last executing test programs: 11.080894217s ago: executing program 1 (id=997): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'wg0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r2, r1, 0x4, 0x1ff, 0xffffffffffffffff, @relative_id=0x13, 0xe600}, 0xf) r3 = socket(0xa, 0x2, 0x88) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000280)={'dummy0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r5, r4, 0x4, 0x1ff, r3, @relative_id=0x13, 0xe600}, 0xf) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'pim6reg1\x00'}) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = socket(0xa, 0x2, 0x0) r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000280)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_NEW_KEY(r6, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)={0x24, r8, 0x413, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r9}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x4804}, 0x80) r10 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000180), r10) r11 = gettid() kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x2aa7, 0x6c0000c000, 0xc000}, 0x4) kill$auto(r11, 0x11) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0x1, 0x1ff, 0x100, 0x83, 0x101, 0x6, 0x6}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x876c5, 0x8, 0x100000000}}) 9.186244098s ago: executing program 1 (id=1002): r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r0, r0, 0x2) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000480), 0x40, 0x0) r1 = openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000b40), 0xa000, 0x0) read$auto_nst_seq_fops_netdebug(r1, &(0x7f0000000b80)=""/52, 0x34) timer_create$auto(0x8, &(0x7f0000000000)={@sival_int=0xccea, @inferred, 0x1}, &(0x7f0000000040)=0x200) landlock_create_ruleset$auto(&(0x7f0000000000)={0xd1d, 0x3, 0x7}, 0x9, 0x0) landlock_restrict_self$auto(r0, 0x0) mknod$auto(&(0x7f0000000040)='./file0\x00', 0xfffe, 0x4) 9.083929726s ago: executing program 1 (id=1003): socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x2, 0xa7a9, 0x16000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x400053, 0x9) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_null_fops_mem(0xffffffffffffff9c, &(0x7f00000000c0), 0x6f4ccf2bee9fe3e6, 0x0) read$auto_null_fops_mem(r0, &(0x7f0000000100)=""/98, 0x62) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x24c802, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x56b583, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/asound/card1/pcm0c/sub0/status\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000280)=""/65, 0x41) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp6\x00', 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/swradio0\x00', 0x108e00, 0x0) poll$auto(&(0x7f0000000480)={r3, 0xffff, 0x29}, 0x6, 0x8) r4 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0) ioctl$auto_UI_DEV_SETUP(r4, 0x405c5503, &(0x7f0000000400)={{0xb, 0x20, 0xaa, 0x887}, "66ac010005000000000068d590eb0d4a4cada7272464294b9183349eef4c1f028fdcc8ecc66fdd02316f064ebd893007abb4c0bbc3b822f66eb624ad63910d61771552c03de65800", 0x2}) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(r5, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x14, 0x0, 0x300, 0x70bd29, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) close_range$auto(0x2, 0x8, 0x0) setgroups$auto(0xe32, 0x0) 7.996911195s ago: executing program 2 (id=1006): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000002400)='/sys/devices/virtual/mtd/mtd0/mtdblock0/ro\x00', 0x20000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/156, 0x9c) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sysfs$auto(0x2, 0x10000000000002a, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) getdents$auto(r0, &(0x7f0000000280)={0x800, 0x6, 0x3, "694e35b9d41e181fcace6c00f28fdeb373a62873d9b2445d6f402374b30e6d89639b814a9306349576d6d59f6aa6b148bf30c1824e5867e9fbda6ba5356a05656ee3ab77904f800377786443351f953c2c3fc10af304b60e61b4f2ed74a3a55bcbf31611f6cea89dcd64277a4843d59dfc3b29c22050a0363c8d6d764d909a5620ee11fee823ee520398b761473fbe3adb79722e16dd4cc19af5ab19ec35df6439f000381eb1fb0176d6aa8de2d080e629f53833d92f7752d4d9755f42a330d234a94ae0e43636d168e6c6b277019f60d59732699fe3eca5dc76ea1b53b125f036"}, 0x4c3) close_range$auto(0x2, 0x8, 0xffffffff) socket(0x2, 0x80002, 0x73) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfdef) 7.227312456s ago: executing program 3 (id=1008): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000800)='/dev/adsp1\x00', 0x408a00, 0x0) quotactl_fd$auto(0xffffffffffffffff, 0x1, 0x0, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfdfff7fffffffffd, 0xd4, 0x3, 0xa, 0x0, 0x200000000000001, 0x368e, 0x2, {0x100000000, 0x4}, 0xff, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x8000000a, 0x81, 0xffffffffffff628e, 0x1400, 0xdeb1, 0x804}) pwritev$auto(r0, &(0x7f0000000300)={&(0x7f00000001c0)="cb8b190492f16706fd5d73ff99e0266893dd5727671d1c", 0x7}, 0x0, 0x9, 0x4) r1 = socket(0x2b, 0x1, 0x1) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3da) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x87, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r3, 0xaf01, 0x5) ioctl$auto(r3, 0x4008af30, r3) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/video1\x00', 0x401, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_DELETE(r1, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB='\t@\x00\x00', @ANYRESOCT=r0, @ANYRES8=r0], 0x44}, 0x1, 0x0, 0x0, 0x8004}, 0x40) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/scsi/sg/allow_dio\x00', 0x101901, 0x0) socket(0x2c, 0x5, 0x0) ustat$auto(0x801, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) unshare$auto(0x40000080) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) read$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffffff, &(0x7f0000000200)=""/238, 0xee) ioctl$auto_RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f00000000c0)={0xe, 0x5, 0x2, 0x0, 0x5, 0x2003, 0x74f, 0x1fb, 0xf}) ioctl$auto_SNDCTL_DSP_SYNC(r4, 0x5001, 0xfffffffffffffffc) socket(0x1d, 0x2, 0x6) socket(0x22, 0x2, 0x2) 7.012710961s ago: executing program 0 (id=1009): r0 = open(&(0x7f0000000000)='./file0\x00', 0x22240, 0x0) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC0\x00', 0x100, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xffffffffffffffff, 0x8000) madvise$auto_MADV_HUGEPAGE(0x0, 0x80000001, 0xe) prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x9, 0x0, 0x5, 0x8) madvise$auto_MADV_HUGEPAGE(0x0, 0x2, 0xe) r2 = socket(0x2c, 0x3, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x0, r0, 0x5, 0x6, 0xa, 0x1000009, r2, 0x9, 0x3}, 0x6f3) fcntl$auto(0x3, 0x400, 0x1) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x1) socket(0x2, 0x1, 0x106) r3 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000240), 0x183440, 0x0) r4 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x80040, 0x0) ioctl$auto_USB_RAW_IOCTL_CONFIGURE(r4, 0x5509, 0x0) unshare$auto(0x40000080) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r5, &(0x7f0000006200)={0x0, 0xfffffffffffffe47, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="230027bd7000fcdbdf2508ffe9000c000380050001800300000004000280080001"], 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x44044) openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/midi2\x00', 0x38b003, 0x0) socket(0x28, 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) select$auto(0x12, 0x0, 0x0, &(0x7f0000000080)={[0x1ff, 0x7, 0xb, 0x1, 0x7, 0x4460, 0x15f4da0c, 0x1, 0x3, 0x300000000000000, 0x7fffffff, 0x7, 0x0, 0x9, 0x8a9]}, 0x0) close_range$auto(0x2, 0x8, 0x0) listen$auto(0x3, 0x81) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0xe, 0x4, 0x4, 0x9, 0x8, 0xc, r3, 0x4, 0x7ff}, 0xee) mmap$auto(0x0, 0x2020009, 0x3, 0x18, r1, 0xa) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) 6.710781273s ago: executing program 2 (id=1010): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000002400)='/sys/devices/virtual/mtd/mtd0/mtdblock0/ro\x00', 0x20000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sysfs$auto(0x2, 0x10000000000002a, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) getdents$auto(r0, &(0x7f0000000100)={0x800, 0x6, 0x3, "694e35b9d41e181fcace6c00f28fdeb373a62873d9b2445d6f402374b30e6d89639b814a9306349576d6d59f6aa6b148bf30c1824e5867e9fbda6ba5356a05656ee3ab77904f800377786443351f953c2c3fc10af304b60e61b4f2ed74a3a55bcbf31611f6cea89dcd64277a4843d59dfc3b29c22050a0363c8d6d764d909a5620ee11fee823ee520398b761473fbe3adb79722e16dd4cc19af5ab19ec35df6439f000381eb1fb0176d6aa8de2d080e629f53833d92f7752d4d9755f42a330d234a94ae0e43636d168e6c6b277019f60d59732699fe3eca5dc76"}, 0x4c3) mbind$auto(0x0, 0x764, 0x4, &(0x7f0000000280)=0x1, 0x3, 0x4) close_range$auto(0x2, 0x8, 0xffffffff) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00', @ANYRES16, @ANYBLOB="010027bd7000fddbdf250a0005000700000000000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) sendmsg$auto_TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYBLOB="01007050a7f82fc634b10f00003460fac93497d76d"], 0x1c}, 0x1, 0x0, 0x0, 0x40010}, 0x2) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4002, 0x4}, 0x77, 0xfffffffc, 0x0, 0x62bd) r1 = socket(0x10, 0x2, 0x0) madvise$auto(0x80000001, 0x101, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) write$auto(0x3, 0x0, 0xfdef) write$auto(0x3, 0x0, 0xfdef) select$auto(0x5, &(0x7f0000000080)={[0x20000009, 0xfffffffffffbfffc, 0x9, 0x5, 0xc, 0x3, 0x3, 0x1ffe000, 0x2, 0x2, 0x9, 0xf, 0xa657, 0x202, 0x6, 0x1]}, 0x0, 0x0, 0x0) setfsuid$auto(0x1) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) 6.637134289s ago: executing program 3 (id=1011): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'wg0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r2, r1, 0x4, 0x1ff, 0xffffffffffffffff, @relative_id=0x13, 0xe600}, 0xf) r3 = socket(0xa, 0x2, 0x88) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000280)={'dummy0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r5, r4, 0x4, 0x1ff, r3, @relative_id=0x13, 0xe600}, 0xf) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'pim6reg1\x00'}) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = socket(0xa, 0x2, 0x0) r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000280)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_NEW_KEY(r6, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)={0x24, r8, 0x413, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r9}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x4804}, 0x80) socket$nl_generic(0x10, 0x3, 0x10) r10 = gettid() kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x2aa7, 0x6c0000c000, 0xc000}, 0x4) kill$auto(r10, 0x11) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0x1, 0x1ff, 0x100, 0x83, 0x101, 0x6, 0x6}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x876c5, 0x8, 0x100000000}}) 5.94433831s ago: executing program 0 (id=1012): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), r0) sendmsg$auto_ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f00000011c0)=ANY=[@ANYBLOB="4aa8449f712af736be4797bc8c333035e760682172e47b76d3c6eb3b728966dc5796c8138b80b883ee90d1791ddb7749ff4ad1703dbc94d305c798291f295a028656eed68f1a5ebd615f69f4f953a84488aa88d24e35e15a850f9818", @ANYRES16=r1, @ANYBLOB="37072dbd7000fedbdf2513000000"], 0x14}, 0x1, 0x0, 0x0, 0x6000091}, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) r2 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r2, 0x400, 0x1) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) socket(0xa, 0x2, 0x0) unshare$auto(0x40000080) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ip6_mr_vif\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f00000000c0)=""/4087, 0xff7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x0, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/kernel/mm/transparent_hugepage/shrink_underused\x00', 0x0, 0x0) socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) setsockopt$auto(0x3, 0x8000000000000006, 0x25, 0x0, 0x7ffffc) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000140)=""/12, 0xc) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd3/queue/iosched/write_expire\x00', 0x20681, 0x0) r5 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) r6 = openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/buffer_percent\x00', 0x1, 0x0) writev$auto(r6, &(0x7f00000035c0)={0x0, 0x4}, 0x9) fcntl$auto(r5, 0xfffffffd, 0x0) r7 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000001240)='/dev/snd/controlC0\x00', 0x101a02, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r7, 0xc1105517, &(0x7f00000001c0)={{@raw=0xfff, 0x100110d, 0xfffd, 0x6, "e927783f468fa2e92fe8ec7a46cbb766439daa1ee1aa0000000000040000660e0701000000000000008000"}, 0x6, 0x0, 0x4, @raw=0x404, @enumerated={0x55d3, 0x7, "bf154d70dcfcea02faacb07c4222db1f207fdb681dc9b0bf2c6c9ce16d51ebc73df6a7aa16659cd5e4dc8374caf945548e604179f1f87c3bd8701d3d5c3d998c", 0xffffffffffffffff, 0x91e0}, "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f6ab606c276852295e00af49e6de6e768034"}) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r8 = getsockopt$auto_SO_TIMESTAMPING_OLD(r2, 0x8000, 0x25, &(0x7f0000000080)='/dev/snd/controlC1\x00', &(0x7f0000001100)=0x92) execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r8, &(0x7f0000001140)="7e87dd02283962f6bd290da68b8297a77f7bf3f6392da9ba87e7b0cd0a619950a3496c45ff13f3fce7e0641f63acc19b7e4b54b106ab045add7f57187e6d0b48fb6667a24105c5cf655c6d4917cf0ddc4b5d18267401a1f4f25594076bebf3323cdab96f4a4ec75f48102892ddff2174676ad527", 0x74) 5.628312494s ago: executing program 2 (id=1013): r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/pagemap\x00', 0x80240, 0x0) ioctl$auto_PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f0000000000)={0x60, 0x2, 0x100000, 0x7fffffffeffb, 0x100000000000002, 0x0, 0x0, 0x50b301a, 0x87, 0x2c, 0x4, 0x3}) r1 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0xa6d80, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x149443, 0x14) fcntl$auto(r2, 0x409, 0x40003f) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) write$auto_hwsim_fops_rx_rssi_(r2, &(0x7f0000000140)="00a5b5c927670fa03d566f373bee95fb83f22a4684c6c10284983c32d45982784f10765b477dc0b6f519012d0f5b009d550399758fb39f639e86a279d0c4fdb3f61c0542213e217d305fdb0e", 0x4c) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000200)='/dev/audio1\x00', 0x408400, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYRES16=0x0, @ANYBLOB="f50128"], 0x14}}, 0x22044080) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1, 0xb}, 0x800009}, 0x5, 0x20000000) io_uring_setup$auto(0xec, &(0x7f00000000c0)={0x2, 0x2, 0x7, 0xfffffeff, 0x9, 0xa4db, r1, [0x8000, 0x7b, 0x9], {0xe, 0x1, 0x8, 0x4, 0x8000, 0x3, 0x3, 0x3fe0, 0x1}, {0x7fffffff, 0x7, 0x0, 0x7, 0x2, 0x7fffffff, 0x0, 0x10001, 0xa}}) 5.485840378s ago: executing program 2 (id=1014): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) open(&(0x7f0000000300)='./file0\x00', 0x7efd, 0x3) write$auto(0x3, 0x0, 0x100082) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200007, 0x19) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xa4e00, 0x0) mkdir$auto(&(0x7f0000004440)='./file0\x00', 0x1) r0 = io_uring_setup$auto(0x5d, 0x0) mmap$auto(0x0, 0x7, 0xdf, 0xeb2, 0x2, 0x8000) openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/buffer_percent\x00', 0x80000, 0x0) socket(0xa, 0x6, 0x0) socket(0xa, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0x40000000000000df, 0x9b72, r0, 0x8000) epoll_create$auto(0x2) r1 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) ptrace$auto(0xe, 0x0, 0x2, 0x53) fcntl$auto_F_SETSIG(r1, 0xa, 0x0) mmap$auto(0x400, 0x8, 0x5, 0xeb0, r1, 0x5) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) socket$nl_generic(0x10, 0x3, 0x10) madvise$auto(0x108000, 0x800034, 0x200000b) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x204180, 0x0) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) socket(0x11, 0x80003, 0x304) 5.384983011s ago: executing program 1 (id=1015): socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x800, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) adjtimex$auto(&(0x7f00000004c0)={0xf332b6c, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x80000000368e, 0x8, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x0, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000500)='/dev/video0\x00', 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffd]}, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r2 = syz_clone(0x40000011, 0x0, 0x41, 0x0, 0x0, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x7, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(r0, 0xc1105511, &(0x7f00000013c0)={{@inferred, 0x7, 0x6, 0x0, "bbccbcd7d12c37e3395149784620ba1de5bb291c240924299031a6348f25231d691516434db1ac931d1b6193"}, 0xd4, 0x140d42f5, 0x4, @inferred, @enumerated={0x2800000, 0x6, "c0eec5b9eded480e41b4c64a124205fe15bf2b44ceae3dfe4f8894c395c881a2f0d5725fb97d9e2b0814896b72224b4f04ac63d5f6a2f8704f0e118b2b31d940", 0x4, 0x6}, "753d362b6b19e500aadec4f474a7485c06556879118ced5f043cbc39525ca568ed7fe70733f11d83c847cc0eb79ce8d9ac8ffb7d654b446dc5293a15cb154748"}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fcntl$auto(r0, 0x10000, r2) read$auto(0x3, 0x0, 0xf34) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x1d, 0x0, 0x9) connect$auto(0x3, 0x0, 0x55) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000bc0), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'veth1_to_bond\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_LOCAL(r3, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="1bfffffe", @ANYRES16=r4, @ANYBLOB="050323bd7000fbdbdf250600000008000300", @ANYRES32=r6, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x40008}, 0x4000040) bind$auto(0x4, 0x0, 0x0) write$auto(0x3, 0x0, 0xffd8) 5.235679059s ago: executing program 3 (id=1016): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x29, 0x5, 0x0) r1 = open(0x0, 0xa22c0, 0x155) ioctl$auto_FS_IOC_FSSETXATTR(r1, 0x401c5820, r0) ioctl$auto_21538(r1, 0x5422, &(0x7f0000000340)="41726fdae4f880f70edff0956e44cc375d4da49ca7a73316a68422f8f48b3defd13372b53c8293034e56d35f650746f45a3ceabeef03dcde27592ea7c36b303a82d313a07779c1f859fee24b5fbe6591145a693d73155010c2da4a4e32ce89f79b60aba325b3ff4f0a6b4e5ce1af1c6133ef74ca301e57fb0fa90ff3fcb167c68313c9475d4fa766dd188aabefcc0e3e8c88fc963ab402de0fb634") madvise$auto(0x0, 0xffffffffffff0005, 0x19) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/mcfilter6\x00', 0x22280, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/bdi/7:11/read_ahead_kb\x00', 0x1a1942, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xb02, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) r3 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) madvise$auto(0x100, 0x1, 0x1) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(0xffffffffffffffff, 0x6, r2) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_INFO(0x900, 0x3, &(0x7f00000012c0)={{0x632, 0xffffffffffffffff, 0x0, 0x401, 0x5, 0x1, 0x80}, 0x0, 0x0, 0x1, 0x7, 0x5, 0xf5e, 0x1, 0xdd34, 0x7, 0x8, @inferred, @raw=0x4}) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) get_robust_list$auto(0x0, 0x0, 0x0) process_vm_readv$auto(0x0, &(0x7f00000000c0)={&(0x7f0000000200)="16344351d57ac5db04fa25ddcf2c3792ae7fb292b8b9d00336471fce94695792240d36e9853a7901e5a8b47b121734607ebd906136c5614296122522c3ba63572ea272e35d89e4777d634e6052c2ecdf3a2b0d7dbab452212fa5ae5f1727c31cada86d56ce2604cb46c68a8a795cf39189780a64f426afd2389bf799e8edbe5df0117aa4dcf96d8ba39abed65dbcbb5879a44eac9ef57022a13c", 0x4}, 0xfffffffffffff22a, &(0x7f0000000100)={&(0x7f00000002c0)="6d9398b561ca3a60235521962dbf9a6bfd3d7283b0ff1b1f8dc00fbad4bcd243814522d1304bfaf67f1045ebf2cb337b20e3a4fb9eb09b1c0f581039ce750b74b4afc5fc", 0xffffffffffff6c8e}, 0xfffffffffffffffa, 0x10001) lsm_list_modules$auto(0x0, 0x0, 0x0) setsockopt$auto(r3, 0x1, 0x3f, 0x0, 0xb) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71393}, 0x9a6, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x1102, 0x0) 4.515029478s ago: executing program 0 (id=1017): iopl$auto(0x2) iopl$auto(0x1) r0 = syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) unshare$auto(0x40000080) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x7}, 0xb22a, 0x2000000000400a, 0xfffffffffffffffd, 0x4, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdead, 0x804}) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000080)={{0x0, 0xc, 0x0, 0x1, 0x0, 0x20, 0x3}, 0x5b3}, 0x200, 0x101) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYRES64=r3], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40) recvmmsg$auto(r3, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x1fe, 0x8, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) set_mempolicy$auto(0x2, 0x0, 0x8) arch_prctl$auto(0x1021, 0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x8000003, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x3, 0x10, 0xdf, 0xeb1, 0x401, 0x8000) setuid$auto(0x800000000008) mq_timedreceive$auto(r1, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x8, &(0x7f0000000100)=0x3, &(0x7f0000000140)={0xfffffffffffffffb, 0xe0d}) madvise$auto(0x3, 0x7fffffffffffffff, 0xa) semctl$auto(0x1ff, 0x2, 0x13, 0x4) clone3$auto(&(0x7f0000000000)={0x200, 0x5, 0x7, 0x2, 0x1, 0x87, 0x8, 0xb, 0x9, 0x2, 0xcb6}, 0xaa) mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000) r4 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) ioctl$auto(r4, 0xc0304d18, 0x8) r5 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$auto_proc_page_owner_operations_page_owner(r5, &(0x7f0000002080)=""/4096, 0x1000) 2.255133254s ago: executing program 2 (id=1018): r0 = open(&(0x7f0000000000)='./file0\x00', 0x22240, 0x0) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC0\x00', 0x100, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xffffffffffffffff, 0x8000) madvise$auto_MADV_HUGEPAGE(0x0, 0x80000001, 0xe) prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x9, 0x0, 0x5, 0x8) madvise$auto_MADV_HUGEPAGE(0x0, 0x2, 0xe) r2 = socket(0x2c, 0x3, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x0, r0, 0x5, 0x6, 0xa, 0x1000009, r2, 0x9, 0x3}, 0x6f3) fcntl$auto(0x3, 0x400, 0x1) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x1) socket(0x2, 0x1, 0x106) r3 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000240), 0x183440, 0x0) r4 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x80040, 0x0) ioctl$auto_USB_RAW_IOCTL_CONFIGURE(r4, 0x5509, 0x0) unshare$auto(0x40000080) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r5, &(0x7f0000006200)={0x0, 0xfffffffffffffe47, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="230027bd7000fcdbdf2508ffe9000c000380050001800300000004000280080001"], 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x44044) openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/midi2\x00', 0x38b003, 0x0) socket(0x28, 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) select$auto(0x12, 0x0, 0x0, &(0x7f0000000080)={[0x1ff, 0x7, 0xb, 0x1, 0x7, 0x4460, 0x15f4da0c, 0x1, 0x3, 0x300000000000000, 0x7fffffff, 0x7, 0x0, 0x9, 0x8a9]}, 0x0) close_range$auto(0x2, 0x8, 0x0) listen$auto(0x3, 0x81) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0xe, 0x4, 0x4, 0x9, 0x8, 0xc, r3, 0x4, 0x7ff}, 0xee) mmap$auto(0x0, 0x2020009, 0x3, 0x18, r1, 0xa) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) 2.015014233s ago: executing program 0 (id=1019): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000002400)='/sys/devices/virtual/mtd/mtd0/mtdblock0/ro\x00', 0x20000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/156, 0x9c) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sysfs$auto(0x2, 0x10000000000002a, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) getdents$auto(r0, &(0x7f0000000280)={0x800, 0x6, 0x3, "694e35b9d41e181fcace6c00f28fdeb373a62873d9b2445d6f402374b30e6d89639b814a9306349576d6d59f6aa6b148bf30c1824e5867e9fbda6ba5356a05656ee3ab77904f800377786443351f953c2c3fc10af304b60e61b4f2ed74a3a55bcbf31611f6cea89dcd64277a4843d59dfc3b29c22050a0363c8d6d764d909a5620ee11fee823ee520398b761473fbe3adb79722e16dd4cc19af5ab19ec35df6439f000381eb1fb0176d6aa8de2d080e629f53833d92f7752d4d9755f42a330d234a94ae0e43636d168e6c6b277019f60d59732699fe3eca5dc76ea1b53b125f036"}, 0x4c3) close_range$auto(0x2, 0x8, 0xffffffff) socket(0x2, 0x80002, 0x73) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfdef) 1.860765155s ago: executing program 1 (id=1020): r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x30009, 0x4000000000df, 0x3be1c83d, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) socket(0x1d, 0x2, 0x6) setsockopt$auto(0x3, 0x6a, 0x7, 0xffffffffffffffff, 0x3) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000000), r1) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @empty}, 0x6a) mlockall$auto(0x7) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x40080, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000f9dbdf250100000005000d00100000000500070010000000080009009c781e2108000a000800000014001f000000000000000000c0feffff0000000014002000ff01faffffff0000000000211e789c000600020001"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004) mmap$auto(0x0, 0x0, 0x100000df, 0xd5a, 0x401, 0x8004) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/dfscache\x00', 0xc0000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x47, 0x8000) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), r5) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r5, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000fa9411bbe38b0e770000", @ANYRES16=r6, @ANYBLOB="050725532d71e110597804"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x880) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0xa0900, 0x0) getrandom$auto(&(0x7f0000000000)='+]#&,\x00', 0x2, 0x9) r7 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r7, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x49}, 0x5, &(0x7f0000000180), 0x5, 0xe}, 0x5}, 0x2, 0x100) 1.136890259s ago: executing program 3 (id=1021): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) openat$auto_full_fops_mem(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) r1 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000000, 0x8, 0x4, 0x940, 0x1ffde, 0x3, 0x2000000000000006, 0x2, 0x5, 0x5, 0x6, 0x8, 0xae, 0xa, 0x2, 0x7, 0x5, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x1000004, 0x64, 0x0, 0x80000001, 0x0, 0x47, 0x0, 0x0, 0x0, 0x200000000000000, 0x0, 0x4, 0x0, 0x0, 0x400000, 0x0, 0x80000000000, 0x400000000000000, 0x0, 0x8000000000000000, 0x7, 0x3, 0xfffffffffffffffd, 0x0, 0xfffffffffffbfbfe, 0x8000000000000001, 0x0, 0x7fffffffffffffff, 0x0, 0xfffffffffffffffe, 0xa, 0xfffffffffffffffe, 0x40000000000000, 0x0, 0x7ff]}, 0x1fe, 0x80) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x4004000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x7, 0x9, 0x5635, 0x18, r0, 0x5) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TRIP(0xffffffffffffffff, 0x0, 0x24004045) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) ioctl$auto(0xc8, 0x800454dd, 0x5) epoll_ctl$auto_EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xfa88, 0x1}) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) socket(0x25, 0x5, 0x0) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r2 = open$dir(&(0x7f0000000000)='./file0\x00', 0x42, 0x20) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xc008aeba, 0xffffffffffffffff) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x0, 0x0) open_tree$auto(r2, 0x0, 0x1001) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000) 1.089686563s ago: executing program 2 (id=1022): ioctl$auto_SG_SET_DEBUG(0xffffffffffffffff, 0x227e, &(0x7f00000003c0)="f7adf898131e1c821b6e38ac714bc4e4360f442a58d6e80304615265be903438c197110e804faf48dde709fac969cbc48c13cc9f1eea748bb712e826dcf8749751faabfe04715fb50eefbffdb8f62ea71565c71871b20f6baf09632076a5420ec3bef93a13b7e34af8aabca677b06d0df5e2938d25a93b23ef0e19ee604d65ace765be251bf1739454e6b547e47e3d9ac9a74847a729b6c13775703229766e29bccc21fb21336253b81e6bb65798a8c6bedbc6d24835466482ff1e2e052dd5d8680c50d9b92e7211b67076526bf27db0a3e2bbb14162dea4a77142cad86ab0f58b8c1260b532cfd9a0aa87c1e6f1dd817f6ce403704648a5518804d5766f8a668f30a8aba1f6634fd2889ff594089c33bef806b168dcbddd8c109e92d772c0b52a9d2fdb3207b45a8cabec575b01d6b0c59a1f2339ae4fff14cc4ce017eeb21aad4f3890c5d858f2a0ddb23d0c3bb7d8054a3777b8ae96268b43cc93b6f5b45e03f682f0a69d02533dfb1b8155045733c39953f0c9566747baaa49dd60374f65537bfa71a5407b9bb2e19ac1ab757832fecd570cf5274158f50041e10a4fa74b35bc35820a92eb2b8d88da59377156d8eb9986500a4f59e368c55f6a08198271549936b39b50c69f4590c0275e2588ed131edcff2c1b45d3746795f512b99a49a7f89a35edd918ee4206617cd6aea61859b3fd1beea20361cfce6305c28fd7d64b263e1bcf6e1acffb9fde5553d35356a8e1a88169d1f751dc9535f934ed75c19863cc2006f88a1632543dccec2cb3c75ce736dea6e68548c8a2a3a1ac83550c3f797ff033dde24377ae1446c7c3f600c392e25ec67374a649f152e44a6e71af86fee34b96d431b294c4ef3edf7ad9ea6d4821dbc78fa007b59060d9128a3c18cad5a8d33f799f442ec4a413462cfcdb79201a185b19cb33ae9a0876ba200cc92ca9cb5c7d54dd5047b5fefad838f7bdb1fcd4a63419fd9a34f1a950fe797f1996e5d39908ed9a528d256bd71b75267753e7265b5dd673b5ae5e7f2075c3d26f53d244f7f1a0b099b929ae79734f5463f0f03f415ea39a5064b3398af345d862e57aaf1f4f50f6bc7f3a84ba9e6b5596b212f8865115d29dce1acde48328acbb62f9ba62afdbe2adc252e7a0ebb19e18a353140e83e59c3288741f15379d213f536e48ec1076c026f24f638a938a04d578237def377b8334cb7b848bb6522a85316b3d83552ac3462ee9e6e7ece7a22fa78caf4b2854b2bdc33356c7b0a03003879d2454e27be92db2a2e8bcdbe83a01b3e9f8e1828f79b3107ba4bc02f947a92bb1b0e0f0b40c6c1160d815b272f911146421840a147b68931348b4ef8c97fbb433ed7b44376d3b964f72fe5455ad43b2e9d59df06f3454fcd702cc0e6bdb7af34d58cc9cd872269748202a96edf5d03dabde391f33f8a59afb0ab8c91a9b891f257249d44ace28d93e0d70fc491dc4fc6ccbb96ea8335f81dfa58cd320dca92fe9c693d718b5172d8f412c0a0c16c0da3ff8e77df4af57145748f95986fa46103d8901e79cd3df38e9f1f5c4ddb57af2508a368f14d78ff4565526196b6050fbb63f4c5d524b7ed3aad1d75e09a9d366d9eda7544d7ba0db63e21ad461a83a9274adb543b36ae41200ff43f363678cebbe7bcb3b68c4b2cf5644953f31f57a7b32da2bbf64d2f16124c26c7ff8fa0a3c0d107754645a565d6344238424217f0ff7b0b8583bc7102c8352282fc8760543d50eb40ae53e23ccf6298489916e77185abc15168fb36318a1ea48f90a46549a0e65b4e6680c20c0a0bfda4ba2b7217a09085c8efc833f5b98f6e2f1c1d84c85f4cca763d2e40319828f0bea7c63b3a9cf05d4a608fac184edb6c002fa982f915644236a4ace6476acb0b6efdc7c69921e37ea872d8e6880c3d1bb49ade9eb36507fe8a581ec37937273e53a9d409bf5a270d98785d157ca7911f4916e011263f33d916130ef1a98a18e55ff0bc40bcc213b9c8237fa3df2c204cecc737a4b8ea783309ae0e5f359311636e014a2bafb33ab8c41fc8eb70233e0d81f44076d9ef82211a742989e6ce5af78bea97d2b76799165a217aa883f434a310a2653c90bbe43d80d0bf98a43834a02c85fccfea2682af130f412f1c5b5b2056dc4932261113c3ea59042c4dfbd5dec4140b472054bee5668f2d41d8099b5724c44b4cc869b8d12710a641753a34de66e88bc8c80736f11ded00e7b538b81e36197bf159d7f6df543db5df79886bac52bdd758c7dea22e1fcdc7165ac97d746a4e5acb9157158571d7fd328648a7b9bd6e5360911a899533273a9c576a0e26f2e58613d07c15bdf82bbe553366f05e4156d1831fb298714aa17481da9dacd986115cb9e4bc508b991318f0f953bbc5d54c6b98b8917a96acd6ec01edc4b26db14968f950a866a3aa1198c820d575af9437f940224dd448064f3c16c493ebc0e81677de4046321e6b21eb785ec225e1f93b261e63eb974868b78f00b8b42c63e662fecb8bd1d336559f4a6e2480a4af236633e0e543b3dfca37881a3e9a12adde53b4af08015c342bac3483180c5bc39966ec3c3c33654e64e381a919ba5cb7cafe58dff618e277af61df3da717c100b75d00fd8705a958484f73f769882cfb3cf7231109ae39e084908fc32056c7122e95c0726c21dcee753a0bf2ec15a6d6d5cae32bcfddd50fc261776c34805acccec910c0b0d0d9501e77d7c6940ed2f07dfad9daa87404cf15f787bbfca5991bd75dd7f5ebd83af90e61f9a0fd267f7060b3eb1f0db09ff4eecb9a6539050306178553185377b60f1c0727056fc1e4beb684492f8f6616fa6b1530d5a0ed893bc194573490540ffa31ead5caa48f0f02a930efeef8ec1ea0f67706b493ca279a65309e9e8ec68aa7562e7aba91528e269363dd0dc06774de43f3c16ee899919e8866367c16a117b655a654c8874cbf7c760ea37cf82070e61f147c25d14e6a893dc7ce330688c7f576e080fb99024827ecf08f270e9ad983a14c7bc1e34f66f11f384e5365c893907fa1e257dcbbbdfbe679d288dc24f303ff1b8b812d20e41dcf5183bb22f6def2ecd3492c94ec9e90d63aba7a98a7a03d9dd457414f0fab25be555391a94aa2248ced0dd2856a1a036a2219695d015dacc10ba48ff9a4e03cdeb4247c299755d31c2957f1cf472c05fb9da923946935ae2aca5c5a6c50203615981758e217d7619bef971b734dc71f4d1e4e4bf0e0efa91d5adbdf1e5054e45f04d998807372bb77d278e4795637d8d3de29ff46e57a24b8eee6ab9006f2225e9cb40f5ba4bf8b1d800a9602c46a79a5003476c248bf82e8312eb38aad3ea8b7ac1d07689f78d99d9e1534ea0da240fc3c934a04e9bf2d84c15eb57c4da17b8e10e1647ac26a93cb2966ba5bf5ed3554d3e75654c1fcbf4ca434fa64388f4752c2b61ecc317367f770b4953b89e8bf0c183189c4057e7e54cc10e04465fd55ede728417031ffe88d11cbc0d97c0ae82ce1665d4fd33b26c50ca02e394c8c48992a94759b29efc2e6dcfe80a5a07bb5f7c1dff45a0e97183483958c722a03eacf0c5e59f47dc954260290f0693f50ae30ef62bfdcf6d6fd59139b83b10c69ae6d15143a242be9ee0b170bc8f59dc0b5a83a23d749106861770237b1e97c5c5f5e36e67d66fce4862befe4566d74c5b8a6a7bc3375729f2a905e55bb838bf02c0e0c44d4cac242f16dcdfbd33299afd7d9979b05e377306f50a452b90f019817718acb12108f81154c0f8be0080a6434ef6b2ea1dbef90be878c985f43ed8475ab8b400df77c885265916cbc4713a4f556064fbe4f3d27827c63a685e396132686ca5b48029c0af56ee5c7a9e28c8dda466d0e36ec49c5a134f8d3af00307d1a106b44dc15d373aad8a7647ce9e74872b26bb360aa9e3ddede626e2ba199be4b178b7cf2fb290183fb7db03a7910baea258986f6f1a4ab57287d53dff014651ef384811bfa7f1b63da66f610fdcb1fc3c0768e613b71c8baf9afa7056de5caaf79ccb65d6e9ee3848adf040709157247fd076a8ae69c9b1f50883a50a68dbadb40be009e5b5cd43b0a2769c9095a9b4d4a5c5835c5aa6b605c399d1a33977e0eeca3201b896622a831d988cc0f36da7be5ab8a12079aa449f422ab1bf70a2cc2c1a37a7a569b7abe3e92229b13be673985dff20246b6ff70938454f75975cc5ca1630da84db816c52081a8808395e70f531a145021c1b99fb6cd9b33e794081bfb27d178f946ed80daaba33fa4fd65c1fe07b199ae1292b05f1da1c8b5693eab35688a8fa21df6255f930799b58a58ba535915410869a756400c5df4a07676a8c15dcaf728f19d2878f43e3d5c0afc820059d1d0ef35a5d0608a952f6d7a03a8fe64fc299b1b44af97e8304ca5e99bc27159c1106c05b71818206b86210d0041545b515f08afe0b121e178a39ff72bebcab37ddd95324a3d4e95bb1ad562f8f8626e967c61af987677680292b8044d2649008a792be1c7a9ba798b72486b9638a2dc18e10efc10d029e8791890ccb2c36a8dd6effcf5b60b0c944da61713ea7535cab4ccd499b85d3e9f679781095da5f43c78f12f7e176769733aa7922bad589a1e2c24efb2e6f59f32bda33e5bc8e78719d9bd689a05651d62faf72d2963014d3e05b9062664f851cbc9e8ec5a6e84a18526c9bcc9a062990618fb3fc8a0df74ae9127dd135f064c07b640812e40bd05df94a740fea2c2215c934e6dc9151ced4525f7a462e08e77d5077f16a5ecc614a1d596b7d8fa2311f613d1d65424a35dfe5cbc396d89b285c85ae4a6ebf725cadb425303a407193e75c178b805161f705bcf685ca09624a444b6a8e5f526c97ef0cfc1fe2a6a82261e6d707882a3c6f2ff6de9181f765288be808487caa383300d670f8daa0b715864492f964ba803816b2c323cd120c032766d56f0b26124d19e007a674ffa0496dba99b2f0f083a592447f25752165930f24f49ee7ca79304242033bf93fceb284a5eb4bd6b1e9a8b01943048d3484407400e1ea58462f8e14f405c7ff5a6f88ca6b3136eb8b70ff7bf3d6471d38ed0f43196ac8116d803e9890eb2f996a315d3d74badd4894a4be4e7488dfe2e8f7d7dc48c483bd39b1324aeded40a47133f9c29adbcd85541223e9f3187b4bdfe59b6299fc96c2f1e880c634f5515e0c3c9bee3bcfb5b1d84b88385d27b5490dc700d7ca32d73a4871679422cbeae028106af39741422f99e252e6b1a6aed42d9f27a565b036a04552510b40fc9fedf378e72e444b191980c07de916c6faf7e6b3d62d107e926c23762b6ff48b164870e7f65fd8142b9f9aac393680a622a0fc6717ca96e619f7c25414ad39d73e42efbd0d2cc6497a574b55a7f1d053f2fd06426d3a152ef71602e891861f181260eee54d844e625328ff9a8c3a60c24f62852e587e44e442cbc5ebb3c60a05cd2894af8543ee928d83e7f721215bdee65d08c4248818a89f9ad70d155be94b12803939ce068cba971aee4d8412a67e4fa7f3f74fb56028a1736e9e2b75558ee515520975fdf14df921d0e83369d9b2c7874f70fd175344e29abda9a88183d1369f762fdcca0bb10f698c1745baf49d1118e8108dba6a88aca1fcfa2d70401d233d765fbf88e3831679eb7a3136d6049377881cd56cdd8eb9d88cdc6e320e47013b68799b32449bfee3ce1a7be8667a561fabbb2b41ca67737e0b329c4532a089c9481fc8fda19d6e443331840a8ccb5935a71848f5350fc5258f7f567d62c92e92b51cc8b1cc0f92b1973bfe444a43e5") mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x200, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000240)={0x0, 0xfffffffd}, 0x6, 0xc, 0x1) r0 = socket(0x2b, 0x1, 0x1) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, 0x0, 0x20000001) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001480)={'veth0_virt_wifi\x00'}) sendmsg$auto_NL80211_CMD_GET_MPP(r0, 0x0, 0x880) r1 = openat$auto_memtype_fops_memtype(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="524b7eac494ab008047fe449a5b38fda198f918f3855cffb887f965593895db780ff122eec9f0c1e8bb1c582a9c8b46d425bd87fbd8e055a84b5eec2fbd330e5ff5295061bd9a8b20bbc00f389fd7ac466d623928e6938622d3f23cad910ee585238608e12651efd2075f07f03bcef6095f306a37da7fa527cd9ae7d8d8f7a14585ee317c63dcfe7c8c9cf31c57e09519f8b", @ANYRES8=r1], 0x1374}, 0x1, 0x0, 0x0, 0x200480d0}, 0x2000c082) r2 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r3 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) read$auto(r3, 0x0, 0x1) write$auto_proc_clear_refs_operations_internal(r2, 0x0, 0xffffff4b) close_range$auto(0xffffffffffffffff, 0x8, 0x5) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f00000000c0)={{0x0, 0x6, 0x0, 0x40000007, &(0x7f0000000180)="bcb9c371f46d0d9bdb06c4837f6392975c3dce07fe23702dd7346a3e7774e8881be6660ef6514d314dc7c2a7b07582635940668ee4020f9bb4b577322dbddb1dcc92fbad285a54e448c0423f71bef721ac0eacdf0e2184faac074151ca1655bf5e8814d73eeff0e81576aad5aced3625f066f3eeb4e7d741b11edc7a", 0x8000, 0x1}, 0x4}, 0x1, 0x104) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0xff, 0x0, 0x1, 0x3}, 0x7}, 0xb, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/fs/cifs/traceSMB\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(0x3, 0x0, 0x1f40) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) 843.215623ms ago: executing program 0 (id=1023): socket(0x28, 0x1, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x4000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x20940, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x82001, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_SCAN(r1, &(0x7f00000165c0)={0x0, 0x0, &(0x7f0000016580)={&(0x7f00000006c0)={0x14, r2, 0xd3ac6c422733a379, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x48800) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4460, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x0, 0x5, 0x2, 0x400000]}, 0x0) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x42, 0x0) close_range$auto(0x2, 0x8, 0x0) 743.617272ms ago: executing program 1 (id=1024): r0 = getsockopt$auto_SO_RCVMARK(0xffffffffffffffff, 0x6, 0x4b, &(0x7f0000000080)='\'++)$&++}+\xa4]\x00', &(0x7f0000000100)=0x3) setsockopt$auto(r0, 0xfff, 0xa, &(0x7f00000001c0)='&{#$!}]\x00', 0x3) mmap$auto(0x6, 0x400008, 0xdf, 0x9b72, 0x2, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) open(&(0x7f0000000300)='./file0\x00', 0x7efd, 0x3) write$auto(0x3, 0x0, 0x100082) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200007, 0x19) kexec_load$auto(0xff, 0x0, &(0x7f0000000000)={@buf=&(0x7f0000000340)="fa60afd25fd1229dc554c42a6f12a2fc1399309f9035b297e95700872d15dee74b68585a6bb1e9055bb8c83ead2c08e42cab89b1e3112f0dc9741316e46d567155f286d375e56d4cd3a9d1ba80b9cd454b216feac2b80ce4db3a3551f66b797aa1a96d1f17a598373e89e1598494a17e1c79135092ba868f4b7fb8ec49e6d56171c0d66cf7971c4c0099ed351c7c596484a717818eef04116db30d6716998fcdc1d0694b6eeec03fd9ccc833662d9ca171efb7348ab081351354922a4d7fc344a39e79f32e86eefbac937850f15ae7a6776689495399ac99b91497d9cd77233fd859ac4c6f322bb185d1be95eaf1bc32815bb449a9b8edba609f763df70e1fbaa3c571c918073300a1b75c1f4840414e10a04fe581688f759e385c883770dd8728c2b926b023760126b8f4a1efc097b641bbae6f41397be352d4ea98d2e587d51348a1945f23633ded9b0f3c7d33b6175c3cbb3252cbddb7ffcfe3a7d00e873708a44780b8dd6ca20c6a9e99e58b4c35f11008f38dbbd66394b976d05c8447b09afd1ebb08480726a4b937d1d1741afd2645e9c6d0d7b585729bbe7ad0d5587df45a6938ead51dfec69e6e090bc994ecd1223284641b91d79740364edcc605fcb6e7e0edae9cea2a911bd33a83f4a0163e857fbe56fd86fcaf86a3d9e8c516b7e2b6edcb6ddcc604e2562bfe6bc2c88e6c62d05a2c99f1b9856f4620f6eafa2adbd97d523e050c09731bb53600663e4fd274ddc87c61ba16db7a956ca33df293c6b8fa677a1d14644e37c975be4da0b6d98ae18f6996993b90253e708aae473cba288254dc9086fe3f0d0b844d3c8f4a1e55fcd2fcab4733d6d4d60a1cd906b0780b0e1b047468a20bc3f953b9720a9ad13843d7b66b7456fa0df2ccafc473979d4a6b73a476c1321c5df823fc6568745c24ae02cd3855d19bb7d01b3e28e66fefac195fab3e24882e44553f349e1aa49e64452cf0f6baf839fbf06574844436953e41492afd52cf617899bae27e452275ca3772a8342c36aa49071c20595512d714f27756724a86959dbcbf5642299a5ffa377bba72ee33b7efbd4297fa90895fd6ad3e49edd9ca854da2ad4d928c6b19920e0702bf3b1f5e054503b5c4aae2ee4b680b4f6b5c66a954cb87c68ae36afa4f014e0127b7cd79e51196ede18d790f85d651c194471e0c4eba286246e1c9986e722b0cca4ae69eb54a03926cf7330f901e14da2face9eb33f41e4b5d281751c8f1908393ea07db684c31c397fa335d8a5ff3fb2d6c9b0eeeafe18c477ab4534bb9adac205a130606f5ca08843a7cbcfdb80e253075436cabf44d4ff44043acabde6b2a88f5235712eb264dbcd62248e6e5fd0a5d99c663d795d6f1c1b935469d31cf050161e789d748f63f2a2fdf20948540bbaf5bd0efe11bd9903a567b58c0dac24e0bf8bc2254188c95afbf1ef5c8322151d871b4d226f9c80b2ce761ab915b1259dac4700bbb9b7f74538f4253f980bca4edeacd3a313fc8f856dbe8686d09be09d5670ced4d2eb34cdd42c620e71b6f2ac82b9a24a4e37c59b66ff9dce0e003eab34dcc8e536fb1135c70bca315c1b03018d4be0154eb4b69d1bcc9a7ec589a7594468863819f975c3df1eecf4c306cae98f7383ea5de0a7f644dd4bd3f19c8899568fdc04c5f3990d48435ddd69f963d321e9921128b420798ce58d1b8d0b5ba6c634c1843b5102756a5b94ebbc6e3df932b01e65165a4995856a75a8bbe9c687eb394d455a4459a6559577fb211d646c6337d4482fb455ba79f8c04cf9652781180f688bffd590277a94628712086017294260078944c2aaf535e833af523180bd1aab0c28c6e4d4f627ca0eddb8610acaa25e9a4767efdb975040c8a6c28f0d1239416414e5f224e68b2fd5ae46031535cfca9a90d84f57677a1c05763d6e219fce38ae1e67b77e93fcfd0891e29f0c47dd3193101bd449fc88a4fb21dc46f6c3832c44658a10f14b4aa1410f8a705d2fbf0dd2e08652240a7ec3ed19a31936566711d4f3bcceb0cdd5d599490db5dd1b3754c7b75c27f719e1ca44f01ac608819bd4e6c151eaffeccdde8efcdabe567564f7f0c61006e506df681404b4a76c99a07693283283c938bb431ba7eb9c9d51ac1828337308c1519ada3395fbef6a0da3a84394d03c996235c8abdddbc83ee54eda27c0d4c4e43ba55f107dc4b0ef795ec38eb9ee20800d19b446838ff80b2d2348246987d2f0785a81ad2bce087719334fd319ab5a92d99969892cb27d84ba11276321bdf9a79cac172d71d336b29107e51c236a233b4956c6af379b4ae53cdce0a83aaf2a75e4beb602c9c7803b435898eb5b07610d3e21b84d06ec2b159397264030f50f7eafd1c181ecf027d6ddee93e0be255426507c8d45941c5f9bfff8a1501cb95825b06b93d3a977b8eab9e42c8bb2c881ef02e413265ff32c534461b123ab77fef6bc773ca418a43402befb9d01ea4bd3e603f3c42b1acf9e26e02d8ac483d028c896749f34b82084e32d2da0ee2bcc705104af68343d09cf01539fb4c0f7c549c98eff5155b729829e73b6c30578d35a2f3fc0911b8eabcde3af87c3d9e90373a5fa82c260205a07e3446a68a268b32e2895e055b2ba802a6baefd8b6f876f65d49b99e652fe54438594229d2738b1d5643bff232935e1ea5005010f6e60e6151861318a75f1691bf7ffe7e9096f1f84209daebd83bb2ac25aeda1e2d0534ae3086d7eea6f0f85f93d4ee50b4b263329e609dfa77fd7e0055d96988924b8fd7ccba06c720372f23def6a38a6cfc7c427ec22bd7435c63873f0c7eb773ca787028e77a7df3502a6f9efd670a626adbc793a416dc84c3e990153c1ccce8d884c7fee64d7d0ddce33f5f49df2027e814290e6ae7c1dd8326dfd902a71e5683a43b39a32dee4684ef30250ad38867622d2c536876d7e5e20658ff7f36bb799258fc8510e97e495c026086784162afc1c7cccac613d9e6a5bcce7698f6c929c1571847fc36013fbae99fa280f5741204fc408c81a5435b43eb68338d47e4a6e0c0da601099b1f90fde6d163bec88fc95c8176123215781df5e974491b480c4281421ffc8b2f5bd951c391eb9e2d850c8bbdddbc91c70817118d1aa34e76582cf91feab68210fd29430ea296658bb4ac9eec38c612670bb99ecde77acc4ad0d17ee23a1c9ae8c03e0d5673c74950d6d244089440a02fe4d6212dbc9d76fcb0e71bbd2b290c12efb53c566fdf4255ad7ca2ec72c05ae21d74ea2ddff5ed3f521f37d9685152425fb74feb58a774570da830bc32c67e5605445b7b4656b25e5c21fe21d981adc40196f254683ef3807da1e50965dc54c2b30f556e5cf8850eeaaedc35456320f072569ad0b00487304abe6895c2892f3b9440f57dab5dc7b41848e5899d87b76bb9ecedb144f6efa773c331563cd5c19ab69e3cbbca70fb82a278dcc03770a4f485a867fdccb8a383ea7505bf7aa5ecd0d206697c2f40e9199d1c7bf1927956881a066b6502bed5eb9d90dece7416a5b53a330b3d6ea7a774fa1592a40499f7aced0d22bab5d752a5444ff0f302d7bb586c7b68cfa151793c312a1d2700f1cf9a9ef46c1a6b0b728247e72a35a334f8b382b79531b40677cb8a567a2fa8232cdce59067280d3a2e840f19d35fc59b0ec68815efb3ec1092fb83a52f433aba6e5d9b07eb456b1cd7687509ee675c2aef6600302003b829fbc21df5fe54e7daa425a081335b52fafa878d6be16d2bf3ef4ed8b4c49870da867c9875022c3ff5681393e34407ce48964e3a4b2bbac014f535c9da526db948629730a942f9b73b7db62076c445135e97168ebee5a97c98be336ed1755f575c1536100fe68a3f3e1600dc70a063a43e982a49ecd074b9accd9c4c48ccee9dd72d1049999e84df8db1c5463829dc912d60273e46a708c636bf7fbad2f696f3d11f6ef7d58200ff8df71721ce3efabb3f8efe38cce7fae3a2c8d7a1b07186cdb971daaf30f704fc3545f5dcd5b647d819823c681942a2f5ba9a3886845e4e92d974ff657dfc1d6c6073cf04856c638b356169ddc7adb383eaea5323bc35a7e2e219884f90c71980683ddf1b4c968fe2fa7f994eb0e2612532ccc1aa9aaf0341402a4c96b53559be7e363ef618901d3ff5218414c93144e2ae4b7d67ff6e8a6e80a6f270286cf53c6de8f6ccbc3ebaacbcc8d03925a2b8d60c0e30b585e5213da86d71c55ae42b1cad992099f9b22563ee8c5ff488a5a9135e79ba51c1fe4bc17be2b0632f766e0c711877792a0a11e57d7ea0e38affdb5a9118686372e3f44d8ca002a01b06de896b3b352822c0c35f975509d3fd850cb6dc6ec91d9b3a6e4b94592c0aa4be7a643a2ae2de1d15843593951f6b8e0f7b2ba1ea8028d81324ef7f8e8c520abd474cfd577735b94f1425e58ec94f56710ee527b8d04a6d551dc4f4619283fafebeb5437579479fc6a0a35564516f79d66a4e891bc086b08e4a965ac609ffb8d08a84421fb25211b2bc4d6fd439567a04fae4cd34ce54e5dc8c2dd2f0b529341c7c0f50fbd6754344c9a735e91c0c5e8fc9201bd3f936fccff6e4a87ee6d6278a8a937a31aeb1e8e1381c282feaedb6b8001efbec61d55e8232ffea5b24d506a4d59e7b721d9d95d9bc8457ca2cfb8eea3682f1a6d251db97c35a5814bf4a2684b706d84748ef37b80742e4a32ec185c4837737ae9a169d72281f64dd7509ba77b44acced4b49bdfeee9cd3ce9308eb29781731c6773b9afba35b62b3eeb8fa02def8ed6730b842b4b4425fa6ccc2f913738dfc6d124a2c4032e53554769ec167609cdc3eea9e8968104d43f2aa5f7be5e2518e1b2739c926945a25200392667ec2af847ef8a64cf8665428972e13426bc6451e8aa636b0505585b26f39a75287715b589c4953c14957b19f3cde8cd6f79056e9a42f82bafb27abc0be38acc36810215dfaff35cd8ca2e16441cd97b898afcd503bdc4960fc22784664c6901310768e553ae28a757bc238216e7ffe164b8773e9e8da1cfc20384d3b4a3a45688416946bf8739e9086447023385de4ecef5ab305090cdec458f5afa0667879a5a0d12110583893d8b2d616abc4c1fdaf638b02b4773f1d4809c05a8f9421c27f5935e93fb94fa135ace120da039769a8c56d701155caa3ac470240e26246d7d9d79cdec93195350affafda3a4f287413de1e4d0ba55c75d8e7a3b4967ffd5f1de65a2c8c60e9344f4d6c27ef348b8191e1aa649a04a7c0b961e7d5d2a4e938c099a8b3ac95c05f75c4863b148bae9018516ca91438d6a6b8df0e4c2331c0c97b85bcd3dc62fbcf595b9e8d00222da2833db6994d2e71bfb418130da76e418678432cf1ed029dedfc1d39925c7fcb30a51df533c3138fc856f1999538d697b40a824ae87fb06e2d61c5c76e26474698d521a43278653f706e877afcef0a0e856f7772c4f4b3bae5b00c751dcf8b442f31b5cfdd0d723d97161bb2c061c0a9c89284f20684d214c4e6f49e1814ac8fb0aca5dc3790120b1b38f8f74935994dcdee5fdc35c76a35026ba389e6f41123dc9c6d4ec47d535832b7330f04a7af48d2ebd818eb2a46ff1a74c78487733978e878860d8be2f3ac843ff2a8ceebdded859460ea87dbcaccfa757db4478caf77d24c4417a520bedffc9fb8b9cb8f8b1a7ff788ee48e7fed7500ec91c523ecd813cbf6de73aeef39cb4e5fda5c3bd03b4942145dd3b1835c4ceb81a6c3b94d57183e24e884b7c83394e4e41a2fbf196271db826695dc00c774111aeb338c207536eab9ad9348c9f432", 0x1, 0x0, 0x3ff}, 0x2) mmap$auto(0x2000000000000, 0x6a1, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x4, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) adjtimex$auto(&(0x7f00000005c0)={0xf332b6a, 0x0, 0xfffffffffffffffe, 0x8, 0xd4, 0x7, 0x9, 0x0, 0x10001, 0x1, 0x2, {0x8, 0x10000}, 0x1, 0x6, 0xfffffffffffffffd, 0x1007ffe, 0x0, 0x80000004, 0x83, 0x3, 0xa747, 0x1, 0x1800}) r1 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000480)='/sys/kernel/debug/ieee80211/phy1/netdev:wlan1/rc_rateidx_mcs_mask_2ghz\x00', 0x20100, 0x0) read$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(r1, 0x0, 0x0) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x100e42, 0x0) ioctl$auto_SG_GET_REQUEST_TABLE(r2, 0x2286, &(0x7f0000000040)) sendmsg$auto_SEG6_CMD_SETHMAC(r2, &(0x7f0000000740)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x30, 0x0, 0x2, 0x70bd27, 0x25dfdbfc, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x7f}, @SEG6_ATTR_DST={0x14, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x40) r3 = socket(0x23, 0x2, 0x0) getsockname$auto(r3, &(0x7f0000000140)=@in={0x2, 0xfffc, @rand_addr=0x40000000}, &(0x7f0000000040)=0xd2) r4 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000800), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCR(r3, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000900)={&(0x7f0000000840)={0xb8, r4, 0x800, 0x70bd26, 0x25dfdbff, {}, "ec25b8cc1c7178fc7223a9acf5a8d9f071e683af1ca3eccf777c2706cc23aec355b422075741290d32376e3f4b0377a3f599997129bc6d61f5252aa0cbb597244f4c1a5b1b8cf52a8384e9e579acf397047e6d29113d433135e9065ebbaa8598831749b1c40a839f5dcbff428c5e052fcc2ca536386d688eb16e32afcc1014078f234bc0eab107d12891f71416a70375faf8d7e60f7ee4d021f4ba715c0d65f6d11d94"}, 0xb8}, 0x1, 0x0, 0x0, 0x2004c084}, 0x40050) ioctl$auto(r2, 0x400454cc, 0xffffffffffffffff) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/afs/cells\x00', 0x4a801, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.5/usb6/busnum\x00', 0xa400, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop12/queue/nr_requests\x00', 0xa3182, 0x0) sendfile$auto(r5, r5, 0x0, 0x2) 316.344733ms ago: executing program 3 (id=1025): mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x1, 0x100) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) socket(0x10, 0x2, 0x0) socket(0x2a, 0x2, 0x6) socket(0xa, 0x801, 0x84) getsockopt$auto(0x6, 0x84, 0x22, 0x0, 0x0) 18.948719ms ago: executing program 3 (id=1026): socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x800, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) adjtimex$auto(&(0x7f00000004c0)={0xf332b6c, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x80000000368e, 0x8, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000500)='/dev/video0\x00', 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffd]}, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r2 = syz_clone(0x40000000, 0x0, 0x3b, 0x0, 0x0, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x7, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(r0, 0xc1105511, &(0x7f00000013c0)={{@inferred, 0x7, 0x6, 0x0, "bbccbcd7d12c37e3395149784620ba1de5bb291c240924299031a6348f25231d691516434db1ac931d1b6193"}, 0xcb, 0x140d42f5, 0x4, @inferred=r2, @enumerated={0x2800000, 0x6, "c0eec5b9eded480e41b4c64a124205fe15bf2b44ceae3dfe4f8894c395c881a2f0d5725fb97d9e2b0814896b72224b4f04ac63d5f6a2f8704f0e118b2b31d940", 0x4, 0x6}, "753d362b6b19e500aa11c4f47489585c06556879118ced5f043cbc39525ca568ed7fe70733f11d83c847cc0eb79ce8d9ac8ffb7d654b446dc5293a15cb154748"}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fcntl$auto(r0, 0x10000, r2) read$auto(0x3, 0x0, 0xf34) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x1d, 0x0, 0x9) connect$auto(0x3, 0x0, 0x55) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000bc0), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'veth1_to_bond\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_LOCAL(r3, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="1bfffffe", @ANYRES16=r4, @ANYBLOB="050323bd7000fbdbdf250600000008000300", @ANYRES32=r6, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x40008}, 0x4000040) bind$auto(0x4, 0x0, 0x0) write$auto(0x3, 0x0, 0xffd8) 0s ago: executing program 0 (id=1027): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000800)='/dev/adsp1\x00', 0x408a00, 0x0) quotactl_fd$auto(0xffffffffffffffff, 0x1, 0x0, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfdfff7fffffffffd, 0xd4, 0x3, 0xa, 0x0, 0x200000000000001, 0x368e, 0x2, {0x100000000, 0x4}, 0xff, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x8000000a, 0x81, 0xffffffffffff628e, 0x1400, 0xdeb1, 0x804}) pwritev$auto(r0, &(0x7f0000000300)={&(0x7f00000001c0)="cb8b190492f16706fd5d73ff99e0266893dd5727671d1c", 0x7}, 0x0, 0x9, 0x4) r1 = socket(0x2b, 0x1, 0x1) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3da) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x87, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r3, 0xaf01, 0x5) ioctl$auto(r3, 0x4008af30, r3) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/video1\x00', 0x401, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_DELETE(r1, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB='\t@\x00\x00', @ANYRESOCT=r0, @ANYRES8=r0], 0x44}, 0x1, 0x0, 0x0, 0x8004}, 0x40) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/scsi/sg/allow_dio\x00', 0x101901, 0x0) socket(0x2c, 0x5, 0x0) ustat$auto(0x801, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) unshare$auto(0x40000080) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) read$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffffff, &(0x7f0000000200)=""/238, 0xee) ioctl$auto_RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f00000000c0)={0xe, 0x5, 0x2, 0x0, 0x5, 0x2003, 0x74f, 0x1fb, 0xf}) ioctl$auto_SNDCTL_DSP_SYNC(r4, 0x5001, 0xfffffffffffffffc) socket(0x1d, 0x2, 0x6) socket(0x22, 0x2, 0x2) kernel console output (not intermixed with test programs): 1 [ 85.279338][ T5850] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 85.287838][ T5850] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 85.295854][ T5850] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 85.306971][ T5849] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 85.316333][ T5849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 85.325579][ T5849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 85.333242][ T5849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 85.468327][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 85.642064][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.651127][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.658617][ T5835] bridge_slave_0: entered allmulticast mode [ 85.666102][ T5835] bridge_slave_0: entered promiscuous mode [ 85.676797][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.684543][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.691906][ T5835] bridge_slave_1: entered allmulticast mode [ 85.699682][ T5835] bridge_slave_1: entered promiscuous mode [ 85.712263][ T5846] chnl_net:caif_netlink_parms(): no params data found [ 85.761675][ T5839] chnl_net:caif_netlink_parms(): no params data found [ 85.773913][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.817104][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.903183][ T5835] team0: Port device team_slave_0 added [ 85.909315][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.916498][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.924350][ T5846] bridge_slave_0: entered allmulticast mode [ 85.931410][ T5846] bridge_slave_0: entered promiscuous mode [ 85.938289][ T5842] chnl_net:caif_netlink_parms(): no params data found [ 85.953172][ T5835] team0: Port device team_slave_1 added [ 85.967740][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.975269][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.984440][ T5846] bridge_slave_1: entered allmulticast mode [ 85.991410][ T5846] bridge_slave_1: entered promiscuous mode [ 86.050486][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.057488][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.083571][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.120363][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.129789][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.136939][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.144687][ T5839] bridge_slave_0: entered allmulticast mode [ 86.151867][ T5839] bridge_slave_0: entered promiscuous mode [ 86.159812][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.166813][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.192932][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.218239][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.227660][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.235024][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.242277][ T5839] bridge_slave_1: entered allmulticast mode [ 86.249158][ T5839] bridge_slave_1: entered promiscuous mode [ 86.298130][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.325497][ T5846] team0: Port device team_slave_0 added [ 86.334177][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.344131][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.352078][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.359393][ T5842] bridge_slave_0: entered allmulticast mode [ 86.366044][ T5842] bridge_slave_0: entered promiscuous mode [ 86.374072][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.381271][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.388454][ T5842] bridge_slave_1: entered allmulticast mode [ 86.395331][ T5842] bridge_slave_1: entered promiscuous mode [ 86.410603][ T5846] team0: Port device team_slave_1 added [ 86.420182][ T5835] hsr_slave_0: entered promiscuous mode [ 86.426522][ T5835] hsr_slave_1: entered promiscuous mode [ 86.483066][ T5839] team0: Port device team_slave_0 added [ 86.506362][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.513659][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.539911][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.552245][ T5839] team0: Port device team_slave_1 added [ 86.560204][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.571724][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.598610][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.605768][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.632176][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.673143][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.681036][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.707807][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.720946][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.727929][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.754013][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.775125][ T5842] team0: Port device team_slave_0 added [ 86.799655][ T5842] team0: Port device team_slave_1 added [ 86.852489][ T5839] hsr_slave_0: entered promiscuous mode [ 86.861539][ T5839] hsr_slave_1: entered promiscuous mode [ 86.867523][ T5839] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.875749][ T5839] Cannot create hsr debugfs directory [ 86.890504][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.897488][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.923965][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.950564][ T5846] hsr_slave_0: entered promiscuous mode [ 86.956714][ T5846] hsr_slave_1: entered promiscuous mode [ 86.963133][ T5846] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.970897][ T5846] Cannot create hsr debugfs directory [ 86.976993][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.984694][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.010810][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.130043][ T5842] hsr_slave_0: entered promiscuous mode [ 87.136405][ T5842] hsr_slave_1: entered promiscuous mode [ 87.142247][ T5849] Bluetooth: hci0: command tx timeout [ 87.146241][ T5842] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.155547][ T5842] Cannot create hsr debugfs directory [ 87.286254][ T5835] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 87.299852][ T5849] Bluetooth: hci1: command tx timeout [ 87.306342][ T5835] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 87.323390][ T5835] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 87.345066][ T5835] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 87.378904][ T56] Bluetooth: hci2: command tx timeout [ 87.384652][ T5849] Bluetooth: hci3: command tx timeout [ 87.408528][ T5839] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 87.430038][ T5839] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 87.440176][ T5839] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 87.457751][ T5839] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 87.492930][ T5846] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 87.506486][ T5846] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 87.521774][ T5846] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 87.544337][ T5846] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 87.585461][ T5842] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 87.598069][ T5842] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 87.626557][ T5842] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 87.641155][ T5842] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 87.789239][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.807630][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.820841][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.846264][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.872253][ T5846] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.885315][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.904352][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.920754][ T83] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.928023][ T83] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.938124][ T83] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.945310][ T83] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.956842][ T83] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.963999][ T83] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.973692][ T83] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.980859][ T83] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.994243][ T83] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.001419][ T83] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.023371][ T5842] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.032735][ T2912] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.039893][ T2912] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.065301][ T83] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.072548][ T83] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.103626][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.110875][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.187040][ T5835] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 88.214407][ T5835] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 88.267473][ T5839] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 88.304858][ T5842] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 88.461077][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.551358][ T5846] veth0_vlan: entered promiscuous mode [ 88.568271][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.599696][ T5846] veth1_vlan: entered promiscuous mode [ 88.662792][ T5835] veth0_vlan: entered promiscuous mode [ 88.681349][ T5835] veth1_vlan: entered promiscuous mode [ 88.700378][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.714348][ T5846] veth0_macvtap: entered promiscuous mode [ 88.732758][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.748090][ T5846] veth1_macvtap: entered promiscuous mode [ 88.774068][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.802208][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.836194][ T5846] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.847794][ T5846] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.861024][ T5846] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.870163][ T5846] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.891469][ T5842] veth0_vlan: entered promiscuous mode [ 88.905952][ T5835] veth0_macvtap: entered promiscuous mode [ 88.918540][ T5842] veth1_vlan: entered promiscuous mode [ 88.944348][ T5835] veth1_macvtap: entered promiscuous mode [ 88.995529][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.006895][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.018264][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.030726][ T5839] veth0_vlan: entered promiscuous mode [ 89.040629][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.052609][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.066138][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.082087][ T5835] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.091303][ T5835] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.101006][ T5835] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.112503][ T5835] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.146608][ T5842] veth0_macvtap: entered promiscuous mode [ 89.167969][ T5839] veth1_vlan: entered promiscuous mode [ 89.184371][ T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.192888][ T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.208285][ T5842] veth1_macvtap: entered promiscuous mode [ 89.219781][ T5849] Bluetooth: hci0: command tx timeout [ 89.228364][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.239243][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.249583][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.260193][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.271589][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.285201][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.295896][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.306985][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.317830][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.331995][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.373982][ T5842] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.384390][ T5842] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.389298][ T5849] Bluetooth: hci1: command tx timeout [ 89.393872][ T5842] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.407362][ T5842] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.421573][ T2912] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.429563][ T2912] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.459810][ T56] Bluetooth: hci3: command tx timeout [ 89.460148][ T5850] Bluetooth: hci2: command tx timeout [ 89.480516][ T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.490661][ T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.526061][ T5839] veth0_macvtap: entered promiscuous mode [ 89.557996][ T5839] veth1_macvtap: entered promiscuous mode [ 89.589869][ T5846] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 89.600553][ T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.617676][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.633173][ T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.636167][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.652454][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.663234][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.673383][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.684021][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.695554][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.715530][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.726065][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.736069][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.747147][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.757353][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.768296][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.779554][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.841150][ T5839] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.850849][ T5839] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.867169][ T5839] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.879209][ T5839] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.913691][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.934187][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.045754][ T2912] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.070505][ T2912] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.236684][ T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.283524][ T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.491892][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.533715][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.760944][ T5916] process 'syz.2.3' launched './file0' with NULL argv: empty string added [ 91.299746][ T5850] Bluetooth: hci0: command tx timeout [ 91.459329][ T5850] Bluetooth: hci1: command tx timeout [ 91.539684][ T5850] Bluetooth: hci3: command tx timeout [ 91.545187][ T5850] Bluetooth: hci2: command tx timeout [ 92.052167][ T24] cfg80211: failed to load regulatory.db [ 93.384348][ T56] Bluetooth: hci0: command tx timeout [ 93.541032][ T56] Bluetooth: hci1: command tx timeout [ 93.618996][ T56] Bluetooth: hci2: command tx timeout [ 93.624483][ T5850] Bluetooth: hci3: command tx timeout [ 93.627255][ T5967] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 93.852997][ T5971] Zero length message leads to an empty skb [ 93.899938][ T5969] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 93.923400][ T5969] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 93.950203][ T5969] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 94.003634][ T5969] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 94.019446][ T5969] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 94.116400][ T5969] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 94.132342][ T5969] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 94.148855][ T5969] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 94.223290][ T5969] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 94.240713][ T5976] Invalid ELF header magic: != ELF [ 94.282127][ T5969] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 94.325409][ T5969] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 94.372200][ T5969] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 95.938853][ T56] Bluetooth: hci0: command 0x0c1a tx timeout [ 96.028774][ T56] Bluetooth: hci1: command 0x0c1a tx timeout [ 96.182388][ T56] Bluetooth: hci2: command 0x0c1a tx timeout [ 96.339868][ T56] Bluetooth: hci3: command 0x0c1a tx timeout [ 97.990796][ T6012] netlink: 28 bytes leftover after parsing attributes in process `syz.2.23'. [ 98.018965][ T56] Bluetooth: hci0: command 0x0c1a tx timeout [ 98.098792][ T56] Bluetooth: hci1: command 0x0c1a tx timeout [ 98.260598][ T56] Bluetooth: hci2: command 0x0c1a tx timeout [ 98.429112][ T56] Bluetooth: hci3: command 0x0c1a tx timeout [ 99.695444][ T6038] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 99.710596][ T6038] FAULT_INJECTION: forcing a failure. [ 99.710596][ T6038] name failslab, interval 1, probability 0, space 0, times 1 [ 99.741960][ T6038] CPU: 0 UID: 0 PID: 6038 Comm: syz.2.28 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 99.742005][ T6038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 99.742028][ T6038] Call Trace: [ 99.742038][ T6038] [ 99.742053][ T6038] dump_stack_lvl+0x16c/0x1f0 [ 99.742104][ T6038] should_fail_ex+0x512/0x640 [ 99.742135][ T6038] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 99.742170][ T6038] should_failslab+0xc2/0x120 [ 99.742206][ T6038] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 99.742237][ T6038] ? d_instantiate+0x77/0x90 [ 99.742272][ T6038] ? alloc_empty_file+0x55/0x1e0 [ 99.742313][ T6038] alloc_empty_file+0x55/0x1e0 [ 99.742351][ T6038] alloc_file_pseudo+0x13a/0x230 [ 99.742389][ T6038] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 99.742428][ T6038] ? alloc_fd+0x471/0x7d0 [ 99.742480][ T6038] sock_alloc_file+0x50/0x210 [ 99.742523][ T6038] __sys_socket+0x1c0/0x260 [ 99.742570][ T6038] ? __pfx___sys_socket+0x10/0x10 [ 99.742621][ T6038] ? rcu_is_watching+0x12/0xc0 [ 99.742664][ T6038] __x64_sys_socket+0x72/0xb0 [ 99.742711][ T6038] ? lockdep_hardirqs_on+0x7c/0x110 [ 99.742749][ T6038] do_syscall_64+0xcd/0x260 [ 99.742790][ T6038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.742822][ T6038] RIP: 0033:0x7f943b38d169 [ 99.742858][ T6038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 99.742902][ T6038] RSP: 002b:00007f943c1d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 99.742931][ T6038] RAX: ffffffffffffffda RBX: 00007f943b5a5fa0 RCX: 00007f943b38d169 [ 99.742951][ T6038] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 99.742969][ T6038] RBP: 00007f943b40e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 99.742987][ T6038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 99.743004][ T6038] R13: 0000000000000000 R14: 00007f943b5a5fa0 R15: 00007ffd8dd5ca48 [ 99.743035][ T6038] [ 100.108765][ T56] Bluetooth: hci0: command 0x0c1a tx timeout [ 100.188762][ T56] Bluetooth: hci1: command 0x0c1a tx timeout [ 100.340156][ T56] Bluetooth: hci2: command 0x0c1a tx timeout [ 100.512378][ T56] Bluetooth: hci3: command 0x0c1a tx timeout [ 100.605244][ T56] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 101.705214][ T56] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 106.121303][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 106.224733][ T6107] random: crng reseeded on system resumption [ 107.956670][ T56] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 108.205723][ T6130] netlink: 28 bytes leftover after parsing attributes in process `syz.0.44'. [ 108.239766][ T6130] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode [ 108.289527][ T6130] syz.0.44 (6130) used greatest stack depth: 21704 bytes left [ 108.489968][ T6133] : Can't lookup blockdev [ 110.124168][ T6156] syz.2.51: vmalloc error: size 1880064, failed to allocate pages, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 110.164155][ T6156] CPU: 0 UID: 0 PID: 6156 Comm: syz.2.51 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 110.164203][ T6156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 110.164221][ T6156] Call Trace: [ 110.164231][ T6156] [ 110.164244][ T6156] dump_stack_lvl+0x16c/0x1f0 [ 110.164291][ T6156] warn_alloc+0x248/0x3a0 [ 110.164326][ T6156] ? __pfx_warn_alloc+0x10/0x10 [ 110.164360][ T6156] ? alloc_pages_mpol+0x25a/0x540 [ 110.164398][ T6156] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 110.164436][ T6156] ? trace_kmalloc+0x2b/0xd0 [ 110.164484][ T6156] __vmalloc_node_range_noprof+0x12d2/0x1540 [ 110.164546][ T6156] ? __snd_dma_alloc_pages+0x50/0x90 [ 110.164585][ T6156] ? do_alloc_pages+0xd7/0x280 [ 110.164615][ T6156] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 110.164668][ T6156] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 110.164714][ T6156] ? __snd_dma_alloc_pages+0x50/0x90 [ 110.164749][ T6156] vmalloc_noprof+0x6b/0x90 [ 110.164798][ T6156] ? __snd_dma_alloc_pages+0x50/0x90 [ 110.164837][ T6156] ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10 [ 110.164873][ T6156] __snd_dma_alloc_pages+0x50/0x90 [ 110.164907][ T6156] snd_dma_alloc_dir_pages+0x151/0x240 [ 110.164945][ T6156] do_alloc_pages+0x115/0x280 [ 110.164979][ T6156] snd_pcm_lib_malloc_pages+0x3df/0x980 [ 110.165023][ T6156] snd_pcm_hw_params+0x15e1/0x1b40 [ 110.165060][ T6156] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 110.165093][ T6156] ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0 [ 110.165148][ T6156] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 110.165206][ T6156] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 110.165241][ T6156] snd_pcm_oss_change_params_locked+0x1432/0x3b40 [ 110.165307][ T6156] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 110.165361][ T6156] ? snd_pcm_oss_sync+0x30c/0x840 [ 110.165422][ T6156] ? irqentry_exit+0x3b/0x90 [ 110.165461][ T6156] ? lockdep_hardirqs_on+0x7c/0x110 [ 110.165503][ T6156] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 110.165556][ T6156] snd_pcm_oss_sync+0x32e/0x840 [ 110.165606][ T6156] ? snd_pcm_oss_release+0x65/0x310 [ 110.165656][ T6156] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 110.165707][ T6156] snd_pcm_oss_release+0x28b/0x310 [ 110.165758][ T6156] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 110.165816][ T6156] __fput+0x3ff/0xb70 [ 110.165860][ T6156] task_work_run+0x14d/0x240 [ 110.165898][ T6156] ? __pfx_task_work_run+0x10/0x10 [ 110.165936][ T6156] ? __pfx___do_sys_close_range+0x10/0x10 [ 110.165968][ T6156] ? rcu_is_watching+0x12/0xc0 [ 110.166013][ T6156] syscall_exit_to_user_mode+0x27b/0x2a0 [ 110.166056][ T6156] do_syscall_64+0xda/0x260 [ 110.166100][ T6156] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.166132][ T6156] RIP: 0033:0x7f943b38d169 [ 110.166157][ T6156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 110.166187][ T6156] RSP: 002b:00007f943c1d1038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 110.166216][ T6156] RAX: 0000000000000000 RBX: 00007f943b5a5fa0 RCX: 00007f943b38d169 [ 110.166236][ T6156] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 110.166253][ T6156] RBP: 00007f943b40e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 110.166270][ T6156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 110.166287][ T6156] R13: 0000000000000000 R14: 00007f943b5a5fa0 R15: 00007ffd8dd5ca48 [ 110.166318][ T6156] [ 110.166413][ T6156] Mem-Info: [ 110.540723][ T6156] active_anon:9796 inactive_anon:0 isolated_anon:0 [ 110.540723][ T6156] active_file:11318 inactive_file:38310 isolated_file:0 [ 110.540723][ T6156] unevictable:768 dirty:407 writeback:0 [ 110.540723][ T6156] slab_reclaimable:10428 slab_unreclaimable:94059 [ 110.540723][ T6156] mapped:23749 shmem:1425 pagetables:835 [ 110.540723][ T6156] sec_pagetables:0 bounce:0 [ 110.540723][ T6156] kernel_misc_reclaimable:0 [ 110.540723][ T6156] free:1342689 free_pcp:1624 free_cma:0 [ 110.708975][ T6156] Node 0 active_anon:38884kB inactive_anon:0kB active_file:45272kB inactive_file:153164kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:94896kB dirty:1628kB writeback:0kB shmem:4164kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10512kB pagetables:3040kB sec_pagetables:0kB all_unreclaimable? no [ 110.781269][ T6156] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 110.813513][ T6156] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 110.841123][ T6156] lowmem_reserve[]: 0 2484 2486 2486 2486 [ 110.846979][ T6156] Node 0 DMA32 free:1451012kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB active_anon:38940kB inactive_anon:0kB active_file:45272kB inactive_file:151332kB unevictable:1536kB writepending:1628kB present:3129332kB managed:2544032kB mlocked:0kB bounce:0kB free_pcp:1928kB local_pcp:876kB free_cma:0kB [ 110.940389][ T6156] lowmem_reserve[]: 0 0 1 1 1 [ 110.945236][ T6156] Node 0 Normal free:16kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1832kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 111.170740][ T6156] lowmem_reserve[]: 0 0 0 0 0 [ 111.175626][ T6156] Node 1 Normal free:3910132kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 111.205144][ T6156] lowmem_reserve[]: 0 0 0 0 0 [ 111.222832][ T6156] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 111.255415][ T6169] ======================================================= [ 111.255415][ T6169] WARNING: The mand mount option has been deprecated and [ 111.255415][ T6169] and is ignored by this kernel. Remove the mand [ 111.255415][ T6169] option from the mount to silence this warning. [ 111.255415][ T6169] ======================================================= [ 111.429001][ T6168] snd_aloop snd_aloop.0: control 16781581:65535:6:'x?F/zF˷fC:8 is already present [ 111.456712][ T6156] Node 0 DMA32: 833*4kB (UME) 645*8kB (UME) 820*16kB (UME) 695*32kB (UME) 514*64kB (UME) 201*128kB (UME) 129*256kB (UME) 64*512kB (UME) 21*1024kB (UME) 8*2048kB (UM) 303*4096kB (UM) = 1447244kB [ 111.508778][ T6156] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 111.557331][ T6156] Node 1 Normal: 121*4kB (UE) 48*8kB (UME) 45*16kB (UME) 192*32kB (UME) 105*64kB (UME) 25*128kB (UME) 15*256kB (UME) 7*512kB (UM) 4*1024kB (UME) 3*2048kB (UE) 946*4096kB (M) = 3910132kB [ 111.580077][ T6156] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 111.592769][ T6156] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 111.604054][ T6156] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 111.616514][ T6156] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 111.661226][ T6156] 51445 total pagecache pages [ 111.665991][ T6156] 16 pages in swap cache [ 111.670424][ T6156] Free swap = 122560kB [ 111.674623][ T6156] Total swap = 124996kB [ 111.679297][ T6156] 2097051 pages RAM [ 111.683154][ T6156] 0 pages HighMem/MovableOnly [ 111.687866][ T6156] 428937 pages reserved [ 111.692238][ T6156] 0 pages cma reserved [ 111.768982][ T56] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 112.254664][ T6190] mmap: syz.0.57 (6190) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 118.369092][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 119.109040][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 119.462696][ T6290] netlink: 'syz.2.75': attribute type 4 has an invalid length. [ 121.022233][ T56] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 121.121510][ T30] audit: type=1800 audit(6038298317.943:2): pid=6314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.80" name="dbroot" dev="configfs" ino=8676 res=0 errno=0 [ 121.853105][ T56] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 122.512872][ T6330] netlink: 544 bytes leftover after parsing attributes in process `syz.2.83'. [ 129.067349][ T56] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 131.683293][ T56] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 132.090884][ T6442] netlink: 4 bytes leftover after parsing attributes in process `syz.1.103'. [ 133.666070][ T56] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 134.061130][ T6460] FAULT_INJECTION: forcing a failure. [ 134.061130][ T6460] name failslab, interval 1, probability 0, space 0, times 0 [ 134.087530][ T6460] CPU: 0 UID: 0 PID: 6460 Comm: syz.2.109 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 134.087577][ T6460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 134.087597][ T6460] Call Trace: [ 134.087607][ T6460] [ 134.087619][ T6460] dump_stack_lvl+0x16c/0x1f0 [ 134.087668][ T6460] should_fail_ex+0x512/0x640 [ 134.087700][ T6460] ? fs_reclaim_acquire+0xae/0x150 [ 134.087749][ T6460] should_failslab+0xc2/0x120 [ 134.087786][ T6460] __kmalloc_cache_noprof+0x6a/0x3e0 [ 134.087836][ T6460] ? hub_ext_port_status+0x5e/0x670 [ 134.087874][ T6460] ? usb_control_msg+0xbc/0x4a0 [ 134.087923][ T6460] usb_control_msg+0xbc/0x4a0 [ 134.087969][ T6460] ? __pfx_usb_control_msg+0x10/0x10 [ 134.088023][ T6460] hub_ext_port_status+0x14e/0x670 [ 134.088074][ T6460] hub_activate+0x6e5/0x1be0 [ 134.088127][ T6460] ? __pfx_hub_activate+0x10/0x10 [ 134.088170][ T6460] ? find_held_lock+0x2b/0x80 [ 134.088211][ T6460] ? do_proc_control+0x5a0/0x10a0 [ 134.088252][ T6460] ? usbfs_notify_resume+0x25/0xf0 [ 134.088301][ T6460] hub_resume+0xa8/0x3f0 [ 134.088346][ T6460] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 134.088390][ T6460] ? __pfx_hub_resume+0x10/0x10 [ 134.088437][ T6460] ? __pfx_hcd_bus_resume+0x10/0x10 [ 134.088487][ T6460] usb_resume_interface.constprop.0.isra.0+0x2c2/0x3e0 [ 134.088527][ T6460] usb_resume_both+0x273/0x800 [ 134.088562][ T6460] ? __pfx_usb_resume_both+0x10/0x10 [ 134.088597][ T6460] ? __pfx_usb_runtime_resume+0x10/0x10 [ 134.088637][ T6460] ? __pfx_usb_runtime_resume+0x10/0x10 [ 134.088673][ T6460] __rpm_callback+0xc5/0x610 [ 134.088713][ T6460] ? __pfx_usb_runtime_resume+0x10/0x10 [ 134.088750][ T6460] rpm_callback+0x1b7/0x200 [ 134.088787][ T6460] ? __pfx_usb_runtime_resume+0x10/0x10 [ 134.088823][ T6460] rpm_resume+0xd0a/0x1310 [ 134.088861][ T6460] ? trace_contention_end+0xd1/0x130 [ 134.088903][ T6460] ? __pfx_rpm_resume+0x10/0x10 [ 134.088942][ T6460] ? do_raw_spin_lock+0x12c/0x2b0 [ 134.088978][ T6460] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 134.089025][ T6460] __pm_runtime_resume+0xb6/0x170 [ 134.089068][ T6460] usb_autoresume_device+0x23/0xe0 [ 134.089107][ T6460] usbdev_open+0x228/0x8b0 [ 134.089145][ T6460] ? do_raw_spin_lock+0x12c/0x2b0 [ 134.089180][ T6460] ? __pfx_usbdev_open+0x10/0x10 [ 134.089218][ T6460] ? chrdev_open+0x58c/0x6a0 [ 134.089252][ T6460] ? __pfx_usbdev_open+0x10/0x10 [ 134.089289][ T6460] chrdev_open+0x231/0x6a0 [ 134.089320][ T6460] ? __pfx_chrdev_open+0x10/0x10 [ 134.089373][ T6460] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 134.089431][ T6460] do_dentry_open+0x741/0x1c10 [ 134.089488][ T6460] ? __pfx_chrdev_open+0x10/0x10 [ 134.089525][ T6460] vfs_open+0x82/0x3f0 [ 134.089565][ T6460] path_openat+0x1e5e/0x2d40 [ 134.089605][ T6460] ? __pfx_path_openat+0x10/0x10 [ 134.089640][ T6460] do_filp_open+0x20b/0x470 [ 134.089667][ T6460] ? __pfx_do_filp_open+0x10/0x10 [ 134.089718][ T6460] ? alloc_fd+0x471/0x7d0 [ 134.089776][ T6460] do_sys_openat2+0x11b/0x1d0 [ 134.089812][ T6460] ? __pfx_do_sys_openat2+0x10/0x10 [ 134.089862][ T6460] __x64_sys_openat+0x174/0x210 [ 134.089902][ T6460] ? __pfx___x64_sys_openat+0x10/0x10 [ 134.089943][ T6460] ? rcu_is_watching+0x12/0xc0 [ 134.089990][ T6460] do_syscall_64+0xcd/0x260 [ 134.090034][ T6460] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.090065][ T6460] RIP: 0033:0x7f943b38d169 [ 134.090089][ T6460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 134.090130][ T6460] RSP: 002b:00007f943c1d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 134.090159][ T6460] RAX: ffffffffffffffda RBX: 00007f943b5a5fa0 RCX: 00007f943b38d169 [ 134.090180][ T6460] RDX: 00000000000c8842 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 134.090200][ T6460] RBP: 00007f943b40e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 134.090218][ T6460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 134.090235][ T6460] R13: 0000000000000000 R14: 00007f943b5a5fa0 R15: 00007ffd8dd5ca48 [ 134.090269][ T6460] [ 134.540676][ T6460] hub 38-0:1.0: hub_ext_port_status failed (err = -12) [ 137.693963][ T6520] netlink: 334 bytes leftover after parsing attributes in process `syz.0.118'. [ 137.748933][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 138.103278][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.110042][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.218974][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 139.704169][ T6547] FAULT_INJECTION: forcing a failure. [ 139.704169][ T6547] name failslab, interval 1, probability 0, space 0, times 0 [ 139.728846][ T6547] CPU: 0 UID: 0 PID: 6547 Comm: syz.0.124 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 139.728891][ T6547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 139.728910][ T6547] Call Trace: [ 139.728937][ T6547] [ 139.728949][ T6547] dump_stack_lvl+0x16c/0x1f0 [ 139.728996][ T6547] should_fail_ex+0x512/0x640 [ 139.729029][ T6547] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 139.729083][ T6547] should_failslab+0xc2/0x120 [ 139.729121][ T6547] __kmalloc_cache_noprof+0x6a/0x3e0 [ 139.729172][ T6547] ? snd_seq_create_port+0xf7/0xad0 [ 139.729220][ T6547] snd_seq_create_port+0xf7/0xad0 [ 139.729270][ T6547] snd_seq_ioctl_create_port+0x253/0x950 [ 139.729314][ T6547] ? __pfx_snd_seq_ioctl_create_port+0x10/0x10 [ 139.729359][ T6547] ? kasan_save_stack+0x42/0x60 [ 139.729389][ T6547] ? kasan_save_stack+0x33/0x60 [ 139.729417][ T6547] ? kasan_save_track+0x14/0x30 [ 139.729451][ T6547] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 139.729502][ T6547] create_port+0x197/0x260 [ 139.729546][ T6547] ? __pfx_create_port+0x10/0x10 [ 139.729597][ T6547] ? __pfx_snd_seq_oss_event_input+0x10/0x10 [ 139.729659][ T6547] ? __pfx_free_devinfo+0x10/0x10 [ 139.729726][ T6547] ? mark_held_locks+0x49/0x80 [ 139.729778][ T6547] ? _raw_spin_unlock_irq+0x23/0x50 [ 139.729817][ T6547] snd_seq_oss_open+0x36c/0xa20 [ 139.729868][ T6547] odev_open+0x6f/0x90 [ 139.729908][ T6547] ? __pfx_odev_open+0x10/0x10 [ 139.729951][ T6547] soundcore_open+0x409/0x580 [ 139.729994][ T6547] ? __pfx_soundcore_open+0x10/0x10 [ 139.730034][ T6547] chrdev_open+0x231/0x6a0 [ 139.730065][ T6547] ? __pfx_apparmor_file_open+0x10/0x10 [ 139.730115][ T6547] ? __pfx_chrdev_open+0x10/0x10 [ 139.730147][ T6547] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 139.730203][ T6547] do_dentry_open+0x741/0x1c10 [ 139.730252][ T6547] ? __pfx_chrdev_open+0x10/0x10 [ 139.730288][ T6547] vfs_open+0x82/0x3f0 [ 139.730326][ T6547] path_openat+0x1e5e/0x2d40 [ 139.730363][ T6547] ? __pfx_path_openat+0x10/0x10 [ 139.730400][ T6547] do_filp_open+0x20b/0x470 [ 139.730428][ T6547] ? __pfx_do_filp_open+0x10/0x10 [ 139.730476][ T6547] ? alloc_fd+0x471/0x7d0 [ 139.730533][ T6547] do_sys_openat2+0x11b/0x1d0 [ 139.730570][ T6547] ? __pfx_do_sys_openat2+0x10/0x10 [ 139.730608][ T6547] ? do_raw_spin_unlock+0x172/0x230 [ 139.730662][ T6547] __x64_sys_openat+0x174/0x210 [ 139.730701][ T6547] ? __pfx___x64_sys_openat+0x10/0x10 [ 139.730742][ T6547] ? rcu_is_watching+0x12/0xc0 [ 139.730787][ T6547] do_syscall_64+0xcd/0x260 [ 139.730831][ T6547] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.730862][ T6547] RIP: 0033:0x7f7e3778d169 [ 139.730885][ T6547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.730915][ T6547] RSP: 002b:00007f7e38688038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 139.730945][ T6547] RAX: ffffffffffffffda RBX: 00007f7e379a5fa0 RCX: 00007f7e3778d169 [ 139.730965][ T6547] RDX: 0000000000000080 RSI: 0000200000000500 RDI: ffffffffffffff9c [ 139.730983][ T6547] RBP: 00007f7e3780e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 139.731001][ T6547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 139.731019][ T6547] R13: 0000000000000000 R14: 00007f7e379a5fa0 R15: 00007ffe535b0318 [ 139.731051][ T6547] [ 139.731064][ T6547] ALSA: seq_oss: can't create port [ 140.622014][ T6557] netlink: 28 bytes leftover after parsing attributes in process `syz.0.125'. [ 140.842932][ T6557] team0: Port device team_slave_0 removed [ 145.065109][ T6607] FAULT_INJECTION: forcing a failure. [ 145.065109][ T6607] name failslab, interval 1, probability 0, space 0, times 0 [ 145.233041][ T6607] CPU: 1 UID: 0 PID: 6607 Comm: syz.2.134 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 145.233089][ T6607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 145.233108][ T6607] Call Trace: [ 145.233118][ T6607] [ 145.233130][ T6607] dump_stack_lvl+0x16c/0x1f0 [ 145.233177][ T6607] should_fail_ex+0x512/0x640 [ 145.233209][ T6607] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 145.233263][ T6607] should_failslab+0xc2/0x120 [ 145.233299][ T6607] __kmalloc_cache_noprof+0x6a/0x3e0 [ 145.233349][ T6607] ? lockdep_init_map_type+0x5c/0x280 [ 145.233379][ T6607] ? snd_seq_prioq_new+0x3f/0x110 [ 145.233418][ T6607] snd_seq_prioq_new+0x3f/0x110 [ 145.233452][ T6607] snd_seq_queue_alloc+0x153/0x550 [ 145.233487][ T6607] snd_seq_ioctl_create_queue+0xa9/0x380 [ 145.233528][ T6607] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 145.233578][ T6607] alloc_seq_queue+0xda/0x180 [ 145.233622][ T6607] ? __pfx_alloc_seq_queue+0x10/0x10 [ 145.233685][ T6607] ? mark_held_locks+0x49/0x80 [ 145.233734][ T6607] ? _raw_spin_unlock_irq+0x23/0x50 [ 145.233772][ T6607] snd_seq_oss_open+0x38c/0xa20 [ 145.233823][ T6607] odev_open+0x6f/0x90 [ 145.233862][ T6607] ? __pfx_odev_open+0x10/0x10 [ 145.233903][ T6607] soundcore_open+0x409/0x580 [ 145.233944][ T6607] ? __pfx_soundcore_open+0x10/0x10 [ 145.233983][ T6607] chrdev_open+0x231/0x6a0 [ 145.234014][ T6607] ? __pfx_apparmor_file_open+0x10/0x10 [ 145.234057][ T6607] ? __pfx_chrdev_open+0x10/0x10 [ 145.234091][ T6607] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 145.234149][ T6607] do_dentry_open+0x741/0x1c10 [ 145.234201][ T6607] ? __pfx_chrdev_open+0x10/0x10 [ 145.234238][ T6607] vfs_open+0x82/0x3f0 [ 145.234277][ T6607] path_openat+0x1e5e/0x2d40 [ 145.234316][ T6607] ? __pfx_path_openat+0x10/0x10 [ 145.234353][ T6607] do_filp_open+0x20b/0x470 [ 145.234382][ T6607] ? __pfx_do_filp_open+0x10/0x10 [ 145.234432][ T6607] ? alloc_fd+0x471/0x7d0 [ 145.234490][ T6607] do_sys_openat2+0x11b/0x1d0 [ 145.234526][ T6607] ? __pfx_do_sys_openat2+0x10/0x10 [ 145.234565][ T6607] ? do_raw_spin_unlock+0x172/0x230 [ 145.234608][ T6607] __x64_sys_openat+0x174/0x210 [ 145.234647][ T6607] ? __pfx___x64_sys_openat+0x10/0x10 [ 145.234687][ T6607] ? rcu_is_watching+0x12/0xc0 [ 145.234734][ T6607] do_syscall_64+0xcd/0x260 [ 145.234778][ T6607] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.234811][ T6607] RIP: 0033:0x7f943b38d169 [ 145.234836][ T6607] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 145.234867][ T6607] RSP: 002b:00007f943c1d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 145.234896][ T6607] RAX: ffffffffffffffda RBX: 00007f943b5a5fa0 RCX: 00007f943b38d169 [ 145.234916][ T6607] RDX: 0000000000000080 RSI: 0000200000000500 RDI: ffffffffffffff9c [ 145.234935][ T6607] RBP: 00007f943b40e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 145.234952][ T6607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 145.234970][ T6607] R13: 0000000000000000 R14: 00007f943b5a5fa0 R15: 00007ffd8dd5ca48 [ 145.235003][ T6607] [ 148.573883][ T6659] FAULT_INJECTION: forcing a failure. [ 148.573883][ T6659] name failslab, interval 1, probability 0, space 0, times 0 [ 148.597354][ T6659] CPU: 0 UID: 0 PID: 6659 Comm: syz.0.144 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 148.597396][ T6659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 148.597414][ T6659] Call Trace: [ 148.597422][ T6659] [ 148.597434][ T6659] dump_stack_lvl+0x16c/0x1f0 [ 148.597480][ T6659] should_fail_ex+0x512/0x640 [ 148.597518][ T6659] should_failslab+0xc2/0x120 [ 148.597556][ T6659] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 148.597590][ T6659] ? dst_alloc+0x99/0x1a0 [ 148.597625][ T6659] dst_alloc+0x99/0x1a0 [ 148.597658][ T6659] rt_dst_alloc+0x35/0x3a0 [ 148.597701][ T6659] ip_route_output_key_hash_rcu+0x87a/0x28f0 [ 148.597760][ T6659] ip_route_output_key_hash+0x137/0x2e0 [ 148.597812][ T6659] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 148.597864][ T6659] ? kasan_save_stack+0x42/0x60 [ 148.597891][ T6659] ? kasan_save_stack+0x33/0x60 [ 148.597931][ T6659] ? sctp_process_init+0x27f6/0x2e20 [ 148.597975][ T6659] ? sctp_sf_do_unexpected_init.isra.0+0x967/0x16f0 [ 148.598018][ T6659] ? sctp_do_sm+0x17e/0x5c80 [ 148.598048][ T6659] ? sctp_assoc_bh_rcv+0x392/0x6f0 [ 148.598093][ T6659] ? sctp_inq_push+0x1d8/0x270 [ 148.598140][ T6659] ? sctp_backlog_rcv+0x169/0x590 [ 148.598174][ T6659] ? __release_sock+0x35f/0x400 [ 148.598213][ T6659] ip_route_output_flow+0x27/0x150 [ 148.598244][ T6659] sctp_v4_get_dst+0x41e/0x1340 [ 148.598298][ T6659] ? __pfx_sctp_v4_get_dst+0x10/0x10 [ 148.598352][ T6659] ? lockdep_hardirqs_on+0x7c/0x110 [ 148.598389][ T6659] ? percpu_counter_add_batch+0xb8/0x1f0 [ 148.598446][ T6659] ? sctp_transport_pmtu+0x329/0x7a0 [ 148.598475][ T6659] sctp_transport_pmtu+0x329/0x7a0 [ 148.598506][ T6659] ? __pfx_sctp_transport_pmtu+0x10/0x10 [ 148.598536][ T6659] ? __pfx_sctp_generate_proto_unreach_event+0x10/0x10 [ 148.598572][ T6659] ? lockdep_init_map_type+0x5c/0x280 [ 148.598608][ T6659] sctp_transport_route+0x164/0x350 [ 148.598663][ T6659] sctp_assoc_add_peer+0x741/0x1550 [ 148.598724][ T6659] sctp_process_init+0x27f6/0x2e20 [ 148.598777][ T6659] ? __pfx_sctp_process_init+0x10/0x10 [ 148.598836][ T6659] ? sctp_bind_addr_copy+0xe0/0x530 [ 148.598875][ T6659] ? sctp_bind_addr_copy+0x23a/0x530 [ 148.598926][ T6659] sctp_sf_do_unexpected_init.isra.0+0x967/0x16f0 [ 148.598977][ T6659] ? __pfx_sctp_sf_do_unexpected_init.isra.0+0x10/0x10 [ 148.599022][ T6659] ? __pfx_sctp_sm_lookup_event+0x10/0x10 [ 148.599071][ T6659] ? arch_stack_walk+0xa6/0x100 [ 148.599119][ T6659] ? __pfx_sctp_cname+0x10/0x10 [ 148.599157][ T6659] sctp_do_sm+0x17e/0x5c80 [ 148.599194][ T6659] ? __pfx_stack_trace_save+0x10/0x10 [ 148.599239][ T6659] ? __pfx_sctp_do_sm+0x10/0x10 [ 148.599267][ T6659] ? check_path.constprop.0+0x24/0x50 [ 148.599349][ T6659] ? ktime_get+0x200/0x310 [ 148.599393][ T6659] ? lockdep_hardirqs_on+0x7c/0x110 [ 148.599435][ T6659] sctp_assoc_bh_rcv+0x392/0x6f0 [ 148.599488][ T6659] sctp_inq_push+0x1d8/0x270 [ 148.599538][ T6659] sctp_backlog_rcv+0x169/0x590 [ 148.599587][ T6659] ? __pfx_sctp_backlog_rcv+0x10/0x10 [ 148.599630][ T6659] __release_sock+0x35f/0x400 [ 148.599668][ T6659] ? lockdep_hardirqs_on+0x7c/0x110 [ 148.599710][ T6659] release_sock+0x5a/0x220 [ 148.599748][ T6659] sctp_wait_for_connect+0x1c4/0x5c0 [ 148.599798][ T6659] ? __pfx_sctp_wait_for_connect+0x10/0x10 [ 148.599843][ T6659] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 148.599894][ T6659] ? __pfx_autoremove_wake_function+0x10/0x10 [ 148.599955][ T6659] ? sctp_primitive_ASSOCIATE+0x9c/0xd0 [ 148.599992][ T6659] __sctp_connect+0x9c7/0xc60 [ 148.600024][ T6659] ? do_raw_spin_lock+0x12c/0x2b0 [ 148.600084][ T6659] ? __pfx___sctp_connect+0x10/0x10 [ 148.600116][ T6659] ? __pfx_sctp_inet_connect+0x10/0x10 [ 148.600148][ T6659] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 148.600184][ T6659] ? __pfx_sctp_inet_connect+0x10/0x10 [ 148.600213][ T6659] sctp_inet_connect+0x15f/0x200 [ 148.600244][ T6659] __sys_connect_file+0x13e/0x1a0 [ 148.600278][ T6659] __sys_connect+0x14d/0x170 [ 148.600307][ T6659] ? __pfx___sys_connect+0x10/0x10 [ 148.600348][ T6659] ? rcu_is_watching+0x12/0xc0 [ 148.600391][ T6659] __x64_sys_connect+0x72/0xb0 [ 148.600419][ T6659] ? lockdep_hardirqs_on+0x7c/0x110 [ 148.600456][ T6659] do_syscall_64+0xcd/0x260 [ 148.600498][ T6659] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.600530][ T6659] RIP: 0033:0x7f7e3778d169 [ 148.600557][ T6659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.600587][ T6659] RSP: 002b:00007f7e38688038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 148.600618][ T6659] RAX: ffffffffffffffda RBX: 00007f7e379a5fa0 RCX: 00007f7e3778d169 [ 148.600639][ T6659] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 148.600658][ T6659] RBP: 00007f7e3780e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 148.600676][ T6659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 148.600694][ T6659] R13: 0000000000000000 R14: 00007f7e379a5fa0 R15: 00007ffe535b0318 [ 148.600728][ T6659] [ 149.879066][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 149.985536][ T56] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 150.753748][ T6677] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 150.774206][ T6677] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 151.573065][ T6689] syz.3.150 uses obsolete (PF_INET,SOCK_PACKET) [ 151.695081][ T6690] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 152.937941][ T6715] netlink: 7 bytes leftover after parsing attributes in process `syz.1.154'. [ 153.740255][ T6726] netlink: 20 bytes leftover after parsing attributes in process `syz.3.158'. [ 154.202525][ T6732] overlayfs: "check_copy_up" module option is obsolete [ 154.931823][ T6749] FAULT_INJECTION: forcing a failure. [ 154.931823][ T6749] name failslab, interval 1, probability 0, space 0, times 0 [ 154.945694][ T6749] CPU: 0 UID: 0 PID: 6749 Comm: syz.3.163 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 154.945739][ T6749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 154.945757][ T6749] Call Trace: [ 154.945765][ T6749] [ 154.945777][ T6749] dump_stack_lvl+0x16c/0x1f0 [ 154.945823][ T6749] should_fail_ex+0x512/0x640 [ 154.945854][ T6749] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 154.945890][ T6749] should_failslab+0xc2/0x120 [ 154.945925][ T6749] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 154.945959][ T6749] ? sock_alloc_inode+0x25/0x1c0 [ 154.946007][ T6749] ? __pfx_sock_alloc_inode+0x10/0x10 [ 154.946051][ T6749] sock_alloc_inode+0x25/0x1c0 [ 154.946106][ T6749] alloc_inode+0x61/0x240 [ 154.946147][ T6749] sock_alloc+0x40/0x280 [ 154.946187][ T6749] __sock_create+0xc1/0x8d0 [ 154.946239][ T6749] __sys_socket+0x14d/0x260 [ 154.946287][ T6749] ? __pfx___sys_socket+0x10/0x10 [ 154.946348][ T6749] ? rcu_is_watching+0x12/0xc0 [ 154.946390][ T6749] __x64_sys_socket+0x72/0xb0 [ 154.946435][ T6749] ? lockdep_hardirqs_on+0x7c/0x110 [ 154.946470][ T6749] do_syscall_64+0xcd/0x260 [ 154.946511][ T6749] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.946541][ T6749] RIP: 0033:0x7f42bcd8d169 [ 154.946565][ T6749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.946593][ T6749] RSP: 002b:00007f42bdb97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 154.946622][ T6749] RAX: ffffffffffffffda RBX: 00007f42bcfa5fa0 RCX: 00007f42bcd8d169 [ 154.946641][ T6749] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000002a [ 154.946657][ T6749] RBP: 00007f42bce0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 154.946674][ T6749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 154.946692][ T6749] R13: 0000000000000000 R14: 00007f42bcfa5fa0 R15: 00007fffa55027f8 [ 154.946723][ T6749] [ 154.946737][ T6749] socket: no more sockets [ 155.191407][ T6749] netlink: 4 bytes leftover after parsing attributes in process `syz.3.163'. [ 155.324367][ T56] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 159.090650][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! syzkaller syzkaller login: [ 160.489846][ T6830] vivid-007: ================= START STATUS ================= [ 160.497841][ T6830] vivid-007: Generate PTS: true [ 160.504023][ T6830] vivid-007: Generate SCR: true [ 160.512379][ T6830] tpg source WxH: 640x360 (Y'CbCr) [ 160.518438][ T6830] tpg field: 1 [ 160.532699][ T6830] tpg crop: (0,0)/640x360 [ 160.538710][ T6830] tpg compose: (0,0)/640x360 [ 160.563690][ T6830] tpg colorspace: 8 [ 160.567575][ T6830] tpg transfer function: 0/0 [ 160.580413][ T6830] tpg Y'CbCr encoding: 0/0 [ 160.584888][ T6830] tpg quantization: 0/0 [ 160.619198][ T6830] tpg RGB range: 0/2 [ 160.623176][ T6830] vivid-007: ================== END STATUS ================== [ 162.286008][ T6877] netlink: 28 bytes leftover after parsing attributes in process `syz.1.190'. [ 162.332376][ T6881] netlink: 8 bytes leftover after parsing attributes in process `syz.2.192'. [ 162.394001][ T6885] netlink: 12 bytes leftover after parsing attributes in process `syz.3.193'. [ 163.759428][ T6918] netlink: 8 bytes leftover after parsing attributes in process `syz.2.199'. [ 166.622547][ T6954] netlink: zone id is out of range [ 166.627826][ T6954] netlink: zone id is out of range [ 166.772786][ T6954] netlink: zone id is out of range [ 166.778156][ T6954] netlink: zone id is out of range [ 166.844136][ T6954] netlink: zone id is out of range [ 166.865187][ T6946] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 166.872160][ T6946] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 166.880571][ T6946] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 166.886716][ T6946] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 166.915527][ T6954] netlink: zone id is out of range [ 166.959828][ T6954] netlink: zone id is out of range [ 166.965025][ T6954] netlink: zone id is out of range [ 167.075285][ T6954] netlink: zone id is out of range [ 167.110610][ T6954] netlink: zone id is out of range [ 167.639543][ T5850] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 168.258899][ T6977] tipc: Started in network mode [ 168.267739][ T6977] tipc: Node identity ee00, cluster identity 4711 [ 168.295161][ T6977] tipc: Node number set to 60928 [ 168.339116][ T5850] Bluetooth: hci0: command 0x0c1a tx timeout [ 168.898857][ T56] Bluetooth: hci2: command 0x0c1a tx timeout [ 168.904966][ T56] Bluetooth: hci1: command 0x0c1a tx timeout [ 168.911710][ T5850] Bluetooth: hci3: command 0x0c1a tx timeout [ 168.965880][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 169.129472][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 169.862888][ T56] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 170.699448][ T56] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 173.391901][ T56] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 173.419322][ T7135] netlink: 28 bytes leftover after parsing attributes in process `syz.3.237'. [ 173.438981][ T7135] team_slave_0: entered allmulticast mode [ 174.114846][ T7152] netlink: 12 bytes leftover after parsing attributes in process `syz.1.246'. [ 174.451514][ T7159] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 176.338443][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 176.559441][ T56] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 180.780718][ T7260] netlink: 4 bytes leftover after parsing attributes in process `syz.3.269'. syzkaller syzkaller login: [ 182.730449][ T7284] netlink: 28 bytes leftover after parsing attributes in process `syz.1.274'. [ 183.180524][ T7294] usbip-vudc usbip-vudc.0: gadget not bound [ 183.249159][ T7291] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 183.255680][ T7291] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 183.262713][ T7291] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 183.294399][ T7291] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 185.302684][ T56] Bluetooth: hci3: command 0x0c1a tx timeout [ 185.312515][ T56] Bluetooth: hci2: command 0x0c1a tx timeout [ 185.318580][ T56] Bluetooth: hci1: command 0x0c1a tx timeout [ 185.325469][ T5850] Bluetooth: hci0: command 0x0c1a tx timeout [ 186.499439][ T7334] can: request_module (can-proto-0) failed. [ 186.523919][ T7335] can: request_module (can-proto-0) failed. [ 188.063586][ T7366] netlink: 342 bytes leftover after parsing attributes in process `syz.2.289'. [ 188.311813][ T56] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 190.017749][ T56] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 190.519457][ T7410] netlink: 4 bytes leftover after parsing attributes in process `syz.2.299'. [ 190.536989][ T7410] netlink: 25 bytes leftover after parsing attributes in process `syz.2.299'. [ 190.587188][ T7408] net_ratelimit: 77 callbacks suppressed [ 190.587214][ T7408] openvswitch: netlink: IP tunnel attribute has 5 unknown bytes. [ 190.882135][ T7418] netlink: 28 bytes leftover after parsing attributes in process `syz.2.301'. [ 191.633233][ T7445] random: crng reseeded on system resumption [ 192.013666][ T7448] FAULT_INJECTION: forcing a failure. [ 192.013666][ T7448] name failslab, interval 1, probability 0, space 0, times 0 [ 192.122263][ T7453] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 192.131956][ T7448] CPU: 0 UID: 0 PID: 7448 Comm: syz.1.307 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 192.131998][ T7448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 192.132014][ T7448] Call Trace: [ 192.132022][ T7448] [ 192.132036][ T7448] dump_stack_lvl+0x16c/0x1f0 [ 192.132079][ T7448] should_fail_ex+0x512/0x640 [ 192.132108][ T7448] ? fs_reclaim_acquire+0xae/0x150 [ 192.132152][ T7448] ? tomoyo_encode2+0x100/0x3e0 [ 192.132189][ T7448] should_failslab+0xc2/0x120 [ 192.132225][ T7448] __kmalloc_noprof+0xd2/0x510 [ 192.132267][ T7448] tomoyo_encode2+0x100/0x3e0 [ 192.132312][ T7448] tomoyo_encode+0x29/0x50 [ 192.132349][ T7448] tomoyo_realpath_from_path+0x18f/0x6e0 [ 192.132393][ T7448] ? tomoyo_profile+0x47/0x60 [ 192.132442][ T7448] tomoyo_path_number_perm+0x245/0x580 [ 192.132474][ T7448] ? tomoyo_path_number_perm+0x237/0x580 [ 192.132510][ T7448] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 192.132547][ T7448] ? find_held_lock+0x2b/0x80 [ 192.132611][ T7448] ? find_held_lock+0x2b/0x80 [ 192.132659][ T7448] ? hook_file_ioctl_common+0x145/0x410 [ 192.132696][ T7448] ? __fget_files+0x20e/0x3c0 [ 192.132729][ T7448] security_file_ioctl+0x9b/0x240 [ 192.132766][ T7448] __x64_sys_ioctl+0xb7/0x200 [ 192.132813][ T7448] do_syscall_64+0xcd/0x260 [ 192.132856][ T7448] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 192.132889][ T7448] RIP: 0033:0x7ff99678d169 [ 192.132913][ T7448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 192.132943][ T7448] RSP: 002b:00007ff99754b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 192.132978][ T7448] RAX: ffffffffffffffda RBX: 00007ff9969a5fa0 RCX: 00007ff99678d169 [ 192.133000][ T7448] RDX: 0000000000000038 RSI: 000000080000541b RDI: 0000000000000003 [ 192.133019][ T7448] RBP: 00007ff99754b090 R08: 0000000000000000 R09: 0000000000000000 [ 192.133039][ T7448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 192.133069][ T7448] R13: 0000000000000000 R14: 00007ff9969a5fa0 R15: 00007ffd86e5ab28 [ 192.133100][ T7448] [ 192.136597][ T7448] ERROR: Out of memory at tomoyo_realpath_from_path. [ 192.168903][ T7453] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 194.094444][ T7490] netlink: 28 bytes leftover after parsing attributes in process `syz.1.317'. [ 194.656083][ T30] audit: type=1800 audit(6038298503.486:3): pid=7497 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.319" name="dbroot" dev="configfs" ino=15498 res=0 errno=0 [ 194.685320][ T7497] db_root: cannot open: [ 195.971349][ T7519] can: request_module (can-proto-0) failed. [ 196.014487][ T7519] FAULT_INJECTION: forcing a failure. [ 196.014487][ T7519] name failslab, interval 1, probability 0, space 0, times 0 [ 196.027817][ T7519] CPU: 1 UID: 0 PID: 7519 Comm: syz.3.325 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 196.027859][ T7519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 196.027877][ T7519] Call Trace: [ 196.027886][ T7519] [ 196.027897][ T7519] dump_stack_lvl+0x16c/0x1f0 [ 196.027941][ T7519] should_fail_ex+0x512/0x640 [ 196.027972][ T7519] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 196.028009][ T7519] should_failslab+0xc2/0x120 [ 196.028044][ T7519] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 196.028075][ T7519] ? __alloc_skb+0x2b2/0x380 [ 196.028114][ T7519] __alloc_skb+0x2b2/0x380 [ 196.028147][ T7519] ? __pfx___alloc_skb+0x10/0x10 [ 196.028187][ T7519] ? __pfx___register_sysctl_table+0x10/0x10 [ 196.028235][ T7519] ? is_module_address+0x2a/0x50 [ 196.028268][ T7519] inet_netconf_notify_devconf+0x8b/0x1f0 [ 196.028314][ T7519] __devinet_sysctl_register+0x227/0x360 [ 196.028360][ T7519] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 196.028401][ T7519] ? trace_kmalloc+0x2b/0xd0 [ 196.028441][ T7519] ? devinet_init_net+0xeb/0x910 [ 196.028483][ T7519] ? __asan_memcpy+0x3c/0x60 [ 196.028532][ T7519] devinet_init_net+0x347/0x910 [ 196.028575][ T7519] ? __pfx_devinet_init_net+0x10/0x10 [ 196.028617][ T7519] ops_init+0x1df/0x5f0 [ 196.028661][ T7519] setup_net+0x21e/0x850 [ 196.028702][ T7519] ? __pfx_setup_net+0x10/0x10 [ 196.028740][ T7519] ? lockdep_init_map_type+0x5c/0x280 [ 196.028771][ T7519] ? __pfx_down_read_killable+0x10/0x10 [ 196.028820][ T7519] ? debug_mutex_init+0x37/0x70 [ 196.028860][ T7519] copy_net_ns+0x2a6/0x5f0 [ 196.028911][ T7519] create_new_namespaces+0x3ea/0xad0 [ 196.028979][ T7519] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 196.029027][ T7519] ksys_unshare+0x45b/0xa40 [ 196.029074][ T7519] ? __pfx_ksys_unshare+0x10/0x10 [ 196.029121][ T7519] ? xfd_validate_state+0x5d/0x180 [ 196.029157][ T7519] ? rcu_is_watching+0x12/0xc0 [ 196.029209][ T7519] __x64_sys_unshare+0x31/0x40 [ 196.029258][ T7519] do_syscall_64+0xcd/0x260 [ 196.029301][ T7519] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.029333][ T7519] RIP: 0033:0x7f42bcd8d169 [ 196.029357][ T7519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 196.029387][ T7519] RSP: 002b:00007f42bdb76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 196.029416][ T7519] RAX: ffffffffffffffda RBX: 00007f42bcfa6080 RCX: 00007f42bcd8d169 [ 196.029436][ T7519] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 196.029454][ T7519] RBP: 00007f42bce0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 196.029472][ T7519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 196.029490][ T7519] R13: 0000000000000000 R14: 00007f42bcfa6080 R15: 00007fffa55027f8 [ 196.029523][ T7519] [ 197.876089][ T56] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5 [ 199.545457][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.568576][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.625007][ T7574] netlink: 28 bytes leftover after parsing attributes in process `syz.1.337'. [ 200.634031][ T7584] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 200.660067][ T7584] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 200.864408][ T7566] kexec: Could not allocate control_code_buffer [ 202.979100][ T7617] netlink: 28 bytes leftover after parsing attributes in process `syz.2.348'. [ 203.651338][ T7629] netlink: 8 bytes leftover after parsing attributes in process `syz.1.352'. [ 203.802060][ T7633] netlink: 4 bytes leftover after parsing attributes in process `syz.2.353'. [ 204.328125][ T7642] FAULT_INJECTION: forcing a failure. [ 204.328125][ T7642] name failslab, interval 1, probability 0, space 0, times 0 [ 204.341027][ T7642] CPU: 0 UID: 0 PID: 7642 Comm: syz.1.357 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 204.341064][ T7642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 204.341080][ T7642] Call Trace: [ 204.341089][ T7642] [ 204.341099][ T7642] dump_stack_lvl+0x16c/0x1f0 [ 204.341139][ T7642] should_fail_ex+0x512/0x640 [ 204.341165][ T7642] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 204.341197][ T7642] should_failslab+0xc2/0x120 [ 204.341226][ T7642] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 204.341251][ T7642] ? __proc_create+0xc3/0x8c0 [ 204.341281][ T7642] ? __proc_create+0x2ce/0x8c0 [ 204.341315][ T7642] __proc_create+0x2ce/0x8c0 [ 204.341346][ T7642] ? __pfx___proc_create+0x10/0x10 [ 204.341385][ T7642] _proc_mkdir+0xb9/0x200 [ 204.341415][ T7642] ? __pfx__proc_mkdir+0x10/0x10 [ 204.341459][ T7642] ? trace_kmem_cache_alloc+0x28/0xc0 [ 204.341493][ T7642] ? crng_make_state+0x48e/0x6d0 [ 204.341524][ T7642] proc_net_ns_init+0x265/0x410 [ 204.341557][ T7642] ? __pfx_proc_net_ns_init+0x10/0x10 [ 204.341589][ T7642] ops_init+0x1df/0x5f0 [ 204.341623][ T7642] setup_net+0x21e/0x850 [ 204.341657][ T7642] ? __pfx_setup_net+0x10/0x10 [ 204.341690][ T7642] ? lockdep_init_map_type+0x5c/0x280 [ 204.341715][ T7642] ? __pfx_down_read_killable+0x10/0x10 [ 204.341756][ T7642] ? debug_mutex_init+0x37/0x70 [ 204.341789][ T7642] copy_net_ns+0x2a6/0x5f0 [ 204.341827][ T7642] create_new_namespaces+0x3ea/0xad0 [ 204.341869][ T7642] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 204.341908][ T7642] ksys_unshare+0x45b/0xa40 [ 204.341948][ T7642] ? __pfx_ksys_unshare+0x10/0x10 [ 204.341985][ T7642] ? xfd_validate_state+0x5d/0x180 [ 204.342015][ T7642] ? rcu_is_watching+0x12/0xc0 [ 204.342051][ T7642] __x64_sys_unshare+0x31/0x40 [ 204.342090][ T7642] do_syscall_64+0xcd/0x260 [ 204.342125][ T7642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.342152][ T7642] RIP: 0033:0x7ff99678d169 [ 204.342175][ T7642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 204.342204][ T7642] RSP: 002b:00007ff99754b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 204.342230][ T7642] RAX: ffffffffffffffda RBX: 00007ff9969a5fa0 RCX: 00007ff99678d169 [ 204.342247][ T7642] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 204.342263][ T7642] RBP: 00007ff99680e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 204.342279][ T7642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 204.342294][ T7642] R13: 0000000000000000 R14: 00007ff9969a5fa0 R15: 00007ffd86e5ab28 [ 204.342322][ T7642] [ 205.045765][ T56] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 206.103870][ T7685] netlink: 28 bytes leftover after parsing attributes in process `syz.3.365'. [ 208.648917][ T7744] netlink: 4 bytes leftover after parsing attributes in process `syz.3.378'. [ 209.082905][ T7764] netlink: 28 bytes leftover after parsing attributes in process `syz.1.384'. [ 209.888593][ T7785] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input6 [ 209.931218][ T7787] netlink: 28 bytes leftover after parsing attributes in process `syz.3.389'. [ 212.927590][ T7851] random: crng reseeded on system resumption [ 215.097908][ T7877] zswap: compressor not available [ 216.477614][ T7913] Invalid ELF header magic: != ELF [ 216.944923][ T30] audit: type=1807 audit(6038298541.776:4): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 216.991637][ T30] audit: type=1802 audit(6038298541.796:5): pid=7925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.1.415" res=0 errno=0 [ 217.269082][ T56] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 218.087235][ T7924] ima: policy update failed [ 218.142807][ T30] audit: type=1802 audit(6038298542.976:6): pid=7924 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.415" res=0 errno=0 [ 218.639325][ T7955] netlink: 8 bytes leftover after parsing attributes in process `syz.3.421'. [ 220.744005][ T7993] Invalid ELF header magic: != ELF [ 223.007419][ T8026] Invalid ELF header magic: != ELF [ 224.566578][ T8043] netlink: 'syz.2.442': attribute type 11 has an invalid length. [ 225.095180][ T8040] netlink: 334 bytes leftover after parsing attributes in process `syz.0.433'. [ 225.416909][ T8056] Invalid ELF header magic: != ELF [ 228.768553][ T8108] HfR: entered promiscuous mode [ 228.843609][ T8108] netlink: 12 bytes leftover after parsing attributes in process `syz.2.449'. [ 228.873908][ T8108] HfR: left promiscuous mode [ 229.775859][ T56] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 230.892428][ T56] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 234.978077][ T8228] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 235.489683][ T8230] FAULT_INJECTION: forcing a failure. [ 235.489683][ T8230] name failslab, interval 1, probability 0, space 0, times 0 [ 235.587345][ T8230] CPU: 1 UID: 0 PID: 8230 Comm: syz.1.472 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 235.587392][ T8230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 235.587411][ T8230] Call Trace: [ 235.587421][ T8230] [ 235.587432][ T8230] dump_stack_lvl+0x16c/0x1f0 [ 235.587480][ T8230] should_fail_ex+0x512/0x640 [ 235.587511][ T8230] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbd0 [ 235.587547][ T8230] should_failslab+0xc2/0x120 [ 235.587583][ T8230] kmem_cache_alloc_bulk_noprof+0x85/0xbd0 [ 235.587620][ T8230] ? trace_kmem_cache_alloc+0x28/0xc0 [ 235.587659][ T8230] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 235.587689][ T8230] ? register_lock_class+0x41/0x4c0 [ 235.587719][ T8230] ? mas_dup_build.constprop.0+0x5f3/0x1740 [ 235.587764][ T8230] ? mas_dup_build.constprop.0+0xc52/0x1740 [ 235.587804][ T8230] mas_dup_build.constprop.0+0xc52/0x1740 [ 235.587857][ T8230] __mt_dup+0xeb/0x1f0 [ 235.587894][ T8230] ? __pfx___mt_dup+0x10/0x10 [ 235.587947][ T8230] ? get_mm_exe_file+0x8a/0x1a0 [ 235.587998][ T8230] copy_process+0x7254/0x9130 [ 235.588041][ T8230] ? find_held_lock+0x2b/0x80 [ 235.588099][ T8230] ? __pfx_copy_process+0x10/0x10 [ 235.588142][ T8230] ? __pfx___futex_wait+0x10/0x10 [ 235.588197][ T8230] kernel_clone+0xfc/0x960 [ 235.588245][ T8230] ? __pfx_kernel_clone+0x10/0x10 [ 235.588305][ T8230] ? do_sys_openat2+0x1b0/0x1d0 [ 235.588350][ T8230] __do_sys_clone+0xce/0x120 [ 235.588396][ T8230] ? __pfx___do_sys_clone+0x10/0x10 [ 235.588457][ T8230] ? rcu_is_watching+0x12/0xc0 [ 235.588503][ T8230] do_syscall_64+0xcd/0x260 [ 235.588544][ T8230] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.588575][ T8230] RIP: 0033:0x7ff99678d169 [ 235.588599][ T8230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 235.588633][ T8230] RSP: 002b:00007ff99754afe8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 235.588661][ T8230] RAX: ffffffffffffffda RBX: 00007ff9969a5fa0 RCX: 00007ff99678d169 [ 235.588680][ T8230] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000001432a0091 [ 235.588696][ T8230] RBP: 00007ff99680e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 235.588712][ T8230] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 235.588728][ T8230] R13: 0000000000000000 R14: 00007ff9969a5fa0 R15: 00007ffd86e5ab28 [ 235.588760][ T8230] [ 236.289854][ T8243] netlink: 8 bytes leftover after parsing attributes in process `syz.1.477'. [ 236.976516][ T8257] Invalid ELF header magic: != ELF [ 237.112971][ T8257] netlink: 'syz.1.479': attribute type 2 has an invalid length. [ 238.101565][ T8287] block2mtd: illegal erase size [ 238.570472][ T8304] Invalid ELF header magic: != ELF [ 238.589923][ T8299] netlink: 544 bytes leftover after parsing attributes in process `syz.2.488'. [ 239.522044][ T8323] could not allocate digest TFM handle [ 239.953232][ T8320] netlink: 28 bytes leftover after parsing attributes in process `syz.1.495'. [ 240.763691][ T8362] tipc: Started in network mode [ 240.797469][ T8362] tipc: Node identity ee00, cluster identity 4711 [ 240.847556][ T8362] tipc: Node number set to 60928 [ 240.963965][ T8360] FAULT_INJECTION: forcing a failure. [ 240.963965][ T8360] name fail_futex, interval 1, probability 0, space 0, times 1 [ 241.016583][ T8360] CPU: 1 UID: 0 PID: 8360 Comm: syz.1.502 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 241.016628][ T8360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 241.016647][ T8360] Call Trace: [ 241.016657][ T8360] [ 241.016669][ T8360] dump_stack_lvl+0x16c/0x1f0 [ 241.016719][ T8360] should_fail_ex+0x512/0x640 [ 241.016763][ T8360] get_futex_key+0x49e/0x1000 [ 241.016812][ T8360] ? stack_trace_save+0x8e/0xc0 [ 241.016853][ T8360] ? __pfx_get_futex_key+0x10/0x10 [ 241.016898][ T8360] ? kasan_save_stack+0x42/0x60 [ 241.016927][ T8360] ? kasan_save_stack+0x33/0x60 [ 241.016954][ T8360] ? kasan_save_track+0x14/0x30 [ 241.016986][ T8360] ? __kasan_slab_alloc+0x89/0x90 [ 241.017017][ T8360] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 241.017047][ T8360] ? security_file_alloc+0x34/0x2b0 [ 241.017085][ T8360] ? init_file+0x93/0x4c0 [ 241.017118][ T8360] ? alloc_empty_file+0x73/0x1e0 [ 241.017160][ T8360] futex_wait_setup+0x78/0x290 [ 241.017205][ T8360] __futex_wait+0x266/0x3c0 [ 241.017236][ T8360] ? __pfx___futex_wait+0x10/0x10 [ 241.017276][ T8360] ? __pfx_futex_wake_mark+0x10/0x10 [ 241.017321][ T8360] futex_wait+0xe8/0x380 [ 241.017351][ T8360] ? __pfx_futex_wait+0x10/0x10 [ 241.017390][ T8360] ? percpu_counter_add_batch+0xb8/0x1f0 [ 241.017439][ T8360] ? errseq_sample+0x53/0x70 [ 241.017476][ T8360] ? file_init_path+0x4fe/0x760 [ 241.017516][ T8360] do_futex+0x229/0x350 [ 241.017563][ T8360] ? __pfx_do_futex+0x10/0x10 [ 241.017607][ T8360] ? fd_install+0x225/0x750 [ 241.017664][ T8360] __x64_sys_futex+0x1e0/0x4c0 [ 241.017713][ T8360] ? __sys_socket+0xac/0x260 [ 241.017771][ T8360] ? __pfx___x64_sys_futex+0x10/0x10 [ 241.017818][ T8360] ? rcu_is_watching+0x12/0xc0 [ 241.017868][ T8360] do_syscall_64+0xcd/0x260 [ 241.017910][ T8360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.017946][ T8360] RIP: 0033:0x7ff99678d169 [ 241.017970][ T8360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 241.018000][ T8360] RSP: 002b:00007ff99754b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 241.018033][ T8360] RAX: ffffffffffffffda RBX: 00007ff9969a5fa8 RCX: 00007ff99678d169 [ 241.018052][ T8360] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff9969a5fa8 [ 241.018070][ T8360] RBP: 00007ff9969a5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 241.018088][ T8360] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff9969a5fac [ 241.018111][ T8360] R13: 0000000000000000 R14: 00007ffd86e5aa40 R15: 00007ffd86e5ab28 [ 241.018143][ T8360] [ 243.246338][ T8413] FAULT_INJECTION: forcing a failure. [ 243.246338][ T8413] name failslab, interval 1, probability 0, space 0, times 0 [ 243.309023][ T8413] CPU: 1 UID: 0 PID: 8413 Comm: syz.0.514 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 243.309072][ T8413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 243.309091][ T8413] Call Trace: [ 243.309100][ T8413] [ 243.309113][ T8413] dump_stack_lvl+0x16c/0x1f0 [ 243.309160][ T8413] should_fail_ex+0x512/0x640 [ 243.309194][ T8413] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 243.309257][ T8413] should_failslab+0xc2/0x120 [ 243.309294][ T8413] __kmalloc_cache_noprof+0x6a/0x3e0 [ 243.309343][ T8413] ? __percpu_counter_init_many+0x2c1/0x3b0 [ 243.309396][ T8413] ? io_uring_alloc_task_context+0x4aa/0x690 [ 243.309443][ T8413] io_uring_alloc_task_context+0x4aa/0x690 [ 243.309488][ T8413] ? __pfx_io_uring_alloc_task_context+0x10/0x10 [ 243.309532][ T8413] ? alloc_file_pseudo+0x1b3/0x230 [ 243.309573][ T8413] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 243.309616][ T8413] __io_uring_add_tctx_node+0x2dd/0x500 [ 243.309658][ T8413] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 243.309701][ T8413] ? __anon_inode_getfile+0x18b/0x370 [ 243.309760][ T8413] io_uring_setup+0x157c/0x2090 [ 243.309814][ T8413] ? __pfx_io_uring_setup+0x10/0x10 [ 243.309872][ T8413] ? __pfx___might_resched+0x10/0x10 [ 243.309930][ T8413] ? rcu_is_watching+0x12/0xc0 [ 243.309976][ T8413] __x64_sys_io_uring_setup+0xc2/0x170 [ 243.310029][ T8413] do_syscall_64+0xcd/0x260 [ 243.310073][ T8413] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.310106][ T8413] RIP: 0033:0x7f7e3778d169 [ 243.310131][ T8413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 243.310162][ T8413] RSP: 002b:00007f7e38688038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 243.310193][ T8413] RAX: ffffffffffffffda RBX: 00007f7e379a5fa0 RCX: 00007f7e3778d169 [ 243.310213][ T8413] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 243.310230][ T8413] RBP: 00007f7e3780e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 243.310256][ T8413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 243.310275][ T8413] R13: 0000000000000000 R14: 00007f7e379a5fa0 R15: 00007ffe535b0318 [ 243.310310][ T8413] [ 245.198698][ T30] audit: type=1800 audit(6038298590.013:7): pid=8460 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.526" name="members" dev="configfs" ino=20578 res=0 errno=0 [ 245.348733][ T56] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 245.572659][ T8466] i2c i2c-0: new_device: Can't parse I2C address [ 247.345847][ T8493] netlink: 8 bytes leftover after parsing attributes in process `syz.1.534'. [ 249.084203][ T8518] could not allocate digest TFM handle [ 249.743643][ T56] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 250.430686][ T8537] Invalid ELF header magic: != ELF [ 252.886426][ T8565] syz.0.548: vmalloc error: size 1753088, failed to allocate pages, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 253.141895][ T8565] CPU: 1 UID: 0 PID: 8565 Comm: syz.0.548 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 253.141941][ T8565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 253.141960][ T8565] Call Trace: [ 253.141969][ T8565] [ 253.141981][ T8565] dump_stack_lvl+0x16c/0x1f0 [ 253.142027][ T8565] warn_alloc+0x248/0x3a0 [ 253.142062][ T8565] ? __pfx_warn_alloc+0x10/0x10 [ 253.142096][ T8565] ? alloc_pages_mpol+0x25a/0x540 [ 253.142134][ T8565] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 253.142173][ T8565] ? trace_kmalloc+0x2b/0xd0 [ 253.142221][ T8565] __vmalloc_node_range_noprof+0x12d2/0x1540 [ 253.142282][ T8565] ? __snd_dma_alloc_pages+0x50/0x90 [ 253.142326][ T8565] ? do_alloc_pages+0xd7/0x280 [ 253.142375][ T8565] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 253.142429][ T8565] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 253.142477][ T8565] ? __snd_dma_alloc_pages+0x50/0x90 [ 253.142513][ T8565] vmalloc_noprof+0x6b/0x90 [ 253.142562][ T8565] ? __snd_dma_alloc_pages+0x50/0x90 [ 253.142595][ T8565] ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10 [ 253.142631][ T8565] __snd_dma_alloc_pages+0x50/0x90 [ 253.142665][ T8565] snd_dma_alloc_dir_pages+0x151/0x240 [ 253.142702][ T8565] do_alloc_pages+0x115/0x280 [ 253.142736][ T8565] snd_pcm_lib_malloc_pages+0x3df/0x980 [ 253.142775][ T8565] snd_pcm_hw_params+0x15e1/0x1b40 [ 253.142813][ T8565] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 253.142847][ T8565] ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0 [ 253.142903][ T8565] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 253.142955][ T8565] ? __asan_memset+0x23/0x50 [ 253.143006][ T8565] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 253.143041][ T8565] snd_pcm_oss_change_params_locked+0x1432/0x3b40 [ 253.143107][ T8565] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 253.143160][ T8565] ? snd_pcm_oss_sync+0x30c/0x840 [ 253.143229][ T8565] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 253.143282][ T8565] snd_pcm_oss_sync+0x32e/0x840 [ 253.143341][ T8565] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 253.143392][ T8565] snd_pcm_oss_release+0x28b/0x310 [ 253.143443][ T8565] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 253.143493][ T8565] __fput+0x3ff/0xb70 [ 253.143537][ T8565] task_work_run+0x14d/0x240 [ 253.143576][ T8565] ? __pfx_task_work_run+0x10/0x10 [ 253.143614][ T8565] ? __pfx___do_sys_close_range+0x10/0x10 [ 253.143645][ T8565] ? rcu_is_watching+0x12/0xc0 [ 253.143690][ T8565] syscall_exit_to_user_mode+0x27b/0x2a0 [ 253.143732][ T8565] do_syscall_64+0xda/0x260 [ 253.143776][ T8565] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.143807][ T8565] RIP: 0033:0x7f7e3778d169 [ 253.143831][ T8565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 253.143862][ T8565] RSP: 002b:00007f7e38688038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 253.143892][ T8565] RAX: 0000000000000000 RBX: 00007f7e379a5fa0 RCX: 00007f7e3778d169 [ 253.143912][ T8565] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 253.143930][ T8565] RBP: 00007f7e3780e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 253.143947][ T8565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 253.143965][ T8565] R13: 0000000000000000 R14: 00007f7e379a5fa0 R15: 00007ffe535b0318 [ 253.143999][ T8565] [ 253.349926][ T8565] Mem-Info: [ 253.476070][ T8565] active_anon:90025 inactive_anon:0 isolated_anon:0 [ 253.476070][ T8565] active_file:17977 inactive_file:44083 isolated_file:0 [ 253.476070][ T8565] unevictable:768 dirty:2806 writeback:64 [ 253.476070][ T8565] slab_reclaimable:10837 slab_unreclaimable:100159 [ 253.476070][ T8565] mapped:56239 shmem:73741 pagetables:1195 [ 253.476070][ T8565] sec_pagetables:0 bounce:0 [ 253.476070][ T8565] kernel_misc_reclaimable:0 [ 253.476070][ T8565] free:1238409 free_pcp:5779 free_cma:0                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       syzkaller syzkaller login: [ 271.424090][ T8790] netlink: 290 bytes leftover after parsing attributes in process `syz.0.588'. [ 273.215883][ T8827] Invalid ELF header magic: != ELF [ 274.782003][ T8730] syz.3.577 (8730) used greatest stack depth: 21480 bytes left [ 278.335493][ T5850] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 279.178243][ T8919] Invalid ELF header magic: != ELF [ 280.046052][ T8929] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input7 [ 281.666633][ T8963] mkiss: ax0: crc mode is auto. [ 283.269254][ T8992] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 283.366511][ T8988] ptrace attach of "./syz-executor exec"[5835] was attempted by "./syz-executor exec"[8988] [ 285.250529][ T9050] bond0: option packets_per_slave: invalid value ( Xnp) [ 285.260058][ T9050] bond0: option packets_per_slave: allowed values 0 - 65535 [ 286.809411][ T5850] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 286.934323][ T30] audit: type=1806 audit(6038298663.775:8): xattr="0" res=-22 [ 288.208845][ T9103] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input8 [ 288.319177][ T9110] random: crng reseeded on system resumption [ 292.368464][ T9167] Invalid ELF header magic: != ELF [ 292.600347][ T5850] Bluetooth: hci2: Unable to find connection for big 0xd2 [ 292.768111][ T9140] rtc_cmos 00:00: Alarms can be up to one day in the future [ 293.081528][ T48] rtc_cmos 00:00: Alarms can be up to one day in the future [ 293.348984][ T48] rtc_cmos 00:00: Alarms can be up to one day in the future [ 293.357350][ T48] rtc_cmos 00:00: Alarms can be up to one day in the future [ 293.412444][ T48] rtc_cmos 00:00: Alarms can be up to one day in the future [ 293.420833][ T48] rtc rtc0: __rtc_set_alarm: err=-22 [ 295.260489][ T9232] netlink: 28 bytes leftover after parsing attributes in process `syz.0.680'. syzkaller syzkaller login: [ 297.644997][ T9261] kexec: Could not allocate control_code_buffer [ 298.705095][ T9287] netlink: 20 bytes leftover after parsing attributes in process `syz.1.692'. [ 301.363384][ T56] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 304.154939][ T56] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 305.061030][ T56] Bluetooth: hci3: unexpected event 0x1d length: 6 > 5 [ 309.684810][ T9464] netlink: 'syz.3.725': attribute type 11 has an invalid length. [ 310.099270][ T9475] ptrace attach of "./syz-executor exec"[5842] was attempted by "./syz-executor exec"[9475] [ 310.141116][ T9475] FAULT_INJECTION: forcing a failure. [ 310.141116][ T9475] name failslab, interval 1, probability 0, space 0, times 0 [ 310.168016][ T56] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 310.176703][ T9475] CPU: 1 UID: 0 PID: 9475 Comm: syz.2.729 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 310.176744][ T9475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 310.176762][ T9475] Call Trace: [ 310.176771][ T9475] [ 310.176783][ T9475] dump_stack_lvl+0x16c/0x1f0 [ 310.176829][ T9475] should_fail_ex+0x512/0x640 [ 310.176860][ T9475] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 310.176895][ T9475] should_failslab+0xc2/0x120 [ 310.176940][ T9475] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 310.176971][ T9475] ? security_file_alloc+0x34/0x2b0 [ 310.177013][ T9475] security_file_alloc+0x34/0x2b0 [ 310.177050][ T9475] init_file+0x93/0x4c0 [ 310.177084][ T9475] alloc_empty_file+0x73/0x1e0 [ 310.177122][ T9475] alloc_file_pseudo+0x13a/0x230 [ 310.177161][ T9475] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 310.177200][ T9475] ? alloc_fd+0x471/0x7d0 [ 310.177258][ T9475] sock_alloc_file+0x50/0x210 [ 310.177299][ T9475] __sys_socket+0x1c0/0x260 [ 310.177347][ T9475] ? __pfx___sys_socket+0x10/0x10 [ 310.177396][ T9475] ? rcu_is_watching+0x12/0xc0 [ 310.177440][ T9475] __x64_sys_socket+0x72/0xb0 [ 310.177486][ T9475] ? lockdep_hardirqs_on+0x7c/0x110 [ 310.177522][ T9475] do_syscall_64+0xcd/0x260 [ 310.177564][ T9475] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.177595][ T9475] RIP: 0033:0x7f943b38d169 [ 310.177619][ T9475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 310.177649][ T9475] RSP: 002b:00007f943c1d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 310.177679][ T9475] RAX: ffffffffffffffda RBX: 00007f943b5a5fa0 RCX: 00007f943b38d169 [ 310.177699][ T9475] RDX: 0000000000000006 RSI: 0000000000000003 RDI: 0000000000000002 [ 310.177718][ T9475] RBP: 00007f943b40e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 310.177735][ T9475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 310.177753][ T9475] R13: 0000000000000000 R14: 00007f943b5a5fa0 R15: 00007ffd8dd5ca48 [ 310.177784][ T9475] [ 310.804647][ T9496] usb usb32: usbfs: process 9496 (syz.1.733) did not claim interface 0 before use [ 310.811719][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 310.827404][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 310.827711][ T9481] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 310.839336][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 310.847035][ T9481] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 310.871985][ T9481] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 310.875668][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 310.882322][ T9481] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 310.907243][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 310.976177][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.042166][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.078277][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.108352][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.126033][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.138371][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.153527][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.165555][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.183731][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.199875][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.226832][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.240127][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.251451][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.262806][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.274157][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.285693][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.297089][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.315038][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.330835][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.377042][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.405732][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.430770][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.450391][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 311.547479][ T9488] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:0 is already present [ 312.578936][ T56] Bluetooth: hci0: command 0x0c1a tx timeout [ 312.688802][ T9532] syz.2.740 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 312.898700][ T56] Bluetooth: hci3: command 0x0c1a tx timeout [ 312.905466][ T5850] Bluetooth: hci2: command 0x0c1a tx timeout [ 312.908932][ T5849] Bluetooth: hci1: command 0x0c1a tx timeout [ 313.124717][ T9535] ima: policy update failed [ 313.192070][ T30] audit: type=1802 audit(6038298714.033:9): pid=9535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.741" res=0 errno=0 [ 313.246611][ T9547] netlink: zone id is out of range [ 313.258840][ T9547] netlink: zone id is out of range [ 313.264531][ T9547] netlink: zone id is out of range [ 313.298817][ T9547] netlink: zone id is out of range [ 313.304517][ T9547] netlink: zone id is out of range [ 313.330325][ T9547] netlink: zone id is out of range [ 313.340611][ T9547] netlink: zone id is out of range [ 313.358725][ T9547] netlink: zone id is out of range [ 313.428732][ T9547] netlink: zone id is out of range [ 313.434426][ T9547] netlink: zone id is out of range [ 314.266765][ T56] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 314.643543][ T9559] netlink: 110 bytes leftover after parsing attributes in process `syz.3.746'. [ 314.866011][ T9563] aoe: invalid device specification v m w [ 315.005905][ T9563] svc: failed to register nfsdv3 RPC service (errno 111). [ 315.045881][ T9563] svc: failed to register nfsaclv3 RPC service (errno 111). [ 316.196540][ T9567] kexec: Could not allocate control_code_buffer [ 316.419445][ T9598] netlink: 28 bytes leftover after parsing attributes in process `syz.2.755'. [ 316.617095][ T9598] bond0: (slave bond_slave_0): Releasing backup interface [ 317.622947][ T56] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 319.857063][ T56] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 320.108966][ T9646] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 320.130716][ T9646] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 320.194612][ T9646] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 320.236070][ T9646] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 320.366089][ T30] audit: type=1804 audit(6038298745.202:10): pid=9679 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.771" name="/newroot/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw" dev="tracefs" ino=1112 res=1 errno=0 [ 320.854961][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 320.862600][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 321.698892][ T56] Bluetooth: hci0: command 0x0c1a tx timeout [ 321.876455][ T9716] Invalid ELF header magic: != ELF [ 322.007777][ T9699] kexec: Could not allocate control_code_buffer [ 322.178744][ T56] Bluetooth: hci1: command 0x0c1a tx timeout [ 322.258716][ T5850] Bluetooth: hci2: command 0x0c1a tx timeout [ 322.265510][ T56] Bluetooth: hci3: command 0x0c1a tx timeout [ 322.422819][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.430109][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.497562][ T9732] Invalid ELF header magic: != ELF [ 325.852173][ T56] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 326.533659][ T56] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 329.019232][ T9799] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 329.038731][ T9799] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 329.059436][ T9799] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 329.082457][ T9816] Invalid ELF header magic: != ELF [ 329.143556][ T9799] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 329.858716][ T56] Bluetooth: hci0: command 0x0c1a tx timeout [ 331.058767][ T56] Bluetooth: hci2: command 0x0c1a tx timeout [ 331.065736][ T5850] Bluetooth: hci1: command 0x0c1a tx timeout [ 331.146131][ T56] Bluetooth: hci3: command 0x0c1a tx timeout [ 332.343778][ T9842] kexec: Could not allocate control_code_buffer syzkaller syzkaller login: [ 333.514799][ T9887] FAULT_INJECTION: forcing a failure. [ 333.514799][ T9887] name failslab, interval 1, probability 0, space 0, times 0 [ 333.559888][ T9887] CPU: 0 UID: 0 PID: 9887 Comm: syz.1.820 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 333.559935][ T9887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 333.559954][ T9887] Call Trace: [ 333.559963][ T9887] [ 333.559974][ T9887] dump_stack_lvl+0x16c/0x1f0 [ 333.560022][ T9887] should_fail_ex+0x512/0x640 [ 333.560054][ T9887] ? __kmalloc_noprof+0xbf/0x510 [ 333.560087][ T9887] ? sk_prot_alloc+0x1a8/0x2a0 [ 333.560130][ T9887] should_failslab+0xc2/0x120 [ 333.560166][ T9887] __kmalloc_noprof+0xd2/0x510 [ 333.560203][ T9887] sk_prot_alloc+0x1a8/0x2a0 [ 333.560249][ T9887] sk_alloc+0x36/0xc20 [ 333.560281][ T9887] __netlink_create+0x5e/0x2c0 [ 333.560313][ T9887] ? __wake_up+0x3f/0x60 [ 333.560359][ T9887] netlink_create+0x39e/0x620 [ 333.560407][ T9887] ? __pfx_genl_bind+0x10/0x10 [ 333.560449][ T9887] ? __pfx_genl_unbind+0x10/0x10 [ 333.560491][ T9887] ? __pfx_genl_release+0x10/0x10 [ 333.560538][ T9887] __sock_create+0x335/0x8d0 [ 333.560589][ T9887] __sys_socket+0x14d/0x260 [ 333.560637][ T9887] ? __pfx___sys_socket+0x10/0x10 [ 333.560687][ T9887] ? rcu_is_watching+0x12/0xc0 [ 333.560731][ T9887] __x64_sys_socket+0x72/0xb0 [ 333.560779][ T9887] ? lockdep_hardirqs_on+0x7c/0x110 [ 333.560817][ T9887] do_syscall_64+0xcd/0x260 [ 333.560860][ T9887] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.560892][ T9887] RIP: 0033:0x7ff99678d169 [ 333.560917][ T9887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 333.560948][ T9887] RSP: 002b:00007ff99754b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 333.560979][ T9887] RAX: ffffffffffffffda RBX: 00007ff9969a5fa0 RCX: 00007ff99678d169 [ 333.560999][ T9887] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 333.561018][ T9887] RBP: 00007ff99680e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 333.561036][ T9887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 333.561054][ T9887] R13: 0000000000000000 R14: 00007ff9969a5fa0 R15: 00007ffd86e5ab28 [ 333.561087][ T9887] [ 335.661972][ T9941] netlink: 330 bytes leftover after parsing attributes in process `syz.0.832'. [ 336.843312][ T9959] netlink: 4 bytes leftover after parsing attributes in process `syz.1.834'. [ 337.763134][ T5850] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 337.782255][ T56] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 339.903223][T10006] syz.1.846(10006): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 341.628229][T10035] netlink: 28 bytes leftover after parsing attributes in process `syz.1.852'. [ 342.426252][T10049] net_ratelimit: 122 callbacks suppressed [ 342.426279][T10049] openvswitch: netlink: Tunnel attr 9589 out of range max 16 [ 342.803703][T10057] ovs_: entered promiscuous mode [ 342.919943][T10054] netlink: 20 bytes leftover after parsing attributes in process `syz.2.856'. [ 343.046161][ T56] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 346.928960][T10135] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input10 [ 347.718141][T10147] random: crng reseeded on system resumption [ 347.781284][T10129] netlink: 334 bytes leftover after parsing attributes in process `syz.2.871'. [ 348.702254][T10165] FAULT_INJECTION: forcing a failure. [ 348.702254][T10165] name failslab, interval 1, probability 0, space 0, times 0 [ 348.796767][T10165] CPU: 0 UID: 0 PID: 10165 Comm: syz.1.881 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 348.796810][T10165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 348.796828][T10165] Call Trace: [ 348.796837][T10165] [ 348.796847][T10165] dump_stack_lvl+0x16c/0x1f0 [ 348.796890][T10165] should_fail_ex+0x512/0x640 [ 348.796922][T10165] ? __kmalloc_noprof+0xbf/0x510 [ 348.796954][T10165] ? do_handle_open+0x585/0xb70 [ 348.796997][T10165] should_failslab+0xc2/0x120 [ 348.797037][T10165] __kmalloc_noprof+0xd2/0x510 [ 348.797071][T10165] do_handle_open+0x585/0xb70 [ 348.797118][T10165] ? __pfx_do_handle_open+0x10/0x10 [ 348.797162][T10165] ? __x64_sys_futex+0x1e0/0x4c0 [ 348.797211][T10165] ? xfd_validate_state+0x5d/0x180 [ 348.797246][T10165] ? rcu_is_watching+0x12/0xc0 [ 348.797291][T10165] ? do_syscall_64+0xcd/0x260 [ 348.797329][T10165] do_syscall_64+0xcd/0x260 [ 348.797371][T10165] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.797402][T10165] RIP: 0033:0x7ff99678d169 [ 348.797425][T10165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 348.797454][T10165] RSP: 002b:00007ff99752a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 348.797482][T10165] RAX: ffffffffffffffda RBX: 00007ff9969a6080 RCX: 00007ff99678d169 [ 348.797502][T10165] RDX: 0000000000000002 RSI: 0000200000000040 RDI: 0000000000000026 [ 348.797519][T10165] RBP: 00007ff99680e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 348.797537][T10165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 348.797554][T10165] R13: 0000000000000000 R14: 00007ff9969a6080 R15: 00007ffd86e5ab28 [ 348.797585][T10165] [ 350.411192][T10198] CIFS: VFS: Unsupported security flags: 0x200 [ 354.777688][T10255] Invalid ELF header magic: != ELF [ 354.810174][T10256] FAULT_INJECTION: forcing a failure. [ 354.810174][T10256] name failslab, interval 1, probability 0, space 0, times 0 [ 354.853687][T10256] CPU: 1 UID: 0 PID: 10256 Comm: syz.1.901 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 354.853733][T10256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 354.853751][T10256] Call Trace: [ 354.853760][T10256] [ 354.853771][T10256] dump_stack_lvl+0x16c/0x1f0 [ 354.853815][T10256] should_fail_ex+0x512/0x640 [ 354.853844][T10256] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 354.853889][T10256] ? __pfx_cec_config_thread_func+0x10/0x10 [ 354.853934][T10256] should_failslab+0xc2/0x120 [ 354.853967][T10256] __kmalloc_cache_noprof+0x6a/0x3e0 [ 354.854017][T10256] ? lockdep_init_map_type+0x5c/0x280 [ 354.854044][T10256] ? __kthread_create_on_node+0xce/0x3f0 [ 354.854095][T10256] ? __init_swait_queue_head+0xca/0x150 [ 354.854134][T10256] ? __pfx_cec_config_thread_func+0x10/0x10 [ 354.854176][T10256] __kthread_create_on_node+0xce/0x3f0 [ 354.854228][T10256] ? __pfx___kthread_create_on_node+0x10/0x10 [ 354.854288][T10256] ? cec_adap_enable+0x77c/0xc30 [ 354.854333][T10256] ? __pfx_cec_config_thread_func+0x10/0x10 [ 354.854379][T10256] kthread_create_on_node+0xc7/0x100 [ 354.854431][T10256] ? __pfx_kthread_create_on_node+0x10/0x10 [ 354.854489][T10256] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 354.854536][T10256] ? lockdep_init_map_type+0x5c/0x280 [ 354.854567][T10256] ? lockdep_init_map_type+0x5c/0x280 [ 354.854604][T10256] cec_claim_log_addrs+0x13e/0x2e0 [ 354.854646][T10256] __cec_s_log_addrs+0xdc9/0x1670 [ 354.854698][T10256] cec_ioctl+0x4b8/0x2970 [ 354.854747][T10256] ? __pfx_cec_ioctl+0x10/0x10 [ 354.854785][T10256] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 354.854814][T10256] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 354.854844][T10256] ? do_vfs_ioctl+0x512/0x1990 [ 354.854878][T10256] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 354.854945][T10256] ? find_held_lock+0x2b/0x80 [ 354.854982][T10256] ? hook_file_ioctl_common+0x145/0x410 [ 354.855022][T10256] ? __pfx_cec_ioctl+0x10/0x10 [ 354.855065][T10256] __x64_sys_ioctl+0x190/0x200 [ 354.855107][T10256] do_syscall_64+0xcd/0x260 [ 354.855149][T10256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 354.855179][T10256] RIP: 0033:0x7ff99678d169 [ 354.855204][T10256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 354.855235][T10256] RSP: 002b:00007ff99752a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 354.855265][T10256] RAX: ffffffffffffffda RBX: 00007ff9969a6080 RCX: 00007ff99678d169 [ 354.855285][T10256] RDX: 00002000000000c0 RSI: 00000000c05c6104 RDI: 0000000000000005 [ 354.855304][T10256] RBP: 00007ff99680e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 354.855322][T10256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 354.855339][T10256] R13: 0000000000000000 R14: 00007ff9969a6080 R15: 00007ffd86e5ab28 [ 354.855372][T10256] [ 354.964153][T10262] netlink: 8 bytes leftover after parsing attributes in process `syz.0.903'. [ 355.908441][T10257] snd_aloop snd_aloop.0: control 16781581:65535:6:'x?F/zF˷fC:8 is already present [ 357.186543][T10278] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 357.186925][T10286] Process accounting resumed [ 357.193817][T10278] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 357.221659][T10278] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 357.245085][T10278] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 358.753864][ T56] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 358.818927][ T56] Bluetooth: hci0: command 0x0c1a tx timeout [ 359.218660][ T56] Bluetooth: hci1: command 0x0c1a tx timeout [ 359.308694][ T56] Bluetooth: hci3: command 0x0c1a tx timeout [ 359.315382][ T5850] Bluetooth: hci2: command 0x0c1a tx timeout [ 359.322104][T10320] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 359.369086][T10320] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 359.419328][T10320] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 359.464007][T10320] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 360.902439][ T5850] Bluetooth: hci0: command 0x0c1a tx timeout [ 361.286332][T10357] netlink: 186 bytes leftover after parsing attributes in process `syz.2.925'. [ 361.384107][T10335] kexec: Could not allocate control_code_buffer [ 361.388706][ T5850] Bluetooth: hci1: command 0x0c1a tx timeout [ 361.459657][ T5850] Bluetooth: hci2: command 0x0c1a tx timeout [ 361.538724][ T5850] Bluetooth: hci3: command 0x0c1a tx timeout [ 361.779620][T10366] busy [ 364.302377][ T5850] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 365.102579][T10404] netlink: 456 bytes leftover after parsing attributes in process `syz.3.939'. [ 365.237294][T10415] [U] [ 365.240661][T10415] [U] [ 365.243657][T10415] [U] [ 365.246633][T10415] [U] [ 365.301205][T10415] [U] [ 365.304279][T10415] [U] [ 365.307298][T10415] [U] [ 365.310314][T10415] [U] [ 365.424840][T10415] [U] [ 365.427900][T10415] [U] [ 365.430912][T10415] [U] [ 365.433929][T10415] [U] [ 365.462727][T10393] kexec: Could not allocate control_code_buffer [ 365.482107][T10415] [U] [ 365.485167][T10415] [U] [ 365.488169][T10415] [U] [ 365.491163][T10415] [U] [ 365.535682][T10415] [U] [ 365.538744][T10415] [U] [ 365.541761][T10415] [U] [ 365.544821][T10415] [U] [ 365.636292][T10415] [U] [ 365.639400][T10415] [U] [ 365.642389][T10415] [U] [ 365.645372][T10415] [U] [ 365.800304][T10415] [U] [ 365.803373][T10415] [U] [ 365.806389][T10415] [U] [ 365.809493][T10415] [U] [ 365.921766][T10415] [U] [ 365.924832][T10415] [U] [ 365.927840][T10415] [U] [ 365.930853][T10415] [U] [ 366.089029][T10415] [U] [ 366.092084][T10415] [U] [ 366.095068][T10415] [U] [ 366.098052][T10415] [U] [ 366.149169][T10415] [U] [ 366.152229][T10415] [U] [ 366.155242][T10415] [U] [ 366.158255][T10415] [U] [ 366.162446][T10415] [U] [ 366.165499][T10415] [U] [ 366.168519][T10415] [U] [ 366.171542][T10415] [U] [ 366.175566][T10415] [U] [ 366.178592][T10415] [U] [ 366.181595][T10415] [U] [ 366.184617][T10415] [U] [ 366.189181][T10415] [U] [ 366.192220][T10415] [U] [ 366.195242][T10415] [U] [ 366.198258][T10415] [U] [ 366.202265][T10415] [U] [ 366.205295][T10415] [U] [ 366.208302][T10415] [U] [ 366.211304][T10415] [U] [ 366.215421][T10415] [U] [ 366.218449][T10415] [U] [ 366.221458][T10415] [U] [ 366.224466][T10415] [U] [ 366.228450][T10415] [U] [ 366.231460][T10415] [U] [ 366.234456][T10415] [U] [ 366.237444][T10415] [U] [ 366.241764][T10415] [U] [ 366.244778][T10415] [U] [ 366.247759][T10415] [U] [ 366.250746][T10415] [U] [ 366.254816][T10415] [U] [ 366.257839][T10415] [U] [ 366.260831][T10415] [U] [ 366.263812][T10415] [U] [ 366.273770][T10415] [U] [ 366.276808][T10415] [U] [ 366.279824][T10415] [U] [ 366.282829][T10415] [U] [ 366.286823][T10415] [U] [ 366.289846][T10415] [U] [ 366.292881][T10415] [U] [ 366.295878][T10415] [U] [ 366.300411][T10415] [U] [ 366.303448][T10415] [U] [ 366.306458][T10415] [U] [ 366.309471][T10415] [U] [ 366.577376][T10415] [U] [ 366.580438][T10415] [U] [ 366.583448][T10415] [U] [ 366.586459][T10415] [U] [ 366.888659][T10415] [U] [ 366.891717][T10415] [U] [ 366.894736][T10415] [U] [ 366.897745][T10415] [U] [ 366.901098][T10415] [U] [ 366.904112][T10415] [U] [ 366.907109][T10415] [U] [ 366.910117][T10415] [U] [ 366.913965][T10415] [U] [ 366.917000][T10415] [U] [ 366.920020][T10415] [U] [ 366.923050][T10415] [U] [ 366.926345][T10415] [U] [ 366.929362][T10415] [U] [ 366.932379][T10415] [U] [ 366.935390][T10415] [U] [ 366.939028][T10415] [U] [ 366.942065][T10415] [U] [ 366.945075][T10415] [U] [ 366.948090][T10415] [U] [ 366.951394][T10415] [U] [ 366.954412][T10415] [U] [ 366.957422][T10415] [U] [ 366.960434][T10415] [U] [ 366.963840][T10415] [U] [ 366.966857][T10415] [U] [ 366.969889][T10415] [U] [ 366.972902][T10415] [U] [ 366.976234][T10415] [U] [ 366.979254][T10415] [U] [ 366.982267][T10415] [U] [ 366.985276][T10415] [U] [ 366.988763][T10415] [U] [ 369.427515][ T5850] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 369.855930][ T5850] Bluetooth: hci3: unexpected event 0x1d length: 6 > 5 [ 369.976138][T10491] zswap: compressor not available [ 371.668710][T10522] netlink: 'syz.0.962': attribute type 11 has an invalid length. [ 372.104631][T10536] kAFS: Invalid Command on /proc/fs/afs/cells file [ 373.071892][T10559] FAULT_INJECTION: forcing a failure. [ 373.071892][T10559] name failslab, interval 1, probability 0, space 0, times 0 [ 373.122731][T10559] CPU: 1 UID: 0 PID: 10559 Comm: syz.2.972 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 373.122776][T10559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 373.122795][T10559] Call Trace: [ 373.122803][T10559] [ 373.122815][T10559] dump_stack_lvl+0x16c/0x1f0 [ 373.122859][T10559] should_fail_ex+0x512/0x640 [ 373.122889][T10559] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 373.122938][T10559] should_failslab+0xc2/0x120 [ 373.122972][T10559] __kmalloc_cache_noprof+0x6a/0x3e0 [ 373.123019][T10559] ? percpu_ref_init+0xec/0x410 [ 373.123065][T10559] ? __pfx_blkg_release+0x10/0x10 [ 373.123100][T10559] percpu_ref_init+0xec/0x410 [ 373.123142][T10559] ? kasan_save_track+0x14/0x30 [ 373.123173][T10559] blkg_alloc+0xea/0xb00 [ 373.123215][T10559] blkcg_init_disk+0x51/0x160 [ 373.123259][T10559] __alloc_disk_node+0x299/0x610 [ 373.123293][T10559] __blk_alloc_disk+0xd7/0x170 [ 373.123341][T10559] ? __pfx___blk_alloc_disk+0x10/0x10 [ 373.123398][T10559] ? lockdep_init_map_type+0x5c/0x280 [ 373.123431][T10559] ? __raw_spin_lock_init+0x3a/0x110 [ 373.123470][T10559] ? __pfx_hot_add_show+0x10/0x10 [ 373.123500][T10559] zram_add+0x16e/0x6c0 [ 373.123529][T10559] ? __pfx_zram_add+0x10/0x10 [ 373.123556][T10559] ? __pfx___might_resched+0x10/0x10 [ 373.123625][T10559] ? __pfx_hot_add_show+0x10/0x10 [ 373.123667][T10559] hot_add_show+0x21/0x80 [ 373.123694][T10559] class_attr_show+0x6f/0xa0 [ 373.123739][T10559] ? __pfx_class_attr_show+0x10/0x10 [ 373.123805][T10559] sysfs_kf_seq_show+0x23e/0x410 [ 373.123860][T10559] seq_read_iter+0x506/0x12c0 [ 373.123920][T10559] kernfs_fop_read_iter+0x40f/0x5a0 [ 373.123962][T10559] ? rw_verify_area+0xcf/0x680 [ 373.124008][T10559] vfs_read+0x8c8/0xc70 [ 373.124057][T10559] ? __pfx___mutex_lock+0x10/0x10 [ 373.124098][T10559] ? __pfx_vfs_read+0x10/0x10 [ 373.124164][T10559] ksys_read+0x12a/0x240 [ 373.124211][T10559] ? __pfx_ksys_read+0x10/0x10 [ 373.124256][T10559] ? rcu_is_watching+0x12/0xc0 [ 373.124303][T10559] do_syscall_64+0xcd/0x260 [ 373.124346][T10559] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 373.124377][T10559] RIP: 0033:0x7f943b38d169 [ 373.124408][T10559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 373.124441][T10559] RSP: 002b:00007f943c1d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 373.124471][T10559] RAX: ffffffffffffffda RBX: 00007f943b5a5fa0 RCX: 00007f943b38d169 [ 373.124491][T10559] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000008 [ 373.124511][T10559] RBP: 00007f943b40e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 373.124529][T10559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 373.124547][T10559] R13: 0000000000000000 R14: 00007f943b5a5fa0 R15: 00007ffd8dd5ca48 [ 373.124582][T10559] [ 373.553061][T10559] zram: Error allocating disk structure for device 1 [ 376.212561][ T5850] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 376.558844][T10611] netlink: 28 bytes leftover after parsing attributes in process `syz.1.986'. [ 382.726620][ T5850] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 382.963307][T10670] kexec: Could not allocate control_code_buffer [ 383.252894][ T5850] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 383.861828][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.868903][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.926818][T10698] kexec: Could not allocate control_code_buffer [ 386.917694][T10733] kexec: Could not allocate control_code_buffer [ 388.246549][T10760] random: crng reseeded on system resumption [ 390.877593][T10769] Process accounting paused [ 390.901611][T10790] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1020'. [ 391.283906][T10795] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1021'. [ 392.437364][T10805] [ 392.439987][T10805] ====================================================== [ 392.447724][T10805] WARNING: possible circular locking dependency detected [ 392.455462][T10805] 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 Not tainted [ 392.462924][T10805] ------------------------------------------------------ [ 392.470712][T10805] syz.1.1024/10805 is trying to acquire lock: [ 392.477416][T10805] ffff888025ba2cd8 (&q->elevator_lock){+.+.}-{4:4}, at: queue_requests_store+0x1c7/0x310 [ 392.488289][T10805] [ 392.488289][T10805] but task is already holding lock: [ 392.496402][T10805] ffff888025ba27a8 (&q->q_usage_counter(io)#29){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 392.508809][T10805] [ 392.508809][T10805] which lock already depends on the new lock. [ 392.508809][T10805] [ 392.520256][T10805] [ 392.520256][T10805] the existing dependency chain (in reverse order) is: [ 392.530173][T10805] [ 392.530173][T10805] -> #2 (&q->q_usage_counter(io)#29){++++}-{0:0}: [ 392.539685][T10805] blk_alloc_queue+0x619/0x760 [ 392.545531][T10805] blk_mq_alloc_queue+0x179/0x290 [ 392.551642][T10805] __blk_mq_alloc_disk+0x29/0x120 [ 392.557764][T10805] loop_add+0x496/0xb70 [ 392.562937][T10805] loop_init+0x164/0x270 [ 392.568188][T10805] do_one_initcall+0x120/0x6e0 [ 392.574024][T10805] kernel_init_freeable+0x5c2/0x900 [ 392.580335][T10805] kernel_init+0x1c/0x2b0 [ 392.585698][T10805] ret_from_fork+0x45/0x80 [ 392.591141][T10805] ret_from_fork_asm+0x1a/0x30 [ 392.597009][T10805] [ 392.597009][T10805] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 392.604965][T10805] fs_reclaim_acquire+0x102/0x150 [ 392.611105][T10805] blk_mq_alloc_and_init_hctx+0x503/0x11c0 [ 392.618088][T10805] blk_mq_realloc_hw_ctxs+0x8f6/0xc00 [ 392.624592][T10805] blk_mq_init_allocated_queue+0x3af/0x1230 [ 392.631666][T10805] blk_mq_alloc_queue+0x1c2/0x290 [ 392.637799][T10805] __blk_mq_alloc_disk+0x29/0x120 [ 392.643911][T10805] loop_add+0x496/0xb70 [ 392.649092][T10805] loop_init+0x164/0x270 [ 392.654341][T10805] do_one_initcall+0x120/0x6e0 [ 392.660182][T10805] kernel_init_freeable+0x5c2/0x900 [ 392.666497][T10805] kernel_init+0x1c/0x2b0 [ 392.671892][T10805] ret_from_fork+0x45/0x80 [ 392.677364][T10805] ret_from_fork_asm+0x1a/0x30 [ 392.683222][T10805] [ 392.683222][T10805] -> #0 (&q->elevator_lock){+.+.}-{4:4}: [ 392.691861][T10805] __lock_acquire+0x1173/0x1ba0 [ 392.697801][T10805] lock_acquire+0x179/0x350 [ 392.703341][T10805] __mutex_lock+0x199/0xb90 [ 392.708888][T10805] queue_requests_store+0x1c7/0x310 [ 392.715193][T10805] queue_attr_store+0x270/0x310 [ 392.721122][T10805] sysfs_kf_write+0x117/0x170 [ 392.726896][T10805] kernfs_fop_write_iter+0x351/0x510 [ 392.733302][T10805] iter_file_splice_write+0x91c/0x1150 [ 392.739905][T10805] direct_splice_actor+0x18f/0x6c0 [ 392.746142][T10805] splice_direct_to_actor+0x342/0xa30 [ 392.752669][T10805] do_splice_direct+0x174/0x240 [ 392.758643][T10805] do_sendfile+0xafd/0xe50 [ 392.764093][T10805] __x64_sys_sendfile64+0x1d8/0x220 [ 392.770414][T10805] do_syscall_64+0xcd/0x260 [ 392.775957][T10805] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 392.783021][T10805] [ 392.783021][T10805] other info that might help us debug this: [ 392.783021][T10805] [ 392.794280][T10805] Chain exists of: [ 392.794280][T10805] &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#29 [ 392.794280][T10805] [ 392.809434][T10805] Possible unsafe locking scenario: [ 392.809434][T10805] [ 392.817634][T10805] CPU0 CPU1 [ 392.823534][T10805] ---- ---- [ 392.829432][T10805] lock(&q->q_usage_counter(io)#29); [ 392.835363][T10805] lock(fs_reclaim); [ 392.842521][T10805] lock(&q->q_usage_counter(io)#29); [ 392.851216][T10805] lock(&q->elevator_lock); [ 392.856273][T10805] [ 392.856273][T10805] *** DEADLOCK *** [ 392.856273][T10805] [ 392.865243][T10805] 5 locks held by syz.1.1024/10805: [ 392.870991][T10805] #0: ffff888035ec8420 (sb_writers#7){.+.+}-{0:0}, at: splice_direct_to_actor+0x342/0xa30 [ 392.882073][T10805] #1: ffff888029f70888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 392.892834][T10805] #2: ffff888143ffb698 (kn->active#184){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 392.903982][T10805] #3: ffff888025ba27a8 (&q->q_usage_counter(io)#29){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 392.916871][T10805] #4: ffff888025ba27e0 (&q->q_usage_counter(queue)#21){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 392.930043][T10805] [ 392.930043][T10805] stack backtrace: [ 392.936523][T10805] CPU: 1 UID: 0 PID: 10805 Comm: syz.1.1024 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) [ 392.936555][T10805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 392.936570][T10805] Call Trace: [ 392.936577][T10805] [ 392.936586][T10805] dump_stack_lvl+0x116/0x1f0 [ 392.936625][T10805] print_circular_bug+0x275/0x350 [ 392.936665][T10805] check_noncircular+0x14c/0x170 [ 392.936706][T10805] __lock_acquire+0x1173/0x1ba0 [ 392.936747][T10805] ? __lock_acquire+0xaa4/0x1ba0 [ 392.936787][T10805] lock_acquire+0x179/0x350 [ 392.936808][T10805] ? queue_requests_store+0x1c7/0x310 [ 392.936840][T10805] ? __pfx___might_resched+0x10/0x10 [ 392.936878][T10805] __mutex_lock+0x199/0xb90 [ 392.936908][T10805] ? queue_requests_store+0x1c7/0x310 [ 392.936939][T10805] ? mark_held_locks+0x49/0x80 [ 392.936976][T10805] ? queue_requests_store+0x1c7/0x310 [ 392.937007][T10805] ? __pfx___mutex_lock+0x10/0x10 [ 392.937039][T10805] ? blk_mq_freeze_queue_wait+0xad/0x1b0 [ 392.937067][T10805] ? __pfx_autoremove_wake_function+0x10/0x10 [ 392.937108][T10805] ? queue_requests_store+0x1c7/0x310 [ 392.937138][T10805] queue_requests_store+0x1c7/0x310 [ 392.937169][T10805] ? __pfx_queue_requests_store+0x10/0x10 [ 392.937201][T10805] ? __mutex_trylock_common+0xe9/0x250 [ 392.937225][T10805] ? __pfx_queue_requests_store+0x10/0x10 [ 392.937256][T10805] queue_attr_store+0x270/0x310 [ 392.937284][T10805] ? __pfx_queue_attr_store+0x10/0x10 [ 392.937313][T10805] ? __lock_acquire+0x5ca/0x1ba0 [ 392.937353][T10805] ? kernfs_fop_write_iter+0x28f/0x510 [ 392.937396][T10805] ? __pfx_queue_attr_store+0x10/0x10 [ 392.937423][T10805] sysfs_kf_write+0x117/0x170 [ 392.937458][T10805] kernfs_fop_write_iter+0x351/0x510 [ 392.937491][T10805] ? __pfx_sysfs_kf_write+0x10/0x10 [ 392.937527][T10805] iter_file_splice_write+0x91c/0x1150 [ 392.937574][T10805] ? __pfx_iter_file_splice_write+0x10/0x10 [ 392.937617][T10805] ? __pfx_copy_splice_read+0x10/0x10 [ 392.937666][T10805] ? __pfx_iter_file_splice_write+0x10/0x10 [ 392.937706][T10805] direct_splice_actor+0x18f/0x6c0 [ 392.937746][T10805] splice_direct_to_actor+0x342/0xa30 [ 392.937785][T10805] ? __pfx_direct_splice_actor+0x10/0x10 [ 392.937826][T10805] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 392.937868][T10805] do_splice_direct+0x174/0x240 [ 392.937906][T10805] ? __pfx_do_splice_direct+0x10/0x10 [ 392.937943][T10805] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 392.937982][T10805] ? rw_verify_area+0xcf/0x680 [ 392.938017][T10805] do_sendfile+0xafd/0xe50 [ 392.938053][T10805] ? __pfx_do_sendfile+0x10/0x10 [ 392.938090][T10805] ? __x64_sys_futex+0x1e0/0x4c0 [ 392.938126][T10805] ? __x64_sys_futex+0x1e9/0x4c0 [ 392.938162][T10805] __x64_sys_sendfile64+0x1d8/0x220 [ 392.938189][T10805] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 392.938216][T10805] ? rcu_is_watching+0x12/0xc0 [ 392.938250][T10805] do_syscall_64+0xcd/0x260 [ 392.938282][T10805] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 392.938308][T10805] RIP: 0033:0x7ff99678d169 [ 392.938328][T10805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 392.938352][T10805] RSP: 002b:00007ff99754b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 392.938377][T10805] RAX: ffffffffffffffda RBX: 00007ff9969a5fa0 RCX: 00007ff99678d169 [ 392.938393][T10805] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000009 [ 392.938408][T10805] RBP: 00007ff99680e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 392.938424][T10805] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 392.938439][T10805] R13: 0000000000000000 R14: 00007ff9969a5fa0 R15: 00007ffd86e5ab28 [ 392.938460][T10805]