last executing test programs: 14.495298722s ago: executing program 1 (id=717): r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mkdir$auto(&(0x7f0000004440)='./file0\x00', 0x1) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) mkdir$auto(&(0x7f0000000380)='./file0/file0\x00', 0x552) rename$auto(&(0x7f0000000480)='./file1\x00', &(0x7f0000000040)='./file0/file0\x00') socket(0x2, 0x3, 0x6) r1 = socket(0x2, 0x2, 0x88) socket(0x21, 0x3, 0xa) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/est_nice\x00', 0x40001, 0x0) writev$auto(0x3, &(0x7f0000000040)={&(0x7f0000000080), 0x7114}, 0x8) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) ioctl$auto_XFS_IOC_ATTRLIST_BY_HANDLE(0xffffffffffffffff, 0x4058587a, &(0x7f0000000180)={{r0, &(0x7f0000000340)="ad77415c06c570a0988e79db2111dc5e7e11887380d674c054a0cf772d33bc22747901ae2c906e075ae0eb70b754fb091228120b535c6e09433e01318857b8682ec9b5a350450f79c94765d612a15316955e7bd2dbdf6d2ad143050609e62d81ab4f94a99cd8aa594196f0b40c676e8c147195c88487d9cb4c9eaa93871e6de27742d8e3e3dbbddb55a0ffbbfe94396bea1212742e28348b9d19613e60e0a62a14dcc43e1d7a0961ca77f7827244793eefd6a3aa14c9bcb0fa3f612b5cf03197589f", 0x6, &(0x7f0000000440)="5d1a662310499e0d7c9c779bc3a5aa4ac616f5071fe693e74ecb44e3644bba86b3841855a8b20182a5075a4270ab345307deff6964a6eb8df53325504497f4b74b0a98c68df8a5a2df2930c0cc88ed3b592bf93153210655a1db435cffc8323c4171aeb9c5ec450aa7562e3ccbb7e34badcf32cfa0549d1c248dcbf0caeddeee41e1faff93589482e38963ed3f5b57df3074a4d8f40fd02c6b8cdcf2ac6a520f441c3bd22b32b74e89d7e98efb3dc736baa89a84feee6264577f220062cfe789dce8ca8a2649dae08cf19d62070fe86ca91c05da7ce8d80f5973bbc4978a11c7202f364f", 0x3, &(0x7f00000000c0)="4d6da01911d1521204b69637dcdfd98a25f6daeefef968b17dc40fba22dd22e449eaff6de5c85b973f23781d1f3360fb19cf25403a99176d1d14d8591029fd96211b654f", &(0x7f0000000000)=0x6}, {[0x3, 0x0, 0x7, 0x9]}, 0x84, 0x0, &(0x7f0000000540)="bcc29f479cbecfd6e141f93cb1d5aae6ed1c3ce735ee11998871374740e0135f717086a99e95e97dfd3aa941947a87839eb172cb368f5e43e808515c79670b4ae4b4b281938d0d33b594bfe8e2fec7cfd7b6a535f978c386fe5f27af506cae197ea0b32495b217a36fa385e0fbb60d481a9329b2ddc30020ebbc0fe751ca177337cfec6194d18b20ec81e00733c083e1c44b1746d71e81efe2f686f467142b33ad9fcb8978e58cea23bc68d061de35e296582cde505540cb64fd466c9c38b2d1e1d4258dd3650e7621715b4f34fd12e113f08f22dc3cda5c7f1406252dace97e581320cee7"}) r3 = open(0x0, 0x22240, 0x154) r4 = setfsgid$auto(0xee01) setresgid$auto(r4, 0x0, 0x0) fchownat$auto(r3, 0x0, 0x0, r4, 0x0) r5 = wait4$auto(0xffffffffffffffff, &(0x7f0000000040)=0x8001, 0x6, &(0x7f00000003c0)={{0x9, 0x6573}, {0x7, 0x8}, 0x3df9, 0xfffffffffffffffb, 0x80000000, 0x7, 0x80000000, 0xc83, 0x5d, 0xdbd, 0x725, 0x100000000, 0x2, 0x9, 0x8000000000000001, 0x4}) r6 = semctl$auto(0x4, 0x8, 0x0, 0xc01) shmctl$auto(0x5, 0x8001, &(0x7f00000002c0)={{0x8, 0xee00, r4, 0x5, 0x5, 0x3c, 0xf800}, 0x6, 0x5e1, 0xfffffffffffffffc, 0x5, @inferred=r5, @inferred=r6, 0x3, 0x0, &(0x7f0000000480)="8f3dc69f57dbf77fba6a0e82cbcd74e7aaa30158987a8a24608f41d03af457e60b46dff5612ff208c1b5a9f6c38b8cb72ba691458ea1af9b3294595601c5253a2fe7328b8ae80366ce115e2200b31c86f913a8207779e2540b4cdaddd3cec1bf45b4acfc36a4d9ee351b711f9907dce4d79e3cce4a27708f66456f3ad918b44040158041737773c1b3c86bf21332a93d89f7b4ebb757225de80af5af94957175a3f0dc8daa15ca3b8d73f2d6a0847a2099374cb615571a172883494f8f64b691dd", &(0x7f0000000580)="57f78152165683e0fbc54dbedbf88f56d83a7c6b0dea0caa02a091abd1c90fe5ba25b0396d86edfc8e3e136766f10f14a0eb11adda15a4da16133c50b9729c68ce7428b305d6426a8622cb8b057cef953a96130dc8a5a28915348e38f118e0fd18ec2c79a257ba2c125b802e391db649d6dcdc4ee3f71cb20b10997a0755d5470f3372b71d87cedaff5ac007306fead6de24740cb1a6d0b568b4a8b16da1e1183c214f26b79196d5714d2c06740afa743844ae08ea4d74b42b7bd31759a191eb55594b19a4a0bc5ee1371fb3db7db97a6182b5b31fe5d3ce493d21bc72b5d2952a14db6e8f1102"}) fsconfig$auto_FSCONFIG_SET_PATH(r2, 0x3, &(0x7f0000000280)='\x00', &(0x7f00000002c0)="f209fa4f65b69412d261c2e0143610416f", r4) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x54}, 0x1, 0x0, 0x0, 0x2000000}, 0x24004804) sendfile$auto(0x1, 0x3, 0x0, 0x54) pread64$auto(r0, 0x0, 0x800003, 0x270) bind$auto(r0, &(0x7f0000000680)=@sco, 0x6) 13.323050588s ago: executing program 1 (id=720): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) (async, rerun: 32) socket(0x2, 0x1, 0x0) (rerun: 32) io_uring_setup$auto(0x2, 0x0) close_range$auto(0x2, 0xa, 0x0) (async) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x2, 0x0) (async) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) r0 = openat$auto_debug_help_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f0000000140), 0x480, 0x0) (async) msgctl$auto_IPC_SET(0x8d0b, 0x1, &(0x7f0000000300)={{0x0, 0x0, 0xee01, 0xd11, 0xfffffff9, 0x1, 0x7}, &(0x7f0000000180)=0x1, &(0x7f00000001c0)=0xb7, 0xfffffffffffffffa, 0x58, 0x1, 0x8, 0x9, 0x4f, 0x2000, 0x7f, @inferred, @raw=0x1e80}) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.5/usb19/19-0:1.0/usb19-port7/location\x00', 0x0, 0x0) (async) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x20a301, 0x0) (async) r1 = ioctl$auto_NS_GET_MNTNS_ID(0xffffffffffffffff, 0x8008b705, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0xfffffffffffff3f0, &(0x7f00000003c0)="b5e8ae3241f47aa8e8e3b4f8675786ccca5547373c1711f0956b0f7222958097946f7452dd539d864223b1b3167221c7a7ff5db865abbe8367db846c84aa518e") (async) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x10400, 0x0) (async, rerun: 32) epoll_ctl$auto_EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f00000004c0)={0x7, 0x6}) (rerun: 32) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (rerun: 64) unshare$auto(0x40000080) (async) unshare$auto(0x40000080) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ram14\x00', 0x729102, 0x0) (async, rerun: 64) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/1:12/power/runtime_suspended_time\x00', 0x200, 0x0) (rerun: 64) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(0xffffffffffffffff, 0x4b72, r2) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) pread64$auto(r0, &(0x7f0000000280)=':$\x99%^(+]\'\\!\x00', 0x2, 0x6) (async, rerun: 32) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x9, 0x0, 0x103, 0xee01, 0x0, 0x0, 0xffffffffffffff91, 0x0, 0x2, 0xec, 0x4, 0x2, 0x1, 0x4, 0xfffffffffffffff8}) (rerun: 32) r3 = openat$auto_tracing_fops_trace(0xffffffffffffff9c, 0x0, 0x4800, 0x0) read$auto_tracing_fops_trace(r3, &(0x7f0000000440)=""/219, 0xdb) 11.035318345s ago: executing program 0 (id=726): r0 = socket(0x1d, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) bpf$auto(0x4, &(0x7f0000000000)=@raw_tracepoint={0x100, r0, 0x0, 0xffffffffffffffe9}, 0xfffffffb) setresuid$auto(0x8, 0x8, 0x0) setfsuid$auto(0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x840, 0x0) ioctl$auto(r1, 0x560a, 0x7) connect$auto(r0, 0x0, 0x3b) r2 = socket(0x10, 0x3, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) write$auto(r0, 0x0, 0x5c8) close_range$auto(r2, 0xfffffffffffff000, 0x4000000000002) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x5c8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x0, 0x0) ioctl$auto(r3, 0x64c6, 0x1e2) close_range$auto(0x2, 0x8000, 0x0) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0xfffffffc, 0x9, 0x0) r4 = fsopen$auto(0x0, 0x1) fsconfig$auto(r4, 0x8, 0x0, 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop12\x00', 0x20000, 0x0) keyctl$auto(0xe, 0x2, 0x76f, 0x9, 0xf13) close_range$auto(0x0, 0x5, 0x0) r5 = inotify_init1$auto(0x3000000000000) mmap$auto(0x0, 0x40006, 0xdf, 0x9b72, r5, 0x28000) 10.550488759s ago: executing program 0 (id=728): mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) read$auto_cgwb_debug_stats_fops_(0xffffffffffffffff, 0x0, 0x0) ioctl$auto_PPPIOCSPASS(0xffffffffffffffff, 0x40107447, 0x0) listen$auto(0x3, 0x81) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) r3 = bpf$auto(0x0, &(0x7f0000000340)=@bpf_attr_5={@target_ifindex=r2, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x8, 0x6}, 0x92) mount_setattr$auto(0x0, 0xfffffffffffffffe, 0x100, 0x0, 0x6) bpf$auto(0x2, &(0x7f00000001c0)=@iter_create={r3, 0x3ff}, 0xc) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/ksm/sleep_millisecs\x00', 0x181482, 0x0) mmap$auto(0x0, 0x8, 0x6, 0xeb3, 0xffffffffffffffff, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/i8042/serio1/resetafter\x00', 0x129102, 0x0) read$auto(r4, 0x0, 0x18) write$auto(0x3, 0x0, 0xfdef) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto(r0, &(0x7f0000002780)={&(0x7f00000015c0)="dfd6209705ad5eb67a0c256373e999d62852211a433626473c53509569e9fd58dd604f0923159adc4f4f0d65a26c0583281d6c57220e04de8eb9b94324fa17e72b53ab4f64d5b9e03034aa14f621303dc518cbf0d9f6697b18e0a2e669b0f9788eab994bf373d3ad7cb7299176fe04bf74aac422be80e1fc1c7865a5d6f6cb5969a8", 0x7, &(0x7f0000001740)={&(0x7f0000001680)="8faf42156b41d4b6740d9dc02c1e0b9fa9607255070154c5e4cbd8b33b8065df2325d86ade9a181c887e4e52265606dbf944850bfe1159d6089531d9ca8579f20e495cb5320d9fd3415f56f3c5b3a3a5233fe46bd91d78726e9ae72bfc3faff215c4394251ae8b555bd3e72a0ddebdfde4ac4c9ce2cc6fcdb8481d0e5679330c6d0132ad5be49e34c34c09b3e1ce445309eac1adff17dcf4c9", 0x7}, 0x9, &(0x7f0000001780)="bcc3ef929ee34a4be483a0e4afa0fafbef260151adfff025f81d8e8993facca973d879e8f085fed58bf80fb4621eccc819e5d1fc4de704ef2ef0cb373cf03316db7cee7827e440df43615c8264cd42233a7de4062905b78f10c3437fe6df2eb97505d992bdf4bb35bba9052519df42765778c41c02208fdf068ccc99a169ced022694731111e3bd5ddfd190ceaf9b314e02abbe28ba62a3cdb7d3d035df88978165772ecb6f29750edcb1499bb0620106771417b42ab849640314ddda463cfbbc565eb5294876df3e85590a61fa0368c28d96d1aaba48c7e235a45bf6f0e657d6731f595f07e6a4ab74c383e2fe4661d919261e2b1e71c337c2eb58a76b1f8c9d30b293903a4b01084683c9e52ab3c01672b6aa714142236e3904845dc7a6d656f347f4e9488431e8f5543feab377cab8094707e964f3c79e1b05b839dfbf5f41b3bff1533742e40427e853420394810762b86118dc1c18f2e51c6feee69516a40a7d506142de44549c9066779fdc75a0d21553d6877d4ec6966bdfc46491d078f23689e136b9ca7bfa97236499be15d7bbcb43aa4e5ccb88c078e8f0aeeb827bfa44c7a636da247b5412214f92952f3217ca31ef3956161e97d7a56ae2648f4c7dc7ede3b6eca8f35e991c033ab652380aa30c305cf07d3d30b7b6810fe3b4fa9b157bb6dd1fa93591d9ecbcb6d20be546fc6276ebb03e43cc69694f362f106f1d2f1b7d5779bbfd9a06d99f550ce713c41a6106400e360029a2d76e0a459c756c2fe51d121f2df34c73c95e1be46dd32287d9c5cea02762afd5676ac061b1be043e07932771d80ccea9b1c309c13d2e8e4fa029f5db3bc1fa6f1e8f9978305d466bd24f5d80da513cf35769fe965409042f882050552dd63d8529a6146a73a32860a45c3664c5fe4791a201a121237ec6120b585185aca978ae0af267cb1bcd96a34db1fe4c50f19e989f25d4c11f3a5a3aa767f1bfcb20af8c008f428e2c7f9fa0f6112afcb1d0aefa29436f09d9f6c8cf980ffca4ed11b02833329017c888cc7dc41e240a4e5d0ec186562c4121b796593e362970ed6109721fcc355e63616c75b7d1a050bf1af505f529a14725977334d34635a0ddcf1267e11fdc40b94d627933a97d2f3cbb693404c17163082a1c3dda9f65ea015397986aca3473cae0f28be6e1bc735b9c3633b855a1224acad412692604eab9aaf827411cd2966e6dd111dfea6506d38255c4444933598eb303f0dd238170ef0355c1511f00d4ed57510908d0b4924e232a6d6fed1def227cea205a095ffdf2d103ffcb81c0f062d72ec775429b4599d491dbf01e96f8d28e8607bc29de074f460e0e7785caeb7529b7baabfa36461467c10603a06bb82efe94e3877d8e79c3583c8ebe8dd54f82cc3d52a0dec9c710d7a8e38ccce0a5ef74441028026aff831ec5f7b22531becd2c0c6dff75005dfc41733ac1b25154807b3bae64e127c66f56e2aa70d78e2093936f51289a32dea43c583e7b1bc62e88b3e06eb99099fa5c6d731fb514b5265d933f97f4a7bf1f2f933d7455119c305911dd5502c291eac728059f72fe74c18167f9ff8fc09fb0e843a1c1c6a619c9aa228842282fe8ab070d352d324e8edfdeead2f91def32bf642b772f1f7d037ea81fef2aded780dbf4fdf891c8204edf9d26bae1b3718b280ab18ab5c2c552fe2ef126cef16b1dd7178433b05b8986d74628ea585719aab8687c396568662c1ef479494fdb0c4f641c41ecfabc181adf6b576f494fcdd254680ae9ee806fbef8be58ee48aaf25466609985a3e5f4980c73861781d2265ebbe121a7651d96e650e92766b3c5f134db8e9bdd83ba04307dd4102c21cf9fedd9971e411bfdefe168275c52f761154f1fe064648b610b339ea75531a48cdd9ae8576b2ef965e155e6edf3ec7dce1e28ac7039154d309a600fa1c5879526a3235105cc2dfac92445aa68f49cdd35b5617d7ffabb92d192e6d3071cabcbeb954f1566603149eea3b19709eb28ad8873d934130bc3e1e953e0de5f9aabc61c8b5adc782b21b0e7795299aa71492417c85c34d2f2d8dbd2955bb16bf012f6a96671e1596d5887f99ed3158a5a19c77bd88a99bbbe4d8a74693b1966458252109f9e9d8746bf5cd7c9f73d5c4577b9529fbbd5356c0aa560515021cfdd10538b4637fe4b026585b27ced7a9af98dd3aba03d9df1ff201eeae8826b7a90d202adfc3749334fa1d12415bc5f7c7903b39f5e09a131d39cffa9c32f643464bf03c62adc6ff79957f15851b11302fb6569b6f7cd2df71d52e11ea7902302ea51ebf2ce6c14edf363d6ff91fef07add73fc765e6992a7f876aed24754d94dc855b577789415b9d82926aea7b16f96f77b555c859fab72d97ff65e93ca0f2a49731d554782f8d740801903859449e03cffbe88be7611f47dca94bf6c4ae4019460c8e4a789448884c49f71fc5f05e3f4323b26820178ee9e8a8ac6887ea2005d4337a6be97feb532dd5d0777d7e33945705139917b938b8fd8878d2699946417373b3addc7c686b021dd6ab35f8f12f6ac01ce992d5f728eb2c10f494433a37551d4ed5658961a3b64888516f776d4c3e0ad1efd50439b204a5df94ef517a6dbb2437171a271ac1bc22d5f58cbddbd12bd69f62a914cf98d3d3df5f05e34a92a8d378015b3be5f9e7270780508894a699e27dd27a9eab0cb872ddb301fd310a70f338c543800a0e904648eb3bf7c35a0bfb6dab688847a1e638a31d23668c4d8abf832f76de70691d2e5e7b48ab7f316b7413b7de40331fc9dc0b37385360f77c22661bc0f7bee227883c8f506a3d8ae71a68e5615093f3417963268cf66129fb02dd0659777d92fd8792e781f789d290adbab8ff2aafa8914c6b0e846378de51b9cdc847de3cead30cff0dfc04405ad3b5f039712aab96f8c0462c674bb7f35ed5578308a86bcdb06ac5fe25ede8dbd3ccdbd77e0144457c5d8e1c0206dcc5715f14cad8ae78a4a7d1227e07c416d2e9504e33d46d7edb6b1228ebf7a8bbadd6638a03e18dc4f5f02ffbad36af93e370e38e7cdb3b5bd7fbd6d58fa60832a1c7c4c140470ed3a529cbb33978f8c4c145aae8195f569e44dd8be27ae27e3e0e4a485e1b716801dc21fcbebf2f549542a3262fff02564f45972f19d77d78d9254f2ba1f9792d20695c39d62a264001373643874cb4ea76454c14adb1dce446c3e63e91f126bced1586ac64de3d8665d9de50ca360110a415926371cf88739b2104650133e88d9eb8a92184c452236648d93a44b52a662618941f03c4bb3c1d876761ff68cdbab2f8e0f0df0c1cc58afb16113d779a979153755dd24de945f2bc0f4e37c4566a54721b4cd50c9a359b34cb85f92b831166762c1fa38c184e058a459cfe2aaf3dd980f842be5de3e9d8256df24d1dd9d9b5af2201238ff070e6e801bfb8f4053dde111f84274407145470ac98b4974580c0d74b095fa28bf36680e67cc103407a175a67b3806e38be5069e4eaab07304000d5af005bc4a279e73d161c278a3be74f376c9faf695f111f7307ccfd1b98243ad8dc3aecd727574a712b6f09cbcdbef9078b9500e8a99f3f52bf53e9fa7a6d5ed44e2ac98845c9d3ef99617f4115717ac243f0dfb97a08a50795171de0741bac6895b458bd17b31ae26a3f5505ace9494da1d0ae542ff9c604a2cf4661b860aef47243166c027eee85fef31897ef17298fdb0744534472188369ca0637ef0612e6be875b596f1313eced994e400abffb3a822c2ca09058a8d83f36d670555bd4d2403f6f25a89bdc36fac47555c544a7661ae8ff487cd84cbab4dd9637f54a835a6eaea02a4be4dac6d0c0638d46be2467a96d886767a2c54fd134af9670be56836d8f9e7817f36b26cd6fee8d95f436f004abae9273365d5820a59803c596be4b0e422f567292b2e738c90d44296cc964a48f7465d0eb19901b138869216b03d6926e10e267e7ae899b1d6f5a627b4a80d00ce9f9dddb0c7616c861819765b712f15dc75c31532df4323711960e948508a16bdf7ffd19eb5126f18c09ef232e96614f828b3876bcac4334c16c1ea67634a0d62254f26757cdd6c92a19a8932dbcf24cd6cdc7e0931ce96afdefc48dbebc07434bae7dd55bed26324e78a730d8905a85f1e8dcade0103a3f9ea32b0753b5c2204b8ceb3396f348383c10ed56981cc3ed35e88e6f955b09eca2eda14abc9fa744bb3a60e618a54cc9ebe79ead3451874df9a0b56d2d0beccf5f5fd3493f4fc62bec8262ef19d9191a8cc7674ba458f2273a9f025a1e5e17d99a9e40a3a8decf3586366bc6025e80ec6152c5ea44146d0332ff58366cff0ddc16c8e439c66a8a13dd48a0b751927346259f9b6350fa812cd08c73c41923933d529d69e79c24b1a0c6276e51c735c13052a9ba486d61438d4206d6488a16c02fbd59c8e82aba2b62382b2a78c87b002c2e3bda7d7bc45f695f681dc557f02f550a3f8b225671acd10551d56ce72934074b710a70f654716000636197b8c52c7b37fa61f07e7a6108d920e1a3b282df80a05704d9fbc5f9d98d4d0adab995e660d02b2817e573240840795aa7f3fe25102391f3b3307b26029e2a4e73d2063e9a09f6a79ae8b77eb4ed89f95e456c41c240b4baa81b808e3550951d3f26149e8f70510b0eb1bf41f170b7784f14d23bae1090e8c3fe178d6f5fd21b458dd21fe379a710e952ed82f56a9aa11e863d34bd7387873bbd33fa288cf53c0cde1e0161d3ba94d25454a530be43c2d01c3ac82b4017342732aa66e0f739ba2138fffece757c1684ad11f1b7f212f2efd9a52a4899dec5cbbfbc293b449f13d8016499708791b724fd4bd149633c43293c6db991d7a2a4423447ce742e37a403611a60459d59068f7997bf50dffe7c4de9deb7b985271d9086e0cae39312969e50f5b6a1edbefd7a0e9b9c1b2d80b562a78f5e117978bf55d3d8bffbd50859eec4dd6823ffe81eb27038be71b11b00a961f9398c12b026802a423c6f9cca37d96e80ace0656bbc0d5ddea1dac13bc9b4326e4dda9f5da8a32a74ac76d9ff270dab1ebfdd9bb2daa462a65b48aabfb833ead99c0bcb1755453bd93a7b951f07cf2a720c941c46d1c68a835ee6aaeee556e5f7388d283b05392a467ce0d0c09ee12e341362c981bbdc0602e0ed176200bc80b8eb60213a675a991a1423b64b495fefe68241117d188c364ad00684e557646b74aabe0f22f4081e7f77a2d6d6015d4ccfab0b2e40894167e6e8959c9d886c39234ab3ee58a273f1bc250157b6470664a90e74134d10484bb242020ebe8a5f195122e5dcc83b793f6d05fb844b460d53d7e56851049b15c67faac54cab754117f8e4b49509591506e199bfd412b3b86e8d75708774a1a5fb8c4a168f7e6dea5b4d004c376a44b8d356b82e27cc15824919ce1d06c7748e174e7cedf034a61b0bd12ee36e8f660b1f89a9f973f8338b3a2973a50173b23dfcb98d28058e7d4d3b6c354d48d6eeed4719b8af7cc82d0b6a8387a8df3449b7f86c37ec974810b3b36ae224f2b244baf4937240bf32a78d8f9f9c65083224b9471b107fbe5869cf9c23a3f5c999b8d5bf30735dfbc0f135826cd67e78a4f4495cc4af35e698a61e9715fbec236268bceccec6dfce56bec16b38f2c03005dd4f85e27418144aa520ac8ef2a753d818d00574ee87a221978cc3b3c1a97694ed39c410b66838c875827a0c68bd0bf647d05d94f4d8fdf1afd65b773d820d9b99d2acc53278bd51609c962646fa98a5052785c56fde29261cbee012", 0x56, 0x8}, 0x80000001) r7 = io_uring_setup$auto(0x6, 0x0) r8 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) r9 = waitid$auto_P_PIDFD(0x3, r7, &(0x7f0000000140)={@siginfo_0_0={0x5, 0x3, 0x4, @_sigsys={&(0x7f0000000040)="4359c67dd170832aec4d83d71a369ed1fcd1b1291e12ddd0ee6368115666ddc25e9223e6533c828aa8ca88f195d0270dcdc8a914bfd0f04a0aacf732f7017403d093940037141ac3d6af8b1bfab4cb69972c18926f3d1d56e6993fc5a5fc079de1387082cab73f1275b24d17d17ef01fb407ecbcb907a22d69436925f06b856b4d1bf7704433372670063be961ab02c39359e5d097c574e4621c0a2f616c1c0a280b8dbfd5a94a569e3ef414d4aaae5dd5e8b27e230be1685e62b7580e44250cd61dde96c5b5da59c628deac791322126274d717", 0xfffffbff, 0x8}}}, 0x7fffffff, &(0x7f00000001c0)={{0x3, 0x2}, {0x1, 0x10000}, 0x2, 0x100, 0xc7, 0xffffffffffffffff, 0x7f, 0x8f7, 0x9, 0x6, 0x33, 0x200, 0x2, 0xf04, 0xffffffffffffffff, 0x7fffffffffffffff}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r8, 0xc4c85512, &(0x7f0000000280)={{@inferred=r9, 0x8, 0x7, 0x400, "ce8ca080edda263363dc97dbb1cc9cdcaba1d3b674b50c91f5c5cf6d2158e62331e61776913a5c0def6d4fec", @raw}, 0x0, @integer64=@value=[0x7fffffffffffffff, 0x5, 0x8, 0x8, 0x1, 0x2, 0x466c, 0x8, 0x1, 0x9, 0x38af89df, 0xe71, 0x7, 0x80000001, 0xd, 0xcc, 0x40, 0xff, 0x1, 0x7, 0x0, 0xd66, 0x800, 0x1, 0xffffffff, 0x0, 0x7, 0x100000001, 0x100, 0x6db, 0x9, 0x4, 0x1ff, 0x8001, 0x1, 0x0, 0x5, 0x6, 0x44766119, 0x6, 0xe, 0x0, 0x0, 0x6, 0x4, 0x703, 0x7, 0x6, 0x8, 0x4000400000, 0x7b, 0x5, 0x6, 0x2, 0xfffffffffffffffd, 0x2, 0xc3e, 0x2, 0xfffffffffffffffb, 0x1, 0xffffffffffffffff, 0xfffffffffffffffc, 0x2], "55599285fe7c4fd6cbdf31f6f847898e1079642935c5d7f32bc99f5ec23cf7d6255f85b68f798a90725c21e78d11a7e78ad569a3947da92ac251fea25fbebf1d969c267da7ae0bfd3e737e69b474ff22bee6076e94b852f6fb9866ae8cef04f86ce7514122be46edd7bb229ab4b8425cb679635a8ae95471e85b31df6aab50ac"}) timer_create$auto_CLOCK_REALTIME(0x0, &(0x7f0000000000)={@sival_ptr=&(0x7f00000005c0)="c7ba124d389d27ad28ea8733201260a4158de1e825ef8ec01a7e2331ebd9ca2650acdae2f34cbc257034abd76651168f2083af46a75a58d31141d782a0339e3c488670e18e4648b4810219e01a3da9803d627d814ab642e644c30c636df1e0181b8b38b4657a7ea60c9e2b93d209be07df93a6ce8d1561a5600460479d6b61e11df9d81e5daf7acaa1531167614e72e3d9893fdcfe1d1b97c627afdfee10f4db4011effc160ba219b93e57775edd463d6ff16f9727484f78919b9fdfde8860b813fc59880a4c5ecd319fff64080e27f99ed9f09ac5cf2e031f183963e7be39316bff4da8a840a2e1a42f384a66b07f749e07f3d48b1df0f51ec4d5d88e448b298158b5a9f9a377fceb97c18e681fbea39bcd4b7ec5b080efdf5f70dd91af00e6077c15f1af4a7d43091357b271274a30d5f08a4684b96214e1e0d4bedcb4c55d5c70fe73aaded6d6c71ad48a7febdb5b2f70a6c03acfab7926504aad465bf73913cb99698df5cd3ef37889d913284ed76ea8b0b7a8c401743ebd05fd5adb6aca526ff0eebb038550bb77fcb504bbb8de1ac04d5b5643e27366aa57427d744f6c50204791640ac03259a5ff51635761688282f46e1b2c0466cbb74858cc9a2b61266d95f0d6cd37e367f6b602f606ff5ad7902a62b0211d378c942b4edf34e63191652555bf859723833ba0f2ed681f340a09a82fbe1c852aa50215a34cc17a072d9888257b17ece3f8ce656e00749d2df50fc32258ead694ce9585e15691f35c152c2b648080e17c849d2f764462893effd56827d6f0507587075a5c9a5d67fe9925a3630ce9f6e986165f3bf24a3aaa7fbbef5c00fa4092c3d818a4ea871ea21542bede5d627cd363ad846ac0a7ff0cc6f5b4bf591cb5e7bc17aa74b3dd4e9e83488ba40365e971a8e9946b4f716a8a4e02b5984814d7969193f99ce9a2f801648aa1dca19ff86375808b727f26f48ccecda29148a7f104f565096c42446f7cf4bb3759e999d21104f64b1b618ba10bf4cd3b2306387397e7c73d536e57e71d54afae87112bebbe8b9efc8d9c5117c0bad1422373da1d5e4a321a8e02e1436046f905be3a61363f68fd79748092ffe9f99d30af6ecb907d7e98ad43f6602cb0294e97cd6fb6b70833cef98df07d8b913506c6f033ae830194be0116347d93f43e4c7d116778d2f4a4c052c00d19d205058df92e81fcdf15ad5beeee807e73bc033464e8ff78f72c29856781c3a82bb97060c0848edd525b33d48b151ac08d0688dce6640ad760bffb14ca1b9bfd0d238f0d8f0f5d6579ca527ca8712014cfc7fb4c765f761fea9eb1651e7987c4fe28710a4bdcab4d181eb4bf2dd2cd765f08576837308615e5e47d7e3f1c94911bdd25a572df1deb0d10ce0af4a6f6cb55f47ae5bbf7268b882e0fe37d410f263501dda10b05caf49e5169e3e07901ecbd67e10262a72e330d760349837ee5634ac6e33a6821ea3fc701f7b155460eacf325578e8e077ca5aef774359aa44af5bb034153b048ee8cee449d5f1cd9c1d7ae1df75a5b8676cbd1063c35b0ee7f53b29dfee67c3c2deda377f6ba639e828821ff9e8eb375466de0d7e412caee621dab68cbc657bdd3d60cc6c1af67be13b70540e69bc54104705ad7f9624acf77a4ff8ddcf103bc545a4ce8c75671647803fca74833719cf9544effe0b2b89bbb5bbf4e82eaa9765ab7b1ad77ca090800a567136a30e9a83e28207ccc392aed79cd8325fd0b27914c3cfda2fc27f2f2fae3309e26b0497545075db6fa637543176156a4f72f7e040bfe2219c1088066e407279a8c7e7eada5c35814d1f4555f9ff6788c358493aa4e1f3802dc0cb6c6c254e03f811a9451bbbd50ccf842ccb6d2b0b7e8f392b1943fef3d96bfb28908fc32130fb3f0dbc274da4a7ae299ecb92ad89869ee397ecf6193291c3957c3b3d0c2b4f89704a4b69d642c0b74702ee43181721a9dce3d2140d6ea5f6f9256c04f8fced5b66294c6748bde4094bb3c573b9e483a46ad8cf8ef8871ef95fb797e4c0b983dd95a026a35264ef0a819167e7d4b0802354261f299d86afc5bcfa038192e17c283e7d3a8ef52e3db33de4bcdb12c5fd8742bb4788691835450574e45ae07d30c01e46f3168adfcf8b6c6428ef00806bfacb6bfa7dabed1af32a2d49658e72851f06d8ff523f59cd47fdf82072be33099a5d75a29fabde10cd4ffc722d6ffffd0f46cb419c03404b5801b294a57dd3205e4f3fab23cc9ce1fd6ede8c38227a432ceae8ad820c71e4c7a3cf4982f3234f0b1bff5a5b7122bb35dc212eda5e83f796b51e1ac036e0a2d65bdd5a9171b89973300258ff6656624bdcab63c9024a7c9a92bd6bac7eece5f940a36a1b60b930f2967aa825362d07ca0b195fd2feabc4094a23302c4c18fae2445eaf8d2ffa9972455973057d89e45ab0cb899079f4ba690e8b7a85f79af4e0f25be0356c597e288dba4a77efc18a58a9a9c5f84b66c46733a6cb8e9e0687db69a26c6e9ae94b0fd04a1c48bb495c34f272abb91ecaf4ff21d53b8fc29beb261ea3e8ff21735ab3c99e4eaacd4a3139e88e783ad93f69bca8e8099511b3aae45ffed40f05a25fcdc1cfd0156bdd600dc720e242d877b59b52e693fb9997fc8824c310025d8cc9b624cb295d642e1df55faa2d8a057ccc16f306c9a690f27fda8b222b2e41d7474fdfefc2fcb3b70e73a1b8397fdf75a0ab1c752e04d46315e66898089ed480d9a5c5bbf16a904858e111d1332d4c91b46ff042a1e5d9edcb2158c6abfd6c754ab7a13719596eeddc806e8f9baba86f8409bc80c349484e413b6d9f0e91a79b9e875cd0af77f4ad81fe066e60e93249b4d451ca218325d3cad61c6f2d8fdcdf0b3f300335c415acffd782f1973d282eb6e0b006fd7ebdaa53edc66a6a70699eee5925410ec9066261982022357be0adab9921042d33c90afd6f2ea5699af0d6b6bc67e06062ad56f8a0594449c48c36627e14c4e66ae52b68cc61f01fe2c3447270f74d644fe8b49b16b57e289e74e2abc09f141d58a731760bfd702cebbd0f07199ca5a67584a1bfbfd70d5f9b2e3ee69e1b118bd63cff1f1026466db7430fd3ffeab7a8eaa1b65074c4f4c03b1917adb48e633dfddc851ffca05b6426408bacd05f5aae13189523a75287a0fa81541c0fd5bbf7503a11b4385dc9110d5431d2c41c1580299faa8a1dd6d16810ec14362134b88d1e64da96d2917089d192634c4b5f09ff57b02d9dc5ef6c421c3ba0d85562703f71dd009f4436227ec737b1910c3a230c7af8920514b95ffad4651407fcd49fd706640b5363f4106791d55ed639436b7c0cf553639708e49da4f1c53dfa53337efe6935326252c5b2e4adc74642b8310da1a441505b4f0da92ebdc843a45632cd26ebc3eab9ca9e7d5a11df96756eddceeaa2e86b6e9a75aaf61b26bba001963ab8392f861fbeab1c553d7e0ca85deb36e7a3acfce6311889463f089b26d68eb332829e4e8547d5072db7d2ddc28fb7c0a22bfa8a6fa6dde579a31ca2afd729013f05986faec98da5e2d1c8a3ebffa8a8ab07388565f09748f08304ecff493a2a549cb590f2b5ef604c91c5c9fbdd36132d66bdcba8b3d4adc67356d34c8df0ffd9358b5ef69c8b69ae917658798c8bc99e6fb9810dc3d1de2726bbcb5d8d0d6c54b949dd62a3b7f1926003ab54dd7417cba3e60959c25509a9eb8a33280364fea1e0c039700636747a73fcf47dfd88f784ab691cb553f9f2db0364a7f649b5afcb4c083f26b5a97e12cd9c1168f564fbd3894d5c1adc001a5df7cd78c7799c0197e5a0478a03f400abdcc1e3239071f8e81f31dfef54086f989bafec216d34562c031c695ed650fb4c9ab18992743ace9bf72db5040370638c0063a36ce69d1077d391f677efc3b9a278aa263f457d9e95e0c55846ac1918d421b866bf0d8b7ee5aa2648bbac6e5e9bf056f4d7b6e224cc1afd3a55f7861a79644f7a586f1b23ffa286ba7bf417faee52102732a72c14186e5922b17e3d85eb02ad862e2573dbf3b013f1eec6d4df2269097fd7631d370bff4357b4341bd8ddb69634e00d5a927ca64ac8aada4c269c1d27c5823202ccaecf7e9618ec4842a01b4c5266fe2d0ad4854aad42e7c2b13a8ca460e2194620986d411ce876b08de336c598f608cc6b5fdedca1502b4391efbccdf6bc32e5a906fb5947507ea198f2610abc46570f60621d519432a506ed1d6fd1e2a4527ae5fa7d6377b86c8f7fa914de65efc54161aa5fd1d77fa270ca855b96d9024ab587c3504f0080fd9ac9d4d9345a37c58035d7b566d506e1c87e56423e50b4aa34632282a70c89c425a49d949b8dcb566a24b75a6972722afea3d24c32120a002fcd5fea2ce65149e9819dfaf4cffe5ba86b19a0de07ec3f242057b3b69975c6de2ee33c4589e2760fd5522745f8b9019d71c3c190460d9394587aa3709202162077f93a61f37c7f781299f2e064538321dbf22a2e6522a445f6e42673c5eee2b7cb6a8e16486114b5f9e7e647f1fdff859ae9e23ab3c0a06852fdf6e21a666a10981f45e83673a524ed7d79eff5fa21218789c724c94d86e31c1cff6588a9cf5e941bdb2a16e83ca7d1f07207c82c59f2462202ac8a3d61eaa23d4536476b44c114faf7bbfcb37fbcdeb242d46e52ae5c4d6d63a7d904750e369696bc67faa9ce6855099556290f515109f63e5fcdf8f060763efc05e2dacf723f5f2e2df20625061bd51f7d75e29e7aa445efaf08a720a790f1d094d625038c0a482124057bfa3e4bdef914b40557f852001a6596f145b3c90985012650d49bc5b92c2dafab26599cb0fbf64d83be0dbcba2dc9012d4a201a7ff4ddf7947a6664ba1a131b7f974a3a5b5cdfe3502a210991ac91eb52bebb7b8e8ff50f45f3e852e1661f650b26919a3d39eee7ec794609942bc227b10c8d3e5a1e8310bfdbc0faa53f72280cedd057086d4db595d993376951cc76c6da232966787cfebaedd26e94d2f9e1728a9aa3732f94f0edefcdd902de2c4027a020f3d7a90c17f711ac8b8049909138475338c6aaf847b61e00979142f2bf0a1a2085a69dc7fb3ffc7eb0ebe8e2a248defaddd9a6a462625a68871db50df33377df65fdac8f1ff6ad23d64b1ef1f9be2ee3f7eff2619260eed8554ea258f985a1c1f3b2a400067c73ae4a8050df1fdb64683670161ec55bf562306136e77409cfddb3f6336e213c378049fedc27d930eaaa0a37665627d1261861597a187eb3dab0eb0853391f078071e4b02b1268b981a1f7c108727b1f1b561fa8da2f20f27cfa533a8347827c44e3e98a263de8582905c7904d8af298c275c3eb1982f559d8effa856d8fe1fb8cbdb9ab2f30bf3e9234b14faee991b4b4d5c8a696d0e9671d647cee26e0356930ddc4bb2d349650bfcf76dc1e1cb14ce49f166b7643b1b2cfc12a6d9fe88f3ad23b000d29fcc21d9e25fbbfbd85f4a311ece0c8b4154c948f010d7a53d4164d1497bdcd651042c45862c711ea600edcc56f66aaa96190460b9c479fb906d690a7757f01a69cf2b7fdf6cb9908dd0f67cd8da488d02ed8103bdaa73275f8f994ce34b15e9f38fd991febb2c363b950bfb6dbc629add4cef9d88b9beadc4c7b3b5d3060828d8f9468f2268fe41d074e670fd281ff25c213ae6d5aab8cc22ec35fbae10f3bc679ca475c09bb4f20c0db308a01ae0753375b32784385bc7e352f6cff372fde0e25029c94033b575550e01c2c964f564d1a937dfa1dc33134be2f959d07b72ec5fbdc1008b7a1b6cd1edcaebf4a61e08d54e", @raw=0x1, 0xbe64, @_tid=r9}, &(0x7f0000000080)=0x7a) r10 = fcntl$auto_F_WRLCK(r8, 0x10001, 0x1) syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000027c0), r10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r5, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) 9.675489795s ago: executing program 0 (id=731): mmap$auto(0xf3, 0x202000d, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vcsu\x00', 0x108002, 0x0) r1 = epoll_create$auto(0x5a5d) epoll_ctl$auto(r1, 0x1, r0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) madvise$auto(0x0, 0x2003f0, 0x15) mlock$auto(0x5, 0xffff) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x11, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) r2 = socket(0x2, 0x1, 0x106) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) r3 = socket(0x1d, 0x2, 0x7) r4 = socket(0xa, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r5}, 0x6a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(r2, &(0x7f00000018c0)=@can={0x1d, r6}, 0x18) write$auto(0x3, 0x0, 0xfdef) 9.395404404s ago: executing program 1 (id=732): set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x6, 0x101, 0x1, 0xfffffffffffffff1, 0x2, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x43, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x4}, 0x3) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0x2, 0x10000, 0xfffffffffffffffe) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) rename$auto(&(0x7f0000000180)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) sendmsg$auto_NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="e691c090c0efa657e2d3e2c6b64d1f0900a303683edcf56a0eb332def739da14ba766a82a5bb3205497a50e53566fb243cf8120f040ca1d1184cc297ccddb67d4a4f84b56a6ffbddc7ca906846455a96558426dcb4ada40c84099bcd45589024ea36d1df087003cbd45175229bc4f446fb82bd69d7c8f041c4e87d59165ef67192f5cbed23d9f60d272cdc24fa5462a8a367f562f75f86ae2499115f1fdea51f26517a9e6028cb70577fa09110a3c49004ca3a4fcd23da7524f8", @ANYBLOB="20062abd7000fddbdf250200", @ANYRESDEC=r0], 0x9c}, 0x1, 0x0, 0x0, 0x1}, 0x40) open(0x0, 0x100, 0x80) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) ppoll$auto(0x0, 0x4007f, 0x0, &(0x7f00000001c0)={0x6}, 0x8) mount$auto(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='\x00\x00Qj\xdb\xe3Y>\x02\xc6q\xe7\x00\x8c', 0x1, &(0x7f0000000100)) madvise$auto(0x0, 0x1dcb, 0x18) madvise$auto(0x0, 0xffffffffffff0001, 0x15) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) mlockall$auto(0x7) socketpair$auto(0x7, 0x1fffffe, 0x315, 0x0) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) getpeername$auto(0xffffffffffffffff, 0x0, 0x0) 7.351124952s ago: executing program 0 (id=735): openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x8) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) setsockopt$auto_SO_OOBINLINE(r1, 0x3, 0xa, &(0x7f0000000140)='&\x00', 0x1d6) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x1, 0x0, 0x0, &(0x7f00000002c0)={[0x100000001, 0xfffffffffffffbff, 0xd, 0x1000001, 0x20009489, 0x3, 0x2, 0x5, 0x1, 0xb8, 0x7ffffffe, 0x3, 0x10000000006d3d, 0xa, 0x2, 0xfffffffffffffffa]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/deo1\x00\x00\x00\x00\x00\x00\x00', 0x100000a3d9) socket(0x25, 0x1, 0x0) setsockopt$auto(0x3, 0x6, 0x100000000, 0xfffffffffffffffc, 0xa) mlockall$auto(0x5) rt_sigprocmask$auto(0x26, &(0x7f0000000040)={0x80000000}, &(0x7f0000000080)={0x9}, 0x8) sendmsg$auto_OVS_DP_CMD_GET(0xffffffffffffffff, 0x0, 0x40c0) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xfffffdcb, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x200040c4}, 0x440c5) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x38, 0x100000001, 0xffffffff, 0x0, 0x0, 0x0, 0x1000000006, 0x10001, 0x7, 0x400, 0x7ffffffb, 0x5, 0xffffffff80000000, 0x5, 0x61, 0x103}) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) setsockopt$auto(0x3, 0x6a, 0x7, 0xffffffffffffffff, 0x3) write$auto(0xffffffffffffffff, 0x0, 0x1ff) mmap$auto(0xfffffffffffffffc, 0x6, 0x100, 0x17, 0x2, 0x7fff) close_range$auto(0x2, 0x8, 0x0) write$auto(r0, &(0x7f0000000100)='/dev/net/tun\x00', 0x4128) io_uring_setup$auto(0x6, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) ioctl$auto(r3, 0x4b45, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) 4.950275032s ago: executing program 1 (id=737): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x3, 0x6) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_REQ_SET_REG(r0, 0x0, 0x40) lsm_list_modules$auto(0x0, 0x0, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) open(0x0, 0x22240, 0x154) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa0440, 0x0) socket(0x1d, 0x5, 0x88) r2 = getsockopt$auto(0xffffffffffffffff, 0x1, 0x9, &(0x7f0000000240)='\xfd\x80\xa4\xa2\xc5\xd3\xcc\"\xcdHU\x15K\x14\x13:\x96\a\xea8\x19|\x97?_\xed\x01\x9b\x87V-\xe8&\xe2', 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000080)=""/64, 0x40) adjtimex$auto(&(0x7f00000004c0)={0xf332b6c, 0x0, 0x0, 0xfffffffffffffffd, 0x4ea, 0x1, 0x6, 0x0, 0x1, 0x0, 0x8, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x6, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000500)='/dev/video0\x00', 0x0, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="6c010000", @ANYRES16=0x0, @ANYBLOB="000227bd70fcfedbdf250d0000001400040077673000000000000000000000000000080001000300000005002400520000000500250001000000140004006261746164763000000000000000000003011880ba0cf9ccf8ecbd69e821bab4466ed767f4d7ca322f5bc818c075baee88106ed019b4f76e82e5b5af0f2683b2126e47fec0cc3cba32db387d396d53b8f11215633f02208882a53490b1f7ffb4525fac6f0e6217a35be60f3ba9f9d9e950104785fb964abbd37cd23de37c6f21ce233edb64b2becc535afe77f8d50931807d09ad5832e3c06104cbd8dbc1ee921df268a75d24d634cd2d050c7c76c822c4d750b42559d5c11ae4d77eb96310d0981b541e79bde793f5f2135761b14ddee59af2a6f456800573db0bbab70f7777e4cb372b9e8928fc0b390db09b4893b192be5470e0285622794d6a30fcb2455dd6f82e7c338724f8248233a8bc5276dd15b28c000c0006000600000000000000050026"], 0x16c}, 0x1, 0x0, 0x0, 0x20000010}, 0x44000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/general_profit\x00', 0xa800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f00000000c0)=""/34, 0x22) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x6483, 0x0) clock_adjtime$auto(0x6bc8, &(0x7f00000005c0)={0x7, 0x0, 0x8, 0x8000000000000001, 0x7, 0xfffffffffffffff7, 0x6, 0x0, 0x2, 0x2, 0x1, {0xc, 0x7}, 0x82ba, 0x7ff, 0x59d, 0x5, 0x0, 0x8000000000000000, 0x100000000, 0x6, 0x9, 0x7, 0x1000}) select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x200000000007, 0x1, 0x400000001, 0x4, 0x3, 0x7f, 0x3, 0x2, 0x9, 0x800, 0x7, 0x6d3f, 0x5, 0x9, 0x9]}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x100) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) 4.752141987s ago: executing program 3 (id=739): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) write$auto(0xffffffffffffffff, 0x0, 0x8) setsockopt$auto(0xffffffffffffffff, 0x6, 0xfffffdfe, 0x0, 0x7e) statmount$auto(0x0, 0x0, 0x1fe, 0x9) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(0xffffffffffffffff, 0x80083314, &(0x7f0000000040)=0xce) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) r0 = socket(0x10, 0x2, 0x0) setsockopt$auto_SO_RXQ_OVFL(r0, 0x1, 0x28, 0x0, 0x7) sendmmsg$auto(r0, 0x0, 0x7, 0x4008) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/netfilter/nfnetlink_queue\x00', 0x101000, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x12d280, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) getsockopt$auto(0xffffffffffffffff, 0x29, 0xd1, 0x0, 0x0) syz_clone3(&(0x7f0000000300)={0x12a004080, 0x0, 0x0, 0x0, {0x3b}, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[0x0], 0x1}, 0x58) acct$auto(&(0x7f0000000080)='@\x00') openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) 4.607626775s ago: executing program 3 (id=740): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103) open(&(0x7f0000000000)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00', 0x8000, 0x50) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd12/queue/max_segment_size\x00', 0x600, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001240)=""/236, 0xec) lseek$auto(0x3, 0x7ffffffffffffffd, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010029bd7000fedbdf25040000000c000180080001000100000004000a8008000800", @ANYRES32=r3, @ANYBLOB="0c0003000900000000000000140009800800020005000000080001"], 0x4c}, 0x1, 0x0, 0x0, 0x44000}, 0x14) r4 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_SET_SERVICE(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x9c, r4, 0x2, 0x70bd29, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}, @IPVS_CMD_ATTR_SERVICE={0x80, 0x1, 0x0, 0x1, [@typed={0x8, 0xf5, 0x0, 0x0, @u32=0x10}, @typed={0x14, 0xb1, 0x0, 0x0, @ipv6=@private2}, @nested={0x5d, 0x14a, 0x0, 0x1, [@generic="5769d1493a8cce3b7d0a2d3e973fd4ed866e0693274dbfb20e17e2edeb14ad31aca9ca73c57b79d6e654464ae15a66dcfeabbf4f9c1bf5b8ddd64a77a07a55124243ff865402b65f5479269318dba66b838a05663c", @nested={0x4, 0xb3}]}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x20000050}, 0x800) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) 4.379143514s ago: executing program 2 (id=741): madvise$auto_MADV_WIPEONFORK(0x9, 0xb, 0x12) (async) madvise$auto_MADV_WIPEONFORK(0xa, 0x8000000000000000, 0x12) madvise$auto_MADV_WIPEONFORK(0x80, 0x7, 0x12) (async) madvise$auto_MADV_WIPEONFORK(0x9, 0x0, 0x12) madvise$auto_MADV_WIPEONFORK(0x200, 0x80000001, 0x12) (async) madvise$auto_MADV_WIPEONFORK(0xff, 0x6, 0x12) (async) madvise$auto_MADV_WIPEONFORK(0x101, 0x1b, 0x12) (async) madvise$auto_MADV_WIPEONFORK(0xccd, 0x8000000000000001, 0x12) madvise$auto_MADV_WIPEONFORK(0x71a6, 0x4, 0x12) (async) madvise$auto_MADV_WIPEONFORK(0x81, 0x0, 0x12) (async) madvise$auto_MADV_WIPEONFORK(0x8, 0x1, 0x12) madvise$auto_MADV_WIPEONFORK(0x5, 0x80, 0x12) madvise$auto_MADV_WIPEONFORK(0x2, 0x1, 0x12) (async) madvise$auto_MADV_WIPEONFORK(0x6, 0x0, 0x12) (async) madvise$auto_MADV_WIPEONFORK(0x3d18, 0x4, 0x12) (async, rerun: 32) madvise$auto_MADV_WIPEONFORK(0x1ef, 0x3, 0x12) (rerun: 32) madvise$auto_MADV_WIPEONFORK(0x8, 0x2f9117e3, 0x12) (async, rerun: 64) madvise$auto_MADV_WIPEONFORK(0x9, 0x80000000, 0x12) (rerun: 64) madvise$auto_MADV_WIPEONFORK(0x0, 0xfffffffffffffaca, 0x12) madvise$auto_MADV_WIPEONFORK(0x81, 0x1, 0x12) madvise$auto_MADV_WIPEONFORK(0x3, 0x2, 0x12) (async) madvise$auto_MADV_WIPEONFORK(0x3, 0x4, 0x12) (async, rerun: 64) madvise$auto_MADV_WIPEONFORK(0x8000000000000001, 0xf199, 0x12) (async, rerun: 64) madvise$auto_MADV_WIPEONFORK(0x3ff, 0x8001, 0x12) (async) r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC0D0c\x00', 0x391082, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_UNLINK2(r0, 0x4161, 0x0) (async, rerun: 64) madvise$auto_MADV_WIPEONFORK(0x1, 0x6, 0x12) (async, rerun: 64) madvise$auto_MADV_WIPEONFORK(0x956, 0x80000001, 0x12) madvise$auto_MADV_WIPEONFORK(0x3fffc000000000, 0x8, 0x12) (async) madvise$auto_MADV_WIPEONFORK(0x554, 0x5, 0x12) 4.21321436s ago: executing program 0 (id=742): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) write$auto(0xffffffffffffffff, 0x0, 0x8) setsockopt$auto(0xffffffffffffffff, 0x6, 0xfffffdfe, 0x0, 0x7e) statmount$auto(0x0, 0x0, 0x1fe, 0x9) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(0xffffffffffffffff, 0x80083314, &(0x7f0000000040)=0xce) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) r0 = socket(0x10, 0x2, 0x0) setsockopt$auto_SO_RXQ_OVFL(r0, 0x1, 0x28, 0x0, 0x7) sendmmsg$auto(r0, 0x0, 0x7, 0x4008) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/netfilter/nfnetlink_queue\x00', 0x101000, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x12d280, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) getsockopt$auto(0xffffffffffffffff, 0x29, 0xd1, 0x0, 0x0) syz_clone3(&(0x7f0000000300)={0x12a004080, 0x0, 0x0, 0x0, {0x3b}, 0x0, 0x1e, 0x0, &(0x7f00000002c0)=[0x0], 0x1}, 0x58) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) 3.920337966s ago: executing program 2 (id=743): mmap$auto(0xf3, 0x202000d, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vcsu\x00', 0x108002, 0x0) r1 = epoll_create$auto(0x5a5d) epoll_ctl$auto(r1, 0x1, r0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) madvise$auto(0x0, 0x2003f0, 0x15) mlock$auto(0x5, 0xffff) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x11, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) r2 = socket(0x2, 0x1, 0x106) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) r3 = socket(0x1d, 0x2, 0x7) r4 = socket(0xa, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r5}, 0x6a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(r2, &(0x7f00000018c0)=@can={0x1d, r6}, 0x18) write$auto(0x3, 0x0, 0xfdef) 3.764622066s ago: executing program 1 (id=744): adjtimex$auto(&(0x7f0000001340)={0x2, 0x0, 0x5, 0x0, 0x0, 0x3, 0xffff, 0x0, 0x3, 0x8, 0x9, {0x3364a0ce, 0xa}, 0x10001, 0x5, 0x9, 0x3, 0x0, 0x80, 0x1, 0x2, 0x5, 0x82, 0xfb1}) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x0, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) ioperm$auto(0xc5, 0x3, 0xc115) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/loginuid\x00', 0x100, 0x0) close_range$auto(r0, 0x8, 0xfffffffc) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) r1 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NL80211_CMD_DEL_PMK(r1, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB="2e36dc88", @ANYRES16=0x0, @ANYBLOB="000126bd7000fddbdf257c00000005003e000600000038000d0152f78a0cfd9f7f89156af4d82560a51b1b7a719b146f4ef879956a904fc0115f5388d8ac323dfa39a9d8bc64c8b72cbbb12ab9b2080057003c09000006001a018c4100000c009900c0020000000000000400460104008700"], 0x78}, 0x1, 0x0, 0x0, 0x24044004}, 0x2004c011) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r4, 0x80045010, 0x0) mmap$auto(0x0, 0x20005, 0xdf, 0xeb1, r2, 0x3) r5 = open_by_handle_at$auto(r3, &(0x7f00000002c0)={0x1b, 0x136a, "8f42b1077e737d4629d7867bca48102625b1c2c21fa15504a19b9a"}, 0x7d) setsockopt$auto(r5, 0x1, 0x1021, 0x0, 0xd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x100000000, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) 3.692192334s ago: executing program 3 (id=745): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="655143d404262d72d4e812284e00022ebd700001dcdf2502000000080036000300080008000d0000000080"], 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) unlink$auto(&(0x7f0000000100)='./file0\x00') r0 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x1, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x200002, 0x5}, 0x803}, 0xfffffff9, 0x10, 0x0) write$auto_proc_clear_refs_operations_internal(r0, 0x0, 0xffffff4b) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) connect$auto(0xffffffffffffffff, &(0x7f00000000c0)=@phonet={0x23, 0x4, 0x6}, 0x200) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000001f00), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_BEARER_ENABLE(r2, &(0x7f0000003a80)={0x0, 0x0, &(0x7f0000003a40)={&(0x7f0000000080)={0x40, r3, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x2c, 0x1, 0x0, 0x1, [@typed={0x27, 0x1, 0x0, 0x0, @str='q\x1b[:+)*\\.#3T\xe23\x14@$\xe7\xd6\x15q\x97\xe5\xbf\xfc%\xe7\x12K1\xbad\xe0Hk'}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x1}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.655157987s ago: executing program 0 (id=746): set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x6, 0x101, 0x1, 0xfffffffffffffff1, 0x2, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x43, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x4}, 0x3) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0x2, 0x10000, 0xfffffffffffffffe) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) rename$auto(&(0x7f0000000180)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) sendmsg$auto_NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="e691c090c0efa657e2d3e2c6b64d1f0900a303683edcf56a0eb332def739da14ba766a82a5bb3205497a50e53566fb243cf8120f040ca1d1184cc297ccddb67d4a4f84b56a6ffbddc7ca906846455a96558426dcb4ada40c84099bcd45589024ea36d1df087003cbd45175229bc4f446fb82bd69d7c8f041c4e87d59165ef67192f5cbed23d9f60d272cdc24fa5462a8a367f562f75f86ae2499115f1fdea51f26517a9e6028cb70577fa09110a3c49004ca3a4fcd23da7524f8", @ANYBLOB="20062abd7000fddbdf250200", @ANYRESDEC=r0], 0x9c}, 0x1, 0x0, 0x0, 0x1}, 0x40) open(0x0, 0x100, 0x80) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) ppoll$auto(0x0, 0x4007f, 0x0, &(0x7f00000001c0)={0x6}, 0x8) mount$auto(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='\x00\x00Qj\xdb\xe3Y>\x02\xc6q\xe7\x00\xf6', 0x1, &(0x7f0000000100)) madvise$auto(0x0, 0x1dcb, 0x18) madvise$auto(0x0, 0xffffffffffff0001, 0x15) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) mlockall$auto(0x7) socketpair$auto(0x7, 0x1fffffe, 0x315, 0x0) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) getpeername$auto(0xffffffffffffffff, 0x0, 0x0) 2.317364804s ago: executing program 1 (id=747): r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000400)='/proc/tty/driver/serial\x00', 0x43102, 0x0) r1 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x7, 0x3a5a) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0xfffffff9, 0x120, 0x0, 0x1, 0x2) r3 = socket(0xa, 0x2, 0x3a) r4 = socket(0x10, 0x2, 0x7fff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="1e0027"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000040), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) r5 = syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x600002, 0x0) ptrace$auto(0x10, r5, 0x4, 0x8000040006) ptrace$auto(0xf, r5, 0xfffffffffffffffe, 0x8000000000000000) setsockopt$auto(r3, 0x29, 0x39, 0x0, 0x110) write$auto(r2, 0x0, 0x100000a3d9) r6 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r6, 0x80045010, &(0x7f0000004440)) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x1, 0x1021, 0x0, 0xd) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, 0x0, 0x101080, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x6, 0xffffffffffffffff, 0xffff) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r7 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYRESOCT, @ANYRES16=r0, @ANYRES8=r5], 0x64}, 0x1, 0x0, 0x0, 0x4008000}, 0x4000) read$auto(r7, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) 1.544505736s ago: executing program 2 (id=748): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = socket$nl_generic(0x10, 0x3, 0x10) connect$auto(0x3, &(0x7f00000000c0)=@vsock, 0x51) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000000), 0x80b02, 0x0) write$auto_vhci_fops_hci_vhci(r2, &(0x7f0000000100)="02a6c1dc", 0x4) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x2) open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72) socket(0x1e, 0x1, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x5, 0x400, 0x7, 0xeb1, r0, 0x8000) bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@can, 0x8) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) semctl$auto(0x7, 0x3, 0x13, 0x4000000000000010) lsm_list_modules$auto(0x0, 0x0, 0x0) sendmmsg$auto(r1, &(0x7f0000000000)={{0x0, 0x4, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0xff00) madvise$auto(0x0, 0xffffffffffff0005, 0x19) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x20b42, 0x0) socket(0x2, 0x1, 0x0) listen$auto(0x3, 0x81) accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff) shutdown$auto(0x200000003, 0x1) r3 = socket(0x28, 0x800, 0x3) setsockopt$auto(r3, 0x65, 0x1, 0x0, 0x800) bind$auto(0x3, &(0x7f0000000040)=@can, 0x6a) 1.395513214s ago: executing program 3 (id=749): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x9, 0x73) r1 = socket(0x10, 0x3, 0x6) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x20008041}, 0x0) mmap$auto(0x0, 0x4006020009, 0x2000000000000006, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x22240, 0x0) close_range$auto(r1, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x102, 0x0) write$auto(0x3, 0x0, 0x4fffffdf2) ioctl$auto(0x3, 0x402c542b, 0x38) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r2 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x69) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) shutdown$auto(r2, 0x1) ioctl$auto_TCSBRKP2(r0, 0x5425, &(0x7f0000000000)) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) socket(0x2b, 0x2, 0x4) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'dummy0\x00'}) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x2404c000) 484.330467ms ago: executing program 2 (id=750): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) write$auto(0xffffffffffffffff, 0x0, 0x8) setsockopt$auto(0xffffffffffffffff, 0x6, 0xfffffdfe, 0x0, 0x7e) statmount$auto(0x0, 0x0, 0x1fe, 0x9) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(0xffffffffffffffff, 0x80083314, &(0x7f0000000040)=0xce) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) r0 = socket(0x10, 0x2, 0x0) setsockopt$auto_SO_RXQ_OVFL(r0, 0x1, 0x28, 0x0, 0x7) sendmmsg$auto(r0, 0x0, 0x7, 0x4008) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/netfilter/nfnetlink_queue\x00', 0x101000, 0x0) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000000), 0x80201, 0x0) write$auto_safesetid_uid_file_fops_securityfs(r1, 0x0, 0x5ea) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x12d280, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) getsockopt$auto(0xffffffffffffffff, 0x29, 0xd1, 0x0, 0x0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x100, 0x0) ioctl$auto_SNDCTL_SEQ_OUTOFBAND(r2, 0x40085112, &(0x7f00000001c0)="ff") syz_clone3(&(0x7f0000000300)={0x12a004080, 0x0, 0x0, 0x0, {0x3b}, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[0x0], 0x1}, 0x58) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) 373.817319ms ago: executing program 3 (id=751): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000009c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_ACT(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000a00)={0x20, r1, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@ETHTOOL_A_CABLE_TEST_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x80) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop11\x00', 0x20000, 0x0) ioctl$auto_BLKBSZGET(r3, 0x80081270, &(0x7f00000001c0)=0xbbc) getsockopt$auto_SO_KEEPALIVE(r3, 0x9df438b, 0x9, &(0x7f0000000040)='ethtool\x00', &(0x7f0000000080)=0x8) 221.537713ms ago: executing program 2 (id=752): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x14) socket(0x11, 0x80003, 0x300) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) ioctl$auto_BLKRRPART(r0, 0x125f, 0x0) ioctl$auto_IOC_PR_RELEASE(r0, 0x401070ca, &(0x7f0000000300)={0xa, 0xfff, 0x7fff}) socket(0x2, 0x80002, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x11, 0x80003, 0x300) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) r3 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/wchan\x00', 0xc8400, 0x0) read$auto_proc_single_file_operations_base(r4, &(0x7f0000000080)=""/112, 0x70) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(r2, &(0x7f00000001c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c00000060d93e46e43ccf30baa9f3c9770cb64f122b448ede07e5d4558afd55e5e7a189db9fac04b8ba111583c7fb1a48e5403c529e21a4eebc779a9a49d34ab17c75966f9b09e0c100394f2bf735fb26cf76aa2c69fd936389", @ANYRES16=0x0, @ANYBLOB="00042abd7000fddbdf25010000000800070005000000"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x8000) socket(0xa, 0x2, 0x0) r5 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r5, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYRES16], 0x1ac}}, 0x8000) ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r3, 0x80045105, &(0x7f00000002c0)="4e670bdfb7f89afb01cde5d134de9f71f46e43b5") sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) acct$auto(&(0x7f0000000000)='/dev/fb0\x00') openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000003b80)='/dev/snd/pcmC0D0c\x00', 0x8100, 0x0) 182.400357ms ago: executing program 3 (id=753): socket(0x2, 0x2, 0x0) r0 = socket(0x2, 0x2, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0xffff, @loopback}, 0x67) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) select$auto(0x9, &(0x7f0000000040)={[0xd, 0x7, 0xfff, 0x8000000000000000, 0x0, 0x9, 0x6f, 0x400, 0x4, 0x3, 0x6, 0x200, 0x3, 0x0, 0xb, 0xffffffffffffffff]}, &(0x7f00000000c0)={[0x6, 0x0, 0xffffffff, 0xf13, 0x40, 0x3, 0x100000001, 0x7, 0x5, 0x9, 0xffff, 0x7ff, 0xda7, 0xf480, 0x6, 0x3e]}, &(0x7f0000000140)={[0x6, 0xae, 0x49, 0x200, 0x9d5f, 0x8, 0xe0ab, 0x7, 0x9, 0x98, 0x2, 0xabd4, 0xc, 0x3, 0x8, 0x691b4b6e]}, &(0x7f00000001c0)={0x3, 0x80000001}) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/devices/virtual/block/loop1/queue/wbt_lat_usec\x00', 0x2062, 0x0) write$auto(r2, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x9) ioctl$auto(r1, 0x400454ca, 0x38) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x80900, 0x0) openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, 0x0, 0x20a01, 0x0) ioctl$auto_BLKFLSBUF(r3, 0x1261, 0x0) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcsa\x00', 0x80, 0x0) mmap$auto(0xb2, 0x14, 0xffb, 0x8000000008015, 0xffffffffffffffff, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) io_uring_setup$auto(0x3501, &(0x7f0000000080)={0x80, 0x1000, 0x8, 0x5, 0x3, 0xfffffff1, 0xffffffffffffffff, [0xbc, 0xffff, 0x40], {0x81, 0x9, 0x0, 0x80000000, 0x3, 0x101, 0xffff, 0x0, 0x6}, {0x7, 0xa, 0xf, 0x7fff, 0x3, 0x0, 0x0, 0xfffffffa, 0xc}}) ioctl$auto_BLKTRACETEARDOWN(r3, 0x1276, 0x0) mmap$auto(0x8000000000002001, 0x20009, 0xdf, 0x15, r4, 0x8000) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x11, 0x0, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty48\x00', 0x880, 0x0) ioctl$auto(r5, 0x5609, 0xffffffffffffffff) madvise$auto(0x0, 0x20499d, 0x9) r6 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NET_SHAPER_CMD_GET2(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r6, 0x200, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4000003}, 0x800) 0s ago: executing program 2 (id=754): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) write$auto(0xffffffffffffffff, 0x0, 0x8) setsockopt$auto(0xffffffffffffffff, 0x6, 0xfffffdfe, 0x0, 0x7e) statmount$auto(0x0, 0x0, 0x1fe, 0x9) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(0xffffffffffffffff, 0x80083314, &(0x7f0000000040)=0xce) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) r0 = socket(0x10, 0x2, 0x0) setsockopt$auto_SO_RXQ_OVFL(r0, 0x1, 0x28, 0x0, 0x7) sendmmsg$auto(r0, 0x0, 0x7, 0x4008) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/netfilter/nfnetlink_queue\x00', 0x101000, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x12d280, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) getsockopt$auto(0xffffffffffffffff, 0x29, 0xd1, 0x0, 0x0) syz_clone3(&(0x7f0000000300)={0x12a004080, 0x0, 0x0, 0x0, {0x3b}, 0x0, 0x1f, 0x0, &(0x7f00000002c0)=[0x0], 0x1}, 0x58) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.29' (ED25519) to the list of known hosts. [ 96.855418][ T5823] cgroup: Unknown subsys name 'net' [ 96.955777][ T5823] cgroup: Unknown subsys name 'cpuset' [ 96.965273][ T5823] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 98.945925][ T5823] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 101.208922][ T5844] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 101.217864][ T5844] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 101.229484][ T5844] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 101.237957][ T5844] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 101.244390][ T5845] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 101.247690][ T5844] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 101.260418][ T5844] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 101.268889][ T5845] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 101.269122][ T5844] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 101.283387][ T5846] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 101.285601][ T5844] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 101.292079][ T5845] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 101.306876][ T5844] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 101.315186][ T5844] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 101.322972][ T5845] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 101.330573][ T5850] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 101.344711][ T5845] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 101.353417][ T5844] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 101.353910][ T5845] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 101.375927][ T5845] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 101.983216][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 102.052358][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 102.132003][ T5832] chnl_net:caif_netlink_parms(): no params data found [ 102.221701][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 102.346747][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.354163][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.363229][ T5833] bridge_slave_0: entered allmulticast mode [ 102.370952][ T5833] bridge_slave_0: entered promiscuous mode [ 102.381453][ T9] cfg80211: failed to load regulatory.db [ 102.406931][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.414333][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.422698][ T5835] bridge_slave_0: entered allmulticast mode [ 102.430823][ T5835] bridge_slave_0: entered promiscuous mode [ 102.469338][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.476526][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.484329][ T5833] bridge_slave_1: entered allmulticast mode [ 102.491910][ T5833] bridge_slave_1: entered promiscuous mode [ 102.521720][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.528985][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.536184][ T5835] bridge_slave_1: entered allmulticast mode [ 102.544434][ T5835] bridge_slave_1: entered promiscuous mode [ 102.568180][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.575443][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.583042][ T5832] bridge_slave_0: entered allmulticast mode [ 102.590887][ T5832] bridge_slave_0: entered promiscuous mode [ 102.599653][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.606797][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.614843][ T5832] bridge_slave_1: entered allmulticast mode [ 102.622908][ T5832] bridge_slave_1: entered promiscuous mode [ 102.688246][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 102.729933][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 102.756943][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 102.766744][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.774563][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.782091][ T5834] bridge_slave_0: entered allmulticast mode [ 102.792140][ T5834] bridge_slave_0: entered promiscuous mode [ 102.802535][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 102.829408][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 102.843615][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 102.873340][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.880586][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.888600][ T5834] bridge_slave_1: entered allmulticast mode [ 102.896009][ T5834] bridge_slave_1: entered promiscuous mode [ 102.977588][ T5835] team0: Port device team_slave_0 added [ 103.001683][ T5833] team0: Port device team_slave_0 added [ 103.011447][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 103.025270][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 103.036558][ T5835] team0: Port device team_slave_1 added [ 103.047014][ T5832] team0: Port device team_slave_0 added [ 103.055378][ T5833] team0: Port device team_slave_1 added [ 103.110390][ T5832] team0: Port device team_slave_1 added [ 103.181730][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.190354][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.217314][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.230141][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.237452][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.263573][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.279232][ T5834] team0: Port device team_slave_0 added [ 103.299745][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.306756][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.332994][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.345371][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.352587][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.378617][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.399880][ T5834] team0: Port device team_slave_1 added [ 103.408385][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.415380][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.442031][ T5845] Bluetooth: hci2: command tx timeout [ 103.442037][ T5844] Bluetooth: hci0: command tx timeout [ 103.442406][ T5844] Bluetooth: hci3: command tx timeout [ 103.458871][ T5839] Bluetooth: hci1: command tx timeout [ 103.465242][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.500752][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.508163][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.534690][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.636568][ T5833] hsr_slave_0: entered promiscuous mode [ 103.644021][ T5833] hsr_slave_1: entered promiscuous mode [ 103.666294][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.673966][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.700444][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.713707][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.720793][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.746863][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.764325][ T5835] hsr_slave_0: entered promiscuous mode [ 103.771890][ T5835] hsr_slave_1: entered promiscuous mode [ 103.780990][ T5835] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 103.789029][ T5835] Cannot create hsr debugfs directory [ 103.853293][ T5832] hsr_slave_0: entered promiscuous mode [ 103.860379][ T5832] hsr_slave_1: entered promiscuous mode [ 103.866536][ T5832] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 103.874875][ T5832] Cannot create hsr debugfs directory [ 104.012026][ T5834] hsr_slave_0: entered promiscuous mode [ 104.018777][ T5834] hsr_slave_1: entered promiscuous mode [ 104.024939][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 104.032734][ T5834] Cannot create hsr debugfs directory [ 104.464858][ T5833] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 104.482633][ T5833] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 104.504965][ T5833] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 104.528841][ T5833] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 104.582569][ T5835] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 104.606573][ T5835] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 104.631569][ T5835] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 104.666497][ T5835] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 104.704241][ T5832] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 104.736612][ T5832] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 104.750005][ T5832] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 104.774251][ T5832] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 104.872602][ T5834] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 104.900201][ T5834] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 104.912351][ T5834] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 104.946392][ T5834] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 105.092158][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.114463][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.184716][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.226114][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.237160][ T1162] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.245119][ T1162] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.271879][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.291540][ T1162] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.298851][ T1162] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.312302][ T1162] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.319524][ T1162] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.348608][ T153] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.355817][ T153] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.395301][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.412990][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.450809][ T1162] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.458050][ T1162] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.497686][ T5844] Bluetooth: hci3: command tx timeout [ 105.503190][ T5844] Bluetooth: hci2: command tx timeout [ 105.508810][ T5839] Bluetooth: hci1: command tx timeout [ 105.508829][ T5842] Bluetooth: hci0: command tx timeout [ 105.524148][ T1162] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.531342][ T1162] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.551598][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.590453][ T1162] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.597711][ T1162] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.630952][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.638195][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.226561][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.304552][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.405187][ T5833] veth0_vlan: entered promiscuous mode [ 106.440902][ T5833] veth1_vlan: entered promiscuous mode [ 106.490893][ T5835] veth0_vlan: entered promiscuous mode [ 106.503440][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.526162][ T5835] veth1_vlan: entered promiscuous mode [ 106.556675][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.624276][ T5835] veth0_macvtap: entered promiscuous mode [ 106.643040][ T5835] veth1_macvtap: entered promiscuous mode [ 106.670865][ T5833] veth0_macvtap: entered promiscuous mode [ 106.696875][ T5833] veth1_macvtap: entered promiscuous mode [ 106.720403][ T5832] veth0_vlan: entered promiscuous mode [ 106.743905][ T5834] veth0_vlan: entered promiscuous mode [ 106.757014][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.773836][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 106.795372][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.808712][ T5832] veth1_vlan: entered promiscuous mode [ 106.826002][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 106.835347][ T5834] veth1_vlan: entered promiscuous mode [ 106.843889][ T5835] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.853108][ T5835] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.862865][ T5835] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.871758][ T5835] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.893542][ T5833] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.902625][ T5833] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.911858][ T5833] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.921032][ T5833] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.016861][ T5832] veth0_macvtap: entered promiscuous mode [ 107.037852][ T5832] veth1_macvtap: entered promiscuous mode [ 107.106095][ T5834] veth0_macvtap: entered promiscuous mode [ 107.158929][ T5834] veth1_macvtap: entered promiscuous mode [ 107.177693][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.180913][ T1149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.185695][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.213897][ T1149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.217664][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.264675][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.299136][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.307869][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.322658][ T5832] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.331682][ T5832] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.343592][ T5832] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.352940][ T5832] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.368759][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.376651][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.384374][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.464355][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.473557][ T5835] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 107.515163][ T5834] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.525143][ T5834] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.534086][ T5834] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.542896][ T5834] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.577700][ T5845] Bluetooth: hci1: command tx timeout [ 107.578283][ T5844] Bluetooth: hci3: command tx timeout [ 107.583291][ T5842] Bluetooth: hci2: command tx timeout [ 107.589295][ T5844] Bluetooth: hci0: command tx timeout [ 107.761392][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.790893][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.896125][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.925094][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.045992][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.076672][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.101105][ T5933] Zero length message leads to an empty skb [ 108.528079][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.560772][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.303775][ T5958] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 109.657838][ T5842] Bluetooth: hci2: command tx timeout [ 109.657875][ T5844] Bluetooth: hci0: command tx timeout [ 109.657921][ T5844] Bluetooth: hci3: command tx timeout [ 109.674933][ T5845] Bluetooth: hci1: command tx timeout [ 109.718012][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 109.805160][ T5971] netlink: 'syz.3.11': attribute type 1 has an invalid length. [ 109.807532][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 109.830916][ T5971] netlink: 'syz.3.11': attribute type 1 has an invalid length. [ 110.130498][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 110.140662][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 110.193772][ T5963] virtio-pci 0000:00:04.0: [Firmware Bug]: Overriding NUMA node to 0. Contact your vendor for updates. [ 110.497832][ T5986] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 111.139945][ T0] NOHZ tick-stop error: local softirq work is pending, handler #340!!! [ 111.413920][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 111.421879][ T5997] capability: warning: `syz.2.19' uses 32-bit capabilities (legacy support in use) [ 111.847420][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 111.856465][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 111.867503][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 111.958849][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.801485][ T6040] syz.2.26 (6040) used greatest stack depth: 19800 bytes left [ 117.266820][ T6067] FAULT_INJECTION: forcing a failure. [ 117.266820][ T6067] name failslab, interval 1, probability 0, space 0, times 1 [ 117.310432][ T6067] CPU: 0 UID: 0 PID: 6067 Comm: syz.0.33 Tainted: G I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 117.310490][ T6067] Tainted: [I]=FIRMWARE_WORKAROUND [ 117.310502][ T6067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 117.310531][ T6067] Call Trace: [ 117.310546][ T6067] [ 117.310563][ T6067] dump_stack_lvl+0x16c/0x1f0 [ 117.310635][ T6067] should_fail_ex+0x512/0x640 [ 117.310689][ T6067] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 117.310749][ T6067] should_failslab+0xc2/0x120 [ 117.310783][ T6067] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 117.310837][ T6067] ? d_instantiate+0x77/0x90 [ 117.310867][ T6067] ? alloc_empty_file+0x55/0x1e0 [ 117.310907][ T6067] alloc_empty_file+0x55/0x1e0 [ 117.310944][ T6067] alloc_file_pseudo+0x13a/0x230 [ 117.310980][ T6067] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 117.311027][ T6067] ioctx_alloc+0x5ab/0x2120 [ 117.311087][ T6067] ? find_held_lock+0x2b/0x80 [ 117.311120][ T6067] ? __pfx_ioctx_alloc+0x10/0x10 [ 117.311160][ T6067] ? __might_fault+0x13b/0x190 [ 117.311229][ T6067] __x64_sys_io_setup+0xc9/0x210 [ 117.311279][ T6067] do_syscall_64+0xcd/0x490 [ 117.311330][ T6067] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.311362][ T6067] RIP: 0033:0x7f3f23f8e929 [ 117.311394][ T6067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 117.311425][ T6067] RSP: 002b:00007f3f24e88038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 117.311454][ T6067] RAX: ffffffffffffffda RBX: 00007f3f241b5fa0 RCX: 00007f3f23f8e929 [ 117.311472][ T6067] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 117.311492][ T6067] RBP: 00007f3f24010b39 R08: 0000000000000000 R09: 0000000000000000 [ 117.311512][ T6067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 117.311531][ T6067] R13: 0000000000000000 R14: 00007f3f241b5fa0 R15: 00007ffc5faa4188 [ 117.311574][ T6067] [ 118.255361][ T6072] kexec: Could not allocate control_code_buffer [ 118.478152][ T6081] ptrace attach of "./syz-executor exec"[6082] was attempted by "./syz-executor exec"[6081] [ 118.772506][ T6087] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 119.621390][ T6099] ptrace attach of "./syz-executor exec"[5832] was attempted by ""[6099] [ 120.641681][ T6107] netlink: 28 bytes leftover after parsing attributes in process `syz.3.41'. [ 120.849504][ T6107] team0: Port device team_slave_0 removed [ 122.447807][ T6125] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 124.618087][ T6148] size and base must be multiples of 4 kiB [ 124.623996][ T6148] CPU: 0 UID: 0 PID: 6148 Comm: syz.3.49 Tainted: G I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 124.624050][ T6148] Tainted: [I]=FIRMWARE_WORKAROUND [ 124.624062][ T6148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 124.624082][ T6148] Call Trace: [ 124.624094][ T6148] [ 124.624106][ T6148] dump_stack_lvl+0x16c/0x1f0 [ 124.624161][ T6148] mtrr_del+0xd1/0x110 [ 124.624204][ T6148] mtrr_ioctl+0x922/0xcf0 [ 124.624248][ T6148] ? __pfx_mtrr_ioctl+0x10/0x10 [ 124.624300][ T6148] ? find_held_lock+0x2b/0x80 [ 124.624345][ T6148] ? __fget_files+0x20e/0x3c0 [ 124.624396][ T6148] ? __pfx_mtrr_ioctl+0x10/0x10 [ 124.624439][ T6148] proc_reg_unlocked_ioctl+0x226/0x320 [ 124.624492][ T6148] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 124.624551][ T6148] __x64_sys_ioctl+0x18e/0x210 [ 124.624596][ T6148] do_syscall_64+0xcd/0x490 [ 124.624649][ T6148] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.624683][ T6148] RIP: 0033:0x7f33eef8e929 [ 124.624709][ T6148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.624750][ T6148] RSP: 002b:00007f33efd3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 124.624782][ T6148] RAX: ffffffffffffffda RBX: 00007f33ef1b5fa0 RCX: 00007f33eef8e929 [ 124.624804][ T6148] RDX: 0000000000000007 RSI: 0000000040104d04 RDI: 0000000000000002 [ 124.624824][ T6148] RBP: 00007f33ef010b39 R08: 0000000000000000 R09: 0000000000000000 [ 124.624844][ T6148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 124.624863][ T6148] R13: 0000000000000000 R14: 00007f33ef1b5fa0 R15: 00007ffe8b9d5158 [ 124.624905][ T6148] [ 125.586294][ T6135] kexec: Could not allocate control_code_buffer [ 125.731714][ T6158] ptrace attach of "./syz-executor exec"[6160] was attempted by "./syz-executor exec"[6158] [ 130.213166][ T6199] netlink: 'syz.1.61': attribute type 2 has an invalid length. [ 131.504781][ T6197] kexec: Could not allocate control_code_buffer [ 133.211850][ T6238] blkio.reset_stats is deprecated [ 135.971523][ T6250] kexec: Could not allocate control_code_buffer [ 136.501050][ T6278] ptrace attach of "./syz-executor exec"[6280] was attempted by "./syz-executor exec"[6278] [ 137.828779][ T6295] process 'syz.3.82' launched './file0' with NULL argv: empty string added [ 139.729395][ T6327] deleting an unspecified loop device is not supported. [ 143.342730][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.349753][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 144.350787][ T6377] netlink: 342 bytes leftover after parsing attributes in process `syz.2.101'. [ 149.233153][ T6433] ptrace attach of "./syz-executor exec"[6437] was attempted by "./syz-executor exec"[6433] [ 150.604980][ T6449] sd 0:0:1:0: PR command failed: 1026 [ 150.668845][ T6449] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 150.675737][ T6449] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 150.781600][ T6451] random: crng reseeded on system resumption [ 150.809650][ T6450] Setting dangerous option i915.mitigations - tainting kernel [ 151.717244][ T31] audit: type=1806 audit(6044162247.551:2): res=-14 [ 154.371848][ T6491] FAULT_INJECTION: forcing a failure. [ 154.371848][ T6491] name failslab, interval 1, probability 0, space 0, times 0 [ 154.454470][ T6491] CPU: 0 UID: 0 PID: 6491 Comm: syz.3.125 Tainted: G U I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 154.454529][ T6491] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 154.454542][ T6491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 154.454561][ T6491] Call Trace: [ 154.454572][ T6491] [ 154.454585][ T6491] dump_stack_lvl+0x16c/0x1f0 [ 154.454639][ T6491] should_fail_ex+0x512/0x640 [ 154.454692][ T6491] ? __kmalloc_noprof+0xbf/0x510 [ 154.454747][ T6491] ? sk_prot_alloc+0x1a8/0x2a0 [ 154.454777][ T6491] should_failslab+0xc2/0x120 [ 154.454809][ T6491] __kmalloc_noprof+0xd2/0x510 [ 154.454866][ T6491] ? evm_inode_alloc_security+0x49/0xc0 [ 154.454930][ T6491] sk_prot_alloc+0x1a8/0x2a0 [ 154.454967][ T6491] sk_alloc+0x36/0xc20 [ 154.455014][ T6491] __netlink_create+0x5e/0x2c0 [ 154.455066][ T6491] __netlink_kernel_create+0xed/0x750 [ 154.455102][ T6491] ? __pfx___netlink_kernel_create+0x10/0x10 [ 154.455173][ T6491] uevent_net_init+0xf8/0x350 [ 154.455207][ T6491] ? __pfx_uevent_net_init+0x10/0x10 [ 154.455242][ T6491] ? __pfx_uevent_net_rcv+0x10/0x10 [ 154.455289][ T6491] ? __pfx_uevent_net_init+0x10/0x10 [ 154.455319][ T6491] ops_init+0x1e2/0x5f0 [ 154.455384][ T6491] setup_net+0x1ff/0x510 [ 154.455435][ T6491] ? lockdep_init_map_type+0x5c/0x280 [ 154.455491][ T6491] ? __pfx_setup_net+0x10/0x10 [ 154.455548][ T6491] ? debug_mutex_init+0x37/0x70 [ 154.455586][ T6491] copy_net_ns+0x2a6/0x5f0 [ 154.455624][ T6491] create_new_namespaces+0x3ea/0xa90 [ 154.455671][ T6491] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 154.455713][ T6491] ksys_unshare+0x45b/0xa40 [ 154.455760][ T6491] ? __pfx_ksys_unshare+0x10/0x10 [ 154.455807][ T6491] ? xfd_validate_state+0x61/0x180 [ 154.455865][ T6491] __x64_sys_unshare+0x31/0x40 [ 154.455910][ T6491] do_syscall_64+0xcd/0x490 [ 154.455963][ T6491] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.455997][ T6491] RIP: 0033:0x7f33eef8e929 [ 154.456023][ T6491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.456056][ T6491] RSP: 002b:00007f33efd1a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 154.456086][ T6491] RAX: ffffffffffffffda RBX: 00007f33ef1b6080 RCX: 00007f33eef8e929 [ 154.456108][ T6491] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 154.456127][ T6491] RBP: 00007f33ef010b39 R08: 0000000000000000 R09: 0000000000000000 [ 154.456146][ T6491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 154.456165][ T6491] R13: 0000000000000000 R14: 00007f33ef1b6080 R15: 00007ffe8b9d5158 [ 154.456207][ T6491] [ 154.757297][ T6491] kobject_uevent: unable to create netlink socket! [ 156.198508][ T6499] kexec: Could not allocate control_code_buffer [ 158.245013][ T6517] kexec: Could not allocate control_code_buffer [ 158.654540][ T6545] ptrace attach of "./syz-executor exec"[6546] was attempted by "./syz-executor exec"[6545] [ 164.621205][ T6597] kexec: Could not allocate control_code_buffer [ 167.349781][ T6634] FAULT_INJECTION: forcing a failure. [ 167.349781][ T6634] name failslab, interval 1, probability 0, space 0, times 0 [ 167.504577][ T6634] CPU: 1 UID: 0 PID: 6634 Comm: syz.1.151 Tainted: G U I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 167.504639][ T6634] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 167.504653][ T6634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 167.504673][ T6634] Call Trace: [ 167.504684][ T6634] [ 167.504698][ T6634] dump_stack_lvl+0x16c/0x1f0 [ 167.504755][ T6634] should_fail_ex+0x512/0x640 [ 167.504808][ T6634] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 167.504875][ T6634] should_failslab+0xc2/0x120 [ 167.504913][ T6634] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 167.504975][ T6634] ? drm_atomic_get_connector_state+0x231/0x740 [ 167.505026][ T6634] krealloc_noprof+0x1fc/0x370 [ 167.505087][ T6634] drm_atomic_get_connector_state+0x231/0x740 [ 167.505138][ T6634] drm_atomic_add_affected_connectors+0x2e0/0x3f0 [ 167.505188][ T6634] ? __pfx_drm_atomic_add_affected_connectors+0x10/0x10 [ 167.505236][ T6634] ? ww_mutex_lock+0x37/0x160 [ 167.505288][ T6634] ? modeset_lock+0x114/0x6e0 [ 167.505351][ T6634] __drm_atomic_helper_set_config+0x5ef/0xea0 [ 167.505401][ T6634] ? __pfx___drm_atomic_helper_set_config+0x10/0x10 [ 167.505453][ T6634] ? drm_client_rotation+0x4da/0x6a0 [ 167.505500][ T6634] drm_client_modeset_commit_atomic+0x53d/0x7e0 [ 167.505558][ T6634] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 167.505649][ T6634] drm_client_modeset_commit_locked+0x14d/0x580 [ 167.505699][ T6634] drm_client_modeset_commit+0x4f/0x80 [ 167.505741][ T6634] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 167.505781][ T6634] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 167.505834][ T6634] drm_fbdev_client_restore+0x2c/0x40 [ 167.505884][ T6634] drm_client_dev_restore+0x1f6/0x2a0 [ 167.505933][ T6634] drm_release+0x2c4/0x360 [ 167.505974][ T6634] ? __pfx_drm_release+0x10/0x10 [ 167.506008][ T6634] __fput+0x402/0xb70 [ 167.506055][ T6634] task_work_run+0x150/0x240 [ 167.506111][ T6634] ? __pfx_task_work_run+0x10/0x10 [ 167.506164][ T6634] ? __pfx___do_sys_close_range+0x10/0x10 [ 167.506234][ T6634] exit_to_user_mode_loop+0xeb/0x110 [ 167.506291][ T6634] do_syscall_64+0x3f6/0x490 [ 167.506344][ T6634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.506379][ T6634] RIP: 0033:0x7ff491d8e929 [ 167.506407][ T6634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 167.506440][ T6634] RSP: 002b:00007ff492be7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 167.506472][ T6634] RAX: 0000000000000000 RBX: 00007ff491fb6080 RCX: 00007ff491d8e929 [ 167.506494][ T6634] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 167.506513][ T6634] RBP: 00007ff491e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 167.506534][ T6634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 167.506553][ T6634] R13: 0000000000000000 R14: 00007ff491fb6080 R15: 00007ffc28bf5fe8 [ 167.506600][ T6634] [ 168.089840][ T6643] device-mapper: ioctl: Invalid data size in the ioctl structure: 0 [ 170.830218][ T6665] kexec: Could not allocate control_code_buffer [ 171.400279][ T6690] netlink: 20 bytes leftover after parsing attributes in process `syz.1.165'. [ 171.672505][ T6690] hsr_slave_0 (unregistering): left promiscuous mode [ 172.221414][ T6689] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 172.250268][ T6689] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 172.283864][ T6689] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 172.305979][ T6689] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 172.347409][ T6689] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 172.370877][ T6713] syz.1.168 uses obsolete (PF_INET,SOCK_PACKET) [ 172.948053][ T6689] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 173.251078][ T6689] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 173.258918][ T6689] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 173.302745][ T6689] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 173.346667][ T6689] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 173.380759][ T6689] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 173.426364][ T6689] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 173.452881][ T6724] netlink: zone id is out of range [ 173.467146][ T6724] netlink: zone id is out of range [ 173.501433][ T6724] netlink: zone id is out of range [ 173.512113][ T6724] netlink: zone id is out of range [ 173.518804][ T6724] netlink: zone id is out of range [ 173.530103][ T6724] netlink: zone id is out of range [ 173.535387][ T6724] netlink: zone id is out of range [ 173.558126][ T6724] netlink: zone id is out of range [ 173.563506][ T6724] netlink: zone id is out of range [ 173.572815][ T6724] netlink: zone id is out of range [ 173.740702][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 174.377207][ T5845] Bluetooth: hci3: command 0x0c1a tx timeout [ 175.338427][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 175.484735][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 175.847564][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 176.457264][ T5845] Bluetooth: hci3: command 0x0c1a tx timeout [ 177.437200][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 177.497213][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 177.899758][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 177.939569][ T6745] kexec: Could not allocate control_code_buffer [ 178.333768][ T6764] netlink: 8 bytes leftover after parsing attributes in process `syz.0.179'. [ 178.397406][ T6764] nbd: must specify a device to reconfigure [ 178.439603][ T6764] mmap: syz.0.179 (6764) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 178.540156][ T5845] Bluetooth: hci3: command 0x0c1a tx timeout [ 178.688928][ T6765] MTRR 1 not used [ 179.507308][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 179.577214][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 181.845904][ T6793] Invalid ELF header magic: != ELF [ 182.695347][ T6818] ======================================================= [ 182.695347][ T6818] WARNING: The mand mount option has been deprecated and [ 182.695347][ T6818] and is ignored by this kernel. Remove the mand [ 182.695347][ T6818] option from the mount to silence this warning. [ 182.695347][ T6818] ======================================================= [ 184.164243][ T6830] kexec: Could not allocate control_code_buffer [ 184.247687][ T6829] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 184.290025][ T6836] ptrace attach of "./syz-executor exec"[6838] was attempted by "./syz-executor exec"[6836] [ 184.290725][ T6829] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 184.397604][ T6829] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 184.403929][ T6829] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 185.337167][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 186.397131][ T5845] Bluetooth: hci3: command 0x0c1a tx timeout [ 186.458424][ T5844] Bluetooth: hci2: command 0x0c1a tx timeout [ 186.467251][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 187.384521][ T6862] netlink: 334 bytes leftover after parsing attributes in process `syz.2.196'. [ 189.441462][ C1] vcan0: j1939_xtp_rx_dpo: no connection found [ 189.484399][ T6873] svc: failed to register nfsdv3 RPC service (errno 111). [ 189.530037][ T6873] svc: failed to register nfsaclv3 RPC service (errno 111). [ 190.198053][ C1] vcan0: j1939_tp_rxtimer: 0xffff88802850cc00: rx timeout, send abort [ 190.707613][ C1] vcan0: j1939_tp_rxtimer: 0xffff88802850cc00: abort rx timeout. Force session deactivation [ 192.018849][ T6902] netlink: 28 bytes leftover after parsing attributes in process `syz.1.206'. [ 192.243009][ T6891] kexec: Could not allocate control_code_buffer [ 192.638333][ T6908] netlink: 24 bytes leftover after parsing attributes in process `syz.2.207'. [ 193.062880][ T6917] kexec: Could not allocate control_code_buffer [ 197.515223][ T6959] kexec: Could not allocate control_code_buffer [ 204.787744][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.794148][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 205.781448][ T31] audit: type=1804 audit(6044162301.658:3): pid=7047 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.237" name="/newroot/60/file0" dev="tmpfs" ino=334 res=1 errno=0 [ 205.901461][ T31] audit: type=1804 audit(6044162301.718:4): pid=7044 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.237" name="/newroot/60/file0" dev="tmpfs" ino=334 res=1 errno=0 [ 206.258856][ T7055] vivid-009: ================= START STATUS ================= [ 206.359999][ T7055] vivid-009: Enable Output Cropping: true grabbed [ 206.418503][ T7055] vivid-009: Enable Output Composing: true grabbed [ 206.425160][ T7055] vivid-009: Enable Output Scaler: true grabbed [ 206.456918][ T7043] FAULT_INJECTION: forcing a failure. [ 206.456918][ T7043] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 206.567848][ T7043] CPU: 1 UID: 0 PID: 7043 Comm: syz.0.237 Tainted: G U I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 206.567904][ T7043] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 206.567917][ T7043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 206.567936][ T7043] Call Trace: [ 206.567946][ T7043] [ 206.567962][ T7043] dump_stack_lvl+0x16c/0x1f0 [ 206.568016][ T7043] should_fail_ex+0x512/0x640 [ 206.568072][ T7043] _copy_from_user+0x2e/0xd0 [ 206.568104][ T7043] get_timespec64+0x8b/0x1b0 [ 206.568144][ T7043] ? __pfx_get_timespec64+0x10/0x10 [ 206.568188][ T7043] ? common_nsleep+0xa1/0xd0 [ 206.568230][ T7043] __x64_sys_clock_nanosleep+0x1ce/0x4a0 [ 206.568289][ T7043] ? __pfx___x64_sys_clock_nanosleep+0x10/0x10 [ 206.568356][ T7043] do_syscall_64+0xcd/0x490 [ 206.568407][ T7043] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.568440][ T7043] RIP: 0033:0x7f3f23fc11e5 [ 206.568466][ T7043] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 54 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f 55 ff ff 48 8b 04 24 48 83 c4 28 f7 d8 [ 206.568496][ T7043] RSP: 002b:00007ffc5faa4280 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6 [ 206.568526][ T7043] RAX: ffffffffffffffda RBX: 00007f3f241b5fa0 RCX: 00007f3f23fc11e5 [ 206.568547][ T7043] RDX: 00007ffc5faa42c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 206.568566][ T7043] RBP: 00007f3f241b7ba0 R08: 0000000000000000 R09: 00007f3f24e89000 [ 206.568585][ T7043] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000003267c [ 206.568604][ T7043] R13: 00007f3f241b6240 R14: ffffffffffffffff R15: 00007ffc5faa4400 [ 206.568652][ T7043] [ 206.718895][ T7055] vivid-009: Tx RGB Quantization Range: Automatic grabbed [ 207.105328][ T7055] vivid-009: Transmit Mode: HDMI grabbed [ 207.276674][ T7055] vivid-009: Hotplug Present: 0x00000000 [ 207.377314][ T7055] vivid-009: RxSense Present: 0x00000000 [ 207.383081][ T7055] vivid-009: EDID Present: 0x00000000 [ 207.447411][ T7055] vivid-009: ================== END STATUS ================== [ 207.462712][ T7054] capability: warning: `syz.2.238' uses deprecated v2 capabilities in a way that may be insecure [ 211.993169][ T7136] sg_write: data in/out 3292/1 bytes for SCSI command 0xa3-- guessing data in; [ 211.993169][ T7136] program syz.1.260 not setting count and/or reply_len properly [ 212.733474][ T7136] zswap: compressor not available [ 214.220420][ T7142] kexec: Could not allocate control_code_buffer [ 214.549548][ T7140] program syz.1.260 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 216.654750][ T7224] can: request_module (can-proto-3) failed. [ 217.269839][ T7241] vhci_hcd: invalid port number 16 [ 217.275048][ T7241] vhci_hcd: invalid port number 16 [ 220.947848][ T7286] netlink: 338 bytes leftover after parsing attributes in process `syz.3.281'. [ 221.002529][ T7286] netlink: 338 bytes leftover after parsing attributes in process `syz.3.281'. [ 224.373983][ T7358] ptrace attach of "./syz-executor exec"[7359] was attempted by "./syz-executor exec"[7358] [ 224.534241][ T7361] ubi0: attaching mtd0 [ 224.650816][ T7361] ubi0: scanning is finished [ 224.655478][ T7361] ubi0: empty MTD device detected [ 225.161211][ T7361] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 225.267801][ T7361] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 225.275146][ T7361] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 225.317254][ T7361] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 225.356453][ T7361] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 225.364260][ T7361] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 225.377081][ T7361] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 82849510 [ 225.391306][ T7361] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 225.402836][ T7378] ubi0: background thread "ubi_bgt0d" started, PID 7378 [ 230.569810][ T7427] netlink: 'syz.3.302': attribute type 8 has an invalid length. [ 230.634141][ T7427] netlink: 'syz.3.302': attribute type 8 has an invalid length. [ 235.919933][ T7481] kexec: Could not allocate control_code_buffer [ 237.477410][ T7531] nvme_fabrics: missing parameter 'transport=%s' [ 237.526530][ T7513] kexec: Could not allocate control_code_buffer [ 237.534317][ T7531] nvme_fabrics: missing parameter 'nqn=%s' [ 240.817991][ T7583] FAULT_INJECTION: forcing a failure. [ 240.817991][ T7583] name failslab, interval 1, probability 0, space 0, times 0 [ 240.867164][ T7583] CPU: 0 UID: 0 PID: 7583 Comm: syz.2.333 Tainted: G U I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 240.867220][ T7583] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 240.867232][ T7583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 240.867257][ T7583] Call Trace: [ 240.867271][ T7583] [ 240.867283][ T7583] dump_stack_lvl+0x16c/0x1f0 [ 240.867332][ T7583] should_fail_ex+0x512/0x640 [ 240.867379][ T7583] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 240.867435][ T7583] should_failslab+0xc2/0x120 [ 240.867466][ T7583] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 240.867515][ T7583] ? getname_flags.part.0+0x4c/0x550 [ 240.867559][ T7583] getname_flags.part.0+0x4c/0x550 [ 240.867601][ T7583] getname_flags+0x93/0xf0 [ 240.867655][ T7583] __x64_sys_symlink+0x65/0x90 [ 240.867685][ T7583] do_syscall_64+0xcd/0x490 [ 240.867733][ T7583] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.867764][ T7583] RIP: 0033:0x7fda7cb8e929 [ 240.867789][ T7583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 240.867819][ T7583] RSP: 002b:00007fda7d90f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 240.867848][ T7583] RAX: ffffffffffffffda RBX: 00007fda7cdb5fa0 RCX: 00007fda7cb8e929 [ 240.867867][ T7583] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 240.867885][ T7583] RBP: 00007fda7d90f090 R08: 0000000000000000 R09: 0000000000000000 [ 240.867904][ T7583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 240.867923][ T7583] R13: 0000000000000000 R14: 00007fda7cdb5fa0 R15: 00007ffd24cd91d8 [ 240.867962][ T7583] [ 243.551750][ T7632] XFS: Clearing xfsstats [ 243.573573][ T7639] FAULT_INJECTION: forcing a failure. [ 243.573573][ T7639] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 243.628522][ T7639] CPU: 0 UID: 0 PID: 7639 Comm: syz.2.343 Tainted: G U I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 243.628580][ T7639] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 243.628593][ T7639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 243.628610][ T7639] Call Trace: [ 243.628620][ T7639] [ 243.628632][ T7639] dump_stack_lvl+0x16c/0x1f0 [ 243.628684][ T7639] should_fail_ex+0x512/0x640 [ 243.628741][ T7639] strncpy_from_user+0x3b/0x2e0 [ 243.628793][ T7639] getname_flags.part.0+0x8f/0x550 [ 243.628839][ T7639] getname_flags+0x93/0xf0 [ 243.628885][ T7639] __x64_sys_symlink+0x65/0x90 [ 243.628916][ T7639] do_syscall_64+0xcd/0x490 [ 243.628968][ T7639] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.629002][ T7639] RIP: 0033:0x7fda7cb8e929 [ 243.629027][ T7639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 243.629057][ T7639] RSP: 002b:00007fda7d90f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 243.629091][ T7639] RAX: ffffffffffffffda RBX: 00007fda7cdb5fa0 RCX: 00007fda7cb8e929 [ 243.629113][ T7639] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 243.629131][ T7639] RBP: 00007fda7d90f090 R08: 0000000000000000 R09: 0000000000000000 [ 243.629150][ T7639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 243.629168][ T7639] R13: 0000000000000000 R14: 00007fda7cdb5fa0 R15: 00007ffd24cd91d8 [ 243.629209][ T7639] [ 245.819769][ T7658] netlink: 8 bytes leftover after parsing attributes in process `syz.2.348'. [ 247.069476][ T7685] FAULT_INJECTION: forcing a failure. [ 247.069476][ T7685] name failslab, interval 1, probability 0, space 0, times 0 [ 247.096191][ T7685] CPU: 0 UID: 0 PID: 7685 Comm: syz.0.352 Tainted: G U I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 247.096247][ T7685] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 247.096260][ T7685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 247.096278][ T7685] Call Trace: [ 247.096288][ T7685] [ 247.096301][ T7685] dump_stack_lvl+0x16c/0x1f0 [ 247.096353][ T7685] should_fail_ex+0x512/0x640 [ 247.096411][ T7685] should_failslab+0xc2/0x120 [ 247.096444][ T7685] __kmalloc_cache_noprof+0x6a/0x3e0 [ 247.096492][ T7685] ? proc_self_get_link+0x1a9/0x230 [ 247.096547][ T7685] proc_self_get_link+0x1a9/0x230 [ 247.096595][ T7685] ? __pfx_proc_self_get_link+0x10/0x10 [ 247.096654][ T7685] step_into+0x195b/0x2270 [ 247.096707][ T7685] ? __pfx_step_into+0x10/0x10 [ 247.096757][ T7685] ? lookup_fast+0x156/0x610 [ 247.096806][ T7685] walk_component+0xfc/0x5b0 [ 247.096854][ T7685] link_path_walk+0x627/0xe20 [ 247.096911][ T7685] path_parentat+0x2b/0x110 [ 247.096955][ T7685] __filename_parentat+0x22f/0x680 [ 247.097009][ T7685] ? __pfx___filename_parentat+0x10/0x10 [ 247.097051][ T7685] ? kasan_save_stack+0x33/0x60 [ 247.097097][ T7685] ? kasan_save_track+0x14/0x30 [ 247.097152][ T7685] ? __kasan_slab_alloc+0x89/0x90 [ 247.097209][ T7685] ? __lock_acquire+0xb8a/0x1c90 [ 247.097270][ T7685] filename_create+0xbf/0x4a0 [ 247.097318][ T7685] ? __pfx_filename_create+0x10/0x10 [ 247.097360][ T7685] ? find_held_lock+0x2b/0x80 [ 247.097391][ T7685] ? __might_fault+0xe3/0x190 [ 247.097439][ T7685] ? __might_fault+0xe3/0x190 [ 247.097501][ T7685] do_symlinkat+0xbe/0x310 [ 247.097533][ T7685] ? __pfx_do_symlinkat+0x10/0x10 [ 247.097586][ T7685] ? getname_flags.part.0+0x1c5/0x550 [ 247.097635][ T7685] __x64_sys_symlink+0x75/0x90 [ 247.097666][ T7685] do_syscall_64+0xcd/0x490 [ 247.097716][ T7685] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 247.097749][ T7685] RIP: 0033:0x7f3f23f8e929 [ 247.097775][ T7685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 247.097805][ T7685] RSP: 002b:00007f3f24e88038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 247.097835][ T7685] RAX: ffffffffffffffda RBX: 00007f3f241b5fa0 RCX: 00007f3f23f8e929 [ 247.097857][ T7685] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 247.097875][ T7685] RBP: 00007f3f24e88090 R08: 0000000000000000 R09: 0000000000000000 [ 247.097894][ T7685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 247.097912][ T7685] R13: 0000000000000000 R14: 00007f3f241b5fa0 R15: 00007ffc5faa4188 [ 247.097955][ T7685] [ 249.010699][ T7694] kexec: Could not allocate control_code_buffer [ 249.350636][ T7702] netlink: 28 bytes leftover after parsing attributes in process `syz.2.357'. [ 249.449092][ T7702] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 249.466656][ T7702] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 249.536582][ T7702] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 249.544743][ T7702] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 249.752875][ T7707] FAULT_INJECTION: forcing a failure. [ 249.752875][ T7707] name failslab, interval 1, probability 0, space 0, times 0 [ 249.765730][ T7707] CPU: 0 UID: 0 PID: 7707 Comm: syz.0.358 Tainted: G U I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 249.765785][ T7707] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 249.765799][ T7707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 249.765817][ T7707] Call Trace: [ 249.765826][ T7707] [ 249.765838][ T7707] dump_stack_lvl+0x16c/0x1f0 [ 249.765892][ T7707] should_fail_ex+0x512/0x640 [ 249.765944][ T7707] ? __kmalloc_noprof+0xbf/0x510 [ 249.765998][ T7707] ? ops_init+0x77/0x5f0 [ 249.766046][ T7707] should_failslab+0xc2/0x120 [ 249.766078][ T7707] __kmalloc_noprof+0xd2/0x510 [ 249.766132][ T7707] ? __pfx_sctp_ctrlsock_init+0x10/0x10 [ 249.766186][ T7707] ops_init+0x77/0x5f0 [ 249.766240][ T7707] setup_net+0x1ff/0x510 [ 249.766289][ T7707] ? lockdep_init_map_type+0x5c/0x280 [ 249.766335][ T7707] ? __pfx_setup_net+0x10/0x10 [ 249.766390][ T7707] ? debug_mutex_init+0x37/0x70 [ 249.766426][ T7707] copy_net_ns+0x2a6/0x5f0 [ 249.766463][ T7707] create_new_namespaces+0x3ea/0xa90 [ 249.766510][ T7707] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 249.766551][ T7707] ksys_unshare+0x45b/0xa40 [ 249.766610][ T7707] ? __pfx_ksys_unshare+0x10/0x10 [ 249.766654][ T7707] ? xfd_validate_state+0x61/0x180 [ 249.766709][ T7707] __x64_sys_unshare+0x31/0x40 [ 249.766751][ T7707] do_syscall_64+0xcd/0x490 [ 249.766801][ T7707] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.766834][ T7707] RIP: 0033:0x7f3f23f8e929 [ 249.766859][ T7707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 249.766890][ T7707] RSP: 002b:00007f3f24e67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 249.766921][ T7707] RAX: ffffffffffffffda RBX: 00007f3f241b6080 RCX: 00007f3f23f8e929 [ 249.766943][ T7707] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 249.766964][ T7707] RBP: 00007f3f24010b39 R08: 0000000000000000 R09: 0000000000000000 [ 249.766984][ T7707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 249.767007][ T7707] R13: 0000000000000000 R14: 00007f3f241b6080 R15: 00007ffc5faa4188 [ 249.767047][ T7707] [ 249.980126][ C0] vkms_vblank_simulate: vblank timer overrun [ 250.107788][ T7714] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88807800ddc0 pfn:0x7800d [ 250.122172][ T7714] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 250.133823][ T7714] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 250.145068][ T7714] raw: ffff88807800ddc0 0000000000000000 00000001ffffffff 0000000000000000 [ 250.155154][ T7714] page dumped because: unmovable page [ 250.162105][ T7714] page_owner tracks the page as allocated [ 250.177201][ T7714] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xcc0(GFP_KERNEL), pid 7134, tgid 7133 (syz.0.259), ts 212288056731, free_ts 211178102622 [ 250.193327][ T7714] post_alloc_hook+0x1c0/0x230 [ 250.199828][ T7714] get_page_from_freelist+0x1321/0x3890 [ 250.205472][ T7714] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 250.212233][ T7714] alloc_pages_bulk_noprof+0x71c/0x1410 [ 250.223546][ T7714] kasan_populate_vmalloc+0xf1/0x1f0 [ 250.229282][ T7714] alloc_vmap_area+0x959/0x29c0 [ 250.234223][ T7714] __get_vm_area_node+0x1ca/0x330 [ 250.239851][ T7714] __vmalloc_node_range_noprof+0x271/0x14b0 [ 250.245871][ T7714] __vmalloc_node_noprof+0xad/0xf0 [ 250.251490][ T7714] __snd_dma_alloc_pages+0x50/0x90 [ 250.256664][ T7714] snd_dma_alloc_dir_pages+0x151/0x240 [ 250.262713][ T7714] do_alloc_pages+0x115/0x280 [ 250.267798][ T7714] snd_pcm_lib_malloc_pages+0x3df/0x980 [ 250.273467][ T7714] snd_pcm_hw_params+0x15e1/0x1b40 [ 250.346745][ T7714] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 250.367992][ T7714] snd_pcm_oss_change_params_locked+0x1432/0x3a30 [ 250.374564][ T7714] page last free pid 6972 tgid 6972 stack trace: [ 250.384585][ T7714] __free_frozen_pages+0x7fe/0x1180 [ 250.390335][ T7714] tlb_remove_table_rcu+0x116/0x1a0 [ 250.396204][ T7714] rcu_core+0x79c/0x14e0 [ 250.408187][ T7714] handle_softirqs+0x219/0x8e0 [ 250.413366][ T7714] __irq_exit_rcu+0x109/0x170 [ 250.420649][ T7714] irq_exit_rcu+0x9/0x30 [ 250.434451][ T7714] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 250.444460][ T7714] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 257.343068][ T7812] kexec: Could not allocate control_code_buffer [ 258.339118][ T7834] FAULT_INJECTION: forcing a failure. [ 258.339118][ T7834] name failslab, interval 1, probability 0, space 0, times 0 [ 258.444593][ T7834] CPU: 0 UID: 0 PID: 7834 Comm: syz.3.383 Tainted: G U I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 258.444649][ T7834] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 258.444661][ T7834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 258.444679][ T7834] Call Trace: [ 258.444688][ T7834] [ 258.444700][ T7834] dump_stack_lvl+0x16c/0x1f0 [ 258.444753][ T7834] should_fail_ex+0x512/0x640 [ 258.444811][ T7834] ? fs_reclaim_acquire+0xae/0x150 [ 258.444854][ T7834] ? tomoyo_encode2+0x30b/0x3e0 [ 258.444896][ T7834] should_failslab+0xc2/0x120 [ 258.444928][ T7834] __kmalloc_noprof+0xd2/0x510 [ 258.444988][ T7834] tomoyo_encode2+0x30b/0x3e0 [ 258.445040][ T7834] tomoyo_encode+0x29/0x50 [ 258.445084][ T7834] tomoyo_mount_acl+0x144/0x850 [ 258.445125][ T7834] ? kernel_text_address+0x8d/0x100 [ 258.445177][ T7834] ? __kernel_text_address+0xd/0x40 [ 258.445226][ T7834] ? unwind_get_return_address+0x59/0xa0 [ 258.445276][ T7834] ? arch_stack_walk+0xa6/0x100 [ 258.445329][ T7834] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 258.445381][ T7834] ? stack_trace_save+0x8e/0xc0 [ 258.445448][ T7834] ? tomoyo_domain+0xbb/0x150 [ 258.445475][ T7834] ? tomoyo_profile+0x47/0x60 [ 258.445508][ T7834] tomoyo_mount_permission+0x16d/0x420 [ 258.445551][ T7834] ? tomoyo_mount_permission+0x14f/0x420 [ 258.445598][ T7834] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 258.445667][ T7834] security_sb_mount+0x9b/0x260 [ 258.445707][ T7834] path_mount+0x128/0x1f70 [ 258.445737][ T7834] ? kmem_cache_free+0x2d1/0x4d0 [ 258.445789][ T7834] ? __pfx_path_mount+0x10/0x10 [ 258.445847][ T7834] ? putname+0x154/0x1a0 [ 258.445882][ T7834] __x64_sys_mount+0x28d/0x310 [ 258.445912][ T7834] ? __pfx___x64_sys_mount+0x10/0x10 [ 258.445955][ T7834] do_syscall_64+0xcd/0x490 [ 258.446003][ T7834] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 258.446034][ T7834] RIP: 0033:0x7f33eef8e929 [ 258.446059][ T7834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 258.446089][ T7834] RSP: 002b:00007f33efd1a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 258.446119][ T7834] RAX: ffffffffffffffda RBX: 00007f33ef1b6080 RCX: 00007f33eef8e929 [ 258.446139][ T7834] RDX: 0000200000000100 RSI: 0000200000000140 RDI: 0000000000000000 [ 258.446158][ T7834] RBP: 00007f33efd1a090 R08: 0000200000000100 R09: 0000000000000000 [ 258.446177][ T7834] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001 [ 258.446196][ T7834] R13: 0000000000000000 R14: 00007f33ef1b6080 R15: 00007ffe8b9d5158 [ 258.446235][ T7834] [ 260.498044][ T7866] ubi: mtd0 is already attached to ubi0 [ 262.300416][ T7898] net_ratelimit: 77 callbacks suppressed [ 262.300444][ T7898] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 262.534228][ T7897] netlink: 4 bytes leftover after parsing attributes in process `syz.2.391'. [ 263.015818][ T7909] block nbd7: not configured, cannot reconfigure [ 264.836040][ T7935] FAULT_INJECTION: forcing a failure. [ 264.836040][ T7935] name failslab, interval 1, probability 0, space 0, times 0 [ 265.197107][ T7935] CPU: 0 UID: 0 PID: 7935 Comm: syz.3.401 Tainted: G U I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 265.197161][ T7935] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 265.197174][ T7935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 265.197191][ T7935] Call Trace: [ 265.197205][ T7935] [ 265.197217][ T7935] dump_stack_lvl+0x16c/0x1f0 [ 265.197279][ T7935] should_fail_ex+0x512/0x640 [ 265.197329][ T7935] ? fs_reclaim_acquire+0xae/0x150 [ 265.197373][ T7935] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 265.197421][ T7935] should_failslab+0xc2/0x120 [ 265.197453][ T7935] __kmalloc_noprof+0xd2/0x510 [ 265.197504][ T7935] ? trace_kmalloc+0x2b/0xd0 [ 265.197535][ T7935] ? __kmalloc_noprof+0x242/0x510 [ 265.197591][ T7935] tomoyo_realpath_from_path+0xc2/0x6e0 [ 265.197643][ T7935] ? tomoyo_fill_path_info+0x233/0x420 [ 265.197684][ T7935] tomoyo_mount_acl+0x1ae/0x850 [ 265.197725][ T7935] ? kernel_text_address+0x8d/0x100 [ 265.197778][ T7935] ? __kernel_text_address+0xd/0x40 [ 265.197826][ T7935] ? unwind_get_return_address+0x59/0xa0 [ 265.197879][ T7935] ? arch_stack_walk+0xa6/0x100 [ 265.197934][ T7935] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 265.197988][ T7935] ? stack_trace_save+0x8e/0xc0 [ 265.198058][ T7935] ? tomoyo_domain+0xbb/0x150 [ 265.198086][ T7935] ? tomoyo_profile+0x47/0x60 [ 265.198119][ T7935] tomoyo_mount_permission+0x16d/0x420 [ 265.198161][ T7935] ? tomoyo_mount_permission+0x14f/0x420 [ 265.198209][ T7935] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 265.198309][ T7935] security_sb_mount+0x9b/0x260 [ 265.198349][ T7935] path_mount+0x128/0x1f70 [ 265.198382][ T7935] ? kmem_cache_free+0x2d1/0x4d0 [ 265.198428][ T7935] ? __pfx_path_mount+0x10/0x10 [ 265.198486][ T7935] ? putname+0x154/0x1a0 [ 265.198524][ T7935] __x64_sys_mount+0x28d/0x310 [ 265.198555][ T7935] ? __pfx___x64_sys_mount+0x10/0x10 [ 265.198598][ T7935] do_syscall_64+0xcd/0x490 [ 265.198647][ T7935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.198680][ T7935] RIP: 0033:0x7f33eef8e929 [ 265.198704][ T7935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 265.198736][ T7935] RSP: 002b:00007f33efd1a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 265.198764][ T7935] RAX: ffffffffffffffda RBX: 00007f33ef1b6080 RCX: 00007f33eef8e929 [ 265.198785][ T7935] RDX: 0000200000000100 RSI: 0000200000000140 RDI: 0000000000000000 [ 265.198804][ T7935] RBP: 00007f33efd1a090 R08: 0000200000000100 R09: 0000000000000000 [ 265.198823][ T7935] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001 [ 265.198841][ T7935] R13: 0000000000000000 R14: 00007f33ef1b6080 R15: 00007ffe8b9d5158 [ 265.198883][ T7935] [ 265.199047][ T7935] ERROR: Out of memory at tomoyo_realpath_from_path. [ 265.517902][ T7930] netlink: 44 bytes leftover after parsing attributes in process `syz.0.399'. [ 266.250392][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.258584][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 267.406364][ T7929] kexec: Could not allocate control_code_buffer [ 267.732260][ C1] sd 0:0:1:0: [sda] tag#4185 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 267.742919][ C1] sd 0:0:1:0: [sda] tag#4185 CDB: Read(6) 08 00 00 00 09 00 00 00 f2 ff ff ff [ 269.142279][ T7982] netlink: 28 bytes leftover after parsing attributes in process `syz.3.411'. [ 270.657574][ T7987] Invalid ELF header magic: != ELF [ 273.489927][ T8005] FAULT_INJECTION: forcing a failure. [ 273.489927][ T8005] name failslab, interval 1, probability 0, space 0, times 0 [ 273.577116][ T8005] CPU: 1 UID: 0 PID: 8005 Comm: syz.0.416 Tainted: G U I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 273.577169][ T8005] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 273.577181][ T8005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 273.577199][ T8005] Call Trace: [ 273.577209][ T8005] [ 273.577221][ T8005] dump_stack_lvl+0x16c/0x1f0 [ 273.577270][ T8005] should_fail_ex+0x512/0x640 [ 273.577319][ T8005] ? fs_reclaim_acquire+0xae/0x150 [ 273.577360][ T8005] ? tomoyo_encode2+0x100/0x3e0 [ 273.577404][ T8005] should_failslab+0xc2/0x120 [ 273.577437][ T8005] __kmalloc_noprof+0xd2/0x510 [ 273.577496][ T8005] ? d_absolute_path+0x136/0x1a0 [ 273.577537][ T8005] tomoyo_encode2+0x100/0x3e0 [ 273.577590][ T8005] tomoyo_encode+0x29/0x50 [ 273.577635][ T8005] tomoyo_realpath_from_path+0x18f/0x6e0 [ 273.577705][ T8005] tomoyo_mount_acl+0x1ae/0x850 [ 273.577746][ T8005] ? kernel_text_address+0x8d/0x100 [ 273.577798][ T8005] ? __kernel_text_address+0xd/0x40 [ 273.577847][ T8005] ? unwind_get_return_address+0x59/0xa0 [ 273.577899][ T8005] ? arch_stack_walk+0xa6/0x100 [ 273.577952][ T8005] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 273.578007][ T8005] ? stack_trace_save+0x8e/0xc0 [ 273.578077][ T8005] ? tomoyo_domain+0xbb/0x150 [ 273.578105][ T8005] ? tomoyo_profile+0x47/0x60 [ 273.578138][ T8005] tomoyo_mount_permission+0x16d/0x420 [ 273.578181][ T8005] ? tomoyo_mount_permission+0x14f/0x420 [ 273.578228][ T8005] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 273.578297][ T8005] security_sb_mount+0x9b/0x260 [ 273.578334][ T8005] path_mount+0x128/0x1f70 [ 273.578365][ T8005] ? kmem_cache_free+0x2d1/0x4d0 [ 273.578432][ T8005] ? __pfx_path_mount+0x10/0x10 [ 273.578494][ T8005] ? putname+0x154/0x1a0 [ 273.578530][ T8005] __x64_sys_mount+0x28d/0x310 [ 273.578561][ T8005] ? __pfx___x64_sys_mount+0x10/0x10 [ 273.578604][ T8005] do_syscall_64+0xcd/0x490 [ 273.578653][ T8005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.578683][ T8005] RIP: 0033:0x7f3f23f8e929 [ 273.578707][ T8005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.578737][ T8005] RSP: 002b:00007f3f24e88038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 273.578763][ T8005] RAX: ffffffffffffffda RBX: 00007f3f241b5fa0 RCX: 00007f3f23f8e929 [ 273.578782][ T8005] RDX: 0000200000000100 RSI: 0000200000000140 RDI: 0000000000000000 [ 273.578802][ T8005] RBP: 00007f3f24e88090 R08: 0000200000000100 R09: 0000000000000000 [ 273.578821][ T8005] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001 [ 273.578839][ T8005] R13: 0000000000000000 R14: 00007f3f241b5fa0 R15: 00007ffc5faa4188 [ 273.578879][ T8005] [ 273.578909][ T8005] ERROR: Out of memory at tomoyo_realpath_from_path. [ 283.197867][ T5845] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 283.967246][ T8099] can: request_module (can-proto-3) failed. [ 288.586629][ T8098] kexec: Could not allocate control_code_buffer [ 289.113435][ T8132] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 289.129028][ T8132] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 289.289175][ T8132] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 289.312614][ T8132] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 289.460438][ T8132] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 290.202302][ T8151] kexec: Could not allocate control_code_buffer [ 290.218280][ T5844] Bluetooth: hci1: command 0x0c1a tx timeout [ 291.177889][ T5844] Bluetooth: hci3: command 0x0c1a tx timeout [ 291.337336][ T5844] Bluetooth: hci2: command 0x0c1a tx timeout [ 291.500776][ T5844] Bluetooth: hci0: command 0x0c1a tx timeout [ 293.239874][ T8191] can: request_module (can-proto-3) failed. [ 293.427300][ T5844] Bluetooth: hci2: command 0x0c1a tx timeout [ 296.185577][ T8229] netlink: 4 bytes leftover after parsing attributes in process `syz.1.457'. [ 297.519740][ T8192] kexec: Could not allocate control_code_buffer [ 298.674182][ T8253] ptrace attach of "./syz-executor exec"[8258] was attempted by "./syz-executor exec"[8253] [ 300.718672][ T8274] netlink: 'syz.3.466': attribute type 11 has an invalid length. [ 300.902825][ T8274] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 301.779411][ T8271] kexec: Could not allocate control_code_buffer [ 303.231818][ T8308] ptrace attach of ""[8310] was attempted by "./syz-executor exec"[8308] [ 309.252727][ T8349] kexec: Could not allocate control_code_buffer [ 311.886723][ T8411] binder: 8395:8411 ioctl c00c620f 200000000340 returned -22 [ 317.772982][ T8443] kexec: Could not allocate control_code_buffer [ 320.917498][ T8523] can: request_module (can-proto-0) failed. [ 326.164553][ T8573] Invalid ELF header magic: != ELF [ 327.702123][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 327.708512][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 329.973882][ T8603] netlink: 20 bytes leftover after parsing attributes in process `syz.1.528'. [ 332.083976][ T8614] kexec: Could not allocate control_code_buffer [ 335.115918][ T8635] kexec: Could not allocate control_code_buffer [ 337.755957][ T8659] kexec: Could not allocate control_code_buffer [ 341.107283][ T8734] ptrace attach of "./syz-executor exec"[8737] was attempted by "./syz-executor exec"[8734] [ 343.130140][ T8758] ptrace attach of ""[8759] was attempted by "./syz-executor exec"[8758] [ 343.553085][ T8766] netlink: 28 bytes leftover after parsing attributes in process `syz.1.561'. [ 343.832775][ T8766] bond0: (slave bond_slave_0): Releasing backup interface [ 344.305434][ T8777] netlink: 4 bytes leftover after parsing attributes in process `syz.1.563'. [ 345.128886][ T8786] can: request_module (can-proto-0) failed. [ 345.639927][ T8794] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input6 [ 354.725970][ T8883] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 355.980588][ T8887] kexec: Could not allocate control_code_buffer [ 357.838716][ T8884] i2c i2c-0: new_device: Can't parse I2C address [ 357.898796][ T8883] ovs_: entered promiscuous mode [ 361.042211][ T8952] syz.0.599 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 361.614356][ C1] sd 0:0:1:0: [sda] tag#4204 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 361.625164][ C1] sd 0:0:1:0: [sda] tag#4204 CDB: Read(6) 08 00 00 00 09 00 00 00 00 00 00 00 [ 362.329061][ T8967] Console: switching to colour VGA+ 80x25 [ 363.074768][ T8949] kexec: Could not allocate control_code_buffer [ 363.953068][ T8994] binder: 8991:8994 unknown command 4 [ 363.964333][ T8994] binder: 8991:8994 ioctl c0306201 0 returned -22 [ 365.768651][ C1] sd 0:0:1:0: [sda] tag#4160 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 365.779249][ C1] sd 0:0:1:0: [sda] tag#4160 CDB: Read(6) 08 00 00 00 09 00 00 00 00 00 00 00 [ 366.345684][ T9033] FAULT_INJECTION: forcing a failure. [ 366.345684][ T9033] name failslab, interval 1, probability 0, space 0, times 0 [ 366.367365][ T9033] CPU: 0 UID: 0 PID: 9033 Comm: syz.0.613 Tainted: G U I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 366.367407][ T9033] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 366.367416][ T9033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 366.367429][ T9033] Call Trace: [ 366.367437][ T9033] [ 366.367445][ T9033] dump_stack_lvl+0x16c/0x1f0 [ 366.367483][ T9033] should_fail_ex+0x512/0x640 [ 366.367517][ T9033] ? __kmalloc_noprof+0xbf/0x510 [ 366.367552][ T9033] ? __register_sysctl_table+0xb3/0x1900 [ 366.367572][ T9033] should_failslab+0xc2/0x120 [ 366.367594][ T9033] __kmalloc_noprof+0xd2/0x510 [ 366.367634][ T9033] __register_sysctl_table+0xb3/0x1900 [ 366.367655][ T9033] ? is_module_address+0x5f/0xf0 [ 366.367690][ T9033] ? __pfx___register_sysctl_table+0x10/0x10 [ 366.367709][ T9033] ? is_module_address+0x69/0xf0 [ 366.367738][ T9033] ? register_net_sysctl_sz+0x228/0x3e0 [ 366.367775][ T9033] ? __asan_memcpy+0x3c/0x60 [ 366.367808][ T9033] xfrm4_net_init+0xf0/0x1c0 [ 366.367836][ T9033] ? __pfx_xfrm4_net_init+0x10/0x10 [ 366.367861][ T9033] ops_init+0x1e2/0x5f0 [ 366.367898][ T9033] setup_net+0x1ff/0x510 [ 366.367930][ T9033] ? lockdep_init_map_type+0x5c/0x280 [ 366.367961][ T9033] ? __pfx_setup_net+0x10/0x10 [ 366.367996][ T9033] ? debug_mutex_init+0x37/0x70 [ 366.368022][ T9033] copy_net_ns+0x2a6/0x5f0 [ 366.368046][ T9033] create_new_namespaces+0x3ea/0xa90 [ 366.368077][ T9033] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 366.368104][ T9033] ksys_unshare+0x45b/0xa40 [ 366.368141][ T9033] ? __pfx_ksys_unshare+0x10/0x10 [ 366.368171][ T9033] ? xfd_validate_state+0x61/0x180 [ 366.368209][ T9033] __x64_sys_unshare+0x31/0x40 [ 366.368238][ T9033] do_syscall_64+0xcd/0x490 [ 366.368272][ T9033] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.368294][ T9033] RIP: 0033:0x7f3f23f8e929 [ 366.368312][ T9033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 366.368333][ T9033] RSP: 002b:00007f3f24e88038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 366.368354][ T9033] RAX: ffffffffffffffda RBX: 00007f3f241b5fa0 RCX: 00007f3f23f8e929 [ 366.368368][ T9033] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 366.368381][ T9033] RBP: 00007f3f24010b39 R08: 0000000000000000 R09: 0000000000000000 [ 366.368398][ T9033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 366.368411][ T9033] R13: 0000000000000000 R14: 00007f3f241b5fa0 R15: 00007ffc5faa4188 [ 366.368439][ T9033] [ 368.558230][ T9063] can: request_module (can-proto-5) failed. [ 369.025466][ T9080] random: crng reseeded on system resumption [ 369.877246][ C1] sd 0:0:1:0: [sda] tag#4169 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 369.887916][ C1] sd 0:0:1:0: [sda] tag#4169 CDB: Read(6) 08 00 00 00 09 00 00 00 00 00 00 00 [ 377.828323][ T9184] ptrace attach of "./syz-executor exec"[9189] was attempted by "./syz-executor exec"[9184] syzkaller syzkaller login: [ 385.003283][ T9224] kexec: Could not allocate control_code_buffer [ 385.620591][ T31] audit: type=1804 audit(6044162481.498:5): pid=9275 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.659" name="/newroot/183/file0" dev="tmpfs" ino=1000 res=1 errno=0 [ 385.624874][ T9275] FAULT_INJECTION: forcing a failure. [ 385.624874][ T9275] name failslab, interval 1, probability 0, space 0, times 0 [ 385.624946][ T9275] CPU: 0 UID: 0 PID: 9275 Comm: syz.3.659 Tainted: G U I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 385.624998][ T9275] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 385.625010][ T9275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 385.625028][ T9275] Call Trace: [ 385.625038][ T9275] [ 385.625050][ T9275] dump_stack_lvl+0x16c/0x1f0 [ 385.625102][ T9275] should_fail_ex+0x512/0x640 [ 385.625153][ T9275] ? __kmalloc_noprof+0xbf/0x510 [ 385.625206][ T9275] ? __register_sysctl_table+0xb3/0x1900 [ 385.625236][ T9275] should_failslab+0xc2/0x120 [ 385.625269][ T9275] __kmalloc_noprof+0xd2/0x510 [ 385.625329][ T9275] __register_sysctl_table+0xb3/0x1900 [ 385.625361][ T9275] ? is_module_address+0x5f/0xf0 [ 385.625413][ T9275] ? __pfx___register_sysctl_table+0x10/0x10 [ 385.625454][ T9275] ? is_module_address+0x69/0xf0 [ 385.625500][ T9275] ? register_net_sysctl_sz+0x228/0x3e0 [ 385.625556][ T9275] ? __asan_memcpy+0x3c/0x60 [ 385.625603][ T9275] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 385.625637][ T9275] nf_lwtunnel_net_init+0x60/0xf0 [ 385.625670][ T9275] ops_init+0x1e2/0x5f0 [ 385.625725][ T9275] setup_net+0x1ff/0x510 [ 385.625773][ T9275] ? lockdep_init_map_type+0x5c/0x280 [ 385.625818][ T9275] ? __pfx_setup_net+0x10/0x10 [ 385.625871][ T9275] ? debug_mutex_init+0x37/0x70 [ 385.625907][ T9275] copy_net_ns+0x2a6/0x5f0 [ 385.625942][ T9275] create_new_namespaces+0x3ea/0xa90 [ 385.625988][ T9275] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 385.626028][ T9275] ksys_unshare+0x45b/0xa40 [ 385.626072][ T9275] ? __pfx_ksys_unshare+0x10/0x10 [ 385.626117][ T9275] ? xfd_validate_state+0x61/0x180 [ 385.626181][ T9275] __x64_sys_unshare+0x31/0x40 [ 385.626225][ T9275] do_syscall_64+0xcd/0x490 [ 385.626276][ T9275] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 385.626309][ T9275] RIP: 0033:0x7f33eef8e929 [ 385.626335][ T9275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 385.626366][ T9275] RSP: 002b:00007f33efd3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 385.626397][ T9275] RAX: ffffffffffffffda RBX: 00007f33ef1b5fa0 RCX: 00007f33eef8e929 [ 385.626418][ T9275] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 385.626444][ T9275] RBP: 00007f33ef010b39 R08: 0000000000000000 R09: 0000000000000000 [ 385.626463][ T9275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 385.626482][ T9275] R13: 0000000000000000 R14: 00007f33ef1b5fa0 R15: 00007ffe8b9d5158 [ 385.626523][ T9275] [ 385.637138][ T31] audit: type=1800 audit(6044162481.498:6): pid=9275 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.659" name="file0" dev="tmpfs" ino=1000 res=0 errno=0 [ 386.239255][ T9282] FAULT_INJECTION: forcing a failure. [ 386.239255][ T9282] name failslab, interval 1, probability 0, space 0, times 0 [ 386.258767][ T9282] CPU: 1 UID: 0 PID: 9282 Comm: syz.0.660 Tainted: G U I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 386.258809][ T9282] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 386.258818][ T9282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 386.258832][ T9282] Call Trace: [ 386.258840][ T9282] [ 386.258849][ T9282] dump_stack_lvl+0x16c/0x1f0 [ 386.258887][ T9282] should_fail_ex+0x512/0x640 [ 386.258923][ T9282] ? __kmalloc_noprof+0xbf/0x510 [ 386.258962][ T9282] ? devlink_fmsg_put_value+0xaa/0x2d0 [ 386.258986][ T9282] should_failslab+0xc2/0x120 [ 386.259010][ T9282] __kmalloc_noprof+0xd2/0x510 [ 386.259044][ T9282] ? trace_kmalloc+0x2b/0xd0 [ 386.259067][ T9282] ? __kmalloc_noprof+0x242/0x510 [ 386.259109][ T9282] devlink_fmsg_put_value+0xaa/0x2d0 [ 386.259138][ T9282] devlink_fmsg_string_pair_put+0xc1/0x1b0 [ 386.259167][ T9282] nsim_dev_dummy_fmsg_put+0x77/0x1e0 [ 386.259197][ T9282] devlink_health_do_dump+0x240/0x620 [ 386.259229][ T9282] devlink_health_report+0x3c9/0x9c0 [ 386.259260][ T9282] ? __pfx_devlink_health_report+0x10/0x10 [ 386.259289][ T9282] ? _copy_from_user+0x59/0xd0 [ 386.259316][ T9282] nsim_dev_health_break_write+0x166/0x210 [ 386.259345][ T9282] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 386.259383][ T9282] full_proxy_write+0x13f/0x200 [ 386.259409][ T9282] ? __pfx_full_proxy_write+0x10/0x10 [ 386.259432][ T9282] vfs_write+0x2a0/0x1150 [ 386.259472][ T9282] ? __pfx___mutex_lock+0x10/0x10 [ 386.259506][ T9282] ? __pfx_vfs_write+0x10/0x10 [ 386.259549][ T9282] ? __fget_files+0x20e/0x3c0 [ 386.259591][ T9282] ksys_write+0x12a/0x250 [ 386.259625][ T9282] ? __pfx_ksys_write+0x10/0x10 [ 386.259677][ T9282] do_syscall_64+0xcd/0x490 [ 386.259715][ T9282] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 386.259739][ T9282] RIP: 0033:0x7f3f23f8e929 [ 386.259758][ T9282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 386.259780][ T9282] RSP: 002b:00007f3f24e88038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 386.259802][ T9282] RAX: ffffffffffffffda RBX: 00007f3f241b5fa0 RCX: 00007f3f23f8e929 [ 386.259817][ T9282] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000005 [ 386.259831][ T9282] RBP: 00007f3f24010b39 R08: 0000000000000000 R09: 0000000000000000 [ 386.259845][ T9282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 386.259859][ T9282] R13: 0000000000000000 R14: 00007f3f241b5fa0 R15: 00007ffc5faa4188 [ 386.259888][ T9282] [ 388.516569][ T9299] kexec: Could not allocate control_code_buffer [ 389.149512][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 389.156397][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 390.055011][ T9330] ptrace attach of ""[9332] was attempted by "./syz-executor exec"[9330] [ 391.257364][ T9320] kexec: Could not allocate control_code_buffer [ 392.743237][ T9351] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 394.697847][ T9382] FAULT_INJECTION: forcing a failure. [ 394.697847][ T9382] name failslab, interval 1, probability 0, space 0, times 0 [ 394.730902][ T9382] CPU: 0 UID: 0 PID: 9382 Comm: syz.1.681 Tainted: G U I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 394.730946][ T9382] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 394.730955][ T9382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 394.730969][ T9382] Call Trace: [ 394.730977][ T9382] [ 394.730986][ T9382] dump_stack_lvl+0x16c/0x1f0 [ 394.731024][ T9382] should_fail_ex+0x512/0x640 [ 394.731062][ T9382] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 394.731098][ T9382] should_failslab+0xc2/0x120 [ 394.731122][ T9382] __kmalloc_cache_noprof+0x6a/0x3e0 [ 394.731156][ T9382] ? snd_seq_prioq_new+0x3f/0x110 [ 394.731191][ T9382] snd_seq_prioq_new+0x3f/0x110 [ 394.731222][ T9382] snd_seq_queue_alloc+0x12b/0x550 [ 394.731254][ T9382] snd_seq_ioctl_create_queue+0xa9/0x380 [ 394.731291][ T9382] snd_seq_kernel_client_ctl+0x10a/0x1c0 [ 394.731317][ T9382] alloc_seq_queue+0xda/0x180 [ 394.731339][ T9382] ? __pfx_alloc_seq_queue+0x10/0x10 [ 394.731378][ T9382] ? mark_held_locks+0x49/0x80 [ 394.731409][ T9382] ? _raw_spin_unlock_irq+0x23/0x50 [ 394.731441][ T9382] snd_seq_oss_open+0x38c/0xa20 [ 394.731468][ T9382] odev_open+0x6f/0x90 [ 394.731503][ T9382] ? __pfx_odev_open+0x10/0x10 [ 394.731538][ T9382] soundcore_open+0x40c/0x580 [ 394.731576][ T9382] ? __pfx_soundcore_open+0x10/0x10 [ 394.731612][ T9382] chrdev_open+0x234/0x6a0 [ 394.731635][ T9382] ? __pfx_apparmor_file_open+0x10/0x10 [ 394.731667][ T9382] ? __pfx_chrdev_open+0x10/0x10 [ 394.731690][ T9382] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 394.731729][ T9382] do_dentry_open+0x741/0x1c10 [ 394.731766][ T9382] ? __pfx_chrdev_open+0x10/0x10 [ 394.731793][ T9382] vfs_open+0x82/0x3f0 [ 394.731823][ T9382] path_openat+0x1de4/0x2cb0 [ 394.731879][ T9382] ? __pfx_path_openat+0x10/0x10 [ 394.731917][ T9382] ? __lock_acquire+0xb8a/0x1c90 [ 394.731952][ T9382] do_filp_open+0x20b/0x470 [ 394.731988][ T9382] ? __pfx_do_filp_open+0x10/0x10 [ 394.732046][ T9382] ? alloc_fd+0x471/0x7d0 [ 394.732087][ T9382] do_sys_openat2+0x11b/0x1d0 [ 394.732117][ T9382] ? __pfx_do_sys_openat2+0x10/0x10 [ 394.732156][ T9382] __x64_sys_openat+0x174/0x210 [ 394.732184][ T9382] ? __pfx___x64_sys_openat+0x10/0x10 [ 394.732225][ T9382] do_syscall_64+0xcd/0x490 [ 394.732261][ T9382] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 394.732285][ T9382] RIP: 0033:0x7ff491d8e929 [ 394.732304][ T9382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 394.732327][ T9382] RSP: 002b:00007ff492c08038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 394.732348][ T9382] RAX: ffffffffffffffda RBX: 00007ff491fb5fa0 RCX: 00007ff491d8e929 [ 394.732363][ T9382] RDX: 00000000001c8340 RSI: 0000200000000540 RDI: ffffffffffffff9c [ 394.732379][ T9382] RBP: 00007ff491e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 394.732393][ T9382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 394.732407][ T9382] R13: 0000000000000000 R14: 00007ff491fb5fa0 R15: 00007ffc28bf5fe8 [ 394.732436][ T9382] [ 397.275622][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.282351][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.288991][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.295575][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.302182][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.308795][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.315391][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.322011][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.328669][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.335261][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.341878][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.348520][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.355103][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.361716][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.368337][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.374931][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.381619][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.388303][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.394888][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.401508][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.408123][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.414739][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.421369][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.428018][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.434609][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.441232][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.447848][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.454491][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.461151][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.467791][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.474400][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.481040][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.487658][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.494290][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.500911][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.507555][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.514134][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.520820][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.527475][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.534090][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.540771][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.547461][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.554083][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.560740][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.568121][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.575609][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.582407][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.589647][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.597112][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.603752][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.610421][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.617088][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.623726][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.630374][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.637030][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.643717][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.650380][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.657114][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.663744][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.670399][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.677012][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.683612][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.690238][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.696837][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 397.743161][ T9374] kexec: Could not allocate control_code_buffer [ 398.954689][ C0] vcan0: j1939_tp_rxtimer: 0xffff888058c08400: rx timeout, send abort [ 399.463014][ C0] vcan0: j1939_tp_rxtimer: 0xffff888058c08400: abort rx timeout. Force session deactivation [ 402.681842][ T9449] FAULT_INJECTION: forcing a failure. [ 402.681842][ T9449] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 402.707120][ T9449] CPU: 1 UID: 0 PID: 9449 Comm: syz.0.693 Tainted: G U I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 402.707176][ T9449] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 402.707188][ T9449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 402.707205][ T9449] Call Trace: [ 402.707215][ T9449] [ 402.707227][ T9449] dump_stack_lvl+0x16c/0x1f0 [ 402.707277][ T9449] should_fail_ex+0x512/0x640 [ 402.707335][ T9449] _copy_from_user+0x2e/0xd0 [ 402.707367][ T9449] copy_clone_args_from_user+0x150/0x7e0 [ 402.707410][ T9449] ? get_pid_task+0xfc/0x250 [ 402.707455][ T9449] ? __pfx_copy_clone_args_from_user+0x10/0x10 [ 402.707517][ T9449] __do_sys_clone3+0xbd/0x290 [ 402.707558][ T9449] ? __pfx___do_sys_clone3+0x10/0x10 [ 402.707656][ T9449] do_syscall_64+0xcd/0x490 [ 402.707706][ T9449] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 402.707739][ T9449] RIP: 0033:0x7f3f23f8e929 [ 402.707764][ T9449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 402.707795][ T9449] RSP: 002b:00007f3f24e87f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 402.707824][ T9449] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f3f23f8e929 [ 402.707844][ T9449] RDX: 00007f3f24e87f20 RSI: 0000000000000058 RDI: 00007f3f24e87f20 [ 402.707864][ T9449] RBP: 00007f3f24e88090 R08: 0000000000000000 R09: 0000000000000058 [ 402.707883][ T9449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 402.707908][ T9449] R13: 0000000000000000 R14: 00007f3f241b5fa0 R15: 00007ffc5faa4188 [ 402.707950][ T9449] [ 406.791115][ T9490] CIFS: VFS: Invalid SecurityFlags: [ 407.564560][ T9497] FAULT_INJECTION: forcing a failure. [ 407.564560][ T9497] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 407.578072][ T9497] CPU: 1 UID: 0 PID: 9497 Comm: syz.0.702 Tainted: G U I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 407.578109][ T9497] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 407.578117][ T9497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 407.578129][ T9497] Call Trace: [ 407.578136][ T9497] [ 407.578144][ T9497] dump_stack_lvl+0x16c/0x1f0 [ 407.578181][ T9497] should_fail_ex+0x512/0x640 [ 407.578219][ T9497] _copy_from_user+0x2e/0xd0 [ 407.578241][ T9497] copy_clone_args_from_user+0x488/0x7e0 [ 407.578270][ T9497] ? get_pid_task+0xfc/0x250 [ 407.578301][ T9497] ? __pfx_copy_clone_args_from_user+0x10/0x10 [ 407.578342][ T9497] __do_sys_clone3+0xbd/0x290 [ 407.578370][ T9497] ? __pfx___do_sys_clone3+0x10/0x10 [ 407.578437][ T9497] do_syscall_64+0xcd/0x490 [ 407.578474][ T9497] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 407.578497][ T9497] RIP: 0033:0x7f3f23f8e929 [ 407.578515][ T9497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 407.578535][ T9497] RSP: 002b:00007f3f24e87f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 407.578555][ T9497] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f3f23f8e929 [ 407.578570][ T9497] RDX: 00007f3f24e87f20 RSI: 0000000000000058 RDI: 00007f3f24e87f20 [ 407.578583][ T9497] RBP: 00007f3f24e88090 R08: 0000000000000000 R09: 0000000000000058 [ 407.578597][ T9497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 407.578610][ T9497] R13: 0000000000000000 R14: 00007f3f241b5fa0 R15: 00007ffc5faa4188 [ 407.578637][ T9497] [ 407.789616][ T9475] kexec: Could not allocate control_code_buffer [ 411.340981][ T9541] netlink: 24 bytes leftover after parsing attributes in process `syz.2.712'. [ 411.782941][ T9543] netlink: 330 bytes leftover after parsing attributes in process `syz.1.710'. [ 411.817602][ T9547] FAULT_INJECTION: forcing a failure. [ 411.817602][ T9547] name failslab, interval 1, probability 0, space 0, times 0 [ 411.977424][ T9547] CPU: 1 UID: 0 PID: 9547 Comm: syz.0.713 Tainted: G U I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 411.977465][ T9547] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 411.977474][ T9547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 411.977487][ T9547] Call Trace: [ 411.977494][ T9547] [ 411.977503][ T9547] dump_stack_lvl+0x16c/0x1f0 [ 411.977547][ T9547] should_fail_ex+0x512/0x640 [ 411.977595][ T9547] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 411.977651][ T9547] should_failslab+0xc2/0x120 [ 411.977677][ T9547] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 411.977713][ T9547] ? copy_process+0x4b6/0x76a0 [ 411.977743][ T9547] ? _raw_spin_unlock_irq+0x23/0x50 [ 411.977774][ T9547] copy_process+0x4b6/0x76a0 [ 411.977813][ T9547] ? __pfx_copy_process+0x10/0x10 [ 411.977848][ T9547] ? _copy_from_user+0x59/0xd0 [ 411.977873][ T9547] kernel_clone+0xfc/0x960 [ 411.977899][ T9547] ? get_pid_task+0xfc/0x250 [ 411.977931][ T9547] ? __pfx_kernel_clone+0x10/0x10 [ 411.977975][ T9547] __do_sys_clone3+0x212/0x290 [ 411.978003][ T9547] ? __pfx___do_sys_clone3+0x10/0x10 [ 411.978069][ T9547] do_syscall_64+0xcd/0x490 [ 411.978103][ T9547] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 411.978126][ T9547] RIP: 0033:0x7f3f23f8e929 [ 411.978143][ T9547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 411.978164][ T9547] RSP: 002b:00007f3f24e87f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 411.978185][ T9547] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f3f23f8e929 [ 411.978199][ T9547] RDX: 00007f3f24e87f20 RSI: 0000000000000058 RDI: 00007f3f24e87f20 [ 411.978213][ T9547] RBP: 00007f3f24e88090 R08: 0000000000000000 R09: 0000000000000058 [ 411.978227][ T9547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 411.978239][ T9547] R13: 0000000000000000 R14: 00007f3f241b5fa0 R15: 00007ffc5faa4188 [ 411.978267][ T9547] [ 413.202354][ T9573] ptrace attach of "./syz-executor exec"[9574] was attempted by "./syz-executor exec"[9573] [ 413.652129][ T9542] kexec: Could not allocate control_code_buffer [ 420.410690][ T9625] kexec: Could not allocate control_code_buffer [ 420.648472][ T9648] bridge0: port 3(vlan1) entered blocking state [ 420.657239][ T9648] bridge0: port 3(vlan1) entered disabled state [ 420.663800][ T9648] vlan1: entered allmulticast mode [ 420.737811][ T9648] veth0_vlan: entered allmulticast mode [ 420.757212][ T9648] vlan1: entered promiscuous mode [ 420.763366][ T9648] bridge0: port 3(vlan1) entered blocking state [ 420.770215][ T9648] bridge0: port 3(vlan1) entered forwarding state [ 427.092177][ T9726] netlink: 4 bytes leftover after parsing attributes in process `syz.2.752'. [ 427.198859][ T9730] [ 427.201277][ T9730] ====================================================== [ 427.209828][ T9730] WARNING: possible circular locking dependency detected [ 427.216897][ T9730] 6.15.0-syzkaller-12426-ge271ed52b344 #0 Tainted: G U I [ 427.225291][ T9730] ------------------------------------------------------ [ 427.232665][ T9730] syz.3.753/9730 is trying to acquire lock: [ 427.238643][ T9730] ffffffff8e52f4c8 (pcpu_alloc_mutex){+.+.}-{4:4}, at: pcpu_alloc_noprof+0xb4c/0x1470 [ 427.248525][ T9730] [ 427.248525][ T9730] but task is already holding lock: [ 427.256019][ T9730] ffff888025c7d8b0 (&q->q_usage_counter(io)#18){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 427.267498][ T9730] [ 427.267498][ T9730] which lock already depends on the new lock. [ 427.267498][ T9730] [ 427.278446][ T9730] [ 427.278446][ T9730] the existing dependency chain (in reverse order) is: [ 427.287483][ T9730] [ 427.287483][ T9730] -> #2 (&q->q_usage_counter(io)#18){++++}-{0:0}: [ 427.296140][ T9730] blk_alloc_queue+0x619/0x760 [ 427.301470][ T9730] blk_mq_alloc_queue+0x175/0x290 [ 427.307067][ T9730] __blk_mq_alloc_disk+0x29/0x120 [ 427.312659][ T9730] loop_add+0x49e/0xb70 [ 427.317376][ T9730] loop_init+0x164/0x270 [ 427.322172][ T9730] do_one_initcall+0x120/0x6e0 [ 427.327494][ T9730] kernel_init_freeable+0x5c2/0x900 [ 427.333247][ T9730] kernel_init+0x1c/0x2b0 [ 427.338146][ T9730] ret_from_fork+0x5d7/0x6f0 [ 427.343322][ T9730] ret_from_fork_asm+0x1a/0x30 [ 427.348652][ T9730] [ 427.348652][ T9730] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 427.355913][ T9730] fs_reclaim_acquire+0x102/0x150 [ 427.361504][ T9730] prepare_alloc_pages+0x162/0x610 [ 427.367185][ T9730] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 427.373663][ T9730] __alloc_pages_noprof+0xb/0x1b0 [ 427.379260][ T9730] pcpu_populate_chunk+0x110/0xb00 [ 427.384937][ T9730] pcpu_alloc_noprof+0x86a/0x1470 [ 427.390632][ T9730] xt_percpu_counter_alloc+0x13e/0x1b0 [ 427.396676][ T9730] find_check_entry.constprop.0+0xbc/0x9b0 [ 427.403077][ T9730] translate_table+0xc98/0x1720 [ 427.408500][ T9730] ipt_register_table+0x102/0x430 [ 427.414091][ T9730] iptable_security_table_init+0x40/0x60 [ 427.420290][ T9730] xt_find_table_lock+0x2e4/0x520 [ 427.425886][ T9730] xt_request_find_table_lock+0x28/0xf0 [ 427.431996][ T9730] get_info+0x190/0x610 [ 427.437326][ T9730] do_ipt_get_ctl+0x169/0xa10 [ 427.442562][ T9730] nf_getsockopt+0x79/0xe0 [ 427.447527][ T9730] ip_getsockopt+0x18c/0x1e0 [ 427.452680][ T9730] tcp_getsockopt+0x9e/0x100 [ 427.457870][ T9730] do_sock_getsockopt+0x3ff/0x800 [ 427.463482][ T9730] __sys_getsockopt+0x123/0x1b0 [ 427.469016][ T9730] __x64_sys_getsockopt+0xbd/0x160 [ 427.475328][ T9730] do_syscall_64+0xcd/0x490 [ 427.480406][ T9730] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 427.487041][ T9730] [ 427.487041][ T9730] -> #0 (pcpu_alloc_mutex){+.+.}-{4:4}: [ 427.494823][ T9730] __lock_acquire+0x126f/0x1c90 [ 427.500243][ T9730] lock_acquire+0x179/0x350 [ 427.505327][ T9730] __mutex_lock+0x199/0xb90 [ 427.510399][ T9730] pcpu_alloc_noprof+0xb4c/0x1470 [ 427.515986][ T9730] blk_stat_alloc_callback+0xc8/0x280 [ 427.521911][ T9730] wbt_init+0xac/0x540 [ 427.526536][ T9730] queue_wb_lat_store+0x354/0x3d0 [ 427.532109][ T9730] queue_attr_store+0x279/0x320 [ 427.537510][ T9730] sysfs_kf_write+0xef/0x150 [ 427.542663][ T9730] kernfs_fop_write_iter+0x354/0x510 [ 427.548536][ T9730] vfs_write+0x6c4/0x1150 [ 427.553443][ T9730] ksys_write+0x12a/0x250 [ 427.558341][ T9730] do_syscall_64+0xcd/0x490 [ 427.563427][ T9730] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 427.570329][ T9730] [ 427.570329][ T9730] other info that might help us debug this: [ 427.570329][ T9730] [ 427.580853][ T9730] Chain exists of: [ 427.580853][ T9730] pcpu_alloc_mutex --> fs_reclaim --> &q->q_usage_counter(io)#18 [ 427.580853][ T9730] [ 427.595967][ T9730] Possible unsafe locking scenario: [ 427.595967][ T9730] [ 427.603758][ T9730] CPU0 CPU1 [ 427.609155][ T9730] ---- ---- [ 427.614955][ T9730] lock(&q->q_usage_counter(io)#18); [ 427.620385][ T9730] lock(fs_reclaim); [ 427.627009][ T9730] lock(&q->q_usage_counter(io)#18); [ 427.634949][ T9730] lock(pcpu_alloc_mutex); [ 427.639488][ T9730] [ 427.639488][ T9730] *** DEADLOCK *** [ 427.639488][ T9730] [ 427.647778][ T9730] 6 locks held by syz.3.753/9730: [ 427.652843][ T9730] #0: ffff888031410d38 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 427.661991][ T9730] #1: ffff88807da34428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 427.671193][ T9730] #2: ffff888058c03c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 427.681415][ T9730] #3: ffff888142b534b8 (kn->active#85){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 427.691501][ T9730] #4: ffff888025c7d8b0 (&q->q_usage_counter(io)#18){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 427.704067][ T9730] #5: ffff888025c7d8e8 (&q->q_usage_counter(queue)#20){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 427.716964][ T9730] [ 427.716964][ T9730] stack backtrace: [ 427.722888][ T9730] CPU: 1 UID: 0 PID: 9730 Comm: syz.3.753 Tainted: G U I 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 427.722933][ T9730] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 427.722944][ T9730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 427.722960][ T9730] Call Trace: [ 427.722972][ T9730] [ 427.722983][ T9730] dump_stack_lvl+0x116/0x1f0 [ 427.723028][ T9730] print_circular_bug+0x275/0x350 [ 427.723067][ T9730] check_noncircular+0x14c/0x170 [ 427.723107][ T9730] __lock_acquire+0x126f/0x1c90 [ 427.723149][ T9730] lock_acquire+0x179/0x350 [ 427.723186][ T9730] ? pcpu_alloc_noprof+0xb4c/0x1470 [ 427.723228][ T9730] ? __pfx___might_resched+0x10/0x10 [ 427.723257][ T9730] ? ksys_write+0x12a/0x250 [ 427.723298][ T9730] ? do_syscall_64+0xcd/0x490 [ 427.723337][ T9730] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 427.723368][ T9730] __mutex_lock+0x199/0xb90 [ 427.723406][ T9730] ? pcpu_alloc_noprof+0xb4c/0x1470 [ 427.723447][ T9730] ? pcpu_alloc_noprof+0xb4c/0x1470 [ 427.723489][ T9730] ? __pfx___mutex_lock+0x10/0x10 [ 427.723541][ T9730] ? pcpu_alloc_noprof+0xb4c/0x1470 [ 427.723580][ T9730] pcpu_alloc_noprof+0xb4c/0x1470 [ 427.723627][ T9730] ? __pfx_wbt_data_dir+0x10/0x10 [ 427.723670][ T9730] ? __pfx_wb_timer_fn+0x10/0x10 [ 427.723699][ T9730] blk_stat_alloc_callback+0xc8/0x280 [ 427.723728][ T9730] ? kasan_save_track+0x14/0x30 [ 427.723779][ T9730] wbt_init+0xac/0x540 [ 427.723809][ T9730] queue_wb_lat_store+0x354/0x3d0 [ 427.723835][ T9730] ? __pfx_queue_wb_lat_store+0x10/0x10 [ 427.723883][ T9730] ? __mutex_trylock_common+0xe9/0x250 [ 427.723922][ T9730] ? __pfx_queue_wb_lat_store+0x10/0x10 [ 427.723967][ T9730] queue_attr_store+0x279/0x320 [ 427.723994][ T9730] ? __pfx_queue_attr_store+0x10/0x10 [ 427.724018][ T9730] ? __lock_acquire+0x622/0x1c90 [ 427.724061][ T9730] ? find_held_lock+0x2b/0x80 [ 427.724087][ T9730] ? sysfs_file_kobj+0xe4/0x290 [ 427.724123][ T9730] ? __pfx_queue_attr_store+0x10/0x10 [ 427.724148][ T9730] sysfs_kf_write+0xef/0x150 [ 427.724182][ T9730] kernfs_fop_write_iter+0x354/0x510 [ 427.724212][ T9730] ? __pfx_sysfs_kf_write+0x10/0x10 [ 427.724247][ T9730] vfs_write+0x6c4/0x1150 [ 427.724287][ T9730] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 427.724318][ T9730] ? __pfx___mutex_lock+0x10/0x10 [ 427.724357][ T9730] ? __pfx_vfs_write+0x10/0x10 [ 427.724408][ T9730] ksys_write+0x12a/0x250 [ 427.724448][ T9730] ? __pfx_ksys_write+0x10/0x10 [ 427.724493][ T9730] do_syscall_64+0xcd/0x490 [ 427.724533][ T9730] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 427.724561][ T9730] RIP: 0033:0x7f33eef8e929 [ 427.724583][ T9730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 427.724610][ T9730] RSP: 002b:00007f33efd3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 427.724634][ T9730] RAX: ffffffffffffffda RBX: 00007f33ef1b5fa0 RCX: 00007f33eef8e929 [ 427.724670][ T9730] RDX: 0000000000000009 RSI: 00002000000001c0 RDI: 0000000000000007 [ 427.724687][ T9730] RBP: 00007f33ef010b39 R08: 0000000000000000 R09: 0000000000000000 [ 427.724704][ T9730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 427.724720][ T9730] R13: 0000000000000000 R14: 00007f33ef1b5fa0 R15: 00007ffe8b9d5158 [ 427.724750][ T9730]