last executing test programs: 17.366638392s ago: executing program 0 (id=622): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x0, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x40500, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) socket(0x2, 0x2, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket(0x9, 0x2, 0x80004) io_uring_setup$auto(0x6, 0x0) setresgid$auto(0x81, 0x800000a0, 0x8) setgroups$auto(0xc00000000, 0xfffffffffffffffc) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) epoll_create$auto(0x4) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) read$auto(0x3, 0x0, 0x80) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000240)='/dev/admmidi2\x00', 0x101000, 0x0) setresuid$auto(0x0, 0x8, 0x8000) shmget$auto(0x14, 0x200000000000002, 0xe64) 15.557476785s ago: executing program 0 (id=632): socket(0x18, 0xa, 0x8000009) (async) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) mmap$auto(0x0, 0x1, 0x800000000df, 0x9b72, 0xffffffffffffffff, 0x8000) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) (async, rerun: 64) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) (async, rerun: 64) semget$auto(0xffffff81, 0x4, 0x7) (async) fadvise64$auto_POSIX_FADV_RANDOM(0xffffffffffffffff, 0xffff, 0x5915007, 0x1) (async) socket(0x1, 0x2, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x6, 0x0) (async) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0xa, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x582, 0x0) 15.000802556s ago: executing program 0 (id=641): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x200, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) semctl$auto_IPC_SET(0x800, 0x9, 0x1, 0x5) r0 = getpid() openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/devices/platform/i8042/serio0/softraw\x00', 0x141042, 0x0) mmap$auto(0x0, 0x2020009, 0x8000000000003, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/oom_adj\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x1f40) write$auto(0x3, 0x0, 0xfdef) process_vm_readv$auto(r0, &(0x7f0000000000)={&(0x7f0000000180), 0xfff}, 0x2, &(0x7f0000000280)={&(0x7f00000000c0), 0x400ffffffff}, 0x6, 0x0) fcntl$auto_F_OFD_GETLK(0xffffffffffffffff, 0x24, 0x0) socketpair$auto(0x7f, 0x8, 0xfff, &(0x7f0000000000)=0x8a0c) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/asound/card1/pcm1c/xrun_debug\x00', 0x20440, 0x0) pread64$auto(r2, 0x0, 0xa0, 0xf86) openat$auto_stat_fops_(0xffffffffffffff9c, &(0x7f0000000040)='/proc/stat\x00', 0x70000, 0x0) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x3f, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x840}, 0x7, 0x88) kcmp$auto(r0, r0, 0x1000000, r3, r2) syz_clone(0x46948711, 0x0, 0x0, 0x0, 0x0, 0x0) 9.844098088s ago: executing program 0 (id=645): r0 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x2100, 0x0) unshare$auto(0x40000080) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) mount$auto(0x0, &(0x7f0000000300)='./file0\x00', 0x0, 0x313826de, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/netdevsim0/del_port\x00', 0xa001, 0x0) write$auto(r1, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xc0\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc76\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x009\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x99\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\x00\x02H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb\x00'/525, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) readv$auto(r0, &(0x7f0000000700)={0x0, 0x9}, 0x1) 8.824414277s ago: executing program 0 (id=648): unshare$auto(0x40000080) mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/vm/min_free_kbytes\x00', 0x202, 0x0) pwrite64$auto(r0, &(0x7f00000000c0)='/proc/sys/useb/map_fqnotify_g\x03oups\x00\x1e\xb5\xfe\xbe`\x19\xfb\xe8:\xbc\xa8u\xe4j%\x1e=\xf7\xcd\xa90I\xd1 \xe3@\xc6d.{\xb7\xed\x16\xc0\xd5\xac/\x9f|\xcb\x9a(\x05\xb8t\a^L\x86\x8aE\xb5\x83\x0f\x85\"\x86zO)\xe3\xa3\x19\xfb\xd3$?\x11\aM\xf3\x04\xbdv \xc0\x92\xcd\x06\\PJ\xf0\xbb7\xaa\xd6\x87L\xd6\xe4\xb660\xb68o\x92\xc0\xfezlPVM\xbb>E\xc4#\xe8+;\x05\x18]\b\x93\xb7\xefl%X\xbd\xa8\x9e\x17\xee\xc0\xde\xf0\xbb\xfc$\x9d.`\x04@)\xe2\xe1\xd8ja!K\xbd\x97\x1f\xbe\x1d\xd4-s\xcdg\x14\xf5\xd9\xde\xda\x88\x9c\xf3[:h\'\xd8\xff\xb4\xb2/\x1b{\xa9^\x90\x1d\x12\xe0\xfe\xea\xfc', 0x8, 0x4000000001) ioperm$auto(0x5f0, 0x80, 0x2) close_range$auto(0x2, 0x8, 0x0) write$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffffff, &(0x7f0000000380)="a05e9e6e0199c20ed207d4e00a015b0f0d21cb3ab57f6ccdc87f37fbdbf3f78dfca798af047a610d4c208566aa5a1cdaf9e275116e0c143750910591a2ce7c7d8f3f21e0adb69fca21c99cdbb16f3c68be34f98d4435789c31f5aef018770068c3889217458bfd88212e1da88549991c3ecbeca0f48227e3e18b307b7ac824844ecc660d3fdadff2f064878e41c8d876550db4b394f9aec196d413ab1920e3d6959f21c5fa369c329668a0cf871c67f1292b7584dc87c965d26d31ee90629ed6bdb1ed8da4f9", 0xc6) listen$auto(0x3, 0x81) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000003b00), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6gretap0\x00', 0x0}) sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r1, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000003bc0)={&(0x7f0000003b80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd7000fedbdf258800000008000300", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x4000084}, 0x180c0) mmap$auto(0x0, 0x20007, 0x80000000004000df, 0x10004000eb1, 0x8, 0x8000) semctl$auto(0x8001ff, 0x2, 0x13, 0x7) r4 = socket(0x15, 0x5, 0x0) setsockopt$auto(0x3, 0x114, 0x6, 0x0, 0xa0) select$auto(0xd, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x5, 0x3, 0xff, 0x2000000000000002, 0x9, 0xfffffffffffff761, 0x103, 0xa, 0x4, 0x7fff, 0x5, 0x4006]}, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r5 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) fanotify_init$auto(0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) r6 = socket(0x10, 0x2, 0x0) sendfile$auto(r4, 0x3, 0x0, 0x2) sendfile$auto(0x1, 0x3, 0x0, 0xc01) sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="1b000000", @ANYBLOB="1a00279e"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/flags\x00', 0x101142, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_USER_PVERSION(r5, 0x40045702, 0x0) r7 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/026/001\x00', 0x22901, 0x0) ioctl$auto(r7, 0x5522, 0xf15) ioctl$auto(r7, 0x5521, r7) 7.803358689s ago: executing program 1 (id=652): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x4000, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) move_pages$auto(0x0, 0x8000000000000001, 0x0, &(0x7f0000000c40)=0x8, 0x0, 0x1) ioctl$auto(0x3, 0xae60, 0x10000000000402) adjtimex$auto(0x0) socket(0x2b, 0x1, 0x1) mknod$auto(0x0, 0x63c1, 0x7ff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/path_max\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000000c0)=""/17, 0x11) 6.891362722s ago: executing program 1 (id=654): sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYRES16=0x0, @ANYBLOB="080028bd7000fddbdf2503000000080006"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x405b) r0 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000002f80)='/sys/kernel/debug/ieee80211/phy0/aql_enable\x00', 0x802, 0x0) write$auto(r0, 0x0, 0x3) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc005}, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0xa, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r2}, 0x6a) bind$auto(0x3, &(0x7f0000000000)=@sco={0x1d, @none}, 0x6c) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8000, 0xe9) recvmmsg$auto(0xffffffffffffffff, 0x0, 0x17, 0xe, 0x0) msgctl$auto_MSG_STAT_ANY(0x3, 0xd, &(0x7f0000000480)={{0x7, 0xee00, 0x0, 0x5, 0xf6d6, 0xcae, 0x6}, &(0x7f0000000400)=0x7, &(0x7f0000000440)=0x8, 0x80000001, 0x9, 0xea6, 0x0, 0xffff, 0x5, 0x69, 0x9, @inferred=0xffffffffffffffff, @inferred=0xffffffffffffffff}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xe}, 0x1, 0x0, 0x6, 0x9}, 0x7}, 0x803, 0x0) r3 = setfsuid$auto(0x0) r4 = semctl$auto_IPC_STAT(0x8, 0xe1, 0x2, 0x6) msgctl$auto(0x7, 0x7, &(0x7f0000000280)={{0xec, r3, 0x0, 0xc17, 0x10000, 0x8, 0xae}, &(0x7f00000000c0)=0x5, &(0x7f0000000240)=0x6, 0x9, 0x1, 0x9, 0xdf5, 0x2, 0x1, 0x8, 0x10, @raw=0x9, @inferred=r4}) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={0x0, 0xf}, 0x6, 0x0) shmctl$auto_IPC_SET(0x1, 0x1, &(0x7f0000000700)={{0x5, 0xffffffffffffffff, 0xee00, 0x7f, 0xffff, 0x10001, 0x2}, 0xa19, 0x70000000, 0x4bb3, 0x5, @inferred=0xffffffffffffffff, @raw=0x22, 0x6, 0x0, &(0x7f0000000300)="944d58e739932242b6aad9ca9e5a3017c565edfe6ab203333201f8c95e188da8a272d6cd021f35c396392e41ed109eb5b86f597b075b31a8166a9fd21a2e79dd9f000000000000beca2130773f36990ad553522c001b00ab8f605203cb32f5addf0d516d894ed5fb1278002da76538584ec129a6cf890ee9eb8f08b36d09302db0eecffbd9eb6a9f86f8ddea5d076b013d8cc8be4c9874ef30b1520b99fcdae0fbb72a649249afcc000000006ea03fb1f7855b6941fa6ac5b61d0fc6f25c2a4e56b78f267c1f01bf9e8ec83077a3f2bc99ee3ab81ad1a644aa873692c5", &(0x7f0000000600)="5bacf1f35e81fe837cab16ebc63cc03c7bbcc35d885d09df3cd114f37f08ae783b4edb3dc4f7237caa54a78bbfc6ba9f04db426eb21ef5b18ee5df4b1eacc7b418cef447ae213a090fd890e82907ca1fbd6f15e5b62507015b40f8864287b0d1dd5ccf9ae9cfc7db4daf2110d77b2cd0a11e260550ac754d5fd7e4f02eb4af83e07eee4e2b47ead44ed64d8c3ac1e654025f8488edb7af71dc28fd432445ed2ea3ed538ebc8339600780c58f9493008828c08995b6197f488c41a9d096ab95d89854ebbffb82a15e01c13b5ea696258f1eb247d12026e0d963ef977ed9abd050c3df927654b9dd5697bf239e2f125766aed20865c5"}) msgctl$auto_IPC_STAT(0x0, 0x2, &(0x7f0000000800)={{0x3, 0xee01, 0xee01, 0x9, 0xb, 0x3ff, 0x7}, &(0x7f0000000780)=0xfe, &(0x7f00000007c0)=0x2, 0x2, 0x0, 0x8000, 0x20, 0x7, 0x2, 0x5, 0x5}) shmctl$auto_SHM_STAT(0x9cb, 0xd, &(0x7f00000009c0)={{0xffff, 0xee01, 0xee01, 0x3, 0x7f, 0xffffffff, 0x31}, 0x73b, 0xff, 0x100, 0x5, @raw=0xfffffeb1, @inferred, 0x7, 0x0, &(0x7f0000000880)="dd55bc0a5922c28f01007eaeed4fbd4aa40528cf49154242baf6c2ad6d2b97fd759c90d2d2d36a98d976a6a74390aa5b0e192c723342fe0a7c5153560a6573962f737783a60eb2ca8c7712362392f9e2ca2857b014f2720fd7e5d252564d52935b94622a782a66dc8062c670", &(0x7f0000000900)="02710d9fe73e59fb3bf9452bf724984bb1ccd8f271877d5b646bbe2995bf856dc45918c0f0e8370e472e77e3b324386fc37449fa98b829da8a2be43e0f85443a1aeddd3beb1d074899daf5112198f21903d5ae9d81afcce34c30c4687671e216845b0437b127b21a822e110c4266f54622d7013e92064a6780c83c16777332becc947cd7d3f71f61de379ec73e6031c054aa6f76a5811a"}) syz_clone(0x6002400, &(0x7f0000000a40)="6990a45b520b0fea03d2ff8eaa2ea45e6fecfcca2729d64b3de4c65670", 0x1d, &(0x7f0000000a80), &(0x7f0000000ac0), &(0x7f0000000b00)="6d0acdacbc29388311b4dd64ca1b8443785bc20ccb4c593393560cc68fcc79980b8d362884f362682e0025179264df544dd22b47c861ff7d33ffffaf3c37dedaf421c7054ba4a88c6b6ff48c8932e2b35e0602c080abcdb7eb3728e1740e8c7934718cb1d17182b92630e081cec30f631be70d315eefb39bf14d2d4b136ba527b4ec3e5185a63ffb96a725d63afea862dda7f10440f9fdf474d8bba1fa13094f10c4151a3ea73989740f5ed80a2db67787b55cfcad6c8d5d8277d8363266bf") 6.339437893s ago: executing program 2 (id=655): prctl$auto_PR_SET_MM(0x23, 0x800, 0x0, 0x9, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyte\x00', 0x80, 0x0) r0 = socket(0x2, 0x801, 0x6) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'team_slave_1\x00', 0x0}) r3 = geteuid() mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) connect$auto(0x4, 0x0, 0x10) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) recvmsg$auto(0x4, 0x0, 0x33c) sendmsg$auto_NL80211_CMD_REQ_SET_REG(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000001180)=ANY=[@ANYBLOB="1c060000", @ANYRES16=0x0, @ANYBLOB="01002bbd7000fddbdf251b00000008000300", @ANYRES32=r2, @ANYBLOB="0c0025800800da003f9cdfb7d0273784f8bace259c9c7feb0540db1fb8692d89677b1b3071c2fcdbbb07e69a0a18c36bfb26b3d388b854beac129cc567ef6bbe04144bdb51578539e264935813cd2ee65fb5736e0df3b127a51bdb7125c2af7e6f5e4ac82ad5c8842116125aa48042c261483206ccae2e120f93059ccae8ed1e4cc5cfbe49aa4108a7e0268d62fccce35fb9f8f8a097", @ANYRES32=r3, @ANYBLOB="f4055080ed0504805f1d5432692e50e634431d508941b53ab142764325405173164614035ab1f96dbbb3fec0e2bdf4eb5a8e6392ec954e7191f425f3f3aa18ddcb453bc546a92cfee95866e1b5a7f69cf39eceb4a85fdcfb794be81100d3007465616d5f736c6176655f31000000009701828042003a00398e967e965aa4503e74e44abbb726e746b6b8c52a2b9b79878bca13c3cb56ff215e10137cb8546823e94ffa04bd5fe69233e74daaba10cc70548a0ac4b8000076fbf41e2d46b28c1ccbd84818f05a99fa13b98572f40729c63458f95645e7dc9301366abd8d2eca16974673f78e142f7736a044bfe9af2cedea51b98f094a3b775575c418052c0ba1a9a4b27e6b85e4afe365593feb37b29eed39372046eeb93a26bb34cd2c86a561d574137d127c4b2259b5855368c34987ed09a631896559639985926471f5dfb2abd0fe7f41a00c90f2bb97c8fac23535b49696cc923a5a3c785293af9b60772b8d1b3c83879a3c1801462dfa478cf7d0a0e6aa02d2e1af908d6b0698ff2fd3ac19644d00f658e87ba9735acc91e31d7c6a7129b444871eaa7a4b107dcba2b9fc34614739284519aff365c66e89c7849f5fcf9d0c3e72511208000c00e00000017a9000021308801575071154f941f116a4ea5a6218ab41389fa0ac51e8a3bf869fabe3a3a869eb4447f1025dc28223c3876838d52ef356e84a73f13e264c2d31a90b6fffae1a00fbf046543da95d4eda66e22abc3e04ffba52c81360b8b6adabce9030bb60646399b62e1a349b947821dd857f8a15ec1db52e69aa3358cc989c1fe3332ef5bfe8d6c5e452d9ecfa64f1851ce9d9b31d1b7b10762a940af2c1a1c89ea3615086e2bcf92bba2949ecbbfb740d95bf77fd011f602b8bf3d9ec89e5a989c53c01157a93cbc0ad478b14185e0ff769ece6fba6f397f95675c30228877c00467c49cc53a7b0e386c0acecab28a339d2e67696864484e280cd03a99d87eabf2aeb1b41ee754a92f76ae959bf38da9f33accd81ccbb2a67b6b0613a09524b1b5901b90c8d0f81a369438a030344807302cca226c06fe65c5492dfbec6d64847c70b56c20b1f4ce66ee54e7e04deb64831abc9074f403a6a78dff7dd7750fd20a25da560339705a859a0dd462286e531b0f31143936027950aa32dc23884d83945c496b1997aa498b92a3d91c524ad02debf540a1fa2d656a2cbabf7c1909722763db22173ccd204a5eb0b1062ee04b037f5612cfe72ee2210839384d2216ba584bc8865cdf4d1115bc683e37c40aaae2ba132c3295f4d3aa2335acea0501d640a049b82954a1380a1f7707d914cd2552a751b827603028cdd841153791d0eeb87e1171266c5b44841db7615e654cae9ed1e27525748ccdd39f60a6fac969b518c746073b0ad71537e0a6beee3e90a3adfd063fd26242a71ac4c1091a5636ef6726e8b7360ed546a1f02c8ea50c8dc805ed45f198dd7848939d866f66289694b6ab3a028de2afe7fa2c01af8670ce7a49663905988cb1c27467ff7b4d987983d8534d28774c23c4d39323833f2366ed5a244fa7694de89018c800e1f5c291fb52c63ae6e3b66b3a7f91386d7668933bf20a7a5da0fe136b68077191b271c8cbbb6ec506abd8b89b8ea7e25d40097b146abfe562a74699929836248bdaed49f89e24495f4fb973ff47fb591e6e7b91c070dab5b20b96a4c474762c034927f782363b86977eb3f0302b8744d1e1928e0588009ef230229ffb2dae0560b0e4dfe3b64d78f6bcd72d51d1751d2f1af0052008fdec358082daa8c7fbf291106422d8b0bbfd548f914d840b132c0ba7eef7129a403501f6a84f9c96cbac2eed87022032d5228ed33a3041f1350a04b80a3d42d1772d5f116f28264eb8ca527186f9a5fd1f160ae7446d4af57a3030ca735d9d41d70fb8c67a39e1feb0df9f2b3468cd29f42d4aedd7c121a346d9b38de97315e0b1d903a281bed5586f55284f518a7825c64ace33c238e342ddd9638473465809330492e733bcdafc06c6900eb59b69c59a7b44e629ffc176cb1431000b62091802d9a5a93aff1ef89c8316bdcb567c4b45a346b3980220b04a53304df79954276ba8c5f7aea7366146ab6a629bffd0000000c00a1800800d500", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00'], 0x61c}, 0x1, 0x0, 0x0, 0x814}, 0x80) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x9, 0x800000000df, 0x9b72, 0xea8a, 0x8000) setresgid$auto(0xa05, 0x4, 0x0) setfsgid$auto(0x0) futex$auto(&(0x7f0000000080)=0x2948, 0x0, 0x2948, 0x0, 0x0, 0x80) futex$auto(&(0x7f0000000080)=0x3, 0x3, 0x8, 0x0, 0x0, 0x440a48d3) ioprio_get$auto(0x360, r3) setuid$auto(r3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0x2505}, 0x7fe}, 0x4, 0x1000) socket(0xf, 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEC_SET(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000007c0)={0x24, r5, 0x1, 0x70bd25, 0x25dfdbff, {}, [@ETHTOOL_A_FEC_AUTO={0x5, 0x3, 0x2}, @ETHTOOL_A_FEC_MODES={0x8, 0x2, 0x0, 0x1, [@typed={0x4, 0x11d}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0xac8fe2812c61ec00) socket(0x10, 0x2, 0x0) 5.656603604s ago: executing program 2 (id=657): r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000680)='/dev/sg0\x00', 0x20000, 0x0) ioctl$auto_BLKTRACESTART2(r0, 0x1274, 0x0) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x22a40, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x454, 0x9) 5.273529414s ago: executing program 2 (id=658): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) open(0x0, 0x591002, 0x408) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) r0 = socket(0x2, 0x6, 0x0) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0xfffffff9, &(0x7f0000000100)={0x0, 0xcc98}, 0x3, 0x0, 0xab15, 0x7fff}, 0x86}, 0x7, 0x1360, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x988c0, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) semget$auto(0xffffff81, 0x4, 0x7) fadvise64$auto_POSIX_FADV_RANDOM(0xffffffffffffffff, 0x2, 0x5915007, 0x1) syz_genetlink_get_family_id$auto_net_shaper(0x0, r0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x42201, 0x0) openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000180), 0x142, 0x0) io_uring_setup$auto(0x9, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x2}, 0x7) r3 = socket(0x1d, 0x3, 0x1) bind$auto(0x3, &(0x7f0000000040)=@can, 0x6a) setsockopt$auto(r3, 0x65, 0x1, 0x0, 0x0) sendmsg$auto_NL80211_CMD_DEL_STATION(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x4) close_range$auto(0x2, 0xa, 0x0) io_uring_setup$auto(0x6, 0x0) rseq$auto(&(0x7f0000000340)={0xe, 0x401, 0x0, 0x806, 0xffffffff, 0x2}, 0x8000, 0x0, 0x8000006) r4 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aab4) flock$auto(r4, 0x1) r5 = open(&(0x7f0000000040)='./file0\x00', 0x4242, 0x40) flock$auto(r5, 0x2) 5.271512198s ago: executing program 1 (id=666): capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000100)='ns/net\x00') ioctl$NS_GET_PARENT(r0, 0xb702, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) mprotect$auto(0x0, 0x806121, 0x6) 5.201465505s ago: executing program 0 (id=659): r0 = dup$auto(0xffffffffffffffff) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'pim6reg1\x00', 0x0}) sendmsg$auto_ILA_CMD_FLUSH(r0, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0x50, 0x0, 0x2, 0x70bd29, 0x25dfdbfe, {}, [@ILA_ATTR_CSUM_MODE={0x5, 0x7, 0x5}, @ILA_ATTR_IFINDEX={0x8}, @ILA_ATTR_LOCATOR={0xc, 0x1, 0x8000000000000001}, @ILA_ATTR_LOCATOR={0xc, 0x1, 0x3}, @ILA_ATTR_LOCATOR={0xc}, @ILA_ATTR_IFINDEX={0x8, 0x4, r1}]}, 0x50}, 0x1, 0x0, 0x0, 0xa0}, 0x4044814) r2 = socket(0x80000000000000a, 0x2, 0x0) getsockopt$auto(r2, 0x88, 0x64, 0x0, 0x0) pidfd_send_signal$auto_SIGCONT(r0, 0x12, &(0x7f0000000040)={@_si_pad}, 0x1) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio0/set\x00', 0x80302, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000004180)='/dev/snd/controlC2\x00', 0x0, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vidtv.0/i2c-0/0-0068/name\x00', 0x18b080, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000001180)=""/187, 0xbb) ioctl$auto(0xffffffffffffffff, 0x4, r3) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/smaps_rollup\x00', 0x0, 0x0) sendmsg$auto_TIPC_NL_SOCK_GET(r5, &(0x7f00000022c0)={0x0, 0x0, &(0x7f0000002280)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="8d4329bd7000"], 0x14}, 0x1, 0x0, 0x0, 0x42010}, 0x8cc) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x25, 0x5, 0x0) socket(0x2, 0x6, 0x0) getsockopt$auto_SO_INCOMING_NAPI_ID(r0, 0x2, 0x38, &(0x7f00000000c0)='/sys/devices/platform/vidtv.0/i2c-0/0-0068/name\x00', &(0x7f0000000140)=0x6) read$auto(0x3, 0x0, 0xf34) r6 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x169000, 0x0) ioctl$auto(r6, 0xc0445624, r6) write$auto(0x3, 0x0, 0xfdef) sendfile$auto(r3, r3, 0x0, 0x3) 4.966731916s ago: executing program 3 (id=660): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x4040, 0x0) ioctl$auto(r0, 0x1261, 0xa742) 4.831134553s ago: executing program 1 (id=661): openat$auto_memtype_fops_memtype(0xffffffffffffff9c, &(0x7f0000000040), 0x200240, 0x0) set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) move_pages$auto(0x0, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) setsockopt$auto(0x3, 0x0, 0x60, 0x0, 0x10001) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0xa, 0x801, 0x84) clone$auto(0x20003b46, 0x1, 0x0, 0x0, 0x20000000020002) rseq$auto(&(0x7f00000002c0)={0xd, 0x400, 0x0, 0x20006, 0xffffffff, 0x2}, 0xfffffff4, 0x0, 0x7) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$auto(0x3, 0x541b, 0x10000000000402) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7ffd) ioctl$auto_TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) ioperm$auto(0x7, 0x6, 0x1) pselect6$auto(0x4, 0x0, &(0x7f0000000180)={[0x2, 0x9, 0x2da0000, 0xff, 0x1000101, 0x1c00000, 0xa1, 0x4, 0xfffffffffffffffe, 0x8, 0x4, 0x9, 0x1, 0x0, 0xe, 0x80000001]}, 0x0, 0x0, 0x0) set_mempolicy$auto(0x8003, 0x0, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x4, 0x0) openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000011500), 0x40002, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20c40, 0x0) socket(0x2, 0x801, 0x6) openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x1690c0, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0xa200, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x103400, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x880, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x46dc2, 0x120) 4.151447607s ago: executing program 3 (id=662): r0 = openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000001680)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x2, 0x0) write$auto_uprobe_events_ops_trace_uprobe(r0, &(0x7f0000000000)="706f3a82d9e5cc7c2ceda8d50bfc94be9fe6c22ffaf8493a38", 0x19) (fail_nth: 3) 4.064954211s ago: executing program 2 (id=663): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x48800, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x24, r2, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0xfffffffc}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0xffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x4002000}, 0x40010) write$auto_console_fops_tty_io(r0, &(0x7f0000000440)="671d264add69b6440843b6e6688a2b5ad9df2669e6f9cd236532b20ed763ac8caf4b9b4c", 0x24) 2.932529124s ago: executing program 3 (id=664): r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000680)='/dev/sg0\x00', 0x20000, 0x0) ioctl$auto_BLKTRACESTART2(r0, 0x1274, 0x0) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x22a40, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1ff, 0x7c9, 0x25, 0x4909b6f5, 0x1ffde, 0x7, 0x6, 0x20000009, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x3, 0x0, 0x1000, 0x22000, 0x200, 0x0, 0x84, [0x20000003, 0x8000003, 0x0, 0x50100000000000, 0x0, 0x2000, 0x0, 0xe, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0x0, 0x4000, 0x0, 0x2, 0xfffffffffffffffd, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x1, 0x10000000000, 0xffffffffffffffff, 0x4, 0xfffffffffffeffff, 0x0, 0x292, 0x0, 0x400000000005b8, 0x8, 0x0, 0x200000000, 0x0, 0x6, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0x8000000000000000, 0x9, 0xa38, 0x0, 0x3, 0xfffffffffffffff9, 0x2, 0x1, 0x7]}, 0x1fe, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r1 = socket(0x10, 0x2, 0x0) setsockopt$auto_SO_RXQ_OVFL(r1, 0x1, 0x28, 0x0, 0x7) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000140), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/netfilter/nfnetlink_queue\x00', 0x101000, 0x0) socket(0x10, 0x2, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = clone$auto(0x7fff, 0x200, 0x0, 0x0, 0xf) sendmsg$auto_NBD_CMD_CONNECT(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000380)={0x2ec, 0x0, 0x800, 0x70bd28, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x2d8, 0x7, 0x0, 0x1, [@nested={0x15b, 0xa1, 0x0, 0x1, [@nested={0x4, 0xc5}, @typed={0x88, 0x88, 0x0, 0x0, @binary="5d04a4987524b26c9046a2ec5911fee76ddc08d4083d1369287098249b376ebdbb78b5ed281a7e5a320e82884a82de33db8bb3ea06abb42175867306e230cfdb10806006030f8f1d981013a7c58d01804bf325f8e7a9da356744a5b0e5f79df1c8803a63ed71cfb2d9a8eb0780de77cac276e5b95d6609406526dbeaae91c9989e10bf21"}, @generic="f87e2dfbcd179336dfadb60cd4c90dedc080a2e47e9e5bc986ad8d9b483df8e26a37f1dfe5bab6940058d8297d26a68b4e3cb5ec8db2ca2374d9a0c60e1f465331f2ac8fc1257cf3df925ce7238314927a8084fae595ca4c649e80bed5a808919c41e757920f6bac2cb9a6c25c86dee3161060cd4a8dbec76b3d01e64eb7645d2d60fe08304960515a66ccc385fb3ee2ad5d996bdd85c23c678cf11a7cc06685cf82a5f612c958a211097d70402f433333e3ac7027ee4b17f3497aab76ee5cd42eca1ea602b2c9cd7a9f25"]}, @nested={0x175, 0x1f, 0x0, 0x1, [@nested={0x4, 0x82}, @typed={0x8, 0x102, 0x0, 0x0, @ipv4=@multicast1}, @generic="847575d56b312cd2ab8fcb45ef382ef9821812c517d8afa444c893118db10ed7f5d7537608a8d9e52aa6e3fe38bc37f09ec61da4846353190a9eb333f25cd0f0e2fd5cabd99ee9c22aa078930d9577787bfe4e244c43e9c22855056c53a4e4ce2e07fcfff244ebad2a6a0a571e6ad1", @typed={0x8, 0x2d, 0x0, 0x0, @pid=r2}, @generic="1e777e22b6d1a25eacef898f80afee57b4f91255a365651aa53b69c1b746855741546d8d988d7574963ce01192d6b9a60e921e34667514c0bcf3117bbe5a42591d027e87ac03e432e666909fb616fb5cd85e11d1d6ae8b6d0773262b60b76d65efc4d8e9f4d2cf09da61a739855990953d4d7cf2ec387cb8ed7f55b5df0fc8136f376a951b2e0eca280a4eb85101895538d887cc0552b9f51b5ec95d2992261edbbe346260a42435779cd97622469b018f82bf600e28a4e9a12e", @typed={0x4, 0xad}, @typed={0x2d, 0x1c, 0x0, 0x0, @str='/proc/self/net/netfilter/nfnetlink_queue\x00'}]}]}]}, 0x2ec}, 0x1, 0x0, 0x0, 0x14040015}, 0x800) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4000804) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x48, 0x80000000fffffffd, 0xfbc, 0x0, 0x0, 0x0, 0x6, 0x6, 0x8, 0x5, 0x7fffffff, 0x0, 0xffffffff80000000, 0x5, 0x61, 0x9}) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) r4 = socket(0xa, 0x3, 0x3a) getsockopt$auto(r4, 0x29, 0xd1, 0x0, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x454, 0x9) 2.610388744s ago: executing program 3 (id=665): r0 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x2100, 0x0) unshare$auto(0x40000080) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) mount$auto(0x0, &(0x7f0000000300)='./file0\x00', 0x0, 0x313826de, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/netdevsim0/del_port\x00', 0xa001, 0x0) write$auto(r1, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xc0\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc76\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x009\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x99\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\x00\x02H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb\x00'/525, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) readv$auto(r0, &(0x7f0000000700)={0x0, 0x9}, 0x1) 2.344102065s ago: executing program 1 (id=667): r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000680)='/dev/sg0\x00', 0x20000, 0x0) ioctl$auto_BLKTRACESTART2(r0, 0x1274, 0x0) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x22a40, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x454, 0x9) 1.973751066s ago: executing program 2 (id=668): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x2, 0x3, 0xa) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) setsockopt$auto(r0, 0x0, 0x19, 0x0, 0x9) (fail_nth: 1) 956.637872ms ago: executing program 2 (id=669): unshare$auto(0x40000080) mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/vm/min_free_kbytes\x00', 0x202, 0x0) pwrite64$auto(r0, &(0x7f00000000c0)='/proc/sys/useb/map_fqnotify_g\x03oups\x00\x1e\xb5\xfe\xbe`\x19\xfb\xe8:\xbc\xa8u\xe4j%\x1e=\xf7\xcd\xa90I\xd1 \xe3@\xc6d.{\xb7\xed\x16\xc0\xd5\xac/\x9f|\xcb\x9a(\x05\xb8t\a^L\x86\x8aE\xb5\x83\x0f\x85\"\x86zO)\xe3\xa3\x19\xfb\xd3$?\x11\aM\xf3\x04\xbdv \xc0\x92\xcd\x06\\PJ\xf0\xbb7\xaa\xd6\x87L\xd6\xe4\xb660\xb68o\x92\xc0\xfezlPVM\xbb>E\xc4#\xe8+;\x05\x18]\b\x93\xb7\xefl%X\xbd\xa8\x9e\x17\xee\xc0\xde\xf0\xbb\xfc$\x9d.`\x04@)\xe2\xe1\xd8ja!K\xbd\x97\x1f\xbe\x1d\xd4-s\xcdg\x14\xf5\xd9\xde\xda\x88\x9c\xf3[:h\'\xd8\xff\xb4\xb2/\x1b{\xa9^\x90\x1d\x12\xe0\xfe\xea\xfc', 0x8, 0x4000000001) ioperm$auto(0x5f0, 0x80, 0x2) close_range$auto(0x2, 0x8, 0x0) write$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffffff, &(0x7f0000000380)="a05e9e6e0199c20ed207d4e00a015b0f0d21cb3ab57f6ccdc87f37fbdbf3f78dfca798af047a610d4c208566aa5a1cdaf9e275116e0c143750910591a2ce7c7d8f3f21e0adb69fca21c99cdbb16f3c68be34f98d4435789c31f5aef018770068c3889217458bfd88212e1da88549991c3ecbeca0f48227e3e18b307b7ac824844ecc660d3fdadff2f064878e41c8d876550db4b394f9aec196d413ab1920e3d6959f21c5fa369c329668a0cf871c67f1292b7584dc87c965d26d31ee90629ed6bdb1ed8da4f9", 0xc6) listen$auto(0x3, 0x81) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000003b00), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6gretap0\x00', 0x0}) sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r1, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000003bc0)={&(0x7f0000003b80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd7000fedbdf258800000008000300", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x4000084}, 0x180c0) mmap$auto(0x0, 0x20007, 0x80000000004000df, 0x10004000eb1, 0x8, 0x8000) semctl$auto(0x8001ff, 0x2, 0x13, 0x7) r4 = socket(0x15, 0x5, 0x0) setsockopt$auto(0x3, 0x114, 0x6, 0x0, 0xa0) select$auto(0xd, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x5, 0x3, 0xff, 0x2000000000000002, 0x9, 0xfffffffffffff761, 0x103, 0xa, 0x4, 0x7fff, 0x5, 0x4006]}, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r5 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) fanotify_init$auto(0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) r6 = socket(0x10, 0x2, 0x0) sendfile$auto(r4, 0x3, 0x0, 0x2) sendfile$auto(0x1, 0x3, 0x0, 0xc01) sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="1b000000", @ANYBLOB="1a00279e"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/flags\x00', 0x101142, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_USER_PVERSION(r5, 0x40045702, 0x0) r7 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/026/001\x00', 0x22901, 0x0) ioctl$auto(r7, 0x5522, 0xf15) ioctl$auto(r7, 0x5521, r7) 887.88975ms ago: executing program 3 (id=670): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/tracing_cpumask\x00', 0x8042, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0x2, 0x6, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/rpc/auth.unix.gid/content\x00', 0x20000, 0x0) socket(0xa, 0x2, 0x73) open(0x0, 0x121342, 0x100) inotify_init1$auto(0x3000000000000) socket(0xa, 0x2, 0x3a) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000400), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010b27bd7000fda5c5a62073660008000300", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4040080) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x1c8340, 0x0) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x482, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xa0e00, 0x0) socketpair$auto(0x1e, 0x9, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80106f53, r4) 368.906217ms ago: executing program 3 (id=671): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/tracing_cpumask\x00', 0x8042, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0x2, 0x6, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/rpc/auth.unix.gid/content\x00', 0x20000, 0x0) socket(0xa, 0x2, 0x73) open(0x0, 0x121342, 0x100) inotify_init1$auto(0x3000000000000) socket(0xa, 0x2, 0x3a) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000400), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010b27bd7000fda5c5a62073660008000300", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4040080) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x1c8340, 0x0) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x482, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xa0e00, 0x0) socketpair$auto(0x1e, 0x9, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80106f53, r4) 0s ago: executing program 1 (id=672): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x4040, 0x0) ioctl$auto(r0, 0x1261, 0xa742) kernel console output (not intermixed with test programs): 6081 - 0 [ 101.939925][ T5839] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.992380][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 102.009660][ T5836] veth0_macvtap: entered promiscuous mode [ 102.030182][ T5836] veth1_macvtap: entered promiscuous mode [ 102.110157][ T5838] veth0_vlan: entered promiscuous mode [ 102.137585][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.148072][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 102.157283][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.169154][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.184899][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.207962][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 102.218632][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.231058][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.241182][ T5838] veth1_vlan: entered promiscuous mode [ 102.270526][ T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.280534][ T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.292148][ T5836] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.306457][ T5836] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.315895][ T5836] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.324822][ T5836] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.388194][ T5837] veth0_vlan: entered promiscuous mode [ 102.441897][ T5837] veth1_vlan: entered promiscuous mode [ 102.506422][ T5839] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 102.560698][ T5838] veth0_macvtap: entered promiscuous mode [ 102.572723][ T5838] veth1_macvtap: entered promiscuous mode [ 102.601496][ T5837] veth0_macvtap: entered promiscuous mode [ 102.627841][ T1312] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.628889][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 102.656728][ T1312] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.669985][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.681164][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 102.705200][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.717526][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.740279][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 102.751602][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.762662][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 102.773572][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.794313][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.820086][ T5837] veth1_macvtap: entered promiscuous mode [ 102.835512][ T5838] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.849962][ T5838] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.860820][ T5838] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.876287][ T5838] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.938955][ T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.955323][ T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.959920][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 102.978743][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.988787][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 103.000189][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.010123][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 103.028375][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.049744][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 103.114320][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 103.143663][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.156000][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 103.174431][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.185945][ T5846] Bluetooth: hci3: command tx timeout [ 103.191940][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 103.207852][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.225512][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 103.267316][ T5846] Bluetooth: hci0: command tx timeout [ 103.271146][ T5851] Bluetooth: hci1: command tx timeout [ 103.272762][ T5846] Bluetooth: hci2: command tx timeout [ 103.289947][ T5837] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.313179][ T5837] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.327490][ T5837] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.337334][ T5837] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.433414][ T2139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.461617][ T2139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.468483][ T5909] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 103.676556][ T1312] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.688210][ T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.706071][ T1312] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.731203][ T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.821787][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.877502][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.187119][ T5917] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1'. [ 105.264045][ T5846] Bluetooth: hci3: command tx timeout [ 105.344814][ T5846] Bluetooth: hci2: command tx timeout [ 105.354353][ T5846] Bluetooth: hci1: command tx timeout [ 105.354440][ T5851] Bluetooth: hci0: command tx timeout [ 105.410186][ T5935] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7'. [ 105.601107][ T5940] FAULT_INJECTION: forcing a failure. [ 105.601107][ T5940] name failslab, interval 1, probability 0, space 0, times 1 [ 105.671650][ T5940] CPU: 1 UID: 0 PID: 5940 Comm: syz.3.8 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 105.671691][ T5940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 105.671712][ T5940] Call Trace: [ 105.671722][ T5940] [ 105.671736][ T5940] dump_stack_lvl+0x16c/0x1f0 [ 105.671787][ T5940] should_fail_ex+0x512/0x640 [ 105.671823][ T5940] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 105.671901][ T5940] should_failslab+0xc2/0x120 [ 105.671931][ T5940] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 105.671985][ T5940] ? __request_module+0x2cb/0x690 [ 105.672025][ T5940] kstrdup+0x53/0x100 [ 105.672056][ T5940] __request_module+0x2cb/0x690 [ 105.672090][ T5940] ? __pfx___request_module+0x10/0x10 [ 105.672128][ T5940] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 105.672182][ T5940] ? __up_read+0x1f8/0x750 [ 105.672219][ T5940] ? __pfx___up_read+0x10/0x10 [ 105.672263][ T5940] ? ctrl_getfamily+0x1cb/0x540 [ 105.672304][ T5940] ctrl_getfamily+0x1e9/0x540 [ 105.672336][ T5940] ? __pfx_ctrl_getfamily+0x10/0x10 [ 105.672371][ T5940] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 105.672428][ T5940] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 105.672494][ T5940] genl_family_rcv_msg_doit+0x206/0x2f0 [ 105.672551][ T5940] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 105.672603][ T5940] ? __pfx___mutex_lock+0x10/0x10 [ 105.672648][ T5940] ? genl_get_cmd+0x194/0x580 [ 105.672710][ T5940] ? __local_bh_enable_ip+0xa4/0x120 [ 105.672752][ T5940] ? __dev_queue_xmit+0x896/0x43e0 [ 105.672785][ T5940] ? __radix_tree_lookup+0x21f/0x2c0 [ 105.672832][ T5940] genl_rcv_msg+0x55c/0x800 [ 105.672866][ T5940] ? __pfx_genl_rcv_msg+0x10/0x10 [ 105.672893][ T5940] ? __pfx___dev_queue_xmit+0x10/0x10 [ 105.672928][ T5940] ? __pfx_ctrl_getfamily+0x10/0x10 [ 105.672964][ T5940] ? __lock_acquire+0xaa4/0x1ba0 [ 105.673001][ T5940] netlink_rcv_skb+0x16a/0x440 [ 105.673060][ T5940] ? __pfx_genl_rcv_msg+0x10/0x10 [ 105.673088][ T5940] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 105.673148][ T5940] ? __pfx_down_read+0x10/0x10 [ 105.673196][ T5940] ? netlink_deliver_tap+0x1ae/0xd30 [ 105.673242][ T5940] genl_rcv+0x28/0x40 [ 105.673293][ T5940] netlink_unicast+0x53a/0x7f0 [ 105.673340][ T5940] ? __pfx_netlink_unicast+0x10/0x10 [ 105.673394][ T5940] netlink_sendmsg+0x8d1/0xdd0 [ 105.673443][ T5940] ? __pfx_netlink_sendmsg+0x10/0x10 [ 105.673499][ T5940] __sys_sendto+0x495/0x510 [ 105.673533][ T5940] ? __pfx___sys_sendto+0x10/0x10 [ 105.673579][ T5940] ? count_memcg_events_mm.constprop.0+0x138/0x340 [ 105.673638][ T5940] __x64_sys_sendto+0xe0/0x1c0 [ 105.673670][ T5940] ? do_syscall_64+0x91/0x260 [ 105.673712][ T5940] ? lockdep_hardirqs_on+0x7c/0x110 [ 105.673752][ T5940] do_syscall_64+0xcd/0x260 [ 105.673797][ T5940] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.673826][ T5940] RIP: 0033:0x7f8eda78effc [ 105.673850][ T5940] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 105.673877][ T5940] RSP: 002b:00007f8edb524ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 105.673904][ T5940] RAX: ffffffffffffffda RBX: 00007f8edb524fc0 RCX: 00007f8eda78effc [ 105.673923][ T5940] RDX: 000000000000001c RSI: 00007f8edb525010 RDI: 0000000000000002 [ 105.673939][ T5940] RBP: 0000000000000000 R08: 00007f8edb524f14 R09: 000000000000000c [ 105.673955][ T5940] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 105.673971][ T5940] R13: 00007f8edb524f68 R14: 00007f8edb525010 R15: 0000000000000000 [ 105.674007][ T5940] [ 106.172121][ T5935] team0: Port device team_slave_0 removed [ 106.432727][ T5940] netlink: set zone limit has 8 unknown bytes [ 107.125102][ T5964] Zero length message leads to an empty skb [ 108.803704][ T5982] ip_vti0: entered allmulticast mode [ 109.613823][ T5995] erspan0: entered allmulticast mode [ 110.241726][ T5993] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 110.299505][ T5993] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 110.438682][ T5993] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 110.498323][ T5993] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 110.509863][ T5993] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 110.558209][ T5993] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 110.578081][ T5993] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 110.596446][ T5993] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 110.609935][ T5993] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 110.645608][ T5993] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 110.653543][ T5993] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 110.709323][ T5993] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 110.908500][ T6010] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(8196.0.1), cmd(17) [ 112.143421][ T5851] Bluetooth: hci0: command 0x0c1a tx timeout [ 112.345952][ T6037] process 'syz.1.26' launched './file0' with NULL argv: empty string added [ 112.543525][ T5851] Bluetooth: hci3: command 0x0c1a tx timeout [ 112.623809][ T5851] Bluetooth: hci2: command 0x0c1a tx timeout [ 112.703372][ T5851] Bluetooth: hci1: command 0x0c1a tx timeout [ 113.398957][ T6052] netlink: 342 bytes leftover after parsing attributes in process `syz.3.32'. [ 113.754168][ T6059] bridge0: port 3(team0) entered blocking state [ 113.772464][ T6059] bridge0: port 3(team0) entered disabled state [ 113.793584][ T6059] team0: entered allmulticast mode [ 113.798757][ T6059] team_slave_0: entered allmulticast mode [ 113.818389][ T6059] team_slave_1: entered allmulticast mode [ 113.828463][ T6059] team0: entered promiscuous mode [ 113.837278][ T6059] team_slave_0: entered promiscuous mode [ 113.846220][ T6059] team_slave_1: entered promiscuous mode [ 113.872247][ T6059] bridge0: port 3(team0) entered blocking state [ 113.878902][ T6059] bridge0: port 3(team0) entered forwarding state [ 113.893142][ T6065] netlink: 338 bytes leftover after parsing attributes in process `syz.1.36'. [ 113.920151][ T6065] netlink: 338 bytes leftover after parsing attributes in process `syz.1.36'. [ 113.924531][ T6059] netlink: 330 bytes leftover after parsing attributes in process `syz.0.34'. [ 114.226688][ T5851] Bluetooth: hci0: command 0x0c1a tx timeout [ 114.626929][ T5851] Bluetooth: hci3: command 0x0c1a tx timeout [ 114.716445][ T5851] Bluetooth: hci2: command 0x0c1a tx timeout [ 114.780140][ T6081] mmap: syz.1.39 (6081) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 114.792137][ T5851] Bluetooth: hci1: command 0x0c1a tx timeout [ 114.901616][ T6083] can: request_module (can-proto-5) failed. [ 116.308664][ T5851] Bluetooth: hci0: command 0x0c1a tx timeout [ 116.703594][ T5851] Bluetooth: hci3: command 0x0c1a tx timeout [ 116.788240][ T5846] Bluetooth: hci2: command 0x0c1a tx timeout [ 116.863985][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout [ 117.136626][ T6117] FAULT_INJECTION: forcing a failure. [ 117.136626][ T6117] name failslab, interval 1, probability 0, space 0, times 0 [ 117.171920][ T6117] CPU: 0 UID: 0 PID: 6117 Comm: syz.1.50 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 117.171958][ T6117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 117.171977][ T6117] Call Trace: [ 117.171986][ T6117] [ 117.171996][ T6117] dump_stack_lvl+0x16c/0x1f0 [ 117.172041][ T6117] should_fail_ex+0x512/0x640 [ 117.172072][ T6117] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 117.172118][ T6117] should_failslab+0xc2/0x120 [ 117.172145][ T6117] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 117.172195][ T6117] ? vm_area_dup+0x25/0x760 [ 117.172243][ T6117] vm_area_dup+0x25/0x760 [ 117.172287][ T6117] copy_process+0x7f67/0x91a0 [ 117.172363][ T6117] ? __pfx_copy_process+0x10/0x10 [ 117.172409][ T6117] ? __pfx___futex_wait+0x10/0x10 [ 117.172457][ T6117] ? __pfx___up_read+0x10/0x10 [ 117.172493][ T6117] kernel_clone+0xfc/0x960 [ 117.172534][ T6117] ? __pfx_kernel_clone+0x10/0x10 [ 117.172593][ T6117] __do_sys_clone+0xce/0x120 [ 117.172631][ T6117] ? __pfx___do_sys_clone+0x10/0x10 [ 117.172688][ T6117] ? rcu_is_watching+0x12/0xc0 [ 117.172730][ T6117] do_syscall_64+0xcd/0x260 [ 117.172772][ T6117] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.172799][ T6117] RIP: 0033:0x7f8d99d8d169 [ 117.172820][ T6117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 117.172846][ T6117] RSP: 002b:00007f8d9ab19fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 117.172870][ T6117] RAX: ffffffffffffffda RBX: 00007f8d99fa5fa0 RCX: 00007f8d99d8d169 [ 117.172888][ T6117] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040100000 [ 117.172904][ T6117] RBP: 00007f8d99e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 117.172920][ T6117] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 117.172936][ T6117] R13: 0000000000000000 R14: 00007f8d99fa5fa0 R15: 00007ffef1628498 [ 117.172970][ T6117] [ 117.624030][ T6122] netlink: 8 bytes leftover after parsing attributes in process `syz.0.52'. [ 118.729520][ T6153] [U]  [ 118.732548][ T6153] [U] [ 118.735309][ T6153] [U] [ 118.738057][ T6153] [U] [ 118.742612][ T6153] [U] [ 118.745385][ T6153] [U] [ 118.748137][ T6153] [U] [ 118.750881][ T6153] [U] [ 118.818316][ T6153] [U] [ 118.821111][ T6153] [U] [ 118.823866][ T6153] [U] [ 118.826620][ T6153] [U] [ 118.911377][ T6153] [U] [ 118.914173][ T6153] [U] [ 118.916923][ T6153] [U] [ 118.919671][ T6153] [U] [ 118.962674][ T6153] [U] [ 118.965475][ T6153] [U] [ 118.968229][ T6153] [U] [ 118.970983][ T6153] [U] [ 119.086248][ T6156] [U] syzkaller syzkaller login: [ 120.750034][ T6202] input: f¬ as /devices/virtual/input/input8 [ 121.629706][ T6213] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 121.701589][ T6213] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 121.731363][ T6213] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 121.756644][ T6213] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 122.148671][ T975] smpboot: CPU 0 is now offline [ 123.193400][ T5846] Bluetooth: hci0: command 0x0c1a tx timeout [ 123.353929][ T6241] ima: policy update failed [ 123.424946][ T30] audit: type=1802 audit(6038856911.071:2): pid=6241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.75" res=0 errno=0 [ 123.743858][ T5846] Bluetooth: hci2: command 0x0c1a tx timeout [ 123.749993][ T5851] Bluetooth: hci3: command 0x0c1a tx timeout [ 123.763999][ T6258] bond0: option all_slaves_active: invalid value () [ 123.778400][ T6239] kexec: Could not allocate control_code_buffer [ 123.828209][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout [ 124.374410][ T6260] bond0: option all_slaves_active: invalid value (0x00060000) [ 124.418674][ T6258] bond0: option all_slaves_active: invalid value (0x00060000) [ 124.531549][ T6265] capability: warning: `syz.0.79' uses 32-bit capabilities (legacy support in use) [ 124.596362][ T6259] bond0: option all_slaves_active: invalid value (0x00060000) [ 124.728133][ T6267] FAULT_INJECTION: forcing a failure. [ 124.728133][ T6267] name failslab, interval 1, probability 0, space 0, times 0 [ 124.843682][ T6267] CPU: 1 UID: 0 PID: 6267 Comm: syz.2.80 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 124.843712][ T6267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 124.843725][ T6267] Call Trace: [ 124.843731][ T6267] [ 124.843739][ T6267] dump_stack_lvl+0x16c/0x1f0 [ 124.843774][ T6267] should_fail_ex+0x512/0x640 [ 124.843799][ T6267] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 124.843835][ T6267] should_failslab+0xc2/0x120 [ 124.843856][ T6267] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 124.843889][ T6267] ? __kernfs_new_node+0xd2/0x8a0 [ 124.843927][ T6267] __kernfs_new_node+0xd2/0x8a0 [ 124.843964][ T6267] ? __pfx___kernfs_new_node+0x10/0x10 [ 124.844005][ T6267] ? find_held_lock+0x2b/0x80 [ 124.844033][ T6267] ? kernfs_root+0xee/0x2a0 [ 124.844072][ T6267] kernfs_new_node+0x13c/0x1e0 [ 124.844099][ T6267] __kernfs_create_file+0x53/0x350 [ 124.844130][ T6267] sysfs_add_file_mode_ns+0x207/0x3c0 [ 124.844170][ T6267] internal_create_group+0x578/0xf30 [ 124.844212][ T6267] ? __pfx_internal_create_group+0x10/0x10 [ 124.844252][ T6267] ? kernfs_create_link+0x1bd/0x240 [ 124.844284][ T6267] internal_create_groups+0x9d/0x150 [ 124.844306][ T6267] device_add+0xf30/0x1a70 [ 124.844332][ T6267] ? __pfx_device_add+0x10/0x10 [ 124.844355][ T6267] ? lockdep_init_map_type+0x5c/0x280 [ 124.844375][ T6267] ? __init_waitqueue_head+0xca/0x150 [ 124.844408][ T6267] netdev_register_kobject+0x182/0x3a0 [ 124.844445][ T6267] register_netdevice+0x13dc/0x2270 [ 124.844482][ T6267] ? __pfx_register_netdevice+0x10/0x10 [ 124.844522][ T6267] slip_open+0xb86/0x1150 [ 124.844548][ T6267] ? __pfx_slip_open+0x10/0x10 [ 124.844578][ T6267] ? down_write+0x14d/0x200 [ 124.844614][ T6267] ? __pfx_slip_open+0x10/0x10 [ 124.844635][ T6267] tty_ldisc_open+0x9c/0x120 [ 124.844668][ T6267] tty_set_ldisc+0x32b/0x780 [ 124.844703][ T6267] tty_ioctl+0xc42/0x1610 [ 124.844739][ T6267] ? __pfx_tty_ioctl+0x10/0x10 [ 124.844781][ T6267] ? do_raw_spin_unlock+0x172/0x230 [ 124.844805][ T6267] ? hook_file_ioctl_common+0x145/0x410 [ 124.844835][ T6267] ? xfd_validate_state+0x5d/0x180 [ 124.844862][ T6267] ? __pfx_tty_ioctl+0x10/0x10 [ 124.844897][ T6267] __x64_sys_ioctl+0x190/0x200 [ 124.844926][ T6267] do_syscall_64+0xcd/0x260 [ 124.844959][ T6267] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.844980][ T6267] RIP: 0033:0x7f2fe298d169 [ 124.844997][ T6267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.845017][ T6267] RSP: 002b:00007f2fe37c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 124.845037][ T6267] RAX: ffffffffffffffda RBX: 00007f2fe2ba5fa0 RCX: 00007f2fe298d169 [ 124.845051][ T6267] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000001 [ 124.845063][ T6267] RBP: 00007f2fe2a0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 124.845076][ T6267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 124.845088][ T6267] R13: 0000000000000000 R14: 00007f2fe2ba5fa0 R15: 00007ffe06e3f7c8 [ 124.845115][ T6267] [ 125.450430][ T6270] FAULT_INJECTION: forcing a failure. [ 125.450430][ T6270] name failslab, interval 1, probability 0, space 0, times 0 [ 125.464230][ T6270] CPU: 1 UID: 0 PID: 6270 Comm: syz.0.81 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 125.464257][ T6270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 125.464269][ T6270] Call Trace: [ 125.464275][ T6270] [ 125.464282][ T6270] dump_stack_lvl+0x16c/0x1f0 [ 125.464316][ T6270] should_fail_ex+0x512/0x640 [ 125.464339][ T6270] ? __kmalloc_noprof+0xbf/0x510 [ 125.464371][ T6270] ? xfrm_hash_alloc+0xd1/0x100 [ 125.464389][ T6270] should_failslab+0xc2/0x120 [ 125.464408][ T6270] __kmalloc_noprof+0xd2/0x510 [ 125.464438][ T6270] ? xfrm_state_init+0x377/0x630 [ 125.464457][ T6270] ? __pfx_xfrm_net_init+0x10/0x10 [ 125.464478][ T6270] xfrm_hash_alloc+0xd1/0x100 [ 125.464496][ T6270] xfrm_net_init+0x244/0xcc0 [ 125.464541][ T6270] ? __pfx_xfrm_net_init+0x10/0x10 [ 125.464569][ T6270] ops_init+0x1df/0x5f0 [ 125.464602][ T6270] setup_net+0x21e/0x850 [ 125.464634][ T6270] ? __pfx_setup_net+0x10/0x10 [ 125.464663][ T6270] ? lockdep_init_map_type+0x5c/0x280 [ 125.464684][ T6270] ? __pfx_down_read_killable+0x10/0x10 [ 125.464707][ T6270] ? debug_mutex_init+0x37/0x70 [ 125.464756][ T6270] copy_net_ns+0x2a6/0x5f0 [ 125.464793][ T6270] create_new_namespaces+0x3ea/0xad0 [ 125.464833][ T6270] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 125.464868][ T6270] ksys_unshare+0x45b/0xa40 [ 125.464904][ T6270] ? __pfx_ksys_unshare+0x10/0x10 [ 125.464938][ T6270] ? xfd_validate_state+0x5d/0x180 [ 125.464965][ T6270] ? rcu_is_watching+0x12/0xc0 [ 125.465000][ T6270] __x64_sys_unshare+0x31/0x40 [ 125.465035][ T6270] do_syscall_64+0xcd/0x260 [ 125.465070][ T6270] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.465093][ T6270] RIP: 0033:0x7f176b58d169 [ 125.465111][ T6270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 125.465132][ T6270] RSP: 002b:00007f176c38e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 125.465152][ T6270] RAX: ffffffffffffffda RBX: 00007f176b7a5fa0 RCX: 00007f176b58d169 [ 125.465167][ T6270] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 125.465180][ T6270] RBP: 00007f176b60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 125.465194][ T6270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 125.465207][ T6270] R13: 0000000000000000 R14: 00007f176b7a5fa0 R15: 00007ffc71b5c798 [ 125.465235][ T6270] [ 127.311056][ T6293] blktrace: Concurrent blktraces are not allowed on ram7 [ 129.603429][ T6329] bond0: option all_slaves_active: invalid value () [ 130.048497][ T6333] bond0: option all_slaves_active: invalid value (0x00060000) [ 130.135881][ T6329] bond0: option all_slaves_active: invalid value (0x00060000) [ 130.307572][ T6334] bond0: option all_slaves_active: invalid value (0x00060000) [ 130.328714][ T6307] ima: policy update failed [ 130.370941][ T30] audit: type=1802 audit(6038856918.021:3): pid=6307 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.91" res=0 errno=0 [ 132.857574][ T6364] FAULT_INJECTION: forcing a failure. [ 132.857574][ T6364] name failslab, interval 1, probability 0, space 0, times 0 [ 132.937819][ T6364] CPU: 1 UID: 0 PID: 6364 Comm: syz.3.111 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 132.937852][ T6364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 132.937866][ T6364] Call Trace: [ 132.937873][ T6364] [ 132.937881][ T6364] dump_stack_lvl+0x16c/0x1f0 [ 132.937919][ T6364] should_fail_ex+0x512/0x640 [ 132.937946][ T6364] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 132.937985][ T6364] should_failslab+0xc2/0x120 [ 132.938007][ T6364] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 132.938047][ T6364] ? __kernfs_new_node+0xd2/0x8a0 [ 132.938088][ T6364] __kernfs_new_node+0xd2/0x8a0 [ 132.938128][ T6364] ? __pfx___kernfs_new_node+0x10/0x10 [ 132.938172][ T6364] ? find_held_lock+0x2b/0x80 [ 132.938202][ T6364] ? kernfs_root+0xee/0x2a0 [ 132.938243][ T6364] kernfs_new_node+0x13c/0x1e0 [ 132.938273][ T6364] __kernfs_create_file+0x53/0x350 [ 132.938306][ T6364] sysfs_add_file_mode_ns+0x207/0x3c0 [ 132.938348][ T6364] internal_create_group+0x578/0xf30 [ 132.938393][ T6364] ? __pfx_internal_create_group+0x10/0x10 [ 132.938435][ T6364] ? kernfs_create_link+0x1bd/0x240 [ 132.938470][ T6364] internal_create_groups+0x9d/0x150 [ 132.938494][ T6364] device_add+0xf30/0x1a70 [ 132.938522][ T6364] ? __pfx_device_add+0x10/0x10 [ 132.938545][ T6364] ? lockdep_init_map_type+0x5c/0x280 [ 132.938568][ T6364] ? __init_waitqueue_head+0xca/0x150 [ 132.938602][ T6364] netdev_register_kobject+0x182/0x3a0 [ 132.938641][ T6364] register_netdevice+0x13dc/0x2270 [ 132.938681][ T6364] ? __pfx_register_netdevice+0x10/0x10 [ 132.938724][ T6364] slip_open+0xb86/0x1150 [ 132.938752][ T6364] ? __pfx_slip_open+0x10/0x10 [ 132.938774][ T6364] ? down_write+0x14d/0x200 [ 132.938812][ T6364] ? __pfx_slip_open+0x10/0x10 [ 132.938834][ T6364] tty_ldisc_open+0x9c/0x120 [ 132.938868][ T6364] tty_set_ldisc+0x32b/0x780 [ 132.938905][ T6364] tty_ioctl+0xc42/0x1610 [ 132.938943][ T6364] ? __pfx_tty_ioctl+0x10/0x10 [ 132.938989][ T6364] ? do_raw_spin_unlock+0x172/0x230 [ 132.939014][ T6364] ? hook_file_ioctl_common+0x145/0x410 [ 132.939053][ T6364] ? xfd_validate_state+0x5d/0x180 [ 132.939082][ T6364] ? __pfx_tty_ioctl+0x10/0x10 [ 132.939120][ T6364] __x64_sys_ioctl+0x190/0x200 [ 132.939171][ T6364] do_syscall_64+0xcd/0x260 [ 132.939208][ T6364] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 132.939232][ T6364] RIP: 0033:0x7f8eda78d169 [ 132.939250][ T6364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 132.939272][ T6364] RSP: 002b:00007f8edb526038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 132.939294][ T6364] RAX: ffffffffffffffda RBX: 00007f8eda9a5fa0 RCX: 00007f8eda78d169 [ 132.939309][ T6364] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000001 [ 132.939322][ T6364] RBP: 00007f8eda80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 132.939336][ T6364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 132.939350][ T6364] R13: 0000000000000000 R14: 00007f8eda9a5fa0 R15: 00007ffe0e144668 [ 132.939379][ T6364] [ 133.310828][ T6352] kexec: Could not allocate control_code_buffer [ 135.400230][ T6387] blktrace: Concurrent blktraces are not allowed on ram7 [ 135.718510][ T6390] FAULT_INJECTION: forcing a failure. [ 135.718510][ T6390] name failslab, interval 1, probability 0, space 0, times 0 [ 135.822695][ T6390] CPU: 1 UID: 0 PID: 6390 Comm: syz.3.118 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 135.822729][ T6390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 135.822743][ T6390] Call Trace: [ 135.822750][ T6390] [ 135.822759][ T6390] dump_stack_lvl+0x16c/0x1f0 [ 135.822804][ T6390] should_fail_ex+0x512/0x640 [ 135.822832][ T6390] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 135.822872][ T6390] should_failslab+0xc2/0x120 [ 135.822894][ T6390] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 135.822931][ T6390] ? ptlock_alloc+0x1f/0x70 [ 135.822968][ T6390] ptlock_alloc+0x1f/0x70 [ 135.822999][ T6390] pte_alloc_one+0x6d/0x380 [ 135.823043][ T6390] __pte_alloc+0x6d/0x3c0 [ 135.823066][ T6390] ? __pfx___pte_alloc+0x10/0x10 [ 135.823100][ T6390] ? __pfx___might_resched+0x10/0x10 [ 135.823130][ T6390] ? copy_page_range+0x1943/0x5ec0 [ 135.823160][ T6390] copy_page_range+0x39a7/0x5ec0 [ 135.823214][ T6390] ? __pfx_copy_page_range+0x10/0x10 [ 135.823251][ T6390] ? __pfx___might_resched+0x10/0x10 [ 135.823282][ T6390] ? __pfx_mas_store+0x10/0x10 [ 135.823299][ T6390] ? __vma_enter_locked+0x163/0x3f0 [ 135.823335][ T6390] ? copy_process+0x85dd/0x91a0 [ 135.823364][ T6390] ? down_write+0x14d/0x200 [ 135.823399][ T6390] ? up_write+0x1b2/0x520 [ 135.823424][ T6390] copy_process+0x862b/0x91a0 [ 135.823472][ T6390] ? __pfx_copy_process+0x10/0x10 [ 135.823500][ T6390] ? __pfx___futex_wait+0x10/0x10 [ 135.823536][ T6390] ? __pfx___up_read+0x10/0x10 [ 135.823563][ T6390] kernel_clone+0xfc/0x960 [ 135.823595][ T6390] ? __pfx_kernel_clone+0x10/0x10 [ 135.823641][ T6390] __do_sys_clone+0xce/0x120 [ 135.823670][ T6390] ? __pfx___do_sys_clone+0x10/0x10 [ 135.823714][ T6390] ? rcu_is_watching+0x12/0xc0 [ 135.823748][ T6390] do_syscall_64+0xcd/0x260 [ 135.823779][ T6390] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.823806][ T6390] RIP: 0033:0x7f8eda78d169 [ 135.823823][ T6390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 135.823842][ T6390] RSP: 002b:00007f8edb525fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 135.823862][ T6390] RAX: ffffffffffffffda RBX: 00007f8eda9a5fa0 RCX: 00007f8eda78d169 [ 135.823875][ T6390] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040100000 [ 135.823888][ T6390] RBP: 00007f8eda80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 135.823901][ T6390] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 135.823914][ T6390] R13: 0000000000000000 R14: 00007f8eda9a5fa0 R15: 00007ffe0e144668 [ 135.823941][ T6390] [ 136.698745][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 136.710435][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 syzkaller syzkaller login: [ 141.038881][ T6456] bond0: option all_slaves_active: invalid value () [ 141.342826][ T6463] netlink: 338 bytes leftover after parsing attributes in process `syz.3.127'. [ 141.391577][ T6464] netlink: 338 bytes leftover after parsing attributes in process `syz.3.127'. [ 141.583510][ T6456] bond0: option all_slaves_active: invalid value (0x00060000) [ 141.696483][ T6460] bond0: option all_slaves_active: invalid value (0x00060000) [ 142.537624][ T6484] [U]  [ 142.540456][ T6484] [U] [ 142.543173][ T6484] [U] [ 142.545879][ T6484] [U] [ 142.602654][ T6484] [U] [ 142.605434][ T6484] [U] [ 142.608146][ T6484] [U] [ 142.610852][ T6484] [U] [ 142.736925][ T6484] [U] [ 142.739696][ T6484] [U] [ 142.742408][ T6484] [U] [ 142.745121][ T6484] [U] [ 142.832267][ T6484] [U] [ 142.835021][ T6484] [U] [ 142.837738][ T6484] [U] [ 142.840454][ T6484] [U] [ 142.940797][ T6484] [U] [ 142.943559][ T6484] [U] [ 142.946270][ T6484] [U] [ 142.948973][ T6484] [U] [ 143.055798][ T6489] [U] [ 147.031367][ T6536] can: request_module (can-proto-5) failed. [ 151.021903][ T6549] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 151.053730][ T6549] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 151.099369][ T6549] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 151.130413][ T6549] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 151.166962][ T6549] CPU0 is offline. [ 152.000161][ T6595] erspan0: entered allmulticast mode [ 152.703946][ T5846] Bluetooth: hci0: command 0x0c1a tx timeout [ 153.103401][ T5846] Bluetooth: hci3: command 0x0c1a tx timeout [ 153.183442][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout [ 153.191146][ T5851] Bluetooth: hci2: command 0x0c1a tx timeout [ 157.943937][ T6683] netlink: 272 bytes leftover after parsing attributes in process `syz.2.189'. [ 158.134277][ T6683] nbd: must specify a device to reconfigure [ 160.639912][ T6726] FAULT_INJECTION: forcing a failure. [ 160.639912][ T6726] name fail_futex, interval 1, probability 0, space 0, times 1 [ 160.699971][ T6726] CPU: 1 UID: 0 PID: 6726 Comm: syz.0.201 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 160.700002][ T6726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 160.700015][ T6726] Call Trace: [ 160.700021][ T6726] [ 160.700029][ T6726] dump_stack_lvl+0x16c/0x1f0 [ 160.700064][ T6726] should_fail_ex+0x512/0x640 [ 160.700093][ T6726] get_futex_key+0x49e/0x1000 [ 160.700126][ T6726] ? __pfx_get_futex_key+0x10/0x10 [ 160.700159][ T6726] ? stack_trace_save+0x8e/0xc0 [ 160.700190][ T6726] futex_wait_setup+0x78/0x290 [ 160.700218][ T6726] __futex_wait+0x266/0x3c0 [ 160.700240][ T6726] ? __pfx___futex_wait+0x10/0x10 [ 160.700266][ T6726] ? __pfx_futex_wake_mark+0x10/0x10 [ 160.700297][ T6726] futex_wait+0xe8/0x380 [ 160.700317][ T6726] ? __pfx_futex_wait+0x10/0x10 [ 160.700343][ T6726] ? __call_rcu_common.constprop.0+0x3e5/0x9f0 [ 160.700366][ T6726] ? lockdep_hardirqs_on+0x7c/0x110 [ 160.700401][ T6726] do_futex+0x229/0x350 [ 160.700432][ T6726] ? __pfx_do_futex+0x10/0x10 [ 160.700469][ T6726] __x64_sys_futex+0x1e0/0x4c0 [ 160.700504][ T6726] ? __pfx___x64_sys_futex+0x10/0x10 [ 160.700534][ T6726] ? __pfx_fput_close_sync+0x10/0x10 [ 160.700567][ T6726] do_syscall_64+0xcd/0x260 [ 160.700600][ T6726] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.700621][ T6726] RIP: 0033:0x7f176b58d169 [ 160.700638][ T6726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.700658][ T6726] RSP: 002b:00007f176c38e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 160.700677][ T6726] RAX: ffffffffffffffda RBX: 00007f176b7a5fa8 RCX: 00007f176b58d169 [ 160.700691][ T6726] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f176b7a5fa8 [ 160.700704][ T6726] RBP: 00007f176b7a5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 160.700716][ T6726] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f176b7a5fac [ 160.700729][ T6726] R13: 0000000000000000 R14: 00007ffc71b5c6b0 R15: 00007ffc71b5c798 [ 160.700754][ T6726] [ 161.627652][ T6749] QAT: Device 0 not found [ 164.473157][ T6802] mkiss: ax0: crc mode is auto. [ 164.675879][ T6788] kexec: Could not allocate control_code_buffer [ 165.017028][ T6815] FAULT_INJECTION: forcing a failure. [ 165.017028][ T6815] name failslab, interval 1, probability 0, space 0, times 0 [ 165.108017][ T6815] CPU: 1 UID: 0 PID: 6815 Comm: syz.1.231 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 165.108048][ T6815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 165.108061][ T6815] Call Trace: [ 165.108067][ T6815] [ 165.108075][ T6815] dump_stack_lvl+0x16c/0x1f0 [ 165.108110][ T6815] should_fail_ex+0x512/0x640 [ 165.108135][ T6815] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 165.108171][ T6815] should_failslab+0xc2/0x120 [ 165.108192][ T6815] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 165.108225][ T6815] ? do_raw_spin_unlock+0x172/0x230 [ 165.108248][ T6815] ? prepare_kernel_cred+0x35/0x750 [ 165.108272][ T6815] ? _raw_spin_unlock+0x28/0x50 [ 165.108300][ T6815] prepare_kernel_cred+0x35/0x750 [ 165.108326][ T6815] _request_firmware+0x3ae/0x1470 [ 165.108357][ T6815] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 165.108387][ T6815] ? __rtnl_unlock+0x68/0xf0 [ 165.108419][ T6815] ? netdev_run_todo+0x864/0x1320 [ 165.108451][ T6815] ? __pfx__request_firmware+0x10/0x10 [ 165.108478][ T6815] ? __pfx_netdev_run_todo+0x10/0x10 [ 165.108508][ T6815] ? __pfx___mutex_lock+0x10/0x10 [ 165.108547][ T6815] request_firmware+0x35/0x50 [ 165.108574][ T6815] reg_reload_regdb+0x89/0x460 [ 165.108597][ T6815] ? __pfx_reg_reload_regdb+0x10/0x10 [ 165.108622][ T6815] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 165.108650][ T6815] ? nl80211_pre_doit+0x1b0/0xb10 [ 165.108683][ T6815] genl_family_rcv_msg_doit+0x206/0x2f0 [ 165.108721][ T6815] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 165.108756][ T6815] ? rcu_is_watching+0x12/0xc0 [ 165.108791][ T6815] ? bpf_lsm_capable+0x9/0x10 [ 165.108822][ T6815] ? security_capable+0x7e/0x260 [ 165.108847][ T6815] genl_rcv_msg+0x55c/0x800 [ 165.108870][ T6815] ? __pfx_genl_rcv_msg+0x10/0x10 [ 165.108900][ T6815] ? __pfx___dev_queue_xmit+0x10/0x10 [ 165.108923][ T6815] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 165.108952][ T6815] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 165.108972][ T6815] ? __pfx_nl80211_post_doit+0x10/0x10 [ 165.109005][ T6815] ? __lock_acquire+0xaa4/0x1ba0 [ 165.109029][ T6815] netlink_rcv_skb+0x16a/0x440 [ 165.109061][ T6815] ? __pfx_genl_rcv_msg+0x10/0x10 [ 165.109082][ T6815] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 165.109126][ T6815] ? __pfx_down_read+0x10/0x10 [ 165.109160][ T6815] ? netlink_deliver_tap+0x1ae/0xd30 [ 165.109193][ T6815] genl_rcv+0x28/0x40 [ 165.109225][ T6815] netlink_unicast+0x53a/0x7f0 [ 165.109259][ T6815] ? __pfx_netlink_unicast+0x10/0x10 [ 165.109288][ T6815] ? __lock_acquire+0xaa4/0x1ba0 [ 165.109314][ T6815] netlink_sendmsg+0x8d1/0xdd0 [ 165.109350][ T6815] ? __pfx_netlink_sendmsg+0x10/0x10 [ 165.109391][ T6815] ____sys_sendmsg+0xa95/0xc70 [ 165.109411][ T6815] ? copy_msghdr_from_user+0x10a/0x160 [ 165.109439][ T6815] ? __pfx_____sys_sendmsg+0x10/0x10 [ 165.109471][ T6815] ___sys_sendmsg+0x134/0x1d0 [ 165.109500][ T6815] ? __pfx____sys_sendmsg+0x10/0x10 [ 165.109561][ T6815] __sys_sendmsg+0x16d/0x220 [ 165.109589][ T6815] ? __pfx___sys_sendmsg+0x10/0x10 [ 165.109616][ T6815] ? __x64_sys_futex+0x1e0/0x4c0 [ 165.109655][ T6815] ? rcu_is_watching+0x12/0xc0 [ 165.109688][ T6815] do_syscall_64+0xcd/0x260 [ 165.109722][ T6815] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.109743][ T6815] RIP: 0033:0x7f8d99d8d169 [ 165.109760][ T6815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 165.109780][ T6815] RSP: 002b:00007f8d9ab1a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 165.109800][ T6815] RAX: ffffffffffffffda RBX: 00007f8d99fa5fa0 RCX: 00007f8d99d8d169 [ 165.109814][ T6815] RDX: 0000000001000000 RSI: 0000200000000580 RDI: 0000000000000008 [ 165.109826][ T6815] RBP: 00007f8d99e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 165.109839][ T6815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 165.109851][ T6815] R13: 0000000000000000 R14: 00007f8d99fa5fa0 R15: 00007ffef1628498 [ 165.109882][ T6815] [ 165.503786][ T6820] netlink: 28 bytes leftover after parsing attributes in process `syz.0.233'. syzkaller syzkaller login: [ 165.865020][ T6820] team_slave_0 (unregistering): left promiscuous mode [ 165.871813][ T6820] team_slave_0 (unregistering): left allmulticast mode [ 165.952633][ T6820] team0: Port device team_slave_0 removed [ 166.299333][ T6822] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 166.307970][ T6822] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 166.330396][ T6822] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 166.358612][ T6822] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 166.381525][ T6822] CPU0 is offline. [ 167.800082][ T6847] FAULT_INJECTION: forcing a failure. [ 167.800082][ T6847] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 167.907542][ T6854] kexec: Could not allocate control_code_buffer [ 167.985547][ T6847] CPU: 1 UID: 0 PID: 6847 Comm: syz.2.236 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 167.985580][ T6847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 167.985594][ T6847] Call Trace: [ 167.985602][ T6847] [ 167.985610][ T6847] dump_stack_lvl+0x16c/0x1f0 [ 167.985649][ T6847] should_fail_ex+0x512/0x640 [ 167.985684][ T6847] should_fail_alloc_page+0xe7/0x130 [ 167.985709][ T6847] prepare_alloc_pages+0x3c2/0x610 [ 167.985743][ T6847] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 167.985783][ T6847] ? find_held_lock+0x2b/0x80 [ 167.985814][ T6847] ? finish_task_switch.isra.0+0x21c/0xc10 [ 167.985848][ T6847] ? rcu_is_watching+0x12/0xc0 [ 167.985876][ T6847] ? finish_task_switch.isra.0+0x221/0xc10 [ 167.985907][ T6847] ? lockdep_hardirqs_on+0x7c/0x110 [ 167.985939][ T6847] ? finish_task_switch.isra.0+0x221/0xc10 [ 167.985971][ T6847] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 167.986007][ T6847] ? rcu_is_watching+0x12/0xc0 [ 167.986039][ T6847] ? __schedule+0x1186/0x5de0 [ 167.986067][ T6847] ? kvm_sched_clock_read+0x11/0x20 [ 167.986097][ T6847] ? sched_clock+0x38/0x60 [ 167.986124][ T6847] ? lock_acquire+0x179/0x350 [ 167.986146][ T6847] ? find_held_lock+0x2b/0x80 [ 167.986177][ T6847] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 167.986204][ T6847] ? policy_nodemask+0xea/0x4e0 [ 167.986228][ T6847] alloc_pages_mpol+0x1fb/0x550 [ 167.986251][ T6847] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 167.986274][ T6847] ? __lock_acquire+0x5ca/0x1ba0 [ 167.986300][ T6847] folio_alloc_mpol_noprof+0x36/0x2f0 [ 167.986329][ T6847] vma_alloc_folio_noprof+0xed/0x1e0 [ 167.986357][ T6847] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 167.986392][ T6847] do_pte_missing+0x223d/0x3fb0 [ 167.986437][ T6847] __handle_mm_fault+0x103d/0x2a40 [ 167.986485][ T6847] ? __pfx___handle_mm_fault+0x10/0x10 [ 167.986518][ T6847] ? lock_vma_under_rcu+0x47d/0x970 [ 167.986546][ T6847] ? lock_vma_under_rcu+0x47d/0x970 [ 167.986588][ T6847] ? cap_task_prctl+0x2af/0xa80 [ 167.986618][ T6847] handle_mm_fault+0x3fe/0xad0 [ 167.986657][ T6847] do_user_addr_fault+0x60c/0x1370 [ 167.986692][ T6847] exc_page_fault+0x5c/0xc0 [ 167.986725][ T6847] asm_exc_page_fault+0x26/0x30 [ 167.986747][ T6847] RIP: 0033:0x7f2fe2858b7b [ 167.986766][ T6847] Code: 00 00 00 48 8d 3d 9d 33 19 00 48 89 c1 31 c0 e8 4b 44 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d d1 33 19 00 48 89 34 24 48 8b 14 24 48 8b [ 167.986788][ T6847] RSP: 002b:00007f2fe37a3fb0 EFLAGS: 00010202 [ 167.986806][ T6847] RAX: 0000000000000000 RBX: 00007f2fe2ba6080 RCX: 0000000000000000 [ 167.986820][ T6847] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000000bc0 [ 167.986835][ T6847] RBP: 00007f2fe2a0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 167.986849][ T6847] R10: 0000200000000bc0 R11: 0000000000000000 R12: 0000000000000000 [ 167.986863][ T6847] R13: 0000000000000000 R14: 00007f2fe2ba6080 R15: 00007ffe06e3f7c8 [ 167.986892][ T6847] [ 168.277933][ C1] vkms_vblank_simulate: vblank timer overrun [ 168.303949][ T6847] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 168.524425][ T6868] netlink: 28 bytes leftover after parsing attributes in process `syz.0.243'. [ 168.540872][ T5851] Bluetooth: hci1: command 0x0c1a tx timeout [ 168.547164][ T5851] Bluetooth: hci2: command 0x0c1a tx timeout [ 168.554097][ T5851] Bluetooth: hci3: command 0x0c1a tx timeout [ 168.560107][ T5851] Bluetooth: hci0: command 0x0c1a tx timeout [ 170.071975][ T6887] netlink: 4 bytes leftover after parsing attributes in process `syz.1.250'. [ 170.331311][ T6887] netlink: 4 bytes leftover after parsing attributes in process `syz.1.250'. [ 170.365926][ T6887] netlink: 4 bytes leftover after parsing attributes in process `syz.1.250'. [ 170.402260][ T6887] netlink: 4 bytes leftover after parsing attributes in process `syz.1.250'. [ 170.435503][ T6887] netlink: 4 bytes leftover after parsing attributes in process `syz.1.250'. [ 170.471379][ T6887] netlink: 4 bytes leftover after parsing attributes in process `syz.1.250'. [ 170.509386][ T6887] netlink: 4 bytes leftover after parsing attributes in process `syz.1.250'. [ 170.541908][ T6887] netlink: 4 bytes leftover after parsing attributes in process `syz.1.250'. [ 170.588318][ T6887] netlink: 4 bytes leftover after parsing attributes in process `syz.1.250'. [ 171.127988][ T6878] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 171.136611][ T6878] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 171.142819][ T6878] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 171.152070][ T6878] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 171.159437][ T6878] CPU0 is offline. [ 171.371619][ T6903] netlink: 28 bytes leftover after parsing attributes in process `syz.1.252'. [ 171.502461][ T6909] netlink: 28 bytes leftover after parsing attributes in process `syz.0.254'. [ 171.903696][ T5846] Bluetooth: hci0: command 0x0c1a tx timeout [ 172.547595][ T6927] mkiss: ax0: crc mode is auto. [ 173.183536][ T5851] Bluetooth: hci2: command 0x0c1a tx timeout [ 173.189598][ T5847] Bluetooth: hci3: command 0x0c1a tx timeout [ 173.195708][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout [ 173.450136][ T6944] netlink: 28 bytes leftover after parsing attributes in process `syz.1.263'. [ 173.981099][ T6954] FAULT_INJECTION: forcing a failure. [ 173.981099][ T6954] name fail_futex, interval 1, probability 0, space 0, times 0 [ 174.067789][ T6954] CPU: 1 UID: 0 PID: 6954 Comm: syz.3.265 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 174.067819][ T6954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 174.067832][ T6954] Call Trace: [ 174.067839][ T6954] [ 174.067847][ T6954] dump_stack_lvl+0x16c/0x1f0 [ 174.067921][ T6954] should_fail_ex+0x512/0x640 [ 174.067952][ T6954] get_futex_key+0x49e/0x1000 [ 174.067992][ T6954] ? __pfx_get_futex_key+0x10/0x10 [ 174.068028][ T6954] ? __pfx___might_resched+0x10/0x10 [ 174.068065][ T6954] futex_wake+0xe7/0x4e0 [ 174.068089][ T6954] ? __pfx_futex_wake+0x10/0x10 [ 174.068114][ T6954] ? kfree+0x252/0x4d0 [ 174.068143][ T6954] ? udpv6_setsockopt+0x84/0xd0 [ 174.068168][ T6954] do_futex+0x1e3/0x350 [ 174.068201][ T6954] ? __pfx_do_futex+0x10/0x10 [ 174.068234][ T6954] ? fdget+0x176/0x210 [ 174.068267][ T6954] ? __sys_sendmsg+0x199/0x220 [ 174.068299][ T6954] __x64_sys_futex+0x1e0/0x4c0 [ 174.068336][ T6954] ? __pfx___x64_sys_futex+0x10/0x10 [ 174.068370][ T6954] ? __sys_setsockopt+0x1a0/0x230 [ 174.068395][ T6954] ? __sys_setsockopt+0x1cd/0x230 [ 174.068430][ T6954] do_syscall_64+0xcd/0x260 [ 174.068466][ T6954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.068489][ T6954] RIP: 0033:0x7f8eda78d169 [ 174.068506][ T6954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 174.068527][ T6954] RSP: 002b:00007f8edb5260e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 174.068548][ T6954] RAX: ffffffffffffffda RBX: 00007f8eda9a5fa8 RCX: 00007f8eda78d169 [ 174.068563][ T6954] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8eda9a5fac [ 174.068576][ T6954] RBP: 00007f8eda9a5fa0 R08: 00007f8edb527000 R09: 0000000000000000 [ 174.068590][ T6954] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8eda9a5fac [ 174.068604][ T6954] R13: 0000000000000000 R14: 00007ffe0e144580 R15: 00007ffe0e144668 [ 174.068650][ T6954] [ 174.806054][ T6962] netlink: 28 bytes leftover after parsing attributes in process `syz.2.266'. [ 175.448015][ T6974] FAULT_INJECTION: forcing a failure. [ 175.448015][ T6974] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 175.462953][ T6962] team0: Port device team_slave_0 removed [ 175.543127][ T6977] netlink: set zone limit has 8 unknown bytes [ 175.590240][ T6974] CPU: 1 UID: 0 PID: 6974 Comm: syz.3.270 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 175.590271][ T6974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 175.590288][ T6974] Call Trace: [ 175.590295][ T6974] [ 175.590302][ T6974] dump_stack_lvl+0x16c/0x1f0 [ 175.590338][ T6974] should_fail_ex+0x512/0x640 [ 175.590366][ T6974] _copy_to_iter+0x2a4/0x15a0 [ 175.590400][ T6974] ? __pfx__copy_to_iter+0x10/0x10 [ 175.590430][ T6974] ? __skb_recv_datagram+0x1b2/0x220 [ 175.590457][ T6974] ? __pfx___skb_recv_datagram+0x10/0x10 [ 175.590485][ T6974] simple_copy_to_iter+0x46/0x90 [ 175.590507][ T6974] __skb_datagram_iter+0x125/0x8c0 [ 175.590528][ T6974] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 175.590552][ T6974] ? skb_recv_datagram+0x88/0xc0 [ 175.590580][ T6974] skb_copy_datagram_iter+0x40/0x50 [ 175.590604][ T6974] netlink_recvmsg+0x298/0xf20 [ 175.590637][ T6974] ? __pfx_netlink_recvmsg+0x10/0x10 [ 175.590664][ T6974] ? aa_sk_perm+0x2f4/0xb10 [ 175.590690][ T6974] ? find_held_lock+0x2b/0x80 [ 175.590716][ T6974] ? __pfx_aa_sk_perm+0x10/0x10 [ 175.590739][ T6974] ? __fget_files+0x204/0x3c0 [ 175.590781][ T6974] sock_recvmsg+0x1f6/0x250 [ 175.590816][ T6974] __sys_recvfrom+0x203/0x310 [ 175.590850][ T6974] ? __pfx___sys_recvfrom+0x10/0x10 [ 175.590885][ T6974] ? count_memcg_events_mm.constprop.0+0x138/0x340 [ 175.590919][ T6974] ? xfd_validate_state+0x5d/0x180 [ 175.590944][ T6974] ? rcu_is_watching+0x12/0xc0 [ 175.590974][ T6974] __x64_sys_recvfrom+0xe0/0x1c0 [ 175.590999][ T6974] ? do_syscall_64+0x91/0x260 [ 175.591030][ T6974] ? lockdep_hardirqs_on+0x7c/0x110 [ 175.591059][ T6974] do_syscall_64+0xcd/0x260 [ 175.591091][ T6974] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.591112][ T6974] RIP: 0033:0x7f8eda78ef34 [ 175.591128][ T6974] Code: 89 4c 24 1c e8 ed 5f 02 00 44 8b 54 24 1c 8b 3c 24 45 31 c9 89 c5 48 8b 54 24 10 48 8b 74 24 08 45 31 c0 b8 2d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 04 24 e8 39 60 02 00 48 8b 04 [ 175.591148][ T6974] RSP: 002b:00007f8edb524ed0 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 175.591168][ T6974] RAX: ffffffffffffffda RBX: 00007f8edb524fc0 RCX: 00007f8eda78ef34 [ 175.591181][ T6974] RDX: 0000000000001000 RSI: 00007f8edb525010 RDI: 0000000000000002 [ 175.591194][ T6974] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 175.591207][ T6974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 175.591219][ T6974] R13: 00007f8edb524f68 R14: 00007f8edb525010 R15: 0000000000000000 [ 175.591245][ T6974] [ 177.889427][ T6990] netlink: 28 bytes leftover after parsing attributes in process `syz.2.273'. [ 177.924667][ T6951] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 177.963667][ T6951] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 178.003611][ T6951] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 178.031943][ T6951] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 178.057786][ T6951] CPU0 is offline. [ 178.561487][ T6998] FAULT_INJECTION: forcing a failure. [ 178.561487][ T6998] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 178.659767][ T6998] CPU: 1 UID: 0 PID: 6998 Comm: syz.1.276 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 178.659801][ T6998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 178.659814][ T6998] Call Trace: [ 178.659821][ T6998] [ 178.659830][ T6998] dump_stack_lvl+0x16c/0x1f0 [ 178.659869][ T6998] should_fail_ex+0x512/0x640 [ 178.659902][ T6998] strncpy_from_user+0x3b/0x2e0 [ 178.659929][ T6998] getname_flags.part.0+0x8b/0x540 [ 178.659960][ T6998] getname_flags+0x93/0xf0 [ 178.659993][ T6998] do_sys_openat2+0xb8/0x1d0 [ 178.660018][ T6998] ? __pfx_do_sys_openat2+0x10/0x10 [ 178.660054][ T6998] __x64_sys_openat+0x174/0x210 [ 178.660080][ T6998] ? __pfx___x64_sys_openat+0x10/0x10 [ 178.660108][ T6998] ? rcu_is_watching+0x12/0xc0 [ 178.660145][ T6998] do_syscall_64+0xcd/0x260 [ 178.660182][ T6998] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.660205][ T6998] RIP: 0033:0x7f8d99d8d169 [ 178.660223][ T6998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 178.660245][ T6998] RSP: 002b:00007f8d9ab1a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 178.660266][ T6998] RAX: ffffffffffffffda RBX: 00007f8d99fa5fa0 RCX: 00007f8d99d8d169 [ 178.660281][ T6998] RDX: 000000000008c003 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 178.660296][ T6998] RBP: 00007f8d99e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 178.660310][ T6998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 178.660324][ T6998] R13: 0000000000000000 R14: 00007f8d99fa5fa0 R15: 00007ffef1628498 [ 178.660352][ T6998] [ 179.262432][ T5846] Bluetooth: hci0: command 0x0c1a tx timeout [ 179.983848][ T5846] Bluetooth: hci2: command 0x0c1a tx timeout [ 179.989954][ T5851] Bluetooth: hci3: command 0x0c1a tx timeout [ 180.063506][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout [ 181.105988][ T7035] FAULT_INJECTION: forcing a failure. [ 181.105988][ T7035] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 181.161768][ T7038] netlink: set zone limit has 8 unknown bytes [ 181.240678][ T7035] CPU: 1 UID: 0 PID: 7035 Comm: syz.2.287 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 181.240710][ T7035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 181.240723][ T7035] Call Trace: [ 181.240731][ T7035] [ 181.240739][ T7035] dump_stack_lvl+0x16c/0x1f0 [ 181.240777][ T7035] should_fail_ex+0x512/0x640 [ 181.240808][ T7035] should_fail_alloc_page+0xe7/0x130 [ 181.240831][ T7035] prepare_alloc_pages+0x3c2/0x610 [ 181.240860][ T7035] ? arch_stack_walk+0xa6/0x100 [ 181.240894][ T7035] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 181.240937][ T7035] ? stack_trace_save+0x8e/0xc0 [ 181.240967][ T7035] ? __pfx_stack_trace_save+0x10/0x10 [ 181.240997][ T7035] ? stack_depot_save_flags+0x28/0xa50 [ 181.241025][ T7035] ? __lock_acquire+0xaa4/0x1ba0 [ 181.241045][ T7035] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 181.241083][ T7035] ? kasan_save_stack+0x42/0x60 [ 181.241115][ T7035] ? kasan_save_stack+0x33/0x60 [ 181.241147][ T7035] ? kasan_save_track+0x14/0x30 [ 181.241178][ T7035] ? kasan_save_free_info+0x3b/0x60 [ 181.241204][ T7035] ? __kasan_slab_free+0x51/0x70 [ 181.241237][ T7035] ? kmem_cache_free+0x2d4/0x4d0 [ 181.241272][ T7035] ? __x64_sys_recvfrom+0xe0/0x1c0 [ 181.241298][ T7035] ? do_syscall_64+0xcd/0x260 [ 181.241330][ T7035] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.241359][ T7035] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 181.241385][ T7035] ? policy_nodemask+0xea/0x4e0 [ 181.241408][ T7035] alloc_pages_mpol+0x1fb/0x550 [ 181.241431][ T7035] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 181.241458][ T7035] ? __lock_acquire+0xaa4/0x1ba0 [ 181.241484][ T7035] folio_alloc_mpol_noprof+0x36/0x2f0 [ 181.241513][ T7035] vma_alloc_folio_noprof+0xed/0x1e0 [ 181.241539][ T7035] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 181.241564][ T7035] ? find_held_lock+0x2b/0x80 [ 181.241594][ T7035] ? do_wp_page+0x1079/0x59f0 [ 181.241624][ T7035] do_wp_page+0x20cc/0x59f0 [ 181.241658][ T7035] ? __pfx_do_wp_page+0x10/0x10 [ 181.241687][ T7035] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 181.241716][ T7035] ? ___pte_offset_map+0x1bc/0x540 [ 181.241747][ T7035] __handle_mm_fault+0x1ada/0x2a40 [ 181.241787][ T7035] ? __pfx___handle_mm_fault+0x10/0x10 [ 181.241818][ T7035] ? lock_vma_under_rcu+0x47d/0x970 [ 181.241848][ T7035] ? lock_vma_under_rcu+0x47d/0x970 [ 181.241916][ T7035] handle_mm_fault+0x3fe/0xad0 [ 181.241954][ T7035] do_user_addr_fault+0x60c/0x1370 [ 181.241990][ T7035] exc_page_fault+0x5c/0xc0 [ 181.242023][ T7035] asm_exc_page_fault+0x26/0x30 [ 181.242045][ T7035] RIP: 0033:0x7f2fe2946cb5 [ 181.242063][ T7035] Code: 0f 1f 44 00 00 8b 57 18 64 8b 04 25 d0 02 00 00 39 c2 0f 84 0d 01 00 00 41 54 55 53 83 7f 30 02 48 89 fb 74 28 b8 08 00 00 00 0f c1 03 83 c0 08 85 c0 0f 88 fc 00 00 00 a8 01 75 78 31 d2 5b [ 181.242085][ T7035] RSP: 002b:00007f2fe37c4de0 EFLAGS: 00010293 [ 181.242103][ T7035] RAX: 0000000000000008 RBX: 00007f2fe36d7d60 RCX: 0000000000000000 [ 181.242117][ T7035] RDX: 0000000000000000 RSI: 00007f2fe2a4b168 RDI: 00007f2fe36d7d60 [ 181.242132][ T7035] RBP: 00007f2fe37c4f00 R08: 0000000000000000 R09: 0000000000000005 [ 181.242145][ T7035] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2fe2a4ae80 [ 181.242159][ T7035] R13: 0000000000000002 R14: 00007f2fe2b7c440 R15: 0000000000000000 [ 181.242188][ T7035] [ 183.870539][ T7068] netlink: 28 bytes leftover after parsing attributes in process `syz.0.297'. [ 184.432554][ T7070] FAULT_INJECTION: forcing a failure. [ 184.432554][ T7070] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 184.520611][ T7076] netlink: set zone limit has 8 unknown bytes [ 184.607912][ T7070] CPU: 1 UID: 0 PID: 7070 Comm: syz.1.298 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 184.607942][ T7070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 184.607955][ T7070] Call Trace: [ 184.607961][ T7070] [ 184.607969][ T7070] dump_stack_lvl+0x16c/0x1f0 [ 184.608003][ T7070] should_fail_ex+0x512/0x640 [ 184.608033][ T7070] _copy_to_iter+0x2a4/0x15a0 [ 184.608066][ T7070] ? __pfx__copy_to_iter+0x10/0x10 [ 184.608095][ T7070] ? __skb_recv_datagram+0x1b2/0x220 [ 184.608123][ T7070] ? __pfx___skb_recv_datagram+0x10/0x10 [ 184.608150][ T7070] simple_copy_to_iter+0x46/0x90 [ 184.608172][ T7070] __skb_datagram_iter+0x125/0x8c0 [ 184.608193][ T7070] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 184.608217][ T7070] ? skb_recv_datagram+0x88/0xc0 [ 184.608249][ T7070] skb_copy_datagram_iter+0x40/0x50 [ 184.608273][ T7070] netlink_recvmsg+0x298/0xf20 [ 184.608305][ T7070] ? __pfx_netlink_recvmsg+0x10/0x10 [ 184.608333][ T7070] ? aa_sk_perm+0x2f4/0xb10 [ 184.608358][ T7070] ? find_held_lock+0x2b/0x80 [ 184.608385][ T7070] ? __pfx_aa_sk_perm+0x10/0x10 [ 184.608410][ T7070] ? __fget_files+0x204/0x3c0 [ 184.608452][ T7070] sock_recvmsg+0x1f6/0x250 [ 184.608487][ T7070] __sys_recvfrom+0x203/0x310 [ 184.608513][ T7070] ? __pfx___sys_recvfrom+0x10/0x10 [ 184.608548][ T7070] ? count_memcg_events_mm.constprop.0+0x138/0x340 [ 184.608582][ T7070] ? xfd_validate_state+0x5d/0x180 [ 184.608607][ T7070] ? rcu_is_watching+0x12/0xc0 [ 184.608636][ T7070] __x64_sys_recvfrom+0xe0/0x1c0 [ 184.608672][ T7070] ? do_syscall_64+0x91/0x260 [ 184.608701][ T7070] ? lockdep_hardirqs_on+0x7c/0x110 [ 184.608746][ T7070] do_syscall_64+0xcd/0x260 [ 184.608778][ T7070] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.608800][ T7070] RIP: 0033:0x7f8d99d8ef34 [ 184.608817][ T7070] Code: 89 4c 24 1c e8 ed 5f 02 00 44 8b 54 24 1c 8b 3c 24 45 31 c9 89 c5 48 8b 54 24 10 48 8b 74 24 08 45 31 c0 b8 2d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 04 24 e8 39 60 02 00 48 8b 04 [ 184.608837][ T7070] RSP: 002b:00007f8d9ab18ed0 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 184.608857][ T7070] RAX: ffffffffffffffda RBX: 00007f8d9ab18fc0 RCX: 00007f8d99d8ef34 [ 184.608870][ T7070] RDX: 0000000000001000 RSI: 00007f8d9ab19010 RDI: 0000000000000002 [ 184.608883][ T7070] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 184.608895][ T7070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 184.608907][ T7070] R13: 00007f8d9ab18f68 R14: 00007f8d9ab19010 R15: 0000000000000000 [ 184.608933][ T7070] [ 185.164114][ T7080] unsupported nla_type 32969 [ 185.553417][ T7090] syz.0.302 uses obsolete (PF_INET,SOCK_PACKET) [ 185.971289][ T7098] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 186.026946][ T7098] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 186.055982][ T7098] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 186.114578][ T7098] page_type: f5(slab) [ 186.118606][ T7098] raw: 00fff00000000040 ffff88801faa5b40 dead000000000122 0000000000000000 [ 186.304619][ T7098] raw: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000 [ 186.461182][ T7100] could not allocate digest TFM handle binfmt_misc [ 186.503519][ T7098] head: 00fff00000000040 ffff88801faa5b40 dead000000000122 0000000000000000 [ 186.607061][ T7098] head: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000 [ 186.685801][ T7109] netlink: 28 bytes leftover after parsing attributes in process `syz.3.307'. [ 186.701367][ T7098] head: 00fff00000000002 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 186.780191][ T7098] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 186.850435][ T7098] page dumped because: unmovable page [ 186.884832][ T7098] page_owner tracks the page as allocated [ 186.914641][ T7098] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6949, tgid 6942 (syz.0.262), ts 174312518906, free_ts 167864266260 [ 186.958283][ T7115] netlink: 28 bytes leftover after parsing attributes in process `syz.0.308'. [ 187.022748][ T7098] post_alloc_hook+0x181/0x1b0 [ 187.042868][ T7098] get_page_from_freelist+0x1193/0x39b0 [ 187.067764][ T7098] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 187.092031][ T7098] alloc_pages_mpol+0x1fb/0x550 [ 187.109445][ T7098] new_slab+0x23c/0x330 [ 187.124800][ T7098] ___slab_alloc+0xd9c/0x1940 [ 187.142917][ T7098] __slab_alloc.constprop.0+0x56/0xb0                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           syzkaller syzkaller login: [ 250.561555][ T7971] ip_vti0: entered allmulticast mode [ 252.247255][ T7984] netlink: 28 bytes leftover after parsing attributes in process `syz.0.517'. [ 253.432909][ T7999] netlink: 28 bytes leftover after parsing attributes in process `syz.0.523'. [ 256.059919][ T8017] kexec: Could not allocate control_code_buffer [ 256.464505][ T8019] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 257.162177][ T8026] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 257.191932][ T8026] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 257.222749][ T8026] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 257.259504][ T8026] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 257.318391][ T8026] CPU0 is offline. [ 257.474161][ T8040] netlink: set zone limit has 8 unknown bytes [ 258.036534][ T8047] netlink: 28 bytes leftover after parsing attributes in process `syz.3.532'. [ 258.625602][ T5851] Bluetooth: hci0: command 0x0c1a tx timeout [ 259.221596][ T8070] sctp: [Deprecated]: syz.3.538 (pid 8070) Use of int in maxseg socket option. [ 259.221596][ T8070] Use struct sctp_assoc_value instead [ 259.264098][ T5851] Bluetooth: hci1: command 0x0c1a tx timeout [ 259.271345][ T5846] Bluetooth: hci2: command 0x0c1a tx timeout [ 259.283131][ T5847] Bluetooth: hci3: command 0x0c1a tx timeout [ 259.562562][ T8072] netlink: 186 bytes leftover after parsing attributes in process `syz.0.539'. [ 260.806909][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.816473][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 260.974283][ T8080] ptrace attach of "./syz-executor exec"[5837] was attempted by "./syz-executor exec"[8080] [ 261.165696][ T8091] netlink: 28 bytes leftover after parsing attributes in process `syz.0.544'. [ 261.842568][ T8098] netlink: 28 bytes leftover after parsing attributes in process `syz.2.545'. [ 263.219054][ T8108] could not allocate digest TFM handle [ 265.539227][ T8141] netlink: 28 bytes leftover after parsing attributes in process `syz.2.557'. [ 267.581011][ T8166] netlink: 'syz.0.564': attribute type 2 has an invalid length. [ 267.934356][ T8168] netlink: 28 bytes leftover after parsing attributes in process `syz.0.566'. [ 268.237947][ T8170] FAULT_INJECTION: forcing a failure. [ 268.237947][ T8170] name fail_futex, interval 1, probability 0, space 0, times 0 [ 268.540359][ T8170] CPU: 1 UID: 0 PID: 8170 Comm: syz.2.565 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 268.540393][ T8170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 268.540406][ T8170] Call Trace: [ 268.540413][ T8170] [ 268.540422][ T8170] dump_stack_lvl+0x16c/0x1f0 [ 268.540459][ T8170] should_fail_ex+0x512/0x640 [ 268.540490][ T8170] get_futex_key+0x49e/0x1000 [ 268.540525][ T8170] ? __pfx_get_futex_key+0x10/0x10 [ 268.540561][ T8170] ? stack_trace_save+0x8e/0xc0 [ 268.540595][ T8170] futex_wait_setup+0x78/0x290 [ 268.540625][ T8170] __futex_wait+0x266/0x3c0 [ 268.540649][ T8170] ? __pfx___futex_wait+0x10/0x10 [ 268.540677][ T8170] ? __pfx_futex_wake_mark+0x10/0x10 [ 268.540711][ T8170] futex_wait+0xe8/0x380 [ 268.540732][ T8170] ? __pfx_futex_wait+0x10/0x10 [ 268.540760][ T8170] ? __call_rcu_common.constprop.0+0x3e5/0x9f0 [ 268.540785][ T8170] ? lockdep_hardirqs_on+0x7c/0x110 [ 268.540822][ T8170] do_futex+0x229/0x350 [ 268.540855][ T8170] ? __pfx_do_futex+0x10/0x10 [ 268.540896][ T8170] __x64_sys_futex+0x1e0/0x4c0 [ 268.540933][ T8170] ? __pfx___x64_sys_futex+0x10/0x10 [ 268.540965][ T8170] ? __pfx_fput_close_sync+0x10/0x10 [ 268.541001][ T8170] do_syscall_64+0xcd/0x260 [ 268.541042][ T8170] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.541064][ T8170] RIP: 0033:0x7f2fe298d169 [ 268.541081][ T8170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 268.541103][ T8170] RSP: 002b:00007f2fe37c60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 268.541123][ T8170] RAX: ffffffffffffffda RBX: 00007f2fe2ba5fa8 RCX: 00007f2fe298d169 [ 268.541138][ T8170] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2fe2ba5fa8 [ 268.541152][ T8170] RBP: 00007f2fe2ba5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 268.541165][ T8170] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2fe2ba5fac [ 268.541179][ T8170] R13: 0000000000000000 R14: 00007ffe06e3f6e0 R15: 00007ffe06e3f7c8 [ 268.541206][ T8170] [ 268.542435][ T8172] netlink: set zone limit has 8 unknown bytes [ 270.059337][ T8192] mkiss: ax0: crc mode is auto. [ 270.911396][ T8199] netlink: 186 bytes leftover after parsing attributes in process `syz.3.571'. [ 273.628060][ T8232] netlink: 28 bytes leftover after parsing attributes in process `syz.2.578'. [ 273.964151][ T8223] netlink: 26 bytes leftover after parsing attributes in process `syz.3.576'. [ 274.217085][ T8223] openvswitch: netlink: Tunnel attr 1030 out of range max 16 [ 275.245925][ T8250] FAULT_INJECTION: forcing a failure. [ 275.245925][ T8250] name failslab, interval 1, probability 0, space 0, times 0 [ 275.496728][ T8250] CPU: 1 UID: 0 PID: 8250 Comm: syz.1.582 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 275.496760][ T8250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 275.496774][ T8250] Call Trace: [ 275.496781][ T8250] [ 275.496790][ T8250] dump_stack_lvl+0x16c/0x1f0 [ 275.496827][ T8250] should_fail_ex+0x512/0x640 [ 275.496854][ T8250] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 275.496892][ T8250] should_failslab+0xc2/0x120 [ 275.496917][ T8250] __kmalloc_cache_noprof+0x6a/0x3e0 [ 275.496950][ T8250] ? sctp_stream_init_ext+0x4e/0x1b0 [ 275.496991][ T8250] sctp_stream_init_ext+0x4e/0x1b0 [ 275.497026][ T8250] sctp_sendmsg_to_asoc+0x15fd/0x1ad0 [ 275.497076][ T8250] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10 [ 275.497117][ T8250] ? __pfx_autoremove_wake_function+0x10/0x10 [ 275.497162][ T8250] ? sctp_sendmsg_check_sflags+0x176/0x320 [ 275.497202][ T8250] sctp_sendmsg+0xef5/0x1ee0 [ 275.497236][ T8250] ? __pfx_sctp_sendmsg+0x10/0x10 [ 275.497263][ T8250] ? __pfx___might_resched+0x10/0x10 [ 275.497304][ T8250] ? aa_file_perm+0x4d6/0xfb0 [ 275.497338][ T8250] ? __pfx_aa_sk_perm+0x10/0x10 [ 275.497368][ T8250] ? __pfx_sctp_sendmsg+0x10/0x10 [ 275.497394][ T8250] inet_sendmsg+0x119/0x140 [ 275.497421][ T8250] sock_write_iter+0x4aa/0x5b0 [ 275.497446][ T8250] ? __pfx_sock_write_iter+0x10/0x10 [ 275.497479][ T8250] ? bpf_lsm_file_permission+0x9/0x10 [ 275.497513][ T8250] ? security_file_permission+0x71/0x210 [ 275.497545][ T8250] ? rw_verify_area+0xcf/0x680 [ 275.497576][ T8250] vfs_write+0x5ba/0x1180 [ 275.497608][ T8250] ? __pfx_sock_write_iter+0x10/0x10 [ 275.497632][ T8250] ? __pfx_vfs_write+0x10/0x10 [ 275.497662][ T8250] ? find_held_lock+0x2b/0x80 [ 275.497711][ T8250] ksys_write+0x205/0x240 [ 275.497743][ T8250] ? __pfx_ksys_write+0x10/0x10 [ 275.497790][ T8250] do_syscall_64+0xcd/0x260 [ 275.497828][ T8250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.497852][ T8250] RIP: 0033:0x7f8d99d8d169 [ 275.497869][ T8250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 275.497890][ T8250] RSP: 002b:00007f8d97bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 275.497911][ T8250] RAX: ffffffffffffffda RBX: 00007f8d99fa6080 RCX: 00007f8d99d8d169 [ 275.497926][ T8250] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 275.497939][ T8250] RBP: 00007f8d97bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 275.497953][ T8250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 275.497966][ T8250] R13: 0000000000000001 R14: 00007f8d99fa6080 R15: 00007ffef1628498 [ 275.497995][ T8250] [ 278.637416][ T8279] FAULT_INJECTION: forcing a failure. [ 278.637416][ T8279] name fail_futex, interval 1, probability 0, space 0, times 0 [ 278.851192][ T8279] CPU: 1 UID: 0 PID: 8279 Comm: syz.0.589 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 278.851225][ T8279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 278.851240][ T8279] Call Trace: [ 278.851248][ T8279] [ 278.851256][ T8279] dump_stack_lvl+0x16c/0x1f0 [ 278.851294][ T8279] should_fail_ex+0x512/0x640 [ 278.851329][ T8279] get_futex_key+0x49e/0x1000 [ 278.851370][ T8279] ? __pfx_get_futex_key+0x10/0x10 [ 278.851407][ T8279] ? stack_trace_save+0x8e/0xc0 [ 278.851443][ T8279] futex_wait_setup+0x78/0x290 [ 278.851473][ T8279] __futex_wait+0x266/0x3c0 [ 278.851497][ T8279] ? __pfx___futex_wait+0x10/0x10 [ 278.851526][ T8279] ? __pfx_futex_wake_mark+0x10/0x10 [ 278.851561][ T8279] futex_wait+0xe8/0x380 [ 278.851584][ T8279] ? __pfx_futex_wait+0x10/0x10 [ 278.851614][ T8279] ? __call_rcu_common.constprop.0+0x3e5/0x9f0 [ 278.851640][ T8279] ? lockdep_hardirqs_on+0x7c/0x110 [ 278.851678][ T8279] do_futex+0x229/0x350 [ 278.851713][ T8279] ? __pfx_do_futex+0x10/0x10 [ 278.851754][ T8279] __x64_sys_futex+0x1e0/0x4c0 [ 278.851792][ T8279] ? __pfx___x64_sys_futex+0x10/0x10 [ 278.851828][ T8279] ? rcu_is_watching+0x12/0xc0 [ 278.851865][ T8279] do_syscall_64+0xcd/0x260 [ 278.851903][ T8279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.851926][ T8279] RIP: 0033:0x7f176b58d169 [ 278.851944][ T8279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 278.851966][ T8279] RSP: 002b:00007f176c38e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 278.851987][ T8279] RAX: ffffffffffffffda RBX: 00007f176b7a5fa8 RCX: 00007f176b58d169 [ 278.852003][ T8279] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f176b7a5fa8 [ 278.852017][ T8279] RBP: 00007f176b7a5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 278.852031][ T8279] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f176b7a5fac [ 278.852045][ T8279] R13: 0000000000000000 R14: 00007ffc71b5c6b0 R15: 00007ffc71b5c798 [ 278.852073][ T8279] [ 278.906017][ T8281] netlink: set zone limit has 8 unknown bytes [ 280.743584][ T8303] netlink: 28 bytes leftover after parsing attributes in process `syz.2.595'. [ 281.938648][ T8318] netlink: 4 bytes leftover after parsing attributes in process `syz.2.600'. [ 282.831045][ T8333] input: f¬ as /devices/virtual/input/input33 [ 283.433758][ T8348] netlink: 294 bytes leftover after parsing attributes in process `syz.0.608'. [ 284.820334][ T8373] FAULT_INJECTION: forcing a failure. [ 284.820334][ T8373] name fail_futex, interval 1, probability 0, space 0, times 0 [ 284.958516][ T8375] netlink: set zone limit has 8 unknown bytes [ 285.018455][ T8373] CPU: 1 UID: 0 PID: 8373 Comm: syz.3.615 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 285.018486][ T8373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 285.018498][ T8373] Call Trace: [ 285.018505][ T8373] [ 285.018513][ T8373] dump_stack_lvl+0x16c/0x1f0 [ 285.018547][ T8373] should_fail_ex+0x512/0x640 [ 285.018576][ T8373] get_futex_key+0x49e/0x1000 [ 285.018610][ T8373] ? __pfx_get_futex_key+0x10/0x10 [ 285.018642][ T8373] ? stack_trace_save+0x8e/0xc0 [ 285.018674][ T8373] futex_wait_setup+0x78/0x290 [ 285.018702][ T8373] __futex_wait+0x266/0x3c0 [ 285.018724][ T8373] ? __pfx___futex_wait+0x10/0x10 [ 285.018753][ T8373] ? __pfx_futex_wake_mark+0x10/0x10 [ 285.018785][ T8373] futex_wait+0xe8/0x380 [ 285.018810][ T8373] ? __pfx_futex_wait+0x10/0x10 [ 285.018837][ T8373] ? __call_rcu_common.constprop.0+0x3e5/0x9f0 [ 285.018860][ T8373] ? lockdep_hardirqs_on+0x7c/0x110 [ 285.018895][ T8373] do_futex+0x229/0x350 [ 285.018926][ T8373] ? __pfx_do_futex+0x10/0x10 [ 285.018963][ T8373] __x64_sys_futex+0x1e0/0x4c0 [ 285.018998][ T8373] ? __pfx___x64_sys_futex+0x10/0x10 [ 285.019028][ T8373] ? __pfx_fput_close_sync+0x10/0x10 [ 285.019061][ T8373] do_syscall_64+0xcd/0x260 [ 285.019094][ T8373] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.019115][ T8373] RIP: 0033:0x7f8eda78d169 [ 285.019131][ T8373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 285.019151][ T8373] RSP: 002b:00007f8edb5260e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 285.019170][ T8373] RAX: ffffffffffffffda RBX: 00007f8eda9a5fa8 RCX: 00007f8eda78d169 [ 285.019184][ T8373] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f8eda9a5fa8 [ 285.019196][ T8373] RBP: 00007f8eda9a5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 285.019209][ T8373] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8eda9a5fac [ 285.019222][ T8373] R13: 0000000000000000 R14: 00007ffe0e144580 R15: 00007ffe0e144668 [ 285.019247][ T8373] [ 286.144507][ T8390] FAULT_INJECTION: forcing a failure. [ 286.144507][ T8390] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 286.333401][ T8390] CPU: 1 UID: 0 PID: 8390 Comm: syz.2.621 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 286.333435][ T8390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 286.333450][ T8390] Call Trace: [ 286.333457][ T8390] [ 286.333466][ T8390] dump_stack_lvl+0x16c/0x1f0 [ 286.333504][ T8390] should_fail_ex+0x512/0x640 [ 286.333536][ T8390] should_fail_alloc_page+0xe7/0x130 [ 286.333561][ T8390] prepare_alloc_pages+0x3c2/0x610 [ 286.333590][ T8390] ? arch_stack_walk+0xa6/0x100 [ 286.333626][ T8390] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 286.333674][ T8390] ? stack_trace_save+0x8e/0xc0 [ 286.333705][ T8390] ? __pfx_stack_trace_save+0x10/0x10 [ 286.333736][ T8390] ? stack_depot_save_flags+0x28/0xa50 [ 286.333772][ T8390] ? __lock_acquire+0xaa4/0x1ba0 [ 286.333793][ T8390] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 286.333833][ T8390] ? kasan_save_stack+0x42/0x60 [ 286.333867][ T8390] ? kasan_save_stack+0x33/0x60 [ 286.333899][ T8390] ? kasan_save_track+0x14/0x30 [ 286.333932][ T8390] ? kasan_save_free_info+0x3b/0x60 [ 286.333959][ T8390] ? __kasan_slab_free+0x51/0x70 [ 286.333994][ T8390] ? kmem_cache_free+0x2d4/0x4d0 [ 286.334030][ T8390] ? __x64_sys_recvfrom+0xe0/0x1c0 [ 286.334057][ T8390] ? do_syscall_64+0xcd/0x260 [ 286.334090][ T8390] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.334131][ T8390] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 286.334157][ T8390] ? policy_nodemask+0xea/0x4e0 [ 286.334180][ T8390] alloc_pages_mpol+0x1fb/0x550 [ 286.334203][ T8390] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 286.334223][ T8390] ? __lock_acquire+0xaa4/0x1ba0 [ 286.334249][ T8390] folio_alloc_mpol_noprof+0x36/0x2f0 [ 286.334277][ T8390] vma_alloc_folio_noprof+0xed/0x1e0 [ 286.334302][ T8390] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 286.334327][ T8390] ? find_held_lock+0x2b/0x80 [ 286.334356][ T8390] ? do_wp_page+0x1079/0x59f0 [ 286.334387][ T8390] do_wp_page+0x20cc/0x59f0 [ 286.334421][ T8390] ? __pfx_do_wp_page+0x10/0x10 [ 286.334450][ T8390] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 286.334474][ T8390] ? ___pte_offset_map+0x1bc/0x540 [ 286.334505][ T8390] __handle_mm_fault+0x1ada/0x2a40 [ 286.334546][ T8390] ? __pfx___handle_mm_fault+0x10/0x10 [ 286.334578][ T8390] ? lock_vma_under_rcu+0x47d/0x970 [ 286.334605][ T8390] ? lock_vma_under_rcu+0x47d/0x970 [ 286.334654][ T8390] handle_mm_fault+0x3fe/0xad0 [ 286.334691][ T8390] do_user_addr_fault+0x60c/0x1370 [ 286.334726][ T8390] exc_page_fault+0x5c/0xc0 [ 286.334765][ T8390] asm_exc_page_fault+0x26/0x30 [ 286.334786][ T8390] RIP: 0033:0x7f2fe2946cb5 [ 286.334805][ T8390] Code: 0f 1f 44 00 00 8b 57 18 64 8b 04 25 d0 02 00 00 39 c2 0f 84 0d 01 00 00 41 54 55 53 83 7f 30 02 48 89 fb 74 28 b8 08 00 00 00 0f c1 03 83 c0 08 85 c0 0f 88 fc 00 00 00 a8 01 75 78 31 d2 5b [ 286.334828][ T8390] RSP: 002b:00007f2fe37c4de0 EFLAGS: 00010293 [ 286.334846][ T8390] RAX: 0000000000000008 RBX: 00007f2fe36d7d60 RCX: 0000000000000000 [ 286.334861][ T8390] RDX: 0000000000000000 RSI: 00007f2fe2a4b168 RDI: 00007f2fe36d7d60 [ 286.334876][ T8390] RBP: 00007f2fe37c4f00 R08: 0000000000000000 R09: 0000000000000005 [ 286.334889][ T8390] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2fe2a4ae80 [ 286.334903][ T8390] R13: 0000000000000002 R14: 00007f2fe2b7c440 R15: 0000000000000000 [ 286.334931][ T8390] [ 286.746509][ T8393] netlink: set zone limit has 8 unknown bytes [ 286.754137][ T8390] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 287.647289][ T8420] netlink: 4 bytes leftover after parsing attributes in process `syz.1.628'. [ 289.046473][ T8441] FAULT_INJECTION: forcing a failure. [ 289.046473][ T8441] name failslab, interval 1, probability 0, space 0, times 0 [ 289.299370][ T8441] CPU: 1 UID: 0 PID: 8441 Comm: syz.1.633 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 289.299405][ T8441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 289.299419][ T8441] Call Trace: [ 289.299427][ T8441] [ 289.299435][ T8441] dump_stack_lvl+0x16c/0x1f0 [ 289.299475][ T8441] should_fail_ex+0x512/0x640 [ 289.299513][ T8441] should_failslab+0xc2/0x120 [ 289.299537][ T8441] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 289.299575][ T8441] ? skb_clone+0x190/0x3f0 [ 289.299612][ T8441] skb_clone+0x190/0x3f0 [ 289.299645][ T8441] netlink_deliver_tap+0xabd/0xd30 [ 289.299685][ T8441] netlink_unicast+0x6b2/0x7f0 [ 289.299723][ T8441] ? __pfx_netlink_unicast+0x10/0x10 [ 289.299758][ T8441] ? genl_rcv_msg+0x4bb/0x800 [ 289.299788][ T8441] netlink_ack+0x696/0xb80 [ 289.299831][ T8441] netlink_rcv_skb+0x347/0x440 [ 289.299866][ T8441] ? __pfx_genl_rcv_msg+0x10/0x10 [ 289.299889][ T8441] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 289.299939][ T8441] ? __pfx_down_read+0x10/0x10 [ 289.299978][ T8441] ? netlink_deliver_tap+0x1ae/0xd30 [ 289.300016][ T8441] genl_rcv+0x28/0x40 [ 289.300050][ T8441] netlink_unicast+0x53a/0x7f0 [ 289.300089][ T8441] ? __pfx_netlink_unicast+0x10/0x10 [ 289.300132][ T8441] netlink_sendmsg+0x8d1/0xdd0 [ 289.300172][ T8441] ? __pfx_netlink_sendmsg+0x10/0x10 [ 289.300219][ T8441] __sys_sendto+0x495/0x510 [ 289.300247][ T8441] ? __pfx___sys_sendto+0x10/0x10 [ 289.300285][ T8441] ? count_memcg_events_mm.constprop.0+0x138/0x340 [ 289.300333][ T8441] __x64_sys_sendto+0xe0/0x1c0 [ 289.300360][ T8441] ? do_syscall_64+0x91/0x260 [ 289.300394][ T8441] ? lockdep_hardirqs_on+0x7c/0x110 [ 289.300431][ T8441] do_syscall_64+0xcd/0x260 [ 289.300467][ T8441] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.300491][ T8441] RIP: 0033:0x7f8d99d8effc [ 289.300516][ T8441] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 289.300540][ T8441] RSP: 002b:00007f8d9ab18ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 289.300562][ T8441] RAX: ffffffffffffffda RBX: 00007f8d9ab18fc0 RCX: 00007f8d99d8effc [ 289.300577][ T8441] RDX: 000000000000001c RSI: 00007f8d9ab19010 RDI: 0000000000000002 [ 289.300592][ T8441] RBP: 0000000000000000 R08: 00007f8d9ab18f14 R09: 000000000000000c [ 289.300606][ T8441] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 289.300621][ T8441] R13: 00007f8d9ab18f68 R14: 00007f8d9ab19010 R15: 0000000000000000 [ 289.300651][ T8441] [ 289.919606][ T8445] netlink: set zone limit has 8 unknown bytes [ 292.707696][ T8480] kAFS: Invalid Command on /proc/fs/afs/cells file [ 296.411783][ T8517] FAULT_INJECTION: forcing a failure. [ 296.411783][ T8517] name fail_futex, interval 1, probability 0, space 0, times 0 [ 296.521580][ T8519] netlink: set zone limit has 8 unknown bytes [ 296.606328][ T8517] CPU: 1 UID: 0 PID: 8517 Comm: syz.2.653 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 296.606362][ T8517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 296.606376][ T8517] Call Trace: [ 296.606383][ T8517] [ 296.606392][ T8517] dump_stack_lvl+0x16c/0x1f0 [ 296.606429][ T8517] should_fail_ex+0x512/0x640 [ 296.606471][ T8517] get_futex_key+0x49e/0x1000 [ 296.606504][ T8517] ? __pfx_get_futex_key+0x10/0x10 [ 296.606543][ T8517] futex_wake+0xe7/0x4e0 [ 296.606565][ T8517] ? __pfx_futex_wake+0x10/0x10 [ 296.606588][ T8517] ? __call_rcu_common.constprop.0+0x3e5/0x9f0 [ 296.606611][ T8517] ? lockdep_hardirqs_on+0x7c/0x110 [ 296.606646][ T8517] do_futex+0x1e3/0x350 [ 296.606677][ T8517] ? __pfx_do_futex+0x10/0x10 [ 296.606714][ T8517] __x64_sys_futex+0x1e0/0x4c0 [ 296.606769][ T8517] ? __pfx___x64_sys_futex+0x10/0x10 [ 296.606801][ T8517] ? __pfx_fput_close_sync+0x10/0x10 [ 296.606837][ T8517] do_syscall_64+0xcd/0x260 [ 296.606872][ T8517] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 296.606895][ T8517] RIP: 0033:0x7f2fe298d169 [ 296.606912][ T8517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 296.606934][ T8517] RSP: 002b:00007f2fe37c60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 296.606961][ T8517] RAX: ffffffffffffffda RBX: 00007f2fe2ba5fa8 RCX: 00007f2fe298d169 [ 296.606976][ T8517] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2fe2ba5fac [ 296.606991][ T8517] RBP: 00007f2fe2ba5fa0 R08: 00007f2fe37c7000 R09: 0000000000000000 [ 296.607005][ T8517] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f2fe2ba5fac [ 296.607020][ T8517] R13: 0000000000000000 R14: 00007ffe06e3f6e0 R15: 00007ffe06e3f7c8 [ 296.607047][ T8517] [ 296.825503][ C1] vkms_vblank_simulate: vblank timer overrun [ 299.613681][ T8554] FAULT_INJECTION: forcing a failure. [ 299.613681][ T8554] name failslab, interval 1, probability 0, space 0, times 0 [ 299.720273][ T8552] svc: failed to register nfsdv3 RPC service (errno 111). [ 299.770557][ T8552] svc: failed to register nfsaclv3 RPC service (errno 111). [ 299.797108][ T8554] CPU: 1 UID: 0 PID: 8554 Comm: syz.3.662 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 299.797142][ T8554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 299.797156][ T8554] Call Trace: [ 299.797163][ T8554] [ 299.797171][ T8554] dump_stack_lvl+0x16c/0x1f0 [ 299.797208][ T8554] should_fail_ex+0x512/0x640 [ 299.797235][ T8554] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 299.797278][ T8554] should_failslab+0xc2/0x120 [ 299.797300][ T8554] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 299.797340][ T8554] ? argv_split+0x35/0x440 [ 299.797371][ T8554] kstrndup+0x6d/0x160 [ 299.797393][ T8554] ? __pfx___trace_uprobe_create+0x10/0x10 [ 299.797418][ T8554] argv_split+0x35/0x440 [ 299.797448][ T8554] ? __pfx___trace_uprobe_create+0x10/0x10 [ 299.797472][ T8554] trace_probe_create+0x7d/0x100 [ 299.797509][ T8554] ? __pfx_trace_probe_create+0x10/0x10 [ 299.797554][ T8554] create_or_delete_trace_uprobe+0x5a/0xb0 [ 299.797579][ T8554] trace_parse_run_command+0x1a6/0x3e0 [ 299.797600][ T8554] ? __pfx_create_or_delete_trace_uprobe+0x10/0x10 [ 299.797629][ T8554] vfs_write+0x25c/0x1180 [ 299.797659][ T8554] ? __pfx_probes_write+0x10/0x10 [ 299.797684][ T8554] ? __pfx___mutex_lock+0x10/0x10 [ 299.797718][ T8554] ? __pfx_vfs_write+0x10/0x10 [ 299.797765][ T8554] ? __fget_files+0x20e/0x3c0 [ 299.797807][ T8554] ksys_write+0x12a/0x240 [ 299.797839][ T8554] ? __pfx_ksys_write+0x10/0x10 [ 299.797870][ T8554] ? rcu_is_watching+0x12/0xc0 [ 299.797908][ T8554] do_syscall_64+0xcd/0x260 [ 299.797944][ T8554] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.797967][ T8554] RIP: 0033:0x7f8eda78d169 [ 299.797985][ T8554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 299.798007][ T8554] RSP: 002b:00007f8edb526038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 299.798028][ T8554] RAX: ffffffffffffffda RBX: 00007f8eda9a5fa0 RCX: 00007f8eda78d169 [ 299.798043][ T8554] RDX: 0000000000000019 RSI: 0000200000000000 RDI: 0000000000000003 [ 299.798057][ T8554] RBP: 00007f8edb526090 R08: 0000000000000000 R09: 0000000000000000 [ 299.798071][ T8554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 299.798085][ T8554] R13: 0000000000000000 R14: 00007f8eda9a5fa0 R15: 00007ffe0e144668 [ 299.798114][ T8554] [ 300.592025][ T8557] netlink: 28 bytes leftover after parsing attributes in process `syz.3.664'. [ 301.675110][ T8567] FAULT_INJECTION: forcing a failure. [ 301.675110][ T8567] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 301.763401][ T8567] CPU: 1 UID: 0 PID: 8567 Comm: syz.2.668 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 301.763436][ T8567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 301.763450][ T8567] Call Trace: [ 301.763457][ T8567] [ 301.763466][ T8567] dump_stack_lvl+0x16c/0x1f0 [ 301.763503][ T8567] should_fail_ex+0x512/0x640 [ 301.763532][ T8567] _copy_from_user+0x2e/0xd0 [ 301.763561][ T8567] copy_from_sockptr_offset.constprop.0+0x153/0x1a0 [ 301.763608][ T8567] ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10 [ 301.763650][ T8567] ? _kstrtoull+0x145/0x200 [ 301.763689][ T8567] do_ip_setsockopt+0x326/0x3240 [ 301.763715][ T8567] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 301.763753][ T8567] ip_setsockopt+0x59/0xf0 [ 301.763776][ T8567] ipv6_setsockopt+0x155/0x170 [ 301.763812][ T8567] sctp_setsockopt+0x169/0xb870 [ 301.763845][ T8567] ? __pfx_sctp_setsockopt+0x10/0x10 [ 301.763868][ T8567] ? __lock_acquire+0x5ca/0x1ba0 [ 301.763906][ T8567] ? __pfx_aa_sk_perm+0x10/0x10 [ 301.763932][ T8567] ? find_held_lock+0x2b/0x80 [ 301.763963][ T8567] ? sock_common_setsockopt+0x2e/0xf0 [ 301.763999][ T8567] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 301.764034][ T8567] do_sock_setsockopt+0x221/0x470 [ 301.764068][ T8567] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 301.764118][ T8567] __sys_setsockopt+0x1a0/0x230 [ 301.764150][ T8567] __x64_sys_setsockopt+0xbd/0x160 [ 301.764176][ T8567] ? do_syscall_64+0x91/0x260 [ 301.764208][ T8567] ? lockdep_hardirqs_on+0x7c/0x110 [ 301.764239][ T8567] do_syscall_64+0xcd/0x260 [ 301.764273][ T8567] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.764295][ T8567] RIP: 0033:0x7f2fe298d169 [ 301.764313][ T8567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 301.764335][ T8567] RSP: 002b:00007f2fe37c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 301.764355][ T8567] RAX: ffffffffffffffda RBX: 00007f2fe2ba5fa0 RCX: 00007f2fe298d169 [ 301.764370][ T8567] RDX: 0000000000000019 RSI: 0000000000000000 RDI: 0000000000000003 [ 301.764383][ T8567] RBP: 00007f2fe37c6090 R08: 0000000000000009 R09: 0000000000000000 [ 301.764397][ T8567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 301.764410][ T8567] R13: 0000000000000000 R14: 00007f2fe2ba5fa0 R15: 00007ffe06e3f7c8 [ 301.764437][ T8567] [ 302.931507][ T8573] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 303.677804][ T8580] ================================================================== [ 303.687499][ T8580] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0 [ 303.696758][ T8580] Read of size 8 at addr ffff888141e8ca18 by task syz.3.671/8580 [ 303.706033][ T8580] [ 303.708817][ T8580] CPU: 1 UID: 0 PID: 8580 Comm: syz.3.671 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 303.708849][ T8580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 303.708864][ T8580] Call Trace: [ 303.708873][ T8580] [ 303.708882][ T8580] dump_stack_lvl+0x116/0x1f0 [ 303.708919][ T8580] print_report+0xc3/0x670 [ 303.708940][ T8580] ? __virt_addr_valid+0x5e/0x590 [ 303.708975][ T8580] ? __phys_addr+0xc6/0x150 [ 303.709011][ T8580] ? dvb_device_open+0x36a/0x3b0 [ 303.709034][ T8580] kasan_report+0xe0/0x110 [ 303.709055][ T8580] ? dvb_device_open+0x36a/0x3b0 [ 303.709080][ T8580] ? __pfx_dvb_device_open+0x10/0x10 [ 303.709104][ T8580] dvb_device_open+0x36a/0x3b0 [ 303.709127][ T8580] ? __pfx_dvb_device_open+0x10/0x10 [ 303.709150][ T8580] chrdev_open+0x231/0x6a0 [ 303.709187][ T8580] ? __pfx_apparmor_file_open+0x10/0x10 [ 303.709218][ T8580] ? __pfx_chrdev_open+0x10/0x10 [ 303.709257][ T8580] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 303.709295][ T8580] do_dentry_open+0x741/0x1c10 [ 303.709330][ T8580] ? __pfx_chrdev_open+0x10/0x10 [ 303.709381][ T8580] vfs_open+0x82/0x3f0 [ 303.709404][ T8580] path_openat+0x1e5e/0x2d40 [ 303.709469][ T8580] ? __pfx_path_openat+0x10/0x10 [ 303.709507][ T8580] do_filp_open+0x20b/0x470 [ 303.709544][ T8580] ? __pfx_do_filp_open+0x10/0x10 [ 303.709592][ T8580] ? alloc_fd+0x471/0x7d0 [ 303.709633][ T8580] do_sys_openat2+0x11b/0x1d0 [ 303.709659][ T8580] ? __pfx_do_sys_openat2+0x10/0x10 [ 303.709686][ T8580] ? __pfx___might_resched+0x10/0x10 [ 303.709727][ T8580] __x64_sys_openat+0x174/0x210 [ 303.709755][ T8580] ? __pfx___x64_sys_openat+0x10/0x10 [ 303.709783][ T8580] ? rcu_is_watching+0x12/0xc0 [ 303.709816][ T8580] do_syscall_64+0xcd/0x260 [ 303.709852][ T8580] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.709876][ T8580] RIP: 0033:0x7f8eda78d169 [ 303.709896][ T8580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 303.709920][ T8580] RSP: 002b:00007f8edb526038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 303.709942][ T8580] RAX: ffffffffffffffda RBX: 00007f8eda9a5fa0 RCX: 00007f8eda78d169 [ 303.709958][ T8580] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 303.709973][ T8580] RBP: 00007f8eda80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 303.709988][ T8580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 303.710002][ T8580] R13: 0000000000000000 R14: 00007f8eda9a5fa0 R15: 00007ffe0e144668 [ 303.710025][ T8580] [ 303.710033][ T8580] [ 304.012673][ T8580] Allocated by task 1: [ 304.017560][ T8580] kasan_save_stack+0x33/0x60 [ 304.023182][ T8580] kasan_save_track+0x14/0x30 [ 304.028799][ T8580] __kasan_kmalloc+0xaa/0xb0 [ 304.034328][ T8580] dvb_register_device+0x1e4/0x2370 [ 304.040561][ T8580] dvb_register_frontend+0x5a6/0x880 [ 304.046929][ T8580] vidtv_bridge_probe+0x459/0xa90 [ 304.052965][ T8580] platform_probe+0xff/0x1f0 [ 304.058472][ T8580] really_probe+0x23e/0xa90 [ 304.063879][ T8580] __driver_probe_device+0x1de/0x440 [ 304.070228][ T8580] driver_probe_device+0x4c/0x1b0 [ 304.076279][ T8580] __driver_attach+0x283/0x580 [ 304.082103][ T8580] bus_for_each_dev+0x13b/0x1d0 [ 304.087922][ T8580] bus_add_driver+0x2e9/0x690 [ 304.093533][ T8580] driver_register+0x15c/0x4b0 [ 304.099258][ T8580] vidtv_bridge_init+0x45/0x80 [ 304.104981][ T8580] do_one_initcall+0x120/0x6e0 [ 304.110708][ T8580] kernel_init_freeable+0x5c2/0x900 [ 304.116948][ T8580] kernel_init+0x1c/0x2b0 [ 304.122137][ T8580] ret_from_fork+0x45/0x80 [ 304.127433][ T8580] ret_from_fork_asm+0x1a/0x30 [ 304.133156][ T8580] [ 304.135927][ T8580] Freed by task 8573: [ 304.140683][ T8580] kasan_save_stack+0x33/0x60 [ 304.146718][ T8580] kasan_save_track+0x14/0x30 [ 304.152333][ T8580] kasan_save_free_info+0x3b/0x60 [ 304.158367][ T8580] __kasan_slab_free+0x51/0x70 [ 304.164098][ T8580] kfree+0x2b6/0x4d0 [ 304.168787][ T8580] dvb_device_put.part.0+0x60/0x90 [ 304.174931][ T8580] dvb_device_open+0x2a4/0x3b0 [ 304.180640][ T8580] chrdev_open+0x231/0x6a0 [ 304.185945][ T8580] do_dentry_open+0x741/0x1c10 [ 304.191681][ T8580] vfs_open+0x82/0x3f0 [ 304.196555][ T8580] path_openat+0x1e5e/0x2d40 [ 304.202063][ T8580] do_filp_open+0x20b/0x470 [ 304.207467][ T8580] do_sys_openat2+0x11b/0x1d0 [ 304.213089][ T8580] __x64_sys_openat+0x174/0x210 [ 304.218903][ T8580] do_syscall_64+0xcd/0x260 [ 304.224311][ T8580] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.231378][ T8580] [ 304.234159][ T8580] The buggy address belongs to the object at ffff888141e8ca00 [ 304.234159][ T8580] which belongs to the cache kmalloc-256 of size 256 [ 304.251011][ T8580] The buggy address is located 24 bytes inside of [ 304.251011][ T8580] freed 256-byte region [ffff888141e8ca00, ffff888141e8cb00) [ 304.267452][ T8580] [ 304.270225][ T8580] The buggy address belongs to the physical page: [ 304.277921][ T8580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x141e8c [ 304.288524][ T8580] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 304.298712][ T8580] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff) [ 304.307859][ T8580] page_type: f5(slab) [ 304.312636][ T8580] raw: 057ff00000000040 ffff88801b441b40 dead000000000122 0000000000000000 [ 304.322955][ T8580] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 304.333249][ T8580] head: 057ff00000000040 ffff88801b441b40 dead000000000122 0000000000000000 [ 304.343644][ T8580] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 304.354043][ T8580] head: 057ff00000000001 ffffea000507a301 00000000ffffffff 00000000ffffffff [ 304.364444][ T8580] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 304.374839][ T8580] page dumped because: kasan: bad access detected [ 304.382541][ T8580] page_owner tracks the page as allocated [ 304.389388][ T8580] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 24131972950, free_ts 0 [ 304.413035][ T8580] post_alloc_hook+0x181/0x1b0 [ 304.418757][ T8580] get_page_from_freelist+0x1193/0x39b0 [ 304.425423][ T8580] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 304.432501][ T8580] alloc_pages_mpol+0x1fb/0x550 [ 304.438312][ T8580] new_slab+0x23c/0x330 [ 304.443296][ T8580] ___slab_alloc+0xd9c/0x1940 [ 304.448906][ T8580] __slab_alloc.constprop.0+0x56/0xb0 [ 304.455354][ T8580] __kmalloc_cache_noprof+0xfb/0x3e0 [ 304.461705][ T8580] bus_add_driver+0x92/0x690 [ 304.467216][ T8580] driver_register+0x15c/0x4b0 [ 304.472934][ T8580] usb_register_driver+0x216/0x4d0 [ 304.479058][ T8580] do_one_initcall+0x120/0x6e0 [ 304.484776][ T8580] kernel_init_freeable+0x5c2/0x900 [ 304.491011][ T8580] kernel_init+0x1c/0x2b0 [ 304.496196][ T8580] ret_from_fork+0x45/0x80 [ 304.501491][ T8580] ret_from_fork_asm+0x1a/0x30 [ 304.507215][ T8580] page_owner free stack trace missing [ 304.513641][ T8580] [ 304.516417][ T8580] Memory state around the buggy address: [ 304.523156][ T8580] ffff888141e8c900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 304.532826][ T8580] ffff888141e8c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 304.542493][ T8580] >ffff888141e8ca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 304.552156][ T8580] ^ [ 304.558084][ T8580] ffff888141e8ca80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 304.567745][ T8580] ffff888141e8cb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 304.577406][ T8580] ================================================================== [ 310.589013][ T8580] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 310.597696][ T8580] CPU: 1 UID: 0 PID: 8580 Comm: syz.3.671 Not tainted 6.14.0-syzkaller-13423-ga8662bcd2ff1 #0 PREEMPT(full) [ 310.611554][ T8580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 310.623608][ T8580] Call Trace: [ 310.627531][ T8580] [ 310.631038][ T8580] dump_stack_lvl+0x3d/0x1f0 [ 310.636554][ T8580] panic+0x71c/0x800 [ 310.641233][ T8580] ? __pfx_panic+0x10/0x10 [ 310.646833][ T8580] ? mark_held_locks+0x49/0x80 [ 310.652558][ T8580] ? preempt_schedule_thunk+0x16/0x30 [ 310.658997][ T8580] ? dvb_device_open+0x36a/0x3b0 [ 310.664909][ T8580] ? preempt_schedule_common+0x44/0xc0 [ 310.671465][ T8580] ? dvb_device_open+0x36a/0x3b0 [ 310.677384][ T8580] check_panic_on_warn+0xab/0xb0 [ 310.683315][ T8580] end_report+0x107/0x170 [ 310.688505][ T8580] kasan_report+0xee/0x110 [ 310.693793][ T8580] ? dvb_device_open+0x36a/0x3b0 [ 310.699723][ T8580] ? __pfx_dvb_device_open+0x10/0x10 [ 310.706110][ T8580] dvb_device_open+0x36a/0x3b0 [ 310.711847][ T8580] ? __pfx_dvb_device_open+0x10/0x10 [ 310.718201][ T8580] chrdev_open+0x231/0x6a0 [ 310.723512][ T8580] ? __pfx_apparmor_file_open+0x10/0x10 [ 310.730167][ T8580] ? __pfx_chrdev_open+0x10/0x10 [ 310.736097][ T8580] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 310.744215][ T8580] do_dentry_open+0x741/0x1c10 [ 310.749938][ T8580] ? __pfx_chrdev_open+0x10/0x10 [ 310.755869][ T8580] vfs_open+0x82/0x3f0 [ 310.760804][ T8580] path_openat+0x1e5e/0x2d40 [ 310.766331][ T8580] ? __pfx_path_openat+0x10/0x10 [ 310.772274][ T8580] do_filp_open+0x20b/0x470 [ 310.777695][ T8580] ? __pfx_do_filp_open+0x10/0x10 [ 310.783753][ T8580] ? alloc_fd+0x471/0x7d0 [ 310.788961][ T8580] do_sys_openat2+0x11b/0x1d0 [ 310.794570][ T8580] ? __pfx_do_sys_openat2+0x10/0x10 [ 310.800805][ T8580] ? __pfx___might_resched+0x10/0x10 [ 310.807157][ T8580] __x64_sys_openat+0x174/0x210 [ 310.812974][ T8580] ? __pfx___x64_sys_openat+0x10/0x10 [ 310.819420][ T8580] ? rcu_is_watching+0x12/0xc0 [ 310.825142][ T8580] do_syscall_64+0xcd/0x260 [ 310.830565][ T8580] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.837630][ T8580] RIP: 0033:0x7f8eda78d169 [ 310.842925][ T8580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 310.866468][ T8580] RSP: 002b:00007f8edb526038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 310.876556][ T8580] RAX: ffffffffffffffda RBX: 00007f8eda9a5fa0 RCX: 00007f8eda78d169 [ 310.886123][ T8580] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 310.895682][ T8580] RBP: 00007f8eda80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 310.905235][ T8580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 310.914797][ T8580] R13: 0000000000000000 R14: 00007f8eda9a5fa0 R15: 00007ffe0e144668 [ 310.924359][ T8580] [ 310.928047][ T8580] Kernel Offset: disabled [ 310.933225][ T8580] Rebooting in 86400 seconds..