last executing test programs: 8.357681393s ago: executing program 0 (id=143): write$auto(0xffffffffffffffff, &(0x7f0000000000)='\'\x00', 0x4) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ila(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ILA_CMD_ADD(r1, 0x0, 0x40000) sendmsg$auto_ILA_CMD_FLUSH(r0, 0x0, 0x40844) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, 0x0, 0x40000) getrandom$auto(0x0, 0x6000000, 0x3) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/netstat\x00', 0x0, 0x0) pread64$auto(r3, 0x0, 0x3, 0x8000) 6.567098625s ago: executing program 0 (id=150): socket(0x2b, 0x1, 0x1) socket(0x1d, 0x2, 0x7) timerfd_create$auto_CLOCK_MONOTONIC(0x1, 0x800) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x2c, 0x80003, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0x80040, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) socket(0xa, 0x1, 0x84) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) write$auto(0x3, 0x0, 0x5b0) 6.391975757s ago: executing program 0 (id=152): bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x2, 0x4, 0x3, 0x2, 0x8, 0xc, 0xe3, 0x400000000a, 0x3}, 0x6f6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.6/usb7/power/wakeup_active_count\x00') prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) madvise$auto(0x0, 0x2000000080000001, 0x3) capget$auto(0x0, 0xfffffffffffffffe) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x408, 0x7, 0x1ff, 0x7, 0x42, 0x4909b6f8, 0x1ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x3, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x0, 0x7, 0x2100, 0x200, 0x0, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x6, 0x2000, 0x0, 0x6, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x0, 0x0, 0x5, 0xfffffffffffffffe, 0xffffffffffffbfff, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0xfffffffffffffffe, 0x2000000000000000, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x0, 0x0, 0x6, 0x0, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x0, 0x3, 0xfffffffffffffffa, 0x8, 0x4000000000, 0x7]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 4.731755026s ago: executing program 2 (id=161): write$auto(0xffffffffffffffff, &(0x7f0000000000)='\'\x00', 0x4) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ila(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ILA_CMD_ADD(r1, 0x0, 0x40000) sendmsg$auto_ILA_CMD_FLUSH(r0, 0x0, 0x40844) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, 0x0, 0x40000) getrandom$auto(0x0, 0x6000000, 0x3) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/netstat\x00', 0x0, 0x0) pread64$auto(r3, 0x0, 0x3, 0x8000) 4.69638019s ago: executing program 3 (id=162): openat$auto_generic(0xffffffffffffff9c, &(0x7f00000032c0)='/proc/kmsg\x00', 0x80002, 0x0) poll$auto(0x0, 0x2, 0x7) mmap$auto(0x0, 0x8000, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x0, 0x0) flock$auto(0xffffffffffffffff, 0x2) flock$auto(0xffffffffffffffff, 0x2) sendmsg$auto_NL802154_CMD_DEL_SEC_DEV(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x40000c4}, 0xc011) sendmsg$auto_NLBL_CIPSOV4_C_LIST(0xffffffffffffffff, 0x0, 0x24000000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) getsockopt$auto(0xffffffffffffffff, 0xff, 0xb, 0x0, 0x0) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_EEE_GET(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000007c0)={0x2c, r1, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@ETHTOOL_A_EEE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x804}, 0x400c850) open(0x0, 0x22240, 0x55) 4.540604029s ago: executing program 0 (id=163): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x8) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/mmap_min_addr\x00', 0x101302, 0x0) signalfd$auto(0xffffffff, 0x0, 0x8) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1/file0\x00', 0x840, 0xc) socket(0x1d, 0x2, 0x6) socket(0x2, 0x3, 0x1) io_uring_setup$auto(0x6, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) io_uring_setup$auto(0x2, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) socketpair$auto(0x4004, 0xf, 0x4, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TCFLSH2(r0, 0x800455ca, 0x0) 4.176887246s ago: executing program 3 (id=164): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x10000000000048, 0x0) socket(0x2, 0x801, 0x106) bind$auto(0x3, 0x0, 0x6a) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) 3.841463213s ago: executing program 0 (id=166): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci7/hci7:200/power/control\x00', 0x1, 0x0) mmap$auto(0xd, 0x2020009, 0x5, 0xeb1, r0, 0x8000) r1 = socket(0x2, 0x3, 0xa) connect$auto(r1, &(0x7f00000000c0), 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x9fe) ustat$auto(0x20000801, &(0x7f0000000000)={0xbff, 0x2, "be5705f65205", "064885ca64ad"}) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r3, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000080)={0x4c, r2, 0x1, 0x70bd29, 0x25dfdc02, {}, [@ETHTOOL_A_MODULE_EEPROM_I2C_ADDRESS={0x5, 0x6, 0x9}, @ETHTOOL_A_MODULE_EEPROM_LENGTH={0x8, 0x3, 0x7}, @ETHTOOL_A_MODULE_EEPROM_PAGE={0x5, 0x4, 0xe9}, @ETHTOOL_A_MODULE_EEPROM_OFFSET={0x8, 0x2, 0xf7}, @ETHTOOL_A_MODULE_EEPROM_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4004084}, 0x82) sigaltstack$auto(&(0x7f0000000080)={0x0, 0x80000002}, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x80000001, 0x4000e) r4 = gettid() process_vm_writev$auto(r4, &(0x7f0000002980)={0x0, 0x7ff}, 0x3, &(0x7f0000002a40)={0x0, 0x100000004007}, 0x7, 0x0) 3.660432828s ago: executing program 3 (id=167): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) mbind$auto(0x9, 0x84, 0x4, 0x0, 0x80000000, 0x7f) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) shutdown$auto(0x200000003, 0x2) mlockall$auto(0x7) madvise$auto(0x0, 0x2000040080000004, 0xe) modify_ldt$auto(0x1, 0x0, 0x10) modify_ldt$auto(0x807ff0000000000, 0x0, 0x40100000000aa) recvmmsg$auto(0x3, 0x0, 0x86873cbd, 0xa, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) pread64$auto(0xffffffffffffffff, 0x0, 0x20000000001, 0x7fff) 3.41342115s ago: executing program 1 (id=168): unshare$auto(0x8000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x5, 0x0, 0x104, 0x0, 0x1f, 0xb}, 0x80000c}, 0x1, 0x20000000) semtimedop$auto(0x0, &(0x7f00000000c0)={0xa, 0x81, 0x70}, 0x1f4, 0x0) semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x9, 0x36ec}, 0x1, 0x0) shmget$auto(0x0, 0xfffffffffeffffff, 0x80) ioperm$auto(0x3b, 0xf99b, 0x6) r0 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r0, 0x107, 0x1, 0x0, 0x8004) r1 = fanotify_init$auto(0x5, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), r1) r3 = semctl$auto_IPC_STAT(0x4, 0x8, 0x2, 0x5) sendmsg$auto_WG_CMD_GET_DEVICE(r0, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c010000", @ANYRES16=r2, @ANYBLOB="01002dbd7040fddbdf2500000000080005000600000008000700000000000800050002000000f00008801400ed0000000000000000000000000000000001", @ANYRES32=r3, @ANYBLOB="1d00ed002f6465762f6476622f61646170746572302f64656d757830000000001d0041002f6465762f6476622f61646170746572302f64656d757830000000000400af80e15435d036386ffda5a740824a58825555be53a7e0142f0429da9b594caf34695526b108c2d1a3fd8345269e342c41df104821fe09446fc7432c76e861be09b07b0a0191442e7a83da5b00b6c9bb09fc7e79d1749d1f3e8bd05201fb2e36087d6a5cf2521d38f56ae4f584c74e5bb3d572af5263230eedeb9195fd00"], 0x11c}}, 0x800) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) madvise$auto(0x0, 0x200007, 0x8) io_setup$auto(0x10000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 3.375047936s ago: executing program 2 (id=169): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/blkio.throttle.read_bps_device\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r2}, 0x6a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(0x3, &(0x7f00000000c0)=@can={0x1d, r3}, 0x18) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x200001, 0x0, 0x0, 0x9}, 0x100}, 0xffffffff, 0x0) syz_clone(0x100211, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSTI2(r4, 0x545c, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) 2.548526587s ago: executing program 2 (id=170): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) msgctl$auto_IPC_SET(0x0, 0x1, &(0x7f0000000180)={{0x86, 0xee00, 0xffffffffffffffff, 0x2, 0xc0, 0x1, 0x100}, &(0x7f0000000100)=0x2e, 0x0, 0x0, 0x800, 0x1, 0x5, 0x7, 0x0, 0xfff7, 0x100, @raw=0x5}) sysfs$auto(0x2, 0x10000000000048, 0x0) socket(0x2, 0x801, 0x106) geteuid() bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) write$auto(0x3, 0x0, 0x100082) write$auto(0x3, 0x0, 0x100082) 2.258090871s ago: executing program 2 (id=171): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x163041, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x1}, 0x800009}, 0x5, 0x20000000) socket(0xa, 0x2, 0x0) unshare$auto(0x40000080) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x82, 0x0) write$auto(0x3, 0x0, 0xfffffdef) ioctl$auto_TIOCVHANGUP2(0xffffffffffffffff, 0x5437, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) setpriority$auto(0x1, 0x0, 0x2) capset$auto(0x0, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xf90000, 0x0, 0xfffffffffffffffd) 2.085971226s ago: executing program 1 (id=172): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r0 = open(0x0, 0x261c2, 0x84) close_range$auto(0x2, 0x8000, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) io_uring_setup$auto(0x9, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) r3 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'wg0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r5, r4, 0x4, 0x401, r3, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r1, 0x0, 0x3}, 0xc) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc) bpf$auto(0x2, &(0x7f0000000500)=@bpf_attr_11={0x5, 0x8000000000000001, 0x9, 0x5, 0xf870e9c, 0x7, 0x8}, 0x9) bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x4}, 0xc) 1.890424019s ago: executing program 1 (id=173): stat$auto(0x0, 0x0) 1.806033115s ago: executing program 2 (id=174): r0 = socket(0x2, 0x80002, 0x73) socket(0x1d, 0x3, 0x1) socket(0xa, 0x5, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000680)='/dev/v4l-subdev5\x00', 0x20281, 0x0) socket(0x1d, 0x800, 0x84) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x4000000) setsockopt$auto(0x3, 0x10000000084, 0x25, 0x0, 0x90) pwrite64$auto(r0, 0x0, 0x6, 0x100000003) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, r0, 0x1008000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x6, 0x4) 1.648951434s ago: executing program 3 (id=175): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) connect$auto(0xffffffffffffffff, 0x0, 0x57) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x88) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0x5aa, &(0x7f0000000100)={0x0, 0x49}, 0x5, 0x0, 0x5, 0x1000}, 0x5}, 0x2, 0x100) sendmmsg$auto(0x3, &(0x7f0000000180)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x4, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x40, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x20006, 0x3, 0xe72, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyS3\x00', 0x40, 0x0) unshare$auto(0x40000080) 1.612988279s ago: executing program 1 (id=176): socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) userfaultfd$auto(0x1) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1, 0x1, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x2, 0x801, 0x106) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x2, 0x3a) io_uring_setup$auto(0x6, 0x0) r1 = socket(0xa, 0x2, 0x88) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=r0, 0x4, @old_prog_fd=r1}, 0xa3) bpf$auto(0x3, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x7f, @prog_cnt=0x4, 0x0, 0x80000000, 0xc, 0xb, 0x5}, 0x7) 1.390381096s ago: executing program 0 (id=177): socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x8002, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/025/001\x00', 0x802, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x0, 0x3, 0x1, 0x10, 0x1, 0x4, &(0x7f00000001c0)}) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) ioctl$auto_USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000001040)={0x80, 0x1, 0x7f, 0x1, 0x0, 0xfffffffc, 0x0}) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(0x2, 0x8, 0x0) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f00000009c0)='/sys/kernel/tracing/uprobe_events\x00', 0x302, 0x0) 1.369857657s ago: executing program 1 (id=178): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00'}) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) r1 = socket(0x18, 0x5, 0x1) connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, 0x0, 0x2, 0x0) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video52\x00', 0x0, 0x0) ioctl$auto(r2, 0x40085618, r2) 230.52324ms ago: executing program 3 (id=179): socket$nl_generic(0x10, 0x3, 0x10) socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) userfaultfd$auto(0x1) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1, 0x1, 0x1) timerfd_create$auto(0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x2, 0x3a) r1 = io_uring_setup$auto(0x6, 0x0) r2 = socket(0xa, 0x2, 0x88) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r2, @new_prog_fd=r0, 0x4, @old_map_fd=r1}, 0xa3) bpf$auto(0x3, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x7f, @prog_cnt=0x4, 0x0, 0x80000000, 0xc, 0xb, 0x5}, 0x7) 81.120752ms ago: executing program 1 (id=180): r0 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x2081, 0x0) ioctl$auto_USB_RAW_IOCTL_EP0_STALL(r0, 0x550c, 0x5f) rt_sigaction$auto(0x7, 0x0, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r1 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) ioperm$auto(0x4000000000080, 0xfffffffffffffffb, 0x5) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x4000000) connect$auto(r1, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(0x3, 0x10000000084, 0x25, 0x0, 0x90) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xa00c0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x6, 0x4) eventfd$auto(0x5d5d) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0) 80.595453ms ago: executing program 2 (id=181): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio\x00', 0xb8b42, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x2, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_short_retry_limit_ops_(0xffffffffffffff9c, 0x0, 0x440, 0x0) mmap$auto(0x0, 0x4020009, 0x8, 0xeb0, 0x401, 0x9) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xfffffffffffffebc, 0x0, 0x1, 0x0, 0x0, 0x4048004}, 0x44040) io_uring_setup$auto(0x6, 0x0) syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(0xffffffffffffffff, 0x0, 0x50000) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mmap$auto(0x1, 0x400048, 0xdf, 0x1000009b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r0, 0x0, 0x39b8) 0s ago: executing program 3 (id=182): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty12\x00', 0x800, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000001900), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_GET_TXSC(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000002b00)={&(0x7f0000001940)={0x14, r2, 0x186f202170196f7b, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x0) mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) r3 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000cc0), 0x60080, 0x0) ioctl$auto_I2C_FUNCS(r3, 0x705, 0x0) ioctl$auto(r0, 0x4b3a, 0x1) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/nbd9/queue/scheduler\x00', 0x12aa02, 0x0) r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyy7\x00', 0x2, 0x0) ioctl$auto_TIOCSWINSZ(r5, 0x5414, &(0x7f00000000c0)="05") r6 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000002f80)='/sys/kernel/debug/ieee80211/phy0/aql_enable\x00', 0x802, 0x0) write$auto(r6, 0x0, 0x0) ioctl$auto_VHOST_SET_VRING_CALL(0xffffffffffffffff, 0x4008af21, &(0x7f0000000000)={0x7, r4}) r7 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/block/loop8/state\x00', 0x161100, 0x0) mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x401, 0x8000) read$auto(r7, 0x0, 0x6) sendfile$auto(r4, r4, 0x0, 0x7ff) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.152' (ED25519) to the list of known hosts. [ 73.488561][ T5821] cgroup: Unknown subsys name 'net' [ 73.602791][ T5821] cgroup: Unknown subsys name 'cpuset' [ 73.611194][ T5821] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 75.183785][ T5821] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 76.915902][ T5839] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 76.925047][ T5839] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 76.933484][ T5839] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 76.941798][ T5839] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 76.949523][ T5839] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 76.957767][ T5839] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 76.966317][ T5839] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 76.967428][ T5844] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 76.974081][ T5839] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 76.991446][ T5839] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 76.993889][ T5845] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 77.007331][ T5150] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 77.008693][ T5845] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 77.016278][ T5150] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 77.023392][ T5845] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 77.038175][ T5837] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 77.047387][ T5837] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 77.055462][ T5845] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 77.072829][ T5845] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 77.090991][ T5843] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 77.152822][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 77.164190][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 77.363726][ T5830] chnl_net:caif_netlink_parms(): no params data found [ 77.418682][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 77.485018][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.493316][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.500919][ T5830] bridge_slave_0: entered allmulticast mode [ 77.507766][ T5830] bridge_slave_0: entered promiscuous mode [ 77.530571][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 77.544282][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.551954][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.559328][ T5830] bridge_slave_1: entered allmulticast mode [ 77.566417][ T5830] bridge_slave_1: entered promiscuous mode [ 77.623243][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.652541][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.679226][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.686841][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.694477][ T5831] bridge_slave_0: entered allmulticast mode [ 77.702298][ T5831] bridge_slave_0: entered promiscuous mode [ 77.722464][ T5830] team0: Port device team_slave_0 added [ 77.732647][ T5830] team0: Port device team_slave_1 added [ 77.738617][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.745988][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.753432][ T5831] bridge_slave_1: entered allmulticast mode [ 77.760642][ T5831] bridge_slave_1: entered promiscuous mode [ 77.783560][ T5832] chnl_net:caif_netlink_parms(): no params data found [ 77.806911][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 77.813977][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 77.840532][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 77.853784][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 77.860819][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 77.887754][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 77.919244][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.926502][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.934223][ T5838] bridge_slave_0: entered allmulticast mode [ 77.941977][ T5838] bridge_slave_0: entered promiscuous mode [ 77.952918][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.960234][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.967403][ T5838] bridge_slave_1: entered allmulticast mode [ 77.974393][ T5838] bridge_slave_1: entered promiscuous mode [ 77.983473][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.994879][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.053583][ T5830] hsr_slave_0: entered promiscuous mode [ 78.060545][ T5830] hsr_slave_1: entered promiscuous mode [ 78.068574][ T5831] team0: Port device team_slave_0 added [ 78.081558][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.093807][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.113590][ T5831] team0: Port device team_slave_1 added [ 78.145656][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.152997][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.179384][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.212986][ T5838] team0: Port device team_slave_0 added [ 78.219806][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.226791][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.253584][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.269144][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.276386][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.283958][ T5832] bridge_slave_0: entered allmulticast mode [ 78.290685][ T5832] bridge_slave_0: entered promiscuous mode [ 78.299234][ T5838] team0: Port device team_slave_1 added [ 78.320537][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.327788][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.335128][ T5832] bridge_slave_1: entered allmulticast mode [ 78.341938][ T5832] bridge_slave_1: entered promiscuous mode [ 78.405787][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.417532][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.427940][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.436697][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.462912][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.475545][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.482610][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.510413][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.524276][ T5831] hsr_slave_0: entered promiscuous mode [ 78.530525][ T5831] hsr_slave_1: entered promiscuous mode [ 78.536462][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 78.544230][ T5831] Cannot create hsr debugfs directory [ 78.587641][ T5832] team0: Port device team_slave_0 added [ 78.613424][ T5832] team0: Port device team_slave_1 added [ 78.655001][ T5838] hsr_slave_0: entered promiscuous mode [ 78.661188][ T5838] hsr_slave_1: entered promiscuous mode [ 78.667665][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 78.675516][ T5838] Cannot create hsr debugfs directory [ 78.702398][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.710415][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.736641][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.749350][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.756424][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.782438][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.886379][ T5830] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 78.906440][ T5832] hsr_slave_0: entered promiscuous mode [ 78.913690][ T5832] hsr_slave_1: entered promiscuous mode [ 78.920160][ T5832] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 78.927777][ T5832] Cannot create hsr debugfs directory [ 78.948694][ T5830] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 78.970771][ T5830] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 79.005020][ T5830] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 79.050738][ T5831] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 79.071308][ T5831] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 79.079860][ T55] Bluetooth: hci1: command tx timeout [ 79.097673][ T5831] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 79.111782][ T5831] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 79.148993][ T55] Bluetooth: hci2: command tx timeout [ 79.154810][ T55] Bluetooth: hci0: command tx timeout [ 79.161256][ T5843] Bluetooth: hci3: command tx timeout [ 79.189655][ T5838] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 79.208322][ T5838] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 79.236234][ T5838] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 79.259762][ T5838] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 79.284400][ T5832] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 79.294724][ T5832] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 79.305644][ T5832] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 79.321682][ T5832] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 79.441133][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.494926][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.507864][ T2908] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.515453][ T2908] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.542842][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.552563][ T2908] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.559875][ T2908] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.606400][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.636581][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.651072][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.683038][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.698647][ T3572] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.706064][ T3572] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.746037][ T3572] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.753247][ T3572] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.766892][ T3572] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.774197][ T3572] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.785829][ T3572] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.792986][ T3572] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.813551][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.856067][ T82] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.863496][ T82] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.895619][ T82] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.902872][ T82] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.956220][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.105381][ T5830] veth0_vlan: entered promiscuous mode [ 80.143664][ T5830] veth1_vlan: entered promiscuous mode [ 80.211528][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.226672][ T5830] veth0_macvtap: entered promiscuous mode [ 80.252154][ T5830] veth1_macvtap: entered promiscuous mode [ 80.315023][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.346592][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.367073][ T5838] veth0_vlan: entered promiscuous mode [ 80.380452][ T5830] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.390594][ T5830] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.400866][ T5830] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.410116][ T5830] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.426745][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.436215][ T5838] veth1_vlan: entered promiscuous mode [ 80.470444][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.534579][ T5838] veth0_macvtap: entered promiscuous mode [ 80.546682][ T5838] veth1_macvtap: entered promiscuous mode [ 80.599991][ T3484] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.608051][ T3484] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.614874][ T5831] veth0_vlan: entered promiscuous mode [ 80.636951][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.648264][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.660185][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.674736][ T5832] veth0_vlan: entered promiscuous mode [ 80.703555][ T5831] veth1_vlan: entered promiscuous mode [ 80.714125][ T2908] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.715723][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.722929][ T2908] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.734234][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.752635][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.771876][ T5832] veth1_vlan: entered promiscuous mode [ 80.780449][ T5838] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.791027][ T5838] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.800228][ T5838] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.810399][ T5838] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.850561][ T5831] veth0_macvtap: entered promiscuous mode [ 80.874228][ T5831] veth1_macvtap: entered promiscuous mode [ 80.920767][ T5830] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 80.947781][ T5832] veth0_macvtap: entered promiscuous mode [ 80.964553][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.976043][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.986981][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.002414][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.014136][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.025344][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.037200][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.048871][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.063055][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.076063][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.106001][ T5832] veth1_macvtap: entered promiscuous mode [ 81.142641][ T5831] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.152729][ T55] Bluetooth: hci1: command tx timeout [ 81.160946][ T5831] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.170352][ T5831] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.179305][ T5831] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.229748][ T55] Bluetooth: hci0: command tx timeout [ 81.235274][ T55] Bluetooth: hci3: command tx timeout [ 81.240928][ T5837] Bluetooth: hci2: command tx timeout [ 81.290045][ T2908] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.298218][ T82] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.317959][ T2908] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.318736][ T82] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.348504][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.369481][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.380234][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.392534][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.408845][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.420030][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.440537][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.488149][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.505190][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.517414][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.533536][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.544941][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.556603][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.569837][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.584483][ T82] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.588205][ T5832] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.603845][ T82] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.605384][ T5832] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.623606][ T5832] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.641360][ T5832] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.680218][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.688101][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.836491][ T3572] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.865140][ T3572] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.904976][ T82] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.914169][ T82] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.994295][ T5904] usb usb32: usbfs: process 5904 (syz.2.5) did not claim interface 0 before use [ 82.359622][ T5917] netlink: 338 bytes leftover after parsing attributes in process `syz.3.4'. [ 82.382957][ T5914] netlink: 338 bytes leftover after parsing attributes in process `syz.3.4'. [ 82.437711][ T5906] FAULT_INJECTION: forcing a failure. [ 82.437711][ T5906] name failslab, interval 1, probability 0, space 0, times 1 [ 82.478120][ T5914] netlink: 290 bytes leftover after parsing attributes in process `syz.3.4'. [ 82.492012][ T5906] CPU: 0 UID: 0 PID: 5906 Comm: syz.1.2 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) [ 82.492061][ T5906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 82.492082][ T5906] Call Trace: [ 82.492092][ T5906] [ 82.492105][ T5906] dump_stack_lvl+0x16c/0x1f0 [ 82.492146][ T5906] should_fail_ex+0x512/0x640 [ 82.492181][ T5906] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 82.492227][ T5906] should_failslab+0xc2/0x120 [ 82.492277][ T5906] __kmalloc_cache_noprof+0x6a/0x3e0 [ 82.492315][ T5906] ? kvm_init_irq_routing+0x43/0xf0 [ 82.492369][ T5906] kvm_init_irq_routing+0x43/0xf0 [ 82.492406][ T5906] kvm_dev_ioctl+0x7dd/0x1ad0 [ 82.492443][ T5906] ? find_held_lock+0x2b/0x80 [ 82.492475][ T5906] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 82.492510][ T5906] ? __fget_files+0x20e/0x3c0 [ 82.492555][ T5906] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 82.492589][ T5906] __x64_sys_ioctl+0x190/0x200 [ 82.492637][ T5906] do_syscall_64+0xcd/0x260 [ 82.492669][ T5906] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.492700][ T5906] RIP: 0033:0x7efd9a58d169 [ 82.492725][ T5906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.492756][ T5906] RSP: 002b:00007efd9b390038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 82.492790][ T5906] RAX: ffffffffffffffda RBX: 00007efd9a7a5fa0 RCX: 00007efd9a58d169 [ 82.492811][ T5906] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000006 [ 82.492830][ T5906] RBP: 00007efd9a60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 82.492848][ T5906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 82.492867][ T5906] R13: 0000000000000000 R14: 00007efd9a7a5fa0 R15: 00007ffde9cc7d68 [ 82.492900][ T5906] [ 82.552346][ T5914] veth0_macvtap: left promiscuous mode [ 82.563025][ T5906] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 82.776241][ T5921] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 83.155555][ T5927] FAULT_INJECTION: forcing a failure. [ 83.155555][ T5927] name failslab, interval 1, probability 0, space 0, times 0 [ 83.196892][ T5927] CPU: 0 UID: 0 PID: 5927 Comm: syz.1.8 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) [ 83.196935][ T5927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 83.196950][ T5927] Call Trace: [ 83.196959][ T5927] [ 83.196969][ T5927] dump_stack_lvl+0x16c/0x1f0 [ 83.197003][ T5927] should_fail_ex+0x512/0x640 [ 83.197034][ T5927] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 83.197079][ T5927] should_failslab+0xc2/0x120 [ 83.197117][ T5927] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 83.197155][ T5927] ? vfs_parse_fs_string+0xc3/0x150 [ 83.197197][ T5927] kmemdup_nul+0x49/0xf0 [ 83.197227][ T5927] vfs_parse_fs_string+0xc3/0x150 [ 83.197266][ T5927] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 83.197300][ T5927] ? kasan_save_track+0x14/0x30 [ 83.197335][ T5927] ? tracefs_init_fs_context+0xc8/0x110 [ 83.197365][ T5927] ? __pfx_tracefs_init_fs_context+0x10/0x10 [ 83.197393][ T5927] ? alloc_fs_context+0x59b/0x9c0 [ 83.197433][ T5927] vfs_kern_mount.part.0+0x6d/0x170 [ 83.197466][ T5927] vfs_submount+0xb6/0xd0 [ 83.197496][ T5927] trace_automount+0x3b/0x90 [ 83.197521][ T5927] __traverse_mounts+0x192/0x790 [ 83.197562][ T5927] step_into+0x5aa/0x2270 [ 83.197599][ T5927] ? __pfx_step_into+0x10/0x10 [ 83.197629][ T5927] ? __d_lookup+0x266/0x4a0 [ 83.197661][ T5927] ? lookup_fast+0x156/0x610 [ 83.197695][ T5927] walk_component+0xfc/0x5b0 [ 83.197729][ T5927] link_path_walk.part.0.constprop.0+0x682/0xd60 [ 83.197776][ T5927] path_openat+0x227/0x2d40 [ 83.197809][ T5927] ? __x64_sys_openat+0x174/0x210 [ 83.197844][ T5927] ? __pfx_path_openat+0x10/0x10 [ 83.197886][ T5927] do_filp_open+0x20b/0x470 [ 83.197920][ T5927] ? __pfx_do_filp_open+0x10/0x10 [ 83.197954][ T5927] ? find_held_lock+0x2b/0x80 [ 83.197994][ T5927] ? alloc_fd+0x420/0x760 [ 83.198034][ T5927] do_sys_openat2+0x11b/0x1d0 [ 83.198060][ T5927] ? __pfx_do_sys_openat2+0x10/0x10 [ 83.198095][ T5927] __x64_sys_openat+0x174/0x210 [ 83.198121][ T5927] ? __pfx___x64_sys_openat+0x10/0x10 [ 83.198149][ T5927] ? rcu_is_watching+0x12/0xc0 [ 83.198181][ T5927] do_syscall_64+0xcd/0x260 [ 83.198208][ T5927] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.198233][ T5927] RIP: 0033:0x7efd9a58d169 [ 83.198255][ T5927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 83.198279][ T5927] RSP: 002b:00007efd9b390038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 83.198305][ T5927] RAX: ffffffffffffffda RBX: 00007efd9a7a5fa0 RCX: 00007efd9a58d169 [ 83.198323][ T5927] RDX: 0000000000141c02 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 83.198342][ T5927] RBP: 00007efd9a60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 83.198358][ T5927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 83.198374][ T5927] R13: 0000000000000000 R14: 00007efd9a7a5fa0 R15: 00007ffde9cc7d68 [ 83.198404][ T5927] [ 83.519539][ T55] Bluetooth: hci1: command tx timeout [ 83.525388][ T55] Bluetooth: hci3: command tx timeout [ 83.531465][ T55] Bluetooth: hci2: command tx timeout [ 83.536958][ T55] Bluetooth: hci0: command tx timeout [ 84.963846][ T5935] Zero length message leads to an empty skb [ 85.551895][ T5843] Bluetooth: hci0: command tx timeout [ 85.552001][ T55] Bluetooth: hci2: command tx timeout [ 85.557463][ T5843] Bluetooth: hci3: command tx timeout [ 85.568854][ T55] Bluetooth: hci1: command tx timeout [ 86.924107][ T5970] mmap: syz.2.17 (5970) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 87.108334][ T5978] syz.0.19 uses obsolete (PF_INET,SOCK_PACKET) [ 87.222509][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 87.349082][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 87.351017][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 87.489932][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 87.520699][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 87.756446][ T5989] process 'syz.1.21' launched ':,' with NULL argv: empty string added [ 88.176940][ T5991] tipc: Started in network mode [ 88.176970][ T5991] tipc: Node identity 8e4e6f15, cluster identity 4711 [ 88.176990][ T5991] tipc: Node number set to 2387504917 [ 88.335769][ T5994] FAULT_INJECTION: forcing a failure. [ 88.335769][ T5994] name failslab, interval 1, probability 0, space 0, times 0 [ 88.335818][ T5994] CPU: 0 UID: 0 PID: 5994 Comm: syz.0.23 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) [ 88.335854][ T5994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 88.335871][ T5994] Call Trace: [ 88.335881][ T5994] [ 88.335893][ T5994] dump_stack_lvl+0x16c/0x1f0 [ 88.335927][ T5994] should_fail_ex+0x512/0x640 [ 88.335962][ T5994] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 88.336005][ T5994] should_failslab+0xc2/0x120 [ 88.336051][ T5994] __kmalloc_cache_noprof+0x6a/0x3e0 [ 88.336116][ T5994] ? sctp_endpoint_new+0x7c/0xcd0 [ 88.336168][ T5994] sctp_endpoint_new+0x7c/0xcd0 [ 88.336218][ T5994] sctp_init_sock+0xe2d/0x1330 [ 88.336261][ T5994] ? sock_init_data_uid+0x7f6/0xa00 [ 88.336307][ T5994] ? __pfx_sctp_init_sock+0x10/0x10 [ 88.336348][ T5994] inet_create+0x936/0x1090 [ 88.336376][ T5994] ? inet_create+0x93/0x1090 [ 88.336407][ T5994] __sock_create+0x335/0x8d0 [ 88.336436][ T5994] __sys_socket+0x14d/0x260 [ 88.336465][ T5994] ? __pfx___sys_socket+0x10/0x10 [ 88.336494][ T5994] ? rcu_is_watching+0x12/0xc0 [ 88.336527][ T5994] __x64_sys_socket+0x72/0xb0 [ 88.336552][ T5994] ? lockdep_hardirqs_on+0x7c/0x110 [ 88.336597][ T5994] do_syscall_64+0xcd/0x260 [ 88.336626][ T5994] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.336655][ T5994] RIP: 0033:0x7faceeb8d169 [ 88.336677][ T5994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.336704][ T5994] RSP: 002b:00007facefa35038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 88.336732][ T5994] RAX: ffffffffffffffda RBX: 00007faceeda5fa0 RCX: 00007faceeb8d169 [ 88.336751][ T5994] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000002 [ 88.336767][ T5994] RBP: 00007faceec0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 88.336784][ T5994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 88.336800][ T5994] R13: 0000000000000000 R14: 00007faceeda5fa0 R15: 00007ffd0c7ace78 [ 88.336831][ T5994] [ 89.391744][ T6013] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 89.927100][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 89.935707][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 90.904422][ T6042] netlink: 28 bytes leftover after parsing attributes in process `syz.1.33'. [ 91.132428][ T6042] bond0: (slave bond_slave_0): Releasing backup interface [ 92.346426][ T6074] netlink: 330 bytes leftover after parsing attributes in process `syz.0.39'. [ 92.420436][ T6074] net veth1_virt_wifi ›: renamed from virt_wifi0 [ 92.551868][ T96] cfg80211: failed to load regulatory.db [ 92.629488][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.639153][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.679221][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 97.475878][ T6154] netlink: 194 bytes leftover after parsing attributes in process `syz.0.53'. [ 97.743680][ T6159] FAULT_INJECTION: forcing a failure. [ 97.743680][ T6159] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 97.823013][ T6159] CPU: 0 UID: 0 PID: 6159 Comm: syz.3.54 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) [ 97.823058][ T6159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 97.823076][ T6159] Call Trace: [ 97.823085][ T6159] [ 97.823096][ T6159] dump_stack_lvl+0x16c/0x1f0 [ 97.823131][ T6159] should_fail_ex+0x512/0x640 [ 97.823163][ T6159] should_fail_alloc_page+0xe7/0x130 [ 97.823208][ T6159] prepare_alloc_pages.constprop.0+0x172/0x570 [ 97.823237][ T6159] ? stack_trace_save+0x8e/0xc0 [ 97.823265][ T6159] __alloc_frozen_pages_noprof+0x18f/0x24d0 [ 97.823306][ T6159] ? kasan_save_stack+0x42/0x60 [ 97.823345][ T6159] ? cgroup_rstat_updated+0x2a/0xb20 [ 97.823389][ T6159] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 97.823433][ T6159] ? __lock_acquire+0x5ca/0x1ba0 [ 97.823482][ T6159] ? lock_acquire+0x179/0x350 [ 97.823515][ T6159] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 97.823554][ T6159] ? policy_nodemask+0xea/0x4e0 [ 97.823596][ T6159] alloc_pages_mpol+0x1fb/0x540 [ 97.823637][ T6159] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 97.823678][ T6159] ? __lock_acquire+0x5ca/0x1ba0 [ 97.823717][ T6159] folio_alloc_mpol_noprof+0x36/0x2f0 [ 97.823748][ T6159] vma_alloc_folio_noprof+0xed/0x1e0 [ 97.823777][ T6159] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 97.823813][ T6159] do_pte_missing+0x2049/0x3ea0 [ 97.823853][ T6159] __handle_mm_fault+0x1043/0x2a50 [ 97.823896][ T6159] ? __pfx___handle_mm_fault+0x10/0x10 [ 97.823931][ T6159] ? __pte_offset_map_lock+0x155/0x2f0 [ 97.823963][ T6159] ? find_held_lock+0x2b/0x80 [ 97.823989][ T6159] ? find_held_lock+0x2b/0x80 [ 97.824034][ T6159] handle_mm_fault+0x3fa/0xaa0 [ 97.824079][ T6159] __get_user_pages+0x771/0x36f0 [ 97.824124][ T6159] ? __pfx_mt_find+0x10/0x10 [ 97.824155][ T6159] ? __pfx___get_user_pages+0x10/0x10 [ 97.824202][ T6159] populate_vma_page_range+0x278/0x3a0 [ 97.824243][ T6159] ? __pfx_populate_vma_page_range+0x10/0x10 [ 97.824287][ T6159] ? __pfx_find_vma_intersection+0x10/0x10 [ 97.824327][ T6159] ? do_mmap+0x69c/0x11b0 [ 97.824367][ T6159] __mm_populate+0x1d8/0x380 [ 97.824454][ T6159] ? __pfx___mm_populate+0x10/0x10 [ 97.824500][ T6159] ? up_write+0x1b2/0x520 [ 97.824549][ T6159] vm_mmap_pgoff+0x362/0x450 [ 97.824593][ T6159] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 97.824642][ T6159] ? __x64_sys_futex+0x1e0/0x4c0 [ 97.824675][ T6159] ? __x64_sys_futex+0x1e9/0x4c0 [ 97.824713][ T6159] ksys_mmap_pgoff+0x7d/0x5c0 [ 97.824747][ T6159] ? rcu_is_watching+0x12/0xc0 [ 97.824778][ T6159] __x64_sys_mmap+0x125/0x190 [ 97.824811][ T6159] do_syscall_64+0xcd/0x260 [ 97.824842][ T6159] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.824871][ T6159] RIP: 0033:0x7fc186b8d169 [ 97.824895][ T6159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 97.824922][ T6159] RSP: 002b:00007fc1849f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 97.824951][ T6159] RAX: ffffffffffffffda RBX: 00007fc186da5fa0 RCX: 00007fc186b8d169 [ 97.824971][ T6159] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 97.824987][ T6159] RBP: 00007fc186c0e2a0 R08: 0000000000000002 R09: 0000000000008000 [ 97.825004][ T6159] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 97.825020][ T6159] R13: 0000000000000000 R14: 00007fc186da5fa0 R15: 00007ffd0fb742a8 [ 97.825052][ T6159] [ 100.048909][ T30] audit: type=1800 audit(6038054350.813:2): pid=6179 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.58" name="file0" dev="tmpfs" ino=97 res=0 errno=0 [ 101.757693][ T6192] FAULT_INJECTION: forcing a failure. [ 101.757693][ T6192] name failslab, interval 1, probability 0, space 0, times 0 [ 101.792662][ T6192] CPU: 1 UID: 0 PID: 6192 Comm: syz.0.62 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) [ 101.792712][ T6192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 101.792733][ T6192] Call Trace: [ 101.792741][ T6192] [ 101.792754][ T6192] dump_stack_lvl+0x16c/0x1f0 [ 101.792794][ T6192] should_fail_ex+0x512/0x640 [ 101.792830][ T6192] ? __kmalloc_noprof+0xbf/0x510 [ 101.792876][ T6192] ? cache_create_net+0x9d/0x220 [ 101.792908][ T6192] should_failslab+0xc2/0x120 [ 101.792957][ T6192] __kmalloc_noprof+0xd2/0x510 [ 101.793001][ T6192] cache_create_net+0x9d/0x220 [ 101.793034][ T6192] ip_map_cache_create+0x60/0x130 [ 101.793067][ T6192] ? __pfx_sunrpc_init_net+0x10/0x10 [ 101.793092][ T6192] sunrpc_init_net+0x55/0x190 [ 101.793119][ T6192] ops_init+0x1df/0x5f0 [ 101.793161][ T6192] setup_net+0x21e/0x850 [ 101.793319][ T6192] ? __pfx_setup_net+0x10/0x10 [ 101.793360][ T6192] ? lockdep_init_map_type+0x5c/0x280 [ 101.793402][ T6192] ? __pfx_down_read_killable+0x10/0x10 [ 101.793461][ T6192] ? debug_mutex_init+0x37/0x70 [ 101.793494][ T6192] copy_net_ns+0x2a6/0x5f0 [ 101.793546][ T6192] create_new_namespaces+0x3ea/0xad0 [ 101.793590][ T6192] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 101.793629][ T6192] ksys_unshare+0x45b/0xa40 [ 101.793667][ T6192] ? __pfx_ksys_unshare+0x10/0x10 [ 101.793703][ T6192] ? xfd_validate_state+0x5d/0x180 [ 101.793741][ T6192] ? rcu_is_watching+0x12/0xc0 [ 101.793774][ T6192] __x64_sys_unshare+0x31/0x40 [ 101.793810][ T6192] do_syscall_64+0xcd/0x260 [ 101.793842][ T6192] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.793871][ T6192] RIP: 0033:0x7faceeb8d169 [ 101.793898][ T6192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 101.793928][ T6192] RSP: 002b:00007facefa35038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 101.793957][ T6192] RAX: ffffffffffffffda RBX: 00007faceeda5fa0 RCX: 00007faceeb8d169 [ 101.793977][ T6192] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 101.793996][ T6192] RBP: 00007faceec0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 101.794015][ T6192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 101.794034][ T6192] R13: 0000000000000000 R14: 00007faceeda5fa0 R15: 00007ffd0c7ace78 [ 101.794068][ T6192] [ 104.880443][ T6232] netlink: 54 bytes leftover after parsing attributes in process `syz.3.70'. [ 107.031236][ T6243] FAULT_INJECTION: forcing a failure. [ 107.031236][ T6243] name fail_futex, interval 1, probability 0, space 0, times 1 [ 107.064777][ T6243] CPU: 0 UID: 0 PID: 6243 Comm: syz.3.72 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) [ 107.064822][ T6243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 107.064838][ T6243] Call Trace: [ 107.064848][ T6243] [ 107.064859][ T6243] dump_stack_lvl+0x16c/0x1f0 [ 107.064892][ T6243] should_fail_ex+0x512/0x640 [ 107.064933][ T6243] get_futex_key+0x49e/0x1000 [ 107.064966][ T6243] ? __pfx_get_futex_key+0x10/0x10 [ 107.065005][ T6243] futex_wake+0xe7/0x4e0 [ 107.065044][ T6243] ? __pfx_futex_wake+0x10/0x10 [ 107.065081][ T6243] ? kmem_cache_free+0x2d4/0x4d0 [ 107.065120][ T6243] ? fd_install+0x1db/0x670 [ 107.065156][ T6243] ? putname+0x154/0x1a0 [ 107.065186][ T6243] do_futex+0x1e3/0x350 [ 107.065218][ T6243] ? __pfx_do_futex+0x10/0x10 [ 107.065250][ T6243] ? find_held_lock+0x2b/0x80 [ 107.065281][ T6243] __x64_sys_futex+0x1e0/0x4c0 [ 107.065324][ T6243] ? __x64_sys_openat+0x174/0x210 [ 107.065353][ T6243] ? __pfx___x64_sys_futex+0x10/0x10 [ 107.065386][ T6243] ? rcu_is_watching+0x12/0xc0 [ 107.065422][ T6243] do_syscall_64+0xcd/0x260 [ 107.065452][ T6243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.065480][ T6243] RIP: 0033:0x7fc186b8d169 [ 107.065503][ T6243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 107.065528][ T6243] RSP: 002b:00007fc1849d50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 107.065556][ T6243] RAX: ffffffffffffffda RBX: 00007fc186da6088 RCX: 00007fc186b8d169 [ 107.065581][ T6243] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc186da608c [ 107.065598][ T6243] RBP: 00007fc186da6080 R08: 00007fc1878ef000 R09: 0000000000000000 [ 107.065615][ T6243] R10: 0000000000000008 R11: 0000000000000246 R12: 00007fc186da608c [ 107.065631][ T6243] R13: 0000000000000000 R14: 00007ffd0fb741c0 R15: 00007ffd0fb742a8 [ 107.065660][ T6243] [ 107.223197][ T6239] kexec: Could not allocate control_code_buffer [ 107.548174][ T6253] FAULT_INJECTION: forcing a failure. [ 107.548174][ T6253] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 107.548258][ T6253] CPU: 0 UID: 0 PID: 6253 Comm: syz.0.74 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) [ 107.548294][ T6253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 107.548309][ T6253] Call Trace: [ 107.548318][ T6253] [ 107.548329][ T6253] dump_stack_lvl+0x16c/0x1f0 [ 107.548361][ T6253] should_fail_ex+0x512/0x640 [ 107.548402][ T6253] _copy_from_user+0x2e/0xd0 [ 107.548441][ T6253] io_ringfd_unregister+0x209/0x320 [ 107.548472][ T6253] ? __pfx_io_ringfd_unregister+0x10/0x10 [ 107.548501][ T6253] ? __pfx___mutex_trylock_common+0x10/0x10 [ 107.548547][ T6253] __io_uring_register+0xb15/0x2340 [ 107.548591][ T6253] ? trace_contention_end+0xdd/0x130 [ 107.548628][ T6253] ? __pfx___io_uring_register+0x10/0x10 [ 107.548669][ T6253] ? __mutex_lock+0x1cb/0xb00 [ 107.548699][ T6253] ? __x64_sys_io_uring_register+0x159/0x280 [ 107.548756][ T6253] ? __pfx___mutex_lock+0x10/0x10 [ 107.548796][ T6253] ? __fget_files+0x20e/0x3c0 [ 107.548840][ T6253] __x64_sys_io_uring_register+0x169/0x280 [ 107.548885][ T6253] do_syscall_64+0xcd/0x260 [ 107.548914][ T6253] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.548940][ T6253] RIP: 0033:0x7faceeb8d169 [ 107.548964][ T6253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 107.548991][ T6253] RSP: 002b:00007facefa35038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 107.549019][ T6253] RAX: ffffffffffffffda RBX: 00007faceeda5fa0 RCX: 00007faceeb8d169 [ 107.549037][ T6253] RDX: 0000000000000000 RSI: 0000000000000015 RDI: 0000000000000002 [ 107.549062][ T6253] RBP: 00007faceec0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 107.549079][ T6253] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 107.549095][ T6253] R13: 0000000000000000 R14: 00007faceeda5fa0 R15: 00007ffd0c7ace78 [ 107.549126][ T6253] [ 107.842225][ T6258] cougar: G6 mapped to space [ 107.959052][ T6259] syz.0.76 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 110.128465][ T6281] capability: warning: `syz.1.80' uses 32-bit capabilities (legacy support in use) [ 110.281255][ T6284] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 110.316290][ T6284] CIFS mount error: No usable UNC path provided in device string! [ 110.316290][ T6284] [ 110.333131][ T6284] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 114.818423][ T6334] netlink: 4 bytes leftover after parsing attributes in process `syz.3.95'. [ 114.834022][ T6334] netlink: 354 bytes leftover after parsing attributes in process `syz.3.95'. [ 115.327696][ T6346] Invalid ELF header magic: != ELF [ 115.471080][ T6349] Invalid ELF header magic: != ELF [ 116.343055][ T6358] netlink: 28 bytes leftover after parsing attributes in process `syz.1.99'. [ 116.587918][ T6358] geneve1: entered allmulticast mode [ 116.600243][ T6364] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 117.768267][ T6385] netlink: 8 bytes leftover after parsing attributes in process `syz.1.109'. [ 118.447495][ T6402] Invalid ELF header magic: != ELF [ 123.092674][ T6448] vivid-003: ================= START STATUS ================= [ 123.124688][ T6448] vivid-003: Radio HW Seek Mode: Bounded [ 123.143742][ T6448] vivid-003: Radio Programmable HW Seek: false [ 123.208126][ T6450] FAULT_INJECTION: forcing a failure. [ 123.208126][ T6450] name failslab, interval 1, probability 0, space 0, times 0 [ 123.221773][ T6448] vivid-003: RDS Rx I/O Mode: Block I/O [ 123.244525][ T6448] vivid-003: Generate RBDS Instead of RDS: false [ 123.259332][ T6450] CPU: 1 UID: 0 PID: 6450 Comm: syz.0.124 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) [ 123.259377][ T6450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 123.259392][ T6450] Call Trace: [ 123.259401][ T6450] [ 123.259410][ T6450] dump_stack_lvl+0x16c/0x1f0 [ 123.259443][ T6450] should_fail_ex+0x512/0x640 [ 123.259471][ T6450] ? __kmalloc_noprof+0xbf/0x510 [ 123.259509][ T6450] ? ops_init+0x77/0x5f0 [ 123.259542][ T6450] should_failslab+0xc2/0x120 [ 123.259575][ T6450] __kmalloc_noprof+0xd2/0x510 [ 123.259614][ T6450] ops_init+0x77/0x5f0 [ 123.259649][ T6450] setup_net+0x21e/0x850 [ 123.259681][ T6450] ? __pfx_setup_net+0x10/0x10 [ 123.259710][ T6450] ? lockdep_init_map_type+0x5c/0x280 [ 123.259742][ T6450] ? __pfx_down_read_killable+0x10/0x10 [ 123.259769][ T6450] ? debug_mutex_init+0x37/0x70 [ 123.259793][ T6450] copy_net_ns+0x2a6/0x5f0 [ 123.259827][ T6450] create_new_namespaces+0x3ea/0xad0 [ 123.259872][ T6450] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 123.259901][ T6450] ksys_unshare+0x45b/0xa40 [ 123.259935][ T6450] ? __pfx_ksys_unshare+0x10/0x10 [ 123.259967][ T6450] ? xfd_validate_state+0x5d/0x180 [ 123.259992][ T6450] ? rcu_is_watching+0x12/0xc0 [ 123.260023][ T6450] __x64_sys_unshare+0x31/0x40 [ 123.260055][ T6450] do_syscall_64+0xcd/0x260 [ 123.260081][ T6450] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.260105][ T6450] RIP: 0033:0x7faceeb8d169 [ 123.260123][ T6450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.260145][ T6450] RSP: 002b:00007facefa35038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 123.260178][ T6450] RAX: ffffffffffffffda RBX: 00007faceeda5fa0 RCX: 00007faceeb8d169 [ 123.260193][ T6450] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 123.260205][ T6450] RBP: 00007faceec0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 123.260218][ T6450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 123.260231][ T6450] R13: 0000000000000000 R14: 00007faceeda5fa0 R15: 00007ffd0c7ace78 [ 123.260255][ T6450] [ 123.263572][ T6448] vivid-003: RDS Reception: [ 123.458750][ T6453] FAULT_INJECTION: forcing a failure. [ 123.458750][ T6453] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 123.465293][ T6448] true [ 123.496313][ T6453] CPU: 0 UID: 0 PID: 6453 Comm: syz.1.125 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) [ 123.496358][ T6453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 123.496380][ T6453] Call Trace: [ 123.496390][ T6453] [ 123.496400][ T6453] dump_stack_lvl+0x16c/0x1f0 [ 123.496436][ T6453] should_fail_ex+0x512/0x640 [ 123.496471][ T6453] should_fail_alloc_page+0xe7/0x130 [ 123.496517][ T6453] prepare_alloc_pages.constprop.0+0x172/0x570 [ 123.496548][ T6453] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 123.496582][ T6453] __alloc_frozen_pages_noprof+0x18f/0x24d0 [ 123.496619][ T6453] ? arch_stack_walk+0xa6/0x100 [ 123.496660][ T6453] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 123.496701][ T6453] ? stack_trace_save+0x8e/0xc0 [ 123.496726][ T6453] ? __pfx_stack_trace_save+0x10/0x10 [ 123.496751][ T6453] ? stack_depot_save_flags+0x29/0x9c0 [ 123.496780][ T6453] ? find_held_lock+0x2b/0x80 [ 123.496807][ T6453] ? kasan_save_stack+0x42/0x60 [ 123.496839][ T6453] ? interleave_nodes+0x16b/0x410 [ 123.496878][ T6453] ? policy_nodemask+0xea/0x4e0 [ 123.496914][ T6453] alloc_pages_mpol+0x1fb/0x540 [ 123.496951][ T6453] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 123.496986][ T6453] ? __page_table_check_ptes_set+0x16a/0x3e0 [ 123.497022][ T6453] ? do_raw_spin_lock+0x12c/0x2b0 [ 123.497056][ T6453] ? find_held_lock+0x2b/0x80 [ 123.497081][ T6453] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 123.497113][ T6453] alloc_pages_noprof+0x131/0x390 [ 123.497148][ T6453] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 123.497188][ T6453] get_free_pages_noprof+0xc/0x40 [ 123.497211][ T6453] kasan_populate_vmalloc_pte+0x2d/0x160 [ 123.497244][ T6453] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 123.497275][ T6453] __apply_to_page_range+0x5f9/0xd30 [ 123.497307][ T6453] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 123.497343][ T6453] ? __pfx___apply_to_page_range+0x10/0x10 [ 123.497378][ T6453] ? alloc_vmap_area+0x872/0x2970 [ 123.497411][ T6453] alloc_vmap_area+0x919/0x2970 [ 123.497446][ T6453] ? __pfx_alloc_vmap_area+0x10/0x10 [ 123.497478][ T6453] __get_vm_area_node+0x1a7/0x300 [ 123.497510][ T6453] __vmalloc_node_range_noprof+0x277/0x1540 [ 123.497541][ T6453] ? __do_sys_listmount+0x1c2/0xec0 [ 123.497580][ T6453] ? __do_sys_listmount+0x1c2/0xec0 [ 123.497614][ T6453] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 123.497654][ T6453] __kvmalloc_node_noprof+0x2ff/0x600 [ 123.497688][ T6453] ? __do_sys_listmount+0x1c2/0xec0 [ 123.497719][ T6453] ? __do_sys_listmount+0x1c2/0xec0 [ 123.497753][ T6453] ? __do_sys_listmount+0x1c2/0xec0 [ 123.497782][ T6453] __do_sys_listmount+0x1c2/0xec0 [ 123.497815][ T6453] ? __x64_sys_futex+0x1e0/0x4c0 [ 123.497843][ T6453] ? __x64_sys_futex+0x1e9/0x4c0 [ 123.497869][ T6453] ? __pfx___do_sys_listmount+0x10/0x10 [ 123.497899][ T6453] ? xfd_validate_state+0x5d/0x180 [ 123.497931][ T6453] do_syscall_64+0xcd/0x260 [ 123.497958][ T6453] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.497982][ T6453] RIP: 0033:0x7efd9a58d169 [ 123.498003][ T6453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.498026][ T6453] RSP: 002b:00007efd9b390038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 123.498052][ T6453] RAX: ffffffffffffffda RBX: 00007efd9a7a5fa0 RCX: 00007efd9a58d169 [ 123.498068][ T6453] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 123.498082][ T6453] RBP: 00007efd9a60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 123.498096][ T6453] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 123.498110][ T6453] R13: 0000000000000000 R14: 00007efd9a7a5fa0 R15: 00007ffde9cc7d68 [ 123.498135][ T6453] [ 123.511673][ T6453] syz.1.125: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null) [ 123.540474][ T6448] [ 123.588535][ T6453] ,cpuset= [ 123.645529][ T6448] vivid-003: RDS Program Type: [ 123.653234][ T6453] / [ 123.709553][ T6448] 0 inactive [ 123.742046][ T6453] ,mems_allowed=0-1 [ 123.744564][ T6448] [ 123.755796][ T6453] [ 123.778958][ T6448] vivid-003: RDS PS Name: [ 123.797142][ T6453] CPU: 0 UID: 0 PID: 6453 Comm: syz.1.125 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) [ 123.797182][ T6453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 123.797206][ T6453] Call Trace: [ 123.797214][ T6453] [ 123.797224][ T6453] dump_stack_lvl+0x16c/0x1f0 [ 123.797254][ T6453] warn_alloc+0x248/0x3a0 [ 123.797291][ T6453] ? __pfx_warn_alloc+0x10/0x10 [ 123.797324][ T6453] ? kfree+0x2b6/0x4d0 [ 123.797358][ T6453] ? __get_vm_area_node+0x1e5/0x300 [ 123.797391][ T6453] __vmalloc_node_range_noprof+0xd31/0x1540 [ 123.797429][ T6453] ? __do_sys_listmount+0x1c2/0xec0 [ 123.797465][ T6453] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 123.797503][ T6453] __kvmalloc_node_noprof+0x2ff/0x600 [ 123.797535][ T6453] ? __do_sys_listmount+0x1c2/0xec0 [ 123.797565][ T6453] ? __do_sys_listmount+0x1c2/0xec0 [ 123.797598][ T6453] ? __do_sys_listmount+0x1c2/0xec0 [ 123.797626][ T6453] __do_sys_listmount+0x1c2/0xec0 [ 123.797659][ T6453] ? __x64_sys_futex+0x1e0/0x4c0 [ 123.797686][ T6453] ? __x64_sys_futex+0x1e9/0x4c0 [ 123.797712][ T6453] ? __pfx___do_sys_listmount+0x10/0x10 [ 123.797742][ T6453] ? xfd_validate_state+0x5d/0x180 [ 123.797776][ T6453] do_syscall_64+0xcd/0x260 [ 123.797801][ T6453] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.797825][ T6453] RIP: 0033:0x7efd9a58d169 [ 123.797851][ T6453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.797873][ T6453] RSP: 002b:00007efd9b390038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 123.797898][ T6453] RAX: ffffffffffffffda RBX: 00007efd9a7a5fa0 RCX: 00007efd9a58d169 [ 123.797914][ T6453] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 123.797928][ T6453] RBP: 00007efd9a60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 123.797941][ T6453] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 123.797955][ T6453] R13: 0000000000000000 R14: 00007efd9a7a5fa0 R15: 00007ffde9cc7d68 [ 123.797982][ T6453] [ 123.798129][ T6453] Mem-Info: [ 123.799489][ T6448] [ 123.810091][ T6453] active_anon:9854 inactive_anon:0 isolated_anon:0 [ 123.810091][ T6453] active_file:14083 inactive_file:38764 isolated_file:0 [ 123.810091][ T6453] unevictable:768 dirty:809 writeback:0 [ 123.810091][ T6453] slab_reclaimable:9765 slab_unreclaimable:94580 [ 123.810091][ T6453] mapped:25545 shmem:1439 pagetables:792 [ 123.810091][ T6453] sec_pagetables:0 bounce:0 [ 123.810091][ T6453] kernel_misc_reclaimable:0 [ 123.810091][ T6453] free:1339836 free_pcp:510 free_cma:0 [ 123.824983][ T6448] inactive [ 123.901040][ T6453] Node 0 active_anon:39416kB inactive_anon:0kB active_file:56332kB inactive_file:154984kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:102180kB dirty:3236kB writeback:0kB shmem:4220kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10996kB pagetables:3164kB sec_pagetables:0kB all_unreclaimable? no [ 123.903774][ T6448] [ 123.934689][ T6453] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:4kB sec_pagetables:0kB all_unreclaimable? no [ 123.943152][ T6448] vivid-003: RDS Radio Text: [ 123.999232][ T6453] Node 0 [ 124.001602][ T6448] [ 124.288983][ T6453] DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 124.309072][ T6448] inactive [ 124.339603][ T6453] lowmem_reserve[]: 0 2485 2487 2487 2487 [ 124.351796][ T6448] vivid-003: RDS Traffic Announcement: false inactive [ 124.392305][ T6448] vivid-003: RDS Traffic Program: false inactive [ 124.409702][ T6453] Node 0 DMA32 free:1439900kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB active_anon:37964kB inactive_anon:0kB active_file:56332kB inactive_file:153160kB unevictable:1536kB writepending:3236kB present:3129332kB managed:2544812kB mlocked:0kB bounce:0kB free_pcp:1252kB local_pcp:596kB free_cma:0kB [ 124.463845][ T6448] vivid-003: RDS Music: false inactive [ 124.471373][ T6448] vivid-003: ================== END STATUS ================== [ 124.521256][ T6453] lowmem_reserve[]: 0 0 1 1 1 [ 124.526202][ T6453] Node 0 Normal free:16kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:52kB inactive_anon:0kB active_file:0kB inactive_file:1824kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 124.579738][ T6453] lowmem_reserve[]: 0 0 0 0 0 [ 124.584605][ T6453] Node 1 Normal free:3905036kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:1236kB local_pcp:248kB free_cma:0kB [ 124.624648][ T6453] lowmem_reserve[]: 0 0 0 0 0 [ 124.632065][ T6453] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 124.661668][ T6453] Node 0 DMA32: 796*4kB (UME) 1064*8kB (UME) 1214*16kB (UME) 960*32kB (UME) 732*64kB (UME) 337*128kB (UME) 160*256kB (UME) 52*512kB (UM) 29*1024kB (UME) 9*2048kB (UME) 285*4096kB (UM) = 1434896kB [ 124.704739][ T6453] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 124.727640][ T6453] Node 1 Normal: 81*4kB (UE) 81*8kB (UE) 22*16kB (UE) 175*32kB (UE) 94*64kB (UME) 27*128kB (UE) 12*256kB (UM) 7*512kB (UM) 5*1024kB (UME) 5*2048kB (UE) 944*4096kB (M) = 3905036kB syzkaller[ 124.778934][ T6453] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB syzkaller login: [ 124.812538][ T6453] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 124.845718][ T6453] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 124.862243][ T6453] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 124.873161][ T6453] 54413 total pagecache pages [ 124.877985][ T6453] 0 pages in swap cache [ 124.893253][ T6453] Free swap = 124740kB [ 124.897607][ T6453] Total swap = 124996kB [ 124.908587][ T6453] 2097051 pages RAM [ 124.918717][ T6453] 0 pages HighMem/MovableOnly [ 124.924186][ T6453] 428742 pages reserved [ 124.928396][ T6453] 0 pages cma reserved [ 125.893598][ T6488] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 126.085026][ T6491] netlink: 50 bytes leftover after parsing attributes in process `syz.3.134'. [ 126.758301][ T6509] FAULT_INJECTION: forcing a failure. [ 126.758301][ T6509] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 126.784976][ T6509] CPU: 1 UID: 0 PID: 6509 Comm: syz.3.138 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) [ 126.785024][ T6509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 126.785042][ T6509] Call Trace: [ 126.785053][ T6509] [ 126.785064][ T6509] dump_stack_lvl+0x16c/0x1f0 [ 126.785098][ T6509] should_fail_ex+0x512/0x640 [ 126.785148][ T6509] should_fail_alloc_page+0xe7/0x130 [ 126.785199][ T6509] prepare_alloc_pages.constprop.0+0x172/0x570 [ 126.785238][ T6509] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 126.785275][ T6509] __alloc_frozen_pages_noprof+0x18f/0x24d0 [ 126.785321][ T6509] ? arch_stack_walk+0xa6/0x100 [ 126.785361][ T6509] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 126.785402][ T6509] ? stack_trace_save+0x8e/0xc0 [ 126.785429][ T6509] ? __pfx_stack_trace_save+0x10/0x10 [ 126.785457][ T6509] ? stack_depot_save_flags+0x29/0x9c0 [ 126.785489][ T6509] ? find_held_lock+0x2b/0x80 [ 126.785519][ T6509] ? kasan_save_stack+0x42/0x60 [ 126.785557][ T6509] ? interleave_nodes+0x16b/0x410 [ 126.785609][ T6509] ? policy_nodemask+0xea/0x4e0 [ 126.785651][ T6509] alloc_pages_mpol+0x1fb/0x540 [ 126.785694][ T6509] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 126.785735][ T6509] ? __page_table_check_ptes_set+0x16a/0x3e0 [ 126.785781][ T6509] ? do_raw_spin_lock+0x12c/0x2b0 [ 126.785824][ T6509] ? find_held_lock+0x2b/0x80 [ 126.785852][ T6509] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 126.785886][ T6509] alloc_pages_noprof+0x131/0x390 [ 126.785928][ T6509] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 126.785964][ T6509] get_free_pages_noprof+0xc/0x40 [ 126.785990][ T6509] kasan_populate_vmalloc_pte+0x2d/0x160 [ 126.786028][ T6509] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 126.786064][ T6509] __apply_to_page_range+0x5f9/0xd30 [ 126.786101][ T6509] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 126.786152][ T6509] ? __pfx___apply_to_page_range+0x10/0x10 [ 126.786184][ T6509] ? alloc_vmap_area+0x872/0x2970 [ 126.786216][ T6509] alloc_vmap_area+0x919/0x2970 [ 126.786254][ T6509] ? __pfx_alloc_vmap_area+0x10/0x10 [ 126.786289][ T6509] __get_vm_area_node+0x1a7/0x300 [ 126.786325][ T6509] __vmalloc_node_range_noprof+0x277/0x1540 [ 126.786359][ T6509] ? __do_sys_listmount+0x1c2/0xec0 [ 126.786402][ T6509] ? __do_sys_listmount+0x1c2/0xec0 [ 126.786441][ T6509] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 126.786486][ T6509] __kvmalloc_node_noprof+0x2ff/0x600 [ 126.786524][ T6509] ? __do_sys_listmount+0x1c2/0xec0 [ 126.786559][ T6509] ? __do_sys_listmount+0x1c2/0xec0 [ 126.786597][ T6509] ? __do_sys_listmount+0x1c2/0xec0 [ 126.786630][ T6509] __do_sys_listmount+0x1c2/0xec0 [ 126.786668][ T6509] ? __x64_sys_futex+0x1e0/0x4c0 [ 126.786699][ T6509] ? __x64_sys_futex+0x1e9/0x4c0 [ 126.786729][ T6509] ? __pfx___do_sys_listmount+0x10/0x10 [ 126.786764][ T6509] ? xfd_validate_state+0x5d/0x180 [ 126.786799][ T6509] do_syscall_64+0xcd/0x260 [ 126.786828][ T6509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.786855][ T6509] RIP: 0033:0x7fc186b8d169 [ 126.786877][ T6509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 126.786903][ T6509] RSP: 002b:00007fc1849f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 126.786930][ T6509] RAX: ffffffffffffffda RBX: 00007fc186da5fa0 RCX: 00007fc186b8d169 [ 126.786948][ T6509] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 126.786964][ T6509] RBP: 00007fc186c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 126.786980][ T6509] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 126.786995][ T6509] R13: 0000000000000000 R14: 00007fc186da5fa0 R15: 00007ffd0fb742a8 [ 126.787025][ T6509] syzkaller syzkaller login: [ 127.782270][ T5845] Bluetooth: hci2: unexpected event 0x02 length: 726 > 260 [ 129.072765][ T6547] netlink: 4 bytes leftover after parsing attributes in process `syz.3.147'. [ 129.107605][ T6547] netlink: 354 bytes leftover after parsing attributes in process `syz.3.147'. [ 129.999192][ T6564] Invalid ELF header magic: != ELF [ 130.788376][ T6565] netlink: 28 bytes leftover after parsing attributes in process `syz.0.152'. [ 130.808666][ T6565] geneve1: entered allmulticast mode [ 131.613603][ T6583] netlink: 12 bytes leftover after parsing attributes in process `syz.1.159'. [ 131.651322][ T6583] netlink: 11 bytes leftover after parsing attributes in process `syz.1.159'. [ 134.735070][ T6638] FAULT_INJECTION: forcing a failure. [ 134.735070][ T6638] name failslab, interval 1, probability 0, space 0, times 0 [ 134.824689][ T6638] CPU: 0 UID: 0 PID: 6638 Comm: syz.3.175 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) [ 134.824739][ T6638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 134.824759][ T6638] Call Trace: [ 134.824770][ T6638] [ 134.824782][ T6638] dump_stack_lvl+0x16c/0x1f0 [ 134.824820][ T6638] should_fail_ex+0x512/0x640 [ 134.824857][ T6638] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 134.824904][ T6638] should_failslab+0xc2/0x120 [ 134.824946][ T6638] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 134.824986][ T6638] ? __kernfs_new_node+0xd2/0x8a0 [ 134.825034][ T6638] __kernfs_new_node+0xd2/0x8a0 [ 134.825078][ T6638] ? kernfs_add_one+0x182/0x530 [ 134.825118][ T6638] ? __pfx___kernfs_new_node+0x10/0x10 [ 134.825163][ T6638] ? __lock_acquire+0xaa4/0x1ba0 [ 134.825211][ T6638] ? sysfs_add_file_mode_ns+0x22f/0x3c0 [ 134.825260][ T6638] kernfs_new_node+0x186/0x240 [ 134.825297][ T6638] kernfs_create_link+0xcc/0x240 [ 134.825335][ T6638] sysfs_do_create_link_sd+0x90/0x140 [ 134.825379][ T6638] sysfs_create_link+0x61/0xc0 [ 134.825419][ T6638] device_add+0x50a/0x1a70 [ 134.825456][ T6638] ? __pfx_device_add+0x10/0x10 [ 134.825488][ T6638] ? lockdep_init_map_type+0x5c/0x280 [ 134.825529][ T6638] ? __init_waitqueue_head+0xca/0x150 [ 134.825564][ T6638] netdev_register_kobject+0x182/0x3a0 [ 134.825611][ T6638] register_netdevice+0x13dc/0x2040 [ 134.825659][ T6638] ? __pfx_register_netdevice+0x10/0x10 [ 134.825703][ T6638] ? alloc_netdev_mqs+0xe7e/0x1570 [ 134.825747][ T6638] ? __pfx_loopback_net_init+0x10/0x10 [ 134.825780][ T6638] register_netdev+0x34/0x50 [ 134.825821][ T6638] loopback_net_init+0x7a/0x170 [ 134.825849][ T6638] ? __pfx_loopback_net_init+0x10/0x10 [ 134.825878][ T6638] ops_init+0x1df/0x5f0 [ 134.825922][ T6638] setup_net+0x21e/0x850 [ 134.825965][ T6638] ? __pfx_setup_net+0x10/0x10 [ 134.826000][ T6638] ? lockdep_init_map_type+0x5c/0x280 [ 134.826035][ T6638] ? __pfx_down_read_killable+0x10/0x10 [ 134.826072][ T6638] ? debug_mutex_init+0x37/0x70 [ 134.826110][ T6638] copy_net_ns+0x2a6/0x5f0 [ 134.826158][ T6638] create_new_namespaces+0x3ea/0xad0 [ 134.826193][ T6638] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 134.826227][ T6638] ksys_unshare+0x45b/0xa40 [ 134.826264][ T6638] ? __pfx_ksys_unshare+0x10/0x10 [ 134.826300][ T6638] ? xfd_validate_state+0x5d/0x180 [ 134.826330][ T6638] ? rcu_is_watching+0x12/0xc0 [ 134.826365][ T6638] __x64_sys_unshare+0x31/0x40 [ 134.826402][ T6638] do_syscall_64+0xcd/0x260 [ 134.826433][ T6638] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.826462][ T6638] RIP: 0033:0x7fc186b8d169 [ 134.826486][ T6638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 134.826514][ T6638] RSP: 002b:00007fc1849f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 134.826543][ T6638] RAX: ffffffffffffffda RBX: 00007fc186da5fa0 RCX: 00007fc186b8d169 [ 134.826562][ T6638] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 134.826579][ T6638] RBP: 00007fc186c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 134.826596][ T6638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 134.826613][ T6638] R13: 0000000000000000 R14: 00007fc186da5fa0 R15: 00007ffd0fb742a8 [ 134.826645][ T6638] [ 136.339750][ T6655] [ 136.342126][ T6655] ====================================================== [ 136.349143][ T6655] WARNING: possible circular locking dependency detected [ 136.356157][ T6655] 6.14.0-syzkaller-05877-g1a9239bb4253 #0 Not tainted [ 136.362915][ T6655] ------------------------------------------------------ [ 136.369996][ T6655] syz.3.182/6655 is trying to acquire lock: [ 136.375896][ T6655] ffff8880264c8f98 (&q->elevator_lock){+.+.}-{4:4}, at: elv_iosched_store+0x201/0x5f0 [ 136.385601][ T6655] [ 136.385601][ T6655] but task is already holding lock: [ 136.392968][ T6655] ffff8880264c8a68 (&q->q_usage_counter(io)#58){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 136.404223][ T6655] [ 136.404223][ T6655] which lock already depends on the new lock. [ 136.404223][ T6655] [ 136.414640][ T6655] [ 136.414640][ T6655] the existing dependency chain (in reverse order) is: [ 136.423680][ T6655] [ 136.423680][ T6655] -> #2 (&q->q_usage_counter(io)#58){++++}-{0:0}: [ 136.432396][ T6655] blk_alloc_queue+0x619/0x760 [ 136.437698][ T6655] blk_mq_alloc_queue+0x179/0x290 [ 136.443251][ T6655] __blk_mq_alloc_disk+0x29/0x120 [ 136.448813][ T6655] nbd_dev_add+0x49d/0xbb0 [ 136.453857][ T6655] nbd_init+0x181/0x320 [ 136.458580][ T6655] do_one_initcall+0x120/0x6e0 [ 136.463908][ T6655] kernel_init_freeable+0x5c2/0x900 [ 136.469648][ T6655] kernel_init+0x1c/0x2b0 [ 136.474502][ T6655] ret_from_fork+0x45/0x80 [ 136.479437][ T6655] ret_from_fork_asm+0x1a/0x30 [ 136.484728][ T6655] [ 136.484728][ T6655] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 136.492063][ T6655] fs_reclaim_acquire+0x102/0x150 [ 136.497612][ T6655] blk_mq_alloc_and_init_hctx+0x503/0x11c0 [ 136.503939][ T6655] blk_mq_realloc_hw_ctxs+0x8f6/0xc00 [ 136.509836][ T6655] blk_mq_init_allocated_queue+0x3af/0x1230 [ 136.516259][ T6655] blk_mq_alloc_queue+0x1c2/0x290 [ 136.521822][ T6655] __blk_mq_alloc_disk+0x29/0x120 [ 136.527482][ T6655] loop_add+0x496/0xb70 [ 136.532161][ T6655] loop_init+0x164/0x270 [ 136.536929][ T6655] do_one_initcall+0x120/0x6e0 [ 136.542226][ T6655] kernel_init_freeable+0x5c2/0x900 [ 136.547959][ T6655] kernel_init+0x1c/0x2b0 [ 136.552815][ T6655] ret_from_fork+0x45/0x80 [ 136.557764][ T6655] ret_from_fork_asm+0x1a/0x30 [ 136.563235][ T6655] [ 136.563235][ T6655] -> #0 (&q->elevator_lock){+.+.}-{4:4}: [ 136.571204][ T6655] __lock_acquire+0x1173/0x1ba0 [ 136.576634][ T6655] lock_acquire+0x179/0x350 [ 136.581668][ T6655] __mutex_lock+0x19a/0xb00 [ 136.586807][ T6655] elv_iosched_store+0x201/0x5f0 [ 136.592370][ T6655] queue_attr_store+0x270/0x310 [ 136.597806][ T6655] sysfs_kf_write+0x117/0x170 [ 136.603020][ T6655] kernfs_fop_write_iter+0x349/0x510 [ 136.608847][ T6655] iter_file_splice_write+0x91c/0x1150 [ 136.615012][ T6655] direct_splice_actor+0x18f/0x6c0 [ 136.620701][ T6655] splice_direct_to_actor+0x342/0xa30 [ 136.626611][ T6655] do_splice_direct+0x174/0x240 [ 136.632092][ T6655] do_sendfile+0xafd/0xe50 [ 136.637058][ T6655] __x64_sys_sendfile64+0x1d8/0x220 [ 136.642812][ T6655] do_syscall_64+0xcd/0x260 [ 136.648023][ T6655] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.654492][ T6655] [ 136.654492][ T6655] other info that might help us debug this: [ 136.654492][ T6655] [ 136.664740][ T6655] Chain exists of: [ 136.664740][ T6655] &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#58 [ 136.664740][ T6655] [ 136.678697][ T6655] Possible unsafe locking scenario: [ 136.678697][ T6655] [ 136.686422][ T6655] CPU0 CPU1 [ 136.691800][ T6655] ---- ---- [ 136.697184][ T6655] lock(&q->q_usage_counter(io)#58); [ 136.702594][ T6655] lock(fs_reclaim); [ 136.709491][ T6655] lock(&q->q_usage_counter(io)#58); [ 136.717752][ T6655] lock(&q->elevator_lock); [ 136.722357][ T6655] [ 136.722357][ T6655] *** DEADLOCK *** [ 136.722357][ T6655] [ 136.730516][ T6655] 5 locks held by syz.3.182/6655: [ 136.735549][ T6655] #0: ffff888035a84420 (sb_writers#7){.+.+}-{0:0}, at: splice_direct_to_actor+0x342/0xa30 [ 136.745884][ T6655] #1: ffff88807aa85488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x287/0x510 [ 136.755672][ T6655] #2: ffff888143bf5968 (kn->active#83){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2aa/0x510 [ 136.765719][ T6655] #3: ffff8880264c8a68 (&q->q_usage_counter(io)#58){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 136.777433][ T6655] #4: ffff8880264c8aa0 (&q->q_usage_counter(queue)#10){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 136.789425][ T6655] [ 136.789425][ T6655] stack backtrace: [ 136.795542][ T6655] CPU: 1 UID: 0 PID: 6655 Comm: syz.3.182 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) [ 136.795573][ T6655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 136.795613][ T6655] Call Trace: [ 136.795624][ T6655] [ 136.795634][ T6655] dump_stack_lvl+0x116/0x1f0 [ 136.795663][ T6655] print_circular_bug+0x275/0x350 [ 136.795692][ T6655] check_noncircular+0x14c/0x170 [ 136.795720][ T6655] __lock_acquire+0x1173/0x1ba0 [ 136.795749][ T6655] ? __lock_acquire+0xaa4/0x1ba0 [ 136.795788][ T6655] lock_acquire+0x179/0x350 [ 136.795815][ T6655] ? elv_iosched_store+0x201/0x5f0 [ 136.795843][ T6655] ? __pfx___might_resched+0x10/0x10 [ 136.795871][ T6655] __mutex_lock+0x19a/0xb00 [ 136.795891][ T6655] ? elv_iosched_store+0x201/0x5f0 [ 136.795917][ T6655] ? mark_held_locks+0x49/0x80 [ 136.795944][ T6655] ? elv_iosched_store+0x201/0x5f0 [ 136.795969][ T6655] ? lockdep_hardirqs_on+0x7c/0x110 [ 136.796001][ T6655] ? __pfx___mutex_lock+0x10/0x10 [ 136.796022][ T6655] ? blk_mq_freeze_queue_wait+0xad/0x1b0 [ 136.796055][ T6655] ? __pfx_autoremove_wake_function+0x10/0x10 [ 136.796084][ T6655] ? elv_iosched_store+0x201/0x5f0 [ 136.796109][ T6655] elv_iosched_store+0x201/0x5f0 [ 136.796135][ T6655] ? do_syscall_64+0xcd/0x260 [ 136.796154][ T6655] ? __pfx_elv_iosched_store+0x10/0x10 [ 136.796181][ T6655] ? __mutex_trylock_common+0xe9/0x250 [ 136.796210][ T6655] ? __pfx_elv_iosched_store+0x10/0x10 [ 136.796237][ T6655] queue_attr_store+0x270/0x310 [ 136.796270][ T6655] ? __pfx_queue_attr_store+0x10/0x10 [ 136.796303][ T6655] ? __lock_acquire+0x5ca/0x1ba0 [ 136.796330][ T6655] ? kernfs_fop_write_iter+0x287/0x510 [ 136.796361][ T6655] ? __pfx_queue_attr_store+0x10/0x10 [ 136.796393][ T6655] sysfs_kf_write+0x117/0x170 [ 136.796419][ T6655] kernfs_fop_write_iter+0x349/0x510 [ 136.796442][ T6655] ? __pfx_sysfs_kf_write+0x10/0x10 [ 136.796468][ T6655] iter_file_splice_write+0x91c/0x1150 [ 136.796505][ T6655] ? __pfx_iter_file_splice_write+0x10/0x10 [ 136.796536][ T6655] ? __pfx_copy_splice_read+0x10/0x10 [ 136.796567][ T6655] ? __pfx_iter_file_splice_write+0x10/0x10 [ 136.796597][ T6655] direct_splice_actor+0x18f/0x6c0 [ 136.796627][ T6655] splice_direct_to_actor+0x342/0xa30 [ 136.796655][ T6655] ? __pfx_direct_splice_actor+0x10/0x10 [ 136.796684][ T6655] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 136.796714][ T6655] do_splice_direct+0x174/0x240 [ 136.796742][ T6655] ? __pfx_do_splice_direct+0x10/0x10 [ 136.796778][ T6655] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 136.796807][ T6655] ? rw_verify_area+0xcf/0x680 [ 136.796833][ T6655] do_sendfile+0xafd/0xe50 [ 136.796861][ T6655] ? __pfx_do_sendfile+0x10/0x10 [ 136.796887][ T6655] ? __x64_sys_futex+0x1e0/0x4c0 [ 136.796912][ T6655] ? __x64_sys_futex+0x1e9/0x4c0 [ 136.796936][ T6655] __x64_sys_sendfile64+0x1d8/0x220 [ 136.796956][ T6655] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 136.796975][ T6655] ? rcu_is_watching+0x12/0xc0 [ 136.796998][ T6655] do_syscall_64+0xcd/0x260 [ 136.797019][ T6655] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.797041][ T6655] RIP: 0033:0x7fc186b8d169 [ 136.797061][ T6655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 136.797081][ T6655] RSP: 002b:00007fc1849f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 136.797103][ T6655] RAX: ffffffffffffffda RBX: 00007fc186da5fa0 RCX: 00007fc186b8d169 [ 136.797117][ T6655] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006 [ 136.797129][ T6655] RBP: 00007fc186c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 136.797142][ T6655] R10: 00000000000007ff R11: 0000000000000246 R12: 0000000000000000 [ 136.797155][ T6655] R13: 0000000000000000 R14: 00007fc186da5fa0 R15: 00007ffd0fb742a8 [ 136.797172][ T6655] [ 138.590633][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.597126][ T1299] ieee802154 phy1 wpan1: encryption failed: -22