last executing test programs: 6.042952084s ago: executing program 1 (id=717): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x890006, 0x3ff, 0x8000000008012, r0, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x7f000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_proc_sessionid_operations_base(r1, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0001, 0x9) close_range$auto(0xffffffffffffffff, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 5.056191355s ago: executing program 1 (id=721): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) read$auto(r0, &(0x7f0000000100)='nl80211\x00', 0xbe62) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x6, 0x4) r1 = socket(0x10, 0x2, 0x0) r2 = syz_genetlink_get_family_id$auto_ila(&(0x7f00000000c0), r0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'bridge0\x00', 0x0}) sendmsg$auto_ILA_CMD_FLUSH(r1, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x44, r2, 0x100, 0x70bd2d, 0x25dfdbff, {}, [@ILA_ATTR_CSUM_MODE={0x5, 0x7, 0x4}, @ILA_ATTR_LOCATOR={0xc, 0x1, 0x7f}, @ILA_ATTR_CSUM_MODE={0x5, 0x7, 0x9}, @ILA_ATTR_LOCATOR_MATCH={0xc, 0x3, 0x5}, @ILA_ATTR_IFINDEX={0x8, 0x4, r3}]}, 0x44}, 0x1, 0x0, 0x0, 0x8040}, 0x24000801) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0xa6ff, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000003c0), r1) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) (async) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) (async) read$auto(r0, &(0x7f0000000100)='nl80211\x00', 0xbe62) (async) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x6, 0x4) (async) socket(0x10, 0x2, 0x0) (async) syz_genetlink_get_family_id$auto_ila(&(0x7f00000000c0), r0) (async) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'bridge0\x00'}) (async) sendmsg$auto_ILA_CMD_FLUSH(r1, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x44, r2, 0x100, 0x70bd2d, 0x25dfdbff, {}, [@ILA_ATTR_CSUM_MODE={0x5, 0x7, 0x4}, @ILA_ATTR_LOCATOR={0xc, 0x1, 0x7f}, @ILA_ATTR_CSUM_MODE={0x5, 0x7, 0x9}, @ILA_ATTR_LOCATOR_MATCH={0xc, 0x3, 0x5}, @ILA_ATTR_IFINDEX={0x8, 0x4, r3}]}, 0x44}, 0x1, 0x0, 0x0, 0x8040}, 0x24000801) (async) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) (async) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0xa6ff, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) (async) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000003c0), r1) (async) 4.77544805s ago: executing program 1 (id=723): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r0, 0x8000) r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dri/card1\x00', 0x129e01, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) mmap$auto(0xaaa, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0xfffffffffffffff8) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/adsp1\x00', 0x101142, 0x0) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x5, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0) read$auto(r3, 0x0, 0x9) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000280)={{&(0x7f0000000280), 0x1, &(0x7f0000000100)={&(0x7f0000000780)="4c0300000000000000a3677337f9ecba075f6bba44", 0xfffffffffffffff7}, 0x5, 0x0, 0x5, 0x1}, 0x8}, 0xfffffffe, 0x100) pivot_root$auto(0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x7f, 0x82020009, 0x3, 0xeb1, 0xffffffffffffffff, 0xfff) madvise$auto(0x8001, 0x9, 0x138) unshare$auto(0x40000080) socket(0x2, 0x2, 0x1) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) r4 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000002640), 0x20000, 0x0) ioctl$auto_USB_RAW_IOCTL_INIT(r4, 0x41015500, &(0x7f00000002c0)={"a7a018b09bb196a05739a38a73473b93f5452886bc599ef976c54a71a5ce72a9af15390e93a8760df83859e16320e8d0b1161f13d12afae66b1d900a49586aa98d3504ca431aabab1964249251e57fa70517cc19b0e3974dc2a89e90c932b8859c767780d65e849700", "e600d778e82f8b8db7e27a036e39a8ac08de7e036d650e2184857e6b64f6a2c7fb08c6f5ce3828fb4e9498c076bef49c99c9cd91332e12b53664dc20fa879020fbd184c0d300c13be6047a70685ce029fb2385ae6e132c1c6adbcfbd3a3b925d397a08e8733e19ef5ec4f40b0b473c72efd18b8a9e9f3d12c5e44468922beb00", 0x3}) ioctl$auto_USB_RAW_IOCTL_RUN(r4, 0x5501, 0x3f) ioctl$auto(r1, 0x9210640c, 0xffffffffffffffff) 4.413702364s ago: executing program 0 (id=726): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) (async) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) (async) socket(0x15, 0x5, 0x0) (async) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, 0x0, 0x2, 0x0) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptybd\x00', 0x6202, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) (async) prctl$auto(0x3e, 0x9, 0x0, 0x7, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) (async) select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x3, 0x1, 0x2, 0x3, 0x95f4da0a, 0xefffffffffffffff, 0x3, 0x62, 0x80000001, 0x10000000000004, 0x6d40, 0xffffffffffffffff, 0x4, 0xfffffffffffffffe]}, 0x0) (async) mmap$auto(0x0, 0x400008, 0x5, 0x14, 0x2, 0xc2d2) socket(0x2b, 0x5, 0x1) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async) select$auto(0xe, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x7, 0xc45d, 0x80, 0x6, 0x3, 0x2, 0x3, 0x3, 0x62, 0x80000022, 0x7, 0x6d3e, 0x2000000004000009, 0x2, 0x6]}, 0x0) (async) mmap$auto(0xf87f, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000) (async) ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, &(0x7f0000000040)={0x6, 0x0}) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x4) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x2, 0x80002, 0x73) (async) socket(0x26, 0x80000, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) (async) quotactl_fd$auto(0x0, 0x80000201, 0x0, 0xfffffffffffffffd) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm0c/sub0/sw_params\x00', 0x40, 0x0) (async) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) syz_clone3(&(0x7f00000001c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioperm$auto(0xffffffffffffffff, 0x389, 0xd) 3.948778249s ago: executing program 3 (id=730): r0 = socket(0x11, 0x3, 0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) io_uring_setup$auto(0x6, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8001}, 0x2400c081) (async) close_range$auto(0x2, 0x8000, 0x0) (async) open(0x0, 0xa22c0, 0x151) (async) process_vm_readv$auto(0x0, 0x0, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0xf, 0x0, 0x6) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) (async) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x1ad, &(0x7f0000000100)={&(0x7f0000000280)="5585a25d8536", 0x49}, 0x5, 0x0, 0x5, 0x1000}, 0x5}, 0x2, 0x100) (async, rerun: 64) r2 = socket(0x2, 0x5, 0x0) (rerun: 64) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) (async) ioctl$auto(0x3, 0x80108907, 0x38) (async) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) (async) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f0000000080)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) (async, rerun: 64) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x5, 0x54f, 0xa, 0x400, 0x1087181, 0x8a0d, 0x7, 0x7, 0x7ff, 0x89, 0x23, 0x4, 0x200003fffffe, 0x384, 0xffffffeffffffffa, 0x0, 0x4000000, 0x30, 0x0, 0x864, 0xe, 0x22000, 0x200, 0x67aa4df3, 0x84}, 0xb, 0x3) (async, rerun: 64) r3 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) readv$auto(r3, &(0x7f0000000180)={&(0x7f0000000140), 0x9}, 0x4) (async) ioctl$auto_FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000200)="4d651f78cbbdcdf96935ec1ed41a9ef25430b58b57b27ad4d0b097eb2ef17982b3f967e4670cf173b6fdf2e2e57affbcc3ccd016ac6bd3e056c1b5df344a2353fd1468f4a84f10334c4a658f027969ce1b9f1706c8603e83146699cd9942119ae3dc4e2fb179612d9d6ca689e893490377ba40c71bcf128a69148fa2c6a1fc3d6800d8cf378188752a4a1ba68349012a0148290f663ee9bb79044c30417a8f167a6b56c50eb15265136bf3cfa382200f85462d1fb6f385b4f789144744c68c967ef31fc65db30a5f26b93c776b92c6b9011f5edcb3f2d0b10c4ca000c1fe270bd9a03ec966328f8b8e03878ff4e3bb450cb288bb80e8bd07d1dd0cf718592578") (async) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7) 3.739089068s ago: executing program 3 (id=732): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = io_uring_setup$auto(0x58, 0x0) close_range$auto(0x2, 0xa, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x0, 0x3, 0x400) setsockopt$auto(0x3, 0x10f, 0x7f, 0x0, 0x18) mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_fd=r2, r1, 0x3, 0xff, r1, @relative_fd=r0, 0x10001}, 0x6f4) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) mmap$auto(0x0, 0x40000b, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0x2, 0x1, 0x106) bind$auto(r3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0) bind$auto(0x3, 0x0, 0x6a) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x109b02, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0xf, 0x948b, 0xffffffffffffffff, 0x15f4da07, 0x6, 0x10, 0x64, 0x80000020, 0x1000, 0x5, 0x9, 0x2, 0x8]}, 0x0) sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x1000000007, 0x100000001, 0x1, 0x6, 0x1ff, 0x6, 0x5a, 0xadae, 0x4618eccf, 0x3, 0x42ff, 0x6, 0x8, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb}) recvfrom$auto(0x3, 0x0, 0x10000800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14) socket$nl_generic(0x10, 0x3, 0x10) 3.258445811s ago: executing program 0 (id=733): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x11, 0x80000, 0x8) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x20, 0xf1, 0xb0, @raw=0x68e8}}) write$auto(0x3, 0x0, 0xffd8) 3.090845308s ago: executing program 2 (id=734): openat$auto_sync_info_debugfs_fops_(0xffffffffffffff9c, 0x0, 0xa01c0, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x149b01, 0x0) mmap$auto(0x6, 0x40007, 0xfffffffffffffff9, 0x9b72, 0x2, 0x3) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, 0x38) r2 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x40009, 0xdd, 0x9b72, 0x7, 0x28000) getsockopt$auto(r2, 0x84, 0x84, 0x0, &(0x7f00000000c0)=0x10008) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto(0x3, 0xae41, r3) getsockopt$auto_SO_LOCK_FILTER(r0, 0xc8, 0x2c, &(0x7f0000000080)='/proc/self/oom_adj\x00', &(0x7f00000000c0)=0x3ff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000340)=ANY=[@ANYBLOB="c8000000", @ANYRES16, @ANYBLOB="01"], 0xc8}, 0x1, 0x0, 0x0, 0x200009c4}, 0x20058894) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="18000000", @ANYBLOB='v\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) r4 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) close_range$auto(0x2, 0x8, 0x0) 3.059885552s ago: executing program 0 (id=735): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = pipe2$auto(0x0, 0x80) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) getsockopt$auto_SO_LOCK_FILTER(r0, 0x7, 0x2c, &(0x7f0000000000)='G)\x00', &(0x7f0000000040)=0x5) 3.01064446s ago: executing program 1 (id=736): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x460f, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x20) chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba) execve$auto(&(0x7f00000002c0)='./file0\x00', 0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x61a381, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r1 = socket(0xa, 0x2, 0x88) setsockopt$auto(r1, 0x11, 0xb, 0x0, 0xb32e) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000001c0)=0x6) unshare$auto(0x40000080) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x5, 0x10002020007, 0xfffffffffffffffb, 0x16, r2, 0x4) prctl$auto(0x4, 0x5, 0x2009, 0x7, 0x1) openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/numa_maps\x00', 0x60200, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/pts/ptmx\x00', 0x44001, 0x0) sendmsg$auto_NBD_CMD_RECONFIGURE(r3, &(0x7f00000012c0)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001280)={&(0x7f0000001140)=ANY=[@ANYBLOB="92a914fc", @ANYRES16=0x0, @ANYBLOB="200028bd7000fbdbdf25030000000c00060000000000000000000c0008000100000001000000ae000780f04a58fd084933aca64d717170126b46ff2fd88586f73b3bbb74b570c0be42bdf6aabf0d2895a5a0908423b620b8ec3f593d3a40debfcc9be9914df81a0605fec4446704694bd1f5789aa60800d900ac1e0101b924bb6b935c486c3f0dbbaa7da28ec6e596468270bac5ea70d66c2d62cafbcd05afb70d6c4a727ed4c971e69947751cba4524f8ebb9953dd5f0784e7015782caa420f170dc74e014a72c732adeabe7f505c55b6dd6ac700000c0008000000000000000000080001000b0000000c000400020000000000000008000100050000000c0005000900000000000000"], 0x110}, 0x1, 0x0, 0x0, 0x801}, 0x80) ioctl$auto_TCFLSH2(r4, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r4, 0x5423, 0x0) ioctl$auto(r4, 0x8926, r4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_FS_IOC_FIEMAP(r5, 0xc020660b, 0xb) open(&(0x7f0000000100)='./file0\x00', 0x313a00, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 2.828714572s ago: executing program 3 (id=737): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103) open(&(0x7f0000000000)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00', 0x8000, 0x50) lseek$auto(0x3, 0x7ffffffffffffffd, 0x0) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) futex$auto(0x0, 0x8c, 0x1, 0x0, &(0x7f0000000180)=0x8e, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103) (async) open(&(0x7f0000000000)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00', 0x8000, 0x50) (async) lseek$auto(0x3, 0x7ffffffffffffffd, 0x0) (async) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) (async) futex$auto(0x0, 0x8c, 0x1, 0x0, &(0x7f0000000180)=0x8e, 0x0) (async) 2.742447022s ago: executing program 2 (id=738): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x2, 0x0) poll$auto(&(0x7f0000000040)={r0, 0x6, 0x4}, 0x7, 0xfc8) r2 = socket(0x2b, 0x1, 0x0) sendmmsg$auto(r2, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0x10001}, 0x5, 0x20000000) syz_genetlink_get_family_id$auto_nl80211(0x0, r2) r3 = syz_genetlink_get_family_id$auto_ovs_vport(0x0, r2) sendmsg$auto_OVS_VPORT_CMD_DEL(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYRES16=r3, @ANYBLOB="000427bd7000ffdbdf0e000000000f0003002f6465762f6c6f6f70360000"], 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x5) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000100), r4) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x24, r5, 0x1, 0x4070bd27, 0x25dfdbf9, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r7}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x20044000) sendmsg$auto_OVS_VPORT_CMD_SET(r1, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x114, r3, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@OVS_VPORT_ATTR_UPCALL_PID={0xd5, 0x5, "f9a81fb73df6bc9f2e2ff35f21db8ea088091abb059b7617df9c9f54095fc1a1cfe413be0e5d625a5de8bc93341ff3715d8ea9705510a9407d084f37d8340c670a24a614a0138d3a3e346b5a9f3b034939c97ccfeece60c3b734474eb8ffe3b2ef9b0929bbdde6c8645a260283c5d352da29066f32b2f1772a963b377a676b6468e2fa327958c1ea35ae43827b12fd81a6ea3584ec55d1dc1d303e3c95c766f459ad6b768317b9cd084af1d8e624fb3c3c72499935e5315a3c3d6444ad187d449a51f7dcbbf7d22db83c50362e1fe64725"}, @OVS_VPORT_ATTR_NAME={0x6, 0x3, ']\x00'}, @OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0x21163dc7}, @OVS_VPORT_ATTR_NETNSID={0x8, 0x9, 0x101}, @OVS_VPORT_ATTR_IFINDEX={0x8, 0x8, r7}, @OVS_VPORT_ATTR_NETNSID={0x8, 0x9, 0x1d42}]}, 0x114}, 0x1, 0x0, 0x0, 0x10}, 0x4c010) r8 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) getsockopt$auto_SO_DEBUG(r6, 0x2, 0x1, &(0x7f0000000280)=']\x00', &(0x7f00000002c0)=0x3) r9 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r8, 0x5608, r9) 2.666712701s ago: executing program 3 (id=739): r0 = socket(0x2, 0x80002, 0x73) writev$auto(0xca, &(0x7f0000000080)={&(0x7f0000000040), 0x1}, 0x7e) socket(0x2, 0x1, 0x84) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, 0x0, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket(0x2b, 0x1, 0x1) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000040), r1) r3 = socket(0xa, 0x2, 0x88) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r5, r4, 0x4, 0x1ff, r3, @relative_id=0x13, 0xe600}, 0xf) sendmsg$auto_OVS_VPORT_CMD_SET(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x80, r2, 0x20, 0x70bd28, 0x25dfdbff, {}, [@OVS_VPORT_ATTR_IFINDEX={0x8, 0x8, r5}, @OVS_VPORT_ATTR_NAME={0x5, 0x3, '\x00'}, @OVS_VPORT_ATTR_IFINDEX={0x8}, @OVS_VPORT_ATTR_PORT_NO={0x8, 0x1, 0x1}, @OVS_VPORT_ATTR_PORT_NO={0x8, 0x1, 0x7}, @OVS_VPORT_ATTR_STATS={0x44, 0x6, {0x8, 0xad, 0x8000000000000, 0x2, 0x3, 0xa06, 0x9, 0x8001}}]}, 0x80}, 0x1, 0x0, 0x0, 0x40}, 0x40000) ioctl$auto(r1, 0x89a0, 0x4) close_range$auto(0x2, 0x8, 0x0) 2.666142894s ago: executing program 0 (id=740): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x890006, 0x3ff, 0x8000000008012, r0, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_proc_sessionid_operations_base(r1, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0001, 0x9) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(r1, 0xc1004111, &(0x7f00000000c0)={0xc, [0xdf6, 0x9, 0x6], [{0x401, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x6, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x4, 0x0, 0x1, 0x1, 0x1}, {0x3, 0x8, 0x0, 0x0, 0x0, 0x1}, {0x1, 0xffffffff, 0x1, 0x1, 0x1}, {0xd, 0x6, 0x1, 0x1, 0x1, 0x1}, {0x2, 0x5, 0x1, 0x1, 0x1, 0x1}, {0x8a5, 0xfb7, 0x0, 0x1, 0x0, 0x1}, {0x9, 0xfffffffe, 0x1, 0x0, 0x1}, {0x5, 0x8001, 0x0, 0x0, 0x0, 0x1}, {0x98e, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x2, 0xb, 0x0, 0x0, 0x1}], 0x10000, 0x1, 0x78, 0x7, 0x5, 0x4, 0x101, "1de370252f0598610c02b9ec610197000f359e742b8e37e447d75999fb5215a35ef3c65957dc3dd50bd50a2507264f481025f917e6e90299d262729966209f99"}) close_range$auto(0xffffffffffffffff, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) stat$auto(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x35f0c90, 0x0, 0x3, 0x10000, 0xee00, 0xee01, 0x0, 0x6, 0x3ff, 0x4, 0x2, 0x8, 0x200, 0x45, 0x9, 0x8, 0x81}) lstat$auto(&(0x7f0000000040)='./file0\x00', &(0x7f00000002c0)={0x8, 0x100, 0x0, 0x2, 0xee00, r2, 0x0, 0xe8e1, 0x2, 0x2, 0x6, 0x3, 0x100, 0x4, 0x7fffffffffffffff, 0x8, 0x7}) 2.544366659s ago: executing program 1 (id=741): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) (async) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x40, 0x0) ioctl$auto_BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000040)={"ee6e2cad0a206fa7e86ea6916a11f7dee1b51a28ac85bea39634229f9013e453", 0x3, 0x3, 0x80000000, 0x8, 0x81, 0xffffffffffffffff}) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, 0x0, 0x4000000000000006) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x29d3e6c4) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x2, 0x8000) (async) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) (async) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000280)={{&(0x7f0000000280), 0x1, &(0x7f0000000100)={&(0x7f0000000780)="4c0300000000000000a3677337f9ecba075f6bba44", 0xfffffffffffffff7}, 0x5, 0x0, 0x5, 0x1}, 0x8}, 0xfffffffe, 0x100) (async) pivot_root$auto(0x0, 0x0) (async) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/net/afs/addr_prefs\x00', 0x441, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2003f0, 0x11) write$auto(r2, &(0x7f0000000440)='/ ys -ernel/tracing/set_event_notrace_p}d\xde\xc7\xbd8\xbe\xd7\xdeN\x86\xcf\x1d\rD!U\xb4)+\v\xc3\x06$\xe1\x0eA\xf3ua\x8fT\xd9J\xfd\x02\x00\x00\x00\x00\x00\x00\x00\xbf\x9f\xb0e\xfex,c-\xdf\a\x9e\x9bX\x13n\x02\xc8\x94%\x7fp\xe0\xa0x\x1f\x17\xea\xc3\xbf\xb2(}\x7f\xd3\xf6\xc5\x9bk\xcf~\x7f)\xd2\x7f\tN\xa9m\xe8\xdc\xb1\xe3\xf3L\xad\xdd%(0c\x9d\x13\xc7\x0elZ\x87K\x14_\xbau\x88\x9f\xe2\x04\x16\xec\xfa\xad\xe0\x87G[N\xf1\xb5\xc0\xab\x00\x00\x00\x00\x00\x00\x00\x04+\xc1\xd3m\xb8\xe5G\x92\xc2\xd4\xcc\x05$G\x9a\x9b\xe1I\xa9/(\xd3\xa1|8\x1afmY\xd6m\x931\xe6\xbd\xfb\xd6\x91\xbb\xef\xa1\x03\xd8j\x06ngka\xd1\xf1\xfd\xaeX)w\x1e4\x91\xc9\xce4\x97\x00\x00\x00', 0x2) r3 = open(0x0, 0x7ffd, 0x12) (async) setitimer$auto_ITIMER_VIRTUAL(0x1, &(0x7f0000000000)={{0x3, 0x3}, {0x8, 0x5}}, 0x0) unshare$auto(0x40000080) (async) setitimer$auto_ITIMER_REAL(0x0, &(0x7f0000000180)={{0x34c, 0x9}, {0xfffffffffffffffd}}, 0x0) (async) setitimer$auto(0x5, &(0x7f0000000240)={{0xfea07d8, 0x9d}, {0xfffffffffffffffb, 0x9}}, &(0x7f0000000280)={{0x4, 0x200}, {0x2, 0x6}}) (async) r4 = socket(0x10, 0x2, 0xc) ioctl$auto_XFS_IOC_ERROR_CLEARALL(0xffffffffffffffff, 0x40085875, &(0x7f00000000c0)={r4, 0xf}) (async) r5 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x100, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_CHANNEL_INFO2(r5, 0x80184132, 0x0) (async) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x400003e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d6) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/pcmC1D0p\x00', 0x0, 0x0) 1.863725094s ago: executing program 2 (id=742): r0 = ioctl$auto_TUNSETVNETLE2(0xffffffffffffffff, 0x400454dc, &(0x7f0000000180)=0x1) r1 = syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) adjtimex$auto(&(0x7f00000004c0)={0xffff6888, 0x0, 0x0, 0xfffffffffffffffd, 0x4ea, 0x1, 0x6, 0x0, 0x1, 0x0, 0x962, {0x2000100000000, 0x10000}, 0x5, 0x6, 0xffffffffffeffffb, 0x6, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0x20000a747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000500)='/dev/video0\x00', 0x0, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) r3 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1c\x00', 0x40001, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_REWIND2(r3, 0x40084146, 0x0) select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x200000000007, 0xd, 0x1, 0x948b, 0x3, 0x7f, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x6d3f, 0x9, 0x9, 0xfffffffffffffffd]}, 0x0) close_range$auto(0x2, 0xa, 0x0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000100)={0x1c, 0x0, 0x27c9d9d5b13b6c03, 0x70bd25, 0x25dfdbfd, {}, [@HWSIM_ATTR_FLAGS={0x8, 0x4, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x404c8c4}, 0x64004890) sendmsg$auto_L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="020026bd7000ffdb06001c000000000014001f00fe88000000000000000000000000010100"/49], 0x38}, 0x1, 0x0, 0x0, 0x20004000}, 0x20000000) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto_proc_reg_file_ops_compat_inode(r4, &(0x7f0000000180), 0x0) linkat$auto(r0, &(0x7f0000000000)='./file0\x00', r4, &(0x7f0000000080)='./file0\x00', 0x7) mount$auto(&(0x7f0000000040), &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfs\x00\x00X\xca\xd8\xce\xc1\xfc\x9f\x9f?o;\xf7\xdf\x9f\x11\xc5\xea\xd9', 0x8, 0x0) 1.845859943s ago: executing program 3 (id=743): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x890006, 0x3ff, 0x8000000008012, r0, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x8000003f}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_proc_sessionid_operations_base(r1, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0001, 0x9) close_range$auto(0xffffffffffffffff, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 1.532746428s ago: executing program 0 (id=744): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) socket(0x2, 0x801, 0x100) sysfs$auto(0x2, 0x20, 0x0) fsopen$auto(0x0, 0x1) 953.586686ms ago: executing program 2 (id=745): mmap$auto(0x200000000000000, 0x402000d, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) (async) unshare$auto(0x40000080) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x450600, 0x0) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x450600, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x81202, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mincore$auto(0x1000, 0x8001, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/ieee80211/phy2/address_mask\x00', 0x88100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/4096, 0x1000) (async) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/4096, 0x1000) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x10) unshare$auto(0x40000080) (async) unshare$auto(0x40000080) r2 = openat$auto_dev_fops_plock(0xffffffffffffff9c, 0x0, 0x80, 0x0) poll$auto(&(0x7f00000000c0)={r2, 0x1}, 0x1, 0x2) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, r3) (async) syz_genetlink_get_family_id$auto_ethtool(0x0, r3) mmap$auto(0x9, 0x1, 0x0, 0x18, 0x401, 0x8000) (async) mmap$auto(0x9, 0x1, 0x0, 0x18, 0x401, 0x8000) pipe$auto(0x0) r4 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x150) fcntl$auto(r4, 0x400, 0x1) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) socket(0xa, 0x2, 0x0) (async) socket(0xa, 0x2, 0x0) unshare$auto(0x40000080) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ip6_mr_vif\x00', 0x0, 0x0) 846.622866ms ago: executing program 1 (id=746): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open(0x0, 0x4242, 0xe1d2b27bdc14aab8) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff) mmap$auto(0x3, 0x5, 0x2000006, 0xeb1, r0, 0xfd87) r1 = socket(0x25, 0x1, 0x0) sendto$auto(r1, 0x0, 0x0, 0x0, 0x0, 0x3) r2 = socket(0x2, 0x3, 0xff) setsockopt$auto(r2, 0xff, 0xa, 0x0, 0x7) r3 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x180b03, 0x0) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r3, 0x80083314, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) shutdown$auto(0xffffffffffffffff, 0x2) socket(0xa, 0x1, 0x100) r4 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r4, 0x0, 0x7ff, 0x400) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x1, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0x1]}, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x8000000062, 0x8000001f, 0x7, 0x6d3e, 0x100000c, 0x2, 0x6]}, 0x0) mmap$auto(0xfffffffffffffffd, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x91f) ioctl$auto(0x3, 0x2287, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r6 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r6, &(0x7f0000001680)="a7", 0x80000) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) 786.792953ms ago: executing program 0 (id=747): r0 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), 0xffffffffffffffff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow\x00', 0x40, 0x0) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow\x00', 0x40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000380)=""/11, 0xb) sendmsg$auto_NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=r0, @ANYBLOB="55583ff7b5fda5e53f472d"], 0x14}, 0x1, 0x0, 0x0, 0x4000080}, 0x44000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x4, 0x2020009, 0x7, 0xeb1, r4, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x106) socket(0x2, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (async) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) unshare$auto(0x188c) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x22, 0x2, 0x2) sendmsg$auto_TIPC_NL_PEER_REMOVE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x4040000) close_range$auto(0x2, 0x8, 0x0) shmget$auto(0x400, 0x200000000008, 0x568c12f2) (async) shmget$auto(0x400, 0x200000000008, 0x568c12f2) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000001980), 0xffffffffffffffff) (async) r6 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000001980), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_GET_TUNSRC(r5, &(0x7f0000001b80)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f00000019c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="030126bd7004ffdbdf2504000000"], 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x8000) socket(0x9, 0x1, 0x6) timerfd_create$auto(0x9, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) (async) getrandom$auto(0x0, 0x6000000, 0x3) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptysd\x00', 0x101802, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) (async) r7 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_READ(r7, 0xc008551a, &(0x7f0000000000)={0x2, 0x7f}) (async) ioctl$auto_SNDRV_CTL_IOCTL_TLV_READ(r7, 0xc008551a, &(0x7f0000000000)={0x2, 0x7f}) 373.521231ms ago: executing program 3 (id=748): mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = socket(0x2, 0x2, 0x0) getsockopt$auto(r0, 0x0, 0x1, 0xfffffffffffffffc, 0x0) mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x900, 0x0) mmap$auto(0x7, 0x580f, 0x2, 0x8000000008011, 0x3, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r1, &(0x7f0000006940)={0x0, 0x0, &(0x7f0000006900)={&(0x7f0000000000)={0x34, r2, 0x1, 0x70bd29, 0x25dfdbff, {}, [@HWSIM_ATTR_FLAGS={0x8, 0x4, 0x1}, @HWSIM_ATTR_ADDR_TRANSMITTER={0xa, 0x2, "a060292f83d9"}, @HWSIM_ATTR_COOKIE={0xc}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000041}, 0x800) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x440640, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/dummy_pcm\x00', 0x102, 0x0) writev$auto(r3, &(0x7f0000000080)={0x0, 0x6}, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8000, 0xe9) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8002, 0x2) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mq_timedreceive$auto(0xffffffffffffffff, 0x0, 0x5, 0x0, 0xffffffffffffffff) migrate_pages$auto(0x0, 0x3, 0x0, &(0x7f0000000140)=0x2) io_uring_setup$auto(0x3, 0x0) sendmsg$auto_NL80211_CMD_CONNECT(r0, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="e80600008985ca93960ff7d319fdad88674dad3588ddf6e4f796d7762a60b5ed357f9a4df014eaeabc60e0b58fe8d467cff73f04b65dd587fb058416779651b0659afc46af371ea2f1f42189611da790dd9d090000003ca345dcda2c0ad13721ba320a6dd31fd4c1df1d075d14737ad6e642be80cf53a2d9d55df5ee438ae48154828e2abe4ed3a7a48a088c4c4451c70d8c4c1555c0e542efbd07e3f884898ca735ac71f43dc035b1ec004884ccb3ae81a68940f66bf80081950d71e839a7f98fd79c2d2a273bcdceae792b7f66461bd556a9ab246bce720330d14e2647cf78606c3b5cc83901372d9eff5ee27dfc4b07", @ANYRES16=0x0, @ANYBLOB="00012dbd7000fddbdf252e000000050029000100000008004b0000ffffff0500d50003000000aa004f004eebc37523ad43e221e8601827718eb21b53fbbd5b06cdc1dbb214c807943b235008e865ad5879b027855612d721ed2917dfb9a3147f405568122ac0fc5544f358abcd69f720ad78aa8a019cb6addbb92079f32c767d2cd3cf01cb2c65f3641b9997ae89445a8c3bdab09059f54f643715be8bb27c3e5861a3a759bb75bab81fa76f262c6b9ea59815a4b946ffb2f6f097465ba547dbd1246c2f4eb1cf4221d165b31eb2f1890000060066004e22000005002a0109000000"], 0xe8}, 0x1, 0x0, 0x0, 0x1}, 0x48010) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x102, 0x0) ioctl$auto(0x3, 0x560a, 0x38) pread64$auto(0xffffffffffffffff, 0x0, 0x682c3390, 0xcff) 114.64239ms ago: executing program 2 (id=749): sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000426bd7000fedbdf250200000008002700040000000a0018"], 0x28}, 0x1, 0x0, 0x0, 0x4c894}, 0x24008000) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket(0xa, 0x2, 0x73) r1 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000003b00), r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000003b40)={'wlan1\x00', 0x0}) r5 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder1\x00', 0x0, 0x0) ioctl$auto_XFS_IOC_ALLOCSP(r1, 0x4030580a, &(0x7f0000000180)={0x4, 0x2, 0x4, 0xf, 0x3, 0xffffffffffffffff}) fcntl$auto(r5, 0x8, r6) sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r2, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000003bc0)={&(0x7f0000003b80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="0100fdc3af1ccc001a8b0700001008000300", @ANYRES32=r4], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x180c0) syslog$auto(0x9, &(0x7f0000000300)='\'\\^\x00', 0xffff3c73) bind$auto(r0, 0x0, 0x93ffffff) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/scsi/drivers_autoprobe\x00', 0x141000, 0x0) open_tree_attr$auto(r1, &(0x7f00000001c0)='./file0\x00', 0x7f, &(0x7f0000000280)={0x8001, 0xdf6e, 0x1, @inferred=r0}, 0xffffffffffff0001) read$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f0000000500)=""/4096, 0x1000) bind$auto(0x3, 0x0, 0x2) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 0s ago: executing program 2 (id=750): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xe3, 0xbb72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x3, 0xff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/net/dummy0/name_assign_type\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x0) unshare$auto(0x40000080) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) socket(0x2b, 0x3, 0x9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6e) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) syz_genetlink_get_family_id$auto_nl80211(0x0, r0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendto$auto(0x3, 0x0, 0x5, 0x5d9, 0x0, 0x8) sendmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0xec) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.243' (ED25519) to the list of known hosts. [ 70.165299][ T5844] cgroup: Unknown subsys name 'net' [ 70.308271][ T5844] cgroup: Unknown subsys name 'cpuset' [ 70.315696][ T5844] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 71.722429][ T5844] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 73.384889][ T5866] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 73.392910][ T5866] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 73.393902][ T5867] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 73.400418][ T5866] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 73.426454][ T5867] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 73.440678][ T5869] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 73.442968][ T5870] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 73.448400][ T5869] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 73.455693][ T5870] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 73.469145][ T5867] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 73.470337][ T5870] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 73.476699][ T5869] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 73.484653][ T5870] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 73.491054][ T5869] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 73.497796][ T5870] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 73.504846][ T5869] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 73.511924][ T5870] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 73.519909][ T5869] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 73.526017][ T5870] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 73.533717][ T5869] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 73.880107][ T5854] chnl_net:caif_netlink_parms(): no params data found [ 73.928695][ T5855] chnl_net:caif_netlink_parms(): no params data found [ 73.944355][ T5856] chnl_net:caif_netlink_parms(): no params data found [ 73.959180][ T5857] chnl_net:caif_netlink_parms(): no params data found [ 74.064194][ T5854] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.071890][ T5854] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.079355][ T5854] bridge_slave_0: entered allmulticast mode [ 74.085887][ T5854] bridge_slave_0: entered promiscuous mode [ 74.099441][ T5855] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.106633][ T5855] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.113955][ T5855] bridge_slave_0: entered allmulticast mode [ 74.121025][ T5855] bridge_slave_0: entered promiscuous mode [ 74.134080][ T5854] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.142804][ T5854] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.150181][ T5854] bridge_slave_1: entered allmulticast mode [ 74.157265][ T5854] bridge_slave_1: entered promiscuous mode [ 74.169602][ T5855] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.177249][ T5855] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.184377][ T5855] bridge_slave_1: entered allmulticast mode [ 74.191047][ T5855] bridge_slave_1: entered promiscuous mode [ 74.209452][ T5857] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.216738][ T5857] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.223945][ T5857] bridge_slave_0: entered allmulticast mode [ 74.230651][ T5857] bridge_slave_0: entered promiscuous mode [ 74.243515][ T5856] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.251128][ T5856] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.258325][ T5856] bridge_slave_0: entered allmulticast mode [ 74.264813][ T5856] bridge_slave_0: entered promiscuous mode [ 74.271924][ T5856] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.279041][ T5856] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.286257][ T5856] bridge_slave_1: entered allmulticast mode [ 74.293153][ T5856] bridge_slave_1: entered promiscuous mode [ 74.305578][ T5857] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.312963][ T5857] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.320266][ T5857] bridge_slave_1: entered allmulticast mode [ 74.327317][ T5857] bridge_slave_1: entered promiscuous mode [ 74.347795][ T5854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.365602][ T5855] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.382971][ T5854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.400160][ T5855] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.418368][ T5856] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.444763][ T5857] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.456482][ T5857] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.473636][ T5856] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.492088][ T5854] team0: Port device team_slave_0 added [ 74.505242][ T5855] team0: Port device team_slave_0 added [ 74.513421][ T5855] team0: Port device team_slave_1 added [ 74.527573][ T5854] team0: Port device team_slave_1 added [ 74.534703][ T5856] team0: Port device team_slave_0 added [ 74.560443][ T5856] team0: Port device team_slave_1 added [ 74.567984][ T5857] team0: Port device team_slave_0 added [ 74.594758][ T5857] team0: Port device team_slave_1 added [ 74.613462][ T5855] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.620640][ T5855] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.647125][ T5855] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.658411][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.665381][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.691542][ T5854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.703454][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.710606][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.736956][ T5854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.754548][ T5856] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.761792][ T5856] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.788043][ T5856] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.799297][ T5855] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.806477][ T5855] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.832876][ T5855] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.852219][ T5857] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.859351][ T5857] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.885640][ T5857] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.897113][ T5856] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.904114][ T5856] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.931202][ T5856] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.955494][ T5857] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.962921][ T5857] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.988987][ T5857] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.022710][ T5854] hsr_slave_0: entered promiscuous mode [ 75.029265][ T5854] hsr_slave_1: entered promiscuous mode [ 75.059058][ T5855] hsr_slave_0: entered promiscuous mode [ 75.065279][ T5855] hsr_slave_1: entered promiscuous mode [ 75.071422][ T5855] debugfs: 'hsr0' already exists in 'hsr' [ 75.077477][ T5855] Cannot create hsr debugfs directory [ 75.099132][ T5857] hsr_slave_0: entered promiscuous mode [ 75.105193][ T5857] hsr_slave_1: entered promiscuous mode [ 75.111287][ T5857] debugfs: 'hsr0' already exists in 'hsr' [ 75.117057][ T5857] Cannot create hsr debugfs directory [ 75.160662][ T5856] hsr_slave_0: entered promiscuous mode [ 75.167382][ T5856] hsr_slave_1: entered promiscuous mode [ 75.173439][ T5856] debugfs: 'hsr0' already exists in 'hsr' [ 75.179679][ T5856] Cannot create hsr debugfs directory [ 75.401292][ T5855] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 75.414365][ T5855] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 75.427346][ T5855] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 75.440687][ T5855] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 75.463501][ T5854] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 75.478308][ T5854] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 75.492348][ T5854] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 75.508009][ T5854] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 75.538666][ T5856] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 75.550398][ T5856] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 75.564403][ T5856] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 75.571606][ T5861] Bluetooth: hci0: command tx timeout [ 75.576263][ T5869] Bluetooth: hci1: command tx timeout [ 75.577471][ T5861] Bluetooth: hci3: command tx timeout [ 75.590197][ T5856] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 75.642874][ T5857] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 75.652500][ T5861] Bluetooth: hci2: command tx timeout [ 75.660759][ T5857] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 75.670452][ T5857] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 75.685671][ T5857] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 75.756870][ T5855] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.801295][ T5855] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.821049][ T65] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.828182][ T65] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.845609][ T5856] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.861613][ T65] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.868750][ T65] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.880834][ T5854] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.913047][ T5857] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.927706][ T5856] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.943869][ T65] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.950973][ T65] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.964903][ T5854] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.980943][ T1307] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.988261][ T1307] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.007091][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.014247][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.029573][ T5857] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.051073][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.058247][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.082518][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.089711][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.115290][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.122554][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.182517][ T5854] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 76.194484][ T5854] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 76.274657][ T5855] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.365941][ T5855] veth0_vlan: entered promiscuous mode [ 76.400634][ T5855] veth1_vlan: entered promiscuous mode [ 76.458912][ T5855] veth0_macvtap: entered promiscuous mode [ 76.478960][ T5855] veth1_macvtap: entered promiscuous mode [ 76.508921][ T5855] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.533108][ T5855] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.564946][ T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.578305][ T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.601156][ T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.621933][ T5856] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.630725][ T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.647087][ T5854] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.693762][ T5857] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.712689][ T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.725624][ T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.775377][ T5856] veth0_vlan: entered promiscuous mode [ 76.777173][ T1340] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.792150][ T1340] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.797182][ T5854] veth0_vlan: entered promiscuous mode [ 76.810545][ T5856] veth1_vlan: entered promiscuous mode [ 76.821178][ T5857] veth0_vlan: entered promiscuous mode [ 76.840534][ T5857] veth1_vlan: entered promiscuous mode [ 76.849137][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.855865][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.877365][ T5854] veth1_vlan: entered promiscuous mode [ 76.889929][ T5855] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 76.918846][ T5856] veth0_macvtap: entered promiscuous mode [ 76.937285][ T5857] veth0_macvtap: entered promiscuous mode [ 76.953636][ T5856] veth1_macvtap: entered promiscuous mode [ 76.969546][ T5857] veth1_macvtap: entered promiscuous mode [ 77.003858][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.019619][ T5854] veth0_macvtap: entered promiscuous mode [ 77.031348][ T5857] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.046605][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.067341][ T5857] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.075864][ T5854] veth1_macvtap: entered promiscuous mode [ 77.091002][ T36] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.099956][ T36] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.122038][ T36] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.131838][ T36] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.150787][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.165526][ T36] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.199777][ T36] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.230910][ T36] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.242586][ T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.264474][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.285646][ T65] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.316936][ T65] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.337987][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.348545][ T65] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.363784][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.372105][ T65] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.452650][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.464395][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 77.476078][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 77.495839][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.505463][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.537767][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.558199][ T1340] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.577839][ T1340] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.640893][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.649176][ T5861] Bluetooth: hci1: command tx timeout [ 77.649218][ T5861] Bluetooth: hci0: command tx timeout [ 77.656594][ T5861] Bluetooth: hci3: command tx timeout [ 77.676291][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 77.726484][ T5861] Bluetooth: hci2: command tx timeout [ 77.755661][ T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.763948][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 77.801843][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.831167][ T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.256712][ T5958] process 'syz.0.5' launched './file0' with NULL argv: empty string added [ 78.436251][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.445202][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.796534][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 78.804933][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 78.836576][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.898233][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 79.462161][ T5979] random: crng reseeded on system resumption [ 79.755650][ T5861] Bluetooth: hci3: command tx timeout [ 79.761226][ T5861] Bluetooth: hci0: command tx timeout [ 79.766981][ T5861] Bluetooth: hci1: command tx timeout [ 79.836990][ T5869] Bluetooth: hci2: command tx timeout [ 80.370412][ T5997] __vm_enough_memory: pid: 5997, comm: syz.1.7, bytes: 4398046511104 not enough memory for the allocation [ 80.503410][ T5979] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(1615067803.1757844129.2934988180), cmd(5) [ 81.072199][ T6011] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 81.403717][ T6017] random: crng reseeded on system resumption [ 81.438059][ T6010] Zero length message leads to an empty skb [ 81.816087][ T5869] Bluetooth: hci1: command tx timeout [ 81.817140][ T5861] Bluetooth: hci0: command tx timeout [ 81.821558][ T5870] Bluetooth: hci3: command tx timeout [ 81.887692][ T5869] Bluetooth: hci2: command tx timeout [ 82.143559][ T5869] Bluetooth: hci2: unexpected event 0x3d length: 726 > 14 [ 83.347771][ T6050] netlink: 8 bytes leftover after parsing attributes in process `syz.2.19'. [ 83.529768][ T6055] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 84.339517][ T6067] FAULT_INJECTION: forcing a failure. [ 84.339517][ T6067] name failslab, interval 1, probability 0, space 0, times 1 [ 84.354660][ T6067] CPU: 1 UID: 0 PID: 6067 Comm: syz.1.23 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 84.354692][ T6067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 84.354703][ T6067] Call Trace: [ 84.354709][ T6067] [ 84.354716][ T6067] dump_stack_lvl+0x16c/0x1f0 [ 84.354743][ T6067] should_fail_ex+0x512/0x640 [ 84.354770][ T6067] ? apply_wqattrs_prepare+0xf8/0xbd0 [ 84.354790][ T6067] should_failslab+0xc2/0x120 [ 84.354814][ T6067] __kmalloc_noprof+0xd2/0x510 [ 84.354836][ T6067] apply_wqattrs_prepare+0xf8/0xbd0 [ 84.354859][ T6067] workqueue_apply_unbound_cpumask+0x17e/0x4f0 [ 84.354880][ T6067] ? __pfx_workqueue_apply_unbound_cpumask+0x10/0x10 [ 84.354904][ T6067] ? bitmap_parse+0x327/0x410 [ 84.354922][ T6067] cpumask_store+0x1ad/0x220 [ 84.354941][ T6067] ? __pfx_cpumask_store+0x10/0x10 [ 84.354968][ T6067] ? sysfs_file_kobj+0xe4/0x290 [ 84.354986][ T6067] ? rcu_is_watching+0x12/0xc0 [ 84.355005][ T6067] ? __pfx_cpumask_store+0x10/0x10 [ 84.355023][ T6067] dev_attr_store+0x58/0x80 [ 84.355050][ T6067] ? __pfx_dev_attr_store+0x10/0x10 [ 84.355076][ T6067] sysfs_kf_write+0xef/0x150 [ 84.355097][ T6067] kernfs_fop_write_iter+0x351/0x510 [ 84.355113][ T6067] ? __pfx_sysfs_kf_write+0x10/0x10 [ 84.355133][ T6067] vfs_write+0x7d3/0x11d0 [ 84.355153][ T6067] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 84.355170][ T6067] ? __pfx___mutex_lock+0x10/0x10 [ 84.355193][ T6067] ? __pfx_vfs_write+0x10/0x10 [ 84.355218][ T6067] ksys_write+0x12a/0x250 [ 84.355238][ T6067] ? __pfx_ksys_write+0x10/0x10 [ 84.355260][ T6067] do_syscall_64+0xcd/0x490 [ 84.355284][ T6067] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.355303][ T6067] RIP: 0033:0x7fe0d118ebe9 [ 84.355317][ T6067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.355334][ T6067] RSP: 002b:00007fe0d1f94038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 84.355351][ T6067] RAX: ffffffffffffffda RBX: 00007fe0d13b5fa0 RCX: 00007fe0d118ebe9 [ 84.355363][ T6067] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000004 [ 84.355374][ T6067] RBP: 00007fe0d1211e19 R08: 0000000000000000 R09: 0000000000000000 [ 84.355384][ T6067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 84.355394][ T6067] R13: 00007fe0d13b6038 R14: 00007fe0d13b5fa0 R15: 00007ffe029b7c98 [ 84.355409][ T6067] [ 84.595784][ C1] vkms_vblank_simulate: vblank timer overrun [ 84.717053][ T6073] ima: policy update failed [ 84.744399][ T30] audit: type=1802 audit(1755497219.373:2): pid=6073 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.24" res=0 errno=0 [ 84.768583][ T6073] netlink: 8 bytes leftover after parsing attributes in process `syz.0.24'. [ 85.504161][ T6081] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 86.165916][ T6108] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 88.024734][ T6145] random: crng reseeded on system resumption [ 90.627191][ T6186] syz.3.50 uses obsolete (PF_INET,SOCK_PACKET) [ 91.033007][ T6199] FAULT_INJECTION: forcing a failure. [ 91.033007][ T6199] name failslab, interval 1, probability 0, space 0, times 0 [ 91.046133][ T6199] CPU: 1 UID: 0 PID: 6199 Comm: syz.3.53 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 91.046177][ T6199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 91.046195][ T6199] Call Trace: [ 91.046204][ T6199] [ 91.046215][ T6199] dump_stack_lvl+0x16c/0x1f0 [ 91.046256][ T6199] should_fail_ex+0x512/0x640 [ 91.046301][ T6199] should_failslab+0xc2/0x120 [ 91.046339][ T6199] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 91.046388][ T6199] ? __alloc_skb+0x2b2/0x380 [ 91.046426][ T6199] __alloc_skb+0x2b2/0x380 [ 91.046460][ T6199] ? __pfx___alloc_skb+0x10/0x10 [ 91.046494][ T6199] ? rcu_is_watching+0x12/0xc0 [ 91.046526][ T6199] ? netlink_has_listeners+0x20f/0x430 [ 91.046562][ T6199] ? rcu_is_watching+0x12/0xc0 [ 91.046591][ T6199] ? lock_release+0x201/0x2f0 [ 91.046629][ T6199] alloc_uevent_skb+0x7d/0x210 [ 91.046673][ T6199] kobject_uevent_env+0xca4/0x1870 [ 91.046722][ T6199] ? bus_to_subsys+0x131/0x160 [ 91.046754][ T6199] device_add+0x10dd/0x1aa0 [ 91.046782][ T6199] ? __pfx_device_add+0x10/0x10 [ 91.046815][ T6199] nfc_register_device+0x41/0x3c0 [ 91.046856][ T6199] nci_register_device+0x7f1/0xb80 [ 91.046896][ T6199] ? __pfx_nci_register_device+0x10/0x10 [ 91.046930][ T6199] ? lockdep_init_map_type+0x5c/0x280 [ 91.046974][ T6199] virtual_ncidev_open+0x141/0x220 [ 91.047008][ T6199] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 91.047041][ T6199] misc_open+0x35a/0x420 [ 91.047072][ T6199] ? __pfx_misc_open+0x10/0x10 [ 91.047102][ T6199] chrdev_open+0x234/0x6a0 [ 91.047140][ T6199] ? __pfx_apparmor_file_open+0x10/0x10 [ 91.047172][ T6199] ? __pfx_chrdev_open+0x10/0x10 [ 91.047210][ T6199] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 91.047243][ T6199] do_dentry_open+0x982/0x1530 [ 91.047277][ T6199] ? __pfx_chrdev_open+0x10/0x10 [ 91.047317][ T6199] vfs_open+0x82/0x3f0 [ 91.047360][ T6199] path_openat+0x1de4/0x2cb0 [ 91.047400][ T6199] ? __pfx_path_openat+0x10/0x10 [ 91.047437][ T6199] do_filp_open+0x20b/0x470 [ 91.047471][ T6199] ? __pfx_do_filp_open+0x10/0x10 [ 91.047517][ T6199] ? alloc_fd+0x471/0x7d0 [ 91.047552][ T6199] do_sys_openat2+0x11b/0x1d0 [ 91.047595][ T6199] ? __pfx_do_sys_openat2+0x10/0x10 [ 91.047643][ T6199] __x64_sys_openat+0x174/0x210 [ 91.047690][ T6199] ? __pfx___x64_sys_openat+0x10/0x10 [ 91.047743][ T6199] do_syscall_64+0xcd/0x490 [ 91.047782][ T6199] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.047813][ T6199] RIP: 0033:0x7f0ffab8ebe9 [ 91.047836][ T6199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 91.047872][ T6199] RSP: 002b:00007f0ffba7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 91.047900][ T6199] RAX: ffffffffffffffda RBX: 00007f0ffadb5fa0 RCX: 00007f0ffab8ebe9 [ 91.047921][ T6199] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 91.047940][ T6199] RBP: 00007f0ffac11e19 R08: 0000000000000000 R09: 0000000000000000 [ 91.047958][ T6199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 91.047976][ T6199] R13: 00007f0ffadb6038 R14: 00007f0ffadb5fa0 R15: 00007ffeb7398ce8 [ 91.048003][ T6199] [ 91.866825][ T6210] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 92.173261][ T6217] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 92.209428][ T43] cfg80211: failed to load regulatory.db [ 93.918048][ T6257] random: crng reseeded on system resumption [ 95.274297][ T6280] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 98.179133][ T6334] kexec: Could not allocate control_code_buffer [ 100.775897][ T6397] netlink: 28 bytes leftover after parsing attributes in process `syz.2.91'. [ 100.801176][ T6397] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 100.886851][ T6397] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 100.898525][ T6397] bond0 (unregistering): Released all slaves [ 102.082243][ T6424] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 102.139849][ T6424] input: failed to attach handler evdev to device input5, error: -4 [ 102.255809][ T6430] Unable to find swap-space signature [ 102.405795][ T6430] block2mtd: parameter too long [ 103.011131][ T6444] netlink: 'syz.1.102': attribute type 1 has an invalid length. [ 103.239506][ T6450] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 103.431626][ T6463] synth uevent: /module/orangefs: unknown uevent action string [ 104.818881][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805a05d400: rx timeout, send abort [ 105.327539][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805a05d400: abort rx timeout. Force session deactivation [ 105.879494][ T6507] capability: warning: `syz.2.115' uses 32-bit capabilities (legacy support in use) [ 108.598847][ T6559] netlink: 8 bytes leftover after parsing attributes in process `syz.0.125'. [ 109.763282][ T6576] mmap: syz.0.128 (6576) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 110.639673][ T6589] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 110.918924][ T6591] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 112.194651][ T30] audit: type=1800 audit(1755497246.813:3): pid=6618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.136" name="lu_gp_id" dev="configfs" ino=11632 res=0 errno=0 [ 112.691389][ T6621] ICMPv6: process `syz.0.138' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 114.425820][ T6675] Invalid ELF header magic: != ELF [ 114.831877][ T6685] synth uevent: /devices/virtual/tty/ptyc1: unknown uevent action string [ 114.893010][ T6685] tty ptyc1: uevent: failed to send synthetic uevent: -22 [ 115.070462][ T6690] __vm_enough_memory: pid: 6690, comm: syz.1.148, bytes: 4398046511104 not enough memory for the allocation [ 115.616599][ T6695] netlink: 326 bytes leftover after parsing attributes in process `syz.0.150'. [ 118.716348][ T6750] netlink: 342 bytes leftover after parsing attributes in process `syz.1.158'. [ 119.082115][ T6756] syz.1.159 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 119.146211][ T6752] zswap: compressor not available [ 119.706275][ T6762] zswap: compressor not available [ 120.255738][ T6767] zswap: compressor not available [ 120.527964][ T6777] FAULT_INJECTION: forcing a failure. [ 120.527964][ T6777] name failslab, interval 1, probability 0, space 0, times 0 [ 120.541020][ T6777] CPU: 1 UID: 60928 PID: 6777 Comm: syz.3.164 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 120.541048][ T6777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 120.541059][ T6777] Call Trace: [ 120.541065][ T6777] [ 120.541072][ T6777] dump_stack_lvl+0x16c/0x1f0 [ 120.541099][ T6777] should_fail_ex+0x512/0x640 [ 120.541126][ T6777] should_failslab+0xc2/0x120 [ 120.541150][ T6777] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 120.541172][ T6777] ? acpi_ut_allocate_owner_id+0x2d6/0x3a0 [ 120.541190][ T6777] ? acpi_ps_alloc_op+0xf1/0x310 [ 120.541215][ T6777] acpi_ps_alloc_op+0xf1/0x310 [ 120.541238][ T6777] acpi_ps_create_scope_op+0x1a/0x70 [ 120.541261][ T6777] acpi_ps_execute_method+0x1b1/0xb30 [ 120.541286][ T6777] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 120.541314][ T6777] acpi_ns_evaluate+0x76c/0xca0 [ 120.541339][ T6777] ? kasan_save_track+0x14/0x30 [ 120.541360][ T6777] acpi_evaluate_object+0x1fa/0xa90 [ 120.541379][ T6777] ? __kvmalloc_node_noprof+0x27b/0x620 [ 120.541397][ T6777] ? seq_read_iter+0x826/0x12c0 [ 120.541413][ T6777] ? kernfs_fop_read_iter+0x40f/0x5a0 [ 120.541438][ T6777] ? do_syscall_64+0xcd/0x490 [ 120.541460][ T6777] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.541478][ T6777] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 120.541498][ T6777] ? __mutex_trylock_common+0xe9/0x250 [ 120.541525][ T6777] acpi_evaluate_integer+0xdd/0x200 [ 120.541543][ T6777] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 120.541565][ T6777] ? __pfx_status_show+0x10/0x10 [ 120.541586][ T6777] status_show+0xa0/0x120 [ 120.541607][ T6777] ? __pfx_status_show+0x10/0x10 [ 120.541628][ T6777] ? rcu_is_watching+0x12/0xc0 [ 120.541646][ T6777] ? lock_release+0x201/0x2f0 [ 120.541669][ T6777] dev_attr_show+0x53/0xe0 [ 120.541696][ T6777] ? __pfx_dev_attr_show+0x10/0x10 [ 120.541722][ T6777] sysfs_kf_seq_show+0x213/0x3e0 [ 120.541743][ T6777] seq_read_iter+0x509/0x12c0 [ 120.541759][ T6777] ? __mutex_trylock_common+0xe9/0x250 [ 120.541785][ T6777] kernfs_fop_read_iter+0x40f/0x5a0 [ 120.541804][ T6777] ? rw_verify_area+0xcf/0x6c0 [ 120.541823][ T6777] vfs_read+0x8bc/0xcf0 [ 120.541842][ T6777] ? __pfx___mutex_lock+0x10/0x10 [ 120.541865][ T6777] ? __pfx_vfs_read+0x10/0x10 [ 120.541889][ T6777] ksys_read+0x12a/0x250 [ 120.541908][ T6777] ? __pfx_ksys_read+0x10/0x10 [ 120.541930][ T6777] do_syscall_64+0xcd/0x490 [ 120.541953][ T6777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.541971][ T6777] RIP: 0033:0x7f0ffab8ebe9 [ 120.541985][ T6777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.542002][ T6777] RSP: 002b:00007f0ffba7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 120.542019][ T6777] RAX: ffffffffffffffda RBX: 00007f0ffadb5fa0 RCX: 00007f0ffab8ebe9 [ 120.542030][ T6777] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005 [ 120.542041][ T6777] RBP: 00007f0ffac11e19 R08: 0000000000000000 R09: 0000000000000000 [ 120.542051][ T6777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 120.542061][ T6777] R13: 00007f0ffadb6038 R14: 00007f0ffadb5fa0 R15: 00007ffeb7398ce8 [ 120.542076][ T6777] [ 121.354721][ T6783] netlink: 8 bytes leftover after parsing attributes in process `syz.3.165'. [ 122.748145][ T6847] Console: switching to colour VGA+ 80x25 [ 125.243061][ T6889] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 125.307225][ T6889] sctp: Failed to create the SCTP UDP tunneling v4 sock [ 127.761431][ T6905] QAT: Stopping all acceleration devices. [ 128.049003][ T6922] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 128.303779][ T6924] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 128.422052][ T6926] netlink: 8 bytes leftover after parsing attributes in process `syz.1.186'. [ 128.806264][ T6935] netlink: 8 bytes leftover after parsing attributes in process `syz.1.186'. [ 129.356793][ T6950] random: crng reseeded on system resumption [ 130.260856][ T6955] workqueue: Failed to create a rescuer kthread for wq "nfc5_nci_tx_wq": -EINTR [ 134.457367][ T7048] netlink: 4 bytes leftover after parsing attributes in process `syz.2.209'. [ 134.968800][ T7053] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 135.470419][ T7057] netlink: 28 bytes leftover after parsing attributes in process `syz.0.212'. [ 135.534388][ T7058] hub 8-0:1.0: USB hub found [ 135.541204][ T7058] hub 8-0:1.0: 1 port detected [ 137.435465][ T7094] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 138.292456][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.302352][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 142.042777][ T30] audit: type=1800 audit(1755497276.643:4): pid=7172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.234" name="members" dev="configfs" ino=14763 res=0 errno=0 [ 142.091623][ T7176] HfR: entered promiscuous mode [ 143.630028][ T7191] netlink: 326 bytes leftover after parsing attributes in process `syz.0.238'. [ 143.706541][ T7192] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 143.722822][ T7191] veth1_macvtap: left promiscuous mode [ 144.412766][ T7179] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 145.007936][ T7226] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input11 [ 147.573131][ T7277] netlink: 28 bytes leftover after parsing attributes in process `syz.0.252'. [ 147.891600][ T7280] bond0: option primary_reselect: invalid value () [ 149.930140][ T7312] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 149.941422][ T7312] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 149.954316][ T7312] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 149.991839][ T7312] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 150.005861][ T7312] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 150.035112][ T7312] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 150.045174][ T7312] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 150.063492][ T7312] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 150.092669][ T7312] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 150.106828][ T7312] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 150.114985][ T7312] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 150.141332][ T7312] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 151.166153][ T5869] Bluetooth: hci0: command 0x0c1a tx timeout [ 151.627447][ T7360] netlink: 342 bytes leftover after parsing attributes in process `syz.2.274'. [ 152.046476][ T5869] Bluetooth: hci3: command 0x0c1a tx timeout [ 152.046498][ T5870] Bluetooth: hci1: command 0x0c1a tx timeout [ 152.126059][ T5870] Bluetooth: hci2: command 0x0c1a tx timeout [ 152.277999][ T7384] binder: 7379:7384 ioctl 400c620e 200000002a00 returned -22 [ 153.246172][ T5870] Bluetooth: hci0: command 0x0c1a tx timeout [ 153.748414][ T7399] netlink: 342 bytes leftover after parsing attributes in process `syz.0.282'. [ 154.126207][ T5870] Bluetooth: hci1: command 0x0c1a tx timeout [ 154.126240][ T5869] Bluetooth: hci3: command 0x0c1a tx timeout [ 154.206163][ T5869] Bluetooth: hci2: command 0x0c1a tx timeout [ 154.875092][ T7414] netlink: 20 bytes leftover after parsing attributes in process `syz.0.289'. [ 154.891301][ T7414] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode [ 155.336102][ T5869] Bluetooth: hci0: command 0x0c1a tx timeout [ 155.585337][ T7424] netlink: 148 bytes leftover after parsing attributes in process `syz.3.287'. [ 156.123792][ T7424] syz.3.287 (7424) used greatest stack depth: 19976 bytes left [ 156.206197][ T5869] Bluetooth: hci3: command 0x0c1a tx timeout [ 156.206700][ T5870] Bluetooth: hci1: command 0x0c1a tx timeout [ 156.286087][ T5870] Bluetooth: hci2: command 0x0c1a tx timeout [ 156.528156][ T5870] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 158.064201][ T6832] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.304615][ T6832] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.608784][ T6832] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.769676][ T6832] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.953952][ T5869] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 158.967533][ T5869] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 158.979008][ T5869] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 158.997446][ T5869] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 159.008710][ T5869] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 159.074254][ T6832] bridge_slave_1: left allmulticast mode [ 159.144501][ T6832] bridge_slave_1: left promiscuous mode [ 159.159205][ T6832] bridge0: port 2(bridge_slave_1) entered disabled state [ 159.214003][ T6832] bridge_slave_0: left allmulticast mode [ 159.237366][ T6832] bridge_slave_0: left promiscuous mode [ 159.277721][ T6832] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.613988][ T6832] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 159.655517][ T6832] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 159.671325][ T6832] bond0 (unregistering): Released all slaves [ 160.178165][ T7614] chnl_net:caif_netlink_parms(): no params data found [ 160.779700][ T7614] bridge0: port 1(bridge_slave_0) entered blocking state [ 160.804993][ T7614] bridge0: port 1(bridge_slave_0) entered disabled state [ 160.856212][ T7614] bridge_slave_0: entered allmulticast mode [ 160.864494][ T7614] bridge_slave_0: entered promiscuous mode [ 161.070418][ T6832] hsr_slave_0: left promiscuous mode [ 161.078623][ T6832] hsr_slave_1: left promiscuous mode [ 161.085484][ T6832] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 161.094681][ T5869] Bluetooth: hci2: command tx timeout [ 161.117390][ T6832] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 161.136728][ T6832] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 161.146881][ T6832] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 161.170379][ T6832] veth1_macvtap: left promiscuous mode [ 161.177072][ T6832] veth0_macvtap: left promiscuous mode [ 161.183827][ T6832] veth1_vlan: left promiscuous mode [ 161.192188][ T6832] veth0_vlan: left promiscuous mode [ 161.492473][ T6832] team0 (unregistering): Port device team_slave_1 removed [ 161.521532][ T6832] team0 (unregistering): Port device team_slave_0 removed [ 161.584633][ T7866] netlink: 28 bytes leftover after parsing attributes in process `syz.0.310'. [ 161.715066][ T7614] bridge0: port 2(bridge_slave_1) entered blocking state [ 161.739294][ T7614] bridge0: port 2(bridge_slave_1) entered disabled state [ 161.767166][ T7614] bridge_slave_1: entered allmulticast mode [ 161.775381][ T7614] bridge_slave_1: entered promiscuous mode [ 162.009927][ T7614] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 162.024454][ T7614] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 162.121332][ T7614] team0: Port device team_slave_0 added [ 162.150518][ T7614] team0: Port device team_slave_1 added [ 162.223347][ T7614] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 162.232862][ T7614] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 162.277861][ T7614] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 162.295704][ T7614] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 162.306295][ T7614] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 162.406113][ T7614] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 162.597638][ T7614] hsr_slave_0: entered promiscuous mode [ 162.607135][ T7614] hsr_slave_1: entered promiscuous mode [ 162.614653][ T7614] debugfs: 'hsr0' already exists in 'hsr' [ 162.622117][ T7614] Cannot create hsr debugfs directory [ 163.169721][ T5869] Bluetooth: hci2: command tx timeout [ 163.258535][ T5869] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 163.258576][ T5869] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 163.276807][ T5869] Bluetooth: hci0: Dropping invalid advertising data [ 163.284887][ T5869] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 163.284924][ T5869] Bluetooth: hci0: Dropping invalid advertising data [ 163.303717][ T5869] Bluetooth: hci0: Dropping invalid advertising data [ 163.311936][ T5869] Bluetooth: hci0: Malformed LE Event: 0x02 [ 163.486820][ T30] audit: type=1800 audit(1755497298.123:5): pid=8081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.313" name="dbroot" dev="configfs" ino=17059 res=0 errno=0 [ 163.805339][ T8164] FAULT_INJECTION: forcing a failure. [ 163.805339][ T8164] name failslab, interval 1, probability 0, space 0, times 0 [ 163.847505][ T8164] CPU: 0 UID: 0 PID: 8164 Comm: syz.0.317 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 163.847550][ T8164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 163.847568][ T8164] Call Trace: [ 163.847577][ T8164] [ 163.847588][ T8164] dump_stack_lvl+0x16c/0x1f0 [ 163.847631][ T8164] should_fail_ex+0x512/0x640 [ 163.847675][ T8164] should_failslab+0xc2/0x120 [ 163.847715][ T8164] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 163.847754][ T8164] ? shmem_alloc_inode+0x25/0x50 [ 163.847798][ T8164] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 163.847840][ T8164] shmem_alloc_inode+0x25/0x50 [ 163.847878][ T8164] alloc_inode+0x64/0x240 [ 163.847930][ T8164] new_inode+0x22/0x1c0 [ 163.847972][ T8164] shmem_get_inode+0x19a/0xfb0 [ 163.848020][ T8164] shmem_mknod+0x1a8/0x450 [ 163.848067][ T8164] vfs_mknod+0x5d7/0x8e0 [ 163.848097][ T8164] do_mknodat+0x30f/0x5d0 [ 163.848130][ T8164] ? __pfx_do_mknodat+0x10/0x10 [ 163.848161][ T8164] ? getname_flags.part.0+0x1c5/0x550 [ 163.848210][ T8164] __x64_sys_mknod+0x87/0xb0 [ 163.848246][ T8164] do_syscall_64+0xcd/0x490 [ 163.848286][ T8164] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.848317][ T8164] RIP: 0033:0x7f1ed338ebe9 [ 163.848341][ T8164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 163.848369][ T8164] RSP: 002b:00007f1ed4148038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 163.848399][ T8164] RAX: ffffffffffffffda RBX: 00007f1ed35b5fa0 RCX: 00007f1ed338ebe9 [ 163.848419][ T8164] RDX: 0000000000000103 RSI: 00000000000020e9 RDI: 00002000000003c0 [ 163.848437][ T8164] RBP: 00007f1ed3411e19 R08: 0000000000000000 R09: 0000000000000000 [ 163.848454][ T8164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 163.848471][ T8164] R13: 00007f1ed35b6038 R14: 00007f1ed35b5fa0 R15: 00007ffc21c50f88 [ 163.848498][ T8164] [ 165.032142][ T8242] FAULT_INJECTION: forcing a failure. [ 165.032142][ T8242] name fail_futex, interval 1, probability 0, space 0, times 1 [ 165.080909][ T8242] CPU: 1 UID: 0 PID: 8242 Comm: syz.2.320 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 165.080937][ T8242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 165.080948][ T8242] Call Trace: [ 165.080954][ T8242] [ 165.080960][ T8242] dump_stack_lvl+0x16c/0x1f0 [ 165.080988][ T8242] should_fail_ex+0x512/0x640 [ 165.081015][ T8242] get_futex_key+0x1d0/0x1560 [ 165.081038][ T8242] ? __pfx_get_futex_key+0x10/0x10 [ 165.081059][ T8242] ? __pfx____sys_sendmsg+0x10/0x10 [ 165.081084][ T8242] futex_wake+0xea/0x530 [ 165.081111][ T8242] ? __pfx_futex_wake+0x10/0x10 [ 165.081137][ T8242] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 165.081169][ T8242] do_futex+0x1e3/0x350 [ 165.081191][ T8242] ? __pfx_do_futex+0x10/0x10 [ 165.081213][ T8242] ? fput+0x9b/0xd0 [ 165.081238][ T8242] ? __sys_sendmsg+0x18c/0x220 [ 165.081261][ T8242] __x64_sys_futex+0x1e0/0x4c0 [ 165.081285][ T8242] ? __pfx___x64_sys_futex+0x10/0x10 [ 165.081312][ T8242] do_syscall_64+0xcd/0x490 [ 165.081336][ T8242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.081355][ T8242] RIP: 0033:0x7fbe8398ebe9 [ 165.081368][ T8242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 165.081386][ T8242] RSP: 002b:00007fbe847de0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 165.081404][ T8242] RAX: ffffffffffffffda RBX: 00007fbe83bb5fa8 RCX: 00007fbe8398ebe9 [ 165.081415][ T8242] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fbe83bb5fac [ 165.081426][ T8242] RBP: 00007fbe83bb5fa0 R08: 00007fbe847df000 R09: 0000000000000000 [ 165.081437][ T8242] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 165.081448][ T8242] R13: 00007fbe83bb6038 R14: 00007fff6c963ee0 R15: 00007fff6c963fc8 [ 165.081463][ T8242] [ 165.320180][ T5869] Bluetooth: hci2: command tx timeout [ 165.661360][ T8275] sd 0:0:1:0: PR command failed: 1026 [ 165.687325][ T8275] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 165.690799][ T7614] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 165.717060][ T7614] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 165.734220][ T8275] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 165.735461][ T7614] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 165.793763][ T8276] mkiss: ax0: crc mode is auto. [ 165.794570][ T7614] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 166.425673][ T7614] 8021q: adding VLAN 0 to HW filter on device bond0 [ 166.454127][ T7614] 8021q: adding VLAN 0 to HW filter on device team0 [ 166.517652][ T6832] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.526250][ T6832] bridge0: port 1(bridge_slave_0) entered forwarding state [ 166.559598][ T8350] FAULT_INJECTION: forcing a failure. [ 166.559598][ T8350] name failslab, interval 1, probability 0, space 0, times 0 [ 166.576217][ T8350] CPU: 0 UID: 0 PID: 8350 Comm: syz.3.325 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 166.576263][ T8350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 166.576280][ T8350] Call Trace: [ 166.576289][ T8350] [ 166.576300][ T8350] dump_stack_lvl+0x16c/0x1f0 [ 166.576341][ T8350] should_fail_ex+0x512/0x640 [ 166.576383][ T8350] should_failslab+0xc2/0x120 [ 166.576422][ T8350] __kvmalloc_node_noprof+0x137/0x620 [ 166.576458][ T8350] ? trace_kmalloc+0x2b/0xd0 [ 166.576497][ T8350] ? __kvmalloc_node_noprof+0x281/0x620 [ 166.576527][ T8350] ? io_alloc_cache_init+0x33/0x170 [ 166.576573][ T8350] ? io_alloc_cache_init+0x33/0x170 [ 166.576615][ T8350] io_alloc_cache_init+0x33/0x170 [ 166.576658][ T8350] io_rsrc_cache_init+0x40/0x50 [ 166.576698][ T8350] io_uring_setup+0x68b/0x2080 [ 166.576746][ T8350] ? __pfx_io_uring_setup+0x10/0x10 [ 166.576779][ T8350] ? do_futex+0x122/0x350 [ 166.576815][ T8350] ? __pfx_do_futex+0x10/0x10 [ 166.576851][ T8350] ? __fget_files+0x204/0x3c0 [ 166.576881][ T8350] ? rcu_is_watching+0x12/0xc0 [ 166.576917][ T8350] ? xfd_validate_state+0x61/0x180 [ 166.576964][ T8350] __x64_sys_io_uring_setup+0xc2/0x170 [ 166.576996][ T8350] do_syscall_64+0xcd/0x490 [ 166.577030][ T8350] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.577057][ T8350] RIP: 0033:0x7f0ffab8ebe9 [ 166.577079][ T8350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.577106][ T8350] RSP: 002b:00007f0ffba7b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 166.577134][ T8350] RAX: ffffffffffffffda RBX: 00007f0ffadb5fa0 RCX: 00007f0ffab8ebe9 [ 166.577151][ T8350] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 166.577166][ T8350] RBP: 00007f0ffac11e19 R08: 0000000000000000 R09: 0000000000000000 [ 166.577183][ T8350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 166.577199][ T8350] R13: 00007f0ffadb6038 R14: 00007f0ffadb5fa0 R15: 00007ffeb7398ce8 [ 166.577226][ T8350] [ 166.596772][ T7614] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 166.862608][ T7614] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 166.881611][ T6832] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.890419][ T6832] bridge0: port 2(bridge_slave_1) entered forwarding state [ 166.907683][ T8360] netlink: 28 bytes leftover after parsing attributes in process `syz.0.326'. [ 167.236430][ T30] audit: type=1800 audit(1755497301.803:6): pid=8380 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.329" name="members" dev="configfs" ino=17947 res=0 errno=0 [ 167.416003][ T5870] Bluetooth: hci2: command tx timeout [ 167.722280][ T30] audit: type=1800 audit(1755497302.353:7): pid=8450 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.332" name="features" dev="configfs" ino=18022 res=0 errno=0 [ 167.824296][ T7614] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 168.148831][ T7614] veth0_vlan: entered promiscuous mode [ 168.178199][ T7614] veth1_vlan: entered promiscuous mode [ 168.263869][ T7614] veth0_macvtap: entered promiscuous mode [ 168.305262][ T7614] veth1_macvtap: entered promiscuous mode [ 168.329222][ T7614] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 168.352149][ T7614] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 168.413826][ T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 168.453041][ T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 168.542547][ T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 168.568468][ T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 168.736531][ T1340] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 168.737287][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 168.774397][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 168.786438][ T1340] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 168.924498][ T8508] netlink: 12 bytes leftover after parsing attributes in process `syz.2.335'. [ 169.079716][ T8508] ipvlan0: entered allmulticast mode [ 169.086502][ T8508] veth0_vlan: entered allmulticast mode [ 169.597586][ T8561] netlink: 20 bytes leftover after parsing attributes in process `syz.3.336'. [ 170.321035][ T8605] netlink: 4 bytes leftover after parsing attributes in process `syz.2.340'. [ 170.815906][ T8613] FAULT_INJECTION: forcing a failure. [ 170.815906][ T8613] name failslab, interval 1, probability 0, space 0, times 0 [ 170.832927][ T8613] CPU: 1 UID: 0 PID: 8613 Comm: syz.3.341 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 170.832961][ T8613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 170.832973][ T8613] Call Trace: [ 170.832979][ T8613] [ 170.832986][ T8613] dump_stack_lvl+0x16c/0x1f0 [ 170.833013][ T8613] should_fail_ex+0x512/0x640 [ 170.833041][ T8613] should_failslab+0xc2/0x120 [ 170.833065][ T8613] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 170.833086][ T8613] ? trace_cap_capable+0x18d/0x200 [ 170.833104][ T8613] ? vm_area_dup+0x27/0x8d0 [ 170.833125][ T8613] vm_area_dup+0x27/0x8d0 [ 170.833143][ T8613] dup_mmap+0x877/0x21d0 [ 170.833182][ T8613] ? __pfx_dup_mmap+0x10/0x10 [ 170.833208][ T8613] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 170.833237][ T8613] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 170.833259][ T8613] ? __pfx___might_resched+0x10/0x10 [ 170.833277][ T8613] ? mm_init+0xd22/0x13a0 [ 170.833299][ T8613] copy_process+0x4081/0x7690 [ 170.833321][ T8613] ? __pfx___futex_wait+0x10/0x10 [ 170.833350][ T8613] ? __pfx_copy_process+0x10/0x10 [ 170.833372][ T8613] ? lock_release+0x201/0x2f0 [ 170.833396][ T8613] ? futex_private_hash_put+0x11c/0x300 [ 170.833418][ T8613] kernel_clone+0xfc/0x930 [ 170.833440][ T8613] ? __pfx_kernel_clone+0x10/0x10 [ 170.833467][ T8613] __do_sys_clone+0xce/0x120 [ 170.833489][ T8613] ? __pfx___do_sys_clone+0x10/0x10 [ 170.833512][ T8613] ? lock_release+0x201/0x2f0 [ 170.833537][ T8613] ? xfd_validate_state+0x61/0x180 [ 170.833566][ T8613] do_syscall_64+0xcd/0x490 [ 170.833596][ T8613] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.833615][ T8613] RIP: 0033:0x7f0ffab8ebe9 [ 170.833629][ T8613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 170.833646][ T8613] RSP: 002b:00007f0ffba7afe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 170.833664][ T8613] RAX: ffffffffffffffda RBX: 00007f0ffadb5fa0 RCX: 00007f0ffab8ebe9 [ 170.833675][ T8613] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 170.833686][ T8613] RBP: 00007f0ffac11e19 R08: 0000000000000000 R09: 0000000000000000 [ 170.833697][ T8613] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 170.833707][ T8613] R13: 00007f0ffadb6038 R14: 00007f0ffadb5fa0 R15: 00007ffeb7398ce8 [ 170.833723][ T8613] [ 171.721340][ T8651] netlink: 28 bytes leftover after parsing attributes in process `syz.0.346'. [ 173.589488][ T8716] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input15 [ 174.598294][ T8784] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 174.632901][ T8784] netlink: 8 bytes leftover after parsing attributes in process `syz.1.361'. [ 177.161055][ T8966] netlink: 28 bytes leftover after parsing attributes in process `syz.3.370'. [ 178.086450][ T9029] FAULT_INJECTION: forcing a failure. [ 178.086450][ T9029] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 178.147964][ T9029] CPU: 0 UID: 0 PID: 9029 Comm: syz.3.371 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 178.148005][ T9029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 178.148021][ T9029] Call Trace: [ 178.148030][ T9029] [ 178.148040][ T9029] dump_stack_lvl+0x16c/0x1f0 [ 178.148078][ T9029] should_fail_ex+0x512/0x640 [ 178.148120][ T9029] should_fail_alloc_page+0xe7/0x130 [ 178.148159][ T9029] prepare_alloc_pages+0x3c2/0x610 [ 178.148203][ T9029] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 178.148238][ T9029] ? unwind_get_return_address+0x59/0xa0 [ 178.148270][ T9029] ? rcu_is_watching+0x12/0xc0 [ 178.148299][ T9029] ? mtree_load+0x309/0xa40 [ 178.148329][ T9029] ? rcu_is_watching+0x12/0xc0 [ 178.148356][ T9029] ? lock_release+0x201/0x2f0 [ 178.148392][ T9029] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 178.148427][ T9029] ? mtree_load+0x325/0xa40 [ 178.148463][ T9029] ? __up_read+0x1f8/0x750 [ 178.148511][ T9029] ? __pfx___up_read+0x10/0x10 [ 178.148550][ T9029] ? __access_remote_vm+0x4da/0x850 [ 178.148586][ T9029] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 178.148629][ T9029] ? policy_nodemask+0xea/0x4e0 [ 178.148666][ T9029] alloc_pages_mpol+0x1fb/0x550 [ 178.148702][ T9029] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 178.148738][ T9029] ? do_raw_spin_lock+0x12c/0x2b0 [ 178.148859][ T9029] ? __pfx___access_remote_vm+0x10/0x10 [ 178.148896][ T9029] ? proc_pid_cmdline_read+0x307/0x8e0 [ 178.148928][ T9029] alloc_pages_noprof+0x131/0x390 [ 178.148966][ T9029] get_free_pages_noprof+0x10/0xb0 [ 178.149019][ T9029] proc_pid_cmdline_read+0x46d/0x8e0 [ 178.149051][ T9029] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 178.149081][ T9029] ? bpf_lsm_file_permission+0x9/0x10 [ 178.149121][ T9029] ? security_file_permission+0x71/0x210 [ 178.149159][ T9029] ? rw_verify_area+0xcf/0x6c0 [ 178.149186][ T9029] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 178.149218][ T9029] vfs_read+0x1e1/0xcf0 [ 178.149250][ T9029] ? __pfx___mutex_lock+0x10/0x10 [ 178.149286][ T9029] ? __pfx_vfs_read+0x10/0x10 [ 178.149323][ T9029] ? __fget_files+0x204/0x3c0 [ 178.149353][ T9029] ? rcu_is_watching+0x12/0xc0 [ 178.149384][ T9029] ? __fget_files+0x20e/0x3c0 [ 178.149412][ T9029] ? rcu_watching_snap_stopped_since+0x60/0x110 [ 178.149448][ T9029] ksys_read+0x12a/0x250 [ 178.149479][ T9029] ? __pfx_ksys_read+0x10/0x10 [ 178.149568][ T9029] do_syscall_64+0xcd/0x490 [ 178.149606][ T9029] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.149635][ T9029] RIP: 0033:0x7f0ffab8ebe9 [ 178.149658][ T9029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 178.149685][ T9029] RSP: 002b:00007f0ffba39038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 178.149713][ T9029] RAX: ffffffffffffffda RBX: 00007f0ffadb6180 RCX: 00007f0ffab8ebe9 [ 178.149731][ T9029] RDX: 000000000000009f RSI: 0000200000000040 RDI: 0000000000000003 [ 178.149749][ T9029] RBP: 00007f0ffba39090 R08: 0000000000000000 R09: 0000000000000000 [ 178.149764][ T9029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 178.149781][ T9029] R13: 00007f0ffadb6218 R14: 00007f0ffadb6180 R15: 00007ffeb7398ce8 [ 178.149807][ T9029] [ 179.294994][ T9084] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 179.448281][ T9100] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 180.550701][ T9160] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 180.830736][ T9171] netlink: 2468 bytes leftover after parsing attributes in process `syz.3.381'. [ 182.826749][ T9256] FAULT_INJECTION: forcing a failure. [ 182.826749][ T9256] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 182.903637][ T9256] CPU: 1 UID: 0 PID: 9256 Comm: syz.0.389 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 182.903679][ T9256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 182.903695][ T9256] Call Trace: [ 182.903703][ T9256] [ 182.903714][ T9256] dump_stack_lvl+0x16c/0x1f0 [ 182.903752][ T9256] should_fail_ex+0x512/0x640 [ 182.903792][ T9256] _copy_to_user+0x32/0xd0 [ 182.903816][ T9256] proc_pid_cmdline_read+0x51b/0x8e0 [ 182.903847][ T9256] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 182.903876][ T9256] ? bpf_lsm_file_permission+0x9/0x10 [ 182.903915][ T9256] ? security_file_permission+0x71/0x210 [ 182.903953][ T9256] ? rw_verify_area+0xcf/0x6c0 [ 182.903979][ T9256] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 182.904008][ T9256] vfs_read+0x1e1/0xcf0 [ 182.904040][ T9256] ? __pfx___mutex_lock+0x10/0x10 [ 182.904074][ T9256] ? __pfx_vfs_read+0x10/0x10 [ 182.904104][ T9256] ? __fget_files+0x204/0x3c0 [ 182.904132][ T9256] ? rcu_is_watching+0x12/0xc0 [ 182.904163][ T9256] ? __fget_files+0x20e/0x3c0 [ 182.904195][ T9256] ksys_read+0x12a/0x250 [ 182.904225][ T9256] ? __pfx_ksys_read+0x10/0x10 [ 182.904261][ T9256] do_syscall_64+0xcd/0x490 [ 182.904297][ T9256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.904324][ T9256] RIP: 0033:0x7f1ed338ebe9 [ 182.904344][ T9256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 182.904367][ T9256] RSP: 002b:00007f1ed15f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 182.904393][ T9256] RAX: ffffffffffffffda RBX: 00007f1ed35b6180 RCX: 00007f1ed338ebe9 [ 182.904410][ T9256] RDX: 000000000000009f RSI: 0000200000000040 RDI: 0000000000000003 [ 182.904425][ T9256] RBP: 00007f1ed15f6090 R08: 0000000000000000 R09: 0000000000000000 [ 182.904442][ T9256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 182.904457][ T9256] R13: 00007f1ed35b6218 R14: 00007f1ed35b6180 R15: 00007ffc21c50f88 [ 182.904481][ T9256] [ 183.466528][ T9263] ICMPv6: process `syz.3.390' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 185.494178][ T9352] random: crng reseeded on system resumption [ 185.542918][ T9352] Restarting kernel threads ... [ 185.575469][ T9352] Done restarting kernel threads. [ 185.651344][ T9353] Restarting kernel threads ... [ 185.659069][ T9353] Done restarting kernel threads. [ 186.076041][ T9391] random: crng reseeded on system resumption [ 186.339395][ T9406] FAULT_INJECTION: forcing a failure. [ 186.339395][ T9406] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 186.437928][ T9406] CPU: 0 UID: 0 PID: 9406 Comm: syz.3.399 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 186.437960][ T9406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 186.437970][ T9406] Call Trace: [ 186.437976][ T9406] [ 186.437983][ T9406] dump_stack_lvl+0x16c/0x1f0 [ 186.438010][ T9406] should_fail_ex+0x512/0x640 [ 186.438037][ T9406] _copy_to_user+0x32/0xd0 [ 186.438054][ T9406] simple_read_from_buffer+0xcb/0x170 [ 186.438074][ T9406] proc_fail_nth_read+0x197/0x240 [ 186.438093][ T9406] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 186.438111][ T9406] ? security_file_permission+0x71/0x210 [ 186.438137][ T9406] ? rw_verify_area+0xcf/0x6c0 [ 186.438155][ T9406] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 186.438173][ T9406] vfs_read+0x1e1/0xcf0 [ 186.438194][ T9406] ? __pfx___mutex_lock+0x10/0x10 [ 186.438217][ T9406] ? __pfx_vfs_read+0x10/0x10 [ 186.438237][ T9406] ? __fget_files+0x204/0x3c0 [ 186.438255][ T9406] ? rcu_is_watching+0x12/0xc0 [ 186.438276][ T9406] ? __fget_files+0x20e/0x3c0 [ 186.438297][ T9406] ksys_read+0x12a/0x250 [ 186.438317][ T9406] ? __pfx_ksys_read+0x10/0x10 [ 186.438340][ T9406] do_syscall_64+0xcd/0x490 [ 186.438364][ T9406] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.438383][ T9406] RIP: 0033:0x7f0ffab8d5fc [ 186.438397][ T9406] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 186.438414][ T9406] RSP: 002b:00007f0ffba39030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 186.438432][ T9406] RAX: ffffffffffffffda RBX: 00007f0ffadb6180 RCX: 00007f0ffab8d5fc [ 186.438444][ T9406] RDX: 000000000000000f RSI: 00007f0ffba390a0 RDI: 0000000000000004 [ 186.438455][ T9406] RBP: 00007f0ffba39090 R08: 0000000000000000 R09: 0000000000000000 [ 186.438465][ T9406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 186.438476][ T9406] R13: 00007f0ffadb6218 R14: 00007f0ffadb6180 R15: 00007ffeb7398ce8 [ 186.438491][ T9406] [ 186.760857][ T9395] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 186.830875][ T9421] openvswitch: netlink: IP tunnel dst address not specified [ 188.538305][ T9499] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub [ 191.046190][ T9640] FAULT_INJECTION: forcing a failure. [ 191.046190][ T9640] name failslab, interval 1, probability 0, space 0, times 0 [ 191.089198][ T9640] CPU: 0 UID: 0 PID: 9640 Comm: syz.2.418 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 191.089228][ T9640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 191.089238][ T9640] Call Trace: [ 191.089243][ T9640] [ 191.089250][ T9640] dump_stack_lvl+0x16c/0x1f0 [ 191.089277][ T9640] should_fail_ex+0x512/0x640 [ 191.089304][ T9640] ? memcg_list_lru_alloc+0x4e9/0x740 [ 191.089326][ T9640] should_failslab+0xc2/0x120 [ 191.089350][ T9640] __kmalloc_noprof+0xd2/0x510 [ 191.089370][ T9640] ? mqueue_get_inode+0x2e/0xdd0 [ 191.089404][ T9640] ? mqueue_fill_super+0x14d/0x260 [ 191.089419][ T9640] ? get_tree_nodev+0xdd/0x190 [ 191.089438][ T9640] ? mqueue_get_tree+0xf1/0x130 [ 191.089454][ T9640] memcg_list_lru_alloc+0x4e9/0x740 [ 191.089477][ T9640] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 191.089498][ T9640] ? rcu_read_unlock+0x17/0x60 [ 191.089523][ T9640] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 191.089542][ T9640] __memcg_slab_post_alloc_hook+0x133/0x960 [ 191.089568][ T9640] ? kasan_save_track+0x14/0x30 [ 191.089590][ T9640] kmem_cache_alloc_lru_noprof+0x30f/0x3b0 [ 191.089612][ T9640] ? mqueue_alloc_inode+0x25/0x50 [ 191.089629][ T9640] ? __pfx_mqueue_fill_super+0x10/0x10 [ 191.089645][ T9640] ? __pfx_mqueue_alloc_inode+0x10/0x10 [ 191.089663][ T9640] mqueue_alloc_inode+0x25/0x50 [ 191.089678][ T9640] alloc_inode+0x64/0x240 [ 191.089702][ T9640] new_inode+0x22/0x1c0 [ 191.089727][ T9640] ? __pfx_mqueue_fill_super+0x10/0x10 [ 191.089743][ T9640] mqueue_get_inode+0x2e/0xdd0 [ 191.089770][ T9640] ? sget_fc+0x808/0xc20 [ 191.089789][ T9640] ? __pfx_mqueue_fill_super+0x10/0x10 [ 191.089805][ T9640] mqueue_fill_super+0x14d/0x260 [ 191.089820][ T9640] get_tree_nodev+0xdd/0x190 [ 191.089840][ T9640] mqueue_get_tree+0xf1/0x130 [ 191.089856][ T9640] vfs_get_tree+0x8e/0x340 [ 191.089871][ T9640] fc_mount_longterm+0x18/0x160 [ 191.089900][ T9640] mq_init_ns+0x426/0x620 [ 191.089920][ T9640] copy_ipcs+0x383/0x610 [ 191.089938][ T9640] ? copy_utsname+0xab/0x470 [ 191.089963][ T9640] create_new_namespaces+0x20a/0xa90 [ 191.089983][ T9640] ? security_capable+0x7e/0x260 [ 191.090000][ T9640] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 191.090021][ T9640] ksys_unshare+0x45b/0xa40 [ 191.090045][ T9640] ? __pfx_ksys_unshare+0x10/0x10 [ 191.090075][ T9640] ? xfd_validate_state+0x61/0x180 [ 191.090103][ T9640] __x64_sys_unshare+0x31/0x40 [ 191.090127][ T9640] do_syscall_64+0xcd/0x490 [ 191.090150][ T9640] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.090168][ T9640] RIP: 0033:0x7fbe8398ebe9 [ 191.090182][ T9640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 191.090199][ T9640] RSP: 002b:00007fbe847bd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 191.090217][ T9640] RAX: ffffffffffffffda RBX: 00007fbe83bb6090 RCX: 00007fbe8398ebe9 [ 191.090228][ T9640] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 191.090238][ T9640] RBP: 00007fbe83a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 191.090248][ T9640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 191.090259][ T9640] R13: 00007fbe83bb6128 R14: 00007fbe83bb6090 R15: 00007fff6c963fc8 [ 191.090274][ T9640] [ 192.009766][ T30] audit: type=1804 audit(1755497326.623:8): pid=9701 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.422" name="/newroot/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw" dev="tracefs" ino=1178 res=1 errno=0 [ 192.373397][ T9747] netlink: 4 bytes leftover after parsing attributes in process `syz.3.425'. [ 193.275136][ T5869] Bluetooth: hci1: unexpected event 0x02 length: 726 > 260 [ 194.285668][ T9770] kexec: Could not allocate control_code_buffer [ 197.237150][T10060] bond0: option all_slaves_active: invalid value () [ 198.215668][T10183] bond0: option all_slaves_active: invalid value () [ 199.040148][ T30] audit: type=1800 audit(1755497333.673:9): pid=10271 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.455" name="trace_pipe" dev="tracefs" ino=1133 res=0 errno=0 [ 199.070585][ C1] vkms_vblank_simulate: vblank timer overrun [ 199.476886][ T30] audit: type=1800 audit(1755497334.103:10): pid=10301 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.456" name="members" dev="configfs" ino=21874 res=0 errno=0 [ 199.736561][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.746578][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 201.590504][T10449] FAULT_INJECTION: forcing a failure. [ 201.590504][T10449] name failslab, interval 1, probability 0, space 0, times 0 [ 201.607305][T10449] CPU: 0 UID: 0 PID: 10449 Comm: syz.2.462 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 201.607354][T10449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 201.607372][T10449] Call Trace: [ 201.607381][T10449] [ 201.607392][T10449] dump_stack_lvl+0x16c/0x1f0 [ 201.607434][T10449] should_fail_ex+0x512/0x640 [ 201.607489][T10449] should_failslab+0xc2/0x120 [ 201.607529][T10449] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 201.607565][T10449] ? lock_release+0x201/0x2f0 [ 201.607604][T10449] ? bpf_ksym_find+0x124/0x1c0 [ 201.607629][T10449] ? __d_alloc+0x32/0xae0 [ 201.607665][T10449] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 201.607701][T10449] __d_alloc+0x32/0xae0 [ 201.607735][T10449] ? __kernel_text_address+0xd/0x40 [ 201.607764][T10449] d_alloc_parallel+0x111/0x1480 [ 201.607820][T10449] ? binder_open+0x168/0xde0 [ 201.607858][T10449] ? stack_trace_save+0x8e/0xc0 [ 201.607889][T10449] ? __pfx_d_alloc_parallel+0x10/0x10 [ 201.607934][T10449] ? put_dec+0x2e/0xc0 [ 201.607973][T10449] ? put_dec_trunc8+0x28b/0x370 [ 201.608018][T10449] ? lockdep_init_map_type+0x5c/0x280 [ 201.608059][T10449] ? lockdep_init_map_type+0x5c/0x280 [ 201.608102][T10449] __lookup_slow+0x193/0x460 [ 201.608147][T10449] ? __pfx___lookup_slow+0x10/0x10 [ 201.608191][T10449] ? rcu_is_watching+0x12/0xc0 [ 201.608228][T10449] ? d_lookup+0xe7/0x190 [ 201.608275][T10449] lookup_noperm+0xe1/0x110 [ 201.608321][T10449] simple_start_creating+0xd1/0x1b0 [ 201.608352][T10449] start_creating.part.0+0x82/0x190 [ 201.608386][T10449] __debugfs_create_file+0xa7/0x6b0 [ 201.608422][T10449] debugfs_create_file_full+0x41/0x60 [ 201.608465][T10449] binder_open+0x9f1/0xde0 [ 201.608505][T10449] ? __pfx_binder_open+0x10/0x10 [ 201.608545][T10449] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 201.608583][T10449] do_dentry_open+0x982/0x1530 [ 201.608619][T10449] ? __pfx_binder_open+0x10/0x10 [ 201.608661][T10449] vfs_open+0x82/0x3f0 [ 201.608705][T10449] path_openat+0x1de4/0x2cb0 [ 201.608744][T10449] ? __pfx_path_openat+0x10/0x10 [ 201.608783][T10449] do_filp_open+0x20b/0x470 [ 201.608817][T10449] ? __pfx_do_filp_open+0x10/0x10 [ 201.608863][T10449] ? alloc_fd+0x471/0x7d0 [ 201.608897][T10449] do_sys_openat2+0x11b/0x1d0 [ 201.608941][T10449] ? __pfx_do_sys_openat2+0x10/0x10 [ 201.608992][T10449] __x64_sys_openat+0x174/0x210 [ 201.609038][T10449] ? __pfx___x64_sys_openat+0x10/0x10 [ 201.609097][T10449] do_syscall_64+0xcd/0x490 [ 201.609136][T10449] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 201.609166][T10449] RIP: 0033:0x7fbe8398ebe9 [ 201.609189][T10449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 201.609216][T10449] RSP: 002b:00007fbe847de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 201.609246][T10449] RAX: ffffffffffffffda RBX: 00007fbe83bb5fa0 RCX: 00007fbe8398ebe9 [ 201.609267][T10449] RDX: 0000000000002001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 201.609287][T10449] RBP: 00007fbe83a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 201.609310][T10449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 201.609328][T10449] R13: 00007fbe83bb6038 R14: 00007fbe83bb5fa0 R15: 00007fff6c963fc8 [ 201.609356][T10449] [ 202.453063][T10481] netlink: 8 bytes leftover after parsing attributes in process `syz.0.463'. [ 202.589327][T10294] ptrace attach of "./syz-executor exec"[7614] was attempted by "./syz-executor exec"[10294] [ 203.808295][T10540] __vm_enough_memory: pid: 10540, comm: syz.2.469, bytes: 4398046511104 not enough memory for the allocation [ 204.464259][T10610] random: crng reseeded on system resumption [ 205.208744][T10741] can: request_module (can-proto-3) failed. [ 205.969017][T10810] Invalid ELF header magic: != ELF [ 206.460999][T10894] zswap: compressor not available [ 208.104271][T10937] zswap: compressor not available [ 209.393773][T11063] FAULT_INJECTION: forcing a failure. [ 209.393773][T11063] name failslab, interval 1, probability 0, space 0, times 0 [ 209.411066][T11063] CPU: 0 UID: 0 PID: 11063 Comm: syz.1.500 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 209.411093][T11063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 209.411104][T11063] Call Trace: [ 209.411110][T11063] [ 209.411116][T11063] dump_stack_lvl+0x16c/0x1f0 [ 209.411143][T11063] should_fail_ex+0x512/0x640 [ 209.411177][T11063] should_failslab+0xc2/0x120 [ 209.411201][T11063] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 209.411222][T11063] ? lock_release+0x201/0x2f0 [ 209.411245][T11063] ? sock_alloc_inode+0x25/0x1c0 [ 209.411274][T11063] ? __pfx_sock_alloc_inode+0x10/0x10 [ 209.411302][T11063] sock_alloc_inode+0x25/0x1c0 [ 209.411332][T11063] alloc_inode+0x64/0x240 [ 209.411357][T11063] sock_alloc+0x40/0x280 [ 209.411381][T11063] __sock_create+0xc1/0x8d0 [ 209.411398][T11063] __sys_socket+0x14d/0x260 [ 209.411414][T11063] ? __pfx___sys_socket+0x10/0x10 [ 209.411433][T11063] ? xfd_validate_state+0x61/0x180 [ 209.411458][T11063] ? __pfx_ksys_write+0x10/0x10 [ 209.411481][T11063] __x64_sys_socket+0x72/0xb0 [ 209.411498][T11063] do_syscall_64+0xcd/0x490 [ 209.411522][T11063] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.411539][T11063] RIP: 0033:0x7f981558ebe9 [ 209.411553][T11063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 209.411570][T11063] RSP: 002b:00007f98164e3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 209.411588][T11063] RAX: ffffffffffffffda RBX: 00007f98157b5fa0 RCX: 00007f981558ebe9 [ 209.411599][T11063] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 209.411609][T11063] RBP: 00007f9815611e19 R08: 0000000000000000 R09: 0000000000000000 [ 209.411620][T11063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 209.411630][T11063] R13: 00007f98157b6038 R14: 00007f98157b5fa0 R15: 00007ffd19da9ec8 [ 209.411648][T11063] [ 209.411657][T11063] socket: no more sockets [ 211.076956][ T5869] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 211.093996][ T5869] Bluetooth: hci2: Invalid handle: 0x3a4a > 0x0eff [ 212.495333][T11322] netlink: 330 bytes leftover after parsing attributes in process `syz.2.518'. [ 213.003913][T11339] vhci_hcd: invalid port number 16 [ 213.022075][T11339] vhci_hcd: invalid port number 16 [ 213.387963][ T30] audit: type=1804 audit(1755505147.991:11): pid=11346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.520" name="/newroot/120/file0" dev="tmpfs" ino=649 res=1 errno=0 [ 213.668095][T11351] netlink: 330 bytes leftover after parsing attributes in process `syz.2.524'. [ 213.679266][T11351] mac80211_hwsim hwsim5 : renamed from wlan0 (while UP) [ 214.262175][T11333] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 214.274370][T11357] Invalid ELF header magic: != ELF [ 216.958491][T11417] FAULT_INJECTION: forcing a failure. [ 216.958491][T11417] name fail_futex, interval 1, probability 0, space 0, times 0 [ 216.992359][T11417] CPU: 0 UID: 0 PID: 11417 Comm: syz.1.539 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 216.992402][T11417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 216.992418][T11417] Call Trace: [ 216.992427][T11417] [ 216.992437][T11417] dump_stack_lvl+0x16c/0x1f0 [ 216.992478][T11417] should_fail_ex+0x512/0x640 [ 216.992520][T11417] get_futex_key+0xff0/0x1560 [ 216.992556][T11417] ? __pfx_get_futex_key+0x10/0x10 [ 216.992589][T11417] ? __mutex_trylock_common+0xe9/0x250 [ 216.992629][T11417] ? __pfx___mutex_trylock_common+0x10/0x10 [ 216.992670][T11417] futex_wake+0xea/0x530 [ 216.992711][T11417] ? __pfx_futex_wake+0x10/0x10 [ 216.992749][T11417] ? rcu_is_watching+0x12/0xc0 [ 216.992779][T11417] ? rcu_is_watching+0x12/0xc0 [ 216.992808][T11417] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 216.992853][T11417] do_futex+0x1e3/0x350 [ 216.992887][T11417] ? __pfx_do_futex+0x10/0x10 [ 216.992920][T11417] ? lock_release+0x201/0x2f0 [ 216.992959][T11417] mm_release+0x24e/0x300 [ 216.992989][T11417] do_exit+0x68e/0x2bf0 [ 216.993031][T11417] ? __pfx_do_exit+0x10/0x10 [ 216.993069][T11417] ? do_raw_spin_lock+0x12c/0x2b0 [ 216.993119][T11417] ? get_signal+0x8f5/0x26d0 [ 216.993150][T11417] ? rcu_is_watching+0x12/0xc0 [ 216.993180][T11417] do_group_exit+0xd3/0x2a0 [ 216.993219][T11417] get_signal+0x2673/0x26d0 [ 216.993252][T11417] ? fixup_exception+0x10c/0xbf0 [ 216.993284][T11417] ? __pfx_get_signal+0x10/0x10 [ 216.993314][T11417] ? do_futex+0x122/0x350 [ 216.993346][T11417] ? __pfx_do_futex+0x10/0x10 [ 216.993382][T11417] arch_do_signal_or_restart+0x8f/0x790 [ 216.993419][T11417] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 216.993465][T11417] exit_to_user_mode_loop+0x84/0x110 [ 216.993506][T11417] do_syscall_64+0x3f6/0x490 [ 216.993543][T11417] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 216.993573][T11417] RIP: 0033:0x7f981558ebe9 [ 216.993595][T11417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 216.993621][T11417] RSP: 002b:00007f98164e30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 216.993650][T11417] RAX: fffffffffffffe00 RBX: 00007f98157b5fa8 RCX: 00007f981558ebe9 [ 216.993669][T11417] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f98157b5fa8 [ 216.993687][T11417] RBP: 00007f98157b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 216.993705][T11417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 216.993721][T11417] R13: 00007f98157b6038 R14: 00007ffd19da9de0 R15: 00007ffd19da9ec8 [ 216.993747][T11417] [ 217.805465][T11459] netlink: 20 bytes leftover after parsing attributes in process `syz.1.542'. [ 217.884784][T11459] mac80211_hwsim hwsim15 wlan1: entered promiscuous mode [ 217.947681][T11459] mac80211_hwsim hwsim15 wlan1: entered allmulticast mode [ 218.373033][T11479] can: request_module (can-proto-0) failed. [ 218.424635][T11465] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 218.444052][T11465] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 218.499325][T11465] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 218.568958][T11465] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 218.633957][T11465] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 218.677717][T11465] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 218.700881][T11465] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 219.966212][ T5861] Bluetooth: hci0: command 0x0c1a tx timeout [ 220.454667][ T5861] Bluetooth: hci1: command 0x0c1a tx timeout [ 220.536173][ T5861] Bluetooth: hci3: command 0x0c1a tx timeout [ 220.696195][ T5861] Bluetooth: hci2: command 0x0c1a tx timeout [ 220.929258][T11625] netlink: 4 bytes leftover after parsing attributes in process `syz.2.559'. [ 221.000787][T11626] netlink: 17 bytes leftover after parsing attributes in process `syz.2.559'. [ 221.040870][T11632] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 221.323691][T11637] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 222.606324][ T5861] Bluetooth: hci3: command 0x0c1a tx timeout [ 222.777047][ T5861] Bluetooth: hci2: command 0x0c1a tx timeout [ 224.256234][T11973] nbd: socks must be embedded in a SOCK_ITEM attr [ 224.277187][T11985] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 224.434381][T11994] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 224.846216][ T5861] Bluetooth: hci2: command 0x0c1a tx timeout [ 226.269885][T12085] HfR: entered promiscuous mode [ 226.600745][T12123] vmstat_refresh: nr_hugetlb -6144 [ 227.312538][ T5861] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 227.312577][ T5861] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 227.313987][T12168] : Can't lookup blockdev [ 227.329408][ T5861] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 227.335740][ T5861] Bluetooth: hci3: adv larger than maximum supported [ 227.346326][ T5861] Bluetooth: hci3: adv larger than maximum supported [ 227.354386][ T5861] Bluetooth: hci3: Malformed LE Event: 0x0d [ 227.863322][T12175] binder: 12174:12175 unknown command 4294967282 [ 227.874977][T12175] binder: 12174:12175 ioctl c0306201 2000000000c0 returned -22 [ 228.292532][ T5861] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 228.754011][T12226] FAULT_INJECTION: forcing a failure. [ 228.754011][T12226] name fail_futex, interval 1, probability 0, space 0, times 0 [ 228.842794][T12226] CPU: 0 UID: 1 PID: 12226 Comm: syz.3.593 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 228.842835][T12226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 228.842851][T12226] Call Trace: [ 228.842860][T12226] [ 228.842870][T12226] dump_stack_lvl+0x16c/0x1f0 [ 228.842908][T12226] should_fail_ex+0x512/0x640 [ 228.842945][T12226] ? trace_pid_list_is_set+0xfb/0x150 [ 228.842980][T12226] get_futex_key+0x1d0/0x1560 [ 228.843011][T12226] ? inet_sendmsg+0xc0/0x140 [ 228.843038][T12226] ? __pfx_get_futex_key+0x10/0x10 [ 228.843069][T12226] ? __pfx_sock_write_iter+0x10/0x10 [ 228.843113][T12226] futex_wake+0xea/0x530 [ 228.843152][T12226] ? bpf_lsm_file_permission+0x9/0x10 [ 228.843199][T12226] ? __pfx_futex_wake+0x10/0x10 [ 228.843239][T12226] ? vfs_write+0x15d/0x11d0 [ 228.843269][T12226] ? __pfx_sock_write_iter+0x10/0x10 [ 228.843312][T12226] do_futex+0x1e3/0x350 [ 228.843345][T12226] ? __pfx_do_futex+0x10/0x10 [ 228.843377][T12226] ? lock_release+0x201/0x2f0 [ 228.843415][T12226] __x64_sys_futex+0x1e0/0x4c0 [ 228.843451][T12226] ? fput+0x9b/0xd0 [ 228.843485][T12226] ? __pfx___x64_sys_futex+0x10/0x10 [ 228.843519][T12226] ? ksys_write+0x1ac/0x250 [ 228.843548][T12226] ? __pfx_ksys_write+0x10/0x10 [ 228.843582][T12226] do_syscall_64+0xcd/0x490 [ 228.843618][T12226] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.843647][T12226] RIP: 0033:0x7f0ffab8ebe9 [ 228.843668][T12226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 228.843693][T12226] RSP: 002b:00007f0ffba5a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 228.843719][T12226] RAX: ffffffffffffffda RBX: 00007f0ffadb6098 RCX: 00007f0ffab8ebe9 [ 228.843738][T12226] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0ffadb609c [ 228.843756][T12226] RBP: 00007f0ffadb6090 R08: 00007f0ffba7c000 R09: 0000000000000000 [ 228.843773][T12226] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 228.843791][T12226] R13: 00007f0ffadb6128 R14: 00007ffeb7398c00 R15: 00007ffeb7398ce8 [ 228.843817][T12226] [ 229.489385][T12305] netlink: 4 bytes leftover after parsing attributes in process `syz.3.596'. [ 229.519746][T12305] FAULT_INJECTION: forcing a failure. [ 229.519746][T12305] name fail_futex, interval 1, probability 0, space 0, times 0 [ 229.537027][T12305] CPU: 1 UID: 0 PID: 12305 Comm: syz.3.596 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 229.537071][T12305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 229.537088][T12305] Call Trace: [ 229.537097][T12305] [ 229.537106][T12305] dump_stack_lvl+0x16c/0x1f0 [ 229.537147][T12305] should_fail_ex+0x512/0x640 [ 229.537200][T12305] get_futex_key+0x1d0/0x1560 [ 229.537235][T12305] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 229.537280][T12305] ? __pfx_get_futex_key+0x10/0x10 [ 229.537311][T12305] ? rcu_is_watching+0x12/0xc0 [ 229.537352][T12305] ? lock_release+0x201/0x2f0 [ 229.537389][T12305] ? do_raw_spin_unlock+0x172/0x230 [ 229.537436][T12305] futex_wait_setup+0x9d/0x550 [ 229.537492][T12305] __futex_wait+0x194/0x2f0 [ 229.537535][T12305] ? __pfx___futex_wait+0x10/0x10 [ 229.537577][T12305] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 229.537619][T12305] ? __pfx_futex_wake_mark+0x10/0x10 [ 229.537662][T12305] ? lock_release+0x201/0x2f0 [ 229.537707][T12305] ? futex_private_hash_put+0x11c/0x300 [ 229.537739][T12305] futex_wait+0xe8/0x380 [ 229.537789][T12305] ? __pfx_futex_wait+0x10/0x10 [ 229.537842][T12305] do_futex+0x229/0x350 [ 229.537879][T12305] ? __pfx_do_futex+0x10/0x10 [ 229.537914][T12305] ? fput+0x9b/0xd0 [ 229.537952][T12305] ? __sys_sendmsg+0x18c/0x220 [ 229.537992][T12305] __x64_sys_futex+0x1e0/0x4c0 [ 229.538031][T12305] ? __pfx___x64_sys_futex+0x10/0x10 [ 229.538068][T12305] ? xfd_validate_state+0x61/0x180 [ 229.538116][T12305] do_syscall_64+0xcd/0x490 [ 229.538163][T12305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.538192][T12305] RIP: 0033:0x7f0ffab8ebe9 [ 229.538214][T12305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 229.538241][T12305] RSP: 002b:00007f0ffba7b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 229.538270][T12305] RAX: ffffffffffffffda RBX: 00007f0ffadb5fa8 RCX: 00007f0ffab8ebe9 [ 229.538289][T12305] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f0ffadb5fa8 [ 229.538307][T12305] RBP: 00007f0ffadb5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 229.538325][T12305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 229.538342][T12305] R13: 00007f0ffadb6038 R14: 00007ffeb7398c00 R15: 00007ffeb7398ce8 [ 229.538370][T12305] [ 229.822859][ C1] vkms_vblank_simulate: vblank timer overrun [ 229.834363][T12305] FAULT_INJECTION: forcing a failure. [ 229.834363][T12305] name failslab, interval 1, probability 0, space 0, times 0 [ 229.849945][T12305] CPU: 1 UID: 0 PID: 12305 Comm: syz.3.596 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 229.849991][T12305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 229.850009][T12305] Call Trace: [ 229.850018][T12305] [ 229.850029][T12305] dump_stack_lvl+0x16c/0x1f0 [ 229.850069][T12305] should_fail_ex+0x512/0x640 [ 229.850111][T12305] should_failslab+0xc2/0x120 [ 229.850148][T12305] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 229.850181][T12305] ? apparmor_capable+0x114/0x1d0 [ 229.850212][T12305] ? prepare_creds+0x2c/0x7d0 [ 229.850255][T12305] prepare_creds+0x2c/0x7d0 [ 229.850298][T12305] __sys_setresuid+0x46d/0x1160 [ 229.850332][T12305] do_syscall_64+0xcd/0x490 [ 229.850370][T12305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.850400][T12305] RIP: 0033:0x7f0ffab8ebe9 [ 229.850423][T12305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 229.850450][T12305] RSP: 002b:00007f0ffba7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000075 [ 229.850478][T12305] RAX: ffffffffffffffda RBX: 00007f0ffadb5fa0 RCX: 00007f0ffab8ebe9 [ 229.850497][T12305] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000008 [ 229.850513][T12305] RBP: 00007f0ffac11e19 R08: 0000000000000000 R09: 0000000000000000 [ 229.850530][T12305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 229.850547][T12305] R13: 00007f0ffadb6038 R14: 00007f0ffadb5fa0 R15: 00007ffeb7398ce8 [ 229.850573][T12305] [ 230.039730][ C1] vkms_vblank_simulate: vblank timer overrun [ 230.938445][T12344] kafs: addr_prefs: Too many elements in string [ 231.153844][T12351] netlink: 'syz.1.600': attribute type 1 has an invalid length. [ 232.743902][T12482] Invalid ELF header magic: != ELF [ 233.861158][T12528] bond0: option primary_reselect: invalid value () [ 234.448125][T12545] netlink: 28 bytes leftover after parsing attributes in process `syz.3.618'. [ 234.818569][T12545] netlink: 28 bytes leftover after parsing attributes in process `syz.3.618'. [ 234.843161][T12593] random: crng reseeded on system resumption [ 234.864389][T12572] vhci_hcd: not connected 4 [ 234.906809][T12545] netlink: 28 bytes leftover after parsing attributes in process `syz.3.618'. [ 234.919666][T12545] netlink: 28 bytes leftover after parsing attributes in process `syz.3.618'. [ 234.985293][T12617] openvswitch: netlink: IPv6 tunnel dst address is zero [ 234.999114][T12545] netlink: 28 bytes leftover after parsing attributes in process `syz.3.618'. [ 237.664512][T12799] netlink: 4 bytes leftover after parsing attributes in process `syz.0.637'. [ 238.051830][T12828] random: crng reseeded on system resumption [ 239.502536][T12936] random: crng reseeded on system resumption [ 240.384800][ T30] audit: type=1800 audit(1755505175.001:12): pid=13033 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.652" name="dbroot" dev="configfs" ino=28928 res=0 errno=0 [ 241.318597][T13074] netlink: 25 bytes leftover after parsing attributes in process `syz.3.658'. [ 242.105046][ T5861] Bluetooth: hci3: unexpected event 0x1d length: 6 > 5 [ 243.462497][T13193] snd_aloop snd_aloop.0: control 16781581:65539:5:'x?F/zF˷fC:7 is already present [ 245.377073][T13209] Invalid ELF header magic: != ELF [ 246.624370][ T30] audit: type=1806 audit(1755505181.251:13): xattr="" res=-22 [ 247.270703][T13345] random: crng reseeded on system resumption [ 248.119731][ T30] audit: type=1800 audit(1755505182.751:14): pid=13421 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.691" name="features" dev="configfs" ino=28438 res=0 errno=0 [ 248.208744][T13415] FAULT_INJECTION: forcing a failure. [ 248.208744][T13415] name failslab, interval 1, probability 0, space 0, times 0 [ 248.224341][T13415] CPU: 0 UID: 0 PID: 13415 Comm: syz.2.693 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 248.224377][T13415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 248.224390][T13415] Call Trace: [ 248.224398][T13415] [ 248.224407][T13415] dump_stack_lvl+0x16c/0x1f0 [ 248.224440][T13415] should_fail_ex+0x512/0x640 [ 248.224474][T13415] should_failslab+0xc2/0x120 [ 248.224505][T13415] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 248.224532][T13415] ? security_inode_alloc+0x3b/0x2b0 [ 248.224559][T13415] security_inode_alloc+0x3b/0x2b0 [ 248.224584][T13415] inode_init_always_gfp+0xce4/0x1030 [ 248.224612][T13415] alloc_inode+0x86/0x240 [ 248.224648][T13415] sock_alloc+0x40/0x280 [ 248.224680][T13415] __sock_create+0xc1/0x8d0 [ 248.224703][T13415] __sys_socketpair+0x1d8/0x5a0 [ 248.224726][T13415] ? __pfx___sys_socketpair+0x10/0x10 [ 248.224757][T13415] ? xfd_validate_state+0x61/0x180 [ 248.224794][T13415] __x64_sys_socketpair+0x96/0x100 [ 248.224816][T13415] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 248.224851][T13415] do_syscall_64+0xcd/0x490 [ 248.224881][T13415] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.224904][T13415] RIP: 0033:0x7fbe8398ebe9 [ 248.224922][T13415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.224943][T13415] RSP: 002b:00007fbe847de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 248.224966][T13415] RAX: ffffffffffffffda RBX: 00007fbe83bb5fa0 RCX: 00007fbe8398ebe9 [ 248.224981][T13415] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 0000000000000001 [ 248.224995][T13415] RBP: 00007fbe83a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 248.225009][T13415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 248.225022][T13415] R13: 00007fbe83bb6038 R14: 00007fbe83bb5fa0 R15: 00007fff6c963fc8 [ 248.225043][T13415] [ 248.225135][T13415] socket: no more sockets [ 252.011680][T13627] bond0: no command found in slaves file - use +ifname or -ifname [ 252.134841][T13631] vhci_hcd: invalid port number 21 [ 253.288543][T13722] netlink: 28 bytes leftover after parsing attributes in process `syz.0.715'. [ 253.309220][T13722] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 253.350661][T13722] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 253.438567][T13714] FAULT_INJECTION: forcing a failure. [ 253.438567][T13714] name fail_futex, interval 1, probability 0, space 0, times 0 [ 253.472180][T13722] bond0 (unregistering): Released all slaves [ 253.490096][T13714] CPU: 1 UID: 0 PID: 13714 Comm: syz.2.714 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 253.490139][T13714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 253.490157][T13714] Call Trace: [ 253.490166][T13714] [ 253.490177][T13714] dump_stack_lvl+0x16c/0x1f0 [ 253.490219][T13714] should_fail_ex+0x512/0x640 [ 253.490264][T13714] get_futex_key+0x1d0/0x1560 [ 253.490303][T13714] ? __pfx_get_futex_key+0x10/0x10 [ 253.490340][T13714] futex_wait_setup+0x9d/0x550 [ 253.490382][T13714] __futex_wait+0x194/0x2f0 [ 253.490423][T13714] ? __pfx___futex_wait+0x10/0x10 [ 253.490479][T13714] ? kfree+0x2b4/0x4d0 [ 253.490506][T13714] ? __pfx_futex_wake_mark+0x10/0x10 [ 253.490546][T13714] ? lock_release+0x201/0x2f0 [ 253.490583][T13714] ? futex_private_hash_put+0x11c/0x300 [ 253.490616][T13714] futex_wait+0xe8/0x380 [ 253.490657][T13714] ? __pfx_futex_wait+0x10/0x10 [ 253.490709][T13714] do_futex+0x229/0x350 [ 253.490747][T13714] ? __pfx_do_futex+0x10/0x10 [ 253.490788][T13714] __x64_sys_futex+0x1e0/0x4c0 [ 253.490826][T13714] ? __fget_files+0x20e/0x3c0 [ 253.490858][T13714] ? __pfx___x64_sys_futex+0x10/0x10 [ 253.490898][T13714] ? fput+0x9b/0xd0 [ 253.490948][T13714] do_syscall_64+0xcd/0x490 [ 253.490987][T13714] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.491016][T13714] RIP: 0033:0x7fbe8398ebe9 [ 253.491040][T13714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 253.491066][T13714] RSP: 002b:00007fbe847de0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 253.491091][T13714] RAX: ffffffffffffffda RBX: 00007fbe83bb5fa8 RCX: 00007fbe8398ebe9 [ 253.491110][T13714] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fbe83bb5fa8 [ 253.491126][T13714] RBP: 00007fbe83bb5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 253.491142][T13714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 253.491158][T13714] R13: 00007fbe83bb6038 R14: 00007fff6c963ee0 R15: 00007fff6c963fc8 [ 253.491183][T13714] [ 254.308594][T13829] netlink: 238 bytes leftover after parsing attributes in process `syz.1.721'. [ 254.442775][T13840] netlink: 238 bytes leftover after parsing attributes in process `syz.1.721'. [ 254.508472][T13836] mkiss: ax0: crc mode is auto. [ 254.642217][T13871] program syz.2.724 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 255.373973][T13885] random: crng reseeded on system resumption [ 257.052953][T14054] kafs: addr_prefs: Invalid Command [ 257.665671][T14091] nfs: Bad value for 'source' [ 257.883326][T14094] FAULT_INJECTION: forcing a failure. [ 257.883326][T14094] name failslab, interval 1, probability 0, space 0, times 0 [ 257.984920][T14094] CPU: 1 UID: 0 PID: 14094 Comm: syz.0.744 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 257.984952][T14094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 257.984962][T14094] Call Trace: [ 257.984967][T14094] [ 257.984974][T14094] dump_stack_lvl+0x16c/0x1f0 [ 257.985002][T14094] should_fail_ex+0x512/0x640 [ 257.985029][T14094] should_failslab+0xc2/0x120 [ 257.985053][T14094] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 257.985074][T14094] ? __debug_object_init+0x2de/0x3d0 [ 257.985093][T14094] ? sock_alloc_inode+0x25/0x1c0 [ 257.985126][T14094] ? __pfx_sock_alloc_inode+0x10/0x10 [ 257.985151][T14094] sock_alloc_inode+0x25/0x1c0 [ 257.985177][T14094] alloc_inode+0x64/0x240 [ 257.985202][T14094] sock_alloc+0x40/0x280 [ 257.985227][T14094] __sock_create+0xc1/0x8d0 [ 257.985244][T14094] smc_create_clcsk+0x37/0xd0 [ 257.985262][T14094] ? __pfx_smc_inet_init_sock+0x10/0x10 [ 257.985286][T14094] inet_create+0x939/0x1040 [ 257.985304][T14094] ? inet_create+0x93/0x1040 [ 257.985321][T14094] __sock_create+0x338/0x8d0 [ 257.985338][T14094] __sys_socket+0x14d/0x260 [ 257.985355][T14094] ? __pfx___sys_socket+0x10/0x10 [ 257.985371][T14094] ? xfd_validate_state+0x61/0x180 [ 257.985398][T14094] ? __pfx_ksys_write+0x10/0x10 [ 257.985420][T14094] __x64_sys_socket+0x72/0xb0 [ 257.985437][T14094] do_syscall_64+0xcd/0x490 [ 257.985460][T14094] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.985478][T14094] RIP: 0033:0x7f1ed338ebe9 [ 257.985492][T14094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 257.985509][T14094] RSP: 002b:00007f1ed4148038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 257.985526][T14094] RAX: ffffffffffffffda RBX: 00007f1ed35b5fa0 RCX: 00007f1ed338ebe9 [ 257.985538][T14094] RDX: 0000000000000100 RSI: 0000000000000801 RDI: 0000000000000002 [ 257.985549][T14094] RBP: 00007f1ed3411e19 R08: 0000000000000000 R09: 0000000000000000 [ 257.985561][T14094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 257.985571][T14094] R13: 00007f1ed35b6038 R14: 00007f1ed35b5fa0 R15: 00007ffc21c50f88 [ 257.985586][T14094] [ 257.985618][T14094] socket: no more sockets [ 259.283316][T14193] ================================================================== [ 259.283330][T14193] BUG: KASAN: slab-out-of-bounds in vc_do_resize+0x80a/0x10e0 [ 259.283358][T14193] Read of size 64 at addr ffff88807b47bfc0 by task syz.3.748/14193 [ 259.283374][T14193] [ 259.283383][T14193] CPU: 0 UID: 0 PID: 14193 Comm: syz.3.748 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 259.283406][T14193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 259.283416][T14193] Call Trace: [ 259.283422][T14193] [ 259.283429][T14193] dump_stack_lvl+0x116/0x1f0 [ 259.283453][T14193] print_report+0xcd/0x630 [ 259.283476][T14193] ? __virt_addr_valid+0x81/0x610 [ 259.283498][T14193] ? __phys_addr+0xe8/0x180 [ 259.283521][T14193] ? vc_do_resize+0x80a/0x10e0 [ 259.283541][T14193] kasan_report+0xe0/0x110 [ 259.283566][T14193] ? vc_do_resize+0x80a/0x10e0 [ 259.283588][T14193] kasan_check_range+0x100/0x1b0 [ 259.283615][T14193] __asan_memcpy+0x23/0x60 [ 259.283633][T14193] vc_do_resize+0x80a/0x10e0 [ 259.283658][T14193] ? __pfx_vc_do_resize+0x10/0x10 [ 259.283680][T14193] ? lock_acquire+0x2cd/0x350 [ 259.283703][T14193] ? rcu_is_watching+0x12/0xc0 [ 259.283724][T14193] vt_ioctl+0x2ca4/0x30a0 [ 259.283742][T14193] ? __pfx_vt_ioctl+0x10/0x10 [ 259.283759][T14193] ? tomoyo_path_number_perm+0x295/0x580 [ 259.283780][T14193] ? rcu_is_watching+0x12/0xc0 [ 259.283798][T14193] ? lock_release+0x201/0x2f0 [ 259.283822][T14193] ? tomoyo_path_number_perm+0x18d/0x580 [ 259.283853][T14193] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 259.283878][T14193] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 259.283905][T14193] ? tty_jobctrl_ioctl+0x152/0xe00 [ 259.283924][T14193] ? __pfx_vt_ioctl+0x10/0x10 [ 259.283940][T14193] tty_ioctl+0x65e/0x1680 [ 259.283964][T14193] ? __pfx_tty_ioctl+0x10/0x10 [ 259.283990][T14193] ? rcu_is_watching+0x12/0xc0 [ 259.284008][T14193] ? __fget_files+0x204/0x3c0 [ 259.284027][T14193] ? hook_file_ioctl_common+0x145/0x410 [ 259.284053][T14193] ? __fget_files+0x20e/0x3c0 [ 259.284074][T14193] ? __pfx_tty_ioctl+0x10/0x10 [ 259.284098][T14193] __x64_sys_ioctl+0x18b/0x210 [ 259.284126][T14193] do_syscall_64+0xcd/0x490 [ 259.284151][T14193] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.284169][T14193] RIP: 0033:0x7f0ffab8ebe9 [ 259.284184][T14193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 259.284201][T14193] RSP: 002b:00007f0ffba5a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 259.284219][T14193] RAX: ffffffffffffffda RBX: 00007f0ffadb6090 RCX: 00007f0ffab8ebe9 [ 259.284230][T14193] RDX: 0000000000000038 RSI: 000000000000560a RDI: 0000000000000003 [ 259.284241][T14193] RBP: 00007f0ffac11e19 R08: 0000000000000000 R09: 0000000000000000 [ 259.284252][T14193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 259.284262][T14193] R13: 00007f0ffadb6128 R14: 00007f0ffadb6090 R15: 00007ffeb7398ce8 [ 259.284278][T14193] [ 259.284284][T14193] [ 259.284288][T14193] Allocated by task 5857: [ 259.284297][T14193] kasan_save_stack+0x33/0x60 [ 259.284317][T14193] kasan_save_track+0x14/0x30 [ 259.284336][T14193] __kasan_kmalloc+0xaa/0xb0 [ 259.284354][T14193] __kvmalloc_node_noprof+0x27b/0x620 [ 259.284372][T14193] pfifo_fast_init+0x125/0x3b0 [ 259.284390][T14193] qdisc_create_dflt+0x122/0x490 [ 259.284409][T14193] dev_activate+0x63f/0x12d0 [ 259.284428][T14193] __dev_open+0x432/0x7c0 [ 259.284448][T14193] __dev_change_flags+0x55d/0x720 [ 259.284469][T14193] netif_change_flags+0x8d/0x160 [ 259.284491][T14193] do_setlink.constprop.0+0xb53/0x4380 [ 259.284514][T14193] rtnl_newlink+0x1446/0x2000 [ 259.284536][T14193] rtnetlink_rcv_msg+0x95b/0xe90 [ 259.284559][T14193] netlink_rcv_skb+0x155/0x420 [ 259.284582][T14193] netlink_unicast+0x5aa/0x870 [ 259.284603][T14193] netlink_sendmsg+0x8d1/0xdd0 [ 259.284625][T14193] __sys_sendto+0x4a3/0x520 [ 259.284643][T14193] __x64_sys_sendto+0xe0/0x1c0 [ 259.284662][T14193] do_syscall_64+0xcd/0x490 [ 259.284683][T14193] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.284700][T14193] [ 259.284704][T14193] The buggy address belongs to the object at ffff88807b478000 [ 259.284704][T14193] which belongs to the cache kmalloc-8k of size 8192 [ 259.284718][T14193] The buggy address is located 8320 bytes to the right of [ 259.284718][T14193] allocated 8000-byte region [ffff88807b478000, ffff88807b479f40) [ 259.284736][T14193] [ 259.284740][T14193] The buggy address belongs to the physical page: [ 259.284748][T14193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7b478 [ 259.284764][T14193] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 259.284777][T14193] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 259.284793][T14193] page_type: f5(slab) [ 259.284808][T14193] raw: 00fff00000000040 ffff88801b842280 ffffea0001ea8000 0000000000000005 [ 259.284824][T14193] raw: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000 [ 259.284839][T14193] head: 00fff00000000040 ffff88801b842280 ffffea0001ea8000 0000000000000005 [ 259.284862][T14193] head: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000 [ 259.284878][T14193] head: 00fff00000000003 ffffea0001ed1e01 00000000ffffffff 00000000ffffffff [ 259.284892][T14193] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 259.284902][T14193] page dumped because: kasan: bad access detected [ 259.284910][T14193] page_owner tracks the page as allocated [ 259.284916][T14193] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x528c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP), pid 5857, tgid 5857 (syz-executor), ts 75907413730, free_ts 75889157643 [ 259.284947][T14193] post_alloc_hook+0x1c0/0x230 [ 259.284966][T14193] get_page_from_freelist+0x132b/0x38e0 [ 259.284986][T14193] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 259.285006][T14193] alloc_pages_mpol+0x1fb/0x550 [ 259.285028][T14193] new_slab+0x247/0x330 [ 259.285043][T14193] ___slab_alloc+0xcf2/0x1740 [ 259.285058][T14193] __slab_alloc.constprop.0+0x56/0xb0 [ 259.285074][T14193] __kvmalloc_node_noprof+0x3b1/0x620 [ 259.285092][T14193] pfifo_fast_init+0x125/0x3b0 [ 259.285109][T14193] qdisc_create_dflt+0x122/0x490 [ 259.285127][T14193] dev_activate+0x63f/0x12d0 [ 259.285146][T14193] __dev_open+0x432/0x7c0 [ 259.285165][T14193] __dev_change_flags+0x55d/0x720 [ 259.285186][T14193] netif_change_flags+0x8d/0x160 [ 259.285206][T14193] do_setlink.constprop.0+0xb53/0x4380 [ 259.285229][T14193] rtnl_newlink+0x1446/0x2000 [ 259.285251][T14193] page last free pid 5854 tgid 5854 stack trace: [ 259.285260][T14193] __free_frozen_pages+0x7d5/0x10f0 [ 259.285277][T14193] qlist_free_all+0x4d/0x120 [ 259.285294][T14193] kasan_quarantine_reduce+0x195/0x1e0 [ 259.285312][T14193] __kasan_slab_alloc+0x69/0x90 [ 259.285332][T14193] __kmalloc_cache_noprof+0x1f1/0x3e0 [ 259.285349][T14193] vlan_vid_add+0x2ee/0x750 [ 259.285367][T14193] vlan_device_event+0x1a39/0x2620 [ 259.285386][T14193] notifier_call_chain+0xbc/0x410 [ 259.285408][T14193] call_netdevice_notifiers_info+0xbe/0x140 [ 259.285435][T14193] __dev_notify_flags+0x12c/0x2e0 [ 259.285455][T14193] netif_change_flags+0x108/0x160 [ 259.285476][T14193] do_setlink.constprop.0+0xb53/0x4380 [ 259.285499][T14193] rtnl_newlink+0x1446/0x2000 [ 259.285521][T14193] rtnetlink_rcv_msg+0x95b/0xe90 [ 259.285544][T14193] netlink_rcv_skb+0x155/0x420 [ 259.285571][T14193] netlink_unicast+0x5aa/0x870 [ 259.285600][T14193] [ 259.285605][T14193] Memory state around the buggy address: [ 259.285616][T14193] ffff88807b47be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 259.285633][T14193] ffff88807b47bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 259.285652][T14193] >ffff88807b47bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 259.285667][T14193] ^ [ 259.285679][T14193] ffff88807b47c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 259.285692][T14193] ffff88807b47c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 259.285701][T14193] ================================================================== [ 259.285711][T14193] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 259.285723][T14193] CPU: 0 UID: 0 PID: 14193 Comm: syz.3.748 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 259.285746][T14193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 259.285757][T14193] Call Trace: [ 259.285763][T14193] [ 259.285770][T14193] dump_stack_lvl+0x3d/0x1f0 [ 259.285793][T14193] vpanic+0x6e8/0x7a0 [ 259.285820][T14193] ? __pfx_vpanic+0x10/0x10 [ 259.285852][T14193] ? __pfx_vprintk_emit+0x10/0x10 [ 259.285873][T14193] ? vc_do_resize+0x80a/0x10e0 [ 259.285907][T14193] panic+0xca/0xd0 [ 259.285943][T14193] ? __pfx_panic+0x10/0x10 [ 259.286013][T14193] ? end_report+0x4c/0x170 [ 259.286037][T14193] ? rcu_is_watching+0x12/0xc0 [ 259.286057][T14193] check_panic_on_warn+0xab/0xb0 [ 259.286084][T14193] end_report+0x107/0x170 [ 259.286108][T14193] kasan_report+0xee/0x110 [ 259.286132][T14193] ? vc_do_resize+0x80a/0x10e0 [ 259.286156][T14193] kasan_check_range+0x100/0x1b0 [ 259.286184][T14193] __asan_memcpy+0x23/0x60 [ 259.286202][T14193] vc_do_resize+0x80a/0x10e0 [ 259.286228][T14193] ? __pfx_vc_do_resize+0x10/0x10 [ 259.286249][T14193] ? lock_acquire+0x2cd/0x350 [ 259.286273][T14193] ? rcu_is_watching+0x12/0xc0 [ 259.286292][T14193] vt_ioctl+0x2ca4/0x30a0 [ 259.286311][T14193] ? __pfx_vt_ioctl+0x10/0x10 [ 259.286328][T14193] ? tomoyo_path_number_perm+0x295/0x580 [ 259.286387][T14193] ? rcu_is_watching+0x12/0xc0 [ 259.286405][T14193] ? lock_release+0x201/0x2f0 [ 259.286430][T14193] ? tomoyo_path_number_perm+0x18d/0x580 [ 259.286453][T14193] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 259.286476][T14193] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 259.286505][T14193] ? tty_jobctrl_ioctl+0x152/0xe00 [ 259.286524][T14193] ? __pfx_vt_ioctl+0x10/0x10 [ 259.286541][T14193] tty_ioctl+0x65e/0x1680 [ 259.286565][T14193] ? __pfx_tty_ioctl+0x10/0x10 [ 259.286591][T14193] ? rcu_is_watching+0x12/0xc0 [ 259.286610][T14193] ? __fget_files+0x204/0x3c0 [ 259.286629][T14193] ? hook_file_ioctl_common+0x145/0x410 [ 259.286654][T14193] ? __fget_files+0x20e/0x3c0 [ 259.286674][T14193] ? __pfx_tty_ioctl+0x10/0x10 [ 259.286698][T14193] __x64_sys_ioctl+0x18b/0x210 [ 259.286726][T14193] do_syscall_64+0xcd/0x490 [ 259.286750][T14193] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.286769][T14193] RIP: 0033:0x7f0ffab8ebe9 [ 259.286783][T14193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 259.286800][T14193] RSP: 002b:00007f0ffba5a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 259.286817][T14193] RAX: ffffffffffffffda RBX: 00007f0ffadb6090 RCX: 00007f0ffab8ebe9 [ 259.286830][T14193] RDX: 0000000000000038 RSI: 000000000000560a RDI: 0000000000000003 [ 259.286842][T14193] RBP: 00007f0ffac11e19 R08: 0000000000000000 R09: 0000000000000000 [ 259.286862][T14193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 259.286873][T14193] R13: 00007f0ffadb6128 R14: 00007f0ffadb6090 R15: 00007ffeb7398ce8 [ 259.286889][T14193] [ 259.287184][T14193] Kernel Offset: disabled