last executing test programs: 12m25.196167159s ago: executing program 1 (id=2013): syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00') mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000) r0 = open$dir(&(0x7f0000000000)='./file0\x00', 0x42, 0x20) open_tree$auto(r0, 0x0, 0x1001) pipe$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fb\x00', 0x20002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x29, 0x2, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000900)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input0/name\x00', 0x40000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) r2 = socket(0xa, 0x3, 0x3a) getsockopt$auto(r2, 0x3a, 0xce, 0x0, 0x0) open(&(0x7f0000000100)='./file0\x00', 0x400000, 0x26) r3 = socket(0x2, 0x1, 0x106) getsockopt$auto(r3, 0x29, 0x4e, 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000940)=""/4096, 0x1000) rseq$auto(0x0, 0xfffffff4, 0x0, 0x5) sysfs$auto(0x2, 0x10000000000002a, 0x0) r4 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r4, &(0x7f0000000180)="4d000000c19906bc4ed3c89946f049a8bb8bbf8b44ae5a5f02f3502fc5cc3655ada1f6e6e9e320fb280928bbfd1e1ff9e69c8e9eb64e67aad0020b95220712e094e581065d6370bc22be7fe6e9", 0x4d) r5 = socket(0x27, 0x800, 0xa5) sendmsg$auto_NL80211_CMD_GET_REG(r5, 0x0, 0x2404c004) socket(0x2, 0x6, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) 12m24.651359932s ago: executing program 1 (id=2017): close_range$auto(0x2, 0x8, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010026bd7000ff8c00250400000014001a8031b9bf910c0001"], 0x28}, 0x1, 0x0, 0x0, 0x894}, 0x4) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4002, 0x4}, 0x77, 0xfffffffc, 0x0, 0x62bd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (fail_nth: 17) 12m24.242827477s ago: executing program 1 (id=2018): openat$auto_ucma_fops_ucma(0xffffffffffffff9c, 0x0, 0xa022, 0x0) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) fcntl$auto(r0, 0x8, 0xffffffffffffffff) clone$auto(0xfffffffe22000, 0x2, 0xfffffffffffffffc, 0xfffffffffffffffc, 0x800fffffffc) (async) clone$auto(0xfffffffe22000, 0x2, 0xfffffffffffffffc, 0xfffffffffffffffc, 0x800fffffffc) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r0) sendmsg$auto_NL80211_CMD_DEL_INTERFACE(r0, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="04000000", @ANYRES16=r1, @ANYBLOB="000126bd7000fcdbdf2508000000b014e3809345581b01d82fb1f1cee2079325536e46c581fff2973a7289a11e7a1e9f01249552f3be86bbcd9674b0bae1719fc612e09ba81ed94de524b85b88f3818fd32843e7b9eea4f35a56d6b4ed50b0ab1c816219f3c7840e9392ad2295e6fd60556565d44a7269d05dfe7a75f065eff2b26539400fecd9504e41fe4b7b41065dae09496bd68a688f26f69aea21110fffcaa0b6c6d01b573173e8f49a5fb1d26ac6bb7ffa8a2c4d9b26d1d4858073ce2ec46e321671d5febd44051e152eeb45ed6e0b54f2ac624432b6150554869f924503f1c98e57beedc9ecab40d3d42baa4e6c0f898d09c67ac148cd2308720392a5f8a21a803737e33415ff906b147e72189a6eda003d800400d480c17b25e7d30386d431d660934d3e020a8458960a5a8efaeb83396627841f5e90e1e4c5f26958eac645d4f076495a613aad1e80d718599b4054a912764559687a225c7d6b546ca60b52f56e7b9521ffa01fbcbc661ae021ba032cdc53a163d78c294d80a0a65321f92f72529cb1a2f7626cffc5f77c241cb1d0f8be47325f90d94e4d408ccae0e288f40641439eca9390713a39bdcc936317f47ff74e37377dc96161fbd6bff2855a4c19152b9d995be167a0315f5d99937761d75c55c69d2e17c1b03254f7b62b2bc9c032b10017b9df49f200000701458004008280004e038689a189dbb14bac6d738eabe70b31accf9bbd516c08477e0069a0f39e6db560bb0bb6b10f82e4570747ba20753b90837317f6ba1a3ebecc81238cb36b6a4a2d9714d96e4fc1eda1219bcb127a2c45aff67f825372015e79ac9ef35c5681412837284a81b582d1d99b32280b448da8ee1fc31e1a3d5bbe8aaf33147989e8aaea1514926d9aed46b386efca1809c037c069fe7f560400b2800400fd8014002300fc020000000000000000000000000000b2ac6d2e5053ad3cf9329446266a636c9be4d7236dfde068a6046a01ca66834b61874f29d1affcf4ae7dfc4721f2a699f5b218901b5ce9ca5d572aa1626c1c90993f046fccedbb04cd18051600c71196807ee29e946d75de86b0c2a5f2a7d9c3045a6982f62ca22aa7b6f784e4ad8fa6735644ad7f010b44bce51ac38d4251727ac6a633a2a22d61ad1469da633f5fbabc09c7ca5aa5ca4190a5466ef73a272c6606d893c6d780f709eac6a69d55d45f6f63fe6bd8dbe7f12a4877b147b64c849bb64ee0b16cc948a6f577338d569e9d4d349e087f099221a4ab9ed6c4a7f2ba005f7fb1ec3173068335dba86a4dc9b3384bccbff4aaf6d5eb0ce533d5b56f44ec6bdb67b1f1b8243fd6bbaef0fa015df2610799c21b0664fe50d6e9657a048558d562c01199e2db3bd69d6a1300fa002f6465762f736e642f74696d6572000004008a80b10030008928641f2b8ca56fa7a2322ff0fe683625113d553ff35b0aa4f64860f5f9ea5e05eece1b9c33f6435c0af1a81a93c20be961773834f17c1a3ee0035261f82c96e856c55da782a629b60336ef1b2610acd34868f1d2fc067565ffe1124fb5753b90cc5aa5464926938baebafa498bf45c1b1a8fd93afc5b4effe8e462b66f143870114e21b92ade04de22154438202f7739685fafcb4e2e0012a4f71e9f353e5491ae5cb500f314689c5004eb5d00000014003f00fe80000000000000000000000000002c0800280003000000e4553e6582843a0f5af84b4edaafa2f55966d597c76ba7d6ad87ea185c3adc5d55fc92ee58fc5ae5ddffaaf9edfd56007b91f0b919dfa6e01e6f8b898ff941547fc5a02cd0660f3b8f1208bcc33ebc92f41f1a10f2ee99db0136ef0e42ccecf6749b0c05035e20631403daa4508116594350d0401dfcfaafee6c26657ece66f445c2d6fab8b7a988522b06854071e5fb15c18605f68e3940eb36dd9b72ec513a42a53fdef71b9bcf725e3d583c079f0ae502a8eff8c086b236b882c45c5740b1f38cefa87880e93443302a0971187090b8eb6616da5c6bba9787f07bd8730b718617ab88b24ea3585fdaae683450d3f4026bb791f73ee40158a746a730dbe4adc12de0fefe9341ce24c513ebd164a429b0822b020c753f3a6fdaa9377f4eb5252b340e40e4911ee0217947dfc25310c8693a2f67a4c8404751b8675ceaa62295d63640e0b31a3c994225084da5965d40a455af05a7d5eb6711f2d31a56a51af8689189788bcfc5d04e04be549eb3f97219c865e62d818c96afbe9c8b48a48f78faa8bb73edcb8622140d98b30bee76092674b3d462efdcbac6a76afae14b16db4476b780ef5494270e06d21192b6485b2cebbfd2a10205fd47aa932ed556457f0e3864a01c8fa8dd77945f056a850e44e8e2a716b82553329c34032610e67d6f71ca3a1b8c15ec38153ccd3aa26bffba2c8060377d0f6abde73914aac3834fbbd9652127a530aef5507a61708635b907c20666012e76ccaa2ed491611ad1764821cf2260416006ed9724db9d4ce8ea062a16918783cd8dfa24b1d3afc18c0d04ceb27b21c60a6a99ad477c78f8f173d94348de3584340a63a4adeddad02a9b4295e2ba3289e1e4465f5c40aec9f99b735e3e2951e332a67258391c1b8f7b104e6eabb6bee288666a9659b78a899fa40b0aea61d45293aba4929f9728ac4c42f5cec6a1843b712a6ccdcf642d399ede0afb5e86aa6e8930955efe1414dd7eacbdf639f0c331c2651901224fe4b0ebb088d0de78819d173f974a9df9ded3d1795406bedd60ce62ada55da3ba4498f5e29331f8cf31aac555d76ef2d84026f4a6415f6b5f575218dedc1c249250b2638e34bd81551ae82ce2e5add33ebdc8c7e7ad93b2afde8217aa0fda58dd027a8a622e3488e5fcbcac1b9e7488a0b311585a711dd69f44d62725edd4d21a08ff958110708644735fab0bc341f3eead53dd9f35072347dcc8c5022f29b798bf3e74544bc4c0e5c7a7c91c53200994c0fc7f1ec6a86d7e0de20213c7eb9f18df6fa0437a889e125b8623cfb822fdb5a131ab357a414acb15ef8f2dedca9bec3cbf0a8ce64b7ecc485927d83b5ea1e9bbd35396479c85d6117a33597e9a1c53b3c7d7f0c6855c1f1d45be5915d79dae97883f64aa318b52664c233953a4e35105cc4adaa0c9ba933f4faa1d744dc79e9b8faed12609e978bf853eed64de41046bf66e4fd22d1f3e015957162687af5268a7f7e39c6d212272a991095a790dd8a843d70bd08f3ac96803d6494644dd7eeee8f8f9d3f96ea37111a9e530db42c2431f111286f17d0d1c5340e40d26e97ddd8b4f505a7591aee9a30ea15b3da36475e30de4613c6d257552956f3003bb19b291b5bd761be7212627aeb7b478fba7e0a8e78549dd3af502db6ffc3779bf4ed96c7ca4122d04bfd965f1bd7cff9f75ae93a48478c220804f49f9f3d19ab775bc665a4c21c905b0552a3d6e38989f4fb2b46ec7f586c5d6ba4420a5b1b7b737e22ed8255f713c1a02a6ab28ef6e8e2837362c4a6f949360a5f9f8c8ccf33b0cfd510f3fa9676a3fceb07a17eb43b2f5d7396eb9cd859093e648b6d44b62f256e2e9a32c460b1de36fc4bf711748d69403545880b37be5a3bf89e92854f873ebab7abc2b128f6c9b97cbb17ca7eafe2217e4ca8b2bcbc8a04e3667805423b482e837c65372f151d56034321c0132b93a30411a840edccbab961686f34e2e7b612c3ccaba7714eb4ba78cfda54a89e1bd943cf3e4f2fe00e3ded3434c2b3c19afb8390258a31f7c7fcb2a015cd10a93c74d6fed8d159971771e8570b4ff70ed4cc88b32d98b9c09fd49154c291d893277b431bba611e2aecd571f47918e412c5f4b32d335706204d3b9bc58e89150d096a6827252aefd8497a12675634aed243059e26ca78cb95fa84f3426e59267e078cb08def68b2733b398f689b6758c2c6ec82bd0b556525ca20d1aa1346f67b5a61db9da69b2a22b3b282d1dd448b4f66e1c42b802b13fce4bf0e3c33dcd374978b8f6545cf4cc22aceb42e825ca6f8899b2c5b5f195144488258d23cb5f95271f7957879980912f532fb84b58a4b08521e12724b7f130fe3d552720e06d5c0724a404479a4ab2dd544e7dd644e92808d0a68c36c6dd61a272f587b874286eff5ccfc94b894a212d98d20b0e0e83ba8871539dc04802a6475b1a2c26ccf2a3d5622fd56f9315f8c17f50de857c2dd8a2e40869ef31c2f803d5f406d6fc098ae80d0832b81c13aa5707af29b98f61519fa90323278580b2bd5efd92e3f263e962d2c3fd67e46aac3aaff14927f88049dc9ddf265500bf91d789ded664c24e14dcdf2337f3c53b1b2916e72ec053ec269f98d5f6df3adbeebd2de1d4550d43d7dc2ea5488d2797449f7345e8ab8f30084347cac736fdc35f0bf15d6559d4697d645fd2207e837725a82bd0db626e2e51eb09081c84cea59d759f17ee2962a17a44887539a7d832d6d3bdc63e5074d8e047b29e60305a2ab74d741ffff97d2ee84a1fb471176192a601f1a85c080c97dcf0e894951dbe7a9bf68dcd05280f403cf4b8b36d21ce24cd52de71a12074fb6d04029ffa8fe6a80144680c4d84cf060f963621fc4de12fc2dbe1a937530239223aa1460b8b5b3c8f2a2231b0858a99f518ed19f0b03c1ef12adbe36e47e36350362b5df5d6f38074a983c43d734581b3c190ce9acd67e26e5e2ea82667f3037a742712f66d632740efe2d33f1652a4bcbd461b47498d3860865f545738a0fa6707361111f01ae1f7edefa86cce3df610810e50a9bdc124f613a4e8e71bcf6096eb2d8ba2d6d4d5d3c7b5457210d1d6e4f709c3e3863671d0d89ecc34c3711698e961ca2e3c59170122c4a1897b1dab225900a9f2bd24274d6338b60825c4ecb781fce46a63ac75d62e267ecc2867a2bffb6a401c2e9d50aaef2645185eccc0c55dd6dfd72412ff220ba70592818dd00292a806e795d998865592e6e3916ef70edf3dc257c22b42d134d16962ab7b70387f096b9294d57c6928fd2e40bf094522676c8ad938b3e3664d45080a3a398638b36501cd89eceb42f3fa6149baa01e2398c9fabecc8f5fe64352357e22717eec887c5aca12800e7f489e0b8ccf77a34366c06943cdc940f5be83f137499b8a5c3acb3378f55ac71ba6df39d0644f87d3ad6035a5a97d52fc7ff27b4ca96ae43c760e657e6812f0ffeaafe405c6fdf7757ccdffa21d61252ffeba7222410749f3c68ea95856d49eb67467ad4c18ac26ee6924c8dff08184333ec09e10dc8e415116541d63eddad21d01ff02e13b56b98dc90486c4ebd33bc54906156e7aff47054ed31087b057e9d3e0d1e656065a6e18b530093641bf90e6fa7492e060c056422d93afdab855d143c2dd2d716f43576120149e88500f7173f7f602565000453ada1bd9aba85c813544bfe6297f36a68a3a525f91b331ed2faaff47e619c0afb45ab9c5479ffb513bc8ed8a88805b94b88dce87e5264f0f38a27a4f9116686dbc317fb01a80ebbb6ad1a2f2381aadecc08798c00a6b76ce719e6b1dac15e50248647cfa020d8cebb02b2818e23fade558648804d2e29053e0e1bdeefa586abab4bb9814483056c1ac8e5211aac33b6e512ad8a0997237cb8ba61cd47b8a0fbca7fdb9cd86a0157898d726a8badf3d252c7fa2f7f338c3ae99d3477213b2113ab1978de80cfa5ca31463163bd8e09198306618014de0c7580b97815b6273b27cc8195e23c75b680cf41eb17cb7a44d77d73f12fd12862e2c006a41aa55d9110353cb6031cd26a1b960993d0e602210c6a310baf3febea77f8cdc4a5167b74f393933403af46b4cb742c291e2d95411cf8ef21d118873e2cd860d314f3603f09413c1f9611bbba2b83735d0ba0e9b5c8bd528bb59e9ce635108afd9ac2d72a1e59f26896549f657b8c26b00b5d84d33099a125f3ac6916d732f0360a63b54bd9a6dd4bf531752f10f9b7eed4abd72fbae207525dce112704b80307f8a5a464d98a91c5d5096f43a53726adfec38ca12e36907335f7703f311f88a52735124c37a9b3be4205f0628c29849b74d3810aa87b77e962f066e208ca2ced6387ddf2a855fbf107157217e7ecd7344cd740e99a1e6ece13d1348e09c4bb5bdc25846e59f8e2c5c75eaec584c2e006c22e5ac929fcd5751251ca061660367aeac89606a1614762142a356a87a5f5ec3a057c22568ef693d777bb4fc33b2b654724399aa53fc22a1f7cade442590643aa3be7a5b52b5286081b22b2d16b02e38270a0ee19665f002670146509996c795032b63192b20f2861a197be38763c2b2e6cf99fce86454d8a7d9c2e3a83b1c8de82697e875273c5ca479666229b115ce7f6126dfb7dfa026405ccdcdda1c2222b8a507320e2041dd67bc0cc2abf2dd888c011ecd5a48e501356d04efa33c20a335b2fe091cde2440b603ef5908a45637b1a5a3ca5f434f93df5f5c30cc1af4df81fcb84e7baf375faae48fec0a24e947c05883ca409ea0ba67de28c17874725d77a1966c121e302350aead9af220757280d5f7e643365a3f5e1f794475ca19a2878d1bf89b7d2d776f226aaeb411e0b92513093fed814d8d04d2e4c0f05164330c16911081930f1fb37ef80a4590d20e907ccf7dae1d16592da853e48db0ed3d984a1bd584a720e30126a8c6dc76e018fdba7b9d525f612c7b856633264af5a48b3ae0688bda8165611abb906ab56d6cc4eb172bfc37219e78601c1f9a5f82d0dc1abdb2b5e09bfa100fc01fd58af6ce4f2b46edd235a9a7265e14c58516f39360d93527686da71fc8c7da781fa69cc6de8a709977f09d775708f4fff48791a1f524a052ebd4692b74f1cfa7b0fc9a7f3ac74951f7980d88f59e1ee25e7504d6808b6a673447d100326ad139b903c7e5ae9b6510084d02518356d670333cd7c3ab907f7f9dc1cd8945cd4005e644a0521f67b7a1575a8d9ecf90a1e87b2756ae2d33acab26da628ba04db2800ca50f268c53fc319faeef850aa0d7453945fdf4f43c0e6f4a066f3b75ce09bae8f55e99c6f8b432e9fbc8628657ce23253b398170c0dfe48cbc9cd8a82f8199e5dc9e67e825e53465ad7b792f3f5fe120cff0102a3e4769e12498a350a38d32cfc897a9dbebfb5317a5e302fb565f59b69d20fafab344720dc5bcc4c1a2429c2847c8da62f9d61d8cbc454ef98aaa83b43c3484ed7572e6c0b34d42f0be6a1eb10a5511021c0458328cfaa98842bfaac4d21e532442fa5872397575450261c9d53cfd90d89e58c5af1949076d365a7575d9a6fc98ada581ef2c8db85573afdf148a7489684f5bdec2ed54ace9a1fd0c1fdb24224ed8b533518fba38835e7cab0c656f1606b1feed49c694ca6ac90e2bf47e0286c822bf0f4fcfd13f33b83bca65aeb87dcaec2352a5a545ce5bee127f850297e626e2f14faf16733785f005823505f45e957affcd65d949a1aa8cf071eb4910ab7e7a3567c774cd2ff8274aa471f2dd818cfabcf587f87dc64ba4881be2bd0530f3f7c080fa3889e428a41c3bd00073002801f1374927d568e61deb5414426161f80d21a768b51b153921a8f97005a16e1de251c5a30cde047d33db322cbfceb939cd860ab849629535bba16d7e6a30cc8e1be19bd359c7e6e0c8cf5d6a0dc6c032563911ce47af791b12a0848608461c728da4e5c14972a467a62b69ad09a146b20008005700040000000400af000c002e01090000000000000004008300"], 0x1554}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) (async) sendmsg$auto_NL80211_CMD_DEL_INTERFACE(r0, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="04000000", @ANYRES16=r1, @ANYBLOB="000126bd7000fcdbdf2508000000b014e3809345581b01d82fb1f1cee2079325536e46c581fff2973a7289a11e7a1e9f01249552f3be86bbcd9674b0bae1719fc612e09ba81ed94de524b85b88f3818fd32843e7b9eea4f35a56d6b4ed50b0ab1c816219f3c7840e9392ad2295e6fd60556565d44a7269d05dfe7a75f065eff2b26539400fecd9504e41fe4b7b41065dae09496bd68a688f26f69aea21110fffcaa0b6c6d01b573173e8f49a5fb1d26ac6bb7ffa8a2c4d9b26d1d4858073ce2ec46e321671d5febd44051e152eeb45ed6e0b54f2ac624432b6150554869f924503f1c98e57beedc9ecab40d3d42baa4e6c0f898d09c67ac148cd2308720392a5f8a21a803737e33415ff906b147e72189a6eda003d800400d480c17b25e7d30386d431d660934d3e020a8458960a5a8efaeb83396627841f5e90e1e4c5f26958eac645d4f076495a613aad1e80d718599b4054a912764559687a225c7d6b546ca60b52f56e7b9521ffa01fbcbc661ae021ba032cdc53a163d78c294d80a0a65321f92f72529cb1a2f7626cffc5f77c241cb1d0f8be47325f90d94e4d408ccae0e288f40641439eca9390713a39bdcc936317f47ff74e37377dc96161fbd6bff2855a4c19152b9d995be167a0315f5d99937761d75c55c69d2e17c1b03254f7b62b2bc9c032b10017b9df49f200000701458004008280004e038689a189dbb14bac6d738eabe70b31accf9bbd516c08477e0069a0f39e6db560bb0bb6b10f82e4570747ba20753b90837317f6ba1a3ebecc81238cb36b6a4a2d9714d96e4fc1eda1219bcb127a2c45aff67f825372015e79ac9ef35c5681412837284a81b582d1d99b32280b448da8ee1fc31e1a3d5bbe8aaf33147989e8aaea1514926d9aed46b386efca1809c037c069fe7f560400b2800400fd8014002300fc020000000000000000000000000000b2ac6d2e5053ad3cf9329446266a636c9be4d7236dfde068a6046a01ca66834b61874f29d1affcf4ae7dfc4721f2a699f5b218901b5ce9ca5d572aa1626c1c90993f046fccedbb04cd18051600c71196807ee29e946d75de86b0c2a5f2a7d9c3045a6982f62ca22aa7b6f784e4ad8fa6735644ad7f010b44bce51ac38d4251727ac6a633a2a22d61ad1469da633f5fbabc09c7ca5aa5ca4190a5466ef73a272c6606d893c6d780f709eac6a69d55d45f6f63fe6bd8dbe7f12a4877b147b64c849bb64ee0b16cc948a6f577338d569e9d4d349e087f099221a4ab9ed6c4a7f2ba005f7fb1ec3173068335dba86a4dc9b3384bccbff4aaf6d5eb0ce533d5b56f44ec6bdb67b1f1b8243fd6bbaef0fa015df2610799c21b0664fe50d6e9657a048558d562c01199e2db3bd69d6a1300fa002f6465762f736e642f74696d6572000004008a80b10030008928641f2b8ca56fa7a2322ff0fe683625113d553ff35b0aa4f64860f5f9ea5e05eece1b9c33f6435c0af1a81a93c20be961773834f17c1a3ee0035261f82c96e856c55da782a629b60336ef1b2610acd34868f1d2fc067565ffe1124fb5753b90cc5aa5464926938baebafa498bf45c1b1a8fd93afc5b4effe8e462b66f143870114e21b92ade04de22154438202f7739685fafcb4e2e0012a4f71e9f353e5491ae5cb500f314689c5004eb5d00000014003f00fe80000000000000000000000000002c0800280003000000e4553e6582843a0f5af84b4edaafa2f55966d597c76ba7d6ad87ea185c3adc5d55fc92ee58fc5ae5ddffaaf9edfd56007b91f0b919dfa6e01e6f8b898ff941547fc5a02cd0660f3b8f1208bcc33ebc92f41f1a10f2ee99db0136ef0e42ccecf6749b0c05035e20631403daa4508116594350d0401dfcfaafee6c26657ece66f445c2d6fab8b7a988522b06854071e5fb15c18605f68e3940eb36dd9b72ec513a42a53fdef71b9bcf725e3d583c079f0ae502a8eff8c086b236b882c45c5740b1f38cefa87880e93443302a0971187090b8eb6616da5c6bba9787f07bd8730b718617ab88b24ea3585fdaae683450d3f4026bb791f73ee40158a746a730dbe4adc12de0fefe9341ce24c513ebd164a429b0822b020c753f3a6fdaa9377f4eb5252b340e40e4911ee0217947dfc25310c8693a2f67a4c8404751b8675ceaa62295d63640e0b31a3c994225084da5965d40a455af05a7d5eb6711f2d31a56a51af8689189788bcfc5d04e04be549eb3f97219c865e62d818c96afbe9c8b48a48f78faa8bb73edcb8622140d98b30bee76092674b3d462efdcbac6a76afae14b16db4476b780ef5494270e06d21192b6485b2cebbfd2a10205fd47aa932ed556457f0e3864a01c8fa8dd77945f056a850e44e8e2a716b82553329c34032610e67d6f71ca3a1b8c15ec38153ccd3aa26bffba2c8060377d0f6abde73914aac3834fbbd9652127a530aef5507a61708635b907c20666012e76ccaa2ed491611ad1764821cf2260416006ed9724db9d4ce8ea062a16918783cd8dfa24b1d3afc18c0d04ceb27b21c60a6a99ad477c78f8f173d94348de3584340a63a4adeddad02a9b4295e2ba3289e1e4465f5c40aec9f99b735e3e2951e332a67258391c1b8f7b104e6eabb6bee288666a9659b78a899fa40b0aea61d45293aba4929f9728ac4c42f5cec6a1843b712a6ccdcf642d399ede0afb5e86aa6e8930955efe1414dd7eacbdf639f0c331c2651901224fe4b0ebb088d0de78819d173f974a9df9ded3d1795406bedd60ce62ada55da3ba4498f5e29331f8cf31aac555d76ef2d84026f4a6415f6b5f575218dedc1c249250b2638e34bd81551ae82ce2e5add33ebdc8c7e7ad93b2afde8217aa0fda58dd027a8a622e3488e5fcbcac1b9e7488a0b311585a711dd69f44d62725edd4d21a08ff958110708644735fab0bc341f3eead53dd9f35072347dcc8c5022f29b798bf3e74544bc4c0e5c7a7c91c53200994c0fc7f1ec6a86d7e0de20213c7eb9f18df6fa0437a889e125b8623cfb822fdb5a131ab357a414acb15ef8f2dedca9bec3cbf0a8ce64b7ecc485927d83b5ea1e9bbd35396479c85d6117a33597e9a1c53b3c7d7f0c6855c1f1d45be5915d79dae97883f64aa318b52664c233953a4e35105cc4adaa0c9ba933f4faa1d744dc79e9b8faed12609e978bf853eed64de41046bf66e4fd22d1f3e015957162687af5268a7f7e39c6d212272a991095a790dd8a843d70bd08f3ac96803d6494644dd7eeee8f8f9d3f96ea37111a9e530db42c2431f111286f17d0d1c5340e40d26e97ddd8b4f505a7591aee9a30ea15b3da36475e30de4613c6d257552956f3003bb19b291b5bd761be7212627aeb7b478fba7e0a8e78549dd3af502db6ffc3779bf4ed96c7ca4122d04bfd965f1bd7cff9f75ae93a48478c220804f49f9f3d19ab775bc665a4c21c905b0552a3d6e38989f4fb2b46ec7f586c5d6ba4420a5b1b7b737e22ed8255f713c1a02a6ab28ef6e8e2837362c4a6f949360a5f9f8c8ccf33b0cfd510f3fa9676a3fceb07a17eb43b2f5d7396eb9cd859093e648b6d44b62f256e2e9a32c460b1de36fc4bf711748d69403545880b37be5a3bf89e92854f873ebab7abc2b128f6c9b97cbb17ca7eafe2217e4ca8b2bcbc8a04e3667805423b482e837c65372f151d56034321c0132b93a30411a840edccbab961686f34e2e7b612c3ccaba7714eb4ba78cfda54a89e1bd943cf3e4f2fe00e3ded3434c2b3c19afb8390258a31f7c7fcb2a015cd10a93c74d6fed8d159971771e8570b4ff70ed4cc88b32d98b9c09fd49154c291d893277b431bba611e2aecd571f47918e412c5f4b32d335706204d3b9bc58e89150d096a6827252aefd8497a12675634aed243059e26ca78cb95fa84f3426e59267e078cb08def68b2733b398f689b6758c2c6ec82bd0b556525ca20d1aa1346f67b5a61db9da69b2a22b3b282d1dd448b4f66e1c42b802b13fce4bf0e3c33dcd374978b8f6545cf4cc22aceb42e825ca6f8899b2c5b5f195144488258d23cb5f95271f7957879980912f532fb84b58a4b08521e12724b7f130fe3d552720e06d5c0724a404479a4ab2dd544e7dd644e92808d0a68c36c6dd61a272f587b874286eff5ccfc94b894a212d98d20b0e0e83ba8871539dc04802a6475b1a2c26ccf2a3d5622fd56f9315f8c17f50de857c2dd8a2e40869ef31c2f803d5f406d6fc098ae80d0832b81c13aa5707af29b98f61519fa90323278580b2bd5efd92e3f263e962d2c3fd67e46aac3aaff14927f88049dc9ddf265500bf91d789ded664c24e14dcdf2337f3c53b1b2916e72ec053ec269f98d5f6df3adbeebd2de1d4550d43d7dc2ea5488d2797449f7345e8ab8f30084347cac736fdc35f0bf15d6559d4697d645fd2207e837725a82bd0db626e2e51eb09081c84cea59d759f17ee2962a17a44887539a7d832d6d3bdc63e5074d8e047b29e60305a2ab74d741ffff97d2ee84a1fb471176192a601f1a85c080c97dcf0e894951dbe7a9bf68dcd05280f403cf4b8b36d21ce24cd52de71a12074fb6d04029ffa8fe6a80144680c4d84cf060f963621fc4de12fc2dbe1a937530239223aa1460b8b5b3c8f2a2231b0858a99f518ed19f0b03c1ef12adbe36e47e36350362b5df5d6f38074a983c43d734581b3c190ce9acd67e26e5e2ea82667f3037a742712f66d632740efe2d33f1652a4bcbd461b47498d3860865f545738a0fa6707361111f01ae1f7edefa86cce3df610810e50a9bdc124f613a4e8e71bcf6096eb2d8ba2d6d4d5d3c7b5457210d1d6e4f709c3e3863671d0d89ecc34c3711698e961ca2e3c59170122c4a1897b1dab225900a9f2bd24274d6338b60825c4ecb781fce46a63ac75d62e267ecc2867a2bffb6a401c2e9d50aaef2645185eccc0c55dd6dfd72412ff220ba70592818dd00292a806e795d998865592e6e3916ef70edf3dc257c22b42d134d16962ab7b70387f096b9294d57c6928fd2e40bf094522676c8ad938b3e3664d45080a3a398638b36501cd89eceb42f3fa6149baa01e2398c9fabecc8f5fe64352357e22717eec887c5aca12800e7f489e0b8ccf77a34366c06943cdc940f5be83f137499b8a5c3acb3378f55ac71ba6df39d0644f87d3ad6035a5a97d52fc7ff27b4ca96ae43c760e657e6812f0ffeaafe405c6fdf7757ccdffa21d61252ffeba7222410749f3c68ea95856d49eb67467ad4c18ac26ee6924c8dff08184333ec09e10dc8e415116541d63eddad21d01ff02e13b56b98dc90486c4ebd33bc54906156e7aff47054ed31087b057e9d3e0d1e656065a6e18b530093641bf90e6fa7492e060c056422d93afdab855d143c2dd2d716f43576120149e88500f7173f7f602565000453ada1bd9aba85c813544bfe6297f36a68a3a525f91b331ed2faaff47e619c0afb45ab9c5479ffb513bc8ed8a88805b94b88dce87e5264f0f38a27a4f9116686dbc317fb01a80ebbb6ad1a2f2381aadecc08798c00a6b76ce719e6b1dac15e50248647cfa020d8cebb02b2818e23fade558648804d2e29053e0e1bdeefa586abab4bb9814483056c1ac8e5211aac33b6e512ad8a0997237cb8ba61cd47b8a0fbca7fdb9cd86a0157898d726a8badf3d252c7fa2f7f338c3ae99d3477213b2113ab1978de80cfa5ca31463163bd8e09198306618014de0c7580b97815b6273b27cc8195e23c75b680cf41eb17cb7a44d77d73f12fd12862e2c006a41aa55d9110353cb6031cd26a1b960993d0e602210c6a310baf3febea77f8cdc4a5167b74f393933403af46b4cb742c291e2d95411cf8ef21d118873e2cd860d314f3603f09413c1f9611bbba2b83735d0ba0e9b5c8bd528bb59e9ce635108afd9ac2d72a1e59f26896549f657b8c26b00b5d84d33099a125f3ac6916d732f0360a63b54bd9a6dd4bf531752f10f9b7eed4abd72fbae207525dce112704b80307f8a5a464d98a91c5d5096f43a53726adfec38ca12e36907335f7703f311f88a52735124c37a9b3be4205f0628c29849b74d3810aa87b77e962f066e208ca2ced6387ddf2a855fbf107157217e7ecd7344cd740e99a1e6ece13d1348e09c4bb5bdc25846e59f8e2c5c75eaec584c2e006c22e5ac929fcd5751251ca061660367aeac89606a1614762142a356a87a5f5ec3a057c22568ef693d777bb4fc33b2b654724399aa53fc22a1f7cade442590643aa3be7a5b52b5286081b22b2d16b02e38270a0ee19665f002670146509996c795032b63192b20f2861a197be38763c2b2e6cf99fce86454d8a7d9c2e3a83b1c8de82697e875273c5ca479666229b115ce7f6126dfb7dfa026405ccdcdda1c2222b8a507320e2041dd67bc0cc2abf2dd888c011ecd5a48e501356d04efa33c20a335b2fe091cde2440b603ef5908a45637b1a5a3ca5f434f93df5f5c30cc1af4df81fcb84e7baf375faae48fec0a24e947c05883ca409ea0ba67de28c17874725d77a1966c121e302350aead9af220757280d5f7e643365a3f5e1f794475ca19a2878d1bf89b7d2d776f226aaeb411e0b92513093fed814d8d04d2e4c0f05164330c16911081930f1fb37ef80a4590d20e907ccf7dae1d16592da853e48db0ed3d984a1bd584a720e30126a8c6dc76e018fdba7b9d525f612c7b856633264af5a48b3ae0688bda8165611abb906ab56d6cc4eb172bfc37219e78601c1f9a5f82d0dc1abdb2b5e09bfa100fc01fd58af6ce4f2b46edd235a9a7265e14c58516f39360d93527686da71fc8c7da781fa69cc6de8a709977f09d775708f4fff48791a1f524a052ebd4692b74f1cfa7b0fc9a7f3ac74951f7980d88f59e1ee25e7504d6808b6a673447d100326ad139b903c7e5ae9b6510084d02518356d670333cd7c3ab907f7f9dc1cd8945cd4005e644a0521f67b7a1575a8d9ecf90a1e87b2756ae2d33acab26da628ba04db2800ca50f268c53fc319faeef850aa0d7453945fdf4f43c0e6f4a066f3b75ce09bae8f55e99c6f8b432e9fbc8628657ce23253b398170c0dfe48cbc9cd8a82f8199e5dc9e67e825e53465ad7b792f3f5fe120cff0102a3e4769e12498a350a38d32cfc897a9dbebfb5317a5e302fb565f59b69d20fafab344720dc5bcc4c1a2429c2847c8da62f9d61d8cbc454ef98aaa83b43c3484ed7572e6c0b34d42f0be6a1eb10a5511021c0458328cfaa98842bfaac4d21e532442fa5872397575450261c9d53cfd90d89e58c5af1949076d365a7575d9a6fc98ada581ef2c8db85573afdf148a7489684f5bdec2ed54ace9a1fd0c1fdb24224ed8b533518fba38835e7cab0c656f1606b1feed49c694ca6ac90e2bf47e0286c822bf0f4fcfd13f33b83bca65aeb87dcaec2352a5a545ce5bee127f850297e626e2f14faf16733785f005823505f45e957affcd65d949a1aa8cf071eb4910ab7e7a3567c774cd2ff8274aa471f2dd818cfabcf587f87dc64ba4881be2bd0530f3f7c080fa3889e428a41c3bd00073002801f1374927d568e61deb5414426161f80d21a768b51b153921a8f97005a16e1de251c5a30cde047d33db322cbfceb939cd860ab849629535bba16d7e6a30cc8e1be19bd359c7e6e0c8cf5d6a0dc6c032563911ce47af791b12a0848608461c728da4e5c14972a467a62b69ad09a146b20008005700040000000400af000c002e01090000000000000004008300"], 0x1554}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff) (async) r3 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/tty34\x00', 0x2200, 0x0) sendmsg$auto_SMC_NETLINK_DISABLE_SEID(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYRES32=r2], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) fcntl$auto(r0, 0x10, 0x2) (async) fcntl$auto(r0, 0x10, 0x2) 12m24.086640877s ago: executing program 1 (id=2020): keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0x8000, 0xe) r0 = openat$auto_ipsec_dbg_fops_ipsec(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim6/ports/0/ipsec\x00', 0x121600, 0x0) r1 = getegid() mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x929, 0x44b, 0x7, 0x5, 0x100717e, 0xd1, 0x7, 0x7, 0x7ff, 0xfffffffe, 0x80000001, 0x4, 0x200000000001, 0x384, 0xfffffffffffffffb, 0x8, 0x0, 0x2, 0x0, 0x864, 0xe, 0x22000, 0x200, 0x4, 0x1}, 0xa, 0xd) r2 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r2, 0xfffffff7effffd01, &(0x7f00000001c0)) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x141241, 0x0) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) setregid$auto(r1, r1) fchown$auto(r0, 0x0, r1) socket(0x2, 0x1, 0x0) setsockopt$auto(0x3, 0x0, 0xc8, 0xfffffffffffffffc, 0x4) socket(0x10, 0xa, 0x4) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x10) 12m23.939074026s ago: executing program 1 (id=2021): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop2\x00', 0x0, 0x0) mmap$auto(0x7f, 0x5, 0xffb, 0x8000000008011, 0x3, 0x8000) symlink$auto(&(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) tkill$auto(0x1, 0x7) keyctl$auto_KEYCTL_SESSION_TO_PARENT(0x12, 0x0, 0x0, 0x0, 0x48eafc79) statmount$auto(&(0x7f0000000000)={0x7e, @raw, 0x80000020, 0xd97, 0x2}, 0x0, 0x7ffffffff000, 0x0) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd8\x00', 0x0, 0x0) ioctl$auto(r0, 0xab01, r0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x3, &(0x7f00000001c0)=@task_fd_query={0x0, 0xffffffffffffffff, 0x8, 0x30017, 0x8020000000a, 0x2, 0x5f, 0x20000000000803, 0xffffffffffffffff}, 0x6f0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x80000000}, 0x5, 0xffffffffffffffff, 0x7, 0x2e) 12m23.239797472s ago: executing program 1 (id=2024): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x2dc08f24db163610, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0x20000000000000d4, 0x1, 0x6, 0x0, 0x7, 0x368a, 0x2, {0x100000000, 0x10000}, 0x5, 0x8, 0xfffffffffffffffd, 0x1007fff, 0x0, 0x8, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x808}) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) mmap$auto(0x0, 0x400008, 0x1000df, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto(0x3, 0x89e2, 0x91) ioctl$auto(0x3, 0x89e2, 0x91) madvise$auto(0x0, 0xffffffffffff0001, 0x15) msync$auto(0x0, 0xe0, 0x6) socket(0xa, 0x2, 0x3a) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$auto(r2, 0x5453, r2) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) madvise$auto(0x110c239100, 0x1, 0x9) futex$auto(0x0, 0xc, 0xffffffff, 0x0, 0x0, 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/i8042/serio0/force_release\x00', 0xc2082, 0x0) 12m22.775701816s ago: executing program 32 (id=2024): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x2dc08f24db163610, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0x20000000000000d4, 0x1, 0x6, 0x0, 0x7, 0x368a, 0x2, {0x100000000, 0x10000}, 0x5, 0x8, 0xfffffffffffffffd, 0x1007fff, 0x0, 0x8, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x808}) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) mmap$auto(0x0, 0x400008, 0x1000df, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto(0x3, 0x89e2, 0x91) ioctl$auto(0x3, 0x89e2, 0x91) madvise$auto(0x0, 0xffffffffffff0001, 0x15) msync$auto(0x0, 0xe0, 0x6) socket(0xa, 0x2, 0x3a) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$auto(r2, 0x5453, r2) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) madvise$auto(0x110c239100, 0x1, 0x9) futex$auto(0x0, 0xc, 0xffffffff, 0x0, 0x0, 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/i8042/serio0/force_release\x00', 0xc2082, 0x0) 9.104305969s ago: executing program 2 (id=4947): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:04.0/remove\x00', 0x2801, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)="f9170b", 0x3) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/lapb2/threaded\x00', 0x0, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x7, 0x4a}) io_setup$auto(0x7ffe, &(0x7f0000000000)) io_setup$auto(0x7ffe, &(0x7f0000000000)) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYRES8=r1], 0x1ac}}, 0x40000) sendmsg$auto_IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000ffdbdf25270000000500280003000000140030002341c6cc737eff488e00000000f4ccf0060006000800000006001000060000000600080005000000"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x8001) r2 = socket(0x11, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x5, &(0x7f00000003c0), 0x5, 0x1000}, 0x5}, 0x2, 0x100) r3 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0xd, 0x8}) sendmmsg$auto(r2, &(0x7f00000001c0)={{0x0, 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x6}, 0xfcb, &(0x7f0000000180), 0x5, 0x1000}, 0x5}, 0x802, 0x70000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x6, 0x0) unshare$auto(0x40000080) mmap$auto(0xa5f, 0x1, 0x7fffffffffffffff, 0xeb1, r3, 0x80000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40802, 0x0) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x9, 0x100000001, 0x63, 0x0, 0x0, 0x0, 0x1000000006, 0x6, 0x7, 0x400, 0x7ffffff9, 0x5, 0xffffffff80000000, 0x9, 0x61, 0x105}) fadvise64$auto(0x0, 0x9, 0x9, 0xb28) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40400c4) 7.85527118s ago: executing program 2 (id=4951): mmap$auto(0x5, 0x5b4, 0x4000000000df, 0x12, 0xffffffffffffffff, 0x7ffe) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xc18, 0x8000) socket(0x2, 0x1, 0x106) r0 = socket(0x2, 0x801, 0x106) setsockopt$auto(r0, 0x1, 0x2, 0x0, 0x7) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4001, @loopback}, 0x6b) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x2c, 0x80003, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0x80040, 0x0) socketpair$auto(0x1e, 0x4, 0xffffffff, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r1 = wait4$auto(0xffffffffffffffff, &(0x7f00000000c0)=0xfffffffe, 0x1, &(0x7f0000000100)={{0x32dec0e2, 0x1}, {0xae, 0x2}, 0x7, 0x6, 0x9, 0x8000, 0x3, 0x6, 0x1, 0x3, 0x6, 0x2, 0x0, 0x8, 0x200}) prctl$auto(0x4, 0x6807, r1, 0x4, 0xc3) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r2, 0x0, 0x7ff) write$auto(0x3, 0x0, 0xffd8) getrandom$auto(0x0, 0x6000000, 0x3) close_range$auto(0x2, 0x8, 0x0) r3 = open(0x0, 0xa24b43, 0xd5) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) ioctl$auto_FUSE_DEV_IOC_BACKING_CLOSE(r3, 0x4004e502, &(0x7f0000000040)=0xc3) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 6.31084486s ago: executing program 3 (id=4957): read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) r0 = pipe$auto(&(0x7f0000000000)) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_GET(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)={0x28, r1, 0x200, 0x70bd27, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0x9}]}, 0x28}}, 0x20000040) keyctl$auto(0x5, 0xffffffffffffffff, 0x0, 0x5, 0x8) keyctl$auto(0x11, 0xdfffffffffffffff, 0x69c9, 0x0, 0xbcd) 6.16699837s ago: executing program 3 (id=4958): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop6\x00', 0x480, 0x0) fdatasync$auto(r0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/module/parameters/sig_enforce\x00', 0x2402, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x80, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_binder_ctl_fops_binderfs(0xffffffffffffff9c, &(0x7f0000000000), 0x82c00, 0x0) ioctl$auto_BINDER_CTL_ADD(r1, 0xc1086201, 0x0) read$auto(0x3, 0x0, 0xfffffdef) 6.082711056s ago: executing program 2 (id=4959): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 5.975984934s ago: executing program 4 (id=4960): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socket(0x2, 0x1, 0x0) socket(0x2c, 0x3, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HSR_C_GET_NODE_STATUS(r1, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="290928bd7000fbdbdf250300000008000200", @ANYRES32=0x0, @ANYBLOB="5e35e04e0d34b4a711a18f780c206d471d15b008d8892b58b75b1c43d43dcb3a735528a11325499f768e61918242dab598941814b92dfc1c03a5c0feaa2d49c821917aeb5ec1848ee7abec55b003f45a31021802dfc2314fcf52fafe0f22ed18b8153d43552d9904708bd08c66353599b67f365e08a9d1456244c449571170a61c8d6fe48717c30414bfdd67b34f79fad1edeb065d43a04381049fc19b861cf59a73d946afffefba34300230207f89ae0d5d3a069398672c053f00fe48642b8e0c6d065560ca4d50d690735e4e057e27d489760d7d68bbd960e327221d"], 0x1c}, 0x1, 0x0, 0x0, 0x240008c5}, 0x48094) socket$nl_generic(0x10, 0x3, 0x10) write$auto(0x3, 0x0, 0x9672) madvise$auto(0x0, 0xffffffffffff0001, 0x15) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xff7f}, 0x5) mmap$auto(0x0, 0x20009, 0x12, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x3ff, 0x0) mmap$auto(0x0, 0xbb0c, 0x329, 0x10011, 0x2, 0x8000) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x3, 0x100) socket(0x2a, 0x2, 0x0) ioctl$auto(0x3, 0x541b, 0x38) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_LINK_SET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYRES32=r0, @ANYRES64=r2, @ANYBLOB="350d27bd7000ffdbdf250900000027e65e97384fa07779eeb853e214ab0c860a3d1a62f0401245ef2ef9d47ff389709b13af10a963661812a382d367f3f06c6ba1e909b816494552c67a1d265adca68ac546515d2b916ca80268e5ea4a76fd38e8538f798a72d192d6f26eddc3e089179cd8e446912bb44c668cce2bea87fb797be824f46e687616c0fdf52579bba721b92a5c8dfa4d031df87ac42e9933849f251b016542a24ff6a4add868c4f379ec5a33589d9a942d50187bf3"], 0x14}, 0x1, 0x0, 0x0, 0x61cf770a5abe6d4a}, 0x8010) getpgid(0x0) r4 = geteuid() keyctl$auto(0x1f, r4, r4, 0x0, 0x8) 5.248092095s ago: executing program 0 (id=4961): socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) timer_create$auto(0x2, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000800)='./file0\x00', 0x6041, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x7, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700201000000000000000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) open(0x0, 0x22040, 0x75) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) timer_settime$auto(0x0, 0x6, &(0x7f0000000000)={{0x100000001, 0x3ff}, {0x5a, 0x2}}, 0x0) timer_delete$auto(0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000580)='/dev/audio\x00', 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r2 = socket(0x2a, 0x2, 0x1) sendmsg$auto_TIPC_NL_NODE_GET(r2, 0x0, 0x4880) select$auto(0x10, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd40, 0x4, 0x8000000000948b, 0x5, 0x95f4da06, 0x9, 0x1, 0x62, 0x80000001, 0x6, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) 5.081626762s ago: executing program 2 (id=4962): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000003700)={0x0, 0x0, &(0x7f00000036c0)={&(0x7f0000003500)={0x14, r1, 0x1, 0x70bd2b, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) epoll_create$auto(0x4) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x3ff, 0x0, 0x3, 0x5f, 0x0, 0x3}, 0x6f3) r2 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cpu/1/msr\x00', 0xf82, 0x0) readv$auto(r2, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) fsopen$auto(&(0x7f0000000000)='nlctrl\x00', 0x3) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000080), r3) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) 5.081291387s ago: executing program 3 (id=4963): close_range$auto(0x2, 0x8, 0x0) setresuid$auto(0x0, 0x8, 0x8000) mq_open$auto(&(0x7f0000000780)='!\x00', 0x76d0, 0x101, &(0x7f0000000280)={0x0, 0x10000080008, 0xe6, 0xd0b}) r0 = epoll_create$auto(0x4) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0xfffffffffffffffc) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) msgctl$auto_IPC_RMID(0x40, 0x0, &(0x7f0000000140)={{0x40, 0xffffffffffffffff, 0x0, 0x20000, 0x4bd9, 0x5, 0x1}, &(0x7f0000000080)=0x1, &(0x7f00000000c0)=0x5, 0xc, 0x7f, 0x1000, 0x1, 0x8, 0x43, 0x8, 0xfff3, @raw=0x5, @inferred=0xffffffffffffffff}) shmctl$auto_SHM_LOCK(0x3c40, 0xb, &(0x7f0000000300)={{0x729, 0xee00, 0xffffffffffffffff, 0xf51, 0x1, 0x1, 0x8}, 0x8, 0x80, 0x0, 0xb6b, @raw=0x2211bf7b, @raw=0x3, 0x1413, 0x0, &(0x7f00000001c0)="e57b8965cf5ea47777b00740bec8a2ecd9397573f60dca42711c8b02c50b91702df850bc4664480a2736418f65ea2ddaf491a785901ab458ba407c5fbb47bd30dcc626c4c3fe0c560cd600d23701ec", &(0x7f0000000240)="a0196302592b755af21c1d8f5695088c69b8635efe91f38a940a31829a8c00dee51d38de0f32a66ef702b4f7be223b9eb0ba469825a99179da3920b3e49935397b101c708a46aa4b804aa06f15a2303bea3a8bd530ca911858739751f68787baeafa49cea8e593f078aa1963e67ee2f541773d96e21638c9c80f9779191715710aab34164e37fb9efc23da32c3cc0438616f"}) r5 = geteuid() write$auto(0xca, &(0x7f0000000040)='\x04>2\x0f\x00\x00\x96\x18am\xea\xf4\x1b\xf8', 0x7e) setreuid$auto(r5, 0x0) r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) writev$auto(r6, &(0x7f00000000c0)={0x0, 0x6}, 0x1) statx$auto(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x4, 0x2, &(0x7f0000000480)={0x5, 0xf, 0x7, 0x7, r5, 0xffffffffffffffff, 0x7, 0xa1c9, 0x8, 0x1ff, 0x2, 0x6, {0x9, 0x80}, {0x2, 0xfffffffd}, {0x9, 0x9}, {0x5, 0x2}, 0x11, 0xdfa, 0x7, 0x5, 0x4, 0x855a, 0x7f, 0xfffffffffffffff8, 0x4, 0x0, 0x87, 0x2005, [0x8, 0x2d52, 0x8, 0x9, 0x0, 0x9, 0xfffffffffffffffc, 0x3, 0x3391]}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'ip6erspan0\x00', 0x0}) r8 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r8, 0xc0045002, &(0x7f0000000200)) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) ioctl$auto_SNDCTL_DSP_STEREO(r8, 0xc0045003, &(0x7f00000001c0)="f4") write$auto(0x3, 0x0, 0xfffffdef) sendmsg$auto_NL80211_CMD_GET_COALESCE(r0, &(0x7f0000000700)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000006c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="100027bd7000fedbdf25640000001100f9007596f0c507beb05b556abd0806000000ae027a8068002680040028805f00450079e054ba4c48c876e421785c5c89342100edfa707b9e977ed5b14abc36af418bb19dd50e32c44671ab89cd8351ebe5dcb97961485aa9c7548836aa9805fee1e00d2ab6940754cfecd3705f048531dff02bbc2c55d44b20f7a9093a0008001f00", @ANYRES32=0x0, @ANYBLOB="1400c600ff0100000000000000000000000000019a43740b3807696e3a3bc800c32614e6bd0e4f7943e40ed2d5806f69c74fb249470035800600a5002400000008002900", @ANYRES32=r3, @ANYBLOB="08000600ff0300000c00ca000300000000000000dd6de012f3e5678558e6a0fb7b0f1b52069cb9dbaa0ae6f2a0ad73cd006e2100bd0051800d0027002f6465762f6473700000000008003500", @ANYRES32=r0, @ANYBLOB="b1486c7dc1d8c4e5925f769061cda656f376e41960a70b5fe1ec7c9deee32fc9e2997b27e0708070e3ae0874f64d0d8268dc03ffb0dc40fe0693921bc4652b6cc028d8cab1b80dc494855201ca01be7320448be9e1bb79c8bc7caecd297a15464d66c6b35b013b8e04f0a2c086d2b775c59267f1a62476bfab941ecc9899365780c10ecd9418596880002483fb55cadb448938676804db5fba0800c700", @ANYRES32=r4, @ANYBLOB="000000fbebdcba5b37fe3c26ce3da105d193fbf992553f7b46a82dc0fecb9a842fa69b11cd399a0459f746e15289dffd09ede1b944b2072b40112cd2b7d52863bd3975920bff9263f7df1b2f0da847d21790b1b26ea25e0a71d7d841a2b5f4ea6af06dab27b48962a559ac0e20e8122c9d206be94a58ad5479de4894b9a206bcc0c27382cd7921ec10c4c33feb0d91787739fb65330728bf559da8c2bd3a1b644510375f9a2500ca8008008300", @ANYRES32=r1, @ANYBLOB="04008a800800b7000f00000055d9795ecf2b08bf233412fd9600000034003c8004002d8004003880b2f629d47dc51631e89d79188e19c0da17ea7e9a93da4821d169aa4d83dbbac76d9d3bc60400528000000d00f9002a93cd32b5d515922e0000000400160108000300", @ANYRES32=r7, @ANYBLOB], 0x2f4}, 0x1, 0x0, 0x0, 0x20048010}, 0x40004) mmap$auto(0x0, 0x2000a, 0x10000200000df, 0xeb2, 0x401, 0x8000) r9 = io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x80003, 0x300) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'ip_vti0\x00', 0x0}) sendto$auto(0x3, 0x0, 0x13, 0xfffffff8, &(0x7f0000000440)=@xdp={0x2c, 0xdd86, r10, 0x2f}, 0x22) mmap$auto(0x0, 0x4, 0xffd, 0x12, 0x3, 0x0) 4.87479731s ago: executing program 3 (id=4964): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x2dc08f24db163610, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0x20000000000000d4, 0x1, 0x6, 0x0, 0x7, 0x368a, 0x2, {0x100000000, 0x10000}, 0x5, 0x8, 0xfffffffffffffffd, 0x1007fff, 0x0, 0x8, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x808}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0) madvise$auto(0x110c230000, 0x1, 0x9) futex$auto(0x0, 0xc, 0xffffffff, 0x0, 0x0, 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/i8042/serio0/force_release\x00', 0xc2082, 0x0) read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, &(0x7f00000007c0)=""/153, 0x99) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0) setsockopt$auto(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x56b) mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(0xffffffffffffffff, 0x7a4, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket(0x10, 0x2, 0xc) ppoll$auto(&(0x7f0000000180)={r0, 0x4, 0x3}, 0xe46, &(0x7f0000000200)={0x2, 0x6}, &(0x7f0000000240)={0x7}, 0x8) sendmsg$auto_CTRL_CMD_GETPOLICY(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x10004010) open(&(0x7f0000000280)='./cgroup\x00', 0x288f43, 0x6a) ioperm$auto(0x7, 0x71, 0x863) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x8202, 0x0) read$auto(r2, 0x0, 0x0) 4.210512327s ago: executing program 0 (id=4965): r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x100000, 0x2, 0x2, 0x0, 0x50b301a, 0x2c, 0x2c, 0x4}) 3.951072863s ago: executing program 4 (id=4966): clock_nanosleep$auto(0x9, 0x0, &(0x7f0000000000)={0x0, 0x200}, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) r0 = socket(0x2b, 0x1, 0x1) setsockopt$auto(r0, 0x0, 0x33, 0x0, 0x2) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_udc.2/udc/dummy_udc.2/is_otg\x00', 0x80040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/17, 0x11) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-touch0\x00', 0xe0800, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0) write$auto(r2, 0x0, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000100), r4) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) setsockopt$auto(0x3, 0x1, 0x3c, 0x0, 0x9) ioctl$auto_TIOCEXCL2(r4, 0x540c, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x6, 0x7, 0x7ff, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x5, 0x1000, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) unshare$auto(0x40000080) r5 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cuse\x00', 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r5, &(0x7f0000000440)="11000000126584", 0x7) socket(0x2, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r6 = socket(0xa, 0x3, 0x2c) setsockopt$auto(r6, 0x1, 0x44, &(0x7f0000000180)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\xb9E\x81\xb6F\x96\xa6\xba\xf4\x98;n\xb2nA6\x1a\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x00\x00\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81', 0xa95e) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) 3.62485656s ago: executing program 3 (id=4967): mmap$auto(0x5, 0x5b4, 0x4000000000df, 0x12, 0xffffffffffffffff, 0x7ffe) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xc18, 0x8000) socket(0x2, 0x1, 0x106) r0 = socket(0x2, 0x801, 0x106) setsockopt$auto(r0, 0x1, 0x2, 0x0, 0x7) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4001, @loopback}, 0x6b) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x2c, 0x80003, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0x80040, 0x0) socketpair$auto(0x1e, 0x4, 0xffffffff, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r1 = wait4$auto(0xffffffffffffffff, &(0x7f00000000c0)=0xfffffffe, 0x1, &(0x7f0000000100)={{0x32dec0e2, 0x1}, {0xae, 0x2}, 0x7, 0x6, 0x9, 0x8000, 0x3, 0x6, 0x1, 0x3, 0x6, 0x2, 0x0, 0x8, 0x200}) prctl$auto(0x4, 0x6807, r1, 0x4, 0xc3) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r2, 0x0, 0x7ff) write$auto(0x3, 0x0, 0xffd8) getrandom$auto(0x0, 0x6000000, 0x3) close_range$auto(0x2, 0x8, 0x0) r3 = open(0x0, 0xa24b43, 0xd5) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) ioctl$auto_FUSE_DEV_IOC_BACKING_CLOSE(r3, 0x4004e502, &(0x7f0000000040)=0xc3) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 3.148891349s ago: executing program 0 (id=4968): read$auto(0x3, 0x0, 0xfffffdef) 2.518554284s ago: executing program 4 (id=4969): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) setrlimit$auto(0x1000000007, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) copy_file_range$auto(r0, &(0x7f0000000040)=0xfffffffffffffff9, r0, 0x0, 0x2, 0x0) ioctl$auto_TUNDETACHFILTER(r0, 0x401054d6, &(0x7f0000000080)={0x0, &(0x7f0000000040)={0x2, 0x3, 0x3, @raw=0x5}}) socket(0x2, 0x2, 0x0) setsockopt$auto(0x3, 0x0, 0x11, 0x0, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x1, 0x6, 0x8, 0x7fffffff, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c47, 0x4, 0x100, 0x7ffffffb, 0x101, 0x800, 0x3}, {0x8, 0x1, 0x52, 0x5, 0x2, 0x40, 0x76c5, 0x8, 0x100000000}}) socket(0xa, 0x1, 0x100) r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x101100, 0x0) ioctl$auto_SW_SYNC_GET_DEADLINE(r1, 0xc0105702, &(0x7f0000000000)={0x0, 0x0, r1}) ioperm$auto(0x7, 0x1, 0x7) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r2 = socket(0x1e, 0xa, 0x7) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r5 = syz_genetlink_get_family_id$auto_psample(&(0x7f00000001c0), r2) sendmsg$auto_PSAMPLE_CMD_GET_GROUP(r4, &(0x7f0000000340)={&(0x7f0000000180), 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r5, 0x200, 0x70bd2b, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x8014}, 0x801) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x7, 0x20009, 0x5, 0xffffffff, 0x405, 0x8000) sendmsg$auto_MAC802154_HWSIM_CMD_GET_RADIO(r4, 0x0, 0x800) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) listen$auto(0x3, 0x8d) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) semctl$auto(0x1ff, 0x2, 0x13, 0x1) 2.494707553s ago: executing program 2 (id=4970): capget$auto(0x0, 0x0) mmap$auto(0x7ff, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x7f, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) connect$auto(0x4, 0x0, 0x10) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/rpc/auth.unix.ip/flush\x00', 0x2000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0xc, 0x1, 0x7fffffff, 0x7, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x9, 0x4, 0x6d3f, 0x1, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x40081, 0x0) r0 = epoll_create$auto(0x3e) epoll_ctl$auto(r0, 0x1, 0x8000000000000000, 0x0) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2b, 0x1, 0x0) 2.341051026s ago: executing program 0 (id=4971): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 1.694805665s ago: executing program 3 (id=4972): capget$auto(0x0, 0x0) mmap$auto(0x7ff, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x7f, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) connect$auto(0x4, 0x0, 0x10) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/rpc/auth.unix.ip/flush\x00', 0x2000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0xc, 0x1, 0x7fffffff, 0x7, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x9, 0x4, 0x6d3f, 0x1, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x40081, 0x0) r0 = epoll_create$auto(0x3e) epoll_ctl$auto(r0, 0x1, 0x8000000000000000, 0x0) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2b, 0x1, 0x0) 1.559562647s ago: executing program 4 (id=4973): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) shmctl$auto_SHM_UNLOCK(0x1, 0xc, &(0x7f00000002c0)={{0x92c3, 0xee01, 0xee01, 0x5, 0x4, 0x6, 0x6}, 0x4, 0x5, 0xb5, 0xffff, @inferred=0xffffffffffffffff, @inferred, 0x80, 0x0, &(0x7f0000000180)="0c5bdd2c053be482cd73679e00a887b1f963a656f63150fbd8e955e71a49f2d474cf6fcf63ababcb052d618b6b9637f116658ac0a6e51cdbd572bab2c21420096d5b3ab03cfd484b89a153e5232d8b4be9a26723c39f0701452beb6b4c2332af77ccf21cc5fa47ee4106547d6b5cd2331b3899fe5c2b7b399d5a5ccd0cb648abf087f0c6689fdf076ce91f", &(0x7f0000000240)="14c659221c5d7ba0d1a47d206b516e2a4c758149b8e17d372e3239c91e7b347d97beb88c145c1d835396e89184f2a6591356611158446b92b57e67ef187708f41b4782b29ad3004f0efe559d4e6c0b79"}) setfsuid$auto(r1) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) socket(0x2, 0x5, 0x0) 812.936492ms ago: executing program 4 (id=4974): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/rpc/nfsd.export/channel\x00', 0x8f3b7a51b8162d21, 0x0) write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)="20edd9d1027e0dc0023af10e9bfa1babfa3a3753209aee370a", 0x19) 688.727032ms ago: executing program 0 (id=4975): setresuid$auto(0x0, 0x7, 0x8080) setfsuid$auto(0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/virtual/bdi/7:14/max_bytes\x00', 0x182a02, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/pcrypt/pencrypt/serial_cpumask\x00', 0xa001, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = open(&(0x7f0000000240)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x138) open_by_handle_at$auto(r1, &(0x7f0000000040)={0x8, 0x2, '\a\x00\x00\x00\x00\x00\x00\x00'}, 0x2) write$auto(r0, &(0x7f0000000200)='\x01\x00^\xa2\x02\x00\x00\x00\x00\x00\xd8l\x00\x00\x00\x00\x00\x00\xb2s\x83\xbd\xc5_%\xc1\xa3\xd0\x95Hq\xf4zG\x01[{\x17\x05I\xe0\xb1d)\x04z8L\xe6&[\xa9X6\x7f\xec\x94\xdal\xa1\xbb\x86\x9c\xc2\xef\x02\r9%\x06\xc5\'b%m_\x96A\"\xdd\xe40\xa7\xc3\x9ah\xf3B\xc2\xec\xf8\r\f[\xe5\x9dK\xe1\x99\x86\xfc\xac\x9f\x8ad{\xe9\xa5e\x9a\x80\xa7\xc4\x90\x0f\xef@\x87\x8b\xed\x81\\\xf4\xde3\xe12PY\xdb\x10?', 0x3) ioperm$auto(0x57, 0x200, 0x0) r2 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x1, 0x6, 0x8, 0x7fffffff, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c47, 0x4, 0x100, 0x7ffffffb, 0x101, 0x800, 0x3}, {0x8, 0x1, 0x52, 0x5, 0x2, 0x40, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x0, 0xb, 0xffb, 0xfffffffffffffffb, 0x3, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_DRAIN(r2, 0x40045731, &(0x7f0000000000)=0x3) sendmmsg$auto(r3, 0xfffffffffffffffd, 0x1, 0x9) semctl$auto(0x1ff, 0x2, 0x13, 0x1) ioperm$auto(0x910790c, 0x6, 0x1) io_uring_enter$auto(0x3, 0x5, 0xffffffff, 0x3, 0x0, 0x2) mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) setfsuid$auto(0x0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) sysfs$auto(0x2, 0x6, 0x0) r4 = fsopen$auto(0x0, 0x1) fsconfig$auto(r4, 0x6, 0x0, 0x0, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) ioctl$auto(0x3, 0x80045500, 0x38) r5 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80501, 0x0) ioctl$auto(r5, 0x3b8a, 0x38) close_range$auto(r3, r2, 0x6d31) 644.444016ms ago: executing program 4 (id=4976): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/logsyscall\x00', 0x20a42, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x111280, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x0, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000100)='/d-:\xe7J\x00'/23, 0x1eb0800) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1fb, 0x7, 0xd, 0x1, 0x948b, 0x4, 0xfffffffffffffffc, 0x1, 0x3, 0x11000000, 0x0, 0x7, 0x200000006d38, 0x7ff, 0x10, 0xfffffffffffffffd]}, 0x0) close_range$auto(r0, 0x8, 0xfffffffc) getgroups$auto(0x7, 0xffffffffffffffff) splice$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x767, 0x4a) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) r3 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/etherd/interfaces\x00', 0x80, 0x0) write$auto_aoe_fops_aoechr(r3, &(0x7f0000000340)="907afbeb71aec51fe086fddde7775d4dc6ed4e46839fb6c84da9d514b1fbfb2eb6ceaf012c36b494809dca51ae90df3df79e8df64f7f7d43bf5495f7c623a890a6e9e8f3cd4946e1c8d033a39c455ab889", 0x51) sendmsg$auto_NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, 0x0, 0x0) read$auto(r2, 0x0, 0x1f40) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0xfffffffffffff664) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) getsockopt$auto_SO_PASSCRED(r5, 0x1, 0x10, 0x0, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000140), 0x440, 0x0) 284.392464ms ago: executing program 0 (id=4977): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv6/neigh/bond_slave_1/proxy_qlen\x00', 0x40001, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) connect$auto(0x3, 0x0, 0x54) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/nr12/address\x00', 0x101800, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) eventfd$auto(0x8e) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) memfd_create$auto(0x0, 0x0) mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) madvise$auto(0x0, 0xffffffffffff0007, 0x19) mbind$auto(0x9, 0x2091d2, 0x3, 0x0, 0x6, 0x2) madvise$auto(0x40000000, 0x8000000000000000, 0x15) write$auto(0x3, 0x0, 0xfff5) 0s ago: executing program 2 (id=4978): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/gss_krb5_enctypes\x00', 0x1c9180, 0x0) sigaltstack$auto(&(0x7f0000000180)={0x0, 0x80000001, 0x40b4}, 0x0) mmap$auto(0x0, 0x2020009, 0xdc, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = getpid() r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sg0\x00', 0x103002, 0x0) write$auto_sg_fops_sg(r2, &(0x7f0000000140)="01000000000d0000624c492f4aa7a158ad329acb69abe1d4bbe91b3ddc84d02747403bbca33c95be8fb08baf91e29260d0", 0x31) r3 = gettid() ppoll$auto(&(0x7f0000000000)={r0, 0x1, 0x8001}, 0x6e3b9a98, &(0x7f0000000080)={0x1}, &(0x7f00000000c0)={0x4}, 0x8) fanotify_mark$auto(r0, 0x6, 0xffff, r4, &(0x7f0000000100)='./file0\x00') rt_tgsigqueueinfo$auto(r1, r3, 0x21, 0x0) read$auto_tracing_stats_fops_trace(r0, 0x0, 0x0) kernel console output (not intermixed with test programs): 67.126146][T23496] [ 1168.057381][T23518] netlink: 'syz.2.4220': attribute type 28 has an invalid length. [ 1168.111662][T23518] netlink: 334 bytes leftover after parsing attributes in process `syz.2.4220'. [ 1169.137670][T23537] FAULT_INJECTION: forcing a failure. [ 1169.137670][T23537] name failslab, interval 1, probability 0, space 0, times 0 [ 1169.167729][T23537] CPU: 0 UID: 0 PID: 23537 Comm: syz.2.4224 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1169.167799][T23537] Tainted: [U]=USER [ 1169.167811][T23537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1169.167838][T23537] Call Trace: [ 1169.167850][T23537] [ 1169.167871][T23537] dump_stack_lvl+0x16c/0x1f0 [ 1169.167921][T23537] should_fail_ex+0x512/0x640 [ 1169.167974][T23537] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1169.168028][T23537] should_failslab+0xc2/0x120 [ 1169.168069][T23537] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1169.168107][T23537] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 1169.168149][T23537] hugetlbfs_alloc_inode+0x8c/0x1d0 [ 1169.168187][T23537] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 1169.168228][T23537] alloc_inode+0x61/0x240 [ 1169.168269][T23537] new_inode+0x22/0x1c0 [ 1169.168310][T23537] hugetlbfs_get_inode+0x354/0x730 [ 1169.168357][T23537] hugetlb_file_setup+0x15b/0x620 [ 1169.168404][T23537] ksys_mmap_pgoff+0x189/0x5c0 [ 1169.168454][T23537] ? rcu_is_watching+0x12/0xc0 [ 1169.168489][T23537] __x64_sys_mmap+0x125/0x190 [ 1169.168526][T23537] do_syscall_64+0xcd/0x230 [ 1169.168574][T23537] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1169.168607][T23537] RIP: 0033:0x7f5124d8e969 [ 1169.168634][T23537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1169.168665][T23537] RSP: 002b:00007f5125b2a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1169.168695][T23537] RAX: ffffffffffffffda RBX: 00007f5124fb5fa0 RCX: 00007f5124d8e969 [ 1169.168717][T23537] RDX: 00004000000000df RSI: 0000000000200004 RDI: 0000000000000000 [ 1169.168736][T23537] RBP: 00007f5124e10ab1 R08: ffffffffffffffff R09: 0000300004000000 [ 1169.168757][T23537] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 1169.168776][T23537] R13: 0000000000000000 R14: 00007f5124fb5fa0 R15: 00007fffc8b4a718 [ 1169.168816][T23537] [ 1169.371628][ C0] vkms_vblank_simulate: vblank timer overrun [ 1169.496533][T23539] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4225'. [ 1171.078523][T23574] netlink: 'syz.4.4235': attribute type 1 has an invalid length. [ 1171.538961][T23579] FAULT_INJECTION: forcing a failure. [ 1171.538961][T23579] name failslab, interval 1, probability 0, space 0, times 0 [ 1171.552539][T23579] CPU: 1 UID: 0 PID: 23579 Comm: syz.0.4236 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1171.552593][T23579] Tainted: [U]=USER [ 1171.552604][T23579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1171.552624][T23579] Call Trace: [ 1171.552636][T23579] [ 1171.552652][T23579] dump_stack_lvl+0x16c/0x1f0 [ 1171.552703][T23579] should_fail_ex+0x512/0x640 [ 1171.552749][T23579] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1171.552792][T23579] should_failslab+0xc2/0x120 [ 1171.552832][T23579] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1171.552872][T23579] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 1171.552917][T23579] hugetlbfs_alloc_inode+0x8c/0x1d0 [ 1171.552954][T23579] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 1171.552992][T23579] alloc_inode+0x61/0x240 [ 1171.553031][T23579] new_inode+0x22/0x1c0 [ 1171.553075][T23579] hugetlbfs_get_inode+0x354/0x730 [ 1171.553120][T23579] hugetlb_file_setup+0x15b/0x620 [ 1171.553167][T23579] ksys_mmap_pgoff+0x189/0x5c0 [ 1171.553212][T23579] ? rcu_is_watching+0x12/0xc0 [ 1171.553247][T23579] __x64_sys_mmap+0x125/0x190 [ 1171.553283][T23579] do_syscall_64+0xcd/0x230 [ 1171.553333][T23579] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1171.553365][T23579] RIP: 0033:0x7f497798e969 [ 1171.553391][T23579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1171.553423][T23579] RSP: 002b:00007f49788a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1171.553453][T23579] RAX: ffffffffffffffda RBX: 00007f4977bb5fa0 RCX: 00007f497798e969 [ 1171.553474][T23579] RDX: 00004000000000df RSI: 0000000000200004 RDI: 0000000000000000 [ 1171.553493][T23579] RBP: 00007f4977a10ab1 R08: ffffffffffffffff R09: 0000300004000000 [ 1171.553523][T23579] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 1171.553543][T23579] R13: 0000000000000000 R14: 00007f4977bb5fa0 R15: 00007ffd3b3207a8 [ 1171.553585][T23579] [ 1172.073334][T23589] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4238'. [ 1172.114372][T23589] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4238'. [ 1176.023857][T23661] netlink: 326 bytes leftover after parsing attributes in process `syz.3.4258'. [ 1176.205240][T23666] svc: failed to register nfsdv3 RPC service (errno 111). [ 1176.213816][T23666] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1178.702686][T23697] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4269'. [ 1178.737314][T23697] team_slave_0: entered allmulticast mode [ 1179.722049][T23717] FAULT_INJECTION: forcing a failure. [ 1179.722049][T23717] name failslab, interval 1, probability 0, space 0, times 0 [ 1179.781825][T23717] CPU: 1 UID: 0 PID: 23717 Comm: syz.2.4276 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1179.781884][T23717] Tainted: [U]=USER [ 1179.781896][T23717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1179.781916][T23717] Call Trace: [ 1179.781935][T23717] [ 1179.781948][T23717] dump_stack_lvl+0x16c/0x1f0 [ 1179.781999][T23717] should_fail_ex+0x512/0x640 [ 1179.782046][T23717] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1179.782089][T23717] should_failslab+0xc2/0x120 [ 1179.782130][T23717] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1179.782168][T23717] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 1179.782212][T23717] hugetlbfs_alloc_inode+0x8c/0x1d0 [ 1179.782248][T23717] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 1179.782286][T23717] alloc_inode+0x61/0x240 [ 1179.782326][T23717] new_inode+0x22/0x1c0 [ 1179.782369][T23717] hugetlbfs_get_inode+0x354/0x730 [ 1179.782414][T23717] hugetlb_file_setup+0x15b/0x620 [ 1179.782459][T23717] ksys_mmap_pgoff+0x189/0x5c0 [ 1179.782508][T23717] ? rcu_is_watching+0x12/0xc0 [ 1179.782542][T23717] __x64_sys_mmap+0x125/0x190 [ 1179.782581][T23717] do_syscall_64+0xcd/0x230 [ 1179.782628][T23717] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1179.782661][T23717] RIP: 0033:0x7f5124d8e969 [ 1179.782686][T23717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1179.782718][T23717] RSP: 002b:00007f5125b2a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1179.782751][T23717] RAX: ffffffffffffffda RBX: 00007f5124fb5fa0 RCX: 00007f5124d8e969 [ 1179.782773][T23717] RDX: 00004000000000df RSI: 0000000000200004 RDI: 0000000000000000 [ 1179.782794][T23717] RBP: 00007f5124e10ab1 R08: ffffffffffffffff R09: 0000300004000000 [ 1179.782815][T23717] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 1179.782834][T23717] R13: 0000000000000000 R14: 00007f5124fb5fa0 R15: 00007fffc8b4a718 [ 1179.782874][T23717] [ 1179.986015][ C1] vkms_vblank_simulate: vblank timer overrun [ 1180.213021][T23732] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4280'. [ 1180.382408][T23721] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1180.667856][T23723] Invalid ELF header magic: != ELF [ 1180.900171][T23748] FAULT_INJECTION: forcing a failure. [ 1180.900171][T23748] name failslab, interval 1, probability 0, space 0, times 0 [ 1180.940467][T23748] CPU: 1 UID: 0 PID: 23748 Comm: syz.4.4283 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1180.940518][T23748] Tainted: [U]=USER [ 1180.940529][T23748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1180.940546][T23748] Call Trace: [ 1180.940557][T23748] [ 1180.940569][T23748] dump_stack_lvl+0x16c/0x1f0 [ 1180.940618][T23748] should_fail_ex+0x512/0x640 [ 1180.940659][T23748] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1180.940713][T23748] should_failslab+0xc2/0x120 [ 1180.940752][T23748] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1180.940804][T23748] ? kernfs_fop_open+0xa3a/0xda0 [ 1180.940848][T23748] kernfs_fop_open+0xa3a/0xda0 [ 1180.940892][T23748] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1180.940949][T23748] do_dentry_open+0x741/0x1c10 [ 1180.940982][T23748] ? __pfx_kernfs_fop_open+0x10/0x10 [ 1180.941028][T23748] vfs_open+0x82/0x3f0 [ 1180.941085][T23748] path_openat+0x1e5e/0x2d40 [ 1180.941131][T23748] ? __pfx_path_openat+0x10/0x10 [ 1180.941163][T23748] ? __lock_acquire+0xaa4/0x1ba0 [ 1180.941208][T23748] do_filp_open+0x20b/0x470 [ 1180.941238][T23748] ? __pfx_do_filp_open+0x10/0x10 [ 1180.941297][T23748] ? _raw_spin_unlock+0x28/0x50 [ 1180.941332][T23748] ? alloc_fd+0x471/0x7d0 [ 1180.941392][T23748] do_sys_openat2+0x11b/0x1d0 [ 1180.941433][T23748] ? __pfx_do_sys_openat2+0x10/0x10 [ 1180.941492][T23748] __x64_sys_open+0x153/0x1e0 [ 1180.941531][T23748] ? __pfx___x64_sys_open+0x10/0x10 [ 1180.941583][T23748] ? rcu_is_watching+0x12/0xc0 [ 1180.941616][T23748] do_syscall_64+0xcd/0x230 [ 1180.941662][T23748] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1180.941693][T23748] RIP: 0033:0x7f576c38e969 [ 1180.941718][T23748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1180.941749][T23748] RSP: 002b:00007f576d2b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 1180.941779][T23748] RAX: ffffffffffffffda RBX: 00007f576c5b5fa0 RCX: 00007f576c38e969 [ 1180.941799][T23748] RDX: b5d1af1605322c72 RSI: 0000000000002000 RDI: 0000200000000000 [ 1180.941819][T23748] RBP: 00007f576c410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1180.941838][T23748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1180.941855][T23748] R13: 0000000000000000 R14: 00007f576c5b5fa0 R15: 00007ffc44e57e38 [ 1180.941896][T23748] [ 1181.106194][T23748] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input34 [ 1181.107825][ C1] vkms_vblank_simulate: vblank timer overrun [ 1181.194768][ C1] vkms_vblank_simulate: vblank timer overrun [ 1181.200823][ C1] hrtimer: interrupt took 256659845 ns [ 1181.236453][T23735] FAULT_INJECTION: forcing a failure. [ 1181.236453][T23735] name failslab, interval 1, probability 0, space 0, times 0 [ 1181.299799][T23735] CPU: 1 UID: 0 PID: 23735 Comm: syz.0.4279 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1181.299854][T23735] Tainted: [U]=USER [ 1181.299865][T23735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1181.299885][T23735] Call Trace: [ 1181.299897][T23735] [ 1181.299909][T23735] dump_stack_lvl+0x16c/0x1f0 [ 1181.299960][T23735] should_fail_ex+0x512/0x640 [ 1181.300015][T23735] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1181.300057][T23735] should_failslab+0xc2/0x120 [ 1181.300097][T23735] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1181.300136][T23735] ? security_file_alloc+0x34/0x2b0 [ 1181.300186][T23735] security_file_alloc+0x34/0x2b0 [ 1181.300231][T23735] init_file+0x93/0x4c0 [ 1181.300270][T23735] alloc_empty_file+0x73/0x1e0 [ 1181.300312][T23735] path_openat+0xe0/0x2d40 [ 1181.300339][T23735] ? __x64_sys_openat+0x174/0x210 [ 1181.300382][T23735] ? do_syscall_64+0xcd/0x230 [ 1181.300425][T23735] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1181.300474][T23735] ? __pfx_path_openat+0x10/0x10 [ 1181.300516][T23735] do_filp_open+0x20b/0x470 [ 1181.300548][T23735] ? __pfx_do_filp_open+0x10/0x10 [ 1181.300610][T23735] ? alloc_fd+0x471/0x7d0 [ 1181.300669][T23735] do_sys_openat2+0x11b/0x1d0 [ 1181.300713][T23735] ? __pfx_do_sys_openat2+0x10/0x10 [ 1181.300771][T23735] __x64_sys_openat+0x174/0x210 [ 1181.300817][T23735] ? __pfx___x64_sys_openat+0x10/0x10 [ 1181.300870][T23735] ? do_user_addr_fault+0x843/0x1370 [ 1181.300914][T23735] do_syscall_64+0xcd/0x230 [ 1181.300962][T23735] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1181.301006][T23735] RIP: 0033:0x7f497798d2d0 [ 1181.301033][T23735] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 1181.301066][T23735] RSP: 002b:00007f4978880f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1181.301097][T23735] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f497798d2d0 [ 1181.301118][T23735] RDX: 0000000000000002 RSI: 00007f4978880fa0 RDI: 00000000ffffff9c [ 1181.301138][T23735] RBP: 00007f4978880fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1181.301157][T23735] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1181.301176][T23735] R13: 0000000000000000 R14: 00007f4977bb6080 R15: 00007ffd3b3207a8 [ 1181.301217][T23735] [ 1181.301240][ C1] vkms_vblank_simulate: vblank timer overrun [ 1181.535506][ C1] vkms_vblank_simulate: vblank timer overrun [ 1185.505261][T23835] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4300'. [ 1185.587165][T23834] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4299'. [ 1185.619382][T23834] dummy0: entered promiscuous mode [ 1186.245482][ T31] audit: type=1800 audit(4294967397.389:41): pid=23849 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.4305" name="features" dev="configfs" ino=92096 res=0 errno=0 [ 1186.766103][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1186.772562][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1192.753357][T23934] netlink: 146 bytes leftover after parsing attributes in process `syz.3.4329'. [ 1193.696158][T23949] FAULT_INJECTION: forcing a failure. [ 1193.696158][T23949] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1193.710264][T23949] CPU: 0 UID: 0 PID: 23949 Comm: syz.2.4335 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1193.710318][T23949] Tainted: [U]=USER [ 1193.710330][T23949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1193.710350][T23949] Call Trace: [ 1193.710362][T23949] [ 1193.710375][T23949] dump_stack_lvl+0x16c/0x1f0 [ 1193.710424][T23949] should_fail_ex+0x512/0x640 [ 1193.710476][T23949] _copy_from_iter+0x2a4/0x15b0 [ 1193.710549][T23949] ? policy_nodemask+0xea/0x4e0 [ 1193.710594][T23949] ? __pfx__copy_from_iter+0x10/0x10 [ 1193.710645][T23949] ? alloc_pages_mpol+0x25a/0x550 [ 1193.710686][T23949] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1193.710737][T23949] copy_page_from_iter+0xa5/0x120 [ 1193.710791][T23949] anon_pipe_write+0xbe7/0x1a70 [ 1193.710843][T23949] ? __pfx_anon_pipe_write+0x10/0x10 [ 1193.710880][T23949] ? apparmor_file_permission+0x251/0x400 [ 1193.710920][T23949] ? bpf_lsm_file_permission+0x9/0x10 [ 1193.710969][T23949] ? security_file_permission+0x71/0x210 [ 1193.711013][T23949] ? rw_verify_area+0xcf/0x680 [ 1193.711082][T23949] vfs_write+0x5ba/0x1180 [ 1193.711115][T23949] ? __pfx_anon_pipe_write+0x10/0x10 [ 1193.711155][T23949] ? __pfx_vfs_write+0x10/0x10 [ 1193.711182][T23949] ? find_held_lock+0x2b/0x80 [ 1193.711240][T23949] ksys_write+0x205/0x240 [ 1193.711271][T23949] ? __pfx_ksys_write+0x10/0x10 [ 1193.711300][T23949] ? rcu_is_watching+0x12/0xc0 [ 1193.711343][T23949] do_syscall_64+0xcd/0x230 [ 1193.711392][T23949] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1193.711426][T23949] RIP: 0033:0x7f5124d8e969 [ 1193.711452][T23949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1193.711484][T23949] RSP: 002b:00007f5125b2a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1193.711515][T23949] RAX: ffffffffffffffda RBX: 00007f5124fb5fa0 RCX: 00007f5124d8e969 [ 1193.711536][T23949] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 1193.711555][T23949] RBP: 00007f5124e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1193.711574][T23949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1193.711592][T23949] R13: 0000000000000000 R14: 00007f5124fb5fa0 R15: 00007fffc8b4a718 [ 1193.711635][T23949] [ 1194.729627][T23966] FAULT_INJECTION: forcing a failure. [ 1194.729627][T23966] name failslab, interval 1, probability 0, space 0, times 0 [ 1194.778607][T23966] CPU: 0 UID: 0 PID: 23966 Comm: syz.2.4337 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1194.778670][T23966] Tainted: [U]=USER [ 1194.778681][T23966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1194.778701][T23966] Call Trace: [ 1194.778712][T23966] [ 1194.778726][T23966] dump_stack_lvl+0x16c/0x1f0 [ 1194.778788][T23966] should_fail_ex+0x512/0x640 [ 1194.778834][T23966] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1194.778879][T23966] should_failslab+0xc2/0x120 [ 1194.778926][T23966] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1194.778966][T23966] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 1194.779012][T23966] hugetlbfs_alloc_inode+0x8c/0x1d0 [ 1194.779049][T23966] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 1194.779087][T23966] alloc_inode+0x61/0x240 [ 1194.779128][T23966] new_inode+0x22/0x1c0 [ 1194.779171][T23966] hugetlbfs_get_inode+0x354/0x730 [ 1194.779218][T23966] hugetlb_file_setup+0x15b/0x620 [ 1194.779265][T23966] ksys_mmap_pgoff+0x189/0x5c0 [ 1194.779314][T23966] ? rcu_is_watching+0x12/0xc0 [ 1194.779350][T23966] __x64_sys_mmap+0x125/0x190 [ 1194.779385][T23966] do_syscall_64+0xcd/0x230 [ 1194.779434][T23966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1194.779467][T23966] RIP: 0033:0x7f5124d8e969 [ 1194.779494][T23966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1194.779528][T23966] RSP: 002b:00007f5125b2a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1194.779559][T23966] RAX: ffffffffffffffda RBX: 00007f5124fb5fa0 RCX: 00007f5124d8e969 [ 1194.779581][T23966] RDX: 00004000000000df RSI: 0000000000200004 RDI: 0000000000000000 [ 1194.779602][T23966] RBP: 00007f5124e10ab1 R08: ffffffffffffffff R09: 0000300004000000 [ 1194.779624][T23966] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 1194.779643][T23966] R13: 0000000000000000 R14: 00007f5124fb5fa0 R15: 00007fffc8b4a718 [ 1194.779685][T23966] [ 1195.283434][T23971] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4339'. [ 1196.162638][T23938] Process accounting paused [ 1196.183371][T23985] net_ratelimit: 19 callbacks suppressed [ 1196.183396][T23985] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1197.734754][T17886] EXT4-fs (sda1): Delayed block allocation failed for inode 1931 at logical offset 8 with max blocks 1 with error 117 [ 1197.748288][T17886] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1197.748288][T17886] [ 1198.695835][T24034] FAULT_INJECTION: forcing a failure. [ 1198.695835][T24034] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1198.825317][T24034] CPU: 0 UID: 0 PID: 24034 Comm: syz.0.4350 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1198.825365][T24034] Tainted: [U]=USER [ 1198.825375][T24034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1198.825392][T24034] Call Trace: [ 1198.825402][T24034] [ 1198.825415][T24034] dump_stack_lvl+0x16c/0x1f0 [ 1198.825460][T24034] should_fail_ex+0x512/0x640 [ 1198.825512][T24034] _copy_from_user+0x2e/0xd0 [ 1198.825561][T24034] copy_msghdr_from_user+0x98/0x160 [ 1198.825598][T24034] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1198.825640][T24034] ? kfree+0x252/0x4d0 [ 1198.825686][T24034] ? __pfx__kstrtoull+0x10/0x10 [ 1198.825730][T24034] ___sys_sendmsg+0xfe/0x1d0 [ 1198.825766][T24034] ? __pfx____sys_sendmsg+0x10/0x10 [ 1198.825839][T24034] ? __pfx___might_resched+0x10/0x10 [ 1198.825884][T24034] __sys_sendmmsg+0x200/0x420 [ 1198.825925][T24034] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1198.825974][T24034] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1198.826036][T24034] ? fput+0x70/0xf0 [ 1198.826073][T24034] ? ksys_write+0x1b9/0x240 [ 1198.826102][T24034] ? __pfx_ksys_write+0x10/0x10 [ 1198.826130][T24034] ? rcu_is_watching+0x12/0xc0 [ 1198.826167][T24034] __x64_sys_sendmmsg+0x9c/0x100 [ 1198.826201][T24034] ? lockdep_hardirqs_on+0x7c/0x110 [ 1198.826240][T24034] do_syscall_64+0xcd/0x230 [ 1198.826287][T24034] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1198.826331][T24034] RIP: 0033:0x7f497798e969 [ 1198.826356][T24034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1198.826388][T24034] RSP: 002b:00007f49788a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1198.826418][T24034] RAX: ffffffffffffffda RBX: 00007f4977bb5fa0 RCX: 00007f497798e969 [ 1198.826440][T24034] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 1198.826459][T24034] RBP: 00007f49788a2090 R08: 0000000000000000 R09: 0000000000000000 [ 1198.826478][T24034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1198.826495][T24034] R13: 0000000000000000 R14: 00007f4977bb5fa0 R15: 00007ffd3b3207a8 [ 1198.826534][T24034] [ 1204.777162][T24145] FAULT_INJECTION: forcing a failure. [ 1204.777162][T24145] name failslab, interval 1, probability 0, space 0, times 0 [ 1204.811666][T24143] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4377'. [ 1204.908277][T24145] CPU: 1 UID: 0 PID: 24145 Comm: syz.0.4376 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1204.908336][T24145] Tainted: [U]=USER [ 1204.908348][T24145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1204.908369][T24145] Call Trace: [ 1204.908381][T24145] [ 1204.908395][T24145] dump_stack_lvl+0x16c/0x1f0 [ 1204.908446][T24145] should_fail_ex+0x512/0x640 [ 1204.908491][T24145] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1204.908549][T24145] should_failslab+0xc2/0x120 [ 1204.908590][T24145] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1204.908645][T24145] ? ima_calc_file_hash_tfm+0x29f/0x3d0 [ 1204.908706][T24145] ima_calc_file_hash_tfm+0x29f/0x3d0 [ 1204.908762][T24145] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 1204.908873][T24145] ? stack_trace_save+0x8e/0xc0 [ 1204.908912][T24145] ? ima_alloc_tfm+0x21a/0x2e0 [ 1204.908962][T24145] ? generic_fillattr+0x6bf/0x940 [ 1204.909006][T24145] ima_calc_file_hash+0x1ba/0x490 [ 1204.909062][T24145] ima_collect_measurement+0x897/0xa40 [ 1204.909107][T24145] ? __pfx_ima_collect_measurement+0x10/0x10 [ 1204.909166][T24145] ? trace_contention_end+0xdd/0x130 [ 1204.909213][T24145] ? __mutex_lock+0x1ca/0xb90 [ 1204.909256][T24145] ? is_bad_inode+0xd/0x40 [ 1204.909301][T24145] ? xattr_resolve_name+0x27b/0x3f0 [ 1204.909358][T24145] ? vfs_getxattr_alloc+0xec/0x340 [ 1204.909419][T24145] ? ima_get_hash_algo+0x27c/0x400 [ 1204.909465][T24145] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1204.909520][T24145] ? process_measurement+0x11fa/0x23e0 [ 1204.909567][T24145] process_measurement+0x11fa/0x23e0 [ 1204.909631][T24145] ? __pfx_process_measurement+0x10/0x10 [ 1204.909679][T24145] ? __lock_acquire+0x5ca/0x1ba0 [ 1204.909725][T24145] ? init_file+0x93/0x4c0 [ 1204.909760][T24145] ? alloc_empty_file+0x73/0x1e0 [ 1204.909799][T24145] ? hugetlb_file_setup+0x4cd/0x620 [ 1204.909837][T24145] ? ksys_mmap_pgoff+0x189/0x5c0 [ 1204.909892][T24145] ? __x64_sys_mmap+0x125/0x190 [ 1204.909984][T24145] ima_file_mmap+0x1b1/0x1d0 [ 1204.910034][T24145] ? __pfx_ima_file_mmap+0x10/0x10 [ 1204.910096][T24145] security_mmap_file+0x88c/0x990 [ 1204.910142][T24145] vm_mmap_pgoff+0xec/0x450 [ 1204.910195][T24145] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1204.910239][T24145] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1204.910283][T24145] ? hugetlbfs_get_inode+0x31f/0x730 [ 1204.910337][T24145] ksys_mmap_pgoff+0x1c8/0x5c0 [ 1204.910383][T24145] ? rcu_is_watching+0x12/0xc0 [ 1204.910418][T24145] __x64_sys_mmap+0x125/0x190 [ 1204.910455][T24145] do_syscall_64+0xcd/0x230 [ 1204.910504][T24145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1204.910538][T24145] RIP: 0033:0x7f497798e969 [ 1204.910566][T24145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1204.910599][T24145] RSP: 002b:00007f49788a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1204.910630][T24145] RAX: ffffffffffffffda RBX: 00007f4977bb5fa0 RCX: 00007f497798e969 [ 1204.910652][T24145] RDX: 00004000000000df RSI: 0000000000200004 RDI: 0000000000000000 [ 1204.910672][T24145] RBP: 00007f4977a10ab1 R08: ffffffffffffffff R09: 0000300004000000 [ 1204.910693][T24145] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 1204.910713][T24145] R13: 0000000000000000 R14: 00007f4977bb5fa0 R15: 00007ffd3b3207a8 [ 1204.910755][T24145] [ 1204.913186][ T31] audit: type=1800 audit(4294968439.164:42): pid=24145 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4376" name="anon_hugepage" dev="hugetlbfs" ino=92866 res=0 errno=0 [ 1205.397176][T24143] bond0: (slave bond_slave_1): Releasing backup interface [ 1208.295702][T24196] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4389'. [ 1208.405290][T24197] kernel read not supported for file /set_event_notrace_pid (pid: 24197 comm: syz.4.4389) [ 1208.417834][ T31] audit: type=1800 audit(4294968442.690:43): pid=24197 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.4389" name="set_event_notrace_pid" dev="tracefs" ino=12 res=0 errno=0 [ 1208.733509][T24206] FAULT_INJECTION: forcing a failure. [ 1208.733509][T24206] name failslab, interval 1, probability 0, space 0, times 0 [ 1208.751819][T24206] CPU: 1 UID: 0 PID: 24206 Comm: syz.2.4392 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1208.751885][T24206] Tainted: [U]=USER [ 1208.751896][T24206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1208.751915][T24206] Call Trace: [ 1208.751926][T24206] [ 1208.751939][T24206] dump_stack_lvl+0x16c/0x1f0 [ 1208.751989][T24206] should_fail_ex+0x512/0x640 [ 1208.752036][T24206] ? fs_reclaim_acquire+0xae/0x150 [ 1208.752094][T24206] should_failslab+0xc2/0x120 [ 1208.752136][T24206] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1208.752175][T24206] ? security_inode_alloc+0x3b/0x2b0 [ 1208.752217][T24206] security_inode_alloc+0x3b/0x2b0 [ 1208.752254][T24206] inode_init_always_gfp+0xce4/0x1030 [ 1208.752323][T24206] alloc_inode+0x86/0x240 [ 1208.752364][T24206] new_inode+0x22/0x1c0 [ 1208.752408][T24206] hugetlbfs_get_inode+0x354/0x730 [ 1208.752456][T24206] hugetlb_file_setup+0x15b/0x620 [ 1208.752500][T24206] ksys_mmap_pgoff+0x189/0x5c0 [ 1208.752549][T24206] ? rcu_is_watching+0x12/0xc0 [ 1208.752583][T24206] __x64_sys_mmap+0x125/0x190 [ 1208.752620][T24206] do_syscall_64+0xcd/0x230 [ 1208.752669][T24206] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1208.752702][T24206] RIP: 0033:0x7f5124d8e969 [ 1208.752729][T24206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1208.752762][T24206] RSP: 002b:00007f5125b2a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1208.752792][T24206] RAX: ffffffffffffffda RBX: 00007f5124fb5fa0 RCX: 00007f5124d8e969 [ 1208.752815][T24206] RDX: 00004000000000df RSI: 0000000000200004 RDI: 0000000000000000 [ 1208.752835][T24206] RBP: 00007f5124e10ab1 R08: ffffffffffffffff R09: 0000300004000000 [ 1208.752862][T24206] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 1208.752883][T24206] R13: 0000000000000000 R14: 00007f5124fb5fa0 R15: 00007fffc8b4a718 [ 1208.752925][T24206] [ 1210.038112][T24227] zram: Removed device: zram0 [ 1210.422126][T24240] netlink: 198 bytes leftover after parsing attributes in process `syz.0.4403'. [ 1210.433720][T24240] FAULT_INJECTION: forcing a failure. [ 1210.433720][T24240] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1210.453597][T24240] CPU: 0 UID: 0 PID: 24240 Comm: syz.0.4403 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1210.453652][T24240] Tainted: [U]=USER [ 1210.453664][T24240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1210.453690][T24240] Call Trace: [ 1210.453701][T24240] [ 1210.453714][T24240] dump_stack_lvl+0x16c/0x1f0 [ 1210.453761][T24240] should_fail_ex+0x512/0x640 [ 1210.453811][T24240] _copy_from_user+0x2e/0xd0 [ 1210.453857][T24240] copy_msghdr_from_user+0x98/0x160 [ 1210.453893][T24240] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1210.453934][T24240] ? kfree+0x252/0x4d0 [ 1210.453979][T24240] ? __pfx__kstrtoull+0x10/0x10 [ 1210.454021][T24240] ___sys_sendmsg+0xfe/0x1d0 [ 1210.454057][T24240] ? __pfx____sys_sendmsg+0x10/0x10 [ 1210.454128][T24240] ? __pfx___might_resched+0x10/0x10 [ 1210.454171][T24240] __sys_sendmmsg+0x200/0x420 [ 1210.454210][T24240] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1210.454258][T24240] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1210.454318][T24240] ? fput+0x70/0xf0 [ 1210.454356][T24240] ? ksys_write+0x1b9/0x240 [ 1210.454384][T24240] ? __pfx_ksys_write+0x10/0x10 [ 1210.454411][T24240] ? rcu_is_watching+0x12/0xc0 [ 1210.454448][T24240] __x64_sys_sendmmsg+0x9c/0x100 [ 1210.454482][T24240] ? lockdep_hardirqs_on+0x7c/0x110 [ 1210.454522][T24240] do_syscall_64+0xcd/0x230 [ 1210.454567][T24240] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1210.454598][T24240] RIP: 0033:0x7f497798e969 [ 1210.454627][T24240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1210.454657][T24240] RSP: 002b:00007f49788a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1210.454694][T24240] RAX: ffffffffffffffda RBX: 00007f4977bb5fa0 RCX: 00007f497798e969 [ 1210.454714][T24240] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000003 [ 1210.454733][T24240] RBP: 00007f49788a2090 R08: 0000000000000000 R09: 0000000000000000 [ 1210.454751][T24240] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000002 [ 1210.454770][T24240] R13: 0000000000000000 R14: 00007f4977bb5fa0 R15: 00007ffd3b3207a8 [ 1210.454809][T24240] [ 1218.424581][T24382] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4434'. [ 1218.447574][T24382] netlink: 29 bytes leftover after parsing attributes in process `syz.2.4434'. [ 1219.512165][T24420] binder: 24419:24420 ioctl 40046210 0 returned -14 [ 1220.771913][T24453] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4448'. [ 1221.220656][T24466] ima: policy update failed [ 1221.231882][ T31] audit: type=1802 audit(4294968455.561:44): pid=24466 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.4451" res=0 errno=0 [ 1221.308560][T24463] netlink: 222 bytes leftover after parsing attributes in process `syz.3.4450'. [ 1222.650005][T24503] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7f3348a5f pfn:0x78400 [ 1222.684114][T24503] head: order:7 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1222.724612][T24503] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 1222.877944][T24503] page_type: f8(unknown) [ 1222.885436][T24503] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000 [ 1222.937017][T24503] raw: 00000007f3348a5f 0000000000000000 00000001f8000000 0000000000000000 [ 1223.153781][T24503] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000 [ 1223.256145][T24503] head: 00000007f3348a5f 0000000000000000 00000001f8000000 0000000000000000 [ 1223.356132][T24503] head: 00fff00000000007 ffffea0001e10001 00000000ffffffff 00000000ffffffff [ 1223.530237][T24503] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000080 [ 1223.624450][T24503] page dumped because: unmovable page [ 1223.684167][T24503] page_owner tracks the page as allocated [ 1223.720322][T24503] page last allocated via order 7, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_ZERO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 14878, tgid 14877 (syz.0.2121), ts 664453233167, free_ts 661181189078 [ 1223.759751][T24503] post_alloc_hook+0x181/0x1b0 [ 1223.795219][T24503] get_page_from_freelist+0x135c/0x3920 [ 1223.825694][T24503] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 1223.848944][T24503] __alloc_pages_noprof+0xb/0x1b0 [ 1223.889354][T24503] ___kmalloc_large_node+0x82/0x1e0 [ 1223.903177][T24503] __kmalloc_large_node_noprof+0x1c/0x70 [ 1223.956101][T24503] __kvmalloc_node_noprof.cold+0xb/0x65 [ 1223.961765][T24503] ieee80211_txq_setup_flows+0x19c/0xaf0 [ 1223.968443][T24503] ieee80211_register_hw+0x2062/0x4020 [ 1223.974451][T24503] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 1223.980428][T24503] hwsim_new_radio_nl+0xb51/0x12c0 [ 1223.994170][T24503] genl_family_rcv_msg_doit+0x206/0x2f0 [ 1223.999974][T24503] genl_rcv_msg+0x55c/0x800 [ 1224.005691][T24503] netlink_rcv_skb+0x16a/0x440 [ 1224.011440][T24503] genl_rcv+0x28/0x40 [ 1224.016457][T24503] netlink_unicast+0x53a/0x7f0 [ 1224.023501][T24503] page last free pid 14799 tgid 14793 stack trace: [ 1224.030443][T24503] __free_frozen_pages+0x69d/0xff0 [ 1224.036553][T24503] kimage_free_page_list+0x130/0x230 [ 1224.042122][T24503] kimage_alloc_control_pages+0x3b3/0x910 [ 1224.049064][T24503] do_kexec_load+0x480/0x8d0 [ 1224.054360][T24503] __x64_sys_kexec_load+0x1bf/0x230 [ 1224.059805][T24503] do_syscall_64+0xcd/0x230 [ 1224.067408][T24503] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1224.249677][T24577] netlink: 338 bytes leftover after parsing attributes in process `syz.4.4464'. [ 1225.029525][T24608] binder: 24606:24608 ioctl 40046210 0 returned -14 [ 1226.450079][T24632] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4476'. [ 1227.382665][T24646] sctp: [Deprecated]: syz.3.4479 (pid 24646) Use of int in max_burst socket option deprecated. [ 1227.382665][T24646] Use struct sctp_assoc_value instead [ 1228.506399][T24625] Process accounting resumed [ 1228.880056][T24669] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4484'. [ 1228.917464][T24669] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4484'. [ 1229.045245][T24680] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4487'. [ 1229.528614][T24685] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4489'. [ 1230.465391][T24703] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4494'. [ 1232.606064][T24746] netlink: 342 bytes leftover after parsing attributes in process `syz.4.4504'. [ 1233.403950][T21627] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 1233.403999][T21627] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 1233.419809][T21627] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 1233.419893][T21627] Bluetooth: hci3: adv larger than maximum supported [ 1233.428137][T21627] Bluetooth: hci3: Malformed LE Event: 0x0d [ 1233.856651][T24763] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4506'. [ 1236.714723][T24832] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4529'. [ 1238.691629][T24871] ptrace attach of "./syz-executor exec"[15891] was attempted by "./syz-executor exec"[24871] [ 1239.545781][ T5838] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1239.559393][ T5838] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1239.568449][ T5838] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1239.576848][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1239.586850][ T5838] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1240.702603][T24519] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1240.938376][T24519] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1241.112347][T24519] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1241.299650][T24519] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1241.391399][T24886] chnl_net:caif_netlink_parms(): no params data found [ 1241.406785][T24913] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4550'. [ 1241.673684][ T5838] Bluetooth: hci0: command tx timeout [ 1242.114052][T24886] bridge0: port 1(bridge_slave_0) entered blocking state [ 1242.147505][T24886] bridge0: port 1(bridge_slave_0) entered disabled state [ 1242.163374][T24886] bridge_slave_0: entered allmulticast mode [ 1242.180477][T24886] bridge_slave_0: entered promiscuous mode [ 1242.197399][T24519] bridge_slave_0: left allmulticast mode [ 1242.216874][T24519] bridge_slave_0: left promiscuous mode [ 1242.241020][T24519] bridge0: port 1(bridge_slave_0) entered disabled state [ 1243.499952][T24519] bond0 (unregistering): Released all slaves [ 1243.514996][T24886] bridge0: port 2(bridge_slave_1) entered blocking state [ 1243.522192][T24886] bridge0: port 2(bridge_slave_1) entered disabled state [ 1243.529596][T24886] bridge_slave_1: entered allmulticast mode [ 1243.537706][T24886] bridge_slave_1: entered promiscuous mode [ 1243.651528][T24519] HfR: left promiscuous mode [ 1243.704528][T24886] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1243.725472][T24886] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1243.743211][ T5838] Bluetooth: hci0: command tx timeout [ 1243.936214][T24947] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1243.944802][T24947] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1243.951154][T24947] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1243.961676][T24947] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1243.979420][T24947] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1243.986331][T24947] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1243.999373][T24947] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1244.004039][T24886] team0: Port device team_slave_0 added [ 1244.066352][T24886] team0: Port device team_slave_1 added [ 1244.197050][T24519] hsr_slave_0: left promiscuous mode [ 1244.212771][T24519] hsr_slave_1: left promiscuous mode [ 1244.218776][T24519] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1244.226573][T24519] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1244.236303][T24519] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1244.244035][T24519] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1244.263402][T24519] veth1_macvtap: left promiscuous mode [ 1244.268987][T24519] veth0_macvtap: left promiscuous mode [ 1244.274994][T24519] veth1_vlan: left promiscuous mode [ 1244.280478][T24519] veth0_vlan: left promiscuous mode [ 1244.742094][T24954] netlink: 29 bytes leftover after parsing attributes in process `syz.2.4560'. [ 1244.915521][T24519] team0 (unregistering): Port device team_slave_1 removed [ 1245.002287][T24519] team0 (unregistering): Port device team_slave_0 removed [ 1245.490459][T24886] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1245.503664][T24886] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1245.551997][T24886] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1245.565652][T24886] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1245.572667][T24886] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1245.598719][T24886] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1245.652936][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 1245.821312][T24886] hsr_slave_0: entered promiscuous mode [ 1245.837459][T24886] hsr_slave_1: entered promiscuous mode [ 1245.971590][ T5838] Bluetooth: hci0: command 0x0419 tx timeout [ 1245.979390][ T5838] Bluetooth: hci4: command 0x0c1a tx timeout [ 1245.980118][T21627] Bluetooth: hci1: command 0x0c1a tx timeout [ 1247.583443][T24886] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1247.617176][T24886] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1247.631048][T24886] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1247.710601][T24886] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1247.889717][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1247.899071][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1248.044603][T24965] Bluetooth: hci4: command 0x0c1a tx timeout [ 1248.044612][ T5141] Bluetooth: hci0: command 0x0419 tx timeout [ 1248.236356][T24886] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1248.340885][T24886] 8021q: adding VLAN 0 to HW filter on device team0 [ 1248.364334][T24572] bridge0: port 1(bridge_slave_0) entered blocking state [ 1248.371636][T24572] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1248.427790][T24554] bridge0: port 2(bridge_slave_1) entered blocking state [ 1248.435099][T24554] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1248.570882][T25021] kernel read not supported for file /\*)A (pid: 25021 comm: syz.0.4573) [ 1248.586065][ T31] audit: type=1800 audit(4294968483.059:45): pid=25021 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4573" name="\*)A" dev="mqueue" ino=97222 res=0 errno=0 [ 1249.418015][T24886] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1250.109524][T24965] Bluetooth: hci0: command 0x0419 tx timeout [ 1250.734188][T24886] veth0_vlan: entered promiscuous mode [ 1250.893421][T24886] veth1_vlan: entered promiscuous mode [ 1251.126671][T25082] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4581'. [ 1251.387164][T24886] veth0_macvtap: entered promiscuous mode [ 1251.400029][T24886] veth1_macvtap: entered promiscuous mode [ 1251.423421][T24886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1251.434152][T24886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1251.445165][T24886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1251.458335][T24886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1251.470284][T24886] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1251.481596][T24886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1251.492583][T24886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1251.503643][T24886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1251.515546][T24886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1251.525887][T24886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1251.536954][T24886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1251.549844][T24886] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1251.581153][T24886] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1251.600427][T24886] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1251.628505][T24886] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1251.643105][T24886] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1252.107252][T24556] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1252.127341][T24556] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1252.178910][T24965] Bluetooth: hci0: command 0x0419 tx timeout [ 1252.323392][T24554] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1252.380925][T24554] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1255.424800][T25175] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1255.448007][T25175] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1255.517962][T25175] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1255.527523][T25175] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1255.565924][T25176] kernel read not supported for file /\*)A (pid: 25176 comm: syz.3.4600) [ 1255.590770][ T31] audit: type=1800 audit(4294968490.095:46): pid=25176 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4600" name="\*)A" dev="mqueue" ino=70088 res=0 errno=0 [ 1256.786365][T24572] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1257.007878][T24572] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1257.042862][ T5141] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1257.068945][ T5141] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1257.078855][ T5141] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1257.093442][ T5141] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1257.102002][ T5141] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1257.447696][T24572] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1257.519020][T24965] Bluetooth: hci1: command 0x0c1a tx timeout [ 1257.525349][ T5141] Bluetooth: hci4: command 0x0c1a tx timeout [ 1257.596982][ T5141] Bluetooth: hci0: command 0x0419 tx timeout [ 1257.733031][T24572] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1257.912860][T25225] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1258.132748][T24572] bridge_slave_0: left allmulticast mode [ 1258.139392][T24572] bridge_slave_0: left promiscuous mode [ 1258.159153][T24572] bridge0: port 1(bridge_slave_0) entered disabled state [ 1258.432856][T25218] Process accounting paused [ 1258.858945][T25245] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4615'. [ 1259.192176][ T5141] Bluetooth: hci2: command tx timeout [ 1259.379765][T24572] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1259.392000][T24572] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1259.423910][T24572] bond0 (unregistering): Released all slaves [ 1259.481317][T25212] chnl_net:caif_netlink_parms(): no params data found [ 1259.528248][T24572] HfR: left promiscuous mode [ 1260.295829][T25212] bridge0: port 1(bridge_slave_0) entered blocking state [ 1260.318754][T25212] bridge0: port 1(bridge_slave_0) entered disabled state [ 1260.326109][T25212] bridge_slave_0: entered allmulticast mode [ 1260.341890][T25212] bridge_slave_0: entered promiscuous mode [ 1260.362247][T25212] bridge0: port 2(bridge_slave_1) entered blocking state [ 1260.407671][T25212] bridge0: port 2(bridge_slave_1) entered disabled state [ 1260.420296][T25212] bridge_slave_1: entered allmulticast mode [ 1260.448464][T25212] bridge_slave_1: entered promiscuous mode [ 1260.618850][T24572] hsr_slave_0: left promiscuous mode [ 1260.625829][T24572] hsr_slave_1: left promiscuous mode [ 1260.669763][T24572] veth0_macvtap: left promiscuous mode [ 1260.685749][T24572] veth1_vlan: left promiscuous mode [ 1261.258460][ T5141] Bluetooth: hci2: command tx timeout [ 1262.148380][T24572] team0 (unregistering): Port device team_slave_1 removed [ 1262.379142][T24572] team0 (unregistering): Port device team_slave_0 removed [ 1263.320859][ T5141] Bluetooth: hci2: command tx timeout [ 1263.911894][T25212] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1263.960548][T25212] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1264.212317][T25212] team0: Port device team_slave_0 added [ 1264.286589][T25212] team0: Port device team_slave_1 added [ 1264.430404][T25212] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1264.455273][T25212] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1264.546987][T25212] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1264.631824][T25212] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1264.653854][T25212] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1264.753291][T25212] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1265.036150][T25212] hsr_slave_0: entered promiscuous mode [ 1265.057810][T25212] hsr_slave_1: entered promiscuous mode [ 1265.089826][T25212] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1265.112329][T25212] Cannot create hsr debugfs directory [ 1265.398988][ T5141] Bluetooth: hci2: command tx timeout [ 1265.721220][T24572] EXT4-fs (sda1): Delayed block allocation failed for inode 1934 at logical offset 928 with max blocks 1 with error 117 [ 1265.739691][T24572] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1265.739691][T24572] [ 1267.478057][T25360] kernel read not supported for file /\*)A (pid: 25360 comm: syz.0.4632) [ 1267.536420][ T31] audit: type=1800 audit(4294970549.102:47): pid=25360 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4632" name="\*)A" dev="mqueue" ino=97222 res=0 errno=0 [ 1268.815314][T25383] FAULT_INJECTION: forcing a failure. [ 1268.815314][T25383] name failslab, interval 1, probability 0, space 0, times 0 [ 1268.842849][T25383] CPU: 0 UID: 0 PID: 25383 Comm: syz.2.4636 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1268.842905][T25383] Tainted: [U]=USER [ 1268.842917][T25383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1268.842937][T25383] Call Trace: [ 1268.842949][T25383] [ 1268.842961][T25383] dump_stack_lvl+0x16c/0x1f0 [ 1268.843011][T25383] should_fail_ex+0x512/0x640 [ 1268.843055][T25383] ? __kvmalloc_node_noprof+0x122/0x600 [ 1268.843092][T25383] should_failslab+0xc2/0x120 [ 1268.843130][T25383] __kvmalloc_node_noprof+0x135/0x600 [ 1268.843165][T25383] ? io_alloc_cache_init+0x33/0x170 [ 1268.843196][T25383] ? ext4_expand_extra_isize_ea+0xee0/0x1ab0 [ 1268.843249][T25383] ? io_alloc_cache_init+0x33/0x170 [ 1268.843279][T25383] io_alloc_cache_init+0x33/0x170 [ 1268.843312][T25383] io_uring_setup+0x5ff/0x1ff0 [ 1268.843357][T25383] ? __pfx_io_uring_setup+0x10/0x10 [ 1268.843394][T25383] ? do_futex+0x122/0x350 [ 1268.843429][T25383] ? __pfx_do_futex+0x10/0x10 [ 1268.843483][T25383] ? rcu_is_watching+0x12/0xc0 [ 1268.843519][T25383] __x64_sys_io_uring_setup+0xc2/0x170 [ 1268.843561][T25383] do_syscall_64+0xcd/0x230 [ 1268.843609][T25383] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1268.843643][T25383] RIP: 0033:0x7f5124d8e969 [ 1268.843670][T25383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1268.843701][T25383] RSP: 002b:00007f5122bd5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1268.843730][T25383] RAX: ffffffffffffffda RBX: 00007f5124fb6160 RCX: 00007f5124d8e969 [ 1268.843764][T25383] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002 [ 1268.843783][T25383] RBP: 00007f5124e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1268.843804][T25383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1268.843824][T25383] R13: 0000000000000000 R14: 00007f5124fb6160 R15: 00007fffc8b4a718 [ 1268.843866][T25383] [ 1268.849613][T25383] sctp: [Deprecated]: syz.2.4636 (pid 25383) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1268.849613][T25383] Use struct sctp_sack_info instead [ 1269.015166][T25212] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1269.099041][T25212] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1269.170387][T25212] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1269.205179][T25212] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1269.442970][T25212] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1269.493817][T25212] 8021q: adding VLAN 0 to HW filter on device team0 [ 1269.523711][T24525] bridge0: port 1(bridge_slave_0) entered blocking state [ 1269.531002][T24525] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1269.574435][T24514] bridge0: port 2(bridge_slave_1) entered blocking state [ 1269.581695][T24514] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1269.930115][T25399] binder: 25391:25399 ioctl 4030582b 6 returned -22 [ 1270.192916][T25212] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1270.225249][T25389] kernel read not supported for file /\*)A (pid: 25389 comm: syz.4.4637) [ 1270.250371][ T31] audit: type=1800 audit(4294970551.836:48): pid=25389 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.4637" name="\*)A" dev="mqueue" ino=99313 res=0 errno=0 [ 1270.933742][T25212] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1271.188963][T25212] veth0_vlan: entered promiscuous mode [ 1271.505888][T25212] veth1_vlan: entered promiscuous mode [ 1271.929428][T25212] veth0_macvtap: entered promiscuous mode [ 1271.960483][T25212] veth1_macvtap: entered promiscuous mode [ 1272.057220][T25212] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1272.090819][T25212] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1272.122110][T25212] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1272.155750][T25212] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1272.197523][T25212] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1272.238222][T25212] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1272.278601][T25212] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1272.336358][T25212] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1272.373796][T25212] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1272.412290][T25212] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1272.444957][T25212] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1272.463268][T25212] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1272.503064][T25212] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1272.555157][T25212] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1272.612752][T25212] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1272.682146][T25212] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1272.726311][T25212] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1273.289781][T25212] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1273.299235][T25212] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1273.308007][T25212] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1274.310759][T24528] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1274.385258][T24528] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1274.485232][T25477] binder: 25474:25477 ioctl 4030582b 6 returned -22 [ 1274.647716][T24514] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1274.671732][T24514] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1279.986773][T25578] netlink: 342 bytes leftover after parsing attributes in process `syz.4.4661'. [ 1281.525868][T25599] bond0: option primary_reselect: invalid value ())) [ 1282.228860][T25612] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4671'. [ 1282.290607][T25612] mac80211_hwsim hwsim53 wlan1: entered allmulticast mode [ 1282.330039][T25621] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4673'. [ 1282.907572][T25621] ptrace attach of "./syz-executor exec"[16074] was attempted by "./syz-executor exec"[25621] [ 1285.223721][T25683] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4691'. [ 1288.049259][T25734] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4702'. [ 1288.718351][T25746] kernel read not supported for file /\*)A (pid: 25746 comm: syz.3.4706) [ 1288.748869][T25737] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4704'. [ 1288.758731][ T31] audit: type=1800 audit(4294970570.432:49): pid=25746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4706" name="\*)A" dev="mqueue" ino=101782 res=0 errno=0 [ 1288.798020][T25737] team0: left allmulticast mode [ 1288.804650][T25737] team_slave_1: left allmulticast mode [ 1288.822459][T25737] team0: left promiscuous mode [ 1288.827411][T25737] team_slave_0: left promiscuous mode [ 1288.917792][T25737] team_slave_1: left promiscuous mode [ 1288.927504][T25737] bridge0: port 3(team0) entered disabled state [ 1288.970135][T25737] bridge_slave_0: left allmulticast mode [ 1288.979518][T25737] bridge_slave_0: left promiscuous mode [ 1288.987648][T25737] bridge0: port 1(bridge_slave_0) entered disabled state [ 1289.246288][T25751] ima: policy update failed [ 1289.251183][ T31] audit: type=1802 audit(4294970570.935:50): pid=25751 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.4708" res=0 errno=0 [ 1289.666548][T25762] FAULT_INJECTION: forcing a failure. [ 1289.666548][T25762] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1289.764981][T25762] CPU: 1 UID: 0 PID: 25762 Comm: syz.2.4710 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1289.765051][T25762] Tainted: [U]=USER [ 1289.765062][T25762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1289.765081][T25762] Call Trace: [ 1289.765093][T25762] [ 1289.765106][T25762] dump_stack_lvl+0x16c/0x1f0 [ 1289.765168][T25762] should_fail_ex+0x512/0x640 [ 1289.765220][T25762] should_fail_alloc_page+0xe7/0x130 [ 1289.765263][T25762] prepare_alloc_pages+0x3c2/0x610 [ 1289.765314][T25762] ? rcu_is_watching+0x12/0xc0 [ 1289.765350][T25762] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 1289.765389][T25762] ? __kernel_text_address+0xd/0x40 [ 1289.765440][T25762] ? unwind_get_return_address+0x59/0xa0 [ 1289.765478][T25762] ? arch_stack_walk+0xa6/0x100 [ 1289.765530][T25762] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1289.765570][T25762] ? stack_trace_save+0x8e/0xc0 [ 1289.765603][T25762] ? __pfx_stack_trace_save+0x10/0x10 [ 1289.765637][T25762] ? stack_depot_save_flags+0x28/0xa50 [ 1289.765684][T25762] ? find_held_lock+0x2b/0x80 [ 1289.765721][T25762] ? kasan_save_stack+0x42/0x60 [ 1289.765760][T25762] ? __lock_acquire+0xaa4/0x1ba0 [ 1289.765800][T25762] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1289.765848][T25762] ? policy_nodemask+0xea/0x4e0 [ 1289.765892][T25762] alloc_pages_mpol+0x1fb/0x550 [ 1289.765933][T25762] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1289.765971][T25762] ? __page_table_check_ptes_set+0x1ae/0x420 [ 1289.766021][T25762] ? find_held_lock+0x2b/0x80 [ 1289.766059][T25762] alloc_pages_noprof+0x131/0x390 [ 1289.766101][T25762] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 1289.766134][T25762] get_free_pages_noprof+0xc/0x40 [ 1289.766177][T25762] kasan_populate_vmalloc_pte+0x2d/0x160 [ 1289.766211][T25762] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 1289.766244][T25762] __apply_to_page_range+0x617/0xd60 [ 1289.766300][T25762] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 1289.766340][T25762] ? __pfx___apply_to_page_range+0x10/0x10 [ 1289.766390][T25762] ? alloc_vmap_area+0x872/0x2970 [ 1289.766444][T25762] alloc_vmap_area+0x919/0x2970 [ 1289.766508][T25762] ? __pfx_alloc_vmap_area+0x10/0x10 [ 1289.766567][T25762] __get_vm_area_node+0x1a7/0x300 [ 1289.766623][T25762] __vmalloc_node_range_noprof+0x277/0x1540 [ 1289.766678][T25762] ? __do_sys_listmount+0x1c2/0xed0 [ 1289.766738][T25762] ? __do_sys_listmount+0x1c2/0xed0 [ 1289.766793][T25762] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1289.766865][T25762] __kvmalloc_node_noprof+0x2ff/0x600 [ 1289.766899][T25762] ? __do_sys_listmount+0x1c2/0xed0 [ 1289.766946][T25762] ? __do_sys_listmount+0x1c2/0xed0 [ 1289.767022][T25762] ? __do_sys_listmount+0x1c2/0xed0 [ 1289.767087][T25762] __do_sys_listmount+0x1c2/0xed0 [ 1289.767143][T25762] ? __x64_sys_futex+0x1e0/0x4c0 [ 1289.767178][T25762] ? __x64_sys_futex+0x1e9/0x4c0 [ 1289.767215][T25762] ? __pfx___do_sys_listmount+0x10/0x10 [ 1289.767262][T25762] ? xfd_validate_state+0x5d/0x180 [ 1289.767330][T25762] do_syscall_64+0xcd/0x230 [ 1289.767378][T25762] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1289.767411][T25762] RIP: 0033:0x7f5124d8e969 [ 1289.767439][T25762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1289.767472][T25762] RSP: 002b:00007f5122bf6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 1289.767502][T25762] RAX: ffffffffffffffda RBX: 00007f5124fb6080 RCX: 00007f5124d8e969 [ 1289.767524][T25762] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 1289.767544][T25762] RBP: 00007f5124e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1289.767563][T25762] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1289.767582][T25762] R13: 0000000000000000 R14: 00007f5124fb6080 R15: 00007fffc8b4a718 [ 1289.767623][T25762] [ 1290.142074][ C1] vkms_vblank_simulate: vblank timer overrun [ 1290.183030][T25762] syz.2.4710: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 1290.198612][T25762] CPU: 1 UID: 0 PID: 25762 Comm: syz.2.4710 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1290.198669][T25762] Tainted: [U]=USER [ 1290.198681][T25762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1290.198702][T25762] Call Trace: [ 1290.198713][T25762] [ 1290.198726][T25762] dump_stack_lvl+0x16c/0x1f0 [ 1290.198777][T25762] warn_alloc+0x248/0x3a0 [ 1290.198816][T25762] ? __pfx_warn_alloc+0x10/0x10 [ 1290.198854][T25762] ? kfree+0x2b6/0x4d0 [ 1290.198916][T25762] ? __get_vm_area_node+0x1e5/0x300 [ 1290.198975][T25762] __vmalloc_node_range_noprof+0xd31/0x1540 [ 1290.199045][T25762] ? __do_sys_listmount+0x1c2/0xed0 [ 1290.199104][T25762] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1290.199176][T25762] __kvmalloc_node_noprof+0x2ff/0x600 [ 1290.199211][T25762] ? __do_sys_listmount+0x1c2/0xed0 [ 1290.199261][T25762] ? __do_sys_listmount+0x1c2/0xed0 [ 1290.199323][T25762] ? __do_sys_listmount+0x1c2/0xed0 [ 1290.199368][T25762] __do_sys_listmount+0x1c2/0xed0 [ 1290.199422][T25762] ? __x64_sys_futex+0x1e0/0x4c0 [ 1290.199457][T25762] ? __x64_sys_futex+0x1e9/0x4c0 [ 1290.199492][T25762] ? __pfx___do_sys_listmount+0x10/0x10 [ 1290.199541][T25762] ? xfd_validate_state+0x5d/0x180 [ 1290.199611][T25762] do_syscall_64+0xcd/0x230 [ 1290.199660][T25762] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1290.199693][T25762] RIP: 0033:0x7f5124d8e969 [ 1290.199720][T25762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1290.199754][T25762] RSP: 002b:00007f5122bf6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 1290.199786][T25762] RAX: ffffffffffffffda RBX: 00007f5124fb6080 RCX: 00007f5124d8e969 [ 1290.199807][T25762] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 1290.199827][T25762] RBP: 00007f5124e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1290.199846][T25762] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1290.199865][T25762] R13: 0000000000000000 R14: 00007f5124fb6080 R15: 00007fffc8b4a718 [ 1290.199906][T25762] [ 1290.199918][T25762] Mem-Info: [ 1290.416041][T25762] active_anon:25835 inactive_anon:0 isolated_anon:0 [ 1290.416041][T25762] active_file:9254 inactive_file:55118 isolated_file:0 [ 1290.416041][T25762] unevictable:19622 dirty:801 writeback:0 [ 1290.416041][T25762] slab_reclaimable:11961 slab_unreclaimable:103141 [ 1290.416041][T25762] mapped:27234 shmem:6892 pagetables:1066 [ 1290.416041][T25762] sec_pagetables:0 bounce:0 [ 1290.416041][T25762] kernel_misc_reclaimable:0 [ 1290.416041][T25762] free:1280947 free_pcp:494 free_cma:0 [ 1290.418985][T25707] Process accounting resumed [ 1290.461628][ C1] vkms_vblank_simulate: vblank timer overrun [ 1290.462103][T25762] Node 0 active_anon:103340kB inactive_anon:0kB active_file:35652kB inactive_file:212304kB unevictable:76952kB isolated(anon):0kB isolated(file):0kB mapped:107992kB dirty:2804kB writeback:0kB shmem:18768kB shmem_thp:2048kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12740kB pagetables:4264kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 1290.462195][T25762] Node 1 active_anon:0kB inactive_anon:0kB active_file:1364kB inactive_file:8168kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:944kB dirty:400kB writeback:0kB shmem:8800kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 1290.462297][T25762] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1290.507841][ C1] vkms_vblank_simulate: vblank timer overrun [ 1290.540380][ C1] vkms_vblank_simulate: vblank timer overrun [ 1290.567910][ C1] vkms_vblank_simulate: vblank timer overrun [ 1290.588324][T25762] lowmem_reserve[]: 0 2484 2486 2486 2486 [ 1290.598146][T25762] Node 0 DMA32 free:1215960kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB active_anon:103408kB inactive_anon:0kB active_file:35652kB inactive_file:208744kB unevictable:76952kB writepending:2800kB present:3129332kB managed:2544180kB mlocked:0kB bounce:0kB free_pcp:3780kB local_pcp:1036kB free_cma:0kB [ 1290.628828][ C1] vkms_vblank_simulate: vblank timer overrun [ 1290.761503][T25762] lowmem_reserve[]: 0 0 1 1 1 [ 1290.766324][T25762] Node 0 Normal free:28kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:52kB inactive_anon:0kB active_file:0kB inactive_file:1820kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1290.808610][T25762] lowmem_reserve[]: 0 0 0 0 0 [ 1290.813452][T25762] Node 1 Normal free:3892404kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:1364kB inactive_file:8168kB unevictable:1536kB writepending:400kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1290.842808][ C1] vkms_vblank_simulate: vblank timer overrun [ 1290.849215][T25762] lowmem_reserve[]: 0 0 0 0 0 [ 1290.854014][T25762] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 1290.867454][T25762] Node 0 DMA32: 2112*4kB (UME) 959*8kB (UME) 1166*16kB (UME) 1549*32kB (UME) 791*64kB (UME) 499*128kB (UME) 191*256kB (UME) 130*512kB (UME) 73*1024kB (UME) 13*2048kB (UME) 197*4096kB (UM) = 1222584kB [ 1290.908068][T25762] Node 0 Normal: 3*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28kB [ 1290.921776][T25762] Node 1 Normal: 249*4kB (UME) 90*8kB (UME) 62*16kB (UME) 215*32kB (UME) 115*64kB (UME) 37*128kB (UME) 18*256kB (UME) 11*512kB (UME) 6*1024kB (UM) 6*2048kB (UME) 938*4096kB (M) = 3892404kB [ 1290.966993][T25762] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1290.976628][T25762] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 1290.994900][T25762] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1291.016960][T25762] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 1291.025748][T25766] ubi0: attaching mtd0 [ 1291.035728][T25766] ubi0 error: ubi_attach_mtd_dev: bad VID header (63) or data offsets (127) [ 1291.070805][T25766] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4711'. [ 1291.083050][T25762] 83606 total pagecache pages [ 1291.114457][T25762] 1 pages in swap cache [ 1291.139207][T25762] Free swap = 124992kB [ 1291.143465][T25762] Total swap = 124996kB [ 1291.174513][T25762] 2097051 pages RAM [ 1291.174535][T25762] 0 pages HighMem/MovableOnly [ 1291.174550][T25762] 428900 pages reserved [ 1291.174563][T25762] 0 pages cma reserved [ 1291.597278][T25780] FAULT_INJECTION: forcing a failure. [ 1291.597278][T25780] name failslab, interval 1, probability 0, space 0, times 0 [ 1291.615303][T25780] CPU: 0 UID: 0 PID: 25780 Comm: syz.4.4714 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1291.615362][T25780] Tainted: [U]=USER [ 1291.615374][T25780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1291.615394][T25780] Call Trace: [ 1291.615405][T25780] [ 1291.615416][T25780] dump_stack_lvl+0x16c/0x1f0 [ 1291.615467][T25780] should_fail_ex+0x512/0x640 [ 1291.615510][T25780] ? __kvmalloc_node_noprof+0x122/0x600 [ 1291.615549][T25780] should_failslab+0xc2/0x120 [ 1291.615589][T25780] __kvmalloc_node_noprof+0x135/0x600 [ 1291.615626][T25780] ? io_alloc_cache_init+0x33/0x170 [ 1291.615666][T25780] ? io_alloc_cache_init+0x33/0x170 [ 1291.615695][T25780] io_alloc_cache_init+0x33/0x170 [ 1291.615729][T25780] io_uring_setup+0x5e1/0x1ff0 [ 1291.615776][T25780] ? __pfx_io_uring_setup+0x10/0x10 [ 1291.615815][T25780] ? do_futex+0x122/0x350 [ 1291.615852][T25780] ? __pfx_do_futex+0x10/0x10 [ 1291.615887][T25780] ? fd_install+0x225/0x750 [ 1291.615970][T25780] ? rcu_is_watching+0x12/0xc0 [ 1291.616008][T25780] __x64_sys_io_uring_setup+0xc2/0x170 [ 1291.616052][T25780] do_syscall_64+0xcd/0x230 [ 1291.616101][T25780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1291.616135][T25780] RIP: 0033:0x7fa30658e969 [ 1291.616162][T25780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1291.616196][T25780] RSP: 002b:00007fa307397038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1291.616228][T25780] RAX: ffffffffffffffda RBX: 00007fa3067b5fa0 RCX: 00007fa30658e969 [ 1291.616249][T25780] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000001 [ 1291.616269][T25780] RBP: 00007fa306610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1291.616289][T25780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1291.616307][T25780] R13: 0000000000000000 R14: 00007fa3067b5fa0 R15: 00007ffe2b376e58 [ 1291.616347][T25780] [ 1292.183909][T25792] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4718'. [ 1292.328851][T25791] ima: policy update failed [ 1292.333718][ T31] audit: type=1802 audit(4294970574.041:51): pid=25791 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.4718" res=0 errno=0 [ 1293.306629][T25814] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4722'. [ 1293.451393][T25814] ipvlan1: entered allmulticast mode [ 1293.575390][T25814] veth0_vlan: entered allmulticast mode [ 1293.908306][T25810] netlink: 338 bytes leftover after parsing attributes in process `syz.3.4722'. [ 1294.625864][T25829] netlink: 186 bytes leftover after parsing attributes in process `syz.0.4727'. [ 1295.052540][T25843] FAULT_INJECTION: forcing a failure. [ 1295.052540][T25843] name failslab, interval 1, probability 0, space 0, times 0 [ 1295.103145][T25843] CPU: 0 UID: 0 PID: 25843 Comm: syz.3.4729 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1295.103195][T25843] Tainted: [U]=USER [ 1295.103206][T25843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1295.103225][T25843] Call Trace: [ 1295.103235][T25843] [ 1295.103247][T25843] dump_stack_lvl+0x16c/0x1f0 [ 1295.103293][T25843] should_fail_ex+0x512/0x640 [ 1295.103375][T25843] should_failslab+0xc2/0x120 [ 1295.103415][T25843] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1295.103451][T25843] ? skb_clone+0x190/0x3f0 [ 1295.103492][T25843] skb_clone+0x190/0x3f0 [ 1295.103530][T25843] netlink_deliver_tap+0xabd/0xd30 [ 1295.103575][T25843] netlink_unicast+0x6b2/0x7f0 [ 1295.103617][T25843] ? __pfx_netlink_unicast+0x10/0x10 [ 1295.103661][T25843] ? genl_rcv_msg+0x4bb/0x800 [ 1295.103717][T25843] netlink_ack+0x696/0xb80 [ 1295.103768][T25843] netlink_rcv_skb+0x347/0x440 [ 1295.103806][T25843] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1295.103852][T25843] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1295.103911][T25843] ? __pfx_down_read+0x10/0x10 [ 1295.103961][T25843] ? netlink_deliver_tap+0x1ae/0xd30 [ 1295.104004][T25843] genl_rcv+0x28/0x40 [ 1295.104042][T25843] netlink_unicast+0x53a/0x7f0 [ 1295.104086][T25843] ? __pfx_netlink_unicast+0x10/0x10 [ 1295.104122][T25843] ? __lock_acquire+0xaa4/0x1ba0 [ 1295.104179][T25843] netlink_sendmsg+0x8d1/0xdd0 [ 1295.104225][T25843] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1295.104280][T25843] ____sys_sendmsg+0xa95/0xc70 [ 1295.104326][T25843] ? copy_msghdr_from_user+0x10a/0x160 [ 1295.104360][T25843] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1295.104427][T25843] ___sys_sendmsg+0x134/0x1d0 [ 1295.104464][T25843] ? __pfx____sys_sendmsg+0x10/0x10 [ 1295.104567][T25843] __sys_sendmsg+0x16d/0x220 [ 1295.104603][T25843] ? __pfx___sys_sendmsg+0x10/0x10 [ 1295.104658][T25843] ? rcu_is_watching+0x12/0xc0 [ 1295.104701][T25843] do_syscall_64+0xcd/0x230 [ 1295.104748][T25843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1295.104780][T25843] RIP: 0033:0x7fb54898e969 [ 1295.104805][T25843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1295.104836][T25843] RSP: 002b:00007fb5497f9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1295.104866][T25843] RAX: ffffffffffffffda RBX: 00007fb548bb5fa0 RCX: 00007fb54898e969 [ 1295.104886][T25843] RDX: 000000000400c080 RSI: 00002000000006c0 RDI: 0000000000000003 [ 1295.104905][T25843] RBP: 00007fb5497f9090 R08: 0000000000000000 R09: 0000000000000000 [ 1295.104923][T25843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1295.104941][T25843] R13: 0000000000000000 R14: 00007fb548bb5fa0 R15: 00007ffdd448a9b8 [ 1295.104983][T25843] [ 1296.216425][T25857] ptrace attach of "./syz-executor exec"[16235] was attempted by "./syz-executor exec"[25857] [ 1298.522670][ T31] audit: type=1800 audit(4294970580.253:52): pid=25902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4747" name="dummy_udc" dev="gadgetfs" ino=6439 res=0 errno=0 [ 1299.101146][T25915] ptrace attach of "./syz-executor exec"[24886] was attempted by "./syz-executor exec"[25915] [ 1300.311980][T25926] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4756'. [ 1300.342323][T24117] Process accounting resumed [ 1300.727054][T25934] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4758'. [ 1300.737042][T25937] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4758'. [ 1300.855055][T25939] netlink: 186 bytes leftover after parsing attributes in process `syz.4.4759'. [ 1301.932557][T25953] FAULT_INJECTION: forcing a failure. [ 1301.932557][T25953] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1301.969918][T25953] CPU: 0 UID: 0 PID: 25953 Comm: syz.2.4762 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1301.969971][T25953] Tainted: [U]=USER [ 1301.969982][T25953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1301.970002][T25953] Call Trace: [ 1301.970012][T25953] [ 1301.970025][T25953] dump_stack_lvl+0x16c/0x1f0 [ 1301.970081][T25953] should_fail_ex+0x512/0x640 [ 1301.970134][T25953] should_fail_alloc_page+0xe7/0x130 [ 1301.970178][T25953] prepare_alloc_pages+0x3c2/0x610 [ 1301.970238][T25953] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 1301.970285][T25953] ? cgroup_rstat_updated+0x2a/0xb20 [ 1301.970349][T25953] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1301.970390][T25953] ? weighted_interleave_nid+0x3e9/0x5a0 [ 1301.970442][T25953] ? __pfx_weighted_interleave_nid+0x10/0x10 [ 1301.970487][T25953] ? __lock_acquire+0x5ca/0x1ba0 [ 1301.970536][T25953] ? policy_nodemask+0xea/0x4e0 [ 1301.970578][T25953] alloc_pages_mpol+0x1fb/0x550 [ 1301.970620][T25953] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1301.970662][T25953] ? __lock_acquire+0x5ca/0x1ba0 [ 1301.970712][T25953] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1301.970762][T25953] vma_alloc_folio_noprof+0xed/0x1e0 [ 1301.970807][T25953] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 1301.970868][T25953] do_pte_missing+0x223d/0x3fb0 [ 1301.970916][T25953] __handle_mm_fault+0x103d/0x2a40 [ 1301.970962][T25953] ? __pfx___handle_mm_fault+0x10/0x10 [ 1301.970993][T25953] ? __pte_offset_map_lock+0x155/0x2f0 [ 1301.971040][T25953] ? find_held_lock+0x2b/0x80 [ 1301.971074][T25953] ? find_held_lock+0x2b/0x80 [ 1301.971132][T25953] handle_mm_fault+0x3fe/0xad0 [ 1301.971174][T25953] __get_user_pages+0x771/0x36f0 [ 1301.971238][T25953] ? __pfx_mt_find+0x10/0x10 [ 1301.971285][T25953] ? __pfx___get_user_pages+0x10/0x10 [ 1301.971354][T25953] populate_vma_page_range+0x278/0x3a0 [ 1301.971388][T25953] ? __pfx_populate_vma_page_range+0x10/0x10 [ 1301.971441][T25953] ? __pfx_find_vma_intersection+0x10/0x10 [ 1301.971493][T25953] ? do_mmap+0x69c/0x11b0 [ 1301.971547][T25953] __mm_populate+0x1d8/0x380 [ 1301.971579][T25953] ? __pfx___mm_populate+0x10/0x10 [ 1301.971613][T25953] ? up_write+0x1b2/0x520 [ 1301.971665][T25953] vm_mmap_pgoff+0x362/0x450 [ 1301.971716][T25953] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1301.971763][T25953] ? do_set_mempolicy+0x220/0x480 [ 1301.971810][T25953] ? __x64_sys_futex+0x1e0/0x4c0 [ 1301.971844][T25953] ? __x64_sys_futex+0x1e9/0x4c0 [ 1301.971885][T25953] ksys_mmap_pgoff+0x7d/0x5c0 [ 1301.971933][T25953] ? rcu_is_watching+0x12/0xc0 [ 1301.971968][T25953] __x64_sys_mmap+0x125/0x190 [ 1301.972005][T25953] do_syscall_64+0xcd/0x230 [ 1301.972054][T25953] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1301.972094][T25953] RIP: 0033:0x7f5124d8e969 [ 1301.972121][T25953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1301.972154][T25953] RSP: 002b:00007f5125b2a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1301.972184][T25953] RAX: ffffffffffffffda RBX: 00007f5124fb5fa0 RCX: 00007f5124d8e969 [ 1301.972206][T25953] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 1301.972225][T25953] RBP: 00007f5124e10ab1 R08: 0000000000000002 R09: 0000000000008000 [ 1301.972245][T25953] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 1301.972264][T25953] R13: 0000000000000000 R14: 00007f5124fb5fa0 R15: 00007fffc8b4a718 [ 1301.972306][T25953] [ 1302.328236][ T31] audit: type=1800 audit(4294970584.073:53): pid=25958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4763" name="dummy_udc" dev="gadgetfs" ino=6439 res=0 errno=0 [ 1306.753020][T26015] FAULT_INJECTION: forcing a failure. [ 1306.753020][T26015] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1306.789261][T26015] CPU: 0 UID: 0 PID: 26015 Comm: syz.4.4781 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1306.789319][T26015] Tainted: [U]=USER [ 1306.789333][T26015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1306.789353][T26015] Call Trace: [ 1306.789365][T26015] [ 1306.789379][T26015] dump_stack_lvl+0x16c/0x1f0 [ 1306.789430][T26015] should_fail_ex+0x512/0x640 [ 1306.789482][T26015] get_futex_key+0x49e/0x1000 [ 1306.789521][T26015] ? __pfx_get_futex_key+0x10/0x10 [ 1306.789570][T26015] futex_wake+0xe7/0x4e0 [ 1306.789616][T26015] ? __pfx_futex_wake+0x10/0x10 [ 1306.789673][T26015] ? kmem_cache_free+0x2d4/0x4d0 [ 1306.789707][T26015] ? fd_install+0x225/0x750 [ 1306.789756][T26015] ? putname+0x154/0x1a0 [ 1306.789802][T26015] do_futex+0x1e3/0x350 [ 1306.789838][T26015] ? __pfx_do_futex+0x10/0x10 [ 1306.789886][T26015] __x64_sys_futex+0x1e0/0x4c0 [ 1306.789923][T26015] ? __pfx_native_tss_update_io_bitmap+0x10/0x10 [ 1306.789956][T26015] ? __x64_sys_openat+0x174/0x210 [ 1306.790000][T26015] ? __pfx___x64_sys_futex+0x10/0x10 [ 1306.790039][T26015] ? rcu_is_watching+0x12/0xc0 [ 1306.790081][T26015] do_syscall_64+0xcd/0x230 [ 1306.790130][T26015] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1306.790164][T26015] RIP: 0033:0x7fa30658e969 [ 1306.790191][T26015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1306.790251][T26015] RSP: 002b:00007fa3073970e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1306.790283][T26015] RAX: ffffffffffffffda RBX: 00007fa3067b5fa8 RCX: 00007fa30658e969 [ 1306.790305][T26015] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa3067b5fac [ 1306.790325][T26015] RBP: 00007fa3067b5fa0 R08: 00007fa307398000 R09: 0000000000000000 [ 1306.790345][T26015] R10: 0000000000000007 R11: 0000000000000246 R12: 00007fa3067b5fac [ 1306.790365][T26015] R13: 0000000000000000 R14: 00007ffe2b376d70 R15: 00007ffe2b376e58 [ 1306.790408][T26015] [ 1309.008721][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1309.020044][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1310.186699][T24965] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1310.214995][T24965] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1310.225631][T24965] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1310.245109][T24965] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1310.251237][T26069] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4795'. [ 1310.266689][T24965] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1310.685392][T26066] chnl_net:caif_netlink_parms(): no params data found [ 1311.317616][T24554] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1312.015555][T24554] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1312.345928][ T5141] Bluetooth: hci3: command tx timeout [ 1312.387999][T24554] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1312.732494][T24554] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1312.801210][T26066] bridge0: port 1(bridge_slave_0) entered blocking state [ 1312.827553][T26066] bridge0: port 1(bridge_slave_0) entered disabled state [ 1312.866444][T26066] bridge_slave_0: entered allmulticast mode [ 1312.914914][T26066] bridge_slave_0: entered promiscuous mode [ 1312.959289][T26066] bridge0: port 2(bridge_slave_1) entered blocking state [ 1313.013524][T26066] bridge0: port 2(bridge_slave_1) entered disabled state [ 1313.047423][T26066] bridge_slave_1: entered allmulticast mode [ 1313.094792][T26066] bridge_slave_1: entered promiscuous mode [ 1313.444906][T26066] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1313.470649][T26066] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1313.641625][T26066] team0: Port device team_slave_0 added [ 1313.696137][T26066] team0: Port device team_slave_1 added [ 1313.972820][T26066] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1314.023354][T26066] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1314.107421][T26066] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1314.160857][T26066] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1314.171109][T26066] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1314.198228][T26066] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1314.331119][T26117] misc userio: No port type given on /dev/userio [ 1314.425520][ T5141] Bluetooth: hci3: command tx timeout [ 1316.484351][ T5141] Bluetooth: hci3: command tx timeout [ 1316.615486][T24554] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1316.627372][T24554] bond0 (unregistering): Released all slaves [ 1316.657879][T26066] hsr_slave_0: entered promiscuous mode [ 1316.668965][T26066] hsr_slave_1: entered promiscuous mode [ 1316.679655][T26066] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1316.691902][T26066] Cannot create hsr debugfs directory [ 1317.456731][T26168] netlink: 330 bytes leftover after parsing attributes in process `syz.0.4813'. [ 1317.830264][T26177] netlink: 330 bytes leftover after parsing attributes in process `syz.0.4813'. [ 1318.426872][T24554] hsr_slave_0: left promiscuous mode [ 1318.446095][T24554] hsr_slave_1: left promiscuous mode [ 1318.465038][T24554] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1318.472529][T24554] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1318.502518][T24554] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1318.513919][T24554] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1318.553887][ T5141] Bluetooth: hci3: command tx timeout [ 1318.570644][T24554] veth1_macvtap: left promiscuous mode [ 1318.593512][T24554] veth0_macvtap: left promiscuous mode [ 1318.607254][T26192] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(1) [ 1319.157349][T24554] team0 (unregistering): Port device team_slave_1 removed [ 1319.234142][T24554] team0 (unregistering): Port device team_slave_0 removed [ 1320.064357][T26192] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1320.070792][T26192] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1320.089823][T26192] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1320.111576][T26192] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1320.129767][T26192] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1320.156076][T26192] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1320.163140][T26192] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1320.172038][T26192] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1321.177212][T26066] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1321.232162][T26066] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1321.315035][T26066] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1321.645324][T26066] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1322.134956][ T5141] Bluetooth: hci2: command 0x0c1a tx timeout [ 1322.141080][ T5141] Bluetooth: hci0: command 0x0419 tx timeout [ 1322.148053][T24965] Bluetooth: hci4: command 0x0c1a tx timeout [ 1322.220444][ T5141] Bluetooth: hci3: command 0x0c1a tx timeout [ 1322.271546][T26066] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1322.397879][T26066] 8021q: adding VLAN 0 to HW filter on device team0 [ 1322.468968][T24525] bridge0: port 1(bridge_slave_0) entered blocking state [ 1322.476223][T24525] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1322.575124][T24514] bridge0: port 2(bridge_slave_1) entered blocking state [ 1322.582431][T24514] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1323.766927][T26066] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1324.090663][T26066] veth0_vlan: entered promiscuous mode [ 1324.187599][T26066] veth1_vlan: entered promiscuous mode [ 1324.209772][ T5141] Bluetooth: hci2: command 0x0c1a tx timeout [ 1324.252892][T26066] veth0_macvtap: entered promiscuous mode [ 1324.273233][T26066] veth1_macvtap: entered promiscuous mode [ 1324.289621][ T5141] Bluetooth: hci3: command 0x0c1a tx timeout [ 1324.409181][T26066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1324.468225][T26066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1324.530370][T26066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1324.596295][T26066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1324.638970][T26195] Process accounting paused [ 1324.639895][T26066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1324.664294][T26066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1324.703714][T26066] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1324.770405][T26066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1324.830872][T26066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1324.850968][T26066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1324.890496][T26066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1324.930372][T26066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1324.970058][T26066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1324.993153][T26066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1325.032728][T26260] UHID_CREATE from different security context by process 2075 (syz.0.4823), this is not allowed. [ 1325.053410][T26066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1325.096458][T26066] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1325.136881][T26066] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1325.169113][T26066] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1325.177907][T26066] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1325.241743][T26066] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1325.688177][T24554] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1325.736196][T24554] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1325.869171][T24554] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1325.895112][T24554] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1326.284102][ T5141] Bluetooth: hci2: command 0x0c1a tx timeout [ 1326.363224][ T5141] Bluetooth: hci3: command 0x0c1a tx timeout [ 1326.497554][ T31] audit: type=1800 audit(4294970610.370:54): pid=26294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4827" name="dummy_udc" dev="gadgetfs" ino=6439 res=0 errno=0 [ 1326.635504][T26287] kernel read not supported for file /\*)A (pid: 26287 comm: syz.2.4788) [ 1326.657211][ T31] audit: type=1800 audit(4294970610.521:55): pid=26287 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4788" name="\*)A" dev="mqueue" ino=104921 res=0 errno=0 [ 1328.370500][T26325] mkiss: ax0: crc mode is auto. [ 1329.277812][T26344] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input36 [ 1329.911077][T26348] kernel read not supported for file /\*)A (pid: 26348 comm: syz.3.4836) [ 1329.948264][ T31] audit: type=1800 audit(4294970613.838:56): pid=26348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4836" name="\*)A" dev="mqueue" ino=101782 res=0 errno=0 [ 1330.234486][T26355] vivid-007: ================= START STATUS ================= [ 1330.242283][T26355] vivid-007: Generate PTS: true [ 1330.247577][T26355] vivid-007: Generate SCR: true [ 1330.253130][T26355] tpg source WxH: 640x360 (Y'CbCr) [ 1330.258297][T26355] tpg field: 1 [ 1330.261703][T26355] tpg crop: (0,0)/640x360 [ 1330.279122][T26355] tpg compose: (0,0)/640x360 [ 1330.297224][T26355] tpg colorspace: 8 [ 1330.311989][T26355] tpg transfer function: 0/2 [ 1330.316737][T26355] tpg Y'CbCr encoding: 0/1 [ 1330.321598][T26355] tpg quantization: 0/2 [ 1330.327686][T26355] tpg RGB range: 0/2 [ 1330.331774][T26355] vivid-007: ================== END STATUS ================== [ 1331.163798][T21627] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1331.177992][T21627] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1331.188556][T21627] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1331.219312][T21627] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1331.238970][T21627] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1332.702136][T26370] chnl_net:caif_netlink_parms(): no params data found [ 1332.800719][T26385] FAULT_INJECTION: forcing a failure. [ 1332.800719][T26385] name failslab, interval 1, probability 0, space 0, times 0 [ 1332.814687][T26385] CPU: 1 UID: 0 PID: 26385 Comm: syz.4.4843 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1332.814728][T26385] Tainted: [U]=USER [ 1332.814736][T26385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1332.814752][T26385] Call Trace: [ 1332.814759][T26385] [ 1332.814770][T26385] dump_stack_lvl+0x16c/0x1f0 [ 1332.814808][T26385] should_fail_ex+0x512/0x640 [ 1332.814842][T26385] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1332.814873][T26385] should_failslab+0xc2/0x120 [ 1332.814902][T26385] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1332.814927][T26385] ? __proc_create+0xc3/0x8c0 [ 1332.814954][T26385] ? __proc_create+0x2ce/0x8c0 [ 1332.814984][T26385] __proc_create+0x2ce/0x8c0 [ 1332.815011][T26385] ? __pfx___proc_create+0x10/0x10 [ 1332.815040][T26385] ? proc_register+0x314/0x5f0 [ 1332.815072][T26385] proc_create_reg+0x7d/0x180 [ 1332.815103][T26385] proc_create_net_data+0x8e/0x1b0 [ 1332.815131][T26385] ? __pfx_proc_create_net_data+0x10/0x10 [ 1332.815158][T26385] ? __pfx_uevent_net_rcv+0x10/0x10 [ 1332.815203][T26385] ? __pfx_dev_mc_net_init+0x10/0x10 [ 1332.815240][T26385] dev_mc_net_init+0x50/0x70 [ 1332.815275][T26385] ops_init+0x1df/0x5f0 [ 1332.815306][T26385] setup_net+0x21e/0x850 [ 1332.815337][T26385] ? __pfx_setup_net+0x10/0x10 [ 1332.815363][T26385] ? lockdep_init_map_type+0x5c/0x280 [ 1332.815397][T26385] ? __pfx_down_read_killable+0x10/0x10 [ 1332.815437][T26385] ? debug_mutex_init+0x37/0x70 [ 1332.815479][T26385] copy_net_ns+0x2a6/0x5f0 [ 1332.815513][T26385] create_new_namespaces+0x3ea/0xad0 [ 1332.815547][T26385] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1332.815576][T26385] ksys_unshare+0x45b/0xa40 [ 1332.815610][T26385] ? __pfx_ksys_unshare+0x10/0x10 [ 1332.815665][T26385] ? xfd_validate_state+0x5d/0x180 [ 1332.815708][T26385] ? rcu_is_watching+0x12/0xc0 [ 1332.815737][T26385] __x64_sys_unshare+0x31/0x40 [ 1332.815769][T26385] do_syscall_64+0xcd/0x230 [ 1332.815804][T26385] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1332.815828][T26385] RIP: 0033:0x7fa30658e969 [ 1332.815847][T26385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1332.815872][T26385] RSP: 002b:00007fa307397038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1332.815894][T26385] RAX: ffffffffffffffda RBX: 00007fa3067b5fa0 RCX: 00007fa30658e969 [ 1332.815910][T26385] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1332.815924][T26385] RBP: 00007fa306610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1332.815939][T26385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1332.815954][T26385] R13: 0000000000000000 R14: 00007fa3067b5fa0 R15: 00007ffe2b376e58 [ 1332.815984][T26385] [ 1333.375044][T21627] Bluetooth: hci1: command tx timeout [ 1333.580082][T26370] bridge0: port 1(bridge_slave_0) entered blocking state [ 1333.597165][T26370] bridge0: port 1(bridge_slave_0) entered disabled state [ 1333.626418][T26370] bridge_slave_0: entered allmulticast mode [ 1333.634556][T26370] bridge_slave_0: entered promiscuous mode [ 1333.698510][T26370] bridge0: port 2(bridge_slave_1) entered blocking state [ 1333.706023][T26370] bridge0: port 2(bridge_slave_1) entered disabled state [ 1333.713437][T26370] bridge_slave_1: entered allmulticast mode [ 1333.723517][T26370] bridge_slave_1: entered promiscuous mode [ 1333.969884][T26370] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1334.012538][T26370] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1334.166934][T26370] team0: Port device team_slave_0 added [ 1334.186077][T26370] team0: Port device team_slave_1 added [ 1334.289066][T26370] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1334.297028][T26370] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1334.332091][T26370] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1334.347171][T26370] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1334.354760][T26370] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1334.381472][T26370] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1334.503994][T26370] hsr_slave_0: entered promiscuous mode [ 1334.521237][T26370] hsr_slave_1: entered promiscuous mode [ 1334.527734][T26370] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1334.545747][T26370] Cannot create hsr debugfs directory [ 1334.895414][T26370] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1334.994666][T26400] kernel read not supported for file /\*)A (pid: 26400 comm: syz.2.4847) [ 1335.023224][ T31] audit: type=1800 audit(4294970618.945:57): pid=26400 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4847" name="\*)A" dev="mqueue" ino=104921 res=0 errno=0 [ 1335.059961][T26370] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1335.248738][T26370] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1335.425946][T21627] Bluetooth: hci1: command tx timeout [ 1335.450555][T26370] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1336.239234][T26370] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1336.266537][T26370] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1336.301808][T26370] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1336.333431][T26370] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1336.913864][T26370] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1337.098666][ T31] audit: type=1800 audit(4294970621.035:58): pid=26430 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4852" name="dummy_udc" dev="gadgetfs" ino=6439 res=0 errno=0 [ 1337.101368][T26370] 8021q: adding VLAN 0 to HW filter on device team0 [ 1337.223264][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 1337.230507][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1337.264919][T24514] bridge0: port 2(bridge_slave_1) entered blocking state [ 1337.272165][T24514] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1337.498741][T21627] Bluetooth: hci1: command tx timeout [ 1338.634240][T26370] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1338.870567][T26370] veth0_vlan: entered promiscuous mode [ 1338.890826][T26370] veth1_vlan: entered promiscuous mode [ 1338.990048][T26370] veth0_macvtap: entered promiscuous mode [ 1339.199592][T26370] veth1_macvtap: entered promiscuous mode [ 1339.254172][T26458] hub 8-0:1.0: USB hub found [ 1339.294664][T26370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1339.306844][T26458] hub 8-0:1.0: 1 port detected [ 1339.344382][T26370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1339.375158][T26370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1339.405518][T26370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1339.418319][T26370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1339.430056][T26370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1339.440396][T26370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1339.483152][T26370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1339.508049][T26370] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1339.528393][T26370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1339.542325][T26465] sysfs_service_op_store: Client not running :-5: [ 1339.561173][T26370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1339.572327][T21627] Bluetooth: hci1: command tx timeout [ 1339.597256][T26370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1339.619195][T26370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1339.646371][T26370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1339.673727][T26370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1339.683985][T26370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1339.703427][T26370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1339.713820][T26370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1339.731386][T26370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1339.764924][T26370] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1339.784158][T26465] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 1339.822638][T26465] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 1339.863109][T26370] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1339.882704][T26370] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1339.891508][T26370] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1339.911659][T26370] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1340.107526][T24572] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1340.141152][T24572] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1340.228774][T24554] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1340.255367][T24554] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1342.070300][T26506] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:7 is already present [ 1342.239872][T26505] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4869'. [ 1342.293593][T26507] netlink: 326 bytes leftover after parsing attributes in process `syz.2.4869'. [ 1346.723096][T26582] vivid-007: ================= START STATUS ================= [ 1346.766798][T26582] vivid-007: Generate PTS: true [ 1346.772280][T26582] vivid-007: Generate SCR: true [ 1346.800468][T26582] tpg source WxH: 640x360 (Y'CbCr) [ 1346.805677][T26582] tpg field: 1 [ 1346.836709][T26582] tpg crop: (0,0)/640x360 [ 1346.841124][T26582] tpg compose: (0,0)/640x360 [ 1346.846084][T26582] tpg colorspace: 8 [ 1346.852909][T26582] tpg transfer function: 0/2 [ 1346.869232][T26582] tpg Y'CbCr encoding: 0/1 [ 1346.873732][T26582] tpg quantization: 0/2 [ 1346.939459][T26582] tpg RGB range: 0/2 [ 1346.943451][T26582] vivid-007: ================== END STATUS ================== [ 1347.465072][T26589] kernel read not supported for file /\*)A (pid: 26589 comm: syz.0.4886) [ 1347.487432][ T31] audit: type=1800 audit(4294970631.469:59): pid=26589 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4886" name="\*)A" dev="mqueue" ino=106203 res=0 errno=0 [ 1347.916358][T26596] FAULT_INJECTION: forcing a failure. [ 1347.916358][T26596] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1348.014008][T26596] CPU: 1 UID: 0 PID: 26596 Comm: syz.0.4888 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1348.014061][T26596] Tainted: [U]=USER [ 1348.014072][T26596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1348.014091][T26596] Call Trace: [ 1348.014102][T26596] [ 1348.014114][T26596] dump_stack_lvl+0x16c/0x1f0 [ 1348.014162][T26596] should_fail_ex+0x512/0x640 [ 1348.014214][T26596] _copy_from_user+0x2e/0xd0 [ 1348.014264][T26596] core_sys_select+0x35a/0xbe0 [ 1348.014325][T26596] ? __pfx_core_sys_select+0x10/0x10 [ 1348.014390][T26596] ? proc_fail_nth_write+0x9f/0x250 [ 1348.014471][T26596] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1348.014527][T26596] kern_select+0x15d/0x1e0 [ 1348.014576][T26596] ? __pfx_kern_select+0x10/0x10 [ 1348.014631][T26596] ? __pfx_ksys_write+0x10/0x10 [ 1348.014658][T26596] ? rcu_is_watching+0x12/0xc0 [ 1348.014694][T26596] __x64_sys_select+0xbd/0x160 [ 1348.014741][T26596] ? do_syscall_64+0x91/0x230 [ 1348.014785][T26596] ? lockdep_hardirqs_on+0x7c/0x110 [ 1348.014825][T26596] do_syscall_64+0xcd/0x230 [ 1348.014870][T26596] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1348.014902][T26596] RIP: 0033:0x7fe2b2b8e969 [ 1348.014928][T26596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1348.014959][T26596] RSP: 002b:00007fe2b3a53038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 1348.014989][T26596] RAX: ffffffffffffffda RBX: 00007fe2b2db6080 RCX: 00007fe2b2b8e969 [ 1348.015010][T26596] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 1348.015027][T26596] RBP: 00007fe2b3a53090 R08: 0000000000000000 R09: 0000000000000000 [ 1348.015044][T26596] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001 [ 1348.015062][T26596] R13: 0000000000000000 R14: 00007fe2b2db6080 R15: 00007fff802cb0e8 [ 1348.015101][T26596] [ 1350.420655][T26625] zswap: compressor not available [ 1350.530248][T26634] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1350.597315][T26634] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1350.610885][T26634] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1350.624425][T26634] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1350.644495][T26634] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1350.764007][T26634] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1351.075358][ T31] audit: type=1800 audit(4294970635.078:60): pid=26640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4896" name="dummy_udc" dev="gadgetfs" ino=6439 res=0 errno=0 [ 1351.296338][T26645] delete_channel: no stack [ 1351.414644][T26653] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4900'. [ 1351.909411][T26668] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4902'. [ 1352.536952][T21627] Bluetooth: hci0: command 0x0419 tx timeout [ 1352.616647][T21627] Bluetooth: hci3: command 0x0c1a tx timeout [ 1352.622923][ T5141] Bluetooth: hci2: command 0x0c1a tx timeout [ 1352.696150][T21627] Bluetooth: hci1: command 0x0c1a tx timeout [ 1353.704992][T26693] FAULT_INJECTION: forcing a failure. [ 1353.704992][T26693] name failslab, interval 1, probability 0, space 0, times 0 [ 1353.726865][T26693] CPU: 1 UID: 0 PID: 26693 Comm: syz.3.4906 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1353.726921][T26693] Tainted: [U]=USER [ 1353.726933][T26693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1353.726952][T26693] Call Trace: [ 1353.726964][T26693] [ 1353.726978][T26693] dump_stack_lvl+0x16c/0x1f0 [ 1353.727027][T26693] should_fail_ex+0x512/0x640 [ 1353.727073][T26693] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1353.727133][T26693] should_failslab+0xc2/0x120 [ 1353.727182][T26693] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1353.727239][T26693] ? vhost_net_open+0x123/0x8a0 [ 1353.727275][T26693] ? kasan_save_track+0x14/0x30 [ 1353.727314][T26693] vhost_net_open+0x123/0x8a0 [ 1353.727348][T26693] ? __pfx_vhost_net_open+0x10/0x10 [ 1353.727384][T26693] misc_open+0x35a/0x420 [ 1353.727434][T26693] ? __pfx_misc_open+0x10/0x10 [ 1353.727485][T26693] chrdev_open+0x231/0x6a0 [ 1353.727519][T26693] ? __pfx_apparmor_file_open+0x10/0x10 [ 1353.727561][T26693] ? __pfx_chrdev_open+0x10/0x10 [ 1353.727599][T26693] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1353.727657][T26693] do_dentry_open+0x741/0x1c10 [ 1353.727692][T26693] ? __pfx_chrdev_open+0x10/0x10 [ 1353.727737][T26693] vfs_open+0x82/0x3f0 [ 1353.727782][T26693] path_openat+0x1e5e/0x2d40 [ 1353.727830][T26693] ? __pfx_path_openat+0x10/0x10 [ 1353.727875][T26693] do_filp_open+0x20b/0x470 [ 1353.727908][T26693] ? __pfx_do_filp_open+0x10/0x10 [ 1353.727971][T26693] ? alloc_fd+0x471/0x7d0 [ 1353.728035][T26693] do_sys_openat2+0x11b/0x1d0 [ 1353.728079][T26693] ? __pfx_do_sys_openat2+0x10/0x10 [ 1353.728127][T26693] ? do_fcntl+0x1eb/0x1590 [ 1353.728181][T26693] __x64_sys_openat+0x174/0x210 [ 1353.728229][T26693] ? __pfx___x64_sys_openat+0x10/0x10 [ 1353.728278][T26693] ? rcu_is_watching+0x12/0xc0 [ 1353.728322][T26693] do_syscall_64+0xcd/0x230 [ 1353.728372][T26693] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1353.728406][T26693] RIP: 0033:0x7fb54898e969 [ 1353.728433][T26693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1353.728467][T26693] RSP: 002b:00007fb5497f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1353.728498][T26693] RAX: ffffffffffffffda RBX: 00007fb548bb5fa0 RCX: 00007fb54898e969 [ 1353.728521][T26693] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1353.728542][T26693] RBP: 00007fb548a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1353.728562][T26693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1353.728581][T26693] R13: 0000000000000000 R14: 00007fb548bb5fa0 R15: 00007ffdd448a9b8 [ 1353.728623][T26693] [ 1354.749498][T26704] FAULT_INJECTION: forcing a failure. [ 1354.749498][T26704] name failslab, interval 1, probability 0, space 0, times 0 [ 1354.772495][T21627] Bluetooth: hci1: command 0x0c1a tx timeout [ 1354.782242][T26704] CPU: 0 UID: 0 PID: 26704 Comm: syz.0.4910 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1354.782300][T26704] Tainted: [U]=USER [ 1354.782312][T26704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1354.782332][T26704] Call Trace: [ 1354.782344][T26704] [ 1354.782357][T26704] dump_stack_lvl+0x16c/0x1f0 [ 1354.782415][T26704] should_fail_ex+0x512/0x640 [ 1354.782461][T26704] ? fs_reclaim_acquire+0xae/0x150 [ 1354.782519][T26704] ? ima_alloc_init_template+0x19d/0x720 [ 1354.782551][T26704] should_failslab+0xc2/0x120 [ 1354.782593][T26704] __kmalloc_noprof+0xd2/0x510 [ 1354.782630][T26704] ? __print_lock_name+0xc1/0xe0 [ 1354.782669][T26704] ima_alloc_init_template+0x19d/0x720 [ 1354.782704][T26704] ? take_dentry_name_snapshot+0x319/0x7d0 [ 1354.782752][T26704] ima_store_measurement+0x1eb/0x5c0 [ 1354.782790][T26704] ? __pfx_ima_store_measurement+0x10/0x10 [ 1354.782826][T26704] ? vfs_getxattr_alloc+0xec/0x340 [ 1354.782892][T26704] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1354.782948][T26704] process_measurement+0x1ddb/0x23e0 [ 1354.783014][T26704] ? __pfx_process_measurement+0x10/0x10 [ 1354.783062][T26704] ? __lock_acquire+0x5ca/0x1ba0 [ 1354.783116][T26704] ? init_file+0x93/0x4c0 [ 1354.783153][T26704] ? alloc_empty_file+0x73/0x1e0 [ 1354.783193][T26704] ? hugetlb_file_setup+0x4cd/0x620 [ 1354.783234][T26704] ? ksys_mmap_pgoff+0x189/0x5c0 [ 1354.783278][T26704] ? __x64_sys_mmap+0x125/0x190 [ 1354.783369][T26704] ima_file_mmap+0x1b1/0x1d0 [ 1354.783420][T26704] ? __pfx_ima_file_mmap+0x10/0x10 [ 1354.783480][T26704] security_mmap_file+0x88c/0x990 [ 1354.783526][T26704] vm_mmap_pgoff+0xec/0x450 [ 1354.783579][T26704] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1354.783625][T26704] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1354.783670][T26704] ? hugetlbfs_get_inode+0x31f/0x730 [ 1354.783724][T26704] ksys_mmap_pgoff+0x1c8/0x5c0 [ 1354.783772][T26704] ? rcu_is_watching+0x12/0xc0 [ 1354.783808][T26704] __x64_sys_mmap+0x125/0x190 [ 1354.783844][T26704] do_syscall_64+0xcd/0x230 [ 1354.783894][T26704] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1354.783927][T26704] RIP: 0033:0x7fe2b2b8e969 [ 1354.783954][T26704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1354.783987][T26704] RSP: 002b:00007fe2b3a74038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1354.784016][T26704] RAX: ffffffffffffffda RBX: 00007fe2b2db5fa0 RCX: 00007fe2b2b8e969 [ 1354.784037][T26704] RDX: 00004000000000df RSI: 0000000000200004 RDI: 0000000000000000 [ 1354.784058][T26704] RBP: 00007fe2b2c10ab1 R08: ffffffffffffffff R09: 0000300016000000 [ 1354.784079][T26704] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 1354.784099][T26704] R13: 0000000000000000 R14: 00007fe2b2db5fa0 R15: 00007fff802cb0e8 [ 1354.784149][T26704] [ 1355.080329][ T31] audit: type=1804 audit(4294970639.079:61): pid=26704 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.0.4910" name="anon_hugepage" dev="hugetlbfs" ino=107641 res=0 errno=0 [ 1355.310498][T26711] FAULT_INJECTION: forcing a failure. [ 1355.310498][T26711] name failslab, interval 1, probability 0, space 0, times 0 [ 1355.323947][T26711] CPU: 0 UID: 0 PID: 26711 Comm: syz.0.4911 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1355.323996][T26711] Tainted: [U]=USER [ 1355.324007][T26711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1355.324024][T26711] Call Trace: [ 1355.324035][T26711] [ 1355.324047][T26711] dump_stack_lvl+0x16c/0x1f0 [ 1355.324094][T26711] should_fail_ex+0x512/0x640 [ 1355.324136][T26711] ? __kmalloc_noprof+0xbf/0x510 [ 1355.324173][T26711] ? devlink_fmsg_put_value+0xaa/0x2d0 [ 1355.324208][T26711] should_failslab+0xc2/0x120 [ 1355.324245][T26711] __kmalloc_noprof+0xd2/0x510 [ 1355.324288][T26711] devlink_fmsg_put_value+0xaa/0x2d0 [ 1355.324337][T26711] devlink_fmsg_string_pair_put+0xc1/0x1b0 [ 1355.324381][T26711] nsim_dev_dummy_reporter_dump+0x54/0xa0 [ 1355.324419][T26711] devlink_health_do_dump+0x240/0x620 [ 1355.324464][T26711] devlink_health_report+0x3c9/0x9c0 [ 1355.324507][T26711] ? __pfx_devlink_health_report+0x10/0x10 [ 1355.324547][T26711] ? _copy_from_user+0x59/0xd0 [ 1355.324597][T26711] nsim_dev_health_break_write+0x166/0x210 [ 1355.324631][T26711] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 1355.324681][T26711] full_proxy_write+0x13c/0x200 [ 1355.324722][T26711] vfs_write+0x25c/0x1180 [ 1355.324749][T26711] ? __pfx_full_proxy_write+0x10/0x10 [ 1355.324791][T26711] ? __pfx___mutex_lock+0x10/0x10 [ 1355.324844][T26711] ? __pfx_vfs_write+0x10/0x10 [ 1355.324886][T26711] ? __fget_files+0x20e/0x3c0 [ 1355.324943][T26711] ksys_write+0x12a/0x240 [ 1355.324964][T26711] ? __pfx_ksys_write+0x10/0x10 [ 1355.324984][T26711] ? rcu_is_watching+0x12/0xc0 [ 1355.325015][T26711] do_syscall_64+0xcd/0x230 [ 1355.325050][T26711] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1355.325074][T26711] RIP: 0033:0x7fe2b2b8e969 [ 1355.325093][T26711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1355.325117][T26711] RSP: 002b:00007fe2b3a53038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1355.325139][T26711] RAX: ffffffffffffffda RBX: 00007fe2b2db6080 RCX: 00007fe2b2b8e969 [ 1355.325155][T26711] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000008 [ 1355.325169][T26711] RBP: 00007fe2b3a53090 R08: 0000000000000000 R09: 0000000000000000 [ 1355.325183][T26711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1355.325197][T26711] R13: 0000000000000000 R14: 00007fe2b2db6080 R15: 00007fff802cb0e8 [ 1355.325228][T26711] [ 1356.077646][T26710] FAULT_INJECTION: forcing a failure. [ 1356.077646][T26710] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1356.170042][T26710] CPU: 1 UID: 0 PID: 26710 Comm: syz.0.4911 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1356.170087][T26710] Tainted: [U]=USER [ 1356.170094][T26710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1356.170108][T26710] Call Trace: [ 1356.170116][T26710] [ 1356.170125][T26710] dump_stack_lvl+0x16c/0x1f0 [ 1356.170161][T26710] should_fail_ex+0x512/0x640 [ 1356.170197][T26710] get_futex_key+0x1c2/0x1000 [ 1356.170224][T26710] ? __pfx_get_futex_key+0x10/0x10 [ 1356.170257][T26710] futex_wake+0xe7/0x4e0 [ 1356.170282][T26710] ? rcu_is_watching+0x12/0xc0 [ 1356.170307][T26710] ? __pfx_futex_wake+0x10/0x10 [ 1356.170348][T26710] do_futex+0x1e3/0x350 [ 1356.170372][T26710] ? __pfx_do_futex+0x10/0x10 [ 1356.170395][T26710] ? __might_fault+0xe3/0x190 [ 1356.170428][T26710] mm_release+0x24e/0x300 [ 1356.170454][T26710] do_exit+0x898/0x2c30 [ 1356.170483][T26710] ? __pfx_futex_wake_mark+0x10/0x10 [ 1356.170517][T26710] ? __pfx_do_exit+0x10/0x10 [ 1356.170547][T26710] ? do_raw_spin_lock+0x12c/0x2b0 [ 1356.170580][T26710] ? find_held_lock+0x2b/0x80 [ 1356.170606][T26710] do_group_exit+0xd3/0x2a0 [ 1356.170639][T26710] get_signal+0x2673/0x26d0 [ 1356.170675][T26710] ? __pfx_get_signal+0x10/0x10 [ 1356.170700][T26710] ? do_futex+0x122/0x350 [ 1356.170724][T26710] ? __pfx_do_futex+0x10/0x10 [ 1356.170753][T26710] arch_do_signal_or_restart+0x8f/0x7a0 [ 1356.170788][T26710] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1356.170831][T26710] ? rcu_is_watching+0x12/0xc0 [ 1356.170857][T26710] syscall_exit_to_user_mode+0x150/0x2a0 [ 1356.170890][T26710] do_syscall_64+0xda/0x230 [ 1356.170925][T26710] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1356.170949][T26710] RIP: 0033:0x7fe2b2b8e969 [ 1356.170968][T26710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1356.170997][T26710] RSP: 002b:00007fe2b3a740e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1356.171019][T26710] RAX: fffffffffffffe00 RBX: 00007fe2b2db5fa8 RCX: 00007fe2b2b8e969 [ 1356.171036][T26710] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe2b2db5fa8 [ 1356.171051][T26710] RBP: 00007fe2b2db5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1356.171066][T26710] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe2b2db5fac [ 1356.171080][T26710] R13: 0000000000000000 R14: 00007fff802cb000 R15: 00007fff802cb0e8 [ 1356.171109][T26710] [ 1356.603263][ T64] EXT4-fs (sda1): Delayed block allocation failed for inode 1934 at logical offset 1340 with max blocks 13 with error 117 [ 1356.616960][ T64] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1356.616960][ T64] [ 1356.834802][T21627] Bluetooth: hci1: command 0x0c1a tx timeout [ 1360.458128][T26764] binder: 26763:26764 ioctl c00c6211 0 returned -14 [ 1365.822630][T26816] binder: 26814:26816 ioctl 40046210 0 returned -14 [ 1366.440672][T26848] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4944'. [ 1366.540910][T26848] netlink: 350 bytes leftover after parsing attributes in process `syz.2.4944'. [ 1367.991910][T26863] Invalid ELF header magic: != ELF [ 1368.430109][T26890] random: crng reseeded on system resumption [ 1368.449822][T26890] FAULT_INJECTION: forcing a failure. [ 1368.449822][T26890] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1368.507381][T26890] CPU: 1 UID: 0 PID: 26890 Comm: syz.3.4953 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1368.507435][T26890] Tainted: [U]=USER [ 1368.507446][T26890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1368.507464][T26890] Call Trace: [ 1368.507475][T26890] [ 1368.507487][T26890] dump_stack_lvl+0x16c/0x1f0 [ 1368.507534][T26890] should_fail_ex+0x512/0x640 [ 1368.507585][T26890] should_fail_alloc_page+0xe7/0x130 [ 1368.507626][T26890] prepare_alloc_pages+0x3c2/0x610 [ 1368.507674][T26890] ? rcu_is_watching+0x12/0xc0 [ 1368.507717][T26890] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 1368.507765][T26890] ? stack_trace_save+0x8e/0xc0 [ 1368.507796][T26890] ? __pfx_stack_trace_save+0x10/0x10 [ 1368.507827][T26890] ? stack_depot_save_flags+0x28/0xa50 [ 1368.507875][T26890] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1368.507915][T26890] ? kasan_save_stack+0x42/0x60 [ 1368.507946][T26890] ? kasan_save_stack+0x33/0x60 [ 1368.507975][T26890] ? kasan_save_track+0x14/0x30 [ 1368.508013][T26890] ? vfs_open+0x82/0x3f0 [ 1368.508049][T26890] ? path_openat+0x1e5e/0x2d40 [ 1368.508076][T26890] ? do_filp_open+0x20b/0x470 [ 1368.508103][T26890] ? do_sys_openat2+0x11b/0x1d0 [ 1368.508141][T26890] ? __x64_sys_openat+0x174/0x210 [ 1368.508182][T26890] ? do_syscall_64+0xcd/0x230 [ 1368.508222][T26890] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1368.508258][T26890] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1368.508299][T26890] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1368.508343][T26890] ? policy_nodemask+0xea/0x4e0 [ 1368.508384][T26890] alloc_pages_mpol+0x1fb/0x550 [ 1368.508417][T26890] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1368.508459][T26890] alloc_pages_noprof+0x131/0x390 [ 1368.508492][T26890] get_zeroed_page_noprof+0x14/0x50 [ 1368.508529][T26890] get_image_page+0x18/0x190 [ 1368.508571][T26890] alloc_rtree_node+0x3c/0xb0 [ 1368.508614][T26890] memory_bm_create+0x515/0x810 [ 1368.508669][T26890] create_basic_memory_bitmaps+0x10f/0x680 [ 1368.508710][T26890] snapshot_open+0x235/0x2b0 [ 1368.508738][T26890] ? __pfx_snapshot_open+0x10/0x10 [ 1368.508769][T26890] misc_open+0x35a/0x420 [ 1368.508810][T26890] ? __pfx_misc_open+0x10/0x10 [ 1368.508849][T26890] chrdev_open+0x231/0x6a0 [ 1368.508876][T26890] ? __pfx_apparmor_file_open+0x10/0x10 [ 1368.508910][T26890] ? __pfx_chrdev_open+0x10/0x10 [ 1368.508941][T26890] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1368.508989][T26890] do_dentry_open+0x741/0x1c10 [ 1368.509017][T26890] ? __pfx_chrdev_open+0x10/0x10 [ 1368.509051][T26890] vfs_open+0x82/0x3f0 [ 1368.509088][T26890] path_openat+0x1e5e/0x2d40 [ 1368.509126][T26890] ? __pfx_path_openat+0x10/0x10 [ 1368.509160][T26890] do_filp_open+0x20b/0x470 [ 1368.509185][T26890] ? __pfx_do_filp_open+0x10/0x10 [ 1368.509209][T26890] ? rcu_is_watching+0x12/0xc0 [ 1368.509256][T26890] ? alloc_fd+0x471/0x7d0 [ 1368.509305][T26890] do_sys_openat2+0x11b/0x1d0 [ 1368.509340][T26890] ? __pfx_do_sys_openat2+0x10/0x10 [ 1368.509387][T26890] __x64_sys_openat+0x174/0x210 [ 1368.509423][T26890] ? __pfx___x64_sys_openat+0x10/0x10 [ 1368.509460][T26890] ? rcu_is_watching+0x12/0xc0 [ 1368.509494][T26890] do_syscall_64+0xcd/0x230 [ 1368.509531][T26890] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1368.509557][T26890] RIP: 0033:0x7fb54898e969 [ 1368.509579][T26890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1368.509604][T26890] RSP: 002b:00007fb5497d8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1368.509629][T26890] RAX: ffffffffffffffda RBX: 00007fb548bb6080 RCX: 00007fb54898e969 [ 1368.509647][T26890] RDX: 0000000000184b01 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1368.509664][T26890] RBP: 00007fb548a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1368.509680][T26890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1368.509701][T26890] R13: 0000000000000000 R14: 00007fb548bb6080 R15: 00007ffdd448a9b8 [ 1368.509735][T26890] [ 1370.135109][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1370.141499][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1371.853522][ T64] EXT4-fs (sda1): Delayed block allocation failed for inode 1933 at logical offset 14 with max blocks 31 with error 117 [ 1371.945960][ T64] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1371.945960][ T64] [ 1375.909480][T26994] sg_write: data in/out 3292/1 bytes for SCSI command 0xa3-- guessing data in; [ 1375.909480][T26994] program syz.2.4978 not setting count and/or reply_len properly [ 1376.051528][ T5907] BUG: sleeping function called from invalid context at ./include/linux/pagemap.h:1135 [ 1376.062158][ T5907] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5907, name: kworker/1:5 [ 1376.071352][ T5907] preempt_count: 1, expected: 0 [ 1376.076255][ T5907] RCU nest depth: 0, expected: 0 [ 1376.081248][ T5907] 3 locks held by kworker/1:5/5907: [ 1376.086503][ T5907] #0: ffff88801b480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 1376.097092][ T5907] #1: ffffc9000446fd18 ((work_completion)(&sfp->ew.work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 1376.108548][ T5907] #2: ffff8880635d8080 (&sfp->rq_list_lock){..-.}-{3:3}, at: sg_remove_sfp_usercontext+0x81/0x590 [ 1376.119394][ T5907] irq event stamp: 1108506 [ 1376.123855][ T5907] hardirqs last enabled at (1108505): [] _raw_spin_unlock_irq+0x23/0x50 [ 1376.133912][ T5907] hardirqs last disabled at (1108506): [] _raw_write_lock_irqsave+0x52/0x60 [ 1376.144239][ T5907] softirqs last enabled at (1108498): [] handle_softirqs+0x5be/0x8e0 [ 1376.154046][ T5907] softirqs last disabled at (1108471): [] do_softirq+0xb2/0xf0 [ 1376.163235][ T5907] Preemption disabled at: [ 1376.163254][ T5907] [<0000000000000000>] 0x0 [ 1376.172098][ T5907] CPU: 1 UID: 0 PID: 5907 Comm: kworker/1:5 Tainted: G U 6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) [ 1376.172151][ T5907] Tainted: [U]=USER [ 1376.172164][ T5907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1376.172187][ T5907] Workqueue: events sg_remove_sfp_usercontext [ 1376.172239][ T5907] Call Trace: [ 1376.172251][ T5907] [ 1376.172265][ T5907] dump_stack_lvl+0x116/0x1f0 [ 1376.172324][ T5907] __might_resched+0x3c0/0x5e0 [ 1376.172367][ T5907] ? __pfx___might_resched+0x10/0x10 [ 1376.172408][ T5907] ? bio_first_folio+0x3de/0x640 [ 1376.172472][ T5907] __bio_release_pages+0x312/0x3b0 [ 1376.172534][ T5907] ? __pfx___bio_release_pages+0x10/0x10 [ 1376.172591][ T5907] ? __lock_acquire+0xaa4/0x1ba0 [ 1376.172660][ T5907] blk_rq_unmap_user+0x3be/0x980 [ 1376.172704][ T5907] ? __lock_acquire+0xaa4/0x1ba0 [ 1376.172763][ T5907] ? __pfx_blk_rq_unmap_user+0x10/0x10 [ 1376.172815][ T5907] ? do_raw_write_lock+0x11c/0x3a0 [ 1376.172870][ T5907] ? __pfx_do_raw_write_lock+0x10/0x10 [ 1376.172928][ T5907] sg_finish_rem_req+0xde/0x590 [ 1376.172981][ T5907] sg_remove_sfp_usercontext+0x103/0x590 [ 1376.173048][ T5907] process_one_work+0x9cc/0x1b70 [ 1376.173123][ T5907] ? __pfx_process_one_work+0x10/0x10 [ 1376.173193][ T5907] ? assign_work+0x1a0/0x250 [ 1376.173251][ T5907] worker_thread+0x6c8/0xf10 [ 1376.173329][ T5907] ? __kthread_parkme+0x19e/0x250 [ 1376.173376][ T5907] ? __pfx_worker_thread+0x10/0x10 [ 1376.173434][ T5907] kthread+0x3c2/0x780 [ 1376.173485][ T5907] ? __pfx_kthread+0x10/0x10 [ 1376.173533][ T5907] ? __pfx_kthread+0x10/0x10 [ 1376.173581][ T5907] ? __pfx_kthread+0x10/0x10 [ 1376.173629][ T5907] ? __pfx_kthread+0x10/0x10 [ 1376.173677][ T5907] ? rcu_is_watching+0x12/0xc0 [ 1376.173708][ T5907] ? __pfx_kthread+0x10/0x10 [ 1376.173761][ T5907] ret_from_fork+0x45/0x80 [ 1376.173814][ T5907] ? __pfx_kthread+0x10/0x10 [ 1376.173865][ T5907] ret_from_fork_asm+0x1a/0x30 [ 1376.173941][ T5907]