last executing test programs: 9.966218409s ago: executing program 2 (id=2621): openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) wait4$auto(0x0, 0x0, 0x2, 0x0) (async) sysfs$auto(0x2, 0x10000000000002a, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x2, 0x80002, 0x6f) (async) r0 = openat$auto_hpet_fops_hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x4c4000, 0x0) setsockopt$auto_SO_BUSY_POLL(r0, 0x2, 0x2e, &(0x7f0000000080)='\xc1\x00', 0x7) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop7/trace/act_mask\x00', 0x402, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x48041, 0x0) (async) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) (async) write$auto(0x3, 0x0, 0xfdef) 9.836970263s ago: executing program 2 (id=2625): keyctl$auto_KEYCTL_ASSUME_AUTHORITY(0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0) setresuid$auto(0x909b, 0x1, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r0 = socket(0x28, 0x5, 0x0) bind$auto(r0, &(0x7f0000000080)=@in={0x28}, 0x68) migrate_pages$auto(0x0, 0x8, 0x0, 0x0) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) capget$auto(0x0, 0xfffffffffffffffe) migrate_pages$auto(0xffffffffffffffff, 0x9, 0x0, 0x0) kcmp$auto(0x1, 0xffffffffffffffff, 0xfffffffd, 0x100000004, 0x100000001) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/snd_dummy.0/sound/card0/audio/uevent\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xc01) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f000000a500), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_REQ_SET_REG(r1, &(0x7f000000a5c0)={0x0, 0x0, &(0x7f000000a580)={&(0x7f0000000000)={0x1c, r2, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x117, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008040}, 0x20008000) memfd_create$auto(&(0x7f0000000040)='\xca)(/(U,{\x00', 0x80) openat$auto_wakeup_sources_stats_fops_wakeup(0xffffffffffffff9c, &(0x7f0000000180), 0x4000, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/ksm_stat\x00', 0x2, 0x0) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r3, 0xc0045006, 0x0) 9.800842237s ago: executing program 2 (id=2629): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) r0 = socket(0x2, 0x3, 0xe2) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYRES64=r0, @ANYRES64=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x48814}, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r1 = io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x11, 0xa, 0x9) r2 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@nl=@unspec, 0x6a) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x5, 0x0, 0x3, 0x9}, 0x800009}, 0xfffffffe, 0x20000000) io_uring_register$auto(0x2, 0x2, 0x0, 0x3) r3 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) ioctl$auto_UI_SET_KEYBIT(r3, 0x40045565, 0x0) ioctl$auto_BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x800, 0x106) socket(0x1e, 0x1, 0x4) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x5309, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xd, 0x1, 0x9, 0x2fb, 0x15f4da2a, 0x800000003, 0x3, 0xe, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) inotify_init1$auto(0x3000000000000) r5 = io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, r5, 0x5) ioctl$auto_VHOST_SET_VRING_ERR(r5, 0x4008af22, &(0x7f0000000080)={0x9, r1}) 9.736165942s ago: executing program 2 (id=2631): r0 = socket(0xa, 0x5, 0x84) bpf$auto(0xfffffffd, &(0x7f0000000000)=@bpf_attr_5={@target_fd, 0xffffffffffffffff, 0x6, 0x4, 0xffffffffffffffff, @relative_fd=r0, 0x9}, 0xa3) sendto$auto(r0, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000a80500"}, 0x1c) 9.630736564s ago: executing program 2 (id=2634): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2c, 0x3, 0x0) openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x48501, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) sync_file_range$auto(0x3fe0000000000, 0x7, 0x0, 0x0) io_uring_setup$auto(0x1, 0x0) r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x2, 0x0) pipe$auto(0x0) ioctl$auto_I2C_SMBUS(r0, 0x720, 0x0) 9.628642868s ago: executing program 2 (id=2636): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000000)={'ip6_vti0\x00'}) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) open(0x0, 0x22240, 0x154) connect$auto(0x3, 0x0, 0x55) mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0x2, 0x8000) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0) pread64$auto(r1, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00'/232, 0x3ef, 0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) ioctl$auto_UDMABUF_CREATE_LIST(0xffffffffffffffff, 0x40087543, &(0x7f0000000100)={0x5eea, 0x7, [{r2, 0x0, 0x4, 0x6}]}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) mprotect$auto(0x0, 0x806121, 0x6) mremap$auto(0x0, 0xffffffffffffffff, 0x3fd6, 0x3, 0x7fffffffb000) prctl$auto(0x23, 0x20000000000000b, 0x7fffffffefff, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c007f802c005097db96d3a5f5aae5705dcd4f25622317fe37697d76349507d2e66737e5157360b1b86ed82d7ca68780ce56", @ANYRES16=0x0, @ANYBLOB="01002cbd7000fedbdf250400000004001d0004000e00"], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r4 = socket(0xa, 0x801, 0x84) clock_nanosleep$auto(0x5, 0x1ff, &(0x7f0000000000)={0x7, 0x8}, &(0x7f0000000040)={0x7, 0x7}) getsockopt$auto(r4, 0x84, 0x6f, 0x0, 0x0) syz_genetlink_get_family_id$auto_ioam6(0x0, 0xffffffffffffffff) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) 6.679969478s ago: executing program 3 (id=2704): close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 64) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) (async) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x40}, 0x6a) r0 = socket(0xa, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000180)={{&(0x7f0000000040), 0xb8, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x9}, 0x1, 0x8008) (async, rerun: 64) getsockopt$auto(0x3, 0x200000000001, 0x11, 0x0, 0x0) (async, rerun: 64) r1 = io_uring_setup$auto(0x6, 0x0) (async, rerun: 32) close_range$auto(0x2, 0x8, 0x0) (rerun: 32) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/advisor_mode\x00', 0xa0340, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000001140)=""/4093, 0xffd) (async) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) socket(0x28, 0x801, 0x0) (rerun: 32) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async, rerun: 64) r3 = socket(0x2, 0x5, 0x0) (rerun: 64) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) close_range$auto(r1, 0x8, 0x20) (async) socket(0x2, 0x80002, 0x73) (async) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x6a) (async) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) (async, rerun: 64) shutdown$auto(0x200000003, 0x2) (rerun: 64) r4 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0xc0000, 0x0) ioctl$auto_RNDADDTOENTCNT2(r4, 0x40045201, &(0x7f00000002c0)=0xfffffffa) (async) setsockopt$auto(0x3, 0x10000000084, 0xd, 0x0, 0x4) (async, rerun: 32) creat$auto(&(0x7f0000000100)='./file0\x00', 0xc24) (rerun: 32) 6.150966848s ago: executing program 3 (id=2710): r0 = socket(0x28, 0x5, 0x0) bind$auto(r0, 0x0, 0x68) mlockall$auto(0x7) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0x3, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x4368e, 0x2, {0x100000000, 0x10004}, 0x4000000005, 0x6, 0xfffffffffffffffa, 0xffff8001, 0x0, 0x9, 0x1, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x2000c041) ioprio_set$auto(0x6, 0x0, 0x8) recvfrom$auto(r0, 0x0, 0xa, 0x6, 0x0, 0xfffffffffffffffd) r2 = fcntl$auto(0xffffffffffffffff, 0x401, 0x5) unshare$auto(0x40000080) r3 = socket(0xa, 0x3, 0x3a) epoll_wait$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x6) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), r3) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x567) r4 = openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_marker\x00', 0x201, 0x0) writev$auto(r4, &(0x7f0000001040)={0x0, 0x7fff}, 0x9) mmap$auto(0x0, 0x9, 0x3, 0x800019b72, 0x9, 0x8000000000008000) capget$auto(0x0, 0xfffffffffffffffe) setreuid$auto(0x0, 0x20000000004) capset$auto(0x0, 0x0) openat$auto_iommufd_fops_main(0xffffffffffffff9c, 0x0, 0x80601, 0x0) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r2) sendmsg$auto_NL80211_CMD_CONNECT(r2, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="000428bd7000ffdbdf252e0000000600f7000106000008000100020000001500fc003294f444faed5f4dbab3c82f5d5d32457500000014000400726f7365"], 0x58}, 0x1, 0x0, 0x0, 0x8000}, 0xc010) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, 0x0, 0x400c804) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x1c1041, 0x0) openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f00000002c0), 0x24c100, 0x0) 3.044866135s ago: executing program 3 (id=2731): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) r1 = socket(0xf, 0x3, 0x2) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x2b, 0x3, 0xffffffffffffffff, 0x1001, 0x2006) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x20000a, 0x0, 0x0, &(0x7f0000000080)={[0x8, 0x7, 0xd, 0x1, 0x948b, 0x0, 0x1, 0x3, 0x3, 0x62, 0x6, 0x7, 0x6d41, 0xd, 0x2]}, 0x0) bind$auto(r1, 0x0, 0x4) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r0, 0x0, 0x4000084) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/fs/cifs/smbd_send_credit_target\x00', 0x40, 0x0) lseek$auto(0x3, 0x20000, 0x5) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x40141, 0x0) r4 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000280), 0xc0000, 0x0) ioctl$auto_RNDADDTOENTCNT2(r4, 0x40045201, &(0x7f00000002c0)=0xfffffffa) write$auto_proc_sys_file_operations_proc_sysctl(r3, 0x0, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) r5 = socket(0xa, 0x801, 0x106) getsockopt$auto(r5, 0x6, 0x19, 0x0, &(0x7f0000000700)=0xfffffffd) r6 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x200, 0x1001, 0x0, 0xf, r6, 0x1400000, 0x5}, 0x6f4) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) write$auto(0x1, 0x0, 0x80000000) r7 = socket(0x22, 0x2, 0x2) ioctl$sock_SIOCGIFINDEX(r7, 0x80044944, 0x0) getpid() 1.352438412s ago: executing program 3 (id=2756): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x5c, r1, 0x1, 0x70bd2d, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x10}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x211e789c}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @ipv4={'\x00', '\xff\xff', @empty=0x1000000}}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @local}}]}, 0x5c}, 0x1, 0x600, 0x0, 0x40000}, 0x400c004) 1.094882421s ago: executing program 3 (id=2760): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) ioctl$auto(0x3, 0x80045530, 0x38) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x4, 0x2020009, 0xfffffffffffffdc3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:04.0/class\x00', 0x800, 0x0) mkdir$auto(&(0x7f0000000080)='}[,&*}\x00', 0x9001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f00000002c0)='nfsd\x00\xd7{\xba|\b\x1b\xd3\xd0\xec6\xee\x04b\xb7\xa1\a\xb8{\'\x8a\xc4//\x8d\xae\x02\x9c', 0x2, 0x0) msgctl$auto(0x26, 0x400, 0x0) rseq$auto(0x0, 0xfffffff4, 0x0, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) sendmsg$auto_NFSD_CMD_LISTENER_SET(0xffffffffffffffff, &(0x7f0000001700)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x10) write$auto_console_fops_tty_io(0xffffffffffffffff, &(0x7f0000000040)="0152f1ccbaf0a250747d8adb", 0xc) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(0x1, 0x1, 0x46, &(0x7f0000000000)='\x00', 0xbb) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) ioctl$auto_NVRAM_INIT(0xffffffffffffffff, 0x7040, 0x0) socket(0x21, 0x2, 0xa) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r1, 0x5608, r2) bpf$auto(0x5, &(0x7f0000000300)=@bpf_attr_3={0x6, 0x4, 0x10, 0x61, 0x400, 0x0, 0x1, 0x80f0c8, 0x20, "38c1d5cbcb9f6b5e511f0cd8ed068f65", 0x0, 0x113e33f2, 0xffffffffffffffff, 0xe4, 0x6, 0x5, 0x3ad, 0x3, 0x0, 0x3, @attach_prog_fd, 0x6, 0xffff, 0x800, 0x81, 0xd}, 0x4a) 658.676823ms ago: executing program 1 (id=2770): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(0xffffffffffffffff, 0x0, 0x20000001) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008000) prctl$auto(0x3e, 0x1, 0x0, 0x3, 0x0) futex_requeue$auto(&(0x7f0000000080)={0x4, 0x800000008000000, 0x6}, 0x5, 0x6, 0x5) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/swaps\x00', 0x0, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x169000, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/net/ip_vs_conn\x00', 0xf00, 0x0) pread64$auto(r0, 0x0, 0x594c, 0x7) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x3, 0x3, 0x2000000000000064, 0x1008000001f, 0x3, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) ioctl$auto(0xffffffffffffffff, 0x5522, 0xf15) r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000040)={0x0, 0x1ff, 0x8}) ioctl$auto_MON_IOCX_MFETCH(r1, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(r1, 0xc0109207, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x2, 0x0) 658.469159ms ago: executing program 0 (id=2771): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) epoll_pwait2$auto(0xffffffffffffffff, 0x0, 0xeda, 0x0, &(0x7f0000000200), 0x8) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) capset$auto(0x0, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x403c6f2b, 0x0) ioctl$auto(0x3, 0x6f2d, 0x10000000000402) select$auto(0x0, &(0x7f0000000040)={[0x9, 0x4, 0x34, 0x9, 0x1, 0x1, 0xa, 0x6, 0x5, 0x1, 0x0, 0xcf, 0x5, 0x213, 0x5, 0xb98]}, 0x0, 0x0, 0x0) sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYRES16, @ANYBLOB="010025bd7000fcdbdf25020000002c00018028003c80"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x57, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r1, 0x4b67, 0x1) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) read$auto(r2, 0x0, 0x1ff) write$auto(0x3, 0x0, 0xfdef) unshare$auto(0x40000080) write$auto(0xca, &(0x7f0000000400)='\x04>\x00\x1d\xa4\xd2\xc3\xec&9\v\xbc\xdein\xe1G8\x02\x18\x00\x00\xd3b\x01\xbd\x9b@\xb0\x00\x00\x00\x84\xa2\\\x15\xc4>\xa9\x82,\x95\xeeH\xf8}v\xb3\xcb(\xa90Abe\xc3\x8c\xcc\xe7\xb8\x00F\x89#\xb4\xf0F\xa1GH\xb5\x8f\x9dZ~\xea\xa3\x93\xc2\x04\xe1;b\x99\x97}Z\x7f\x0f\x90\xce\x85-e\xb6n\xbc\xc6=\xf8\xce\xe7\x1e]\x85|\xce\xd7L\x9b\xd3lb\xc5\xee\xdb\xcb\xbb\xd8\xd9\xd3\xf8 \xe9e\xe5\x80\x1c7B+]\\!\xcej}H\x03x\x83Z\x98\xb8\t\xde\xd4\xf5\xf32\xccR\xaa\xdd\x16\xab\xd8\x1d\"\xc7\xa5\xe1k\x1d\xd9k\xc6\xb2\xa7\x97\x9a\xf6\xfe\xef\x1a\xbd\xcb\xb8*\x8b9\x00R\xe9)?Em\xb2\xac\xd1\xf6\xff\xc1\xc7\xbdl\xa2+tI\xa3\xa8\xabVe\x87\xa9\xae9\x82\xd2.SCt\xcc\x8c7\x7f\xdc\xc3\xfb\x94\xfc\xdfc+\x04\xfb\xf5$\xecO1@\x99l;\xd3X\xd5\"\xec\x17hR\xc5\x99\x8b\x9f\xf3\xf48%\xfa\xf2\x1d\xc5\x10T\x83p0\xd7]\x83{\x81\xdei\xd2\xfc\xfd=3K\xc3\xfe\x12\x98\x8b\xbe\xd1+\xc4r\x7f\x8f5\xcc\xa6\xd8>k\xcc\xee\xe0\x9bW\x0e\xc63\x84^\xde`\xd2\xe8\xfc\x02\xef\xa4\xdc\xd0A\xd5`?9D\x1c\x1b\x1b\xd5\xcb\xfb\x03I\xc9\x97\xac#\x0ee\xc8ltL\x88\x17m~aA%\xd3\xaf\xaa6hf\x9b\x83\x02A\xb0\xf6\x14\xb3\x18B\xfd\x9ai\xf8j \a\x1es\xa3U\x98sqq,\xd2A4?l\xa2\x9c\xc9\x9fa\xe8\x99qw\xf3\x18\x12R+(%x\xb6\xf8\x92\xa5\xe4\xdd\xe9\xf2\x0e\xc8', 0x100) r3 = socket(0x11, 0x1, 0x87) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000100), r3) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r5 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r4, 0x541c, r5) setsockopt$auto_SO_TIMESTAMPNS_OLD(0xffffffffffffffff, 0x9, 0x23, &(0x7f0000000140)='/dev/tty12\x00', 0x7) 607.342537ms ago: executing program 0 (id=2772): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000680)='/sys/devices/system/node/node1/hugepages/hugepages-1048576kB/demote_size\x00', 0x8000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000700)=""/228, 0xe4) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022abd7000dddbdf25020001000800030000000000080015"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/mm/hugepages/hugepages-1048576kB/demote_size\x00', 0x102, 0x0) sendfile$auto(r1, r1, 0x0, 0x7) (async) socket(0x10, 0x2, 0x0) (async) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async) openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x90201, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop8\x00', 0x303e82, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) (async) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) (async) close_range$auto(0x2, 0x8, 0x0) (async) mmap$auto(0x0, 0x6, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x8000, 0x0) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto(r4, 0xc0045520, r3) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) (async) write$auto(0x3, 0x0, 0x100082) ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0) (async) get_robust_list$auto(0x0, 0x0, 0x0) (async) signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000040), 0x2003, 0x0) (async) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x8440, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) 547.427158ms ago: executing program 1 (id=2773): rmdir$auto(&(0x7f0000000080)='.\x00') openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mdstat\x00', 0x48041, 0x0) r0 = openat$auto_kernel_debug_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f0000000640), 0x201, 0x0) write$auto_kernel_debug_fops_orangefs_debugfs(r0, &(0x7f0000000680)='/', 0x1) write$auto(r0, 0x0, 0x7) 430.519527ms ago: executing program 0 (id=2774): statmount$auto(0x0, &(0x7f0000000080)={0xd24c, 0x7, 0x1ff, 0x7, 0x5180, 0x4909b6f8, 0x1ffdf, 0xa, 0x8, 0x7, 0xa121, 0x3, 0x0, 0x2000000000271, 0x1000b4, 0xa, 0x6, 0x10001, 0x2, 0x100000000, 0xf, 0x7, 0x2100, 0x200, 0x0, 0x8, [0x4000000000, 0x0, 0x0, 0x50100000000000, 0x9, 0x4000002000, 0x0, 0x80000000000006, 0x70624ce7, 0xff, 0x6, 0xaf1, 0x4000000000000, 0x80000, 0x5, 0x7fe, 0xffffffffffffbfff, 0xfffffffffffffffd, 0xfffffffffffffffe, 0x1000, 0xffffffffffffffff, 0x800000000000007, 0x4, 0x2000000000000000, 0x0, 0x0, 0x600000000005b8, 0xe, 0x0, 0x0, 0x0, 0x6, 0xfffffffffffffffc, 0x88e, 0x8000000000008, 0x1, 0xd, 0xa38, 0xa68, 0x3, 0xfffffffffffffffd, 0x8, 0x404000000000, 0x4afb, 0x1]}, 0x1ff, 0xd) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x20081, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000002500), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/dummy_hcd.3/usb4/4-0:1.0/ep_81/uevent\x00', 0x22100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/247, 0xf7) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="000000000000000000000040000000000000348e4326b03cd25d257b7c9e697658920e77a6b84703c2e3c37b181a794da3be422e76aa8e73f52f671c28ae36d82e0e3d3bc3b583a79e71ad2d28df522e35b890ac1aaa3496fb4a43aad267e69cc5d8f7e9ba87067b82e059a143b30dfa8ce96f3577cda33f13caea86335b5282c8c223fed7e6ff9b01d1ce0e4ffc8e55b2184b3611b269de18", @ANYRES32=0x4, @ANYBLOB="080001004866520008000200", @ANYRES32=0x9, @ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80) r4 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) r5 = semctl$auto_IPC_INFO(0x576d, 0x3, 0x3, 0xfffffffffffffffe) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/hugepages-64kB/stats/nr_anon\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000540)=""/4066, 0xfe2) sendmsg$auto_OVS_DP_CMD_SET(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="00032bbd7000fbdbdf25040000000a0001002cb02d5e7d000000080007000000000008000200", @ANYRES32=r5, @ANYBLOB="4ea35a8fbbb3ce6e6dcbf9612b5e3ddc66f847d5958b4790004545b00ca9bffc24c68612fc11fa0b2c4c128b57082febe2444e073bf1d0ca89120400000099426388efedbd357e6c1e245cf5d97f210c351ed22ab268cf178fe43d3d41338c345afecf2204114769e45e8bf409875134536f5d3280c4efa15731ae"], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x24000895) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_DEL(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) mmap$auto(0x0, 0x49d7, 0x4000000000df, 0x13, 0x401, 0x10000) r8 = socket(0x10, 0x2, 0x0) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0xe094}, 0x800) sendmmsg$auto(r8, 0x0, 0x3, 0x0) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0x10000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) bpf$auto(0x0, &(0x7f0000000080)=@enable_stats={0xb}, 0x2) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) r9 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000500)={'gretap0\x00'}) socket$nl_generic(0x10, 0x3, 0x10) 414.65875ms ago: executing program 1 (id=2775): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x5c, r1, 0x1, 0x70bd2d, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x10}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x211e789c}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @ipv4={'\x00', '\xff\xff', @empty=0x1000000}}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @local}}]}, 0x5c}, 0x1, 0x3f00, 0x0, 0x40000}, 0x400c004) 271.486906ms ago: executing program 3 (id=2776): syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001680), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000002300)={0x0, 0x0, &(0x7f00000022c0)={0x0, 0x14}}, 0x10040) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x5, 0x2, 0x7, 0x0) r1 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) write$auto(r1, 0x0, 0xe) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x7fffffffffffffff) mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0) read$auto(r3, 0x0, 0x20) close_range$auto(r2, 0x8, 0x7) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/video59\x00', 0x0, 0x0) openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x2, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) socket(0x2, 0x1, 0x80000) adjtimex$auto(&(0x7f0000000140)={0x3, 0x0, 0x0, 0x6, 0x81, 0xae2a, 0x7f, 0x0, 0x6, 0x0, 0x7, {0xb7, 0x200}, 0x7, 0x5, 0x2, 0x9, 0x0, 0x3, 0x1, 0x0, 0x7fff, 0x48, 0x1}) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0xffffffffffffffff, 0x0) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0x101002, 0x0) connect$auto(0x4, 0x0, 0x10) mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) bpf$auto(0x21, &(0x7f0000000080)=@test={0xffffffffffffffff, 0xfe, 0x1, 0xf, 0x9, 0x10, 0x0, 0x8, 0x8, 0xc3, 0xc, 0x6, 0x7, 0x400, 0x14}, 0xc4a) io_uring_setup$auto(0x6, 0x0) 206.651796ms ago: executing program 0 (id=2777): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xb, 0xb5, 0x10, 0x4, 0x53000000, 0xffffffffffffffff, 0x9, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x4f4, 0x6}, 0x10) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/028/001\x00', 0xa901, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x80805, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x84, 0x17, 0x0, 0x27) semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0) ioctl$auto_USBDEVFS_SUBMITURB32(r0, 0x802c550a, &(0x7f00000001c0)=ANY=[@ANYBLOB="020000000000000005"]) close_range$auto(0x2, 0x8, 0x0) 206.270228ms ago: executing program 1 (id=2778): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') pipe$auto(&(0x7f0000000040)=0xffffffffffffffff) read$auto_proc_auxv_operations_base(r1, &(0x7f0000000440)=""/4096, 0x1000) close_range$auto(0x2, 0xa, 0x0) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) read$auto(r0, &(0x7f0000000100)='nl80211\x00', 0xbe62) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x1a, 0x3, 0x103) socket(0xf, 0x2, 0x80000002) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030009000000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a000100aaaaaaaaaabb00000a000500aaaaaaaaaa370000080004001000000008000200", @ANYRES32=0x0, @ANYBLOB="08001b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1b2}, 0x1, 0x0, 0x0, 0x24008004}, 0x40800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) write$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffffff, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 157.424278ms ago: executing program 1 (id=2779): unshare$auto(0x40000080) r0 = socket(0x0, 0x2, 0x800) setsockopt$auto(0x400000000000003, 0x29, 0x10001b, 0x0, 0x56b) unshare$auto(0x40000080) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket(0x1d, 0x2, 0x7) socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) bpf$auto(0xd, 0x0, 0x6f5) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0xd, 0x2000000080000001, 0x3) capset$auto(0x0, 0x0) setns(0xffffffffffffffff, 0x60020000) umount2$auto(&(0x7f0000000080)='.\x00', 0xa) ioprio_set$auto(0x2, 0x800000000, 0x8) fallocate$auto(r0, 0x0, 0x200000000000000d, 0x2000000000cbd5d) sendfile$auto(r2, 0x3, 0x0, 0x400000000009) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, 0x0, 0xfd}, 0x6a) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) clock_nanosleep$auto(0x9, 0xa000001c, 0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x20b42, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f00000003c0)) mmap$auto(0x6, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000002) 150.519255ms ago: executing program 0 (id=2780): madvise$auto_MADV_MERGEABLE(0x6, 0x7, 0xc) (async) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) (async) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x0, 0x0) ioctl$auto(r1, 0x4b49, r0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000017c0)='/sys/kernel/debug/lru_gen\x00', 0x1, 0x0) (async) r2 = socketpair$auto(0x4d, 0x25, 0x2, 0x0) mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/per_cpu/cpu0/buffer_size_kb\x00', 0x1, 0x0) (async) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/rpc/nfsd.fh/channel\x00', 0x8f3b7a51b80ebd01, 0x0) write$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f0000000040)="20ed20d1027e0dc0023af10e9bfa1babfa3a3753ca9a20370a", 0x19) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) read$auto(r4, 0x0, 0x1ff) write$auto(0x3, 0x0, 0xfdef) (async) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cec27\x00', 0x13db02, 0x0) (async) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0) syz_genetlink_get_family_id$auto_taskstats(&(0x7f00000000c0), r2) (async) read$auto(r5, 0x0, 0x20) (async) socket(0x11, 0x3, 0x6) (async) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3) open(0x0, 0x22240, 0x154) (async) mount$auto(0x0, 0x0, &(0x7f0000000180)='nfs\x00\x00', 0x200, 0x0) setreuid$auto(0x0, 0x0) setregid$auto(0x0, 0x0) (async) r7 = getpid() process_vm_readv$auto(r7, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0) (async) r8 = getpid() process_vm_readv$auto(r8, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) msgctl$auto_IPC_INFO(0x9, 0x3, &(0x7f0000000240)={{0x5, 0x0, 0x0, 0x7, 0x11, 0xfff, 0x81}, 0x0, 0x0, 0x89fc, 0x3, 0xfffffffffffffff7, 0x1000, 0x401, 0x6, 0xd, 0x4, @inferred=r7, @inferred=r7}) 545.177µs ago: executing program 1 (id=2781): r0 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_EDGE(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40001}, 0x400c091) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) writev$auto(r0, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2, 0x5, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_comp_sack_slack_ns\x00', 0x1, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r2, &(0x7f0000000280)='~', 0x1) r3 = openat$auto_memtype_fops_memtype(0xffffffffffffff9c, &(0x7f0000000000), 0xa8200, 0x0) pread64$auto(r3, &(0x7f0000000180)='\x00AK\xae\xb7\x7f\x9e\xc7\xea\x19\ve\xc5\xe7\x04\x8f\x1bQ\x93L\'\x81\'\x98\x19\xb4\xe4\x0e\x9f\x90\xbc', 0x40b6, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "00800000ffefffffff0200000001"}, 0x55) r4 = socket(0x2, 0x3, 0x100) r5 = syz_clone3(&(0x7f00000002c0)={0x4802200, &(0x7f0000000000)=0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), {0x8}, &(0x7f0000000100)=""/148, 0x94, &(0x7f00000001c0)=""/13, &(0x7f0000000200)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2}, 0x58) waitid$auto(0x184, r6, &(0x7f0000000340)={@_si_pad}, 0xe09, &(0x7f00000003c0)={{0x80000001}, {0x8, 0x200000000000}, 0x0, 0xcc, 0x100, 0x7, 0x2, 0x7, 0x3, 0x9, 0x6, 0x2, 0x3, 0x3, 0x6, 0xb}) r7 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000700)='./file0\x00', &(0x7f0000000740)={0x4200, 0x42, 0x28}, 0x18) fanotify_mark$auto(r6, 0x937c, 0x9, r7, &(0x7f0000000780)='./file0\x00') r8 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/net/raw\x00', 0x60080, 0x0) sendmmsg$auto(r1, &(0x7f00000006c0)={{&(0x7f0000000480)="a26be0401d1d8e50624abbaae37ca07a5c3ab48925a9d01da0f1dafe87b59052ac5b58c83e17beedc7b049f0db80496b712ed5ce6f6ac4ef1e1b8ae6c3f7e1990537fe18c1c11087d5f5d9e5857398db3f8cfe484e4424822e41f93a2d4f1f382bd0679ec675b4f353183cd08801c4f770d0220fc419250450cdf32d07c5ee1aef755b09af08ec65437765276f5b2c28c6eb5e3d1a369c5e23dee27dca094a5f7d0d668b3aa78d8d397657fa537af8ae3a499bbffb2bb6f2b554d532a97ec022bbe375870b580959f4bfe658aed1a129c6829d8d4d483bea38a91b1adb9cc42fde728d585efee3a51ed3add46fc4820d", 0x4, &(0x7f0000000240)={&(0x7f0000000580)="3de58e7aa02c81ca927ba6a6a7cc5423f690eb6f4f22a12a982a4824017815e4b752f8644f6f65a8484fe4c2842ded1cbc606803f3b98c6e6eae0879280170aad2c2996d3fba15d9b1d2b8eed0d2932db59780e76373cc03759b6c7f9c6d56658c4bc9aad0cf86c83f276e795ca9dac087fc9749be71376f608486df65f4b60cb886dd7be833894b34b8d656ea84c937ede98fe88c2efdc56143098f719b6c7f04d95daf20a0fe5333e0ce4f769482a0f19469d94edf01924d671f52ee3274aa1c9eb9f0464a3516156afaff867c16c6b4a3f29e56af87dd5dbb2fa751c9a0", 0x9}, 0x7ff, &(0x7f0000000680)="55e52104d7bcc1abf9cb1208b67dd9fec9a5f76ee6027e57103800afc35ba17c3cc64e68e03490db89870aeec36f2f41b35a437a27b4", 0x2, 0x401}, 0xf1}, 0x80, 0x9) pread64$auto(r8, 0x0, 0x8, 0xffff) r9 = openat2$auto(r0, &(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)={0x15, 0x2, 0x2}, 0x8) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_NEW(r10, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000000140)={0x38, r11, 0x1, 0x70bd26, 0x25dfdbff, {}, [@OVS_VPORT_ATTR_NETNSID={0x8, 0x9, 0x4}, @OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0x4}, @OVS_VPORT_ATTR_NAME={0x6, 0x3, '*\x00'}, @OVS_VPORT_ATTR_UPCALL_PID={0x4}, @OVS_VPORT_ATTR_IFINDEX={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x4040010}, 0x800) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000880)={'dvmrp1\x00', 0x0}) sendmsg$auto_OVS_VPORT_CMD_DEL(r9, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000008c0)={&(0x7f0000001900)={0x1548, r11, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@OVS_VPORT_ATTR_NETNSID={0x8, 0x9, 0xbcc}, @OVS_VPORT_ATTR_NETNSID={0x8, 0x9, 0x3ff}, @OVS_VPORT_ATTR_UPCALL_STATS={0x1438, 0xa, 0x0, 0x1, [@generic="d87630efc2f737522fd8db02112fa0e7184f34199359220366ff0a9349c94f08390ba7912ddc1f0acf5e5029d2aed4cff2f6190c6ea2b8b3683b8fdc437bbf2f11709b0d1b542c8eabde4c792ff1510ff913aa5f118e1bd70ac3166fe7b302af928ca00d928e439fd80d410b257a715101f93bf1e296a01559f7c790340d5a3d0658d0e336629ce0f20428b1f495c860ce557396ca274f005ba430e63e631a721c77c80d03495cb746", @typed={0x14, 0x116, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x28}}}, @generic="5e92e22dffd838b5c03c6841a45a4504296072a5c6930fcc927582b1d18828c20d31f9b1878c6d44548eeeaba275e4cceb7423ff3ad67f482531fe17d6140220fa4fb6087cab8081a674a6ee814b0ecc32ce85adf34e46667a25b13d6599c86cb3259abc8c0d4cc76921b81a4b9b4e528a4a533aed486e6c62363693d7d9b42de4ce331f192e84f44ea0b827b8cc10b057d4", @nested={0x209, 0xe6, 0x0, 0x1, [@typed={0xc, 0x143, 0x0, 0x0, @str='+[\'\xd2@{%\x00'}, @typed={0x8, 0x8, 0x0, 0x0, @pid=r5}, @nested={0x4, 0xd6}, @generic="7cdbd4e2da4394c1af79ad6421eff73bf2671ffe035f52815f5d9c294edb4de4610f9b37290dc0ef86692eac5816a540eb8474b3679c5161cd96fbc493026417b14f00b1fda356f0dfc4b50ef94aacb80d771d5b98ee838e0688a51bfffba56a66545a455428aae8d11f11bd2ba86d7b79e3468fdc9e1883f96a03bcbc6cabef05d4ff9ec9cae35350e156995aef8baf13139257ce11d4d81ec1284e87ff9827ae", @typed={0x8, 0x6b, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x39}}, @typed={0x8, 0xbc, 0x0, 0x0, @u32=0x2}, @typed={0x62, 0x85, 0x0, 0x0, @binary="db50e6736b084905b8bb43fbc062ccc473107f1c54fef8fcf14e32a0211ade1998c072ae3d62717196bb679ca51dc3ea8483a01bb409d6eb6d4e73038930dd837566e4a2533dbd4c3d2f3003616dd97100fc9a4363f6fdb28346a3de186f"}, @nested={0x4, 0x109}, @generic="82bc10e82cf4e6fc1f37334a56146a73ce746b64f328216c54125260104ad53ade56d5e5fe47659fc1e22ddba020460b674c450e7349b26f4f0dd56d54b29906cc45e0bdde3e6f2c1c2e11728314a191134c7cb4dc78a463cb54a1133b8058e6e5bcbc774e028e13c2aaffd3fd2d3faa3425be662f349c85495037d60f04a835a373b252f3f87d363165dda21de3ff3f419f25d52402abd401c3676e5cff45177f936a310fba5bd44f0cf530432fce2efba9a357f5092cddca256d4bcea60f2dba51e82b7a4e13c8456247d0c1d9f25c25f52885"]}, @generic="b72662dfd122c157a410cc4e261a3f0f1de5fb56eef3d710e2f683ac7f0f55462342fd02f6bab0dfa4", @nested={0x42, 0x118, 0x0, 0x1, [@generic="5f8ba340567058b4d9af262af745b762351adea18c425c4c4e44c83049d99930d735429b71b37a0fc78fea3c586f18283bcb78a1f60a85f54dc0f2c86600"]}, @typed={0x2e, 0xed, 0x0, 0x0, @str='/proc/sys/net/ipv4/tcp_comp_sack_slack_ns\x00'}, @generic="5c7991879dae770dae8a59dcf1d5694ac3fff41e8d0f67146527587293d2df0d908540f1c82db7ccb1ba559485d4bcf7abbdf6b439a2dd55e2771c82", @generic="f276b67b9b06c48c727a82ef561329546c88f33709e2d4e833a327c832f6d68ac4d5d38003c60c2588f1725ed4dcf18bf9d2dc7eb1f3f8f432e56987f5e045948061c53968f32ca47869a4103dad73a7ca10191653dfd5820bde47c71b6103562c37f47ca8715e88e7455ddc1b8e7b238de24f597a6a9e915e77888df990406a5914947a2cc4becbb862e003ae6cab9b0489579beec9728c4fafb2a1a249d633733b2b404df4f91deddffe541696f2f6cd61b47db19566c44c81413f9ce8bdb306d3a13ad7233a61cb9dd72cf89412a0cf30849afddbb001d81df96093bb47ab4e490b6493df703d43b5856e63dae018ee80d938b041d602252063535c60cab479d6ea2d23d167b44fd9f718ae961587d9cfee5bdf665a65a0aefbdad63cd0e5cbba8b814bcc8cd3bb30d16673661b95f0f40a70054d1743fb98f51a937750a3ddedcb59b5e259d5974fc969c736806b69a564710e69b79313d569e927bc41ded9d9cb74eba3ebcab34e0d16f6160ba6ad2140215a7396cbd4b6eb6d09d5df634f07316322c0cce5611f507bea1e8668f072a15ffcf0ed76f21b41b12670c450acd1d77eb62dd990724a06a095795ab82af6e7ab50a33b1d60ebe1f40ec67597e3b66a8760db57382f16904dfc66261d3eaa14f8ab2fd81311f1c8cf71aff748bbadd111dd5927ff45a04e42392deb1fe191e47c180eee37cc2df2dddd7b031ce36622d042353624c217e9ca54ff7e7161cdb0ee2f5252ae77125dbdb7e30051e3526075f98dde67142b07d7ccaca51ba9caafa90f5a34a139e38844fa464629267635fb383205e4f4b5ee899f6733474f9be37f9258c0afb80e6c4b32d15b72e120200077d2f6290e95c5c0fc5010ad66cc11d456bf8b1e6eda17400dcca0d07c81a244e766981fbc4614c04afa60d9362b86e2571ab5ffcacaa7465c2fb307cab5ac0953299566e0962b7e5f99188e61c5e82a5d8bb0e46eb911210198d086f01e72901cae2b2262bec7fc8389ea037a3310e4f1fe6cb5afb7a48add3cd18032d22441bc6afb9076f2f5773c1d4afcd11249bfdb4fe677aff742f08c0f605e5a0cd23271122bdc17cb810874d072d07d97e4d365a8fa83a6045686b211b28545030887116ab31d4b4f3e5552c984cf8167ec5e51a98eb6850d8c9a921457f464b42f428880987756bf51eb1edb5e34a9ffaee53d0f352a0558094be96a1cad1d3ac80751fa0c0f89b0271ae147593441d07cff66d13796d709709cfccd36db68f24e5ca1e393474e3f418aa7286291c486f2a791ffaa94b7b261a7379a9e3ec601843bc5b1ef4c4e94336e7cdc9a1dac2f27ba730abca83c4980533ba077f2682d3ad3ce485663337cd007370c3f7ea8303fcd04b37affd84e2bd1d263ed390bab9732a4bee4cdd500328fa864a5c1f2d4322131aae0eeabb8a41be7006df6cda990ffecb4df58c2b598d76ae6c88a5542b823d5ac308cc7f8c08fcfea675587e81f44afbce0299a365152edd92ff13059fcb3b7e97ec50f131eaf0549123f7c5279c9b879a9d456d350c5c77e3338864931475077b764a4499d2f6722f7429accd0f01b7333f841ee225d4a68dc7d7ace28f859a3a88321e76edefee1993c87a245758d45394cc1dee13c48a2e8e0a6179b5db7d585cc2ad7833cd0ed518807f9822bda96e39e4aa63b010f6be1eed9aa8117938560a85abbdf6540d84e7c3dcd2f9e8c6934cb3d01097ca44c4edebe7a0291935966c43e4bbdddd4d8ddbbff4a7527339dd23746ed0e75cc333c2464928dee4c59bdaf987c468ebf5b6b70769edd854ac610c085d73703b4008fcfbcb6d4ee8a9c994e12d3d7996f3a6cb9a9c8d3d5d201cf924a8ff54319b9eee18997cd11431b7190e03fc02f8fbe5962c3549ab91db37af4b7048a5acd4f45e451c61254199ef058cc99c4ddd528dd8e45597ba2597c53cf30255111ffd9f375d97ea0359915f6d9fc9775d56ffdee218183563a620dc0f3d2603cc0a882b11aa47300971f1cfbbe5a4d797451a0974c95d55a24dd504cdc8b7bc3a2172f21fb88b6dfbf3a0fc1e9f753f1256b2b18ff28a2b1d311a095ea5881d6c0ad990c904cbacd9670c4000bd4ad9e0649db28b7d00cd7a37526a1b5047fd66406376aa141f2f10627dd318ae9a79546106b710325e9cd52a03ca60c43cbeac36a5a78189f9d595090076e4d09052a72a32cf2f7fcf68aa236e000cdcbe3db0ea6afb815e9e995d7884c01a8e17660c8a607f2f98c20c972cf27e9469013ce6994347f4b36f575cc63fda226ac5b1f725b3b45138de2c5ff09f8f7b20d64702ec39eb333d1fe7c514f89091ac7f0b521fc662f7a5df9c34ff27a3e91104eea62ae9eee1e7b7e360e24e1d2d007f1104209bac12e6d1d3db810c8f05292aa1341f284d81d96c61cab9b95b4f02528aa2ac40e71bcc758a7fa326d0802d81ab03c8e48a993cd509a0a76b923b7d1c660d4a246d59432922f5adba911c1eab5eae6a832bbcecf6c6a8f78faf2cb8c87bba65158bf719bc31dcc9d0a7c7c3025a9a4b1f1594bada70061d800e400c822312b9bb9d6b6e5ce3ce5bac4d2ab4f1382cebff20ab072ff881dfc9ca53e1888c0b0e7836ab85f5f11c9755b844795efec2dfbe32b578b1a0f15cb8dd781c3d7a28dc5ffa5f6ea137bbf9274be27fde35fd472ea0a02c961d04f9ca2470a86e4fde06930575dfba4d34e521e1c53a9bd33cfdaea48b9112b0a076a630a1fd0d17e79210700b273163754c19ed58ad4914cdd914f9e13f4807156570120bcec5787e96ad0121e7711697628ee64e416773aaa04b8844b3b688e400f2946049a4def1f3a7c692b16248bfd1737acf6170e8708575461790833294e76d7686b0f642a3b86407e50a4299047dfc4d67e474f2ad3d6725348287a8258dc5ef474cf224a14d0caf181ed5e7a11016deb3d829ee3dec4a84a2370b364acaabad0a659ed1accaae7a9dabd49a2fd449d52a9beeeecc7e75125acaa516638a7a7e56def2a35fc986ce65041596daf51729a1a4cad9a0de73d18449443640cc701c1c82d2856030065e207f9530307309c6f12ed62f3a49022454147917c5b9b53c6feca0a85dad6cde4d4dada9dda2f54aa9b329e3a12aea05336a8e9e29b5264c482e6f404a718d7622bf6b97f7a4f4fb42e215c864b881e03e41cf362b80031092cd4cc9836103332e244feb780ba4dba575384b09ebe289be5a94d32afdeea07b3e7275091c31882ce9745ec3a176729fb1523a51cc05f5d1517c0d42bdd93b5fba6f27aefe2472e1ba1cf74b5c5e461cc8e805ed85c795dbed28869f1cb2524bc04e37386249a3c7db59f0d4056bb7cba5c43d3c3fe65b6784627d81af83669de317a953e1fa7c3c070c81d03432323169298cfe7eef1b894f842ba45b03673623d7dd936c6bef3fe13d0291fd099ad11dbaff715f50b1654068171ffa4d5db879aae12db28fadaa4a0585af1b61f9b5ceeb63781be01256fefe9f0696706d56d72d42cff1253963e4a23a9750f108bc26645c9779223d92b8dc7091b1d96593b121f3def7cdf7bfe88ef42b5d71d85b2ea089c722058ec440d4f0622e4c46c8a28d1fed1a6bfdb0efbe1a2f44db475dc453405e1e0622c764e089c433c372416529d0c10ecd27ed5268137fc1a4278cc73e09c7ea766936a832f0f84de0ce9fb197ea09855c6a574e25d858128771b3bca8bebcada851444b0dfee8417bf268b1f867f5a037db65aa2d76fb7dfceb4b02d5b4d6bb073f0eb3bf320fa623798f338ddad9fb2df73a5f37353bcb29b73f600215c9dde11e164b1777dd4d9a13f06fef57ba1fd9ee5d39da97fb59df67f99768775fa2c4da785f6069102999c8d8a8623b2d0eea45266c95c9941db0220221b0ce1133d2a982a82af307076d1d8b9eabc48c9dc752ad27f90ce3ab78ca8479d06c3cd11c121c390054bde089d1b4fbc70e37240052dc61eaa2935768e5f9f2962e4ad72f9f683f8dd7cf45812365bd049db1db9428d2230cd83ec93f0664573d9e9952ef0b79ac8893a382e236e4d980b16acb1d949d8683bafcad199633c80c91c5ec1f1ac4ec2150d646b2f2b03631a1caee35d54ab8a9d1a06ec41bb3cafc5a33fba6192ce1b76024d4b95ca5ba2a74a30b3df8e91bbafa9e6dec303267397b50a190f9e462e5c641fe1d75777d974a881371b8e9604beb8d490555c9c4ad2b97a06b3172cfb75c377ec06d4b0140bc594a1f00e184d130ad526bcb21f22560ba1c1a6384ba884a249784e645ea0f443a8d23128abfbaccf010923e2b468e1d23ed4f2c93154f090720f921443f5afe1ecc8ec66c21cebf601fda3f90905f4f1a17465741db00e13913b4cfcd2745562f600093841a7a1528c05e4d59da199c06e41936e1bea3ae9a082ec2c7964b0c86574aaef3f8a0b3e1155b3d55856347e37059e1d56276f5e938f3e238b0e7e9bc21e9c00a72f64095a18e00b713769fcfc100fd4a3b427e1563e10570edabbd590123836b94f53731c8fc3613d3b3e26f296464912c1cb3388f2c8bf1da4132f0bd1be8481a4b3dd8d97fd132202c43e83064c5f3f76f343cf94b7e17b23c92dbcf7bd0eb9046b2da345a1b6020c6176760792db490b6d0e6d0cbeafebfcd0f5bd80354b2cbefc4055e5eb44657ffc9221b9b395d9237880a9a2492ae1aae483cfdcbac667dad3a52d698f2c8acb6baa0e3970715cc9aded909e8b2e802db8c4df46c6cb3e794950ee945c6e17df55699f219934baf1d711c95dde9dbf59ea639ce36b66edabb874a02d2b34c97f287eda26966d7f44d5e947af710292c83aa7be3c33653c0151a4d422eede4ceef22b0dbc1420f885ac59616d4f3cdcbb1387b63f9e32057137137447a456cae7c3500480c9d3ff42898ba140fd11fa4952ebd7ccdf1eb24e7195052156043fe7c072f1fc7d0d4696b11849bcc200763c1f7321e05bf7e9dc90f92f104ff49040c608e71d8a8b293006b8783810fc58aa56922956962397f9b453ec3110e42382b2da0fcd1e7c7a88231b212c3d631dd9277dca3d484a9998db4d10fffee574b3635e8a83f4e7c1dd9e4a92343d3f409591004cfe4788bf70d383134c50aa51d6395986857f1273c21c93c83df8ba0e0c22fe3bd149442f67c0d81bec409305a12c28388fad9dbade3c2b8433416f2979601547c68d588a6b3bd7e7eba97b0887badb1b23b150164b14e3e0201ec152a251e92c16f455c799d7385e4542ecde767b81c849adb91c3f5ad89661731dbb7bb029c5ae6f085d0a819be1551556682ec78af076ea364522ac05244445e212be8283908efd243cab9f0c3129c83437df391b8430b4feab11bee73740675dce4c15571b1f5443db7da423473c994e3897d04928709fa9e5622c3c46b4f02d8936b2beabcd529f202d66b0b21e405f66e218aa84169c88c08ddcaae1c8e07a083ee020564792adeb2c0a419033ea404ba20c0708deda91932c7e408fd1fc3ba721ccf6dabcd1abd070027179b4815e3a0a9e44b8ee662368a8e7697a6416213dea24fb05f35514778e846a941360cc3b94236f4eb738e9213858cb75721929a9c04b9922e2efefca5f9b03773d8f36a0a70bf10ac54baf469eaba0963de30246c8d9186533af9b65d5b4fb05c2953d9ce4f98a505c1cef4d33f3c94a5257a81fa2d685c723dc263797c68027132291d105ea903fa4aef5a9e90401798166a5ef4b66ef5b2363ba6fe324322edb973244929d1ad8e4f3538665084563444d93978a82a815088e52f7"]}, @OVS_VPORT_ATTR_NETNSID={0x8, 0x9, 0xb}, @OVS_VPORT_ATTR_NETNSID={0x8, 0x9, 0xb}, @OVS_VPORT_ATTR_IFINDEX={0x8, 0x8, r12}, @OVS_VPORT_ATTR_STATS={0x44, 0x6, {0x4, 0xffffffffffffffff, 0x8, 0x4, 0x7, 0x6, 0x4, 0xd8ccb95}}, @OVS_VPORT_ATTR_STATS={0x44, 0x6, {0x3ff, 0x100000001, 0xfffffffffffffc01, 0x7, 0x4, 0x0, 0x8, 0x6}}, @OVS_VPORT_ATTR_NAME={0x5, 0x3, '\x00'}, @OVS_VPORT_ATTR_STATS={0x44, 0x6, {0x7, 0x80000000, 0x5, 0x6, 0x0, 0xffffffff, 0x1ff, 0x6}}]}, 0x1548}, 0x1, 0x0, 0x0, 0x840}, 0x10) 0s ago: executing program 0 (id=2782): r0 = prctl$auto(0x8, 0x1, 0xffffffffffffffff, 0x0, 0x0) r1 = socket(0x11, 0x3, 0x6) sendmsg$auto_HWSIM_CMD_REGISTER(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) mlockall$auto(0x7) process_madvise$auto_MADV_DOFORK(r0, &(0x7f0000000040)={&(0x7f00000002c0)="249952f12ee27cc42ce6b2c5ea342adfc8243f568fb086e50a69913a26fb9c8c24d4c62a00a497c66d0466a83b7e0025d62ea1415e116991e34162e1bea06e1183f8c662674f0b62061d69a6687a7b8a789b0629d4a1e063c9c6c1688b7c5698966ffaf7f174000ceaddcf6968418304fc5d7cd93b6e6e7ef0da00427e25ddf8d01bb1de22bbe117b97fec42e1a1a759403eed1e1081331d89c8a2219051", 0x6}, 0x3, 0xb, 0x1) madvise$auto(0x2000, 0xffffffffffff0001, 0x9) sendmsg$auto_HANDSHAKE_CMD_DONE(0xffffffffffffffff, 0x0, 0x20040000) syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x8, 0xde, 0x9b72, 0x2, 0x8000) mkdir$auto(&(0x7f0000000180)='./file0\x00', 0xe34e) chroot$auto(&(0x7f0000000200)='./file0\x00') getcwd$auto(0x0, 0x3fe) r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/swaps\x00', 0x0, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/radio31\x00', 0x20003, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) semctl$auto_IPC_RMID(0x36d5, 0xff, 0x0, 0x9) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) mq_timedreceive$auto(0xffffffffffffffff, 0x0, 0x6, 0x0, &(0x7f0000000140)={0x7fff800000000}) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x848000000015, 0x805, 0x0) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6b) connect$auto(r3, &(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x55) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r3, &(0x7f0000001dc0)={0x0, 0x100000, &(0x7f0000001d80)={0x0}, 0x1, 0x0, 0x0, 0x90}, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socket(0x15, 0x5, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.94' (ED25519) to the list of known hosts. [ 97.638372][ T5828] cgroup: Unknown subsys name 'net' [ 97.797956][ T5828] cgroup: Unknown subsys name 'cpuset' [ 97.808006][ T5828] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 99.628466][ T5828] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 101.915607][ T5845] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 101.924247][ T5845] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 101.932155][ T5845] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 101.940327][ T5845] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 101.948871][ T5845] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 101.956571][ T5845] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 101.964439][ T5845] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 101.972194][ T5845] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 101.982094][ T5855] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 101.982487][ T5854] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 101.990338][ T5855] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 102.000286][ T5854] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 102.011972][ T5854] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 102.019324][ T55] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 102.021509][ T5854] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 102.029170][ T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 102.035109][ T5854] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 102.041847][ T55] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 102.068907][ T5854] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 102.083815][ T5841] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 102.605641][ T5844] chnl_net:caif_netlink_parms(): no params data found [ 102.730726][ T5840] chnl_net:caif_netlink_parms(): no params data found [ 102.911946][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 102.948881][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.957178][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.964944][ T5844] bridge_slave_0: entered allmulticast mode [ 102.972511][ T5844] bridge_slave_0: entered promiscuous mode [ 103.039516][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.047020][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.054925][ T5844] bridge_slave_1: entered allmulticast mode [ 103.062357][ T5844] bridge_slave_1: entered promiscuous mode [ 103.071039][ T5846] chnl_net:caif_netlink_parms(): no params data found [ 103.150821][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.158736][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.167070][ T5840] bridge_slave_0: entered allmulticast mode [ 103.174811][ T5840] bridge_slave_0: entered promiscuous mode [ 103.211279][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 103.251276][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.258595][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.266089][ T5840] bridge_slave_1: entered allmulticast mode [ 103.273872][ T5840] bridge_slave_1: entered promiscuous mode [ 103.299938][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 103.309579][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.317129][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.324700][ T5838] bridge_slave_0: entered allmulticast mode [ 103.332176][ T5838] bridge_slave_0: entered promiscuous mode [ 103.377330][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.384734][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.391980][ T5838] bridge_slave_1: entered allmulticast mode [ 103.400622][ T5838] bridge_slave_1: entered promiscuous mode [ 103.467855][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 103.481739][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 103.502475][ T5844] team0: Port device team_slave_0 added [ 103.561441][ T5844] team0: Port device team_slave_1 added [ 103.570423][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 103.586725][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 103.672146][ T5840] team0: Port device team_slave_0 added [ 103.682025][ T5840] team0: Port device team_slave_1 added [ 103.688877][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.697765][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.705176][ T5846] bridge_slave_0: entered allmulticast mode [ 103.712608][ T5846] bridge_slave_0: entered promiscuous mode [ 103.722364][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.730014][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.756657][ T3083] cfg80211: failed to load regulatory.db [ 103.756724][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.807597][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.815437][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.822676][ T5846] bridge_slave_1: entered allmulticast mode [ 103.830636][ T5846] bridge_slave_1: entered promiscuous mode [ 103.840859][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.847925][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.874343][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.888752][ T5838] team0: Port device team_slave_0 added [ 103.940224][ T5838] team0: Port device team_slave_1 added [ 103.947199][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.954915][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.981136][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.011095][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.037239][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.044631][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.071243][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.093389][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.114132][ T5841] Bluetooth: hci3: command tx timeout [ 104.119990][ T5849] Bluetooth: hci2: command tx timeout [ 104.120501][ T55] Bluetooth: hci0: command tx timeout [ 104.129706][ T5854] Bluetooth: hci1: command tx timeout [ 104.155981][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.163511][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.189897][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.231669][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.239381][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.265615][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.311036][ T5844] hsr_slave_0: entered promiscuous mode [ 104.317931][ T5844] hsr_slave_1: entered promiscuous mode [ 104.337774][ T5846] team0: Port device team_slave_0 added [ 104.349285][ T5846] team0: Port device team_slave_1 added [ 104.376949][ T5840] hsr_slave_0: entered promiscuous mode [ 104.383949][ T5840] hsr_slave_1: entered promiscuous mode [ 104.390330][ T5840] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 104.399693][ T5840] Cannot create hsr debugfs directory [ 104.523568][ T5838] hsr_slave_0: entered promiscuous mode [ 104.531762][ T5838] hsr_slave_1: entered promiscuous mode [ 104.538421][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 104.546349][ T5838] Cannot create hsr debugfs directory [ 104.553217][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.560424][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.586490][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.645569][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.652615][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.679341][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.898209][ T5846] hsr_slave_0: entered promiscuous mode [ 104.905127][ T5846] hsr_slave_1: entered promiscuous mode [ 104.911503][ T5846] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 104.919851][ T5846] Cannot create hsr debugfs directory [ 105.237370][ T5840] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 105.261043][ T5840] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 105.275493][ T5840] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 105.307663][ T5840] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 105.373064][ T5844] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 105.387696][ T5844] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 105.402249][ T5844] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 105.417029][ T5844] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 105.526172][ T5838] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 105.542508][ T5838] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 105.565621][ T5838] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 105.583888][ T5838] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 105.704763][ T5846] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 105.723679][ T5846] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 105.753237][ T5846] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 105.769358][ T5846] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 105.831053][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.873992][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.917992][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.956884][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.964334][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.991404][ T1151] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.998690][ T1151] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.049988][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.135762][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.143048][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.169689][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.180622][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.188066][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.193344][ T5854] Bluetooth: hci1: command tx timeout [ 106.196387][ T5849] Bluetooth: hci2: command tx timeout [ 106.200981][ T5854] Bluetooth: hci0: command tx timeout [ 106.206411][ T55] Bluetooth: hci3: command tx timeout [ 106.251742][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.306864][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.337483][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.344752][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.378475][ T1151] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.385752][ T1151] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.408694][ T5846] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.460170][ T1033] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.467437][ T1033] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.511075][ T1033] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.518363][ T1033] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.541079][ T5844] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 106.629329][ T5838] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 106.770521][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.961261][ T5840] veth0_vlan: entered promiscuous mode [ 107.014111][ T5840] veth1_vlan: entered promiscuous mode [ 107.125721][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.181604][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.194693][ T5840] veth0_macvtap: entered promiscuous mode [ 107.209700][ T5840] veth1_macvtap: entered promiscuous mode [ 107.298601][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.309885][ T5838] veth0_vlan: entered promiscuous mode [ 107.327969][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.355766][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.371968][ T5840] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.383410][ T5840] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.392170][ T5840] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.407406][ T5840] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.420680][ T5838] veth1_vlan: entered promiscuous mode [ 107.465726][ T5844] veth0_vlan: entered promiscuous mode [ 107.505562][ T5838] veth0_macvtap: entered promiscuous mode [ 107.536521][ T5838] veth1_macvtap: entered promiscuous mode [ 107.544531][ T5844] veth1_vlan: entered promiscuous mode [ 107.591789][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 107.606382][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.620380][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.634244][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 107.645480][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.659071][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.746899][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.757830][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.771208][ T5838] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.784400][ T5838] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.794274][ T5838] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.804059][ T5838] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.818280][ T5846] veth0_vlan: entered promiscuous mode [ 107.855026][ T5846] veth1_vlan: entered promiscuous mode [ 107.893598][ T1151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.905829][ T5844] veth0_macvtap: entered promiscuous mode [ 107.912134][ T1151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.002348][ T5844] veth1_macvtap: entered promiscuous mode [ 108.042890][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.050784][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.072565][ T5846] veth0_macvtap: entered promiscuous mode [ 108.113477][ T5846] veth1_macvtap: entered promiscuous mode [ 108.152156][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 108.162257][ T5840] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 108.168137][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.187906][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 108.199229][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.210773][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.229332][ T1098] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.240683][ T1098] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.267501][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 108.282065][ T55] Bluetooth: hci3: command tx timeout [ 108.282101][ T5841] Bluetooth: hci1: command tx timeout [ 108.287772][ T55] Bluetooth: hci2: command tx timeout [ 108.294750][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.302867][ T5849] Bluetooth: hci0: command tx timeout [ 108.311743][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 108.329111][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.350731][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.384832][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 108.432359][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.450687][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 108.468283][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.479393][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 108.493989][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.511129][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.534075][ T5844] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.545818][ T5844] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.559197][ T5844] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.565988][ T5902] netlink: 29 bytes leftover after parsing attributes in process `syz.0.1'. [ 108.572210][ T5844] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.623818][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 108.652840][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.686999][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 108.713458][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.742873][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 108.762925][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.790234][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.842011][ T5846] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.872863][ T5846] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.892868][ T5846] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.902938][ T5846] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.170811][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.193462][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.256039][ T1151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.308776][ T1151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.469578][ T37] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.497344][ T37] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.530838][ T5915] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6'. [ 109.549862][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.575946][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.357543][ T5849] Bluetooth: hci0: command tx timeout [ 110.367175][ T5841] Bluetooth: hci1: command tx timeout [ 110.367206][ T5854] Bluetooth: hci2: command tx timeout [ 110.372640][ T5841] Bluetooth: hci3: command tx timeout [ 110.990694][ T5928] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 111.047838][ T5932] debugfs: Directory 'ttyS2' with parent 'caif_serial' already present! [ 112.200805][ T30] audit: type=1800 audit(6039065399.641:2): pid=5965 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.11" name="features" dev="configfs" ino=7446 res=0 errno=0 [ 113.503146][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 113.633631][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 115.750247][ T6025] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 117.285024][ T6039] FAULT_INJECTION: forcing a failure. [ 117.285024][ T6039] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 117.398361][ T6039] CPU: 1 UID: 0 PID: 6039 Comm: syz.0.28 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 117.398422][ T6039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 117.398446][ T6039] Call Trace: [ 117.398467][ T6039] [ 117.398483][ T6039] dump_stack_lvl+0x16c/0x1f0 [ 117.398550][ T6039] should_fail_ex+0x512/0x640 [ 117.398597][ T6039] should_fail_alloc_page+0xe7/0x130 [ 117.398633][ T6039] prepare_alloc_pages+0x3c2/0x610 [ 117.398676][ T6039] ? rcu_is_watching+0x12/0xc0 [ 117.398723][ T6039] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 117.398782][ T6039] ? do_raw_spin_lock+0x12c/0x2b0 [ 117.398820][ T6039] ? find_held_lock+0x2b/0x80 [ 117.398867][ T6039] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 117.398914][ T6039] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 117.398970][ T6039] ? stack_depot_save_flags+0x3e6/0xa50 [ 117.399019][ T6039] ? kasan_save_stack+0x42/0x60 [ 117.399072][ T6039] ? __lock_acquire+0xaa4/0x1ba0 [ 117.399098][ T6039] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 117.399135][ T6039] ? policy_nodemask+0xea/0x4e0 [ 117.399192][ T6039] alloc_pages_mpol+0x1fb/0x550 [ 117.399223][ T6039] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 117.399250][ T6039] ? __page_table_check_ptes_set+0x1ae/0x420 [ 117.399314][ T6039] ? find_held_lock+0x2b/0x80 [ 117.399362][ T6039] alloc_pages_noprof+0x131/0x390 [ 117.399400][ T6039] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 117.399447][ T6039] get_free_pages_noprof+0xc/0x40 [ 117.399480][ T6039] kasan_populate_vmalloc_pte+0x2d/0x160 [ 117.399527][ T6039] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 117.399573][ T6039] __apply_to_page_range+0x5f9/0xd30 [ 117.399619][ T6039] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 117.399672][ T6039] ? __pfx___apply_to_page_range+0x10/0x10 [ 117.399713][ T6039] ? alloc_vmap_area+0x872/0x2970 [ 117.399757][ T6039] alloc_vmap_area+0x919/0x2970 [ 117.399810][ T6039] ? __pfx_alloc_vmap_area+0x10/0x10 [ 117.399858][ T6039] __get_vm_area_node+0x1a7/0x300 [ 117.399906][ T6039] __vmalloc_node_range_noprof+0x277/0x1540 [ 117.399950][ T6039] ? __do_sys_listmount+0x1c2/0xed0 [ 117.400007][ T6039] ? __do_sys_listmount+0x1c2/0xed0 [ 117.400056][ T6039] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 117.400115][ T6039] __kvmalloc_node_noprof+0x2ff/0x600 [ 117.400164][ T6039] ? __do_sys_listmount+0x1c2/0xed0 [ 117.400207][ T6039] ? __do_sys_listmount+0x1c2/0xed0 [ 117.400256][ T6039] ? __do_sys_listmount+0x1c2/0xed0 [ 117.400295][ T6039] __do_sys_listmount+0x1c2/0xed0 [ 117.400344][ T6039] ? __x64_sys_futex+0x1e0/0x4c0 [ 117.400403][ T6039] ? __x64_sys_futex+0x1e9/0x4c0 [ 117.400450][ T6039] ? __pfx___do_sys_listmount+0x10/0x10 [ 117.400492][ T6039] ? xfd_validate_state+0x5d/0x180 [ 117.400546][ T6039] do_syscall_64+0xcd/0x260 [ 117.400597][ T6039] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.400628][ T6039] RIP: 0033:0x7fdcfe78d169 [ 117.400653][ T6039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 117.400685][ T6039] RSP: 002b:00007fdcff52d038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 117.400729][ T6039] RAX: ffffffffffffffda RBX: 00007fdcfe9a6160 RCX: 00007fdcfe78d169 [ 117.400750][ T6039] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 117.400770][ T6039] RBP: 00007fdcfe80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 117.400788][ T6039] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 117.400805][ T6039] R13: 0000000000000000 R14: 00007fdcfe9a6160 R15: 00007ffce5555e88 [ 117.400844][ T6039] [ 117.401146][ T6039] syz.0.28: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null) [ 117.713457][ C1] vkms_vblank_simulate: vblank timer overrun [ 117.915030][ T6039] ,cpuset=/,mems_allowed=0-1 [ 117.915366][ T6039] CPU: 1 UID: 0 PID: 6039 Comm: syz.0.28 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 117.915403][ T6039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 117.915422][ T6039] Call Trace: [ 117.915433][ T6039] [ 117.915444][ T6039] dump_stack_lvl+0x16c/0x1f0 [ 117.915497][ T6039] warn_alloc+0x248/0x3a0 [ 117.915558][ T6039] ? __pfx_warn_alloc+0x10/0x10 [ 117.915609][ T6039] ? kfree+0x2b6/0x4d0 [ 117.915659][ T6039] ? __get_vm_area_node+0x1e5/0x300 [ 117.915707][ T6039] __vmalloc_node_range_noprof+0xd31/0x1540 [ 117.915764][ T6039] ? __do_sys_listmount+0x1c2/0xed0 [ 117.915816][ T6039] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 117.915872][ T6039] __kvmalloc_node_noprof+0x2ff/0x600 [ 117.915915][ T6039] ? __do_sys_listmount+0x1c2/0xed0 [ 117.915955][ T6039] ? __do_sys_listmount+0x1c2/0xed0 [ 117.916008][ T6039] ? __do_sys_listmount+0x1c2/0xed0 [ 117.916045][ T6039] __do_sys_listmount+0x1c2/0xed0 [ 117.916094][ T6039] ? __x64_sys_futex+0x1e0/0x4c0 [ 117.916137][ T6039] ? __x64_sys_futex+0x1e9/0x4c0 [ 117.916181][ T6039] ? __pfx___do_sys_listmount+0x10/0x10 [ 117.916224][ T6039] ? xfd_validate_state+0x5d/0x180 [ 117.916272][ T6039] do_syscall_64+0xcd/0x260 [ 117.916327][ T6039] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.916357][ T6039] RIP: 0033:0x7fdcfe78d169 [ 117.916383][ T6039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 117.916413][ T6039] RSP: 002b:00007fdcff52d038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 117.916441][ T6039] RAX: ffffffffffffffda RBX: 00007fdcfe9a6160 RCX: 00007fdcfe78d169 [ 117.916462][ T6039] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 117.916481][ T6039] RBP: 00007fdcfe80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 117.916499][ T6039] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 117.916517][ T6039] R13: 0000000000000000 R14: 00007fdcfe9a6160 R15: 00007ffce5555e88 [ 117.916555][ T6039] [ 117.916566][ T6039] Mem-Info: [ 117.916585][ T6039] active_anon:10203 inactive_anon:0 isolated_anon:0 [ 117.916585][ T6039] active_file:795 inactive_file:38803 isolated_file:0 [ 117.916585][ T6039] unevictable:768 dirty:797 writeback:22 [ 117.916585][ T6039] slab_reclaimable:9947 slab_unreclaimable:93961 [ 117.916585][ T6039] mapped:28820 shmem:6295 pagetables:796 [ 117.916585][ T6039] sec_pagetables:0 bounce:0 [ 117.916585][ T6039] kernel_misc_reclaimable:0 [ 117.916585][ T6039] free:1354185 free_pcp:447 free_cma:0 [ 117.916664][ T6039] Node 0 active_anon:40812kB inactive_anon:0kB active_file:3180kB inactive_file:155140kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:115280kB dirty:3188kB writeback:88kB shmem:23644kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10564kB pagetables:3184kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 117.916748][ T6039] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 117.916832][ T6039] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 117.916914][ T6039] lowmem_reserve[]: 0 2482 2483 2483 2483 [ 117.916972][ T6039] Node 0 DMA32 free:1491580kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:40768kB inactive_anon:0kB active_file:3180kB inactive_file:153560kB unevictable:1536kB writepending:3276kB present:3129332kB managed:2541688kB mlocked:0kB bounce:0kB free_pcp:1740kB local_pcp:1512kB free_cma:0kB [ 117.917054][ T6039] lowmem_reserve[]: 0 0 1 1 1 [ 117.917108][ T6039] Node 0 Normal free:12kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1580kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 117.917187][ T6039] lowmem_reserve[]: 0 0 0 0 0 [ 117.917243][ T6039] Node 1 Normal free:3910124kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:0kB free_cma:0kB [ 117.917335][ T6039] lowmem_reserve[]: 0 0 0 0 0 [ 117.917394][ T6039] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 117.917583][ T6039] Node 0 DMA32: 24*4kB (UME) 149*8kB (UME) 135*16kB (UM) 24*32kB (UME) 3*64kB (UM) 2*128kB (UM) 9*256kB (ME) 6*512kB (ME) 1*1024kB (U) 3*2048kB (M) 360*4096kB (M) = 1491768kB [ 117.917850][ T6039] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 117.918044][ T6039] Node 1 Normal: 225*4kB (UE) 51*8kB (UME) 49*16kB (UME) 220*32kB (UME) 99*64kB (UME) 35*128kB (UME) 14*256kB (UME) 11*512kB (UME) 4*1024kB (UME) 3*2048kB (UE) 945*4096kB (M) = 3910124kB [ 117.918323][ T6039] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 117.918351][ T6039] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 117.918373][ T6039] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 117.918399][ T6039] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 117.918425][ T6039] 45922 total pagecache pages [ 117.918443][ T6039] 29 pages in swap cache [ 117.918454][ T6039] Free swap = 124880kB [ 117.918466][ T6039] Total swap = 124996kB [ 117.918479][ T6039] 2097051 pages RAM [ 117.918489][ T6039] 0 pages HighMem/MovableOnly [ 117.918500][ T6039] 429587 pages reserved [ 117.918511][ T6039] 0 pages cma reserved [ 118.530187][ T6062] netlink: 4 bytes leftover after parsing attributes in process `syz.1.33'. [ 118.532441][ T6062] netlink: 354 bytes leftover after parsing attributes in process `syz.1.33'. [ 118.532523][ T6062] Zero length message leads to an empty skb [ 119.124181][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 119.125286][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 119.246439][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 119.842284][ C1] vkms_vblank_simulate: vblank timer overrun [ 119.903182][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 119.910971][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 120.242010][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 120.243419][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 120.469479][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 121.938398][ T6116] netlink: 28 bytes leftover after parsing attributes in process `syz.1.42'. [ 121.962149][ T6116] veth1_macvtap: left promiscuous mode [ 122.322436][ T30] audit: type=1800 audit(4294967297.390:3): pid=6122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.43" name=05 dev="tmpfs" ino=93 res=0 errno=0 [ 124.590914][ T6158] FAULT_INJECTION: forcing a failure. [ 124.590914][ T6158] name failslab, interval 1, probability 0, space 0, times 1 [ 124.603991][ T6158] CPU: 1 UID: 0 PID: 6158 Comm: syz.2.53 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 124.604029][ T6158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 124.604046][ T6158] Call Trace: [ 124.604056][ T6158] [ 124.604067][ T6158] dump_stack_lvl+0x16c/0x1f0 [ 124.604120][ T6158] should_fail_ex+0x512/0x640 [ 124.604164][ T6158] should_failslab+0xc2/0x120 [ 124.604196][ T6158] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 124.604247][ T6158] ? skb_clone+0x190/0x3f0 [ 124.604294][ T6158] skb_clone+0x190/0x3f0 [ 124.604338][ T6158] dev_queue_xmit_nit+0x3e7/0xca0 [ 124.604394][ T6158] dev_hard_start_xmit+0x5b6/0x740 [ 124.604436][ T6158] __dev_queue_xmit+0x7eb/0x43e0 [ 124.604487][ T6158] ? __local_bh_enable_ip+0xa4/0x120 [ 124.604531][ T6158] ? lockdep_hardirqs_on+0x7c/0x110 [ 124.604581][ T6158] ? ipt_do_table+0xd48/0x1ac0 [ 124.604628][ T6158] ? __local_bh_enable_ip+0xa4/0x120 [ 124.604671][ T6158] ? ipt_do_table+0xd78/0x1ac0 [ 124.604721][ T6158] ? __pfx___dev_queue_xmit+0x10/0x10 [ 124.604771][ T6158] ? __lock_acquire+0xaa4/0x1ba0 [ 124.604822][ T6158] ? find_held_lock+0x2b/0x80 [ 124.604874][ T6158] ip_finish_output2+0xc38/0x21a0 [ 124.604923][ T6158] ? ip_skb_dst_mtu+0x3e3/0xe90 [ 124.604978][ T6158] ? __pfx_ip_finish_output2+0x10/0x10 [ 124.605021][ T6158] ? ip_skb_dst_mtu+0x496/0xe90 [ 124.605063][ T6158] ? __pfx_ip_skb_dst_mtu+0x10/0x10 [ 124.605116][ T6158] __ip_finish_output+0x49e/0x950 [ 124.605167][ T6158] ip_finish_output+0x35/0x380 [ 124.605217][ T6158] ip_output+0x13b/0x2a0 [ 124.605259][ T6158] ? __pfx_ip_output+0x10/0x10 [ 124.605303][ T6158] __ip_queue_xmit+0x1d7d/0x26c0 [ 124.605359][ T6158] ? __pfx_ip_queue_xmit+0x10/0x10 [ 124.605404][ T6158] __tcp_transmit_skb+0x2686/0x3e90 [ 124.605458][ T6158] ? __pfx___tcp_transmit_skb+0x10/0x10 [ 124.605491][ T6158] ? tcp_v4_do_rcv+0x5ca/0xa90 [ 124.605517][ T6158] ? __release_sock+0x31b/0x400 [ 124.605560][ T6158] ? release_sock+0x5a/0x220 [ 124.605621][ T6158] ? ktime_get+0x200/0x310 [ 124.605663][ T6158] ? lockdep_hardirqs_on+0x7c/0x110 [ 124.605715][ T6158] tcp_write_xmit+0x1274/0x8770 [ 124.605781][ T6158] ? kfree_skbmem+0x1a4/0x1f0 [ 124.605822][ T6158] __tcp_push_pending_frames+0xaf/0x390 [ 124.605864][ T6158] tcp_rcv_established+0xd81/0x2180 [ 124.605926][ T6158] ? __pfx_tcp_rcv_established+0x10/0x10 [ 124.605974][ T6158] ? ipv4_dst_check+0x1a8/0x3b0 [ 124.606030][ T6158] ? __pfx_ipv4_dst_check+0x10/0x10 [ 124.606078][ T6158] tcp_v4_do_rcv+0x5ca/0xa90 [ 124.606110][ T6158] ? __pfx_tcp_v4_do_rcv+0x10/0x10 [ 124.606138][ T6158] __release_sock+0x31b/0x400 [ 124.606190][ T6158] release_sock+0x5a/0x220 [ 124.606231][ T6158] tcp_recvmsg+0x13a/0x680 [ 124.606266][ T6158] ? __pfx_tcp_recvmsg+0x10/0x10 [ 124.606309][ T6158] ? aa_sk_perm+0x2f4/0xb10 [ 124.606352][ T6158] ? __pfx_tcp_recvmsg+0x10/0x10 [ 124.606381][ T6158] inet_recvmsg+0x12a/0x6a0 [ 124.606409][ T6158] ? __fget_files+0x204/0x3c0 [ 124.606455][ T6158] ? __pfx_inet_recvmsg+0x10/0x10 [ 124.606498][ T6158] sock_recvmsg+0x1b2/0x250 [ 124.606562][ T6158] __sys_recvfrom+0x203/0x310 [ 124.606599][ T6158] ? 0xffffffff81000000 [ 124.606623][ T6158] ? __pfx___sys_recvfrom+0x10/0x10 [ 124.606698][ T6158] ? ksys_write+0x1b9/0x240 [ 124.606742][ T6158] ? __pfx_ksys_write+0x10/0x10 [ 124.606788][ T6158] ? rcu_is_watching+0x12/0xc0 [ 124.606832][ T6158] __x64_sys_recvfrom+0xe0/0x1c0 [ 124.606867][ T6158] ? do_syscall_64+0x91/0x260 [ 124.606912][ T6158] ? lockdep_hardirqs_on+0x7c/0x110 [ 124.606954][ T6158] do_syscall_64+0xcd/0x260 [ 124.607003][ T6158] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.607037][ T6158] RIP: 0033:0x7fb04f78d169 [ 124.607074][ T6158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.607103][ T6158] RSP: 002b:00007fb04d5f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 124.607131][ T6158] RAX: ffffffffffffffda RBX: 00007fb04f9a6160 RCX: 00007fb04f78d169 [ 124.607151][ T6158] RDX: 000000800000000e RSI: 0000000000000000 RDI: 0000000000000003 [ 124.607168][ T6158] RBP: 00007fb04d5f6090 R08: 0000000000000000 R09: ffffffff81000000 [ 124.607186][ T6158] R10: 0000000000000a00 R11: 0000000000000246 R12: 0000000000000002 [ 124.607203][ T6158] R13: 0000000000000000 R14: 00007fb04f9a6160 R15: 00007ffd8fb54548 [ 124.607230][ T6158] ? 0xffffffff81000000 [ 124.607263][ T6158] [ 126.107567][ T6173] debugfs: Directory 'ttyS2' with parent 'caif_serial' already present! [ 126.243206][ T6181] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 129.126697][ T6244] debugfs: Directory 'ttyS2' with parent 'caif_serial' already present! [ 129.724300][ T6255] debugfs: Directory 'ttyS2' with parent 'caif_serial' already present! [ 129.964445][ T6250] netlink: 29 bytes leftover after parsing attributes in process `syz.2.72'. [ 132.868002][ T6320] debugfs: Directory 'ttyS2' with parent 'caif_serial' already present! [ 134.337858][ T30] audit: type=1800 audit(4294967309.350:4): pid=6345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.89" name=05 dev="tmpfs" ino=140 res=0 errno=0 [ 134.724439][ T6359] netlink: 28 bytes leftover after parsing attributes in process `syz.2.90'. [ 134.754472][ T6359] veth1_macvtap: left promiscuous mode [ 139.474596][ T6445] netlink: 4 bytes leftover after parsing attributes in process `syz.3.112'. [ 139.506142][ T6445] netlink: 354 bytes leftover after parsing attributes in process `syz.3.112'. [ 139.560767][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 139.570826][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 140.957497][ T6486] FAULT_INJECTION: forcing a failure. [ 140.957497][ T6486] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 141.021286][ T6486] CPU: 1 UID: 0 PID: 6486 Comm: syz.2.121 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 141.021331][ T6486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 141.021348][ T6486] Call Trace: [ 141.021359][ T6486] [ 141.021370][ T6486] dump_stack_lvl+0x16c/0x1f0 [ 141.021424][ T6486] should_fail_ex+0x512/0x640 [ 141.021463][ T6486] should_fail_alloc_page+0xe7/0x130 [ 141.021503][ T6486] prepare_alloc_pages+0x3c2/0x610 [ 141.021539][ T6486] ? rcu_is_watching+0x12/0xc0 [ 141.021578][ T6486] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 141.021625][ T6486] ? __kernel_text_address+0xd/0x40 [ 141.021657][ T6486] ? unwind_get_return_address+0x59/0xa0 [ 141.021692][ T6486] ? arch_stack_walk+0xa6/0x100 [ 141.021738][ T6486] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 141.021779][ T6486] ? stack_trace_save+0x8e/0xc0 [ 141.021815][ T6486] ? __pfx_stack_trace_save+0x10/0x10 [ 141.021862][ T6486] ? stack_depot_save_flags+0x28/0xa50 [ 141.021896][ T6486] ? find_held_lock+0x2b/0x80 [ 141.021941][ T6486] ? kasan_save_stack+0x42/0x60 [ 141.021986][ T6486] ? __lock_acquire+0xaa4/0x1ba0 [ 141.022008][ T6486] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 141.022039][ T6486] ? policy_nodemask+0xea/0x4e0 [ 141.022085][ T6486] alloc_pages_mpol+0x1fb/0x550 [ 141.022119][ T6486] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 141.022143][ T6486] ? __page_table_check_ptes_set+0x1ae/0x420 [ 141.022192][ T6486] ? find_held_lock+0x2b/0x80 [ 141.022236][ T6486] alloc_pages_noprof+0x131/0x390 [ 141.022262][ T6486] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 141.022301][ T6486] get_free_pages_noprof+0xc/0x40 [ 141.022327][ T6486] kasan_populate_vmalloc_pte+0x2d/0x160 [ 141.022366][ T6486] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 141.022403][ T6486] __apply_to_page_range+0x5f9/0xd30 [ 141.022441][ T6486] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 141.022492][ T6486] ? __pfx___apply_to_page_range+0x10/0x10 [ 141.022526][ T6486] ? alloc_vmap_area+0x872/0x2970 [ 141.022563][ T6486] alloc_vmap_area+0x919/0x2970 [ 141.022610][ T6486] ? __pfx_alloc_vmap_area+0x10/0x10 [ 141.022653][ T6486] __get_vm_area_node+0x1a7/0x300 [ 141.022693][ T6486] __vmalloc_node_range_noprof+0x277/0x1540 [ 141.022733][ T6486] ? __do_sys_listmount+0x1c2/0xed0 [ 141.022789][ T6486] ? __do_sys_listmount+0x1c2/0xed0 [ 141.022843][ T6486] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 141.022905][ T6486] __kvmalloc_node_noprof+0x2ff/0x600 [ 141.022952][ T6486] ? __do_sys_listmount+0x1c2/0xed0 [ 141.022997][ T6486] ? __do_sys_listmount+0x1c2/0xed0 [ 141.023047][ T6486] ? __do_sys_listmount+0x1c2/0xed0 [ 141.023089][ T6486] __do_sys_listmount+0x1c2/0xed0 [ 141.023139][ T6486] ? __x64_sys_futex+0x1e0/0x4c0 [ 141.023187][ T6486] ? __x64_sys_futex+0x1e9/0x4c0 [ 141.023234][ T6486] ? __pfx___do_sys_listmount+0x10/0x10 [ 141.023278][ T6486] ? xfd_validate_state+0x5d/0x180 [ 141.023331][ T6486] do_syscall_64+0xcd/0x260 [ 141.023382][ T6486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.023416][ T6486] RIP: 0033:0x7fb04f78d169 [ 141.023443][ T6486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.023486][ T6486] RSP: 002b:00007fb04d5f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 141.023518][ T6486] RAX: ffffffffffffffda RBX: 00007fb04f9a6160 RCX: 00007fb04f78d169 [ 141.023539][ T6486] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 141.023558][ T6486] RBP: 00007fb04f80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 141.023577][ T6486] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 141.023596][ T6486] R13: 0000000000000000 R14: 00007fb04f9a6160 R15: 00007ffd8fb54548 [ 141.023637][ T6486] [ 141.386267][ C1] vkms_vblank_simulate: vblank timer overrun [ 141.468244][ T6486] syz.2.121: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 141.468360][ T6486] CPU: 0 UID: 0 PID: 6486 Comm: syz.2.121 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 141.468402][ T6486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 141.468429][ T6486] Call Trace: [ 141.468440][ T6486] [ 141.468452][ T6486] dump_stack_lvl+0x16c/0x1f0 [ 141.468509][ T6486] warn_alloc+0x248/0x3a0 [ 141.468576][ T6486] ? __pfx_warn_alloc+0x10/0x10 [ 141.468630][ T6486] ? kfree+0x2b6/0x4d0 [ 141.468685][ T6486] ? __get_vm_area_node+0x1e5/0x300 [ 141.468737][ T6486] __vmalloc_node_range_noprof+0xd31/0x1540 [ 141.468797][ T6486] ? __do_sys_listmount+0x1c2/0xed0 [ 141.468851][ T6486] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 141.468911][ T6486] __kvmalloc_node_noprof+0x2ff/0x600 [ 141.468959][ T6486] ? __do_sys_listmount+0x1c2/0xed0 [ 141.469003][ T6486] ? __do_sys_listmount+0x1c2/0xed0 [ 141.469055][ T6486] ? __do_sys_listmount+0x1c2/0xed0 [ 141.469095][ T6486] __do_sys_listmount+0x1c2/0xed0 [ 141.469151][ T6486] ? __x64_sys_futex+0x1e0/0x4c0 [ 141.469196][ T6486] ? __x64_sys_futex+0x1e9/0x4c0 [ 141.469243][ T6486] ? __pfx___do_sys_listmount+0x10/0x10 [ 141.469287][ T6486] ? xfd_validate_state+0x5d/0x180 [ 141.469341][ T6486] do_syscall_64+0xcd/0x260 [ 141.469391][ T6486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.469430][ T6486] RIP: 0033:0x7fb04f78d169 [ 141.469456][ T6486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.469494][ T6486] RSP: 002b:00007fb04d5f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 141.469523][ T6486] RAX: ffffffffffffffda RBX: 00007fb04f9a6160 RCX: 00007fb04f78d169 [ 141.469549][ T6486] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 141.469569][ T6486] RBP: 00007fb04f80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 141.469588][ T6486] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 141.469605][ T6486] R13: 0000000000000000 R14: 00007fb04f9a6160 R15: 00007ffd8fb54548 [ 141.469646][ T6486] [ 141.479161][ T6486] Mem-Info: [ 141.479184][ T6486] active_anon:7818 inactive_anon:0 isolated_anon:0 [ 141.479184][ T6486] active_file:12156 inactive_file:38816 isolated_file:0 [ 141.479184][ T6486] unevictable:768 dirty:282 writeback:0 [ 141.479184][ T6486] slab_reclaimable:9771 slab_unreclaimable:94268 [ 141.479184][ T6486] mapped:24776 shmem:1510 pagetables:846 [ 141.479184][ T6486] sec_pagetables:0 bounce:0 [ 141.479184][ T6486] kernel_misc_reclaimable:0 [ 141.479184][ T6486] free:1344102 free_pcp:572 free_cma:0 [ 141.479268][ T6486] Node 0 active_anon:31272kB inactive_anon:0kB active_file:48624kB inactive_file:155192kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:99104kB dirty:1128kB writeback:0kB shmem:4504kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10876kB pagetables:3384kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 141.479354][ T6486] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 141.479443][ T6486] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 141.479530][ T6486] lowmem_reserve[]: 0 2482 2483 2483 2483 [ 141.479593][ T6486] Node 0 DMA32 free:1450692kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:31228kB inactive_anon:0kB active_file:48624kB inactive_file:153612kB unevictable:1536kB writepending:1128kB present:3129332kB managed:2541688kB mlocked:0kB bounce:0kB free_pcp:2292kB local_pcp:1244kB free_cma:0kB [ 141.479685][ T6486] lowmem_reserve[]: 0 0 1 1 1 [ 141.479745][ T6486] Node 0 Normal free:12kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1580kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 141.480224][ T6486] lowmem_reserve[]: 0 0 0 0 0 [ 141.480288][ T6486] Node 1 Normal free:3910344kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 141.480377][ T6486] lowmem_reserve[]: 0 0 0 0 0 [ 141.480445][ T6486] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 141.480652][ T6486] Node 0 DMA32: 1*4kB (M) 6*8kB (UME) 353*16kB (UM) 580*32kB (UME) 564*64kB (UME) 196*128kB (UME) 111*256kB (UME) 47*512kB (ME) 14*1024kB (UME) 2*2048kB (UE) 316*4096kB (ME) = 1450692kB [ 141.480929][ T6486] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 141.481116][ T6486] Node 1 Normal: 224*4kB (UE) 51*8kB (UME) 49*16kB (UME) 221*32kB (UME) 98*64kB (UME) 33*128kB (UME) 14*256kB (UME) 12*512kB (UME) 4*1024kB (UME) 3*2048kB (UE) 945*4096kB (M) = 3910344kB [ 141.482627][ T6486] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 141.482656][ T6486] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 141.485523][ T6486] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 141.485558][ T6486] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 141.485604][ T6486] 52482 total pagecache pages [ 141.485618][ T6486] 0 pages in swap cache [ 141.485630][ T6486] Free swap = 124996kB [ 141.485642][ T6486] Total swap = 124996kB [ 141.485657][ T6486] 2097051 pages RAM [ 141.485728][ T6486] 0 pages HighMem/MovableOnly [ 141.485741][ T6486] 429587 pages reserved [ 141.485754][ T6486] 0 pages cma reserved [ 142.387430][ T6508] debugfs: Directory 'ttyS2' with parent 'caif_serial' already present! [ 143.014182][ C1] vkms_vblank_simulate: vblank timer overrun [ 143.122424][ C1] vkms_vblank_simulate: vblank timer overrun [ 143.233422][ C1] vkms_vblank_simulate: vblank timer overrun [ 143.322856][ C1] vkms_vblank_simulate: vblank timer overrun [ 143.433384][ C1] vkms_vblank_simulate: vblank timer overrun [ 143.494507][ C1] vkms_vblank_simulate: vblank timer overrun [ 143.546664][ C1] vkms_vblank_simulate: vblank timer overrun [ 144.024758][ T6527] tty tty1: ldisc open failed (-12), clearing slot 0 [ 144.086717][ T6525] ttyS ttyS2: ldisc open failed (-12), clearing slot 2 [ 144.144059][ T6528] ttyS ttyS2: ldisc open failed (-12), clearing slot 2 [ 144.211866][ T6529] tty tty1: ldisc open failed (-12), clearing slot 0 [ 146.531514][ T6579] FAULT_INJECTION: forcing a failure. [ 146.531514][ T6579] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 146.584492][ T6579] CPU: 1 UID: 0 PID: 6579 Comm: syz.3.140 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 146.584563][ T6579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 146.584594][ T6579] Call Trace: [ 146.584611][ T6579] [ 146.584630][ T6579] dump_stack_lvl+0x16c/0x1f0 [ 146.584714][ T6579] should_fail_ex+0x512/0x640 [ 146.584760][ T6579] should_fail_alloc_page+0xe7/0x130 [ 146.584797][ T6579] prepare_alloc_pages+0x3c2/0x610 [ 146.584839][ T6579] ? rcu_is_watching+0x12/0xc0 [ 146.584885][ T6579] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 146.584938][ T6579] ? __kernel_text_address+0xd/0x40 [ 146.584975][ T6579] ? unwind_get_return_address+0x59/0xa0 [ 146.585018][ T6579] ? arch_stack_walk+0xa6/0x100 [ 146.585083][ T6579] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 146.585138][ T6579] ? stack_trace_save+0x8e/0xc0 [ 146.585184][ T6579] ? __pfx_stack_trace_save+0x10/0x10 [ 146.585227][ T6579] ? stack_depot_save_flags+0x28/0xa50 [ 146.585266][ T6579] ? find_held_lock+0x2b/0x80 [ 146.585314][ T6579] ? kasan_save_stack+0x42/0x60 [ 146.585367][ T6579] ? __lock_acquire+0xaa4/0x1ba0 [ 146.585393][ T6579] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 146.585429][ T6579] ? policy_nodemask+0xea/0x4e0 [ 146.585491][ T6579] alloc_pages_mpol+0x1fb/0x550 [ 146.585525][ T6579] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 146.585552][ T6579] ? __page_table_check_ptes_set+0x1ae/0x420 [ 146.585606][ T6579] ? find_held_lock+0x2b/0x80 [ 146.585668][ T6579] alloc_pages_noprof+0x131/0x390 [ 146.585700][ T6579] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 146.585750][ T6579] get_free_pages_noprof+0xc/0x40 [ 146.585785][ T6579] kasan_populate_vmalloc_pte+0x2d/0x160 [ 146.585832][ T6579] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 146.585879][ T6579] __apply_to_page_range+0x5f9/0xd30 [ 146.585924][ T6579] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 146.585977][ T6579] ? __pfx___apply_to_page_range+0x10/0x10 [ 146.586019][ T6579] ? alloc_vmap_area+0x872/0x2970 [ 146.586071][ T6579] alloc_vmap_area+0x919/0x2970 [ 146.586127][ T6579] ? __pfx_alloc_vmap_area+0x10/0x10 [ 146.586178][ T6579] __get_vm_area_node+0x1a7/0x300 [ 146.586228][ T6579] __vmalloc_node_range_noprof+0x277/0x1540 [ 146.586272][ T6579] ? __do_sys_listmount+0x1c2/0xed0 [ 146.586331][ T6579] ? __do_sys_listmount+0x1c2/0xed0 [ 146.586387][ T6579] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 146.586448][ T6579] __kvmalloc_node_noprof+0x2ff/0x600 [ 146.586497][ T6579] ? __do_sys_listmount+0x1c2/0xed0 [ 146.586542][ T6579] ? __do_sys_listmount+0x1c2/0xed0 [ 146.586592][ T6579] ? __do_sys_listmount+0x1c2/0xed0 [ 146.586633][ T6579] __do_sys_listmount+0x1c2/0xed0 [ 146.586684][ T6579] ? __x64_sys_futex+0x1e0/0x4c0 [ 146.586728][ T6579] ? __x64_sys_futex+0x1e9/0x4c0 [ 146.586782][ T6579] ? __pfx___do_sys_listmount+0x10/0x10 [ 146.586831][ T6579] ? xfd_validate_state+0x5d/0x180 [ 146.586886][ T6579] do_syscall_64+0xcd/0x260 [ 146.586940][ T6579] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.586975][ T6579] RIP: 0033:0x7f6e59f8d169 [ 146.587003][ T6579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.587034][ T6579] RSP: 002b:00007f6e5ad8d038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 146.587076][ T6579] RAX: ffffffffffffffda RBX: 00007f6e5a1a6160 RCX: 00007f6e59f8d169 [ 146.587107][ T6579] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 146.587128][ T6579] RBP: 00007f6e5a00e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 146.587149][ T6579] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 146.587169][ T6579] R13: 0000000000000000 R14: 00007f6e5a1a6160 R15: 00007ffda6b90698 [ 146.587211][ T6579] [ 146.955379][ C1] vkms_vblank_simulate: vblank timer overrun [ 151.499048][ T30] audit: type=1800 audit(4294967313.810:5): pid=6632 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.151" name="features" dev="configfs" ino=10785 res=0 errno=0 [ 154.361001][ T6703] netlink: 8 bytes leftover after parsing attributes in process `syz.2.161'. [ 157.941056][ T6780] netlink: 8 bytes leftover after parsing attributes in process `syz.3.181'. [ 158.059612][ T6773] zswap: compressor not available [ 159.666551][ C0] vcan0: j1939_tp_rxtimer: 0xffff88802a49a000: rx timeout, send abort [ 159.677027][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88802a49a000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 160.508301][ T6834] debugfs: Directory 'ttyS2' with parent 'caif_serial' already present! [ 161.433085][ T6860] netlink: 4 bytes leftover after parsing attributes in process `syz.1.199'. [ 161.453793][ T6860] FAULT_INJECTION: forcing a failure. [ 161.453793][ T6860] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 161.483084][ T6860] CPU: 0 UID: 0 PID: 6860 Comm: syz.1.199 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 161.483123][ T6860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 161.483140][ T6860] Call Trace: [ 161.483150][ T6860] [ 161.483161][ T6860] dump_stack_lvl+0x16c/0x1f0 [ 161.483212][ T6860] should_fail_ex+0x512/0x640 [ 161.483267][ T6860] _copy_from_iter+0x2a4/0x15b0 [ 161.483311][ T6860] ? __alloc_skb+0x200/0x380 [ 161.483350][ T6860] ? __pfx__copy_from_iter+0x10/0x10 [ 161.483392][ T6860] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 161.483436][ T6860] ? __lock_acquire+0xaa4/0x1ba0 [ 161.483482][ T6860] netlink_sendmsg+0x829/0xdd0 [ 161.483535][ T6860] ? __pfx_netlink_sendmsg+0x10/0x10 [ 161.483606][ T6860] ____sys_sendmsg+0xa95/0xc70 [ 161.483659][ T6860] ? copy_msghdr_from_user+0x10a/0x160 [ 161.483699][ T6860] ? __pfx_____sys_sendmsg+0x10/0x10 [ 161.483757][ T6860] ? __pfx__kstrtoull+0x10/0x10 [ 161.483813][ T6860] ___sys_sendmsg+0x134/0x1d0 [ 161.483857][ T6860] ? __pfx____sys_sendmsg+0x10/0x10 [ 161.483918][ T6860] ? find_held_lock+0x2b/0x80 [ 161.483987][ T6860] __sys_sendmmsg+0x200/0x420 [ 161.484034][ T6860] ? __pfx___sys_sendmmsg+0x10/0x10 [ 161.484088][ T6860] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 161.484151][ T6860] ? fput+0x70/0xf0 [ 161.484188][ T6860] ? ksys_write+0x1b9/0x240 [ 161.484235][ T6860] ? __pfx_ksys_write+0x10/0x10 [ 161.484276][ T6860] ? rcu_is_watching+0x12/0xc0 [ 161.484327][ T6860] __x64_sys_sendmmsg+0x9c/0x100 [ 161.484368][ T6860] ? lockdep_hardirqs_on+0x7c/0x110 [ 161.484412][ T6860] do_syscall_64+0xcd/0x260 [ 161.484461][ T6860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.484493][ T6860] RIP: 0033:0x7fe09d18d169 [ 161.484517][ T6860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.484544][ T6860] RSP: 002b:00007fe09df34038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 161.484580][ T6860] RAX: ffffffffffffffda RBX: 00007fe09d3a5fa0 RCX: 00007fe09d18d169 [ 161.484600][ T6860] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 161.484618][ T6860] RBP: 00007fe09df34090 R08: 0000000000000000 R09: 0000000000000000 [ 161.484636][ T6860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 161.484652][ T6860] R13: 0000000000000000 R14: 00007fe09d3a5fa0 R15: 00007ffef54cece8 [ 161.484691][ T6860] [ 164.471459][ T6905] debugfs: Directory 'ttyS2' with parent 'caif_serial' already present! [ 164.723022][ T6912] netlink: 4 bytes leftover after parsing attributes in process `syz.3.209'. [ 164.800120][ T6915] vcan0: tx drop: invalid da for name 0x00ee000000000000 [ 168.133325][ T6987] FAULT_INJECTION: forcing a failure. [ 168.133325][ T6987] name failslab, interval 1, probability 0, space 0, times 0 [ 168.162947][ T6987] CPU: 1 UID: 0 PID: 6987 Comm: syz.0.238 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 168.163005][ T6987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 168.163023][ T6987] Call Trace: [ 168.163033][ T6987] [ 168.163047][ T6987] dump_stack_lvl+0x16c/0x1f0 [ 168.163104][ T6987] should_fail_ex+0x512/0x640 [ 168.163153][ T6987] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 168.163211][ T6987] should_failslab+0xc2/0x120 [ 168.163248][ T6987] __kmalloc_cache_noprof+0x6a/0x3e0 [ 168.163295][ T6987] ? ptp_open+0xe3/0x520 [ 168.163352][ T6987] ptp_open+0xe3/0x520 [ 168.163396][ T6987] ? __pfx_ptp_open+0x10/0x10 [ 168.163445][ T6987] ? __pfx_ptp_open+0x10/0x10 [ 168.163482][ T6987] posix_clock_open+0x178/0x290 [ 168.163537][ T6987] ? __pfx_posix_clock_open+0x10/0x10 [ 168.163579][ T6987] chrdev_open+0x231/0x6a0 [ 168.163634][ T6987] ? __pfx_chrdev_open+0x10/0x10 [ 168.163685][ T6987] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 168.163748][ T6987] do_dentry_open+0x741/0x1c10 [ 168.163799][ T6987] ? __pfx_chrdev_open+0x10/0x10 [ 168.163855][ T6987] vfs_open+0x82/0x3f0 [ 168.163892][ T6987] path_openat+0x1e5e/0x2d40 [ 168.163961][ T6987] ? __pfx_path_openat+0x10/0x10 [ 168.164019][ T6987] do_filp_open+0x20b/0x470 [ 168.164068][ T6987] ? __pfx_do_filp_open+0x10/0x10 [ 168.164148][ T6987] ? alloc_fd+0x471/0x7d0 [ 168.164214][ T6987] do_sys_openat2+0x11b/0x1d0 [ 168.164246][ T6987] ? __pfx_do_sys_openat2+0x10/0x10 [ 168.164298][ T6987] __x64_sys_openat+0x174/0x210 [ 168.164342][ T6987] ? __pfx___x64_sys_openat+0x10/0x10 [ 168.164380][ T6987] ? rcu_is_watching+0x12/0xc0 [ 168.164434][ T6987] do_syscall_64+0xcd/0x260 [ 168.164485][ T6987] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.164515][ T6987] RIP: 0033:0x7fdcfe78d169 [ 168.164542][ T6987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 168.164572][ T6987] RSP: 002b:00007fdcff52d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 168.164603][ T6987] RAX: ffffffffffffffda RBX: 00007fdcfe9a6160 RCX: 00007fdcfe78d169 [ 168.164624][ T6987] RDX: 0000000000000440 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 168.164643][ T6987] RBP: 00007fdcfe80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 168.164661][ T6987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 168.164678][ T6987] R13: 0000000000000000 R14: 00007fdcfe9a6160 R15: 00007ffce5555e88 [ 168.164717][ T6987] [ 173.293795][ T7085] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 173.656240][ T7092] netlink: 36 bytes leftover after parsing attributes in process `syz.3.266'. [ 173.836922][ T7100] FAULT_INJECTION: forcing a failure. [ 173.836922][ T7100] name failslab, interval 1, probability 0, space 0, times 0 [ 173.860904][ T7100] CPU: 0 UID: 0 PID: 7100 Comm: syz.3.268 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 173.860945][ T7100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 173.860963][ T7100] Call Trace: [ 173.860985][ T7100] [ 173.860996][ T7100] dump_stack_lvl+0x16c/0x1f0 [ 173.861050][ T7100] should_fail_ex+0x512/0x640 [ 173.861093][ T7100] should_failslab+0xc2/0x120 [ 173.861124][ T7100] __kmalloc_cache_noprof+0x6a/0x3e0 [ 173.861168][ T7100] ? __sctp_v6_cmp_addr+0x206/0x530 [ 173.861217][ T7100] ? sctp_add_bind_addr+0xae/0x3f0 [ 173.861263][ T7100] sctp_add_bind_addr+0xae/0x3f0 [ 173.861308][ T7100] sctp_copy_local_addr_list+0x39d/0x5a0 [ 173.861362][ T7100] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 173.861414][ T7100] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 173.861465][ T7100] ? sctp_bind_addr_copy+0xe0/0x530 [ 173.861501][ T7100] sctp_bind_addr_copy+0xe0/0x530 [ 173.861548][ T7100] sctp_connect_new_asoc+0x1d7/0x790 [ 173.861581][ T7100] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 173.861630][ T7100] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 173.861681][ T7100] sctp_sendmsg+0x15f9/0x1ee0 [ 173.861723][ T7100] ? __pfx_sctp_sendmsg+0x10/0x10 [ 173.861771][ T7100] ? __might_fault+0xe3/0x190 [ 173.861824][ T7100] ? __pfx_aa_sk_perm+0x10/0x10 [ 173.861863][ T7100] ? __pfx_sctp_sendmsg+0x10/0x10 [ 173.861895][ T7100] inet_sendmsg+0x119/0x140 [ 173.861925][ T7100] __sys_sendto+0x431/0x510 [ 173.861960][ T7100] ? __pfx___sys_sendto+0x10/0x10 [ 173.862026][ T7100] ? ksys_write+0x1b9/0x240 [ 173.862066][ T7100] ? __pfx_ksys_write+0x10/0x10 [ 173.862101][ T7100] ? rcu_is_watching+0x12/0xc0 [ 173.862142][ T7100] __x64_sys_sendto+0xe0/0x1c0 [ 173.862172][ T7100] ? do_syscall_64+0x91/0x260 [ 173.862212][ T7100] ? lockdep_hardirqs_on+0x7c/0x110 [ 173.862256][ T7100] do_syscall_64+0xcd/0x260 [ 173.862297][ T7100] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.862326][ T7100] RIP: 0033:0x7f6e59f8d169 [ 173.862350][ T7100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.862376][ T7100] RSP: 002b:00007f6e5adcf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 173.862402][ T7100] RAX: ffffffffffffffda RBX: 00007f6e5a1a5fa0 RCX: 00007f6e59f8d169 [ 173.862420][ T7100] RDX: 0000000000000401 RSI: 0000000000000000 RDI: 0000000000000003 [ 173.862435][ T7100] RBP: 00007f6e5adcf090 R08: 0000200000000000 R09: 000000000000001c [ 173.862453][ T7100] R10: 0000000000000101 R11: 0000000000000246 R12: 0000000000000002 [ 173.862468][ T7100] R13: 0000000000000000 R14: 00007f6e5a1a5fa0 R15: 00007ffda6b90698 [ 173.862506][ T7100] [ 174.121594][ C0] vkms_vblank_simulate: vblank timer overrun [ 175.557260][ T7124] netlink: 28 bytes leftover after parsing attributes in process `syz.3.275'. [ 175.585040][ T7128] netlink: 28 bytes leftover after parsing attributes in process `syz.3.275'. [ 176.153834][ T7133] process 'syz.3.275' launched './file0' with NULL argv: empty string added [ 182.530116][ T7230] mmap: syz.0.298 (7230) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 184.679471][ T7273] FAULT_INJECTION: forcing a failure. [ 184.679471][ T7273] name failslab, interval 1, probability 0, space 0, times 0 [ 184.732270][ T7273] CPU: 0 UID: 0 PID: 7273 Comm: syz.1.312 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 184.732313][ T7273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 184.732330][ T7273] Call Trace: [ 184.732341][ T7273] [ 184.732352][ T7273] dump_stack_lvl+0x16c/0x1f0 [ 184.732405][ T7273] should_fail_ex+0x512/0x640 [ 184.732442][ T7273] ? fs_reclaim_acquire+0xae/0x150 [ 184.732498][ T7273] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 184.732542][ T7273] should_failslab+0xc2/0x120 [ 184.732571][ T7273] __kmalloc_noprof+0xd2/0x510 [ 184.732627][ T7273] tomoyo_realpath_from_path+0xc2/0x6e0 [ 184.732680][ T7273] ? tomoyo_profile+0x47/0x60 [ 184.732729][ T7273] tomoyo_path_number_perm+0x245/0x580 [ 184.732761][ T7273] ? tomoyo_path_number_perm+0x237/0x580 [ 184.732799][ T7273] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 184.732837][ T7273] ? find_held_lock+0x2b/0x80 [ 184.732913][ T7273] ? find_held_lock+0x2b/0x80 [ 184.732951][ T7273] ? hook_file_ioctl_common+0x145/0x410 [ 184.732994][ T7273] ? __fget_files+0x20e/0x3c0 [ 184.733058][ T7273] security_file_ioctl+0x9b/0x240 [ 184.733099][ T7273] __x64_sys_ioctl+0xb7/0x200 [ 184.733140][ T7273] do_syscall_64+0xcd/0x260 [ 184.733189][ T7273] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.733220][ T7273] RIP: 0033:0x7fe09d18d169 [ 184.733244][ T7273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 184.733272][ T7273] RSP: 002b:00007fe09df34038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 184.733301][ T7273] RAX: ffffffffffffffda RBX: 00007fe09d3a5fa0 RCX: 00007fe09d18d169 [ 184.733320][ T7273] RDX: 0000000000000000 RSI: 0000000080044704 RDI: 0000000000000012 [ 184.733337][ T7273] RBP: 00007fe09df34090 R08: 0000000000000000 R09: 0000000000000000 [ 184.733353][ T7273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 184.733369][ T7273] R13: 0000000000000000 R14: 00007fe09d3a5fa0 R15: 00007ffef54cece8 [ 184.733408][ T7273] [ 184.932926][ C0] vkms_vblank_simulate: vblank timer overrun [ 185.072772][ T7273] ERROR: Out of memory at tomoyo_realpath_from_path. [ 186.074087][ T7314] netlink: 146 bytes leftover after parsing attributes in process `syz.1.316'. [ 186.627069][ T7329] FAULT_INJECTION: forcing a failure. [ 186.627069][ T7329] name failslab, interval 1, probability 0, space 0, times 0 [ 186.640782][ T7329] CPU: 0 UID: 0 PID: 7329 Comm: syz.1.319 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 186.640822][ T7329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 186.640841][ T7329] Call Trace: [ 186.640851][ T7329] [ 186.640862][ T7329] dump_stack_lvl+0x16c/0x1f0 [ 186.640930][ T7329] should_fail_ex+0x512/0x640 [ 186.640967][ T7329] ? fs_reclaim_acquire+0xae/0x150 [ 186.641003][ T7329] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 186.641051][ T7329] should_failslab+0xc2/0x120 [ 186.641081][ T7329] __kmalloc_noprof+0xd2/0x510 [ 186.641133][ T7329] tomoyo_realpath_from_path+0xc2/0x6e0 [ 186.641179][ T7329] ? tomoyo_profile+0x47/0x60 [ 186.641231][ T7329] tomoyo_path_number_perm+0x245/0x580 [ 186.641266][ T7329] ? tomoyo_path_number_perm+0x237/0x580 [ 186.641306][ T7329] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 186.641344][ T7329] ? find_held_lock+0x2b/0x80 [ 186.641420][ T7329] ? find_held_lock+0x2b/0x80 [ 186.641458][ T7329] ? hook_file_ioctl_common+0x145/0x410 [ 186.641499][ T7329] ? __fget_files+0x20e/0x3c0 [ 186.641551][ T7329] security_file_ioctl+0x9b/0x240 [ 186.641600][ T7329] __x64_sys_ioctl+0xb7/0x200 [ 186.641642][ T7329] do_syscall_64+0xcd/0x260 [ 186.641692][ T7329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.641723][ T7329] RIP: 0033:0x7fe09d18d169 [ 186.641748][ T7329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.641775][ T7329] RSP: 002b:00007fe09df34038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 186.641802][ T7329] RAX: ffffffffffffffda RBX: 00007fe09d3a5fa0 RCX: 00007fe09d18d169 [ 186.641821][ T7329] RDX: 0000000000000004 RSI: 0000000080106f53 RDI: 0000000000000003 [ 186.641839][ T7329] RBP: 00007fe09df34090 R08: 0000000000000000 R09: 0000000000000000 [ 186.641856][ T7329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 186.641873][ T7329] R13: 0000000000000000 R14: 00007fe09d3a5fa0 R15: 00007ffef54cece8 [ 186.641912][ T7329] [ 186.641923][ T7329] ERROR: Out of memory at tomoyo_realpath_from_path. [ 188.607454][ T7371] FAULT_INJECTION: forcing a failure. [ 188.607454][ T7371] name fail_futex, interval 1, probability 0, space 0, times 1 [ 188.620907][ T7371] CPU: 0 UID: 0 PID: 7371 Comm: syz.1.327 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 188.620954][ T7371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 188.620976][ T7371] Call Trace: [ 188.620986][ T7371] [ 188.620999][ T7371] dump_stack_lvl+0x16c/0x1f0 [ 188.621057][ T7371] should_fail_ex+0x512/0x640 [ 188.621102][ T7371] get_futex_key+0x49e/0x1000 [ 188.621172][ T7371] ? __pfx_get_futex_key+0x10/0x10 [ 188.621217][ T7371] ? kfree+0x252/0x4d0 [ 188.621270][ T7371] futex_wake+0xe7/0x4e0 [ 188.621311][ T7371] ? __pfx_futex_wake+0x10/0x10 [ 188.621341][ T7371] ? __pfx_vfs_writev+0x10/0x10 [ 188.621392][ T7371] ? do_writev+0x218/0x330 [ 188.621442][ T7371] do_futex+0x1e3/0x350 [ 188.621497][ T7371] ? __pfx_do_futex+0x10/0x10 [ 188.621543][ T7371] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 188.621607][ T7371] __x64_sys_futex+0x1e0/0x4c0 [ 188.621653][ T7371] ? fput+0x70/0xf0 [ 188.621684][ T7371] ? __pfx___x64_sys_futex+0x10/0x10 [ 188.621732][ T7371] ? __pfx_do_writev+0x10/0x10 [ 188.621776][ T7371] ? rcu_is_watching+0x12/0xc0 [ 188.621826][ T7371] do_syscall_64+0xcd/0x260 [ 188.621876][ T7371] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.621910][ T7371] RIP: 0033:0x7fe09d18d169 [ 188.621936][ T7371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 188.621967][ T7371] RSP: 002b:00007fe09df340e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 188.621999][ T7371] RAX: ffffffffffffffda RBX: 00007fe09d3a5fa8 RCX: 00007fe09d18d169 [ 188.622020][ T7371] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe09d3a5fac [ 188.622039][ T7371] RBP: 00007fe09d3a5fa0 R08: 00007fe09df35000 R09: 0000000000000000 [ 188.622058][ T7371] R10: 0000000000000007 R11: 0000000000000246 R12: 00007fe09d3a5fac [ 188.622077][ T7371] R13: 0000000000000000 R14: 00007ffef54cec00 R15: 00007ffef54cece8 [ 188.622116][ T7371] [ 191.069949][ T7408] FAULT_INJECTION: forcing a failure. [ 191.069949][ T7408] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 191.112857][ T7408] CPU: 0 UID: 0 PID: 7408 Comm: syz.3.337 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 191.112902][ T7408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 191.112920][ T7408] Call Trace: [ 191.112930][ T7408] [ 191.112942][ T7408] dump_stack_lvl+0x16c/0x1f0 [ 191.112993][ T7408] should_fail_ex+0x512/0x640 [ 191.113035][ T7408] should_fail_alloc_page+0xe7/0x130 [ 191.113069][ T7408] prepare_alloc_pages+0x3c2/0x610 [ 191.113123][ T7408] ? rcu_is_watching+0x12/0xc0 [ 191.113168][ T7408] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 191.113255][ T7408] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 191.113302][ T7408] ? do_raw_spin_lock+0x12c/0x2b0 [ 191.113338][ T7408] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 191.113371][ T7408] ? cgroup_rstat_updated+0x2a/0xb20 [ 191.113416][ T7408] ? find_held_lock+0x2b/0x80 [ 191.113469][ T7408] ? __lock_acquire+0xaa4/0x1ba0 [ 191.113496][ T7408] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 191.113537][ T7408] ? policy_nodemask+0xea/0x4e0 [ 191.113600][ T7408] alloc_pages_mpol+0x1fb/0x550 [ 191.113632][ T7408] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 191.113674][ T7408] folio_alloc_mpol_noprof+0x36/0x2f0 [ 191.113711][ T7408] shmem_alloc_folio+0x135/0x160 [ 191.113764][ T7408] shmem_alloc_and_add_folio+0x499/0xc20 [ 191.113821][ T7408] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 191.113876][ T7408] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 191.113935][ T7408] shmem_get_folio_gfp+0x687/0x1530 [ 191.113993][ T7408] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 191.114044][ T7408] ? filemap_map_pages+0xf6c/0x1680 [ 191.114084][ T7408] shmem_fault+0x1fe/0xa30 [ 191.114137][ T7408] ? __pfx_shmem_fault+0x10/0x10 [ 191.114195][ T7408] ? __pfx_filemap_map_pages+0x10/0x10 [ 191.114239][ T7408] __do_fault+0x10a/0x490 [ 191.114278][ T7408] do_pte_missing+0x1031/0x3fb0 [ 191.114327][ T7408] ? __handle_mm_fault+0x1010/0x2a40 [ 191.114383][ T7408] __handle_mm_fault+0x103d/0x2a40 [ 191.114440][ T7408] ? __pfx___handle_mm_fault+0x10/0x10 [ 191.114510][ T7408] ? find_vma+0xbf/0x140 [ 191.114547][ T7408] ? __pfx_find_vma+0x10/0x10 [ 191.114585][ T7408] handle_mm_fault+0x3fe/0xad0 [ 191.114637][ T7408] do_user_addr_fault+0x7a6/0x1370 [ 191.114686][ T7408] ? rcu_is_watching+0x12/0xc0 [ 191.114728][ T7408] exc_page_fault+0x5c/0xc0 [ 191.114772][ T7408] asm_exc_page_fault+0x26/0x30 [ 191.114802][ T7408] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 191.114838][ T7408] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 191.114867][ T7408] RSP: 0018:ffffc90005007ac0 EFLAGS: 00050202 [ 191.114891][ T7408] RAX: 0000000000000001 RBX: 00000000000006f9 RCX: 00000000000000cf [ 191.114909][ T7408] RDX: ffffed100c1970e3 RSI: 0000000000003000 RDI: ffff888060cb8642 [ 191.114927][ T7408] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100c1970e2 [ 191.114944][ T7408] R10: ffff888060cb8710 R11: 0000000000000000 R12: 00000000000029d6 [ 191.114961][ T7408] R13: ffffc90005007d80 R14: 00000000000030cf R15: ffff888060cb8018 [ 191.115001][ T7408] _copy_from_iter+0x391/0x15b0 [ 191.115051][ T7408] ? __pfx__copy_from_iter+0x10/0x10 [ 191.115100][ T7408] ? mark_held_locks+0x49/0x80 [ 191.115149][ T7408] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 191.115196][ T7408] j1939_sk_sendmsg+0x7f2/0x13d0 [ 191.115254][ T7408] ? __might_fault+0x51/0x190 [ 191.115309][ T7408] ? __pfx_j1939_sk_sendmsg+0x10/0x10 [ 191.115361][ T7408] __sys_sendto+0x495/0x510 [ 191.115402][ T7408] ? __pfx___sys_sendto+0x10/0x10 [ 191.115475][ T7408] ? ksys_write+0x1b9/0x240 [ 191.115519][ T7408] ? __pfx_ksys_write+0x10/0x10 [ 191.115558][ T7408] ? rcu_is_watching+0x12/0xc0 [ 191.115602][ T7408] __x64_sys_sendto+0xe0/0x1c0 [ 191.115638][ T7408] ? do_syscall_64+0x91/0x260 [ 191.115681][ T7408] ? lockdep_hardirqs_on+0x7c/0x110 [ 191.115723][ T7408] do_syscall_64+0xcd/0x260 [ 191.115770][ T7408] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.115800][ T7408] RIP: 0033:0x7f6e59f8d169 [ 191.115825][ T7408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 191.115853][ T7408] RSP: 002b:00007f6e5adcf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 191.115880][ T7408] RAX: ffffffffffffffda RBX: 00007f6e5a1a5fa0 RCX: 00007f6e59f8d169 [ 191.115899][ T7408] RDX: 0000000006fffff9 RSI: 0000000000000000 RDI: 0000000000000003 [ 191.115916][ T7408] RBP: 00007f6e5adcf090 R08: 0000200000000440 R09: 0000000000000036 [ 191.115934][ T7408] R10: 00000000fffffff8 R11: 0000000000000246 R12: 0000000000000002 [ 191.115950][ T7408] R13: 0000000000000000 R14: 00007f6e5a1a5fa0 R15: 00007ffda6b90698 [ 191.115989][ T7408] [ 192.319063][ C1] vcan0: j1939_tp_rxtimer: 0xffff88806379dc00: rx timeout, send abort [ 192.328447][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88806379dc00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 192.738569][ T7439] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 193.227422][ T7452] netlink: 4 bytes leftover after parsing attributes in process `syz.3.344'. [ 193.240001][ T7452] FAULT_INJECTION: forcing a failure. [ 193.240001][ T7452] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 193.253795][ T7452] CPU: 1 UID: 0 PID: 7452 Comm: syz.3.344 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 193.253834][ T7452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 193.253852][ T7452] Call Trace: [ 193.253862][ T7452] [ 193.253872][ T7452] dump_stack_lvl+0x16c/0x1f0 [ 193.253921][ T7452] should_fail_ex+0x512/0x640 [ 193.253961][ T7452] _copy_from_user+0x2e/0xd0 [ 193.253998][ T7452] copy_msghdr_from_user+0x98/0x160 [ 193.254038][ T7452] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 193.254083][ T7452] ? kfree+0x252/0x4d0 [ 193.254118][ T7452] ? __pfx__kstrtoull+0x10/0x10 [ 193.254169][ T7452] ___sys_sendmsg+0xfe/0x1d0 [ 193.254207][ T7452] ? __pfx____sys_sendmsg+0x10/0x10 [ 193.254277][ T7452] ? __pfx___might_resched+0x10/0x10 [ 193.254350][ T7452] __sys_sendmmsg+0x200/0x420 [ 193.254393][ T7452] ? __pfx___sys_sendmmsg+0x10/0x10 [ 193.254444][ T7452] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 193.254500][ T7452] ? fput+0x70/0xf0 [ 193.254528][ T7452] ? ksys_write+0x1b9/0x240 [ 193.254569][ T7452] ? __pfx_ksys_write+0x10/0x10 [ 193.254608][ T7452] ? rcu_is_watching+0x12/0xc0 [ 193.254653][ T7452] __x64_sys_sendmmsg+0x9c/0x100 [ 193.254694][ T7452] ? lockdep_hardirqs_on+0x7c/0x110 [ 193.254735][ T7452] do_syscall_64+0xcd/0x260 [ 193.254780][ T7452] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.254810][ T7452] RIP: 0033:0x7f6e59f8d169 [ 193.254835][ T7452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 193.254862][ T7452] RSP: 002b:00007f6e5adcf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 193.254890][ T7452] RAX: ffffffffffffffda RBX: 00007f6e5a1a5fa0 RCX: 00007f6e59f8d169 [ 193.254908][ T7452] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 193.254925][ T7452] RBP: 00007f6e5adcf090 R08: 0000000000000000 R09: 0000000000000000 [ 193.254943][ T7452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 193.254960][ T7452] R13: 0000000000000000 R14: 00007f6e5a1a5fa0 R15: 00007ffda6b90698 [ 193.254999][ T7452] [ 195.172062][ T7490] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 195.180333][ T7495] vcan0: tx drop: invalid da for name 0x3f00000000000000 [ 195.191594][ T7490] vhci_hcd: default hub control req: feff vffff i0000 l0 [ 195.559152][ T7503] netlink: 4 bytes leftover after parsing attributes in process `syz.3.359'. [ 196.261005][ T7517] netlink: 4 bytes leftover after parsing attributes in process `syz.1.363'. [ 196.438462][ T7517] openvswitch: netlink: Flow key attr not present in new flow. [ 198.438668][ T7573] sctp: [Deprecated]: syz.1.370 (pid 7573) Use of int in maxseg socket option. [ 198.438668][ T7573] Use struct sctp_assoc_value instead [ 199.207545][ T7591] netlink: 'syz.3.377': attribute type 1 has an invalid length. [ 200.861778][ T7615] can0: slcan on ttyS2. [ 200.998080][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 200.998184][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 201.020848][ T7614] can0 (unregistered): slcan off ttyS2. [ 201.693813][ T7633] netlink: 'syz.1.388': attribute type 64 has an invalid length. [ 201.701646][ T7633] netlink: 74 bytes leftover after parsing attributes in process `syz.1.388'. [ 202.865013][ T7647] can0: slcan on ttyS2. [ 203.125214][ T7646] can0 (unregistered): slcan off ttyS2. [ 205.168664][ T7692] debugfs: Directory 'ttyS2' with parent 'caif_serial' already present! [ 206.024063][ T7715] FAULT_INJECTION: forcing a failure. [ 206.024063][ T7715] name failslab, interval 1, probability 0, space 0, times 0 [ 206.086982][ T7715] CPU: 0 UID: 0 PID: 7715 Comm: syz.0.407 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 206.087022][ T7715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 206.087039][ T7715] Call Trace: [ 206.087049][ T7715] [ 206.087060][ T7715] dump_stack_lvl+0x16c/0x1f0 [ 206.087121][ T7715] should_fail_ex+0x512/0x640 [ 206.087165][ T7715] should_failslab+0xc2/0x120 [ 206.087196][ T7715] __kmalloc_cache_noprof+0x6a/0x3e0 [ 206.087241][ T7715] ? sctp_add_bind_addr+0xae/0x3f0 [ 206.087288][ T7715] sctp_add_bind_addr+0xae/0x3f0 [ 206.087347][ T7715] sctp_copy_local_addr_list+0x39d/0x5a0 [ 206.087405][ T7715] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 206.087459][ T7715] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 206.087524][ T7715] ? sctp_bind_addr_copy+0xe0/0x530 [ 206.087564][ T7715] sctp_bind_addr_copy+0xe0/0x530 [ 206.087616][ T7715] sctp_connect_new_asoc+0x1d7/0x790 [ 206.087656][ T7715] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 206.087702][ T7715] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 206.087748][ T7715] sctp_sendmsg+0x15f9/0x1ee0 [ 206.087795][ T7715] ? __pfx_sctp_sendmsg+0x10/0x10 [ 206.087850][ T7715] ? __might_fault+0xe3/0x190 [ 206.087900][ T7715] ? __pfx_aa_sk_perm+0x10/0x10 [ 206.087950][ T7715] ? __pfx_sctp_sendmsg+0x10/0x10 [ 206.087985][ T7715] inet_sendmsg+0x119/0x140 [ 206.088018][ T7715] __sys_sendto+0x431/0x510 [ 206.088056][ T7715] ? __pfx___sys_sendto+0x10/0x10 [ 206.088134][ T7715] ? ksys_write+0x1b9/0x240 [ 206.088178][ T7715] ? __pfx_ksys_write+0x10/0x10 [ 206.088218][ T7715] ? rcu_is_watching+0x12/0xc0 [ 206.088264][ T7715] __x64_sys_sendto+0xe0/0x1c0 [ 206.088300][ T7715] ? do_syscall_64+0x91/0x260 [ 206.088343][ T7715] ? lockdep_hardirqs_on+0x7c/0x110 [ 206.088386][ T7715] do_syscall_64+0xcd/0x260 [ 206.088434][ T7715] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.088466][ T7715] RIP: 0033:0x7fdcfe78d169 [ 206.088490][ T7715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 206.088519][ T7715] RSP: 002b:00007fdcff56f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 206.088547][ T7715] RAX: ffffffffffffffda RBX: 00007fdcfe9a5fa0 RCX: 00007fdcfe78d169 [ 206.088573][ T7715] RDX: 0000000000000401 RSI: 0000000000000000 RDI: 0000000000000003 [ 206.088591][ T7715] RBP: 00007fdcff56f090 R08: 0000200000000000 R09: 000000000000001c [ 206.088609][ T7715] R10: 0000000000000101 R11: 0000000000000246 R12: 0000000000000002 [ 206.088627][ T7715] R13: 0000000000000000 R14: 00007fdcfe9a5fa0 R15: 00007ffce5555e88 [ 206.088666][ T7715] [ 206.346858][ C0] vkms_vblank_simulate: vblank timer overrun [ 206.751529][ T7719] can0: slcan on ttyS2. [ 206.791013][ T7713] input: isc as /devices/virtual/input/input6 [ 206.801034][ T7713] FAULT_INJECTION: forcing a failure. [ 206.801034][ T7713] name failslab, interval 1, probability 0, space 0, times 0 [ 206.880499][ T7713] CPU: 1 UID: 0 PID: 7713 Comm: syz.1.406 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 206.880545][ T7713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 206.880566][ T7713] Call Trace: [ 206.880576][ T7713] [ 206.880588][ T7713] dump_stack_lvl+0x16c/0x1f0 [ 206.880642][ T7713] should_fail_ex+0x512/0x640 [ 206.880681][ T7713] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 206.880733][ T7713] should_failslab+0xc2/0x120 [ 206.880762][ T7713] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 206.880812][ T7713] ? __kernfs_new_node+0xd2/0x8a0 [ 206.880891][ T7713] __kernfs_new_node+0xd2/0x8a0 [ 206.880940][ T7713] ? __pfx___kernfs_new_node+0x10/0x10 [ 206.881000][ T7713] ? find_held_lock+0x2b/0x80 [ 206.881048][ T7713] ? kernfs_root+0xee/0x2a0 [ 206.881103][ T7713] kernfs_new_node+0x13c/0x1e0 [ 206.881140][ T7713] kernfs_create_link+0xcc/0x240 [ 206.881189][ T7713] sysfs_do_create_link_sd+0x90/0x140 [ 206.881243][ T7713] sysfs_create_link+0x61/0xc0 [ 206.881293][ T7713] device_add+0x62c/0x1a70 [ 206.881334][ T7713] ? __pfx_device_add+0x10/0x10 [ 206.881367][ T7713] ? __pfx_exact_lock+0x10/0x10 [ 206.881422][ T7713] ? kobject_get+0xbb/0x150 [ 206.881475][ T7713] cdev_device_add+0xc2/0x1e0 [ 206.881520][ T7713] evdev_connect+0x3a4/0x4c0 [ 206.881577][ T7713] input_attach_handler.isra.0+0x181/0x260 [ 206.881629][ T7713] input_register_device+0xa84/0x1130 [ 206.881679][ T7713] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 206.881726][ T7713] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 206.881772][ T7713] ? find_held_lock+0x2b/0x80 [ 206.881836][ T7713] ? __pfx_uinput_ioctl+0x10/0x10 [ 206.881873][ T7713] __x64_sys_ioctl+0x190/0x200 [ 206.881917][ T7713] do_syscall_64+0xcd/0x260 [ 206.881968][ T7713] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.882002][ T7713] RIP: 0033:0x7fe09d18d169 [ 206.882041][ T7713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 206.882073][ T7713] RSP: 002b:00007fe09df34038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 206.882102][ T7713] RAX: ffffffffffffffda RBX: 00007fe09d3a5fa0 RCX: 00007fe09d18d169 [ 206.882123][ T7713] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 000000000000000b [ 206.882154][ T7713] RBP: 00007fe09d20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 206.882173][ T7713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 206.882192][ T7713] R13: 0000000000000000 R14: 00007fe09d3a5fa0 R15: 00007ffef54cece8 [ 206.882227][ T7713] [ 207.460012][ T7713] input: failed to attach handler evdev to device input6, error: -12 [ 207.538310][ T7711] can0 (unregistered): slcan off ttyS2. [ 207.612393][ T7730] netlink: 342 bytes leftover after parsing attributes in process `syz.0.409'. [ 207.653696][ T7732] netlink: 342 bytes leftover after parsing attributes in process `syz.0.409'. [ 209.272309][ T7759] netlink: 8 bytes leftover after parsing attributes in process `syz.1.416'. [ 211.267178][ T7782] netlink: 342 bytes leftover after parsing attributes in process `syz.2.422'. [ 213.704823][ T7839] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 215.477464][ T7878] [U]  [ 215.480585][ T7878] [U] [ 215.483356][ T7878] [U] [ 215.486143][ T7878] [U] [ 215.510301][ T7878] [U] [ 215.513124][ T7878] [U] [ 215.515889][ T7878] [U] [ 215.518674][ T7878] [U] [ 215.535029][ T7878] [U] [ 215.537863][ T7878] [U] [ 215.540655][ T7878] [U] [ 215.543421][ T7878] [U] [ 215.561445][ T7880] [U] [ 228.673016][ T5855] Bluetooth: hci0: command 0x0406 tx timeout [ 228.679214][ T5152] Bluetooth: hci3: command 0x0406 tx timeout [ 228.687631][ T5855] Bluetooth: hci1: command 0x0406 tx timeout [ 228.694266][ T5152] Bluetooth: hci2: command 0x0406 tx timeout [ 247.661643][ T5841] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 247.680285][ T5841] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 247.691260][ T5841] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 247.701596][ T5841] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 247.717712][ T5841] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 248.209688][T10083] chnl_net:caif_netlink_parms(): no params data found [ 248.533094][T10083] bridge0: port 1(bridge_slave_0) entered blocking state [ 248.549684][T10083] bridge0: port 1(bridge_slave_0) entered disabled state [ 248.558326][T10083] bridge_slave_0: entered allmulticast mode [ 248.591508][T10083] bridge_slave_0: entered promiscuous mode [ 248.619908][T10083] bridge0: port 2(bridge_slave_1) entered blocking state [ 248.640682][T10083] bridge0: port 2(bridge_slave_1) entered disabled state [ 248.657728][T10083] bridge_slave_1: entered allmulticast mode [ 248.689201][T10083] bridge_slave_1: entered promiscuous mode [ 248.835097][T10083] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 248.870197][T10083] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 248.978458][T10083] team0: Port device team_slave_0 added [ 248.989435][T10083] team0: Port device team_slave_1 added [ 249.076095][T10083] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 249.098621][T10083] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 249.166775][T10083] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 249.208705][T10083] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 249.227391][T10083] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 249.312955][T10083] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 249.514372][T10083] hsr_slave_0: entered promiscuous mode [ 249.531491][T10083] hsr_slave_1: entered promiscuous mode [ 249.548350][T10083] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 249.580663][T10083] Cannot create hsr debugfs directory [ 249.793481][ T5841] Bluetooth: hci4: command tx timeout [ 250.130760][T10083] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 250.279467][T10083] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 250.411794][T10083] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 250.529444][T10083] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 250.887379][T10083] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 250.935738][T10083] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 250.963459][T10083] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 250.990671][T10083] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 251.271825][T10083] 8021q: adding VLAN 0 to HW filter on device bond0 [ 251.339839][T10083] 8021q: adding VLAN 0 to HW filter on device team0 [ 251.368203][ T7825] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.375494][ T7825] bridge0: port 1(bridge_slave_0) entered forwarding state [ 251.420600][ T7825] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.427916][ T7825] bridge0: port 2(bridge_slave_1) entered forwarding state [ 251.873165][ T5841] Bluetooth: hci4: command tx timeout [ 251.961437][T10083] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 252.104664][T10083] veth0_vlan: entered promiscuous mode [ 252.154636][T10083] veth1_vlan: entered promiscuous mode [ 252.287894][T10083] veth0_macvtap: entered promiscuous mode [ 252.315847][T10083] veth1_macvtap: entered promiscuous mode [ 252.369859][T10083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 252.392600][T10083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 252.418412][T10083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 252.437357][T10083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 252.455631][T10083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 252.471041][T10083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 252.493054][T10083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 252.512031][T10083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 252.553867][T10083] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 252.590694][T10083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 252.619137][T10083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 252.656586][T10083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 252.678345][T10083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 252.691247][T10083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 252.706836][T10083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 252.735950][T10083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 252.760869][T10083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 252.781094][T10083] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 252.866706][T10083] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 252.897205][T10083] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 252.922720][T10083] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 252.931533][T10083] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 253.239558][ T1151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 253.282954][ T1151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 253.386434][ T1151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 253.421158][ T1151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 253.963815][ T5841] Bluetooth: hci4: command tx timeout [ 254.649694][ T5849] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 254.666618][ T5849] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 254.679460][ T5849] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 254.694752][ T5849] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 254.715069][ T5849] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 254.878091][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.099604][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.225954][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.379562][ T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.726761][T10471] chnl_net:caif_netlink_parms(): no params data found [ 255.750106][ T12] bridge_slave_1: left allmulticast mode [ 255.762918][ T12] bridge_slave_1: left promiscuous mode [ 255.770095][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 255.788733][ T12] bridge_slave_0: left allmulticast mode [ 255.794733][ T12] bridge_slave_0: left promiscuous mode [ 255.800665][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.033523][ T5841] Bluetooth: hci4: command tx timeout [ 256.763299][ T5841] Bluetooth: hci5: command tx timeout [ 256.862421][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 256.883422][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 256.895334][ T12] bond0 (unregistering): Released all slaves [ 257.621903][T10471] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.662612][T10471] bridge0: port 1(bridge_slave_0) entered disabled state [ 257.707462][T10471] bridge_slave_0: entered allmulticast mode [ 257.777898][T10471] bridge_slave_0: entered promiscuous mode [ 257.824139][T10471] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.831344][T10471] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.917387][T10471] bridge_slave_1: entered allmulticast mode [ 257.973231][T10471] bridge_slave_1: entered promiscuous mode [ 258.160819][T10471] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 258.261488][T10471] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 258.387459][ T12] hsr_slave_0: left promiscuous mode [ 258.397701][ T12] hsr_slave_1: left promiscuous mode [ 258.409162][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 258.420995][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 258.438402][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 258.450315][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 258.482605][ T12] veth0_macvtap: left promiscuous mode [ 258.494856][ T12] veth1_vlan: left promiscuous mode [ 258.501254][ T12] veth0_vlan: left promiscuous mode [ 258.851037][ T5841] Bluetooth: hci5: command tx timeout [ 259.038343][ T12] team0 (unregistering): Port device team_slave_1 removed [ 259.090443][ T12] team0 (unregistering): Port device team_slave_0 removed [ 259.594297][T10471] team0: Port device team_slave_0 added [ 259.605521][T10471] team0: Port device team_slave_1 added [ 259.701683][T10471] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 259.708799][T10471] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 259.738594][T10471] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 259.757872][T10471] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 259.766078][T10471] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 259.794008][T10471] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 259.888519][T10471] hsr_slave_0: entered promiscuous mode [ 259.895446][T10471] hsr_slave_1: entered promiscuous mode [ 259.901832][T10471] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 259.909576][T10471] Cannot create hsr debugfs directory [ 260.921621][ T5841] Bluetooth: hci5: command tx timeout [ 261.212320][T10471] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 261.249706][T10471] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 261.268747][T10471] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 261.290302][T10471] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 261.481714][T10471] 8021q: adding VLAN 0 to HW filter on device bond0 [ 261.525114][T10471] 8021q: adding VLAN 0 to HW filter on device team0 [ 261.565418][T10548] bridge0: port 1(bridge_slave_0) entered blocking state [ 261.572624][T10548] bridge0: port 1(bridge_slave_0) entered forwarding state [ 261.669121][T10548] bridge0: port 2(bridge_slave_1) entered blocking state [ 261.676431][T10548] bridge0: port 2(bridge_slave_1) entered forwarding state [ 261.771231][T10471] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 262.362395][T10471] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 262.438905][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 262.457147][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 262.571242][T10471] veth0_vlan: entered promiscuous mode [ 262.611555][T10471] veth1_vlan: entered promiscuous mode [ 262.626752][T10674] capability: warning: `syz.3.2760' uses 32-bit capabilities (legacy support in use) [ 262.701750][T10471] veth0_macvtap: entered promiscuous mode [ 262.726292][T10471] veth1_macvtap: entered promiscuous mode [ 262.793748][T10471] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.793780][T10471] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.793796][T10471] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.793817][T10471] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.793832][T10471] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.793871][T10471] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.793889][T10471] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.793911][T10471] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.795650][T10471] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 262.965723][T10471] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.994394][ T5841] Bluetooth: hci5: command tx timeout [ 263.019859][T10471] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 263.063856][T10471] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 263.112872][T10471] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 263.138473][T10471] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 263.162751][T10702] ================================================================== [ 263.170904][T10702] BUG: KASAN: slab-use-after-free in force_devcd_write+0x312/0x340 [ 263.178874][T10702] Read of size 8 at addr ffff888028c5c800 by task syz.3.2776/10702 [ 263.186833][T10702] [ 263.187874][T10471] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 263.189200][T10702] CPU: 1 UID: 0 PID: 10702 Comm: syz.3.2776 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 263.189243][T10702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 263.189268][T10702] Call Trace: [ 263.189282][T10702] [ 263.189297][T10702] dump_stack_lvl+0x116/0x1f0 [ 263.189362][T10702] print_report+0xc3/0x670 [ 263.189441][T10702] ? __virt_addr_valid+0x5e/0x590 [ 263.189503][T10702] ? __phys_addr+0xc6/0x150 [ 263.189556][T10702] ? force_devcd_write+0x312/0x340 [ 263.189602][T10702] kasan_report+0xe0/0x110 [ 263.189650][T10702] ? force_devcd_write+0x312/0x340 [ 263.189689][T10702] force_devcd_write+0x312/0x340 [ 263.189725][T10702] ? __pfx_force_devcd_write+0x10/0x10 [ 263.189761][T10702] ? __debugfs_file_get+0x1fe/0x840 [ 263.189801][T10702] ? __pfx___debugfs_file_get+0x10/0x10 [ 263.189843][T10702] full_proxy_write+0x13c/0x200 [ 263.189881][T10702] vfs_write+0x25c/0x1180 [ 263.189928][T10702] ? __pfx_full_proxy_write+0x10/0x10 [ 263.189967][T10702] ? __pfx___mutex_lock+0x10/0x10 [ 263.190017][T10702] ? __pfx_vfs_write+0x10/0x10 [ 263.190069][T10702] ? __fget_files+0x20e/0x3c0 [ 263.190132][T10702] ksys_write+0x12a/0x240 [ 263.190179][T10702] ? __pfx_ksys_write+0x10/0x10 [ 263.190227][T10702] ? trace_irq_enable.constprop.0+0x2f/0x120 [ 263.190279][T10702] do_syscall_64+0xcd/0x260 [ 263.190331][T10702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.190367][T10702] RIP: 0033:0x7f59d8f8d169 [ 263.190414][T10702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 263.190453][T10702] RSP: 002b:00007f59d9e55038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 263.190486][T10702] RAX: ffffffffffffffda RBX: 00007f59d91a6080 RCX: 00007f59d8f8d169 [ 263.190509][T10702] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000006 [ 263.190531][T10702] RBP: 00007f59d900e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 263.190558][T10702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 263.190588][T10702] R13: 0000000000000000 R14: 00007f59d91a6080 R15: 00007ffe7c157f08 [ 263.190624][T10702] [ 263.190636][T10702] [ 263.225219][T10471] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 263.225709][T10702] Allocated by task 5838: [ 263.244305][T10471] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 263.244424][T10702] kasan_save_stack+0x33/0x60 [ 263.266001][T10471] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 263.269525][T10702] kasan_save_track+0x14/0x30 [ 263.290733][T10471] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.294981][T10702] __kasan_kmalloc+0xaa/0xb0 [ 263.295033][T10702] vhci_open+0x4c/0x430 [ 263.295078][T10702] misc_open+0x35a/0x420 [ 263.295141][T10702] chrdev_open+0x231/0x6a0 [ 263.295186][T10702] do_dentry_open+0x741/0x1c10 [ 263.295229][T10702] vfs_open+0x82/0x3f0 [ 263.295253][T10702] path_openat+0x1e5e/0x2d40 [ 263.295294][T10702] do_filp_open+0x20b/0x470 [ 263.295336][T10702] do_sys_openat2+0x11b/0x1d0 [ 263.295363][T10702] __x64_sys_openat+0x174/0x210 [ 263.295395][T10702] do_syscall_64+0xcd/0x260 [ 263.295439][T10702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.295470][T10702] [ 263.295477][T10702] Freed by task 5838: [ 263.295493][T10702] kasan_save_stack+0x33/0x60 [ 263.295535][T10702] kasan_save_track+0x14/0x30 [ 263.295586][T10702] kasan_save_free_info+0x3b/0x60 [ 263.295622][T10702] __kasan_slab_free+0x51/0x70 [ 263.295668][T10702] kfree+0x2b6/0x4d0 [ 263.295705][T10702] vhci_release+0xbb/0xf0 [ 263.295750][T10702] __fput+0x3ff/0xb70 [ 263.295776][T10702] task_work_run+0x14d/0x240 [ 263.295816][T10702] do_exit+0xafb/0x2c30 [ 263.295845][T10702] do_group_exit+0xd3/0x2a0 [ 263.295870][T10702] get_signal+0x2673/0x26d0 [ 263.311468][T10471] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.314731][T10702] arch_do_signal_or_restart+0x8f/0x7d0 [ 263.314800][T10702] syscall_exit_to_user_mode+0x150/0x2a0 [ 263.314845][T10702] do_syscall_64+0xda/0x260 [ 263.314885][T10702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.314915][T10702] [ 263.314924][T10702] The buggy address belongs to the object at ffff888028c5c800 [ 263.314924][T10702] which belongs to the cache kmalloc-1k of size 1024 [ 263.314948][T10702] The buggy address is located 0 bytes inside of [ 263.314948][T10702] freed 1024-byte region [ffff888028c5c800, ffff888028c5cc00) [ 263.314978][T10702] [ 263.314986][T10702] The buggy address belongs to the physical page: [ 263.315009][T10702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x28c58 [ 263.315042][T10702] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 263.330096][T10471] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.330407][T10702] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 263.360849][T10471] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.368857][T10702] page_type: f5(slab) [ 263.368891][T10702] raw: 00fff00000000040 ffff88801b441dc0 0000000000000000 dead000000000001 [ 263.368916][T10702] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 263.368942][T10702] head: 00fff00000000040 ffff88801b441dc0 0000000000000000 dead000000000001 [ 263.368968][T10702] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 263.368994][T10702] head: 00fff00000000003 ffffea0000a31601 00000000ffffffff 00000000ffffffff [ 263.369020][T10702] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 263.369050][T10702] page dumped because: kasan: bad access detected [ 263.369070][T10702] page_owner tracks the page as allocated [ 263.369079][T10702] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 12, tgid 12 (kworker/u8:0), ts 19562385055, free_ts 0 [ 263.369131][T10702] post_alloc_hook+0x181/0x1b0 [ 263.369177][T10702] get_page_from_freelist+0x1193/0x39b0 [ 263.369222][T10702] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 263.369265][T10702] new_slab+0x94/0x330 [ 263.369297][T10702] ___slab_alloc+0xd9c/0x1940 [ 263.369331][T10702] __slab_alloc.constprop.0+0x56/0xb0 [ 263.369368][T10702] __kmalloc_cache_node_noprof+0x100/0x420 [ 263.810181][T10702] blk_mq_alloc_and_init_hctx+0x639/0x11c0 [ 263.816056][T10702] __blk_mq_realloc_hw_ctxs+0x495/0x610 [ 263.821660][T10702] blk_mq_realloc_hw_ctxs+0x583/0x670 [ 263.827089][T10702] blk_mq_init_allocated_queue+0x3b1/0x1230 [ 263.833050][T10702] blk_mq_alloc_queue+0x1c2/0x290 [ 263.838111][T10702] scsi_alloc_sdev+0x88f/0xd80 [ 263.842905][T10702] scsi_probe_and_add_lun+0x76b/0xd80 [ 263.848306][T10702] __scsi_scan_target+0x1e8/0x580 [ 263.853362][T10702] scsi_scan_channel+0x149/0x1e0 [ 263.858334][T10702] page_owner free stack trace missing [ 263.863713][T10702] [ 263.866134][T10702] Memory state around the buggy address: [ 263.871781][T10702] ffff888028c5c700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 263.879859][T10702] ffff888028c5c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 263.887943][T10702] >ffff888028c5c800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 263.896020][T10702] ^ [ 263.900100][T10702] ffff888028c5c880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 263.908185][T10702] ffff888028c5c900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 263.916275][T10702] ================================================================== [ 264.000501][T10702] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 264.007803][T10702] CPU: 0 UID: 0 PID: 10702 Comm: syz.3.2776 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 264.018201][T10702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 264.028312][T10702] Call Trace: [ 264.031631][T10702] [ 264.034607][T10702] dump_stack_lvl+0x3d/0x1f0 [ 264.039286][T10702] panic+0x71c/0x800 [ 264.043238][T10702] ? __pfx_panic+0x10/0x10 [ 264.047718][T10702] ? mark_held_locks+0x49/0x80 [ 264.052577][T10702] ? preempt_schedule_thunk+0x16/0x30 [ 264.058032][T10702] ? force_devcd_write+0x312/0x340 [ 264.063289][T10702] ? preempt_schedule_common+0x44/0xc0 [ 264.068819][T10702] ? force_devcd_write+0x312/0x340 [ 264.073966][T10702] check_panic_on_warn+0xab/0xb0 [ 264.078939][T10702] end_report+0x107/0x170 [ 264.083325][T10702] kasan_report+0xee/0x110 [ 264.087775][T10702] ? force_devcd_write+0x312/0x340 [ 264.093969][T10702] force_devcd_write+0x312/0x340 [ 264.098964][T10702] ? __pfx_force_devcd_write+0x10/0x10 [ 264.104551][T10702] ? __debugfs_file_get+0x1fe/0x840 [ 264.109790][T10702] ? __pfx___debugfs_file_get+0x10/0x10 [ 264.115377][T10702] full_proxy_write+0x13c/0x200 [ 264.120347][T10702] vfs_write+0x25c/0x1180 [ 264.124739][T10702] ? __pfx_full_proxy_write+0x10/0x10 [ 264.130146][T10702] ? __pfx___mutex_lock+0x10/0x10 [ 264.135215][T10702] ? __pfx_vfs_write+0x10/0x10 [ 264.140018][T10702] ? __fget_files+0x20e/0x3c0 [ 264.144735][T10702] ksys_write+0x12a/0x240 [ 264.149110][T10702] ? __pfx_ksys_write+0x10/0x10 [ 264.154004][T10702] ? trace_irq_enable.constprop.0+0x2f/0x120 [ 264.160023][T10702] do_syscall_64+0xcd/0x260 [ 264.164571][T10702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 264.170494][T10702] RIP: 0033:0x7f59d8f8d169 [ 264.174934][T10702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 264.194580][T10702] RSP: 002b:00007f59d9e55038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 264.203126][T10702] RAX: ffffffffffffffda RBX: 00007f59d91a6080 RCX: 00007f59d8f8d169 [ 264.211122][T10702] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000006 [ 264.219111][T10702] RBP: 00007f59d900e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 264.227100][T10702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 264.235090][T10702] R13: 0000000000000000 R14: 00007f59d91a6080 R15: 00007ffe7c157f08 [ 264.243091][T10702] [ 264.246540][T10702] Kernel Offset: disabled [ 264.250893][T10702] Rebooting in 86400 seconds..