last executing test programs: 6.096409252s ago: executing program 0 (id=1534): socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@rc={0x1f, @any, 0x8}, 0x6e) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x4080, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) adjtimex$auto(&(0x7f0000000100)={0xf332b70, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x3, 0x0, 0xfffffffffffffffe, 0x80000000368e, 0x8, {0x100000000, 0x10000}, 0x5, 0x8, 0xf, 0x7f, 0x0, 0x80000003, 0xe4, 0x10000, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000500)='/dev/video0\x00', 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffd]}, 0x0) r3 = prctl$auto(0x1000000003b, 0xfffffffffffffffd, 0x4, 0x5, 0x7) r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) read$auto(r2, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x7, 0x0) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xc9\xb3\xbc\x8c\x1dga08\x90\x86\xdde\x1cJ\x99\x00\x11:\x14\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xfe\x80\x12\x00\x00\x00\x00\x00\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd8\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x3) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(r0, 0xc1105511, &(0x7f00000013c0)={{@raw=0x9, 0x7, 0x6, 0x3, "bbccbcd7d12c37e3395149784620ba1de5bb291c240924299031a6348f25231d691516434db1ac931d1b6193"}, 0xd4, 0x8, 0x1000004, @inferred=0x0, @integer64={0x0, 0x5, 0x3ff}, "753d362b6b19e500aade1df474a7070006556879118ced5f0443fc394539a568ed7fe70733f110654b446d578bd622cb010000000000000000000800"}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fcntl$auto(r0, 0x10000, r4) read$auto(0x3, 0x0, 0xf34) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x1d, 0x0, 0x9) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000bc0), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'veth1_to_bond\x00'}) sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_LOCAL(r3, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="1b9508fe", @ANYBLOB="56f7", @ANYBLOB="050323bd7000fbdbdf250600000008000300", @ANYRES64=r5, @ANYBLOB="f2a1eded06aaa69faabd6e1e42b475eb4785ad41ba392ccca27500286f80f7183a5a6992cc37"], 0x1c}, 0x1, 0x0, 0x0, 0x40008}, 0x4000040) bind$auto(0x4, 0x0, 0x0) write$auto(0x3, 0x0, 0xffd8) 5.832850555s ago: executing program 2 (id=1536): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, &(0x7f0000000080)="f5c94556d7b994ee4c7d6b000087cfce41d8b86d8574badc") mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_vport(0xfffffffffffffffe, r2) unshare$auto(0x40000080) close_range$auto(0x2, r1, 0x0) r3 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0xfffffffffffffffe, 0x580f, 0x112f4a03, 0x8000000008011, 0x3, 0x0) madvise$auto(0x0, 0x2003f0, 0x15) getresgid$auto(0x0, &(0x7f0000000a40)=0x2, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xe0002, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer\x00', 0x40, 0x0) setsockopt$auto(r5, 0x1, 0x10, &(0x7f0000000280)='\x00\x15\x8d\xca`\xbcgY\xd2w\xf6\xaedN\x00\x00\x00\x00\x04\x00\x00\x00*\xaaL\'\xab>q\x9e\xdd`\x84_\r\xc2\x17\xb1\xaf\xd2\f\xfd[Iy\xbb*$\xec\xca\x8b\xde\xdcV@\x04+\x00\x00\t\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\xc3\xa2\x1a\xf1\xdf\x12\b?Q\xec*\b`\'\xfe\xcb\xe9\xc0\xf4\x119\xf6f\v\xf7\x13\xe6\xd8\xa2\xd3\xfd\xa7', 0xba) shmctl$auto_SHM_LOCK(0x1, 0xb, &(0x7f0000000140)={{0x4, 0xee01, 0xee01, 0x6, 0x8, 0x21, 0x6}, 0xe, 0xc4, 0x1, 0x4, @inferred, @raw=0xc000, 0x3, 0x0, &(0x7f0000001a80)="a5c00f40340fa958de6d578a330f468f8e79e611e070a2794318ca53c2ced0c1407739c7afd170305a57170c9c9453e0d25d7eed3a2698fa9ca3b1d10c7c66ea66126d991610fdf6fab62d6215e395cb93222b9c82e58e6f515f14787def27dcd9f640f5b8477add4b441a301f6b3620bdbfeb5833a4e601bb0286c340667474ac62ff89404c7ebb7d5b77b500121371162923eee5924654ae8d89ba6cdc2573ee8af666dc51ef1ad6bcdbd276b658aa189606a71429dacae5f2e36ec5229c5f14192171e87d82045625335bbcc3f0d1a68378443c1878d83cfd19ec73299db72bccf199c53c50c8cfd3a1b479d6a9ccbac6af4c4784fac1399ca46e235cc4933c255816901a68ddf696853e279aca8951de34743584292732aedb14f8f2659712a150fea668b7cfaa1240ba43b75b5dbd56e3102ae09c692dfbec84f022f787172b82dad6033dd16e5069efd2c6ff676e90309ab45f102bca8b39fb337a362171849f4271aa0cf84a8b6abc983a79b70f1d3e9ecf88679a93350ef1fdcc665bd1e75f38afae7ff404fcb39f3816684a4acffa2d98fc16f31372008e804ef795b3176947dad1265d3610abd39836aee9500169e11d30384ce44d190e61e92c00d4deeb09bf9af2c30e1b96400ef6d8608fcae829930d266ead4235cb61d3fa389172fae808ab20de46290801cd6c6c83589344d57e98b8bd66f3651c50e071e85a6c60f5054a4bbede1931e03bdb5b12798b4fe03024f4d53afa590bf7930daab1df9e056e66d5ec8d0fbf2c0ed02c4679acbf2c94729f9ea68d193797b21b30e1ffec7e5552bb856f34406276a5086ef63a9d60d7bce6575f23df0357b7e4a4277dd064a95db8ee9922156d0b790ac49a57957fb21323501114df2d8b68fbb92e49e4ed703fb8c2f1aa42aa8650ac38b850d5995f47a81b98b6cdc01c9e00ce5db768103d95f211a941d4167115198bb7deb3eb2d694177bc4b8828c2c01287e091f72228980e8491ff7d38799809e9c0c0361fada59caec594ded6a7826a85c28e54297511c9a3c924f735dd74451061b560df7b4fffce6bcfe475ddf2e05b0e4ffa20276db28e7942c6dcd2a98b897f6113751fe01431b0c187f703d83b702c9bfc385eb3284afb6d5515cee864b32e2924da1de73f12eaa7fb3355ac8858126b468468e53b6e714741920d417ed6f7904c34024f14f52213a363be3a3944934f502e7a4099ddeee462069e224036835cf206e8d385ea9d74360d5f70101d65eb563ce86ae3ce6251cf23e5e6c6b81011590ece0ca9e5bddd2f32cd7ed8c4643a2aab9d9c18166c01a6a0861c066e5f8d521d704ec1bd9de33d0890a7378a0f5620249539628b03270720623b7722a51e2fc6aa9032a1b99ff07b05dff3dbd11ff8e5cd2d9aa1aa793416ec0fccb455bdbced268c05dd16cab37783d509f827cafd3bb1a1ac36de17a37dac8bdb305c783018505fba96dc925027c5feaa5f676a6ad20f12a3224c460295eddb38ca3b14c48f458521d58d3038b6e9c820f62628122d863ec5863cf2a8c9a0c230e0eb5640c41d20a2a162d76392737e2ad9425786527e4e0df20e54f4df3f1a4db2d0e32f81526e16d3d748ef5a99abcdf2162162606dbebf12fa5da145de8cb789c92517ebae87088a5b7b8867d50017a7b8fc90af618a92191afe40a5d8d6eccffe029a016784f4773a4b05fe576bc12dec2ff1fc7b283c5adfb25048819b6cd1e2a5d6d338b98a73a0e25492895ef5a66b890c9f066352244bfb4a77ccb118ab2ba7b9582d76493257783951b5edde296cbecdf982189eae1febe0248c9c60c1d7dbb52aa5f21869816740653dbf13bbc2539a59b05fe34b965acbcabfcee86a1f9e8a1878abc169b72a1ca9185761fb598f3e3aa10f28ebfa8465162b2ed882ac87088d7c860d3155206885bb801e3e2fe6776732d0af1be428b3353bfe08a93b55cca532927fbeb3964bf7b77a8b794dcc1b8e347bb911412c5ebd42fe5ffb1b3bfc8048acd0aab9f590f7f166e4c9f510aa80d1e9f679d29c0e95a854d60e37053093fe7680b42cbe62ffe0111a801e4f3015420161e35c9c52a42098a1448ade36dacf0012dace15c0b0b991b8d1bd39e1be3d1c87ecc570053a794f1705b8c598dbacb04910017b2e17f6a5767de6565357f4458db634fd19bf6dbb5b3eb7bedb3d4844d63b925cf371cbc3266f18f8ff4a64087e1b908887a2a1b4e1b8daf11a45eae3009dea87d5d0a9b3a9ba8a18845845124c6be2ec4109b9e50cb6b8157c64c6a6ed3fb5adfce8eb3527004caac3ba2e29bcec48f89d141196b07ab760fec8c7ec668bae35507934e55d7014a528dcb8d6b5cb04b52c39d3f044c68e125c61135551464179e3478663f585232e6883be0d320c9c61bf30b92146d02036d4c7a1738b5951352f8114d22e1866bd58afe10c688e09209da1192dc4eb634ed0838358d5382b4bf6ec4fed8ab866ec3fa3988f120c37705a9f3c701b82f7d425904645a6e2684dd7db3b90f6cf014874fa653fc9630f412007ede274757f8157bbdbe9bdc70239fc702b2fe9486da8bb5665859eb6eee2a5740c38950915eecb3803ee7c1ffee51b1001975a4c42e69120a93c074c9835fea282c25ed5624370b1ce8e45a4e41c3df7f6970f7874860fff7d65550c2a96d289844bf6ffdb02d469ac47923d53885edbd4255272ce52b9af27aa38fde57aff10481d507c0f9ebda08879406df6215e459134eb9e55cc4cfe713c414bcaa68f0f765ee6a20c2bbce409cb3e882d05e77ab0d76076b6989d0797518f7081046b6b7f1c7c696e33638a4260ca1c255417551ba5a611b77fdc04fe3c691665890939ebaee8a6f3636d87506939cc02c7674c05213a1092a155f67a3cbf787f77e38030119f2ed532dc7270e5f3f62271400018086393c4b09699bc3ccc1a6454de1c08cd737426a4828a56785f6dccaf935f05c5095242f7ad09548adb419004209460189c1311dbc13dd1f24d09c7c74df547f93f452bb59b65f75b447aa2fddcaab252d6c63750c3574353a0e7691d079e4dabbb0ff7db4c39712b6222c6da2b008fb5dd2d64e998a39227472384bb4ba9c3f1d8da9593f603b3d5e52259372b172a9deba4b4d23113a45e7bf6f9c78f7a449e5e324ccfe5ea0dc5b88781ca1af811615217d6b56065f4fedc3da5d27da051dd8d900e960f1b61f72cced1528eea46606b342414e0ef5a5083aa8f49d18f9de0340cd45be62b958375d62dc1f8216d4cf15b466769f669059510aeaef9f7535f2a05eb2de1be7ed974fd16bf125a2ddcf3c6e195331af29275f7655b412d0a9385da6066471b19698596dd274ecfcf204701276787f34ffb6d448f68df5b2557e79e5b86d5277c9a565c4ae8ce3bd7bb6ebec68370764eb52346b39e6e07d99c9a446ef2a629dde2098eca0f9114d6e2b4d0fdc3135027ee4b6008e2eb2c97ea022013f50a41e09a74e058825dcd6b22c73a1d0545c492f979ca3f962e21af39155f2ac4d2ae78fa6ba58ccb5013c53b9d3a3420389232a0030b0fe0a5ee1d64d421698f64870f2cfbc2b7a5e2c5bea15a9c2ecc379895a26422f030971f1f31fec1017112512c9b9c4e511e5847ee838241389040eff7d40ba3db153ca8f9cec2a8f3e46e0147f97617151a1a7814cfc899384fb8231e48f59a512e152dffd4eeab46bd9932575ba8da816f942cdcf339783dcded97845235885e457354f00a31daa37d5d022f0f74ecbb72e8106dc485bcd038f8460d709078cd8be9e7433b4f326e5d1d2db31bcf879b92bb77d44d10c1e8f17dfda23c4fd53d5d6e96d9df35f7c7aacd68db032fdb6528774c4434fd14fbd533db332da33ca8a577a4c6aa67f2efb96b3c20d6731cc71b40e17485004dafee1c160219e2d5c294699dbf804a9515815aaabe94c3cae63ae135a4fb91390a0233f7af57507f7e024ea6b7967bef2f24d0ea6d7bc4be591b48c1bc0ad6b2933285b7afa7929515e0999ce54db6cf101e7b4eb5af5b8d6df50d4d0a4ce6985e5349620024371bea93bb6b56a160d72f486b191b4b17c6ece0195b8e6b0913c026adf482da06372352ff310d10ff0ed423f9831af929634a5666e1a0e26578410d74c708c51f229bb46a3c6f98c971eab2f6771f816da738e0e617c4370230c7a2770fbf281335e2dcbfc60a5a2771272f0c976628d32dfd8c2d3eb721e15d5f4f9e1d644947be4344849ca32bd2599ad1fdb0758a8aee2476e04f6034692e765f2fb9f2441d27ba36221a7e0fc96f3f5618f9f80ca8ace453a83f807451475829d2829809f5cbacd2667820a61ca52e154313912338a802dbd0bac87fd099f575e962e3e7450454883df8fbd26a007666e1feb21b4c1f6165f45fd88387eaf049b0adeeb9bb6a6e13e42bb1de6d5028c2db598ffbe7efc1cd59790cb03e8ea467e000bb806d08f683ff388d8c2c0a84d377d9901e2857567c99edb59051379e1513f157269d047886ff5faf628a595cb00ebbc17edc353db52d7e0c373102c0a2d515c0141bbfd54d0ee6ebb2e348ee61d4cf6b670394a577089cb943d2653f15c690ea9cb0317270e01e48e9fb85dabd51ce2cd83503312c54f16029e8a39293170a20060257790e5e248aaf67d88c938de3d4c1cbb9b976adf7688fd1b260bd53bb3548e2e60a53ea821fb66c18f22692ad85c8e55af4231eaaad1ebb187a62f077413560e04e7a8097653071bf5260b10a3957030d1f956ab17efb1f19ee927de31794f00fb3cb03b3e022189d6c4af46f42b183a1a54f498827431778525cba8ab1df7b65f20f73110f87a06db374514d7c803ec7233f45bb42633fc03d0a8a278022b43d37f0197f3a6b5f62551a64c8a1b2b30afa86d409ab96fbe8ada6130ee0f89ac6c8f82083206c0f614b2cbcf160d7db089fefa89c51f4c6a36e9b5657a9719f27e6a4a916acb951a7893898e18a13fffb87d8518000ae613d924e845a934bfbd1b79b69c4892a9bd355880a378c8ead3a386025225c8ce02f7a04a24c0be7f7ae95783cb7518f00f8e16d54bae30875df723891a2a30113cb689143f6f6cd86299f78c0c2d67f7855e978126601cb2385572fcae0ccce5ee71f811aa44e567ebe4342b0e8c1486a5f70078c76efbf41d5625c0b8328316a71c73ecc8c79387d30730bc86a2e43e8468d95704cade9887e41c3ca3b90e02096e39dd63535c184924f6037418dac63b6261e083d43cd4116a32b4ff102c2564fac06c752815c1c221edeb186e719e624ab88ffa20ac7e75b9321722d345efbb3c82b2d7871cde0d18b9f2736297dff4a77e675e675d2c8f6a380915ea6fef0f0bd9c2aef0727177782863801e38b07bdeda10a46d870813887e51a75fbbb2d5c752b9dca4ba74e8388464610d43fd4ce914fd30db40e7c9c259e15f6fa24f53f0ea8fe3e56943ae84f5256d98b9f86ee88ba5f6fce2cd0b855f46a20ebbf230ae80183336c04239d93b554559034a7eb7bac64ef661a0f3735f039187792facb1cc4c2c1bfd1a54c284dde2b3a944a5d975aeb51545e93725492b67589ea5b63a87e0db1810ecad7f9c15a2f6c01a072f694a80f8c38cfa428ba12b53cadc65249a4011fd133dcf4e1a7df2f131a60c299a0760a0405fec1716866d9c9ff9238806512b182862dd96b073281b4d5ccae281a79a9f9af940311d15a6a99683d3c54010ef6082a1000e7bc00ccc90561460a2165cba1bb3211fe5690e397df73b46401afeb3e72374931a8693be10b1c78", &(0x7f0000000100)="1cfea226afee7230e297059be3436ae7a67d7f5336634091a2c1af4ccc7e78a6898951568fc2c0a1d35788ecdc183c0d14"}) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r4, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002cbd7000fc0000000800050002000000050006000300"/42], 0x30}, 0x1, 0x0, 0x0, 0x810}, 0x4000080) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x48041, 0x0) write$auto_proc_reg_file_ops_compat_inode(r6, &(0x7f00000000c0)="4c2a28c58ff9e9995b91a7d23b2a5a2f88", 0x11) mmap$auto(0x0, 0x5, 0x4000000000df, 0x40eb1, 0x401, 0x9) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r7 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) read$auto(r7, 0x0, 0xb4d3) write$auto(r0, 0x0, 0x7ff) write$auto(0x3, 0x0, 0xffd8) 4.740543978s ago: executing program 3 (id=1538): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/036/001\x00', 0xa901, 0x0) lseek$auto(r0, 0x8001, 0x4) unshare$auto(0x4000007d) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) prctl$auto(0x6, 0xe, 0x0, 0x68, 0xee43) settimeofday$auto(0x0, &(0x7f0000000000)={0x0, 0x6000}) getsockopt$auto(0xffffffffffffffff, 0x10002, 0x2, 0x0, &(0x7f0000000040)=0x2000000) mmap$auto(0x0, 0x43, 0x7, 0x15, 0xfffffffffffffffb, 0x7) r1 = io_uring_setup$auto(0x3, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000340), 0x108800, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) mmap$auto(0x0, 0x100000000, 0xdf, 0xeb1, r1, 0x8000) close_range$auto(0x2, 0xa, 0x8000000) io_uring_setup$auto(0x3ff, 0x0) mmap$auto(0x0, 0x8, 0x1e25, 0x10011, 0x2, 0x8000) mprotect$auto(0x0, 0x5, 0x8) close_range$auto(0x2, 0x8, 0x0) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, 0x0, 0x600000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyy2\x00', 0x20140, 0x0) ioctl$auto(0x3, 0x80045438, 0x10000000000402) mlock$auto(0x20004, 0xffffffffffffff36) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prctl$auto(0x23, 0x1, 0x2008, 0x0, 0x0) r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r3, 0x5522, 0xf15) 4.590598574s ago: executing program 3 (id=1539): r0 = openat$auto_ctl_device_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x8040, 0x0) r1 = getsockopt$auto_SO_DOMAIN(r0, 0x800, 0x27, &(0x7f0000000040)='\x00', &(0x7f0000000080)=0x3) write$auto_uinput_fops_uinput(r1, &(0x7f00000000c0)="f2220fca9d618db5b23e288f0f3d9fd6a5182f8d35c7cb1bab76785eb58200e13d7700f8e57604f17e7688c72fb83999404931c4415eab98d3548b99cfb06ff93dd7e4624fee5fdfc209d42c56e45b77d54004a01e4c0c02cc221171ec1384dff7a642dc26a88109046f5ce33ae421f62724e5dd8320b7e1f1ea1830cbd097e6e2158213810a40544201d24c7fe87c6ebbcaf414c6a08959790fb335714d725c7f7868efc20084da3a98b8dabd53447cafcfc66e2e6f176e4cfb02dbfe3a540444b10e76cd67f812d113ea275fbe8277ae5ef88c24f4773f6a8705f641efd322c5586108856bf03c15e13007969bdc", 0xef) r2 = fsopen$auto(&(0x7f00000001c0)='\x00', 0x7) r3 = fsopen$auto(&(0x7f0000000200)='\x00', 0x9) mlock$auto(0xfffffffffffffff9, 0x0) r4 = openat$auto_fake_panic_fops_(0xffffffffffffff9c, &(0x7f0000000240), 0x8a0200, 0x0) write$auto_ftrace_event_filter_fops_trace_events(r1, &(0x7f0000000280)="3025c8e627b5435adf3cdd861c82b59bfd47d035dde17d25d86f055d3246a5a0ff4ea8e0b79069c57282a3270b881c07560ba8848c60e33ece21d108ae946b1df018ba6e58ff049a5e001e5abff1f4d13d8be1573f4189cb27c28c535a1d3e306b374ad2f5dccea199167edeed418a895b", 0x71) r5 = open(&(0x7f0000000300)='./file0\x00', 0x2000, 0x3) r6 = openat$auto_clk_summary_fops_(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/debug/clk/clk_summary\x00', 0x100, 0x0) r7 = getsockopt$auto_SO_KEEPALIVE(r6, 0x1, 0x9, &(0x7f0000000380)='-&/-%/%#,\x00', &(0x7f00000003c0)=0xa354) r8 = syz_clone(0x108000, &(0x7f0000000400)="6e4d2bf93ed4e755701589292b376cc33f241618770465d5dfbd8b08282fd14902fadf8642db78c3d881f838fb39965fc19a62adbb38e1aac6a6bd73", 0x3c, &(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)="da50ba580a5eea448ff171b8aa54f2f77a25c1ccb61ac6bcdefc24d811c228ae5a79984a6664166cfe2e90bb663e75098cdc77a622efaa2d6b7ed4131b809f3463fb1718ed2aceae29a80e2f3445cb2e805b1f530b4326e60031c477f4d00137a780523d634cd0a4f8692fab50df40c39c97872acbda37ce3b74ebd53507ba5b69ae0ec307ffac4ad204d944459b93fc9c7fc63dd80820b0ce45005d11d27214ac8c8269eed374482888") ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000580)={'macvtap0\x00', 0x0}) connect$auto(r4, &(0x7f00000005c0)=@can={0x1d, r9}, 0x5) r10 = getsockopt$auto_SO_BSDCOMPAT(0xffffffffffffffff, 0x86, 0xe, &(0x7f0000000600)='\x00', &(0x7f0000000640)=0x7) r11 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000006c0), r2) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r10, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x1c, r11, 0x2, 0x70bd2b, 0x25dfdbff, {}, [@NL802154_ATTR_MAX_BE={0x5, 0x10, 0x9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000080) r12 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f00000007c0), 0x280, 0x0) fanotify_mark$auto(r6, 0x9, 0x1, r3, &(0x7f0000000800)='./file0\x00') close_range$auto(r0, r4, 0x42c) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_UNLOCK(r2, 0x40405515, &(0x7f0000000840)={@raw=0x10001, 0x8, 0x1, 0x1, "cf21143c2c121b5eb37f63917c344199b2123d772643d77ee2250dece6d091fbbd7dbf4ac107bdf95bcd15d4", @raw=0xf}) mlock$auto(0x3ff, 0x101) getsockopt$auto_SO_ERROR(r1, 0x4, 0x4, &(0x7f0000000880)='/dev/dvb/adapter0/frontend0\x00', &(0x7f00000008c0)=0x4) ioctl$auto_XFS_IOC_FREESP(r7, 0x4030580b, &(0x7f0000000900)={0x3, 0xa, 0x8000, 0x2389, 0x7, r8}) rt_tgsigqueueinfo$auto(r8, r13, 0x81, &(0x7f0000000940)={@_si_pad}) mlock$auto(0x6, 0x3) io_cancel$auto(0x3, &(0x7f00000009c0)={0x1, 0x5, 0x5, 0x5, 0x4, r12, 0x7fffffff, 0xffffffffffffffff, 0x1, 0x0, 0x8, r2}, &(0x7f0000000a00)={0x2, 0x2, 0xb, 0x7}) ioctl$auto_FBIOPUT_VSCREENINFO(r14, 0x4601, &(0x7f0000000a40)="aff459c0904c0a14ec42bc87326f69f7a64992adf8b88e8313741ea69515e12ff6b1e44f003d4b9cbe83e6588ee8c43505e40f5876a19310257f323ff75d9b7aa1d815fcbbd3dd045745c773bf2a83d03a4b61760daed3c665565aff309d35d4b98c38e639658d91c68bb924187906218f8caf72d992a10ba83b30cb8b69e4a42d9be0a094bfa14e4bb336b4323c37450239") clock_gettime$auto(0x869, &(0x7f0000000b00)={0xd, 0xffffffffffffffff}) ioctl$auto_TIOCMBIC(r3, 0x5417, &(0x7f0000000b40)="c6a33bacaedae5907af530b92bb2ad94d2a31406d3ced9a634e0b2d89c8918891b27fdf1a3f7467435e8273affe2ea00b71678152d92c53a2ecc300304dfe75f75a36edfcf8aedc16e6152a6e02581512f98a1367e6c825d7cf12c48560ca81f2bf3e00a5d4b9141243b3b6249916693e3ce972e96e6b099b76e972688e8a0165d47a04bd50584e17a3e2c24a1b852e4079d2841603fe1aab85932d38bf4f1408457e3d173a9e661b67fa210c0c1103e8c9a327d13c243c09f5dcae1f6e34ddc8892771d74471cf672177cd1e1fdc5d53924ca5e065e73e6267d6f37fd83ea793fac2260fa57d1d9334721995148") 4.215083637s ago: executing program 0 (id=1540): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop6\x00', 0x8081, 0x0) lseek$auto(0x3, 0x0, 0x1) (async) r0 = openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, &(0x7f0000002840)='/sys/kernel/tracing/trace_clock\x00', 0x8000, 0x0) preadv$auto(r0, &(0x7f0000002940)={&(0x7f0000002880), 0xa93a}, 0xf, 0x1, 0x6) 4.051293605s ago: executing program 3 (id=1541): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) setresgid$auto(0x800, 0xee01, 0xffffffffffffffff) setregid$auto(0xee01, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mbind$auto(0x0, 0x2, 0x2, 0x0, 0x7, 0x0) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) madvise$auto(0x0, 0xffffffffffff0004, 0x19) syz_clone3(&(0x7f0000000200)={0x182000080, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0}, 0x58) kill$auto(0x0, 0x21) madvise$auto(0x0, 0x2003f0, 0x15) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x2841, 0x0) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1d, 0x3, 0x1) mmap$auto(0x0, 0x400008, 0xde, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) (async) setresgid$auto(0x800, 0xee01, 0xffffffffffffffff) (async) setregid$auto(0xee01, 0x0) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) (async) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async) mbind$auto(0x0, 0x2, 0x2, 0x0, 0x7, 0x0) (async) write$auto(0x3, 0x0, 0x7fffffff) (async) write$auto(0x1, 0x0, 0x80000000) (async) madvise$auto(0x0, 0xffffffffffff0004, 0x19) (async) syz_clone3(&(0x7f0000000200)={0x182000080, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0}, 0x58) (async) kill$auto(0x0, 0x21) (async) madvise$auto(0x0, 0x2003f0, 0x15) (async) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x2841, 0x0) (async) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) (async) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) (async) socket(0x1d, 0x3, 0x1) (async) mmap$auto(0x0, 0x400008, 0xde, 0x9b72, 0x2, 0x8000) (async) 3.947834524s ago: executing program 1 (id=1542): r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x40100, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, &(0x7f0000000040)={0x4, 0x6, 0x200, 0x9, 0x4, "a710e7cde3a5d69dee706cf2fc448f89d9b4038d5441e570e7677c80b48cd7afc3df732a4f4a4793232ccf82012cb5c9b45b6c95fe22f7afc636444b"}) r1 = getsockopt$auto_SO_SNDTIMEO_NEW(r0, 0xbb4, 0x43, &(0x7f00000000c0)='/dev/sequencer2\x00', &(0x7f0000000100)=0x4) mmap$auto(0x8, 0x7fffffffffffffff, 0x3, 0x1e, r1, 0xdd3d) timerfd_settime$auto(r1, 0x5, &(0x7f0000000140)={{0xb939, 0x853}, {0x92, 0x8}}, &(0x7f0000000180)={{0x1, 0xfffffffffffffff7}, {0x1, 0x1}}) syz_genetlink_get_family_id$auto_macsec(&(0x7f00000001c0), 0xffffffffffffffff) r2 = semctl$auto_IPC_INFO(0x200, 0xc, 0x3, 0x5fec) r3 = prctl$auto_PR_GET_AUXV(0x41555856, 0x5, r2, 0x7665, 0x8) preadv2$auto(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200)="5414d816c864bdccfb78e091b6875dff99ffe54a5340feb6280b89c5883c98a2a30296a775039dfc36a98fac13dd8917433b2ee0f4d55cad0c9c23e4d46cca5d05e0490e300bd6223bfa3c95221fcde6bebf83c6bdfbaa2de84059b076c785ed4f31d731be47ad3f5f005e6a8d152f42ad4a072bacf40ec2632f7b8f8890bd857490ad50e56469fabb70a7ecd72e7aa3379d293d75e6843636939b5cf050497462ad54a0ed9df207e43d062e", 0xe}, 0x4, 0x6, 0xff, 0x8) r4 = socket(0x1, 0x1, 0x5) close_range$auto(r3, r4, 0xfff) r5 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000300), 0x10002, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_TREAD_OLD(r5, 0x40045402, &(0x7f0000000340)=0xffffffff) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000003c0), r3) sendmsg$auto_NL80211_CMD_STOP_SCHED_SCAN(r3, &(0x7f0000000c80)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000c40)={&(0x7f0000000400)={0x828, r6, 0x8, 0x70bd2a, 0x25dfdbfb, {}, [@NL80211_ATTR_IE_PROBE_RESP={0x2e7, 0x7f, "92141b4fa2960d45981d911563cc4110cfb5e253e91a728ee3c2df363e238246ee2cfc6fa36a87a1fe076b5a4a7475d8e7198b2b5215fdefced67f1273d13623bc2e3a4950a8d417e20b08444a5d23548dc310b3b3414e93d4bc5a30a758005285a90be4a72de659d1a13bd13f955fbe42dd0ae6141edc10c8dc29b57a0be560907b543a942224dc65e2ee9000510cc39ec9f81af0ed33e97b5709edd508af6ea429522b56578121c2dac43980fbd1f6ebaffac6f69025e009055e2de89deb2b91b699d0e1c71e37e369e38f5269dae5b313bd08376ecd48d14aa333529e247e3e871e0fb7abd7259182163b79a7fde349549d61242451b1a447876098bb9395ab12381007b309c72fd5a22fc70637e26f6e81c0dc62341b5d734e3e6978a457d83373af4e61fa04456a20dfd03e08cc992e2bb398aef44c293a9f0dfe4c0a1c4debb68861fba4aa02ac609755afff1718928be755ecccb8eb4ed6664a2aa63284999a32efae7ee4b6f38941ee67dbc710815338cde78697d099272821706c907c8a8a4a46157d479dde0b6b62c512100c848a169ec49db364f5a0730591fe5ca90232f2d560951fc1aad2ac257332ece48bad8962e9f2dd111224389b2e4f72e489a201ab34975421e331c5e678b054db3910d7d2bee5b67eb7027a8bad3e095930e99c8301ea81549ecb38e1f80c72c95ce92ade2cafef08d17e4ed4c77f5efef1b2b0dc7bb0fb1bfa3d021036be86d89f1cdebcaf52628e4cf32d939992561ab6bed34c6285e409edb1d566ad0a8cd400efec639170ca7d5b8bd3f19d86d1d30a98de74b850ac5398f9f2a946faa9ddfec7c1f42e3ebf8a85536813dce4922c34e12e7e623264d67d6439328b3b76e867ec834d623d61a7962ac86571adcaf40cf0f7a35589849e3bf4719c964954a908b5dc5f44044b1e1df07f3d99e8cf3f46cddabf72db7fbf6c3aead129e58c20b9b5e63424f469dc1cda7a0526c5b795ef7055b64943c37e4de463cefbec924fef6fb720884460304b99acd0cbd840d02f74"}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x8000000000000000}, @NL80211_ATTR_TWT_RESPONDER={0x4}, @NL80211_ATTR_PMK={0x2f, 0xfe, "409066b09c1c873f82604e72cacd0aff49a5bd6b0ef8b8a941025cb9007a2825a0fb62503c7270fda6dbe6"}, @NL80211_ATTR_SCAN_SSIDS={0x8b, 0x2d, 0x0, 0x1, [@generic="466ad7bff64119aa562fac2104738b2b4914f20fa7983ab6014d9497047bef81cf25706bbc02c569f5f4daf991ae3ddca6bb160ecf75fdf56d942db41a6f4bbe5400aef5be91b37d90d824bbceb2d6e314aa5b163be5476683ccc775fa066e3e46f820bf88a697a2b3be3e49f2bea7b2973f5f9117d804ee07f87fb4462f3d", @typed={0x8, 0x1d, 0x0, 0x0, @pid=r2}]}, @NL80211_ATTR_VHT_CAPABILITY={0x61, 0x9d, "655dc9e1e1eed639e9273d3d3de0145da57505d43b8b691cd939b5cc9dcfe13e3cb7fc71e3dce5c45a46126897a9fe3f39e04d94caf419df0545203a1fd7ac0fab0ab114737c4a3b4aa5ea29743d6084ee06a62d9917a2f4b0fa63ddd9"}, @NL80211_ATTR_PROBE_RESP={0x347, 0x91, "504f3d8a4c4a42bb8b9265eccfec68f3d677d976537443f72b9bfef5fbe502fc80fef5a5fd1dedd4472abfd3cbe26bcbfb4e80c1d7214738b3c085f031dc09c86cc3b546d7f5cb7fc76084ba885a47b401a2d80bbf8141201697867d8af9227bbc63b81499477acc5512e4df589a67988d3f115190fe3340f644f54bb730f339b95090950721854616c3788c4be7c82214cfde3542faad85faf0014532cf051050ee43d2113e3907d315af40872ec23a8fabe3e229e0cb93c6c17f505117119b1d903572d2b598f9d0e9eefe2ebcf4965ab31b2c923505854417686b7924b1767a5615d295ec7a442e89b3c8e9250fd8da2b113aac9f5b336d38bcad6952d5a11a2b669164671aeb213a87c936df10da77901f6cfef1443856d52cd235d2b9ff63b34a2bc12dfefae291745c819c269263319a112c3da04d23baf48dddca2c1089665c7879816349956dc1ff19577d042abd0027b6d59ba665fc2cf697cef2b533470cb0cab5c25bca6dc7339e8e6daea70577ab2341e0b583576078765c1556195d6582bc4d01f9aaeb38d04549de3115600ba6a4d797833c8458a640655613e168d08c2a008b60038ac926000181dbf464989fe94c23816d56e276b681353178d6a403a2b28663357980bd9943d5b94db4d09503ea8d9de8d7e16db374ec31475b14e75ab5fd91b00ce5fe3efe3929d1e57ccfbf3a812d4dd9e61925b207f1c6b164fb62e9dc9913819562236e26102d83483fca1a34b7bb0378c4803350f4b65c557ab2115adbe2541466b3826783f47c925071e2681ed18fa0206733b1990fad6de4b61667148b833fe39384f8c5282b5b0d72dd5e3ca0130af43f27f5cd5468474c71f9912639cbe9fbe3ffc1c82d0cbe60240eadedf7c962c219a18aedac9caa74c9111528df432a2b5ae22810a4991e3ca30386b4ba2fdc6aad4f114bf4caa6e39b6f565fe3c03ee100881958b5ba74900d6c21a2f78a08531f237c3e3eac7832e66319799452353a111d1ac27089273501d6f37da72bc538ed8c7d8f09dd4ad7b78930a36161642c547b970001259157e1073af782b25118cd430e891815b78d0ef9415443fc196d47e8ed969ca9938ddb2d7da25a92d1e67a350944a162f61af5631405a1a902a78075c9aaa8d289e7b0b8969ff24bc08e8a65f8e1da094f"}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0xac, 0xbe, "85578a46760b8cc421e81983124ad44d4831a835682512f08ebdbf758cc8807728dd41d34f026d5e73d4463eb631e7fb659d1ece9cff257c77387f8d2308907f6b26e45e3f33ee1f47aed7b1695f38e2d4d008f687f3b277011298be064d1b227b2ef5c12a533c08f5f25db93616bc5b10b6d6aff33e4d9fc26a3f46cfc7eb0fbfbea6e18dd12444b6589c73c6199dd0f4caac962774341fd50be38202cf9d69e0fb0b81ccbd93ef"}, @NL80211_ATTR_PUNCT_BITMAP={0x8, 0x142, 0xcc9f}]}, 0x828}, 0x1, 0x0, 0x0, 0x4a800}, 0x4000000) write$auto(r4, &(0x7f0000000cc0)='-]@\x00', 0x0) r7 = getsockopt$auto_SO_NETNS_COOKIE(r1, 0xe3cf, 0x47, &(0x7f0000000d00)='-]@\x00', &(0x7f0000000d40)=0x4) ioctl$auto_FBIOPUT_VSCREENINFO(r7, 0x4601, &(0x7f0000000d80)="d90f62be1974708e9e7c3d4e67d23d291c4a035fab5e56e3ab55165c79529639ce87daaa448383efec5d742444b9cab4ed87579891143b10cb51a1351ff3a20fc8a961f642da1f1f8c8d1710d8439b8c2b64ee187eea") openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000e00)='/sys/kernel/debug/block/loop15/requeue_list\x00', 0x20400, 0x0) read$auto_uinput_fops_uinput(r1, &(0x7f0000000e40)=""/69, 0x45) remap_file_pages$auto(0x80000001, 0x6, 0x9, 0x10bb, 0xf301) r8 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000f00), r3) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000f40)={'veth1_to_batadv\x00', 0x0}) sendmsg$auto_WG_CMD_SET_DEVICE(r3, &(0x7f0000001180)={&(0x7f0000000ec0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001140)={&(0x7f0000000f80)={0x1ac, r8, 0x8, 0x70bd2d, 0x25dfdbfd, {}, [@WGDEVICE_A_FWMARK={0x8, 0x7, 0x8}, @WGDEVICE_A_PEERS={0xb8, 0x8, 0x0, 0x1, [@nested={0x28, 0xb1, 0x0, 0x1, [@nested={0x4, 0xbb}, @typed={0x8, 0x146, 0x0, 0x0, @fd=r5}, @nested={0x4, 0x53}, @typed={0x8, 0xcc, 0x0, 0x0, @fd=r1}, @typed={0xc, 0xc2, 0x0, 0x0, @str='nl80211\x00'}]}, @nested={0x8c, 0x6e, 0x0, 0x1, [@nested={0x4, 0x1f}, @generic="5ffc9e56b69916fafdf2370595888dea6076aad204229c9d6484a5af7738edcb33eecaedccb1013daa9b9385113e9cba160b6e43bd1f24561b7996801a883158b52564d935d49637e392deb0b256843c2adb56e0167b5a99c56fc6dc8a0dc2d1cdb10316ac8172af1ae0d7d0b63524d905fc3a0cd2aed01fa750f3b15673c20900e23c4a"]}]}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x6}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'veth1_macvtap\x00'}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'ip6gretap0\x00'}, @WGDEVICE_A_PRIVATE_KEY={0x95, 0x3, "7c03cb8df6ab623e5e60fb78f9b1dcd04819d9ed950ab63bce0cb931f8fe90a14e1c65e54215c02cd679e8546d0753162718d14f0a66629d3b579520bf1a8452be81e45aec637f9052452807f75a08331fe14193f4757878998bae865846ebeb8c69433bb2da7a4ed5a94536394c8a34e35da9fb2a194564de51d70199c4aefcfd78fef3e7216bf4d9c681cea80f229643"}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r9}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}]}, 0x1ac}, 0x1, 0x0, 0x0, 0x41}, 0x40480) write$auto(r4, &(0x7f00000011c0)='}\x00', 0xcd) r10 = open_by_handle_at$auto(r0, &(0x7f0000001200)={0x1, 0xd, '*'}, 0x7) ioctl$auto_SNDRV_TIMER_IOCTL_TREAD_OLD(r7, 0x40045402, &(0x7f0000001240)=0x2) setrlimit$auto(0x5, &(0x7f0000001280)={0x1, 0xfffffffffffffffa}) r11 = fcntl$auto_F_GETLEASE(r10, 0x401, r2) readv$auto(r11, &(0x7f00000013c0)={&(0x7f00000012c0)="a0f3c14ca23b3025b3c693549fe16848f6a20a7fe6bbd7142a3a411101f57f8b9c5470addcd45e098e6d4d49cc19ae6c664722856ebee02211f1572ee04ec03ec566ec445d35bf0a3cd70b6d8775e55912057070aa7e7946291128876b7804ce01eb5fb924ca3c0d5cde3deea541703c2136ee6441a7a741db5031fb6907d72c9f254fc62a7eb1d1c833de911b068a6d908c8c247acba04bede2d42b6dbd72e142073747eb16af778b89b43a5e75b92776e92171ee066acfd22c0c786fb4e5b1e751efbce7", 0x4}, 0xffffffffffffffff) 3.788487125s ago: executing program 0 (id=1543): rseq$auto(0x0, 0x7ffd, 0xfffffff6, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r0, 0xfffffffc) socket$nl_generic(0x10, 0x3, 0x10) socket(0x848000000015, 0x5, 0x0) bind$auto(0x3, &(0x7f00000010c0)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x6e) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0xff, 0x0}}, 0x55) sendmsg$auto_NL80211_CMD_GET_MPATH(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x100000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x201, 0x0) r2 = socket(0x2, 0x80805, 0x0) r3 = socket(0x2, 0x6, 0x0) pipe$auto(0x0) dup2$auto(r3, r2) write$auto(0x6, 0x0, 0x100000001) splice$auto(0x4, 0x0, 0x2, 0x0, 0x1000, 0xf) r4 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/numa_maps\x00', 0x20000, 0x0) read$auto_proc_sessionid_operations_base(r4, &(0x7f00000000c0)=""/4096, 0x1000) openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) fcntl$auto_F_SETFD(r4, 0x2, r1) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xc, 0x800008000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram15\x00', 0xa4742, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) write$auto(0x3, 0x0, 0x7fffffff) memfd_create$auto(0x0, 0x2) 3.770915698s ago: executing program 1 (id=1544): r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r0, 0x400, 0x1) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/fs/ext4/sda1/last_error_time\x00', 0x8a040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000001100)=""/4105, 0x1009) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x806, 0x7, 0xb, 0xffffffffffffffff, [], {0x2, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x6, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) 3.570431304s ago: executing program 1 (id=1545): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/fcloop/ctl/del_local_port\x00', 0x80001, 0x0) mmap$auto(0x100000000000000, 0x2020009, 0x100200000003, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) 3.380819432s ago: executing program 2 (id=1546): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000800)='/dev/adsp1\x00', 0x408a00, 0x0) quotactl_fd$auto(0xffffffffffffffff, 0x1, 0x0, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfdfff7fffffffffd, 0xd4, 0x3, 0xa, 0x0, 0x200000000000001, 0x368e, 0x2, {0x100000000, 0x4}, 0xff, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x8000000a, 0x81, 0xffffffffffff628e, 0x1400, 0xdeb1, 0x804}) pwritev$auto(r0, &(0x7f0000000300)={&(0x7f00000001c0)="cb8b190492f16706fd5d73ff99e0266893dd5727671d1c", 0x7}, 0x0, 0x9, 0x4) r1 = socket(0x2b, 0x1, 0x1) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, 0x0, 0xa3da) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x87, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r3, 0xaf01, 0x5) ioctl$auto(r3, 0x4008af30, r3) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/video1\x00', 0x401, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_DELETE(r1, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB='\t@\x00\x00', @ANYRESOCT=r0, @ANYRES8=r0], 0x44}, 0x1, 0x0, 0x0, 0x8004}, 0x40) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/scsi/sg/allow_dio\x00', 0x101901, 0x0) socket(0x2c, 0x5, 0x0) ustat$auto(0x801, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) unshare$auto(0x40000080) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) read$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffffff, &(0x7f0000000200)=""/238, 0xee) ioctl$auto_RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f00000000c0)={0xe, 0x5, 0x2, 0x0, 0x5, 0x2003, 0x74f, 0x1fb, 0xf}) ioctl$auto_SNDCTL_DSP_SYNC(r4, 0x5001, 0xfffffffffffffffc) socket(0x1d, 0x2, 0x6) socket(0x22, 0x2, 0x2) 3.377967357s ago: executing program 1 (id=1547): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) openat$auto_dev_fops_plock(0xffffffffffffff9c, 0x0, 0x62081, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty30\x00', 0x62c00, 0x0) ioctl$auto(r0, 0x4b30, 0x20000009) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x2, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xdff1, 0xfffffffffffffffd, 0xd4, 0x3, 0x6, 0x0, 0x10000, 0x1, 0x2, {0x2100000000, 0x10000}, 0x3, 0x6, 0xffffffffffffffdd, 0x1008000, 0x0, 0x80000004, 0x8, 0x5, 0xfffffffffffffffd, 0xdeb1, 0x1800}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) write$auto(0xca, &(0x7f0000000000)='\x04\x1d\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa4Cn\xb2./jn>9\xd2\xdb\x88\xf4\x1aVj\x13j\xe1\x96\xf7\xc2\xd3qm\xe6q\xf9\xa6u\x8eZ\x00\xf8*C]\xfd)/\xf3\xa1\x92|\x06|\xd0\x82\x93\xa5\x9a5if\xd0\x8e%g,\xc5\xec\xef\x87\x19\x17\xb0\xe1s\xf6U\xc0\x90r\xc5\xc8H\xa3\x9d\xce\x98\xe7\xb1B:\x179\xdc8\xa8) \x15\xce\xd8\x86\xff-\x80\xf5jMj\xda\x8f\x03EO\xe6\xa4Q\x81+v\xc9\xb8\x00\xcf\x94_\xa7\xadV\xc9\x7f;1R\xa0\x7f\xbe\x1e\x83\an/w[i\th\x9c\xb8\xd1\xed\xba\\\v\xe1\v\x81\xcc\xba\x03-N@ \x14\x1e\n\xe9g\x9fF\x05\xc8\x9f\xe5[\xba\xd2V\x9b\xc1\x9f\xf1%\x9c\xba\xf9\xb4\xa8\xd4\x05G\xf6\x82\xf3m\xe6V\xba\xa0\xf9K\x15\xcc_H\xce\xfd\xe2\x88\"\xe0\xd5Ld\x7f\x1c\x90^\x8d%\xb4', 0x9) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mprotect$auto(0x10000, 0xd4, 0x7ff) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0xc8201, 0x0) write$auto(r3, 0x0, 0x6) sendmsg$auto_TIPC_NL_MON_SET(r2, &(0x7f0000002580)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x85}, 0x4000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dmmidi2\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001100)='/sys/devices/virtual/dmi/id/modalias\x00', 0x40280, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) semctl$auto(0x7fffffff, 0x8, 0x1, 0xde6b) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) 2.869872217s ago: executing program 2 (id=1548): mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffffffb) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0) pwrite64$auto(r0, &(0x7f0000000000)='./cgroup/memory.pressure\x00', 0x6bc, 0x5) sysfs$auto(0x3, 0x401, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x83) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semget$auto(0x0, 0x13c, 0x1ff) recvmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0x1c, &(0x7f00000000c0)={0x0, 0x8001}, 0x400000000000002, 0x0, 0x5, 0xfff}}, 0x7, 0x5, 0x0) semtimedop$auto(0x8, &(0x7f0000000140)={0x7, 0x6, 0x70}, 0x1f4, 0x0) mprotect$auto(0x0, 0x3ff, 0x6) mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty34\x00', 0x8000, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto(r2, 0x80dc5521, r1) r3 = semctl$auto_GETNCNT(0x0, 0x0, 0xe, 0xa8) r4 = bpf$auto(0x7fff, 0x0, 0x7f) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f00000001c0)={{@raw=0x3, 0x100110d, 0xffff, 0x6, "e927783f468fa2e92fe8ec7a46cbb766439daa1ee1aa00000000e1800000000000000000040000660e070100", @raw=0x8}, 0x6, 0x0, 0x4, @inferred=r3, @integer64={0x6, 0x4, 0x6}, "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f6ab606c276852295e00af49e6de6e768034"}) mmap$auto(0x1, 0x8020009, 0x4000000002df, 0xeb1, r4, 0x8000) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r6 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video17\x00', 0x80800, 0x0) read$auto_v4l2_fops_v4l2_dev(r6, &(0x7f00000001c0)=""/191, 0x1f8) r7 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video15\x00', 0x180, 0x0) read$auto_v4l2_fops_v4l2_dev(r7, &(0x7f0000000000)=""/194, 0xc2) close_range$auto(0x2, 0x8, 0x0) 1.608543321s ago: executing program 1 (id=1549): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) r1 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000000, 0x8, 0x4, 0x940, 0x1ffde, 0x3, 0x2000000000000006, 0x2, 0x5, 0x5, 0x6, 0x8, 0xae, 0xa, 0x2, 0x7, 0x5, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x1000004, 0x64, 0x0, 0x80000001, 0x0, 0x47, 0x0, 0x0, 0x0, 0x200000000000000, 0x0, 0x4, 0x0, 0x0, 0x400000, 0x0, 0x80000000000, 0x400000000000000, 0x0, 0x8000000000000000, 0x7, 0x3, 0xfffffffffffffffd, 0x0, 0xfffffffffffbfbfe, 0x8000000000000001, 0x0, 0x7fffffffffffffff, 0x0, 0xfffffffffffffffe, 0xa, 0xfffffffffffffffe, 0x40000000000000, 0x0, 0x7ff]}, 0x1fe, 0x80) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x4004000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x7, 0x9, 0x5635, 0x18, r0, 0x5) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TRIP(0xffffffffffffffff, 0x0, 0x24004045) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) ioctl$auto(0xc8, 0x800454dd, 0x5) epoll_ctl$auto_EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xfa88, 0x1}) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) socket(0x25, 0x5, 0x0) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r2 = open$dir(&(0x7f0000000000)='./file0\x00', 0x42, 0x20) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xc008aeba, 0xffffffffffffffff) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x0, 0x0) open_tree$auto(r2, 0x0, 0x1001) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000) 1.464109471s ago: executing program 3 (id=1550): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000800)='/dev/adsp1\x00', 0x408a00, 0x0) quotactl_fd$auto(0xffffffffffffffff, 0x1, 0x0, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfdfff7fffffffffd, 0xd4, 0x3, 0xa, 0x0, 0x200000000000001, 0x368e, 0x2, {0x100000000, 0x4}, 0xff, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x8000000a, 0x81, 0xffffffffffff628e, 0x1400, 0xdeb1, 0x804}) pwritev$auto(r0, &(0x7f0000000300)={&(0x7f00000001c0)="cb8b190492f16706fd5d73ff99e0266893dd5727671d1c", 0x7}, 0x0, 0x9, 0x4) r1 = socket(0x2b, 0x1, 0x1) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3da) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x87, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r3, 0xaf01, 0x5) ioctl$auto(r3, 0x4008af30, r3) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x401, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_DELETE(r1, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB='\t@\x00\x00', @ANYRESOCT=r0, @ANYRES8=r0], 0x44}, 0x1, 0x0, 0x0, 0x8004}, 0x40) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/scsi/sg/allow_dio\x00', 0x101901, 0x0) socket(0x2c, 0x5, 0x0) ustat$auto(0x801, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) unshare$auto(0x40000080) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) read$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffffff, &(0x7f0000000200)=""/238, 0xee) ioctl$auto_RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f00000000c0)={0xe, 0x5, 0x2, 0x0, 0x5, 0x2003, 0x74f, 0x1fb, 0xf}) ioctl$auto_SNDCTL_DSP_SYNC(r4, 0x5001, 0xfffffffffffffffc) socket(0x1d, 0x2, 0x6) socket(0x22, 0x2, 0x2) 1.102014474s ago: executing program 1 (id=1551): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) open(&(0x7f0000000300)='./file0\x00', 0x7efd, 0x3) write$auto(0x3, 0x0, 0x100082) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x300, 0x200007, 0x19) kexec_load$auto(0xff, 0x0, &(0x7f0000000000)={@buf=&(0x7f0000000340)="fa60afd25fd1229dc554c42a6f12a2fc1399309f9035b297e95700872d15dee74b68585a6bb1e9055bb8c83ead2c08e42cab89b1e3112f0dc9741316e46d567155f286d375e56d4cd3a9d1ba80b9cd454b216feac2b80ce4db3a3551f66b797aa1a96d1f17a598373e89e1598494a17e1c79135092ba868f4b7fb8ec49e6d56171c0d66cf7971c4c0099ed351c7c596484a717818eef04116db30d6716998fcdc1d0694b6eeec03fd9ccc833662d9ca171efb7348ab081351354922a4d7fc344a39e79f32e86eefbac937850f15ae7a6776689495399ac99b91497d9cd77233fd859ac4c6f322bb185d1be95eaf1bc32815bb449a9b8edba609f763df70e1fbaa3c571c918073300a1b75c1f4840414e10a04fe581688f759e385c883770dd8728c2b926b023760126b8f4a1efc097b641bbae6f41397be352d4ea98d2e587d51348a1945f23633ded9b0f3c7d33b6175c3cbb3252cbddb7ffcfe3a7d00e873708a44780b8dd6ca20c6a9e99e58b4c35f11008f38dbbd66394b976d05c8447b09afd1ebb08480726a4b937d1d1741afd2645e9c6d0d7b585729bbe7ad0d5587df45a6938ead51dfec69e6e090bc994ecd1223284641b91d79740364edcc605fcb6e7e0edae9cea2a911bd33a83f4a0163e857fbe56fd86fcaf86a3d9e8c516b7e2b6edcb6ddcc604e2562bfe6bc2c88e6c62d05a2c99f1b9856f4620f6eafa2adbd97d523e050c09731bb53600663e4fd274ddc87c61ba16db7a956ca33df293c6b8fa677a1d14644e37c975be4da0b6d98ae18f6996993b90253e708aae473cba288254dc9086fe3f0d0b844d3c8f4a1e55fcd2fcab4733d6d4d60a1cd906b0780b0e1b047468a20bc3f953b9720a9ad13843d7b66b7456fa0df2ccafc473979d4a6b73a476c1321c5df823fc6568745c24ae02cd3855d19bb7d01b3e28e66fefac195fab3e24882e44553f349e1aa49e64452cf0f6baf839fbf06574844436953e41492afd52cf617899bae27e452275ca3772a8342c36aa49071c20595512d714f27756724a86959dbcbf5642299a5ffa377bba72ee33b7efbd4297fa90895fd6ad3e49edd9ca854da2ad4d928c6b19920e0702bf3b1f5e054503b5c4aae2ee4b680b4f6b5c66a954cb87c68ae36afa4f014e0127b7cd79e51196ede18d790f85d651c194471e0c4eba286246e1c9986e722b0cca4ae69eb54a03926cf7330f901e14da2face9eb33f41e4b5d281751c8f1908393ea07db684c31c397fa335d8a5ff3fb2d6c9b0eeeafe18c477ab4534bb9adac205a130606f5ca08843a7cbcfdb80e253075436cabf44d4ff44043acabde6b2a88f5235712eb264dbcd62248e6e5fd0a5d99c663d795d6f1c1b935469d31cf050161e789d748f63f2a2fdf20948540bbaf5bd0efe11bd9903a567b58c0dac24e0bf8bc2254188c95afbf1ef5c8322151d871b4d226f9c80b2ce761ab915b1259dac4700bbb9b7f74538f4253f980bca4edeacd3a313fc8f856dbe8686d09be09d5670ced4d2eb34cdd42c620e71b6f2ac82b9a24a4e37c59b66ff9dce0e003eab34dcc8e536fb1135c70bca315c1b03018d4be0154eb4b69d1bcc9a7ec589a7594468863819f975c3df1eecf4c306cae98f7383ea5de0a7f644dd4bd3f19c8899568fdc04c5f3990d48435ddd69f963d321e9921128b420798ce58d1b8d0b5ba6c634c1843b5102756a5b94ebbc6e3df932b01e65165a4995856a75a8bbe9c687eb394d455a4459a6559577fb211d646c6337d4482fb455ba79f8c04cf9652781180f688bffd590277a94628712086017294260078944c2aaf535e833af523180bd1aab0c28c6e4d4f627ca0eddb8610acaa25e9a4767efdb975040c8a6c28f0d1239416414e5f224e68b2fd5ae46031535cfca9a90d84f57677a1c05763d6e219fce38ae1e67b77e93fcfd0891e29f0c47dd3193101bd449fc88a4fb21dc46f6c3832c44658a10f14b4aa1410f8a705d2fbf0dd2e08652240a7ec3ed19a31936566711d4f3bcceb0cdd5d599490db5dd1b3754c7b75c27f719e1ca44f01ac608819bd4e6c151eaffeccdde8efcdabe567564f7f0c61006e506df681404b4a76c99a07693283283c938bb431ba7eb9c9d51ac1828337308c1519ada3395fbef6a0da3a84394d03c996235c8abdddbc83ee54eda27c0d4c4e43ba55f107dc4b0ef795ec38eb9ee20800d19b446838ff80b2d2348246987d2f0785a81ad2bce087719334fd319ab5a92d99969892cb27d84ba11276321bdf9a79cac172d71d336b29107e51c236a233b4956c6af379b4ae53cdce0a83aaf2a75e4beb602c9c7803b435898eb5b07610d3e21b84d06ec2b159397264030f50f7eafd1c181ecf027d6ddee93e0be255426507c8d45941c5f9bfff8a1501cb95825b06b93d3a977b8eab9e42c8bb2c881ef02e413265ff32c534461b123ab77fef6bc773ca418a43402befb9d01ea4bd3e603f3c42b1acf9e26e02d8ac483d028c896749f34b82084e32d2da0ee2bcc705104af68343d09cf01539fb4c0f7c549c98eff5155b729829e73b6c30578d35a2f3fc0911b8eabcde3af87c3d9e90373a5fa82c260205a07e3446a68a268b32e2895e055b2ba802a6baefd8b6f876f65d49b99e652fe54438594229d2738b1d5643bff232935e1ea5005010f6e60e6151861318a75f1691bf7ffe7e9096f1f84209daebd83bb2ac25aeda1e2d0534ae3086d7eea6f0f85f93d4ee50b4b263329e609dfa77fd7e0055d96988924b8fd7ccba06c720372f23def6a38a6cfc7c427ec22bd7435c63873f0c7eb773ca787028e77a7df3502a6f9efd670a626adbc793a416dc84c3e990153c1ccce8d884c7fee64d7d0ddce33f5f49df2027e814290e6ae7c1dd8326dfd902a71e5683a43b39a32dee4684ef30250ad38867622d2c536876d7e5e20658ff7f36bb799258fc8510e97e495c026086784162afc1c7cccac613d9e6a5bcce7698f6c929c1571847fc36013fbae99fa280f5741204fc408c81a5435b43eb68338d47e4a6e0c0da601099b1f90fde6d163bec88fc95c8176123215781df5e974491b480c4281421ffc8b2f5bd951c391eb9e2d850c8bbdddbc91c70817118d1aa34e76582cf91feab68210fd29430ea296658bb4ac9eec38c612670bb99ecde77acc4ad0d17ee23a1c9ae8c03e0d5673c74950d6d244089440a02fe4d6212dbc9d76fcb0e71bbd2b290c12efb53c566fdf4255ad7ca2ec72c05ae21d74ea2ddff5ed3f521f37d9685152425fb74feb58a774570da830bc32c67e5605445b7b4656b25e5c21fe21d981adc40196f254683ef3807da1e50965dc54c2b30f556e5cf8850eeaaedc35456320f072569ad0b00487304abe6895c2892f3b9440f57dab5dc7b41848e5899d87b76bb9ecedb144f6efa773c331563cd5c19ab69e3cbbca70fb82a278dcc03770a4f485a867fdccb8a383ea7505bf7aa5ecd0d206697c2f40e9199d1c7bf1927956881a066b6502bed5eb9d90dece7416a5b53a330b3d6ea7a774fa1592a40499f7aced0d22bab5d752a5444ff0f302d7bb586c7b68cfa151793c312a1d2700f1cf9a9ef46c1a6b0b728247e72a35a334f8b382b79531b40677cb8a567a2fa8232cdce59067280d3a2e840f19d35fc59b0ec68815efb3ec1092fb83a52f433aba6e5d9b07eb456b1cd7687509ee675c2aef6600302003b829fbc21df5fe54e7daa425a081335b52fafa878d6be16d2bf3ef4ed8b4c49870da867c9875022c3ff5681393e34407ce48964e3a4b2bbac014f535c9da526db948629730a942f9b73b7db62076c445135e97168ebee5a97c98be336ed1755f575c1536100fe68a3f3e1600dc70a063a43e982a49ecd074b9accd9c4c48ccee9dd72d1049999e84df8db1c5463829dc912d60273e46a708c636bf7fbad2f696f3d11f6ef7d58200ff8df71721ce3efabb3f8efe38cce7fae3a2c8d7a1b07186cdb971daaf30f704fc3545f5dcd5b647d819823c681942a2f5ba9a3886845e4e92d974ff657dfc1d6c6073cf04856c638b356169ddc7adb383eaea5323bc35a7e2e219884f90c71980683ddf1b4c968fe2fa7f994eb0e2612532ccc1aa9aaf0341402a4c96b53559be7e363ef618901d3ff5218414c93144e2ae4b7d67ff6e8a6e80a6f270286cf53c6de8f6ccbc3ebaacbcc8d03925a2b8d60c0e30b585e5213da86d71c55ae42b1cad992099f9b22563ee8c5ff488a5a9135e79ba51c1fe4bc17be2b0632f766e0c711877792a0a11e57d7ea0e38affdb5a9118686372e3f44d8ca002a01b06de896b3b352822c0c35f975509d3fd850cb6dc6ec91d9b3a6e4b94592c0aa4be7a643a2ae2de1d15843593951f6b8e0f7b2ba1ea8028d81324ef7f8e8c520abd474cfd577735b94f1425e58ec94f56710ee527b8d04a6d551dc4f4619283fafebeb5437579479fc6a0a35564516f79d66a4e891bc086b08e4a965ac609ffb8d08a84421fb25211b2bc4d6fd439567a04fae4cd34ce54e5dc8c2dd2f0b529341c7c0f50fbd6754344c9a735e91c0c5e8fc9201bd3f936fccff6e4a87ee6d6278a8a937a31aeb1e8e1381c282feaedb6b8001efbec61d55e8232ffea5b24d506a4d59e7b721d9d95d9bc8457ca2cfb8eea3682f1a6d251db97c35a5814bf4a2684b706d84748ef37b80742e4a32ec185c4837737ae9a169d72281f64dd7509ba77b44acced4b49bdfeee9cd3ce9308eb29781731c6773b9afba35b62b3eeb8fa02def8ed6730b842b4b4425fa6ccc2f913738dfc6d124a2c4032e53554769ec167609cdc3eea9e8968104d43f2aa5f7be5e2518e1b2739c926945a25200392667ec2af847ef8a64cf8665428972e13426bc6451e8aa636b0505585b26f39a75287715b589c4953c14957b19f3cde8cd6f79056e9a42f82bafb27abc0be38acc36810215dfaff35cd8ca2e16441cd97b898afcd503bdc4960fc22784664c6901310768e553ae28a757bc238216e7ffe164b8773e9e8da1cfc20384d3b4a3a45688416946bf8739e9086447023385de4ecef5ab305090cdec458f5afa0667879a5a0d12110583893d8b2d616abc4c1fdaf638b02b4773f1d4809c05a8f9421c27f5935e93fb94fa135ace120da039769a8c56d701155caa3ac470240e26246d7d9d79cdec93195350affafda3a4f287413de1e4d0ba55c75d8e7a3b4967ffd5f1de65a2c8c60e9344f4d6c27ef348b8191e1aa649a04a7c0b961e7d5d2a4e938c099a8b3ac95c05f75c4863b148bae9018516ca91438d6a6b8df0e4c2331c0c97b85bcd3dc62fbcf595b9e8d00222da2833db6994d2e71bfb418130da76e418678432cf1ed029dedfc1d39925c7fcb30a51df533c3138fc856f1999538d697b40a824ae87fb06e2d61c5c76e26474698d521a43278653f706e877afcef0a0e856f7772c4f4b3bae5b00c751dcf8b442f31b5cfdd0d723d97161bb2c061c0a9c89284f20684d214c4e6f49e1814ac8fb0aca5dc3790120b1b38f8f74935994dcdee5fdc35c76a35026ba389e6f41123dc9c6d4ec47d535832b7330f04a7af48d2ebd818eb2a46ff1a74c78487733978e878860d8be2f3ac843ff2a8ceebdded859460ea87dbcaccfa757db4478caf77d24c4417a520bedffc9fb8b9cb8f8b1a7ff788ee48e7fed7500ec91c523ecd813cbf6de73aeef39cb4e5fda5c3bd03b4942145dd3b1835c4ceb81a6c3b94d57183e24e884b7c83394e4e41a2fbf196271db826695dc00c774111aeb338c207536eab9ad9348c9f432", 0x1, 0x0, 0x3ff}, 0x2) mmap$auto(0x2000000000000, 0x6a1, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x4, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) adjtimex$auto(&(0x7f00000005c0)={0xf332b6e, 0x0, 0x0, 0x8, 0xd4, 0x7, 0x9, 0x0, 0x10001, 0x1, 0x2, {0x8, 0x10000}, 0x1, 0x6, 0xfffffffffffffffd, 0x1007ffe, 0x0, 0x80000004, 0x83, 0xffffffffffff628e, 0xa747, 0x1, 0x1800}) r0 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000480)='/sys/kernel/debug/ieee80211/phy1/netdev:wlan1/rc_rateidx_mcs_mask_2ghz\x00', 0x20100, 0x0) read$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(r0, 0x0, 0x0) r1 = socket(0x22, 0x2, 0x73) bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@ax25={0x3, @bcast, 0x2}, 0x6a) io_uring_setup$auto(0xc, 0x0) write$auto(0xca, &(0x7f0000000140)='\x04>\x01\x01\b\x1a\x1e`0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x4, 0x1ff, 0xffffffffffffffff, @relative_id=0x13, 0xe600}, 0xf) r6 = socket(0xa, 0x2, 0x88) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000280)={'dummy0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r8, r7, 0x4, 0x1ff, r6, @relative_id=0x13, 0xe600}, 0xf) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'pim6reg1\x00', 0x0}) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = socket(0xa, 0x2, 0x0) r12 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000280)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_NEW_KEY(r10, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)={0x24, r12, 0x413, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r13}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x4804}, 0x80) r14 = socket$nl_generic(0x10, 0x3, 0x10) r15 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000180), r14) ioctl$sock_SIOCGIFINDEX(r14, 0x8933, &(0x7f00000000c0)={'batadv0\x00', 0x0}) read$auto_proc_mountinfo_operations_mnt_namespace(r5, &(0x7f0000000480)=""/4096, 0x1000) sendmsg$auto_BATADV_CMD_TP_METER(r14, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x28, r15, 0x77bed28568c43d3b, 0x70bd2c, 0x25dfdbfc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r16}, @BATADV_ATTR_ORIG_ADDRESS={0xa}]}, 0x28}, 0x1, 0x100000000000000, 0x0, 0x2019}, 0x8080) sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x100, r1, 0x8, 0x70bd2a, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xee4f}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}]}, @ETHTOOL_A_LINKMODES_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x401}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @ETHTOOL_A_LINKMODES_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @ETHTOOL_A_LINKMODES_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}]}, @ETHTOOL_A_LINKMODES_HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_LINKMODES_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r16}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x100}]}]}, 0x100}, 0x1, 0x0, 0x0, 0x4}, 0x20044085) r17 = gettid() kill$auto(r17, 0x11) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0x1, 0x1ff, 0x100, 0x83, 0x101, 0x6, 0x6}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x876c5, 0x8, 0x100000000}}) io_uring_register$auto(0x2, 0xf, 0x0, 0x83) 684.846031ms ago: executing program 3 (id=1553): socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x1000000000045, 0x100000001, 0xfffdffff, 0x0, 0x0, 0x0, 0x7, 0x6, 0x7, 0x401, 0x7ffffffb, 0x5, 0xffffffff80000000, 0x1, 0x61, 0x103}) (async) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x402, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x1d, 0x2, 0x7) (async) socket(0x2, 0x1, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 32) getsockopt$auto(0x4, 0x6, 0x2b, 0xfffffffffffffffc, 0x0) (async, rerun: 32) r0 = mq_open$auto(&(0x7f0000000100)='\\*)A\'t&\xc5R\xcc\xea3\xd5\x00', 0x7e, 0x0, 0x0) ppoll$auto(&(0x7f0000000000)={r0, 0x81, 0x9}, 0x9, &(0x7f0000000040)={0x1}, &(0x7f00000000c0), 0x8) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_wireguard(0x0, 0xffffffffffffffff) (async) mmap$auto(0x1, 0x5, 0x7, 0x2014, r1, 0x400000003ff) r2 = getpid() process_vm_readv$auto(r2, 0x0, 0x6, 0x0, 0x40b, 0x0) mq_timedsend$auto(r0, 0x0, 0x2000, 0x2, 0x0) 683.431424ms ago: executing program 0 (id=1554): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r0 = socketpair$auto(0x800001e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x51) pwrite64$auto(0xc8, 0x0, 0x28, 0x100000000) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x5) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, 0x0, 0x28082, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto_USBDEVFS_FREE_STREAMS(r0, 0x8008551d, &(0x7f0000000340)={0x9, 0x9, "584aed55a7925cd98508e407767ce17a3d8b4259e3a10f4e05852c0538d1cd32cf830ab087c7f976efa5b63c6fd281446e87a80b064a849cbf2eda9d05786ec3e62119cf852b05cd8e2a60e7b21a45cc50d417b28400c820197f29849c9b186c7a7a97767a6d3c2e66ac5739d62073d49ccfae44449d9cd6c6f9e8c658bb71eea7c5336a8902a3a64ceb5ebb464adfbbbc59c6b1154850a8ef1093cf9fb35520e765423f8191c85b0b7c5380f5e63150abf75bd2317dc530de714625de3c73efec424e1d22a9b10b70283803428d6456babb38d0db60b89deebdef8bfecd4c5b729fde"}) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup_total_time_ms\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) 671.186088ms ago: executing program 2 (id=1555): r0 = openat$auto_vsock_device_ops_af_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x6400, 0x0) ioctl$auto(0x3, 0x541b, 0x7f) sendmmsg$auto(r0, &(0x7f0000000300)={{&(0x7f0000000080)="d8051991ca3a92755fe74e7e06b9fb1e1d09deea6e77b43c3c099922a9144a97d1df0614fa93b5cfe00e4fefad1fa7f5c585ea3fecf3d70a1f19434257de469a1760356d909b904cf94868dd8a35ab769745a0876e0a2bfcfe081420391312de0f0d9429a58a43b960b30f24b0771c626b9a8030ca7b7d98029a575b285ef25fe62cc88f896f7c4d55432907f2c1b9b0f38fe1a1c84fabf2adeb65145fdaa6ee249c22634ed0991eb0f393a89f70bd0cae08d6c745abb64ef8268487bca336d494575d32d3f4966d8de7177c59460591f954a89b7ba5386378a34b5805e11237de", 0x3, &(0x7f0000000000)={&(0x7f0000000180)="7434acb2ba69a06782b439612a701cfeda8646f9d0d0c8a86e0b3adea1459d7de6bb19441b704dbd3c65880fbbaa9563475d5074cdfd506e5bd65f5c52042e213798ce37c8c0a44d7ef84ce4bf91db4c26f49a0ab560a67d58ae9304335f420b4b427fa8dca7c723f09a3e6d59eefad95474b7737536d617c49ecf83cb3ffe023f89d23fdb471901199cf03dac08dc66742a485688d74aa9b2fd7c7ba4048ba84af28fa7676723af39198611d000880af1ff8e738c2b4c48c82ced9e5a056adb4a10b69a5daf4c87b52c6054f9d549f4af22b0373bcc5283", 0xffffffff}, 0x8, &(0x7f0000000280)="dd44eab1d48a2c7334a97000d551ca42436561de996f3717bf2daffd12030c7f0bde1a3ec93ba6a6768b627152ad8a0c4ce26ceaa6253acb85b6df9eb5af2b7080f8dfb491611c95921ec523ccc146fbf0c82926f08bf444202a54d4d51e50e6b9ebb96cbff7f6ee8a", 0x9, 0x5}, 0x2c3457c7}, 0xffff5c2c, 0x0) 399.822997ms ago: executing program 2 (id=1556): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/tty/ptyy2/power/runtime_active_time\x00', 0x102, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendfile$auto(r1, r0, &(0x7f0000000040)=0x3, 0x9) openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/attr/sockcreate\x00', 0x101102, 0x0) setxattrat$auto(0xffffffffffffffff, 0x0, 0x2, 0x0, &(0x7f00000000c0)={0x69fc, 0x6, 0x7}, 0x5d8) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r2 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x41}}, 0x6a) listen$auto(0x3, 0x81) read$auto(r2, 0x0, 0x7) close_range$auto(0x2, r2, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @local}, 0x6a) listen$auto(0x3, 0x81) close_range$auto(0x2, 0xa, 0x0) mlockall$auto(0x7) mmap$auto(0x0, 0x400008, 0x6c876f17, 0x9b71, r2, 0x8000) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty51\x00', 0x10400, 0x0) ioctl$auto(r3, 0x4b4c, 0x9) madvise$auto(0x0, 0x2000040080000004, 0xe) mmap$auto(0x2, 0x4020009, 0xdf, 0xebf, r2, 0x400002) r4 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="04002cbd7000fedbdf250200000034cc169dff77b453d830ccb1efe8e3f5d7d39ab7c47947d2213524d537f5b9d99bdc9cd656b0f6b13cb2a96b97982183111969f8ec92ffc6598f4d8a6af302ef36a19c378e036b8c1b5d9adbc13afd38a7adea6aefb1d11e3db23ca49a570676860083408869170a5850ee60f41fdf10b29a7baedca29013385fbdbe670443635a4615284d9d0a05d42b75c58a0d8f00c0b5f744537359ba4211c80dad6ba45087bb85c2568bf490715df42b076a4511ffec7b95ca37ad2c45319ec1902a215d8a6f6a62c11a2b7b36e7a846642e9268478ba70000000000000000649100d1bec4e65b5c7bb2a926ff3ab9cb6204e4b9beeabb2638210457dbf6574a874201ad3f419bbe902fd4f157850afdf21d47b9068ee2ea6dce863e51787ff4b4dfb5a66ca62636ee35b6bcc7f1b06d19b762126750fc4bf52793898ab682094e02ae3d5efc02b63b7d5ecaf024eebf710c4840a33b35542a26fbe70292ffcdd48ab3bc7ab8a560ecd1ecaefc74a679ae1801d1a0ac497f78daf635fbb06621a4183baa25981ac18de60bfd94deef320c5af8fad349f68191fdc87ab3f696c554a196e356a07e221a0b73fcae9c1a3c95"], 0x14}}, 0x4) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000300)={{0x0, 0x9, &(0x7f0000000280)={0x0, 0x40006}, 0xc, &(0x7f00000002c0), 0x4, 0x8}, 0x800}, 0xd, 0x3, 0x0) 331.550364ms ago: executing program 3 (id=1557): r0 = open(&(0x7f0000000000)='./file0\x00', 0x22240, 0x0) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC0\x00', 0x100, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xffffffffffffffff, 0x8000) madvise$auto_MADV_HUGEPAGE(0x0, 0x80000001, 0xe) prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x9, 0x0, 0x5, 0x8) madvise$auto_MADV_HUGEPAGE(0x0, 0x2, 0xe) r2 = socket(0x2c, 0x3, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x0, r0, 0x5, 0x6, 0xa, 0x1000009, r2, 0x9, 0x3}, 0x6f3) fcntl$auto(0x3, 0x400, 0x1) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x1) socket(0x2, 0x1, 0x106) r3 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000240), 0x183440, 0x0) r4 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x80040, 0x0) ioctl$auto_USB_RAW_IOCTL_CONFIGURE(r4, 0x5509, 0x0) unshare$auto(0x40000080) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r5, &(0x7f0000006200)={0x0, 0xfffffffffffffe47, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="230027bd7000fcdbdf2508ffe9000c000380050001800300000004000280080001"], 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x44044) openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/midi2\x00', 0x38b003, 0x0) socket(0x28, 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) select$auto(0x12, 0x0, 0x0, &(0x7f0000000080)={[0x1ff, 0x7, 0xb, 0x1, 0x7, 0x4460, 0x15f4da0c, 0x1, 0x3, 0x300000000000000, 0x7fffffff, 0x7, 0x0, 0x9, 0x8a9]}, 0x0) close_range$auto(0x2, 0x8, 0x0) listen$auto(0x3, 0x81) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0xe, 0x4, 0x4, 0x9, 0x8, 0xc, r3, 0x4, 0x7ff}, 0xee) mmap$auto(0x0, 0x2020009, 0x3, 0x18, r1, 0xa) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) 226.555318ms ago: executing program 0 (id=1558): r0 = getsockopt$auto_SO_RCVMARK(0xffffffffffffffff, 0x6, 0x4b, &(0x7f0000000080)='\'++)$&++}+\xa4]\x00', &(0x7f0000000100)=0x3) setsockopt$auto(r0, 0xfff, 0xa, &(0x7f00000001c0)='&{#$!}]\x00', 0x3) mmap$auto(0x6, 0x400008, 0xdf, 0x9b72, 0x2, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) open(&(0x7f0000000300)='./file0\x00', 0x7efd, 0x3) write$auto(0x3, 0x0, 0x100082) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200007, 0x19) kexec_load$auto(0xff, 0x0, &(0x7f0000000000)={@buf=&(0x7f0000000340)="fa60afd25fd1229dc554c42a6f12a2fc1399309f9035b297e95700872d15dee74b68585a6bb1e9055bb8c83ead2c08e42cab89b1e3112f0dc9741316e46d567155f286d375e56d4cd3a9d1ba80b9cd454b216feac2b80ce4db3a3551f66b797aa1a96d1f17a598373e89e1598494a17e1c79135092ba868f4b7fb8ec49e6d56171c0d66cf7971c4c0099ed351c7c596484a717818eef04116db30d6716998fcdc1d0694b6eeec03fd9ccc833662d9ca171efb7348ab081351354922a4d7fc344a39e79f32e86eefbac937850f15ae7a6776689495399ac99b91497d9cd77233fd859ac4c6f322bb185d1be95eaf1bc32815bb449a9b8edba609f763df70e1fbaa3c571c918073300a1b75c1f4840414e10a04fe581688f759e385c883770dd8728c2b926b023760126b8f4a1efc097b641bbae6f41397be352d4ea98d2e587d51348a1945f23633ded9b0f3c7d33b6175c3cbb3252cbddb7ffcfe3a7d00e873708a44780b8dd6ca20c6a9e99e58b4c35f11008f38dbbd66394b976d05c8447b09afd1ebb08480726a4b937d1d1741afd2645e9c6d0d7b585729bbe7ad0d5587df45a6938ead51dfec69e6e090bc994ecd1223284641b91d79740364edcc605fcb6e7e0edae9cea2a911bd33a83f4a0163e857fbe56fd86fcaf86a3d9e8c516b7e2b6edcb6ddcc604e2562bfe6bc2c88e6c62d05a2c99f1b9856f4620f6eafa2adbd97d523e050c09731bb53600663e4fd274ddc87c61ba16db7a956ca33df293c6b8fa677a1d14644e37c975be4da0b6d98ae18f6996993b90253e708aae473cba288254dc9086fe3f0d0b844d3c8f4a1e55fcd2fcab4733d6d4d60a1cd906b0780b0e1b047468a20bc3f953b9720a9ad13843d7b66b7456fa0df2ccafc473979d4a6b73a476c1321c5df823fc6568745c24ae02cd3855d19bb7d01b3e28e66fefac195fab3e24882e44553f349e1aa49e64452cf0f6baf839fbf06574844436953e41492afd52cf617899bae27e452275ca3772a8342c36aa49071c20595512d714f27756724a86959dbcbf5642299a5ffa377bba72ee33b7efbd4297fa90895fd6ad3e49edd9ca854da2ad4d928c6b19920e0702bf3b1f5e054503b5c4aae2ee4b680b4f6b5c66a954cb87c68ae36afa4f014e0127b7cd79e51196ede18d790f85d651c194471e0c4eba286246e1c9986e722b0cca4ae69eb54a03926cf7330f901e14da2face9eb33f41e4b5d281751c8f1908393ea07db684c31c397fa335d8a5ff3fb2d6c9b0eeeafe18c477ab4534bb9adac205a130606f5ca08843a7cbcfdb80e253075436cabf44d4ff44043acabde6b2a88f5235712eb264dbcd62248e6e5fd0a5d99c663d795d6f1c1b935469d31cf050161e789d748f63f2a2fdf20948540bbaf5bd0efe11bd9903a567b58c0dac24e0bf8bc2254188c95afbf1ef5c8322151d871b4d226f9c80b2ce761ab915b1259dac4700bbb9b7f74538f4253f980bca4edeacd3a313fc8f856dbe8686d09be09d5670ced4d2eb34cdd42c620e71b6f2ac82b9a24a4e37c59b66ff9dce0e003eab34dcc8e536fb1135c70bca315c1b03018d4be0154eb4b69d1bcc9a7ec589a7594468863819f975c3df1eecf4c306cae98f7383ea5de0a7f644dd4bd3f19c8899568fdc04c5f3990d48435ddd69f963d321e9921128b420798ce58d1b8d0b5ba6c634c1843b5102756a5b94ebbc6e3df932b01e65165a4995856a75a8bbe9c687eb394d455a4459a6559577fb211d646c6337d4482fb455ba79f8c04cf9652781180f688bffd590277a94628712086017294260078944c2aaf535e833af523180bd1aab0c28c6e4d4f627ca0eddb8610acaa25e9a4767efdb975040c8a6c28f0d1239416414e5f224e68b2fd5ae46031535cfca9a90d84f57677a1c05763d6e219fce38ae1e67b77e93fcfd0891e29f0c47dd3193101bd449fc88a4fb21dc46f6c3832c44658a10f14b4aa1410f8a705d2fbf0dd2e08652240a7ec3ed19a31936566711d4f3bcceb0cdd5d599490db5dd1b3754c7b75c27f719e1ca44f01ac608819bd4e6c151eaffeccdde8efcdabe567564f7f0c61006e506df681404b4a76c99a07693283283c938bb431ba7eb9c9d51ac1828337308c1519ada3395fbef6a0da3a84394d03c996235c8abdddbc83ee54eda27c0d4c4e43ba55f107dc4b0ef795ec38eb9ee20800d19b446838ff80b2d2348246987d2f0785a81ad2bce087719334fd319ab5a92d99969892cb27d84ba11276321bdf9a79cac172d71d336b29107e51c236a233b4956c6af379b4ae53cdce0a83aaf2a75e4beb602c9c7803b435898eb5b07610d3e21b84d06ec2b159397264030f50f7eafd1c181ecf027d6ddee93e0be255426507c8d45941c5f9bfff8a1501cb95825b06b93d3a977b8eab9e42c8bb2c881ef02e413265ff32c534461b123ab77fef6bc773ca418a43402befb9d01ea4bd3e603f3c42b1acf9e26e02d8ac483d028c896749f34b82084e32d2da0ee2bcc705104af68343d09cf01539fb4c0f7c549c98eff5155b729829e73b6c30578d35a2f3fc0911b8eabcde3af87c3d9e90373a5fa82c260205a07e3446a68a268b32e2895e055b2ba802a6baefd8b6f876f65d49b99e652fe54438594229d2738b1d5643bff232935e1ea5005010f6e60e6151861318a75f1691bf7ffe7e9096f1f84209daebd83bb2ac25aeda1e2d0534ae3086d7eea6f0f85f93d4ee50b4b263329e609dfa77fd7e0055d96988924b8fd7ccba06c720372f23def6a38a6cfc7c427ec22bd7435c63873f0c7eb773ca787028e77a7df3502a6f9efd670a626adbc793a416dc84c3e990153c1ccce8d884c7fee64d7d0ddce33f5f49df2027e814290e6ae7c1dd8326dfd902a71e5683a43b39a32dee4684ef30250ad38867622d2c536876d7e5e20658ff7f36bb799258fc8510e97e495c026086784162afc1c7cccac613d9e6a5bcce7698f6c929c1571847fc36013fbae99fa280f5741204fc408c81a5435b43eb68338d47e4a6e0c0da601099b1f90fde6d163bec88fc95c8176123215781df5e974491b480c4281421ffc8b2f5bd951c391eb9e2d850c8bbdddbc91c70817118d1aa34e76582cf91feab68210fd29430ea296658bb4ac9eec38c612670bb99ecde77acc4ad0d17ee23a1c9ae8c03e0d5673c74950d6d244089440a02fe4d6212dbc9d76fcb0e71bbd2b290c12efb53c566fdf4255ad7ca2ec72c05ae21d74ea2ddff5ed3f521f37d9685152425fb74feb58a774570da830bc32c67e5605445b7b4656b25e5c21fe21d981adc40196f254683ef3807da1e50965dc54c2b30f556e5cf8850eeaaedc35456320f072569ad0b00487304abe6895c2892f3b9440f57dab5dc7b41848e5899d87b76bb9ecedb144f6efa773c331563cd5c19ab69e3cbbca70fb82a278dcc03770a4f485a867fdccb8a383ea7505bf7aa5ecd0d206697c2f40e9199d1c7bf1927956881a066b6502bed5eb9d90dece7416a5b53a330b3d6ea7a774fa1592a40499f7aced0d22bab5d752a5444ff0f302d7bb586c7b68cfa151793c312a1d2700f1cf9a9ef46c1a6b0b728247e72a35a334f8b382b79531b40677cb8a567a2fa8232cdce59067280d3a2e840f19d35fc59b0ec68815efb3ec1092fb83a52f433aba6e5d9b07eb456b1cd7687509ee675c2aef6600302003b829fbc21df5fe54e7daa425a081335b52fafa878d6be16d2bf3ef4ed8b4c49870da867c9875022c3ff5681393e34407ce48964e3a4b2bbac014f535c9da526db948629730a942f9b73b7db62076c445135e97168ebee5a97c98be336ed1755f575c1536100fe68a3f3e1600dc70a063a43e982a49ecd074b9accd9c4c48ccee9dd72d1049999e84df8db1c5463829dc912d60273e46a708c636bf7fbad2f696f3d11f6ef7d58200ff8df71721ce3efabb3f8efe38cce7fae3a2c8d7a1b07186cdb971daaf30f704fc3545f5dcd5b647d819823c681942a2f5ba9a3886845e4e92d974ff657dfc1d6c6073cf04856c638b356169ddc7adb383eaea5323bc35a7e2e219884f90c71980683ddf1b4c968fe2fa7f994eb0e2612532ccc1aa9aaf0341402a4c96b53559be7e363ef618901d3ff5218414c93144e2ae4b7d67ff6e8a6e80a6f270286cf53c6de8f6ccbc3ebaacbcc8d03925a2b8d60c0e30b585e5213da86d71c55ae42b1cad992099f9b22563ee8c5ff488a5a9135e79ba51c1fe4bc17be2b0632f766e0c711877792a0a11e57d7ea0e38affdb5a9118686372e3f44d8ca002a01b06de896b3b352822c0c35f975509d3fd850cb6dc6ec91d9b3a6e4b94592c0aa4be7a643a2ae2de1d15843593951f6b8e0f7b2ba1ea8028d81324ef7f8e8c520abd474cfd577735b94f1425e58ec94f56710ee527b8d04a6d551dc4f4619283fafebeb5437579479fc6a0a35564516f79d66a4e891bc086b08e4a965ac609ffb8d08a84421fb25211b2bc4d6fd439567a04fae4cd34ce54e5dc8c2dd2f0b529341c7c0f50fbd6754344c9a735e91c0c5e8fc9201bd3f936fccff6e4a87ee6d6278a8a937a31aeb1e8e1381c282feaedb6b8001efbec61d55e8232ffea5b24d506a4d59e7b721d9d95d9bc8457ca2cfb8eea3682f1a6d251db97c35a5814bf4a2684b706d84748ef37b80742e4a32ec185c4837737ae9a169d72281f64dd7509ba77b44acced4b49bdfeee9cd3ce9308eb29781731c6773b9afba35b62b3eeb8fa02def8ed6730b842b4b4425fa6ccc2f913738dfc6d124a2c4032e53554769ec167609cdc3eea9e8968104d43f2aa5f7be5e2518e1b2739c926945a25200392667ec2af847ef8a64cf8665428972e13426bc6451e8aa636b0505585b26f39a75287715b589c4953c14957b19f3cde8cd6f79056e9a42f82bafb27abc0be38acc36810215dfaff35cd8ca2e16441cd97b898afcd503bdc4960fc22784664c6901310768e553ae28a757bc238216e7ffe164b8773e9e8da1cfc20384d3b4a3a45688416946bf8739e9086447023385de4ecef5ab305090cdec458f5afa0667879a5a0d12110583893d8b2d616abc4c1fdaf638b02b4773f1d4809c05a8f9421c27f5935e93fb94fa135ace120da039769a8c56d701155caa3ac470240e26246d7d9d79cdec93195350affafda3a4f287413de1e4d0ba55c75d8e7a3b4967ffd5f1de65a2c8c60e9344f4d6c27ef348b8191e1aa649a04a7c0b961e7d5d2a4e938c099a8b3ac95c05f75c4863b148bae9018516ca91438d6a6b8df0e4c2331c0c97b85bcd3dc62fbcf595b9e8d00222da2833db6994d2e71bfb418130da76e418678432cf1ed029dedfc1d39925c7fcb30a51df533c3138fc856f1999538d697b40a824ae87fb06e2d61c5c76e26474698d521a43278653f706e877afcef0a0e856f7772c4f4b3bae5b00c751dcf8b442f31b5cfdd0d723d97161bb2c061c0a9c89284f20684d214c4e6f49e1814ac8fb0aca5dc3790120b1b38f8f74935994dcdee5fdc35c76a35026ba389e6f41123dc9c6d4ec47d535832b7330f04a7af48d2ebd818eb2a46ff1a74c78487733978e878860d8be2f3ac843ff2a8ceebdded859460ea87dbcaccfa757db4478caf77d24c4417a520bedffc9fb8b9cb8f8b1a7ff788ee48e7fed7500ec91c523ecd813cbf6de73aeef39cb4e5fda5c3bd03b4942145dd3b1835c4ceb81a6c3b94d57183e24e884b7c83394e4e41a2fbf196271db826695dc00c774111aeb338c207536eab9ad9348c9f432", 0x1, 0x0, 0x3ff}, 0x2) mmap$auto(0x2000000000000, 0x6a1, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x4, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) adjtimex$auto(&(0x7f00000005c0)={0xf332b6a, 0x0, 0xfffffffffffffffe, 0x8, 0xd4, 0x7, 0x9, 0x0, 0x10001, 0x1, 0x2, {0x8, 0x10000}, 0x1, 0x6, 0xfffffffffffffffd, 0x1007ffe, 0x0, 0x80000004, 0x83, 0x3, 0xa747, 0x1, 0x1800}) r1 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000480)='/sys/kernel/debug/ieee80211/phy1/netdev:wlan1/rc_rateidx_mcs_mask_2ghz\x00', 0x20100, 0x0) read$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(r1, 0x0, 0x0) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x100e42, 0x0) ioctl$auto_SG_GET_REQUEST_TABLE(r2, 0x2286, &(0x7f0000000040)) sendmsg$auto_SEG6_CMD_SETHMAC(r2, &(0x7f0000000740)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x30, 0x0, 0x2, 0x70bd27, 0x25dfdbfc, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x7f}, @SEG6_ATTR_DST={0x14, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x40) r3 = socket(0x23, 0x2, 0x0) getsockname$auto(r3, &(0x7f0000000140)=@in={0x2, 0xfffc, @rand_addr=0x40000000}, &(0x7f0000000040)=0xd2) r4 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000800), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCR(r3, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000900)={&(0x7f0000000840)={0xb8, r4, 0x800, 0x70bd26, 0x25dfdbff, {}, "ec25b8cc1c7178fc7223a9acf5a8d9f071e683af1ca3eccf777c2706cc23aec355b422075741290d32376e3f4b0377a3f599997129bc6d61f5252aa0cbb597244f4c1a5b1b8cf52a8384e9e579acf397047e6d29113d433135e9065ebbaa8598831749b1c40a839f5dcbff428c5e052fcc2ca536386d688eb16e32afcc1014078f234bc0eab107d12891f71416a70375faf8d7e60f7ee4d021f4ba715c0d65f6d11d94"}, 0xb8}, 0x1, 0x0, 0x0, 0x2004c084}, 0x40050) ioctl$auto(r2, 0x400454cc, 0xffffffffffffffff) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/afs/cells\x00', 0x4a801, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.5/usb6/busnum\x00', 0xa400, 0x0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop12/queue/nr_requests\x00', 0xa3182, 0x0) sendfile$auto(r7, r7, 0x0, 0x2) r8 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000980)='/dev/sg0\x00', 0x80840, 0x0) ioctl$auto_SCSI_IOCTL_TEST_UNIT_READY(r8, 0x2, &(0x7f00000009c0)="5a7ee674ce5a5fef04475ccd35") read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000040)=""/178, 0xb2) mmap$auto(0x8001, 0x6, 0x2, 0x13, r5, 0x9) 0s ago: executing program 2 (id=1559): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/net/rpc/nfs4.nametoid/channel\x00', 0x8f3b7a51b8162d21, 0x0) write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)="f36cf820c75c20d9d1027e0dc0023af10e9bfa1babfa3a3753ca9aee370a", 0x1e) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) shmctl$auto_IPC_SET(0x7fa, 0x1, 0x0) ioctl$auto_USBDEVFS_RELEASE_PORT(0xffffffffffffffff, 0x80045519, &(0x7f0000000100)=0x3) r1 = gettid() r2 = socket(0x2, 0x1, 0x0) r3 = openat$auto_ptdump_fops_(0xffffffffffffff9c, 0x0, 0x24c0, 0x0) ioctl$auto(r2, 0xffff, r3) syz_genetlink_get_family_id$auto_nl80211(0x0, r2) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1b00"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x8007}, 0x3, 0x0) process_vm_readv$auto(r1, &(0x7f0000000040)={0x0, 0x2}, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x3, 0x0) r5 = openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter\x00', 0x40001, 0x0) write$auto_ftrace_event_filter_fops_trace_events(r5, 0x0, 0x0) openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/trigger\x00', 0x1, 0xffeb) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.32' (ED25519) to the list of known hosts. [ 74.905990][ T5828] cgroup: Unknown subsys name 'net' [ 75.036552][ T5828] cgroup: Unknown subsys name 'cpuset' [ 75.045021][ T5828] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 76.614104][ T5828] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 76.685628][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.692085][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 79.456312][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 79.465495][ T5842] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 79.474208][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 79.477867][ T5852] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 79.481619][ T5842] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 79.496218][ T5854] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 79.498766][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 79.511157][ T5852] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 79.511784][ T5842] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 79.527813][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 79.535619][ T5842] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 79.543230][ T5842] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 79.551566][ T5854] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 79.556811][ T5842] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 79.566223][ T5854] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 79.566814][ T5842] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 79.580847][ T5153] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 79.589289][ T5153] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 79.597834][ T5854] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 79.606250][ T5153] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 79.921836][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 79.976065][ T5840] chnl_net:caif_netlink_parms(): no params data found [ 80.002507][ T5839] chnl_net:caif_netlink_parms(): no params data found [ 80.085396][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 80.140897][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.149103][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.156698][ T5838] bridge_slave_0: entered allmulticast mode [ 80.163789][ T5838] bridge_slave_0: entered promiscuous mode [ 80.195546][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.202669][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.210753][ T5838] bridge_slave_1: entered allmulticast mode [ 80.217876][ T5838] bridge_slave_1: entered promiscuous mode [ 80.231506][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.238945][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.246188][ T5840] bridge_slave_0: entered allmulticast mode [ 80.253003][ T5840] bridge_slave_0: entered promiscuous mode [ 80.261801][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.269040][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.276472][ T5840] bridge_slave_1: entered allmulticast mode [ 80.283429][ T5840] bridge_slave_1: entered promiscuous mode [ 80.344809][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.357399][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.379028][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.388335][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.396189][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.403465][ T5839] bridge_slave_0: entered allmulticast mode [ 80.410282][ T5839] bridge_slave_0: entered promiscuous mode [ 80.450959][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.460306][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.468245][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.475727][ T5839] bridge_slave_1: entered allmulticast mode [ 80.482414][ T5839] bridge_slave_1: entered promiscuous mode [ 80.497339][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.505001][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.512191][ T5837] bridge_slave_0: entered allmulticast mode [ 80.519373][ T5837] bridge_slave_0: entered promiscuous mode [ 80.527115][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.534314][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.542270][ T5837] bridge_slave_1: entered allmulticast mode [ 80.549199][ T5837] bridge_slave_1: entered promiscuous mode [ 80.558661][ T5838] team0: Port device team_slave_0 added [ 80.589435][ T5838] team0: Port device team_slave_1 added [ 80.604634][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.617239][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.644486][ T5840] team0: Port device team_slave_0 added [ 80.659798][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.670977][ T5840] team0: Port device team_slave_1 added [ 80.696727][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.713862][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.720846][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.747468][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.762389][ T5839] team0: Port device team_slave_0 added [ 80.783403][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.790384][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.818731][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.831027][ T5839] team0: Port device team_slave_1 added [ 80.845693][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.852698][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.879505][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.891835][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.898928][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.924935][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.959967][ T5837] team0: Port device team_slave_0 added [ 80.983340][ T5837] team0: Port device team_slave_1 added [ 81.009406][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 81.016458][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.043391][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 81.071925][ T5840] hsr_slave_0: entered promiscuous mode [ 81.080304][ T5840] hsr_slave_1: entered promiscuous mode [ 81.092089][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 81.099245][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.125378][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.159422][ T5838] hsr_slave_0: entered promiscuous mode [ 81.165921][ T5838] hsr_slave_1: entered promiscuous mode [ 81.173367][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 81.181346][ T5838] Cannot create hsr debugfs directory [ 81.200283][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 81.207486][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.233805][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 81.268258][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 81.275460][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.301448][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.323465][ T5839] hsr_slave_0: entered promiscuous mode [ 81.329604][ T5839] hsr_slave_1: entered promiscuous mode [ 81.335989][ T5839] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 81.343621][ T5839] Cannot create hsr debugfs directory [ 81.430371][ T5837] hsr_slave_0: entered promiscuous mode [ 81.437342][ T5837] hsr_slave_1: entered promiscuous mode [ 81.443445][ T5837] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 81.451032][ T5837] Cannot create hsr debugfs directory [ 81.643782][ T5153] Bluetooth: hci1: command tx timeout [ 81.653290][ T5153] Bluetooth: hci3: command tx timeout [ 81.653303][ T5845] Bluetooth: hci0: command tx timeout [ 81.653463][ T5845] Bluetooth: hci2: command tx timeout [ 81.679910][ T5838] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 81.691594][ T5838] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 81.704116][ T5838] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 81.714135][ T5838] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 81.770079][ T5840] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 81.779597][ T5840] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 81.791268][ T5840] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 81.820625][ T5840] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 81.835576][ T5837] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 81.845491][ T5837] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 81.871457][ T5837] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 81.893339][ T5837] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 81.926522][ T5839] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 81.952635][ T5839] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 81.964286][ T5839] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 81.979085][ T5839] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 82.081188][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.146437][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.160018][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.177339][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.187416][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.212575][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.219893][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.231437][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.238649][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.248347][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.255536][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.274565][ T3437] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.281710][ T3437] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.300409][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.331829][ T3437] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.339031][ T3437] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.364353][ T3437] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.371525][ T3437] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.419104][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.460031][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.502643][ T1097] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.509857][ T1097] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.551144][ T1097] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.558381][ T1097] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.681406][ T5839] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 82.806544][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.860011][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.896028][ T5838] veth0_vlan: entered promiscuous mode [ 82.918944][ T5838] veth1_vlan: entered promiscuous mode [ 82.946034][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.994469][ T5838] veth0_macvtap: entered promiscuous mode [ 83.012654][ T5837] veth0_vlan: entered promiscuous mode [ 83.027475][ T5837] veth1_vlan: entered promiscuous mode [ 83.037211][ T5838] veth1_macvtap: entered promiscuous mode [ 83.078908][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.111998][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.122718][ T5837] veth0_macvtap: entered promiscuous mode [ 83.141169][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.159218][ T5837] veth1_macvtap: entered promiscuous mode [ 83.176216][ T5838] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.185316][ T5838] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.194733][ T5838] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.204186][ T5838] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.224538][ T5840] veth0_vlan: entered promiscuous mode [ 83.230608][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.242339][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.254244][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.274661][ T5840] veth1_vlan: entered promiscuous mode [ 83.290159][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.301780][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.314316][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.345962][ T5837] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.357045][ T5837] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.367500][ T5837] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.377615][ T5837] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.407536][ T5840] veth0_macvtap: entered promiscuous mode [ 83.436266][ T5840] veth1_macvtap: entered promiscuous mode [ 83.466710][ T5839] veth0_vlan: entered promiscuous mode [ 83.514929][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.529023][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.539483][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.550394][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.561460][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.580853][ T5839] veth1_vlan: entered promiscuous mode [ 83.600504][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.611222][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.621562][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.632920][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.646322][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.657580][ T5840] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.659346][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.670653][ T5840] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.674875][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.688416][ T5840] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.699830][ T5840] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.723138][ T5845] Bluetooth: hci3: command tx timeout [ 83.728619][ T5845] Bluetooth: hci0: command tx timeout [ 83.734400][ T5854] Bluetooth: hci1: command tx timeout [ 83.739858][ T5854] Bluetooth: hci2: command tx timeout [ 83.780405][ T1097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.790257][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.794470][ T5839] veth0_macvtap: entered promiscuous mode [ 83.806668][ T1097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.811564][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.859755][ T5839] veth1_macvtap: entered promiscuous mode [ 83.879853][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.890668][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.930170][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.941449][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.953211][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.964683][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.974904][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.986410][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.998241][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.042349][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.056894][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.069442][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.080504][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.098351][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.099043][ T5838] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 84.119780][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.135473][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.156332][ T5839] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.169341][ T5839] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.179229][ T5839] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.192538][ T5839] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.286408][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.301357][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.402449][ T5907] Invalid ELF header magic: != ELF [ 84.989161][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.012238][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.119135][ T3437] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.150914][ T3437] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.233429][ T4892] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.276909][ T4892] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.803958][ T5845] Bluetooth: hci0: command tx timeout [ 85.810102][ T5854] Bluetooth: hci2: command tx timeout [ 85.815909][ T5845] Bluetooth: hci1: command tx timeout [ 85.821455][ T5851] Bluetooth: hci3: command tx timeout [ 87.113411][ T5923] mmap: syz.0.1 (5923) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 87.644744][ T5942] FAULT_INJECTION: forcing a failure. [ 87.644744][ T5942] name failslab, interval 1, probability 0, space 0, times 1 [ 87.686908][ T5942] CPU: 1 UID: 0 PID: 5942 Comm: syz.2.8 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 87.686953][ T5942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 87.686974][ T5942] Call Trace: [ 87.686984][ T5942] [ 87.686998][ T5942] dump_stack_lvl+0x16c/0x1f0 [ 87.687047][ T5942] should_fail_ex+0x512/0x640 [ 87.687077][ T5942] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 87.687125][ T5942] should_failslab+0xc2/0x120 [ 87.687170][ T5942] __kmalloc_cache_noprof+0x6a/0x3e0 [ 87.687219][ T5942] ? __alloc_workqueue+0xda2/0x1810 [ 87.687274][ T5942] __alloc_workqueue+0xda2/0x1810 [ 87.687327][ T5942] alloc_workqueue+0xd2/0x200 [ 87.687373][ T5942] ? __pfx_alloc_workqueue+0x10/0x10 [ 87.687424][ T5942] ? rcu_is_watching+0x12/0xc0 [ 87.687460][ T5942] ? trace_kmalloc+0x2b/0xd0 [ 87.687497][ T5942] ? do_raw_spin_lock+0x12c/0x2b0 [ 87.687530][ T5942] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 87.687564][ T5942] ieee80211_register_hw+0x1e18/0x4020 [ 87.687613][ T5942] ? _raw_spin_unlock_irqrestore+0x1/0x80 [ 87.687648][ T5942] ? __debug_object_init+0x271/0x3d0 [ 87.687692][ T5942] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 87.687743][ T5942] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 87.687776][ T5942] ? __hrtimer_init+0xc6/0x220 [ 87.687807][ T5942] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 87.687854][ T5942] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 87.687904][ T5942] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 87.687946][ T5942] hwsim_new_radio_nl+0xb51/0x12c0 [ 87.687981][ T5942] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 87.688021][ T5942] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 87.688070][ T5942] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 87.688124][ T5942] genl_family_rcv_msg_doit+0x206/0x2f0 [ 87.688184][ T5942] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 87.688230][ T5942] ? trace_cap_capable+0x18d/0x200 [ 87.688282][ T5942] ? bpf_lsm_capable+0x9/0x10 [ 87.688319][ T5942] ? security_capable+0x7e/0x260 [ 87.688364][ T5942] ? ns_capable+0xd7/0x110 [ 87.688403][ T5942] genl_rcv_msg+0x55c/0x800 [ 87.688451][ T5942] ? __pfx_genl_rcv_msg+0x10/0x10 [ 87.688495][ T5942] ? __pfx___dev_queue_xmit+0x10/0x10 [ 87.688523][ T5942] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 87.688558][ T5942] ? __lock_acquire+0xaa4/0x1ba0 [ 87.688612][ T5942] netlink_rcv_skb+0x16a/0x440 [ 87.688651][ T5942] ? __pfx_genl_rcv_msg+0x10/0x10 [ 87.688699][ T5942] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 87.688752][ T5942] ? __pfx_down_read+0x10/0x10 [ 87.688796][ T5942] ? netlink_deliver_tap+0x1ae/0xd30 [ 87.688836][ T5942] genl_rcv+0x28/0x40 [ 87.688875][ T5942] netlink_unicast+0x53a/0x7f0 [ 87.688918][ T5942] ? __pfx_netlink_unicast+0x10/0x10 [ 87.688956][ T5942] ? __lock_acquire+0xaa4/0x1ba0 [ 87.689009][ T5942] netlink_sendmsg+0x8d1/0xdd0 [ 87.689054][ T5942] ? __pfx_netlink_sendmsg+0x10/0x10 [ 87.689104][ T5942] ____sys_sendmsg+0xa95/0xc70 [ 87.689160][ T5942] ? copy_msghdr_from_user+0x10a/0x160 [ 87.689196][ T5942] ? __pfx_____sys_sendmsg+0x10/0x10 [ 87.689253][ T5942] ___sys_sendmsg+0x134/0x1d0 [ 87.689290][ T5942] ? __pfx____sys_sendmsg+0x10/0x10 [ 87.689360][ T5942] __sys_sendmsg+0x16d/0x220 [ 87.689397][ T5942] ? __pfx___sys_sendmsg+0x10/0x10 [ 87.689433][ T5942] ? __x64_sys_futex+0x1e0/0x4c0 [ 87.689501][ T5942] ? rcu_is_watching+0x12/0xc0 [ 87.689548][ T5942] do_syscall_64+0xcd/0x260 [ 87.689591][ T5942] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.689623][ T5942] RIP: 0033:0x7fc71d58d169 [ 87.689657][ T5942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.689688][ T5942] RSP: 002b:00007fc71e338038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 87.689718][ T5942] RAX: ffffffffffffffda RBX: 00007fc71d7a5fa0 RCX: 00007fc71d58d169 [ 87.689739][ T5942] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000006 [ 87.689758][ T5942] RBP: 00007fc71d60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 87.689776][ T5942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 87.689794][ T5942] R13: 0000000000000000 R14: 00007fc71d7a5fa0 R15: 00007ffd465f23f8 [ 87.689827][ T5942] [ 88.114791][ T5845] Bluetooth: hci1: command tx timeout [ 88.120358][ T5845] Bluetooth: hci2: command tx timeout [ 88.126373][ T5845] Bluetooth: hci3: command tx timeout [ 88.131986][ T5845] Bluetooth: hci0: command tx timeout [ 89.783769][ T5957] Zero length message leads to an empty skb [ 90.497697][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 92.044691][ T9] cfg80211: failed to load regulatory.db [ 93.541642][ T6005] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 97.005010][ T6055] device-mapper: ioctl: device name cannot contain '/' [ 98.650402][ T5854] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 107.984367][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 109.360629][ T5854] Bluetooth: hci2: unexpected subevent 0x01 length: 0 < 18 [ 109.718942][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 109.969751][ T6189] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 110.428001][ T6209] process 'syz.2.59' launched ':,' with NULL argv: empty string added [ 111.972573][ T5854] Bluetooth: hci3: unexpected event 0x35 length: 14 > 6 [ 111.973376][ T6253] netlink: 28 bytes leftover after parsing attributes in process `syz.0.72'. [ 112.009552][ T6257] netlink: 20 bytes leftover after parsing attributes in process `syz.1.71'. [ 112.103206][ T6252] nbd0: detected capacity change from 0 to 68719476736 [ 112.118654][ T5850] block nbd0: Send control failed (result -22) [ 112.127923][ T5850] block nbd0: Request send failed, requeueing [ 112.143288][ T5854] block nbd0: Receive control failed (result -32) [ 112.143677][ T5932] block nbd0: Dead connection, failed to find a fallback [ 112.158139][ T5932] block nbd0: shutting down sockets [ 112.170255][ T5932] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 112.180457][ T5932] Buffer I/O error on dev nbd0, logical block 0, async page read [ 112.189295][ T5850] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 112.199258][ T5850] Buffer I/O error on dev nbd0, logical block 0, async page read [ 112.207974][ T5850] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 112.218314][ T5850] Buffer I/O error on dev nbd0, logical block 0, async page read [ 112.226293][ T5850] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 112.235562][ T5850] Buffer I/O error on dev nbd0, logical block 0, async page read [ 112.245181][ T5850] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 112.254494][ T5850] Buffer I/O error on dev nbd0, logical block 0, async page read [ 112.263745][ T5850] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 112.273034][ T5850] Buffer I/O error on dev nbd0, logical block 0, async page read [ 112.283043][ T5850] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 112.292141][ T5850] Buffer I/O error on dev nbd0, logical block 0, async page read [ 112.310259][ T5850] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 112.320071][ T5850] Buffer I/O error on dev nbd0, logical block 0, async page read [ 112.328468][ T5850] ldm_validate_partition_table(): Disk read failed. [ 112.342093][ T5850] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 112.357898][ T5850] Buffer I/O error on dev nbd0, logical block 0, async page read [ 112.375780][ T5850] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 112.394202][ T5850] Buffer I/O error on dev nbd0, logical block 0, async page read [ 112.414029][ T5850] Dev nbd0: unable to read RDB block 0 [ 112.430597][ T6264] ptrace attach of "./syz-executor exec"[5837] was attempted by "./syz-executor exec"[6264] [ 112.442236][ T5850] nbd0: unable to read partition table [ 112.472296][ T5850] ldm_validate_partition_table(): Disk read failed. [ 112.496274][ T5850] Dev nbd0: unable to read RDB block 0 [ 112.502396][ T5850] nbd0: unable to read partition table [ 112.587731][ T6270] CIFS: VFS: Unsupported security flags: 0x200 [ 114.828139][ T6317] netlink: 28 bytes leftover after parsing attributes in process `syz.2.87'. [ 114.872969][ T6317] bridge_slave_1: left allmulticast mode [ 114.878818][ T6317] bridge_slave_1: left promiscuous mode [ 114.884841][ T6320] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 114.933447][ T6317] bridge0: port 2(bridge_slave_1) entered disabled state [ 115.074975][ T6317] bridge_slave_0: left allmulticast mode [ 115.094216][ T6317] bridge_slave_0: left promiscuous mode [ 115.125681][ T6317] bridge0: port 1(bridge_slave_0) entered disabled state [ 115.887843][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 115.897839][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 115.906399][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 115.915120][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 115.953737][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.071426][ T6365] syz.0.94 uses obsolete (PF_INET,SOCK_PACKET) [ 116.113508][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.122219][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.130922][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.140089][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 116.149700][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 119.043795][ T5854] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 120.821705][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 124.398707][ T6485] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 125.099290][ T6489] FAULT_INJECTION: forcing a failure. [ 125.099290][ T6489] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 125.143792][ T6489] CPU: 0 UID: 0 PID: 6489 Comm: syz.3.120 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 125.143841][ T6489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 125.143861][ T6489] Call Trace: [ 125.143871][ T6489] [ 125.143882][ T6489] dump_stack_lvl+0x16c/0x1f0 [ 125.143948][ T6489] should_fail_ex+0x512/0x640 [ 125.143985][ T6489] _copy_from_user+0x2e/0xd0 [ 125.144022][ T6489] memdup_user+0x6b/0xe0 [ 125.144070][ T6489] udmabuf_ioctl+0x26f/0x310 [ 125.144114][ T6489] ? __pfx_udmabuf_ioctl+0x10/0x10 [ 125.144156][ T6489] ? find_held_lock+0x2b/0x80 [ 125.144196][ T6489] ? hook_file_ioctl_common+0x145/0x410 [ 125.144233][ T6489] ? __fget_files+0x20e/0x3c0 [ 125.144266][ T6489] ? __pfx_udmabuf_ioctl+0x10/0x10 [ 125.144310][ T6489] __x64_sys_ioctl+0x190/0x200 [ 125.144356][ T6489] do_syscall_64+0xcd/0x260 [ 125.144400][ T6489] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.144444][ T6489] RIP: 0033:0x7f42a9d8d169 [ 125.144481][ T6489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 125.144517][ T6489] RSP: 002b:00007f42aabe4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 125.144548][ T6489] RAX: ffffffffffffffda RBX: 00007f42a9fa6080 RCX: 00007f42a9d8d169 [ 125.144567][ T6489] RDX: 0000200000000000 RSI: 0000000040087543 RDI: 0000000000000009 [ 125.144586][ T6489] RBP: 00007f42a9e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 125.144604][ T6489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 125.144622][ T6489] R13: 0000000000000000 R14: 00007f42a9fa6080 R15: 00007fff5fed9648 [ 125.144654][ T6489] [ 125.827672][ T6496] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807fe04000 pfn:0x7fe00 [ 125.912811][ T6496] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 125.921522][ T6496] memcg:ffff888033deefc1 [ 126.001787][ T6496] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 126.087476][ T6496] page_type: f5(slab) [ 126.091570][ T6496] raw: 00fff00000000040 ffff88801b44f640 0000000000000000 0000000000000001 [ 126.205702][ T6496] raw: ffff88807fe04000 0000000000020001 00000000f5000000 ffff888033deefc1 [ 126.312818][ T6496] head: 00fff00000000040 ffff88801b44f640 0000000000000000 0000000000000001 [ 126.374363][ T6496] head: ffff88807fe04000 0000000000020001 00000000f5000000 ffff888033deefc1 [ 126.577630][ T6496] head: 00fff00000000003 ffffea0001ff8001 ffffffffffffffff 0000000000000000 [ 126.662942][ T6496] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 126.753033][ T6496] page dumped because: unmovable page [ 126.758523][ T6496] page_owner tracks the page as allocated [ 126.836452][ T6496] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd60c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_RETRY_MAYFAIL|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5839, tgid 5839 (syz-executor), ts 81918917637, free_ts 81901630523 [ 127.015963][ T6496] post_alloc_hook+0x181/0x1b0 [ 127.020860][ T6496] get_page_from_freelist+0x10c4/0x34c0 [ 127.063683][ T6496] __alloc_frozen_pages_noprof+0x223/0x24d0 [ 127.069676][ T6496] alloc_pages_mpol+0x1fb/0x540 [ 127.152830][ T6496] new_slab+0x23c/0x330 [ 127.192799][ T6496] ___slab_alloc+0xd9c/0x1940 [ 127.197598][ T6496] __slab_alloc.constprop.0+0x56/0xb0 [ 127.350559][ T6496] __kvmalloc_node_noprof+0x3a6/0x600 [ 127.445844][ T6496] alloc_netdev_mqs+0xd2/0x1570 [ 127.450816][ T6496] nsim_create+0x98/0xb00 [ 127.665861][ T6496] __nsim_dev_port_add+0x42b/0x7d0 [ 127.697795][ T6496] nsim_drv_probe+0xdca/0x1490 [ 127.767269][ T6496] really_probe+0x23e/0xa90 [ 127.835283][ T6496] __driver_probe_device+0x1de/0x440 [ 127.869200][ T6496] driver_probe_device+0x4c/0x1b0 [ 127.887387][ T6496] __device_attach_driver+0x1df/0x310 [ 127.909841][ T6496] page last free pid 5837 tgid 5837 stack trace: [ 127.938793][ T6496] free_frozen_pages+0x6d8/0xf40 [ 127.960982][ T6496] __put_partials+0x16d/0x1c0 [ 127.981202][ T6496] qlist_free_all+0x4e/0x120 [ 128.035789][ T6496] kasan_quarantine_reduce+0x195/0x1e0 [ 128.061898][ T6496] __kasan_slab_alloc+0x69/0x90 [ 128.082166][ T6496] __kmalloc_node_track_caller_noprof+0x1d3/0x510 [ 128.106314][ T6496] kstrdup+0x53/0x100 [ 128.110463][ T6496] device_rename+0x88/0x230 [ 128.138132][ T6496] netif_change_name+0x27c/0x920 [ 128.157853][ T6496] do_setlink.constprop.0+0x343a/0x4490 [ 128.178190][ T6496] rtnl_newlink+0x1446/0x2000 [ 128.222755][ T6496] rtnetlink_rcv_msg+0x95b/0xe90 [ 128.246502][ T6496] netlink_rcv_skb+0x16a/0x440 [ 128.251497][ T6496] netlink_unicast+0x53a/0x7f0 [ 128.292775][ T6496] netlink_sendmsg+0x8d1/0xdd0 [ 128.310673][ T6496] __sys_sendto+0x495/0x510 [ 129.016455][ T6529] netlink: 504 bytes leftover after parsing attributes in process `syz.0.127'. [ 129.413407][ T6536] FAULT_INJECTION: forcing a failure. [ 129.413407][ T6536] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 129.475345][ T6536] CPU: 0 UID: 0 PID: 6536 Comm: syz.0.131 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 129.475389][ T6536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 129.475406][ T6536] Call Trace: [ 129.475414][ T6536] [ 129.475425][ T6536] dump_stack_lvl+0x16c/0x1f0 [ 129.475469][ T6536] should_fail_ex+0x512/0x640 [ 129.475504][ T6536] _copy_to_iter+0x2a4/0x15a0 [ 129.475542][ T6536] ? chacha_block_generic+0x189/0x260 [ 129.475594][ T6536] ? __pfx__copy_to_iter+0x10/0x10 [ 129.475635][ T6536] ? __pfx___might_resched+0x10/0x10 [ 129.475678][ T6536] ? crng_make_state+0x48e/0x6d0 [ 129.475713][ T6536] get_random_bytes_user+0x17f/0x3c0 [ 129.475749][ T6536] ? __pfx_get_random_bytes_user+0x10/0x10 [ 129.475788][ T6536] ? do_futex+0x122/0x350 [ 129.475840][ T6536] ? import_ubuf+0x1b6/0x220 [ 129.475874][ T6536] __x64_sys_getrandom+0x183/0x290 [ 129.475909][ T6536] ? __pfx___x64_sys_getrandom+0x10/0x10 [ 129.475946][ T6536] ? xfd_validate_state+0x5d/0x180 [ 129.475982][ T6536] ? rcu_is_watching+0x12/0xc0 [ 129.476036][ T6536] do_syscall_64+0xcd/0x260 [ 129.476079][ T6536] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.476110][ T6536] RIP: 0033:0x7f930eb8d169 [ 129.476133][ T6536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 129.476166][ T6536] RSP: 002b:00007f930f955038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e [ 129.476194][ T6536] RAX: ffffffffffffffda RBX: 00007f930eda5fa0 RCX: 00007f930eb8d169 [ 129.476213][ T6536] RDX: 0000000000000003 RSI: 0000000006000000 RDI: 0000000000000000 [ 129.476230][ T6536] RBP: 00007f930ec0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 129.476247][ T6536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 129.476264][ T6536] R13: 0000000000000000 R14: 00007f930eda5fa0 R15: 00007ffde0c53408 [ 129.476296][ T6536] [ 132.218293][ T6559] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input5 [ 132.932371][ T6595] netlink: 12 bytes leftover after parsing attributes in process `syz.0.140'. [ 135.156678][ T5854] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 136.525055][ T6644] FAULT_INJECTION: forcing a failure. [ 136.525055][ T6644] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 136.696946][ T6644] CPU: 0 UID: 0 PID: 6644 Comm: syz.2.151 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 136.696992][ T6644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 136.697006][ T6644] Call Trace: [ 136.697013][ T6644] [ 136.697023][ T6644] dump_stack_lvl+0x16c/0x1f0 [ 136.697060][ T6644] should_fail_ex+0x512/0x640 [ 136.697089][ T6644] _copy_to_user+0x32/0xd0 [ 136.697118][ T6644] simple_read_from_buffer+0xcb/0x170 [ 136.697156][ T6644] proc_fail_nth_read+0x197/0x270 [ 136.697193][ T6644] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 136.697238][ T6644] ? rw_verify_area+0xcf/0x680 [ 136.697279][ T6644] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 136.697324][ T6644] vfs_read+0x1de/0xc70 [ 136.697372][ T6644] ? __pfx___mutex_lock+0x10/0x10 [ 136.697412][ T6644] ? __pfx_vfs_read+0x10/0x10 [ 136.697463][ T6644] ? __fget_files+0x20e/0x3c0 [ 136.697497][ T6644] ksys_read+0x12a/0x240 [ 136.697540][ T6644] ? __pfx_ksys_read+0x10/0x10 [ 136.697583][ T6644] ? rcu_is_watching+0x12/0xc0 [ 136.697627][ T6644] do_syscall_64+0xcd/0x260 [ 136.697667][ T6644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.697698][ T6644] RIP: 0033:0x7fc71d58bb7c [ 136.697720][ T6644] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 136.697748][ T6644] RSP: 002b:00007fc71e338030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 136.697774][ T6644] RAX: ffffffffffffffda RBX: 00007fc71d7a5fa0 RCX: 00007fc71d58bb7c [ 136.697792][ T6644] RDX: 000000000000000f RSI: 00007fc71e3380a0 RDI: 0000000000000005 [ 136.697808][ T6644] RBP: 00007fc71e338090 R08: 0000000000000000 R09: 0000000000000000 [ 136.697824][ T6644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 136.697839][ T6644] R13: 0000000000000000 R14: 00007fc71d7a5fa0 R15: 00007ffd465f23f8 [ 136.697869][ T6644] [ 137.332225][ T5854] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 137.782276][ T6657] netlink: 206 bytes leftover after parsing attributes in process `syz.0.153'. [ 138.127285][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.141290][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.661956][ T5854] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 140.499774][ T6707] Invalid ELF header magic: != ELF [ 141.476578][ T6706] snd_aloop snd_aloop.0: control 16781581:65535:6:'x?F/zF˷fC:8 is already present [ 141.518464][ T6715] delete_channel: no stack [ 142.291124][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 143.185056][ T5854] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 143.874667][ T6750] syz.2.173 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 144.766691][ T6750] netlink: 28 bytes leftover after parsing attributes in process `syz.2.173'. [ 144.872676][ T6761] netlink: 28 bytes leftover after parsing attributes in process `syz.0.174'. [ 146.746768][ T6786] sysfs_service_op_show: Client not running :-5: [ 146.778237][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 146.841834][ T5854] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 146.841877][ T5854] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 146.858339][ T5854] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 146.858407][ T5854] Bluetooth: hci2: adv larger than maximum supported [ 146.865852][ T5854] Bluetooth: hci2: Malformed LE Event: 0x0d [ 147.486138][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 149.535766][ T6843] random: crng reseeded on system resumption [ 149.830860][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 152.861670][ T5854] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 153.373987][ T6924] netlink: 28 bytes leftover after parsing attributes in process `syz.1.210'. [ 153.392186][ T6924] bridge_slave_1: left allmulticast mode [ 153.419246][ T6924] bridge_slave_1: left promiscuous mode [ 153.428967][ T6924] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.468709][ T6924] bridge_slave_0: left allmulticast mode [ 153.508509][ T6924] bridge_slave_0: left promiscuous mode [ 153.525832][ T6924] bridge0: port 1(bridge_slave_0) entered disabled state [ 154.675202][ T6947] netlink: 8 bytes leftover after parsing attributes in process `syz.1.215'. [ 155.710051][ T5854] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 156.204649][ T6978] netlink: 12 bytes leftover after parsing attributes in process `syz.1.223'. [ 157.601818][ T7001] Invalid ELF header magic: != ELF [ 157.834949][ T7000] Invalid ELF header magic: != ELF [ 158.590078][ T5854] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 158.756926][ T5854] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 158.888532][ T7029] < [ 159.061265][ T7032] Invalid ELF header magic: != ELF [ 160.584758][ T7053] rtc_cmos 00:00: Alarms can be up to one day in the future [ 160.753569][ T47] rtc_cmos 00:00: Alarms can be up to one day in the future [ 160.761361][ T47] rtc_cmos 00:00: Alarms can be up to one day in the future [ 160.808919][ T47] rtc_cmos 00:00: Alarms can be up to one day in the future [ 160.821758][ T47] rtc_cmos 00:00: Alarms can be up to one day in the future [ 160.841706][ T47] rtc rtc0: __rtc_set_alarm: err=-22 [ 161.087694][ T7069] Invalid ELF header magic: != ELF [ 161.247195][ T5854] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 165.320345][ T5854] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 166.303245][ T7151] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 166.329988][ T7151] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 166.367276][ T7151] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 166.464192][ T7151] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 166.473878][ T7151] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 166.549219][ T7151] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 166.580798][ T7151] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 166.616977][ T7151] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 166.668233][ T7151] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 166.691683][ T7151] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 166.704136][ T7151] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 166.721174][ T7151] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 166.867346][ T7166] netlink: 544 bytes leftover after parsing attributes in process `syz.3.262'. [ 167.902830][ T5845] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 167.991900][ T30] audit: type=1800 audit(4294968549.820:2): pid=7184 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.266" name="dbroot" dev="configfs" ino=12245 res=0 errno=0 [ 168.283387][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 168.515600][ T5845] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 168.523061][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 168.603924][ T5854] Bluetooth: hci3: command 0x0c1a tx timeout [ 168.762791][ T5854] Bluetooth: hci0: command 0x0c1a tx timeout [ 169.263957][ T7191] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 170.375122][ T5854] Bluetooth: hci1: command 0x0c1a tx timeout [ 170.612794][ T5854] Bluetooth: hci2: command 0x0c1a tx timeout [ 170.682866][ T5854] Bluetooth: hci3: command 0x0c1a tx timeout [ 170.842859][ T5854] Bluetooth: hci0: command 0x0c1a tx timeout [ 172.442917][ T5854] Bluetooth: hci1: command 0x0c1a tx timeout [ 172.694015][ T5854] Bluetooth: hci2: command 0x0c1a tx timeout [ 172.762848][ T5854] Bluetooth: hci3: command 0x0c1a tx timeout [ 172.923435][ T5854] Bluetooth: hci0: command 0x0c1a tx timeout [ 175.662154][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 176.901002][ T5854] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 180.637460][ T7352] netlink: 4 bytes leftover after parsing attributes in process `syz.0.304'. [ 182.157155][ T7374] FAULT_INJECTION: forcing a failure. [ 182.157155][ T7374] name failslab, interval 1, probability 0, space 0, times 0 [ 182.204690][ T7374] CPU: 1 UID: 0 PID: 7374 Comm: syz.2.311 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 182.204733][ T7374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 182.204749][ T7374] Call Trace: [ 182.204758][ T7374] [ 182.204773][ T7374] dump_stack_lvl+0x16c/0x1f0 [ 182.204817][ T7374] should_fail_ex+0x512/0x640 [ 182.204847][ T7374] ? fs_reclaim_acquire+0xae/0x150 [ 182.204892][ T7374] should_failslab+0xc2/0x120 [ 182.204925][ T7374] __kmalloc_cache_noprof+0x6a/0x3e0 [ 182.204972][ T7374] ? hub_ext_port_status+0x5e/0x670 [ 182.205020][ T7374] ? usb_control_msg+0xbc/0x4a0 [ 182.205060][ T7374] usb_control_msg+0xbc/0x4a0 [ 182.205099][ T7374] ? __pfx_usb_control_msg+0x10/0x10 [ 182.205144][ T7374] hub_ext_port_status+0x14e/0x670 [ 182.205186][ T7374] hub_activate+0x6e5/0x1be0 [ 182.205259][ T7374] ? __pfx_hub_activate+0x10/0x10 [ 182.205298][ T7374] ? find_held_lock+0x2b/0x80 [ 182.205336][ T7374] ? do_proc_control+0x5a0/0x10a0 [ 182.205372][ T7374] ? usbfs_notify_resume+0x25/0xf0 [ 182.205425][ T7374] hub_resume+0xa8/0x3f0 [ 182.205474][ T7374] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 182.205513][ T7374] ? __pfx_hub_resume+0x10/0x10 [ 182.205549][ T7374] ? __pfx_hcd_bus_resume+0x10/0x10 [ 182.205585][ T7374] usb_resume_interface.constprop.0.isra.0+0x2c2/0x3e0 [ 182.205621][ T7374] usb_resume_both+0x273/0x800 [ 182.205669][ T7374] ? __pfx_usb_resume_both+0x10/0x10 [ 182.205700][ T7374] ? __pfx_usb_runtime_resume+0x10/0x10 [ 182.205742][ T7374] ? __pfx_usb_runtime_resume+0x10/0x10 [ 182.205777][ T7374] __rpm_callback+0xc5/0x610 [ 182.205827][ T7374] ? __pfx_usb_runtime_resume+0x10/0x10 [ 182.205861][ T7374] rpm_callback+0x1b7/0x200 [ 182.205895][ T7374] ? __pfx_usb_runtime_resume+0x10/0x10 [ 182.205927][ T7374] rpm_resume+0xd0a/0x1310 [ 182.205958][ T7374] ? trace_contention_end+0xd1/0x130 [ 182.205991][ T7374] ? __pfx_rpm_resume+0x10/0x10 [ 182.206026][ T7374] ? do_raw_spin_lock+0x12c/0x2b0 [ 182.206059][ T7374] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 182.206102][ T7374] __pm_runtime_resume+0xb6/0x170 [ 182.206141][ T7374] usb_autoresume_device+0x23/0xe0 [ 182.206174][ T7374] usbdev_open+0x228/0x8b0 [ 182.206208][ T7374] ? do_raw_spin_lock+0x12c/0x2b0 [ 182.206239][ T7374] ? __pfx_usbdev_open+0x10/0x10 [ 182.206291][ T7374] ? chrdev_open+0x58c/0x6a0 [ 182.206325][ T7374] ? __pfx_usbdev_open+0x10/0x10 [ 182.206360][ T7374] chrdev_open+0x231/0x6a0 [ 182.206401][ T7374] ? __pfx_chrdev_open+0x10/0x10 [ 182.206430][ T7374] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 182.206489][ T7374] do_dentry_open+0x741/0x1c10 [ 182.206535][ T7374] ? __pfx_chrdev_open+0x10/0x10 [ 182.206567][ T7374] vfs_open+0x82/0x3f0 [ 182.206602][ T7374] path_openat+0x1e5e/0x2d40 [ 182.206637][ T7374] ? __pfx_path_openat+0x10/0x10 [ 182.206666][ T7374] do_filp_open+0x20b/0x470 [ 182.206690][ T7374] ? __pfx_do_filp_open+0x10/0x10 [ 182.206731][ T7374] ? alloc_fd+0x471/0x7d0 [ 182.206780][ T7374] do_sys_openat2+0x11b/0x1d0 [ 182.206812][ T7374] ? __pfx_do_sys_openat2+0x10/0x10 [ 182.206855][ T7374] __x64_sys_openat+0x174/0x210 [ 182.206890][ T7374] ? __pfx___x64_sys_openat+0x10/0x10 [ 182.206923][ T7374] ? rcu_is_watching+0x12/0xc0 [ 182.206958][ T7374] do_syscall_64+0xcd/0x260 [ 182.206991][ T7374] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.207016][ T7374] RIP: 0033:0x7fc71d58d169 [ 182.207054][ T7374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 182.207079][ T7374] RSP: 002b:00007fc71e338038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 182.207103][ T7374] RAX: ffffffffffffffda RBX: 00007fc71d7a5fa0 RCX: 00007fc71d58d169 [ 182.207120][ T7374] RDX: 00000000000c8842 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 182.207148][ T7374] RBP: 00007fc71d60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 182.207162][ T7374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 182.207176][ T7374] R13: 0000000000000000 R14: 00007fc71d7a5fa0 R15: 00007ffd465f23f8 [ 182.207202][ T7374] [ 182.784976][ T7374] hub 38-0:1.0: hub_ext_port_status failed (err = -12) [ 184.446206][ T5854] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 186.549481][ T7452] FAULT_INJECTION: forcing a failure. [ 186.549481][ T7452] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 186.563032][ T7452] CPU: 1 UID: 0 PID: 7452 Comm: syz.0.326 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 186.563068][ T7452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 186.563085][ T7452] Call Trace: [ 186.563093][ T7452] [ 186.563103][ T7452] dump_stack_lvl+0x16c/0x1f0 [ 186.563144][ T7452] should_fail_ex+0x512/0x640 [ 186.563176][ T7452] _copy_from_user+0x2e/0xd0 [ 186.563208][ T7452] snd_seq_oss_write+0x397/0x7d0 [ 186.563260][ T7452] ? __pfx_snd_seq_oss_write+0x10/0x10 [ 186.563310][ T7452] ? apparmor_file_permission+0x251/0x400 [ 186.563340][ T7452] ? bpf_lsm_file_permission+0x9/0x10 [ 186.563374][ T7452] odev_write+0x51/0xa0 [ 186.563412][ T7452] ? __pfx_odev_write+0x10/0x10 [ 186.563449][ T7452] vfs_writev+0x6c4/0xdc0 [ 186.563496][ T7452] ? __pfx_vfs_writev+0x10/0x10 [ 186.563574][ T7452] ? __fget_files+0x20e/0x3c0 [ 186.563599][ T7452] ? __fget_files+0x1b0/0x3c0 [ 186.563632][ T7452] ? do_writev+0x132/0x330 [ 186.563672][ T7452] do_writev+0x132/0x330 [ 186.563715][ T7452] ? __pfx_do_writev+0x10/0x10 [ 186.563767][ T7452] ? rcu_is_watching+0x12/0xc0 [ 186.563812][ T7452] do_syscall_64+0xcd/0x260 [ 186.563853][ T7452] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.563883][ T7452] RIP: 0033:0x7f930eb8d169 [ 186.563906][ T7452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.563935][ T7452] RSP: 002b:00007f930f934038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 186.563962][ T7452] RAX: ffffffffffffffda RBX: 00007f930eda6080 RCX: 00007f930eb8d169 [ 186.563980][ T7452] RDX: 8000000000000001 RSI: 0000200000000000 RDI: 0000000000000009 [ 186.563997][ T7452] RBP: 00007f930f934090 R08: 0000000000000000 R09: 0000000000000000 [ 186.564014][ T7452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 186.564029][ T7452] R13: 0000000000000000 R14: 00007f930eda6080 R15: 00007ffde0c53408 [ 186.564060][ T7452] [ 187.059297][ T5854] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 187.385320][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 189.185047][ T7491] netlink: 36 bytes leftover after parsing attributes in process `syz.3.334'. [ 189.241834][ T7501] FAULT_INJECTION: forcing a failure. [ 189.241834][ T7501] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 189.293389][ T7501] CPU: 0 UID: 0 PID: 7501 Comm: syz.0.336 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 189.293431][ T7501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 189.293448][ T7501] Call Trace: [ 189.293456][ T7501] [ 189.293466][ T7501] dump_stack_lvl+0x16c/0x1f0 [ 189.293519][ T7501] should_fail_ex+0x512/0x640 [ 189.293554][ T7501] _copy_from_user+0x2e/0xd0 [ 189.293588][ T7501] snd_seq_oss_write+0x397/0x7d0 [ 189.293643][ T7501] ? __pfx_snd_seq_oss_write+0x10/0x10 [ 189.293697][ T7501] ? apparmor_file_permission+0x251/0x400 [ 189.293729][ T7501] ? bpf_lsm_file_permission+0x9/0x10 [ 189.293766][ T7501] odev_write+0x51/0xa0 [ 189.293805][ T7501] ? __pfx_odev_write+0x10/0x10 [ 189.293845][ T7501] vfs_writev+0x6c4/0xdc0 [ 189.293896][ T7501] ? __pfx_vfs_writev+0x10/0x10 [ 189.293958][ T7501] ? __fget_files+0x20e/0x3c0 [ 189.293983][ T7501] ? __fget_files+0x1b0/0x3c0 [ 189.294016][ T7501] ? do_writev+0x132/0x330 [ 189.294055][ T7501] do_writev+0x132/0x330 [ 189.294099][ T7501] ? __pfx_do_writev+0x10/0x10 [ 189.294140][ T7501] ? rcu_is_watching+0x12/0xc0 [ 189.294186][ T7501] do_syscall_64+0xcd/0x260 [ 189.294235][ T7501] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.294263][ T7501] RIP: 0033:0x7f930eb8d169 [ 189.294285][ T7501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.294328][ T7501] RSP: 002b:00007f930f913038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 189.294354][ T7501] RAX: ffffffffffffffda RBX: 00007f930eda6160 RCX: 00007f930eb8d169 [ 189.294373][ T7501] RDX: 8000000000000001 RSI: 0000200000000000 RDI: 000000000000000a [ 189.294391][ T7501] RBP: 00007f930f913090 R08: 0000000000000000 R09: 0000000000000000 [ 189.294408][ T7501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 189.294424][ T7501] R13: 0000000000000000 R14: 00007f930eda6160 R15: 00007ffde0c53408 [ 189.294455][ T7501] [ 190.369931][ T7510] program syz.2.338 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 194.133290][ T7595] netlink: 16 bytes leftover after parsing attributes in process `syz.3.359'. [ 196.340738][ T7627] netlink: 334 bytes leftover after parsing attributes in process `syz.1.365'. [ 199.573846][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.585065][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.648001][ T5854] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 203.045211][ T5854] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 206.016873][ T5854] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 206.260133][ T5854] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 206.282961][ T5854] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 207.740779][ T7864] blk_print_req_error: 24 callbacks suppressed [ 207.740802][ T7864] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 207.768034][ T7864] buffer_io_error: 23 callbacks suppressed [ 207.768055][ T7864] Buffer I/O error on dev nbd0, logical block 0, async page read [ 207.803589][ T7864] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 207.817156][ T7864] Buffer I/O error on dev nbd0, logical block 0, async page read [ 207.830753][ T7864] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 207.848129][ T7864] Buffer I/O error on dev nbd0, logical block 0, async page read [ 207.867821][ T7864] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 207.890047][ T7864] Buffer I/O error on dev nbd0, logical block 0, async page read [ 207.920918][ T7864] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 207.994228][ T7864] Buffer I/O error on dev nbd0, logical block 0, async page read [ 208.021605][ T7864] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 208.041525][ T7864] Buffer I/O error on dev nbd0, logical block 0, async page read [ 208.067635][ T7864] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 208.095422][ T7864] Buffer I/O error on dev nbd0, logical block 0, async page read [ 208.122621][ T7864] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 208.172933][ T7864] Buffer I/O error on dev nbd0, logical block 0, async page read [ 208.232329][ T7864] ldm_validate_partition_table(): Disk read failed. [ 208.266597][ T7864] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 208.297344][ T7864] Buffer I/O error on dev nbd0, logical block 0, async page read [ 208.332517][ T7864] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 208.383160][ T7864] Buffer I/O error on dev nbd0, logical block 0, async page read [ 208.408226][ T7864] Dev nbd0: unable to read RDB block 0 [ 208.443747][ T7864] nbd0: unable to read partition table [ 210.092190][ T7924] : Can't lookup blockdev [ 210.189284][ T7921] syz.1.423(7921): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 216.722460][ T8043] [U] [ 216.725448][ T8043] [U] [ 216.728216][ T8043] [U] [ 216.730969][ T8043] [U] [ 216.739985][ T8043] [U] [ 216.742778][ T8043] [U] [ 216.745526][ T8043] [U] [ 216.748318][ T8043] [U] [ 216.761758][ T8043] [U] [ 216.764548][ T8043] [U] [ 216.767305][ T8043] [U] [ 216.770058][ T8043] [U] [ 216.813092][ T8043] [U] [ 216.815888][ T8043] [U] [ 216.818647][ T8043] [U] [ 216.821387][ T8043] [U] [ 217.023164][ T8043] [U] [ 217.026047][ T8043] [U] [ 217.028790][ T8043] [U] [ 217.031559][ T8043] [U] [ 217.447553][ T8043] [U] [ 217.450445][ T8043] [U] [ 217.453197][ T8043] [U] [ 217.455954][ T8043] [U] [ 217.503057][ T8043] [U] [ 217.505859][ T8043] [U] [ 217.508620][ T8043] [U] [ 217.511376][ T8043] [U] [ 217.519423][ T8043] [U] [ 217.522230][ T8043] [U] [ 217.524990][ T8043] [U] [ 217.527754][ T8043] [U] [ 217.531374][ T8043] [U] [ 217.534148][ T8043] [U] [ 217.536923][ T8043] [U] [ 217.539699][ T8043] [U] [ 217.560574][ T8043] [U] [ 217.563366][ T8043] [U] [ 217.566121][ T8043] [U] [ 217.568870][ T8043] [U] [ 217.641861][ T8043] [U] [ 217.644664][ T8043] [U] [ 217.647414][ T8043] [U] [ 217.650160][ T8043] [U] [ 217.653255][ T8043] [U] [ 217.656015][ T8043] [U] [ 217.658773][ T8043] [U] [ 217.661536][ T8043] [U] [ 217.693147][ T8043] [U] [ 217.695943][ T8043] [U] [ 217.698700][ T8043] [U] [ 217.701513][ T8043] [U] [ 217.742338][ T8043] [U] [ 218.465564][ T8082] netlink: 28 bytes leftover after parsing attributes in process `syz.0.458'. [ 224.353628][ T8167] netlink: 28 bytes leftover after parsing attributes in process `syz.1.475'. [ 224.599736][ T8172] netlink: 28 bytes leftover after parsing attributes in process `syz.0.474'. [ 224.661779][ T8172] Invalid ELF header magic: != ELF [ 224.921355][ T8178] Invalid ELF header magic: != ELF [ 225.025572][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 229.080542][ T8229] FAULT_INJECTION: forcing a failure. [ 229.080542][ T8229] name fail_futex, interval 1, probability 0, space 0, times 1 [ 229.133135][ T8229] CPU: 1 UID: 0 PID: 8229 Comm: syz.0.487 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 229.133182][ T8229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 229.133201][ T8229] Call Trace: [ 229.133210][ T8229] [ 229.133222][ T8229] dump_stack_lvl+0x16c/0x1f0 [ 229.133268][ T8229] should_fail_ex+0x512/0x640 [ 229.133304][ T8229] get_futex_key+0x49e/0x1000 [ 229.133363][ T8229] ? stack_trace_save+0x8e/0xc0 [ 229.133405][ T8229] ? __pfx_get_futex_key+0x10/0x10 [ 229.133445][ T8229] ? kasan_save_stack+0x42/0x60 [ 229.133473][ T8229] ? kasan_save_stack+0x33/0x60 [ 229.133501][ T8229] ? kasan_save_track+0x14/0x30 [ 229.133528][ T8229] ? __kasan_slab_alloc+0x89/0x90 [ 229.133558][ T8229] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 229.133588][ T8229] ? security_file_alloc+0x34/0x2b0 [ 229.133623][ T8229] ? init_file+0x93/0x4c0 [ 229.133655][ T8229] ? alloc_empty_file+0x73/0x1e0 [ 229.133694][ T8229] futex_wait_setup+0x78/0x290 [ 229.133730][ T8229] __futex_wait+0x266/0x3c0 [ 229.133761][ T8229] ? __pfx___futex_wait+0x10/0x10 [ 229.133796][ T8229] ? __pfx_futex_wake_mark+0x10/0x10 [ 229.133837][ T8229] futex_wait+0xe8/0x380 [ 229.133865][ T8229] ? __pfx_futex_wait+0x10/0x10 [ 229.133900][ T8229] ? percpu_counter_add_batch+0xb8/0x1f0 [ 229.133949][ T8229] ? errseq_sample+0x53/0x70 [ 229.133982][ T8229] ? file_init_path+0x4fe/0x760 [ 229.134021][ T8229] do_futex+0x229/0x350 [ 229.134065][ T8229] ? __pfx_do_futex+0x10/0x10 [ 229.134109][ T8229] ? fd_install+0x225/0x750 [ 229.134163][ T8229] __x64_sys_futex+0x1e0/0x4c0 [ 229.134209][ T8229] ? __sys_socket+0xac/0x260 [ 229.134257][ T8229] ? __pfx___x64_sys_futex+0x10/0x10 [ 229.134303][ T8229] ? rcu_is_watching+0x12/0xc0 [ 229.134356][ T8229] do_syscall_64+0xcd/0x260 [ 229.134399][ T8229] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.134430][ T8229] RIP: 0033:0x7f930eb8d169 [ 229.134454][ T8229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 229.134483][ T8229] RSP: 002b:00007f930f9550e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 229.134513][ T8229] RAX: ffffffffffffffda RBX: 00007f930eda5fa8 RCX: 00007f930eb8d169 [ 229.134532][ T8229] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f930eda5fa8 [ 229.134550][ T8229] RBP: 00007f930eda5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 229.134569][ T8229] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f930eda5fac [ 229.134588][ T8229] R13: 0000000000000000 R14: 00007ffde0c53320 R15: 00007ffde0c53408 [ 229.134620][ T8229] [ 229.784700][ T8245] netlink: 342 bytes leftover after parsing attributes in process `syz.2.490'. [ 231.188942][ T5854] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 231.777943][ T8296] random: crng reseeded on system resumption [ 234.229430][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 234.468040][ T8372] netlink: 28 bytes leftover after parsing attributes in process `syz.1.510'. [ 234.498593][ T8372] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 237.292077][ T8445] random: crng reseeded on system resumption [ 237.536021][ T5854] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 238.088319][ T8468] bond0: no command found in slaves file - use +ifname or -ifname [ 238.213316][ T8468] FAULT_INJECTION: forcing a failure. [ 238.213316][ T8468] name failslab, interval 1, probability 0, space 0, times 0 [ 238.258128][ T8468] CPU: 0 UID: 0 PID: 8468 Comm: syz.0.527 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 238.258170][ T8468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 238.258187][ T8468] Call Trace: [ 238.258196][ T8468] [ 238.258206][ T8468] dump_stack_lvl+0x16c/0x1f0 [ 238.258250][ T8468] should_fail_ex+0x512/0x640 [ 238.258279][ T8468] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 238.258338][ T8468] should_failslab+0xc2/0x120 [ 238.258370][ T8468] __kmalloc_cache_noprof+0x6a/0x3e0 [ 238.258415][ T8468] ? percpu_ref_init+0xec/0x410 [ 238.258459][ T8468] ? __pfx_io_ring_ctx_ref_free+0x10/0x10 [ 238.258491][ T8468] percpu_ref_init+0xec/0x410 [ 238.258536][ T8468] io_uring_setup+0x453/0x2090 [ 238.258584][ T8468] ? __pfx_io_uring_setup+0x10/0x10 [ 238.258629][ T8468] ? do_futex+0x122/0x350 [ 238.258670][ T8468] ? __pfx_do_futex+0x10/0x10 [ 238.258711][ T8468] ? fd_install+0x225/0x750 [ 238.258785][ T8468] ? rcu_is_watching+0x12/0xc0 [ 238.258829][ T8468] __x64_sys_io_uring_setup+0xc2/0x170 [ 238.258877][ T8468] do_syscall_64+0xcd/0x260 [ 238.258919][ T8468] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.258950][ T8468] RIP: 0033:0x7f930eb8d169 [ 238.258974][ T8468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 238.259003][ T8468] RSP: 002b:00007f930c5f4038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 238.259041][ T8468] RAX: ffffffffffffffda RBX: 00007f930eda6240 RCX: 00007f930eb8d169 [ 238.259059][ T8468] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000059 [ 238.259074][ T8468] RBP: 00007f930ec0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 238.259090][ T8468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.259105][ T8468] R13: 0000000000000000 R14: 00007f930eda6240 R15: 00007ffde0c53408 [ 238.259134][ T8468] [ 239.020194][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 239.026931][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 239.207724][ T8498] ======================================================= [ 239.207724][ T8498] WARNING: The mand mount option has been deprecated and [ 239.207724][ T8498] and is ignored by this kernel. Remove the mand [ 239.207724][ T8498] option from the mount to silence this warning. [ 239.207724][ T8498] ======================================================= [ 239.307826][ T8498] snd_aloop snd_aloop.0: control 16781581:65535:6:'x?F/zF˷fC:8 is already present [ 239.691619][ T8514] capability: warning: `syz.3.536' uses 32-bit capabilities (legacy support in use) [ 242.466224][ T8564] netlink: 326 bytes leftover after parsing attributes in process `syz.3.548'. [ 242.526971][ T8517] kexec: Could not allocate control_code_buffer [ 245.787524][ T8632] netlink: 'syz.3.561': attribute type 4 has an invalid length. [ 246.157521][ T8643] FAULT_INJECTION: forcing a failure. [ 246.157521][ T8643] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 246.247306][ T8643] CPU: 1 UID: 0 PID: 8643 Comm: syz.0.565 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 246.247365][ T8643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 246.247401][ T8643] Call Trace: [ 246.247410][ T8643] [ 246.247421][ T8643] dump_stack_lvl+0x16c/0x1f0 [ 246.247465][ T8643] should_fail_ex+0x512/0x640 [ 246.247498][ T8643] strncpy_from_user+0x3b/0x2e0 [ 246.247546][ T8643] getname_flags.part.0+0x8b/0x540 [ 246.247595][ T8643] getname_flags+0x93/0xf0 [ 246.247639][ T8643] do_sys_openat2+0xb8/0x1d0 [ 246.247673][ T8643] ? __pfx_do_sys_openat2+0x10/0x10 [ 246.247707][ T8643] ? __might_fault+0xe3/0x190 [ 246.247753][ T8643] __x64_sys_openat+0x174/0x210 [ 246.247788][ T8643] ? __pfx___x64_sys_openat+0x10/0x10 [ 246.247823][ T8643] ? rcu_is_watching+0x12/0xc0 [ 246.247874][ T8643] do_syscall_64+0xcd/0x260 [ 246.247909][ T8643] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.247939][ T8643] RIP: 0033:0x7f930eb8d169 [ 246.247960][ T8643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.247993][ T8643] RSP: 002b:00007f930f955038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 246.248036][ T8643] RAX: ffffffffffffffda RBX: 00007f930eda5fa0 RCX: 00007f930eb8d169 [ 246.248055][ T8643] RDX: 0000000000129882 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 246.248073][ T8643] RBP: 00007f930ec0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 246.248090][ T8643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 246.248107][ T8643] R13: 0000000000000000 R14: 00007f930eda5fa0 R15: 00007ffde0c53408 [ 246.248137][ T8643] [ 252.497885][ T5854] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 253.034042][ T8783] netlink: 334 bytes leftover after parsing attributes in process `syz.2.595'. [ 256.656836][ T8840] netlink: 28 bytes leftover after parsing attributes in process `syz.0.607'. [ 256.741089][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 257.138470][ T8856] netlink: 4 bytes leftover after parsing attributes in process `syz.0.614'. [ 257.159241][ T8857] netlink: 4 bytes leftover after parsing attributes in process `syz.0.614'. [ 259.331823][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 259.426275][ T5854] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 259.553490][ T30] audit: type=1800 audit(4294967371.919:3): pid=8901 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.624" name="dbroot" dev="configfs" ino=20950 res=0 errno=0 [ 261.004834][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.011892][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.211072][ T5854] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 268.583874][ T9042] netlink: 206 bytes leftover after parsing attributes in process `syz.2.653'. [ 268.670281][ T9045] netlink: 206 bytes leftover after parsing attributes in process `syz.2.653'. [ 269.098451][ T9054] netlink: 28 bytes leftover after parsing attributes in process `syz.2.656'. [ 269.313605][ T9054] team0: Port device team_slave_0 removed [ 270.751002][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 271.872465][ T9103] usbip-vudc usbip-vudc.0: gadget not bound [ 272.114963][ T9111] netlink: 191 bytes leftover after parsing attributes in process `syz.0.669'. [ 273.619487][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 273.984116][ T9143] netlink: 342 bytes leftover after parsing attributes in process `syz.3.675'. [ 274.404210][ T9155] netlink: 'syz.0.676': attribute type 2 has an invalid length. [ 276.930883][ T9186] vivid-011: ================= START STATUS ================= [ 276.946078][ T9186] vivid-011: ================== END STATUS ================== [ 280.228538][ T9271] netlink: 8 bytes leftover after parsing attributes in process `syz.1.699'. [ 282.657661][ T9297] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 283.939199][ T9331] netlink: 7 bytes leftover after parsing attributes in process `syz.2.712'. [ 285.291696][ T9356] netlink: 20 bytes leftover after parsing attributes in process `syz.2.715'. [ 286.078350][ T9367] netlink: 28 bytes leftover after parsing attributes in process `syz.1.718'. [ 286.864911][ T9376] FAULT_INJECTION: forcing a failure. [ 286.864911][ T9376] name failslab, interval 1, probability 0, space 0, times 0 [ 286.883165][ T9376] CPU: 0 UID: 0 PID: 9376 Comm: syz.1.720 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 286.883215][ T9376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 286.883233][ T9376] Call Trace: [ 286.883241][ T9376] [ 286.883250][ T9376] dump_stack_lvl+0x16c/0x1f0 [ 286.883291][ T9376] should_fail_ex+0x512/0x640 [ 286.883319][ T9376] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 286.883352][ T9376] should_failslab+0xc2/0x120 [ 286.883385][ T9376] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 286.883413][ T9376] ? d_instantiate+0x77/0x90 [ 286.883443][ T9376] ? alloc_empty_file+0x55/0x1e0 [ 286.883481][ T9376] alloc_empty_file+0x55/0x1e0 [ 286.883515][ T9376] alloc_file_pseudo+0x13a/0x230 [ 286.883551][ T9376] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 286.883586][ T9376] ? tipc_sk_finish_conn+0x580/0x790 [ 286.883630][ T9376] sock_alloc_file+0x50/0x210 [ 286.883668][ T9376] __sys_socketpair+0x34e/0x5a0 [ 286.883716][ T9376] ? __pfx___sys_socketpair+0x10/0x10 [ 286.883763][ T9376] ? xfd_validate_state+0x5d/0x180 [ 286.883797][ T9376] ? rcu_is_watching+0x12/0xc0 [ 286.883836][ T9376] __x64_sys_socketpair+0x96/0x100 [ 286.883882][ T9376] ? lockdep_hardirqs_on+0x7c/0x110 [ 286.883917][ T9376] do_syscall_64+0xcd/0x260 [ 286.883955][ T9376] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.883984][ T9376] RIP: 0033:0x7fe598f8d169 [ 286.884007][ T9376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 286.884034][ T9376] RSP: 002b:00007fe599e55038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 286.884060][ T9376] RAX: ffffffffffffffda RBX: 00007fe5991a6080 RCX: 00007fe598f8d169 [ 286.884079][ T9376] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 000000000000001e [ 286.884097][ T9376] RBP: 00007fe59900e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 286.884113][ T9376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 286.884130][ T9376] R13: 0000000000000000 R14: 00007fe5991a6080 R15: 00007ffd34283648 [ 286.884160][ T9376] [ 289.325778][ T5854] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 289.402592][ T9426] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 289.453219][ T9426] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 290.948235][ T9456] RDS: rds_bind could not find a transport for ::ffff:3.0.0.0, load rds_tcp or rds_rdma? [ 291.519398][ T9472] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 291.656336][ T9475] busy [ 292.655298][ T9486] netlink: 93 bytes leftover after parsing attributes in process `syz.1.744'. [ 292.802429][ T9489] netlink: 'syz.1.745': attribute type 21 has an invalid length. [ 292.865691][ T9489] netlink: 326 bytes leftover after parsing attributes in process `syz.1.745'. [ 293.371176][ T5854] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 293.695474][ T9506] netlink: 8 bytes leftover after parsing attributes in process `syz.1.751'. [ 294.164460][ T9519] netlink: 28 bytes leftover after parsing attributes in process `syz.1.753'. [ 297.353177][ T9576] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 297.393381][ T9576] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 297.412703][ T9576] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 297.432804][ T9576] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 297.528871][ T9587] netlink: 342 bytes leftover after parsing attributes in process `syz.0.768'. [ 298.375164][ T9596] tipc: Started in network mode [ 298.380333][ T9596] tipc: Node identity ee00, cluster identity 4711 [ 298.412267][ T9596] tipc: Node number set to 60928 [ 299.002836][ T5854] Bluetooth: hci1: command 0x0c1a tx timeout [ 299.402837][ T5854] Bluetooth: hci2: command 0x0c1a tx timeout [ 299.408945][ T5854] Bluetooth: hci3: command 0x0c1a tx timeout [ 299.482845][ T5854] Bluetooth: hci0: command 0x0c1a tx timeout [ 300.005173][ T9656] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 300.042855][ T9656] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 301.173418][ T9679] openvswitch: netlink: Tunnel attr 242 out of range max 16 [ 301.315334][ T9679] Invalid ELF header magic: != ELF [ 301.423350][ T9679] Invalid ELF header magic: != ELF [ 301.435645][ T9692] [U]  [ 301.438537][ T9692] [U] [ 301.441294][ T9692] [U] [ 301.444032][ T9692] [U] [ 301.504493][ T9692] [U] [ 301.507293][ T9692] [U] [ 301.510054][ T9692] [U] [ 301.512823][ T9692] [U] [ 301.524159][ T5854] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 301.556494][ T9692] [U] [ 301.559297][ T9692] [U] [ 301.562063][ T9692] [U] [ 301.564819][ T9692] [U] [ 301.578231][ T9692] [U] [ 301.581032][ T9692] [U] [ 301.583782][ T9692] [U] [ 301.586529][ T9692] [U] [ 301.611305][ T9692] [U] [ 301.614115][ T9692] [U] [ 301.616872][ T9692] [U] [ 301.619633][ T9692] [U] [ 301.664886][ T9692] [U] [ 301.667693][ T9692] [U] [ 301.670438][ T9692] [U] [ 301.673184][ T9692] [U] [ 301.696836][ T9692] [U] [ 301.699645][ T9692] [U] [ 301.702421][ T9692] [U] [ 301.705182][ T9692] [U] [ 301.727407][ T9684] [U] [ 302.894629][ T9718] netlink: 12 bytes leftover after parsing attributes in process `syz.3.799'. [ 304.769338][ T9740] netlink: 28 bytes leftover after parsing attributes in process `syz.1.804'. [ 304.805219][ T9740] team_slave_0: entered allmulticast mode [ 305.467861][ T9752] netlink: 4 bytes leftover after parsing attributes in process `syz.2.807'. [ 305.477824][ T9752] netlink: 354 bytes leftover after parsing attributes in process `syz.2.807'. [ 310.233371][ T9804] vivid-007: ================= START STATUS ================= [ 310.246124][ T9804] vivid-007: Generate PTS: true [ 310.252814][ T9804] vivid-007: Generate SCR: true [ 310.262862][ T9804] tpg source WxH: 640x360 (Y'CbCr) [ 310.268032][ T9804] tpg field: 1 [ 310.271430][ T9804] tpg crop: (0,0)/640x360 [ 310.300910][ T9804] tpg compose: (0,0)/640x360 [ 310.306614][ T9804] tpg colorspace: 8 [ 310.310526][ T9804] tpg transfer function: 0/0 [ 310.315913][ T9804] tpg Y'CbCr encoding: 0/0 [ 310.320403][ T9804] tpg quantization: 0/0 [ 310.337516][ T9804] tpg RGB range: 0/2 [ 310.341472][ T9804] vivid-007: ================== END STATUS ================== [ 310.380445][ T9834] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 311.318880][ T9873] sp0: Synchronizing with TNC [ 314.460581][ T5854] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 316.036253][ T30] audit: type=1326 audit(4294967492.417:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9961 comm="syz.2.857" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc71d58d169 code=0x0 [ 316.905674][ T9979] netlink: 'syz.2.859': attribute type 16 has an invalid length. [ 316.922868][ T9979] netlink: 330 bytes leftover after parsing attributes in process `syz.2.859'. [ 320.113850][T10036] FAULT_INJECTION: forcing a failure. [ 320.113850][T10036] name failslab, interval 1, probability 0, space 0, times 0 [ 320.132797][T10036] CPU: 0 UID: 0 PID: 10036 Comm: syz.0.873 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 320.132838][T10036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 320.132854][T10036] Call Trace: [ 320.132862][T10036] [ 320.132873][T10036] dump_stack_lvl+0x16c/0x1f0 [ 320.132915][T10036] should_fail_ex+0x512/0x640 [ 320.132944][T10036] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 320.132979][T10036] should_failslab+0xc2/0x120 [ 320.133013][T10036] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 320.133043][T10036] ? pcpu_alloc_noprof+0x1f4/0x14b0 [ 320.133081][T10036] ? alloc_inode+0xc3/0x240 [ 320.133122][T10036] alloc_inode+0xc3/0x240 [ 320.133159][T10036] alloc_anon_inode+0x28/0x3e0 [ 320.133188][T10036] ioctx_alloc+0x4ad/0x2060 [ 320.133245][T10036] ? find_held_lock+0x2b/0x80 [ 320.133283][T10036] ? __pfx_ioctx_alloc+0x10/0x10 [ 320.133327][T10036] ? __might_fault+0x13b/0x190 [ 320.133369][T10036] __x64_sys_io_setup+0xc9/0x210 [ 320.133418][T10036] do_syscall_64+0xcd/0x260 [ 320.133458][T10036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 320.133488][T10036] RIP: 0033:0x7f930eb8d169 [ 320.133511][T10036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 320.133538][T10036] RSP: 002b:00007f930f955038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 320.133565][T10036] RAX: ffffffffffffffda RBX: 00007f930eda5fa0 RCX: 00007f930eb8d169 [ 320.133584][T10036] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 320.133601][T10036] RBP: 00007f930ec0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 320.133617][T10036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 320.133633][T10036] R13: 0000000000000000 R14: 00007f930eda5fa0 R15: 00007ffde0c53408 [ 320.133664][T10036] [ 320.863747][T10052] FAULT_INJECTION: forcing a failure. [ 320.863747][T10052] name failslab, interval 1, probability 0, space 0, times 0 [ 320.936367][T10052] CPU: 0 UID: 0 PID: 10052 Comm: syz.0.876 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 320.936416][T10052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 320.936434][T10052] Call Trace: [ 320.936443][T10052] [ 320.936456][T10052] dump_stack_lvl+0x16c/0x1f0 [ 320.936503][T10052] should_fail_ex+0x512/0x640 [ 320.936535][T10052] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 320.936587][T10052] should_failslab+0xc2/0x120 [ 320.936635][T10052] __kmalloc_cache_noprof+0x6a/0x3e0 [ 320.936684][T10052] ? single_open+0x4d/0x1f0 [ 320.936725][T10052] ? __pfx_snd_info_seq_show+0x10/0x10 [ 320.936766][T10052] single_open+0x4d/0x1f0 [ 320.936805][T10052] snd_info_text_entry_open+0x175/0x2a0 [ 320.936850][T10052] ? __pfx_snd_info_text_entry_open+0x10/0x10 [ 320.936893][T10052] ? trace_kmem_cache_alloc+0x28/0xc0 [ 320.936931][T10052] ? __pfx_apparmor_file_open+0x10/0x10 [ 320.936971][T10052] ? proc_reg_open+0x21d/0x610 [ 320.937003][T10052] ? __pfx_snd_info_text_entry_open+0x10/0x10 [ 320.937050][T10052] proc_reg_open+0x286/0x610 [ 320.937083][T10052] do_dentry_open+0x741/0x1c10 [ 320.937129][T10052] ? __pfx_proc_reg_open+0x10/0x10 [ 320.937165][T10052] vfs_open+0x82/0x3f0 [ 320.937201][T10052] path_openat+0x1e5e/0x2d40 [ 320.937237][T10052] ? __pfx_path_openat+0x10/0x10 [ 320.937271][T10052] do_filp_open+0x20b/0x470 [ 320.937298][T10052] ? __pfx_do_filp_open+0x10/0x10 [ 320.937368][T10052] ? alloc_fd+0x471/0x7d0 [ 320.937423][T10052] do_sys_openat2+0x11b/0x1d0 [ 320.937458][T10052] ? __pfx_do_sys_openat2+0x10/0x10 [ 320.937517][T10052] __x64_sys_openat+0x174/0x210 [ 320.937553][T10052] ? __pfx___x64_sys_openat+0x10/0x10 [ 320.937590][T10052] ? rcu_is_watching+0x12/0xc0 [ 320.937634][T10052] do_syscall_64+0xcd/0x260 [ 320.937675][T10052] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 320.937706][T10052] RIP: 0033:0x7f930eb8d169 [ 320.937730][T10052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 320.937761][T10052] RSP: 002b:00007f930f955038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 320.937790][T10052] RAX: ffffffffffffffda RBX: 00007f930eda5fa0 RCX: 00007f930eb8d169 [ 320.937809][T10052] RDX: 00000000001c1080 RSI: 0000200000001080 RDI: ffffffffffffff9c [ 320.937827][T10052] RBP: 00007f930ec0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 320.937844][T10052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 320.937879][T10052] R13: 0000000000000000 R14: 00007f930eda5fa0 R15: 00007ffde0c53408 [ 320.937913][T10052] [ 321.773692][T10067] netlink: 12 bytes leftover after parsing attributes in process `syz.0.880'. [ 322.448179][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.462994][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.639542][T10087] netlink: 4 bytes leftover after parsing attributes in process `syz.2.882'. [ 322.667818][T10087] netlink: 25 bytes leftover after parsing attributes in process `syz.2.882'. [ 322.977760][T10094] netlink: 28 bytes leftover after parsing attributes in process `syz.2.884'. [ 323.800999][T10109] Invalid ELF header magic: != ELF [ 325.470054][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 326.165451][T10139] FAULT_INJECTION: forcing a failure. [ 326.165451][T10139] name fail_futex, interval 1, probability 0, space 0, times 0 [ 326.262336][T10139] CPU: 0 UID: 0 PID: 10139 Comm: syz.2.893 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 326.262385][T10139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 326.262403][T10139] Call Trace: [ 326.262413][T10139] [ 326.262424][T10139] dump_stack_lvl+0x16c/0x1f0 [ 326.262471][T10139] should_fail_ex+0x512/0x640 [ 326.262509][T10139] get_futex_key+0x49e/0x1000 [ 326.262557][T10139] ? __pfx_get_futex_key+0x10/0x10 [ 326.262603][T10139] ? mmap_region+0x1ee/0x3f0 [ 326.262646][T10139] futex_wake+0xe7/0x4e0 [ 326.262674][T10139] ? __pfx_userfaultfd_unmap_complete+0x10/0x10 [ 326.262734][T10139] ? __pfx_futex_wake+0x10/0x10 [ 326.262766][T10139] ? up_write+0x1b2/0x520 [ 326.262800][T10139] do_futex+0x1e3/0x350 [ 326.262841][T10139] ? __pfx_do_futex+0x10/0x10 [ 326.262890][T10139] __x64_sys_futex+0x1e0/0x4c0 [ 326.262936][T10139] ? __pfx___x64_sys_futex+0x10/0x10 [ 326.262977][T10139] ? ksys_mmap_pgoff+0x85/0x5c0 [ 326.263019][T10139] ? rcu_is_watching+0x12/0xc0 [ 326.263063][T10139] do_syscall_64+0xcd/0x260 [ 326.263109][T10139] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 326.263139][T10139] RIP: 0033:0x7fc71d58d169 [ 326.263161][T10139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 326.263188][T10139] RSP: 002b:00007fc71e3380e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 326.263216][T10139] RAX: ffffffffffffffda RBX: 00007fc71d7a5fa8 RCX: 00007fc71d58d169 [ 326.263234][T10139] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc71d7a5fac [ 326.263251][T10139] RBP: 00007fc71d7a5fa0 R08: 00007fc71e339000 R09: 0000000000000000 [ 326.263268][T10139] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc71d7a5fac [ 326.263285][T10139] R13: 0000000000000000 R14: 00007ffd465f2310 R15: 00007ffd465f23f8 [ 326.263315][T10139] [ 326.810724][T10158] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 326.960571][T10161] netlink: 342 bytes leftover after parsing attributes in process `syz.3.899'. [ 326.994228][T10162] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 327.869176][T10175] : Can't lookup blockdev [ 327.921925][T10177] netlink: 28 bytes leftover after parsing attributes in process `syz.0.902'. [ 327.978716][T10177] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode [ 328.499327][T10194] nfs4: Unknown parameter 'nfsd' [ 328.551066][T10194] sd 0:0:1:0: PR command failed: 1026 [ 328.567198][T10194] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 328.582898][T10194] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 330.725584][T10238] snd_aloop snd_aloop.0: control 16781581:65535:6:'x?F/zF˷fC:8 is already present [ 330.829920][T10223] kexec: Could not allocate control_code_buffer [ 331.160036][T10250] netlink: 28 bytes leftover after parsing attributes in process `syz.0.919'. [ 331.773170][ T5854] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 332.332740][T10290] netlink: 342 bytes leftover after parsing attributes in process `syz.2.928'. [ 333.166307][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 333.350598][T10309] netlink: 20 bytes leftover after parsing attributes in process `syz.0.933'. [ 333.399856][T10309] netlink: 32 bytes leftover after parsing attributes in process `syz.0.933'. [ 334.841050][T10346] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 334.852952][T10346] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 334.870206][T10346] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 334.889509][T10346] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 335.367019][T10360] netlink: 8 bytes leftover after parsing attributes in process `syz.2.946'. [ 335.438574][ T5854] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5 [ 336.843266][ T5854] Bluetooth: hci1: command 0x0c1a tx timeout [ 336.895367][T10373] netlink: 4 bytes leftover after parsing attributes in process `syz.3.949'. [ 336.923753][ T5854] Bluetooth: hci0: command 0x0c1a tx timeout [ 336.923772][ T5845] Bluetooth: hci3: command 0x0c1a tx timeout [ 336.923814][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 336.946709][T10376] netlink: 354 bytes leftover after parsing attributes in process `syz.3.949'. [ 337.000352][ T5845] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 337.198321][T10380] netlink: 8 bytes leftover after parsing attributes in process `syz.2.951'. [ 338.033875][T10394] netlink: 28 bytes leftover after parsing attributes in process `syz.2.954'. [ 340.057740][ T5845] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 342.333366][T10455] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 342.372900][T10455] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 342.393075][T10455] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 342.410027][T10455] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 343.802731][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 344.450062][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 344.456244][ T5153] Bluetooth: hci3: command 0x0c1a tx timeout [ 344.456265][ T5854] Bluetooth: hci2: command 0x0c1a tx timeout [ 344.795647][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 344.907955][ T30] audit: type=1800 audit(4294967569.283:5): pid=10503 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.979" name="SYSV0000000a" dev="hugetlbfs" ino=0 res=0 errno=0 [ 345.545776][T10527] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 348.206552][ T5854] Bluetooth: hci3: unexpected event 0x1d length: 6 > 5 [ 348.771747][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 348.838307][T10579] netlink: 28 bytes leftover after parsing attributes in process `syz.2.991'. [ 349.689262][T10587] Invalid ELF header magic: != ELF [ 350.246211][T10598] netlink: 28 bytes leftover after parsing attributes in process `syz.1.992'. [ 351.191398][T10605] FAULT_INJECTION: forcing a failure. [ 351.191398][T10605] name failslab, interval 1, probability 0, space 0, times 0 [ 351.204281][T10605] CPU: 1 UID: 0 PID: 10605 Comm: syz.1.997 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 351.204324][T10605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 351.204344][T10605] Call Trace: [ 351.204353][T10605] [ 351.204365][T10605] dump_stack_lvl+0x16c/0x1f0 [ 351.204412][T10605] should_fail_ex+0x512/0x640 [ 351.204455][T10605] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 351.204510][T10605] should_failslab+0xc2/0x120 [ 351.204547][T10605] __kmalloc_cache_noprof+0x6a/0x3e0 [ 351.204597][T10605] ? copy_net_ns+0x135/0x5f0 [ 351.204647][T10605] copy_net_ns+0x135/0x5f0 [ 351.204689][T10605] ? copy_cgroup_ns+0xa4/0x6f0 [ 351.204734][T10605] create_new_namespaces+0x3ea/0xad0 [ 351.204788][T10605] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 351.204838][T10605] ksys_unshare+0x45b/0xa40 [ 351.204889][T10605] ? __pfx_ksys_unshare+0x10/0x10 [ 351.204937][T10605] ? xfd_validate_state+0x5d/0x180 [ 351.204974][T10605] ? rcu_is_watching+0x12/0xc0 [ 351.205021][T10605] __x64_sys_unshare+0x31/0x40 [ 351.205072][T10605] do_syscall_64+0xcd/0x260 [ 351.205115][T10605] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.205147][T10605] RIP: 0033:0x7fe598f8d169 [ 351.205171][T10605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 351.205202][T10605] RSP: 002b:00007fe599e76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 351.205232][T10605] RAX: ffffffffffffffda RBX: 00007fe5991a5fa0 RCX: 00007fe598f8d169 [ 351.205252][T10605] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 351.205270][T10605] RBP: 00007fe59900e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 351.205288][T10605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 351.205306][T10605] R13: 0000000000000000 R14: 00007fe5991a5fa0 R15: 00007ffd34283648 [ 351.205339][T10605] [ 355.199442][ T5854] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 355.559516][T10679] Invalid ELF header magic: != ELF [ 356.035743][ T5854] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 358.817013][T10721] netlink: 206 bytes leftover after parsing attributes in process `syz.1.1020'. [ 359.282484][T10729] zswap: compressor not available [ 359.755670][ T5854] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 360.150015][T10755] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1029'. [ 361.360914][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 361.453515][T10781] netlink: 222 bytes leftover after parsing attributes in process `syz.1.1032'. [ 361.503802][T10781] netlink: 222 bytes leftover after parsing attributes in process `syz.1.1032'. [ 362.038062][T10786] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 363.022503][T10808] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1039'. [ 364.298708][T10823] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1043'. [ 365.673500][T10873] Invalid ELF header magic: != ELF [ 365.784503][T10876] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1052'. [ 366.005338][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 366.490060][T10886] HfR: entered promiscuous mode [ 366.528766][T10886] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1054'. [ 366.542921][T10886] HfR: left promiscuous mode [ 366.822704][T10852] cgroup: fork rejected by pids controller in /syz1 [ 366.953122][T10881] could not allocate digest TFM handle [ 366.955006][T10905] Invalid ELF header magic: != ELF [ 367.355867][ T5854] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 367.355913][ T5854] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 368.036029][T11030] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1061'. [ 368.159078][T11034] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1062'. [ 369.930551][T11077] random: crng reseeded on system resumption [ 370.274883][T11087] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1075'. [ 370.576815][ T5854] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 370.927923][T11100] ptrace attach of "./syz-executor exec"[5840] was attempted by "./syz-executor exec"[11100] [ 372.959879][T11136] FAULT_INJECTION: forcing a failure. [ 372.959879][T11136] name fail_futex, interval 1, probability 0, space 0, times 0 [ 373.001117][T11136] CPU: 0 UID: 0 PID: 11136 Comm: syz.2.1084 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 373.001180][T11136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 373.001210][T11136] Call Trace: [ 373.001218][T11136] [ 373.001229][T11136] dump_stack_lvl+0x16c/0x1f0 [ 373.001271][T11136] should_fail_ex+0x512/0x640 [ 373.001305][T11136] get_futex_key+0x1c2/0x1000 [ 373.001349][T11136] ? __pfx_get_futex_key+0x10/0x10 [ 373.001397][T11136] futex_wake+0xe7/0x4e0 [ 373.001421][T11136] ? rcu_is_watching+0x12/0xc0 [ 373.001459][T11136] ? __pfx_futex_wake+0x10/0x10 [ 373.001515][T11136] do_futex+0x1e3/0x350 [ 373.001557][T11136] ? __pfx_do_futex+0x10/0x10 [ 373.001597][T11136] ? __might_fault+0xe3/0x190 [ 373.001639][T11136] mm_release+0x24e/0x300 [ 373.001677][T11136] do_exit+0x89b/0x2d90 [ 373.001701][T11136] ? __pfx_futex_wake_mark+0x10/0x10 [ 373.001734][T11136] ? __pfx_do_exit+0x10/0x10 [ 373.001759][T11136] ? do_raw_spin_lock+0x12c/0x2b0 [ 373.001792][T11136] ? find_held_lock+0x2b/0x80 [ 373.001834][T11136] do_group_exit+0xd3/0x2a0 [ 373.001862][T11136] get_signal+0x2673/0x26d0 [ 373.001904][T11136] ? vfs_write+0x81a/0x1180 [ 373.001954][T11136] ? __pfx_get_signal+0x10/0x10 [ 373.001994][T11136] ? do_futex+0x122/0x350 [ 373.002036][T11136] ? __pfx_do_futex+0x10/0x10 [ 373.002081][T11136] arch_do_signal_or_restart+0x8f/0x7d0 [ 373.002129][T11136] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 373.002182][T11136] ? ksys_write+0x1b9/0x240 [ 373.002233][T11136] ? __pfx_ksys_write+0x10/0x10 [ 373.002278][T11136] ? rcu_is_watching+0x12/0xc0 [ 373.002320][T11136] syscall_exit_to_user_mode+0x150/0x2a0 [ 373.002360][T11136] do_syscall_64+0xda/0x260 [ 373.002401][T11136] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 373.002432][T11136] RIP: 0033:0x7fc71d58d169 [ 373.002455][T11136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 373.002483][T11136] RSP: 002b:00007fc71e3170e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 373.002511][T11136] RAX: fffffffffffffe00 RBX: 00007fc71d7a6088 RCX: 00007fc71d58d169 [ 373.002531][T11136] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fc71d7a6088 [ 373.002548][T11136] RBP: 00007fc71d7a6080 R08: 0000000000000000 R09: 0000000000000000 [ 373.002564][T11136] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc71d7a608c [ 373.002582][T11136] R13: 0000000000000000 R14: 00007ffd465f2310 R15: 00007ffd465f23f8 [ 373.002616][T11136] [ 373.952019][ T5854] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 376.201903][T11215] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1101'. [ 376.616216][T11225] kernel read not supported for file /\*)A (pid: 11225 comm: syz.3.1104) [ 376.706110][ T30] audit: type=1800 audit(4294967660.015:6): pid=11225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1104" name="\*)A" dev="mqueue" ino=33817 res=0 errno=0 [ 376.836169][ T5854] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 377.060347][T11233] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 377.073706][T11229] sctp: [Deprecated]: syz.3.1105 (pid 11229) Use of int in maxseg socket option. [ 377.073706][T11229] Use struct sctp_assoc_value instead [ 383.162444][ T30] audit: type=1800 audit(4294967674.531:7): pid=11306 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1120" name="members" dev="configfs" ino=34959 res=0 errno=0 [ 383.885171][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.891561][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 385.303723][T11335] random: crng reseeded on system resumption [ 385.393748][T11334] sg_write: process 1138 (syz.2.1126) changed security contexts after opening file descriptor, this is not allowed. [ 389.082528][T11377] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 391.520309][T11403] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1142'. [ 394.402281][T11437] Invalid ELF header magic: != ELF [ 395.078017][T11440] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 395.084368][T11440] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 395.101865][T11440] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 395.123030][T11440] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 396.602713][ T5854] Bluetooth: hci1: command 0x0c1a tx timeout [ 396.723780][T11457] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 397.165197][ T5854] Bluetooth: hci0: command 0x0c1a tx timeout [ 397.171333][ T5854] Bluetooth: hci3: command 0x0c1a tx timeout [ 397.179275][ T5854] Bluetooth: hci2: command 0x0c1a tx timeout [ 398.160892][T11478] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 398.329269][T11478] FAULT_INJECTION: forcing a failure. [ 398.329269][T11478] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 398.392705][T11478] CPU: 1 UID: 0 PID: 11478 Comm: syz.1.1160 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 398.392770][T11478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 398.392787][T11478] Call Trace: [ 398.392795][T11478] [ 398.392806][T11478] dump_stack_lvl+0x16c/0x1f0 [ 398.392851][T11478] should_fail_ex+0x512/0x640 [ 398.392886][T11478] _copy_from_user+0x2e/0xd0 [ 398.392920][T11478] do_pages_stat+0x1dc/0x850 [ 398.392969][T11478] ? __pfx_do_pages_stat+0x10/0x10 [ 398.393029][T11478] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 398.393066][T11478] ? lockdep_hardirqs_on+0x7c/0x110 [ 398.393103][T11478] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 398.393142][T11478] kernel_move_pages+0x106e/0x1550 [ 398.393193][T11478] ? __pfx_kernel_move_pages+0x10/0x10 [ 398.393238][T11478] ? __x64_sys_futex+0x1e0/0x4c0 [ 398.393283][T11478] ? __x64_sys_futex+0x1e9/0x4c0 [ 398.393329][T11478] ? xfd_validate_state+0x5d/0x180 [ 398.393365][T11478] ? rcu_is_watching+0x12/0xc0 [ 398.393406][T11478] __x64_sys_move_pages+0xe0/0x1c0 [ 398.393455][T11478] ? do_syscall_64+0x91/0x260 [ 398.393494][T11478] ? lockdep_hardirqs_on+0x7c/0x110 [ 398.393531][T11478] do_syscall_64+0xcd/0x260 [ 398.393573][T11478] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 398.393605][T11478] RIP: 0033:0x7fe598f8d169 [ 398.393630][T11478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 398.393659][T11478] RSP: 002b:00007fe599e76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 398.393688][T11478] RAX: ffffffffffffffda RBX: 00007fe5991a5fa0 RCX: 00007fe598f8d169 [ 398.393707][T11478] RDX: 0000000000000000 RSI: 0000000000001002 RDI: 0000000000000000 [ 398.393732][T11478] RBP: 00007fe59900e2a0 R08: 0000000000000000 R09: 0000000000000002 [ 398.393749][T11478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 398.393766][T11478] R13: 0000000000000000 R14: 00007fe5991a5fa0 R15: 00007ffd34283648 [ 398.393798][T11478] [ 398.805222][T11484] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 398.839565][T11485] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 398.993716][T11490] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 399.169525][T11495] openvswitch: netlink: Message has 213 unknown bytes. [ 401.495096][T11533] tipc: Started in network mode [ 401.500093][T11533] tipc: Node identity 8e4e6f15, cluster identity 4711 [ 401.553037][T11533] tipc: Node number set to 2387504917 [ 402.588672][T11551] [U] [ 402.591506][T11551] [U] [ 402.594302][T11551] [U] [ 402.597053][T11551] [U] [ 402.631797][T11551] [U] [ 402.634612][T11551] [U] [ 402.637360][T11551] [U] [ 402.640112][T11551] [U] [ 402.724578][T11550] [U] [ 404.343883][T11237] syz.2.1107 (11237) used greatest stack depth: 20040 bytes left [ 405.439503][T11577] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1187'. [ 406.008943][T11242] syz.2.1107 (11242) used greatest stack depth: 19800 bytes left [ 406.214118][T11597] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1192'. [ 406.223601][T11597] mac80211_hwsim hwsim8 wlan0: entered promiscuous mode [ 406.248187][T11598] device-mapper: ioctl: Unable to rename non-existent device, to [ 406.999237][T11603] Invalid ELF header magic: != ELF [ 409.166605][T11656] Invalid ELF header magic: != ELF [ 409.857403][T11662] FAULT_INJECTION: forcing a failure. [ 409.857403][T11662] name failslab, interval 1, probability 0, space 0, times 0 [ 409.996806][T11662] CPU: 1 UID: 0 PID: 11662 Comm: syz.0.1208 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 409.996848][T11662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 409.996865][T11662] Call Trace: [ 409.996874][T11662] [ 409.996885][T11662] dump_stack_lvl+0x16c/0x1f0 [ 409.996928][T11662] should_fail_ex+0x512/0x640 [ 409.996959][T11662] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 409.996992][T11662] should_failslab+0xc2/0x120 [ 409.997026][T11662] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 409.997057][T11662] ? vm_area_alloc+0x134/0x230 [ 409.997100][T11662] vm_area_alloc+0x134/0x230 [ 409.997140][T11662] alloc_bprm+0x42a/0xdd0 [ 409.997187][T11662] do_execveat_common.isra.0+0x1ce/0x610 [ 409.997239][T11662] __x64_sys_execve+0x8e/0xb0 [ 409.997294][T11662] do_syscall_64+0xcd/0x260 [ 409.997338][T11662] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 409.997368][T11662] RIP: 0033:0x7f930eb8d169 [ 409.997390][T11662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 409.997418][T11662] RSP: 002b:00007f930f934038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 409.997445][T11662] RAX: ffffffffffffffda RBX: 00007f930eda6080 RCX: 00007f930eb8d169 [ 409.997463][T11662] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000001c0 [ 409.997480][T11662] RBP: 00007f930ec0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 409.997497][T11662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 409.997513][T11662] R13: 0000000000000000 R14: 00007f930eda6080 R15: 00007ffde0c53408 [ 409.997544][T11662] [ 410.226202][T11666] openvswitch: netlink: Key 20 has unexpected len 16 expected 4 [ 410.289126][T11250] syz.2.1108 (11250) used greatest stack depth: 18792 bytes left [ 410.370401][T11670] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1210'. [ 412.761487][ T30] audit: type=1806 audit(4294967711.964:8): xattr="0" res=-22 [ 412.862882][ T5845] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 413.055560][ T5845] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 415.029738][T11770] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 419.013684][ T5845] Bluetooth: hci0: unexpected subevent 0x01 length: 125 > 18 [ 419.021314][ T5845] Bluetooth: hci0: Invalid handle: 0x1e1a > 0x0eff [ 419.483856][T11830] netlink: ct family unspecified [ 421.074121][ T5845] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 422.441491][T11851] rtc_cmos 00:00: Alarms can be up to one day in the future [ 422.719405][ T5881] rtc_cmos 00:00: Alarms can be up to one day in the future [ 422.748852][ T5881] rtc_cmos 00:00: Alarms can be up to one day in the future [ 422.777263][ T5881] rtc_cmos 00:00: Alarms can be up to one day in the future [ 422.798303][ T5881] rtc_cmos 00:00: Alarms can be up to one day in the future [ 422.820563][ T5881] rtc rtc0: __rtc_set_alarm: err=-22 [ 423.253396][T11890] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1256'. [ 424.247221][T11912] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1262'. [ 424.268614][T11909] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 424.458563][T11915] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 425.249234][T11927] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input13 [ 426.582941][T11957] i2c i2c-0: new_device: Can't parse I2C address [ 427.153912][T11965] svc: failed to register nfsdv3 RPC service (errno 512). [ 427.284379][T11965] svc: failed to register nfsaclv3 RPC service (errno 512). [ 427.765933][ T5845] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 428.664189][T11985] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 429.925613][T11988] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1278'. [ 430.388093][ T5845] Bluetooth: hci2: Unable to find connection for big 0xd2 [ 431.750526][T12062] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1294'. [ 431.876717][T12062] Invalid ELF header magic: != ELF [ 433.397067][T12116] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1302'. [ 437.202886][ T5854] Bluetooth: hci2: Unable to find connection for big 0xd2 [ 437.986869][T12217] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1317'. [ 438.002816][T12212] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1316'. [ 439.006238][ T5854] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 439.533029][T12250] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 439.574456][T12248] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 441.165903][ T5854] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 441.248083][ T5854] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 442.410613][ T5854] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 444.586909][ T5845] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 444.972302][T12348] netlink: zone id is out of range [ 444.982666][T12348] netlink: zone id is out of range [ 444.987830][T12348] netlink: zone id is out of range [ 445.052634][T12348] netlink: zone id is out of range [ 445.057817][T12348] netlink: zone id is out of range [ 445.078018][T12355] netlink: zone id is out of range [ 445.102817][T12355] netlink: zone id is out of range [ 445.113050][T12348] netlink: zone id is out of range [ 445.124300][T12355] netlink: zone id is out of range [ 445.140508][T12348] netlink: zone id is out of range [ 445.324864][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.331290][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 446.035332][T12364] svc: failed to register nfsdv3 RPC service (errno 111). [ 446.144428][T12364] svc: failed to register nfsaclv3 RPC service (errno 111). [ 446.604638][T12377] netlink: 'syz.1.1350': attribute type 3 has an invalid length. [ 446.656310][T12377] netlink: 'syz.1.1350': attribute type 3 has an invalid length. [ 446.714564][T12377] netlink: 'syz.1.1350': attribute type 3 has an invalid length. [ 446.734615][T12377] netlink: 'syz.1.1350': attribute type 3 has an invalid length. [ 446.743162][T12377] netlink: 'syz.1.1350': attribute type 3 has an invalid length. [ 446.751254][T12377] netlink: 'syz.1.1350': attribute type 3 has an invalid length. [ 446.999131][T12377] netlink: 'syz.1.1350': attribute type 3 has an invalid length. [ 447.159000][T12377] netlink: 'syz.1.1350': attribute type 3 has an invalid length. [ 447.189620][T12377] netlink: 'syz.1.1350': attribute type 3 has an invalid length. [ 447.260370][T12377] netlink: 'syz.1.1350': attribute type 3 has an invalid length. [ 447.977762][T12403] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 448.961401][ T5845] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 449.354778][ T30] audit: type=1800 audit(4294967836.723:9): pid=12433 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1359" name="members" dev="configfs" ino=38846 res=0 errno=0 [ 449.602744][T12430] raw_sendmsg: syz.3.1361 forgot to set AF_INET. Fix it! [ 451.348356][T12469] nbd: must specify at least one socket [ 452.845369][T12486] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1372'. [ 454.327919][T12498] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 456.526677][ T5845] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 456.615934][T12532] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed. [ 461.787412][T12619] HfR: entered promiscuous mode [ 463.768892][T12653] usb usb32: usbfs: process 12653 (syz.1.1414) did not claim interface 0 before use [ 465.013846][T12670] FAULT_INJECTION: forcing a failure. [ 465.013846][T12670] name failslab, interval 1, probability 0, space 0, times 0 [ 465.084368][T12670] CPU: 1 UID: 0 PID: 12670 Comm: syz.0.1416 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 465.084408][T12670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 465.084424][T12670] Call Trace: [ 465.084432][T12670] [ 465.084451][T12670] dump_stack_lvl+0x16c/0x1f0 [ 465.084490][T12670] should_fail_ex+0x512/0x640 [ 465.084519][T12670] should_failslab+0xc2/0x120 [ 465.084547][T12670] __kmalloc_cache_noprof+0x6a/0x3e0 [ 465.084586][T12670] ? nfc_genl_rcv_nl_event+0xc1/0x2e0 [ 465.084628][T12670] nfc_genl_rcv_nl_event+0xc1/0x2e0 [ 465.084666][T12670] notifier_call_chain+0xb9/0x410 [ 465.084701][T12670] ? __pfx_nfc_genl_rcv_nl_event+0x10/0x10 [ 465.084742][T12670] blocking_notifier_call_chain+0x69/0xa0 [ 465.084781][T12670] netlink_release+0x186b/0x2020 [ 465.084816][T12670] ? netlink_release+0x1de/0x2020 [ 465.084849][T12670] ? __pfx_netlink_release+0x10/0x10 [ 465.084881][T12670] ? __pfx_locks_remove_file+0x10/0x10 [ 465.084917][T12670] __sock_release+0xb0/0x270 [ 465.084946][T12670] ? __pfx_sock_close+0x10/0x10 [ 465.084973][T12670] sock_close+0x1c/0x30 [ 465.084999][T12670] __fput+0x3ff/0xb70 [ 465.085029][T12670] task_work_run+0x14d/0x240 [ 465.085056][T12670] ? __pfx_task_work_run+0x10/0x10 [ 465.085083][T12670] ? __pfx___do_sys_close_range+0x10/0x10 [ 465.085106][T12670] ? rcu_is_watching+0x12/0xc0 [ 465.085139][T12670] syscall_exit_to_user_mode+0x27b/0x2a0 [ 465.085169][T12670] do_syscall_64+0xda/0x260 [ 465.085200][T12670] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 465.085224][T12670] RIP: 0033:0x7f930eb8d169 [ 465.085243][T12670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 465.085268][T12670] RSP: 002b:00007f930f934038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 465.085292][T12670] RAX: 0000000000000000 RBX: 00007f930eda6080 RCX: 00007f930eb8d169 [ 465.085307][T12670] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 465.085320][T12670] RBP: 00007f930ec0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 465.085335][T12670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 465.085349][T12670] R13: 0000000000000000 R14: 00007f930eda6080 R15: 00007ffde0c53408 [ 465.085374][T12670] [ 470.800677][T12694] kexec: Could not allocate control_code_buffer [ 471.839311][T12737] validate_nla: 12 callbacks suppressed [ 471.839340][T12737] netlink: 'syz.3.1429': attribute type 16 has an invalid length. [ 471.901960][T12737] netlink: 306 bytes leftover after parsing attributes in process `syz.3.1429'. [ 473.012524][T12746] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1431'. [ 473.679007][T12758] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1434'. [ 474.105919][T12766] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1438'. [ 475.481411][ T5845] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 475.739102][T12792] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1444'. [ 478.220196][T12859] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input15 [ 479.232604][T12875] net_ratelimit: 160 callbacks suppressed [ 479.232630][T12875] openvswitch: netlink: Tunnel attr 9589 out of range max 16 [ 479.646372][T12883] HfR: entered promiscuous mode [ 479.653963][T12879] openvswitch: HfR: Dropping previously announced user features [ 479.665073][T12883] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1465'. [ 479.665312][T12879] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1465'. [ 479.797427][T12884] ovs_: entered promiscuous mode [ 479.821678][ T5845] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 480.636081][T12920] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1474'. [ 481.303626][ T5845] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 482.064028][T12922] kexec: Could not allocate control_code_buffer [ 482.329004][T12972] netlink: 266 bytes leftover after parsing attributes in process `syz.3.1487'. [ 482.348610][T12972] IPv6: NLM_F_CREATE should be specified when creating new route [ 482.529648][T12980] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 482.893083][T12983] Invalid ELF header magic: != ELF [ 483.007443][T12984] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 483.007443][T12984] The task syz.2.1490 (12984) triggered the difference, watch for misbehavior. [ 483.088120][T12988] snd_aloop snd_aloop.0: control 16781581:65535:6:'x?F/zF˷fC:0 is already present [ 483.633307][T13008] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1496'. [ 483.684763][T12992] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1492'. [ 483.714490][T12992] HfR: left promiscuous mode [ 484.063947][ T5845] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 484.593035][T12999] kexec: Could not allocate control_code_buffer [ 485.367400][T13047] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 485.448386][T13047] FAULT_INJECTION: forcing a failure. [ 485.448386][T13047] name failslab, interval 1, probability 0, space 0, times 0 [ 485.482199][T13047] CPU: 1 UID: 0 PID: 13047 Comm: syz.1.1506 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 485.482243][T13047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 485.482261][T13047] Call Trace: [ 485.482270][T13047] [ 485.482280][T13047] dump_stack_lvl+0x16c/0x1f0 [ 485.482341][T13047] should_fail_ex+0x512/0x640 [ 485.482369][T13047] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 485.482400][T13047] should_failslab+0xc2/0x120 [ 485.482431][T13047] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 485.482457][T13047] ? __kernfs_new_node+0xd2/0x8a0 [ 485.482487][T13047] __kernfs_new_node+0xd2/0x8a0 [ 485.482513][T13047] ? __pfx_idr_alloc_u32+0x10/0x10 [ 485.482548][T13047] ? __pfx___kernfs_new_node+0x10/0x10 [ 485.482698][T13047] ? __lock_acquire+0xaa4/0x1ba0 [ 485.482763][T13047] ? __lock_acquire+0xaa4/0x1ba0 [ 485.482812][T13047] ? map_id_range_down+0x2bc/0x3b0 [ 485.482845][T13047] kernfs_new_node+0x186/0x240 [ 485.482883][T13047] __kernfs_create_file+0x53/0x350 [ 485.482925][T13047] sysfs_add_file_mode_ns+0x207/0x3c0 [ 485.482979][T13047] internal_create_group+0x578/0xf30 [ 485.483019][T13047] ? __pfx_internal_create_group+0x10/0x10 [ 485.483057][T13047] ? kernfs_create_link+0x1bd/0x240 [ 485.483106][T13047] internal_create_groups+0x9d/0x150 [ 485.483141][T13047] device_add+0x6d1/0x1a70 [ 485.483195][T13047] ? __pfx_device_add+0x10/0x10 [ 485.483242][T13047] ? lockdep_init_map_type+0x5c/0x280 [ 485.483270][T13047] ? __init_waitqueue_head+0xca/0x150 [ 485.483313][T13047] netdev_register_kobject+0x182/0x3a0 [ 485.483360][T13047] register_netdevice+0x13dc/0x2040 [ 485.483428][T13047] ? __pfx_register_netdevice+0x10/0x10 [ 485.483490][T13047] slip_open+0xb86/0x1150 [ 485.483608][T13047] ? __pfx_slip_open+0x10/0x10 [ 485.483698][T13047] ? down_write+0x14d/0x200 [ 485.483748][T13047] ? __pfx_slip_open+0x10/0x10 [ 485.483802][T13047] tty_ldisc_open+0x9c/0x120 [ 485.483846][T13047] tty_set_ldisc+0x32b/0x780 [ 485.483894][T13047] tty_ioctl+0xbd7/0x15f0 [ 485.483944][T13047] ? __pfx_tty_ioctl+0x10/0x10 [ 485.484000][T13047] ? rcu_is_watching+0x12/0xc0 [ 485.484040][T13047] ? __rseq_handle_notify_resume+0x69a/0x10c0 [ 485.484095][T13047] ? hook_file_ioctl_common+0x145/0x410 [ 485.484136][T13047] ? xfd_validate_state+0x5d/0x180 [ 485.484176][T13047] ? __pfx_tty_ioctl+0x10/0x10 [ 485.484224][T13047] __x64_sys_ioctl+0x190/0x200 [ 485.484271][T13047] do_syscall_64+0xcd/0x260 [ 485.484316][T13047] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 485.484349][T13047] RIP: 0033:0x7fe598f8d169 [ 485.484375][T13047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 485.484409][T13047] RSP: 002b:00007fe599e76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 485.484441][T13047] RAX: ffffffffffffffda RBX: 00007fe5991a5fa0 RCX: 00007fe598f8d169 [ 485.484462][T13047] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000001 [ 485.484480][T13047] RBP: 00007fe59900e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 485.484500][T13047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 485.484519][T13047] R13: 0000000000000000 R14: 00007fe5991a5fa0 R15: 00007ffd34283648 [ 485.484555][T13047] [ 485.966411][T13053] snd_aloop snd_aloop.0: Parsing timer source '3' failed with -22 [ 486.049136][T13053] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1507'. [ 488.303622][T13082] Process accounting resumed [ 488.510043][T13098] CIFS: VFS: Unsupported security flags: 0x200 [ 490.987689][ T5845] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 491.216619][T13117] kexec: Could not allocate control_code_buffer [ 491.811318][T13155] netlink: zone id is out of range [ 495.650777][ T5845] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5 [ 496.374625][T13226] Invalid ELF header magic: != ELF [ 496.975094][T13247] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1549'. [ 497.105208][T13226] snd_aloop snd_aloop.0: control 16781581:65535:6:'x?F/zF˷fC:8 is already present [ 498.553081][ T5845] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 498.689863][T13278] [ 498.692263][T13278] ====================================================== [ 498.699343][T13278] WARNING: possible circular locking dependency detected [ 498.706390][T13278] 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 Not tainted [ 498.713187][T13278] ------------------------------------------------------ [ 498.720328][T13278] syz.0.1558/13278 is trying to acquire lock: [ 498.726432][T13278] ffff888025a19958 (&q->elevator_lock){+.+.}-{4:4}, at: queue_requests_store+0x1c7/0x310 [ 498.736342][T13278] [ 498.736342][T13278] but task is already holding lock: [ 498.743734][T13278] ffff888025a19428 (&q->q_usage_counter(io)#29){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 498.755092][T13278] [ 498.755092][T13278] which lock already depends on the new lock. [ 498.755092][T13278] [ 498.765520][T13278] [ 498.765520][T13278] the existing dependency chain (in reverse order) is: [ 498.774564][T13278] [ 498.774564][T13278] -> #2 (&q->q_usage_counter(io)#29){++++}-{0:0}: [ 498.783242][T13278] blk_alloc_queue+0x619/0x760 [ 498.788607][T13278] blk_mq_alloc_queue+0x179/0x290 [ 498.794204][T13278] __blk_mq_alloc_disk+0x29/0x120 [ 498.799806][T13278] loop_add+0x496/0xb70 [ 498.804546][T13278] loop_init+0x164/0x270 [ 498.809348][T13278] do_one_initcall+0x120/0x6e0 [ 498.814697][T13278] kernel_init_freeable+0x5c2/0x900 [ 498.820459][T13278] kernel_init+0x1c/0x2b0 [ 498.825363][T13278] ret_from_fork+0x45/0x80 [ 498.830345][T13278] ret_from_fork_asm+0x1a/0x30 [ 498.835686][T13278] [ 498.835686][T13278] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 498.842948][T13278] fs_reclaim_acquire+0x102/0x150 [ 498.848567][T13278] blk_mq_alloc_and_init_hctx+0x503/0x11c0 [ 498.854952][T13278] blk_mq_realloc_hw_ctxs+0x8f6/0xc00 [ 498.860906][T13278] blk_mq_init_allocated_queue+0x3af/0x1230 [ 498.867371][T13278] blk_mq_alloc_queue+0x1c2/0x290 [ 498.872959][T13278] __blk_mq_alloc_disk+0x29/0x120 [ 498.878558][T13278] loop_add+0x496/0xb70 [ 498.883290][T13278] loop_init+0x164/0x270 [ 498.888095][T13278] do_one_initcall+0x120/0x6e0 [ 498.893440][T13278] kernel_init_freeable+0x5c2/0x900 [ 498.899211][T13278] kernel_init+0x1c/0x2b0 [ 498.904141][T13278] ret_from_fork+0x45/0x80 [ 498.909128][T13278] ret_from_fork_asm+0x1a/0x30 [ 498.914476][T13278] [ 498.914476][T13278] -> #0 (&q->elevator_lock){+.+.}-{4:4}: [ 498.922361][T13278] __lock_acquire+0x1173/0x1ba0 [ 498.927795][T13278] lock_acquire+0x179/0x350 [ 498.932854][T13278] __mutex_lock+0x199/0xb90 [ 498.937923][T13278] queue_requests_store+0x1c7/0x310 [ 498.943696][T13278] queue_attr_store+0x270/0x310 [ 498.949126][T13278] sysfs_kf_write+0x117/0x170 [ 498.954380][T13278] kernfs_fop_write_iter+0x351/0x510 [ 498.960235][T13278] iter_file_splice_write+0x91c/0x1150 [ 498.966284][T13278] direct_splice_actor+0x18f/0x6c0 [ 498.971978][T13278] splice_direct_to_actor+0x342/0xa30 [ 498.977936][T13278] do_splice_direct+0x174/0x240 [ 498.983368][T13278] do_sendfile+0xafd/0xe50 [ 498.988359][T13278] __x64_sys_sendfile64+0x1d8/0x220 [ 498.994128][T13278] do_syscall_64+0xcd/0x260 [ 498.999220][T13278] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 499.005684][T13278] [ 499.005684][T13278] other info that might help us debug this: [ 499.005684][T13278] [ 499.015965][T13278] Chain exists of: [ 499.015965][T13278] &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#29 [ 499.015965][T13278] [ 499.029792][T13278] Possible unsafe locking scenario: [ 499.029792][T13278] [ 499.037280][T13278] CPU0 CPU1 [ 499.042695][T13278] ---- ---- [ 499.048095][T13278] lock(&q->q_usage_counter(io)#29); [ 499.053542][T13278] lock(fs_reclaim); [ 499.060096][T13278] lock(&q->q_usage_counter(io)#29); [ 499.068051][T13278] lock(&q->elevator_lock); [ 499.072681][T13278] [ 499.072681][T13278] *** DEADLOCK *** [ 499.072681][T13278] [ 499.080914][T13278] 5 locks held by syz.0.1558/13278: [ 499.086147][T13278] #0: ffff8880362e4420 (sb_writers#7){.+.+}-{0:0}, at: splice_direct_to_actor+0x342/0xa30 [ 499.096268][T13278] #1: ffff88802532c488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 499.106132][T13278] #2: ffff8881427132d8 (kn->active#191){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 499.116328][T13278] #3: ffff888025a19428 (&q->q_usage_counter(io)#29){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 499.128090][T13278] #4: ffff888025a19460 (&q->q_usage_counter(queue)#19){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 499.140110][T13278] [ 499.140110][T13278] stack backtrace: [ 499.146003][T13278] CPU: 1 UID: 0 PID: 13278 Comm: syz.0.1558 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 499.146035][T13278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 499.146050][T13278] Call Trace: [ 499.146056][T13278] [ 499.146066][T13278] dump_stack_lvl+0x116/0x1f0 [ 499.146100][T13278] print_circular_bug+0x275/0x350 [ 499.146139][T13278] check_noncircular+0x14c/0x170 [ 499.146183][T13278] __lock_acquire+0x1173/0x1ba0 [ 499.146223][T13278] ? __lock_acquire+0xaa4/0x1ba0 [ 499.146260][T13278] lock_acquire+0x179/0x350 [ 499.146280][T13278] ? queue_requests_store+0x1c7/0x310 [ 499.146311][T13278] ? __pfx___might_resched+0x10/0x10 [ 499.146347][T13278] __mutex_lock+0x199/0xb90 [ 499.146376][T13278] ? queue_requests_store+0x1c7/0x310 [ 499.146404][T13278] ? mark_held_locks+0x49/0x80 [ 499.146439][T13278] ? queue_requests_store+0x1c7/0x310 [ 499.146475][T13278] ? __pfx___mutex_lock+0x10/0x10 [ 499.146505][T13278] ? blk_mq_freeze_queue_wait+0xad/0x1b0 [ 499.146531][T13278] ? __pfx_autoremove_wake_function+0x10/0x10 [ 499.146570][T13278] ? queue_requests_store+0x1c7/0x310 [ 499.146599][T13278] queue_requests_store+0x1c7/0x310 [ 499.146628][T13278] ? __pfx_queue_requests_store+0x10/0x10 [ 499.146659][T13278] ? __mutex_trylock_common+0xe9/0x250 [ 499.146687][T13278] ? __pfx_queue_requests_store+0x10/0x10 [ 499.146716][T13278] queue_attr_store+0x270/0x310 [ 499.146744][T13278] ? __pfx_queue_attr_store+0x10/0x10 [ 499.146770][T13278] ? __lock_acquire+0x5ca/0x1ba0 [ 499.146807][T13278] ? kernfs_fop_write_iter+0x28f/0x510 [ 499.146845][T13278] ? __pfx_queue_attr_store+0x10/0x10 [ 499.146872][T13278] sysfs_kf_write+0x117/0x170 [ 499.146905][T13278] kernfs_fop_write_iter+0x351/0x510 [ 499.146937][T13278] ? __pfx_sysfs_kf_write+0x10/0x10 [ 499.146988][T13278] iter_file_splice_write+0x91c/0x1150 [ 499.147037][T13278] ? __pfx_iter_file_splice_write+0x10/0x10 [ 499.147080][T13278] ? __pfx_copy_splice_read+0x10/0x10 [ 499.147185][T13278] ? __pfx_iter_file_splice_write+0x10/0x10 [ 499.147224][T13278] direct_splice_actor+0x18f/0x6c0 [ 499.147261][T13278] splice_direct_to_actor+0x342/0xa30 [ 499.147297][T13278] ? __pfx_direct_splice_actor+0x10/0x10 [ 499.147336][T13278] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 499.147376][T13278] do_splice_direct+0x174/0x240 [ 499.147410][T13278] ? __pfx_do_splice_direct+0x10/0x10 [ 499.147446][T13278] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 499.147482][T13278] ? rw_verify_area+0xcf/0x680 [ 499.147515][T13278] do_sendfile+0xafd/0xe50 [ 499.147549][T13278] ? __pfx_do_sendfile+0x10/0x10 [ 499.147583][T13278] ? __x64_sys_futex+0x1e0/0x4c0 [ 499.147616][T13278] ? __x64_sys_futex+0x1e9/0x4c0 [ 499.147650][T13278] __x64_sys_sendfile64+0x1d8/0x220 [ 499.147675][T13278] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 499.147700][T13278] ? rcu_is_watching+0x12/0xc0 [ 499.147731][T13278] do_syscall_64+0xcd/0x260 [ 499.147761][T13278] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 499.147803][T13278] RIP: 0033:0x7f930eb8d169 [ 499.147823][T13278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 499.147847][T13278] RSP: 002b:00007f930f955038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 499.147870][T13278] RAX: ffffffffffffffda RBX: 00007f930eda5fa0 RCX: 00007f930eb8d169 [ 499.147886][T13278] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000009 [ 499.147902][T13278] RBP: 00007f930ec0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 499.147917][T13278] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 499.147933][T13278] R13: 0000000000000000 R14: 00007f930eda5fa0 R15: 00007ffde0c53408 [ 499.147955][T13278] [ 506.764728][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.771056][ T1297] ieee802154 phy1 wpan1: encryption failed: -22