] do_syscall_64+0xcd/0x260 [ 281.588563][ T8701] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.588595][ T8701] RIP: 0033:0x7f422138d169 [ 281.588620][ T8701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 281.588649][ T8701] RSP: 002b:00007f422222e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 281.588677][ T8701] RAX: ffffffffffffffda RBX: 00007f42215a5fa0 RCX: 00007f422138d169 [ 281.588696][ T8701] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 281.588714][ T8701] RBP: 00007f422222e090 R08: 0000000000000000 R09: 0000000000000000 [ 281.588732][ T8701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 281.588749][ T8701] R13: 0000000000000000 R14: 00007f42215a5fa0 R15: 00007ffd135a4f38 [ 281.588788][ T8701] [ 282.010414][ T8709] netlink: 'syz.4.699': attribute type 16 has an invalid length. [ 282.047235][ T8709] netlink: 326 bytes leftover after parsing attributes in process `syz.4.699'. [ 282.085624][ T8709] veth1_macvtap: left promiscuous mode [ 282.376010][ T8707] busy [ 282.413963][ T8707] busy [ 282.556427][ T8707] busy [ 282.646155][ T8707] busy [ 282.651779][ T8720] FAULT_INJECTION: forcing a failure. [ 282.651779][ T8720] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 282.678999][ T8707] busy [ 282.691179][ T8707] busy [ 282.756047][ T8716] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 283.016084][ T8720] CPU: 0 UID: 0 PID: 8720 Comm: syz.4.693 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 283.016127][ T8720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 283.016145][ T8720] Call Trace: [ 283.016155][ T8720] [ 283.016167][ T8720] dump_stack_lvl+0x16c/0x1f0 [ 283.016219][ T8720] should_fail_ex+0x512/0x640 [ 283.016261][ T8720] _copy_to_user+0x32/0xd0 [ 283.016304][ T8720] copy_siginfo_to_user+0x27/0xc0 [ 283.016353][ T8720] x64_setup_rt_frame+0x811/0xcf0 [ 283.016411][ T8720] ? __pfx_x64_setup_rt_frame+0x10/0x10 [ 283.016479][ T8720] arch_do_signal_or_restart+0x5e6/0x7d0 [ 283.016527][ T8720] ? __fget_files+0x160/0x3c0 [ 283.016573][ T8720] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 283.016635][ T8720] ? __pfx_do_readv+0x10/0x10 [ 283.016673][ T8720] ? rcu_is_watching+0x12/0xc0 [ 283.016720][ T8720] syscall_exit_to_user_mode+0x150/0x2a0 [ 283.016771][ T8720] do_syscall_64+0xda/0x260 [ 283.016822][ T8720] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.016853][ T8720] RIP: 0033:0x7f01c378d169 [ 283.016877][ T8720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 283.016907][ T8720] RSP: 002b:00007f01c457c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 283.016936][ T8720] RAX: 00000000000000ea RBX: 00007f01c39a5fa0 RCX: 00007f01c378d169 [ 283.016955][ T8720] RDX: 0000000000000001 RSI: 0000200000000a80 RDI: 0000000000000003 [ 283.016973][ T8720] RBP: 00007f01c457c090 R08: 0000000000000000 R09: 0000000000000000 [ 283.016991][ T8720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 283.017008][ T8720] R13: 0000000000000000 R14: 00007f01c39a5fa0 R15: 00007ffe06715468 [ 283.017047][ T8720] [ 283.686019][ T8728] busy [ 284.040231][ T8738] FAULT_INJECTION: forcing a failure. [ 284.040231][ T8738] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 284.075923][ T8738] CPU: 0 UID: 0 PID: 8738 Comm: syz.3.700 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 284.075962][ T8738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 284.075979][ T8738] Call Trace: [ 284.075987][ T8738] [ 284.075997][ T8738] dump_stack_lvl+0x16c/0x1f0 [ 284.076053][ T8738] should_fail_ex+0x512/0x640 [ 284.076090][ T8738] should_fail_alloc_page+0xe7/0x130 [ 284.076121][ T8738] prepare_alloc_pages+0x3c2/0x610 [ 284.076162][ T8738] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 284.076228][ T8738] ? __lock_acquire+0x5ca/0x1ba0 [ 284.076295][ T8738] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 284.076350][ T8738] ? __lock_acquire+0x5ca/0x1ba0 [ 284.076412][ T8738] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 284.076447][ T8738] ? policy_nodemask+0xea/0x4e0 [ 284.076500][ T8738] alloc_pages_mpol+0x1fb/0x550 [ 284.076529][ T8738] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 284.076569][ T8738] alloc_pages_noprof+0x131/0x390 [ 284.076599][ T8738] __pmd_alloc+0x3f/0x870 [ 284.076631][ T8738] ? find_held_lock+0x2b/0x80 [ 284.076673][ T8738] __handle_mm_fault+0x948/0x2a40 [ 284.076729][ T8738] ? __pfx___handle_mm_fault+0x10/0x10 [ 284.076793][ T8738] ? find_vma+0xbf/0x140 [ 284.076825][ T8738] ? __pfx_find_vma+0x10/0x10 [ 284.076864][ T8738] handle_mm_fault+0x3fe/0xad0 [ 284.076912][ T8738] do_user_addr_fault+0x7a6/0x1370 [ 284.076954][ T8738] ? rcu_is_watching+0x12/0xc0 [ 284.076996][ T8738] exc_page_fault+0x5c/0xc0 [ 284.077050][ T8738] asm_exc_page_fault+0x26/0x30 [ 284.077080][ T8738] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 284.077117][ T8738] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 284.077146][ T8738] RSP: 0018:ffffc900047ef7d8 EFLAGS: 00050206 [ 284.077171][ T8738] RAX: 0000000000000001 RBX: 00000000000000c4 RCX: 00000000000000c4 [ 284.077188][ T8738] RDX: ffffed100677b221 RSI: 0000000000000000 RDI: ffff888033bd9040 [ 284.077207][ T8738] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100677b220 [ 284.077224][ T8738] R10: ffff888033bd9103 R11: 0000000000000000 R12: 0000000000000000 [ 284.077242][ T8738] R13: ffffc900047efd60 R14: 00000000000000c4 R15: ffff888033bd9040 [ 284.077283][ T8738] _copy_from_iter+0x391/0x15b0 [ 284.077328][ T8738] ? __alloc_skb+0x200/0x380 [ 284.077367][ T8738] ? __pfx__copy_from_iter+0x10/0x10 [ 284.077409][ T8738] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 284.077453][ T8738] ? __lock_acquire+0xaa4/0x1ba0 [ 284.077525][ T8738] netlink_sendmsg+0x829/0xdd0 [ 284.077578][ T8738] ? __pfx_netlink_sendmsg+0x10/0x10 [ 284.077639][ T8738] ____sys_sendmsg+0xa95/0xc70 [ 284.077669][ T8738] ? copy_msghdr_from_user+0x10a/0x160 [ 284.077708][ T8738] ? __pfx_____sys_sendmsg+0x10/0x10 [ 284.077744][ T8738] ? __pfx__kstrtoull+0x10/0x10 [ 284.077801][ T8738] ___sys_sendmsg+0x134/0x1d0 [ 284.077843][ T8738] ? __pfx____sys_sendmsg+0x10/0x10 [ 284.077922][ T8738] ? find_held_lock+0x2b/0x80 [ 284.077986][ T8738] __sys_sendmmsg+0x200/0x420 [ 284.078041][ T8738] ? __pfx___sys_sendmmsg+0x10/0x10 [ 284.078098][ T8738] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 284.078163][ T8738] ? fput+0x70/0xf0 [ 284.078192][ T8738] ? ksys_write+0x1b9/0x240 [ 284.078233][ T8738] ? __pfx_ksys_write+0x10/0x10 [ 284.078274][ T8738] ? rcu_is_watching+0x12/0xc0 [ 284.078320][ T8738] __x64_sys_sendmmsg+0x9c/0x100 [ 284.078362][ T8738] ? lockdep_hardirqs_on+0x7c/0x110 [ 284.078406][ T8738] do_syscall_64+0xcd/0x260 [ 284.078457][ T8738] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.078489][ T8738] RIP: 0033:0x7fc522f8d169 [ 284.078514][ T8738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 284.078543][ T8738] RSP: 002b:00007fc523d5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 284.078571][ T8738] RAX: ffffffffffffffda RBX: 00007fc5231a5fa0 RCX: 00007fc522f8d169 [ 284.078591][ T8738] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 284.078608][ T8738] RBP: 00007fc523d5c090 R08: 0000000000000000 R09: 0000000000000000 [ 284.078625][ T8738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 284.078642][ T8738] R13: 0000000000000000 R14: 00007fc5231a5fa0 R15: 00007ffda26c59f8 [ 284.078682][ T8738] [ 285.568260][ T8755] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 286.281635][ T8760] busy [ 286.368769][ T8764] netlink: 4 bytes leftover after parsing attributes in process `syz.4.706'. [ 286.705904][ T8769] FAULT_INJECTION: forcing a failure. [ 286.705904][ T8769] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 286.772411][ T8769] CPU: 1 UID: 0 PID: 8769 Comm: syz.4.710 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 286.772454][ T8769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 286.772471][ T8769] Call Trace: [ 286.772482][ T8769] [ 286.772493][ T8769] dump_stack_lvl+0x16c/0x1f0 [ 286.772563][ T8769] should_fail_ex+0x512/0x640 [ 286.772606][ T8769] _copy_to_user+0x32/0xd0 [ 286.772650][ T8769] simple_read_from_buffer+0xcb/0x170 [ 286.772698][ T8769] proc_fail_nth_read+0x197/0x270 [ 286.772744][ T8769] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 286.772791][ T8769] ? rw_verify_area+0xcf/0x680 [ 286.772837][ T8769] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 286.772883][ T8769] vfs_read+0x1de/0xc70 [ 286.772932][ T8769] ? __pfx___mutex_lock+0x10/0x10 [ 286.772979][ T8769] ? __pfx_vfs_read+0x10/0x10 [ 286.773035][ T8769] ? __fget_files+0x20e/0x3c0 [ 286.773093][ T8769] ksys_read+0x12a/0x240 [ 286.773135][ T8769] ? __pfx_ksys_read+0x10/0x10 [ 286.773176][ T8769] ? rcu_is_watching+0x12/0xc0 [ 286.773228][ T8769] do_syscall_64+0xcd/0x260 [ 286.773279][ T8769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.773311][ T8769] RIP: 0033:0x7f01c378bb7c [ 286.773335][ T8769] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 286.773365][ T8769] RSP: 002b:00007f01c457c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 286.773393][ T8769] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f01c378bb7c [ 286.773413][ T8769] RDX: 000000000000000f RSI: 00007f01c457c0a0 RDI: 0000000000000004 [ 286.773436][ T8769] RBP: 00007f01c457c090 R08: 0000000000000000 R09: 00007f01c457c090 [ 286.773455][ T8769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 286.773472][ T8769] R13: 0000000000000000 R14: 00007f01c39a5fa0 R15: 00007ffe06715468 [ 286.773513][ T8769] [ 286.834016][ T8775] FAULT_INJECTION: forcing a failure. [ 286.834016][ T8775] name failslab, interval 1, probability 0, space 0, times 0 [ 286.990532][ T8775] CPU: 0 UID: 0 PID: 8775 Comm: syz.3.712 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 286.990568][ T8775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 286.990582][ T8775] Call Trace: [ 286.990590][ T8775] [ 286.990599][ T8775] dump_stack_lvl+0x16c/0x1f0 [ 286.990641][ T8775] should_fail_ex+0x512/0x640 [ 286.990670][ T8775] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 286.990712][ T8775] should_failslab+0xc2/0x120 [ 286.990736][ T8775] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 286.990775][ T8775] ? __pmd_alloc+0xc3/0x870 [ 286.990809][ T8775] __pmd_alloc+0xc3/0x870 [ 286.990836][ T8775] ? find_held_lock+0x2b/0x80 [ 286.990872][ T8775] __handle_mm_fault+0x948/0x2a40 [ 286.990916][ T8775] ? __pfx___handle_mm_fault+0x10/0x10 [ 286.990970][ T8775] ? find_vma+0xbf/0x140 [ 286.990997][ T8775] ? __pfx_find_vma+0x10/0x10 [ 286.991029][ T8775] handle_mm_fault+0x3fe/0xad0 [ 286.991073][ T8775] do_user_addr_fault+0x7a6/0x1370 [ 286.991117][ T8775] ? rcu_is_watching+0x12/0xc0 [ 286.991156][ T8775] exc_page_fault+0x5c/0xc0 [ 286.991198][ T8775] asm_exc_page_fault+0x26/0x30 [ 286.991227][ T8775] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 286.991262][ T8775] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 286.991292][ T8775] RSP: 0018:ffffc90004e377d8 EFLAGS: 00050206 [ 286.991316][ T8775] RAX: 0000000000000001 RBX: 00000000000000c4 RCX: 00000000000000c4 [ 286.991334][ T8775] RDX: ffffed1009c77dc9 RSI: 0000000000000000 RDI: ffff88804e3bed80 [ 286.991353][ T8775] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed1009c77dc8 [ 286.991371][ T8775] R10: ffff88804e3bee43 R11: 0000000000000000 R12: 0000000000000000 [ 286.991388][ T8775] R13: ffffc90004e37d60 R14: 00000000000000c4 R15: ffff88804e3bed80 [ 286.991430][ T8775] _copy_from_iter+0x391/0x15b0 [ 286.991476][ T8775] ? __alloc_skb+0x200/0x380 [ 286.991516][ T8775] ? __pfx__copy_from_iter+0x10/0x10 [ 286.991560][ T8775] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 286.991606][ T8775] ? __lock_acquire+0xaa4/0x1ba0 [ 286.991667][ T8775] netlink_sendmsg+0x829/0xdd0 [ 286.991723][ T8775] ? __pfx_netlink_sendmsg+0x10/0x10 [ 286.991787][ T8775] ____sys_sendmsg+0xa95/0xc70 [ 286.991818][ T8775] ? copy_msghdr_from_user+0x10a/0x160 [ 286.991876][ T8775] ? __pfx_____sys_sendmsg+0x10/0x10 [ 286.991913][ T8775] ? __pfx__kstrtoull+0x10/0x10 [ 286.991971][ T8775] ___sys_sendmsg+0x134/0x1d0 [ 286.992017][ T8775] ? __pfx____sys_sendmsg+0x10/0x10 [ 286.992080][ T8775] ? find_held_lock+0x2b/0x80 [ 286.992154][ T8775] __sys_sendmmsg+0x200/0x420 [ 286.992202][ T8775] ? __pfx___sys_sendmmsg+0x10/0x10 [ 286.992260][ T8775] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 286.992327][ T8775] ? fput+0x70/0xf0 [ 286.992356][ T8775] ? ksys_write+0x1b9/0x240 [ 286.992399][ T8775] ? __pfx_ksys_write+0x10/0x10 [ 286.992437][ T8775] ? rcu_is_watching+0x12/0xc0 [ 286.992482][ T8775] __x64_sys_sendmmsg+0x9c/0x100 [ 286.992523][ T8775] ? lockdep_hardirqs_on+0x7c/0x110 [ 286.992566][ T8775] do_syscall_64+0xcd/0x260 [ 286.992617][ T8775] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.992647][ T8775] RIP: 0033:0x7fc522f8d169 [ 286.992671][ T8775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 286.992700][ T8775] RSP: 002b:00007fc523d3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 286.992727][ T8775] RAX: ffffffffffffffda RBX: 00007fc5231a6080 RCX: 00007fc522f8d169 [ 286.992748][ T8775] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 286.992766][ T8775] RBP: 00007fc523d3b090 R08: 0000000000000000 R09: 0000000000000000 [ 286.992784][ T8775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 286.992800][ T8775] R13: 0000000000000000 R14: 00007fc5231a6080 R15: 00007ffda26c59f8 [ 286.992840][ T8775] [ 287.674391][ T8785] FAULT_INJECTION: forcing a failure. [ 287.674391][ T8785] name failslab, interval 1, probability 0, space 0, times 0 [ 287.734920][ T8785] CPU: 0 UID: 0 PID: 8785 Comm: syz.3.714 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 287.734960][ T8785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 287.734974][ T8785] Call Trace: [ 287.734981][ T8785] [ 287.734990][ T8785] dump_stack_lvl+0x16c/0x1f0 [ 287.735029][ T8785] should_fail_ex+0x512/0x640 [ 287.735057][ T8785] ? fs_reclaim_acquire+0xae/0x150 [ 287.735086][ T8785] ? security_inode_init_security+0x13f/0x390 [ 287.735122][ T8785] should_failslab+0xc2/0x120 [ 287.735144][ T8785] __kmalloc_noprof+0xd2/0x510 [ 287.735185][ T8785] security_inode_init_security+0x13f/0x390 [ 287.735223][ T8785] ? __pfx_shmem_initxattrs+0x10/0x10 [ 287.735251][ T8785] ? __pfx_security_inode_init_security+0x10/0x10 [ 287.735296][ T8785] shmem_mknod+0x22e/0x450 [ 287.735330][ T8785] shmem_mkdir+0x31/0x80 [ 287.735359][ T8785] vfs_mkdir+0x590/0x8c0 [ 287.735391][ T8785] do_mkdirat+0x304/0x3e0 [ 287.735427][ T8785] ? __pfx_do_mkdirat+0x10/0x10 [ 287.735469][ T8785] __x64_sys_mkdir+0xef/0x140 [ 287.735504][ T8785] do_syscall_64+0xcd/0x260 [ 287.735540][ T8785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.735563][ T8785] RIP: 0033:0x7fc522f8d169 [ 287.735592][ T8785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 287.735615][ T8785] RSP: 002b:00007fc523d3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 287.735636][ T8785] RAX: ffffffffffffffda RBX: 00007fc5231a6080 RCX: 00007fc522f8d169 [ 287.735651][ T8785] RDX: 0000000000000000 RSI: 0000000000008001 RDI: 0000000000000000 [ 287.735665][ T8785] RBP: 00007fc52300e990 R08: 0000000000000000 R09: 0000000000000000 [ 287.735678][ T8785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 287.735691][ T8785] R13: 0000000000000000 R14: 00007fc5231a6080 R15: 00007ffda26c59f8 [ 287.735720][ T8785] [ 293.499872][ T8832] busy [ 293.571350][ T8837] netlink: 4 bytes leftover after parsing attributes in process `syz.1.719'. [ 294.102209][ T8847] busy [ 294.414263][ T5842] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 294.453329][ T5842] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 294.477506][ T5842] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 294.491040][ T5842] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 294.499326][ T5842] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 294.804778][ T8854] netlink: 'syz.3.723': attribute type 16 has an invalid length. [ 294.889213][ T8854] netlink: 326 bytes leftover after parsing attributes in process `syz.3.723'. [ 296.202302][ T8848] chnl_net:caif_netlink_parms(): no params data found [ 296.530694][ T8848] bridge0: port 1(bridge_slave_0) entered blocking state [ 296.555283][ T8848] bridge0: port 1(bridge_slave_0) entered disabled state [ 296.579480][ T8848] bridge_slave_0: entered allmulticast mode [ 296.586060][ T5842] Bluetooth: hci4: command tx timeout [ 296.604392][ T8848] bridge_slave_0: entered promiscuous mode [ 296.621513][ T8848] bridge0: port 2(bridge_slave_1) entered blocking state [ 296.630605][ T8848] bridge0: port 2(bridge_slave_1) entered disabled state [ 296.641433][ T8848] bridge_slave_1: entered allmulticast mode [ 296.655380][ T8848] bridge_slave_1: entered promiscuous mode [ 296.724301][ T8848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 296.765646][ T8848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 296.841896][ T8848] team0: Port device team_slave_0 added [ 296.870194][ T8848] team0: Port device team_slave_1 added [ 296.978804][ T8848] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 296.996098][ T8848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 297.045926][ T8848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 297.078326][ T8848] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 297.085339][ T8848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 297.145907][ T8848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 297.302485][ T8848] hsr_slave_0: entered promiscuous mode [ 297.322848][ T8848] hsr_slave_1: entered promiscuous mode [ 297.345420][ T8848] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 297.353675][ T8848] Cannot create hsr debugfs directory [ 297.913338][ T8848] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 297.941346][ T8848] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 297.981464][ T8848] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 298.001163][ T8848] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 298.254679][ T8848] 8021q: adding VLAN 0 to HW filter on device bond0 [ 298.309534][ T8848] 8021q: adding VLAN 0 to HW filter on device team0 [ 298.348758][ T7784] bridge0: port 1(bridge_slave_0) entered blocking state [ 298.356864][ T7784] bridge0: port 1(bridge_slave_0) entered forwarding state [ 298.393316][ T7784] bridge0: port 2(bridge_slave_1) entered blocking state [ 298.400757][ T7784] bridge0: port 2(bridge_slave_1) entered forwarding state [ 298.671014][ T5842] Bluetooth: hci4: command tx timeout [ 298.761204][ T8848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 299.082607][ T8848] veth0_vlan: entered promiscuous mode [ 299.098201][ T8848] veth1_vlan: entered promiscuous mode [ 299.132672][ T8848] veth0_macvtap: entered promiscuous mode [ 299.144677][ T8848] veth1_macvtap: entered promiscuous mode [ 299.175150][ T8848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 299.186298][ T8848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.196223][ T8848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 299.207572][ T8848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.218186][ T8848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 299.229020][ T8848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.243571][ T8848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 299.254081][ T8848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.264910][ T8848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 299.275423][ T8848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.287996][ T8848] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 299.303379][ T8848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.314022][ T8848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.325457][ T8848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.335976][ T8848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.345889][ T8848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.359283][ T8848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.370358][ T8848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.380985][ T8848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.391440][ T8848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.402002][ T8848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.413345][ T8848] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 299.430067][ T8848] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 299.439522][ T8848] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 299.448621][ T8848] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 299.457819][ T8848] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 299.552537][ T7784] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 299.560740][ T7784] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 299.602734][ T7787] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 299.618044][ T7787] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 300.407568][ T8899] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 300.756087][ T5842] Bluetooth: hci4: command tx timeout [ 301.145528][ T8901] netlink: 4 bytes leftover after parsing attributes in process `syz.5.730'. [ 302.827833][ T5842] Bluetooth: hci4: command tx timeout [ 303.089941][ T8964] FAULT_INJECTION: forcing a failure. [ 303.089941][ T8964] name failslab, interval 1, probability 0, space 0, times 0 [ 303.114533][ T8964] CPU: 0 UID: 0 PID: 8964 Comm: syz.5.750 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 303.114580][ T8964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 303.114600][ T8964] Call Trace: [ 303.114610][ T8964] [ 303.114622][ T8964] dump_stack_lvl+0x16c/0x1f0 [ 303.114677][ T8964] should_fail_ex+0x512/0x640 [ 303.114714][ T8964] ? __kvmalloc_node_noprof+0x122/0x600 [ 303.114768][ T8964] should_failslab+0xc2/0x120 [ 303.114798][ T8964] __kvmalloc_node_noprof+0x135/0x600 [ 303.114847][ T8964] ? alloc_fdtable+0x158/0x2b0 [ 303.114898][ T8964] ? alloc_fdtable+0x158/0x2b0 [ 303.114952][ T8964] alloc_fdtable+0x158/0x2b0 [ 303.114999][ T8964] dup_fd+0x83b/0xb90 [ 303.115061][ T8964] ksys_unshare+0x831/0xa40 [ 303.115112][ T8964] ? __pfx_ksys_unshare+0x10/0x10 [ 303.115159][ T8964] ? xfd_validate_state+0x5d/0x180 [ 303.115196][ T8964] ? rcu_is_watching+0x12/0xc0 [ 303.115245][ T8964] __x64_sys_unshare+0x31/0x40 [ 303.115292][ T8964] do_syscall_64+0xcd/0x260 [ 303.115339][ T8964] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.115372][ T8964] RIP: 0033:0x7f839c98d169 [ 303.115398][ T8964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 303.115428][ T8964] RSP: 002b:00007f839d71f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 303.115459][ T8964] RAX: ffffffffffffffda RBX: 00007f839cba5fa0 RCX: 00007f839c98d169 [ 303.115479][ T8964] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400 [ 303.115497][ T8964] RBP: 00007f839ca0e990 R08: 0000000000000000 R09: 0000000000000000 [ 303.115515][ T8964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 303.115533][ T8964] R13: 0000000000000000 R14: 00007f839cba5fa0 R15: 00007ffd7bd2d8f8 [ 303.115573][ T8964] [ 303.568557][ T8971] mkiss: ax0: crc mode is auto. [ 304.831880][ T9004] busy [ 306.000710][ T9022] mkiss: ax0: crc mode is auto. [ 306.379673][ T9021] random: crng reseeded on system resumption [ 307.373807][ T9041] netlink: 338 bytes leftover after parsing attributes in process `syz.4.769'. [ 307.384382][ T9041] ipvlan1: entered allmulticast mode [ 307.390219][ T9041] veth0_vlan: entered allmulticast mode [ 307.682136][ T7791] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 307.805594][ T7791] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 307.943831][ T7791] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 308.168488][ T9051] busy [ 308.600280][ T7791] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 308.896709][ T7791] bridge_slave_1: left allmulticast mode [ 308.916141][ T7791] bridge_slave_1: left promiscuous mode [ 308.920891][ T5843] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 308.931560][ T5843] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 308.932861][ T7791] bridge0: port 2(bridge_slave_1) entered disabled state [ 308.951521][ T5843] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 308.966317][ T5843] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 308.976728][ T5843] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 309.004145][ T7791] bridge_slave_0: left allmulticast mode [ 309.016159][ T7791] bridge_slave_0: left promiscuous mode [ 309.028772][ T7791] bridge0: port 1(bridge_slave_0) entered disabled state [ 309.564188][ T9058] Invalid ELF header magic: != ELF [ 309.840433][ T7791] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 309.890071][ T7791] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 309.911515][ T7791] bond0 (unregistering): Released all slaves [ 310.788463][ T7791] hsr_slave_0: left promiscuous mode [ 310.799881][ T7791] hsr_slave_1: left promiscuous mode [ 310.807593][ T7791] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 310.829607][ T7791] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 310.850890][ T7791] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 310.864150][ T7791] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 310.959552][ T7791] veth1_macvtap: left promiscuous mode [ 311.018062][ T7791] veth0_macvtap: left promiscuous mode [ 311.027717][ T7791] veth1_vlan: left promiscuous mode [ 311.036676][ T7791] veth0_vlan: left promiscuous mode [ 311.080209][ T5842] Bluetooth: hci4: command tx timeout [ 311.522096][ T9087] can: request_module (can-proto-0) failed. [ 311.749517][ T7791] team0 (unregistering): Port device team_slave_1 removed [ 311.799492][ T7791] team0 (unregistering): Port device team_slave_0 removed [ 312.219285][ T9059] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 312.310757][ T9055] chnl_net:caif_netlink_parms(): no params data found [ 312.414938][ T9095] netlink: 338 bytes leftover after parsing attributes in process `syz.4.780'. [ 312.789753][ T9055] bridge0: port 1(bridge_slave_0) entered blocking state [ 312.821611][ T9055] bridge0: port 1(bridge_slave_0) entered disabled state [ 312.860792][ T9055] bridge_slave_0: entered allmulticast mode [ 312.882415][ T9055] bridge_slave_0: entered promiscuous mode [ 312.900178][ T9055] bridge0: port 2(bridge_slave_1) entered blocking state [ 312.936518][ T9055] bridge0: port 2(bridge_slave_1) entered disabled state [ 312.945275][ T9055] bridge_slave_1: entered allmulticast mode [ 312.953608][ T9055] bridge_slave_1: entered promiscuous mode [ 313.035881][ T9118] busy [ 313.153433][ T5842] Bluetooth: hci4: command tx timeout [ 313.177132][ T9055] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 313.350308][ T9055] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 313.594384][ T9055] team0: Port device team_slave_0 added [ 313.670410][ T9055] team0: Port device team_slave_1 added [ 313.769637][ T9127] nvme_fabrics: missing parameter 'transport=%s' [ 313.778340][ T9126] netlink: 'syz.1.785': attribute type 16 has an invalid length. [ 313.791168][ T9127] nvme_fabrics: missing parameter 'nqn=%s' [ 313.798697][ T9126] netlink: 326 bytes leftover after parsing attributes in process `syz.1.785'. [ 313.816214][ T9055] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 313.823349][ T9055] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 313.849286][ C0] vkms_vblank_simulate: vblank timer overrun [ 313.858155][ T9055] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 313.889983][ T9055] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 313.903180][ T9055] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 313.931883][ T9055] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 314.025369][ T9055] hsr_slave_0: entered promiscuous mode [ 314.036133][ T9055] hsr_slave_1: entered promiscuous mode [ 314.044466][ T9055] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 314.052199][ T9055] Cannot create hsr debugfs directory [ 314.428938][ T9055] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 314.468411][ T9055] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 314.495601][ T9055] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 314.574966][ T9055] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 314.829744][ T9055] 8021q: adding VLAN 0 to HW filter on device bond0 [ 314.890014][ T9055] 8021q: adding VLAN 0 to HW filter on device team0 [ 314.918796][ T7787] bridge0: port 1(bridge_slave_0) entered blocking state [ 314.926128][ T7787] bridge0: port 1(bridge_slave_0) entered forwarding state [ 314.950839][ T7787] bridge0: port 2(bridge_slave_1) entered blocking state [ 314.958124][ T7787] bridge0: port 2(bridge_slave_1) entered forwarding state [ 315.231658][ T5842] Bluetooth: hci4: command tx timeout [ 315.516621][ T9055] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 316.258901][ T9055] veth0_vlan: entered promiscuous mode [ 316.293725][ T9055] veth1_vlan: entered promiscuous mode [ 316.363339][ T9055] veth0_macvtap: entered promiscuous mode [ 316.404751][ T9055] veth1_macvtap: entered promiscuous mode [ 316.493839][ T9055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 316.519364][ T9055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 316.549514][ T9055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 316.578168][ T9055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 316.599883][ T9055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 316.618685][ T9055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 316.629252][ T9055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 316.650868][ T9055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 316.682557][ T9055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 316.704095][ T9055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 316.726801][ T9197] netlink: 338 bytes leftover after parsing attributes in process `syz.1.790'. [ 316.728512][ T9055] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 316.770860][ T9186] Invalid ELF header magic: != ELF [ 316.779429][ T9055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 316.812120][ T9055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 316.822131][ T9055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 316.839508][ T9055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 316.852171][ T9055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 316.864604][ T9055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 316.875309][ T9055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 316.886306][ T9055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 316.900207][ T9055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 316.911939][ T9055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 316.941438][ T9055] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 316.977668][ T9055] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 317.018749][ T9055] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 317.028145][ T9055] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 317.057775][ T9055] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 317.297011][ T7796] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 317.316948][ T5842] Bluetooth: hci4: command tx timeout [ 317.319506][ T7796] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 317.429464][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 317.456492][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 317.808757][ T9219] FAULT_INJECTION: forcing a failure. [ 317.808757][ T9219] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 317.855470][ T9219] CPU: 1 UID: 0 PID: 9219 Comm: syz.6.773 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 317.855512][ T9219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 317.855530][ T9219] Call Trace: [ 317.855540][ T9219] [ 317.855551][ T9219] dump_stack_lvl+0x16c/0x1f0 [ 317.855603][ T9219] should_fail_ex+0x512/0x640 [ 317.855645][ T9219] _copy_from_iter+0x2a4/0x15b0 [ 317.855690][ T9219] ? __alloc_skb+0x200/0x380 [ 317.855731][ T9219] ? __pfx__copy_from_iter+0x10/0x10 [ 317.855776][ T9219] ? __lock_acquire+0xaa4/0x1ba0 [ 317.855839][ T9219] netlink_sendmsg+0x829/0xdd0 [ 317.855897][ T9219] ? __pfx_netlink_sendmsg+0x10/0x10 [ 317.855973][ T9219] ____sys_sendmsg+0xa95/0xc70 [ 317.856004][ T9219] ? copy_msghdr_from_user+0x10a/0x160 [ 317.856045][ T9219] ? __pfx_____sys_sendmsg+0x10/0x10 [ 317.856081][ T9219] ? kfree+0x252/0x4d0 [ 317.856118][ T9219] ? __pfx__kstrtoull+0x10/0x10 [ 317.856175][ T9219] ___sys_sendmsg+0x134/0x1d0 [ 317.856220][ T9219] ? __pfx____sys_sendmsg+0x10/0x10 [ 317.856298][ T9219] ? __pfx___might_resched+0x10/0x10 [ 317.856353][ T9219] __sys_sendmmsg+0x200/0x420 [ 317.856401][ T9219] ? __pfx___sys_sendmmsg+0x10/0x10 [ 317.856456][ T9219] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 317.856523][ T9219] ? fput+0x70/0xf0 [ 317.856553][ T9219] ? ksys_write+0x1b9/0x240 [ 317.856596][ T9219] ? __pfx_ksys_write+0x10/0x10 [ 317.856636][ T9219] ? rcu_is_watching+0x12/0xc0 [ 317.856682][ T9219] __x64_sys_sendmmsg+0x9c/0x100 [ 317.856724][ T9219] ? lockdep_hardirqs_on+0x7c/0x110 [ 317.856769][ T9219] do_syscall_64+0xcd/0x260 [ 317.856819][ T9219] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.856851][ T9219] RIP: 0033:0x7fa57bb8d169 [ 317.856874][ T9219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 317.856925][ T9219] RSP: 002b:00007fa57c9e2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 317.856952][ T9219] RAX: ffffffffffffffda RBX: 00007fa57bda5fa0 RCX: 00007fa57bb8d169 [ 317.856970][ T9219] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 317.856987][ T9219] RBP: 00007fa57c9e2090 R08: 0000000000000000 R09: 0000000000000000 [ 317.857004][ T9219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 317.857021][ T9219] R13: 0000000000000000 R14: 00007fa57bda5fa0 R15: 00007ffe321db528 [ 317.857059][ T9219] [ 317.930421][ T9190] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 319.298683][ T9236] FAULT_INJECTION: forcing a failure. [ 319.298683][ T9236] name failslab, interval 1, probability 0, space 0, times 0 [ 319.355853][ T9236] CPU: 1 UID: 0 PID: 9236 Comm: syz.4.794 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 319.355898][ T9236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 319.355916][ T9236] Call Trace: [ 319.355927][ T9236] [ 319.355938][ T9236] dump_stack_lvl+0x16c/0x1f0 [ 319.355990][ T9236] should_fail_ex+0x512/0x640 [ 319.356026][ T9236] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 319.356079][ T9236] should_failslab+0xc2/0x120 [ 319.356109][ T9236] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 319.356155][ T9236] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.356188][ T9236] ? fuse_request_alloc+0x22/0x200 [ 319.356240][ T9236] fuse_request_alloc+0x22/0x200 [ 319.356286][ T9236] fuse_get_req+0x748/0xfd0 [ 319.356340][ T9236] ? __pfx_fuse_get_req+0x10/0x10 [ 319.356425][ T9236] fuse_simple_background+0x464/0x5f0 [ 319.356473][ T9236] ? kasan_save_track+0x14/0x30 [ 319.356522][ T9236] cuse_channel_open+0x561/0x7f0 [ 319.356564][ T9236] ? __pfx_cuse_channel_open+0x10/0x10 [ 319.356601][ T9236] misc_open+0x35a/0x420 [ 319.356644][ T9236] ? __pfx_misc_open+0x10/0x10 [ 319.356685][ T9236] chrdev_open+0x231/0x6a0 [ 319.356735][ T9236] ? __pfx_apparmor_file_open+0x10/0x10 [ 319.356776][ T9236] ? __pfx_chrdev_open+0x10/0x10 [ 319.356843][ T9236] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 319.356900][ T9236] do_dentry_open+0x741/0x1c10 [ 319.356947][ T9236] ? __pfx_chrdev_open+0x10/0x10 [ 319.356999][ T9236] vfs_open+0x82/0x3f0 [ 319.357034][ T9236] path_openat+0x1e5e/0x2d40 [ 319.357093][ T9236] ? __pfx_path_openat+0x10/0x10 [ 319.357149][ T9236] do_filp_open+0x20b/0x470 [ 319.357214][ T9236] ? __pfx_do_filp_open+0x10/0x10 [ 319.357294][ T9236] ? alloc_fd+0x471/0x7d0 [ 319.357353][ T9236] do_sys_openat2+0x11b/0x1d0 [ 319.357388][ T9236] ? __pfx_do_sys_openat2+0x10/0x10 [ 319.357438][ T9236] __x64_sys_openat+0x174/0x210 [ 319.357473][ T9236] ? __pfx___x64_sys_openat+0x10/0x10 [ 319.357510][ T9236] ? rcu_is_watching+0x12/0xc0 [ 319.357591][ T9236] do_syscall_64+0xcd/0x260 [ 319.357645][ T9236] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.357679][ T9236] RIP: 0033:0x7f01c378d169 [ 319.357706][ T9236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 319.357736][ T9236] RSP: 002b:00007f01c455b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 319.357763][ T9236] RAX: ffffffffffffffda RBX: 00007f01c39a6080 RCX: 00007f01c378d169 [ 319.357783][ T9236] RDX: 00000000001c1041 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 319.357801][ T9236] RBP: 00007f01c380e990 R08: 0000000000000000 R09: 0000000000000000 [ 319.357821][ T9236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 319.357838][ T9236] R13: 0000000000000000 R14: 00007f01c39a6080 R15: 00007ffe06715468 [ 319.357878][ T9236] [ 320.228661][ T9258] busy [ 320.817464][ T7209] smc: removing net device syz_tun with user defined pnetid ETHTOOL [ 321.025682][ T5843] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 321.038011][ T5843] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 321.058436][ T5843] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 321.069133][ T5843] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 321.079706][ T5843] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 321.482300][ T9277] busy [ 322.102997][ T9288] netlink: 338 bytes leftover after parsing attributes in process `syz.4.799'. [ 322.446127][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.452517][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.691686][ T9304] netlink: 28 bytes leftover after parsing attributes in process `syz.1.804'. [ 323.155555][ T5842] Bluetooth: hci1: command tx timeout [ 323.378340][ T9264] chnl_net:caif_netlink_parms(): no params data found [ 323.705742][ T9264] bridge0: port 1(bridge_slave_0) entered blocking state [ 323.713025][ T9264] bridge0: port 1(bridge_slave_0) entered disabled state [ 323.736275][ T9264] bridge_slave_0: entered allmulticast mode [ 323.751856][ T9264] bridge_slave_0: entered promiscuous mode [ 323.761241][ T9264] bridge0: port 2(bridge_slave_1) entered blocking state [ 323.771524][ T9264] bridge0: port 2(bridge_slave_1) entered disabled state [ 323.780239][ T9264] bridge_slave_1: entered allmulticast mode [ 323.788826][ T9264] bridge_slave_1: entered promiscuous mode [ 323.879421][ T9264] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 323.899577][ T9264] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 323.981197][ T9264] team0: Port device team_slave_0 added [ 324.002885][ T9264] team0: Port device team_slave_1 added [ 324.122559][ T9321] netlink: 4 bytes leftover after parsing attributes in process `syz.1.808'. [ 324.150780][ T9264] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 324.201394][ T9264] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 324.244208][ T9264] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 324.260560][ T9264] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 324.268250][ T9264] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 324.308520][ T9264] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 324.429279][ T9264] hsr_slave_0: entered promiscuous mode [ 324.435976][ T9264] hsr_slave_1: entered promiscuous mode [ 324.443108][ T9264] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 324.451076][ T9264] Cannot create hsr debugfs directory [ 325.162469][ T9341] busy [ 325.236971][ T5842] Bluetooth: hci1: command tx timeout [ 325.738168][ T9347] netlink: 338 bytes leftover after parsing attributes in process `syz.6.811'. [ 325.794558][ T9347] ipvlan1: entered allmulticast mode [ 325.800740][ T9347] veth0_vlan: entered allmulticast mode [ 325.996478][ T9264] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 326.008729][ T9264] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 326.033921][ T9264] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 326.055596][ T9264] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 326.227438][ T9264] 8021q: adding VLAN 0 to HW filter on device bond0 [ 326.262362][ T9264] 8021q: adding VLAN 0 to HW filter on device team0 [ 326.293901][ T7784] bridge0: port 1(bridge_slave_0) entered blocking state [ 326.301141][ T7784] bridge0: port 1(bridge_slave_0) entered forwarding state [ 326.351200][ T7783] bridge0: port 2(bridge_slave_1) entered blocking state [ 326.358467][ T7783] bridge0: port 2(bridge_slave_1) entered forwarding state [ 326.736319][ T9264] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 327.328253][ T5842] Bluetooth: hci1: command tx timeout [ 327.628835][ T9377] busy [ 327.944163][ T9264] veth0_vlan: entered promiscuous mode [ 327.980568][ T9264] veth1_vlan: entered promiscuous mode [ 328.661041][ T9390] busy [ 328.855619][ T9264] veth0_macvtap: entered promiscuous mode [ 328.930539][ T9264] veth1_macvtap: entered promiscuous mode [ 328.953940][ T9264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.971757][ T9264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.091658][ T9264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.118444][ T9264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.149648][ T9264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.221444][ T9264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.268054][ T9264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.268086][ T9264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.268117][ T9264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.268140][ T9264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.268159][ T9264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.268182][ T9264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.298131][ T9264] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 329.303710][ T9264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 329.303741][ T9264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.303757][ T9264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 329.303778][ T9264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.303794][ T9264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 329.303814][ T9264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.303830][ T9264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 329.303850][ T9264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.303868][ T9264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 329.303889][ T9264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.303906][ T9264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 329.303926][ T9264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.315994][ T9264] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 329.330603][ T9264] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.330656][ T9264] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.330700][ T9264] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.330742][ T9264] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.398679][ T5842] Bluetooth: hci1: command tx timeout [ 329.643193][ T9405] netlink: 12 bytes leftover after parsing attributes in process `syz.6.818'. [ 329.707366][ T9409] busy [ 329.970875][ T7784] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 329.970908][ T7784] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 330.200816][ T7783] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 330.200855][ T7783] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 331.594134][ T9426] busy [ 332.358665][ T9431] random: crng reseeded on system resumption [ 332.460559][ T9440] netlink: 338 bytes leftover after parsing attributes in process `syz.1.831'. [ 332.738235][ T9448] busy [ 333.806475][ T9460] busy [ 333.825866][ T9462] netlink: 4 bytes leftover after parsing attributes in process `syz.6.830'. [ 333.859977][ T9462] netlink: 354 bytes leftover after parsing attributes in process `syz.6.830'. [ 334.434027][ T9472] busy [ 334.869669][ T9476] netlink: 338 bytes leftover after parsing attributes in process `syz.7.834'. [ 334.958754][ T9476] macsec0: entered allmulticast mode [ 334.983654][ T9476] veth1_macvtap: entered allmulticast mode [ 335.065881][ T9480] nvme_fabrics: missing parameter 'transport=%s' [ 335.072852][ T9480] nvme_fabrics: missing parameter 'nqn=%s' [ 335.103084][ T9480] netlink: 'syz.4.835': attribute type 16 has an invalid length. [ 335.110892][ T9480] netlink: 326 bytes leftover after parsing attributes in process `syz.4.835'. [ 335.665980][ T9503] [U]  [ 335.669155][ T9503] [U] [ 335.671916][ T9503] [U] [ 335.674663][ T9503] [U] [ 335.772233][ T9503] [U] [ 335.775052][ T9503] [U] [ 335.777808][ T9503] [U] [ 335.780571][ T9503] [U] [ 335.919267][ T9503] [U] [ 335.922066][ T9503] [U] [ 335.924909][ T9503] [U] [ 335.927661][ T9503] [U] [ 335.952663][ T9503] [U] [ 335.955469][ T9503] [U] [ 335.958226][ T9503] [U] [ 335.960975][ T9503] [U] [ 335.979212][ T9503] [U] [ 335.982101][ T9503] [U] [ 335.984877][ T9503] [U] [ 335.987633][ T9503] [U] [ 335.991066][ T9508] netlink: 338 bytes leftover after parsing attributes in process `syz.6.840'. [ 336.046954][ T9503] [U] [ 336.049761][ T9503] [U] [ 336.052523][ T9503] [U] [ 336.055314][ T9503] [U] [ 336.142552][ T9503] [U] [ 336.145348][ T9503] [U] [ 336.148101][ T9503] [U] [ 336.150856][ T9503] [U] [ 336.227913][ T9503] [U] [ 338.496659][ T9560] netlink: 338 bytes leftover after parsing attributes in process `syz.7.852'. [ 338.530077][ T9560] ipvlan1: entered allmulticast mode [ 338.551717][ T9560] veth0_vlan: entered allmulticast mode [ 339.600716][ T9584] dyndbg: bad flag-op @, at start of @ [ 339.613813][ T9584] dyndbg: flags parse failed [ 342.388758][ T9652] netlink: 338 bytes leftover after parsing attributes in process `syz.6.867'. [ 342.420209][ T9652] macsec0: entered allmulticast mode [ 342.437587][ T9652] veth1_macvtap: entered allmulticast mode [ 343.407968][ T9637] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 343.415159][ T9637] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 343.503929][ T9637] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 343.555838][ T9637] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 343.600892][ T9637] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 343.677987][ T9637] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 343.685204][ T9637] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 343.708198][ T9637] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 343.742159][ T9637] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 343.774458][ T9637] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 343.797579][ T9637] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 344.533266][ T9700] can: request_module (can-proto-0) failed. [ 344.575187][ T9711] netlink: 350 bytes leftover after parsing attributes in process `syz.1.878'. [ 344.654363][ T9704] Invalid ELF header magic: != ELF [ 344.686658][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 345.125639][ T9723] netlink: 4 bytes leftover after parsing attributes in process `syz.4.881'. [ 345.334832][ T9712] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 345.508148][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 345.570690][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 345.735880][ T5843] Bluetooth: hci4: command 0x0c1a tx timeout [ 345.808284][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 347.647847][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 347.807925][ T5843] Bluetooth: hci4: command 0x0c1a tx timeout [ 347.893169][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 348.561290][ T9777] netlink: 334 bytes leftover after parsing attributes in process `syz.1.887'. [ 349.729599][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 349.892763][ T5843] Bluetooth: hci4: command 0x0c1a tx timeout [ 349.969375][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 352.665918][ T9864] FAULT_INJECTION: forcing a failure. [ 352.665918][ T9864] name failslab, interval 1, probability 0, space 0, times 0 [ 352.690396][ T9864] CPU: 1 UID: 0 PID: 9864 Comm: syz.4.907 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 352.690442][ T9864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 352.690462][ T9864] Call Trace: [ 352.690473][ T9864] [ 352.690485][ T9864] dump_stack_lvl+0x16c/0x1f0 [ 352.690533][ T9864] should_fail_ex+0x512/0x640 [ 352.690566][ T9864] ? __kmalloc_noprof+0xbf/0x510 [ 352.690610][ T9864] ? memcg_list_lru_alloc+0x4e9/0x740 [ 352.690636][ T9864] should_failslab+0xc2/0x120 [ 352.690662][ T9864] __kmalloc_noprof+0xd2/0x510 [ 352.690711][ T9864] memcg_list_lru_alloc+0x4e9/0x740 [ 352.690747][ T9864] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 352.690791][ T9864] __memcg_slab_post_alloc_hook+0x131/0x940 [ 352.690825][ T9864] ? kasan_save_track+0x14/0x30 [ 352.690869][ T9864] kmem_cache_alloc_lru_noprof+0x30f/0x3b0 [ 352.690911][ T9864] ? find_inode_fast+0x1e9/0x600 [ 352.690941][ T9864] ? __d_alloc+0x31/0xaa0 [ 352.690970][ T9864] __d_alloc+0x31/0xaa0 [ 352.691000][ T9864] d_alloc_pseudo+0x1c/0xc0 [ 352.691032][ T9864] alloc_file_pseudo_noaccount+0xcf/0x230 [ 352.691068][ T9864] ? __pfx_alloc_file_pseudo_noaccount+0x10/0x10 [ 352.691099][ T9864] ? iput+0xd3/0x880 [ 352.691135][ T9864] bdev_file_open_by_dev+0x13e/0x210 [ 352.691170][ T9864] blkdev_bszset+0x170/0x240 [ 352.691214][ T9864] ? __pfx_blkdev_bszset+0x10/0x10 [ 352.691269][ T9864] ? find_held_lock+0x2b/0x80 [ 352.691305][ T9864] ? hook_file_ioctl_common+0x145/0x410 [ 352.691340][ T9864] blkdev_ioctl+0x44e/0x6d0 [ 352.691384][ T9864] ? __pfx_blkdev_ioctl+0x10/0x10 [ 352.691433][ T9864] ? __pfx_blkdev_ioctl+0x10/0x10 [ 352.691479][ T9864] __x64_sys_ioctl+0x190/0x200 [ 352.691516][ T9864] do_syscall_64+0xcd/0x260 [ 352.691560][ T9864] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 352.691589][ T9864] RIP: 0033:0x7f01c378d169 [ 352.691611][ T9864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 352.691639][ T9864] RSP: 002b:00007f01c457c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 352.691666][ T9864] RAX: ffffffffffffffda RBX: 00007f01c39a5fa0 RCX: 00007f01c378d169 [ 352.691685][ T9864] RDX: 0000200000000600 RSI: 0000000040081271 RDI: 0000000000000005 [ 352.691703][ T9864] RBP: 00007f01c380e990 R08: 0000000000000000 R09: 0000000000000000 [ 352.691720][ T9864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 352.691738][ T9864] R13: 0000000000000000 R14: 00007f01c39a5fa0 R15: 00007ffe06715468 [ 352.691774][ T9864] [ 352.837119][ T9852] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 352.839356][ C1] vkms_vblank_simulate: vblank timer overrun [ 352.908462][ T9852] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 352.915128][ C1] vkms_vblank_simulate: vblank timer overrun [ 353.194225][ T9852] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 353.200534][ T9852] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 353.242090][ T9852] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 353.848686][ T5843] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 353.848729][ T5843] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 353.865824][ T5843] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 353.865926][ T5843] Bluetooth: hci2: Malformed LE Event: 0x0d [ 354.130995][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 354.485589][ T9887] Invalid ELF header magic: != ELF [ 355.095653][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 355.255595][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 355.255610][ T5842] Bluetooth: hci4: command 0x0c1a tx timeout [ 355.261864][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 357.936202][ T9944] Invalid ELF header magic: != ELF [ 358.048319][ T9936] net_ratelimit: 327 callbacks suppressed [ 358.048347][ T9936] netlink: zone id is out of range [ 358.080446][ T9936] netlink: zone id is out of range [ 358.111071][ T9936] netlink: zone id is out of range [ 358.184256][ T9936] netlink: zone id is out of range [ 358.207826][ T9936] netlink: zone id is out of range [ 358.235136][ T9936] netlink: zone id is out of range [ 358.280049][ T9936] netlink: zone id is out of range [ 358.285311][ T9936] netlink: zone id is out of range [ 358.290750][ T9936] netlink: zone id is out of range [ 358.301515][ T9936] netlink: zone id is out of range [ 358.771496][ T9952] Unable to find swap-space signature [ 359.086375][ T5843] Bluetooth: hci3: unexpected event 0x01 length: 4 > 1 [ 359.551464][ T9973] netlink: 'syz.7.936': attribute type 11 has an invalid length. [ 360.166627][ T9989] netlink: 12 bytes leftover after parsing attributes in process `syz.4.939'. [ 360.457201][ T9994] Invalid ELF header magic: != ELF [ 360.718326][T10000] FAULT_INJECTION: forcing a failure. [ 360.718326][T10000] name failslab, interval 1, probability 0, space 0, times 0 [ 360.765825][T10000] CPU: 0 UID: 0 PID: 10000 Comm: syz.1.942 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 360.765872][T10000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 360.765891][T10000] Call Trace: [ 360.765903][T10000] [ 360.765914][T10000] dump_stack_lvl+0x16c/0x1f0 [ 360.765967][T10000] should_fail_ex+0x512/0x640 [ 360.766003][T10000] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 360.766055][T10000] should_failslab+0xc2/0x120 [ 360.766084][T10000] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 360.766132][T10000] ? d_instantiate+0x77/0x90 [ 360.766162][T10000] ? alloc_empty_file_noaccount+0x23/0xd0 [ 360.766206][T10000] alloc_empty_file_noaccount+0x23/0xd0 [ 360.766244][T10000] alloc_file_pseudo_noaccount+0x13a/0x230 [ 360.766285][T10000] ? __pfx_alloc_file_pseudo_noaccount+0x10/0x10 [ 360.766320][T10000] ? iput+0xd3/0x880 [ 360.766361][T10000] bdev_file_open_by_dev+0x13e/0x210 [ 360.766401][T10000] blkdev_bszset+0x170/0x240 [ 360.766448][T10000] ? __pfx_blkdev_bszset+0x10/0x10 [ 360.766496][T10000] ? find_held_lock+0x2b/0x80 [ 360.766535][T10000] ? hook_file_ioctl_common+0x145/0x410 [ 360.766574][T10000] blkdev_ioctl+0x44e/0x6d0 [ 360.766632][T10000] ? __pfx_blkdev_ioctl+0x10/0x10 [ 360.766687][T10000] ? __pfx_blkdev_ioctl+0x10/0x10 [ 360.766739][T10000] __x64_sys_ioctl+0x190/0x200 [ 360.766782][T10000] do_syscall_64+0xcd/0x260 [ 360.766833][T10000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 360.766864][T10000] RIP: 0033:0x7f422138d169 [ 360.766888][T10000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 360.766921][T10000] RSP: 002b:00007f422222e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 360.766951][T10000] RAX: ffffffffffffffda RBX: 00007f42215a5fa0 RCX: 00007f422138d169 [ 360.766972][T10000] RDX: 0000200000000600 RSI: 0000000040081271 RDI: 0000000000000005 [ 360.766991][T10000] RBP: 00007f422140e990 R08: 0000000000000000 R09: 0000000000000000 [ 360.767010][T10000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 360.767028][T10000] R13: 0000000000000000 R14: 00007f42215a5fa0 R15: 00007ffd135a4f38 [ 360.767066][T10000] [ 363.209516][T10029] netlink: 20 bytes leftover after parsing attributes in process `syz.6.948'. [ 363.413275][T10031] Process accounting resumed [ 363.505058][T10037] netlink: 20 bytes leftover after parsing attributes in process `syz.4.950'. [ 364.331873][T10041] ptrace attach of "./syz-executor exec"[5839] was attempted by "./syz-executor exec"[10041] [ 364.928263][T10056] Invalid ELF header magic: != ELF [ 365.740817][T10071] Unable to find swap-space signature [ 366.152076][T10063] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 366.455234][T10083] Invalid ELF header magic: != ELF [ 366.510744][T10077] net_ratelimit: 327 callbacks suppressed [ 366.510802][T10077] netlink: zone id is out of range [ 366.552571][T10088] netlink: 'syz.1.961': attribute type 16 has an invalid length. [ 366.569400][T10077] netlink: zone id is out of range [ 366.598678][T10088] netlink: 326 bytes leftover after parsing attributes in process `syz.1.961'. [ 366.603774][T10077] netlink: zone id is out of range [ 366.707005][T10077] netlink: zone id is out of range [ 366.752749][T10077] netlink: zone id is out of range [ 366.785152][T10077] netlink: zone id is out of range [ 366.790363][T10077] netlink: zone id is out of range [ 366.796342][T10077] netlink: zone id is out of range [ 366.801547][T10077] netlink: zone id is out of range [ 366.807943][T10077] netlink: zone id is out of range [ 366.891497][ T30] audit: type=1800 audit(6039511268.479:2): pid=10090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.962" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 367.809343][T10112] bdi 43:96: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead. [ 367.952531][ T5843] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260 [ 367.952579][ T5843] Bluetooth: hci4: unexpected subevent 0x0d length: 725 > 260 [ 367.968178][ T5843] Bluetooth: hci4: Unknown advertising packet type: 0x7f [ 367.968265][ T5843] Bluetooth: hci4: Malformed LE Event: 0x0d [ 368.705712][T10127] Invalid ELF header magic: != ELF [ 369.113102][T10140] FAULT_INJECTION: forcing a failure. [ 369.113102][T10140] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 369.213994][T10140] CPU: 0 UID: 0 PID: 10140 Comm: syz.7.976 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 369.214050][T10140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 369.214082][T10140] Call Trace: [ 369.214093][T10140] [ 369.214106][T10140] dump_stack_lvl+0x16c/0x1f0 [ 369.214162][T10140] should_fail_ex+0x512/0x640 [ 369.214207][T10140] _copy_to_user+0x32/0xd0 [ 369.214253][T10140] tomoyo_flush+0x161/0x520 [ 369.214310][T10140] tomoyo_set_string+0xaf/0xe0 [ 369.214359][T10140] tomoyo_print_entry+0x1661/0x2710 [ 369.214421][T10140] ? find_held_lock+0x2b/0x80 [ 369.214463][T10140] ? __pfx_tomoyo_print_entry+0x10/0x10 [ 369.214511][T10140] ? __might_fault+0xe3/0x190 [ 369.214560][T10140] ? __might_fault+0x13b/0x190 [ 369.214623][T10140] ? _copy_to_user+0x48/0xd0 [ 369.214676][T10140] tomoyo_read_domain2+0xa3/0x380 [ 369.214733][T10140] tomoyo_read_domain+0x3e1/0x9e0 [ 369.214797][T10140] tomoyo_read_control+0x299/0x540 [ 369.214853][T10140] ? __pfx_tomoyo_read+0x10/0x10 [ 369.214901][T10140] vfs_read+0x1de/0xc70 [ 369.214953][T10140] ? __pfx___mutex_lock+0x10/0x10 [ 369.215002][T10140] ? __pfx_vfs_read+0x10/0x10 [ 369.215070][T10140] ? __fget_files+0x20e/0x3c0 [ 369.215132][T10140] ksys_read+0x12a/0x240 [ 369.215177][T10140] ? __pfx_ksys_read+0x10/0x10 [ 369.215220][T10140] ? rcu_is_watching+0x12/0xc0 [ 369.215273][T10140] do_syscall_64+0xcd/0x260 [ 369.215362][T10140] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 369.215396][T10140] RIP: 0033:0x7f321678d169 [ 369.215422][T10140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 369.215454][T10140] RSP: 002b:00007f3217650038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 369.215483][T10140] RAX: ffffffffffffffda RBX: 00007f32169a6080 RCX: 00007f321678d169 [ 369.215504][T10140] RDX: 000000000000b4d3 RSI: 0000000000000000 RDI: 0000000000000003 [ 369.215522][T10140] RBP: 00007f321680e990 R08: 0000000000000000 R09: 0000000000000000 [ 369.215541][T10140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 369.215560][T10140] R13: 0000000000000000 R14: 00007f32169a6080 R15: 00007ffc7cb0d578 [ 369.215602][T10140] [ 370.727351][T10162] Invalid ELF header magic: != ELF [ 372.344874][T10183] Invalid ELF header magic: != ELF [ 373.599603][T10203] net_ratelimit: 327 callbacks suppressed [ 373.599630][T10203] netlink: zone id is out of range [ 373.633844][T10203] netlink: set zone limit has 4 unknown bytes [ 374.276602][T10217] busy [ 377.790995][T10262] Invalid ELF header magic: != ELF [ 378.094021][T10278] FAULT_INJECTION: forcing a failure. [ 378.094021][T10278] name fail_futex, interval 1, probability 0, space 0, times 1 [ 378.130633][T10278] CPU: 1 UID: 0 PID: 10278 Comm: syz.1.1006 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 378.130680][T10278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 378.130700][T10278] Call Trace: [ 378.130719][T10278] [ 378.130732][T10278] dump_stack_lvl+0x16c/0x1f0 [ 378.130787][T10278] should_fail_ex+0x512/0x640 [ 378.130831][T10278] get_futex_key+0x49e/0x1000 [ 378.130883][T10278] ? __pfx_get_futex_key+0x10/0x10 [ 378.130927][T10278] ? kfree+0x252/0x4d0 [ 378.130982][T10278] futex_wake+0xe7/0x4e0 [ 378.131015][T10278] ? __pfx_futex_wake+0x10/0x10 [ 378.131046][T10278] ? __pfx_vfs_writev+0x10/0x10 [ 378.131094][T10278] ? do_writev+0x218/0x330 [ 378.131145][T10278] do_futex+0x1e3/0x350 [ 378.131192][T10278] ? __pfx_do_futex+0x10/0x10 [ 378.131236][T10278] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 378.131299][T10278] __x64_sys_futex+0x1e0/0x4c0 [ 378.131349][T10278] ? fput+0x70/0xf0 [ 378.131380][T10278] ? __pfx___x64_sys_futex+0x10/0x10 [ 378.131429][T10278] ? __pfx_do_writev+0x10/0x10 [ 378.131470][T10278] ? rcu_is_watching+0x12/0xc0 [ 378.131523][T10278] do_syscall_64+0xcd/0x260 [ 378.131575][T10278] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 378.131609][T10278] RIP: 0033:0x7f422138d169 [ 378.131635][T10278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 378.131669][T10278] RSP: 002b:00007f42221ec0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 378.131701][T10278] RAX: ffffffffffffffda RBX: 00007f42215a6168 RCX: 00007f422138d169 [ 378.131730][T10278] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f42215a616c [ 378.131750][T10278] RBP: 00007f42215a6160 R08: 00007f422222f000 R09: 0000000000000000 [ 378.131771][T10278] R10: 0000000000000007 R11: 0000000000000246 R12: 00007f42215a616c [ 378.131791][T10278] R13: 0000000000000000 R14: 00007ffd135a4e50 R15: 00007ffd135a4f38 [ 378.131832][T10278] [ 378.328532][ C1] vkms_vblank_simulate: vblank timer overrun [ 378.684963][T10287] netlink: zone id is out of range [ 378.690164][T10287] netlink: zone id is out of range [ 378.712308][T10287] netlink: zone id is out of range [ 378.767981][T10287] netlink: zone id is out of range [ 378.773244][T10287] netlink: zone id is out of range [ 378.790278][T10287] netlink: zone id is out of range [ 378.795540][T10287] netlink: zone id is out of range [ 378.800797][T10287] netlink: zone id is out of range [ 378.806087][T10287] netlink: zone id is out of range [ 378.812029][T10287] netlink: zone id is out of range [ 381.098121][T10336] busy [ 381.153979][T10339] random: crng reseeded on system resumption [ 381.747008][T10341] Invalid ELF header magic: != ELF [ 382.376007][T10357] Invalid ELF header magic: != ELF [ 382.452473][T10358] Invalid ELF header magic: != ELF [ 383.804364][T10372] Invalid ELF header magic: != ELF [ 383.905199][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.911617][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 387.941623][T10466] Invalid ELF header magic: != ELF [ 388.172705][T10473] netlink: 194 bytes leftover after parsing attributes in process `syz.4.1047'. [ 389.294255][T10481] busy [ 390.173655][T10495] busy [ 391.342707][T10522] ptrace attach of "./syz-executor exec"[9264] was attempted by "./syz-executor exec"[10522] [ 391.410041][T10522] FAULT_INJECTION: forcing a failure. [ 391.410041][T10522] name failslab, interval 1, probability 0, space 0, times 0 [ 391.439447][T10522] CPU: 0 UID: 0 PID: 10522 Comm: syz.7.1057 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 391.439499][T10522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 391.439517][T10522] Call Trace: [ 391.439527][T10522] [ 391.439538][T10522] dump_stack_lvl+0x16c/0x1f0 [ 391.439588][T10522] should_fail_ex+0x512/0x640 [ 391.439622][T10522] ? fs_reclaim_acquire+0xae/0x150 [ 391.439663][T10522] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 391.439716][T10522] should_failslab+0xc2/0x120 [ 391.439746][T10522] __kmalloc_noprof+0xd2/0x510 [ 391.439803][T10522] tomoyo_realpath_from_path+0xc2/0x6e0 [ 391.439849][T10522] ? tomoyo_profile+0x47/0x60 [ 391.439899][T10522] tomoyo_path_number_perm+0x245/0x580 [ 391.439933][T10522] ? tomoyo_path_number_perm+0x237/0x580 [ 391.439972][T10522] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 391.440047][T10522] ? d_alloc_parallel+0x979/0x12e0 [ 391.440087][T10522] ? current_check_access_path+0x33c/0x460 [ 391.440127][T10522] ? __pfx_current_check_access_path+0x10/0x10 [ 391.440177][T10522] tomoyo_path_mknod+0x10c/0x190 [ 391.440226][T10522] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 391.440276][T10522] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 391.440314][T10522] security_path_mknod+0x161/0x310 [ 391.440353][T10522] lookup_open.isra.0+0xc17/0x1580 [ 391.440400][T10522] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 391.440472][T10522] ? __pfx_down_write+0x10/0x10 [ 391.440494][T10522] ? mnt_get_write_access+0x20c/0x300 [ 391.440530][T10522] path_openat+0x905/0x2d40 [ 391.440581][T10522] ? __pfx_path_openat+0x10/0x10 [ 391.440629][T10522] do_filp_open+0x20b/0x470 [ 391.440668][T10522] ? __pfx_do_filp_open+0x10/0x10 [ 391.440737][T10522] ? alloc_fd+0x471/0x7d0 [ 391.440793][T10522] do_sys_openat2+0x11b/0x1d0 [ 391.440825][T10522] ? __pfx_do_sys_openat2+0x10/0x10 [ 391.440874][T10522] __x64_sys_openat+0x174/0x210 [ 391.440907][T10522] ? __pfx___x64_sys_openat+0x10/0x10 [ 391.440943][T10522] ? rcu_is_watching+0x12/0xc0 [ 391.440994][T10522] do_syscall_64+0xcd/0x260 [ 391.441042][T10522] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 391.441074][T10522] RIP: 0033:0x7f321678d169 [ 391.441097][T10522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 391.441126][T10522] RSP: 002b:00007f3217671038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 391.441153][T10522] RAX: ffffffffffffffda RBX: 00007f32169a5fa0 RCX: 00007f321678d169 [ 391.441171][T10522] RDX: 00000000001a1842 RSI: 00002000000003c0 RDI: ffffffffffffff9c [ 391.441189][T10522] RBP: 00007f321680e990 R08: 0000000000000000 R09: 0000000000000000 [ 391.441206][T10522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 391.441223][T10522] R13: 0000000000000000 R14: 00007f32169a5fa0 R15: 00007ffc7cb0d578 [ 391.441262][T10522] [ 391.442560][T10522] ERROR: Out of memory at tomoyo_realpath_from_path. [ 391.677249][ C0] vkms_vblank_simulate: vblank timer overrun [ 392.042735][T10525] Invalid ELF header magic: != ELF [ 392.566463][T10540] busy [ 393.462219][T10550] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1064'. [ 393.923874][T10550] bond0: (slave bond_slave_0): Releasing backup interface [ 394.705553][T10551] ptrace attach of "./syz-executor exec"[9055] was attempted by "./syz-executor exec"[10551] [ 394.766734][T10562] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1067'. [ 394.897790][T10562] unsupported nlmsg_type 40 [ 395.044152][T10546] Process accounting paused [ 398.184632][T10613] busy [ 398.840181][ T5843] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 398.840228][ T5843] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 398.858028][ T5843] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 398.858095][ T5843] Bluetooth: hci1: adv larger than maximum supported [ 398.865610][ T5843] Bluetooth: hci1: Malformed LE Event: 0x0d [ 400.919386][T10631] input: isc as /devices/virtual/input/input13 [ 400.926052][T10631] FAULT_INJECTION: forcing a failure. [ 400.926052][T10631] name failslab, interval 1, probability 0, space 0, times 0 [ 400.961626][T10631] CPU: 0 UID: 0 PID: 10631 Comm: syz.4.1083 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 400.961673][T10631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 400.961693][T10631] Call Trace: [ 400.961704][T10631] [ 400.961716][T10631] dump_stack_lvl+0x16c/0x1f0 [ 400.961770][T10631] should_fail_ex+0x512/0x640 [ 400.961818][T10631] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 400.961871][T10631] should_failslab+0xc2/0x120 [ 400.961908][T10631] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 400.961954][T10631] ? __pfx_idr_alloc_u32+0x10/0x10 [ 400.961995][T10631] ? __kernfs_new_node+0xd2/0x8a0 [ 400.962050][T10631] __kernfs_new_node+0xd2/0x8a0 [ 400.962103][T10631] ? __pfx___kernfs_new_node+0x10/0x10 [ 400.962164][T10631] ? find_held_lock+0x2b/0x80 [ 400.962205][T10631] ? kernfs_root+0xee/0x2a0 [ 400.962261][T10631] kernfs_new_node+0x13c/0x1e0 [ 400.962303][T10631] kernfs_create_dir_ns+0x4c/0x1a0 [ 400.962343][T10631] internal_create_group+0x34d/0xf30 [ 400.962402][T10631] ? kernfs_add_one+0x14e/0x840 [ 400.962435][T10631] ? __pfx_internal_create_group+0x10/0x10 [ 400.962492][T10631] ? __pfx_dev_add_physical_location+0x10/0x10 [ 400.962542][T10631] ? bus_to_subsys+0x12d/0x160 [ 400.962585][T10631] dpm_sysfs_add+0x80/0x280 [ 400.962617][T10631] device_add+0x9a6/0x1a70 [ 400.962654][T10631] ? __pfx_device_add+0x10/0x10 [ 400.962687][T10631] ? __pfx_exact_lock+0x10/0x10 [ 400.962740][T10631] ? kobject_get+0xbb/0x150 [ 400.962790][T10631] cdev_device_add+0xc2/0x1e0 [ 400.962850][T10631] evdev_connect+0x3a4/0x4c0 [ 400.962903][T10631] input_attach_handler.isra.0+0x181/0x260 [ 400.962957][T10631] input_register_device+0xa84/0x1130 [ 400.963008][T10631] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 400.963052][T10631] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 400.963102][T10631] ? find_held_lock+0x2b/0x80 [ 400.963161][T10631] ? __pfx_uinput_ioctl+0x10/0x10 [ 400.963199][T10631] __x64_sys_ioctl+0x190/0x200 [ 400.963241][T10631] do_syscall_64+0xcd/0x260 [ 400.963292][T10631] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 400.963324][T10631] RIP: 0033:0x7f01c378d169 [ 400.963349][T10631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 400.963381][T10631] RSP: 002b:00007f01c457c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 400.963410][T10631] RAX: ffffffffffffffda RBX: 00007f01c39a5fa0 RCX: 00007f01c378d169 [ 400.963435][T10631] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000005 [ 400.963452][T10631] RBP: 00007f01c380e990 R08: 0000000000000000 R09: 0000000000000000 [ 400.963470][T10631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 400.963488][T10631] R13: 0000000000000000 R14: 00007f01c39a5fa0 R15: 00007ffe06715468 [ 400.963529][T10631] [ 401.373367][T10631] input: failed to attach handler evdev to device input13, error: -12 [ 402.057275][T10642] busy [ 403.194935][T10658] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1089'. [ 403.512333][T10649] net_ratelimit: 327 callbacks suppressed [ 403.512361][T10649] netlink: zone id is out of range [ 403.596520][T10649] netlink: zone id is out of range [ 403.601893][T10649] netlink: zone id is out of range [ 403.607719][T10649] netlink: zone id is out of range [ 403.612970][T10649] netlink: zone id is out of range [ 403.619085][T10649] netlink: zone id is out of range [ 403.636598][T10649] netlink: zone id is out of range [ 403.734487][T10649] netlink: zone id is out of range [ 403.965411][T10649] netlink: zone id is out of range [ 403.970718][T10649] netlink: zone id is out of range [ 404.034238][T10658] bond0: (slave bond_slave_0): Releasing backup interface [ 404.446262][T10667] netlink: 'syz.1.1092': attribute type 11 has an invalid length. [ 404.931460][T10676] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1094'. [ 405.073606][T10682] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1094'. [ 405.768847][T10694] sctp: [Deprecated]: syz.7.1096 (pid 10694) Use of int in max_burst socket option deprecated. [ 405.768847][T10694] Use struct sctp_assoc_value instead [ 406.434957][T10714] FAULT_INJECTION: forcing a failure. [ 406.434957][T10714] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 406.488946][T10714] CPU: 1 UID: 0 PID: 10714 Comm: syz.1.1101 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 406.488991][T10714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 406.489010][T10714] Call Trace: [ 406.489020][T10714] [ 406.489031][T10714] dump_stack_lvl+0x16c/0x1f0 [ 406.489081][T10714] should_fail_ex+0x512/0x640 [ 406.489133][T10714] _copy_to_user+0x32/0xd0 [ 406.489175][T10714] simple_read_from_buffer+0xcb/0x170 [ 406.489226][T10714] proc_fail_nth_read+0x197/0x270 [ 406.489269][T10714] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 406.489313][T10714] ? rw_verify_area+0xcf/0x680 [ 406.489348][T10714] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 406.489390][T10714] vfs_read+0x1de/0xc70 [ 406.489437][T10714] ? __pfx___mutex_lock+0x10/0x10 [ 406.489480][T10714] ? __pfx_vfs_read+0x10/0x10 [ 406.489531][T10714] ? __fget_files+0x20e/0x3c0 [ 406.489583][T10714] ksys_read+0x12a/0x240 [ 406.489622][T10714] ? __pfx_ksys_read+0x10/0x10 [ 406.489668][T10714] ? rcu_is_watching+0x12/0xc0 [ 406.489716][T10714] do_syscall_64+0xcd/0x260 [ 406.489764][T10714] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.489793][T10714] RIP: 0033:0x7f422138bb7c [ 406.489816][T10714] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 406.489845][T10714] RSP: 002b:00007f422220d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 406.489873][T10714] RAX: ffffffffffffffda RBX: 00007f42215a6080 RCX: 00007f422138bb7c [ 406.489892][T10714] RDX: 000000000000000f RSI: 00007f422220d0a0 RDI: 0000000000000007 [ 406.489909][T10714] RBP: 00007f422220d090 R08: 0000000000000000 R09: 0000000000000000 [ 406.489926][T10714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 406.489943][T10714] R13: 0000000000000000 R14: 00007f42215a6080 R15: 00007ffd135a4f38 [ 406.489979][T10714] [ 406.556888][T10718] netlink: 186 bytes leftover after parsing attributes in process `syz.4.1103'. [ 406.678257][ T5843] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 408.153596][ T5843] Bluetooth: hci4: unexpected event 0x1d length: 6 > 5 [ 408.391915][T10747] block nbd0: not configured, cannot reconfigure [ 412.322231][ T9264] smc: removing net device syz_tun with user defined pnetid ETHTOOL [ 412.746642][T10790] busy [ 414.391334][T10804] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1128'. [ 414.609908][T10798] net_ratelimit: 327 callbacks suppressed [ 414.609935][T10798] netlink: zone id is out of range [ 414.626581][T10803] Invalid ELF header magic: != ELF [ 414.647720][T10798] netlink: zone id is out of range [ 414.687291][T10798] netlink: zone id is out of range [ 414.692552][T10798] netlink: zone id is out of range [ 414.726082][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 414.736073][ T5842] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 414.744780][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 414.765986][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 414.793879][T10798] netlink: zone id is out of range [ 414.794360][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 414.799136][T10798] netlink: zone id is out of range [ 414.799152][T10798] netlink: zone id is out of range [ 414.799164][T10798] netlink: zone id is out of range [ 414.799175][T10798] netlink: zone id is out of range [ 414.799187][T10798] netlink: zone id is out of range [ 415.215909][T10813] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1130'. [ 415.381894][T10807] chnl_net:caif_netlink_parms(): no params data found [ 415.485944][ T5842] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 416.259386][T10807] bridge0: port 1(bridge_slave_0) entered blocking state [ 416.293401][T10807] bridge0: port 1(bridge_slave_0) entered disabled state [ 416.301309][T10807] bridge_slave_0: entered allmulticast mode [ 416.378586][T10807] bridge_slave_0: entered promiscuous mode [ 416.461187][T10807] bridge0: port 2(bridge_slave_1) entered blocking state [ 416.502675][T10807] bridge0: port 2(bridge_slave_1) entered disabled state [ 416.530188][T10807] bridge_slave_1: entered allmulticast mode [ 416.579087][T10807] bridge_slave_1: entered promiscuous mode [ 416.850747][T10807] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 416.876757][ T5842] Bluetooth: hci1: command tx timeout [ 416.907223][T10807] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 417.301051][T10807] team0: Port device team_slave_0 added [ 417.344771][T10807] team0: Port device team_slave_1 added [ 417.689478][T10837] netlink: 'syz.4.1135': attribute type 1 has an invalid length. [ 417.822105][T10807] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 417.862183][T10839] netlink: 'syz.6.1136': attribute type 11 has an invalid length. [ 417.870336][T10807] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 417.926444][T10807] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 417.966465][T10807] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 417.985308][T10807] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 418.060093][T10807] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 418.076415][T10845] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1138'. [ 418.264887][ T5842] Bluetooth: hci2: unexpected event 0x3e length: 508 > 260 [ 418.264933][ T5842] Bluetooth: hci2: unexpected subevent 0x02 length: 507 > 260 [ 418.281550][ T5842] Bluetooth: hci2: Dropping invalid advertising data [ 418.288727][ T5842] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 418.288786][ T5842] Bluetooth: hci2: Dropping invalid advertising data [ 418.305697][ T5842] Bluetooth: hci2: Malformed LE Event: 0x02 [ 418.604757][T10807] hsr_slave_0: entered promiscuous mode [ 418.619204][T10807] hsr_slave_1: entered promiscuous mode [ 418.626421][T10807] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 418.643543][T10807] Cannot create hsr debugfs directory [ 418.934192][ T5842] Bluetooth: hci1: command tx timeout [ 419.408015][T10866] netlink: 130 bytes leftover after parsing attributes in process `syz.4.1143'. [ 419.747049][ T7832] svc: failed to register nfsdv3 RPC service (errno 512). [ 419.783045][ T7832] svc: failed to register nfsaclv3 RPC service (errno 512). [ 419.869261][T10807] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 420.196038][T10807] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 420.448016][T10807] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 420.622763][ T5842] Bluetooth: hci3: unexpected event 0x1d length: 6 > 5 [ 420.687001][T10807] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 421.014023][ T5842] Bluetooth: hci1: command tx timeout [ 422.728925][T10807] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 423.077254][T10807] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 423.094493][ T5842] Bluetooth: hci1: command tx timeout [ 423.128872][T10807] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 423.382325][T10807] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 423.536382][T10884] netlink: 350 bytes leftover after parsing attributes in process `syz.6.1146'. [ 423.700705][T10807] 8021q: adding VLAN 0 to HW filter on device bond0 [ 423.801294][T10807] 8021q: adding VLAN 0 to HW filter on device team0 [ 423.836579][ T7789] bridge0: port 1(bridge_slave_0) entered blocking state [ 423.843806][ T7789] bridge0: port 1(bridge_slave_0) entered forwarding state [ 423.956862][ T7789] bridge0: port 2(bridge_slave_1) entered blocking state [ 423.964252][ T7789] bridge0: port 2(bridge_slave_1) entered forwarding state [ 424.025847][T10887] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1147'. [ 424.129584][T10887] bridge_slave_1: left allmulticast mode [ 424.145596][T10887] bridge_slave_1: left promiscuous mode [ 424.175165][T10887] bridge0: port 2(bridge_slave_1) entered disabled state [ 424.329194][T10887] bridge_slave_0: left allmulticast mode [ 424.344025][T10887] bridge_slave_0: left promiscuous mode [ 424.350030][T10887] bridge0: port 1(bridge_slave_0) entered disabled state [ 424.408283][T10890] Invalid ELF header magic: != ELF [ 424.717367][T10899] busy [ 425.418035][T10807] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 425.721874][T10900] Process accounting resumed [ 425.916364][T10923] netlink: 'syz.1.1153': attribute type 11 has an invalid length. [ 426.190746][T10807] veth0_vlan: entered promiscuous mode [ 426.267991][T10807] veth1_vlan: entered promiscuous mode [ 426.361378][T10807] veth0_macvtap: entered promiscuous mode [ 426.453329][T10807] veth1_macvtap: entered promiscuous mode [ 426.521271][T10807] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 426.553268][T10807] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.572307][T10807] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 426.603645][T10807] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.633873][T10807] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 426.653511][T10807] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.663386][T10807] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 426.686088][T10807] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.707714][T10807] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 426.737559][T10940] netlink: 'syz.1.1158': attribute type 11 has an invalid length. [ 426.745495][T10807] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.745526][T10807] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 426.745550][T10807] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.745574][T10807] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 426.745596][T10807] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.747754][T10807] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 426.827069][T10807] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 426.838748][T10807] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.848897][T10807] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 426.860481][T10807] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.870668][T10807] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 426.881477][T10807] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.892373][T10807] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 426.903173][T10807] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.913729][T10807] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 426.924775][T10807] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.935243][T10807] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 426.946893][T10807] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.957285][T10807] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 426.968180][T10807] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.995367][T10807] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 427.058931][T10807] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 427.082861][T10807] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 427.112497][T10807] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 427.131635][T10807] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 427.403716][T10945] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1159'. [ 427.530899][ T7793] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 427.553724][ T7793] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 427.716485][ T7783] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 427.751496][ T7783] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 427.882893][T10934] net_ratelimit: 327 callbacks suppressed [ 427.882949][T10934] netlink: zone id is out of range [ 427.919715][T10934] netlink: zone id is out of range [ 427.925599][T10934] netlink: zone id is out of range [ 427.930759][T10934] netlink: zone id is out of range [ 427.936904][T10934] netlink: zone id is out of range [ 427.942058][T10934] netlink: zone id is out of range [ 427.948454][T10934] netlink: zone id is out of range [ 427.955042][T10934] netlink: zone id is out of range [ 427.960366][T10934] netlink: zone id is out of range [ 427.967008][T10934] netlink: zone id is out of range [ 428.759080][T10972] Invalid ELF header magic: != ELF [ 429.408035][T10988] netlink: 'syz.7.1168': attribute type 11 has an invalid length. [ 429.498718][T10979] Invalid ELF header magic: != ELF [ 432.148281][T11018] ima: policy update failed [ 432.161013][ T30] audit: type=1802 audit(6039511333.749:3): pid=11018 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.1175" res=0 errno=0 [ 432.931030][ T5842] Bluetooth: hci2: unexpected event 0x1d length: 254 > 5 [ 438.310523][ T31] INFO: task syz.0.675:8643 blocked for more than 143 seconds. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 438.413569][ T31] Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 [ 438.421285][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 438.493601][T11079] kexec: Could not allocate control_code_buffer [ 438.544140][ T31] task:syz.0.675 state:D stack:27704 pid:8643 tgid:8642 ppid:5838 task_flags:0x400140 flags:0x00000004 [ 438.591473][ T31] Call Trace: [ 438.598568][ T31] [ 438.601572][ T31] __schedule+0x116f/0x5de0 [ 438.619937][ T31] ? save_trace+0x4e/0x380 [ 438.633038][ T31] ? __lock_acquire+0x5ca/0x1ba0 [ 438.670329][ T31] ? __pfx___schedule+0x10/0x10 [ 438.686557][ T31] ? find_held_lock+0x2b/0x80 [ 438.702195][ T31] ? schedule+0x2d7/0x3a0 [ 438.721822][ T31] schedule+0xe7/0x3a0 [ 438.742170][ T31] schedule_preempt_disabled+0x13/0x30 [ 438.761421][ T31] __mutex_lock+0x6c7/0xb90 [ 438.772720][ T31] ? nfsd_nl_version_set_doit+0xc4/0x7a0 [ 438.796553][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 438.811799][ T31] ? __nla_validate_parse+0x600/0x2880 [ 438.835068][ T31] ? __pfx___nla_validate_parse+0x10/0x10 [ 438.863631][ T31] ? nfsd_nl_version_set_doit+0xc4/0x7a0 [ 438.899323][ T31] nfsd_nl_version_set_doit+0xc4/0x7a0 [ 438.916719][ T31] ? __pfx_nfsd_nl_version_set_doit+0x10/0x10 [ 438.942529][ T31] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 438.967974][ T31] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 438.995887][ T31] genl_family_rcv_msg_doit+0x206/0x2f0 [ 439.012362][ T31] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 439.031341][ T31] ? rcu_is_watching+0x12/0xc0 [ 439.048129][ T31] ? bpf_lsm_capable+0x9/0x10 [ 439.093716][ T31] ? security_capable+0x7e/0x260 [ 439.098765][ T31] genl_rcv_msg+0x55c/0x800 [ 439.103336][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 439.212081][ T31] ? __pfx___dev_queue_xmit+0x10/0x10 [ 439.236799][ T31] ? __pfx_nfsd_nl_version_set_doit+0x10/0x10 [ 439.242966][ T31] ? __lock_acquire+0xaa4/0x1ba0 [ 439.267559][ T31] netlink_rcv_skb+0x16a/0x440 [ 439.272434][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 439.288152][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 439.322671][ T31] ? __pfx_down_read+0x10/0x10 [ 439.333590][ T31] ? netlink_deliver_tap+0x1ae/0xd30 [ 439.338986][ T31] genl_rcv+0x28/0x40 [ 439.343037][ T31] netlink_unicast+0x53a/0x7f0 [ 439.403509][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 439.409000][ T31] ? __lock_acquire+0xaa4/0x1ba0 [ 439.430580][ T31] netlink_sendmsg+0x8d1/0xdd0 [ 439.443816][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 439.449232][ T31] ____sys_sendmsg+0xa95/0xc70 [ 439.455094][ T31] ? copy_msghdr_from_user+0x10a/0x160 [ 439.460730][ T31] ? __pfx_____sys_sendmsg+0x10/0x10 [ 439.475124][ T31] ___sys_sendmsg+0x134/0x1d0 [ 439.479909][ T31] ? __pfx____sys_sendmsg+0x10/0x10 [ 439.486513][ T31] __sys_sendmsg+0x16d/0x220 [ 439.491953][ T31] ? __pfx___sys_sendmsg+0x10/0x10 [ 439.499631][ T31] ? __x64_sys_futex+0x1e0/0x4c0 [ 439.513507][ T31] ? rcu_is_watching+0x12/0xc0 [ 439.518398][ T31] do_syscall_64+0xcd/0x260 [ 439.522982][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 439.540652][ T31] RIP: 0033:0x7eff48f8d169 [ 439.554548][ T31] RSP: 002b:00007eff49e9c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 439.563097][ T31] RAX: ffffffffffffffda RBX: 00007eff491a5fa0 RCX: 00007eff48f8d169 [ 439.593617][ T31] RDX: 0000000000004010 RSI: 00002000000004c0 RDI: 0000000000000003 [ 439.601719][ T31] RBP: 00007eff4900e990 R08: 0000000000000000 R09: 0000000000000000 [ 439.643924][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 439.652372][ T31] R13: 0000000000000000 R14: 00007eff491a5fa0 R15: 00007ffcdf6fd4e8 [ 439.693512][ T31] [ 439.706199][ T31] [ 439.706199][ T31] Showing all locks held in the system: [ 439.769480][ T31] 1 lock held by ksoftirqd/1/23: [ 439.791699][ T31] 1 lock held by khungtaskd/31: [ 439.813465][ T31] #0: ffffffff8e3c15c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 439.845626][ T31] 1 lock held by syz-executor/5839: [ 439.850952][ T31] 2 locks held by getty/6042: [ 439.873622][ T31] #0: ffff88803624a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 439.903817][ T31] #1: ffffc90003bc32f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 439.933483][ T31] 3 locks held by kworker/u8:17/7791: [ 439.938929][ T31] #0: ffff88801c2f6148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 439.983894][ T31] #1: ffffc9000b5e7d18 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 440.023536][ T31] #2: ffffffff90118690 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xc9/0xb30 [ 440.033042][ T31] 2 locks held by syz.2.481/7832: [ 440.073843][ T31] #0: ffffffff901d05d0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 440.082268][ T31] #1: ffffffff8e7cdda8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x698/0xbf0 [ 440.143536][ T31] 2 locks held by syz.0.675/8643: [ 440.148976][ T31] #0: ffffffff901d05d0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 440.166179][ T31] #1: ffffffff8e7cdda8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_version_set_doit+0xc4/0x7a0 [ 440.211719][ T31] 2 locks held by syz.3.758/8996: [ 440.233502][ T31] #0: ffff8880633160e0 (&type->s_umount_key#50){+.+.}-{4:4}, at: deactivate_super+0xd6/0x100 [ 440.253556][ T31] #1: ffffffff8e7cdda8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 440.263326][ T31] 1 lock held by syz.4.1175/11020: [ 440.299222][ T31] #0: ffffffff8e3ccaf8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0 [ 440.311165][ T31] 1 lock held by syz.7.1193/11063: [ 440.316751][ T31] #0: ffffffff8e3cc9c0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x6e0 [ 440.327511][ T31] [ 440.331165][ T31] ============================================= [ 440.331165][ T31] [ 440.363518][ T31] NMI backtrace for cpu 1 [ 440.363543][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 440.363602][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 440.363629][ T31] Call Trace: [ 440.363644][ T31] [ 440.363660][ T31] dump_stack_lvl+0x116/0x1f0 [ 440.363729][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 440.363769][ T31] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 440.363837][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 440.363890][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 440.363944][ T31] watchdog+0xf70/0x12c0 [ 440.363983][ T31] ? __pfx_watchdog+0x10/0x10 [ 440.364011][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 440.364058][ T31] ? __kthread_parkme+0x19e/0x250 [ 440.364116][ T31] ? __pfx_watchdog+0x10/0x10 [ 440.364165][ T31] kthread+0x3c2/0x780 [ 440.364199][ T31] ? __pfx_kthread+0x10/0x10 [ 440.364229][ T31] ? __pfx_kthread+0x10/0x10 [ 440.364258][ T31] ? __pfx_kthread+0x10/0x10 [ 440.364288][ T31] ? __pfx_kthread+0x10/0x10 [ 440.364318][ T31] ? rcu_is_watching+0x12/0xc0 [ 440.364359][ T31] ? __pfx_kthread+0x10/0x10 [ 440.364394][ T31] ret_from_fork+0x45/0x80 [ 440.364426][ T31] ? __pfx_kthread+0x10/0x10 [ 440.364458][ T31] ret_from_fork_asm+0x1a/0x30 [ 440.364528][ T31] [ 440.364538][ T31] Sending NMI from CPU 1 to CPUs 0: [ 440.513333][ C0] NMI backtrace for cpu 0 [ 440.513365][ C0] CPU: 0 UID: 0 PID: 7783 Comm: kworker/u8:9 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 440.513398][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 440.513420][ C0] Workqueue: bat_events batadv_nc_worker [ 440.513459][ C0] RIP: 0010:check_preemption_disabled+0x2/0xe0 [ 440.513508][ C0] Code: 0f 65 8b 05 ac 6e 36 08 85 c0 74 04 90 0f 0b 90 e9 53 fc ff ff 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 54 <55> 53 48 83 ec 08 65 8b 1d 65 34 36 08 65 8b 05 5a 34 36 08 a9 ff [ 440.513536][ C0] RSP: 0018:ffffc9000b4cfa50 EFLAGS: 00000046 [ 440.513557][ C0] RAX: 0000000000000002 RBX: ffff88807cac5018 RCX: ffffc9000b4cfa6c [ 440.513577][ C0] RDX: 0000000000000002 RSI: ffffffff8dbc5f57 RDI: ffffffff8bf44f80 [ 440.513596][ C0] RBP: dffffc0000000000 R08: 0000000000000001 R09: fffff52001699f49 [ 440.513615][ C0] R10: 0000000000000003 R11: 0000000000000000 R12: ffffffff8b3d92f4 [ 440.513632][ C0] R13: 0000000000000202 R14: ffff888026663c00 R15: 0000000000000003 [ 440.513650][ C0] FS: 0000000000000000(0000) GS:ffff8881249b9000(0000) knlGS:0000000000000000 [ 440.513676][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 440.513696][ C0] CR2: 0000000000acf000 CR3: 0000000034720000 CR4: 00000000003526f0 [ 440.513715][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 440.513733][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 440.513751][ C0] Call Trace: [ 440.513760][ C0] [ 440.513770][ C0] ? batadv_nc_purge_paths+0x1d4/0x3a0 [ 440.513805][ C0] lock_release+0x153/0x2f0 [ 440.513829][ C0] ? __pfx_batadv_nc_to_purge_nc_path_coding+0x10/0x10 [ 440.513882][ C0] _raw_spin_unlock_bh+0x16/0x30 [ 440.513915][ C0] batadv_nc_purge_paths+0x1d4/0x3a0 [ 440.513950][ C0] batadv_nc_worker+0x921/0x1030 [ 440.513982][ C0] ? try_to_wake_up+0x157/0x1680 [ 440.514014][ C0] ? __pfx_batadv_nc_worker+0x10/0x10 [ 440.514051][ C0] ? rcu_is_watching+0x12/0xc0 [ 440.514085][ C0] process_one_work+0x9cc/0x1b70 [ 440.514119][ C0] ? __pfx_process_one_work+0x10/0x10 [ 440.514151][ C0] ? assign_work+0x1a0/0x250 [ 440.514178][ C0] worker_thread+0x6c8/0xf10 [ 440.514212][ C0] ? __pfx_worker_thread+0x10/0x10 [ 440.514240][ C0] kthread+0x3c2/0x780 [ 440.514265][ C0] ? __pfx_kthread+0x10/0x10 [ 440.514287][ C0] ? __pfx_kthread+0x10/0x10 [ 440.514317][ C0] ? __pfx_kthread+0x10/0x10 [ 440.514341][ C0] ? __pfx_kthread+0x10/0x10 [ 440.514363][ C0] ? rcu_is_watching+0x12/0xc0 [ 440.514393][ C0] ? __pfx_kthread+0x10/0x10 [ 440.514417][ C0] ret_from_fork+0x45/0x80 [ 440.514443][ C0] ? __pfx_kthread+0x10/0x10 [ 440.514466][ C0] ret_from_fork_asm+0x1a/0x30 [ 440.514513][ C0] [ 440.522173][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 440.522201][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 440.522246][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 440.522267][ T31] Call Trace: [ 440.522280][ T31] [ 440.522293][ T31] dump_stack_lvl+0x3d/0x1f0 [ 440.522349][ T31] panic+0x71c/0x800 [ 440.522381][ T31] ? __pfx_panic+0x10/0x10 [ 440.522412][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 440.522455][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 440.522491][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 440.522530][ T31] ? watchdog+0xdda/0x12c0 [ 440.522564][ T31] ? watchdog+0xdcd/0x12c0 [ 440.522604][ T31] watchdog+0xdeb/0x12c0 [ 440.522647][ T31] ? __pfx_watchdog+0x10/0x10 [ 440.522679][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 440.522731][ T31] ? __kthread_parkme+0x19e/0x250 [ 440.522785][ T31] ? __pfx_watchdog+0x10/0x10 [ 440.522820][ T31] kthread+0x3c2/0x780 [ 440.522864][ T31] ? __pfx_kthread+0x10/0x10 [ 440.522896][ T31] ? __pfx_kthread+0x10/0x10 [ 440.522930][ T31] ? __pfx_kthread+0x10/0x10 [ 440.522962][ T31] ? __pfx_kthread+0x10/0x10 [ 440.522996][ T31] ? rcu_is_watching+0x12/0xc0 [ 440.523045][ T31] ? __pfx_kthread+0x10/0x10 [ 440.523082][ T31] ret_from_fork+0x45/0x80 [ 440.523118][ T31] ? __pfx_kthread+0x10/0x10 [ 440.523154][ T31] ret_from_fork_asm+0x1a/0x30 [ 440.523229][ T31] [ 440.930005][ T31] Kernel Offset: disabled [ 440.934337][ T31] Rebooting in 86400 seconds..