last executing test programs: 2m31.285324778s ago: executing program 1 (id=283): socket(0x23, 0x80805, 0x9) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) open(&(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00', 0x371c40, 0xb5d1af1605322cf4) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000140)='/dev/usbmon5\x00', 0xbf96d92055073b40, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) getgid() mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x40802, 0x0) (async) socket(0x2, 0x6, 0x0) (async) memfd_create$auto(0x0, 0xe) (async) socket(0x2, 0x1, 0x106) socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/security/tomoyo/exception_policy\x00', 0x2, 0x0) (async) socket(0x10, 0x3, 0x6) (async) socket(0xa, 0x1, 0x84) (async) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptywa\x00', 0x400, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/card0/pcm0c/sub2/status\x00', 0x100d02, 0x0) (async) socketpair$auto(0x1e, 0x1, 0x9, 0x0) (async) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0xa042, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) (async) socket(0x10, 0x2, 0x0) (async) syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000100), 0xffffffffffffffff) (async) mmap$auto(0x0, 0x400008, 0xe0, 0x9b72, r0, 0x8000) 2m30.966654467s ago: executing program 1 (id=285): mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0xc80, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x2c, 0x940, 0x7ff, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x4, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, [0x0, 0x7eb6, 0x40000, 0x0, 0x9, 0x8, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x800, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffe, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x1fe, 0x7) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) pipe$auto(&(0x7f0000000780)=0xffffffffffffffff) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x1f, 0x7181, 0x1ffdf, 0x7, 0x4, 0x9, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x4, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84, [0x3, 0x4, 0x0, 0x2, 0x0, 0x2000, 0x0, 0xe, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x4000, 0x0, 0x6, 0x0, 0xbffffffffffbfffd, 0x0, 0x1, 0x5, 0x7, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x400000000005b8, 0x14ee, 0x0, 0x0, 0x0, 0x6, 0xffffffffffffffff, 0x88e, 0x3, 0xfffffffffffffffe, 0x9, 0xa38, 0x0, 0x3, 0xfffffffffffffffc, 0x2, 0x1, 0x3]}, 0x1fe, 0xd) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PHY_GET(0xffffffffffffffff, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010326bd7000ffdbdf252d"], 0x20}, 0x1, 0x0, 0x0, 0x2404c012}, 0x80) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) splice$auto(r0, 0x0, 0xffffffffffffffff, &(0x7f0000002100)=0x1, 0x768, 0x9) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x41555856, 0x4, 0x2008, 0x0, 0x0) sysfs$auto(0x0, 0xfffffffffffffffe, 0x9) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r4, 0x560a, 0x7) 2m30.804314543s ago: executing program 1 (id=286): r0 = getsockopt$auto_SO_NO_CHECK(0xffffffffffffffff, 0x10, 0xb, &(0x7f0000000000)='&\x00', &(0x7f0000000040)=0x6d1a) read$auto(r0, &(0x7f0000000080)='*@@@-\'+\x00', 0x5) setresuid$auto(0x1ffffffffffff, 0x0, 0x80080008080) 2m30.531799908s ago: executing program 1 (id=288): socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) lsm_list_modules$auto(0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) read$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffffff, 0x0, 0x0) pwrite64$auto(0xffffffffffffffff, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x89\x06s\x1cJ\x99\x00:\x00!\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x10, 0x6) openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x5400, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$auto_TIOCSTI2(r1, 0x5412, &(0x7f0000000840)) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/bus/usb/drivers/usbtouchscreen/new_id\x00', 0xbce02, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000bc0), r0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_SNDRV_PCM_IOCTL_SW_PARAMS(0xffffffffffffffff, 0xc0884113, &(0x7f00000001c0)={0x3, 0x74, 0x4, 0x7, 0xef6, 0x8, 0x9, 0x100000000, 0x6, 0x10, 0x3, 0x80000000, "9f7bf5a24c47f4f1b544994579534800e7856635fb9aaaac891b7657e0c126770629398d68943510989de9c58d1c5e518aac04971af9d3d0"}) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x40080, 0x0) close_range$auto(0x2, 0x8, 0xb) socket(0x80000000000000a, 0x2, 0x0) socket(0x2, 0x801, 0x84) 2m29.387718044s ago: executing program 1 (id=290): r0 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1p\x00', 0x391001, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_PVERSION(r0, 0x80044100, &(0x7f0000000040)=0x2da) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0xd, 0x0) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto(r1, 0x8, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) 2m29.157643287s ago: executing program 1 (id=292): r0 = socket$nl_generic(0x10, 0x3, 0x10) recvfrom$auto(r0, 0x0, 0xe, 0x5, 0x0, 0x0) ioprio_set$auto(0x6, 0x0, 0x8) statmount$auto(0x0, &(0x7f0000000180)={0x1, 0x1, 0x1000009, 0x3, 0x22, 0x940, 0x9ffde, 0x5, 0x6, 0x3ff, 0x9, 0x7, 0xfff, 0x6, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x6, 0xffffffff, 0x0, 0x4000003, 0x80, 0x0, [0xac, 0x5, 0x200000000, 0x3ff, 0x0, 0x500, 0xfffffffffffffffd, 0x8, 0x3, 0x0, 0xc72, 0x7ffffffffffffffd, 0x2, 0x1, 0x0, 0x0, 0x40000000004, 0x5, 0x1000000800, 0x0, 0x0, 0x0, 0x9, 0x10000040000000, 0xcea, 0x0, 0xfffffffffffffffc, 0x800000, 0xfffffffffffffffa, 0x4, 0xffffffffffffffff, 0x2, 0x3, 0xfffffffffffbfffd, 0x0, 0xb548, 0x9, 0x0, 0xfffffffffffffff9, 0x0, 0x6c1a, 0x1, 0xa1, 0x9f, 0x0, 0x3]}, 0x200, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) syz_genetlink_get_family_id$auto_psample(&(0x7f0000000040), r0) socketpair$auto(0x1a, 0x10000001, 0x9, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x222b02, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket(0xa, 0x1, 0x84) getsockopt$auto(r0, 0x84, 0x6c, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x640, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0) r3 = epoll_create$auto(0x3e) epoll_ctl$auto(r3, 0x1, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/014/001\x00', 0x80000, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1p\x00', 0x80, 0x0) r4 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(r4, 0x400454ca, 0x38) 2m14.051026493s ago: executing program 32 (id=292): r0 = socket$nl_generic(0x10, 0x3, 0x10) recvfrom$auto(r0, 0x0, 0xe, 0x5, 0x0, 0x0) ioprio_set$auto(0x6, 0x0, 0x8) statmount$auto(0x0, &(0x7f0000000180)={0x1, 0x1, 0x1000009, 0x3, 0x22, 0x940, 0x9ffde, 0x5, 0x6, 0x3ff, 0x9, 0x7, 0xfff, 0x6, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x6, 0xffffffff, 0x0, 0x4000003, 0x80, 0x0, [0xac, 0x5, 0x200000000, 0x3ff, 0x0, 0x500, 0xfffffffffffffffd, 0x8, 0x3, 0x0, 0xc72, 0x7ffffffffffffffd, 0x2, 0x1, 0x0, 0x0, 0x40000000004, 0x5, 0x1000000800, 0x0, 0x0, 0x0, 0x9, 0x10000040000000, 0xcea, 0x0, 0xfffffffffffffffc, 0x800000, 0xfffffffffffffffa, 0x4, 0xffffffffffffffff, 0x2, 0x3, 0xfffffffffffbfffd, 0x0, 0xb548, 0x9, 0x0, 0xfffffffffffffff9, 0x0, 0x6c1a, 0x1, 0xa1, 0x9f, 0x0, 0x3]}, 0x200, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) syz_genetlink_get_family_id$auto_psample(&(0x7f0000000040), r0) socketpair$auto(0x1a, 0x10000001, 0x9, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x222b02, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket(0xa, 0x1, 0x84) getsockopt$auto(r0, 0x84, 0x6c, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x640, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0) r3 = epoll_create$auto(0x3e) epoll_ctl$auto(r3, 0x1, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/014/001\x00', 0x80000, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1p\x00', 0x80, 0x0) r4 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(r4, 0x400454ca, 0x38) 36.748080909s ago: executing program 3 (id=609): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) (async) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_DISASSOCIATE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\b\x00\x00', @ANYRES16=r0, @ANYBLOB="00012bbd7000fddbdf252800000005003e000800000031004801a289c1c1f3026f75a4d3a66a76f9f65578159c8a96f55e156e69b5114d651d9ec494a3d7791ee432bb9c"], 0x60}, 0x1, 0x0, 0x0, 0x54}, 0x1) r1 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) (async) io_uring_setup$auto(0x81c5, 0x0) (async) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) (async) getsockopt$auto(r1, 0x84, 0x1b, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) (async) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth0\x00'}) r3 = socket(0x18, 0x5, 0x1) connect$auto(r3, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) (async) r4 = socket(0x2, 0x1, 0x0) sendmmsg$auto(r4, 0x0, 0x5, 0x20000000) (async) socket(0x2, 0x801, 0x100) connect$auto(0x3, &(0x7f00000000c0), 0x55) (async) close_range$auto(0x2, 0x8, 0x0) write$auto(0x3, 0x0, 0xfffffdef) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) (async) r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) (async) write$auto(0x3, 0x0, 0x100082) (async) ioctl$auto_SNDCTL_DSP_SETFMT(r5, 0xc0045005, &(0x7f0000000040)) 34.066862386s ago: executing program 3 (id=615): brk$auto(0x7fffffffafff) r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/nr12/address\x00', 0x101800, 0x0) mkdir$auto(&(0x7f0000000080)='./file0\x00', 0x7e) mmap$auto(0x9, 0xa49, 0x80000008000, 0xfffffffffffffff9, 0xffffffffffffffff, 0x1578da4a80000002) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) fadvise64$auto_POSIX_FADV_NOREUSE(r1, 0x8000000000000001, 0x3, 0x5) write$auto(r0, 0x0, 0x100082) mmap$auto(0x1000, 0x460e9, 0x3, 0x11, 0xffffffffffffffff, 0xd) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/timer_source\x00', 0x189001, 0x0) write$auto(r2, 0x0, 0x8) close_range$auto(0xffffffffffffffff, 0x8, 0x5) mmap$auto(0x5, 0x5, 0x8, 0x13, r1, 0x0) openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, 0x0, 0x28400, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x10000000000000a, 0x40000000000eb0, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x9, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) fcntl$auto(0x8000000000000001, 0xbe6a, 0x8) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) readv$auto(0x3, &(0x7f0000000600)={&(0x7f00000001c0), 0x4}, 0x1da) signalfd4$auto(r0, 0x0, 0x8, 0x0) prctl$auto(0x2, 0x8, 0x4, 0xfff, 0x6) madvise$auto(0x0, 0xffffffffffff0001, 0x15) select$auto(0x804, 0x0, &(0x7f0000000180)={[0x9, 0x0, 0x9, 0x80000300, 0xf, 0x42, 0x2, 0x9893, 0x81, 0x10000005e58296b, 0x1e, 0x9, 0x1, 0x200, 0x20000000008, 0x32ca65a8]}, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlock$auto(0x8001, 0xb) 30.714021905s ago: executing program 3 (id=623): mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) unshare$auto(0x40000080) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000300)=ANY=[@ANYBLOB="0601000058f2fb2bdd36b99d6abcd958836b640495d6fbaf9cb4ba6c299bf16643050000003925f1a900000000000000000000000000a12b94e073bbeacea90a9b46c61e678f1b197fa11c73768663ac85cb95e9207f00f41811898c6b9277fc75f3a32d0112cf4da1946f03703b050037218e0450a427e7d8c950846df87d1602919718e53f79e3922ef8300a3b84477d1f39c0d9d4e737442a07834a9785346facaed972f00046ba73543e63e21b482dbd0a35fba42d1741ef6022892133e07061d2865d45c020e6f2faa25ee0407c4387b4685cf56743474bab9ec5e81669983e0c22a7a51c0c2e3f033ae33584b4e7ab7b7c34cde7cf52bacf86fb5c5f1f2b7bde85071bb0428b03ce95314c69c54ca0546c400ea92b510f494045770ca04d8a4f6b22781672", @ANYBLOB="b17798d21fd7773d105bf7686b1c", @ANYRES32=r0, @ANYRES32=r4, @ANYRESDEC=r1], 0x24}, 0x1, 0x0, 0x0, 0x4004000}, 0x140040e4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mmap$auto_def_blk_fops_fs(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x5, 0x12, r0, 0x7) personality$auto(0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TUNSETOFFLOAD2(r0, 0x400454d0, &(0x7f0000000000)=0x6) socket(0x1e, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2000000080000001, 0x3) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x200000, 0x200006, 0x1, 0x40eb1, 0x602, 0xb00000000000) socket(0x28, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r5 = socket(0x2, 0x2, 0x1) r6 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1f, r5, 0x10000}, 0x10) mmap$auto(0x0, 0x2009, 0xffffffff, 0x8000200008011, r6, 0x8000) mmap$auto(0x0, 0x7ff, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x0) pipe2$auto(0x0, 0x80) 26.832482949s ago: executing program 3 (id=632): r0 = getsockopt$auto_SO_PREFER_BUSY_POLL(0xffffffffffffffff, 0xf, 0x45, &(0x7f0000000000)='!){@(!\x00', &(0x7f0000000040)=0xa6) mmap$auto(0x5, 0x400008, 0xdf, 0x411, r0, 0x0) write$auto(0x1, 0x0, 0x80000000) r1 = epoll_create$auto(0x3e) epoll_ctl$auto(r1, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0x8, 0x9b72, 0x2, 0x8000) 26.40784437s ago: executing program 3 (id=633): mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) (async) close_range$auto(0x2, 0xa, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x2, 0x88) (async) r0 = socket(0xa, 0x2, 0x88) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'gretap0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r2, r1, 0x4, 0x8, r0, @relative_id=0x13, 0xe5fc}, 0xf) (async) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r2, r1, 0x4, 0x8, r0, @relative_id=0x13, 0xe5fc}, 0xf) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) keyctl$auto(0x4, 0xfffffffe, 0x6, 0xffffffffffffffff, 0xe) memfd_create$auto(0x0, 0x9) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r4) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000002b40)={0x28, r5, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@HWSIM_ATTR_PMSR_SUPPORT={0x14, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_TYPE_CAPA={0x10, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_MAX_BURSTS_EXPONENT={0x5, 0x7, 0x4}]}]}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008040}, 0x4000800) syz_genetlink_get_family_id$auto_taskstats(0x0, r3) mmap$auto(0xfffffffffffffffc, 0x4020005, 0x1, 0xeb1, 0x401, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x17d001, 0x0) stat$auto(&(0x7f0000000080)='./file0\x00', 0x0) openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x88600, 0x0) (async) r6 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x88600, 0x0) ioctl$auto_UBI_IOCATT(r6, 0x40186f40, 0x0) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/usb/usbmon/33t\x00', 0x187000, 0x0) (async) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/usb/usbmon/33t\x00', 0x187000, 0x0) bpf$auto(0x4, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc) (async) bpf$auto(0x4, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc) 24.354992938s ago: executing program 3 (id=639): mknod$auto(&(0x7f0000000000)='}[,&*}\x00', 0x1, 0x4) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) bind$auto(r0, &(0x7f0000000200)=@sco={0x1f, @none}, 0xfffffffd) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) r1 = openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, &(0x7f0000000040), 0x12a382, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vkms/graphics/fb0/modes\x00', 0x129102, 0x0) mmap$auto(0x400000000004, 0x8, 0x5, 0x9b72, 0x2, 0x8000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7114}, 0x8) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000001300)={'batadv_slave_0\x00'}) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x80000000}, 0x5, 0xffffffffffffffff, 0x7, 0x2e) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r2) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000001c80)={0x0}, 0x1, 0x0, 0x0, 0x9dfefc5e47f5c72f}, 0x40c1050) write$auto_split_huge_pages_fops_huge_memory(r1, &(0x7f0000000100)='1', 0x1) close_range$auto(0x2, 0x8, 0x0) munmap$auto(0x5, 0x9) migrate_pages$auto(0x0, 0x8, 0x0, &(0x7f00000001c0)=0x7b) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/adsp1\x00', 0xc0442, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r3, 0xc0045006, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x6ae}, 0x7) semctl$auto_SETALL(0xffffffff, 0x7, 0x11, 0x1ff) ioctl$auto_TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)=0x4) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x6d2fc1, 0x0) link$auto(&(0x7f00000000c0)='}[,&*}\x00\xa2\xbd\xac\x1b\xa6\xee+\xbb\xddh\xf9Bb\xee.\x06nt\xf6`\xa5\xfaJ\x01\xfb\xff87\x830^\x8c\xf8\xa7\xbcXs\x06w\x7f}g\xa1\xccBV\xb4\x84\x15\x97;eO\xebKV\xe8\x11\x1b&\x96f\x9b.\xb1J\x81\t\x98\x92\xc4\xfb\xf0]f\x18\x1b\xabCK<\xf0\xfcI\xc3*\x96\x8cHvh\x06L\xfdC\xc2\x01\xaf6dA\xd6\x8d7\n\xc7y\xbbV\x13\xb8\a\xe9\xba7w\xd5v\x1d\x95\xcer\xaap\xa0\x7f\x9f\x02\xc3]\xf4\xe89\x86S\xfb\xc1\x03OZ\'7\f\xcc>\xf8\xa9\xa8\xc8\x02\xc4\xc1\xe0\r\xd7\xc2(\x18w\xc9\x85\b\xd7\xef\xbbg\x96\xe5\xdc/\xa5V\x90#\v\xbd\xe8}\x1d\\}\x8f\x16w1\x00n\xd1\xa7\xd1s\x19d\xff)g', &(0x7f0000000080)='#\x00') 10.154944041s ago: executing program 0 (id=674): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) write$auto(0x4, 0x0, 0x100082) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) r0 = geteuid() keyctl$auto(0x200000000000020, r0, r0, 0x5, 0x3ff) setresuid$auto(0x2, r0, 0x8080) r1 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) setresuid$auto(0xffffffffffffffff, 0x8, 0xffffffff) name_to_handle_at$auto(r1, &(0x7f0000000000)='@*#\xb3\x00', 0x0, 0x0, 0x200) setreuid$auto(0x0, r0) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x110c234000, 0x1, 0x9) 9.436453061s ago: executing program 0 (id=675): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0580, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(0x3, 0xc208ae62, 0x38) 9.279709728s ago: executing program 33 (id=639): mknod$auto(&(0x7f0000000000)='}[,&*}\x00', 0x1, 0x4) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) bind$auto(r0, &(0x7f0000000200)=@sco={0x1f, @none}, 0xfffffffd) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) r1 = openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, &(0x7f0000000040), 0x12a382, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vkms/graphics/fb0/modes\x00', 0x129102, 0x0) mmap$auto(0x400000000004, 0x8, 0x5, 0x9b72, 0x2, 0x8000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7114}, 0x8) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000001300)={'batadv_slave_0\x00'}) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x80000000}, 0x5, 0xffffffffffffffff, 0x7, 0x2e) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r2) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000001c80)={0x0}, 0x1, 0x0, 0x0, 0x9dfefc5e47f5c72f}, 0x40c1050) write$auto_split_huge_pages_fops_huge_memory(r1, &(0x7f0000000100)='1', 0x1) close_range$auto(0x2, 0x8, 0x0) munmap$auto(0x5, 0x9) migrate_pages$auto(0x0, 0x8, 0x0, &(0x7f00000001c0)=0x7b) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/adsp1\x00', 0xc0442, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r3, 0xc0045006, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x6ae}, 0x7) semctl$auto_SETALL(0xffffffff, 0x7, 0x11, 0x1ff) ioctl$auto_TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)=0x4) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x6d2fc1, 0x0) link$auto(&(0x7f00000000c0)='}[,&*}\x00\xa2\xbd\xac\x1b\xa6\xee+\xbb\xddh\xf9Bb\xee.\x06nt\xf6`\xa5\xfaJ\x01\xfb\xff87\x830^\x8c\xf8\xa7\xbcXs\x06w\x7f}g\xa1\xccBV\xb4\x84\x15\x97;eO\xebKV\xe8\x11\x1b&\x96f\x9b.\xb1J\x81\t\x98\x92\xc4\xfb\xf0]f\x18\x1b\xabCK<\xf0\xfcI\xc3*\x96\x8cHvh\x06L\xfdC\xc2\x01\xaf6dA\xd6\x8d7\n\xc7y\xbbV\x13\xb8\a\xe9\xba7w\xd5v\x1d\x95\xcer\xaap\xa0\x7f\x9f\x02\xc3]\xf4\xe89\x86S\xfb\xc1\x03OZ\'7\f\xcc>\xf8\xa9\xa8\xc8\x02\xc4\xc1\xe0\r\xd7\xc2(\x18w\xc9\x85\b\xd7\xef\xbbg\x96\xe5\xdc/\xa5V\x90#\v\xbd\xe8}\x1d\\}\x8f\x16w1\x00n\xd1\xa7\xd1s\x19d\xff)g', &(0x7f0000000080)='#\x00') 8.475790538s ago: executing program 0 (id=680): r0 = socketcall$auto_SYS_SOCKET(0x1, &(0x7f0000000000)=0x4) r1 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_DEV_DOWN(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x10c, r1, 0x8, 0x70bd2c, 0x25dfdbff, {}, [@NFC_ATTR_SE_APDU={0xf8, 0x19, "5a8472dcc5a84ff066bd97a526b99ff0796ebe61b60d4f9f0db7cd0938a5235e899e413cbf1353fab39c379a525ba04a38ed58f7b011eec2aa911b74fe2830163b22110930a8df2146f962aeab582592f2f66e46a18ae567e4167b1d50b0769e80ad02a43430dff71bd1d2a30602eb0d703efb9b0dc9b56e05d920098abe304c15d5643dd022dcfddc27c8cf70ec3021d1488fc22ada72dfddc2dae5d1bdb32781e7900cc20546eaa94922d2169ba601229213e09b499d0ed1cb0d1cd77708ff973313deaefaf96f606de0278a710a05f5664a1280838de58309487580957f26037f6947b823c310cc6bf61f271e88ac1d0ae6d5"}]}, 0x10c}, 0x1, 0x0, 0x0, 0x40000}, 0x55) (async) r2 = syz_genetlink_get_family_id$auto_thermal(&(0x7f00000002c0), r0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, r2, 0x100, 0x70bd2a, 0x25dfdbfe, {}, [@THERMAL_GENL_ATTR_CPU_CAPABILITY_ID={0x8, 0x15, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x804) (async) read$auto_show_traces_fops_trace(r0, &(0x7f00000003c0)=""/223, 0xdf) (async) setsockopt$auto_SO_MARK(r0, 0x8, 0x24, &(0x7f00000004c0)='-\xdf+\x00', 0x1ff) sysfs$auto(0x80, 0x101, 0x0) r3 = prctl$auto_PR_PAC_GET_ENABLED_KEYS(0x3d, 0x6, 0x0, 0x3, 0x4) newfstatat$auto(r0, &(0x7f0000000540)='./file0\x00', &(0x7f0000000580)={0xffffffffffffffff, 0x6, 0x1, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0xd14, 0x0, 0x1, 0x1, 0xea, 0xe, 0x0, 0x8, 0x2, 0x402}, 0x5) (async) ioctl$auto_XFS_IOC_SWAPEXT(r0, 0xc0c0586d, &(0x7f0000000640)={0x3, @inferred=r0, @inferred=r0, 0x8, 0x9, '\x00', {0x3, 0x3, 0xfffd, 0x0, 0x0, 0x6ea083bc, 0x4c, 0xf639, {0xffff, 0x210}, {0x5, 0xd}, {0x7fffffffffffffff, 0x4}, 0xe, 0x1ff, 0xffff, 0xfffff204, 0x6, 0x5, 0xde, 0xd, 0x8, 0x7, '\x00', 0x5946, 0x9, 0x3, 0xfeb}}) newfstatat$auto(r3, &(0x7f0000000500)='./file0\x00', &(0x7f0000000700)={0x100000000, 0x2, 0x2, 0xd, r4, r7, 0x0, 0xd68, 0x7ff, 0x4, 0x5, 0x3b6, 0x5, 0x8, 0x8, 0x7ff}, 0x4) (async) prctl$auto_PR_SET_ENDIAN(0x14, 0x6, 0xffffffffffffffff, 0x7, 0xff) (async) sysfs$auto(0x1, 0x0, 0x7ff) clock_nanosleep$auto(0xffff0001, 0x4, &(0x7f00000007c0)={0x9, 0xfffffffffffffffd}, &(0x7f0000000800)={0x7, 0x401}) r9 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000840)='/dev/sequencer\x00', 0x2, 0x0) ioctl$auto_SNDCTL_TMR_CONTINUE(r9, 0x5404, &(0x7f0000000880)="539a9cb08346d8c56a5d5f715fd0356b7266168b40cbfe57fbc9def526c556670006e3a6784be7290684d1ef40a2fabe4d4fed84b7d4ffa835c3c3e25b16b9b5e391234ebb3d108d22bd592563550aaf23beb654fbd0a5e304f513ed7d0caaba8d82163e13e4af1ad974f7d612d142aa183e7e120175a4f8bec003b354fba330ee24d83e5339328e55f73e871226c3c4bbc38229d1ebc28e6d26c764d43c6d3e10e9eb81775100c3367f71564898674aaa8461dde899ca98dce7e63fda03b2270bf48f3c") r10 = openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000980), 0xa2242, 0x0) bpf$auto(0x6, &(0x7f00000009c0)=@bpf_attr_0={0xd867, 0x7, 0x7, 0x8, 0x6, r6, 0xe98f, "7c9a3bf4e63e35fc645947d9fa5910c5", 0x0, r10, 0x100, 0x1, 0x4, 0x6c3, r5, r6}, 0x0) sysfs$auto(0x2, 0x8, 0x1) (async) r12 = set_tid_address$auto(&(0x7f0000000a80)=0x81) syz_open_procfs$namespace(r12, &(0x7f0000000ac0)='ns/mnt\x00') (async) sysfs$auto(0x5, 0x3, 0x1) userfaultfd$auto(0x0) (async) shmctl$auto_SHM_STAT(0xffff9d6d, 0xd, &(0x7f0000000bc0)={{0xfffffffe, r8, r7, 0x2, 0x3, 0x4, 0xda}, 0x6, 0x2, 0x8000000000000000, 0x7, @inferred=r12, @raw=0xe70, 0x9, 0x0, &(0x7f0000000b00)="eb361851ec9d4eb3c957d7b0ef958d4c91c0f809880cc0eaf8bb0408b758", &(0x7f0000000b40)="54ce000956933d2b53493df58f0fe266d8200916a2939759e09e291630991b519583ed646d185ef38d1488c2f2820c8d0c78ce8fcacf008c9a9a4931b5fbf7882da6644da1ed140082060589041cb8598e95cde17a0da8a4cc2cc1f8963d4bb2"}) (async) io_uring_enter$auto(r11, 0xfe, 0xcc, 0x3ff, &(0x7f0000000c40)="117299c278026698c48462962ed615a1d51600afb35da4f1ebe3612f17f51e6d8d22681a0264b840a401116f0d7a1854df22d1d5502bf84ebf5bc70a8790607079b29be98119b9c354a7f7e04dced593282eaea0afb0f28f23d7af798d1d9c5870bad6ed1b45ca1e470bdd3755db106896bb792ed437194ca63ebef0c99940749db48745a62d17776eccf51b7306e6c89790345b40d682b638a7ab5ac5a173b7a86824899fa14aa787089abd2abaa53a0be41cf91c11aa227027507ca931b809f166c0a88924e0c63abc5b91f14da0245bc88f386eeab53297e401549f37a24d25eeb04ab279fc97556ad50c0d9c96c7cb45d579d7e0537801d40137f6284681e45f572d4656757fba78a550b570559641ae9040fdb41a0f3ddc28ae1a1cf144582b4f4259002d08d5ee53d9246197f31f5af2a9fb3bd5b3d7e88f5398d82d15ab8fcf1c061ab5c0401bad2cdb4bbe40e6ec70603e8cbb80ccc57178ea3f812ddd83e63a9fbd97e0dd667198ed401d3daa4ca956f6420f5737e007860dfea3f3bb5a0a2f832a38b510fd7253ac0a24ce3747e268ccdb2cc830c6089d2e427351f40e6df98c418d329e4d5f8c89df0144a2140d1754fab2d6146815dd6548a5db525dd0ba48d0db01f92116e60af5c37802faefcc68741c9bca4273b4e208aef5f35bd1e5cbac16087bd5da9063829d7b6d2e0452dd49d3dd357e8106a529ee2c4ab8aa439136d4e08d8996f4ba03b552f9b3ee22fc46e2101903aa5b4cadf9833ca6fc312e12b59c1643652ccbd27680da260dc95001a4fa3597e7e9176f133acfb4ce3a36c39d4c31401b5e38bb612d63efc3343d358d754bf75a59a866c5d0b280afe862a5247f042e5ca04e00e05743de33999744af82c33e95888d0caeaa601266acbbae82b35848501500265282158c305b5a7b78f711d808f9e30c7b9e80d2306481859e806f28a7566c04d69b80a2af1da97ed0b10a4dc7edaa263771ff7902295c1e18f9e1f29f6ab975b13b96cc8ba5f2621c8240b811e07f4a69602d8a3f95f980eb8a68bf5de7bac8d1458527b711bc4d634eb0272f9f31d73946e392b8a4f427f15ae5d03cabc14b63fa1066b2c7553b584508dd053f26720da7b9b95b7846dc0c1ccc75959ba9edd1544bcbde6a1ce3444c81179705646e1f9b6e8b71bf434d98fa640aa3f586ad36df7fa52da51b8a3b9e21337811867f3c458cba1d0a8bb2b447eef0470fcafefc067f43c0ac9d7cb4625b2ddc76bc4045398393218c99c54c85711617bae925ffcd0552bc61e791625a9be79ce9ed2d3cfe12e4a93676103cb813be05e345a24d628bf0326ff13d066b46e1a09295ed31b31f66dd4eda405fad177be6b42dc864e2bea9cff96b6c754fdae879ac695d696c96a1fb0fcf2b172d80b20bbeeaa418a1a810f20c7125481c51705d8b2a2e1ac554f32143534980019c10b4b97f321cdb5af1aa0c9ea6fe06c2faaea2f46626b657e021fa98303d52661ec31035e9eb0fa1a886c4ec6278d75e402977a457e2c5b01db1aa1733ecc0215ba7fb8702e98dca73de4e08162ace78e611491e74d9819829e8bedcef6ac828b72832153cd236f87bdd1a516dc2ce4b984c94bcc38138ad7b75efbf5218caa5c15aa84933c01f60905d728e3ec0811c59002e2afd5fcf81d38df22584de939ab646d5a44e5b9fedd619e66c038687b06d18ae490a7300e23ad9951515bc0a99a381ee92754475925200749389c322ebad0373c0dc72c4f424558ba8ed20ce982afd79d3bbe07ef9c6fd568b4722290688acefcb66429974d975749210a6b744f8c6c98f00ca9a670310cac223fa8a4f63fd5fdfb6a41b545d1a062bb79fe0f962656817a5a2bd82e385135db5b37d0b78fe435a9f4a1899e13e7f45d8ede097bc28e440759d67ed672f6ef87a829ce851fbd8d2c148cd208317d276fa71109fb591d394816feae84af13dfa343572a62ef74ea522e38bf054f423f75d8a8f43e033f5818e18cd048ce691d2049f9ae23dc6be1668cf2faad14fa1bf2738248cc04e87dc61dcdf75af79a87c6123ffc712c8cd54e194e75a0be0a499214b7478f77de2ad4611f243a2e67711c978183876193e2fd7aec809b3df993adf0e35390367ed98c0aa7717b1863c1d0a47bbb63414eba70fbaf263a3fc7367c70036e70c6bf19118c8cd8aa74866b1987bed99e48b5cb6c1b4e9014452eb0b21d1110535182b27449862c424568573a1067ac9720fcec58112395f7ef2553e75e233301736e9e77341f2298ceeb0a48df43f51f44852125a3af15b0eaa82b7787b1fac9c0a7a0bee9da2beca90b6797400340b4e57863abb38c6cb0945896e38879b91693e2d37913185347618e1866f35e9cf6d58d84d6354c8eab636fdc5bfc4c1f589384dc000f69aa2881f58b8eaf5b10a9e0a6dfcb6e274085d6e5598e72a4bb7ef45dd0a26178d63372631125bf0970cc48c3aa62f7fbe6db891a6ca2a941ed9921e6271f0f60e5867256ed8fa602b8e393191eaf7902c4aa4a4abc1fb9ee272fc09b83a02aea8c87c8a6877ed4eb0a3ffbbb5fc0418aa07643c5e7c6da315901ad31dd1fb37463c01b9e574ce44bdbf08a8d90799088d871ab0fe7293709fa4c7ece28aa5ff0cff5cd57d9c619ee9bbdc06014f2a0db5cc9e0080c04b45393817bed752dcf5a2f56cd86da6b202ca82a9fbea31b00af100d8d0bc6d1954f99671b66f2bdd79bba9501da33e21b6921490ad99cd81aacb6773f55db97350cda5f851984eeacb413019242e77485bac12f1620b0e08cd161eb95a965329fb95669c719eef6ba0cabffa9b688acd5ad079af3deb00eeb108e2585a1d8f9cea337740ba0dc8befc834b534a64aa69c4765b9f5035cb401fa1e0a808e595101fecebddc10ef2c7d605dbc34d210de5fa65f53bca5e99cfea08b3a821238ac361c6a820e168fb0df75c4ceedb4d27f485db8baa5803f580c340f91b9bf4c483047dc026f6419ab111203f0e56cd08ba4e26d4b8b293f1449762affcd03d459c9885f627ce981a17f8985c1504b1193b38de1ec373749906c6f7e74757e38f77c408009ad4222eca13cf16565e435e73931e6ca53f7cf03e16d8399ba65b182155e6aa4b79950c0e74d35855239aebaeb3a1c1ed4a64f388dc2750db9cdca7f26708491d6c6df9abab8ce0ae6fd40a545e06e3be23ab5a27316bd305830aa01169eb3ab8dc757c3173e67ffa39e08dc486baa1d01907711d87e73a815110236e2bba0093ed1135c2dbc129ff01c0cf8bc22a8af64abdc4d53cdf634919e5083730b2553a19d484b15c4e3fd9da347f7a5a6e8b345a88987acc6514de94a678bc125e6eaa0dc9f3ec8f1ca71f8973ef25ae93b7f2b8e0392add5bc5e3ba18c9a69cc123de71ed969fec60df3a65472a934c3b85b2ddca9c33c100fc9873801ebd51c9f9f1e14570d04c02f8a02dcbb2d3348311a974dcbb37589ae9c755d0d7ce1338e55888ca21ef4a15350f1942bdb60b10c3b04dc9bf1ac3407158d5e3e631e7ebb97fc59d41e92bd1932848428eaabdeab144089d1d049dab64b16bdced5f4df577992d4e88d4e2dbbcf0a8c12b57a47d7be751a9f726fdda597558f254dd912cb2f26867f23d5eb7015eb0c8587f1b3eab629efc1a02d9f97a849554eaca2029c7fc943929649ffbdafeb1a3b36307aa61932519c336b93ea69af769d169aed1ae4541234694fe17b85f433e103c336efebfdfd90a128d6fc5b0041e840f129a707800aba71030b91f1204c7fdc40c92fded3c0abc80a8a008015def0a8c5af55c671ad9d8948f0eefd8e69a75a499dc7351f4d7c53411461e9395f24fb650f4aa07ea0e8ecc5897a940945d8b26f4e7f098eb790fb952fa11054c5edf553c0137914867e0b8b21f557609ef1f1e1005af2df45fa307e01219ea0cd7b952b2be858666376830d4b402c3f5c950807dba9bb7151d8d9eac1c77624cc0e3803d4ec9f57c5eb76cf955307c0f44a1077e5319fd565cefce64af929d3a57bbc087645c18d098a8c68eb9a7ea58a0a849d103e7eaa7ef615ad073015d0852b51c4f42623d09a24b361c3839df7a842e57244fa2c74cb341ce7c3899096f67ad3bf73301ecd0149be5d3b76fc671d4a946399d90bb36c480e3f0930238f80dfe2e7662cc16c2c0bb19cfe879e235dc6965fae529b7efb353a5f9a4ed837f5e5788020787801be8c35551b966a7078417fe4908e762e724396c281d7b63585e0427e717c562858219fb193234764d76f22c91c1b3155be59ba2b8afb8c8f728ac70e709f790726530f00ad9b346b6beaaeed6c367f963226fc0cbbd7c5793cc9763b863122381370dd7b4e22b90a40a76ee9100ff16be3c787bac6bae055ff57689f337d3df9a98451ba0f8d8dbdfc80179aa39a964b5ed9d4672f36b12c74500f63e499d143930c343368c63a91f34a95a9aca29b3e700c8481175ad92d2cf61bf83d7410a2f3ef0a0857d974ad2c7e6c979a296a0e8eb1774df4e3b051b5c9fca6f019925f55f2920dfca92b4dcab7006d8d7f5f22f85f675587582714c06461736a92b6bdb364852bdb20330c28f9b8bf601c6665925fa51c416696ac68c932a99ba81e70e8f346925482f7f2a562210b9e405016c4202c19c2234926658034c21ee28ceee34792bb1a8889f636ccc454d5b5aec67389a4137286d48390575fbe380ca5207f1efc75874fe10b51ef28c4aa9fbfe9c90f060d1c6e877ef8360b2efc991477e9ff42b9b02e1b7f47f14868ea264c83f3e9f262dbae2e4b3991bb4372fc00f9c1e1e71fb74b660dc17c67eb0da00b332c6cf705fadeeb06a02b5e7a963c0a6119f6cc19e41f2bdd773d7e0139dd598671f0d554f181bd2a28d876e2ed5bb663991b1a62e863994a5c4a570cd57ec411556baf993e0289a0792c7bf483b15fe957abc13ae9155fdf57a5e6b66d871771e1c04c48b56bc739770ca92bff8ed977bf50bce0933dddb3e70d3cdc82a76b7ac8f7325fc2781278d2984987286fac7c2285bd2a91605696fcfbdfe324aa5178142d973cf9f2c07fdbbf5cf4cd4db75d42b8debfa9dd074cd5104bf03cae3b276405d18e4d3d7576fb946daa3100b8180b68c0a93063d36eee1b0f274a3deed2d1a41adda53cbd8e0a1f0fc8f8633d72e6f2faaffe10199a35e88f1779f2823320bdfea2f77cc4a2d747b7ee1c2fd82ea409e83538b3e93bbe1f146e8a87a7ee28a1b192c4d4752b34dfccb17e77d7031ad3aad4d27f4fb9aa40731a7d73a7054d6d7239a9a9901daa6bae4ba6b6b2571d99af085f68a48cfb0ec628a72eefdff5dc3cd885c2427cc563ae143a8e3a0b60fbc8a4123a08e3a7e3a44355699d682936aea1d4539f837dd3a42ce61506b17d5af53ef8edc5ed3fd2f5c7068792a4db89eb3472b875170b6e7f4a75db6804dc9949625d3cfee969946ebd0133b359bcf7d520264089600617b9d7a85b1f142abaa8360145302ad91ca00bfa91178c38377282cc798a38ef22ed1e09c72cc22a745f35562f22e45ace63d57e9729a10c8b067d26c2a3a9f19596b7242f1301421d3375f2d8881692000c628ddc19a13dba070493b032e171b94e01079f0f91dd7b5b61b0e053bd1c8d38b6d7cafbcaed1d36768300ba794b6583e6167e7d78f7348d39851fb7618a0246bbfba1e9eec4049fa9e74a7f54a849896c54a18009c6c1f620e7b1afb9ba4364d7e18414bbfc3650ba35cf5421cc2ec681af0bcd2673439997157d9dfbcdd4e0899bba365c2d1cf423418", 0xe80) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001c40)='/proc/asound/card0/pcm0p/sub7/sw_params\x00', 0x6000, 0x0) (async) sendmsg$auto_OVS_METER_CMD_SET(r3, &(0x7f0000001d40)={&(0x7f0000001c80)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001d00)={&(0x7f0000001cc0)={0x20, 0x0, 0x8, 0x70bd2d, 0x25dfdbfc, {}, [@OVS_METER_ATTR_USED={0xc, 0x5, 0x8}]}, 0x20}}, 0x10) sysfs$auto(0xffffffff, 0x9, 0x9) (async) read$auto_console_fops_tty_io(r5, &(0x7f0000001d80)=""/80, 0x50) 7.878052967s ago: executing program 0 (id=682): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0xfffffff9, 0x10, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) r4 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r3, r2, 0x4, 0x1ff, r1, @relative_id=0x13, 0xe600}, 0xf) r5 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000280), r1) sendmsg$auto_MACSEC_CMD_DEL_RXSC(r4, &(0x7f00000013c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)={0x1080, r5, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [@MACSEC_ATTR_OFFLOAD={0x1053, 0x9, 0x0, 0x1, [@typed={0x8, 0x58, 0x0, 0x0, @u32=0x6}, @generic="78edf28d5c74a10995fef5806f51c2f3ee70c3bc991644a4d6fff4ef42abcd52532b6f85500a8eb49027fbc0d90a3942d4faf0b1e9e6e929efa147e280221eeb5c20cec6db5fcfc1ae21eb9658115a78a59634e7c9d2397f6508423daa610baff723600943aa376bb8be537b4a1009718c79aaa82dd2457e25773139ea34fc9a2b507abb5aeeaacd8cef90667219934009293d45d6a59623967f17ff7211c37e68076245029154c7b36426c35e2cdfadcea68e08f5947d24518bacf8c200cad16664cf97791fdc3faeaac52c6af44a725a6a7d4e2596b02eb690bb5f0ba0697b2bd10210574a567246bc8273cc6725eff88cabc92749cda60e3ab26b1eecc81e0167762e59bbcfa6b3035c71f437e018473ff99afc5a2a54793f9c71605a1547fa797dadb38490bfccc1738dc1f9e5d1d10c8aa29f2b5eb1cd8bc77c06d286fdf17618c2f815a07e5f72138fcac43941ff57610f9a22ce83701684929a3a7c2bd52871f229a3d6d6d72f3652da9525902a1dd696526cdd88261a1a721749649b882321b40abc73206069f0f9aa0dcec3e67d6eac7786f41e40deb66ed6364c45c3dd6fff56238fba1a60778e3dc9fff85a074a914a7a098c78391aa4e0a207da09c7c2b974f615d4e0f6d824b8dfc22442862587de05713d98bf284c7860fae24d730a1deaf8a54709c0df32ac57ce770217de2401e4dc11515984543047dab0ca78f36f8d5fb2e4f422cb48406e651e82a2d3ec4b84029d195d9aa87f663baf2e547a6928fff555badb09a6f252d5b861f1437362f39b0263008677a76d636cc221db3d42bcfea6ab71c7be06e25b8ac0eb892692f838a24653f32cfd85e2b12ef2e4be833b2c64826696f4e45c2e6a9b99e40a096e47acd5cc1f79fda8e779bb9aa327a0e0206eb022daf37d518b389678d50a9af4e563c2a84b701cc9f82be4b5434a0c4647a33f2c740e7f30aff1dcf8c538d290a2f5c35c9d22f04879f61cbb118d3c82e5c24acbb464b5e9139454b470ef8bba753a4c122fc359b47aee75bd41807689d3fd2d28269a660ca1030b8bb8e0c2811b3cc620bf51436fd5377e645de1b656ac9075781de28010f5a8565880e9040b84036fa01a8d490a3fcc8352394c0b28c4b147de89049cc9d99619aca29f00d82dabe5753b14475bcd018a63019bbeb865e2bee67353dfcd5d5cf86eea028710620de15ddce5abcf015df2361ae3e2629eeba5a2c4e864de9e2af1278ce019ad90a6a31ed7f64ef9a428e41847978f992d136d495ae072e37ab885463d4252ff92eefa789fe1c5034e7daeae3bcd203b7244d5d5381535560bf78245c4de6ddacab8b9c3be0e48fc5c85194deaefdba8677924f9ae78b716d9a314f25164fa190a0cdc653eccad19849bb876687bacfedbd6a33c0cdad02778606be36ab9066aa713dbe397fdd1b25265e17a8b0f03523c369c3eaffd1a4268303ec9f5a85bbfe225c98f1cfd8488ebfe701911f5e019e065f948c5d36d0b2e8152a8da18527c655d706f2b026597ab270924c98d98a61f376bc4a8e76b15d3d0196988037f9ac9b73b433aa49ab97e27d5ebde786239f4562faca61c5411ee83ffc5226567e5ffb849404a444f9f8dcc7e6b91b4e00e034a81acc5ca4924b20519278ca98a2a9c9114f4c1014dd64f3dda618380fe51a53e60c136a6c3218e0e6938d5cec658ddb998c901359b170839e96603481a993e4d1f50b8a36b7667f81efe57f45d23553d464373ac209e8f953db719f2451b88bb2eb658bb1d39511a148d80036f91619d7fefad28a3c8535c16af2d76004e0ee73f50f2162d80a42e5da6b35ea0a647ff9239609f45933884eb5057312a41812df07df4d1e6971d40b3e0099daf55542c77280b1e87e7faa33f942850a1257a9286970a910e069ab7b2c2048c0fb3e2e6572b15eb57404d5234764a3e592c2b3f2f5925bab59061d57f55d5e284e63c64f64a3aef2693dd71d639122e8d2b964696d244e70d2835a778210b918d0eb9e9c0bdc10c2617253c691bc24b62ef0d5a778847a0cfab3348abc5640a90615e879b3ca7e175c57e8045831bb7306444835b5db265133942f96176471df6aa3fe26cf646069d0f9f4b106595e78d8b37c386a024e5909a5715db7afa6cf1d7098234cd981ebf6cb600c9505ba13ee2d63773b705e27faec0d5a2db8d9b51ca07c8abfe5e3a128906be7b48968f0607206cf941b118b51e364d773db4524b354d5d922f4aa2eb6a33d5b61c5cb59c8b2cf8698302db4600486687a94e2fbb483955761d94dc44606b7b313ed208de4be97e250628302ebf708c1b2a1ea6fd3b51f4cf4b56aa42a08fd1ee914ab5fb644b35acbb1da7fb55153019b05165abf28807b6c1d4a97eb84f3fcb41aea337ad4524ae68a42c22f9e73ea5f21e42e62ba7499db12ce25a4dd20834893dc64484b88e344159fbf263497e4667e8839c2f1c8dc3a6a10105a106c165f22b282bfaf5c18f31c1902b4f15b8729d0f1f12291c4bb747a271bce0d831765ffaf9bd971569446a735c404d7b1f399e1e21f91b9b6f0175eda0fa87e8aa3ca623a7349018261863a2cab1798124bcd33df3b25c4466af6cedd2b644b37404902ff96dd3f17b14ebea68db3c854863371fcb46fe29ace716aca6a4995d5e15b5204e7ec93079a66833c25ce88ec922e59c72ae254a7cb885a66ec466445cdc735b48e77f684272c31d3c425fe042b2f72ffa0b5091c25eb7daa58ef5f954c54200f28a25850e9ec152e2b0196f0202cfcebd571a949d50c454fb6d6f4b1cb5ef30786e116bd6a2c36ce272bb22525e096cc2ad80e8aed86e31808fd0d41fb8599675ae3376b35f088eae293b487fe27084b936e4e3b57e503ee7a7518b7fd435e8710f1f8494d3ffe8711cf02883f6db6a8a5a1b1eb1a6ec4ce921bfcec0a255564e863d9ff7ccb3db01da3c814a2184c31a527372841d5f6a3fd950c5928a51bbca7ee91fcb06d3527e6d0e5a8feefefd20d177562549ac0aa9d4913d4e98bfd85eae1d369c64ecf82b55646f0039a35072198691db7705a3464c62a60a12b874a37ace9143bd699d5b8cfab4bb9991c5a77d34dcfb71bc6508a77635965e0eaccb853748fb46619320a5d65c80fe1372bb3bc47bfb2b339d97421c95a140d4d8ac094199b9a478f482bbddfb6746d4952db3bf053a21f86eaf82018d11e4a8be6826f8b6946af6162cd5a401eecf09be4168363a2d7433b10c67797b13c09114bc667c09921e227c60e18f903171f277cf9db6692246ffe142bfeff85c0d34a1ae0e12a952f3ffe73f4d6a3e15288bd8f37ea3ca629e6eb4e0a2e1fde63c4cadef14483502b6deef958eee0938309a71cdf49b34d612a8450e5e453fd1efe9f7bab8e7e09b8fbd084af750b176edb6e0d17a498c3711518df2b33e0eaca65d4b840231acaa3e19cf54c0cd8763dd4fac26ffbe3441b0ab3c54a0406fb84cc88a327b6fb0f1e65b2441452cbe98ce7edaf3c9afe32f11f30737ba033572351f61f1856b3d21645ef5fa7fd1e5b786dd4786d254be513e4ae6b8e9ff3ad8dba11d7dac1c0177fe3f35b00e6344400813a3c9b8b8bb144c449ba422cff9c631d0fc4967ee44d9eec7166225d77b7de38e4f6cd6fa1a5956721ee9d02dab4521a16ae5e0088d0be5b3e254fee24256657af64f2ff7c182c1248076102289f66ebe018626f4562a6a2c1dde1cea60e057c105e3d3f8feb352f4c697e61a6edd6d190b81ed792f07d6fb1a62ff86c836ac597352d6d6988787dca62a0ac61054cc4304670e194159ebec53682f348830316a779ef875b5ca09a859a8a5856012b5981a2a0f1e8a3b150229a962fad05db749e95ca9d294f99ef005f9d3827b5657a6dc8810004c481c0a1f5d9c2a036e1586917a771747b52607a4415d26dbf870fb80c15464987bbbdca673b39dbbd369a0499bb1891873346448dc2644f9a24fb4df280100b30275e065417b7e4ff7daa48c380de2ea700c8c5e597eba79bc51bb3b58ad6fb3bed24bf5dac7cc95f119b6cf1ea5e542af04536264568bf326ff24e21d47e58c2b78d751561b111059002d006abd6122cb5d1c38855797fe21716b7d6c60dd8a1cd6cf55a826764bdfcfe5e8a838569b7607b73dda52f8e2d66a4e08826480298b876e1bf39448dc39e0a536830ad97bdfc8a0cdf5492c1bc57cde598ce62d776ca9f93ee897aebe91ac27660fc543f59de45b1187eea2cbbf46af04a1438a6d23b7a63bfc4984f9680d387757d29d375d99a9fdd29babd6aacc610b93ac24c185cff55b650fe489b9471c21808089a64826f73146b42356089cf3d3c40a627bffce59a58d09e5ddc8212aa8a9d8e530c5f57d182045b1f085163c9511a34b044ece0186de2a6472009a98410dac6bc1f209b904deda02a4709337337c3ba75d40ee390471c79accfc3aa2ed9ad503fad870147c732514d84229fc766758023a1193747e5e5dd314e1b0c1d854677a36e18ff5b926d5d2bc6c803acbc8b1c5618129e90c3bbd944e4850609d37792602ebb007e52b161e3e4bf7e12b5d776103e60be57eeae0a90d728682c22d84e4e1c9606f912502058b2babb8a85388f54acb98febd100eb6d87719ba01db78db12f4005dd145c35ad9c6ab12a0867014f7234aec112c0724db071443ff030861eecb2e289e00ea70f73e526247309f0ac4bb4a50a0944085810d5286507d969e5c19efd3527810843c346efeb2b9a9242d4dd014dab44a4820060ca8b70c29ea002b557342e304065ce3fb1b5a967244e77ccfaf2cb87b95d60d11dcd2e506541a92a436152bb5c13d1bb119cbee9b890570b8d656f8f2750bb3e6b534834a4272469df2cdfc19d790669deb1986c41a39092c84cf81f26ac4d623505970aef37466d58b4d63c7b1ba4e6c327ee41d05527bc2015e003d26773e78f84be9be9a2c6102446bd681decb7ede03ef220a0e01b798b617b79c4ee45b109361e1aa246c5283d6d90f08f18d43c5213c665ba26799631c51658d9f93b96be295aa60ebf3bfc318e25b5922e958e56ecfe53180cd97c56d1036afa801a466b8710d7494a7a8165bd88e360c45c7bc5628930803c213c02bd09cfd0aec496de5558556e182c6f6cde7766021f2ec67173c6330eb70cf21b1d851c88ebfa4001d9bdb1f188c0e7401f5e1dbd19d7201e4a1dc478153e9eb4ac41f1092895e4559c2a3d3cc4ffbedd0f69ba9e2fb22ef7bc7d8cf4e90404724d0f8608cd72affdef9c6f2850d42c23162a98396db570d57cc95180c34639fd9fc15fd94adf4f05acd54e817dec3903f7583141669a13bee5fa4ebf8abbfd580a2c8aa95c07b40b658569d41ef90ac52dced8a58bb6596db5c12a60ca6953b8f1196a3573adda46259b58c5e8e17a148486784ccea8b9b97400d0c63d2ffa54202c20566956fdba79b54ca12492e075692133b3ad4ac5c0e0cfa02bf5f40a7d46be6450f845e82be31a06e1af8c271917093f6d7d1985b0e6cc5994e04cdb308faef9a3b280730661a45c51fb69ef8bfb2c3c1c0cd1206484e3ae5e3d4d75e149536665cdff0f95162377aa39a43bc3dc3d5a34cc7f75cf8126cc800191f10c88541e4c9e807cba788f1c3cf7ae6b48a08d5febd6fd34559746b0bd902ddf2eee9de3f59a3ec34e03dd2e9339ed99ab504b2d63bb05e0ebc4969deee879799e73767f920c94f577072aae75d3f48b1a37dbb9f3bfc5d665a3c1c71d64a1c157cd3ce584e2fdfb5ef4c0b061b727b2189f2d9485ea5a6", @generic="77bbdfda5019ff49858efb0b6283e780fea738c5d443101884a1d0e57373cacaa663cbcae2e41f0e2e622096e540bdf0b61f6e11e31681e474d8d3534980be258d43d6b45bdec3"]}, @MACSEC_ATTR_RXSC_CONFIG={0x18, 0x2, 0x0, 0x1, [@nested={0x14, 0xa, 0x0, 0x1, [@nested={0x4, 0x119}, @nested={0x4, 0x13e}, @typed={0x8, 0xdf, 0x0, 0x0, @ipv4=@private=0xa010102}]}]}]}, 0x1080}, 0x1, 0x0, 0x0, 0x4000040}, 0x0) bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x3}, 0x4) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptyq9\x00', 0x1, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) socket(0x2, 0x1, 0x106) r7 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r6, 0x4b72, r7) 6.479830379s ago: executing program 2 (id=684): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/lockd/parameters/nlm_grace_period\x00', 0x8001, 0x0) write$auto(r0, &(0x7f0000000180)='7k\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00,X\xb9\x0e\x11\xfb\x00\x00\x00\x00&!\x8f-\xfb\xea=\xc0\\\xec\xe7D\xe5V\xf1b\xa0\x9a\xa1\x88\xb4\x96\xf5\\\xad4\t\xca\x03\xe4\x15\v]\x00'/67, 0x81) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x20100, 0x0) read$auto(r1, 0x0, 0x8) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff) syz_clone(0x100, 0x0, 0xff1d, 0x0, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x8, 0xdc, 0x9b72, 0x2, 0x8000) socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/irq/3/spurious\x00', 0x0, 0x0) r3 = getsockopt$auto(0xffffffffffffffff, 0x84, 0x20, 0x0, 0x0) read$auto_proc_single_file_operations_base(r2, &(0x7f0000000100)=""/78, 0xfffffe55) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) mremap$auto(0x0, 0xffffffffffffffff, 0x3fd6, 0x3, 0x7fffffffb000) prctl$auto(0x23, 0x200000000000009, 0x7fffffffefff, 0x0, 0x0) r4 = openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/cmdline\x00', 0x2000, 0x0) read$auto_proc_pid_cmdline_ops_base(r4, &(0x7f0000000040)=""/159, 0x9f) ioctl$auto_IMADDTIMER(r3, 0x80044940, &(0x7f0000000200)=0x382) madvise$auto(0x0, 0xffffffffefff0001, 0x15) read$auto_proc_pid_cmdline_ops_base(r4, &(0x7f0000000180)=""/78, 0x4e) 5.094945514s ago: executing program 4 (id=685): statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x401bf, 0x7352, 0x3f, 0x8000, 0x1ffde, 0x7, 0x2, 0x4, 0x9, 0x3, 0x5, 0x8, 0x3000, 0x9, 0x6, 0x10002, 0x80, 0x400, 0x0, 0x7, 0x1ffc, 0x203, 0x400, 0x84, [0xffffffffffffffff, 0x0, 0x0, 0xff, 0x4, 0x6, 0xfffffffffffffffd, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0x947, 0x3, 0x1, 0x4, 0x7, 0x16128f2c, 0x5, 0xff, 0x0, 0xffffffffefffffff, 0x3, 0x0, 0xfffffffffffffffd, 0x2, 0x3, 0x400000000005b8, 0xe, 0x4000000000, 0x8, 0x4, 0x6, 0x6, 0x890, 0x800000000000a, 0x3, 0xffd, 0xa38, 0x0, 0x4, 0xfffffffffffffffc, 0x2, 0x4000000000, 0x8, 0x0, 0x100000]}, 0x1fe, 0xd) modify_ldt$auto(0x11, 0xfffffffffffffffc, 0x23b94) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008000) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x8, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) socket(0x10, 0x2, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x0, 0x0) r0 = openat$auto_dev_fops_plock(0xffffffffffffff9c, &(0x7f0000000080), 0x9fcd4ac1954c2010, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0xfe, &(0x7f00000000c0)={0x0, 0xfc2}, 0x1, 0x0, 0x7}, 0x800}, 0x7, 0x2d05) 4.799427892s ago: executing program 4 (id=686): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYBLOB='j\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x0, 0x5, 0xa) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) r2 = syz_open_procfs$namespace(0x0, 0x0) fstat$auto(r2, 0x0) r3 = syz_genetlink_get_family_id$auto_gtp(&(0x7f00000000c0), r1) socket(0x2, 0x2, 0x88) sendmsg$auto_GTP_CMD_NEWPDP(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x64, r3, 0x500, 0x70bd28, 0x25dfdbfc, {}, [@GTPA_LINK={0x8, 0x1, 0xa}, @GTPA_FLOW={0x6, 0x6, 0x6}, @GTPA_FLOW={0x6, 0x6, 0xa}, @GTPA_NET_NS_FD={0x8, 0x7, r2}, @GTPA_MS_ADDR6={0x14, 0xc, @mcast1}, @GTPA_LINK={0x8, 0x1, 0x5}, @GTPA_MS_ADDR6={0x14, 0xc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, 0x64}, 0x1, 0x0, 0x0, 0x40}, 0x0) ioctl$auto(0x3, 0x40081271, 0x38) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x580f, 0xffb, 0x8000000008011, 0x3, 0x0) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xfffffffffff70001, 0x1) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x3f, 0x5) 4.664251458s ago: executing program 2 (id=687): io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x401, 0xfffffffd, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0x7f, 0x1, 0xdcec, 0x5, 0xffffffff, 0x40, 0x76c5, 0x8, 0x100000000}}) setresuid$auto(0x8, 0x0, 0x4) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) open(0x0, 0x22240, 0x155) socket(0xa, 0x2, 0x73) openat$auto_trace_options_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/options/test_nop_refuse\x00', 0x220c0, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x2}, 0x7) setpriority$auto(0x2, 0x8, 0x8) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:01.1/ata2/host1/target1:0:0/1:0:0:0/block/sr0/integrity/read_verify\x00', 0x8242, 0x0) 3.909881578s ago: executing program 4 (id=688): r0 = socket(0xa, 0x806, 0x0) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000000), r0) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) (async, rerun: 64) connect$auto(0x3, 0x0, 0x55) (rerun: 64) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async) io_uring_setup$auto(0x6, 0x0) (async) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000000)=0x200000000) (async) read$auto(r1, 0x0, 0x3ff) (async) close_range$auto(0x2, 0x8000, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async, rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) r2 = pidfd_open$auto(0x1, 0x200000) (async) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x2, 0x6, 0xff) (async, rerun: 32) bpf$auto(0xc992, &(0x7f00000001c0)=@token_create={0x2, r1}, 0x143) (async, rerun: 32) sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYRESOCT, @ANYRES16=r2, @ANYBLOB="01002dbd7000fcdbdf25010000000c0002000500000000000000c5000700c1007cf7c27c120e3984130834a73f9221887ac28e443c4a1a7da8d2ddcf2890cce5822826764f3f410e53f43f300d2e04700395778e7935c99f6a38f6f3e56e7d8a18d15791b3b4f9378d743a8f0cbbe1c604a782030626ead26826f4790233f19c29fbaf1da77e1b84522d05ca0f4237b24aead87b47d41805fa9967d02ad2deba1895652b8d630c30213ed8f72c1066f1bb9fb1b242d08a55d32398d8d3c635008f2c61049c8abf600a98d1d2d0b0027aecaf27d20b6ff4129883e111e1c858000000dc00090069fccb38f57447a8af8c40a03b92af7adc0c48af4308483b99aa587ed8711b4a79a383c263698842365af6807d1be1800fd492770983a6df345fb472e9fa41b667af43bc36d7063b6b93ab7661925e8d71452acd95b788c31a32ae903b96b9ed9a5e3542c625105e8f21a5b41ff3d17f8704581f4b8b75ae741d0fba8cab2e187c93eeea89f6cf6ab7cc496e0bd9759cc0b408bbe0c6eae2aa29c2d97d48a55fc0ff937c90173d61cf652f97cb301e4d7e3bac0026732e22eadd3a6c5ffa4faed6855a86814c920a650a61936305d2713db1c92a238e265c080001007f0e00000c0002"], 0x1d8}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) (async) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x8000) (async, rerun: 32) r3 = socket(0x18, 0x2, 0x10004) (rerun: 32) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x4004) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x10, 0x2, 0x4) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x24004800}, 0x800) 3.835190732s ago: executing program 2 (id=689): r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000540), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_GET_RADIO(r0, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="cf5728bd7000ffdbdf250600000063954222ab26888e9121ee53bc5afbb3e76aff6e9479b3aa479786b9417d1591aaf31dcb54c01a0df9c92335367ecbc4f2a13f541a880c6a813975c8b12c5a72c8e38a"], 0x14}, 0x1, 0x0, 0x0, 0x884}, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000004240)={0x0, 0xffffffffffffff84, &(0x7f0000004200)={&(0x7f0000001940)=ANY=[@ANYBLOB="e46ec5dba77c53ec480b138612c3532a3eb4274a3048f9ac27fa7ac5770dbeadf51050da41dac4221104a42bafe31c74ff8a640cea800029c13aa1789160304706b0ede8d9cb811c16b7ddf6870858b76fdd84e697a4020e0f819f22d65d232b23184596156aa6f5d97b69cccf887c067d4ffede0e01e67562dcc8297baee5ddce8542ec3c74e28836f1db586f0000000000000000000000000000000000000000001a8ba342336a36e0ec0854a3a662087841dcf3b7c54a53b86431c4ca44433ae516dd7d5f6e1566200e2d7709342f9f70c3f31f993459416532801aed2fa4d600d5929d85b48a5da73865b8b40992161e89a62be506431507744ff91a5297f4cbb573d081a2b83d035355be0a7cf24dd31f3803d75502a9635cd6b9e4ac8162768ad5905212ebbe2b96d3e2ed875c073fc1fd4c5fe1ee52a0553111bcb3f904a3ed1867820ffbdffd6de450a840dc408d3bb263ff1cb77434b2892099fbbed7d145344f7077469fb5d99b704fbcb82f4af66d1cb10293d92193f52dfd0e8409997ccbe1011f9eb7e837b2c4d1c70258f9", @ANYRES16, @ANYBLOB="010029bd7000fedbdf250400000008000600cb0d000004001d00130016008b0381a60936090016bcd13a3d223d004b04030017652ed55252d21e8040c240d22fd1c2f0d722335328233a078cdbd80cce28e1b3dbc5f4f1c8ca5ea327bbeb14aac906f66993ff03dbaa5dbeac9f51c79b5e40df44447f6eac074452bba401ab4f88193ac2358fc24dfa4f2d83540b8987eb27d6b522101183f269d30f0f3dd3ca329b647375bd18435740cf0e25c7d98f6170519163c9cca2565b70679e1ff23661c121cc0427a008ba39e1000e17959faef1a81d42626fa396ce6323c33eaabf85c1fa256559b0dcce2b2288a2b9bb3cee477337373a425321a1f36d3e010f2e4a58a86c2d3901e12c3147319b8d46dd6aaace22fa6e64f22e8fa1fc43bb0767c17234154019158f295112cbacb6dcf545ea25b9583202fbed9fdb5c1a064f428138ee0b4e7ee9ebbe5e0dbfcccd5e9206c036375cc717c365027f9f5d81804716eb71fee1a81aaaabc1d8a607a8cd6cfb7e81b6cbd24380042232fd79b361dc5033722b6f290ac01f93606cf4cc45801889cc1cc4051f310fb8f4285ce16c6a9be1556109850ab84dd8a007040cfdeece0c81b08594197223c5de70751204e2ba9bab05b1ba8dd947ee973ae206cd35d4bb97d2f26c106ab594c538c2b1bfa2c59e58d361c0d51f984be8dda7c7b47919080feac66348f1a85890bc15b3d5ca1f1c983e40746ad4c09801a86ac9828ce821cda6275bc890d6074235e68fbef8358381a3c9c7c55dc1718957c74789a8cfe31174ea2065de473ec9871697d4735d3232a6343fc47ace0afa0dd30a77e548fb1149758bc713f501413433232d88f43219c55c894a6d399f7a513c79e2b0d052e21844aca1e13485d164aa884ed6a3057e97739c0c80a241f8a8a6589bb1356799a101c17bdddfa0d322acc7fb16420960ef50172d436c1645d00169af954b4ebc1a56fa4dd516f0ff5bf218b7c6f5c47615b08870c3d0e2727dc23cae63229ae0f0841f66951d9aaa3b3b8d55564f0e7ecd62b4b90bbae2181a434b39abc99b537be47244c8886b5bf81b7b91e7157e7c85a7dea6a0327866b584ee43363a70aefc080d16c13031ff9fc85dffe44d09edd2cdc86382cab708504c7c2f6ceadda0c405386b5c2b25944c9672060e69c90876cd9bfc340a6ac76b40d2d3c2bad06969e17692e51bc178380ee238c23df0683f82766df3443d32dcc17a019733c2551333c17b78fcdb9bbe0c44e1a322046823325a3cca3347507e1a877d94c0c8bed6c97598fa207d9e12aef69a1de92473e81feaad393cec60a0f00b5902d77840bdb767db9345ebb5a35181b0c580bd4d9ec271a5f897ef960604bf85b244767a41e7f30874e603dfec312318fe9695c550198fe086287e069f08810d6edf1b2b42d381e5c8c4ae0b75fbb0b6d48c1ffd5d00ef2a91a129735f0518695ff4962f0119c151c96611e9dcc788d0fdd2e5765fb796e65eb0c76ce1a69592d39fe5dbdf3edd3318178fefca010c1ef40b42b00284db5703a814023c134aeb201779b4ced9168ca58c9a26dc1f169cf2df530faadd4c4b537d1c6ae301906e20e30b96909a4b0743fb00080009008bfcffff36000100630596ecb0873379524397398409fcce6715effadac6f36ff2158eef66051a8a721c25dbe219fb6de873e6fea33a7d2093c4000000000d0004000d000000030000c452de097e0cdeaa450223493953584ec44182a0846678bcdf5f236aace0898a8522acd88eab1975ebf397b2d6fb7f1e2b04f85a03a76efcece1e21eb33e93f8e9edfa30a933163bb7e8905ebd9474c8a3e06f030c1eb7a532009e93fe5cad80b7bf1df350aaca624cd7638d5017b7f40d7c847dbc32400175bc29d0de6458fdced1fa04d7be949bec5c14bb796b5746554a627ed2c8d50ba5567a8faa47ed40cb44eed0680f39e8b1b5ab2f5c5069a8730a287d53995454e719d3813af05fe0da43e06d59e10dc6b6c7108a03715fc17ad1f0ce7e4937fdd75485808707ed872f8520cee76ec80de657f07699d86476ee942855f1597cdeeabe72d91856b2bfcea9ab869c91bec0066fc8b8fdc2e335940a3e94acd08e8f70c6bf70e7fcc4fd475b3019a78826fd6e24d59eac94d391ff6b258cc4c0cf317482895d02ef8b5fa45382fffa0b297c6acbfd0d6086bf79c0ad9c06a5a5e3cc0f44078dbbbe849f5a4409e263113721052697ce94181dfe4a1dd007cf18339b601ebdd9ec07ae9e52bd44f05e62c8d3d514a205af1d418c16e660eaced9cbb38ff79fc5befd46af49fd5f64bbe613c12bbccf2e5e845d7ae558df15ac8825d6db9008bad93a9cb5fcf1279360542ac375ca246a11d53c6623d5ca5286c56180fdd17c76a9de6a7dfe6456223183df23ae5f88fed3cb9f260b3882ee35fc5dc2e8ac4a6069af6653dcf3afb3c70e7f57c104bae0c28b3db1620927cc1a61af520e3b5f055644c3b84ac6ca7a87c904c00f892a9402326117d6c5c4835a37dbbc2627e7e48d8988483cb64ad112098da480dab3bf251484f81ecb4f23b2600fc1cce20c0888bb8684cb9fb61b12844f29ce328d41e1130d48e0dce58e49dcce1680299043ae1da3a320f6f65fb2e88d1f8ef8d193d46b25daa34b184798cd5eb5b4b733554342152b7911160a1ee414839b20565d5a32c6ea90b9016b83728b45c1c94fce8a0c05143a034b2fbf77ea71ad3f1e59d2912eaa31816ee3c6a1569f809f9a02ce6ad30a371ed9a2111b604edd128df6e10125bfc860e328ea078e857a28ee3345c00c6a6bfa09eafd6fe50f7893dca6b0d258d95e0571024d1b6366709485f5d1216c17f4437680ae2827661a1ec66376b5053d893a9548c4bec7dc149409b19cefba909df793abf22244c113179d80bcf10077dd650b3c2a8ee77863f3b4cb16d7d353a2ca51ecb571211630949b0acb6cf11a8e093463eca113c0ef8da3743ea61154a411f58d176fd93d3b56c73cd782afa20e4682bb20811a02a11856d48360caca2d254a1253c149c981b2c494db03bbd6d81617bcaf02b123c7a3ad111bded2202e999c647dba93906c5998e3e7a80b4f320a0b1a47f2124b906a190a60813081687572cc468e742bb422a44a1f10f6e9f09809a87bdccef0457cd74bf328b06fbd27c59e0efdc8ba4149564db8a33bf1c34a0fb5722245c19f804eb6e14d8854cb8598d25777dfd83195fe96ca0d888fedbf95fd460fa9243797947042e03304a2e05dc6cca4e2763b9d92dd7d3b16c5c91fe6c9a84fe52d6e5e7706302344dc6a8c18d24aaae5a97c1dd477575388365cc9966c4e65c32f519099f24e8f243ce15884bb2df06123491922a5a7a0bde81a69954fc4f22c0064223a55c660caec58591794c4ad259bdc55d87be80758e9957d49fd73638315ac8dbb4d4f628787758f312a40ff2b7f5654e48f252927b2fc1428e5404bd114b9fc9d46018a4b2b45286abd02d511a14462feee76865bd3cd80bd0a9aa44429e2e777e88c353b70fb06a3278d90606a109cd9327dba124128be9349109a438a849018e159bdb875f50e79cf2d5d94f200beda204810f8bad539695e73ad175f77cc98cd009e18bfaec761a718a65e8636c48d767167a0fc65850947cd5b295c9e2ad0d89e89a681c0d209e3388d5e5dc04b0527d988fda3e2db8e65eead11563d0213a599c36a7d79d34a449575cbdd4d17f410a853cdad7676a1487af5cd76b753cbbe9561305adfae15877209b408000500ff070000"], 0x4e8}, 0x1, 0x0, 0x0, 0x4000060}, 0x0) (async) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) (async, rerun: 32) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000100), r0) (async, rerun: 32) read$auto(r0, 0x0, 0x3) 3.510886957s ago: executing program 4 (id=690): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async) r0 = io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32) open(0x0, 0x22240, 0x55) (async, rerun: 32) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) (async) memfd_create$auto(0x0, 0x5) io_uring_setup$auto(0x6, 0x0) (async, rerun: 64) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 64) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, 0x0, 0x80) (async) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x8, 0x4008) (async) io_uring_setup$auto(0x6, 0x0) (async) r1 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) (async) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x2, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, 0x0) write$auto(r1, 0x0, 0x7138) (async) socket(0x10, 0x2, 0x0) (async) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) (async) r3 = prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x7fff, 0x0, 0x5, 0x7) ioctl$auto(r0, 0x40106f52, r3) 3.390690005s ago: executing program 0 (id=691): sendmsg$auto_NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x814}, 0x80) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x4) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x40682, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x24c802, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(r1, 0xae42, r0) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0xa, 0x3, 0x3a) sendmsg$auto_NL80211_CMD_STOP_AP(r3, 0x0, 0x2000c000) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), r3) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x2c, 0x80003, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/mtrr\x00', 0xa8240, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmsg$auto_NL80211_CMD_REQ_SET_REG(r4, &(0x7f0000002140)={0x0, 0x0, &(0x7f0000002100)={&(0x7f0000001fc0)={0x14, r5, 0x1, 0x70bd2d, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 2.591040259s ago: executing program 2 (id=692): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x100000000000007, 0x0) (async) sysfs$auto(0x2, 0x100000000000007, 0x0) keyctl$auto(0x2000000000000017, 0x8000, 0x2d, 0xc4, 0x20803) (async) keyctl$auto(0x2000000000000017, 0x8000, 0x2d, 0xc4, 0x20803) r0 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/block/nbd5/hctx0/cpu1/read_rq_list\x00', 0x2, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/bus/pci/00/04.0\x00', 0xc8841, 0x0) (async) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/bus/pci/00/04.0\x00', 0xc8841, 0x0) r2 = socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x8, 0xdb, 0x91, 0x2, 0x8000) mmap$auto(0x20002000000, 0x20009, 0xfffffffffffffff8, 0x13, r2, 0x8000) clone3$auto(0x0, 0x42) (async) clone3$auto(0x0, 0x42) r3 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000040), r2) sendmsg$auto_BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r3, 0x20, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_TPMETER_RESULT={0x5, 0xa, 0x1}, @BATADV_ATTR_MESH_ADDRESS={0xa, 0x5, @multicast}, @BATADV_ATTR_MESH_ADDRESS={0xa, 0x5, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x16}}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xffffff81}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000054}, 0x80) write$auto(r1, 0x0, 0x1) mmap$auto(0x1, 0x2, 0x9, 0x18, r0, 0x40) read$auto(0x3, 0x0, 0x8080) 2.066920967s ago: executing program 4 (id=693): socket(0x2, 0x5, 0x0) (async) r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) (async) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, 0x0, 0x1, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) (async) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty22\x00', 0x800, 0x0) (async) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty22\x00', 0x800, 0x0) setresuid$auto(0x2, 0x7, 0x8080) ioctl$auto(r1, 0x4b44, 0x1) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/pagemap\x00', 0x121000, 0x0) (async) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/pagemap\x00', 0x121000, 0x0) mmap$auto(0xfffffffffffffff9, 0x20009, 0xdf, 0xeb1, r0, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) (async) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) (async) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x400000b0, 0x400, 0x9}]}) (async) ioctl$auto_KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x400000b0, 0x400, 0x9}]}) ioctl$auto(0xffffffffffffffff, 0x2284, 0xffffffffffffffff) sysfs$auto(0x2, 0x100000000000030, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0xa, 0x1, 0x84) setsockopt$auto(r0, 0x80, 0x3, 0x0, 0x4014) (async) setsockopt$auto(r0, 0x80, 0x3, 0x0, 0x4014) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000100)=ANY=[@ANYBLOB="0ed780ecaa43e8ff", @ANYBLOB="010227"], 0x14}, 0x1, 0x0, 0x0, 0x4008080}, 0xc080) (async) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000100)=ANY=[@ANYBLOB="0ed780ecaa43e8ff", @ANYBLOB="010227"], 0x14}, 0x1, 0x0, 0x0, 0x4008080}, 0xc080) read$auto(0x3, 0x0, 0x80) 1.657953264s ago: executing program 2 (id=694): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async) r0 = io_uring_setup$auto(0x6, 0x0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r1 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xd}}, 0x6a) (async) sendmmsg$auto(r1, &(0x7f0000001300)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0xfffd}, 0x5, 0x20000000) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = semctl$auto_IPC_RMID(0xffff, 0x493, 0x0, 0x6) prctl$auto(0xa8e2, 0x9, r3, 0x1, 0x3) newfstatat$auto(0xffffffffffffff9c, 0x0, 0x0, 0x1000) (async) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) (async) write$auto(0x3, 0x0, 0xfffffdef) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async) r4 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000080), r1) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async) capget$auto(0x0, 0xfffffffffffffffe) (async) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x7, 0x8}) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/kernel/unprivileged_bpf_disabled\x00', 0x101002, 0x0) write$auto(r5, 0x0, 0x73) (async) r6 = semctl$auto_GETNCNT(0xc, 0x1ac1, 0xe, 0x3) sendmsg$auto_NFC_CMD_GET_DEVICE(r0, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB="cc020000", @ANYRES16=r4, @ANYBLOB="000325bd7000fddbdf25010000002b001900eb3770a41fd04b6f1408bd06051b4117274f0abb84232c5244114cd003c56114f1f910aebd639e008202138014000500fc010000000000000000000000000001b20015800400d280163f3fc9eddb9446b3635e5c204c5da96a9fdf252b4c5c31fbc6b8393137fc22f6e3e82ed3fd85b5103803ec487eaa17cca43eb478bb8190cae434181219cc1e31a37aa1111dd97ff4876fe6bbb2e0fd91c6c3c13138e79ab1863137f94140ecde48d2fddcf200b8854c45c2ea7253aa5b2847243c09bcb33f27774674325333bf2b02360c75a494275e2db26245eea2567b7e754c1ebde8a0515171455fcb8d14c99b8f37e536bd0a0600001601ba80c5e8f83bd184bc5f7edab77b159d6a18c3f66704fc7307019156216b787d0988796d785e29b24d164d9d67f81b0cb9281c5e135980a29b28a0634f286286137aa7d5718771113ea37beffb3197afaec2075a260205e12016b250eb335e7991f96a116df79ce64922187022ddd1e9f93b86fe413461e471aeafe9cc086b18ce6ee23815834f053886e17cd6bd176dfb32186417b690583fc8fbc22c6012f1de65261275fdc30458d790563e4d09be3a78e0a301c76626ee80fd8f00700d4c586085c6f340ef60a7b3a0c40112b11d77fb9791f1825480cfdfffb8dff2c070927318a5b093313afd50120e0438f2c46adb10a8721e30e0a5087baa1e55bf40fafb4c9228115a3e04002d8004000d000400480000000800aa00", @ANYRES32=r6, @ANYBLOB="0c0047006e6c383032313100f498331b6181183985a302211fce976aab515fed59204ff72e5d2832f1892a746aaa9a98efa5baad0a0a6af8dca62ebfa42b181272580400bd80040637a1491f36549e48906f8405e0305cc8d2d5c4ebdbfeb9017c48efb8632405c37b6bfb71f17197d5dd142b7e3ba99f113302a02d00c4666e9f9ba5a06e2439dc66e1cc18d5ae08006e00", @ANYRES32=r2, @ANYBLOB="000008000300faffffff6a8dd545f183dddd99384d11b762632321a27c443d8a3985337b249b9ed759aa6029f2ab582b63a1102d9f001f1f292bd20e1d7fdde7f0116386e9ceebe86a4216fcb698f787a95015acba648b7ba610c26c5fd432d069e96657bd845d882a74387d750656b1348072c304237df7ac0e94de59ed42346be59b76f8b1c46dbec0f50123a81c7ac86754702c40e3d0131a441c501e8ce8007d4122d25181f5e930530b20624eec8c7880e92dee5f34676fcd777db5811786d16c10"], 0x2cc}, 0x1, 0x0, 0x0, 0x20008000}, 0x55) (async) semctl$auto(0x9, 0xc1b8, 0x4, 0x1) (async) mmap$auto(0x7ffffffd, 0x400004, 0x7, 0x9b72, 0xffffffffffffffff, 0x5) (async) sendmmsg$auto(r1, 0x0, 0x80000001, 0x4008) shutdown$auto(0x200000003, 0x2) (async) read$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) 1.131495284s ago: executing program 4 (id=695): statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x1fd, 0x7, 0x2, 0x7184, 0x1ffe1, 0x7, 0x7fffffffffffffff, 0x9, 0x9, 0x8, 0x4, 0x200000000001, 0x1, 0x1ff, 0x8, 0x6, 0x4000080, 0x8000, 0x100, 0x9, 0x22000, 0x200, 0x0, 0x84, [0x3, 0x6, 0x0, 0x2, 0x7, 0x2000, 0x0, 0x5a17a924, 0x2b6, 0xfffffffffffffffe, 0xfffffffffffffffd, 0xffffffffffffffff, 0x8, 0x4080, 0x7fffffff, 0xa, 0xfffffffffffbfff9, 0x2000000000000004, 0x10000000000001, 0x10000000000, 0xffffffffffffffff, 0x4, 0xfffffffffffffe00, 0x0, 0x8, 0x1005, 0x400000000005b8, 0xffff, 0x0, 0x100, 0x0, 0x1, 0x7, 0x88e, 0x40, 0xfffffffffffffffc, 0x8, 0xa3c, 0x0, 0x3, 0x3ff, 0x2, 0x8, 0x7, 0xc567]}, 0x1fe, 0x4000d) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x0, 0xffffffffffffffff, 0x801, 0x10008, 0x400, 0x1000049, 0xffffffffffffffff, 0x20000000000804, 0x3}, 0x6f3) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) r0 = socket(0x2c, 0x3, 0x0) bind$auto(r0, &(0x7f0000000080)=@qipcrtr={0x2a, 0x3, 0x4001}, 0x4) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 570.827056ms ago: executing program 2 (id=696): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/rose11/tx_queue_len\x00', 0x0, 0x0) r1 = openat$auto_memtype_fops_memtype(0xffffffffffffff9c, &(0x7f0000000000), 0xa8200, 0x0) r2 = mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mq_notify$auto(r2, &(0x7f0000000180)={@sival_int=0x3ff, @inferred=r1, 0x0, @_sigev_thread={0x0, 0x0}}) read$auto_kernfs_file_fops_kernfs_internal(r2, 0x0, 0x0) read$auto(r0, 0x0, 0x20) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/sound/ctl-led/speaker/mode\x00', 0x182, 0x0) read$auto(0xffffffffffffffff, 0x0, 0xf36) write$auto(0x3, 0x0, 0x2fdef) r4 = syz_genetlink_get_family_id$auto_hsr(&(0x7f00000011c0), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000001c0)={'ip6tnl0\x00'}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x44098) r6 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/dri/vkms/internal_clients\x00', 0x101402, 0x0) sendmsg$auto_HANDSHAKE_CMD_ACCEPT(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000003c0)={&(0x7f00000004c0)=ANY=[@ANYRESHEX=r4, @ANYRESDEC=r0, @ANYBLOB="f2100028bd7000fddbdf250200000008000200ffbf00000800020003000000080002007209000048000200090000000800020003000000080002000800000008000200000200000800020001000000080002000200000041ebc27c4beb8cb8d19e9e5771fdde01f9a423bb564a6ead190c022301554d334627b12c6021ef9932163e79a3d0c59c90f1d86343a2711659be857620f09d70f207bdc462505f97f0a5ac19f26171e384e1c135b24157d70b0ff0f66c566c8e2ffca5e6a282162e7091c263d3256232ba5d784a1bb7d58f182387cdba93580e9d9fc2020b3d416548909a37"], 0x5c}, 0x1, 0x0, 0x0, 0x20000005}, 0x0) setresuid$auto(0x0, 0x0, 0x0) open_by_handle_at$auto(r6, 0x0, 0xfffffffd) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYRES16=r4, @ANYBLOB="080d25bd7000fddbdf2503000000080003000300000008000200", @ANYRES32=r3, @ANYBLOB="0a000500aaaaaaaaf3deb3d71ce58ead4e75d9d242c95db429839dccdc207c1dd7d49acccd49f2cc92f8c1d9a3903f60378b04a50b54679e6636b60b9a7dca52be0b0000000000000000"], 0x30}, 0x1, 0x0, 0x0, 0x24000000}, 0x20000000) fanotify_mark$auto(0xffffffffffffffff, 0xfff, 0x2, 0xffffffffffffffff, &(0x7f0000000280)='./file0\x00') pselect6$auto(0x8000, 0x0, 0x0, 0x0, 0x0, 0x0) mbind$auto(0x0, 0x2, 0x2, 0x0, 0x10001, 0x0) futex$auto(&(0x7f0000000080)=0x2948, 0x0, 0x2948, 0x0, 0x0, 0x5) socket(0x10, 0x80000, 0x10006) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) 0s ago: executing program 0 (id=697): unshare$auto(0x40000080) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0xa, 0x1, 0x100) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x20b42, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f00000003c0)) syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x6, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000002) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r2 = getpgid(0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) bind$auto(r3, &(0x7f00000001c0)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x9}, 0x7) rt_tgsigqueueinfo$auto(0xffffffffffffffff, r2, 0x8, &(0x7f0000000100)={@siginfo_0_0={0x6, 0x2ba8, 0x5, @_sigchld={r2, 0x0, 0x401, 0x5, 0x3}}}) mmap$auto(0x0, 0x2000d, 0x4080000200df, 0xeb1, 0x404, 0x8000) r4 = socket(0x11, 0x3, 0x2) r5 = getsockopt$auto(r4, 0x107, 0xc, 0x0, 0x0) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000040), r0) read$auto_hwsim_fops_ps_(r5, &(0x7f0000000240)=""/7, 0x7) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)=&(0x7f0000000080)='\xac\x00', &(0x7f0000000000)=&(0x7f0000000200)=' ') sethostname$auto(&(0x7f00000000c0)='\xe3**$\x00', 0x9) kernel console output (not intermixed with test programs): ecutor exec"[5839] was attempted by ""[6101] [ 121.753625][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 121.906516][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout [ 121.985524][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 122.455926][ T6082] mmap: syz.2.36 (6082) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 122.690001][ T6104] netlink: 28 bytes leftover after parsing attributes in process `syz.1.39'. [ 122.869040][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout [ 123.396456][ T6104] bond0: (slave bond_slave_0): Releasing backup interface [ 123.834795][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 123.985720][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout [ 124.065600][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 124.217742][ T6109] Invalid ELF header magic: != ELF [ 124.959232][ T6114] FAULT_INJECTION: forcing a failure. [ 124.959232][ T6114] name failslab, interval 1, probability 0, space 0, times 1 [ 125.002079][ T6114] CPU: 1 UID: 0 PID: 6114 Comm: syz.3.42 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 125.002124][ T6114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 125.002143][ T6114] Call Trace: [ 125.002153][ T6114] [ 125.002166][ T6114] dump_stack_lvl+0x16c/0x1f0 [ 125.002217][ T6114] should_fail_ex+0x512/0x640 [ 125.002253][ T6114] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 125.002308][ T6114] should_failslab+0xc2/0x120 [ 125.002340][ T6114] __kmalloc_cache_node_noprof+0x6d/0x420 [ 125.002389][ T6114] ? lockdep_init_map_type+0x5c/0x280 [ 125.002420][ T6114] ? __alloc_workqueue+0x506/0x1810 [ 125.002479][ T6114] __alloc_workqueue+0x506/0x1810 [ 125.002546][ T6114] alloc_workqueue+0xd2/0x200 [ 125.002597][ T6114] ? __pfx_alloc_workqueue+0x10/0x10 [ 125.002655][ T6114] ? rcu_is_watching+0x12/0xc0 [ 125.002696][ T6114] ? trace_kmalloc+0x2b/0xd0 [ 125.002729][ T6114] ? do_raw_spin_lock+0x12c/0x2b0 [ 125.002764][ T6114] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 125.002808][ T6114] ieee80211_register_hw+0x1e18/0x4020 [ 125.002874][ T6114] ? _raw_spin_unlock_irqrestore+0x31/0x80 [ 125.002915][ T6114] ? __debug_object_init+0x211/0x3d0 [ 125.002965][ T6114] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 125.003026][ T6114] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 125.003064][ T6114] ? __hrtimer_init+0xc6/0x220 [ 125.003099][ T6114] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 125.003158][ T6114] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 125.003224][ T6114] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 125.003277][ T6114] hwsim_new_radio_nl+0xb51/0x12c0 [ 125.003320][ T6114] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 125.003372][ T6114] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 125.003426][ T6114] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 125.003489][ T6114] genl_family_rcv_msg_doit+0x206/0x2f0 [ 125.003545][ T6114] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 125.003596][ T6114] ? trace_cap_capable+0x18d/0x200 [ 125.003639][ T6114] ? bpf_lsm_capable+0x9/0x10 [ 125.003686][ T6114] ? security_capable+0x7e/0x260 [ 125.003741][ T6114] ? ns_capable+0xd7/0x110 [ 125.003807][ T6114] genl_rcv_msg+0x55c/0x800 [ 125.003869][ T6114] ? __pfx_genl_rcv_msg+0x10/0x10 [ 125.003917][ T6114] ? __pfx___dev_queue_xmit+0x10/0x10 [ 125.003951][ T6114] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 125.003993][ T6114] ? __lock_acquire+0xaa4/0x1ba0 [ 125.004032][ T6114] netlink_rcv_skb+0x16a/0x440 [ 125.004077][ T6114] ? __pfx_genl_rcv_msg+0x10/0x10 [ 125.004128][ T6114] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 125.004195][ T6114] ? __pfx_down_read+0x10/0x10 [ 125.004245][ T6114] ? netlink_deliver_tap+0x1ae/0xd30 [ 125.004294][ T6114] genl_rcv+0x28/0x40 [ 125.004338][ T6114] netlink_unicast+0x53a/0x7f0 [ 125.004388][ T6114] ? __pfx_netlink_unicast+0x10/0x10 [ 125.004429][ T6114] ? __lock_acquire+0xaa4/0x1ba0 [ 125.004477][ T6114] netlink_sendmsg+0x8d1/0xdd0 [ 125.004529][ T6114] ? __pfx_netlink_sendmsg+0x10/0x10 [ 125.004591][ T6114] ____sys_sendmsg+0xa95/0xc70 [ 125.004642][ T6114] ? copy_msghdr_from_user+0x10a/0x160 [ 125.004684][ T6114] ? __pfx_____sys_sendmsg+0x10/0x10 [ 125.004755][ T6114] ___sys_sendmsg+0x134/0x1d0 [ 125.004798][ T6114] ? __pfx____sys_sendmsg+0x10/0x10 [ 125.004901][ T6114] __sys_sendmsg+0x16d/0x220 [ 125.004944][ T6114] ? __pfx___sys_sendmsg+0x10/0x10 [ 125.004985][ T6114] ? __x64_sys_futex+0x1e0/0x4c0 [ 125.005045][ T6114] ? rcu_is_watching+0x12/0xc0 [ 125.005099][ T6114] do_syscall_64+0xcd/0x260 [ 125.005147][ T6114] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.005181][ T6114] RIP: 0033:0x7fdaf038d169 [ 125.005207][ T6114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 125.005238][ T6114] RSP: 002b:00007fdaf124e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 125.005268][ T6114] RAX: ffffffffffffffda RBX: 00007fdaf05a5fa0 RCX: 00007fdaf038d169 [ 125.005289][ T6114] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000006 [ 125.005313][ T6114] RBP: 00007fdaf040e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 125.005330][ T6114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 125.005348][ T6114] R13: 0000000000000000 R14: 00007fdaf05a5fa0 R15: 00007ffd3e300738 [ 125.005390][ T6114] [ 125.423736][ T6116] kafs: addr_prefs: Invalid Command [ 126.416621][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 126.521294][ T6138] netlink: 28 bytes leftover after parsing attributes in process `syz.0.46'. [ 126.931399][ T6145] FAULT_INJECTION: forcing a failure. [ 126.931399][ T6145] name failslab, interval 1, probability 0, space 0, times 0 [ 126.960168][ T6145] CPU: 0 UID: 0 PID: 6145 Comm: syz.1.48 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 126.960209][ T6145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 126.960224][ T6145] Call Trace: [ 126.960232][ T6145] [ 126.960242][ T6145] dump_stack_lvl+0x16c/0x1f0 [ 126.960282][ T6145] should_fail_ex+0x512/0x640 [ 126.960312][ T6145] ? fs_reclaim_acquire+0xae/0x150 [ 126.960351][ T6145] should_failslab+0xc2/0x120 [ 126.960380][ T6145] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 126.960423][ T6145] ? security_inode_alloc+0x3b/0x2b0 [ 126.960457][ T6145] security_inode_alloc+0x3b/0x2b0 [ 126.960489][ T6145] inode_init_always_gfp+0xce4/0x1030 [ 126.960534][ T6145] alloc_inode+0x86/0x240 [ 126.960564][ T6145] iget_locked+0x2e4/0x830 [ 126.960603][ T6145] ? __pfx_iget_locked+0x10/0x10 [ 126.960646][ T6145] ? find_held_lock+0x2b/0x80 [ 126.960690][ T6145] ? kernfs_root+0xee/0x2a0 [ 126.960750][ T6145] kernfs_get_inode+0x48/0x460 [ 126.960802][ T6145] kernfs_iop_lookup+0x1a7/0x2d0 [ 126.960834][ T6145] ? __pfx_kernfs_iop_lookup+0x10/0x10 [ 126.960864][ T6145] lookup_open.isra.0+0x4d7/0x1580 [ 126.960915][ T6145] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 126.960990][ T6145] ? mnt_get_write_access+0x20c/0x300 [ 126.961036][ T6145] path_openat+0x905/0x2d40 [ 126.961101][ T6145] ? __pfx_path_openat+0x10/0x10 [ 126.961161][ T6145] do_filp_open+0x20b/0x470 [ 126.961211][ T6145] ? __pfx_do_filp_open+0x10/0x10 [ 126.961290][ T6145] ? alloc_fd+0x471/0x7d0 [ 126.961349][ T6145] do_sys_openat2+0x11b/0x1d0 [ 126.961383][ T6145] ? __pfx_do_sys_openat2+0x10/0x10 [ 126.961435][ T6145] __x64_sys_openat+0x174/0x210 [ 126.961472][ T6145] ? __pfx___x64_sys_openat+0x10/0x10 [ 126.961510][ T6145] ? rcu_is_watching+0x12/0xc0 [ 126.961563][ T6145] do_syscall_64+0xcd/0x260 [ 126.961612][ T6145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.961645][ T6145] RIP: 0033:0x7fe50ab8d169 [ 126.961670][ T6145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 126.961700][ T6145] RSP: 002b:00007fe5089f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 126.961731][ T6145] RAX: ffffffffffffffda RBX: 00007fe50ada6080 RCX: 00007fe50ab8d169 [ 126.961753][ T6145] RDX: 0000000000124001 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 126.961774][ T6145] RBP: 00007fe50ac0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 126.961794][ T6145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 126.961813][ T6145] R13: 0000000000000000 R14: 00007fe50ada6080 R15: 00007ffd0199d328 [ 126.961856][ T6145] [ 127.658983][ T6145] FAULT_INJECTION: forcing a failure. [ 127.658983][ T6145] name failslab, interval 1, probability 0, space 0, times 0 [ 127.683441][ T6145] CPU: 1 UID: 0 PID: 6145 Comm: syz.1.48 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 127.683486][ T6145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 127.683506][ T6145] Call Trace: [ 127.683516][ T6145] [ 127.683543][ T6145] dump_stack_lvl+0x16c/0x1f0 [ 127.683594][ T6145] should_fail_ex+0x512/0x640 [ 127.683630][ T6145] ? __kmalloc_noprof+0xbf/0x510 [ 127.683685][ T6145] ? sk_prot_alloc+0x1a8/0x2a0 [ 127.683732][ T6145] should_failslab+0xc2/0x120 [ 127.683763][ T6145] __kmalloc_noprof+0xd2/0x510 [ 127.683831][ T6145] sk_prot_alloc+0x1a8/0x2a0 [ 127.683884][ T6145] sk_alloc+0x36/0xc20 [ 127.683923][ T6145] __netlink_create+0x5e/0x2c0 [ 127.683956][ T6145] ? __wake_up+0x3f/0x60 [ 127.684005][ T6145] netlink_create+0x39e/0x620 [ 127.684043][ T6145] ? __pfx_genl_bind+0x10/0x10 [ 127.684087][ T6145] ? __pfx_genl_unbind+0x10/0x10 [ 127.684131][ T6145] ? __pfx_genl_release+0x10/0x10 [ 127.684183][ T6145] __sock_create+0x335/0x8d0 [ 127.684243][ T6145] __sys_socket+0x14d/0x260 [ 127.684274][ T6145] ? __pfx___sys_socket+0x10/0x10 [ 127.684306][ T6145] ? rcu_is_watching+0x12/0xc0 [ 127.684354][ T6145] __x64_sys_socket+0x72/0xb0 [ 127.684382][ T6145] ? lockdep_hardirqs_on+0x7c/0x110 [ 127.684422][ T6145] do_syscall_64+0xcd/0x260 [ 127.684470][ T6145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.684503][ T6145] RIP: 0033:0x7fe50ab8d169 [ 127.684529][ T6145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 127.684560][ T6145] RSP: 002b:00007fe5089f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 127.684591][ T6145] RAX: ffffffffffffffda RBX: 00007fe50ada6080 RCX: 00007fe50ab8d169 [ 127.684613][ T6145] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 127.684633][ T6145] RBP: 00007fe50ac0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 127.684652][ T6145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 127.684672][ T6145] R13: 0000000000000000 R14: 00007fe50ada6080 R15: 00007ffd0199d328 [ 127.684714][ T6145] [ 128.425927][ T6149] FAULT_INJECTION: forcing a failure. [ 128.425927][ T6149] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 128.481796][ T6149] CPU: 1 UID: 0 PID: 6149 Comm: syz.2.49 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 128.481829][ T6149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 128.481843][ T6149] Call Trace: [ 128.481850][ T6149] [ 128.481858][ T6149] dump_stack_lvl+0x16c/0x1f0 [ 128.481893][ T6149] should_fail_ex+0x512/0x640 [ 128.481923][ T6149] _copy_to_user+0x32/0xd0 [ 128.481966][ T6149] poll_select_finish+0x33a/0x6b0 [ 128.482000][ T6149] ? __pfx_poll_select_finish+0x10/0x10 [ 128.482034][ T6149] ? read_tsc+0x9/0x20 [ 128.482065][ T6149] ? ktime_get_ts64+0x256/0x400 [ 128.482126][ T6149] kern_select+0x16e/0x1e0 [ 128.482166][ T6149] ? __pfx_kern_select+0x10/0x10 [ 128.482211][ T6149] ? xfd_validate_state+0x5d/0x180 [ 128.482250][ T6149] ? rcu_is_watching+0x12/0xc0 [ 128.482288][ T6149] __x64_sys_select+0xbd/0x160 [ 128.482319][ T6149] ? do_syscall_64+0x91/0x260 [ 128.482349][ T6149] ? lockdep_hardirqs_on+0x7c/0x110 [ 128.482378][ T6149] do_syscall_64+0xcd/0x260 [ 128.482411][ T6149] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.482433][ T6149] RIP: 0033:0x7faff6d8d169 [ 128.482451][ T6149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 128.482472][ T6149] RSP: 002b:00007faff7b04038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 128.482493][ T6149] RAX: ffffffffffffffda RBX: 00007faff6fa6080 RCX: 00007faff6d8d169 [ 128.482509][ T6149] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000009 [ 128.482523][ T6149] RBP: 00007faff6e0e2a0 R08: 0000200000000600 R09: 0000000000000000 [ 128.482536][ T6149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.482550][ T6149] R13: 0000000000000000 R14: 00007faff6fa6080 R15: 00007ffe6a59a2e8 [ 128.482578][ T6149] [ 129.686309][ T6169] openvswitch: netlink: Key type 261 is out of range max 32 [ 130.023752][ T6176] FAULT_INJECTION: forcing a failure. [ 130.023752][ T6176] name failslab, interval 1, probability 0, space 0, times 0 [ 130.120526][ T6176] CPU: 0 UID: 0 PID: 6176 Comm: syz.1.54 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 130.120580][ T6176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 130.120598][ T6176] Call Trace: [ 130.120609][ T6176] [ 130.120623][ T6176] dump_stack_lvl+0x16c/0x1f0 [ 130.120676][ T6176] should_fail_ex+0x512/0x640 [ 130.120712][ T6176] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 130.120766][ T6176] should_failslab+0xc2/0x120 [ 130.120797][ T6176] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 130.120845][ T6176] ? __d_alloc+0x31/0xaa0 [ 130.120877][ T6176] __d_alloc+0x31/0xaa0 [ 130.120910][ T6176] d_alloc_pseudo+0x1c/0xc0 [ 130.120949][ T6176] alloc_file_pseudo+0xcf/0x230 [ 130.120988][ T6176] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 130.121026][ T6176] ? alloc_fd+0x471/0x7d0 [ 130.121077][ T6176] sock_alloc_file+0x50/0x210 [ 130.121119][ T6176] __sys_socket+0x1c0/0x260 [ 130.121144][ T6176] ? __pfx___sys_socket+0x10/0x10 [ 130.121169][ T6176] ? rcu_is_watching+0x12/0xc0 [ 130.121208][ T6176] __x64_sys_socket+0x72/0xb0 [ 130.121230][ T6176] ? lockdep_hardirqs_on+0x7c/0x110 [ 130.121265][ T6176] do_syscall_64+0xcd/0x260 [ 130.121302][ T6176] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.121340][ T6176] RIP: 0033:0x7fe50ab8d169 [ 130.121362][ T6176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.121392][ T6176] RSP: 002b:00007fe50b911038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 130.121420][ T6176] RAX: ffffffffffffffda RBX: 00007fe50ada5fa0 RCX: 00007fe50ab8d169 [ 130.121441][ T6176] RDX: 0000000000000001 RSI: 000000000000000a RDI: 0000000000000018 [ 130.121460][ T6176] RBP: 00007fe50ac0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 130.121478][ T6176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 130.121496][ T6176] R13: 0000000000000000 R14: 00007fe50ada5fa0 R15: 00007ffd0199d328 [ 130.121538][ T6176] [ 133.048552][ T6200] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 133.054765][ T6200] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 133.164215][ T6200] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 133.185713][ T6200] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 133.491948][ T6209] netlink: 28 bytes leftover after parsing attributes in process `syz.2.60'. [ 134.783453][ T6217] __vm_enough_memory: pid: 6217, comm: syz.1.61, bytes: 4503599627366400 not enough memory for the allocation [ 135.115868][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 135.115876][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 135.185661][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 135.265420][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 135.759343][ T6226] ptrace attach of "./syz-executor exec"[5837] was attempted by ""[6226] [ 138.026871][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.033542][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 144.021761][ T6305] snd_aloop snd_aloop.0: control 16781581:65535:6:é'x?F¢é/èìzFË·fCªáª:8 is already present [ 144.088719][ T6307] netlink: 4 bytes leftover after parsing attributes in process `syz.0.78'. [ 144.846656][ T6313] rtc_cmos 00:00: Alarms can be up to one day in the future [ 144.897046][ T6313] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 144.919852][ T5878] rtc_cmos 00:00: Alarms can be up to one day in the future [ 144.928413][ T5878] rtc_cmos 00:00: Alarms can be up to one day in the future [ 144.936145][ T5878] rtc_cmos 00:00: Alarms can be up to one day in the future [ 144.943936][ T5878] rtc_cmos 00:00: Alarms can be up to one day in the future [ 144.952533][ T5878] rtc rtc0: __rtc_set_alarm: err=-22 [ 145.301399][ T6319] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 145.330766][ T6319] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 145.337948][ T6319] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 145.344291][ T6319] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 147.212501][ T6339] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 147.232296][ T6339] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 147.247073][ T6339] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 147.263788][ T6339] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 147.314749][ T6344] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 147.651258][ T6364] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 148.208496][ T6367] Invalid ELF header magic: != ELF [ 148.625753][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 148.746151][ T6370] Invalid ELF header magic: != ELF [ 148.971018][ T6380] netlink: 4 bytes leftover after parsing attributes in process `syz.2.92'. [ 149.265596][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 149.271794][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 149.272068][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 149.325604][ T6376] could not allocate digest TFM handle [ 151.577574][ T6405] ptrace attach of "./syz-executor exec"[5838] was attempted by ""[6405] [ 151.872097][ T6420] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(3) [ 153.975480][ T6435] Invalid ELF header magic: != ELF [ 154.338276][ T6445] netlink: 4 bytes leftover after parsing attributes in process `syz.2.104'. [ 154.430430][ T6445] netlink: 25 bytes leftover after parsing attributes in process `syz.2.104'. [ 155.569176][ T6470] netlink: 342 bytes leftover after parsing attributes in process `syz.1.108'. [ 156.284292][ T6477] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.459423][ T6482] sctp: [Deprecated]: syz.2.110 (pid 6482) Use of int in maxseg socket option. [ 156.459423][ T6482] Use struct sctp_assoc_value instead [ 157.347689][ T6501] netlink: 12 bytes leftover after parsing attributes in process `syz.0.115'. [ 159.676686][ T6530] syz.2.119(6530): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 160.009637][ T6531] FAULT_INJECTION: forcing a failure. [ 160.009637][ T6531] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 160.065698][ T5852] Bluetooth: hci3: unexpected event 0x04 length: 442 > 10 [ 160.065747][ T5852] Bluetooth: unknown link type 178 [ 160.082024][ T5852] Bluetooth: hci3: connection err: -111 [ 160.195418][ T6531] CPU: 0 UID: 0 PID: 6531 Comm: syz.0.121 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 160.195460][ T6531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 160.195477][ T6531] Call Trace: [ 160.195487][ T6531] [ 160.195499][ T6531] dump_stack_lvl+0x16c/0x1f0 [ 160.195534][ T6531] should_fail_ex+0x512/0x640 [ 160.195563][ T6531] _copy_to_user+0x32/0xd0 [ 160.195593][ T6531] simple_read_from_buffer+0xcb/0x170 [ 160.195627][ T6531] proc_fail_nth_read+0x197/0x270 [ 160.195666][ T6531] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 160.195700][ T6531] ? rw_verify_area+0xcf/0x680 [ 160.195726][ T6531] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 160.195758][ T6531] vfs_read+0x1de/0xc70 [ 160.195792][ T6531] ? __pfx___mutex_lock+0x10/0x10 [ 160.195822][ T6531] ? __pfx_vfs_read+0x10/0x10 [ 160.195861][ T6531] ? __fget_files+0x20e/0x3c0 [ 160.195891][ T6531] ? rcu_watching_snap_stopped_since+0x60/0x110 [ 160.195931][ T6531] ksys_read+0x12a/0x240 [ 160.195961][ T6531] ? __pfx_ksys_read+0x10/0x10 [ 160.195991][ T6531] ? rcu_is_watching+0x12/0xc0 [ 160.196026][ T6531] do_syscall_64+0xcd/0x260 [ 160.196058][ T6531] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.196081][ T6531] RIP: 0033:0x7f72ac98bb7c [ 160.196099][ T6531] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 160.196120][ T6531] RSP: 002b:00007f72ad820030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 160.196140][ T6531] RAX: ffffffffffffffda RBX: 00007f72acba6080 RCX: 00007f72ac98bb7c [ 160.196155][ T6531] RDX: 000000000000000f RSI: 00007f72ad8200a0 RDI: 0000000000000005 [ 160.196168][ T6531] RBP: 00007f72ad820090 R08: 0000000000000000 R09: 0000000000000000 [ 160.196181][ T6531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 160.196194][ T6531] R13: 0000000000000000 R14: 00007f72acba6080 R15: 00007ffcc6770b18 [ 160.196222][ T6531] [ 160.423302][ T6509] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 160.430273][ T6509] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 160.445816][ T6509] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 160.452177][ T6509] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 160.884303][ T6537] FAULT_INJECTION: forcing a failure. [ 160.884303][ T6537] name failslab, interval 1, probability 0, space 0, times 0 [ 160.927139][ T6537] CPU: 1 UID: 0 PID: 6537 Comm: syz.0.122 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 160.927187][ T6537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 160.927207][ T6537] Call Trace: [ 160.927217][ T6537] [ 160.927230][ T6537] dump_stack_lvl+0x16c/0x1f0 [ 160.927278][ T6537] should_fail_ex+0x512/0x640 [ 160.927315][ T6537] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 160.927370][ T6537] should_failslab+0xc2/0x120 [ 160.927410][ T6537] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 160.927460][ T6537] ? __proc_create+0xc3/0x8c0 [ 160.927495][ T6537] ? __proc_create+0x2ce/0x8c0 [ 160.927537][ T6537] __proc_create+0x2ce/0x8c0 [ 160.927574][ T6537] ? __pfx___proc_create+0x10/0x10 [ 160.927627][ T6537] proc_create_reg+0x7d/0x180 [ 160.927670][ T6537] proc_create_net_data+0x8e/0x1b0 [ 160.927709][ T6537] ? __pfx_proc_create_net_data+0x10/0x10 [ 160.927758][ T6537] ? __pfx_ipmr_net_init+0x10/0x10 [ 160.927799][ T6537] ipmr_net_init+0x27d/0x4e0 [ 160.927840][ T6537] ? __pfx_ipmr_net_init+0x10/0x10 [ 160.927885][ T6537] ops_init+0x1df/0x5f0 [ 160.927935][ T6537] setup_net+0x21e/0x850 [ 160.927983][ T6537] ? __pfx_setup_net+0x10/0x10 [ 160.928025][ T6537] ? lockdep_init_map_type+0x5c/0x280 [ 160.928058][ T6537] ? __pfx_down_read_killable+0x10/0x10 [ 160.928112][ T6537] ? debug_mutex_init+0x37/0x70 [ 160.928160][ T6537] copy_net_ns+0x2a6/0x5f0 [ 160.928213][ T6537] create_new_namespaces+0x3ea/0xad0 [ 160.928271][ T6537] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 160.928323][ T6537] ksys_unshare+0x45b/0xa40 [ 160.928375][ T6537] ? __pfx_ksys_unshare+0x10/0x10 [ 160.928431][ T6537] ? xfd_validate_state+0x5d/0x180 [ 160.928471][ T6537] ? rcu_is_watching+0x12/0xc0 [ 160.928523][ T6537] __x64_sys_unshare+0x31/0x40 [ 160.928572][ T6537] do_syscall_64+0xcd/0x260 [ 160.928622][ T6537] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.928655][ T6537] RIP: 0033:0x7f72ac98d169 [ 160.928682][ T6537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.928713][ T6537] RSP: 002b:00007f72ad841038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 160.928744][ T6537] RAX: ffffffffffffffda RBX: 00007f72acba5fa0 RCX: 00007f72ac98d169 [ 160.928765][ T6537] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 160.928784][ T6537] RBP: 00007f72aca0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 160.928803][ T6537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 160.928822][ T6537] R13: 0000000000000000 R14: 00007f72acba5fa0 R15: 00007ffcc6770b18 [ 160.928865][ T6537] [ 161.345603][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout [ 162.478522][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 162.484731][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout [ 162.490341][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 162.803443][ T6557] netlink: 334 bytes leftover after parsing attributes in process `syz.0.127'. [ 162.854873][ T6558] netlink: 334 bytes leftover after parsing attributes in process `syz.0.127'. [ 163.856290][ T6564] ptrace attach of "./syz-executor exec"[5839] was attempted by ""[6564] [ 166.416892][ T6580] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 166.460447][ T6580] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 166.545671][ T6580] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 166.576939][ T6580] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 166.615073][ T6589] ptrace attach of "./syz-executor exec"[5838] was attempted by ""[6589] [ 166.929285][ T6594] netlink: 4 bytes leftover after parsing attributes in process `syz.2.135'. [ 167.466054][ T6595] netlink: 28 bytes leftover after parsing attributes in process `syz.3.137'. [ 168.468899][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 168.475007][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 168.625892][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 168.631988][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 169.057460][ T6619] FAULT_INJECTION: forcing a failure. [ 169.057460][ T6619] name failslab, interval 1, probability 0, space 0, times 0 [ 169.101081][ T6619] CPU: 1 UID: 0 PID: 6619 Comm: syz.0.140 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 169.101151][ T6619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 169.101179][ T6619] Call Trace: [ 169.101190][ T6619] [ 169.101201][ T6619] dump_stack_lvl+0x16c/0x1f0 [ 169.101251][ T6619] should_fail_ex+0x512/0x640 [ 169.101288][ T6619] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 169.101338][ T6619] should_failslab+0xc2/0x120 [ 169.101370][ T6619] __kmalloc_cache_noprof+0x6a/0x3e0 [ 169.101417][ T6619] ? snd_pcm_oss_change_params_locked+0x247/0x3b40 [ 169.101479][ T6619] snd_pcm_oss_change_params_locked+0x247/0x3b40 [ 169.101535][ T6619] ? preempt_count_sub+0xf5/0x160 [ 169.101586][ T6619] ? trace_contention_end+0xdd/0x130 [ 169.101629][ T6619] ? __mutex_lock+0x1ca/0xb90 [ 169.101677][ T6619] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 169.101735][ T6619] ? __pfx___mutex_lock+0x10/0x10 [ 169.101797][ T6619] ? find_held_lock+0x2b/0x80 [ 169.101844][ T6619] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 169.101907][ T6619] snd_pcm_oss_ioctl+0x31aa/0x37a0 [ 169.101939][ T6619] ? find_held_lock+0x2b/0x80 [ 169.101979][ T6619] ? hook_file_ioctl_common+0x145/0x410 [ 169.102016][ T6619] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 169.102052][ T6619] ? __fget_files+0x20e/0x3c0 [ 169.102107][ T6619] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 169.102141][ T6619] __x64_sys_ioctl+0x190/0x200 [ 169.102185][ T6619] do_syscall_64+0xcd/0x260 [ 169.102232][ T6619] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.102265][ T6619] RIP: 0033:0x7f72ac98d169 [ 169.102291][ T6619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 169.102323][ T6619] RSP: 002b:00007f72ad841038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 169.102353][ T6619] RAX: ffffffffffffffda RBX: 00007f72acba5fa0 RCX: 00007f72ac98d169 [ 169.102374][ T6619] RDX: 0000000000000000 RSI: 00000000c0045005 RDI: 0000000000000004 [ 169.102393][ T6619] RBP: 00007f72aca0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 169.102413][ T6619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 169.102431][ T6619] R13: 0000000000000000 R14: 00007f72acba5fa0 R15: 00007ffcc6770b18 [ 169.102474][ T6619] [ 171.170573][ T6636] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 171.172643][ T6636] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 171.172857][ T6636] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 171.173065][ T6636] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 172.201055][ T6651] netlink: 544 bytes leftover after parsing attributes in process `syz.3.146'. [ 173.186965][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 173.193059][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout [ 173.199286][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 173.205373][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 176.487374][ T6677] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 176.493588][ T6677] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 176.521265][ T6677] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 176.565006][ T6677] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 178.080878][ T6704] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 178.107333][ C0] vkms_vblank_simulate: vblank timer overrun [ 178.185645][ T6704] CIFS mount error: No usable UNC path provided in device string! [ 178.185645][ T6704] [ 178.229960][ T6697] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 178.301411][ T6704] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 178.546470][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 178.552576][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 178.560977][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout [ 178.599690][ T6715] syz.2.158 uses obsolete (PF_INET,SOCK_PACKET) [ 178.626828][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 181.214213][ T6738] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 181.245681][ T6738] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 181.251877][ T6738] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 181.320593][ T6738] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 182.869293][ T6766] can: request_module (can-proto-0) failed. [ 183.266018][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 183.266266][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 183.272186][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 183.345573][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 185.083698][ T6806] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 185.276478][ T6793] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 185.317618][ T6793] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 185.342353][ T6793] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 185.362435][ T6793] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 186.482905][ T55] Bluetooth: hci2: unexpected event 0x02 length: 726 > 260 [ 186.625520][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 187.043054][ T6838] FAULT_INJECTION: forcing a failure. [ 187.043054][ T6838] name failslab, interval 1, probability 0, space 0, times 0 [ 187.164566][ T6839] cifs: Unknown parameter 'no+ 1§• Ö`ÑørêsFn)ÈøaõH†šÄ¿¡h`àØÝë9k¤A}€žŠ1\D@‹Ç.ÁäZÔCg^‚' [ 187.195842][ T6838] CPU: 0 UID: 0 PID: 6838 Comm: syz.1.189 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 187.195898][ T6838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 187.195918][ T6838] Call Trace: [ 187.195928][ T6838] [ 187.195944][ T6838] dump_stack_lvl+0x16c/0x1f0 [ 187.195996][ T6838] should_fail_ex+0x512/0x640 [ 187.196032][ T6838] ? __kmalloc_noprof+0xbf/0x510 [ 187.196085][ T6838] ? sk_prot_alloc+0x1a8/0x2a0 [ 187.196130][ T6838] should_failslab+0xc2/0x120 [ 187.196161][ T6838] __kmalloc_noprof+0xd2/0x510 [ 187.196218][ T6838] sk_prot_alloc+0x1a8/0x2a0 [ 187.196269][ T6838] sk_alloc+0x36/0xc20 [ 187.196308][ T6838] __netlink_create+0x5e/0x2c0 [ 187.196342][ T6838] ? __wake_up+0x3f/0x60 [ 187.196392][ T6838] netlink_create+0x39e/0x620 [ 187.196428][ T6838] ? __pfx_genl_bind+0x10/0x10 [ 187.196474][ T6838] ? __pfx_genl_unbind+0x10/0x10 [ 187.196518][ T6838] ? __pfx_genl_release+0x10/0x10 [ 187.196571][ T6838] __sock_create+0x335/0x8d0 [ 187.196630][ T6838] __sys_socket+0x14d/0x260 [ 187.196661][ T6838] ? __pfx___sys_socket+0x10/0x10 [ 187.196693][ T6838] ? rcu_is_watching+0x12/0xc0 [ 187.196741][ T6838] __x64_sys_socket+0x72/0xb0 [ 187.196769][ T6838] ? lockdep_hardirqs_on+0x7c/0x110 [ 187.196808][ T6838] do_syscall_64+0xcd/0x260 [ 187.196863][ T6838] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 187.196896][ T6838] RIP: 0033:0x7fe50ab8d169 [ 187.196921][ T6838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 187.196952][ T6838] RSP: 002b:00007fe5089f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 187.196982][ T6838] RAX: ffffffffffffffda RBX: 00007fe50ada6080 RCX: 00007fe50ab8d169 [ 187.197004][ T6838] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 187.197024][ T6838] RBP: 00007fe50ac0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 187.197043][ T6838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 187.197061][ T6838] R13: 0000000000000000 R14: 00007fe50ada6080 R15: 00007ffd0199d328 [ 187.197102][ T6838] [ 187.565073][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 187.571265][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 187.576449][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 189.522432][ T6874] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(9.0.1), cmd(5) [ 189.536404][ T6875] input: f¬ as /devices/virtual/input/input5 [ 191.722576][ T6909] FAULT_INJECTION: forcing a failure. [ 191.722576][ T6909] name failslab, interval 1, probability 0, space 0, times 0 [ 191.777716][ T6909] CPU: 1 UID: 0 PID: 6909 Comm: syz.1.204 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 191.777768][ T6909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 191.777788][ T6909] Call Trace: [ 191.777797][ T6909] [ 191.777810][ T6909] dump_stack_lvl+0x16c/0x1f0 [ 191.777860][ T6909] should_fail_ex+0x512/0x640 [ 191.777902][ T6909] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 191.777962][ T6909] should_failslab+0xc2/0x120 [ 191.777994][ T6909] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 191.778047][ T6909] ? __pmd_alloc+0xc3/0x870 [ 191.778097][ T6909] __pmd_alloc+0xc3/0x870 [ 191.778141][ T6909] copy_page_range+0x411a/0x5ec0 [ 191.778232][ T6909] ? __pfx_copy_page_range+0x10/0x10 [ 191.778280][ T6909] ? mas_store+0x93a/0x10c0 [ 191.778336][ T6909] ? __pfx___might_resched+0x10/0x10 [ 191.778396][ T6909] ? __pfx_mas_store+0x10/0x10 [ 191.778445][ T6909] ? __vma_enter_locked+0x163/0x3f0 [ 191.778472][ T6909] ? down_write+0x14d/0x200 [ 191.778549][ T6909] copy_process+0x862b/0x91a0 [ 191.778634][ T6909] ? __pfx_copy_process+0x10/0x10 [ 191.778683][ T6909] ? __pfx___futex_wait+0x10/0x10 [ 191.778754][ T6909] kernel_clone+0xfc/0x960 [ 191.778807][ T6909] ? __pfx_kernel_clone+0x10/0x10 [ 191.778893][ T6909] __do_sys_clone+0xce/0x120 [ 191.778945][ T6909] ? __pfx___do_sys_clone+0x10/0x10 [ 191.779021][ T6909] ? rcu_is_watching+0x12/0xc0 [ 191.779085][ T6909] do_syscall_64+0xcd/0x260 [ 191.779141][ T6909] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.779174][ T6909] RIP: 0033:0x7fe50ab8d169 [ 191.779202][ T6909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 191.779232][ T6909] RSP: 002b:00007fe50b910fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 191.779262][ T6909] RAX: ffffffffffffffda RBX: 00007fe50ada5fa0 RCX: 00007fe50ab8d169 [ 191.779286][ T6909] RDX: 0000000000000000 RSI: 0000000000000020 RDI: 0000000000800011 [ 191.779305][ T6909] RBP: 00007fe50ac0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 191.779335][ T6909] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 191.779353][ T6909] R13: 0000000000000000 R14: 00007fe50ada5fa0 R15: 00007ffd0199d328 [ 191.779398][ T6909] [ 192.006286][ C1] vkms_vblank_simulate: vblank timer overrun [ 192.319980][ T6916] netlink: zone id is out of range [ 192.331073][ T6916] netlink: zone id is out of range [ 192.336842][ T6916] netlink: zone id is out of range [ 193.839558][ T6946] can: request_module (can-proto-0) failed. [ 194.227785][ T6959] FAULT_INJECTION: forcing a failure. [ 194.227785][ T6959] name failslab, interval 1, probability 0, space 0, times 0 [ 194.288500][ T6959] CPU: 1 UID: 0 PID: 6959 Comm: syz.0.212 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 194.288545][ T6959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 194.288565][ T6959] Call Trace: [ 194.288575][ T6959] [ 194.288588][ T6959] dump_stack_lvl+0x16c/0x1f0 [ 194.288637][ T6959] should_fail_ex+0x512/0x640 [ 194.288675][ T6959] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 194.288726][ T6959] should_failslab+0xc2/0x120 [ 194.288757][ T6959] __kmalloc_cache_noprof+0x6a/0x3e0 [ 194.288805][ T6959] ? alloc_tty_struct+0x96/0x8c0 [ 194.288843][ T6959] alloc_tty_struct+0x96/0x8c0 [ 194.288878][ T6959] ? __pfx_alloc_tty_struct+0x10/0x10 [ 194.288924][ T6959] pty_common_install+0x1c7/0xb30 [ 194.288973][ T6959] ? __pfx_pty_install+0x10/0x10 [ 194.289019][ T6959] tty_init_dev.part.0+0x99/0x500 [ 194.289055][ T6959] tty_open+0xa50/0xf90 [ 194.289095][ T6959] ? __pfx_tty_open+0x10/0x10 [ 194.289126][ T6959] ? chrdev_open+0x58c/0x6a0 [ 194.289192][ T6959] ? __pfx_tty_open+0x10/0x10 [ 194.289222][ T6959] chrdev_open+0x231/0x6a0 [ 194.289275][ T6959] ? __pfx_chrdev_open+0x10/0x10 [ 194.289330][ T6959] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 194.289386][ T6959] do_dentry_open+0x741/0x1c10 [ 194.289434][ T6959] ? __pfx_chrdev_open+0x10/0x10 [ 194.289495][ T6959] vfs_open+0x82/0x3f0 [ 194.289540][ T6959] path_openat+0x1e5e/0x2d40 [ 194.289605][ T6959] ? __pfx_path_openat+0x10/0x10 [ 194.289667][ T6959] do_filp_open+0x20b/0x470 [ 194.289717][ T6959] ? __pfx_do_filp_open+0x10/0x10 [ 194.289799][ T6959] ? alloc_fd+0x471/0x7d0 [ 194.289860][ T6959] do_sys_openat2+0x11b/0x1d0 [ 194.289896][ T6959] ? __pfx_do_sys_openat2+0x10/0x10 [ 194.289949][ T6959] __x64_sys_openat+0x174/0x210 [ 194.289986][ T6959] ? __pfx___x64_sys_openat+0x10/0x10 [ 194.290026][ T6959] ? rcu_is_watching+0x12/0xc0 [ 194.290080][ T6959] do_syscall_64+0xcd/0x260 [ 194.290129][ T6959] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.290179][ T6959] RIP: 0033:0x7f72ac98d169 [ 194.290206][ T6959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 194.290237][ T6959] RSP: 002b:00007f72ad820038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 194.290268][ T6959] RAX: ffffffffffffffda RBX: 00007f72acba6080 RCX: 00007f72ac98d169 [ 194.290290][ T6959] RDX: 0000000000000200 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 194.290311][ T6959] RBP: 00007f72aca0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 194.290331][ T6959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 194.290350][ T6959] R13: 0000000000000000 R14: 00007f72acba6080 R15: 00007ffcc6770b18 [ 194.290393][ T6959] [ 194.560941][ C1] vkms_vblank_simulate: vblank timer overrun [ 195.570736][ T6980] FAULT_INJECTION: forcing a failure. [ 195.570736][ T6980] name failslab, interval 1, probability 0, space 0, times 0 [ 195.629955][ T6980] CPU: 1 UID: 0 PID: 6980 Comm: syz.3.218 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 195.630001][ T6980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 195.630020][ T6980] Call Trace: [ 195.630031][ T6980] [ 195.630043][ T6980] dump_stack_lvl+0x16c/0x1f0 [ 195.630092][ T6980] should_fail_ex+0x512/0x640 [ 195.630128][ T6980] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 195.630189][ T6980] should_failslab+0xc2/0x120 [ 195.630221][ T6980] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 195.630274][ T6980] ? __pfx__proc_mkdir+0x10/0x10 [ 195.630310][ T6980] ? nf_lwtunnel_net_init+0x38/0xf0 [ 195.630354][ T6980] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 195.630396][ T6980] kmemdup_noprof+0x29/0x60 [ 195.630429][ T6980] nf_lwtunnel_net_init+0x38/0xf0 [ 195.630474][ T6980] ops_init+0x1df/0x5f0 [ 195.630522][ T6980] setup_net+0x21e/0x850 [ 195.630569][ T6980] ? __pfx_setup_net+0x10/0x10 [ 195.630620][ T6980] ? lockdep_init_map_type+0x5c/0x280 [ 195.630651][ T6980] ? __pfx_down_read_killable+0x10/0x10 [ 195.630704][ T6980] ? debug_mutex_init+0x37/0x70 [ 195.630747][ T6980] copy_net_ns+0x2a6/0x5f0 [ 195.630797][ T6980] create_new_namespaces+0x3ea/0xad0 [ 195.630850][ T6980] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 195.630901][ T6980] ksys_unshare+0x45b/0xa40 [ 195.630959][ T6980] ? __pfx_ksys_unshare+0x10/0x10 [ 195.631006][ T6980] ? xfd_validate_state+0x5d/0x180 [ 195.631042][ T6980] ? rcu_is_watching+0x12/0xc0 [ 195.631092][ T6980] __x64_sys_unshare+0x31/0x40 [ 195.631139][ T6980] do_syscall_64+0xcd/0x260 [ 195.631185][ T6980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 195.631217][ T6980] RIP: 0033:0x7fdaf038d169 [ 195.631241][ T6980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 195.631269][ T6980] RSP: 002b:00007fdaf122d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 195.631297][ T6980] RAX: ffffffffffffffda RBX: 00007fdaf05a6080 RCX: 00007fdaf038d169 [ 195.631317][ T6980] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 195.631334][ T6980] RBP: 00007fdaf040e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 195.631351][ T6980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 195.631368][ T6980] R13: 0000000000000000 R14: 00007fdaf05a6080 R15: 00007ffd3e300738 [ 195.631408][ T6980] [ 197.538974][ T6995] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 197.545237][ T6995] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 197.553061][ T6995] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 197.559388][ T6995] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 197.612776][ T7001] netlink: 342 bytes leftover after parsing attributes in process `syz.0.222'. [ 197.955498][ T7002] netlink: 222 bytes leftover after parsing attributes in process `syz.0.222'. [ 197.983550][ T7001] netlink: 274 bytes leftover after parsing attributes in process `syz.0.222'. [ 198.142227][ T7005] netlink: 28 bytes leftover after parsing attributes in process `syz.0.223'. [ 198.380148][ T7016] netlink: 28 bytes leftover after parsing attributes in process `syz.3.224'. [ 198.475791][ T7019] netlink: 28 bytes leftover after parsing attributes in process `syz.3.224'. [ 198.544453][ T7005] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode [ 199.431976][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.438643][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.588106][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 199.594684][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 199.595759][ T5152] Bluetooth: hci0: command 0x0c1a tx timeout [ 199.606985][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 201.960902][ T7054] Invalid ELF header magic: != ELF [ 202.642097][ T7072] netlink: 8 bytes leftover after parsing attributes in process `syz.3.236'. [ 203.566612][ T7054] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 203.566612][ T7054] The task syz.0.232 (7054) triggered the difference, watch for misbehavior. [ 203.671125][ T7054] snd_aloop snd_aloop.0: control 16781581:65535:6:é'x?F¢é/èìzFË·fCªáª:8 is already present [ 205.570269][ T7140] netlink: 334 bytes leftover after parsing attributes in process `syz.2.244'. [ 206.396964][ T7130] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 206.424268][ T7130] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 206.474786][ T7130] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 206.522805][ T7130] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 207.396219][ T7162] Invalid ELF header magic: != ELF [ 207.893265][ T30] audit: type=1806 audit(4294967332.864:2): xattr="0x00060000" res=-22 [ 207.905586][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 208.089055][ T7179] netlink: 8 bytes leftover after parsing attributes in process `syz.0.252'. [ 208.219275][ T7181] netlink: 8 bytes leftover after parsing attributes in process `syz.2.253'. [ 208.466031][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 208.545578][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 208.551756][ T5152] Bluetooth: hci2: command 0x0c1a tx timeout [ 208.729681][ T7187] FAULT_INJECTION: forcing a failure. [ 208.729681][ T7187] name failslab, interval 1, probability 0, space 0, times 0 [ 208.771118][ T7187] CPU: 0 UID: 0 PID: 7187 Comm: syz.0.255 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 208.771166][ T7187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 208.771186][ T7187] Call Trace: [ 208.771196][ T7187] [ 208.771208][ T7187] dump_stack_lvl+0x16c/0x1f0 [ 208.771258][ T7187] should_fail_ex+0x512/0x640 [ 208.771294][ T7187] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 208.771350][ T7187] should_failslab+0xc2/0x120 [ 208.771381][ T7187] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 208.771427][ T7187] ? __proc_create+0xc3/0x8c0 [ 208.771460][ T7187] ? __proc_create+0x2ce/0x8c0 [ 208.771498][ T7187] __proc_create+0x2ce/0x8c0 [ 208.771534][ T7187] ? __pfx___proc_create+0x10/0x10 [ 208.771576][ T7187] ? _raw_write_unlock+0x28/0x50 [ 208.771614][ T7187] ? proc_register+0x314/0x5f0 [ 208.771653][ T7187] proc_create_reg+0x7d/0x180 [ 208.771694][ T7187] proc_create_net_data+0x8e/0x1b0 [ 208.771733][ T7187] ? __pfx_proc_create_net_data+0x10/0x10 [ 208.771776][ T7187] ? __pfx_inet_init_net+0x10/0x10 [ 208.771824][ T7187] ? __pfx_ping_v4_proc_init_net+0x10/0x10 [ 208.771870][ T7187] ping_v4_proc_init_net+0x53/0x70 [ 208.771920][ T7187] ops_init+0x1df/0x5f0 [ 208.771967][ T7187] setup_net+0x21e/0x850 [ 208.772015][ T7187] ? __pfx_setup_net+0x10/0x10 [ 208.772055][ T7187] ? lockdep_init_map_type+0x5c/0x280 [ 208.772088][ T7187] ? __pfx_down_read_killable+0x10/0x10 [ 208.772140][ T7187] ? debug_mutex_init+0x37/0x70 [ 208.772185][ T7187] copy_net_ns+0x2a6/0x5f0 [ 208.772235][ T7187] create_new_namespaces+0x3ea/0xad0 [ 208.772290][ T7187] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 208.772339][ T7187] ksys_unshare+0x45b/0xa40 [ 208.772391][ T7187] ? __pfx_ksys_unshare+0x10/0x10 [ 208.772439][ T7187] ? xfd_validate_state+0x5d/0x180 [ 208.772475][ T7187] ? rcu_is_watching+0x12/0xc0 [ 208.772525][ T7187] __x64_sys_unshare+0x31/0x40 [ 208.772577][ T7187] do_syscall_64+0xcd/0x260 [ 208.772622][ T7187] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.772655][ T7187] RIP: 0033:0x7f72ac98d169 [ 208.772682][ T7187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 208.772713][ T7187] RSP: 002b:00007f72ad841038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 208.772745][ T7187] RAX: ffffffffffffffda RBX: 00007f72acba5fa0 RCX: 00007f72ac98d169 [ 208.772766][ T7187] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 208.772785][ T7187] RBP: 00007f72aca0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 208.772804][ T7187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 208.772823][ T7187] R13: 0000000000000000 R14: 00007f72acba5fa0 R15: 00007ffcc6770b18 [ 208.772864][ T7187] [ 209.430797][ T7200] FAULT_INJECTION: forcing a failure. [ 209.430797][ T7200] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 209.516335][ T7200] CPU: 0 UID: 0 PID: 7200 Comm: syz.2.257 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 209.516378][ T7200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 209.516396][ T7200] Call Trace: [ 209.516405][ T7200] [ 209.516416][ T7200] dump_stack_lvl+0x16c/0x1f0 [ 209.516464][ T7200] should_fail_ex+0x512/0x640 [ 209.516506][ T7200] should_fail_alloc_page+0xe7/0x130 [ 209.516539][ T7200] prepare_alloc_pages+0x3c2/0x610 [ 209.516578][ T7200] ? rcu_is_watching+0x12/0xc0 [ 209.516626][ T7200] __alloc_frozen_pages_noprof+0x18d/0x2370 [ 209.516680][ T7200] ? kasan_save_stack+0x42/0x60 [ 209.516724][ T7200] ? kasan_save_stack+0x33/0x60 [ 209.516779][ T7200] ? __lock_acquire+0xaa4/0x1ba0 [ 209.516813][ T7200] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 209.516885][ T7200] ? __lock_acquire+0x5ca/0x1ba0 [ 209.516936][ T7200] ? __lock_acquire+0x5ca/0x1ba0 [ 209.516965][ T7200] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 209.517003][ T7200] ? policy_nodemask+0xea/0x4e0 [ 209.517036][ T7200] alloc_pages_mpol+0x1fb/0x550 [ 209.517069][ T7200] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 209.517100][ T7200] ? __lock_acquire+0x5ca/0x1ba0 [ 209.517136][ T7200] folio_alloc_mpol_noprof+0x36/0x2f0 [ 209.517175][ T7200] vma_alloc_folio_noprof+0xed/0x1e0 [ 209.517212][ T7200] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 209.517262][ T7200] do_pte_missing+0x223d/0x3fb0 [ 209.517321][ T7200] __handle_mm_fault+0x103d/0x2a40 [ 209.517382][ T7200] ? __pfx___handle_mm_fault+0x10/0x10 [ 209.517426][ T7200] ? __pte_offset_map_lock+0x155/0x2f0 [ 209.517462][ T7200] ? find_held_lock+0x2b/0x80 [ 209.517500][ T7200] ? find_held_lock+0x2b/0x80 [ 209.517566][ T7200] handle_mm_fault+0x3fe/0xad0 [ 209.517618][ T7200] __get_user_pages+0x771/0x36f0 [ 209.517671][ T7200] ? __pfx_mt_find+0x10/0x10 [ 209.517717][ T7200] ? __pfx___get_user_pages+0x10/0x10 [ 209.517773][ T7200] populate_vma_page_range+0x278/0x3a0 [ 209.517820][ T7200] ? __pfx_populate_vma_page_range+0x10/0x10 [ 209.517870][ T7200] ? __pfx_find_vma_intersection+0x10/0x10 [ 209.517911][ T7200] ? do_mmap+0x69c/0x11b0 [ 209.517953][ T7200] __mm_populate+0x1d8/0x380 [ 209.518004][ T7200] ? __pfx___mm_populate+0x10/0x10 [ 209.518050][ T7200] ? up_write+0x1b2/0x520 [ 209.518088][ T7200] vm_mmap_pgoff+0x362/0x450 [ 209.518130][ T7200] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 209.518168][ T7200] ? 0xffffffffff600000 [ 209.518198][ T7200] ? __x64_sys_futex+0x1e0/0x4c0 [ 209.518241][ T7200] ? __x64_sys_futex+0x1e9/0x4c0 [ 209.518292][ T7200] ksys_mmap_pgoff+0x7d/0x5c0 [ 209.518330][ T7200] ? rcu_is_watching+0x12/0xc0 [ 209.518373][ T7200] __x64_sys_mmap+0x125/0x190 [ 209.518415][ T7200] do_syscall_64+0xcd/0x260 [ 209.518467][ T7200] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.518498][ T7200] RIP: 0033:0x7faff6d8d169 [ 209.518521][ T7200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 209.518551][ T7200] RSP: 002b:00007faff7b25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 209.518579][ T7200] RAX: ffffffffffffffda RBX: 00007faff6fa5fa0 RCX: 00007faff6d8d169 [ 209.518599][ T7200] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 209.518618][ T7200] RBP: 00007faff6e0e2a0 R08: 0000000000000007 R09: 0000000000028000 [ 209.518642][ T7200] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 209.518660][ T7200] R13: 0000000000000000 R14: 00007faff6fa5fa0 R15: 00007ffe6a59a2e8 [ 209.518701][ T7200] [ 211.217443][ T7231] Invalid ELF header magic: != ELF [ 211.248473][ T7230] Invalid ELF header magic: != ELF [ 212.111272][ T7253] usbip-vudc usbip-vudc.0: gadget not bound [ 213.460068][ T7292] netlink: 8 bytes leftover after parsing attributes in process `syz.2.272'. [ 213.507111][ T7298] netlink: 8 bytes leftover after parsing attributes in process `syz.2.272'. [ 213.964598][ T7309] FAULT_INJECTION: forcing a failure. [ 213.964598][ T7309] name failslab, interval 1, probability 0, space 0, times 0 [ 213.964643][ T7309] CPU: 1 UID: 0 PID: 7309 Comm: syz.2.275 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 213.964669][ T7309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 213.964681][ T7309] Call Trace: [ 213.964688][ T7309] [ 213.964696][ T7309] dump_stack_lvl+0x16c/0x1f0 [ 213.964730][ T7309] should_fail_ex+0x512/0x640 [ 213.964754][ T7309] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 213.964788][ T7309] should_failslab+0xc2/0x120 [ 213.964810][ T7309] __kmalloc_cache_noprof+0x6a/0x3e0 [ 213.964839][ T7309] ? fib_rules_register+0x403/0x500 [ 213.964866][ T7309] ? mr_table_alloc+0x5f/0x2e0 [ 213.964896][ T7309] ? do_raw_spin_unlock+0x172/0x230 [ 213.964923][ T7309] ? __pfx_ipmr_new_table_set+0x10/0x10 [ 213.964947][ T7309] mr_table_alloc+0x5f/0x2e0 [ 213.964975][ T7309] ? __pfx_ipmr_expire_process+0x10/0x10 [ 213.965001][ T7309] ? __pfx_ipmr_net_init+0x10/0x10 [ 213.965028][ T7309] ipmr_net_init+0x3c4/0x4e0 [ 213.965056][ T7309] ? __pfx_ipmr_net_init+0x10/0x10 [ 213.965086][ T7309] ops_init+0x1df/0x5f0 [ 213.965118][ T7309] setup_net+0x21e/0x850 [ 213.965150][ T7309] ? __pfx_setup_net+0x10/0x10 [ 213.965178][ T7309] ? lockdep_init_map_type+0x5c/0x280 [ 213.965202][ T7309] ? __pfx_down_read_killable+0x10/0x10 [ 213.965255][ T7309] ? debug_mutex_init+0x37/0x70 [ 213.965300][ T7309] copy_net_ns+0x2a6/0x5f0 [ 213.965349][ T7309] create_new_namespaces+0x3ea/0xad0 [ 213.965406][ T7309] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 213.965457][ T7309] ksys_unshare+0x45b/0xa40 [ 213.965507][ T7309] ? __pfx_ksys_unshare+0x10/0x10 [ 213.965554][ T7309] ? xfd_validate_state+0x5d/0x180 [ 213.965591][ T7309] ? rcu_is_watching+0x12/0xc0 [ 213.965641][ T7309] __x64_sys_unshare+0x31/0x40 [ 213.965689][ T7309] do_syscall_64+0xcd/0x260 [ 213.965732][ T7309] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.965754][ T7309] RIP: 0033:0x7faff6d8d169 [ 213.965771][ T7309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 213.965793][ T7309] RSP: 002b:00007faff7b25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 213.965813][ T7309] RAX: ffffffffffffffda RBX: 00007faff6fa5fa0 RCX: 00007faff6d8d169 [ 213.965828][ T7309] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 213.965841][ T7309] RBP: 00007faff6e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 213.965854][ T7309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 213.965867][ T7309] R13: 0000000000000000 R14: 00007faff6fa5fa0 R15: 00007ffe6a59a2e8 [ 213.965895][ T7309] [ 215.031093][ T7325] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 215.031319][ T7325] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 215.031526][ T7325] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 215.031729][ T7325] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 217.105427][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 217.105641][ T5152] Bluetooth: hci2: command 0x0c1a tx timeout [ 217.111542][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 217.117681][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 218.317340][ T7393] snd_aloop snd_aloop.0: Parsing timer source '‘ å' failed with -22 [ 218.868220][ T7402] svc: failed to register nfsdv3 RPC service (errno 111). [ 218.962218][ T7402] svc: failed to register nfsaclv3 RPC service (errno 111). [ 219.735152][ T7417] Invalid ELF header magic: != ELF [ 219.814596][ T7405] svc: failed to register nfsdv3 RPC service (errno 111). [ 219.829759][ T7405] svc: failed to register nfsaclv3 RPC service (errno 512). [ 223.893640][ T7465] FAULT_INJECTION: forcing a failure. [ 223.893640][ T7465] name failslab, interval 1, probability 0, space 0, times 0 [ 223.940716][ T7465] CPU: 1 UID: 0 PID: 7465 Comm: syz.0.306 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 223.940758][ T7465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 223.940776][ T7465] Call Trace: [ 223.940786][ T7465] [ 223.940798][ T7465] dump_stack_lvl+0x16c/0x1f0 [ 223.940844][ T7465] should_fail_ex+0x512/0x640 [ 223.940877][ T7465] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 223.940930][ T7465] should_failslab+0xc2/0x120 [ 223.940960][ T7465] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 223.941006][ T7465] ? __proc_create+0xc3/0x8c0 [ 223.941037][ T7465] ? __proc_create+0x2ce/0x8c0 [ 223.941076][ T7465] __proc_create+0x2ce/0x8c0 [ 223.941111][ T7465] ? __pfx___proc_create+0x10/0x10 [ 223.941142][ T7465] ? proc_register+0x30f/0x5f0 [ 223.941182][ T7465] ? _raw_write_unlock+0x28/0x50 [ 223.941226][ T7465] proc_create_reg+0x7d/0x180 [ 223.941272][ T7465] proc_create_net_data+0x8e/0x1b0 [ 223.941314][ T7465] ? __pfx_proc_create_net_data+0x10/0x10 [ 223.941349][ T7465] ? __pfx___netlink_kernel_create+0x10/0x10 [ 223.941401][ T7465] fib_proc_init+0xf4/0x1b0 [ 223.941438][ T7465] fib_net_init+0x2af/0x3f0 [ 223.941475][ T7465] ? __pfx___register_sysctl_table+0x10/0x10 [ 223.941510][ T7465] ? __pfx_fib_net_init+0x10/0x10 [ 223.941549][ T7465] ? lockdep_init_map_type+0x5c/0x280 [ 223.941579][ T7465] ? __pfx_nl_fib_input+0x10/0x10 [ 223.941625][ T7465] ? devinet_init_net+0x5c2/0x910 [ 223.941671][ T7465] ? __pfx_fib_net_init+0x10/0x10 [ 223.941707][ T7465] ops_init+0x1df/0x5f0 [ 223.941753][ T7465] setup_net+0x21e/0x850 [ 223.941799][ T7465] ? __pfx_setup_net+0x10/0x10 [ 223.941838][ T7465] ? lockdep_init_map_type+0x5c/0x280 [ 223.941866][ T7465] ? __pfx_down_read_killable+0x10/0x10 [ 223.941918][ T7465] ? debug_mutex_init+0x37/0x70 [ 223.941962][ T7465] copy_net_ns+0x2a6/0x5f0 [ 223.942011][ T7465] create_new_namespaces+0x3ea/0xad0 [ 223.942068][ T7465] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 223.942117][ T7465] ksys_unshare+0x45b/0xa40 [ 223.942166][ T7465] ? __pfx_ksys_unshare+0x10/0x10 [ 223.942212][ T7465] ? xfd_validate_state+0x5d/0x180 [ 223.942255][ T7465] ? rcu_is_watching+0x12/0xc0 [ 223.942304][ T7465] __x64_sys_unshare+0x31/0x40 [ 223.942352][ T7465] do_syscall_64+0xcd/0x260 [ 223.942397][ T7465] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.942429][ T7465] RIP: 0033:0x7f72ac98d169 [ 223.942453][ T7465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 223.942482][ T7465] RSP: 002b:00007f72ad7ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 223.942511][ T7465] RAX: ffffffffffffffda RBX: 00007f72acba6160 RCX: 00007f72ac98d169 [ 223.942531][ T7465] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 223.942549][ T7465] RBP: 00007f72aca0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 223.942568][ T7465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 223.942586][ T7465] R13: 0000000000000000 R14: 00007f72acba6160 R15: 00007ffcc6770b18 [ 223.942627][ T7465] [ 224.766833][ T7475] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input7 [ 228.255052][ T7504] netlink: 4 bytes leftover after parsing attributes in process `syz.0.313'. [ 228.501358][ T7505] snd_aloop snd_aloop.0: Parsing timer source '‘ å' failed with -22 [ 233.071579][ T7547] random: crng reseeded on system resumption [ 233.279698][ T7550] netlink: 4 bytes leftover after parsing attributes in process `syz.3.324'. [ 234.475417][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 234.485085][ T5842] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 234.493229][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 234.502370][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 234.510330][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 236.547408][ T5842] Bluetooth: hci1: command tx timeout [ 237.144861][ T7568] chnl_net:caif_netlink_parms(): no params data found [ 237.737317][ T7568] bridge0: port 1(bridge_slave_0) entered blocking state [ 237.763148][ T7568] bridge0: port 1(bridge_slave_0) entered disabled state [ 237.788892][ T7568] bridge_slave_0: entered allmulticast mode [ 237.803089][ T7568] bridge_slave_0: entered promiscuous mode [ 237.832066][ T7568] bridge0: port 2(bridge_slave_1) entered blocking state [ 237.842344][ T7568] bridge0: port 2(bridge_slave_1) entered disabled state [ 237.869743][ T7568] bridge_slave_1: entered allmulticast mode [ 237.895511][ T7568] bridge_slave_1: entered promiscuous mode [ 238.182718][ T7568] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 238.228072][ T7568] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 238.480127][ T7568] team0: Port device team_slave_0 added [ 238.510415][ T7568] team0: Port device team_slave_1 added [ 238.625376][ T5842] Bluetooth: hci1: command tx timeout [ 238.712038][ T24] Process accounting resumed [ 238.770239][ T7568] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 238.815388][ T7568] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 238.850169][ T7650] snd_aloop snd_aloop.0: Parsing timer source '‘ å' failed with -22 [ 238.895510][ T7568] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 239.412698][ T7568] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 239.424913][ T7568] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 239.489992][ T7568] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 239.952209][ T7568] hsr_slave_0: entered promiscuous mode [ 239.990290][ T7568] hsr_slave_1: entered promiscuous mode [ 240.009631][ T7568] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 240.035413][ T7568] Cannot create hsr debugfs directory [ 240.197581][ T7661] FAULT_INJECTION: forcing a failure. [ 240.197581][ T7661] name failslab, interval 1, probability 0, space 0, times 0 [ 240.280325][ T7661] CPU: 1 UID: 0 PID: 7661 Comm: syz.0.343 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 240.280370][ T7661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 240.280389][ T7661] Call Trace: [ 240.280401][ T7661] [ 240.280414][ T7661] dump_stack_lvl+0x16c/0x1f0 [ 240.280463][ T7661] should_fail_ex+0x512/0x640 [ 240.280499][ T7661] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 240.280546][ T7661] should_failslab+0xc2/0x120 [ 240.280577][ T7661] __kmalloc_cache_noprof+0x6a/0x3e0 [ 240.280624][ T7661] ? sctp_auth_init+0x1e0/0x570 [ 240.280675][ T7661] ? kasan_save_track+0x14/0x30 [ 240.280730][ T7661] sctp_auth_init+0x1e0/0x570 [ 240.280786][ T7661] sctp_setsockopt+0xa371/0xb870 [ 240.280828][ T7661] ? __pfx_sctp_setsockopt+0x10/0x10 [ 240.280868][ T7661] ? __lock_acquire+0x5ca/0x1ba0 [ 240.280898][ T7661] ? __pfx_aa_sk_perm+0x10/0x10 [ 240.280944][ T7661] ? sock_common_setsockopt+0x2e/0xf0 [ 240.280995][ T7661] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 240.281044][ T7661] do_sock_setsockopt+0x221/0x470 [ 240.281091][ T7661] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 240.281164][ T7661] __sys_setsockopt+0x1a0/0x230 [ 240.281209][ T7661] __x64_sys_setsockopt+0xbd/0x160 [ 240.281244][ T7661] ? do_syscall_64+0x91/0x260 [ 240.281286][ T7661] ? lockdep_hardirqs_on+0x7c/0x110 [ 240.281326][ T7661] do_syscall_64+0xcd/0x260 [ 240.281371][ T7661] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.281402][ T7661] RIP: 0033:0x7f72ac98d169 [ 240.281428][ T7661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 240.281457][ T7661] RSP: 002b:00007f72ad820038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 240.281488][ T7661] RAX: ffffffffffffffda RBX: 00007f72acba6080 RCX: 00007f72ac98d169 [ 240.281509][ T7661] RDX: 0000000000000081 RSI: 0000010000000084 RDI: 0000000000000003 [ 240.281528][ T7661] RBP: 00007f72aca0e2a0 R08: 0000000000000008 R09: 0000000000000000 [ 240.281547][ T7661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 240.281565][ T7661] R13: 0000000000000000 R14: 00007f72acba6080 R15: 00007ffcc6770b18 [ 240.281606][ T7661] [ 240.745506][ T5842] Bluetooth: hci1: command tx timeout [ 241.641183][ T7568] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 241.700010][ T7568] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 241.754761][ T7568] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 241.877040][ T7568] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 242.301732][ T7568] 8021q: adding VLAN 0 to HW filter on device bond0 [ 242.370440][ T7672] FAULT_INJECTION: forcing a failure. [ 242.370440][ T7672] name failslab, interval 1, probability 0, space 0, times 0 [ 242.405697][ T7568] 8021q: adding VLAN 0 to HW filter on device team0 [ 242.432475][ T7672] CPU: 1 UID: 0 PID: 7672 Comm: syz.0.347 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 242.432518][ T7672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 242.432536][ T7672] Call Trace: [ 242.432546][ T7672] [ 242.432558][ T7672] dump_stack_lvl+0x16c/0x1f0 [ 242.432605][ T7672] should_fail_ex+0x512/0x640 [ 242.432644][ T7672] ? __kvmalloc_node_noprof+0x122/0x600 [ 242.432702][ T7672] should_failslab+0xc2/0x120 [ 242.432732][ T7672] __kvmalloc_node_noprof+0x135/0x600 [ 242.432779][ T7672] ? v4l2_ctrl_new+0x97d/0x2180 [ 242.432807][ T7672] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 242.432849][ T7672] ? v4l2_ctrl_new+0x97d/0x2180 [ 242.432876][ T7672] v4l2_ctrl_new+0x97d/0x2180 [ 242.432921][ T7672] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 242.432948][ T7672] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 242.432989][ T7672] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 242.433028][ T7672] v4l2_ctrl_new_std+0x1be/0x290 [ 242.433071][ T7672] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 242.433100][ T7672] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 242.433136][ T7672] ? rcu_is_watching+0x12/0xc0 [ 242.433175][ T7672] ? trace_kmalloc+0x2b/0xd0 [ 242.433207][ T7672] ? __kvmalloc_node_noprof+0x296/0x600 [ 242.433263][ T7672] ? media_request_object_init+0x100/0x180 [ 242.433311][ T7672] vicodec_open+0x1f7/0xf90 [ 242.433367][ T7672] v4l2_open+0x222/0x490 [ 242.433413][ T7672] ? __pfx_v4l2_open+0x10/0x10 [ 242.433473][ T7672] chrdev_open+0x231/0x6a0 [ 242.433521][ T7672] ? __pfx_apparmor_file_open+0x10/0x10 [ 242.433560][ T7672] ? __pfx_chrdev_open+0x10/0x10 [ 242.433613][ T7672] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 242.433674][ T7672] do_dentry_open+0x741/0x1c10 [ 242.433720][ T7672] ? __pfx_chrdev_open+0x10/0x10 [ 242.433778][ T7672] vfs_open+0x82/0x3f0 [ 242.433816][ T7672] path_openat+0x1e5e/0x2d40 [ 242.433879][ T7672] ? __pfx_path_openat+0x10/0x10 [ 242.433938][ T7672] do_filp_open+0x20b/0x470 [ 242.433986][ T7672] ? __pfx_do_filp_open+0x10/0x10 [ 242.434064][ T7672] ? alloc_fd+0x471/0x7d0 [ 242.434121][ T7672] do_sys_openat2+0x11b/0x1d0 [ 242.434155][ T7672] ? __pfx_do_sys_openat2+0x10/0x10 [ 242.434206][ T7672] __x64_sys_openat+0x174/0x210 [ 242.434241][ T7672] ? __pfx___x64_sys_openat+0x10/0x10 [ 242.434278][ T7672] ? rcu_is_watching+0x12/0xc0 [ 242.434329][ T7672] do_syscall_64+0xcd/0x260 [ 242.434376][ T7672] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.434408][ T7672] RIP: 0033:0x7f72ac98d169 [ 242.434432][ T7672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 242.434460][ T7672] RSP: 002b:00007f72ad841038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 242.434489][ T7672] RAX: ffffffffffffffda RBX: 00007f72acba5fa0 RCX: 00007f72ac98d169 [ 242.434510][ T7672] RDX: 0000000000002800 RSI: 0000200000000340 RDI: ffffffffffffff9c [ 242.434530][ T7672] RBP: 00007f72aca0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 242.434550][ T7672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 242.434568][ T7672] R13: 0000000000000000 R14: 00007f72acba5fa0 R15: 00007ffcc6770b18 [ 242.434609][ T7672] [ 243.075483][ T5842] Bluetooth: hci1: command tx timeout [ 243.241106][ T7609] bridge0: port 1(bridge_slave_0) entered blocking state [ 243.248362][ T7609] bridge0: port 1(bridge_slave_0) entered forwarding state [ 243.326372][ T7600] bridge0: port 2(bridge_slave_1) entered blocking state [ 243.333613][ T7600] bridge0: port 2(bridge_slave_1) entered forwarding state [ 245.229322][ T7590] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 245.339186][ T7568] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 245.446592][ T7590] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 245.903644][ T7689] Invalid ELF header magic: != ELF [ 245.972590][ T7590] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.178895][ T7590] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              syzkaller syzkaller login: [ 265.522179][ T8052] netlink: 294 bytes leftover after parsing attributes in process `syz.3.405'. [ 267.582963][ T8096] Invalid ELF header magic: != ELF [ 267.772212][ T8103] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 268.628828][ T8120] input input11: cannot allocate more than FF_MAX_EFFECTS effects [ 269.082117][ T8132] netlink: 8 bytes leftover after parsing attributes in process `syz.4.415'. [ 269.337779][ T8137] netlink: 504 bytes leftover after parsing attributes in process `syz.3.417'. [ 269.492384][ T8135] netlink: 504 bytes leftover after parsing attributes in process `syz.3.417'. [ 270.594729][ T8167] Invalid ELF header magic: != ELF [ 271.439921][ T8204] serio: Serial port ptm0 [ 271.692354][ T8215] openvswitch: netlink: IP tunnel dst address not specified [ 272.146394][ T8242] FAULT_INJECTION: forcing a failure. [ 272.146394][ T8242] name failslab, interval 1, probability 0, space 0, times 0 [ 272.223432][ T8242] CPU: 1 UID: 0 PID: 8242 Comm: syz.3.426 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 272.223509][ T8242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 272.223529][ T8242] Call Trace: [ 272.223539][ T8242] [ 272.223552][ T8242] dump_stack_lvl+0x16c/0x1f0 [ 272.223600][ T8242] should_fail_ex+0x512/0x640 [ 272.223637][ T8242] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 272.223687][ T8242] should_failslab+0xc2/0x120 [ 272.223718][ T8242] __kmalloc_cache_noprof+0x6a/0x3e0 [ 272.223765][ T8242] ? io_uring_setup+0x24f/0x2090 [ 272.223802][ T8242] io_uring_setup+0x24f/0x2090 [ 272.223838][ T8242] ? __pfx_io_uring_setup+0x10/0x10 [ 272.223868][ T8242] ? do_futex+0x122/0x350 [ 272.223917][ T8242] ? __pfx_do_futex+0x10/0x10 [ 272.223961][ T8242] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 272.224032][ T8242] ? rcu_is_watching+0x12/0xc0 [ 272.224082][ T8242] __x64_sys_io_uring_setup+0xc2/0x170 [ 272.224116][ T8242] do_syscall_64+0xcd/0x260 [ 272.224163][ T8242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.224196][ T8242] RIP: 0033:0x7fdaf038d169 [ 272.224221][ T8242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 272.224251][ T8242] RSP: 002b:00007fdaf11eb038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 272.224281][ T8242] RAX: ffffffffffffffda RBX: 00007fdaf05a6240 RCX: 00007fdaf038d169 [ 272.224302][ T8242] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 272.224321][ T8242] RBP: 00007fdaf040e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 272.224341][ T8242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 272.224360][ T8242] R13: 0000000000000000 R14: 00007fdaf05a6240 R15: 00007ffd3e300738 [ 272.224406][ T8242] [ 274.195836][ T8296] netlink: 338 bytes leftover after parsing attributes in process `syz.2.435'. [ 274.254258][ T8299] netlink: 338 bytes leftover after parsing attributes in process `syz.2.435'. [ 274.329305][ T8300] tc_dump_action: action bad kind [ 274.475819][ T8291] netlink: 342 bytes leftover after parsing attributes in process `syz.0.433'. [ 274.484648][ T8306] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 274.519216][ T8291] netlink: 222 bytes leftover after parsing attributes in process `syz.0.433'. [ 274.535713][ T8291] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 274.544856][ T8291] IPv6: NLM_F_CREATE should be set when creating new route [ 274.553718][ T8291] IPv6: NLM_F_CREATE should be set when creating new route [ 274.562470][ T8291] IPv6: NLM_F_CREATE should be set when creating new route [ 274.697892][ T8306] Invalid ELF header magic: != ELF [ 275.858848][ T5842] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5 [ 277.246782][ T8424] capability: warning: `syz.3.448' uses 32-bit capabilities (legacy support in use) [ 277.452110][ T8450] snd_aloop snd_aloop.0: Parsing timer source '‘ å' failed with -22 [ 280.321139][ T8510] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 280.348225][ T8510] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 280.379942][ T8510] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 280.442464][ T8510] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 280.495512][ T8510] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 280.635666][ T8510] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 280.708574][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 281.427040][ T8561] netlink: 20 bytes leftover after parsing attributes in process `syz.0.455'. [ 282.385612][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 282.393682][ T5152] Bluetooth: hci2: command 0x0c1a tx timeout [ 282.475660][ T5152] Bluetooth: hci1: command 0x0c1a tx timeout [ 283.084722][ T8759] FAULT_INJECTION: forcing a failure. [ 283.084722][ T8759] name failslab, interval 1, probability 0, space 0, times 0 [ 283.120001][ T8759] CPU: 1 UID: 0 PID: 8759 Comm: syz.3.465 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 283.120042][ T8759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 283.120058][ T8759] Call Trace: [ 283.120068][ T8759] [ 283.120078][ T8759] dump_stack_lvl+0x16c/0x1f0 [ 283.120121][ T8759] should_fail_ex+0x512/0x640 [ 283.120151][ T8759] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 283.120199][ T8759] should_failslab+0xc2/0x120 [ 283.120225][ T8759] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 283.120266][ T8759] ? vm_area_dup+0x25/0x760 [ 283.120306][ T8759] vm_area_dup+0x25/0x760 [ 283.120342][ T8759] __split_vma+0x17f/0x1030 [ 283.120385][ T8759] ? __pfx___split_vma+0x10/0x10 [ 283.120440][ T8759] vms_gather_munmap_vmas+0x392/0x1310 [ 283.120488][ T8759] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 283.120532][ T8759] ? mas_walk+0x6a6/0x910 [ 283.120575][ T8759] __mmap_region+0x314/0x27c0 [ 283.120616][ T8759] ? rcu_is_watching+0x12/0xc0 [ 283.120649][ T8759] ? __pfx___mmap_region+0x10/0x10 [ 283.120689][ T8759] ? finish_task_switch.isra.0+0x221/0xc10 [ 283.120730][ T8759] ? __schedule+0x1186/0x5de0 [ 283.120766][ T8759] ? kvm_sched_clock_read+0x11/0x20 [ 283.120797][ T8759] ? sched_clock+0x38/0x60 [ 283.120820][ T8759] ? sched_clock_cpu+0x6c/0x530 [ 283.120913][ T8759] ? trace_cap_capable+0x18d/0x200 [ 283.120941][ T8759] ? cap_capable+0xb3/0x250 [ 283.120971][ T8759] mmap_region+0x1ab/0x3f0 [ 283.121000][ T8759] do_mmap+0xd8e/0x11b0 [ 283.121037][ T8759] ? __pfx_do_mmap+0x10/0x10 [ 283.121069][ T8759] ? __pfx_down_write_killable+0x10/0x10 [ 283.121115][ T8759] vm_mmap_pgoff+0x281/0x450 [ 283.121153][ T8759] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 283.121191][ T8759] ? __x64_sys_futex+0x1e0/0x4c0 [ 283.121228][ T8759] ? __x64_sys_futex+0x1e9/0x4c0 [ 283.121270][ T8759] ksys_mmap_pgoff+0x7d/0x5c0 [ 283.121300][ T8759] ? rcu_is_watching+0x12/0xc0 [ 283.121336][ T8759] __x64_sys_mmap+0x125/0x190 [ 283.121370][ T8759] do_syscall_64+0xcd/0x260 [ 283.121407][ T8759] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.121433][ T8759] RIP: 0033:0x7fdaf038d169 [ 283.121455][ T8759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 283.121481][ T8759] RSP: 002b:00007fdaf122d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 283.121509][ T8759] RAX: ffffffffffffffda RBX: 00007fdaf05a6080 RCX: 00007fdaf038d169 [ 283.121526][ T8759] RDX: 00800000000000df RSI: 0000000000400005 RDI: 0000000000000000 [ 283.121542][ T8759] RBP: 00007fdaf040e2a0 R08: 0000000000000002 R09: 0000000000008000 [ 283.121558][ T8759] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 283.121574][ T8759] R13: 0000000000000000 R14: 00007fdaf05a6080 R15: 00007ffd3e300738 [ 283.121608][ T8759] [ 283.491139][ T8759] FAULT_INJECTION: forcing a failure. [ 283.491139][ T8759] name failslab, interval 1, probability 0, space 0, times 0 [ 283.522769][ T8759] CPU: 0 UID: 0 PID: 8759 Comm: syz.3.465 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 283.522817][ T8759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 283.522837][ T8759] Call Trace: [ 283.522848][ T8759] [ 283.522860][ T8759] dump_stack_lvl+0x16c/0x1f0 [ 283.522909][ T8759] should_fail_ex+0x512/0x640 [ 283.522945][ T8759] ? __kmalloc_noprof+0xbf/0x510 [ 283.522999][ T8759] ? sk_prot_alloc+0x1a8/0x2a0 [ 283.523045][ T8759] should_failslab+0xc2/0x120 [ 283.523077][ T8759] __kmalloc_noprof+0xd2/0x510 [ 283.523135][ T8759] sk_prot_alloc+0x1a8/0x2a0 [ 283.523187][ T8759] sk_alloc+0x36/0xc20 [ 283.523224][ T8759] __netlink_create+0x5e/0x2c0 [ 283.523256][ T8759] ? __wake_up+0x3f/0x60 [ 283.523307][ T8759] netlink_create+0x39e/0x620 [ 283.523342][ T8759] ? __pfx_genl_bind+0x10/0x10 [ 283.523398][ T8759] ? __pfx_genl_unbind+0x10/0x10 [ 283.523442][ T8759] ? __pfx_genl_release+0x10/0x10 [ 283.523494][ T8759] __sock_create+0x335/0x8d0 [ 283.523553][ T8759] __sys_socket+0x14d/0x260 [ 283.523584][ T8759] ? __pfx___sys_socket+0x10/0x10 [ 283.523616][ T8759] ? rcu_is_watching+0x12/0xc0 [ 283.523670][ T8759] __x64_sys_socket+0x72/0xb0 [ 283.523699][ T8759] ? lockdep_hardirqs_on+0x7c/0x110 [ 283.523741][ T8759] do_syscall_64+0xcd/0x260 [ 283.523788][ T8759] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.523821][ T8759] RIP: 0033:0x7fdaf038f087 [ 283.523847][ T8759] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 283.523878][ T8759] RSP: 002b:00007fdaf122bfa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 283.523908][ T8759] RAX: ffffffffffffffda RBX: 00007fdaf05a6080 RCX: 00007fdaf038f087 [ 283.523929][ T8759] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 283.523948][ T8759] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 283.523966][ T8759] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000 [ 283.523984][ T8759] R13: 0000000000000000 R14: 00007fdaf05a6080 R15: 00007ffd3e300738 [ 283.524023][ T8759] [ 283.935474][ T8759] Console: switching to colour frame buffer device 128x48 [ 284.548786][ T5152] Bluetooth: hci1: command 0x0c1a tx timeout [ 285.019221][ T8837] FAULT_INJECTION: forcing a failure. [ 285.019221][ T8837] name failslab, interval 1, probability 0, space 0, times 0 [ 285.059728][ T8837] CPU: 0 UID: 0 PID: 8837 Comm: syz.3.469 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 285.059776][ T8837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 285.059794][ T8837] Call Trace: [ 285.059805][ T8837] [ 285.059817][ T8837] dump_stack_lvl+0x16c/0x1f0 [ 285.059867][ T8837] should_fail_ex+0x512/0x640 [ 285.059902][ T8837] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 285.059957][ T8837] should_failslab+0xc2/0x120 [ 285.059987][ T8837] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 285.060036][ T8837] ? __fget_files+0x204/0x3c0 [ 285.060082][ T8837] ? create_new_namespaces+0x30/0xad0 [ 285.060134][ T8837] create_new_namespaces+0x30/0xad0 [ 285.060190][ T8837] __do_sys_setns+0x229/0x1910 [ 285.060240][ T8837] ? __pfx___do_sys_setns+0x10/0x10 [ 285.060302][ T8837] do_syscall_64+0xcd/0x260 [ 285.060349][ T8837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.060381][ T8837] RIP: 0033:0x7fdaf038d169 [ 285.060407][ T8837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 285.060438][ T8837] RSP: 002b:00007fdaf124e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000134 [ 285.060469][ T8837] RAX: ffffffffffffffda RBX: 00007fdaf05a5fa0 RCX: 00007fdaf038d169 [ 285.060490][ T8837] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 285.060509][ T8837] RBP: 00007fdaf040e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 285.060539][ T8837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 285.060558][ T8837] R13: 0000000000000000 R14: 00007fdaf05a5fa0 R15: 00007ffd3e300738 [ 285.060600][ T8837] [ 285.261439][ C0] vkms_vblank_simulate: vblank timer overrun [ 286.629723][ T5152] Bluetooth: hci1: command 0x0c1a tx timeout [ 286.828549][ T8889] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 286.919439][ T8889] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 286.971491][ T8889] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 287.035648][ T8889] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 287.269773][ T8900] Invalid ELF header magic: != ELF [ 287.988212][ T8898] netlink: 28 bytes leftover after parsing attributes in process `syz.0.478'. [ 288.234237][ T8898] geneve1: entered allmulticast mode [ 288.239434][ T8895] can: request_module (can-proto-4) failed. [ 288.871723][ T5152] Bluetooth: hci0: command 0x0c1a tx timeout [ 288.905516][ T8948] netlink: 36 bytes leftover after parsing attributes in process `syz.4.480'. [ 288.946569][ T5152] Bluetooth: hci2: command 0x0c1a tx timeout [ 289.025502][ T5152] Bluetooth: hci3: command 0x0c1a tx timeout [ 289.105661][ T5152] Bluetooth: hci1: command 0x0c1a tx timeout [ 291.323658][ T9078] netlink: 8 bytes leftover after parsing attributes in process `syz.4.489'. [ 291.416515][ T5897] smpboot: CPU 1 is now offline [ 293.168615][ T9159] Invalid ELF header magic: != ELF [ 293.593665][ T9169] snd_aloop snd_aloop.0: Parsing timer source '‘ å' failed with -22 [ 294.806371][ T9159] netlink: 28 bytes leftover after parsing attributes in process `syz.4.490'. [ 294.974114][ T9159] netdevsim netdevsim4 netdevsim1: entered allmulticast mode [ 295.167668][ T9210] netlink: 330 bytes leftover after parsing attributes in process `syz.2.495'. [ 295.266211][ T9210] : renamed from bond0 (while UP) [ 296.676454][ T9239] FAULT_INJECTION: forcing a failure. [ 296.676454][ T9239] name failslab, interval 1, probability 0, space 0, times 0 [ 296.797761][ T9239] CPU: 0 UID: 0 PID: 9239 Comm: syz.2.501 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 296.797795][ T9239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 296.797809][ T9239] Call Trace: [ 296.797816][ T9239] [ 296.797825][ T9239] dump_stack_lvl+0x16c/0x1f0 [ 296.797860][ T9239] should_fail_ex+0x512/0x640 [ 296.797886][ T9239] ? __kvmalloc_node_noprof+0x122/0x600 [ 296.797924][ T9239] should_failslab+0xc2/0x120 [ 296.797945][ T9239] __kvmalloc_node_noprof+0x135/0x600 [ 296.797981][ T9239] ? alloc_fdtable+0xee/0x2b0 [ 296.798018][ T9239] ? alloc_fdtable+0xee/0x2b0 [ 296.798049][ T9239] alloc_fdtable+0xee/0x2b0 [ 296.798102][ T9239] dup_fd+0x83b/0xb90 [ 296.798147][ T9239] __do_sys_close_range+0x4ca/0x730 [ 296.798184][ T9239] ? xfd_validate_state+0x5d/0x180 [ 296.798212][ T9239] ? __pfx___do_sys_close_range+0x10/0x10 [ 296.798248][ T9239] ? rcu_is_watching+0x12/0xc0 [ 296.798285][ T9239] do_syscall_64+0xcd/0x260 [ 296.798318][ T9239] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 296.798341][ T9239] RIP: 0033:0x7faff6d8d169 [ 296.798360][ T9239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 296.798382][ T9239] RSP: 002b:00007faff7b25038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 296.798408][ T9239] RAX: ffffffffffffffda RBX: 00007faff6fa5fa0 RCX: 00007faff6d8d169 [ 296.798423][ T9239] RDX: 0000000000000002 RSI: 0000000000000008 RDI: 0000000000000002 [ 296.798436][ T9239] RBP: 00007faff6e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 296.798449][ T9239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 296.798463][ T9239] R13: 0000000000000000 R14: 00007faff6fa5fa0 R15: 00007ffe6a59a2e8 [ 296.798492][ T9239] [ 297.017247][ C0] vkms_vblank_simulate: vblank timer overrun [ 300.859740][ T9358] snd_aloop snd_aloop.0: Parsing timer source '‘ å' failed with -22 [ 301.026402][ T9367] snd_aloop snd_aloop.0: Parsing timer source '‘ å' failed with -22 [ 301.299740][ T9383] FAULT_INJECTION: forcing a failure. [ 301.299740][ T9383] name failslab, interval 1, probability 0, space 0, times 0 [ 301.394826][ T9383] CPU: 0 UID: 0 PID: 9383 Comm: syz.2.514 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 301.394858][ T9383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 301.394872][ T9383] Call Trace: [ 301.394879][ T9383] [ 301.394888][ T9383] dump_stack_lvl+0x16c/0x1f0 [ 301.394923][ T9383] should_fail_ex+0x512/0x640 [ 301.394949][ T9383] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 301.394985][ T9383] should_failslab+0xc2/0x120 [ 301.395007][ T9383] __kmalloc_cache_noprof+0x6a/0x3e0 [ 301.395039][ T9383] ? apply_wqattrs_prepare+0x130/0xbd0 [ 301.395077][ T9383] apply_wqattrs_prepare+0x130/0xbd0 [ 301.395121][ T9383] apply_workqueue_attrs_locked+0x64/0xe0 [ 301.395155][ T9383] __alloc_workqueue+0xf41/0x1810 [ 301.395203][ T9383] alloc_workqueue+0xd2/0x200 [ 301.395244][ T9383] ? __pfx_alloc_workqueue+0x10/0x10 [ 301.395285][ T9383] ? rcu_is_watching+0x12/0xc0 [ 301.395316][ T9383] ? trace_kmalloc+0x2b/0xd0 [ 301.395339][ T9383] ? do_raw_spin_lock+0x12c/0x2b0 [ 301.395365][ T9383] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 301.395395][ T9383] ieee80211_register_hw+0x1e18/0x4020 [ 301.395437][ T9383] ? _raw_spin_unlock_irqrestore+0x31/0x80 [ 301.395465][ T9383] ? __debug_object_init+0x211/0x3d0 [ 301.395503][ T9383] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 301.395546][ T9383] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 301.395572][ T9383] ? __hrtimer_init+0xc6/0x220 [ 301.395596][ T9383] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 301.395637][ T9383] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 301.395684][ T9383] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 301.395728][ T9383] hwsim_new_radio_nl+0xb51/0x12c0 [ 301.395758][ T9383] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 301.395795][ T9383] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 301.395836][ T9383] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 301.395881][ T9383] genl_family_rcv_msg_doit+0x206/0x2f0 [ 301.395920][ T9383] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 301.395958][ T9383] ? trace_cap_capable+0x18d/0x200 [ 301.395988][ T9383] ? bpf_lsm_capable+0x9/0x10 [ 301.396036][ T9383] ? security_capable+0x7e/0x260 [ 301.396073][ T9383] ? ns_capable+0xd7/0x110 [ 301.396103][ T9383] genl_rcv_msg+0x55c/0x800 [ 301.396141][ T9383] ? __pfx_genl_rcv_msg+0x10/0x10 [ 301.396174][ T9383] ? __pfx___dev_queue_xmit+0x10/0x10 [ 301.396197][ T9383] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 301.396224][ T9383] ? __lock_acquire+0xaa4/0x1ba0 [ 301.396250][ T9383] netlink_rcv_skb+0x16a/0x440 [ 301.396280][ T9383] ? __pfx_genl_rcv_msg+0x10/0x10 [ 301.396316][ T9383] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 301.396361][ T9383] ? __pfx_down_read+0x10/0x10 [ 301.396394][ T9383] ? netlink_deliver_tap+0x1ae/0xd30 [ 301.396427][ T9383] genl_rcv+0x28/0x40 [ 301.396457][ T9383] netlink_unicast+0x53a/0x7f0 [ 301.396491][ T9383] ? __pfx_netlink_unicast+0x10/0x10 [ 301.396519][ T9383] ? __lock_acquire+0xaa4/0x1ba0 [ 301.396546][ T9383] netlink_sendmsg+0x8d1/0xdd0 [ 301.396581][ T9383] ? __pfx_netlink_sendmsg+0x10/0x10 [ 301.396622][ T9383] ____sys_sendmsg+0xa95/0xc70 [ 301.396658][ T9383] ? copy_msghdr_from_user+0x10a/0x160 [ 301.396686][ T9383] ? __pfx_____sys_sendmsg+0x10/0x10 [ 301.396740][ T9383] ___sys_sendmsg+0x134/0x1d0 [ 301.396771][ T9383] ? __pfx____sys_sendmsg+0x10/0x10 [ 301.396835][ T9383] __sys_sendmsg+0x16d/0x220 [ 301.396863][ T9383] ? __pfx___sys_sendmsg+0x10/0x10 [ 301.396891][ T9383] ? __x64_sys_futex+0x1e0/0x4c0 [ 301.396931][ T9383] ? rcu_is_watching+0x12/0xc0 [ 301.396966][ T9383] do_syscall_64+0xcd/0x260 [ 301.396999][ T9383] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.397021][ T9383] RIP: 0033:0x7faff6d8d169 [ 301.397039][ T9383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 301.397061][ T9383] RSP: 002b:00007faff7b25038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 301.397082][ T9383] RAX: ffffffffffffffda RBX: 00007faff6fa5fa0 RCX: 00007faff6d8d169 [ 301.397096][ T9383] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000008 [ 301.397110][ T9383] RBP: 00007faff6e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 301.397124][ T9383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 301.397137][ T9383] R13: 0000000000000000 R14: 00007faff6fa5fa0 R15: 00007ffe6a59a2e8 [ 301.397165][ T9383] [ 303.603389][ T9518] openvswitch: netlink: IP tunnel TTL not specified. [ 303.704540][ T9536] syz.0.517 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 304.618247][ T9575] netlink: 186 bytes leftover after parsing attributes in process `syz.3.522'. [ 305.922411][ T9621] netlink: 'syz.3.524': attribute type 10 has an invalid length. [ 305.971223][ T9621] netlink: 230 bytes leftover after parsing attributes in process `syz.3.524'. [ 306.106594][ T9621] team0: Port device team_slave_1 removed [ 306.161570][ T9621] syz.3.524 (9621) used greatest stack depth: 21064 bytes left [ 306.464133][ T9633] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 307.273005][ T9664] ima: policy update failed [ 307.303353][ T30] audit: type=1802 audit(63347.770:3): pid=9664 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.529" res=0 errno=0 [ 310.588940][ T30] audit: type=1800 audit(63351.060:4): pid=9801 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.541" name="members" dev="configfs" ino=20212 res=0 errno=0 [ 310.764621][ T9801] netlink: 544 bytes leftover after parsing attributes in process `syz.3.541'. [ 311.350583][ T9808] netlink: 28 bytes leftover after parsing attributes in process `syz.4.542'. [ 311.471537][ T9843] netlink: 8 bytes leftover after parsing attributes in process `syz.3.543'. [ 312.166583][ T9857] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 312.166757][ T9857] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 312.166896][ T9857] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 312.167415][ T9857] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 312.228520][ T9862] netlink: 206 bytes leftover after parsing attributes in process `syz.3.547'. [ 313.272356][ T9876] snd_aloop snd_aloop.0: Parsing timer source '‘ å' failed with -22 [ 314.127090][ T9907] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 314.225852][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 314.233115][ T5152] Bluetooth: hci3: command 0x0c1a tx timeout [ 314.240483][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout [ 314.247887][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 314.661133][ T9922] FAULT_INJECTION: forcing a failure. [ 314.661133][ T9922] name failslab, interval 1, probability 0, space 0, times 0 [ 314.945913][ T9922] CPU: 0 UID: 0 PID: 9922 Comm: syz.2.556 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 314.945946][ T9922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 314.945960][ T9922] Call Trace: [ 314.945967][ T9922] [ 314.945975][ T9922] dump_stack_lvl+0x16c/0x1f0 [ 314.946009][ T9922] should_fail_ex+0x512/0x640 [ 314.946034][ T9922] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 314.946069][ T9922] should_failslab+0xc2/0x120 [ 314.946091][ T9922] __kmalloc_cache_noprof+0x6a/0x3e0 [ 314.946124][ T9922] ? kernfs_fop_open+0xa3a/0xda0 [ 314.946157][ T9922] kernfs_fop_open+0xa3a/0xda0 [ 314.946186][ T9922] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 314.946224][ T9922] do_dentry_open+0x741/0x1c10 [ 314.946258][ T9922] ? __pfx_kernfs_fop_open+0x10/0x10 [ 314.946292][ T9922] vfs_open+0x82/0x3f0 [ 314.946319][ T9922] path_openat+0x1e5e/0x2d40 [ 314.946365][ T9922] ? __pfx_path_openat+0x10/0x10 [ 314.946406][ T9922] do_filp_open+0x20b/0x470 [ 314.946440][ T9922] ? __pfx_do_filp_open+0x10/0x10 [ 314.946494][ T9922] ? alloc_fd+0x471/0x7d0 [ 314.946533][ T9922] do_sys_openat2+0x11b/0x1d0 [ 314.946557][ T9922] ? __pfx_do_sys_openat2+0x10/0x10 [ 314.946601][ T9922] __x64_sys_openat+0x174/0x210 [ 314.946627][ T9922] ? __pfx___x64_sys_openat+0x10/0x10 [ 314.946654][ T9922] ? rcu_is_watching+0x12/0xc0 [ 314.946690][ T9922] do_syscall_64+0xcd/0x260 [ 314.946723][ T9922] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.946745][ T9922] RIP: 0033:0x7faff6d8d169 [ 314.946763][ T9922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 314.946784][ T9922] RSP: 002b:00007faff7b04038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 314.946805][ T9922] RAX: ffffffffffffffda RBX: 00007faff6fa6080 RCX: 00007faff6d8d169 [ 314.946820][ T9922] RDX: 0000000000124001 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 314.946834][ T9922] RBP: 00007faff6e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 314.946847][ T9922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 314.946860][ T9922] R13: 0000000000000000 R14: 00007faff6fa6080 R15: 00007ffe6a59a2e8 [ 314.946888][ T9922] [ 316.466277][ T9966] FAULT_INJECTION: forcing a failure. [ 316.466277][ T9966] name failslab, interval 1, probability 0, space 0, times 0 [ 316.516056][ T9966] CPU: 0 UID: 0 PID: 9966 Comm: syz.4.561 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 316.516093][ T9966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 316.516107][ T9966] Call Trace: [ 316.516114][ T9966] [ 316.516123][ T9966] dump_stack_lvl+0x16c/0x1f0 [ 316.516166][ T9966] should_fail_ex+0x512/0x640 [ 316.516192][ T9966] ? __kmalloc_noprof+0xbf/0x510 [ 316.516228][ T9966] ? tracing_log_err+0xb9/0x6a0 [ 316.516276][ T9966] should_failslab+0xc2/0x120 [ 316.516297][ T9966] __kmalloc_noprof+0xd2/0x510 [ 316.516328][ T9966] ? __pfx_trace_seq_printf+0x10/0x10 [ 316.516364][ T9966] tracing_log_err+0xb9/0x6a0 [ 316.516404][ T9966] append_filter_err+0x380/0x5e0 [ 316.516440][ T9966] apply_subsystem_event_filter+0x678/0x1450 [ 316.516482][ T9966] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 316.516524][ T9966] ? _copy_from_user+0x59/0xd0 [ 316.516554][ T9966] subsystem_filter_write+0x95/0x120 [ 316.516590][ T9966] vfs_write+0x25c/0x1180 [ 316.516619][ T9966] ? __pfx_subsystem_filter_write+0x10/0x10 [ 316.516657][ T9966] ? __pfx___mutex_lock+0x10/0x10 [ 316.516686][ T9966] ? __pfx_vfs_write+0x10/0x10 [ 316.516725][ T9966] ? __fget_files+0x20e/0x3c0 [ 316.516772][ T9966] ksys_write+0x12a/0x240 [ 316.516802][ T9966] ? __pfx_ksys_write+0x10/0x10 [ 316.516831][ T9966] ? rcu_is_watching+0x12/0xc0 [ 316.516867][ T9966] do_syscall_64+0xcd/0x260 [ 316.516899][ T9966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.516921][ T9966] RIP: 0033:0x7f0070f8d169 [ 316.516938][ T9966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 316.516959][ T9966] RSP: 002b:00007f0071e64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 316.516979][ T9966] RAX: ffffffffffffffda RBX: 00007f00711a5fa0 RCX: 00007f0070f8d169 [ 316.516994][ T9966] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006 [ 316.517006][ T9966] RBP: 00007f007100e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 316.517019][ T9966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 316.517031][ T9966] R13: 0000000000000000 R14: 00007f00711a5fa0 R15: 00007ffc3a07d398 [ 316.517059][ T9966] [ 317.155848][ T9973] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 317.245884][ T9956] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 317.269991][ T9956] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 317.298898][ T9956] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 317.325578][ T9956] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 318.158660][T10035] snd_aloop snd_aloop.0: Parsing timer source '‘ å' failed with -22 [ 318.396081][T10037] nbd: socks must be embedded in a SOCK_ITEM attr [ 318.518581][T10037] block nbd0: shutting down sockets [ 318.900588][T10046] FAULT_INJECTION: forcing a failure. [ 318.900588][T10046] name failslab, interval 1, probability 0, space 0, times 0 [ 319.215575][T10046] CPU: 0 UID: 0 PID: 10046 Comm: syz.2.568 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 319.215608][T10046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 319.215623][T10046] Call Trace: [ 319.215629][T10046] [ 319.215638][T10046] dump_stack_lvl+0x16c/0x1f0 [ 319.215673][T10046] should_fail_ex+0x512/0x640 [ 319.215703][T10046] should_failslab+0xc2/0x120 [ 319.215726][T10046] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 319.215762][T10046] ? skb_clone+0x190/0x3f0 [ 319.215795][T10046] skb_clone+0x190/0x3f0 [ 319.215824][T10046] netlink_deliver_tap+0xabd/0xd30 [ 319.215861][T10046] netlink_unicast+0x5df/0x7f0 [ 319.215895][T10046] ? __pfx_netlink_unicast+0x10/0x10 [ 319.215924][T10046] ? __lock_acquire+0xaa4/0x1ba0 [ 319.215953][T10046] netlink_sendmsg+0x8d1/0xdd0 [ 319.215995][T10046] ? __pfx_netlink_sendmsg+0x10/0x10 [ 319.216037][T10046] ____sys_sendmsg+0xa95/0xc70 [ 319.216073][T10046] ? copy_msghdr_from_user+0x10a/0x160 [ 319.216102][T10046] ? __pfx_____sys_sendmsg+0x10/0x10 [ 319.216141][T10046] ? kfree+0x252/0x4d0 [ 319.216169][T10046] ? try_to_wake_up+0xa2f/0x1680 [ 319.216203][T10046] ___sys_sendmsg+0x134/0x1d0 [ 319.216232][T10046] ? __pfx____sys_sendmsg+0x10/0x10 [ 319.216297][T10046] __sys_sendmsg+0x16d/0x220 [ 319.216325][T10046] ? __pfx___sys_sendmsg+0x10/0x10 [ 319.216353][T10046] ? __x64_sys_futex+0x1e0/0x4c0 [ 319.216394][T10046] ? rcu_is_watching+0x12/0xc0 [ 319.216431][T10046] do_syscall_64+0xcd/0x260 [ 319.216464][T10046] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.216487][T10046] RIP: 0033:0x7faff6d8d169 [ 319.216505][T10046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 319.216527][T10046] RSP: 002b:00007faff7b25038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 319.216548][T10046] RAX: ffffffffffffffda RBX: 00007faff6fa5fa0 RCX: 00007faff6d8d169 [ 319.216563][T10046] RDX: 0000000000040000 RSI: 00002000000023c0 RDI: 0000000000000008 [ 319.216577][T10046] RBP: 00007faff6e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 319.216591][T10046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 319.216604][T10046] R13: 0000000000000000 R14: 00007faff6fa5fa0 R15: 00007ffe6a59a2e8 [ 319.216632][T10046] [ 319.928198][ T5152] Bluetooth: hci2: command 0x0c1a tx timeout [ 319.935565][ T5152] Bluetooth: hci0: command 0x0c1a tx timeout [ 319.942773][ T5152] Bluetooth: hci1: command 0x0c1a tx timeout [ 319.953520][ T5152] Bluetooth: hci3: command 0x0c1a tx timeout [ 321.031452][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 321.039168][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 325.716950][T10175] snd_aloop snd_aloop.0: Parsing timer source '‘ å' failed with -22 [ 327.328677][T10198] netlink: 338 bytes leftover after parsing attributes in process `syz.0.593'. [ 327.527586][T10195] netlink: 338 bytes leftover after parsing attributes in process `syz.0.593'. [ 327.644658][T10198] netlink: 338 bytes leftover after parsing attributes in process `syz.0.593'. [ 328.001474][T10202] netlink: 338 bytes leftover after parsing attributes in process `syz.0.593'. [ 328.068319][ T5842] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 328.668766][T10229] ima: policy update failed [ 328.790148][ T30] audit: type=1802 audit(63369.260:5): pid=10229 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.596" res=0 errno=0 [ 329.372900][T10248] netlink: 8 bytes leftover after parsing attributes in process `syz.4.600'. [ 329.807029][T10265] snd_aloop snd_aloop.0: Parsing timer source '‘ å' failed with -22 [ 329.903053][T10262] netlink: 2 bytes leftover after parsing attributes in process `syz.2.603'. [ 331.920545][T10310] FAULT_INJECTION: forcing a failure. [ 331.920545][T10310] name failslab, interval 1, probability 0, space 0, times 0 [ 332.104289][T10310] CPU: 0 UID: 0 PID: 10310 Comm: syz.4.612 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 332.104324][T10310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 332.104339][T10310] Call Trace: [ 332.104346][T10310] [ 332.104355][T10310] dump_stack_lvl+0x16c/0x1f0 [ 332.104391][T10310] should_fail_ex+0x512/0x640 [ 332.104418][T10310] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 332.104458][T10310] should_failslab+0xc2/0x120 [ 332.104480][T10310] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 332.104517][T10310] ? security_file_alloc+0x34/0x2b0 [ 332.104556][T10310] security_file_alloc+0x34/0x2b0 [ 332.104586][T10310] init_file+0x93/0x4c0 [ 332.104610][T10310] alloc_empty_file+0x73/0x1e0 [ 332.104637][T10310] path_openat+0xe0/0x2d40 [ 332.104670][T10310] ? __x64_sys_openat+0x174/0x210 [ 332.104694][T10310] ? do_syscall_64+0xcd/0x260 [ 332.104730][T10310] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.104764][T10310] ? __pfx_path_openat+0x10/0x10 [ 332.104807][T10310] do_filp_open+0x20b/0x470 [ 332.104843][T10310] ? __pfx_do_filp_open+0x10/0x10 [ 332.104898][T10310] ? alloc_fd+0x471/0x7d0 [ 332.104940][T10310] do_sys_openat2+0x11b/0x1d0 [ 332.104964][T10310] ? __pfx_do_sys_openat2+0x10/0x10 [ 332.104987][T10310] ? cap_validate_magic+0xab/0x200 [ 332.105027][T10310] __x64_sys_openat+0x174/0x210 [ 332.105053][T10310] ? __pfx___x64_sys_openat+0x10/0x10 [ 332.105081][T10310] ? rcu_is_watching+0x12/0xc0 [ 332.105117][T10310] do_syscall_64+0xcd/0x260 [ 332.105151][T10310] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.105174][T10310] RIP: 0033:0x7f0070f8d169 [ 332.105192][T10310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 332.105218][T10310] RSP: 002b:00007f0071e43038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 332.105240][T10310] RAX: ffffffffffffffda RBX: 00007f00711a6080 RCX: 00007f0070f8d169 [ 332.105255][T10310] RDX: 0000000000000440 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 332.105270][T10310] RBP: 00007f007100e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 332.105283][T10310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 332.105297][T10310] R13: 0000000000000000 R14: 00007f00711a6080 R15: 00007ffc3a07d398 [ 332.105326][T10310] [ 332.795012][T10302] snd_aloop snd_aloop.0: Parsing timer source '‘ å' failed with -22 [ 334.706775][ T5842] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 335.186192][T10395] Invalid ELF header magic: != ELF [ 335.230486][T10409] FAULT_INJECTION: forcing a failure. [ 335.230486][T10409] name fail_futex, interval 1, probability 0, space 0, times 0 [ 335.371506][T10408] FAULT_INJECTION: forcing a failure. [ 335.371506][T10408] name failslab, interval 1, probability 0, space 0, times 0 [ 335.507433][T10409] CPU: 0 UID: 0 PID: 10409 Comm: syz.4.620 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 335.507467][T10409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 335.507481][T10409] Call Trace: [ 335.507489][T10409] [ 335.507498][T10409] dump_stack_lvl+0x16c/0x1f0 [ 335.507534][T10409] should_fail_ex+0x512/0x640 [ 335.507564][T10409] get_futex_key+0x49e/0x1000 [ 335.507598][T10409] ? find_held_lock+0x2b/0x80 [ 335.507629][T10409] ? __pfx_get_futex_key+0x10/0x10 [ 335.507662][T10409] ? do_raw_spin_unlock+0x172/0x230 [ 335.507690][T10409] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 335.507719][T10409] ? trace_pid_list_is_set+0x100/0x150 [ 335.507757][T10409] futex_wait_setup+0x78/0x290 [ 335.507780][T10409] ? event_filter_pid_sched_wakeup_probe_post+0x103/0x270 [ 335.507827][T10409] __futex_wait+0x266/0x3c0 [ 335.507852][T10409] ? __pfx___futex_wait+0x10/0x10 [ 335.507874][T10409] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 335.507906][T10409] ? __pfx_futex_wake_mark+0x10/0x10 [ 335.507941][T10409] futex_wait+0xe8/0x380 [ 335.507963][T10409] ? __pfx_futex_wait+0x10/0x10 [ 335.508001][T10409] do_futex+0x229/0x350 [ 335.508035][T10409] ? __pfx_do_futex+0x10/0x10 [ 335.508071][T10409] ? __pfx___might_resched+0x10/0x10 [ 335.508108][T10409] __x64_sys_futex+0x1e0/0x4c0 [ 335.508146][T10409] ? __pfx___x64_sys_futex+0x10/0x10 [ 335.508182][T10409] ? rcu_is_watching+0x12/0xc0 [ 335.508219][T10409] do_syscall_64+0xcd/0x260 [ 335.508252][T10409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 335.508277][T10409] RIP: 0033:0x7f0070f8d169 [ 335.508295][T10409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 335.508324][T10409] RSP: 002b:00007f0071e220e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 335.508347][T10409] RAX: ffffffffffffffda RBX: 00007f00711a6168 RCX: 00007f0070f8d169 [ 335.508362][T10409] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f00711a6168 [ 335.508376][T10409] RBP: 00007f00711a6160 R08: 0000000000000000 R09: 0000000000000000 [ 335.508391][T10409] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f00711a616c [ 335.508404][T10409] R13: 0000000000000000 R14: 00007ffc3a07d2b0 R15: 00007ffc3a07d398 [ 335.508432][T10409] [ 336.788761][T10408] CPU: 0 UID: 0 PID: 10408 Comm: syz.4.620 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 336.788793][T10408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 336.788808][T10408] Call Trace: [ 336.788814][T10408] [ 336.788824][T10408] dump_stack_lvl+0x16c/0x1f0 [ 336.788857][T10408] should_fail_ex+0x512/0x640 [ 336.788882][T10408] ? __kmalloc_noprof+0xbf/0x510 [ 336.788918][T10408] ? sk_prot_alloc+0x1a8/0x2a0 [ 336.788949][T10408] should_failslab+0xc2/0x120 [ 336.788970][T10408] __kmalloc_noprof+0xd2/0x510 [ 336.789009][T10408] sk_prot_alloc+0x1a8/0x2a0 [ 336.789043][T10408] sk_alloc+0x36/0xc20 [ 336.789069][T10408] __netlink_create+0x5e/0x2c0 [ 336.789091][T10408] ? __wake_up+0x3f/0x60 [ 336.789124][T10408] netlink_create+0x39e/0x620 [ 336.789149][T10408] ? __pfx_genl_bind+0x10/0x10 [ 336.789180][T10408] ? __pfx_genl_unbind+0x10/0x10 [ 336.789221][T10408] ? __pfx_genl_release+0x10/0x10 [ 336.789258][T10408] __sock_create+0x335/0x8d0 [ 336.789299][T10408] __sys_socket+0x14d/0x260 [ 336.789320][T10408] ? __pfx___sys_socket+0x10/0x10 [ 336.789342][T10408] ? rcu_is_watching+0x12/0xc0 [ 336.789375][T10408] __x64_sys_socket+0x72/0xb0 [ 336.789394][T10408] ? lockdep_hardirqs_on+0x7c/0x110 [ 336.789422][T10408] do_syscall_64+0xcd/0x260 [ 336.789454][T10408] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.789477][T10408] RIP: 0033:0x7f0070f8d169 [ 336.789495][T10408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 336.789517][T10408] RSP: 002b:00007f0071e43038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 336.789538][T10408] RAX: ffffffffffffffda RBX: 00007f00711a6080 RCX: 00007f0070f8d169 [ 336.789553][T10408] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 336.789566][T10408] RBP: 00007f007100e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 336.789579][T10408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 336.789592][T10408] R13: 0000000000000000 R14: 00007f00711a6080 R15: 00007ffc3a07d398 [ 336.789619][T10408] [ 337.652899][T10458] Console: switching to colour VGA+ 80x25 [ 337.916349][T10463] netlink: 342 bytes leftover after parsing attributes in process `syz.2.625'. [ 339.006904][T10460] ptrace attach of "./syz-executor exec"[5837] was attempted by ""[10460] [ 341.860246][T10594] netlink: 330 bytes leftover after parsing attributes in process `syz.2.635'. [ 341.933234][T10586] ubi0: attaching mtd0 [ 342.110052][T10586] ubi0: scanning is finished [ 342.168218][T10586] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 342.643573][T10586] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 347.115649][T10809] netlink: 8 bytes leftover after parsing attributes in process `syz.4.651'. [ 348.677654][T10846] netlink: 8 bytes leftover after parsing attributes in process `syz.0.654'. [ 349.193662][T10858] netlink: 8 bytes leftover after parsing attributes in process `syz.0.654'. [ 359.401251][ T5152] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 359.413648][ T5152] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 359.423992][ T5152] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 359.438232][ T5152] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 359.450744][ T5152] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 361.506315][ T5152] Bluetooth: hci4: command tx timeout [ 361.978491][T11151] chnl_net:caif_netlink_parms(): no params data found [ 362.813176][T11151] bridge0: port 1(bridge_slave_0) entered blocking state [ 362.863268][T11151] bridge0: port 1(bridge_slave_0) entered disabled state [ 362.918005][T11151] bridge_slave_0: entered allmulticast mode [ 362.971823][T11151] bridge_slave_0: entered promiscuous mode [ 363.022142][T11151] bridge0: port 2(bridge_slave_1) entered blocking state [ 363.055972][T11151] bridge0: port 2(bridge_slave_1) entered disabled state [ 363.103429][T11151] bridge_slave_1: entered allmulticast mode [ 363.151871][T11151] bridge_slave_1: entered promiscuous mode [ 363.410729][T11151] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 363.516365][T11151] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 363.587440][ T5152] Bluetooth: hci4: command tx timeout [ 363.697420][T11151] team0: Port device team_slave_0 added [ 363.757719][T11151] team0: Port device team_slave_1 added [ 363.973447][T11151] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 364.022646][T11151] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 364.053810][ C0] vkms_vblank_simulate: vblank timer overrun [ 364.225168][T11151] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 364.289686][T11151] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 364.334995][T11151] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 364.485538][T11151] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 365.147436][T11151] hsr_slave_0: entered promiscuous mode [ 365.155115][T11151] hsr_slave_1: entered promiscuous mode [ 365.262222][T11151] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 365.329468][T11542] could not allocate digest TFM handle binfmt_misc [ 365.338821][T11151] Cannot create hsr debugfs directory [ 365.476165][T11543] could not allocate digest TFM handle binfmt_misc [ 365.665871][ T5152] Bluetooth: hci4: command tx timeout [ 367.111950][T11151] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 367.168474][T11151] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 367.232977][T11151] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 367.341352][T11151] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 367.600857][T11686] [ 367.603684][T11686] ====================================================== [ 367.612100][T11686] WARNING: possible circular locking dependency detected [ 367.620503][T11686] 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 Not tainted [ 367.628603][T11686] ------------------------------------------------------ [ 367.637008][T11686] syz.0.697/11686 is trying to acquire lock: [ 367.644162][T11686] ffffffff9012c228 (rtnl_mutex){+.+.}-{4:4}, at: do_ipv6_setsockopt+0x2042/0x4420 [ 367.655242][T11686] [ 367.655242][T11686] but task is already holding lock: [ 367.664079][T11686] ffff8880622896a0 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x100/0xa00 [ 367.676183][T11686] [ 367.676183][T11686] which lock already depends on the new lock. [ 367.676183][T11686] [ 367.688655][T11686] [ 367.688655][T11686] the existing dependency chain (in reverse order) is: [ 367.699470][T11686] [ 367.699470][T11686] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 367.709805][T11686] __mutex_lock+0x199/0xb90 [ 367.715846][T11686] smc_switch_to_fallback+0x2d/0x9f0 [ 367.722818][T11686] smc_sendmsg+0x13d/0x520 [ 367.728744][T11686] ____sys_sendmsg+0xa95/0xc70 [ 367.735090][T11686] ___sys_sendmsg+0x134/0x1d0 [ 367.741330][T11686] __sys_sendmsg+0x16d/0x220 [ 367.747479][T11686] do_syscall_64+0xcd/0x260 [ 367.753518][T11686] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 367.761238][T11686] [ 367.761238][T11686] -> #1 (sk_lock-AF_INET6){+.+.}-{0:0}: [ 367.770521][T11686] lock_sock_nested+0x41/0xf0 [ 367.776779][T11686] sockopt_lock_sock+0x54/0x70 [ 367.783122][T11686] do_ip_setsockopt+0xfe/0x3240 [ 367.789574][T11686] ip_setsockopt+0x59/0xf0 [ 367.795503][T11686] ipv6_setsockopt+0x155/0x170 [ 367.801842][T11686] udpv6_setsockopt+0x7d/0xd0 [ 367.808083][T11686] do_sock_setsockopt+0x221/0x470 [ 367.814740][T11686] __sys_setsockopt+0x1a0/0x230 [ 367.821180][T11686] __x64_sys_setsockopt+0xbd/0x160 [ 367.827941][T11686] do_syscall_64+0xcd/0x260 [ 367.833972][T11686] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 367.841661][T11686] [ 367.841661][T11686] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 367.850309][T11686] __lock_acquire+0x1173/0x1ba0 [ 367.856768][T11686] lock_acquire+0x179/0x350 [ 367.862800][T11686] __mutex_lock+0x199/0xb90 [ 367.868829][T11686] do_ipv6_setsockopt+0x2042/0x4420 [ 367.875689][T11686] ipv6_setsockopt+0xcb/0x170 [ 367.881955][T11686] tcp_setsockopt+0xa4/0x100 [ 367.888082][T11686] smc_setsockopt+0x1b3/0xa00 [ 367.894308][T11686] do_sock_setsockopt+0x221/0x470 [ 367.900960][T11686] __sys_setsockopt+0x1a0/0x230 [ 367.907399][T11686] __x64_sys_setsockopt+0xbd/0x160 [ 367.914150][T11686] do_syscall_64+0xcd/0x260 [ 367.920198][T11686] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 367.927992][T11686] [ 367.927992][T11686] other info that might help us debug this: [ 367.927992][T11686] [ 367.940261][T11686] Chain exists of: [ 367.940261][T11686] rtnl_mutex --> sk_lock-AF_INET6 --> &smc->clcsock_release_lock [ 367.940261][T11686] [ 367.956639][T11686] Possible unsafe locking scenario: [ 367.956639][T11686] [ 367.965573][T11686] CPU0 CPU1 [ 367.971990][T11686] ---- ---- [ 367.978408][T11686] lock(&smc->clcsock_release_lock); [ 367.984850][T11686] lock(sk_lock-AF_INET6); [ 367.993274][T11686] lock(&smc->clcsock_release_lock); [ 368.002747][T11686] lock(rtnl_mutex); [ 368.007514][T11686] [ 368.007514][T11686] *** DEADLOCK *** [ 368.007514][T11686] [ 368.017278][T11686] 1 lock held by syz.0.697/11686: [ 368.023288][T11686] #0: ffff8880622896a0 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x100/0xa00 [ 368.035933][T11686] [ 368.035933][T11686] stack backtrace: [ 368.042991][T11686] CPU: 0 UID: 0 PID: 11686 Comm: syz.0.697 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 368.043020][T11686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 368.043034][T11686] Call Trace: [ 368.043043][T11686] [ 368.043052][T11686] dump_stack_lvl+0x116/0x1f0 [ 368.043082][T11686] print_circular_bug+0x275/0x350 [ 368.043120][T11686] check_noncircular+0x14c/0x170 [ 368.043159][T11686] __lock_acquire+0x1173/0x1ba0 [ 368.043185][T11686] lock_acquire+0x179/0x350 [ 368.043204][T11686] ? do_ipv6_setsockopt+0x2042/0x4420 [ 368.043241][T11686] ? __pfx___might_resched+0x10/0x10 [ 368.043277][T11686] __mutex_lock+0x199/0xb90 [ 368.043307][T11686] ? do_ipv6_setsockopt+0x2042/0x4420 [ 368.043337][T11686] ? lock_acquire+0x179/0x350 [ 368.043356][T11686] ? do_ipv6_setsockopt+0x2042/0x4420 [ 368.043387][T11686] ? __pfx___mutex_lock+0x10/0x10 [ 368.043418][T11686] ? finish_task_switch.isra.0+0x221/0xc10 [ 368.043451][T11686] ? rcu_is_watching+0x12/0xc0 [ 368.043480][T11686] ? trace_sched_exit_tp+0xde/0x130 [ 368.043517][T11686] ? do_ipv6_setsockopt+0x2042/0x4420 [ 368.043546][T11686] ? rtnl_lock+0x9/0x20 [ 368.043580][T11686] do_ipv6_setsockopt+0x2042/0x4420 [ 368.043612][T11686] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 368.043644][T11686] ? __lock_acquire+0xaa4/0x1ba0 [ 368.043669][T11686] ? __mutex_trylock_common+0xe9/0x250 [ 368.043691][T11686] ? __pfx___mutex_trylock_common+0x10/0x10 [ 368.043714][T11686] ? __pfx___might_resched+0x10/0x10 [ 368.043747][T11686] ? rcu_is_watching+0x12/0xc0 [ 368.043774][T11686] ? trace_contention_end+0xdd/0x130 [ 368.043796][T11686] ? __mutex_lock+0x1ca/0xb90 [ 368.043826][T11686] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 368.043853][T11686] ? smc_setsockopt+0x100/0xa00 [ 368.043873][T11686] ? __pfx___mutex_lock+0x10/0x10 [ 368.043906][T11686] ? ipv6_setsockopt+0xcb/0x170 [ 368.043934][T11686] ipv6_setsockopt+0xcb/0x170 [ 368.043964][T11686] tcp_setsockopt+0xa4/0x100 [ 368.043989][T11686] smc_setsockopt+0x1b3/0xa00 [ 368.044008][T11686] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 368.044044][T11686] ? __pfx_smc_setsockopt+0x10/0x10 [ 368.044065][T11686] ? errseq_sample+0x53/0x70 [ 368.044094][T11686] ? __pfx_smc_setsockopt+0x10/0x10 [ 368.044114][T11686] do_sock_setsockopt+0x221/0x470 [ 368.044147][T11686] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 368.044189][T11686] __sys_setsockopt+0x1a0/0x230 [ 368.044221][T11686] __x64_sys_setsockopt+0xbd/0x160 [ 368.044247][T11686] ? do_syscall_64+0x91/0x260 [ 368.044277][T11686] ? lockdep_hardirqs_on+0x7c/0x110 [ 368.044306][T11686] do_syscall_64+0xcd/0x260 [ 368.044336][T11686] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.044360][T11686] RIP: 0033:0x7f72ac98d169 [ 368.044379][T11686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 368.044402][T11686] RSP: 002b:00007f72ad820038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 368.044423][T11686] RAX: ffffffffffffffda RBX: 00007f72acba6080 RCX: 00007f72ac98d169 [ 368.044439][T11686] RDX: 000000000000001b RSI: 0000000000000029 RDI: 0400000000000003 [ 368.044453][T11686] RBP: 00007f72aca0e2a0 R08: 000000000000056b R09: 0000000000000000 [ 368.044468][T11686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 368.044482][T11686] R13: 0000000000000000 R14: 00007f72acba6080 R15: 00007ffcc6770b18 [ 368.044503][T11686] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 369.135292][ T5152] Bluetooth: hci4: command tx timeout