last executing test programs: 7.123947381s ago: executing program 2 (id=420): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x80000008000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x800) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x8000007, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/fuse/parameters/max_user_bgreq\x00', 0x1f2382, 0x0) sendfile$auto(r0, r0, 0x0, 0x7fff) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) pidfd_send_signal$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffb1e0, 0x4, &(0x7f00000000c0)={@siginfo_0_0={0xa, 0xb92, 0x9}}, 0x4) r1 = socket(0xa, 0x5, 0x84) sendto$auto(r1, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fb8000"}, 0x1c) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x1e, 0x1, 0x0) socket(0x28, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x1) pipe2$auto(0x0, 0x80) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) socket(0x2, 0x3, 0xa) pipe2$auto(0x0, 0x80) syz_clone(0x4000000, &(0x7f0000000040)="1110772e9118d81097a406f5750008b28be67ef0011bcaa612e84dc6950fa015", 0x20, &(0x7f0000000280), &(0x7f0000000300), &(0x7f0000000340)="999cddedc642f9d16b60e08e550af0331de32832f1be9a913df00e1438c3b438e7993dce0b5987fdc239df") keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x8) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0}, 0x63}, 0x3, 0x0) 5.998914071s ago: executing program 2 (id=427): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cpu.max.burst\x00', 0x80302, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.7/usb8/power/active_duration\x00', 0xc8080, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0225020000000800030080"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x20040004) sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0x5, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x5}, 0x3}, 0x40000204, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/17, 0x11) read$auto_cachefiles_daemon_fops_internal(r0, &(0x7f0000000000)=""/111, 0x6f) sendfile$auto(r0, r0, 0x0, 0x3) 5.628321681s ago: executing program 2 (id=431): socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x3, 0x9) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0) write$auto_sg_fops_sg(r0, &(0x7f0000001380)="4a0200000000040000899edb615550fd8c44924d87f0010047eb02eff5d2adc245a4e1eded0e91b86c61b6b42ed6", 0x2e) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r1 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r1) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) mq_open$auto(&(0x7f0000000000)='.\xf1e4\xdf\x16\x95kxE\xd9x\x15\xb0\xf6V\x93\xb4E\x06\xc5}l', 0x400056a, 0x9, 0x0) ftruncate$auto(0x3, 0x700) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x1, 0xff) r3 = socket(0xa, 0x3, 0xff) connect$auto(r3, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) madvise$auto(0x1ffff000, 0x7, 0x100000000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) shmget$auto(0x8, 0x10563, 0x568d1af2) madvise$auto(0x0, 0xffffffffffff0004, 0x19) getpgid$auto(0x0) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) lsm_set_self_attr$auto(0x1, 0x0, 0x80, 0x0) close_range$auto(0x2, 0xa, 0x0) 4.703479602s ago: executing program 2 (id=437): mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xfffffffffffffffa, 0x7ffd) (async) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) ioctl$auto(0xffffffffffffffff, 0x4, 0xffffffffffffffff) (async) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) (async, rerun: 32) move_mount$auto(0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x77) (rerun: 32) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) socket(0x25, 0x1, 0x4) (async, rerun: 64) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000080), 0xffffffffffffffff) (async, rerun: 64) socket(0x10, 0x2, 0xf) (async) close_range$auto(0x2, 0x8, 0x0) (async) openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) (async) socket(0xa, 0x801, 0x106) socket(0x2b, 0x1, 0x1) (async, rerun: 64) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe\x00', 0x2800, 0x0) (async, rerun: 64) openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0) (async, rerun: 64) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv6/neigh/veth1/unres_qlen\x00', 0x382, 0x0) (async, rerun: 64) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) (async, rerun: 32) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x0, 0x0) (async, rerun: 32) close_range$auto(0x2, 0x8, 0x0) (async) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vkms/graphics/fb0/bits_per_pixel\x00', 0x82942, 0x0) sendfile$auto(r0, r0, 0x0, 0x23f) (async) setns(0xffffffffffffffff, 0x8000000) (async) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/sctp/rto_min\x00', 0xba45a641e375b9f1, 0x0) sendfile$auto(r1, r1, 0x0, 0x1) (async) r2 = socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x1fe, 0x8000) r3 = syz_genetlink_get_family_id$auto_gtp(&(0x7f00000000c0), r2) sendmsg$auto_GTP_CMD_DELPDP(r2, &(0x7f00000001c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="000125bd7000fcdbdf0d721a25010000000800020004000000080002001c0000000c0003000000000000000c0006000600040000000c00030003000000000000000c000300ff7f00000000000008000800800000006594b92500643918"], 0x58}, 0x1, 0x0, 0x0, 0x400}, 0x4040000) 3.611876321s ago: executing program 0 (id=442): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x14, 0x947, 0x1ffe0, 0x3, 0x6, 0x2, 0x9, 0x5, 0xfff, 0x7, 0x8001, 0x2, 0x5, 0x3, 0x40, 0x7, 0x0, 0x0, 0x6, 0x2, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd]}, 0x1fe, 0x81) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) modify_ldt$auto(0x1, &(0x7f00000001c0), 0x10) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001cc0)='/dev/input/event1\x00', 0x101242, 0x0) ioctl$auto_EVIOCREVOKE(r0, 0x40044591, 0x0) ioctl$auto_EVIOCGREP(r0, 0x80084503, 0x0) socket(0x2, 0x1, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x14, 0x944, 0x35b, 0x3, 0x806, 0x7, 0x9, 0x400005, 0x4000fff, 0x2, 0x8001, 0x2, 0x5, 0x3, 0x8, 0x7, 0x20, 0xc7, 0x6, 0x0, 0x0, 0x81, 0x0, 0x0, 0xffffffff, 0xfff, 0x0, [0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x9, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, 0x1fe, 0x85) msgrcv$auto(0x0, 0x0, 0x1000, 0x8000000000000000, 0xb5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000) mmap$auto(0x0, 0x1004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) r1 = semctl$auto(0x1ff, 0x100000001, 0x13, 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r2, 0x107, 0x12, 0x0, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYRESHEX=r1, @ANYRES8=r1, @ANYRES16=r1, @ANYRES8=r1, @ANYRES8=r2, @ANYRESOCT=r1, @ANYRES64=r1, @ANYBLOB="56f826c0", @ANYBLOB], 0x1ac}}, 0x40000) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0) signalfd$auto(0x4, 0x0, 0x8) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/arch_status\x00', 0x80300, 0x0) mmap$auto(0x0, 0xb, 0x6, 0xeb1, 0x3ff, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card1/pcm0c/sub3/info\x00', 0x1a3443, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000140), 0x80200, 0x0) io_uring_setup$auto(0x40000002c55, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) 2.864562782s ago: executing program 1 (id=448): sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/traceSMB\x00', 0x0, 0x0) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(0x3, 0x0, 0x1f40) r0 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f00000004c0), 0x2202, 0x0) ioctl$auto_USB_RAW_IOCTL_EP0_WRITE(r0, 0x40085503, &(0x7f0000000600)={0xd, 0x0, 0x3}) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x6, &(0x7f0000000000)={0x0, 0xfc6}, 0x6, 0x0, 0x7, 0xa505}, 0x800}, 0x80000000, 0x4008) recvmsg$auto(0xffffffffffffffff, 0x0, 0x6) writev$auto(0xca, 0x0, 0x2000000000000003) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/event0\x00', 0x2, 0x0) io_uring_setup$auto(0xc, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x30}, 0x1) close_range$auto(0x2, 0xa, 0x0) socketpair$auto(0x1, 0x4, 0x4, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/stack\x00', 0x8a1940, 0x0) ioperm$auto(0x10001, 0x6, 0x2) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x6, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0xc0000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2a, 0x2, 0xb) mmap$auto(0x1, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xffffeffe, 0x2) pipe$auto(0x0) 2.775156864s ago: executing program 1 (id=449): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000300) mq_unlink$auto(0x0) 2.580159773s ago: executing program 0 (id=450): close_range$auto(0x2, 0x8, 0x0) socket(0x2b, 0x1, 0x0) (async) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) (async) open(&(0x7f00000001c0)='./file0\x00', 0x121142, 0x13d) (async) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) (async) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) (async) socket(0xa, 0x801, 0x106) (async, rerun: 32) setsockopt$auto(0x3, 0x0, 0xf, 0x0, 0xb) (rerun: 32) close_range$auto(0x2, 0x8000, 0x0) mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) (async, rerun: 64) io_uring_register$auto(0x2, 0x2, &(0x7f0000000040), 0x86) (rerun: 64) io_uring_register$auto(0x2, 0x6, &(0x7f0000000040), 0x1) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async) read$auto(0x3, 0x0, 0x7fffffff) (async, rerun: 64) write$auto(0x3, 0x0, 0xfffffdef) (async, rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) (async) setresuid$auto(0x8, 0x8, 0x0) (async, rerun: 32) setfsuid$auto(0x0) (async, rerun: 32) keyctl$auto(0x5, 0xffffffffffffffff, 0x0, 0x0, 0x20000000000006) openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0) (async, rerun: 64) write$auto(0xffffffffffffffff, &(0x7f0000001340)='7\x04\x00\x00@\xff\x90D\xe8=;d\xd7;\xfb\x7f\xcb\xab\xa7f\xf9D\xb5\x1a[\xad', 0xffbffdef) (rerun: 64) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000001200)={{&(0x7f0000000100)="17246e7794873deec864ea5e47975ffb3ccc7984c0be195a9f0ed09bc0e762819f25fa1a777dbbde195177557d4f26a76732f15746b63d0c3868059d0e5ea73f7189f3567b774d41de16d5ef3bf9ff71aa00e7441407c7ddc3bcbc25e69831b3651df18b30ae81782204d1efd7971ceb0145a60d578b6093a4d69c39824669994c4c47ebdf7d401d6e792c672375a2cf20b3f795e88a8abbcdcce72a51d58ce76ec4959e59285729736c92707e3749", 0x6, &(0x7f0000000080)={&(0x7f0000000000)="2e26199ffdc367279dc3fc1bd94df0", 0x9}, 0x8e8, &(0x7f0000000200)="02e0c31653f3aba965850f5a39703aba767e99d687995d5b8eb5802addf8e18819323a356aa029f868f7b520c5fbc701ece2c05bc25e391f5a8ed72d6a2c69236a16ed142c29113448c7b9d1583b28eb538e411f2efa66fc458438bfb8c128cb5634239459454b648e640bb7ccdc3a11170705a7358f10d3ceede386b6b209d4ededcba2cb2742e0d535cae099ffcd0793686a40eb517b1ffc25d8f350236bfedf9d053f555043cc761148310042927e57c1c87952501702541bee6c085e80c29420fcc2156ea2522ec2464c8ef7d3c4c8e3850e05650b798a2b6eedc77d21d6b4c54316676d17e4467ccc06f6eb68d5732fafe3dbba26723bfc7d51262549efeb465f6fbebfb01e938c8c8cd5c05e9e6cec6e1a9aa6f39b83f3d4722c81a9795aa0478602c0a52279d9c300e387d296f7da6868a2d76f68f325d0052a2d670d0ddf4fe89593f6490b3afa7fccec0fc9c26bbcdb1176aaa162a70ee3d3d8618209bf99dee748d1957d527385467169aadc56fb3ab9c8bce0eccb53d31cb73b81a976024173af14d091e8478395864ecabb4f6f6ac7c641b95d9113e33111544a56ba10d172dca9c1d53931115b56c07a5c86dd77c948a7bf43c4532647d631cd775632737a3a942c0a1cf8b228c584675bc5d461e006f9d200af3a695060e7ab5be5cf8753ab726205eabf13c464b6a41d1d5f9063af59f661879a3a7f23528c4a15ffd097d3500efdc6b74b1d0d4f9bc4782dce33545e0a47ebb5fff96730dcd6b603e4a4b748b9bb7fd47a36feb1d94b0ef21f7c14dee900a3a833143f56c62d06098e8241d433cf1bc293014506b5fea9def95731e7d7c9d8cee5da3bfb12a986810fcebd201027720148530d92d801a395217744a4604afd7d507e27f982dd178b65dbe3c025d8a1ec18cfe3b828646ad2c59facce6e5e6915b1b0ffa9b9e1a9639c94d9fb898116636c1f5afca8d997da3eccd9d9ee460df8ead2832117af7f1b36bc14ad35244f7c1f0381e748d57cfe67028a0d6319eea3ae65319971542667a08822e7cf08cb90d4681d687b14c525bad9cfcb6f88dede0f3630639642235db4e1a77bd008a9b89b7c11a2aa4d138f5220afd6a429ec32c0a99dcfe3bbc03a423cd5a68ccc8d3744f7cc2bf9c05bc4094ab030d3e42a6d9cf857d4659f8f255a8d93f82565ccaa9f1e7c14caf5ddeae549a8b410304d6ce8b94b34f2fb5d189cb808507b635665a3a538da68ff18a01cb6c258a404fbe52dcafd86ed78492998e11c671d390efd60d750bdf15d457f2d3c4b4cb44aa8a7164637f1c607b352675996f6d9a959e8e29dbfc86c249d8475123e7a5d3090f9364480dc06677376c2879d6f5641b9933f5b3b2efe6daabad4fe79f59900772398d63f0390bed8be7216175b9e4b61713935b3fc55c1c4902f66cadc44601caec1e5bd68be35249798968290a0a9b9ef3a66f6aabf1c1f9a26fd8866bf945bd00071aedf19017f86098cb5dce0c1219e5a852d052ba990221b4936a8a73c07f787a5df7887df8fe318b5bd1335bea33d3101affcf183fe208809e7895aac000629c371085fdff4ad82b899b6b1d6e7988af609e7f96b282b4cf11713976619565e0bd615b01e03fc45d3ff7b1424d8761b2c7bd6d2fb6b69a6adc00667c1e241119f2e17eaf866d4026f117e1bcf0d3ca95b4decef6fe5adaa99406dc0b2773ec21d99d272f3a6ad5332334fa1d032d84d44d759dea9fd94ee072bfdba53be0a116655be0b15f80f95b8be9ecd3bec8ff27b8f6767fa909e5e1ee585ba0760132138df6dddfe2460250961545e5bc388ce1be2664156106263726f70d6aea2a4c1be870e593f3755573baabe8a0e107bd38158f6b596ffe789949918f5ce64d0038c1e9f5a511130ab3e3005b073ccdb5fa40d5a8c4d0449bce7802c9b149cb3736164453e14e0b3012f84b79103649b833b651b56726f46ce318e3ee09d08a74227c6eda2baa66b682198a3df249d5d4e2a36d0d50ce30c47f504d2603f91746e7300e1766220c5f739a6e56b336b815f8eb4f80cc8e24c1daa2321ae693cf6f5f59040e74d888266b3e9bbd117171be4fbf802d18a94c263158bd7539db560a34acbc4d127d396760a6e4937c8511ee16224471b5095264ce00473e975e203d6296c556e1b4df8f7f415bf2f14f042b1e1014b917b8399736483bf85ee55facc4ef8e8ceb4ccd2ea00e1c6b29041e100fdec857b04f90c54d13044bf0132a8521285e9b58d5471fea0f0386457409e05b78873601ee24196751a7566cc228dc11d0dcb90b0e49ddf3e7821d65503d6196a0c24615eaf07b18a95444bedd3640c311b7e1cd5f979d2830d6fff023c632c6f2df19632dcc1b59eca40dfe71b24032da3beaf64effcc104093a90047cc2751d6ff2657582a8cedec200916c3a9444d09713d800756405b761d5f89602c6ecfedc89ab1079d4747dc68122ea6e7526bb10a821d487d9966391a0fb2b13d08c1e219dbf3d9079433610d50a190963be0f790f3f822597965e5f2042f6b28c5e23165cc554c8f8923762d671a652b2604bb4733f3828d7cca6b32590b7c7a33ea3a7d692cb49bad916fe9b1a709a534856bbf79b74138fc4126ffd7fac912423e17aece3462bb290e326ab40c56a61d7e4246672857e074af8c979d12a55f0a9a4834f22a01348104faf4fcf78f9c594a179666398b306425c4820535c68a7e66528d0151bbd820e6c9c033d64d240ef4b0f8742a86287ffe6a47ab3acc37bc810872f0bb4adabe44131a54e2db8f024d963ae07452883d753955404f608bdd0a9eced864747449693f54172003e44eeb2eb7f43517ce2f60c21a6a6bf48bca05d8ce6b405e0cecf9a35f1df8ca081438c009700e00287b2ea1b7c09759b69f2720885d721cf4242b9800e8a7feca881ee63fdaa4dd72fab7cf333ed88c237ae584d85fed3fb8cec577d06c345176aed0a6879fd6562bfc5475f35636c8f7cb56c9dd748319b606fc985597362af674e9036e908313f22a7a6a255bf30081b43d830b6e1f61ef26bceb84e682625213ea18d5104ef73fe49f11661df1159fac28127f46a5da507d872a008228504bbb96c4edd5e698dbb22fea5015a7e02d7f778bf6fa524e9f9fc195b0a47d5398499d6dc18e0f0528dea5d6207fb5103d15b30fec40cb64cda0d6d97e141d75b14efeb2808c37fc01ac8a402f543af636ab41ba382b21f123180c04c008dc2e34ce9431b3b4aa401a2d3d9d4c6f65c4f159fb37f650d8288d16675eaade9440adf3a8a86e0864d86d4faa48f78a48c45d9a65d770e0e23214bac72fd151e5bfee9f2be016f5a85ad91ef7ef77932d616a3890fa828b68edfa5f6d61d694f6dcf4e8b2e7bdc596dc831becfeac84f26ee0d8b64edfb3dd129d15a097c13fc11e36866f74c6fef0acdeb981ff4480630c963c5e6771f1d4daa4c14478c30d27a64a2507d78c3697eed6a1a487020b4b3a9289c34593224891c1d9e49a9e5c6c5e0dabc1cde31f4242c34f2c6932d359cc5e2291c25ffb8f43862dc99ac327ff5169873d496625dc0bd8f36568deb3daa7e427a17bb3d248101cf8765a7405a16ef53b6c3a2e62a14a61117253b00ac503dac5c717327f0f74fe6e3047e22f3ae4c73ef026186ab36066024fbc9eea4f101db8926780d28ce911c67f0e50279e2d0348c92ddbb608a061858cd18a3d567189e477fa4b5743b547c2b2570d705d258593089a7a808b9169290125327dfead7c2c194b453fd28b00beb3fdd74483cce70fcef6197491500d54d4e3d6a9cbe4991c1b47d4a43ea96ba431625b78d1d9ab76e2d5f75857f0d7094737df09c62f6190eed54c1f404de5c33a0a1e482641bf8b9d31d616363acc4c3419e6916cee023b2edd2bf2813169702aa15fb535abe0484b66e29ee2bf28153f3fb8c43d9efd9199bc900bf02c89501d65faf70426538aec9f519a7b13c24cd2c6602bf5deee6cb7533480a140ea32b732f83d5e6d5d6823989531742853a43460b7974f780a8a4edc76e3df71014cebcdd0ac60006f0c6b22f3c8ce8e859c06ae529b1dd4d854f2f158fda72bc86d8a5cea665b8b401e263bbef5975dd275600eb663355e8f80cafefb42a918a7c077ac03d6beaca124c47743ba084fcabaf7ab782018e1575ce74fe70bb6b61ad474b645cc69aa83b50c323d7d0f07c85383a8f588ea3c124c71655160464250447b2ddcc5e6cb082488ac9ae2fbd359d2c1e69f10a7171a75ca6ce5b328c3407ce40559b7bfa37471bff5dc2caf5ffafb6f7f21b2b1dbe83eafcd58b76987807c8e023ce06a77b3f57925e327fad6ce2dd72f713631a6b016c07fb19a3c4cfdb6e77122cc79f37aa03aaa7286c3748016abea1641f9ac9fef3a73842484fa562d3f0798b6e8b8ff47d3a50252efb86466a5ca71ab54542800882f053bd8eb870be68ab3f3fa0300348f21640a48183d4ab14a57bf7a3651073558aabe7a95cc12cd422de147fc8d8fa6e369aea30f1af78d169642e6dc55438c5549c0a32a0649b957c3064d1c2a108ab2f5efbc183b97b5fef39c4de38efbaf5799712256da8aaa811952be6fdf1ae6ebe5ecf1af6b5169bd9bdb7362f7216fdddc7d7e0c820dc0993b12dd9e26e96be3d1870336282550caaf25ac48bf9fb984aa0ac60b042c5dcae8039c6d52cb14a715a0a84080c7b46d1c030fdc18a2cac5453375d0aa0827f567a777f1224d489695e7c5089931c0de128fba8c3ea98d66acf3b82ce4bab7fbaf4bfde9e4db461d1276e3bd0f955cf7cbc655d64a98f463b1028f691881dca0c185d1a7df149fd9c9805f9b3869c256a6a9c2e87fc787c3a2154b225af48db977a61cc7ae74afda9a1ee6ce39f08384d96d695286dc6c2dd7492fb44c06b55dc2f65355e8c066801e185f38b61cf81be2e0eb25612d11d3a0ad0b7485c5e490655f178e01b5375e4d30df04dc3a8960f45ea14de0aa19d23e8ef5a97fe30d7d845a782487bba8a387d4cd48c789b948b943f434eb0e2942ef983d1e1a9ceba68718c0200dcbc1e701b9028e6e97d54353c24faea9c42076175bf2f8850bf5812302ce17f0914f65a84106dfb36bfeb7061ece9266ecba3e49cebb15757d372a85c2332efdee9f59834c53a3185429e9be5127d6189498aec48bfe74299da789e8364e19dbb3ced79babd94d96ffb14dd6f33c81beaf94516405cd4d421fdaf51320ad4d98ba620a4a6589db38f6ee940b7152bcb6d8f8340f1f193ceb78f81c4bc226589a5a716e70b6f1942af1c13709174a8b5660ef7bbbe703d634aca7bc1fece3eb69f05e85ede8b548bf47004c5fdf857895370dd21cb7c69b17a97cb7424c4b3ecd979d7370e19e1090fcf993c07b26dd680400e2743afec38270d17c5f06602e5565b12f229ba068b5c09bdf32d4fc5f2bbd135b68340fdd191928fe9602321ec990b00653090b6e59feb9915ca665b539507f1be3264d98ed83f529d9e3ace58bd2d09bb55cf4d33ad637e640220ae2beb7733954594767df762f01fd4abe8a913d4bbe5f7ccc8f4bddfab39cf80266bc9689041b118c7355cee518f55ef45edf07462a49390e667f12edfd84ddbcdbe716110efdf2927e85f0f28deff95b47880ce60aaaf2cc18d23870c3e2919860f18ece3260f0200a15f79282ccdabf29aff64ab8fc1b723c3006f34e55e2c563a2f1b4009b391b103d3cf077f27ca733ed351197f10386009bab2e5614ab9ed20b39c564bca095ea17565abc9a13c11f9dde842f0ad36", 0x3, 0xfff}, 0x2}, 0x0, 0xfffffffb, &(0x7f0000001240)={0x7, 0x284}) 2.431448944s ago: executing program 1 (id=451): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x80000008000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x800) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x8000007, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) r1 = gettid() ioprio_set$auto_IOPRIO_WHO_PGRP(0x2, r1, 0x8) ioctl$auto_LOOP_CTL_GET_FREE(r0, 0x4c82, r1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) r3 = getgid() setresgid$auto(0xffffffffffffffff, r3, 0x0) r4 = gettid() kill$auto(r4, 0x11) msgctl$auto_IPC_SET(0x6, 0x1, &(0x7f0000000100)={{0x9, 0xee00, r3, 0x0, 0x3f3, 0x84e3, 0x8}, &(0x7f0000000080)=0x2, &(0x7f00000000c0)=0x8, 0x80, 0x8, 0x7fffffff, 0x8001, 0x5, 0x6, 0xbed, 0x1, @inferred=r4, @raw=0xc00}) fstat$auto(r2, &(0x7f00000001c0)={0x4, 0xc5bd, 0x6, 0x1000006, 0x0, r3, 0x0, 0xa, 0x10000, 0x6, 0x5, 0x6, 0x8, 0xcc, 0x4, 0x6, 0x10000}) r5 = socket(0xa, 0x5, 0x84) sendto$auto(r5, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fb8000"}, 0x1c) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000040)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x5}, 0x1, 0x0, 0x9, 0x6}, 0x7}, 0x3, 0x0) 1.796393046s ago: executing program 0 (id=452): openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x2000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) r0 = socket(0xa, 0x2, 0x73) sendto$auto(r0, 0x0, 0xfdef, 0x0, &(0x7f0000000000)=@generic={0xa, "e2c483400200ff803636166b00"}, 0x1c) r1 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r2 = syz_clone3(&(0x7f00000003c0)={0x40000, 0x0, &(0x7f0000000140), &(0x7f0000000180), {0x38}, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0x0, 0x0, 0xffffffffffffffff, 0x0], 0x4, {r1}}, 0x58) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x8000003, 0x7) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto_XFS_IOC_ALLOCSP64(r1, 0x40305824, &(0x7f0000000440)={0x3ff, 0x9, 0x5, 0x100, 0xc17d, r2}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), 0xffffffffffffffff) openat$auto_ptdump_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x28840, 0x0) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r7 = socket(0x15, 0x1, 0x20000000) getsockopt$auto(r7, 0x114, 0x5, 0xfffffffffffffffc, 0x0) sendmsg$auto_ETHTOOL_MSG_RSS_GET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="0938a467", @ANYRES16=r6, @ANYBLOB="010329bd700002dcdf252600000004000180"], 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x40) setpriority$auto_PRIO_PGRP(0x1, r4, 0x5) semctl$auto_SETALL(0x9, 0x47, 0x11, 0x7) read$auto(0xffffffffffffffff, 0x0, 0x1f40) r8 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r8, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6) ioctl$auto_RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, 0x0) ioctl$auto_USBDEVFS_ALLOW_SUSPEND(r3, 0x5522, 0x0) 1.683139958s ago: executing program 3 (id=453): syz_clone3(&(0x7f00000001c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) fcntl$auto(r0, 0x400, 0x1) r1 = open(&(0x7f0000000040)='./file0\x00', 0x82580, 0x4) ioctl$auto_SG_SET_DEBUG(0xffffffffffffffff, 0x227e, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x1, 0x0, 0x80000000) preadv$auto(0x40000000000003, &(0x7f0000000240)={0x0, 0xfffffffd}, 0x6, 0xc, 0x1) r2 = socket(0x2b, 0x1, 0x1) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r2, 0x0, 0x20000001) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) munmap$auto(0x8000, 0xffffffff) select$auto(0xe, 0xfffffffffffffffe, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(0x3, 0x0, 0xb, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/traceSMB\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(0x3, 0x0, 0x1f40) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec2\x00', 0x101000, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000140), 0xffffffffffffffff) fsconfig$auto_EROFS_MOUNT_DAX_NEVER(r1, 0x10001, &(0x7f0000000080)=']/@\x00', &(0x7f00000000c0)="b0bb4f730f7c779e425b154120061d4ded38430f52c6943bc314f5fbdcdb0c114090a06fcda9a643cef0c85b0ab5ef4b8a8703e80ce5d36c8dafd678539850559bce345ac6b1b7bb529922d0b1d3ee9c6ba20cfe515c76ddfa2805f69af1c3f3639881fe07be60f41eb0bff52a85ea08db82de24410422b2dfd217cd194cf98b742d2cc939cda58d495e44c0756d84ea7e461129a3295e89763da2da22a80bb407081612f7fc5bf47640aca030ab602fd37ac9e43a5b2fc837baa258e62bcd03a6ec14a9b497566091d1df2845128afa51a2ac4fdab83910b027a2d984ea79454d842b8b9b60d2652a8317117a", 0x80) 1.636264192s ago: executing program 2 (id=454): mmap$auto(0x0, 0x4000a, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:01.3/local_cpus\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x24) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x8) syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000040), 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0001, 0x15) memfd_create$auto(0x0, 0xfffffff7) 1.421509366s ago: executing program 0 (id=455): ioctl$auto_BINDER_SET_MAX_THREADS(0xffffffffffffffff, 0x40046205, &(0x7f0000000040)="bc9cd5a32a9760b72a5f1e8e1b99eb7ae18d14b8c0994c95690820180805c3d6c83ab7358da14f2ebd3341cba551f3") 1.416921965s ago: executing program 1 (id=456): mmap$auto(0x0, 0x400008, 0x2, 0x9b72, 0x2, 0x8000) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) r0 = epoll_create$auto(0x3e) epoll_ctl$auto(r0, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) r2 = openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/error_log\x00', 0xd0000, 0x0) mmap$auto(0x0, 0x100020, 0x0, 0xeb1, r2, 0x4000000000008000) socket(0x2, 0x1, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_TUNGETVNETBE2(0xffffffffffffffff, 0x800454df, &(0x7f0000000000)=0x3) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) r4 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r4, 0x400, 0x1) open(&(0x7f00000000c0)='./file0\x00', 0x141000, 0x81) open(&(0x7f00000002c0)='./file0\x00', 0x103001, 0x120) close_range$auto(0x2, 0x8, 0x0) setresuid$auto(0xf5, 0x8000, 0x67) bpf$auto(0x5, &(0x7f0000000300)=@bpf_attr_3={0x6, 0x24, 0xf, 0x63, 0x400, 0x0, 0x1, 0x80f0c8, 0x20, "38c1d5cbcb9f6b5e511f0cd8ed068f65", 0x0, 0x113e33f2, 0xffffffffffffffff, 0xe4, 0x6, 0x5, 0x6, 0x8, 0x0, 0x3, @attach_prog_fd, 0x6, 0xffff, 0x8, 0x0, 0xfffffffe}, 0x47) setsockopt$auto(r3, 0x8000000000000006, 0x1c, 0x0, 0x3) write$auto_seq_oss_f_ops_seq_oss(r1, &(0x7f0000000640)="445cc19989fb9c017005441c9085b524b7c0cc9b1a9f4edddfe162b01f9fe8f5adae095ec393ca717c2e4c6a64d1d08a304bb9528310c110129f6c575f67b4582a5f62b8e838fc6962c99765e6f49df32fe5fe58b9a26a37ef5d9c5f4789c742ab66cb019c4301e062dfeb918dbdb211b041bbeb9917bb2bb6c1bc1698a8d82139d84da0968c422c55239a2ed6bde3ec686e5fb78e80ee4c0045438d4f7fce23399079ece10b7e9e60185e97a0676ea0dbb2c14613f246f3089a1d9bbfd3dcc242b13e8ec303971c06b8e20f6f22820a23f0c642d9669ff73d85bf1c393f8d2f3a6755b5f222ee91f7f39c7eda4deaeeab296687a36914ac53eb6af38743eb03339bd94f3d9669adf2058b18648dc7306351ad5aada08450f3278cc2035282941542a4f2d70c1758b45a53fa2e016f57dd89629b5d2b7f5929c73da5f436ba0efec93deb7ccca0795176bb80d2afaea3bddec1d935a7c0fd9f41a3e180d19544b84b76d195ca07c9f88f0ffdf7e7831c01094133518941b5344c6b0771f9bda9af9ea4a571eba33acc91a32fd1240e06f5fc28f8b648b0d51d6efc66dbaaeed0bf3bc186093eaa6d060ef2001c298812c598be6cae0ca8ef5d4141224828f698daae1ffabfad67167dd5b5c3c91a496890ad9b3af588de8b8b58c220464c9695e815223e6800449615315539f5b9c670361fff443114a49c738e42709de97dd192d3360cd0227023c9676339b7d10fe70c2509f13a011dcc19bd447478499e1727ca5457f8b69fd7193dd3a93ee1df99e541713e00d4c85aa04b79b2b7505a09d5e6867440c152cb2b4eb9f56618ca7dbeef37e8c95b5fbe2b3bcc521c75a5f3007e784ad4d2a93102e35e346635f54c0484e691", 0x274) 1.022883678s ago: executing program 0 (id=457): mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffff6, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r0 = socket(0xa, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @rand_addr=0xfffffffa}, 0x55) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xae00, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) socket(0x21, 0x2, 0x2) sendto$auto(0x3, 0x0, 0x18, 0x101, 0x0, 0x1c) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x1d, 0x3, 0x1) arch_prctl$auto(0x5000, 0x5) getsockopt$auto(r2, 0x7, 0x0, 0xffffffffffffffff, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(0x3, 0xc048aec8, r1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/net/nr6/queues/rx-0/rps_flow_cnt\x00', 0x109802, 0x0) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="00032cbd70c14c060000000000000500040009000000"], 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE_OLD(0xffffffffffffffff, 0xc1004110, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000de, 0xeb1, r1, 0x0) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0) sendfile$auto(r4, r4, 0x0, 0x7fffe000) ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0) 757.890333ms ago: executing program 3 (id=458): sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/traceSMB\x00', 0x0, 0x0) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(0x3, 0x0, 0x1f40) r0 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f00000004c0), 0x2202, 0x0) ioctl$auto_USB_RAW_IOCTL_EP0_WRITE(r0, 0x40085503, &(0x7f0000000600)={0xd, 0x0, 0x3}) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x6, &(0x7f0000000000)={0x0, 0xfc6}, 0x6, 0x0, 0x7, 0xa505}, 0x800}, 0x80000000, 0x4008) recvmsg$auto(0xffffffffffffffff, 0x0, 0x6) writev$auto(0xca, 0x0, 0x2000000000000003) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/event0\x00', 0x2, 0x0) io_uring_setup$auto(0xc, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x30}, 0x1) close_range$auto(0x2, 0xa, 0x0) socketpair$auto(0x1, 0x4, 0x4, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/stack\x00', 0x8a1940, 0x0) ioperm$auto(0x10001, 0x6, 0x2) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x6, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0xc0000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2a, 0x2, 0xb) mmap$auto(0x1, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xffffeffe, 0x2) pipe$auto(0x0) 605.395122ms ago: executing program 3 (id=459): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000840)="12915fb9d5") r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/v4l-subdev7\x00', 0x0, 0x0) mmap$auto(0x8, 0x4020009, 0xdf, 0xeb1, r1, 0x6) socket(0xa, 0x801, 0x106) mmap$auto(0x0, 0x400009, 0xdf, 0x1800000000010, r1, 0x8000) pipe$auto(0x0) close_range$auto(0x2, 0x8, 0x0) r2 = io_uring_setup$auto(0x811, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) ioctl$auto(0x3, 0xc10c5541, r2) mmap$auto(0x0, 0x2, 0xe2, 0x9b72, 0x7, 0x28000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x8000000000000024, 0xfffffffffffffffc, 0x0) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/kcore\x00', 0xc40, 0x0) read$auto_proc_iter_file_ops_compat_inode(r3, 0x0, 0x4d) ioctl$auto(0x3, 0xc0285628, 0x38) 472.858401ms ago: executing program 3 (id=460): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input0/inhibited\x00', 0x20b42, 0x0) r1 = io_uring_setup$auto(0xa, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0x7, 0x1020, 0x202, 0x10001, 0x8, r1, [], {0x6, 0x6, 0x8c48, 0x4, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0x100, 0x10000009, 0x52, 0x1, 0x1, 0x40, 0x76c4, 0x80008, 0x5}}) ioctl$auto_BCH_IOCTL_DISK_RESIZE(r1, 0x4018bc0e, &(0x7f0000000000)={0x3552, 0x0, 0x80, 0xb730}) write$auto(r0, &(0x7f0000000640)='1\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\x05\x00\x00\x00\x00\x00\x00\x00\x9c\x8a\xe2\xc7cOM\xb6\xa3\x10!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea\xa3\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z`\xfd\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f\x9b(\x82,W\xa3\b\xf3\x9d_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xe8\xe9u\x9f\xdeK\xa5\x06\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96#`\xe7\xd5Y\a\xc1\xe9(V\xbe\f\x9c\x9d!\xea\x96=\xd8N\xe1~\xc5\xbaJk+\x91\xc3\xaa\xde;c\xbd\xd7\x94|45\xcd\x11\xea\xe5C\x99\x98\xca\x96V\x9c\xd9\x11\x048\x8d\xab\x84zJA\xdb[\xb7\x18\x1c,P\x8d\xb37\xb2N\x9c\xc9G]\xaa\xfd~\x86\xd3y\xc6\x87\xb2\xb1\xa9]\x83\xc6\xf1\xf2T\xd3+\x1e\n\xa8g\xcf\x17\xc7\xbdhpA\xdd\xd8\xce\x19\fU\xbfl;x\x98{1:\xe7\xbb(s\xf5\xa3\xe3\xc7\f\xf0\xc7\xfe\x1e[\xaeb\xf9\xdc\x91^I\xb6\x9e\xabi\x8c\x87c\xbd\xe6\"6\t,\xcf\xf6\xa7\xe0\xb6<\xb2\xa2\xef\xeb\xba6y\xe0FT\x1f8\r\x97b\x97\xef\xac\xf6\xcc\x1a\x98Y\'z\xbfR\x1aS\xc1\x01\xac3\xbe\xb0E\xc1\x13\x16\xeb\x10\xce\xc5\xfc>Ym\xde\xa7\x19\\}\xd3\x17yc\xc3\x13\xed\xee\xe6\xdaJ\xfd\x90\xbf/\xf2\x9f-\xb1\xf5\xbd\xa32\xa3\xc8\xbe( \x9a\xd73\xcb\x87}b\xa7\x97\x18M\xf60\xad\xd0\xceV+\x02S$yq\x92mG:\xa7eA\xfe0\x1ao\xa9{\x06>\x05]\xfe:\xba\x96\x92\x91\xb3\x8a\xa5\xbd\xff\xbf.\xbdZ\xa1\x8d\x0f\x80d\x04N\xa9\xd9\x16\x93~\xbd\xbcr\xbb>r\x9d\x9aX\x91\xe4\xe1\xa9{\x13\x140\x9ax\xe8\xe8\xf1\xafz\xb0\x1erR&1\xaez\xa8J\x8d\xec|}\xfd\xb5\xce\x87\a\xf7YB\rv\"\xcf\xafno!,S4\xca \x94q_\x00R<\x03\xfd]vS\xa9\x8dG~\xee\xed\xce\x86\x80\xeb\xde\xac\'\x04A\xd5\x9d\xa9\x12%\xbe:\xb5\x92\xe8\xb8\xa9\xc9>\x89\x9d', 0x40000000004) 384.920676ms ago: executing program 1 (id=461): mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) r0 = socket(0xa, 0x80803, 0x6) bind$auto(r0, &(0x7f0000000040)=@generic={0xa, "2c551d000000fe8000"}, 0x66) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2, 0x3, 0x6) r2 = socket(0x2, 0x2, 0x88) sendmsg$auto_CGROUPSTATS_CMD_GET(0xffffffffffffffff, 0x0, 0x4080) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r2) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x54, r3, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000040}, 0x8051) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x54}, 0x1, 0x0, 0x0, 0x2000000}, 0x24004804) io_setup$auto(0x5, 0xffffffffffffffff) io_uring_register$auto(r2, 0x5, &(0x7f0000000280)="976d955a5a2cb4bfdda18f211e3dfcc3e74f46dd36a907101e482d4de729fd8ed035e960a1b83def29a383a6a584eeffc0277dfa09076b5b860da10e06bd972c53", 0x2b7) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 381.086635ms ago: executing program 3 (id=462): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) open(0x0, 0x22240, 0x155) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x182400, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_MODULE_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r1, 0x2497a7476db46aa9, 0x70bd25, 0x25dfdbfc, {}, [@ETHTOOL_A_MODULE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x18000}, 0x1000000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) setsockopt$auto(0x6, 0x8000000000000006, 0x1b, 0x0, 0x7ffffc) 346.425624ms ago: executing program 2 (id=463): r0 = socket(0xa, 0x1, 0x84) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001280)='/sys/devices/virtual/net/bond0/bonding/arp_validate\x00', 0x20042, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r1 = clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x60282, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) msgctl$auto_IPC_INFO(0x44, 0x3, &(0x7f00000001c0)={{0x0, 0x0, 0x0, 0x2, 0x57e, 0xffff8001}, 0x0, 0x0, 0x0, 0x9, 0x400, 0xfffffffffffffff9, 0x2, 0x18, 0x0, 0xfff8, @inferred=r1, @inferred=r1}) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, 0x0) write$auto(r0, 0x0, 0x809b9) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x10000, 0xf4, 0xa, 0xeb1, 0x401, 0x5) syz_clone3(&(0x7f0000000100)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) mmap$auto(0x8001, 0xff, 0x80000001, 0x1010, 0xffffffffffffffff, 0x28000) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000b80)='/proc/sys/kernel/kptr_restrict\x00', 0x202, 0x0) mmap$auto(0x100000000000000, 0x6, 0xe4, 0x9b7e, r3, 0x28000) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/sctp/auth_enable\x00', 0x100, 0x0) read$auto_proc_sys_file_operations_proc_sysctl(r4, 0x0, 0x0) mmap$auto(0x800000000, 0x6, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000000), 0xa480, 0x0) readv$auto(0x3, &(0x7f0000000280)={0x0, 0x40000f7}, 0x87) read$auto(r3, 0x0, 0xb5) write$auto(0x3, 0x0, 0xfdef) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0xfffffffffffffff0, 0x6, 0x20000006, 0x2}, 0x8000, 0x0, 0x6) inotify_add_watch$auto(r0, &(0x7f0000000000)='./file0\x00', 0x4) bpf$auto(0x8000000000000020, 0xffffffffffffffff, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp1\x00', 0x81, 0x0) 231.390065ms ago: executing program 3 (id=464): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) quotactl$auto(0x2, &(0x7f0000000040)='/dev/sda1\x00', 0x62a0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000002f80), r1) sendmsg$auto_GTP_CMD_NEWPDP(r0, &(0x7f0000003080)={0x0, 0x0, &(0x7f0000003040)={&(0x7f0000000340)=ANY=[@ANYBLOB="3400a265c44acc690002", @ANYRES16=r2, @ANYBLOB="05002bbd7000fddbdf25000000000800010005000000080002000100000008000800060000000800090001040000"], 0x34}, 0x1, 0x0, 0x0, 0x4c000}, 0x80) r3 = semctl$auto_GETPID(0x9, 0x200, 0xb, 0x5) shmctl$auto_IPC_SET(0x0, 0x1, &(0x7f00000001c0)={{0xfe, 0x0, 0xee01, 0x3ff, 0xea, 0x3, 0x2006}, 0x4cf, 0x1, 0x2f4, 0x7, @inferred=r3, @inferred=r3, 0x2, 0x0, 0x0, 0x0}) r5 = socket(0xa, 0x1, 0x100) ioperm$auto(0x7, 0x5ad2, 0x8) modify_ldt$auto(0x1, 0x0, 0x10) ioctl$auto_USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r5, &(0x7f00000001c0)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x100, 0x0) r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x21, 0x3, 0x9) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000200), 0xffffffffffffffff) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0x1d, 0x8fd6, 0x400000000000948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r7, &(0x7f0000000700)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x344, 0x0, 0x300, 0x70bd27, 0x25dfdbfc, {}, [@OVS_PACKET_ATTR_HASH={0xc, 0xb, 0x80}, @OVS_PACKET_ATTR_KEY={0xc, 0x2, 0x0, 0x1, [@typed={0x8, 0x131, 0x0, 0x0, @pid=r4}]}, @OVS_PACKET_ATTR_ACTIONS={0x317, 0x3, 0x0, 0x1, [@nested={0x191, 0x147, 0x0, 0x1, [@typed={0xa6, 0xe2, 0x0, 0x0, @binary="2781a7d5ebd3b10f058880c5c58afeb71f21596f8cd38d0c47d8df61abb64aa83710bcaaa5287efbab14d3ca5734c51fa7b90042f84664a42ab8a0071c2ee2c5f87113fc63b887e37b5010cd33d581e2b1d63ae3bdaeb7f4fd80b8c22296f6f158e14cb221d44348c31fa97315d7d540284393ff656bf10516ccb5038d9389623bd5bffb9b7cac13797645e101d774c14ea9337c1b541bc85ac8328cd2a7c58af186"}, @typed={0x4, 0x103}, @nested={0x4, 0x39}, @generic="dce611693dab53eddacb49055fa8fc3a1fc086e18d5c8c6f76aafaead2fea74251a94d0c1954f321756a12655666d5fa45765c159f09afa908385df5f580144d6a96e5029973daaf91bc0cce67aa823a54c8aa9ac22ca726290a7a5ea5557caac3592c2e97668cd562046718d91e9c3a30591c3b5216911048db5af188c7664d04d2e9e9886e5ec0bfd383738c0d0bbcf096020c120e7b19aecd22b25d582e2247750ed0c8aba709c6a5afcec81f39cf1275d5b43a512c", @nested={0x4, 0x6a}, @generic="9e24a8a50346b232787817af21c155ea60383614521956d12d43ebc84a31", @nested={0x4, 0x1f}]}, @typed={0x102, 0xc, 0x0, 0x0, @binary="dd3462c4de9a85b52f13d3c274a86ee7ade75f11033399f6539e15156f97b46d8b411c022ec2c9ab65673f0703e013a72acdc1334896ff809c1607fa4d1225185822bd6a9732636d9c6275e1fd1e630a024736b1aba231072799ebac66ec11e29db988a172e2a5dedc81f371221d8972e6e214c79363136225c706290d141d1a49bd4158011bc2ef3ecc14402746f32e5d949e68277aaf71a5b86c2516b38eb291db6ab41c1797fcde745820697c7a8792d3489cdd1084866a725cf976ff2ff57ab89d54afe666ff8e2110c5c9653df6a2bec941ccc4d73e2bc5d3e50caba38b757a67a9a4d03a71066ae9d3fb08a76727a877022634f43902bd0dd4b394"}, @nested={0x17, 0x65, 0x0, 0x1, [@generic="7d9f6e18fe42a054c9f5663bb8bda7", @nested={0x4, 0x109}]}, @generic="e7e9a69637cb898afc38370e0492f567988fbe316f38b51b3430069fe57d94c04aad11485b9b714c9300538beb6086d53ff114b0745cff8f0bd2709f4a556327", @generic="9b15fefe511c89d66bc670c95fdb1b34ee2e1c868588cd372c5d90e30e6291a6d3e161"]}]}, 0x344}, 0x1, 0x0, 0x0, 0x20000000}, 0x800) write$auto(r6, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x2]}, 0x0) mmap$auto(0x83, 0x0, 0x6945, 0xeb1, 0x405, 0x8000) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) 226.875558ms ago: executing program 1 (id=465): mmap$auto(0x100000000, 0x4, 0x0, 0x400ebf, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/ext4/sda1/mb_stats\x00', 0x88000, 0x0) pread64$auto(r0, 0x0, 0x20, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r2 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r2, &(0x7f0000000680)={0x0, 0x40200}, 0x3) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) ppoll$auto(&(0x7f0000000000)={r1, 0x40}, 0x2, 0x0, 0x0, 0x8) ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0xfffffffffffffffc) modify_ldt$auto(0x1, 0x0, 0x10) pread64$auto(r1, &(0x7f0000000080)='/dev/cpu/0/cpuid\x00', 0x8, 0x2) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen_full\x00', 0x0, 0x0) pread64$auto(r3, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400) inotify_rm_watch$auto(r2, 0x8001) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) getpid() prctl$auto(0x3e, 0x564c, 0x0, 0x4, 0x400002) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x201, 0x7, 0x9, 0x1, 0x948b, 0x2, 0x15f4da0a, 0x3, 0x3, 0x1000062, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2000000000002, 0x6]}, 0x0) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs1\x00', 0x48080, 0x0) fcntl$auto(0x3, 0x4, 0xa553) process_mrelease$auto(0xffffffffffffffff, 0x0) 0s ago: executing program 0 (id=466): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x80000008000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/irq/12/hwirq\x00', 0x2000, 0x0) read$auto(r0, 0x0, 0x20) sendmsg$auto_MAC802154_HWSIM_CMD_SET_EDGE(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x40010) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000080), 0xffffffffffffffff) r2 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000000), 0x8202, 0x0) ioctl$auto(0xc8, 0x800454db, 0xffffffffffffffff) mmap$auto(0x0, 0x20000000009, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(r3, 0x89a0, 0x8) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f0000000280)={0x4, r2}) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000300), r3) sendmsg$auto_NL80211_CMD_DISASSOCIATE(r4, &(0x7f00000003c0)={&(0x7f00000002c0), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r5, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_WIPHY_RETRY_LONG={0x5, 0x3e, 0xf0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000004}, 0x88) r6 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0x4, 0x0, 0x2, 0x0, 0x20000}, 0x4}, 0x1f8, 0xb07e) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) write$auto(r3, &(0x7f0000000140)=')-+\xa2\x00', 0x6) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)={0x1, 0x0, 0x1}, 0x18) mmap$auto(0x0, 0xffffffff, 0xe0, 0x15, r3, 0x7) r7 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) write$auto(r7, 0x0, 0xe) ioctl$auto_EVIOCSKEYCODE(r6, 0x40084504, &(0x7f0000000240)=[0x9, 0x1]) r8 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r8, 0x20, 0x70bd2c, 0x25dfdbfb, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0xd}, @SMC_PNETID_IBNAME={0xe, 0x3, '/dev/ptmx\x00'}, @SMC_PNETID_IBNAME={0x1d, 0x3, '/sys/kernel/irq/12/hwirq\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x404c004}, 0x40084) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.144' (ED25519) to the list of known hosts. [ 74.206306][ T5822] cgroup: Unknown subsys name 'net' [ 74.357880][ T5822] cgroup: Unknown subsys name 'cpuset' [ 74.366413][ T5822] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 75.792983][ T5822] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 77.846127][ T55] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 77.855227][ T55] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 77.862795][ T55] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 77.874947][ T55] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 77.895464][ T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 77.903174][ T5843] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 77.914933][ T55] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 77.915441][ T5843] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 77.936130][ T5846] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 77.945336][ T5846] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 77.945516][ T5843] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 77.962371][ T5848] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 77.973389][ T5843] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 77.975816][ T5846] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 77.981108][ T5843] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 77.987911][ T5846] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 78.002472][ T5846] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 78.010743][ T5848] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 78.018220][ T5848] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 78.027505][ T5848] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 78.499556][ T5836] chnl_net:caif_netlink_parms(): no params data found [ 78.603811][ T5832] chnl_net:caif_netlink_parms(): no params data found [ 78.698923][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 78.735898][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 78.756744][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.764000][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.772671][ T5836] bridge_slave_0: entered allmulticast mode [ 78.779832][ T5836] bridge_slave_0: entered promiscuous mode [ 78.809183][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.817125][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.824248][ T5836] bridge_slave_1: entered allmulticast mode [ 78.832336][ T5836] bridge_slave_1: entered promiscuous mode [ 78.919705][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.926967][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.934238][ T5832] bridge_slave_0: entered allmulticast mode [ 78.941386][ T5832] bridge_slave_0: entered promiscuous mode [ 78.969176][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.976428][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.983538][ T5832] bridge_slave_1: entered allmulticast mode [ 78.990773][ T5832] bridge_slave_1: entered promiscuous mode [ 79.012475][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.053166][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.080168][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.088931][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.096520][ T5831] bridge_slave_0: entered allmulticast mode [ 79.103410][ T5831] bridge_slave_0: entered promiscuous mode [ 79.152072][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.163441][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.171236][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.179005][ T5831] bridge_slave_1: entered allmulticast mode [ 79.186722][ T5831] bridge_slave_1: entered promiscuous mode [ 79.218305][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.225520][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.232628][ T5835] bridge_slave_0: entered allmulticast mode [ 79.240076][ T5835] bridge_slave_0: entered promiscuous mode [ 79.249187][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.285552][ T5836] team0: Port device team_slave_0 added [ 79.291567][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.298746][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.305977][ T5835] bridge_slave_1: entered allmulticast mode [ 79.312918][ T5835] bridge_slave_1: entered promiscuous mode [ 79.346095][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.357916][ T5832] team0: Port device team_slave_0 added [ 79.366294][ T5836] team0: Port device team_slave_1 added [ 79.376148][ T5832] team0: Port device team_slave_1 added [ 79.395405][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.447770][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.497015][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.518374][ T5831] team0: Port device team_slave_0 added [ 79.525345][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.532303][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.558433][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.572653][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.579655][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.605662][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.617353][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.625794][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.654794][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.680011][ T5831] team0: Port device team_slave_1 added [ 79.695152][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.702110][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.728587][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.743080][ T5835] team0: Port device team_slave_0 added [ 79.753212][ T5835] team0: Port device team_slave_1 added [ 79.802409][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.809656][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.835584][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.870681][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.877699][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.904020][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.937836][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.944975][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.971522][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.971628][ T5848] Bluetooth: hci0: command tx timeout [ 79.984227][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.994971][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.021194][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.044872][ T5842] Bluetooth: hci3: command tx timeout [ 80.044877][ T5846] Bluetooth: hci1: command tx timeout [ 80.056044][ T5848] Bluetooth: hci2: command tx timeout [ 80.083900][ T5836] hsr_slave_0: entered promiscuous mode [ 80.091351][ T5836] hsr_slave_1: entered promiscuous mode [ 80.103180][ T5832] hsr_slave_0: entered promiscuous mode [ 80.110294][ T5832] hsr_slave_1: entered promiscuous mode [ 80.116390][ T5832] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.124054][ T5832] Cannot create hsr debugfs directory [ 80.147726][ T5831] hsr_slave_0: entered promiscuous mode [ 80.153840][ T5831] hsr_slave_1: entered promiscuous mode [ 80.160017][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.167704][ T5831] Cannot create hsr debugfs directory [ 80.265019][ T5835] hsr_slave_0: entered promiscuous mode [ 80.271196][ T5835] hsr_slave_1: entered promiscuous mode [ 80.277608][ T5835] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.285229][ T5835] Cannot create hsr debugfs directory [ 80.664905][ T5832] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 80.678355][ T5832] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 80.691684][ T5832] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 80.705706][ T5832] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 80.776769][ T5836] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 80.788924][ T5836] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 80.800551][ T5836] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 80.811803][ T5836] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 80.912809][ T5831] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 80.930008][ T5831] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 80.954066][ T5831] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 80.973026][ T5831] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 81.030716][ T5835] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 81.041474][ T5835] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 81.054000][ T5835] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 81.064190][ T5835] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 81.102745][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.176795][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.189131][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.209573][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.216881][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.253836][ T2915] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.261033][ T2915] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.288550][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.304053][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.311223][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.338411][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.345564][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.437827][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.488263][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.511459][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.544226][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.551466][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.583073][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.598324][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.605504][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.661669][ T2915] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.668865][ T2915] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.701622][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.708806][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.808694][ T5831] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 81.826767][ T5831] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 81.921385][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.958855][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.045309][ T5848] Bluetooth: hci0: command tx timeout [ 82.090984][ T5836] veth0_vlan: entered promiscuous mode [ 82.125710][ T5848] Bluetooth: hci2: command tx timeout [ 82.131184][ T5848] Bluetooth: hci3: command tx timeout [ 82.135001][ T5842] Bluetooth: hci1: command tx timeout [ 82.170665][ T5836] veth1_vlan: entered promiscuous mode [ 82.200192][ T5832] veth0_vlan: entered promiscuous mode [ 82.252591][ T5832] veth1_vlan: entered promiscuous mode [ 82.286085][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.323270][ T5836] veth0_macvtap: entered promiscuous mode [ 82.351584][ T5836] veth1_macvtap: entered promiscuous mode [ 82.368401][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.382205][ T5832] veth0_macvtap: entered promiscuous mode [ 82.411653][ T5832] veth1_macvtap: entered promiscuous mode [ 82.427014][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.466581][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.481663][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.492479][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.508716][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.522584][ T5836] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.531878][ T5836] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.541442][ T5836] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.550450][ T5836] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.576929][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.589037][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.601164][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.619041][ T5835] veth0_vlan: entered promiscuous mode [ 82.636282][ T5832] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.646434][ T5832] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.655953][ T5832] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.665567][ T5832] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.699572][ T5831] veth0_vlan: entered promiscuous mode [ 82.725569][ T5835] veth1_vlan: entered promiscuous mode [ 82.740119][ T5831] veth1_vlan: entered promiscuous mode [ 82.831261][ T5831] veth0_macvtap: entered promiscuous mode [ 82.872409][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.874144][ T5831] veth1_macvtap: entered promiscuous mode [ 82.884446][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.900318][ T5835] veth0_macvtap: entered promiscuous mode [ 82.909182][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.917723][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.945120][ T5835] veth1_macvtap: entered promiscuous mode [ 82.996236][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.999520][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.018532][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.019771][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.036649][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.047350][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.058371][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.087138][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.100779][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.110713][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.121236][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.133787][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.147700][ T2950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.158446][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.166462][ T2950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.172916][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.188259][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.198807][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.211641][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.222173][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.235736][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.279386][ T5832] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 83.292510][ T5831] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.305994][ T5831] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.315334][ T5831] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.324086][ T5831] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.377184][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.391598][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.408485][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.420092][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.432481][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.458903][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.471446][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.478125][ T5898] netlink: 330 bytes leftover after parsing attributes in process `syz.3.4'. [ 83.482290][ T5835] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.498799][ T5835] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.508187][ T5835] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.518476][ T5835] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.537402][ T5898] Zero length message leads to an empty skb [ 83.849625][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.886618][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.950485][ T2950] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.994920][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 84.055546][ T2950] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.134484][ T5842] Bluetooth: hci0: command tx timeout [ 84.204789][ T5842] Bluetooth: hci1: command tx timeout [ 84.211382][ T5908] can: request_module (can-proto-3) failed. [ 84.217673][ T5842] Bluetooth: hci3: command tx timeout [ 84.218073][ T5846] Bluetooth: hci2: command tx timeout [ 84.245182][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 84.264658][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 84.273507][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 84.406571][ T2950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.447323][ T2950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.572820][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 84.796847][ T2950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.836895][ T2950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.714757][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 85.723319][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 86.204722][ T5846] Bluetooth: hci0: command tx timeout [ 86.285485][ T5846] Bluetooth: hci3: command tx timeout [ 86.290915][ T5846] Bluetooth: hci2: command tx timeout [ 86.329075][ T36] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.482421][ T36] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.666382][ T36] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.776308][ T926] cfg80211: failed to load regulatory.db [ 86.986175][ T36] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.091543][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 87.114996][ T5842] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 87.124544][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 87.133660][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 87.141391][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 87.952124][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 87.961579][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 87.970445][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 88.049522][ T36] bridge_slave_1: left allmulticast mode [ 88.083458][ T36] bridge_slave_1: left promiscuous mode [ 88.097658][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.116223][ T36] bridge_slave_0: left allmulticast mode [ 88.121928][ T36] bridge_slave_0: left promiscuous mode [ 88.132589][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.261926][ T5846] Bluetooth: hci1: command tx timeout [ 89.377594][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 89.496696][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 89.551700][ T36] bond0 (unregistering): Released all slaves [ 91.015271][ T5939] chnl_net:caif_netlink_parms(): no params data found [ 91.031033][ T5982] capability: warning: `syz.0.16' uses 32-bit capabilities (legacy support in use) [ 91.137254][ T5982] HfR: entered promiscuous mode [ 91.252887][ T5982] device-mapper: ioctl: Unable to rename non-existent device,  to „ [ 91.286841][ T36] hsr_slave_0: left promiscuous mode [ 91.304496][ T36] hsr_slave_1: left promiscuous mode [ 91.318441][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 91.327071][ T5846] Bluetooth: hci1: command tx timeout [ 91.369785][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 91.399409][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 91.407938][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 91.523364][ T36] veth1_macvtap: left promiscuous mode [ 91.552621][ T36] veth0_macvtap: left promiscuous mode [ 91.576892][ T36] veth1_vlan: left promiscuous mode [ 91.582429][ T36] veth0_vlan: left promiscuous mode [ 92.283964][ T6008] mmap: syz.0.19 (6008) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 92.855347][ T36] team0 (unregistering): Port device team_slave_1 removed [ 92.987822][ T36] team0 (unregistering): Port device team_slave_0 removed [ 93.079081][ T6008] netlink: 12 bytes leftover after parsing attributes in process `syz.0.19'. [ 93.406581][ T5846] Bluetooth: hci1: command tx timeout [ 94.029170][ T5939] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.036381][ T5939] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.043497][ T5939] bridge_slave_0: entered allmulticast mode [ 94.056393][ T5939] bridge_slave_0: entered promiscuous mode [ 94.104673][ T5939] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.111974][ T5939] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.130519][ T5939] bridge_slave_1: entered allmulticast mode [ 94.147559][ T5939] bridge_slave_1: entered promiscuous mode [ 94.318996][ T5939] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 94.348533][ T5939] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.522765][ T5939] team0: Port device team_slave_0 added [ 94.546457][ T5939] team0: Port device team_slave_1 added [ 94.694710][ T5939] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.720921][ T5939] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.804378][ T5939] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.846837][ T5939] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.853832][ T5939] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.914546][ T5939] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.484684][ T5846] Bluetooth: hci1: command tx timeout [ 95.616078][ T5939] hsr_slave_0: entered promiscuous mode [ 95.680078][ T5939] hsr_slave_1: entered promiscuous mode [ 95.721284][ T5939] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 95.756498][ T5939] Cannot create hsr debugfs directory [ 98.275181][ T6093] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 98.360994][ T6093] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 98.467313][ T5939] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 98.489894][ T5939] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 98.572011][ T5939] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 98.696588][ T5939] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 99.342197][ T5939] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.369291][ T6111] can: request_module (can-proto-3) failed. [ 99.466542][ T5939] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.508525][ T3563] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.515723][ T3563] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.581720][ T3563] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.588919][ T3563] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.389743][ T2950] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 100.518957][ T5939] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.653097][ T5939] veth0_vlan: entered promiscuous mode [ 100.927118][ T2950] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 101.040809][ T5939] veth1_vlan: entered promiscuous mode [ 101.269663][ T2950] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 101.472718][ T5939] veth0_macvtap: entered promiscuous mode [ 101.545495][ T5939] veth1_macvtap: entered promiscuous mode [ 101.582871][ T5842] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 101.592223][ T5842] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 101.610748][ T5842] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 101.619248][ T5842] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 101.627723][ T5842] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 101.817567][ T2950] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 101.903511][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 101.943162][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.966503][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 101.998373][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.012369][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 102.026825][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.039150][ T5939] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.053609][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 102.067973][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.087316][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 102.108759][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.118652][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 102.132403][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.156785][ T5939] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.275980][ T5939] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.308544][ T5939] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.326546][ T5939] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.354373][ T5939] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.093242][ T2950] bridge_slave_1: left allmulticast mode [ 103.108588][ T2950] bridge_slave_1: left promiscuous mode [ 103.139136][ T2950] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.202586][ T2950] bridge_slave_0: left allmulticast mode [ 103.234409][ T2950] bridge_slave_0: left promiscuous mode [ 103.241587][ T2950] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.644906][ T5842] Bluetooth: hci2: command tx timeout [ 104.174952][ T2950] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 104.230386][ T2950] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 104.250896][ T2950] bond0 (unregistering): Released all slaves [ 104.419398][ T2950] HfR: left promiscuous mode [ 104.689886][ T3563] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.735150][ T3563] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.814740][ T3428] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.849687][ T3428] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.986172][ T6150] chnl_net:caif_netlink_parms(): no params data found [ 105.334715][ T6214] process 'syz.1.39' launched ':,' with NULL argv: empty string added [ 105.405100][ T6197] can: request_module (can-proto-0) failed. [ 105.488203][ T2950] hsr_slave_0: left promiscuous mode [ 105.508939][ T2950] hsr_slave_1: left promiscuous mode [ 105.517424][ T2950] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 105.532363][ T2950] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 105.541313][ T2950] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 105.552777][ T2950] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 105.589675][ T2950] veth1_macvtap: left promiscuous mode [ 105.596002][ T2950] veth0_macvtap: left promiscuous mode [ 105.601775][ T2950] veth1_vlan: left promiscuous mode [ 105.612202][ T2950] veth0_vlan: left promiscuous mode [ 105.739411][ T5842] Bluetooth: hci2: command tx timeout [ 106.508149][ T2950] team0 (unregistering): Port device team_slave_1 removed [ 106.571921][ T2950] team0 (unregistering): Port device team_slave_0 removed [ 106.992151][ T6150] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.000956][ T6150] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.016579][ T6150] bridge_slave_0: entered allmulticast mode [ 107.024277][ T6150] bridge_slave_0: entered promiscuous mode [ 107.039029][ T6150] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.046493][ T6150] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.053690][ T6150] bridge_slave_1: entered allmulticast mode [ 107.060834][ T6150] bridge_slave_1: entered promiscuous mode [ 107.162356][ T6150] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 107.178893][ T6150] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 107.343024][ T6150] team0: Port device team_slave_0 added [ 107.412978][ T6150] team0: Port device team_slave_1 added [ 107.532164][ T6150] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 107.549089][ T6150] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 107.593015][ T6150] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 107.619064][ T6150] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 107.639844][ T6150] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 107.683438][ T6150] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 107.807037][ T5842] Bluetooth: hci2: command tx timeout [ 107.836869][ T6150] hsr_slave_0: entered promiscuous mode [ 107.843408][ T6150] hsr_slave_1: entered promiscuous mode [ 107.935834][ T6253] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 108.109248][ T6256] hub 8-0:1.0: USB hub found [ 108.110170][ T6256] hub 8-0:1.0: 1 port detected [ 108.242460][ T6254] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 109.686180][ T6284] netlink: 130 bytes leftover after parsing attributes in process `syz.2.50'. [ 109.892692][ T5842] Bluetooth: hci2: command tx timeout [ 110.480923][ T6302] FAULT_INJECTION: forcing a failure. [ 110.480923][ T6302] name failslab, interval 1, probability 0, space 0, times 1 [ 110.532655][ T6302] CPU: 1 UID: 0 PID: 6302 Comm: syz.3.52 Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) [ 110.532692][ T6302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 110.532706][ T6302] Call Trace: [ 110.532714][ T6302] [ 110.532728][ T6302] dump_stack_lvl+0x16c/0x1f0 [ 110.532772][ T6302] should_fail_ex+0x512/0x640 [ 110.532805][ T6302] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 110.532834][ T6302] should_failslab+0xc2/0x120 [ 110.532855][ T6302] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 110.532870][ T6302] ? sock_alloc_inode+0x25/0x1c0 [ 110.532889][ T6302] ? __pfx_sock_alloc_inode+0x10/0x10 [ 110.532906][ T6302] sock_alloc_inode+0x25/0x1c0 [ 110.532924][ T6302] alloc_inode+0x61/0x240 [ 110.532941][ T6302] sock_alloc+0x40/0x280 [ 110.532958][ T6302] __sock_create+0xc1/0x8d0 [ 110.532979][ T6302] __sys_socket+0x14d/0x260 [ 110.532999][ T6302] ? __pfx___sys_socket+0x10/0x10 [ 110.533018][ T6302] ? rcu_is_watching+0x12/0xc0 [ 110.533034][ T6302] __x64_sys_socket+0x72/0xb0 [ 110.533051][ T6302] ? lockdep_hardirqs_on+0x7c/0x110 [ 110.533067][ T6302] do_syscall_64+0xcd/0x230 [ 110.533087][ T6302] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.533100][ T6302] RIP: 0033:0x7f1143f8e969 [ 110.533112][ T6302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 110.533124][ T6302] RSP: 002b:00007f1144d96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 110.533137][ T6302] RAX: ffffffffffffffda RBX: 00007f11441b5fa0 RCX: 00007f1143f8e969 [ 110.533145][ T6302] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 110.533152][ T6302] RBP: 00007f1144010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 110.533160][ T6302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 110.533167][ T6302] R13: 0000000000000000 R14: 00007f11441b5fa0 R15: 00007fff7fd57d08 [ 110.533184][ T6302] [ 110.533513][ T6302] socket: no more sockets [ 110.617500][ T6150] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 110.773901][ T6303] can: request_module (can-proto-3) failed. [ 110.808705][ T6150] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 110.965202][ T6150] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 111.071171][ T6150] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 111.649723][ T6150] 8021q: adding VLAN 0 to HW filter on device bond0 [ 111.796698][ T6150] 8021q: adding VLAN 0 to HW filter on device team0 [ 111.848847][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.856050][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 111.940333][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.947543][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state syzkaller syzkaller login: [ 113.437800][ T6150] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.489763][ T6345] can: request_module (can-proto-4) failed. [ 113.657546][ T6345] zram: Added device: zram1 [ 113.861385][ T6150] veth0_vlan: entered promiscuous mode [ 114.007311][ T6150] veth1_vlan: entered promiscuous mode [ 114.219334][ T6150] veth0_macvtap: entered promiscuous mode [ 114.229443][ T6150] veth1_macvtap: entered promiscuous mode [ 114.248229][ T6150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.258878][ T6150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.269607][ T6150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.280669][ T6150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.292156][ T6150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.303406][ T6150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.331295][ T6150] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 114.401450][ T6150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.412543][ T6150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.422880][ T6150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.433684][ T6150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.444892][ T6150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.455798][ T6150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.468290][ T6150] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 114.472284][ T6364] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 114.518982][ T6364] CIFS mount error: No usable UNC path provided in device string! [ 114.518982][ T6364] [ 114.549622][ T6150] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.564379][ T6150] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.573109][ T6150] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.705419][ T6364] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 114.729117][ T6150] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.177668][ T6353] ptrace attach of "./syz-executor exec"[5831] was attempted by "./syz-executor exec"[6353] [ 115.210567][ T2950] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.228436][ T2950] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.461606][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.483170][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 syzkaller syzkaller login: [ 115.970284][ T6397] can: request_module (can-proto-3) failed. [ 117.510821][ T6420] openvswitch: netlink: Multiple metadata blocks provided [ 118.234430][ T6435] can: request_module (can-proto-3) failed. [ 119.119202][ T6426] CIFS mount error: No usable UNC path provided in device string! [ 119.119202][ T6426] [ 119.129499][ T6426] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 120.014408][ T6466] netlink: 36 bytes leftover after parsing attributes in process `syz.0.78'. [ 120.023562][ T6466] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 120.846497][ T6476] can: request_module (can-proto-3) failed. [ 121.757541][ T6485] FAULT_INJECTION: forcing a failure. [ 121.757541][ T6485] name fail_futex, interval 1, probability 0, space 0, times 1 [ 121.769158][ T6491] ======================================================= [ 121.769158][ T6491] WARNING: The mand mount option has been deprecated and [ 121.769158][ T6491] and is ignored by this kernel. Remove the mand [ 121.769158][ T6491] option from the mount to silence this warning. [ 121.769158][ T6491] ======================================================= [ 121.793188][ T6485] CPU: 1 UID: 0 PID: 6485 Comm: syz.0.82 Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) [ 121.793222][ T6485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 121.793234][ T6485] Call Trace: [ 121.793242][ T6485] [ 121.793251][ T6485] dump_stack_lvl+0x16c/0x1f0 [ 121.793305][ T6485] should_fail_ex+0x512/0x640 [ 121.793343][ T6485] get_futex_key+0x49e/0x1000 [ 121.793371][ T6485] ? __pfx_get_futex_key+0x10/0x10 [ 121.793405][ T6485] futex_wake+0xe7/0x4e0 [ 121.793436][ T6485] ? __pfx_futex_wake+0x10/0x10 [ 121.793467][ T6485] ? kmem_cache_free+0x2d4/0x4d0 [ 121.793490][ T6485] ? fd_install+0x225/0x750 [ 121.793520][ T6485] ? putname+0x154/0x1a0 [ 121.793552][ T6485] do_futex+0x1e3/0x350 [ 121.793576][ T6485] ? __pfx_do_futex+0x10/0x10 [ 121.793609][ T6485] __x64_sys_futex+0x1e0/0x4c0 [ 121.793636][ T6485] ? __x64_sys_openat+0x174/0x210 [ 121.793665][ T6485] ? __pfx___x64_sys_futex+0x10/0x10 [ 121.793691][ T6485] ? rcu_is_watching+0x12/0xc0 [ 121.793722][ T6485] do_syscall_64+0xcd/0x230 [ 121.793755][ T6485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.793779][ T6485] RIP: 0033:0x7f9b6938e969 [ 121.793800][ T6485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.793825][ T6485] RSP: 002b:00007f9b6a2570e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 121.793853][ T6485] RAX: ffffffffffffffda RBX: 00007f9b695b5fa8 RCX: 00007f9b6938e969 [ 121.793868][ T6485] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9b695b5fac [ 121.793883][ T6485] RBP: 00007f9b695b5fa0 R08: 00007f9b6a258000 R09: 0000000000000000 [ 121.793897][ T6485] R10: 0000000000000005 R11: 0000000000000246 R12: 00007f9b695b5fac [ 121.793912][ T6485] R13: 0000000000000000 R14: 00007fff2a8a18b0 R15: 00007fff2a8a1998 [ 121.793944][ T6485] [ 123.439911][ T6517] syz.1.89 uses obsolete (PF_INET,SOCK_PACKET) syzkaller syzkaller login: [ 124.618998][ T6537] FAULT_INJECTION: forcing a failure. [ 124.618998][ T6537] name failslab, interval 1, probability 0, space 0, times 0 [ 124.669644][ T6539] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 124.670259][ T6537] CPU: 1 UID: 0 PID: 6537 Comm: syz.1.95 Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) [ 124.670291][ T6537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 124.670305][ T6537] Call Trace: [ 124.670313][ T6537] [ 124.670321][ T6537] dump_stack_lvl+0x16c/0x1f0 [ 124.670360][ T6537] should_fail_ex+0x512/0x640 [ 124.670390][ T6537] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 124.670432][ T6537] should_failslab+0xc2/0x120 [ 124.670459][ T6537] __kmalloc_cache_noprof+0x6a/0x3e0 [ 124.670494][ T6537] ? pty_common_install+0x10e/0xb30 [ 124.670521][ T6537] pty_common_install+0x10e/0xb30 [ 124.670542][ T6537] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 124.670590][ T6537] ? __pfx_pty_unix98_install+0x10/0x10 [ 124.670615][ T6537] tty_init_dev.part.0+0x99/0x500 [ 124.670648][ T6537] tty_init_dev+0x60/0x80 [ 124.670677][ T6537] ? __pfx_ptmx_open+0x10/0x10 [ 124.670697][ T6537] ptmx_open+0x10d/0x360 [ 124.670718][ T6537] ? __pfx_ptmx_open+0x10/0x10 [ 124.670738][ T6537] chrdev_open+0x231/0x6a0 [ 124.670762][ T6537] ? __pfx_apparmor_file_open+0x10/0x10 [ 124.670790][ T6537] ? __pfx_chrdev_open+0x10/0x10 [ 124.670817][ T6537] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 124.670856][ T6537] do_dentry_open+0x741/0x1c10 [ 124.670881][ T6537] ? __pfx_chrdev_open+0x10/0x10 [ 124.670911][ T6537] vfs_open+0x82/0x3f0 [ 124.670944][ T6537] path_openat+0x1e5e/0x2d40 [ 124.670979][ T6537] ? __pfx_path_openat+0x10/0x10 [ 124.671011][ T6537] do_filp_open+0x20b/0x470 [ 124.671033][ T6537] ? __pfx_do_filp_open+0x10/0x10 [ 124.671080][ T6537] ? alloc_fd+0x471/0x7d0 [ 124.671122][ T6537] do_sys_openat2+0x11b/0x1d0 [ 124.671151][ T6537] ? __pfx_do_sys_openat2+0x10/0x10 [ 124.671193][ T6537] __x64_sys_openat+0x174/0x210 [ 124.671223][ T6537] ? __pfx___x64_sys_openat+0x10/0x10 [ 124.671254][ T6537] ? rcu_is_watching+0x12/0xc0 [ 124.671286][ T6537] do_syscall_64+0xcd/0x230 [ 124.671320][ T6537] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.671343][ T6537] RIP: 0033:0x7facd4f8e969 [ 124.671362][ T6537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.671383][ T6537] RSP: 002b:00007facd5e8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 124.671405][ T6537] RAX: ffffffffffffffda RBX: 00007facd51b5fa0 RCX: 00007facd4f8e969 [ 124.671420][ T6537] RDX: 0000000000002200 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 124.671436][ T6537] RBP: 00007facd5010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 124.671450][ T6537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 124.671464][ T6537] R13: 0000000000000000 R14: 00007facd51b5fa0 R15: 00007fff155b63b8 [ 124.671496][ T6537] syzkaller syzkaller login: [ 126.801045][ T6571] can: request_module (can-proto-3) failed. [ 128.393438][ T6586] can: request_module (can-proto-3) failed. [ 129.012174][ T6594] ecryptfs_miscdev_write: Invalid packet size [192] syzkaller syzkaller login: [ 129.832128][ T6601] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 130.602026][ T6616] can: request_module (can-proto-3) failed. [ 131.679875][ T6632] can: request_module (can-proto-3) failed. [ 132.033155][ T6630] netlink: 4 bytes leftover after parsing attributes in process `syz.3.110'. [ 132.043941][ T6630] netlink: 25 bytes leftover after parsing attributes in process `syz.3.110'. [ 132.857346][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.863938][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.618859][ T6651] vcan0: tx drop: invalid da for name 0x000110000000003f [ 133.818318][ T6652] can: request_module (can-proto-3) failed. [ 135.074767][ T6667] can: request_module (can-proto-3) failed. [ 135.085252][ T6672] hub 8-0:1.0: USB hub found [ 135.134498][ T6672] hub 8-0:1.0: 1 port detected [ 135.778636][ T6669] random: crng reseeded on system resumption [ 137.294930][ T6699] ubi0: attaching mtd0 [ 137.309031][ T6699] ubi0: scanning is finished [ 137.353919][ T6699] ubi0: empty MTD device detected [ 137.699271][ T6699] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 137.784499][ T6699] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 138.009123][ T6699] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 138.144393][ T6699] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 138.216972][ T6699] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 138.295926][ T6699] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 138.333511][ T6699] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2077997545 [ 138.408237][ T6699] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 138.483404][ T6705] ubi0: background thread "ubi_bgt0d" started, PID 6705 [ 138.996279][ T6715] random: crng reseeded on system resumption [ 142.144485][ T6757] can: request_module (can-proto-3) failed. [ 143.821013][ T36] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.950384][ T6775] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 144.006075][ T36] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.149277][ T36] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.290756][ T36] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.646708][ T36] bridge_slave_1: left allmulticast mode [ 144.686662][ T36] bridge_slave_1: left promiscuous mode [ 144.692501][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 144.741771][ T36] bridge_slave_0: left allmulticast mode [ 144.766534][ T36] bridge_slave_0: left promiscuous mode [ 144.772329][ T36] bridge0: port 1(bridge_slave_0) entered disabled state syzkaller syzkaller login: [ 145.190540][ T5846] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 145.205877][ T5846] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 145.214302][ T5846] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 145.226004][ T5846] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 145.233922][ T5846] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 145.544028][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 145.558968][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 145.570314][ T36] bond0 (unregistering): Released all slaves [ 146.271994][ T36] hsr_slave_0: left promiscuous mode [ 146.280559][ T36] hsr_slave_1: left promiscuous mode [ 146.291346][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 146.305884][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 146.338274][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 146.367279][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 146.424741][ T36] veth1_macvtap: left promiscuous mode [ 146.434705][ T36] veth0_macvtap: left promiscuous mode [ 146.440402][ T36] veth1_vlan: left promiscuous mode [ 146.455075][ T36] veth0_vlan: left promiscuous mode [ 146.982046][ T6823] can: request_module (can-proto-3) failed. [ 147.324767][ T5842] Bluetooth: hci4: command tx timeout [ 148.698640][ T36] team0 (unregistering): Port device team_slave_1 removed [ 148.757703][ T36] team0 (unregistering): Port device team_slave_0 removed [ 149.416554][ T5842] Bluetooth: hci4: command tx timeout [ 149.507827][ T6793] chnl_net:caif_netlink_parms(): no params data found [ 149.831270][ T6793] bridge0: port 1(bridge_slave_0) entered blocking state [ 149.868906][ T6793] bridge0: port 1(bridge_slave_0) entered disabled state [ 149.887080][ T6793] bridge_slave_0: entered allmulticast mode [ 149.908643][ T6793] bridge_slave_0: entered promiscuous mode [ 149.927410][ T6793] bridge0: port 2(bridge_slave_1) entered blocking state [ 149.946658][ T6793] bridge0: port 2(bridge_slave_1) entered disabled state [ 149.973424][ T6793] bridge_slave_1: entered allmulticast mode [ 149.990646][ T6793] bridge_slave_1: entered promiscuous mode [ 150.056310][ T6793] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 150.098970][ T6793] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 150.175782][ T6851] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 150.209639][ T6793] team0: Port device team_slave_0 added [ 150.238937][ T6793] team0: Port device team_slave_1 added [ 150.405583][ T6793] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 150.413586][ T6793] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 150.474582][ T6793] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 150.529197][ T6793] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 150.541438][ T6793] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 150.575808][ T6793] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 150.866484][ T6793] hsr_slave_0: entered promiscuous mode [ 150.890996][ T6793] hsr_slave_1: entered promiscuous mode [ 150.941760][ T6793] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 150.964407][ T6793] Cannot create hsr debugfs directory [ 151.491009][ T5842] Bluetooth: hci4: command tx timeout [ 153.349693][ T6793] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 153.564471][ T5842] Bluetooth: hci4: command tx timeout [ 153.590951][ T6793] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 153.820146][ T6793] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 153.945773][ T6906] netlink: 36 bytes leftover after parsing attributes in process `syz.3.161'. [ 154.023382][ T6906] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 154.081948][ T6793] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 154.659654][ T6793] 8021q: adding VLAN 0 to HW filter on device bond0 [ 154.711244][ T6793] 8021q: adding VLAN 0 to HW filter on device team0 [ 154.742817][ T3563] bridge0: port 1(bridge_slave_0) entered blocking state [ 154.750028][ T3563] bridge0: port 1(bridge_slave_0) entered forwarding state [ 154.831784][ T2950] bridge0: port 2(bridge_slave_1) entered blocking state [ 154.838982][ T2950] bridge0: port 2(bridge_slave_1) entered forwarding state [ 155.824043][ T6793] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 156.067483][ T6793] veth0_vlan: entered promiscuous mode [ 156.141142][ T6793] veth1_vlan: entered promiscuous mode [ 156.266685][ T6793] veth0_macvtap: entered promiscuous mode [ 156.349549][ T6793] veth1_macvtap: entered promiscuous mode [ 156.469751][ T6793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.500842][ T6793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.518811][ T6793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.570086][ T6793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.590762][ T6793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.602166][ T6793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.636136][ T6793] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 156.661412][ T6793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.674849][ T6793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.693240][ T6793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.929563][ T6793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.940675][ T6793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.951491][ T6793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.963074][ T6793] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 157.010552][ T6793] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.057944][ T6793] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.087064][ T6793] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.116480][ T6793] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.456402][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.482387][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.584930][ T6974] openvswitch: netlink: Multiple metadata blocks provided [ 157.613187][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.664332][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 159.397045][ T6993] CIFS mount error: No usable UNC path provided in device string! [ 159.397045][ T6993] [ 159.407753][ T6993] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 159.645058][ T6993] ptrace attach of "./syz-executor exec"[6150] was attempted by "./syz-executor exec"[6993] [ 160.268844][ T7019] CIFS mount error: No usable UNC path provided in device string! [ 160.268844][ T7019] [ 160.279643][ T7019] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 160.708200][ T7040] can: request_module (can-proto-3) failed. [ 161.482784][ T7055] blktrace: Concurrent blktraces are not allowed on loop5 [ 161.598538][ T7055] blktrace: Concurrent blktraces are not allowed on ram6 [ 162.900402][ T7085] can: request_module (can-proto-3) failed. [ 163.467886][ T7080] netlink: 4 bytes leftover after parsing attributes in process `syz.0.182'. [ 163.536918][ T7091] netlink: 25 bytes leftover after parsing attributes in process `syz.0.182'. [ 163.984897][ T7095] CIFS mount error: No usable UNC path provided in device string! [ 163.984897][ T7095] [ 164.004478][ T7095] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 164.546040][ T7095] ptrace attach of "./syz-executor exec"[5939] was attempted by "./syz-executor exec"[7095] syzkaller syzkaller login: [ 165.982310][ T7139] netlink: 130 bytes leftover after parsing attributes in process `syz.1.192'. [ 166.155841][ T7135] can: request_module (can-proto-4) failed. [ 166.172895][ T7140] zram: Added device: zram2 [ 166.511287][ T7138] CIFS mount error: No usable UNC path provided in device string! [ 166.511287][ T7138] [ 166.521886][ T7138] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 167.787168][ T7166] can: request_module (can-proto-3) failed. [ 167.900851][ T7168] can: request_module (can-proto-3) failed. syzkaller syzkaller login: [ 168.572130][ T7181] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 168.798775][ T7183] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 169.373928][ T7176] netlink: 4 bytes leftover after parsing attributes in process `syz.1.198'. [ 169.426151][ T7176] netlink: 25 bytes leftover after parsing attributes in process `syz.1.198'. [ 170.196884][ T7210] zram: Added device: zram3 [ 170.320978][ T7204] can: request_module (can-proto-4) failed. [ 171.357200][ T7225] can: request_module (can-proto-0) failed. syzkaller syzkaller login: [ 172.401294][ T7245] can: request_module (can-proto-3) failed. [ 173.460905][ T7260] can: request_module (can-proto-3) failed. [ 174.929445][ T7275] can: request_module (can-proto-3) failed. [ 175.980110][ T3563] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.216286][ T3563] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.391042][ T7287] can: request_module (can-proto-0) failed. [ 176.458716][ T3563] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.635881][ T3563] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.968279][ T3563] bridge_slave_1: left allmulticast mode [ 176.973979][ T3563] bridge_slave_1: left promiscuous mode [ 177.010694][ T3563] bridge0: port 2(bridge_slave_1) entered disabled state [ 177.089325][ T3563] bridge_slave_0: left allmulticast mode [ 177.119390][ T3563] bridge_slave_0: left promiscuous mode [ 177.127529][ T3563] bridge0: port 1(bridge_slave_0) entered disabled state [ 177.142919][ T5846] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 177.152189][ T5846] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 177.166597][ T5846] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 177.177500][ T5846] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 177.185955][ T5846] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 177.853339][ T3563] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 177.868459][ T3563] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 177.882852][ T3563] bond0 (unregistering): Released all slaves [ 178.429220][ T3563] hsr_slave_0: left promiscuous mode [ 178.450499][ T3563] hsr_slave_1: left promiscuous mode [ 178.469026][ T3563] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 178.479487][ T3563] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 178.503354][ T3563] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 178.512211][ T3563] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 178.552548][ T3563] veth1_macvtap: left promiscuous mode [ 178.574420][ T3563] veth0_macvtap: left promiscuous mode [ 178.581154][ T3563] veth1_vlan: left promiscuous mode [ 178.595569][ T3563] veth0_vlan: left promiscuous mode [ 179.244623][ T5846] Bluetooth: hci1: command tx timeout [ 179.347830][ T3563] team0 (unregistering): Port device team_slave_1 removed [ 179.519822][ T7337] can: request_module (can-proto-3) failed. [ 179.548040][ T3563] team0 (unregistering): Port device team_slave_0 removed [ 181.158595][ T7297] chnl_net:caif_netlink_parms(): no params data found [ 181.326054][ T5846] Bluetooth: hci1: command tx timeout [ 181.651601][ T7297] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.662689][ T7297] bridge0: port 1(bridge_slave_0) entered disabled state [ 181.674125][ T7297] bridge_slave_0: entered allmulticast mode [ 181.687919][ T7297] bridge_slave_0: entered promiscuous mode [ 181.734121][ T7297] bridge0: port 2(bridge_slave_1) entered blocking state [ 181.759057][ T7297] bridge0: port 2(bridge_slave_1) entered disabled state [ 181.852671][ T7297] bridge_slave_1: entered allmulticast mode [ 181.875985][ T7297] bridge_slave_1: entered promiscuous mode [ 182.256153][ T7382] kernel read not supported for file /set_event_notrace_pid (pid: 7382 comm: syz.0.231) [ 182.293646][ T7297] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 182.357265][ T30] audit: type=1800 audit(4294967578.031:2): pid=7382 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.231" name="set_event_notrace_pid" dev="tracefs" ino=1073 res=0 errno=0 [ 182.425081][ T7297] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 182.775776][ T7297] team0: Port device team_slave_0 added [ 182.796789][ T7297] team0: Port device team_slave_1 added [ 183.027525][ T7297] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 183.047474][ T7297] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 183.075929][ T7297] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 183.231487][ T7297] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 183.238664][ T7297] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 183.266029][ T7297] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 183.344421][ T7396] netlink: 12 bytes leftover after parsing attributes in process `syz.2.235'. [ 183.404462][ T5846] Bluetooth: hci1: command tx timeout [ 183.476327][ T7297] hsr_slave_0: entered promiscuous mode [ 183.506977][ T7297] hsr_slave_1: entered promiscuous mode [ 183.514470][ T7297] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 183.522057][ T7297] Cannot create hsr debugfs directory [ 185.163845][ T7431] vcan0: tx drop: invalid da for name 0x000110000000003f [ 185.487072][ T5846] Bluetooth: hci1: command tx timeout [ 185.502073][ T7297] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 185.547245][ T7297] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 185.583323][ T7297] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 185.615078][ T7297] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 185.855827][ T7297] 8021q: adding VLAN 0 to HW filter on device bond0 [ 185.898873][ T7297] 8021q: adding VLAN 0 to HW filter on device team0 [ 185.931839][ T3428] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.939035][ T3428] bridge0: port 1(bridge_slave_0) entered forwarding state [ 185.976686][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 185.983840][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 186.251086][ T7462] kernel read not supported for file /set_event_notrace_pid (pid: 7462 comm: syz.2.244) [ 186.305605][ T30] audit: type=1800 audit(4294967581.981:3): pid=7462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.244" name="set_event_notrace_pid" dev="tracefs" ino=1073 res=0 errno=0 [ 186.662909][ T7297] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 186.951510][ T7297] veth0_vlan: entered promiscuous mode [ 186.972699][ T7297] veth1_vlan: entered promiscuous mode [ 186.998303][ T7297] veth0_macvtap: entered promiscuous mode [ 187.009003][ T7297] veth1_macvtap: entered promiscuous mode [ 187.023460][ T7297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 187.034525][ T7297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.051345][ T7297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 187.062599][ T7297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.072826][ T7297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 187.109053][ T7297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.158473][ T7297] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 187.209243][ T7297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 187.272798][ T7297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.307192][ T7297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 187.329837][ T7297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.373816][ T7297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 187.424821][ T7297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.457298][ T7297] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 187.645849][ T7297] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.668373][ T7297] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.697856][ T7297] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.725849][ T7297] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.060458][ T7502] HfR: entered promiscuous mode [ 188.129489][ T7502] device-mapper: ioctl: Unable to rename non-existent device,  to „ [ 188.335187][ T3563] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.373253][ T3563] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.586331][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.614234][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 190.153570][ T7531] netlink: 12 bytes leftover after parsing attributes in process `syz.3.252'. [ 193.875866][ T7612] ecryptfs_miscdev_write: Invalid packet size [192] [ 194.288527][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.295002][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 198.325245][ T7665] can: request_module (can-proto-3) failed. [ 199.115227][ T7679] ecryptfs_miscdev_write: Invalid packet size [192] [ 199.241068][ T7671] random: crng reseeded on system resumption [ 200.575108][ T7695] can: request_module (can-proto-3) failed. [ 201.485348][ T5842] Bluetooth: hci3: command 0x0406 tx timeout [ 202.129837][ T7715] can: request_module (can-proto-3) failed. [ 203.291022][ T7729] can: request_module (can-proto-3) failed. [ 203.398625][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.541566][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.764807][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.916801][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.957335][ T5842] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 203.966264][ T5842] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 203.987304][ T5842] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 204.005229][ T5842] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 204.013024][ T5842] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 204.081552][ T7740] random: crng reseeded on system resumption [ 204.416876][ T12] bridge_slave_1: left allmulticast mode [ 204.422612][ T12] bridge_slave_1: left promiscuous mode [ 204.448596][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.471779][ T12] bridge_slave_0: left allmulticast mode [ 204.477649][ T12] bridge_slave_0: left promiscuous mode [ 204.484530][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.290631][ T7760] can: request_module (can-proto-3) failed. [ 206.000916][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 206.021130][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 206.040580][ T12] bond0 (unregistering): Released all slaves [ 206.054691][ T5846] Bluetooth: hci2: command tx timeout [ 206.708192][ T7780] can: request_module (can-proto-3) failed. [ 206.969314][ T12] hsr_slave_0: left promiscuous mode [ 206.978087][ T12] hsr_slave_1: left promiscuous mode [ 206.984173][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 207.024102][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 207.065913][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 207.073387][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 207.080823][ T7787] random: crng reseeded on system resumption [ 207.112165][ T12] veth1_macvtap: left promiscuous mode [ 207.118809][ T12] veth0_macvtap: left promiscuous mode [ 207.126364][ T12] veth1_vlan: left promiscuous mode [ 207.157350][ T12] veth0_vlan: left promiscuous mode [ 207.877242][ T12] team0 (unregistering): Port device team_slave_1 removed [ 207.920480][ T12] team0 (unregistering): Port device team_slave_0 removed [ 208.124356][ T5846] Bluetooth: hci2: command tx timeout [ 208.494033][ T7742] chnl_net:caif_netlink_parms(): no params data found [ 208.834478][ T7742] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.841650][ T7742] bridge0: port 1(bridge_slave_0) entered disabled state [ 208.878984][ T7742] bridge_slave_0: entered allmulticast mode [ 208.888841][ T7742] bridge_slave_0: entered promiscuous mode [ 208.902259][ T7742] bridge0: port 2(bridge_slave_1) entered blocking state [ 208.909792][ T7742] bridge0: port 2(bridge_slave_1) entered disabled state [ 208.919583][ T7742] bridge_slave_1: entered allmulticast mode [ 208.927583][ T7742] bridge_slave_1: entered promiscuous mode [ 209.130998][ T7742] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 209.297612][ T7820] hub 8-0:1.0: USB hub found [ 209.314487][ T7820] hub 8-0:1.0: 1 port detected [ 209.418883][ T7742] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 209.915232][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 209.939473][ T5842] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 209.964697][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 209.991248][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.001915][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 210.022430][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 210.149060][ T7742] team0: Port device team_slave_0 added [ 210.159309][ T7742] team0: Port device team_slave_1 added [ 210.204347][ T5842] Bluetooth: hci2: command tx timeout [ 210.290945][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.309505][ T7742] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 210.316644][ T7742] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.343333][ T7742] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 210.404979][ T7742] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 210.412255][ T7742] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.438685][ T7742] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 210.479239][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.570521][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.630939][ T7742] hsr_slave_0: entered promiscuous mode [ 210.642971][ T7742] hsr_slave_1: entered promiscuous mode [ 211.443220][ T12] bridge_slave_1: left allmulticast mode [ 211.460989][ T12] bridge_slave_1: left promiscuous mode [ 211.477462][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.563683][ T12] bridge_slave_0: left allmulticast mode [ 211.678786][ T12] bridge_slave_0: left promiscuous mode [ 211.686393][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.054560][ T5842] Bluetooth: hci1: command tx timeout [ 212.120240][ T7860] can: request_module (can-proto-3) failed. [ 212.284739][ T5842] Bluetooth: hci2: command tx timeout [ 212.667658][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 212.770490][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 212.781687][ T12] bond0 (unregistering): Released all slaves [ 212.818668][ T7871] can: request_module (can-proto-3) failed. [ 214.125132][ T5842] Bluetooth: hci1: command tx timeout [ 214.157214][ T7833] chnl_net:caif_netlink_parms(): no params data found [ 214.444695][ T7893] random: crng reseeded on system resumption [ 215.408197][ T12] hsr_slave_0: left promiscuous mode [ 215.419563][ T12] hsr_slave_1: left promiscuous mode [ 215.442571][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 215.459567][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 215.476083][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 215.491901][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 215.532759][ T12] veth1_macvtap: left promiscuous mode [ 215.544724][ T12] veth0_macvtap: left promiscuous mode [ 215.561242][ T12] veth1_vlan: left promiscuous mode [ 215.570969][ T12] veth0_vlan: left promiscuous mode [ 216.205441][ T5842] Bluetooth: hci1: command tx timeout [ 216.228063][ T12] team0 (unregistering): Port device team_slave_1 removed [ 216.355387][ T12] team0 (unregistering): Port device team_slave_0 removed [ 216.978160][ T7833] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.989721][ T7833] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.997184][ T7833] bridge_slave_0: entered allmulticast mode [ 217.004070][ T7833] bridge_slave_0: entered promiscuous mode [ 217.015785][ T7833] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.025924][ T7833] bridge0: port 2(bridge_slave_1) entered disabled state [ 217.033109][ T7833] bridge_slave_1: entered allmulticast mode [ 217.044050][ T7833] bridge_slave_1: entered promiscuous mode [ 217.212542][ T7833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 217.225495][ T7833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 217.324015][ T7833] team0: Port device team_slave_0 added [ 217.355601][ T7833] team0: Port device team_slave_1 added [ 217.401595][ T7833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 217.412487][ T7833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.438657][ T7833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 217.451771][ T7833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 217.458822][ T7833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.484762][ T7833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 217.507427][ T7742] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 217.518815][ T7742] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 217.562306][ T7742] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 217.578909][ T7833] hsr_slave_0: entered promiscuous mode [ 217.585410][ T7833] hsr_slave_1: entered promiscuous mode [ 217.591669][ T7833] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 217.599876][ T7833] Cannot create hsr debugfs directory [ 217.618975][ T7742] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 218.284812][ T5842] Bluetooth: hci1: command tx timeout [ 218.692058][ T7742] 8021q: adding VLAN 0 to HW filter on device bond0 [ 218.739207][ T7742] 8021q: adding VLAN 0 to HW filter on device team0 [ 218.773959][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.781180][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 218.896991][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.904217][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 219.106678][ T7833] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 219.122052][ T7833] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 219.157202][ T7833] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 219.218783][ T7833] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 219.269127][ T7956] binder: 7955:7956 ioctl c0306201 200000000680 returned -14 [ 219.541325][ T7962] FAULT_INJECTION: forcing a failure. [ 219.541325][ T7962] name failslab, interval 1, probability 0, space 0, times 0 [ 219.597685][ T7833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 219.615277][ T7962] CPU: 0 UID: 0 PID: 7962 Comm: syz.1.321 Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) [ 219.615308][ T7962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 219.615319][ T7962] Call Trace: [ 219.615327][ T7962] [ 219.615335][ T7962] dump_stack_lvl+0x16c/0x1f0 [ 219.615373][ T7962] should_fail_ex+0x512/0x640 [ 219.615410][ T7962] should_failslab+0xc2/0x120 [ 219.615437][ T7962] __kmalloc_cache_noprof+0x6a/0x3e0 [ 219.615472][ T7962] ? __sctp_v6_cmp_addr+0x206/0x530 [ 219.615503][ T7962] ? sctp_add_bind_addr+0xae/0x3f0 [ 219.615536][ T7962] sctp_add_bind_addr+0xae/0x3f0 [ 219.615569][ T7962] sctp_copy_local_addr_list+0x39d/0x5a0 [ 219.615608][ T7962] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 219.615646][ T7962] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 219.615687][ T7962] ? sctp_bind_addr_copy+0xe0/0x530 [ 219.615716][ T7962] sctp_bind_addr_copy+0xe0/0x530 [ 219.615751][ T7962] sctp_connect_new_asoc+0x1d7/0x790 [ 219.615780][ T7962] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 219.615813][ T7962] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 219.615850][ T7962] sctp_sendmsg+0x15f9/0x1ee0 [ 219.615886][ T7962] ? __pfx_sctp_sendmsg+0x10/0x10 [ 219.615927][ T7962] ? __might_fault+0xe3/0x190 [ 219.615959][ T7962] ? __pfx_aa_sk_perm+0x10/0x10 [ 219.615989][ T7962] ? __pfx_sctp_sendmsg+0x10/0x10 [ 219.616015][ T7962] inet_sendmsg+0x119/0x140 [ 219.616047][ T7962] __sys_sendto+0x431/0x510 [ 219.616072][ T7962] ? __pfx___sys_sendto+0x10/0x10 [ 219.616132][ T7962] ? ksys_write+0x1b9/0x240 [ 219.616153][ T7962] ? __pfx_ksys_write+0x10/0x10 [ 219.616173][ T7962] ? rcu_is_watching+0x12/0xc0 [ 219.616199][ T7962] __x64_sys_sendto+0xe0/0x1c0 [ 219.616218][ T7962] ? do_syscall_64+0x91/0x230 [ 219.616249][ T7962] ? lockdep_hardirqs_on+0x7c/0x110 [ 219.616277][ T7962] do_syscall_64+0xcd/0x230 [ 219.616307][ T7962] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 219.616330][ T7962] RIP: 0033:0x7fa8f338e969 [ 219.616348][ T7962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 219.616368][ T7962] RSP: 002b:00007fa8f42ce038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 219.616394][ T7962] RAX: ffffffffffffffda RBX: 00007fa8f35b5fa0 RCX: 00007fa8f338e969 [ 219.616407][ T7962] RDX: 0000000000000401 RSI: 0000000000000000 RDI: 0000000000000004 [ 219.616419][ T7962] RBP: 00007fa8f42ce090 R08: 0000200000000000 R09: 000000000000001f [ 219.616433][ T7962] R10: 0000000000000101 R11: 0000000000000246 R12: 0000000000000002 [ 219.616445][ T7962] R13: 0000000000000000 R14: 00007fa8f35b5fa0 R15: 00007ffc9ac41ea8 [ 219.616477][ T7962] [ 219.964778][ T7833] 8021q: adding VLAN 0 to HW filter on device team0 [ 219.979018][ T2950] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.986981][ T2950] bridge0: port 1(bridge_slave_0) entered forwarding state [ 220.080143][ T7833] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 220.090695][ T7833] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 220.114061][ T2950] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.121281][ T2950] bridge0: port 2(bridge_slave_1) entered forwarding state [ 220.462060][ T7742] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 220.530300][ T7742] veth0_vlan: entered promiscuous mode [ 220.542587][ T7742] veth1_vlan: entered promiscuous mode [ 220.651118][ T7742] veth0_macvtap: entered promiscuous mode [ 220.717980][ T7742] veth1_macvtap: entered promiscuous mode [ 220.795958][ T7742] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 220.829829][ T7742] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.864338][ T7742] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 220.903210][ T7742] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.928913][ T7997] FAULT_INJECTION: forcing a failure. [ 220.928913][ T7997] name failslab, interval 1, probability 0, space 0, times 0 [ 220.956665][ T7742] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 220.972705][ T7742] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.014299][ T7742] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.014312][ T7997] CPU: 1 UID: 0 PID: 7997 Comm: syz.2.324 Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) [ 221.014338][ T7997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 221.014348][ T7997] Call Trace: [ 221.014354][ T7997] [ 221.014361][ T7997] dump_stack_lvl+0x16c/0x1f0 [ 221.014397][ T7997] should_fail_ex+0x512/0x640 [ 221.014426][ T7997] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 221.014464][ T7997] should_failslab+0xc2/0x120 [ 221.014490][ T7997] __kmalloc_cache_noprof+0x6a/0x3e0 [ 221.014523][ T7997] ? resv_map_alloc+0x46/0x400 [ 221.014554][ T7997] resv_map_alloc+0x46/0x400 [ 221.014582][ T7997] hugetlb_reserve_pages+0x799/0xd90 [ 221.014619][ T7997] ? __pfx_hugetlb_reserve_pages+0x10/0x10 [ 221.014651][ T7997] ? atime_needs_update+0x8b/0x710 [ 221.014689][ T7997] hugetlbfs_file_mmap+0x4a1/0x730 [ 221.014720][ T7997] __mmap_region+0x1485/0x27c0 [ 221.014759][ T7997] ? __pfx___mmap_region+0x10/0x10 [ 221.014782][ T7997] ? kernel_text_address+0x8d/0x100 [ 221.014839][ T7997] ? stack_depot_save_flags+0x28/0xa50 [ 221.014906][ T7997] ? trace_cap_capable+0x18d/0x200 [ 221.014931][ T7997] ? cap_capable+0xb3/0x250 [ 221.014958][ T7997] mmap_region+0x1ab/0x3f0 [ 221.014988][ T7997] do_mmap+0xd8e/0x11b0 [ 221.015024][ T7997] ? __pfx_do_mmap+0x10/0x10 [ 221.015055][ T7997] ? __pfx_down_write_killable+0x10/0x10 [ 221.015094][ T7997] vm_mmap_pgoff+0x281/0x450 [ 221.015130][ T7997] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 221.015157][ T7997] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 221.015188][ T7997] ? hugetlbfs_get_inode+0x31f/0x730 [ 221.015223][ T7997] ksys_mmap_pgoff+0x1c8/0x5c0 [ 221.015262][ T7997] __x64_sys_mmap+0x125/0x190 [ 221.015288][ T7997] do_syscall_64+0xcd/0x230 [ 221.015320][ T7997] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.015342][ T7997] RIP: 0033:0x7f6d83f8e969 [ 221.015360][ T7997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.015380][ T7997] RSP: 002b:00007f6d84e26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 221.015400][ T7997] RAX: ffffffffffffffda RBX: 00007f6d841b5fa0 RCX: 00007f6d83f8e969 [ 221.015415][ T7997] RDX: 00004000000000e3 RSI: 0000000000200004 RDI: 0000000000000000 [ 221.015428][ T7997] RBP: 00007f6d84e26090 R08: 000000000000000d R09: 0000300000000000 [ 221.015441][ T7997] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000002 [ 221.015454][ T7997] R13: 0000000000000000 R14: 00007f6d841b5fa0 R15: 00007ffc3e4b27f8 [ 221.015485][ T7997] [ 221.293468][ T7742] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.314326][ T7742] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.345742][ T7742] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 221.413559][ T7742] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.458572][ T7742] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.469552][ T7742] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.482540][ T7742] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.552216][ T7833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 221.746507][ T7833] veth0_vlan: entered promiscuous mode [ 221.808839][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 221.831283][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 221.859551][ T7833] veth1_vlan: entered promiscuous mode [ 221.922136][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 221.947877][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 221.990639][ T7833] veth0_macvtap: entered promiscuous mode [ 222.018992][ T7833] veth1_macvtap: entered promiscuous mode [ 222.077037][ T7833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 222.097537][ T8020] netlink: 146 bytes leftover after parsing attributes in process `syz.2.328'. [ 222.112913][ T7833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.128098][ T7833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 222.182503][ T7833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.212809][ T7833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 222.254405][ T7833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.303129][ T7833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 222.372621][ T7833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 222.425093][ T7833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.479788][ T7833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 222.540240][ T7833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.575811][ T7833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 222.600976][ T7833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.630796][ T7833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 222.703079][ T7833] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.750496][ T7833] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.789269][ T7833] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.828697][ T7833] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.972049][ T8043] netlink: 25 bytes leftover after parsing attributes in process `syz.1.331'. [ 223.084155][ T2950] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 223.121890][ T2950] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 223.232621][ T2950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 223.267096][ T2950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 223.472100][ T8056] FAULT_INJECTION: forcing a failure. [ 223.472100][ T8056] name failslab, interval 1, probability 0, space 0, times 0 [ 223.509106][ T8056] CPU: 1 UID: 0 PID: 8056 Comm: syz.1.334 Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) [ 223.509137][ T8056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 223.509148][ T8056] Call Trace: [ 223.509155][ T8056] [ 223.509163][ T8056] dump_stack_lvl+0x16c/0x1f0 [ 223.509196][ T8056] should_fail_ex+0x512/0x640 [ 223.509215][ T8056] ? __kmalloc_noprof+0xbf/0x510 [ 223.509231][ T8056] ? tracing_log_err+0x4b4/0x6a0 [ 223.509246][ T8056] should_failslab+0xc2/0x120 [ 223.509262][ T8056] __kmalloc_noprof+0xd2/0x510 [ 223.509277][ T8056] ? kasan_save_track+0x14/0x30 [ 223.509293][ T8056] tracing_log_err+0x4b4/0x6a0 [ 223.509308][ T8056] ? trace_seq_printf+0x217/0x3b0 [ 223.509330][ T8056] append_filter_err+0x380/0x5e0 [ 223.509346][ T8056] apply_subsystem_event_filter+0x678/0x1450 [ 223.509366][ T8056] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 223.509386][ T8056] ? _copy_from_user+0x59/0xd0 [ 223.509407][ T8056] subsystem_filter_write+0x95/0x120 [ 223.509424][ T8056] vfs_write+0x25c/0x1180 [ 223.509436][ T8056] ? __pfx_subsystem_filter_write+0x10/0x10 [ 223.509453][ T8056] ? __pfx___mutex_lock+0x10/0x10 [ 223.509471][ T8056] ? __pfx_vfs_write+0x10/0x10 [ 223.509491][ T8056] ? __fget_files+0x20e/0x3c0 [ 223.509517][ T8056] ksys_write+0x12a/0x240 [ 223.509529][ T8056] ? __pfx_ksys_write+0x10/0x10 [ 223.509547][ T8056] do_syscall_64+0xcd/0x230 [ 223.509566][ T8056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.509580][ T8056] RIP: 0033:0x7fa8f338e969 [ 223.509592][ T8056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 223.509604][ T8056] RSP: 002b:00007fa8f42ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 223.509617][ T8056] RAX: ffffffffffffffda RBX: 00007fa8f35b6080 RCX: 00007fa8f338e969 [ 223.509625][ T8056] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 0000000000000004 [ 223.509632][ T8056] RBP: 00007fa8f42ad090 R08: 0000000000000000 R09: 0000000000000000 [ 223.509640][ T8056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 223.509647][ T8056] R13: 0000000000000000 R14: 00007fa8f35b6080 R15: 00007ffc9ac41ea8 [ 223.509664][ T8056] [ 224.954484][ T8092] binder: 8091:8092 ioctl c0306201 200000000680 returned -14 [ 230.834365][ T8250] FAULT_INJECTION: forcing a failure. [ 230.834365][ T8250] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 230.879618][ T8250] CPU: 0 UID: 0 PID: 8250 Comm: syz.0.361 Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) [ 230.879647][ T8250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 230.879658][ T8250] Call Trace: [ 230.879665][ T8250] [ 230.879673][ T8250] dump_stack_lvl+0x16c/0x1f0 [ 230.879707][ T8250] should_fail_ex+0x512/0x640 [ 230.879740][ T8250] _copy_from_user+0x2e/0xd0 [ 230.879772][ T8250] csum_and_copy_from_iter_full+0x214/0x1e20 [ 230.879814][ T8250] ? rcu_is_watching+0x12/0xc0 [ 230.879837][ T8250] ? __pfx_csum_and_copy_from_iter_full+0x10/0x10 [ 230.879870][ T8250] ? __alloc_skb+0x166/0x380 [ 230.879894][ T8250] ? __asan_memset+0x23/0x50 [ 230.879928][ T8250] ? __build_skb_around+0x278/0x3b0 [ 230.879972][ T8250] ip_generic_getfrag+0x170/0x270 [ 230.879998][ T8250] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 230.880024][ T8250] ? find_held_lock+0x2b/0x80 [ 230.880051][ T8250] __ip6_append_data+0x2e78/0x4710 [ 230.880086][ T8250] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 230.880127][ T8250] ? __pfx___ip6_append_data+0x10/0x10 [ 230.880156][ T8250] ? ip6_setup_cork+0xd01/0x15d0 [ 230.880187][ T8250] ip6_append_data+0x1bd/0x4c0 [ 230.880215][ T8250] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 230.880246][ T8250] l2tp_ip6_sendmsg+0x1005/0x1e90 [ 230.880292][ T8250] ? __pfx_l2tp_ip6_sendmsg+0x10/0x10 [ 230.880323][ T8250] ? __pfx_tomoyo_check_inet_address+0x10/0x10 [ 230.880367][ T8250] ? __pfx___might_resched+0x10/0x10 [ 230.880407][ T8250] ? __pfx_aa_sk_perm+0x10/0x10 [ 230.880435][ T8250] ? __pfx_l2tp_ip6_sendmsg+0x10/0x10 [ 230.880469][ T8250] ? inet_sendmsg+0x119/0x140 [ 230.880498][ T8250] inet_sendmsg+0x119/0x140 [ 230.880529][ T8250] __sys_sendto+0x431/0x510 [ 230.880553][ T8250] ? __pfx___sys_sendto+0x10/0x10 [ 230.880606][ T8250] ? ksys_write+0x1b9/0x240 [ 230.880627][ T8250] ? __pfx_ksys_write+0x10/0x10 [ 230.880647][ T8250] ? rcu_is_watching+0x12/0xc0 [ 230.880671][ T8250] __x64_sys_sendto+0xe0/0x1c0 [ 230.880693][ T8250] ? do_syscall_64+0x91/0x230 [ 230.880722][ T8250] ? lockdep_hardirqs_on+0x7c/0x110 [ 230.880751][ T8250] do_syscall_64+0xcd/0x230 [ 230.880782][ T8250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.880805][ T8250] RIP: 0033:0x7fa257b8e969 [ 230.880823][ T8250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 230.880843][ T8250] RSP: 002b:00007fa2559f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 230.880865][ T8250] RAX: ffffffffffffffda RBX: 00007fa257db5fa0 RCX: 00007fa257b8e969 [ 230.880880][ T8250] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 230.880893][ T8250] RBP: 00007fa2559f6090 R08: 0000200000000000 R09: 000000000000001c [ 230.880907][ T8250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 230.880920][ T8250] R13: 0000000000000000 R14: 00007fa257db5fa0 R15: 00007ffef6df4d38 [ 230.880956][ T8250] [ 231.331935][ T8265] Invalid ELF header magic: != ELF [ 231.855845][ T8283] FAULT_INJECTION: forcing a failure. [ 231.855845][ T8283] name failslab, interval 1, probability 0, space 0, times 0 [ 231.880404][ T8283] CPU: 0 UID: 0 PID: 8283 Comm: syz.0.368 Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) [ 231.880437][ T8283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 231.880450][ T8283] Call Trace: [ 231.880456][ T8283] [ 231.880465][ T8283] dump_stack_lvl+0x16c/0x1f0 [ 231.880501][ T8283] should_fail_ex+0x512/0x640 [ 231.880532][ T8283] ? fs_reclaim_acquire+0xae/0x150 [ 231.880567][ T8283] ? tomoyo_encode2+0x100/0x3e0 [ 231.880595][ T8283] should_failslab+0xc2/0x120 [ 231.880629][ T8283] __kmalloc_noprof+0xd2/0x510 [ 231.880653][ T8283] ? d_absolute_path+0x136/0x1a0 [ 231.880686][ T8283] tomoyo_encode2+0x100/0x3e0 [ 231.880721][ T8283] tomoyo_encode+0x29/0x50 [ 231.880749][ T8283] tomoyo_realpath_from_path+0x18f/0x6e0 [ 231.880790][ T8283] tomoyo_check_open_permission+0x2ab/0x3c0 [ 231.880818][ T8283] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 231.880844][ T8283] ? __lock_acquire+0xaa4/0x1ba0 [ 231.880905][ T8283] ? do_raw_spin_lock+0x12c/0x2b0 [ 231.880946][ T8283] tomoyo_file_open+0x6b/0x90 [ 231.880982][ T8283] security_file_open+0x84/0x1e0 [ 231.881012][ T8283] do_dentry_open+0x596/0x1c10 [ 231.881046][ T8283] vfs_open+0x82/0x3f0 [ 231.881078][ T8283] path_openat+0x1e5e/0x2d40 [ 231.881114][ T8283] ? __pfx_path_openat+0x10/0x10 [ 231.881138][ T8283] ? __lock_acquire+0xaa4/0x1ba0 [ 231.881170][ T8283] do_filp_open+0x20b/0x470 [ 231.881193][ T8283] ? __pfx_do_filp_open+0x10/0x10 [ 231.881240][ T8283] ? _raw_spin_unlock+0x28/0x50 [ 231.881266][ T8283] ? alloc_fd+0x471/0x7d0 [ 231.881308][ T8283] do_sys_openat2+0x11b/0x1d0 [ 231.881337][ T8283] ? __pfx_do_sys_openat2+0x10/0x10 [ 231.881369][ T8283] ? __fget_files+0x20e/0x3c0 [ 231.881409][ T8283] __x64_sys_open+0x153/0x1e0 [ 231.881442][ T8283] ? __pfx___x64_sys_open+0x10/0x10 [ 231.881479][ T8283] ? rcu_is_watching+0x12/0xc0 [ 231.881503][ T8283] do_syscall_64+0xcd/0x230 [ 231.881535][ T8283] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.881558][ T8283] RIP: 0033:0x7fa257b8e969 [ 231.881577][ T8283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 231.881597][ T8283] RSP: 002b:00007fa2559f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 231.881625][ T8283] RAX: ffffffffffffffda RBX: 00007fa257db5fa0 RCX: 00007fa257b8e969 [ 231.881640][ T8283] RDX: 0000000000000007 RSI: 0000000000101800 RDI: 0000200000000000 [ 231.881654][ T8283] RBP: 00007fa2559f6090 R08: 0000000000000000 R09: 0000000000000000 [ 231.881668][ T8283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 231.881681][ T8283] R13: 0000000000000000 R14: 00007fa257db5fa0 R15: 00007ffef6df4d38 [ 231.881713][ T8283] [ 231.882313][ T8283] ERROR: Out of memory at tomoyo_realpath_from_path. [ 232.468288][ T8303] FAULT_INJECTION: forcing a failure. [ 232.468288][ T8303] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 232.488338][ T8303] CPU: 0 UID: 0 PID: 8303 Comm: syz.0.371 Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) [ 232.488368][ T8303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 232.488379][ T8303] Call Trace: [ 232.488386][ T8303] [ 232.488394][ T8303] dump_stack_lvl+0x16c/0x1f0 [ 232.488427][ T8303] should_fail_ex+0x512/0x640 [ 232.488462][ T8303] _copy_from_user+0x2e/0xd0 [ 232.488495][ T8303] input_event_from_user+0xb9/0x290 [ 232.488523][ T8303] ? __pfx_input_event_from_user+0x10/0x10 [ 232.488549][ T8303] ? __pfx___might_resched+0x10/0x10 [ 232.488573][ T8303] ? input_inject_event+0x1a5/0x390 [ 232.488605][ T8303] evdev_write+0x26b/0x440 [ 232.488636][ T8303] ? __pfx_evdev_write+0x10/0x10 [ 232.488666][ T8303] ? bpf_lsm_file_permission+0x9/0x10 [ 232.488696][ T8303] ? security_file_permission+0x71/0x210 [ 232.488725][ T8303] ? rw_verify_area+0xcf/0x680 [ 232.488759][ T8303] vfs_write+0x25c/0x1180 [ 232.488778][ T8303] ? __pfx_evdev_write+0x10/0x10 [ 232.488817][ T8303] ? __pfx_vfs_write+0x10/0x10 [ 232.488836][ T8303] ? find_held_lock+0x2b/0x80 [ 232.488860][ T8303] ? __fget_files+0x204/0x3c0 [ 232.488898][ T8303] ? __fget_files+0x20e/0x3c0 [ 232.488940][ T8303] ksys_write+0x205/0x240 [ 232.488962][ T8303] ? __pfx_ksys_write+0x10/0x10 [ 232.488981][ T8303] ? rcu_is_watching+0x12/0xc0 [ 232.489012][ T8303] do_syscall_64+0xcd/0x230 [ 232.489045][ T8303] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.489068][ T8303] RIP: 0033:0x7fa257b8e969 [ 232.489087][ T8303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 232.489108][ T8303] RSP: 002b:00007fa2559f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 232.489129][ T8303] RAX: ffffffffffffffda RBX: 00007fa257db5fa0 RCX: 00007fa257b8e969 [ 232.489145][ T8303] RDX: 00000000000007fa RSI: 0000200000000000 RDI: 0000000000000003 [ 232.489159][ T8303] RBP: 00007fa2559f6090 R08: 0000000000000000 R09: 0000000000000000 [ 232.489173][ T8303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 232.489187][ T8303] R13: 0000000000000000 R14: 00007fa257db5fa0 R15: 00007ffef6df4d38 [ 232.489218][ T8303] [ 232.801391][ T8311] vcan0: tx drop: invalid da for name 0x000000000000003f [ 232.834917][ T8312] netlink: 16 bytes leftover after parsing attributes in process `syz.1.372'. [ 232.981424][ T8312] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 234.287167][ T8348] openvswitch: netlink: Duplicate or invalid key (type 0). [ 234.755423][ T8364] netlink: 4 bytes leftover after parsing attributes in process `syz.2.384'. [ 235.652194][ T8392] FAULT_INJECTION: forcing a failure. [ 235.652194][ T8392] name failslab, interval 1, probability 0, space 0, times 0 [ 235.665102][ T8392] CPU: 0 UID: 0 PID: 8392 Comm: syz.1.391 Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) [ 235.665136][ T8392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 235.665149][ T8392] Call Trace: [ 235.665157][ T8392] [ 235.665167][ T8392] dump_stack_lvl+0x16c/0x1f0 [ 235.665205][ T8392] should_fail_ex+0x512/0x640 [ 235.665238][ T8392] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 235.665270][ T8392] should_failslab+0xc2/0x120 [ 235.665299][ T8392] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 235.665327][ T8392] ? sock_alloc_inode+0x25/0x1c0 [ 235.665363][ T8392] ? __pfx_sock_alloc_inode+0x10/0x10 [ 235.665390][ T8392] sock_alloc_inode+0x25/0x1c0 [ 235.665422][ T8392] alloc_inode+0x61/0x240 [ 235.665451][ T8392] sock_alloc+0x40/0x280 [ 235.665489][ T8392] __sock_create+0xc1/0x8d0 [ 235.665526][ T8392] __sys_socket+0x14d/0x260 [ 235.665560][ T8392] ? __pfx___sys_socket+0x10/0x10 [ 235.665595][ T8392] ? do_user_addr_fault+0x843/0x1370 [ 235.665626][ T8392] __x64_sys_socket+0x72/0xb0 [ 235.665657][ T8392] ? lockdep_hardirqs_on+0x7c/0x110 [ 235.665687][ T8392] do_syscall_64+0xcd/0x230 [ 235.665722][ T8392] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.665746][ T8392] RIP: 0033:0x7fa8f3390887 [ 235.665765][ T8392] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 235.665787][ T8392] RSP: 002b:00007fa8f42ccfa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 235.665810][ T8392] RAX: ffffffffffffffda RBX: 00007fa8f35b5fa0 RCX: 00007fa8f3390887 [ 235.665826][ T8392] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 235.665841][ T8392] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 235.665857][ T8392] R10: 0000200000000180 R11: 0000000000000286 R12: 0000000000000000 [ 235.665872][ T8392] R13: 0000000000000000 R14: 00007fa8f35b5fa0 R15: 00007ffc9ac41ea8 [ 235.665903][ T8392] [ 235.665914][ T8392] socket: no more sockets [ 236.874209][ T8431] netlink: 346 bytes leftover after parsing attributes in process `syz.3.399'. [ 237.010593][ T8435] WARNING! power/level is deprecated; use power/control instead [ 237.335799][ T8440] vcan0: tx drop: invalid da for name 0x000340000000003f [ 237.472163][ T8446] netlink: del zone limit has 4 unknown bytes [ 237.609204][ T8451] FAULT_INJECTION: forcing a failure. [ 237.609204][ T8451] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 237.654481][ T8451] CPU: 1 UID: 0 PID: 8451 Comm: syz.0.404 Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) [ 237.654514][ T8451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 237.654526][ T8451] Call Trace: [ 237.654534][ T8451] [ 237.654542][ T8451] dump_stack_lvl+0x16c/0x1f0 [ 237.654582][ T8451] should_fail_ex+0x512/0x640 [ 237.654616][ T8451] should_fail_alloc_page+0xe7/0x130 [ 237.654646][ T8451] prepare_alloc_pages+0x3c2/0x610 [ 237.654685][ T8451] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 237.654713][ T8451] ? stack_trace_save+0x8e/0xc0 [ 237.654736][ T8451] ? __pfx_stack_trace_save+0x10/0x10 [ 237.654759][ T8451] ? stack_depot_save_flags+0x28/0xa50 [ 237.654798][ T8451] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 237.654823][ T8451] ? kasan_save_track+0x14/0x30 [ 237.654846][ T8451] ? snd_pcm_attach_substream+0x441/0xd60 [ 237.654869][ T8451] ? snd_pcm_open+0x29e/0x730 [ 237.654898][ T8451] ? snd_pcm_playback_open+0x86/0xe0 [ 237.654917][ T8451] ? snd_open+0x1fe/0x450 [ 237.654940][ T8451] ? chrdev_open+0x231/0x6a0 [ 237.654961][ T8451] ? do_dentry_open+0x741/0x1c10 [ 237.654981][ T8451] ? vfs_open+0x82/0x3f0 [ 237.655006][ T8451] ? path_openat+0x1e5e/0x2d40 [ 237.655039][ T8451] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 237.655071][ T8451] ? policy_nodemask+0xea/0x4e0 [ 237.655101][ T8451] alloc_pages_mpol+0x1fb/0x550 [ 237.655130][ T8451] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 237.655167][ T8451] alloc_pages_noprof+0x131/0x390 [ 237.655195][ T8451] alloc_pages_exact_noprof+0x31/0x90 [ 237.655228][ T8451] snd_pcm_attach_substream+0x468/0xd60 [ 237.655260][ T8451] snd_pcm_open_substream+0x8d/0x17f0 [ 237.655295][ T8451] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 237.655322][ T8451] ? rcu_is_watching+0x12/0xc0 [ 237.655337][ T8451] snd_pcm_open+0x29e/0x730 [ 237.655359][ T8451] ? __pfx_snd_pcm_open+0x10/0x10 [ 237.655381][ T8451] ? __pfx_default_wake_function+0x10/0x10 [ 237.655400][ T8451] ? __pfx_snd_pcm_playback_open+0x10/0x10 [ 237.655420][ T8451] snd_pcm_playback_open+0x86/0xe0 [ 237.655433][ T8451] snd_open+0x1fe/0x450 [ 237.655449][ T8451] ? __pfx_snd_open+0x10/0x10 [ 237.655464][ T8451] chrdev_open+0x231/0x6a0 [ 237.655478][ T8451] ? __pfx_chrdev_open+0x10/0x10 [ 237.655494][ T8451] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 237.655516][ T8451] do_dentry_open+0x741/0x1c10 [ 237.655529][ T8451] ? __pfx_chrdev_open+0x10/0x10 [ 237.655546][ T8451] vfs_open+0x82/0x3f0 [ 237.655564][ T8451] path_openat+0x1e5e/0x2d40 [ 237.655583][ T8451] ? __pfx_path_openat+0x10/0x10 [ 237.655601][ T8451] do_filp_open+0x20b/0x470 [ 237.655613][ T8451] ? __pfx_do_filp_open+0x10/0x10 [ 237.655639][ T8451] ? alloc_fd+0x471/0x7d0 [ 237.655663][ T8451] do_sys_openat2+0x11b/0x1d0 [ 237.655680][ T8451] ? __pfx_do_sys_openat2+0x10/0x10 [ 237.655698][ T8451] ? __fget_files+0x20e/0x3c0 [ 237.655720][ T8451] __x64_sys_openat+0x174/0x210 [ 237.655737][ T8451] ? __pfx___x64_sys_openat+0x10/0x10 [ 237.655753][ T8451] ? ksys_write+0x1b9/0x240 [ 237.655766][ T8451] ? rcu_is_watching+0x12/0xc0 [ 237.655782][ T8451] do_syscall_64+0xcd/0x230 [ 237.655802][ T8451] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.655815][ T8451] RIP: 0033:0x7fa257b8e969 [ 237.655827][ T8451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 237.655839][ T8451] RSP: 002b:00007fa2559f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 237.655851][ T8451] RAX: ffffffffffffffda RBX: 00007fa257db5fa0 RCX: 00007fa257b8e969 [ 237.655860][ T8451] RDX: 000000000016b042 RSI: 0000200000005480 RDI: ffffffffffffff9c [ 237.655868][ T8451] RBP: 00007fa2559f6090 R08: 0000000000000000 R09: 0000000000000000 [ 237.655875][ T8451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 237.655882][ T8451] R13: 0000000000000000 R14: 00007fa257db5fa0 R15: 00007ffef6df4d38 [ 237.655899][ T8451] [ 240.596522][ T8495] ima: policy update failed [ 240.601949][ T30] audit: type=1802 audit(4294967542.109:4): pid=8495 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.416" res=0 errno=0 [ 240.726641][ T8500] Per memcg swappiness does not exist in cgroup v2. See memory.reclaim or memory.swap.max there [ 240.726641][ T8500] [ 241.372522][ T8517] FAULT_INJECTION: forcing a failure. [ 241.372522][ T8517] name failslab, interval 1, probability 0, space 0, times 0 [ 241.460104][ T8517] CPU: 0 UID: 0 PID: 8517 Comm: syz.3.422 Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) [ 241.460137][ T8517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 241.460149][ T8517] Call Trace: [ 241.460156][ T8517] [ 241.460165][ T8517] dump_stack_lvl+0x16c/0x1f0 [ 241.460201][ T8517] should_fail_ex+0x512/0x640 [ 241.460231][ T8517] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 241.460261][ T8517] should_failslab+0xc2/0x120 [ 241.460289][ T8517] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 241.460315][ T8517] ? proc_alloc_inode+0x25/0x200 [ 241.460341][ T8517] ? __pfx_proc_alloc_inode+0x10/0x10 [ 241.460361][ T8517] proc_alloc_inode+0x25/0x200 [ 241.460380][ T8517] alloc_inode+0x61/0x240 [ 241.460406][ T8517] new_inode+0x22/0x1c0 [ 241.460434][ T8517] proc_pid_make_inode+0x22/0x160 [ 241.460469][ T8517] proc_pident_instantiate+0x85/0x320 [ 241.460508][ T8517] proc_pident_lookup+0x21d/0x290 [ 241.460551][ T8517] __lookup_slow+0x24e/0x460 [ 241.460581][ T8517] ? __pfx___lookup_slow+0x10/0x10 [ 241.460629][ T8517] ? lookup_fast+0x156/0x610 [ 241.460664][ T8517] walk_component+0x353/0x5b0 [ 241.460703][ T8517] link_path_walk.part.0.constprop.0+0x685/0xd60 [ 241.460750][ T8517] path_openat+0x227/0x2d40 [ 241.460770][ T8517] ? __x64_sys_openat+0x174/0x210 [ 241.460812][ T8517] ? __pfx_path_openat+0x10/0x10 [ 241.460843][ T8517] do_filp_open+0x20b/0x470 [ 241.460872][ T8517] ? __pfx_do_filp_open+0x10/0x10 [ 241.460907][ T8517] ? __pfx_kfree_link+0x10/0x10 [ 241.460946][ T8517] ? alloc_fd+0x471/0x7d0 [ 241.460988][ T8517] do_sys_openat2+0x11b/0x1d0 [ 241.461017][ T8517] ? __pfx_do_sys_openat2+0x10/0x10 [ 241.461050][ T8517] ? __fget_files+0x20e/0x3c0 [ 241.461089][ T8517] __x64_sys_openat+0x174/0x210 [ 241.461119][ T8517] ? __pfx___x64_sys_openat+0x10/0x10 [ 241.461147][ T8517] ? ksys_write+0x1b9/0x240 [ 241.461169][ T8517] ? rcu_is_watching+0x12/0xc0 [ 241.461201][ T8517] do_syscall_64+0xcd/0x230 [ 241.461235][ T8517] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.461257][ T8517] RIP: 0033:0x7fc789b8e969 [ 241.461276][ T8517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 241.461295][ T8517] RSP: 002b:00007fc78a996038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 241.461317][ T8517] RAX: ffffffffffffffda RBX: 00007fc789db5fa0 RCX: 00007fc789b8e969 [ 241.461332][ T8517] RDX: 000000000004a801 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 241.461347][ T8517] RBP: 00007fc78a996090 R08: 0000000000000000 R09: 0000000000000000 [ 241.461360][ T8517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 241.461373][ T8517] R13: 0000000000000000 R14: 00007fc789db5fa0 R15: 00007fff2e2d1f78 [ 241.461404][ T8517] [ 242.111953][ T8525] kernel read not supported for file /set_event_notrace_pid (pid: 8525 comm: syz.3.426) [ 242.140734][ T30] audit: type=1800 audit(4294967543.639:5): pid=8525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.426" name="set_event_notrace_pid" dev="tracefs" ino=1073 res=0 errno=0 [ 242.720120][ T8541] netlink: 4 bytes leftover after parsing attributes in process `syz.0.432'. [ 245.707886][ T8617] FAULT_INJECTION: forcing a failure. [ 245.707886][ T8617] name failslab, interval 1, probability 0, space 0, times 0 [ 245.753451][ T8617] CPU: 0 UID: 0 PID: 8617 Comm: syz.3.447 Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) [ 245.753483][ T8617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 245.753499][ T8617] Call Trace: [ 245.753506][ T8617] [ 245.753518][ T8617] dump_stack_lvl+0x16c/0x1f0 [ 245.753554][ T8617] should_fail_ex+0x512/0x640 [ 245.753584][ T8617] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 245.753624][ T8617] should_failslab+0xc2/0x120 [ 245.753651][ T8617] __kmalloc_cache_noprof+0x6a/0x3e0 [ 245.753686][ T8617] ? ipv6_add_addr+0x4e3/0x1fe0 [ 245.753715][ T8617] ipv6_add_addr+0x4e3/0x1fe0 [ 245.753740][ T8617] ? __lock_acquire+0xaa4/0x1ba0 [ 245.753774][ T8617] ? __pfx_ipv6_add_addr+0x10/0x10 [ 245.753811][ T8617] ? addrconf_add_linklocal+0x2a5/0x500 [ 245.753835][ T8617] addrconf_add_linklocal+0x2a5/0x500 [ 245.753861][ T8617] ? __pfx_addrconf_add_linklocal+0x10/0x10 [ 245.753884][ T8617] ? lockdep_hardirqs_on+0x7c/0x110 [ 245.753913][ T8617] ? ipv6_generate_stable_address+0x30e/0x710 [ 245.753962][ T8617] addrconf_addr_gen+0x341/0x3c0 [ 245.753988][ T8617] ? __pfx_addrconf_addr_gen+0x10/0x10 [ 245.754024][ T8617] ? addrconf_init_auto_addrs+0x4b9/0x8f0 [ 245.754048][ T8617] addrconf_init_auto_addrs+0x4b9/0x8f0 [ 245.754074][ T8617] addrconf_sysctl_addr_gen_mode+0x810/0xe70 [ 245.754105][ T8617] ? __pfx_addrconf_sysctl_addr_gen_mode+0x10/0x10 [ 245.754142][ T8617] ? __pfx_net_ctl_permissions+0x10/0x10 [ 245.754176][ T8617] ? proc_sys_call_handler+0x2a6/0x5c0 [ 245.754208][ T8617] proc_sys_call_handler+0x3bf/0x5c0 [ 245.754244][ T8617] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 245.754266][ T8617] ? rcu_is_watching+0x12/0xc0 [ 245.754287][ T8617] ? splice_from_pipe_next+0x1f8/0x5d0 [ 245.754325][ T8617] iter_file_splice_write+0x91c/0x1150 [ 245.754378][ T8617] ? __pfx_iter_file_splice_write+0x10/0x10 [ 245.754418][ T8617] ? __pfx_copy_splice_read+0x10/0x10 [ 245.754468][ T8617] ? __pfx_iter_file_splice_write+0x10/0x10 [ 245.754502][ T8617] direct_splice_actor+0x18f/0x6c0 [ 245.754539][ T8617] splice_direct_to_actor+0x342/0xa30 [ 245.754574][ T8617] ? __pfx_direct_splice_actor+0x10/0x10 [ 245.754613][ T8617] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 245.754643][ T8617] ? get_pid_task+0xfc/0x250 [ 245.754682][ T8617] do_splice_direct+0x174/0x240 [ 245.754714][ T8617] ? __pfx_do_splice_direct+0x10/0x10 [ 245.754747][ T8617] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 245.754785][ T8617] ? rw_verify_area+0xcf/0x680 [ 245.754820][ T8617] do_sendfile+0xafd/0xe50 [ 245.754861][ T8617] ? __pfx_do_sendfile+0x10/0x10 [ 245.754894][ T8617] ? __fget_files+0x20e/0x3c0 [ 245.754937][ T8617] __x64_sys_sendfile64+0x1d8/0x220 [ 245.754963][ T8617] ? ksys_write+0x1b9/0x240 [ 245.754983][ T8617] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 245.755009][ T8617] ? rcu_is_watching+0x12/0xc0 [ 245.755040][ T8617] do_syscall_64+0xcd/0x230 [ 245.755073][ T8617] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.755096][ T8617] RIP: 0033:0x7fc789b8e969 [ 245.755115][ T8617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 245.755136][ T8617] RSP: 002b:00007fc78a933038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 245.755158][ T8617] RAX: ffffffffffffffda RBX: 00007fc789db6240 RCX: 00007fc789b8e969 [ 245.755173][ T8617] RDX: 0000000000000000 RSI: 000000000000000a RDI: 000000000000000a [ 245.755186][ T8617] RBP: 00007fc78a933090 R08: 0000000000000000 R09: 0000000000000000 [ 245.755200][ T8617] R10: 000000007fffe000 R11: 0000000000000246 R12: 0000000000000001 [ 245.755215][ T8617] R13: 0000000000000000 R14: 00007fc789db6240 R15: 00007fff2e2d1f78 [ 245.755253][ T8617] [ 245.777248][ C0] vkms_vblank_simulate: vblank timer overrun [ 246.811232][ T8651] FAULT_INJECTION: forcing a failure. [ 246.811232][ T8651] name failslab, interval 1, probability 0, space 0, times 0 [ 246.863917][ T8651] CPU: 1 UID: 0 PID: 8651 Comm: syz.3.453 Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) [ 246.863955][ T8651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 246.863971][ T8651] Call Trace: [ 246.863980][ T8651] [ 246.863989][ T8651] dump_stack_lvl+0x16c/0x1f0 [ 246.864029][ T8651] should_fail_ex+0x512/0x640 [ 246.864062][ T8651] ? fs_reclaim_acquire+0xae/0x150 [ 246.864102][ T8651] should_failslab+0xc2/0x120 [ 246.864132][ T8651] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 246.864160][ T8651] ? security_inode_alloc+0x3b/0x2b0 [ 246.864192][ T8651] security_inode_alloc+0x3b/0x2b0 [ 246.864221][ T8651] inode_init_always_gfp+0xce4/0x1030 [ 246.864266][ T8651] alloc_inode+0x86/0x240 [ 246.864291][ T8651] new_inode+0x22/0x1c0 [ 246.864320][ T8651] hugetlbfs_get_inode+0x354/0x730 [ 246.864364][ T8651] hugetlb_file_setup+0x15b/0x620 [ 246.864400][ T8651] ksys_mmap_pgoff+0x189/0x5c0 [ 246.864435][ T8651] ? rcu_is_watching+0x12/0xc0 [ 246.864462][ T8651] __x64_sys_mmap+0x125/0x190 [ 246.864490][ T8651] do_syscall_64+0xcd/0x230 [ 246.864526][ T8651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.864550][ T8651] RIP: 0033:0x7fc789b8e969 [ 246.864570][ T8651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.864593][ T8651] RSP: 002b:00007fc78a996038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 246.864617][ T8651] RAX: ffffffffffffffda RBX: 00007fc789db5fa0 RCX: 00007fc789b8e969 [ 246.864633][ T8651] RDX: 0000000000000002 RSI: 0000000000a00006 RDI: 0000000000000000 [ 246.864648][ T8651] RBP: 00007fc789c10ab1 R08: 0000000000000602 R09: 0000300000000000 [ 246.864664][ T8651] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 246.864679][ T8651] R13: 0000000000000000 R14: 00007fc789db5fa0 R15: 00007fff2e2d1f78 [ 246.864711][ T8651] [ 248.105570][ T8695] FAULT_INJECTION: forcing a failure. [ 248.105570][ T8695] name failslab, interval 1, probability 0, space 0, times 0 [ 248.180323][ T8695] CPU: 1 UID: 0 PID: 8695 Comm: syz.0.466 Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) [ 248.180360][ T8695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 248.180374][ T8695] Call Trace: [ 248.180382][ T8695] [ 248.180391][ T8695] dump_stack_lvl+0x16c/0x1f0 [ 248.180429][ T8695] should_fail_ex+0x512/0x640 [ 248.180460][ T8695] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 248.180507][ T8695] should_failslab+0xc2/0x120 [ 248.180536][ T8695] __kmalloc_cache_noprof+0x6a/0x3e0 [ 248.180575][ T8695] ? pty_common_install+0x10e/0xb30 [ 248.180603][ T8695] pty_common_install+0x10e/0xb30 [ 248.180626][ T8695] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 248.180664][ T8695] ? __pfx_pty_unix98_install+0x10/0x10 [ 248.180689][ T8695] tty_init_dev.part.0+0x99/0x500 [ 248.180722][ T8695] tty_init_dev+0x60/0x80 [ 248.180758][ T8695] ? __pfx_ptmx_open+0x10/0x10 [ 248.180779][ T8695] ptmx_open+0x10d/0x360 [ 248.180802][ T8695] ? __pfx_ptmx_open+0x10/0x10 [ 248.180824][ T8695] chrdev_open+0x231/0x6a0 [ 248.180849][ T8695] ? __pfx_apparmor_file_open+0x10/0x10 [ 248.180878][ T8695] ? __pfx_chrdev_open+0x10/0x10 [ 248.180906][ T8695] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 248.180951][ T8695] do_dentry_open+0x741/0x1c10 [ 248.180979][ T8695] ? __pfx_chrdev_open+0x10/0x10 [ 248.181013][ T8695] vfs_open+0x82/0x3f0 [ 248.181047][ T8695] path_openat+0x1e5e/0x2d40 [ 248.181082][ T8695] ? __pfx_path_openat+0x10/0x10 [ 248.181113][ T8695] do_filp_open+0x20b/0x470 [ 248.181136][ T8695] ? __pfx_do_filp_open+0x10/0x10 [ 248.181191][ T8695] ? alloc_fd+0x471/0x7d0 [ 248.181238][ T8695] do_sys_openat2+0x11b/0x1d0 [ 248.181269][ T8695] ? __pfx_do_sys_openat2+0x10/0x10 [ 248.181314][ T8695] __x64_sys_openat+0x174/0x210 [ 248.181345][ T8695] ? __pfx___x64_sys_openat+0x10/0x10 [ 248.181377][ T8695] ? rcu_is_watching+0x12/0xc0 [ 248.181411][ T8695] do_syscall_64+0xcd/0x230 [ 248.181446][ T8695] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.181469][ T8695] RIP: 0033:0x7fa257b8e969 [ 248.181489][ T8695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.181512][ T8695] RSP: 002b:00007fa2559f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 248.181536][ T8695] RAX: ffffffffffffffda RBX: 00007fa257db5fa0 RCX: 00007fa257b8e969 [ 248.181553][ T8695] RDX: 0000000000002200 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 248.181568][ T8695] RBP: 00007fa257c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 248.181583][ T8695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 248.181598][ T8695] R13: 0000000000000000 R14: 00007fa257db5fa0 R15: 00007ffef6df4d38 [ 248.181632][ T8695] [ 248.865612][ T8695] ================================================================== [ 248.873718][ T8695] BUG: KASAN: slab-use-after-free in force_devcd_write+0x312/0x340 [ 248.881649][ T8695] Read of size 8 at addr ffff8880434ef800 by task syz.0.466/8695 [ 248.889385][ T8695] [ 248.891722][ T8695] CPU: 0 UID: 0 PID: 8695 Comm: syz.0.466 Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) [ 248.891756][ T8695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 248.891771][ T8695] Call Trace: [ 248.891779][ T8695] [ 248.891789][ T8695] dump_stack_lvl+0x116/0x1f0 [ 248.891825][ T8695] print_report+0xc3/0x670 [ 248.891853][ T8695] ? __virt_addr_valid+0x5e/0x590 [ 248.891883][ T8695] ? __phys_addr+0xc6/0x150 [ 248.891913][ T8695] ? force_devcd_write+0x312/0x340 [ 248.891942][ T8695] kasan_report+0xe0/0x110 [ 248.891970][ T8695] ? force_devcd_write+0x312/0x340 [ 248.892006][ T8695] force_devcd_write+0x312/0x340 [ 248.892036][ T8695] ? __pfx_force_devcd_write+0x10/0x10 [ 248.892067][ T8695] ? __debugfs_file_get+0x1fe/0x840 [ 248.892093][ T8695] ? __pfx___debugfs_file_get+0x10/0x10 [ 248.892130][ T8695] full_proxy_write+0x13c/0x200 [ 248.892158][ T8695] vfs_write+0x25c/0x1180 [ 248.892181][ T8695] ? __pfx_full_proxy_write+0x10/0x10 [ 248.892209][ T8695] ? __pfx___mutex_lock+0x10/0x10 [ 248.892242][ T8695] ? __pfx_vfs_write+0x10/0x10 [ 248.892269][ T8695] ? __fget_files+0x20e/0x3c0 [ 248.892311][ T8695] ksys_write+0x12a/0x240 [ 248.892333][ T8695] ? __pfx_ksys_write+0x10/0x10 [ 248.892354][ T8695] ? rcu_is_watching+0x12/0xc0 [ 248.892381][ T8695] do_syscall_64+0xcd/0x230 [ 248.892414][ T8695] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.892438][ T8695] RIP: 0033:0x7fa257b8e969 [ 248.892459][ T8695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.892482][ T8695] RSP: 002b:00007fa2559f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 248.892504][ T8695] RAX: ffffffffffffffda RBX: 00007fa257db5fa0 RCX: 00007fa257b8e969 [ 248.892521][ T8695] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000005 [ 248.892536][ T8695] RBP: 00007fa257c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 248.892551][ T8695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 248.892566][ T8695] R13: 0000000000000000 R14: 00007fa257db5fa0 R15: 00007ffef6df4d38 [ 248.892588][ T8695] [ 248.892596][ T8695] [ 249.105769][ T8695] Allocated by task 2915: [ 249.110095][ T8695] kasan_save_stack+0x33/0x60 [ 249.114775][ T8695] kasan_save_track+0x14/0x30 [ 249.119449][ T8695] __kasan_kmalloc+0xaa/0xb0 [ 249.124033][ T8695] __kmalloc_noprof+0x223/0x510 [ 249.128881][ T8695] ieee802_11_parse_elems_full+0x1d7/0x3780 [ 249.134775][ T8695] ieee80211_inform_bss+0x10b/0x1140 [ 249.140059][ T8695] cfg80211_inform_single_bss_data+0x8e7/0x1df0 [ 249.146309][ T8695] cfg80211_inform_bss_data+0x224/0x3bc0 [ 249.151948][ T8695] cfg80211_inform_bss_frame_data+0x26e/0x7a0 [ 249.158022][ T8695] ieee80211_bss_info_update+0x310/0xab0 [ 249.163657][ T8695] ieee80211_ibss_rx_queued_mgmt+0x1905/0x2fd0 [ 249.169813][ T8695] ieee80211_iface_work+0xbf4/0x1020 [ 249.175100][ T8695] cfg80211_wiphy_work+0x3dc/0x550 [ 249.180206][ T8695] process_one_work+0x9cc/0x1b70 [ 249.185159][ T8695] worker_thread+0x6c8/0xf10 [ 249.189849][ T8695] kthread+0x3c2/0x780 [ 249.193921][ T8695] ret_from_fork+0x45/0x80 [ 249.198346][ T8695] ret_from_fork_asm+0x1a/0x30 [ 249.203117][ T8695] [ 249.205437][ T8695] Freed by task 2915: [ 249.209406][ T8695] kasan_save_stack+0x33/0x60 [ 249.214095][ T8695] kasan_save_track+0x14/0x30 [ 249.218780][ T8695] kasan_save_free_info+0x3b/0x60 [ 249.223812][ T8695] __kasan_slab_free+0x51/0x70 [ 249.228577][ T8695] kfree+0x2b6/0x4d0 [ 249.232467][ T8695] ieee80211_inform_bss+0x77c/0x1140 [ 249.237755][ T8695] cfg80211_inform_single_bss_data+0x8e7/0x1df0 [ 249.244002][ T8695] cfg80211_inform_bss_data+0x224/0x3bc0 [ 249.249643][ T8695] cfg80211_inform_bss_frame_data+0x26e/0x7a0 [ 249.255821][ T8695] ieee80211_bss_info_update+0x310/0xab0 [ 249.261455][ T8695] ieee80211_ibss_rx_queued_mgmt+0x1905/0x2fd0 [ 249.267608][ T8695] ieee80211_iface_work+0xbf4/0x1020 [ 249.272893][ T8695] cfg80211_wiphy_work+0x3dc/0x550 [ 249.277998][ T8695] process_one_work+0x9cc/0x1b70 [ 249.282938][ T8695] worker_thread+0x6c8/0xf10 [ 249.287524][ T8695] kthread+0x3c2/0x780 [ 249.291590][ T8695] ret_from_fork+0x45/0x80 [ 249.296006][ T8695] ret_from_fork_asm+0x1a/0x30 [ 249.300769][ T8695] [ 249.303086][ T8695] The buggy address belongs to the object at ffff8880434ef800 [ 249.303086][ T8695] which belongs to the cache kmalloc-1k of size 1024 [ 249.317134][ T8695] The buggy address is located 0 bytes inside of [ 249.317134][ T8695] freed 1024-byte region [ffff8880434ef800, ffff8880434efc00) [ 249.330841][ T8695] [ 249.333164][ T8695] The buggy address belongs to the physical page: [ 249.339572][ T8695] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x434e8 [ 249.348327][ T8695] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 249.356816][ T8695] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 249.364352][ T8695] page_type: f5(slab) [ 249.368337][ T8695] raw: 00fff00000000040 ffff88801b441dc0 dead000000000100 dead000000000122 [ 249.376917][ T8695] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 249.385495][ T8695] head: 00fff00000000040 ffff88801b441dc0 dead000000000100 dead000000000122 [ 249.394167][ T8695] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 249.402833][ T8695] head: 00fff00000000003 ffffea00010d3a01 00000000ffffffff 00000000ffffffff [ 249.411509][ T8695] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 249.420171][ T8695] page dumped because: kasan: bad access detected [ 249.426572][ T8695] page_owner tracks the page as allocated [ 249.432276][ T8695] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5490, tgid 5490 (S40network), ts 49202957058, free_ts 49202575664 [ 249.453468][ T8695] post_alloc_hook+0x181/0x1b0 [ 249.458259][ T8695] get_page_from_freelist+0x135c/0x3920 [ 249.463804][ T8695] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 249.469696][ T8695] alloc_pages_mpol+0x1fb/0x550 [ 249.474550][ T8695] new_slab+0x244/0x340 [ 249.478716][ T8695] ___slab_alloc+0xd9c/0x1940 [ 249.483391][ T8695] __slab_alloc.constprop.0+0x56/0xb0 [ 249.488764][ T8695] __kmalloc_noprof+0x2f2/0x510 [ 249.493614][ T8695] load_elf_phdrs+0x102/0x210 [ 249.498293][ T8695] load_elf_binary+0x14b3/0x4f80 [ 249.503245][ T8695] bprm_execve+0x8c0/0x1650 [ 249.507759][ T8695] do_execveat_common.isra.0+0x4a5/0x610 [ 249.513401][ T8695] __x64_sys_execve+0x8e/0xb0 [ 249.518086][ T8695] do_syscall_64+0xcd/0x230 [ 249.522594][ T8695] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.528488][ T8695] page last free pid 5490 tgid 5490 stack trace: [ 249.534853][ T8695] __free_frozen_pages+0x69d/0xff0 [ 249.539990][ T8695] __put_partials+0x16d/0x1c0 [ 249.544662][ T8695] qlist_free_all+0x4e/0x120 [ 249.549246][ T8695] kasan_quarantine_reduce+0x195/0x1e0 [ 249.554707][ T8695] __kasan_slab_alloc+0x69/0x90 [ 249.559730][ T8695] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 249.565188][ T8695] ima_inode_get+0x120/0x580 [ 249.569793][ T8695] process_measurement+0x18a7/0x23e0 [ 249.575093][ T8695] ima_bprm_check+0xe7/0x210 [ 249.579685][ T8695] security_bprm_check+0xa5/0x1e0 [ 249.584706][ T8695] bprm_execve+0x810/0x1650 [ 249.589217][ T8695] do_execveat_common.isra.0+0x4a5/0x610 [ 249.594853][ T8695] __x64_sys_execve+0x8e/0xb0 [ 249.599533][ T8695] do_syscall_64+0xcd/0x230 [ 249.604046][ T8695] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.609940][ T8695] [ 249.612250][ T8695] Memory state around the buggy address: [ 249.617869][ T8695] ffff8880434ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 249.625923][ T8695] ffff8880434ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 249.633977][ T8695] >ffff8880434ef800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 249.642050][ T8695] ^ [ 249.646110][ T8695] ffff8880434ef880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 249.654165][ T8695] ffff8880434ef900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 249.662216][ T8695] ================================================================== [ 249.670363][ C0] vkms_vblank_simulate: vblank timer overrun [ 249.751028][ T8695] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 249.758280][ T8695] CPU: 0 UID: 0 PID: 8695 Comm: syz.0.466 Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) [ 249.770197][ T8695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 249.780359][ T8695] Call Trace: [ 249.783634][ T8695] [ 249.786567][ T8695] dump_stack_lvl+0x3d/0x1f0 [ 249.791196][ T8695] panic+0x71c/0x800 [ 249.795096][ T8695] ? __pfx_panic+0x10/0x10 [ 249.799516][ T8695] ? mark_held_locks+0x49/0x80 [ 249.804287][ T8695] ? preempt_schedule_thunk+0x16/0x30 [ 249.809684][ T8695] ? force_devcd_write+0x312/0x340 [ 249.814800][ T8695] ? preempt_schedule_common+0x44/0xc0 [ 249.820270][ T8695] ? force_devcd_write+0x312/0x340 [ 249.825394][ T8695] check_panic_on_warn+0xab/0xb0 [ 249.830349][ T8695] end_report+0x107/0x170 [ 249.834697][ T8695] kasan_report+0xee/0x110 [ 249.839119][ T8695] ? force_devcd_write+0x312/0x340 [ 249.844241][ T8695] force_devcd_write+0x312/0x340 [ 249.849191][ T8695] ? __pfx_force_devcd_write+0x10/0x10 [ 249.854666][ T8695] ? __debugfs_file_get+0x1fe/0x840 [ 249.859861][ T8695] ? __pfx___debugfs_file_get+0x10/0x10 [ 249.865409][ T8695] full_proxy_write+0x13c/0x200 [ 249.870259][ T8695] vfs_write+0x25c/0x1180 [ 249.874590][ T8695] ? __pfx_full_proxy_write+0x10/0x10 [ 249.879959][ T8695] ? __pfx___mutex_lock+0x10/0x10 [ 249.884988][ T8695] ? __pfx_vfs_write+0x10/0x10 [ 249.889752][ T8695] ? __fget_files+0x20e/0x3c0 [ 249.894443][ T8695] ksys_write+0x12a/0x240 [ 249.898769][ T8695] ? __pfx_ksys_write+0x10/0x10 [ 249.903618][ T8695] ? rcu_is_watching+0x12/0xc0 [ 249.908382][ T8695] do_syscall_64+0xcd/0x230 [ 249.912889][ T8695] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.918781][ T8695] RIP: 0033:0x7fa257b8e969 [ 249.923197][ T8695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 249.942804][ T8695] RSP: 002b:00007fa2559f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 249.951228][ T8695] RAX: ffffffffffffffda RBX: 00007fa257db5fa0 RCX: 00007fa257b8e969 [ 249.959196][ T8695] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000005 [ 249.967172][ T8695] RBP: 00007fa257c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 249.975140][ T8695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 249.983108][ T8695] R13: 0000000000000000 R14: 00007fa257db5fa0 R15: 00007ffef6df4d38 [ 249.991086][ T8695] [ 249.994333][ T8695] Kernel Offset: disabled [ 249.998645][ T8695] Rebooting in 86400 seconds..