last executing test programs: 8.92920597s ago: executing program 1 (id=618): r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/fb0\x00', 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x2, 0x0) r3 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r3, &(0x7f0000000040)='nbd\x00', 0x4) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) r4 = fanotify_init$auto(0xfffffffb, 0xffff) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x3, 0xde, 0x10, r0, 0x8000) close_range$auto(r0, r1, 0xc) io_uring_setup$auto(0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/vulnerabilities/mmio_stale_data\x00', 0x0, 0x0) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) io_uring_register$auto(0x2, 0xe, 0x0, 0x20) write$auto(r5, &(0x7f0000000100)='/d-:\xe7J\x00'/23, 0x1eb0800) mmap$auto(0x0, 0x0, 0x400000dc, 0x937e, 0x2, 0x8000) prctl$auto_PR_PPC_SET_DEXCR(0x49, 0x8, 0x0, 0x3, 0x4) unshare$auto(0x40000080) r6 = socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0xdb81, 0x2, 0x40eb1, 0xffffffffffffffff, 0x300000000000) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r6, &(0x7f0000000000)={0x0, 0xba, 0x0}, 0x2000c000) r7 = eventfd$auto(0x80) readv$auto(r7, &(0x7f0000000380)={0x0, 0x8}, 0x4) openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/inject\x00', 0x2, 0x0) close_range$auto(r2, r4, 0x5) 7.354647568s ago: executing program 1 (id=620): ioctl$auto_SG_SET_DEBUG(0xffffffffffffffff, 0x227e, &(0x7f00000003c0)="f7adf898131e1c821b6e38ac714bc4e4360f442a58d6e80304615265be903438c197110e804faf48dde709fac969cbc48c13cc9f1eea748bb712e826dcf8749751faabfe04715fb50eefbffdb8f62ea71565c71871b20f6baf09632076a5420ec3bef93a13b7e34af8aabca677b06d0df5e2938d25a93b23ef0e19ee604d65ace765be251bf1739454e6b547e47e3d9ac9a74847a729b6c13775703229766e29bccc21fb21336253b81e6bb65798a8c6bedbc6d24835466482ff1e2e052dd5d8680c50d9b92e7211b67076526bf27db0a3e2bbb14162dea4a77142cad86ab0f58b8c1260b532cfd9a0aa87c1e6f1dd817f6ce403704648a5518804d5766f8a668f30a8aba1f6634fd2889ff594089c33bef806b168dcbddd8c109e92d772c0b52a9d2fdb3207b45a8cabec575b01d6b0c59a1f2339ae4fff14cc4ce017eeb21aad4f3890c5d858f2a0ddb23d0c3bb7d8054a3777b8ae96268b43cc93b6f5b45e03f682f0a69d02533dfb1b8155045733c39953f0c9566747baaa49dd60374f65537bfa71a5407b9bb2e19ac1ab757832fecd570cf5274158f50041e10a4fa74b35bc35820a92eb2b8d88da59377156d8eb9986500a4f59e368c55f6a08198271549936b39b50c69f4590c0275e2588ed131edcff2c1b45d3746795f512b99a49a7f89a35edd918ee4206617cd6aea61859b3fd1beea20361cfce6305c28fd7d64b263e1bcf6e1acffb9fde5553d35356a8e1a88169d1f751dc9535f934ed75c19863cc2006f88a1632543dccec2cb3c75ce736dea6e68548c8a2a3a1ac83550c3f797ff033dde24377ae1446c7c3f600c392e25ec67374a649f152e44a6e71af86fee34b96d431b294c4ef3edf7ad9ea6d4821dbc78fa007b59060d9128a3c18cad5a8d33f799f442ec4a413462cfcdb79201a185b19cb33ae9a0876ba200cc92ca9cb5c7d54dd5047b5fefad838f7bdb1fcd4a63419fd9a34f1a950fe797f1996e5d39908ed9a528d256bd71b75267753e7265b5dd673b5ae5e7f2075c3d26f53d244f7f1a0b099b929ae79734f5463f0f03f415ea39a5064b3398af345d862e57aaf1f4f50f6bc7f3a84ba9e6b5596b212f8865115d29dce1acde48328acbb62f9ba62afdbe2adc252e7a0ebb19e18a353140e83e59c3288741f15379d213f536e48ec1076c026f24f638a938a04d578237def377b8334cb7b848bb6522a85316b3d83552ac3462ee9e6e7ece7a22fa78caf4b2854b2bdc33356c7b0a03003879d2454e27be92db2a2e8bcdbe83a01b3e9f8e1828f79b3107ba4bc02f947a92bb1b0e0f0b40c6c1160d815b272f911146421840a147b68931348b4ef8c97fbb433ed7b44376d3b964f72fe5455ad43b2e9d59df06f3454fcd702cc0e6bdb7af34d58cc9cd872269748202a96edf5d03dabde391f33f8a59afb0ab8c91a9b891f257249d44ace28d93e0d70fc491dc4fc6ccbb96ea8335f81dfa58cd320dca92fe9c693d718b5172d8f412c0a0c16c0da3ff8e77df4af57145748f95986fa46103d8901e79cd3df38e9f1f5c4ddb57af2508a368f14d78ff4565526196b6050fbb63f4c5d524b7ed3aad1d75e09a9d366d9eda7544d7ba0db63e21ad461a83a9274adb543b36ae41200ff43f363678cebbe7bcb3b68c4b2cf5644953f31f57a7b32da2bbf64d2f16124c26c7ff8fa0a3c0d107754645a565d6344238424217f0ff7b0b8583bc7102c8352282fc8760543d50eb40ae53e23ccf6298489916e77185abc15168fb36318a1ea48f90a46549a0e65b4e6680c20c0a0bfda4ba2b7217a09085c8efc833f5b98f6e2f1c1d84c85f4cca763d2e40319828f0bea7c63b3a9cf05d4a608fac184edb6c002fa982f915644236a4ace6476acb0b6efdc7c69921e37ea872d8e6880c3d1bb49ade9eb36507fe8a581ec37937273e53a9d409bf5a270d98785d157ca7911f4916e011263f33d916130ef1a98a18e55ff0bc40bcc213b9c8237fa3df2c204cecc737a4b8ea783309ae0e5f359311636e014a2bafb33ab8c41fc8eb70233e0d81f44076d9ef82211a742989e6ce5af78bea97d2b76799165a217aa883f434a310a2653c90bbe43d80d0bf98a43834a02c85fccfea2682af130f412f1c5b5b2056dc4932261113c3ea59042c4dfbd5dec4140b472054bee5668f2d41d8099b5724c44b4cc869b8d12710a641753a34de66e88bc8c80736f11ded00e7b538b81e36197bf159d7f6df543db5df79886bac52bdd758c7dea22e1fcdc7165ac97d746a4e5acb9157158571d7fd328648a7b9bd6e5360911a899533273a9c576a0e26f2e58613d07c15bdf82bbe553366f05e4156d1831fb298714aa17481da9dacd986115cb9e4bc508b991318f0f953bbc5d54c6b98b8917a96acd6ec01edc4b26db14968f950a866a3aa1198c820d575af9437f940224dd448064f3c16c493ebc0e81677de4046321e6b21eb785ec225e1f93b261e63eb974868b78f00b8b42c63e662fecb8bd1d336559f4a6e2480a4af236633e0e543b3dfca37881a3e9a12adde53b4af08015c342bac3483180c5bc39966ec3c3c33654e64e381a919ba5cb7cafe58dff618e277af61df3da717c100b75d00fd8705a958484f73f769882cfb3cf7231109ae39e084908fc32056c7122e95c0726c21dcee753a0bf2ec15a6d6d5cae32bcfddd50fc261776c34805acccec910c0b0d0d9501e77d7c6940ed2f07dfad9daa87404cf15f787bbfca5991bd75dd7f5ebd83af90e61f9a0fd267f7060b3eb1f0db09ff4eecb9a6539050306178553185377b60f1c0727056fc1e4beb684492f8f6616fa6b1530d5a0ed893bc194573490540ffa31ead5caa48f0f02a930efeef8ec1ea0f67706b493ca279a65309e9e8ec68aa7562e7aba91528e269363dd0dc06774de43f3c16ee899919e8866367c16a117b655a654c8874cbf7c760ea37cf82070e61f147c25d14e6a893dc7ce330688c7f576e080fb99024827ecf08f270e9ad983a14c7bc1e34f66f11f384e5365c893907fa1e257dcbbbdfbe679d288dc24f303ff1b8b812d20e41dcf5183bb22f6def2ecd3492c94ec9e90d63aba7a98a7a03d9dd457414f0fab25be555391a94aa2248ced0dd2856a1a036a2219695d015dacc10ba48ff9a4e03cdeb4247c299755d31c2957f1cf472c05fb9da923946935ae2aca5c5a6c50203615981758e217d7619bef971b734dc71f4d1e4e4bf0e0efa91d5adbdf1e5054e45f04d998807372bb77d278e4795637d8d3de29ff46e57a24b8eee6ab9006f2225e9cb40f5ba4bf8b1d800a9602c46a79a5003476c248bf82e8312eb38aad3ea8b7ac1d07689f78d99d9e1534ea0da240fc3c934a04e9bf2d84c15eb57c4da17b8e10e1647ac26a93cb2966ba5bf5ed3554d3e75654c1fcbf4ca434fa64388f4752c2b61ecc317367f770b4953b89e8bf0c183189c4057e7e54cc10e04465fd55ede728417031ffe88d11cbc0d97c0ae82ce1665d4fd33b26c50ca02e394c8c48992a94759b29efc2e6dcfe80a5a07bb5f7c1dff45a0e97183483958c722a03eacf0c5e59f47dc954260290f0693f50ae30ef62bfdcf6d6fd59139b83b10c69ae6d15143a242be9ee0b170bc8f59dc0b5a83a23d749106861770237b1e97c5c5f5e36e67d66fce4862befe4566d74c5b8a6a7bc3375729f2a905e55bb838bf02c0e0c44d4cac242f16dcdfbd33299afd7d9979b05e377306f50a452b90f019817718acb12108f81154c0f8be0080a6434ef6b2ea1dbef90be878c985f43ed8475ab8b400df77c885265916cbc4713a4f556064fbe4f3d27827c63a685e396132686ca5b48029c0af56ee5c7a9e28c8dda466d0e36ec49c5a134f8d3af00307d1a106b44dc15d373aad8a7647ce9e74872b26bb360aa9e3ddede626e2ba199be4b178b7cf2fb290183fb7db03a7910baea258986f6f1a4ab57287d53dff014651ef384811bfa7f1b63da66f610fdcb1fc3c0768e613b71c8baf9afa7056de5caaf79ccb65d6e9ee3848adf040709157247fd076a8ae69c9b1f50883a50a68dbadb40be009e5b5cd43b0a2769c9095a9b4d4a5c5835c5aa6b605c399d1a33977e0eeca3201b896622a831d988cc0f36da7be5ab8a12079aa449f422ab1bf70a2cc2c1a37a7a569b7abe3e92229b13be673985dff20246b6ff70938454f75975cc5ca1630da84db816c52081a8808395e70f531a145021c1b99fb6cd9b33e794081bfb27d178f946ed80daaba33fa4fd65c1fe07b199ae1292b05f1da1c8b5693eab35688a8fa21df6255f930799b58a58ba535915410869a756400c5df4a07676a8c15dcaf728f19d2878f43e3d5c0afc820059d1d0ef35a5d0608a952f6d7a03a8fe64fc299b1b44af97e8304ca5e99bc27159c1106c05b71818206b86210d0041545b515f08afe0b121e178a39ff72bebcab37ddd95324a3d4e95bb1ad562f8f8626e967c61af987677680292b8044d2649008a792be1c7a9ba798b72486b9638a2dc18e10efc10d029e8791890ccb2c36a8dd6effcf5b60b0c944da61713ea7535cab4ccd499b85d3e9f679781095da5f43c78f12f7e176769733aa7922bad589a1e2c24efb2e6f59f32bda33e5bc8e78719d9bd689a05651d62faf72d2963014d3e05b9062664f851cbc9e8ec5a6e84a18526c9bcc9a062990618fb3fc8a0df74ae9127dd135f064c07b640812e40bd05df94a740fea2c2215c934e6dc9151ced4525f7a462e08e77d5077f16a5ecc614a1d596b7d8fa2311f613d1d65424a35dfe5cbc396d89b285c85ae4a6ebf725cadb425303a407193e75c178b805161f705bcf685ca09624a444b6a8e5f526c97ef0cfc1fe2a6a82261e6d707882a3c6f2ff6de9181f765288be808487caa383300d670f8daa0b715864492f964ba803816b2c323cd120c032766d56f0b26124d19e007a674ffa0496dba99b2f0f083a592447f25752165930f24f49ee7ca79304242033bf93fceb284a5eb4bd6b1e9a8b01943048d3484407400e1ea58462f8e14f405c7ff5a6f88ca6b3136eb8b70ff7bf3d6471d38ed0f43196ac8116d803e9890eb2f996a315d3d74badd4894a4be4e7488dfe2e8f7d7dc48c483bd39b1324aeded40a47133f9c29adbcd85541223e9f3187b4bdfe59b6299fc96c2f1e880c634f5515e0c3c9bee3bcfb5b1d84b88385d27b5490dc700d7ca32d73a4871679422cbeae028106af39741422f99e252e6b1a6aed42d9f27a565b036a04552510b40fc9fedf378e72e444b191980c07de916c6faf7e6b3d62d107e926c23762b6ff48b164870e7f65fd8142b9f9aac393680a622a0fc6717ca96e619f7c25414ad39d73e42efbd0d2cc6497a574b55a7f1d053f2fd06426d3a152ef71602e891861f181260eee54d844e625328ff9a8c3a60c24f62852e587e44e442cbc5ebb3c60a05cd2894af8543ee928d83e7f721215bdee65d08c4248818a89f9ad70d155be94b12803939ce068cba971aee4d8412a67e4fa7f3f74fb56028a1736e9e2b75558ee515520975fdf14df921d0e83369d9b2c7874f70fd175344e29abda9a88183d1369f762fdcca0bb10f698c1745baf49d1118e8108dba6a88aca1fcfa2d70401d233d765fbf88e3831679eb7a3136d6049377881cd56cdd8eb9d88cdc6e320e47013b68799b32449bfee3ce1a7be8667a561fabbb2b41ca67737e0b329c4532a089c9481fc8fda19d6e443331840a8ccb5935a71848f5350fc5258f7f567d62c92e92b51cc8b1cc0f92b1973bfe444a43e5") mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) preadv$auto(0x40000000000003, &(0x7f0000000240)={0x0, 0xfffffffd}, 0x6, 0xc, 0x1) r0 = socket(0x2b, 0x1, 0x1) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, 0x0, 0x20000001) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001480)={'veth0_virt_wifi\x00'}) sendmsg$auto_NL80211_CMD_GET_MPP(r0, 0x0, 0x880) munmap$auto(0x8000, 0xffffffff) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f00000000c0)={{0x0, 0x6, 0x0, 0xa7, &(0x7f0000000180)="bcb9c371f46d0d9bdb06c4837f6392975c3dce07fe23702dd7346a3e7774e8881be6660ef6514d314dc7c2a7b07582635940668ee4020f9bb4b577322dbddb1dcc92fbad285a54e448c0423f71bef721ac0eacdf0e2184faac074151ca1655bf5e8814d73eeff0e81576aad5aced3625f066f3eeb4e7d741b11edc7a", 0x8000, 0x1}, 0x8}, 0x1, 0x100) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0xff, 0x0, 0x1, 0x3}, 0x7}, 0xb, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/traceSMB\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(0x3, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec2\x00', 0x101000, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000140), r2) 6.790632685s ago: executing program 0 (id=622): openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000180), 0xe2bf528124bb75dd, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) write$auto(0x3, 0x0, 0xfdef) r1 = socket$nl_generic(0x10, 0x3, 0x10) mseal$auto(0x0, 0x7dda, 0x0) unshare$auto(0x20000) close_range$auto(r1, r0, 0x9) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') setns(r2, 0x0) unshare$auto(0x20000) pivot_root$auto(&(0x7f0000000040)='..\x00', 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c72b7cc06d46052f12bedb7048bea1dd70000", @ANYRES16=r3, @ANYBLOB="810b25bd7000ffdbdf250100000005000f009a000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20000084}, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) sched_rr_get_interval$auto(0x0, 0x0) fanotify_init$auto(0x6d5, 0x3) close_range$auto(0x2, 0x8, 0x0) setsockopt$auto(0x3, 0x1, 0x31, 0x0, 0x9) 6.030460885s ago: executing program 0 (id=624): openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x34, r1, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x1}]}, @NET_SHAPER_A_LEAVES={0x4}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r2}, @NET_SHAPER_A_PRIORITY={0x8, 0x6, 0x7}]}, 0x34}, 0x1, 0x0, 0x0, 0x2004c804}, 0x14) r3 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) mmap$auto(0x0, 0xffff, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) recvfrom$auto(r3, 0x0, 0xdd, 0x8, 0x0, 0x0) write$auto_seq_oss_f_ops_seq_oss(0xffffffffffffffff, 0x0, 0x0) openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000100), 0x20000, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) r4 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000000c0), r4) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) timerfd_create$auto(0x9, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/pcmC1D1p\x00', 0x0, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/slab/kmalloc-64/min_partial\x00', 0x501, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000200)='4', 0x1) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x2, 0x9, 0x2, 0x6]}, 0x0) close_range$auto(0x2, 0xa, 0x0) 5.507617901s ago: executing program 2 (id=626): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) read$auto(0x3, 0x0, 0xf34) write$auto(0x3, 0x0, 0xffd8) bpf$auto(0x0, &(0x7f0000000280)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) r0 = socket(0x12, 0x4, 0x440a) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20b42, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000040)) socket(0x25, 0x5, 0x0) sendfile$auto(0x6, 0x3, 0x0, 0xfdef) openat$auto_rfkill_fops_core(0xffffffffffffff9c, 0x0, 0x400, 0x0) io_setup$auto(0x80002, 0x0) r2 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x20400, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_FORWARD2(r2, 0x40084149, &(0x7f0000001080)=0x7) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, r2, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000900), r3) sendmsg$auto_OVS_VPORT_CMD_SET(r3, &(0x7f0000002680)={0x0, 0x0, &(0x7f0000002640)={&(0x7f0000001240)={0x20, r4, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@OVS_VPORT_ATTR_UPCALL_STATS={0x4}, @OVS_VPORT_ATTR_PORT_NO={0x8, 0x1, 0xa6fa}]}, 0x20}, 0x1, 0x0, 0x0, 0x4810}, 0x4) socket(0x11, 0x80003, 0x300) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NFC_CMD_STOP_POLL(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000001240)=ANY=[@ANYBLOB="44000000b005340aebe5fa82cc2cfe070efe7393c78775a7fbd06451a308b2d75dbbc9314b37f854d5b05ee476d92d1c76c634d55ec71ff7edaeb9bf870880443128469ecac1b937af2434186513ea1de2def6266f268232ae88a517c5deaaa2de423a78b504169c1bebb902000000604ce722008ad319166a88d492ae3a921f7fc0d05390e545cdac589a1717", @ANYRES16=0x0], 0x44}, 0x1, 0x0, 0x0, 0x20008050}, 0x4048041) sendmmsg$auto(r0, &(0x7f0000000240)={{&(0x7f0000000080)="a2c782f68bb0d392f32a48f96e28abb3769ede6d7f131365c9bf1e4f0e9122feeeccb2d150681f9006a5", 0x129ce85, &(0x7f0000000140)={&(0x7f0000000100)="8519ce563e075ecdc41e529a3f293e7509fb68e67469a3a26ae0f8e6f686b0f704140a1586c340da3291a44b173edc74ff7de16b4793848fcdd3", 0x1000}, 0x2, &(0x7f0000000180)="994aba0aaa2ae312110d22e3d2c51e9cdaac21bcd81ef637609c28c57e0c0281140cff4c8467ed0c869b5de11f7dd39e5db8fda8922554e9870c8b3f995a092823a8a83b9800b6ec9c98ec41095602fe8adde2e3bd14f170099f1ebfc269fd77080d991bcb7a727be081ab4ad1084db8bda7ac480f1c4f737776", 0x80000001, 0x4}, 0x8}, 0x809, 0xff) 5.476503547s ago: executing program 1 (id=627): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/cifs/LinuxExtensionsEnabled\x00', 0x842, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/nbd2/mq/0/cpu_list\x00', 0xa0440, 0x0) r1 = socket(0x1d, 0x5, 0x88) getsockopt$auto(r1, 0x1, 0x40, &(0x7f00000000c0)='\x05/\xc3:\x00', &(0x7f0000000100)=0x7) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)=""/64, 0x40) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) adjtimex$auto(&(0x7f00000004c0)={0xf332b6c, 0x0, 0x0, 0xfffffffffffffffd, 0x4ea, 0x1, 0x6, 0x0, 0x1, 0x0, 0x8, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x6, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000500)='/dev/video0\x00', 0x0, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) read$auto_mon_fops_text_t_mon_text(r3, &(0x7f0000000040)=""/64, 0x40) clock_adjtime$auto(0x6bc8, &(0x7f00000005c0)={0x7, 0x0, 0x8, 0x8000000000000001, 0x7, 0xfffffffffffffff7, 0x6, 0x0, 0x2, 0x2, 0x1, {0xf, 0x7}, 0x82ba, 0x7ff, 0x59d, 0x5, 0x0, 0x8000000000000000, 0x100000000, 0x6, 0x9, 0x7, 0x1000}) select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x200000000007, 0xd, 0x1, 0x948b, 0x3, 0x7f, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x6d3f, 0x9, 0x9, 0xfffffffffffffffd]}, 0x0) timerfd_create$auto(0x100, 0x150b) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x100) socket(0xf, 0x3, 0x2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/LookupCacheEnabled\x00', 0x7, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 4.375321301s ago: executing program 0 (id=628): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xde, 0x10, 0x401, 0xd) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2, 0x1, 0x0) epoll_create$auto(0x4) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/vm/dirty_background_ratio\x00', 0x80000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) sendto$auto(0x3, 0x0, 0x18, 0x101, 0x0, 0x1c) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0x101002, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0) sendmsg$auto_NL80211_CMD_ASSOC_MLO_RECONF(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1883a941", @ANYRES16=r1, @ANYBLOB="200029bd7000fddbdf259c00000004002101"], 0x18}, 0x1, 0x0, 0x0, 0x2001c047}, 0x80) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) epoll_create$auto(0x4) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cpu/0/msr\x00', 0x216fc2, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) fsopen$auto(0x0, 0x3) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) 4.375137039s ago: executing program 3 (id=629): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/027/001\x00', 0x80, 0x0) sync_file_range$auto(r0, 0x0, 0x8000000000000000, 0x2) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r3, r2, 0x4, 0x1ff, r1, @relative_id=0x13, 0xe600}, 0xf) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) listmount$auto(&(0x7f0000000080)={0x2, @inferred=r4, 0x7fff, 0x0, 0x3}, &(0x7f0000000180)=0x8, 0xfffffffffffffffa, 0x7) r5 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r5, 0x0, 0x3}, 0xc) readv$auto(0x6, &(0x7f00000000c0)={0x0, 0x1}, 0x1) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x22000, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0xc800) bpf$auto(0x5, 0x0, 0x4a) prctl$auto_PR_SME_SET_VL(0x3f, 0x8, 0x0, 0x7, 0x8) close_range$auto(0x0, 0xfffffffffffff000, 0x0) prctl$auto(0x34, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f0, 0x15) r6 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000100)='/proc/devices\x00', 0x40002, 0x0) sendfile$auto(r6, r6, &(0x7f0000000040)=0x8010, 0x788b) 4.119261144s ago: executing program 1 (id=630): adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000080), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/dev\x00', 0x40100, 0x0) pread64$auto(r2, 0x0, 0x10001, 0x830) write$auto(r1, 0x0, 0x100) read$auto(0x3, 0x0, 0x80) unshare$auto(0x40000080) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x48402, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4000) close_range$auto(0x2, 0x8, 0x0) syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000001c0), 0xffffffffffffffff) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRESHEX=r1, @ANYBLOB="010026bd7000fcdbdf250100000008000200", @ANYBLOB="080001002e53520008000200299604044fd4a51b3fe6069c9828ee7b3a5e16ba6775e89c1262b0563d7c891b267fcf6ddb51c53725c0c3f6a943674a41ccec006a142932a4d7289ac6f2c824c09ff3119ea2cfc72b15d43e993d3c327652f1a5427b014be7d9c98d988e59c0c0918d4e09077ad2be00371f57ba208c7301a71c72390bc3c511734141cb81bcc13a2df82cd95bd7", @ANYRES32=0x9, @ANYBLOB="0800070004"], 0x34}, 0x1, 0x0, 0x0, 0x20000800}, 0xc0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 2.817998163s ago: executing program 1 (id=631): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000002400)='/sys/devices/virtual/mtd/mtd0/mtdblock0/ro\x00', 0x20000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sysfs$auto(0x2, 0x10000000000002a, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) getdents$auto(r0, &(0x7f0000000100)={0x800, 0x6, 0x3, "694e35b9d41e181fcace6c00f28fdeb373a62873d9b2445d6f402374b30e6d89639b814a9306349576d6d59f6aa6b148bf30c1824e5867e9fbda6ba5356a05656ee3ab77904f800377786443351f953c2c3fc10af304b60e61b4f2ed74a3a55bcbf31611f6cea89dcd64277a4843d59dfc3b29c22050a0363c8d6d764d909a5620ee11fee823ee520398b761473fbe3adb79722e16dd4cc19af5ab19ec35df6439f000381eb1fb0176d6aa8de2d080e629f53833d92f7752d4d9755f42a330d234a94ae0e43636d168e6c6b277019f60d59732699fe3ec"}, 0x4c3) close_range$auto(0x2, 0x8, 0xffffffff) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x3c, r2, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0xc, 0x3, 0x0, 0x1, [@nested={0x8, 0xc, 0x0, 0x1, [@nested={0x4, 0x3}]}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f17790485908286dd"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x50}, 0xc800) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00', @ANYRES16, @ANYBLOB="010027bd7000fddbdf250a0005000700000000000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) sendmsg$auto_TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYBLOB="01007050a7f82fc634b10f00003460fac93497d76d"], 0x1c}, 0x1, 0x0, 0x0, 0x40010}, 0x2) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4002, 0x4}, 0x77, 0xfffffffc, 0x0, 0x62bd) r3 = socket(0x10, 0x2, 0x0) madvise$auto(0x80000001, 0x101, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) write$auto(0x3, 0x0, 0xfdef) write$auto(0x3, 0x0, 0xfdef) select$auto(0x5, &(0x7f0000000080)={[0x20000009, 0xfffffffffffbfffc, 0x9, 0x5, 0xc, 0x3, 0x3, 0x1ffe000, 0x2, 0x2, 0x9, 0xf, 0xa657, 0x202, 0x6, 0x1]}, 0x0, 0x0, 0x0) setfsuid$auto(0x1) unshare$auto(0x40000080) madvise$auto(0x0, 0x20200, 0x15) 2.817244573s ago: executing program 2 (id=632): mmap$auto(0x2, 0x8, 0x6, 0x2000000d38, 0x2, 0xfffffffffffffff7) sysinfo$auto(0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000100)='/proc/kpageflags\x00', 0x2, 0x0) read$auto(r0, 0x0, 0x10000000a) r1 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0) ioctl$auto_RTC_RD_TIME(r1, 0x80247009, 0x0) mmap$auto(0xfffffffffffffff8, 0x59ab, 0x20000000002, 0x1000015, 0xffffffffffffffff, 0xfffffffffffffffd) close_range$auto(0x2, 0x8, 0x0) r2 = io_uring_setup$auto(0x6, 0x0) mmap$auto(0x8000000000000, 0x6, 0xdf, 0x19, 0x2, 0x8000) r3 = socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x40009, 0xe1, 0x9b72, 0x7, 0x28000) adjtimex$auto(0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xd}}, 0x6a) sendmmsg$auto(r3, &(0x7f0000001300)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0xfffd}, 0x5, 0x20000000) newfstatat$auto(0xffffffffffffff9c, 0x0, 0x0, 0x1000) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) capget$auto(0x0, 0xfffffffffffffffe) write$auto(0xffffffffffffffff, 0x0, 0x73) semctl$auto_GETNCNT(0xc, 0x1ac1, 0xe, 0x3) sendmsg$auto_NFC_CMD_GET_DEVICE(r2, 0x0, 0x55) semctl$auto(0x9, 0xc1b8, 0x4, 0x1) mmap$auto(0x7ffffffd, 0x2, 0x1f60000000000000, 0x9b72, r0, 0x5) sendmmsg$auto(r3, 0x0, 0x80000001, 0x4008) socket(0x1e, 0x4, 0x0) 2.817104886s ago: executing program 3 (id=633): openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000180), 0xe2bf528124bb75dd, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) write$auto(0x3, 0x0, 0xfdef) r1 = socket$nl_generic(0x10, 0x3, 0x10) mseal$auto(0x0, 0x7dda, 0x0) unshare$auto(0x20000) close_range$auto(r1, r0, 0x9) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') setns(r2, 0x0) unshare$auto(0x20000) pivot_root$auto(&(0x7f0000000040)='..\x00', 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c72b7cc06d46052f12bedb7048bea1dd70000", @ANYRES16=r3, @ANYBLOB="810b25bd7000ffdbdf250100000005000f009a000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20000084}, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) sched_rr_get_interval$auto(0x0, 0x0) fanotify_init$auto(0x6d5, 0x3) close_range$auto(0x2, 0x8, 0x0) setsockopt$auto(0x3, 0x1, 0x31, 0x0, 0x9) 2.816590596s ago: executing program 0 (id=639): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) capget$auto(&(0x7f0000000000)={0x19980330}, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000002500), 0xffffffffffffffff) mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) epoll_ctl$auto(0x5, 0x1, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, r3, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80) r4 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_DEL(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000500)={'gretap0\x00', 0x0}) socket(0xa, 0x23af690fef30229, 0x9) sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, 0x0, 0x140080e4) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x807, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x8, 0x9, 0x80003, 0x4, 0x200000000001, 0x384, 0x9, 0x8, 0x10006, 0x400007f, 0x7, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84}, 0x1fa, 0xd) r8 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000000c0), 0x2802, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r8, 0x2, &(0x7f0000000380)="dcbb5fd7054bed139fb7f9fb1dca8fe1d88f65ee057c0e6faac40d106e4f0d52edf6e31c48e8d983ae3431fa707225c2c387e1a200b38759ba8e9187200e6d044ef46a534de751b1436f20ed7071b254509700aa726ea003a1b7b9ce2313756dc84bc4556ddac694c4553d72ed13a885176712c9cff968f74bd1d14ff734ad08e60cf7e7a7dd07d2b6ca9cb21ddaae68d2969afcf6c734f6ee1c63b1c93abf32264f9ec022b64c903276298739ee8ae7ac1fe14534ad54004f39ea1b99964702554c1494e1742baeae527cf3007d50fc92e924f73b6288e5d9fd071d2fba76b2fabd3faf5229f4c3168226346e3087026d3d2c8aed398d4988971e05ff0ab9f5f2328e7f51d5061584b44581a4c83e413718d3a82f87daf87d1d5a2c32fbaa58f095fbf34ccc603b632155c27289cb5598049a7c9160dfe8a01d5a1983408082941eb39db2a09c5a34dc876dfa58a589687aa0cf6be7b5b084a8f753758332896ec3adad7a79b751908ee2b3d25131f44185a0ed8d20e9b6b8a1ed11402b02e544b67caf3177eda039e64aaf295eca7953c165fa73afca96d7750663711101c6e14e44817c6ad4b1474132dd441ca5c9d7776c871ffacbd96910496cad7010b9b526135e84") ioctl$auto__ctl_fops_dm_ioctl(r8, 0xfffffff7effffd05, &(0x7f00000001c0)) sendmsg$auto_OVS_DP_CMD_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x5, 0x70bd29, 0x25dfdbfc, {}, [@OVS_DP_ATTR_IFINDEX={0x8, 0x9, r7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000c000}, 0x4000024) madvise$auto(0x0, 0xffffffffffff0001, 0x15) write$auto(0x3, 0x0, 0x100082) 2.414862901s ago: executing program 2 (id=634): mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x400, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000003680)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000048c0)={0x0, 0x0, &(0x7f0000004880)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010029bd7000fddbdf254b000000080009000500000008000300", @ANYRES32=r3], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x890) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) pipe2$auto(0x0, 0x80) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x10, 0x2, 0x4) r5 = socket(0x2, 0x6, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0) write$auto(r4, &(0x7f0000000000)='-\x00', 0x2fb) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x40000, 0x0) read$auto(r0, 0x0, 0xb94) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/class/zram-control/hot_add\x00', 0x20800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f0000000ec0)=""/4096, 0x1000) r8 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES16=r8], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.005317086s ago: executing program 3 (id=635): read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000b40)=""/4096, 0x1000) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x401bf, 0x7352, 0x3f, 0x8000, 0x1ffde, 0x7, 0x2, 0x4, 0x9, 0x3, 0x5, 0x8, 0x3000, 0x9, 0x6, 0x10002, 0x80, 0x3fc, 0x0, 0x7, 0x1ffc, 0x203, 0x400, 0x84}, 0x1fe, 0xd) modify_ldt$auto(0x11, 0xfffffffffffffffc, 0x23b94) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) execve$auto(&(0x7f0000000140)=':,\x00', 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x163742, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000640)='/sys/devices/platform/dummy_hcd.1/usb2/bmAttributes\x00', 0x0, 0x0) ioperm$auto(0x7, 0x6, 0x80) sched_getscheduler$auto(0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000002140)=""/4120, 0x1018) r1 = socket(0x2, 0x80002, 0x0) modify_ldt$auto(0x1, &(0x7f0000000380)="2eb72460174f198d927c1d6950552960602e58ce01e5f402d93a9064574120c200052676a8fc9e0add177f0ef9a91b775f72eb33f1d1163bc33175dca7d1c105f706cb89f04bbbb8cf56699b1ed11546839b042d60e80ea8f4493d0c55aa0dee3517b3c3a381c7c1d54369c460a29fe09c1ab9a2d2073c6cfd0d122ae9", 0xff) setsockopt$auto_SO_MARK(r1, 0x0, 0x24, 0x0, 0x3) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/reserved_size\x00', 0x400, 0x0) getcwd$auto(&(0x7f0000000040)='(\x00', 0x7) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000080)=""/222, 0xde) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008000) fanotify_init$auto(0x5, 0x2000000000002) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) utimensat$auto(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0xfffffff3) ioperm$auto(0x7, 0x6, 0x2) mknod$auto(0x0, 0x20e9, 0x103) unlink$auto(&(0x7f0000000640)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00') mmap$auto(0x0, 0x8, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x40, 0x7, 0x0, 0xc70010, r1, 0xffff) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0xfe, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa51f}, 0x800}, 0x7, 0x4008) 1.819585125s ago: executing program 2 (id=636): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) capget$auto(&(0x7f0000000000)={0x19980330}, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000002500), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, 0x0, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_DEL(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000ac0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYBLOB="14e45eadecb6637b6e9276e6aa560b3398a867480f9e8a8fba70bec53d21d622b8d0df69b467e4b149114a6ac9b84da71c36a9e49e00cb6172539ae3ee7bc9c59ee6ca8e096a76c0f58ba7ee731e9717c00c6a773474041832ee988cd511375a11f8e7ddbd8ae04967a4c20a82a040de95a37e419fbe46222511bea6bc969aace721985771a7f9a1bf3d66fd85a6153e195b23a5b01b42bd31f956dc64197bb40b32f5257cb2b8cef81bff9aa9e4a11e8403e184e79fc9e7bec6f3de6096bc10b1552c3a1066e2203d7811c5bfd578a4c532492eb3bb1faa1652ffabadbf51adc7d81890a2e094f5575b711469e7b24ee765da0f300ebd33ab861b9c3a622313f316228417599c5d5d251475219f6d5dc07b90f6d68a548cffb966828255dfda40f684526526fa8be5c8e4e9faa61aa9f6645d8352f15d3fcb9c81b7dc393c08410471f5e3d4f5b6841bf53390a5045b631d63005b1f4e3f4b9832b089788f859b06502285843dfb285c06af53fb740128fe604f1d3882559c4230f0ea06cf72eef4ab741fb0832f481b4284e8b918dadf392634c678c84a649215170a0aae1c6f005989f31431119dc64a8b908d624da105b5089a8a9a160545fe0501b2f46bd169ac984f49777b03242f3985c739270de191849e772ea9fd9634b8edc569ecb8ca25b4b26071e223caebfccb0f36744431bfc021f289ebcd459e56f9205290e7f5cc03574824fb533ec7250fe30270f5519cde841a612ece1dd2c4b017d75a9f7ea92794f8dfacd4aa9804d3809e4fe695df97ff4424c01ed38ee1c702ccd14175070558e20bc9f5f704d20cf1b6af7f01fd8cfce2958ed0f02142e153661840c2ca50b7bf9abcd2c27edc0795ac282d034e5fc10f13f76be72143d12a1d2dd1086815b701e9cb67e6adf9a937aeeba997d84a74eb11f682e3fe3100b27eb6c1aac8309e3c39bed50c808835a1216f28d9788efef72d64ff3653209cc8e7734588e373927bd302bac74f81a54190890f4fab4b57956b9c8cc1caebcf1f742049a539032c9819eee66493ba5f03048348dc6fd5d0f51ea3dc7aa7501546c342a73a563b73dac18107cddf483b9a3fd793c879b3a22030e3c1461d27bcccf4b4c6218bac44663b9fa7dfe2919a28bc9c8de8ad5ce3b4a2f5ffd35546c4242e6528fe25817894397b1c8fe7f7c97a51b4371c8437141615b74f10933f352f05a9c5a28615e69840f3b4e46542e14fb02694d0b8a1da0b4b997538450131e670ec1fb255b486bc9af9c050d11ceaebd314922f8bba061441b468e89e8933e640efef1b8dbb1e6aa2961178168ed7050de2d425ab234fed7c855607bd0a01c526bd7578fcfd123bf356c005e6a61c11ca1072a6d800ab15d06f44eab8398875b47f7ebac3cafcdac4b4b7cf46b3a5e8f9545a6fd9ff7bf5e27e80fb7b9ec40d1f7383a26562e90207bc6a260537de789465475c42f1c50df0c6c606d3e1fb2f0611403f61c8fd199c3407f17fa2eff5f3019557a62a2473103836dc98d05703157467b29d60bd5596c6c0ebd02155fa997297e7bf4774017f07c0bbe6e1181b0a38a9031fdb80381169f51736a32237a0fafa62800b3048c70e1086a9165ab9aa50a53df84d99b9b820440e3c1982cf365681fe4955f8aa7db9cd4e32981fb6bd15899934e39d12dd36ac6cbaaa7bea95c0f1eda8899eb4f8728632baf8e13d1d4da49f7563e2e9a94e48d5e3c59faded54c0c4d8bd0d26335f3de149b7d13a3f9c19dabb900295e13756f2e4617137605d16560438b50dd04797b5004765239ebbfe229f783cb5b3b78b0184b13fe67d484dfc30645a176606f2bd47a200c5ebdaee2bd0d56c9910ab8e168778228bb91560ec8bb85e69b528f6d2dc4fc164163ca7ce5bd2c23e61f69dc996f7d45b865e50d6876e56dcf87240673be568193d40adee223221368387d4a003217b58f39e0123b6c2fcb11cd3b0133ff26f16ec661b860fc4726be86feef318433f16563839529adb013cafb8f49955013eb1355e55a67fc2e932259948b546fb13706af4310dd149fab3c92d4640abefda80935a6278038e22dea7ad56ec759c479263b11e5d40506e2e831f868dd715ac10990c0616785f7aa81ff4af0efd33a3a44ed1cba495c1a5434a4920f47b1847b1275078a41223a357a4e1bfad43d84c730573e0a945ee65b83a09bf490b857666a3f3c04afa43a04d6d270cd86463b4cad65e80c72c7bea3c085596465010edd70b37cf24b68793231d6df73c868137bbb870ac80ced7c7a5bce2f219675b05f3cf0a00b63971715d986299469f195efc7f859defdfe84012fc4a8da781fe51816934de62ebb4db98e524c430b52fe7621882bdc1b0333782a41e4b86c46f47558bbdead6b3573097036fa3c4baabfbd723cc4514eef4c3693ae6552f965e161ea914f751e952810c1cbf447ce3ce277a7a8ebde28333d7eaecb8330003cf55f2e209ef16abda0a274ec72ec3a659e4e2671b0b506c7109f761ec42e1a71cea60b9d76b008832d3837af6b6da9ff702dc71183e202db0d79bca2b1479a5251569c1aa12560c27d80f0782dfa30eab3264ba64b899080869d4adab085590359df366f0393c572e11cb745f477ba7c1474e34218ed45d6c95636ab522f883eca5d676b7924bf90a8c7a5c47e376caa741823c1c07301b9488d8638b1fe0e89fdf4ad76db06ec44b8150be8a601520a48a0a96c920691b4a1d91c1dcf6a17f7793fd9fbf5119947371997841e7e17d98cbcdb3db9472450a33280a43d7deaa23c53918d1ba68460f2a47f00f86595011b60abcaa37ae13e5039edfccd2846f53e414e09614cca6f59ebf59daab4b4342e6ab2a1b5c89f2ac16badf426083c4e40a1a40bcc28b1255a42f91aaa189ddba8d5554eae43d4982e59db0c13761ca79779637d39141af508e7f4821188915edb8791bdf0853a77b565b2e8e10b6b8babbcc71c07b30f882b088c85cb9068933d9ecc43194cefefc725b159453c394ef736e9eadc5a0f700c43945296266d1cf5faa495761d83a5ec3c7841c90effc400de575fd670273bce2f6ff6f6484439c69b6a85734dceaaf878aa554d1b0250e7b954266eed6f0ae6d3afeb9187c23b7324c6e4b401ff05b182e7c6b5a4f3c828c9ad8b392cee3b767cc8aa38a76f8081f44beb6c09950862227917eb70758a1921f3e9a0d2362ef7ee9c2a4fc88b356b6fd979e58c500de7742dda5616fbb8a97716815f20fe02244192982071b2fc0bc2ee786d0b07fd6bede15e6d937e7f4d936694b3bcd8fcb8e025cf53e1a2ff2f3f224f5b61475863b7b377c211b586bdf9b830af6b32db1a2a4225c51b7109d9d22e77c11e7a2027911750b3e6123739392c330311c01d27fed52cb6ff3ba97cce587dccdf351cf9b8e6459a3088be73921555cae6d00126dca4a63bf9f9a2ea4c84a2d966f0add908fa108c5f4b9e190d0a6e1948b0bfb7afbe9ecd079726d5dafb7d03a4b438512d7ef21b29c69c88da9030097392a7cd675765fe124f77e05c8b7dfe4ae626c8fcb58aa837215d752f6b16e2585e5d2d7e1b2f293d7abe2ac29e95e04296d7f813fc5b9457cff475455bce8b7ec397278f084c586de0886584b4dfd873819144b4e5d0061b13ef4f9d5ffa1ee17c0aa1dafed9b3f29489efe96e1a0f94fb392696ece2f79ad6d1407d48839c15c0a14459455e2c8655d3e170ab7df93e960446c82e783e0169b1ab7dedeaa07233d46310abb17941c1cb1c9e77da86d7a9fe76f2fae892c396c312d04b9191e7d44df4ee4b07ce3b9f6446155005eaf55e9566e9c585a1a775a55fb1589c55e8ff1ba6658ec5b0f4e2793cd55023ab092887e578f8f3daf6468e5dcfb5c7d71314b08bf58015287836cc873d70164d8d198ee445b91064fde6505637bc51ee2586a44638e3bbc2ec70f7f8efb4ee64b0f346c5c7d3583a3b9e62678ee90d735f4d8daba7ff9de3668333293c2a1fc08a74851a0f45bde15c361942131ffdfcb6bef81e1d6f1e87759ba5e39b78cc03b3e9ee3d1ae2da4a397cbdbbe3c31efc35b3e327c2b12cbb72d0423119e72e0ffc13b8257233ab75284eff5b07f1fa9ee740ca45e9504ee9e10d758499e64af5a87fafb2446f0944e7c10f5e83233b976fc462ee9cc25eda45c2c602352f96f2d94037f5a8561d1983b24d5dfe45ff711dd078cfa90f9aa112a14f778e3929aad00916bcbdb642abc32c2bb2691853357b264076ba95bfe306afb35cb64d82a71c200e79624b2a45b136aa6e9c833afd2d8e406b98ebf51a6e90c09cdaea95c8dec35fbd4049701b0e8a89f4f34dde272560baf68466906fc152644d630bfca23787aebb2aaa0ab7b9f30c1dc96c3383633241fc716543d030c41675cd811e38e2dd87e4d3980745a8d310d55ea26b145201176c483a1c17c4e7a7705a79a351930dbbf7241e55847b7745979ce862acd3834b372dbe8c0955a0b4840fd7da7e2088957f2bc9666a0dd04d02d494052c71a3117ab12e230be971a0e8bcad32c082a8faf9cb8fb9e9a12713334ac8cbacc38a94914b0682a36f57a3be096c3f3e17122730ee213d9c1ad44ccd5578d99beea47c27587f2f847d9e38ca3a339f2aef799d3371a3387389c9b2839847df7a7b5a24fcc46a0955e5157cbfbea26e305bc2f52a212e9d9c8003f081f567308eb7fa69c53c060a650d87b76f4516f8d75fad4623ff883196a65fb034033ad31fc6e803943b4fc282ee768a498ddfb9c0ace21687b591da31b6811a5e222f7f33cf9723b0d88f5af3b6a0cbf08a4d171c0798d6df3fa06447a6375f366957fd02af10b953f6b201bc07ae9071c1acb8fd1168ad5a8cebafd84f7ef2c7940dd4813d18a6b2ee4a40dbf5a3c3d88b9097c9166fd02c6d8b785c78973d84abcb99687465c0bdbaf83b2cb9f3683d1a78d8b7c07ba006c4e68bbae26eb2abb0040b268ed16810913d0b2ea98058e6b3907e720b8e66c09661c417457ceccbed65cb0eff42583a05c07d7e464fdbf7b32f3ab8cab34fdd42e1838d1832736af5be238c10d4829e29bbcfa03ddf7b8ebb1f121097dea7277b8eb1dd81394a1077985c740d901400b9af7b484659ac667185d1ff3fd56175df659573b998e516ccc8dce75efd4daf63aaac38d2872df538c7e84df72f44640a48aa697e4095cf4e58643c8cb28f6b45d000359a1a74c23255fa348a4ddbe3fe0169bbaf13cc69edf5301c2f63652ebfc0bbe0ac55e4b058a246b76eb50d7a4af59ff9af1679128ae6a4e9da2dcc185679a33d442017880e5f2d3c76205ce4dc007cb693ff8af5258d15ac4b1bb2ddc550ffd16b96e2c2838a822baf245083da079718fee6932d7ab8cce0151cf917eec96dad98f655a96920265da7ea4c23b9bfba2ea5698326b07edbfe335f448ae3d584e2e4cbe07cc734ec3aae381570bf6757ea848aacd0f784baf0b50405ffa6ab032f6bc9f3745416c34bed9ad395a3f2230511f8ed44ae41005d4964c225efe8bb7a99364893c93b0938aa44176ede01373c4cd309136c7946a04860e4806a04bda7f135afeae6373fb3d9d2e68ee37766a6955a4e77fd1565c11c9de21723c0845832395d4a49a7b5ed0e45eb1ab09a027271c6a416dfc7d6064e8265e609a5e9469a7b17035fa202bc72a10cfbb8cab14974935670dffb51cc4d3f845396ddcc846534714ca1de7a3714e8663fb975293f505e5e86c0581bbf4455d73ede2ad39cccc2cf2ece0281d35ff54966a35715e644c67b01750288a", @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000500)={'gretap0\x00'}) socket(0xa, 0x23af690fef30229, 0x9) sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, 0x0, 0x140080e4) mmap$auto(0x0, 0x40006, 0xdf, 0x9b72, 0x7, 0x28000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0) lseek$auto(r3, 0x0, 0x2) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x807, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x8, 0x9, 0x80003, 0x4, 0x200000000001, 0x384, 0x9, 0x8, 0x10006, 0x400007f, 0x7, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0xd]}, 0x1fa, 0xd) r4 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000000c0), 0x2802, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r4, 0xfffffff7effffd05, &(0x7f00000001c0)) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 1.733837839s ago: executing program 3 (id=637): r0 = fspick$auto(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0xdc9) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) ioperm$auto(0x7, 0x6, 0x2) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r1, 0x0, 0xfff) mmap$auto(0x0, 0xbb, 0xe3, 0xde, r0, 0x7ffb) sysfs$auto(0x2, 0x7, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/orangefs/slot_timeout_secs\x00', 0x102, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r2, 0x5453, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000002040)={'veth0\x00'}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r3, &(0x7f0000021740)={0x0, 0x0, &(0x7f0000021700)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x800) sendmmsg$auto(r3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x7, 0x9}, 0x7}, 0x3, 0x0) r4 = fsopen$auto(0x0, 0x1) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x6) keyctl$auto(0x15, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x8) sendmsg$auto_OVS_VPORT_CMD_DEL(r4, &(0x7f0000000300)={&(0x7f0000000000), 0xc, &(0x7f00000002c0)={&(0x7f0000000040)={0x278, 0x0, 0x800, 0x70bd2a, 0x25dfdbfc, {}, [@OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0x16a}, @OVS_VPORT_ATTR_UPCALL_PID={0x74, 0x5, "4a94e4f2ff400e9b1fac946e32458f7c433437353f3f382965432e882a553565b386b13984b5ec62d8aa9412572e340b36d4fe8a3bc880160d834b569642239595ef66741b430c58a16c6a42caa15243e30e58c488f0d32f673e8d0c736602c3abfcd3e7b94118ecfe22cc5aff48c495"}, @OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0x2}, @OVS_VPORT_ATTR_NAME={0xc, 0x3, '\a%^\'.@]\x00'}, @OVS_VPORT_ATTR_NETNSID={0x8, 0x9, 0x2800000}, @OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0x8}, @OVS_VPORT_ATTR_UPCALL_PID={0x81, 0x5, "fd864a218cb83c6b7f3d94a612f8c0955cbbc196d190cc18702c55781bdcb51d555c4731b48f3e331ef2019dd9949590d40f5256c84af7d47ba7bf0920d52e87594182f6b889ca40845d997853bc0a1bfe417f966617d3b093aeb0f412071a0327185e639f79b2c81b9be16fb8f422061c258370a2f90e7c510ea9a49d"}, @OVS_VPORT_ATTR_UPCALL_STATS={0x12a, 0xa, 0x0, 0x1, [@generic="f79c33b086095179c66f4337dba5c074d862c534d61092b1b3a185b958ebcf20ea6b9bb8ad639c709127daf0061c445d74ddec1180425ae85abd2e221e6275e82a51706b7c20d792302490bf1ef68ae757c0fcbcbbe921566c13928b320c2acd0f128a30b7098fe166e3b1e48d4363250dad059dee1340f37aff3148da3346cdb9c0cbf7af4ab36ddaa8124e4a54c4c7fe63c7316a2cd444dc9c54d13167a4252394782201fdf7fb196b5097e82cd8933d4c6a1bf034e3f7910d", @generic="e51461a1f654eb2298155f0d50181d0a7778f5352bdd69e1261ecd933df388b928801cbb5f725b9c9cbf4c10adebf9f5b1c70bd3fd303c0c81b3398d615def7ae8cdfe5942fa81d4384dde63608b2f29401c4ba3e01c8dc8", @typed={0x14, 0x9e, 0x0, 0x0, @ipv6=@mcast1}]}, @OVS_VPORT_ATTR_UPCALL_PID={0x12, 0x5, "bf9baa5c19b4cf5e9bf8bbfebc1d"}]}, 0x278}, 0x1, 0x0, 0x0, 0x20000000}, 0x891) fsconfig$auto(r4, 0x8, 0x0, 0x0, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) r5 = socket(0x10, 0x3, 0x6) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_MESH_CONFIG(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x28, r6, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'veth0_to_bond\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x48d0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x1c, r6, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x9822}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000810) 1.526263131s ago: executing program 0 (id=638): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) ioctl$auto_RTC_RD_TIME(r0, 0x80247009, 0x0) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x4601, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_drm_connector_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000b80)='/sys/kernel/debug/dri/vkms/Writeback-1/force\x00', 0x2, 0x0) write$auto(r2, 0x0, 0x3) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mprotect$auto(0x0, 0x806121, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu/cgroup.event_control\x00', 0x1, 0x0) r3 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execveat$auto(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) r4 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/admmidi2\x00', 0x531c80, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf5, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0xf000, 0x8000000000000001, 0xb5d, 0x0, 0x6, 0x2) ioctl$auto(r4, 0x405c5503, 0x81) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bdi/43:0/strict_limit\x00', 0xb02, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x181482, 0x0) read$auto(r5, 0x0, 0x9) write$auto(0x3, 0x0, 0x1) 1.302939966s ago: executing program 3 (id=640): prctl$auto(0x59616d61, 0xdaffffffffffffff, 0x1, 0x4, 0xfffffffffffffffe) socket(0x1d, 0x2, 0x7) ptrace$auto(0x10, 0x10000000000001, 0xffffffffffffff56, 0x868f) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003680)={'wlan0\x00'}) prctl$auto_PR_SET_NO_NEW_PRIVS(0x26, 0x2, 0xffffffffffffffff, 0xe5, 0xa0c) close_range$auto(0x2, 0x8, 0x0) listmount$auto(0x0, 0x0, 0x1, 0x1) r1 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) flock$auto(r1, 0x5) syz_clone3(&(0x7f0000000100)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0x0) flock$auto(r2, 0x2) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(0x3, 0x0, 0x2, 0x9) mmap$auto(0x0, 0x40008, 0x1000000004, 0x9b72, 0x2, 0x8000) userfaultfd$auto(0x1) close_range$auto(0x2, 0xa, 0x0) r3 = socket(0x1a, 0x800, 0x88) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bond0\x00'}) bpf$auto(0x1, &(0x7f00000000c0)=@bpf_attr_5={@target_fd, r4, 0x4, 0x200001ff, r3, @relative_id=0x13, 0xe600}, 0x0) bpf$auto(0x2, &(0x7f00000001c0)=@token_create={0x7f}, 0xc) ioctl$auto(0x3, 0xc018aa3f, 0xf0b) 1.117486848s ago: executing program 0 (id=641): unshare$auto(0x40000080) semctl$auto_SETVAL(0x0, 0x7, 0x10, 0xfff) close_range$auto(0x2, 0x8, 0x0) setsockopt$auto(0xffffffffffffffff, 0x88, 0x0, 0x0, 0x80000000) socket(0x10, 0x2, 0x7fffffff) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) socket(0x2, 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd6/trace/enable\x00', 0xe3102, 0x0) read$auto(0xc8, 0x0, 0x200) sendfile$auto(r0, r0, 0x0, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2008000) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) lstat$auto(&(0x7f0000000500)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x6) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(r1, 0x7a4, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) access$auto(0x0, 0x8) semctl$auto_IPC_STAT(0x0, 0x101, 0x2, 0x200) prctl$auto(0x39, 0xffffffffffffffff, 0x0, 0x0, 0x42) fanotify_mark$auto(0xffffffffffffffff, 0x31, 0x421, 0xffffffffffffffff, 0x0) 1.105122753s ago: executing program 2 (id=642): read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000003200)=""/64, 0x40) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2000000000000021, 0x2, 0x10000000000002) socket(0x2a, 0x2, 0x0) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = socket(0x3a, 0x3, 0x0) mlockall$auto(0x7) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) mmap$auto(0xfffffffffffffffc, 0x61, 0x9, 0xfa3d, 0x400, 0x8000) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xf5s\x1cJ\x99\x8a>c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) r7 = getsockopt$auto(0xffffffffffffffff, 0x0, 0x17, 0xfffffffffffffffc, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002dbd7000f9dbdf250100000005000d00100000000500070010000000080009009c781e2108000a000800000014001f0000211e789c0000000a00ffff0000000014002000ff01faffffff00000000000000000000060002000100"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) ptrace$auto(0x10, r2, 0x4, 0x7ff) r8 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000180), r0) sendmsg$auto_NL802154_CMD_ASSOCIATE(r3, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="a8030000", @ANYRES16=r8, @ANYBLOB="20002bbd7000fedb0701000000002083", @ANYRES32=r1, @ANYBLOB="040002800c004b00d2b00000000000000800370057000000f05bc05b38fdcf84f1aee3d8e0837f70cf4d981aa154cdacabcd7c4a6d7d1fa87d290af88b15657c6a88a3e33197451369dd0633185b3a80e71ddb210eedd00ae43ac31883e9b52730d95cdb87892425b896bbfc99c2752375c29b8b519e3569873d4f59836a34b08097eac1876972401cff9c1e6f4d20de6a7caa0970fdf2c72f19a130ded95ed83b1f00751a2e6901df7bc37f0ad1c5e1b5fc37bdf146d2c701dc80040086800400128008008400030000001b44db9ab05eebb05be64a22e7b9f383645ccb9d160db1e112e53de0bae6a3123f64252f1fbcb64e0ff67669e66cd9ce84e75c76f4217684859aa7cfc6e854cf8377dece546c1dc0b690195faf8a3383e64202f2a90e92d791b1d180ae788e4234cad9595324a55b9aba0c2a7eb952394ccae9dd2536a7291b9e1bc0fb9981b2949dc48582cf6cb644b16bcd767ba60e93414f4bb63d17bc1089a303bc1e6b05d629d500e2328356b07a78cdeaa55fb3bdbb2c4abcd66a25da24df23124a18f4ef48415859bab8e900dc00c0de8739de08bd67bf24ae339999cc0662254f345b22ad693417bf9102a4dce67eb98d7c13bacd8d222275c7792cc66b3fb216bbfdef6cdccd9da65939366988d86d76cda602811cddd17fdf3aafeffc886beea60da9ed11aac54a78fd086691869ca42be0f45e7edff97f180604a1cfaa76759b1808cab28c2a53d83cd453300b7ab2322651381f010922dcdba00fe1eb35e7c207de56f3bcfa1843f6c1f9f6d90e3da1ee7ad3a6a8b65ad297d08d0ecbc655637059bb8e768157d17e81188f72695baff036b581b866901dfadc40ed1cc701aa95dcb906cd0eb4aa806a52945ea3c5631b000000003ea24926dde458f5e50919e72acd02a917781ab5354142f67380db012579090c0ea7a85b6ad9d7147245a50f7e329ecd494d9e4ce6d79ece62ca68d1352edf2283476229c2fe7a0581fda7c45354a0d705018b402730e967f14c57901cb12bff171f840f2a681379cd60b297d84566bd436678e159787e5f0fa13da3b98eba0923b12ad54a5841159d038362bec7b532680bb3ef90c87d4b7c044975b41bf381afeee06966628e0d9b5a07bafda540386bacf8f8e6c8d5ec1b37aea29d2a835be7291595c48bb0e4f03d8c149028577e2d0402ec3dd9e90a018b555fd52654f660e6e3de861b66804f1431439a050029000100000008002700ffffffff08001d00", @ANYRES32=r7, @ANYBLOB], 0x3a8}, 0x1, 0x0, 0x0, 0x20040000}, 0x8014) ptrace$auto_PTRACE_GETEVENTMSG(0x4201, r2, 0xf72, 0x0) r9 = socket(0x2a, 0x2, 0x1) connect$auto(r9, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0x4001}, 0x55) 510.234284ms ago: executing program 1 (id=643): mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) mmap$auto(0x0, 0xffff, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x3, 0x6, 0x0, 0x10000, 0x1, 0x2, {0x2100000000, 0x10000}, 0x3, 0x6, 0xffffffffffffffdd, 0x1008000, 0x0, 0x80000004, 0x83, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1800}) syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x2003f0, 0x15) timerfd_create$auto(0x9, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/pcmC1D1p\x00', 0x0, 0x0) socket(0x10, 0x3, 0x6) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x2, 0x9, 0x2, 0x6]}, 0x0) r1 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x14) r2 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) close_range$auto(0x2, 0x8, 0x0) 293.537319ms ago: executing program 2 (id=644): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x80900, 0x0) r2 = openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, 0x0, 0x20a01, 0x0) ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0) mmap$auto(0xb2, 0x14, 0xffb, 0x8000000008015, r0, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) r3 = io_uring_setup$auto(0x3501, &(0x7f0000000080)={0x80, 0x1000, 0x8, 0x5, 0x3, 0xfffffff1, r0, [0xbc, 0xffff, 0x40], {0x81, 0x9, 0x0, 0x80000000, 0x3, 0x101, 0xffff, 0x0, 0x6}, {0x7, 0xa, 0xf, 0x7fff, 0x3, 0x0, 0x0, 0xfffffffa, 0xc}}) ioctl$auto_BLKTRACETEARDOWN(r1, 0x1276, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r4 = io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x11, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r6 = socket(0xa, 0x3, 0x3c) r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty48\x00', 0x880, 0x0) ioctl$auto(r7, 0x5609, r6) madvise$auto(0x0, 0x20499d, 0x9) socket$nl_generic(0x10, 0x3, 0x10) open_tree$auto(0xffffffffffffffff, 0x0, 0x74ee) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xfffffffffffffe7f, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="000229bd0080fbdbdf350a0000000800fbffffffff"], 0x24}, 0x1, 0x0, 0x0, 0x20000050}, 0x400c0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYRES32=r3, @ANYRESOCT=r2, @ANYRES16=r4], 0x24}, 0x1, 0x0, 0x0, 0x24040010}, 0xc0) 0s ago: executing program 3 (id=645): unshare$auto(0x40000080) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, 0x0, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x1f40) stat$auto(0x0, &(0x7f0000000380)={0x3, 0x3, 0x6, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0xa, 0xff, 0x100, 0x401, 0x5f57, 0x80000000, 0xaa}) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) getsockopt$auto_SO_PASSCRED(r3, 0x1, 0x10, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/tty/ptypb/power/control\x00', 0x124001, 0x0) mmap$auto(0x0, 0x400005, 0x800000000000df, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, 0x0, 0x20048801) ioperm$auto(0xffff, 0xe, 0x1) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) fcntl$auto_F_SETLK(0xffffffffffffffff, 0x6, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/can/rcvlist_inv\x00', 0x0, 0x0) pread64$auto(r4, 0x0, 0xe, 0x100000000007) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bond0\x00'}) statmount$auto(0x0, &(0x7f0000000180)={0x8000008, 0x1, 0x9, 0x3, 0x400026, 0x940, 0x1ffde, 0x3, 0x6, 0x7ff, 0xfffffffa, 0x400005, 0xfff, 0x0, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x2}, 0xfffff7fffffffffa, 0x81) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r5, 0x0, 0x20) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3) io_setup$auto(0xffff, &(0x7f0000000580)) write$auto(0x3, 0x0, 0xfffffdef) kernel console output (not intermixed with test programs): mode [ 96.496358][ T5848] bridge_slave_1: entered promiscuous mode [ 96.516426][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.523584][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.549759][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.563337][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.641771][ T5842] team0: Port device team_slave_0 added [ 96.653024][ T5842] team0: Port device team_slave_1 added [ 96.707734][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.735154][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.742830][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.769257][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.783913][ T5846] team0: Port device team_slave_0 added [ 96.794113][ T5846] team0: Port device team_slave_1 added [ 96.802764][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.825942][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.833230][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.859590][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.904208][ T5838] hsr_slave_0: entered promiscuous mode [ 96.911279][ T5838] hsr_slave_1: entered promiscuous mode [ 96.929357][ T5841] Bluetooth: hci1: command tx timeout [ 96.929362][ T55] Bluetooth: hci0: command tx timeout [ 96.988263][ T5848] team0: Port device team_slave_0 added [ 96.995818][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.003738][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.030536][ T5841] Bluetooth: hci2: command tx timeout [ 97.036228][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.050980][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.058364][ T3084] cfg80211: failed to load regulatory.db [ 97.058890][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.092075][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.097726][ T5841] Bluetooth: hci3: command tx timeout [ 97.123202][ T5848] team0: Port device team_slave_1 added [ 97.231429][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.238507][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.265170][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.302875][ T5842] hsr_slave_0: entered promiscuous mode [ 97.309602][ T5842] hsr_slave_1: entered promiscuous mode [ 97.315856][ T5842] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 97.324582][ T5842] Cannot create hsr debugfs directory [ 97.331539][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.338770][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.364767][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.418583][ T5846] hsr_slave_0: entered promiscuous mode [ 97.425930][ T5846] hsr_slave_1: entered promiscuous mode [ 97.432715][ T5846] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 97.440406][ T5846] Cannot create hsr debugfs directory [ 97.574777][ T5848] hsr_slave_0: entered promiscuous mode [ 97.581641][ T5848] hsr_slave_1: entered promiscuous mode [ 97.588250][ T5848] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 97.596326][ T5848] Cannot create hsr debugfs directory [ 97.875490][ T5838] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 97.897697][ T5838] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 97.943557][ T5838] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 97.975740][ T5838] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 98.100612][ T5842] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 98.111615][ T5842] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 98.143158][ T5842] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 98.165454][ T5842] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 98.240042][ T5848] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 98.252105][ T5848] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 98.263007][ T5848] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 98.275760][ T5848] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 98.417594][ T5846] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 98.431912][ T5846] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 98.444475][ T5846] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 98.471669][ T5846] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 98.494075][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.562169][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.600658][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.608278][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.651708][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.658965][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.698299][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.775025][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.805792][ T5842] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.845557][ T82] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.852749][ T82] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.906506][ T1135] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.913897][ T1135] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.939378][ T5848] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.993015][ T3487] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.000266][ T3487] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.008289][ T5841] Bluetooth: hci0: command tx timeout [ 99.019058][ T5841] Bluetooth: hci1: command tx timeout [ 99.062933][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.091483][ T5841] Bluetooth: hci2: command tx timeout [ 99.108588][ T3487] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.115878][ T3487] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.173249][ T5846] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.177285][ T5841] Bluetooth: hci3: command tx timeout [ 99.245793][ T1135] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.253217][ T1135] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.324508][ T3487] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.331786][ T3487] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.369851][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.538334][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.563554][ T5838] veth0_vlan: entered promiscuous mode [ 99.583612][ T5838] veth1_vlan: entered promiscuous mode [ 99.711691][ T5838] veth0_macvtap: entered promiscuous mode [ 99.735239][ T5838] veth1_macvtap: entered promiscuous mode [ 99.788485][ T5842] veth0_vlan: entered promiscuous mode [ 99.821773][ T5842] veth1_vlan: entered promiscuous mode [ 99.856102][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.881303][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.900385][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.929483][ T5838] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.939083][ T5838] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.949023][ T5838] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.957964][ T5838] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.006866][ T5842] veth0_macvtap: entered promiscuous mode [ 100.024387][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.044159][ T5842] veth1_macvtap: entered promiscuous mode [ 100.114391][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.125663][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.140432][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.195262][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.206124][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.218738][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.261594][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.274105][ T5842] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.283984][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.284665][ T5842] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.304392][ T5842] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.313299][ T5842] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.329938][ T5846] veth0_vlan: entered promiscuous mode [ 100.348270][ T5848] veth0_vlan: entered promiscuous mode [ 100.384852][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.395975][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.414502][ T5846] veth1_vlan: entered promiscuous mode [ 100.438419][ T5848] veth1_vlan: entered promiscuous mode [ 100.500520][ T5846] veth0_macvtap: entered promiscuous mode [ 100.564461][ T5846] veth1_macvtap: entered promiscuous mode [ 100.625967][ T5838] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 100.646996][ T5848] veth0_macvtap: entered promiscuous mode [ 100.658770][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.669895][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.680196][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.681234][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.693401][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.708352][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.719777][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.738101][ T5848] veth1_macvtap: entered promiscuous mode [ 100.791728][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.827064][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.837043][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.855407][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.871269][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.915739][ T5846] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.927002][ T5846] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.941611][ T5846] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.950763][ T5846] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.976476][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.987943][ T1135] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.995846][ T1135] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.018248][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.037630][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 101.048253][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.058783][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 101.069324][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.081852][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.099918][ T5841] Bluetooth: hci1: command tx timeout [ 101.099929][ T55] Bluetooth: hci0: command tx timeout [ 101.120204][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 101.130820][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.141573][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 101.152499][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.163643][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 101.174794][ T5841] Bluetooth: hci2: command tx timeout [ 101.182066][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.194054][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.206321][ T5848] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.218015][ T5848] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.226918][ T5848] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.236249][ T5848] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.248512][ T5841] Bluetooth: hci3: command tx timeout [ 101.637534][ T5916] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2'. [ 101.725711][ T82] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.739094][ T82] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.921482][ T3487] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.962524][ T3487] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.975490][ T82] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.003213][ T82] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.268038][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.276556][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.996826][ T5941] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 103.168857][ T5841] Bluetooth: hci0: command tx timeout [ 103.169697][ T55] Bluetooth: hci1: command tx timeout [ 103.197620][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.198674][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.251610][ T55] Bluetooth: hci2: command tx timeout [ 103.329558][ T55] Bluetooth: hci3: command tx timeout [ 103.387731][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.146160][ T55] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 104.367605][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.377826][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 104.880953][ T5960] Invalid ELF header magic: != ELF [ 105.919941][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 105.947638][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.956370][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.965140][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 106.238489][ T5983] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 106.684595][ T5989] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15'. [ 107.178490][ T5989] bond0: (slave bond_slave_0): Releasing backup interface [ 107.264669][ T5989] Zero length message leads to an empty skb [ 109.918413][ T6012] FAULT_INJECTION: forcing a failure. [ 109.918413][ T6012] name failslab, interval 1, probability 0, space 0, times 0 [ 109.955886][ T6012] CPU: 1 UID: 0 PID: 6012 Comm: syz.3.20 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 109.955936][ T6012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 109.955961][ T6012] Call Trace: [ 109.955972][ T6012] [ 109.955988][ T6012] dump_stack_lvl+0x16c/0x1f0 [ 109.956042][ T6012] should_fail_ex+0x512/0x640 [ 109.956082][ T6012] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 109.956127][ T6012] should_failslab+0xc2/0x120 [ 109.956180][ T6012] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 109.956222][ T6012] ? ptlock_alloc+0x1f/0x70 [ 109.956263][ T6012] ptlock_alloc+0x1f/0x70 [ 109.956297][ T6012] pte_alloc_one+0x6d/0x380 [ 109.956338][ T6012] do_pte_missing+0x1c0b/0x3fb0 [ 109.956374][ T6012] ? do_raw_spin_unlock+0x172/0x230 [ 109.956409][ T6012] ? __pmd_alloc+0x3c2/0x870 [ 109.956457][ T6012] ? find_held_lock+0x2b/0x80 [ 109.956494][ T6012] __handle_mm_fault+0x103d/0x2a40 [ 109.956541][ T6012] ? __pfx___handle_mm_fault+0x10/0x10 [ 109.956602][ T6012] ? find_vma+0xbf/0x140 [ 109.956650][ T6012] ? __pfx_find_vma+0x10/0x10 [ 109.956702][ T6012] handle_mm_fault+0x3fe/0xad0 [ 109.956746][ T6012] do_user_addr_fault+0x7a6/0x1370 [ 109.956787][ T6012] ? rcu_is_watching+0x12/0xc0 [ 109.956825][ T6012] exc_page_fault+0x5c/0xc0 [ 109.956872][ T6012] asm_exc_page_fault+0x26/0x30 [ 109.956904][ T6012] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 109.956943][ T6012] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 109.956975][ T6012] RSP: 0018:ffffc90005197c70 EFLAGS: 00050202 [ 109.957002][ T6012] RAX: 0000000000000001 RBX: 0000000000000088 RCX: 0000000000000018 [ 109.957021][ T6012] RDX: fffff52000a32fa1 RSI: 0000000000000088 RDI: ffffc90005197cf0 [ 109.957042][ T6012] RBP: 0000000000000018 R08: 0000000000000001 R09: fffff52000a32fa0 [ 109.957061][ T6012] R10: ffffc90005197d07 R11: 0000000000000000 R12: 0000000000000000 [ 109.957081][ T6012] R13: ffffc90005197cf0 R14: ffff8880212c5a40 R15: 0000000000000008 [ 109.957123][ T6012] _copy_from_user+0x98/0xd0 [ 109.957183][ T6012] kvm_arch_dev_ioctl+0x5a1/0x760 [ 109.957230][ T6012] ? __pfx_kvm_arch_dev_ioctl+0x10/0x10 [ 109.957275][ T6012] ? do_vfs_ioctl+0x512/0x1990 [ 109.957324][ T6012] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 109.957385][ T6012] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 109.957437][ T6012] kvm_dev_ioctl+0x787/0x1ad0 [ 109.957488][ T6012] ? find_held_lock+0x2b/0x80 [ 109.957522][ T6012] ? hook_file_ioctl_common+0x145/0x410 [ 109.957562][ T6012] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 109.957610][ T6012] ? __fget_files+0x20e/0x3c0 [ 109.957647][ T6012] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 109.957694][ T6012] __x64_sys_ioctl+0x190/0x200 [ 109.957747][ T6012] do_syscall_64+0xcd/0x230 [ 109.957799][ T6012] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.957831][ T6012] RIP: 0033:0x7f438e58e169 [ 109.957868][ T6012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 109.957900][ T6012] RSP: 002b:00007f438f49d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 109.957931][ T6012] RAX: ffffffffffffffda RBX: 00007f438e7b5fa0 RCX: 00007f438e58e169 [ 109.957952][ T6012] RDX: 0000000000000088 RSI: 000000004018aee2 RDI: 0000000000000008 [ 109.957972][ T6012] RBP: 00007f438e610a68 R08: 0000000000000000 R09: 0000000000000000 [ 109.957991][ T6012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 109.958009][ T6012] R13: 0000000000000000 R14: 00007f438e7b5fa0 R15: 00007ffe7f8847c8 [ 109.958050][ T6012] [ 110.937592][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 113.341109][ T6050] syz.2.26 uses obsolete (PF_INET,SOCK_PACKET) [ 114.007342][ T55] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 114.492206][ T6058] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 116.370160][ T6066] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 116.396462][ T6066] CIFS mount error: No usable UNC path provided in device string! [ 116.396462][ T6066] [ 116.406876][ T6066] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 116.557989][ T6067] ptrace attach of "./syz-executor exec"[5838] was attempted by "./syz-executor exec"[6067] [ 116.925214][ T6075] 0x000200000001-0xa29656a63616329 : "" [ 116.942153][ T6075] mtd: partition "" is out of reach -- disabled [ 116.977083][ T6075] ftl_cs: FTL header not found. [ 118.811686][ T30] audit: type=1800 audit(6040087094.138:2): pid=6089 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.35" name="discovery_nqn" dev="configfs" ino=7420 res=0 errno=0 [ 118.890599][ T6084] Invalid ELF header magic: != ELF [ 123.047841][ T6136] usbip-vudc usbip-vudc.0: gadget not bound [ 124.319131][ T6117] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 126.585491][ T6168] process 'syz.2.47' launched '/dev/fd/2' with NULL argv: empty string added [ 126.728752][ T6170] FAULT_INJECTION: forcing a failure. [ 126.728752][ T6170] name failslab, interval 1, probability 0, space 0, times 0 [ 126.797349][ T6170] CPU: 1 UID: 0 PID: 6170 Comm: syz.3.48 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 126.797397][ T6170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 126.797417][ T6170] Call Trace: [ 126.797427][ T6170] [ 126.797440][ T6170] dump_stack_lvl+0x16c/0x1f0 [ 126.797494][ T6170] should_fail_ex+0x512/0x640 [ 126.797532][ T6170] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 126.797572][ T6170] should_failslab+0xc2/0x120 [ 126.797616][ T6170] __kmalloc_cache_noprof+0x6a/0x3e0 [ 126.797651][ T6170] ? __asan_memcpy+0x3c/0x60 [ 126.797681][ T6170] ? create_filter_start.constprop.0+0x103/0x300 [ 126.797727][ T6170] create_filter_start.constprop.0+0x103/0x300 [ 126.797770][ T6170] apply_subsystem_event_filter+0x185/0x1450 [ 126.797819][ T6170] ? __might_fault+0xe3/0x190 [ 126.797859][ T6170] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 126.797914][ T6170] ? _copy_from_user+0x59/0xd0 [ 126.797961][ T6170] subsystem_filter_write+0x95/0x120 [ 126.798005][ T6170] vfs_write+0x25c/0x1180 [ 126.798045][ T6170] ? __pfx_subsystem_filter_write+0x10/0x10 [ 126.798096][ T6170] ? __pfx___mutex_lock+0x10/0x10 [ 126.798145][ T6170] ? __pfx_vfs_write+0x10/0x10 [ 126.798192][ T6170] ? __fget_files+0x20e/0x3c0 [ 126.798237][ T6170] ksys_write+0x12a/0x240 [ 126.798271][ T6170] ? __pfx_ksys_write+0x10/0x10 [ 126.798304][ T6170] ? rcu_is_watching+0x12/0xc0 [ 126.798350][ T6170] do_syscall_64+0xcd/0x230 [ 126.798403][ T6170] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.798436][ T6170] RIP: 0033:0x7f438e58e169 [ 126.798462][ T6170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 126.798494][ T6170] RSP: 002b:00007f438f49d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 126.798533][ T6170] RAX: ffffffffffffffda RBX: 00007f438e7b5fa0 RCX: 00007f438e58e169 [ 126.798555][ T6170] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000007 [ 126.798574][ T6170] RBP: 00007f438e610a68 R08: 0000000000000000 R09: 0000000000000000 [ 126.798593][ T6170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 126.798612][ T6170] R13: 0000000000000000 R14: 00007f438e7b5fa0 R15: 00007ffe7f8847c8 [ 126.798656][ T6170] [ 127.029193][ C1] vkms_vblank_simulate: vblank timer overrun [ 127.403883][ T6164] vivid-007: ================= START STATUS ================= [ 127.437379][ T6164] vivid-007: Generate PTS: true [ 127.483308][ T6164] vivid-007: Generate SCR: true [ 127.497871][ T6164] tpg source WxH: 640x360 (Y'CbCr) [ 127.503127][ T6164] tpg field: 1 [ 127.506574][ T6164] tpg crop: (0,0)/640x360 [ 127.511695][ T6164] tpg compose: (0,0)/640x360 [ 127.516417][ T6164] tpg colorspace: 8 [ 127.522998][ T6164] tpg transfer function: 0/0 [ 127.531224][ T6164] tpg Y'CbCr encoding: 0/0 [ 127.535832][ T6164] tpg quantization: 0/0 [ 127.540209][ T6164] tpg RGB range: 0/2 [ 127.544242][ T6164] vivid-007: ================== END STATUS ================== [ 128.022577][ T5841] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 129.850499][ T6200] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 132.961492][ T6242] netlink: 28 bytes leftover after parsing attributes in process `syz.0.61'. [ 134.454640][ T6237] mmap: syz.2.59 (6237) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 135.189687][ T6265] netlink: 28 bytes leftover after parsing attributes in process `syz.1.65'. [ 135.200115][ T6265] veth0_macvtap: entered allmulticast mode [ 137.616512][ T6277] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 137.827955][ T6291] netlink: 326 bytes leftover after parsing attributes in process `syz.2.70'. [ 137.981995][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.988889][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 139.868603][ T6316] ptrace attach of "./syz-executor exec"[5846] was attempted by "./syz-executor exec"[6316] [ 140.271084][ T5841] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 140.284709][ T5841] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 143.421436][ T6378] [U]  [ 143.424472][ T6378] [U] [ 143.427187][ T6378] [U] [ 143.429920][ T6378] [U] [ 143.465538][ T6378] [U] [ 143.468283][ T6378] [U] [ 143.470998][ T6378] [U] [ 143.473705][ T6378] [U] [ 143.617835][ T6378] [U] [ 143.620579][ T6378] [U] [ 143.623292][ T6378] [U] [ 143.625999][ T6378] [U] [ 143.636297][ T6378] [U] [ 143.639080][ T6378] [U] [ 143.641823][ T6378] [U] [ 143.644552][ T6378] [U] [ 143.660999][ T6378] [U] [ 143.663745][ T6378] [U] [ 143.666451][ T6378] [U] [ 143.669186][ T6378] [U] [ 143.673188][ T6378] [U] [ 143.675911][ T6378] [U] [ 143.678651][ T6378] [U] [ 143.681396][ T6378] [U] [ 143.748386][ T6378] [U] [ 143.751223][ T6378] [U] [ 143.753940][ T6378] [U] [ 143.756648][ T6378] [U] [ 143.908422][ T6378] [U] [ 143.911214][ T6378] [U] [ 143.913971][ T6378] [U] [ 143.916725][ T6378] [U] [ 143.928660][ T6390] [U] [ 144.949469][ T6411] [U]  [ 144.952349][ T6411] [U] [ 144.955099][ T6411] [U] [ 144.957865][ T6411] [U] [ 144.979538][ T6411] [U] [ 144.982307][ T6411] [U] [ 144.985040][ T6411] [U] [ 144.987798][ T6411] [U] [ 144.991886][ T6411] [U] [ 144.994660][ T6411] [U] [ 144.997428][ T6411] [U] [ 145.000182][ T6411] [U] [ 145.004283][ T6411] [U] [ 145.007047][ T6411] [U] [ 145.009794][ T6411] [U] [ 145.012554][ T6411] [U] [ 145.026657][ T6411] [U] [ 145.029424][ T6411] [U] [ 145.032151][ T6411] [U] [ 145.034876][ T6411] [U] [ 145.056427][ T6411] [U] [ 145.059202][ T6411] [U] [ 145.061926][ T6411] [U] [ 145.064651][ T6411] [U] [ 145.070636][ T6412] [U] [ 146.647542][ T6445] [U]  [ 146.650473][ T6445] [U] [ 146.653189][ T6445] [U] [ 146.655916][ T6445] [U] [ 146.681282][ T6445] [U] [ 146.684062][ T6445] [U] [ 146.686788][ T6445] [U] [ 146.689541][ T6445] [U] [ 146.743249][ T6445] [U] [ 146.745994][ T6445] [U] [ 146.748738][ T6445] [U] [ 146.751489][ T6445] [U] [ 146.896637][ T6445] [U] [ 146.899473][ T6445] [U] [ 146.902235][ T6445] [U] [ 146.904995][ T6445] [U] [ 146.917599][ T6452] [U] [ 149.194734][ T6488] [U]  [ 149.197623][ T6488] [U] [ 149.200379][ T6488] [U] [ 149.203263][ T6488] [U] [ 149.221794][ T6488] [U] [ 149.224610][ T6488] [U] [ 149.227378][ T6488] [U] [ 149.230136][ T6488] [U] [ 149.277020][ T6488] [U] [ 149.279825][ T6488] [U] [ 149.282596][ T6488] [U] [ 149.285352][ T6488] [U] [ 149.327868][ T6488] [U] [ 149.330664][ T6488] [U] [ 149.333428][ T6488] [U] [ 149.336195][ T6488] [U] [ 149.365609][ T6490] [U] [ 154.292635][ T5841] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 154.303566][ T5841] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0' [ 154.313142][ T5841] CPU: 0 UID: 0 PID: 5841 Comm: kworker/u9:2 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 154.313174][ T5841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 154.313190][ T5841] Workqueue: hci0 hci_rx_work [ 154.313220][ T5841] Call Trace: [ 154.313227][ T5841] [ 154.313236][ T5841] dump_stack_lvl+0x16c/0x1f0 [ 154.313271][ T5841] sysfs_warn_dup+0x7f/0xa0 [ 154.313294][ T5841] sysfs_create_dir_ns+0x24b/0x2b0 [ 154.313316][ T5841] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 154.313337][ T5841] ? find_held_lock+0x2b/0x80 [ 154.313366][ T5841] ? do_raw_spin_unlock+0x172/0x230 [ 154.313391][ T5841] kobject_add_internal+0x2c4/0x9b0 [ 154.313434][ T5841] kobject_add+0x16e/0x240 [ 154.313455][ T5841] ? __pfx_kobject_add+0x10/0x10 [ 154.313478][ T5841] ? do_raw_spin_unlock+0x172/0x230 [ 154.313500][ T5841] ? kobject_put+0xab/0x5a0 [ 154.313544][ T5841] device_add+0x288/0x1a70 [ 154.313570][ T5841] ? __pfx_dev_set_name+0x10/0x10 [ 154.313600][ T5841] ? __pfx_device_add+0x10/0x10 [ 154.313626][ T5841] ? mgmt_send_event_skb+0x2fb/0x460 [ 154.313659][ T5841] hci_conn_add_sysfs+0x17e/0x230 [ 154.313690][ T5841] le_conn_complete_evt+0x1075/0x1d70 [ 154.313722][ T5841] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 154.313746][ T5841] ? bt_warn+0xe4/0x120 [ 154.313767][ T5841] ? __pfx_bt_warn+0x10/0x10 [ 154.313796][ T5841] hci_le_conn_complete_evt+0x23c/0x370 [ 154.313828][ T5841] hci_le_meta_evt+0x2f3/0x5e0 [ 154.313855][ T5841] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 154.313885][ T5841] hci_event_packet+0x669/0x1190 [ 154.313914][ T5841] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 154.313944][ T5841] ? __pfx_hci_event_packet+0x10/0x10 [ 154.313980][ T5841] ? kcov_remote_start+0x3c9/0x6d0 [ 154.314014][ T5841] ? lockdep_hardirqs_on+0x7c/0x110 [ 154.314055][ T5841] hci_rx_work+0x2c5/0x16b0 [ 154.314083][ T5841] ? rcu_is_watching+0x12/0xc0 [ 154.314112][ T5841] process_one_work+0x9cc/0x1b70 [ 154.314146][ T5841] ? __pfx_process_one_work+0x10/0x10 [ 154.314177][ T5841] ? assign_work+0x1a0/0x250 [ 154.314216][ T5841] worker_thread+0x6c8/0xf10 [ 154.314247][ T5841] ? __kthread_parkme+0x19e/0x250 [ 154.314279][ T5841] ? __pfx_worker_thread+0x10/0x10 [ 154.314301][ T5841] kthread+0x3c2/0x780 [ 154.314337][ T5841] ? __pfx_kthread+0x10/0x10 [ 154.314371][ T5841] ? __pfx_kthread+0x10/0x10 [ 154.314404][ T5841] ? __pfx_kthread+0x10/0x10 [ 154.314438][ T5841] ? __pfx_kthread+0x10/0x10 [ 154.314472][ T5841] ? rcu_is_watching+0x12/0xc0 [ 154.314496][ T5841] ? __pfx_kthread+0x10/0x10 [ 154.314532][ T5841] ret_from_fork+0x45/0x80 [ 154.314554][ T5841] ? __pfx_kthread+0x10/0x10 [ 154.314589][ T5841] ret_from_fork_asm+0x1a/0x30 [ 154.314639][ T5841] [ 154.314667][ T5841] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory. [ 154.595215][ T5841] Bluetooth: hci0: failed to register connection device [ 161.167529][ T6672] [U]  [ 161.170420][ T6672] [U] [ 161.173205][ T6672] [U] [ 161.175963][ T6672] [U] [ 161.220133][ T6672] [U] [ 161.222925][ T6672] [U] [ 161.225692][ T6672] [U] [ 161.228455][ T6672] [U] [ 161.294481][ T6672] [U] [ 161.297283][ T6672] [U] [ 161.300042][ T6672] [U] [ 161.302796][ T6672] [U] [ 161.314698][ T6672] [U] [ 161.317482][ T6672] [U] [ 161.320239][ T6672] [U] [ 161.322985][ T6672] [U] [ 161.343015][ T6672] [U] [ 161.345786][ T6672] [U] [ 161.348498][ T6672] [U] [ 161.351215][ T6672] [U] [ 161.388871][ T6672] [U] [ 161.391640][ T6672] [U] [ 161.394351][ T6672] [U] [ 161.397062][ T6672] [U] [ 161.418057][ T6672] [U] [ 161.420857][ T6672] [U] [ 161.423622][ T6672] [U] [ 161.426350][ T6672] [U] [ 161.447325][ T6674] [U] [ 163.342409][ T6714] netlink: 28 bytes leftover after parsing attributes in process `syz.3.143'. [ 164.353188][ T6714] bond0: (slave bond_slave_0): Releasing backup interface [ 166.484822][ T6747] [U]  [ 166.487710][ T6747] [U] [ 166.490468][ T6747] [U] [ 166.493225][ T6747] [U] [ 166.527843][ T6747] [U] [ 166.530645][ T6747] [U] [ 166.533402][ T6747] [U] [ 166.536153][ T6747] [U] [ 166.567144][ T6747] [U] [ 166.569928][ T6747] [U] [ 166.572661][ T6747] [U] [ 166.575395][ T6747] [U] [ 166.608386][ T6747] [U] [ 166.611202][ T6747] [U] [ 166.613978][ T6747] [U] [ 166.616738][ T6747] [U] [ 166.657519][ T6747] [U] [ 166.660313][ T6747] [U] [ 166.663068][ T6747] [U] [ 166.665794][ T6747] [U] [ 166.679113][ T6747] [U] [ 166.681886][ T6747] [U] [ 166.684612][ T6747] [U] [ 166.687336][ T6747] [U] [ 166.691858][ T6747] [U] [ 166.694645][ T6747] [U] [ 166.697398][ T6747] [U] [ 166.700144][ T6747] [U] [ 166.703342][ T6747] [U] [ 166.706115][ T6747] [U] [ 166.708857][ T6747] [U] [ 166.711594][ T6747] [U] [ 166.714934][ T6747] [U] [ 166.717700][ T6747] [U] [ 166.720437][ T6747] [U] [ 166.723167][ T6747] [U] [ 166.726563][ T6747] [U] [ 166.729337][ T6747] [U] [ 166.732087][ T6747] [U] [ 166.734843][ T6747] [U] [ 166.738729][ T6747] [U] [ 166.741510][ T6747] [U] [ 166.744263][ T6747] [U] [ 166.747014][ T6747] [U] [ 166.751710][ T6747] [U] [ 166.754487][ T6747] [U] [ 166.757240][ T6747] [U] [ 166.759996][ T6747] [U] [ 166.763275][ T6747] [U] [ 166.766039][ T6747] [U] [ 166.768771][ T6747] [U] [ 166.771498][ T6747] [U] [ 166.778140][ T6747] [U] [ 166.780908][ T6747] [U] [ 166.783670][ T6747] [U] [ 166.786408][ T6747] [U] [ 166.790817][ T6747] [U] [ 166.793584][ T6747] [U] [ 166.796330][ T6747] [U] [ 166.799087][ T6747] [U] [ 166.802360][ T6747] [U] [ 166.805130][ T6747] [U] [ 166.807885][ T6747] [U] [ 166.810643][ T6747] [U] [ 166.813957][ T6747] [U] [ 166.816724][ T6747] [U] [ 166.819481][ T6747] [U] [ 166.822249][ T6747] [U] [ 166.825413][ T6747] [U] [ 166.828179][ T6747] [U] [ 166.830930][ T6747] [U] [ 166.833681][ T6747] [U] [ 166.836983][ T6747] [U] [ 166.839749][ T6747] [U] [ 166.842490][ T6747] [U] [ 166.845216][ T6747] [U] [ 166.850215][ T6747] [U] [ 166.852984][ T6747] [U] [ 166.855743][ T6747] [U] [ 166.858589][ T6747] [U] [ 166.864404][ T6747] [U] [ 166.867174][ T6747] [U] [ 166.869915][ T6747] [U] [ 166.872647][ T6747] [U] [ 166.879146][ T6747] [U] [ 166.881903][ T6747] [U] [ 166.884629][ T6747] [U] [ 166.887355][ T6747] [U] [ 166.893445][ T6747] [U] [ 166.896205][ T6747] [U] [ 166.898931][ T6747] [U] [ 166.901656][ T6747] [U] [ 166.906229][ T6742] [U] [ 171.999380][ T6826] [U]  [ 172.002265][ T6826] [U] [ 172.005017][ T6826] [U] [ 172.007779][ T6826] [U] [ 172.027743][ T6826] [U] [ 172.030537][ T6826] [U] [ 172.033286][ T6826] [U] [ 172.036057][ T6826] [U] [ 172.048716][ T6826] [U] [ 172.051515][ T6826] [U] [ 172.054284][ T6826] [U] [ 172.057051][ T6826] [U] [ 172.080438][ T6826] [U] [ 172.083315][ T6826] [U] [ 172.086074][ T6826] [U] [ 172.088829][ T6826] [U] [ 172.093045][ T6826] [U] [ 172.095826][ T6826] [U] [ 172.098581][ T6826] [U] [ 172.101331][ T6826] [U] [ 172.104316][ T6827] [U] [ 178.997867][ T6924] FAULT_INJECTION: forcing a failure. [ 178.997867][ T6924] name failslab, interval 1, probability 0, space 0, times 0 [ 179.028233][ T6924] CPU: 0 UID: 0 PID: 6924 Comm: syz.0.180 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 179.028278][ T6924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 179.028297][ T6924] Call Trace: [ 179.028317][ T6924] [ 179.028328][ T6924] dump_stack_lvl+0x16c/0x1f0 [ 179.028380][ T6924] should_fail_ex+0x512/0x640 [ 179.028417][ T6924] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 179.028456][ T6924] should_failslab+0xc2/0x120 [ 179.028499][ T6924] __kmalloc_cache_noprof+0x6a/0x3e0 [ 179.028533][ T6924] ? append_filter_err+0x41f/0x5e0 [ 179.028565][ T6924] ? apply_subsystem_event_filter+0x4c6/0x1450 [ 179.028611][ T6924] apply_subsystem_event_filter+0x4c6/0x1450 [ 179.028662][ T6924] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 179.028714][ T6924] ? _copy_from_user+0x59/0xd0 [ 179.028760][ T6924] subsystem_filter_write+0x95/0x120 [ 179.028802][ T6924] vfs_write+0x25c/0x1180 [ 179.028831][ T6924] ? __pfx_subsystem_filter_write+0x10/0x10 [ 179.028875][ T6924] ? __pfx___mutex_lock+0x10/0x10 [ 179.028921][ T6924] ? __pfx_vfs_write+0x10/0x10 [ 179.028965][ T6924] ? __fget_files+0x20e/0x3c0 [ 179.029008][ T6924] ksys_write+0x12a/0x240 [ 179.029040][ T6924] ? __pfx_ksys_write+0x10/0x10 [ 179.029071][ T6924] ? rcu_is_watching+0x12/0xc0 [ 179.029114][ T6924] do_syscall_64+0xcd/0x230 [ 179.029164][ T6924] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.029195][ T6924] RIP: 0033:0x7fbf7c58e169 [ 179.029220][ T6924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 179.029250][ T6924] RSP: 002b:00007fbf7d41d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 179.029279][ T6924] RAX: ffffffffffffffda RBX: 00007fbf7c7b5fa0 RCX: 00007fbf7c58e169 [ 179.029298][ T6924] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000007 [ 179.029323][ T6924] RBP: 00007fbf7c610a68 R08: 0000000000000000 R09: 0000000000000000 [ 179.029341][ T6924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 179.029358][ T6924] R13: 0000000000000000 R14: 00007fbf7c7b5fa0 R15: 00007ffd7533d1a8 [ 179.029399][ T6924] [ 184.463778][ T7007] [U]  [ 184.466661][ T7007] [U] [ 184.469412][ T7007] [U] [ 184.472174][ T7007] [U] [ 184.532777][ T7007] [U] [ 184.535565][ T7007] [U] [ 184.538318][ T7007] [U] [ 184.541072][ T7007] [U] [ 184.587549][ T7007] [U] [ 184.590341][ T7007] [U] [ 184.593108][ T7007] [U] [ 184.595866][ T7007] [U] [ 184.598968][ T7007] [U] [ 184.601739][ T7007] [U] [ 184.604469][ T7007] [U] [ 184.607219][ T7007] [U] [ 184.632059][ T7007] [U] [ 184.634801][ T7007] [U] [ 184.637516][ T7007] [U] [ 184.640225][ T7007] [U] [ 184.709342][ T7007] [U] [ 184.712142][ T7007] [U] [ 184.714897][ T7007] [U] [ 184.717657][ T7007] [U] [ 184.720818][ T7007] [U] [ 184.723565][ T7007] [U] [ 184.726288][ T7007] [U] [ 184.729049][ T7007] [U] [ 184.737643][ T7007] [U] [ 184.740420][ T7007] [U] [ 184.743152][ T7007] [U] [ 184.745877][ T7007] [U] [ 184.821773][ T7007] [U] [ 184.824571][ T7007] [U] [ 184.827329][ T7007] [U] [ 184.830088][ T7007] [U] [ 184.888029][ T7006] [U] [ 188.741842][ T7070] netlink: 186 bytes leftover after parsing attributes in process `syz.1.209'. [ 189.674598][ T7066] erspan0: entered allmulticast mode [ 193.124336][ T5841] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 198.618643][ T7167] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 198.625260][ T7167] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 198.665059][ T7167] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 198.678266][ T7167] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 198.696091][ T7167] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 198.716092][ T7167] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 198.737624][ T7167] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 198.777083][ T7167] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 198.795363][ T7167] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 198.882775][ T7167] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 198.895019][ T7167] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 198.933020][ T7167] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 198.955235][ T7167] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 198.992064][ T7167] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 199.032272][ T7167] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 199.145683][ T7167] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 199.202500][ T7167] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 199.414001][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.430427][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.128407][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 200.402371][ T7200] [U]  [ 200.405260][ T7200] [U] [ 200.408032][ T7200] [U] [ 200.410797][ T7200] [U] [ 200.471892][ T7200] [U] [ 200.474692][ T7200] [U] [ 200.477456][ T7200] [U] [ 200.480211][ T7200] [U] [ 200.525350][ T7200] [U] [ 200.528139][ T7200] [U] [ 200.530898][ T7200] [U] [ 200.533645][ T7200] [U] [ 200.565458][ T7197] [U] [ 200.767461][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 200.934184][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 201.017373][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 202.207433][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 202.847316][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 203.007724][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 203.087553][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 204.181745][ T7254] FAULT_INJECTION: forcing a failure. [ 204.181745][ T7254] name failslab, interval 1, probability 0, space 0, times 0 [ 204.225717][ T7254] CPU: 1 UID: 0 PID: 7254 Comm: syz.0.243 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 204.225767][ T7254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 204.225787][ T7254] Call Trace: [ 204.225798][ T7254] [ 204.225810][ T7254] dump_stack_lvl+0x16c/0x1f0 [ 204.225864][ T7254] should_fail_ex+0x512/0x640 [ 204.225903][ T7254] ? __kmalloc_noprof+0xbf/0x510 [ 204.225946][ T7254] ? lsm_blob_alloc+0x68/0x90 [ 204.225972][ T7254] should_failslab+0xc2/0x120 [ 204.226016][ T7254] __kmalloc_noprof+0xd2/0x510 [ 204.226061][ T7254] ? __pfx_perf_event_init_task+0x10/0x10 [ 204.226094][ T7254] ? audit_alloc+0xa2/0x7b0 [ 204.226145][ T7254] ? __pfx_audit_alloc+0x10/0x10 [ 204.226196][ T7254] lsm_blob_alloc+0x68/0x90 [ 204.226224][ T7254] security_task_alloc+0x2d/0x260 [ 204.226269][ T7254] copy_process+0x24ba/0x91a0 [ 204.226307][ T7254] ? find_held_lock+0x2b/0x80 [ 204.226340][ T7254] ? schedule+0x2d7/0x3a0 [ 204.226398][ T7254] ? __pfx_copy_process+0x10/0x10 [ 204.226439][ T7254] ? __pfx___futex_wait+0x10/0x10 [ 204.226489][ T7254] ? __pfx_futex_wake_mark+0x10/0x10 [ 204.226541][ T7254] ? __lock_acquire+0xaa4/0x1ba0 [ 204.226595][ T7254] kernel_clone+0xfc/0x960 [ 204.226640][ T7254] ? __pfx_kernel_clone+0x10/0x10 [ 204.226708][ T7254] __do_sys_clone+0xce/0x120 [ 204.226752][ T7254] ? __pfx___do_sys_clone+0x10/0x10 [ 204.226818][ T7254] ? rcu_is_watching+0x12/0xc0 [ 204.226862][ T7254] do_syscall_64+0xcd/0x230 [ 204.226914][ T7254] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.226945][ T7254] RIP: 0033:0x7fbf7c58e169 [ 204.226973][ T7254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 204.227003][ T7254] RSP: 002b:00007fbf7d41cfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 204.227040][ T7254] RAX: ffffffffffffffda RBX: 00007fbf7c7b5fa0 RCX: 00007fbf7c58e169 [ 204.227061][ T7254] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 204.227080][ T7254] RBP: 00007fbf7c610a68 R08: 0000000000000000 R09: 0000000000000000 [ 204.227099][ T7254] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 204.227123][ T7254] R13: 0000000000000000 R14: 00007fbf7c7b5fa0 R15: 00007ffd7533d1a8 [ 204.227160][ T7254] [ 204.233561][ T7244] ptrace attach of "./syz-executor exec"[5846] was attempted by "./syz-executor exec"[7244] [ 204.470608][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 204.937219][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 205.087268][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 205.167345][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 205.607610][ T7266] ptrace attach of "./syz-executor exec"[5846] was attempted by "./syz-executor exec"[7266] [ 206.527277][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 207.007266][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 207.168287][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 207.247430][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 208.611540][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 210.006623][ T7341] [U]  [ 210.009565][ T7341] [U] [ 210.012273][ T7341] [U] [ 210.014987][ T7341] [U] [ 210.046894][ T7341] [U] [ 210.049655][ T7341] [U] [ 210.052429][ T7341] [U] [ 210.055266][ T7341] [U] [ 210.103221][ T7341] [U] [ 210.105974][ T7341] [U] [ 210.108688][ T7341] [U] [ 210.111423][ T7341] [U] [ 210.136013][ T7341] [U] [ 210.138819][ T7341] [U] [ 210.141579][ T7341] [U] [ 210.144336][ T7341] [U] [ 210.152786][ T7341] [U] [ 210.155574][ T7341] [U] [ 210.158315][ T7341] [U] [ 210.161026][ T7341] [U] [ 210.166234][ T7341] [U] [ 210.168995][ T7341] [U] [ 210.171705][ T7341] [U] [ 210.174428][ T7341] [U] [ 210.181104][ T7341] [U] [ 210.183956][ T7341] [U] [ 210.186671][ T7341] [U] [ 210.189409][ T7341] [U] [ 210.201197][ T7341] [U] [ 210.203937][ T7341] [U] [ 210.206673][ T7341] [U] [ 210.209402][ T7341] [U] [ 210.212948][ T7341] [U] [ 210.215673][ T7341] [U] [ 210.218384][ T7341] [U] [ 210.221089][ T7341] [U] [ 210.224478][ T7341] [U] [ 210.227252][ T7341] [U] [ 210.229969][ T7341] [U] [ 210.232678][ T7341] [U] [ 210.236261][ T7341] [U] [ 210.238989][ T7341] [U] [ 210.241697][ T7341] [U] [ 210.244403][ T7341] [U] [ 210.291492][ T7341] [U] [ 210.294246][ T7341] [U] [ 210.296952][ T7341] [U] [ 210.299686][ T7341] [U] [ 210.346298][ T7345] [U] [ 213.111024][ T7397] FAULT_INJECTION: forcing a failure. [ 213.111024][ T7397] name failslab, interval 1, probability 0, space 0, times 0 [ 213.162932][ T7397] CPU: 0 UID: 0 PID: 7397 Comm: syz.0.263 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 213.162979][ T7397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 213.162998][ T7397] Call Trace: [ 213.163008][ T7397] [ 213.163020][ T7397] dump_stack_lvl+0x16c/0x1f0 [ 213.163073][ T7397] should_fail_ex+0x512/0x640 [ 213.163112][ T7397] ? fs_reclaim_acquire+0xae/0x150 [ 213.163168][ T7397] should_failslab+0xc2/0x120 [ 213.163212][ T7397] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 213.163252][ T7397] ? security_inode_alloc+0x3b/0x2b0 [ 213.163295][ T7397] security_inode_alloc+0x3b/0x2b0 [ 213.163335][ T7397] inode_init_always_gfp+0xce4/0x1030 [ 213.163393][ T7397] alloc_inode+0x86/0x240 [ 213.163437][ T7397] sock_alloc+0x40/0x280 [ 213.163488][ T7397] __sock_create+0xc1/0x8d0 [ 213.163528][ T7397] udp_sock_create4+0xa6/0x450 [ 213.163572][ T7397] ? __pfx_udp_sock_create4+0x10/0x10 [ 213.163622][ T7397] ? lockdep_hardirqs_on+0x7c/0x110 [ 213.163667][ T7397] ? crng_make_state+0x48e/0x6d0 [ 213.163710][ T7397] rxrpc_open_socket+0x4f5/0x6b0 [ 213.163757][ T7397] ? __pfx_rxrpc_open_socket+0x10/0x10 [ 213.163820][ T7397] ? __pfx_rxrpc_client_conn_reap_timeout+0x10/0x10 [ 213.163868][ T7397] ? rcu_is_watching+0x12/0xc0 [ 213.163907][ T7397] rxrpc_lookup_local+0xa01/0x1220 [ 213.163969][ T7397] ? __pfx_rxrpc_lookup_local+0x10/0x10 [ 213.164019][ T7397] ? __local_bh_enable_ip+0xa4/0x120 [ 213.164066][ T7397] rxrpc_sendmsg+0x375/0x5f0 [ 213.164120][ T7397] ____sys_sendmsg+0xa95/0xc70 [ 213.164152][ T7397] ? copy_msghdr_from_user+0x10a/0x160 [ 213.164196][ T7397] ? __pfx_____sys_sendmsg+0x10/0x10 [ 213.164237][ T7397] ? try_to_wake_up+0xa2f/0x1680 [ 213.164279][ T7397] ___sys_sendmsg+0x134/0x1d0 [ 213.164326][ T7397] ? __pfx____sys_sendmsg+0x10/0x10 [ 213.164433][ T7397] __sys_sendmsg+0x16d/0x220 [ 213.164479][ T7397] ? __pfx___sys_sendmsg+0x10/0x10 [ 213.164523][ T7397] ? __x64_sys_futex+0x1e0/0x4c0 [ 213.164570][ T7397] ? rcu_is_watching+0x12/0xc0 [ 213.164616][ T7397] do_syscall_64+0xcd/0x230 [ 213.164667][ T7397] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.164700][ T7397] RIP: 0033:0x7fbf7c58e169 [ 213.164726][ T7397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 213.164756][ T7397] RSP: 002b:00007fbf7d41d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 213.164786][ T7397] RAX: ffffffffffffffda RBX: 00007fbf7c7b5fa0 RCX: 00007fbf7c58e169 [ 213.164808][ T7397] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000006 [ 213.164827][ T7397] RBP: 00007fbf7c610a68 R08: 0000000000000000 R09: 0000000000000000 [ 213.164847][ T7397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 213.164865][ T7397] R13: 0000000000000000 R14: 00007fbf7c7b5fa0 R15: 00007ffd7533d1a8 [ 213.164907][ T7397] [ 213.227694][ T7397] socket: no more sockets [ 214.283373][ T7414] ptrace attach of "./syz-executor exec"[5842] was attempted by "./syz-executor exec"[7414] [ 214.531508][ T7428] [U]  [ 214.534388][ T7428] [U] [ 214.537143][ T7428] [U] [ 214.539902][ T7428] [U] [ 214.577514][ T7428] [U] [ 214.580314][ T7428] [U] [ 214.583084][ T7428] [U] [ 214.585837][ T7428] [U] [ 214.616434][ T7428] [U] [ 214.619237][ T7428] [U] [ 214.622005][ T7428] [U] [ 214.624764][ T7428] [U] [ 214.675843][ T7429] [U] [ 215.493766][ T55] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 215.884353][ T7439] ip_vti0: entered allmulticast mode [ 224.816419][ T7452] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 226.142301][ T7453] FAULT_INJECTION: forcing a failure. [ 226.142301][ T7453] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 226.142363][ T7453] CPU: 0 UID: 0 PID: 7453 Comm: syz.0.281 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 226.142404][ T7453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 226.142423][ T7453] Call Trace: [ 226.142433][ T7453] [ 226.142445][ T7453] dump_stack_lvl+0x16c/0x1f0 [ 226.142497][ T7453] should_fail_ex+0x512/0x640 [ 226.142542][ T7453] should_fail_alloc_page+0xe7/0x130 [ 226.142607][ T7453] prepare_alloc_pages+0x3c2/0x610 [ 226.142668][ T7453] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 226.142714][ T7453] ? stack_trace_save+0x8e/0xc0 [ 226.142762][ T7453] ? __lock_acquire+0xaa4/0x1ba0 [ 226.142805][ T7453] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 226.142851][ T7453] ? fb_var_to_videomode+0x4c9/0x690 [ 226.142896][ T7453] ? __pfx_fb_match_mode+0x10/0x10 [ 226.142941][ T7453] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 226.142984][ T7453] ? lockdep_hardirqs_on+0x7c/0x110 [ 226.143033][ T7453] ? vc_allocate+0x489/0x880 [ 226.143058][ T7453] __alloc_pages_noprof+0xb/0x1b0 [ 226.143097][ T7453] ___kmalloc_large_node+0x82/0x1e0 [ 226.143146][ T7453] ? con_is_visible+0x65/0x150 [ 226.143191][ T7453] __kmalloc_large_node_noprof+0x1c/0x70 [ 226.143246][ T7453] __kmalloc_noprof.cold+0xc/0x61 [ 226.143301][ T7453] vc_allocate+0x489/0x880 [ 226.143329][ T7453] ? __pfx_vc_allocate+0x10/0x10 [ 226.143371][ T7453] con_install+0xa1/0x600 [ 226.143403][ T7453] ? __pfx_con_install+0x10/0x10 [ 226.143440][ T7453] ? __pfx_con_install+0x10/0x10 [ 226.143471][ T7453] tty_init_dev.part.0+0x99/0x500 [ 226.143509][ T7453] tty_open+0xa50/0xf90 [ 226.143549][ T7453] ? __pfx_tty_open+0x10/0x10 [ 226.143591][ T7453] ? chrdev_open+0x58c/0x6a0 [ 226.143634][ T7453] ? __pfx_tty_open+0x10/0x10 [ 226.143666][ T7453] chrdev_open+0x231/0x6a0 [ 226.143706][ T7453] ? __pfx_chrdev_open+0x10/0x10 [ 226.143746][ T7453] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 226.143805][ T7453] do_dentry_open+0x741/0x1c10 [ 226.143841][ T7453] ? __pfx_chrdev_open+0x10/0x10 [ 226.143887][ T7453] vfs_open+0x82/0x3f0 [ 226.143941][ T7453] path_openat+0x1e5e/0x2d40 [ 226.143992][ T7453] ? __pfx_path_openat+0x10/0x10 [ 226.144037][ T7453] do_filp_open+0x20b/0x470 [ 226.144071][ T7453] ? __pfx_do_filp_open+0x10/0x10 [ 226.144136][ T7453] ? alloc_fd+0x471/0x7d0 [ 226.144178][ T7453] do_sys_openat2+0x11b/0x1d0 [ 226.144223][ T7453] ? __pfx_do_sys_openat2+0x10/0x10 [ 226.144287][ T7453] __x64_sys_openat+0x174/0x210 [ 226.144332][ T7453] ? __pfx___x64_sys_openat+0x10/0x10 [ 226.144379][ T7453] ? rcu_is_watching+0x12/0xc0 [ 226.144423][ T7453] do_syscall_64+0xcd/0x230 [ 226.144474][ T7453] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.144505][ T7453] RIP: 0033:0x7fbf7c58e169 [ 226.144530][ T7453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.144560][ T7453] RSP: 002b:00007fbf7d41d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 226.144596][ T7453] RAX: ffffffffffffffda RBX: 00007fbf7c7b5fa0 RCX: 00007fbf7c58e169 [ 226.144616][ T7453] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 226.144636][ T7453] RBP: 00007fbf7c610a68 R08: 0000000000000000 R09: 0000000000000000 [ 226.144654][ T7453] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 226.144673][ T7453] R13: 0000000000000000 R14: 00007fbf7c7b5fa0 R15: 00007ffd7533d1a8 [ 226.144714][ T7453] [ 227.761961][ T7502] [U]  [ 227.764838][ T7502] [U] [ 227.767602][ T7502] [U] [ 227.770364][ T7502] [U] [ 227.802126][ T7502] [U] [ 227.805043][ T7502] [U] [ 227.807798][ T7502] [U] [ 227.810561][ T7502] [U] [ 227.844964][ T7502] [U] [ 227.847761][ T7502] [U] [ 227.850518][ T7502] [U] [ 227.853275][ T7502] [U] [ 227.885965][ T7506] [U] [ 228.284636][ T7499] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 228.296037][ T7499] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 228.305551][ T7499] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 228.311878][ T7499] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 228.319376][ T7499] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 228.780106][ T7519] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 228.952844][ T7522] Invalid ELF header magic: != ELF [ 229.103727][ T7529] ======================================================= [ 229.103727][ T7529] WARNING: The mand mount option has been deprecated and [ 229.103727][ T7529] and is ignored by this kernel. Remove the mand [ 229.103727][ T7529] option from the mount to silence this warning. [ 229.103727][ T7529] ======================================================= [ 229.139736][ C0] vkms_vblank_simulate: vblank timer overrun [ 229.808035][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 230.367421][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 230.367446][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout [ 230.373523][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 230.829811][ T7558] [U]  [ 230.832678][ T7558] [U] [ 230.835424][ T7558] [U] [ 230.838177][ T7558] [U] [ 230.863767][ T7558] [U] [ 230.866577][ T7558] [U] [ 230.869351][ T7558] [U] [ 230.872112][ T7558] [U] [ 230.886553][ T7558] [U] [ 230.889339][ T7558] [U] [ 230.892071][ T7558] [U] [ 230.894815][ T7558] [U] [ 230.902180][ T7558] [U] [ 230.904977][ T7558] [U] [ 230.907738][ T7558] [U] [ 230.910581][ T7558] [U] [ 230.942358][ T7558] [U] [ 230.945148][ T7558] [U] [ 230.947925][ T7558] [U] [ 230.950691][ T7558] [U] [ 230.969306][ T7559] [U] [ 231.032334][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.174920][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.291317][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.411419][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.478994][ T7552] ima: policy update failed [ 231.491689][ T30] audit: type=1802 audit(6040087230.825:3): pid=7552 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.291" res=0 errno=0 [ 231.826976][ T12] bridge_slave_1: left allmulticast mode [ 231.853459][ T12] bridge_slave_1: left promiscuous mode [ 231.873961][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 231.915996][ T12] bridge_slave_0: left allmulticast mode [ 231.937216][ T12] bridge_slave_0: left promiscuous mode [ 231.943199][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 232.195334][ T5845] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 232.204263][ T5845] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 232.214979][ T5845] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 232.227462][ T5845] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 232.236002][ T5845] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 232.434478][ T12] ip_vti0 (unregistering): left allmulticast mode [ 232.447234][ T5845] Bluetooth: hci3: command 0x0c1a tx timeout [ 232.963736][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 232.990651][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 233.010410][ T12] bond0 (unregistering): Released all slaves [ 234.079318][ T12] hsr_slave_0: left promiscuous mode [ 234.101968][ T12] hsr_slave_1: left promiscuous mode [ 234.112213][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 234.138410][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 234.153351][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 234.173756][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 234.223620][ T12] veth1_macvtap: left promiscuous mode [ 234.241556][ T12] veth0_macvtap: left promiscuous mode [ 234.250231][ T12] veth1_vlan: left promiscuous mode [ 234.255787][ T12] veth0_vlan: left promiscuous mode [ 234.287386][ T5845] Bluetooth: hci1: command tx timeout [ 234.865433][ T12] team0 (unregistering): Port device team_slave_1 removed [ 234.904671][ T12] team0 (unregistering): Port device team_slave_0 removed [ 236.071778][ T7578] chnl_net:caif_netlink_parms(): no params data found [ 236.367527][ T5845] Bluetooth: hci1: command tx timeout [ 236.427774][ T7641] [U]  [ 236.430669][ T7641] [U] [ 236.433425][ T7641] [U] [ 236.436180][ T7641] [U] [ 236.503560][ T7641] [U] [ 236.506361][ T7641] [U] [ 236.509151][ T7641] [U] [ 236.511923][ T7641] [U] [ 236.568505][ T7641] [U] [ 236.571300][ T7641] [U] [ 236.574052][ T7641] [U] [ 236.576805][ T7641] [U] [ 236.605776][ T7641] [U] [ 236.608574][ T7641] [U] [ 236.611328][ T7641] [U] [ 236.614073][ T7641] [U] [ 236.677670][ T7641] [U] [ 236.680458][ T7641] [U] [ 236.683209][ T7641] [U] [ 236.685961][ T7641] [U] [ 236.750398][ T7649] [U] [ 237.234733][ T7578] bridge0: port 1(bridge_slave_0) entered blocking state [ 237.243006][ T7578] bridge0: port 1(bridge_slave_0) entered disabled state [ 237.265032][ T7578] bridge_slave_0: entered allmulticast mode [ 237.273634][ T7578] bridge_slave_0: entered promiscuous mode [ 237.387077][ T7578] bridge0: port 2(bridge_slave_1) entered blocking state [ 237.394387][ T7578] bridge0: port 2(bridge_slave_1) entered disabled state [ 237.410445][ T7578] bridge_slave_1: entered allmulticast mode [ 237.418963][ T7578] bridge_slave_1: entered promiscuous mode [ 237.865555][ T7578] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 237.902853][ T7578] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 238.189873][ T7578] team0: Port device team_slave_0 added [ 238.266968][ T7578] team0: Port device team_slave_1 added [ 238.447358][ T5845] Bluetooth: hci1: command tx timeout [ 238.558332][ T7578] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 238.565474][ T7578] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 238.593418][ T7578] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 238.606613][ T7578] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 238.649206][ T7578] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 238.675833][ T7578] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 239.223883][ T7578] hsr_slave_0: entered promiscuous mode [ 239.268216][ T7578] hsr_slave_1: entered promiscuous mode [ 239.278383][ T7578] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 239.287180][ T7578] Cannot create hsr debugfs directory [ 240.537357][ T5845] Bluetooth: hci1: command tx timeout [ 242.094198][ T7578] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 242.162040][ T7578] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 242.321858][ T7578] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 242.410039][ T7578] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 243.873978][ T7578] 8021q: adding VLAN 0 to HW filter on device bond0 [ 243.989282][ T7578] 8021q: adding VLAN 0 to HW filter on device team0 [ 244.099812][ T82] bridge0: port 1(bridge_slave_0) entered blocking state [ 244.107005][ T82] bridge0: port 1(bridge_slave_0) entered forwarding state [ 244.164554][ T82] bridge0: port 2(bridge_slave_1) entered blocking state [ 244.172820][ T82] bridge0: port 2(bridge_slave_1) entered forwarding state [ 244.756973][ T7758] [U]  [ 244.759865][ T7758] [U] [ 244.762660][ T7758] [U] [ 244.765406][ T7758] [U] [ 244.909073][ T7758] [U] [ 244.911891][ T7758] [U] [ 244.914653][ T7758] [U] [ 244.917501][ T7758] [U] [ 244.940449][ T7758] [U] [ 244.943254][ T7758] [U] [ 244.946067][ T7758] [U] [ 244.948833][ T7758] [U] [ 245.012636][ T7758] [U] [ 245.015437][ T7758] [U] [ 245.018214][ T7758] [U] [ 245.020986][ T7758] [U] [ 245.158129][ T7758] [U] [ 245.160935][ T7758] [U] [ 245.163705][ T7758] [U] [ 245.166461][ T7758] [U] [ 245.231399][ T7762] [U] [ 245.773493][ T7578] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 246.236924][ T7578] veth0_vlan: entered promiscuous mode [ 246.281296][ T7578] veth1_vlan: entered promiscuous mode [ 246.448944][ T7578] veth0_macvtap: entered promiscuous mode [ 246.481212][ T7578] veth1_macvtap: entered promiscuous mode [ 247.399567][ T7578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 247.424094][ T7578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.439238][ T7578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 247.451078][ T7578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.461436][ T7578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 247.472251][ T7578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.484469][ T7578] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 247.609475][ T7578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 247.637309][ T7578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.648732][ T7578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 247.661180][ T7578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.673977][ T7578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 247.685670][ T7578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.699018][ T7578] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 248.110161][ T7578] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 248.130451][ T7578] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 248.150437][ T7578] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 248.187483][ T7578] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 248.897485][ T82] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 248.929365][ T82] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 249.378417][ T5845] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 249.378459][ T5845] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 249.378593][ T5845] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 249.378661][ T5845] Bluetooth: hci0: Malformed LE Event: 0x0d [ 249.682099][ T3487] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 249.692418][ T3487] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 253.935380][ T7903] ima: policy update failed [ 253.943704][ T30] audit: type=1802 audit(6040087253.275:4): pid=7903 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.325" res=0 errno=0 [ 255.033785][ T7927] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 255.101063][ T7931] netlink: 8 bytes leftover after parsing attributes in process `syz.2.338'. [ 255.806593][ T7940] ptrace attach of "./syz-executor exec"[5848] was attempted by "./syz-executor exec"[7940] [ 257.544340][ T7945] ptrace attach of "./syz-executor exec"[5846] was attempted by "./syz-executor exec"[7945] [ 258.153157][ T7965] netlink: 350 bytes leftover after parsing attributes in process `syz.3.336'. [ 260.852960][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.862771][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 263.838910][ T8024] Invalid ELF header magic: != ELF [ 264.525419][ T8021] ptrace attach of "./syz-executor exec"[7578] was attempted by "./syz-executor exec"[8021] [ 266.635730][ T8038] ptrace attach of "./syz-executor exec"[5838] was attempted by "./syz-executor exec"[8038] [ 268.062709][ T8062] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 268.085807][ T8062] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 268.095453][ T8062] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 268.117888][ T8062] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 268.125281][ T8063] ptrace attach of "./syz-executor exec"[5838] was attempted by "./syz-executor exec"[8063] [ 268.158889][ T8062] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 268.204470][ T8062] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 269.665465][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 270.127501][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 270.133965][ T5845] Bluetooth: hci3: command 0x0c1a tx timeout [ 270.140410][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 270.635235][ T8101] Invalid ELF header magic: != ELF [ 272.210193][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 273.335241][ T8110] FAULT_INJECTION: forcing a failure. [ 273.335241][ T8110] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 273.335304][ T8110] CPU: 1 UID: 0 PID: 8110 Comm: syz.1.360 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 273.335347][ T8110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 273.335371][ T8110] Call Trace: [ 273.335382][ T8110] [ 273.335398][ T8110] dump_stack_lvl+0x16c/0x1f0 [ 273.335454][ T8110] should_fail_ex+0x512/0x640 [ 273.335510][ T8110] should_fail_alloc_page+0xe7/0x130 [ 273.335559][ T8110] prepare_alloc_pages+0x3c2/0x610 [ 273.335622][ T8110] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 273.335669][ T8110] ? stack_trace_save+0x8e/0xc0 [ 273.335719][ T8110] ? __lock_acquire+0xaa4/0x1ba0 [ 273.335765][ T8110] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 273.335812][ T8110] ? fb_var_to_videomode+0x4c9/0x690 [ 273.335860][ T8110] ? __pfx_fb_match_mode+0x10/0x10 [ 273.335906][ T8110] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 273.335950][ T8110] ? lockdep_hardirqs_on+0x7c/0x110 [ 273.336001][ T8110] ? vc_allocate+0x489/0x880 [ 273.336028][ T8110] __alloc_pages_noprof+0xb/0x1b0 [ 273.336068][ T8110] ___kmalloc_large_node+0x82/0x1e0 [ 273.336119][ T8110] ? con_is_visible+0x65/0x150 [ 273.336167][ T8110] __kmalloc_large_node_noprof+0x1c/0x70 [ 273.336224][ T8110] __kmalloc_noprof.cold+0xc/0x61 [ 273.336281][ T8110] vc_allocate+0x489/0x880 [ 273.336312][ T8110] ? __pfx_vc_allocate+0x10/0x10 [ 273.336355][ T8110] con_install+0xa1/0x600 [ 273.336388][ T8110] ? __pfx_con_install+0x10/0x10 [ 273.336426][ T8110] ? __pfx_con_install+0x10/0x10 [ 273.336458][ T8110] tty_init_dev.part.0+0x99/0x500 [ 273.336504][ T8110] tty_open+0xa50/0xf90 [ 273.336547][ T8110] ? __pfx_tty_open+0x10/0x10 [ 273.336582][ T8110] ? chrdev_open+0x10b/0x6a0 [ 273.336627][ T8110] ? __pfx_tty_open+0x10/0x10 [ 273.336660][ T8110] chrdev_open+0x231/0x6a0 [ 273.336697][ T8110] ? __pfx_apparmor_file_open+0x10/0x10 [ 273.336740][ T8110] ? __pfx_chrdev_open+0x10/0x10 [ 273.336781][ T8110] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 273.336843][ T8110] do_dentry_open+0x741/0x1c10 [ 273.336880][ T8110] ? __pfx_chrdev_open+0x10/0x10 [ 273.336928][ T8110] vfs_open+0x82/0x3f0 [ 273.336980][ T8110] path_openat+0x1e5e/0x2d40 [ 273.337032][ T8110] ? __pfx_path_openat+0x10/0x10 [ 273.337084][ T8110] do_filp_open+0x20b/0x470 [ 273.337119][ T8110] ? __pfx_do_filp_open+0x10/0x10 [ 273.337182][ T8110] ? alloc_fd+0x471/0x7d0 [ 273.337224][ T8110] do_sys_openat2+0x11b/0x1d0 [ 273.337270][ T8110] ? __pfx_do_sys_openat2+0x10/0x10 [ 273.337333][ T8110] __x64_sys_openat+0x174/0x210 [ 273.337380][ T8110] ? __pfx___x64_sys_openat+0x10/0x10 [ 273.337425][ T8110] ? rcu_is_watching+0x12/0xc0 [ 273.337462][ T8110] do_syscall_64+0xcd/0x230 [ 273.337514][ T8110] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.337542][ T8110] RIP: 0033:0x7f7dde58e169 [ 273.337564][ T8110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.337590][ T8110] RSP: 002b:00007f7ddf3be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 273.337616][ T8110] RAX: ffffffffffffffda RBX: 00007f7dde7b5fa0 RCX: 00007f7dde58e169 [ 273.337634][ T8110] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 273.337651][ T8110] RBP: 00007f7dde610a68 R08: 0000000000000000 R09: 0000000000000000 [ 273.337668][ T8110] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 273.337684][ T8110] R13: 0000000000000000 R14: 00007f7dde7b5fa0 R15: 00007ffdfe4815e8 [ 273.337718][ T8110] [ 274.288001][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 274.338760][ T8127] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 274.339036][ T8127] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 274.339347][ T8127] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 274.339632][ T8127] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 275.262714][ T8137] ptrace attach of "./syz-executor exec"[5848] was attempted by "./syz-executor exec"[8137] [ 275.821431][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 276.386006][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 276.392172][ T5845] Bluetooth: hci3: command 0x0c1a tx timeout [ 276.397483][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 276.886498][ T8156] CIFS mount error: No usable UNC path provided in device string! [ 276.886498][ T8156] [ 276.896957][ T8156] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 277.166439][ T8154] ptrace attach of "./syz-executor exec"[5848] was attempted by "./syz-executor exec"[8154] [ 277.964545][ T8165] Invalid ELF header magic: != ELF [ 279.350723][ T8179] netlink: 350 bytes leftover after parsing attributes in process `syz.2.375'. [ 279.869029][ T8180] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 279.876358][ T8180] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 279.886491][ T8180] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 279.967581][ T8180] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 280.998652][ T8191] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 281.010684][ T8191] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 281.038135][ T8191] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 281.068939][ T8191] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 282.287731][ T8208] CIFS mount error: No usable UNC path provided in device string! [ 282.287731][ T8208] [ 282.389127][ T8208] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 282.429110][ T8205] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 282.442085][ T8205] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 282.509554][ T8208] ptrace attach of "./syz-executor exec"[7578] was attempted by "./syz-executor exec"[8208] [ 282.517870][ T8205] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 282.547918][ T8205] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 283.967360][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 284.447348][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 284.527226][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 284.608128][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 287.613868][ T8265] [U]  [ 287.616875][ T8265] [U] [ 287.619667][ T8265] [U] [ 287.622468][ T8265] [U] [ 287.669925][ T8265] [U] [ 287.672718][ T8265] [U] [ 287.675476][ T8265] [U] [ 287.678219][ T8265] [U] [ 287.749868][ T8265] [U] [ 287.752668][ T8265] [U] [ 287.755428][ T8265] [U] [ 287.758188][ T8265] [U] [ 287.802797][ T8265] [U] [ 287.805591][ T8265] [U] [ 287.808364][ T8265] [U] [ 287.811122][ T8265] [U] [ 287.900651][ T8268] [U] [ 289.501628][ T8293] netlink: 338 bytes leftover after parsing attributes in process `syz.3.395'. [ 289.518163][ T8293] netlink: 338 bytes leftover after parsing attributes in process `syz.3.395'. [ 289.676308][ T8293] netlink: 290 bytes leftover after parsing attributes in process `syz.3.395'. [ 289.687413][ T8293] veth0_macvtap: left promiscuous mode [ 291.691431][ T8316] Invalid ELF header magic: != ELF [ 291.698592][ T8321] [U]  [ 291.701462][ T8321] [U] [ 291.704221][ T8321] [U] [ 291.706982][ T8321] [U] [ 291.721801][ T8321] [U] [ 291.724593][ T8321] [U] [ 291.727357][ T8321] [U] [ 291.730123][ T8321] [U] [ 291.784085][ T8321] [U] [ 291.786973][ T8321] [U] [ 291.789739][ T8321] [U] [ 291.792504][ T8321] [U] [ 291.802559][ T8321] [U] [ 291.805350][ T8321] [U] [ 291.808177][ T8321] [U] [ 291.810943][ T8321] [U] [ 291.820685][ T8321] [U] [ 291.823474][ T8321] [U] [ 291.826225][ T8321] [U] [ 291.828977][ T8321] [U] [ 291.832896][ T8321] [U] [ 291.835676][ T8321] [U] [ 291.838439][ T8321] [U] [ 291.841203][ T8321] [U] [ 291.859559][ T8321] [U] [ 291.862355][ T8321] [U] [ 291.865114][ T8321] [U] [ 291.867878][ T8321] [U] [ 291.882958][ T8326] netlink: 28 bytes leftover after parsing attributes in process `syz.3.403'. [ 291.903326][ T8321] [U] [ 291.906136][ T8321] [U] [ 291.908884][ T8321] [U] [ 291.911623][ T8321] [U] [ 291.937340][ T8325] [U] [ 291.952761][ T8326] macvtap0: entered promiscuous mode [ 291.958330][ T8326] macvtap0: entered allmulticast mode [ 292.309199][ T8331] FAULT_INJECTION: forcing a failure. [ 292.309199][ T8331] name failslab, interval 1, probability 0, space 0, times 0 [ 292.400255][ T8331] CPU: 0 UID: 0 PID: 8331 Comm: syz.3.405 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 292.400311][ T8331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 292.400332][ T8331] Call Trace: [ 292.400343][ T8331] [ 292.400356][ T8331] dump_stack_lvl+0x16c/0x1f0 [ 292.400411][ T8331] should_fail_ex+0x512/0x640 [ 292.400452][ T8331] ? __kmalloc_noprof+0xbf/0x510 [ 292.400496][ T8331] ? lsm_blob_alloc+0x68/0x90 [ 292.400523][ T8331] should_failslab+0xc2/0x120 [ 292.400568][ T8331] __kmalloc_noprof+0xd2/0x510 [ 292.400618][ T8331] lsm_blob_alloc+0x68/0x90 [ 292.400648][ T8331] security_sk_alloc+0x30/0x270 [ 292.400686][ T8331] sk_prot_alloc+0xfb/0x2a0 [ 292.400743][ T8331] sk_alloc+0x36/0xc20 [ 292.400785][ T8331] inet6_create+0x381/0x1300 [ 292.400831][ T8331] ? inet6_create+0x7f/0x1300 [ 292.400876][ T8331] __sock_create+0x335/0x8d0 [ 292.400914][ T8331] __sys_socket+0x14d/0x260 [ 292.400947][ T8331] ? __pfx___sys_socket+0x10/0x10 [ 292.400982][ T8331] ? syscall_user_dispatch+0x78/0x140 [ 292.401038][ T8331] __x64_sys_socket+0x72/0xb0 [ 292.401072][ T8331] do_syscall_64+0xcd/0x230 [ 292.401118][ T8331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.401147][ T8331] RIP: 0033:0x7f438e58e169 [ 292.401172][ T8331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 292.401203][ T8331] RSP: 002b:00007f438f49d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 292.401233][ T8331] RAX: ffffffffffffffda RBX: 00007f438e7b5fa0 RCX: 00007f438e58e169 [ 292.401254][ T8331] RDX: 0000000000000073 RSI: 0000000000000002 RDI: 000000000000000a [ 292.401272][ T8331] RBP: 00007f438e610a68 R08: 0000000000000000 R09: 0000000000000000 [ 292.401299][ T8331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 292.401317][ T8331] R13: 0000000000000000 R14: 00007f438e7b5fa0 R15: 00007ffe7f8847c8 [ 292.401357][ T8331] [ 292.602183][ C0] vkms_vblank_simulate: vblank timer overrun [ 293.588928][ T8336] netlink: 28 bytes leftover after parsing attributes in process `syz.2.401'. [ 294.010286][ T8336] geneve1: entered promiscuous mode [ 294.194724][ T8336] geneve1: entered allmulticast mode [ 294.504195][ T8358] netlink: 20 bytes leftover after parsing attributes in process `syz.1.408'. [ 295.424876][ T55] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 299.103187][ T8405] netlink: Conntrack attr type has unexpected length (type=3, length=0, expected=8) [ 300.700541][ T8420] [U]  [ 300.703443][ T8420] [U] [ 300.706212][ T8420] [U] [ 300.708959][ T8420] [U] [ 300.722536][ T8420] [U] [ 300.725334][ T8420] [U] [ 300.728076][ T8420] [U] [ 300.730816][ T8420] [U] [ 300.805414][ T8420] [U] [ 300.808353][ T8420] [U] [ 300.811199][ T8420] [U] [ 300.813972][ T8420] [U] [ 300.920145][ T8420] [U] [ 300.922974][ T8420] [U] [ 300.925733][ T8420] [U] [ 300.928500][ T8420] [U] [ 300.931952][ T8420] [U] [ 300.934716][ T8420] [U] [ 300.937481][ T8420] [U] [ 300.940241][ T8420] [U] [ 300.951948][ T8420] [U] [ 300.954755][ T8420] [U] [ 300.957512][ T8420] [U] [ 300.960250][ T8420] [U] [ 301.026396][ T8420] [U] [ 301.029209][ T8420] [U] [ 301.031968][ T8420] [U] [ 301.034802][ T8420] [U] [ 301.098306][ T8422] [U] [ 301.509689][ T8413] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 301.554976][ T8413] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 301.627552][ T8413] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 301.643916][ T8413] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 302.207419][ T8443] erspan0: entered allmulticast mode [ 302.695965][ T8452] netlink: 'syz.2.421': attribute type 1 has an invalid length. [ 303.257231][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 303.567674][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 303.647357][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 303.654243][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 304.922282][ T8463] FAULT_INJECTION: forcing a failure. [ 304.922282][ T8463] name failslab, interval 1, probability 0, space 0, times 0 [ 304.967225][ T8463] CPU: 0 UID: 0 PID: 8463 Comm: syz.2.423 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 304.967275][ T8463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 304.967299][ T8463] Call Trace: [ 304.967310][ T8463] [ 304.967322][ T8463] dump_stack_lvl+0x16c/0x1f0 [ 304.967377][ T8463] should_fail_ex+0x512/0x640 [ 304.967416][ T8463] ? fs_reclaim_acquire+0xae/0x150 [ 304.967472][ T8463] should_failslab+0xc2/0x120 [ 304.967516][ T8463] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 304.967558][ T8463] ? security_inode_alloc+0x3b/0x2b0 [ 304.967601][ T8463] security_inode_alloc+0x3b/0x2b0 [ 304.967640][ T8463] inode_init_always_gfp+0xce4/0x1030 [ 304.967680][ T8463] alloc_inode+0x86/0x240 [ 304.967723][ T8463] new_inode+0x22/0x1c0 [ 304.967770][ T8463] hugetlbfs_get_inode+0x354/0x730 [ 304.967820][ T8463] hugetlb_file_setup+0x15b/0x620 [ 304.967870][ T8463] ksys_mmap_pgoff+0x189/0x5c0 [ 304.967921][ T8463] ? rcu_is_watching+0x12/0xc0 [ 304.967958][ T8463] __x64_sys_mmap+0x125/0x190 [ 304.967998][ T8463] do_syscall_64+0xcd/0x230 [ 304.968047][ T8463] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.968079][ T8463] RIP: 0033:0x7f5e7218e169 [ 304.968105][ T8463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 304.968136][ T8463] RSP: 002b:00007f5e72f63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 304.968161][ T8463] RAX: ffffffffffffffda RBX: 00007f5e723b5fa0 RCX: 00007f5e7218e169 [ 304.968189][ T8463] RDX: 0000000000000002 RSI: 0000000000a00006 RDI: 0000000000000000 [ 304.968205][ T8463] RBP: 00007f5e72210a68 R08: 0000000000000602 R09: 0000300000000000 [ 304.968222][ T8463] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 304.968238][ T8463] R13: 0000000000000000 R14: 00007f5e723b5fa0 R15: 00007ffcc93d8d28 [ 304.968272][ T8463] [ 306.454856][ T8491] [U]  [ 306.457749][ T8491] [U] [ 306.460510][ T8491] [U] [ 306.463266][ T8491] [U] [ 306.549613][ T8491] [U] [ 306.552846][ T8491] [U] [ 306.555600][ T8491] [U] [ 306.558358][ T8491] [U] [ 306.619914][ T8491] [U] [ 306.622712][ T8491] [U] [ 306.625475][ T8491] [U] [ 306.628227][ T8491] [U] [ 306.720266][ T8492] [U] [ 307.798380][ T8500] netlink: 28 bytes leftover after parsing attributes in process `syz.1.429'. [ 308.081363][ T8498] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 308.340394][ T8500] bond0: (slave bond_slave_0): Releasing backup interface [ 310.507237][ T8532] block2mtd: parameter too long [ 314.574131][ T8576] FAULT_INJECTION: forcing a failure. [ 314.574131][ T8576] name failslab, interval 1, probability 0, space 0, times 0 [ 314.586937][ T8576] CPU: 0 UID: 0 PID: 8576 Comm: syz.2.442 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 314.586981][ T8576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 314.587001][ T8576] Call Trace: [ 314.587011][ T8576] [ 314.587023][ T8576] dump_stack_lvl+0x16c/0x1f0 [ 314.587080][ T8576] should_fail_ex+0x512/0x640 [ 314.587118][ T8576] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 314.587154][ T8576] should_failslab+0xc2/0x120 [ 314.587191][ T8576] __kmalloc_cache_noprof+0x6a/0x3e0 [ 314.587220][ T8576] ? io_wq_create+0xcc/0xa30 [ 314.587252][ T8576] io_wq_create+0xcc/0xa30 [ 314.587283][ T8576] io_uring_alloc_task_context+0x211/0x690 [ 314.587327][ T8576] ? __pfx_io_uring_alloc_task_context+0x10/0x10 [ 314.587368][ T8576] ? __pfx_io_wq_submit_work+0x10/0x10 [ 314.587394][ T8576] ? __pfx_io_wq_free_work+0x10/0x10 [ 314.587417][ T8576] ? alloc_file_pseudo+0x1b3/0x230 [ 314.587459][ T8576] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 314.587503][ T8576] __io_uring_add_tctx_node+0x2dd/0x500 [ 314.587543][ T8576] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 314.587597][ T8576] ? __anon_inode_getfile+0x18b/0x370 [ 314.587631][ T8576] io_uring_setup+0x14fb/0x1ff0 [ 314.587664][ T8576] ? __pfx_io_uring_setup+0x10/0x10 [ 314.587701][ T8576] ? find_held_lock+0x2b/0x80 [ 314.587744][ T8576] ? rcu_is_watching+0x12/0xc0 [ 314.587780][ T8576] __x64_sys_io_uring_setup+0xc2/0x170 [ 314.587810][ T8576] do_syscall_64+0xcd/0x230 [ 314.587859][ T8576] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.587887][ T8576] RIP: 0033:0x7f5e7218e169 [ 314.587910][ T8576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 314.587938][ T8576] RSP: 002b:00007f5e72f42038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 314.587964][ T8576] RAX: ffffffffffffffda RBX: 00007f5e723b6080 RCX: 00007f5e7218e169 [ 314.587983][ T8576] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 314.587998][ T8576] RBP: 00007f5e72210a68 R08: 0000000000000000 R09: 0000000000000000 [ 314.588015][ T8576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 314.588031][ T8576] R13: 0000000000000000 R14: 00007f5e723b6080 R15: 00007ffcc93d8d28 [ 314.588064][ T8576] [ 316.373706][ T8593] ubi0: attaching mtd0 [ 316.385892][ T8593] ubi0: scanning is finished [ 316.404892][ T8593] ubi0: empty MTD device detected [ 316.438220][ T8588] Invalid ELF header magic: != ELF [ 316.634783][ T8593] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 316.722419][ T8593] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 316.903221][ T8593] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 317.085742][ T8593] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 317.139378][ T8593] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 317.202102][ T8593] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 317.226111][ T8593] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2130526175 [ 317.275547][ T8593] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 317.321500][ T8603] ubi0: background thread "ubi_bgt0d" started, PID 8603 [ 320.309299][ T8647] Invalid ELF header magic: != ELF [ 321.298039][ T8649] netlink: 28 bytes leftover after parsing attributes in process `syz.1.454'. [ 321.318199][ T8656] [U]  [ 321.321087][ T8656] [U] [ 321.323841][ T8656] [U] [ 321.326598][ T8656] [U] [ 321.399183][ T8649] geneve1: entered promiscuous mode [ 321.404715][ T8649] geneve1: entered allmulticast mode [ 321.467469][ T8656] [U] [ 321.470266][ T8656] [U] [ 321.473031][ T8656] [U] [ 321.475791][ T8656] [U] [ 321.548442][ T8656] [U] [ 321.551239][ T8656] [U] [ 321.554010][ T8656] [U] [ 321.556768][ T8656] [U] [ 321.657374][ T8657] [U] [ 322.294331][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.301517][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.402845][ T8669] erspan0: entered allmulticast mode [ 325.716821][ T8702] netlink: 338 bytes leftover after parsing attributes in process `syz.1.465'. [ 325.734877][ T8702] netlink: 338 bytes leftover after parsing attributes in process `syz.1.465'. [ 325.768630][ T8702] netlink: 290 bytes leftover after parsing attributes in process `syz.1.465'. [ 325.787209][ T8702] veth0_macvtap: left promiscuous mode [ 328.515642][ T8730] Invalid ELF header magic: != ELF [ 332.103588][ T8798] ptrace attach of "./syz-executor exec"[5848] was attempted by "./syz-executor exec"[8798] [ 332.859301][ T8812] Invalid ELF header magic: != ELF [ 333.307323][ T55] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 333.338500][ T8824] [U]  [ 333.341398][ T8824] [U] [ 333.344151][ T8824] [U] [ 333.346917][ T8824] [U] [ 333.497493][ T8824] [U] [ 333.500297][ T8824] [U] [ 333.503058][ T8824] [U] [ 333.505897][ T8824] [U] [ 333.577816][ T8824] [U] [ 333.580629][ T8824] [U] [ 333.583413][ T8824] [U] [ 333.586338][ T8824] [U] [ 333.629208][ T8824] [U] [ 333.632004][ T8824] [U] [ 333.634753][ T8824] [U] [ 333.637499][ T8824] [U] [ 333.748761][ T8824] [U] [ 333.751562][ T8824] [U] [ 333.754323][ T8824] [U] [ 333.757085][ T8824] [U] [ 333.760785][ T8824] [U] [ 333.763568][ T8824] [U] [ 333.766319][ T8824] [U] [ 333.769108][ T8824] [U] [ 333.772275][ T8824] [U] [ 333.775082][ T8824] [U] [ 333.777876][ T8824] [U] [ 333.780646][ T8824] [U] [ 333.783778][ T8824] [U] [ 333.786541][ T8824] [U] [ 333.789299][ T8824] [U] [ 333.792049][ T8824] [U] [ 333.795999][ T8824] [U] [ 333.798767][ T8824] [U] [ 333.801522][ T8824] [U] [ 333.804286][ T8824] [U] [ 333.808029][ T8824] [U] [ 333.810814][ T8824] [U] [ 333.813566][ T8824] [U] [ 333.816325][ T8824] [U] [ 333.823128][ T8824] [U] [ 333.825926][ T8824] [U] [ 333.828686][ T8824] [U] [ 333.831445][ T8824] [U] [ 333.890132][ T8824] [U] [ 333.892938][ T8824] [U] [ 333.895690][ T8824] [U] [ 333.898443][ T8824] [U] [ 333.903565][ T8824] [U] [ 333.906368][ T8824] [U] [ 333.909136][ T8824] [U] [ 333.911982][ T8824] [U] [ 333.917215][ T8824] [U] [ 333.919994][ T8824] [U] [ 333.922755][ T8824] [U] [ 333.925504][ T8824] [U] [ 334.070291][ T8824] [U] [ 334.073093][ T8824] [U] [ 334.075903][ T8824] [U] [ 334.078675][ T8824] [U] [ 334.237577][ T8824] [U] [ 334.240412][ T8824] [U] [ 334.243167][ T8824] [U] [ 334.245913][ T8824] [U] [ 334.370071][ T8824] [U] [ 334.372962][ T8824] [U] [ 334.375773][ T8824] [U] [ 334.378575][ T8824] [U] [ 334.382536][ T8824] [U] [ 334.385424][ T8824] [U] [ 334.388252][ T8824] [U] [ 334.391015][ T8824] [U] [ 334.395093][ T8824] [U] [ 334.397935][ T8824] [U] [ 334.400702][ T8824] [U] [ 334.403468][ T8824] [U] [ 334.407579][ T8824] [U] [ 334.410454][ T8824] [U] [ 334.413210][ T8824] [U] [ 334.415978][ T8824] [U] [ 334.419943][ T8824] [U] [ 334.422716][ T8824] [U] [ 334.425474][ T8824] [U] [ 334.428210][ T8824] [U] [ 334.432037][ T8824] [U] [ 334.434840][ T8824] [U] [ 334.437595][ T8824] [U] [ 334.440344][ T8824] [U] [ 334.818375][ T8824] [U] [ 334.821175][ T8824] [U] [ 334.823931][ T8824] [U] [ 334.826709][ T8824] [U] [ 335.143015][ T8824] [U] [ 335.145814][ T8824] [U] [ 335.148582][ T8824] [U] [ 335.151338][ T8824] [U] [ 335.157681][ T8824] [U] [ 335.160465][ T8824] [U] [ 335.163202][ T8824] [U] [ 335.165930][ T8824] [U] [ 335.177497][ T8824] [U] [ 335.180284][ T8824] [U] [ 335.183045][ T8824] [U] [ 335.185895][ T8824] [U] [ 335.189633][ T8827] [U] [ 336.805815][ T8844] FAULT_INJECTION: forcing a failure. [ 336.805815][ T8844] name failslab, interval 1, probability 0, space 0, times 0 [ 336.895630][ T8844] CPU: 0 UID: 0 PID: 8844 Comm: syz.1.485 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 336.895682][ T8844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 336.895702][ T8844] Call Trace: [ 336.895713][ T8844] [ 336.895725][ T8844] dump_stack_lvl+0x16c/0x1f0 [ 336.895781][ T8844] should_fail_ex+0x512/0x640 [ 336.895819][ T8844] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 336.895858][ T8844] should_failslab+0xc2/0x120 [ 336.895902][ T8844] __kmalloc_cache_noprof+0x6a/0x3e0 [ 336.895936][ T8844] ? __io_uring_add_tctx_node+0x132/0x500 [ 336.895990][ T8844] __io_uring_add_tctx_node+0x132/0x500 [ 336.896039][ T8844] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 336.896088][ T8844] ? __anon_inode_getfile+0x18b/0x370 [ 336.896139][ T8844] io_uring_setup+0x14fb/0x1ff0 [ 336.896178][ T8844] ? __pfx_io_uring_setup+0x10/0x10 [ 336.896222][ T8844] ? find_held_lock+0x2b/0x80 [ 336.896276][ T8844] ? rcu_is_watching+0x12/0xc0 [ 336.896317][ T8844] __x64_sys_io_uring_setup+0xc2/0x170 [ 336.896354][ T8844] do_syscall_64+0xcd/0x230 [ 336.896405][ T8844] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.896438][ T8844] RIP: 0033:0x7f7dde58e169 [ 336.896464][ T8844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 336.896496][ T8844] RSP: 002b:00007f7ddf39d038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 336.896527][ T8844] RAX: ffffffffffffffda RBX: 00007f7dde7b6080 RCX: 00007f7dde58e169 [ 336.896548][ T8844] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 336.896567][ T8844] RBP: 00007f7dde610a68 R08: 0000000000000000 R09: 0000000000000000 [ 336.896585][ T8844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 336.896604][ T8844] R13: 0000000000000000 R14: 00007f7dde7b6080 R15: 00007ffdfe4815e8 [ 336.896644][ T8844] [ 344.943605][ T36] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:2: bg 1: bad block bitmap checksum [ 345.070185][ T36] EXT4-fs (sda1): Delayed block allocation failed for inode 1932 at logical offset 1350 with max blocks 20 with error 74 [ 345.181571][ T36] EXT4-fs (sda1): This should not happen!! Data will be lost [ 345.181571][ T36] [ 345.619789][ T8938] ptrace attach of "./syz-executor exec"[5838] was attempted by "./syz-executor exec"[8938] [ 346.250685][ T8933] ubi: mtd0 is already attached to ubi0 [ 346.282378][ T8933] Invalid ELF header magic: != ELF [ 347.075868][ T8955] netlink: 28 bytes leftover after parsing attributes in process `syz.1.500'. [ 347.199407][ T8959] [U]  [ 347.202309][ T8959] [U] [ 347.205079][ T8959] [U] [ 347.207972][ T8959] [U] [ 347.214969][ T8959] [U] [ 347.217755][ T8959] [U] [ 347.220574][ T8959] [U] [ 347.223360][ T8959] [U] [ 347.290724][ T8959] [U] [ 347.293538][ T8959] [U] [ 347.296309][ T8959] [U] [ 347.299116][ T8959] [U] [ 347.325778][ T8955] bond0: (slave bond_slave_1): Releasing backup interface [ 347.332248][ T8959] [U] [ 347.335907][ T8959] [U] [ 347.338763][ T8959] [U] [ 347.341526][ T8959] [U] [ 347.357044][ T8963] [U] [ 352.758525][ T9018] Invalid ELF header magic: != ELF [ 354.025367][ T9031] ptrace attach of "./syz-executor exec"[5838] was attempted by "./syz-executor exec"[9031] [ 355.202589][ T9028] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 355.217797][ T9028] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 355.224166][ T9028] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 355.232072][ T9028] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 355.373936][ T9049] [U]  [ 355.376839][ T9049] [U] [ 355.379592][ T9049] [U] [ 355.382345][ T9049] [U] [ 355.416248][ T9049] [U] [ 355.419145][ T9049] [U] [ 355.421873][ T9049] [U] [ 355.424597][ T9049] [U] [ 355.437844][ T9049] [U] [ 355.440678][ T9049] [U] [ 355.443439][ T9049] [U] [ 355.446191][ T9049] [U] [ 355.473257][ T9049] [U] [ 355.476041][ T9049] [U] [ 355.478806][ T9049] [U] [ 355.481561][ T9049] [U] [ 355.491961][ T9049] [U] [ 355.494759][ T9049] [U] [ 355.497506][ T9049] [U] [ 355.500256][ T9049] [U] [ 355.516015][ T9050] netlink: 338 bytes leftover after parsing attributes in process `syz.0.517'. [ 355.520375][ T9051] [U] [ 355.598203][ T9050] netlink: 290 bytes leftover after parsing attributes in process `syz.0.517'. [ 355.607488][ T9050] veth0_macvtap: left promiscuous mode [ 355.613098][ T9052] netlink: 338 bytes leftover after parsing attributes in process `syz.0.517'. [ 356.689083][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 357.063518][ T9070] Invalid ELF header magic: != ELF [ 357.247489][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 357.253580][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 357.267179][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout [ 360.938702][ T9109] [U]  [ 360.941588][ T9109] [U] [ 360.944338][ T9109] [U] [ 360.947085][ T9109] [U] [ 361.054412][ T9109] [U] [ 361.057218][ T9109] [U] [ 361.059993][ T9109] [U] [ 361.062751][ T9109] [U] [ 361.066375][ T9109] [U] [ 361.069245][ T9109] [U] [ 361.072003][ T9109] [U] [ 361.074761][ T9109] [U] [ 361.078390][ T9109] [U] [ 361.081283][ T9109] [U] [ 361.084056][ T9109] [U] [ 361.086809][ T9109] [U] [ 361.089989][ T9109] [U] [ 361.092751][ T9109] [U] [ 361.095499][ T9109] [U] [ 361.098264][ T9109] [U] [ 361.102095][ T9109] [U] [ 361.104853][ T9109] [U] [ 361.107599][ T9109] [U] [ 361.110330][ T9109] [U] [ 361.113495][ T9109] [U] [ 361.116272][ T9109] [U] [ 361.119031][ T9109] [U] [ 361.121790][ T9109] [U] [ 361.124850][ T9109] [U] [ 361.127613][ T9109] [U] [ 361.130352][ T9109] [U] [ 361.133089][ T9109] [U] [ 361.136228][ T9109] [U] [ 361.138994][ T9109] [U] [ 361.141757][ T9109] [U] [ 361.144529][ T9109] [U] [ 361.147615][ T9109] [U] [ 361.150383][ T9109] [U] [ 361.153187][ T9109] [U] [ 361.156037][ T9109] [U] [ 361.159218][ T9109] [U] [ 361.162082][ T9109] [U] [ 361.164890][ T9109] [U] [ 361.167647][ T9109] [U] [ 361.171694][ T9109] [U] [ 361.174487][ T9109] [U] [ 361.177235][ T9109] [U] [ 361.179998][ T9109] [U] [ 361.184024][ T9109] [U] [ 361.186801][ T9109] [U] [ 361.189569][ T9109] [U] [ 361.192374][ T9109] [U] [ 361.195420][ T9109] [U] [ 361.198202][ T9109] [U] [ 361.200964][ T9109] [U] [ 361.203719][ T9109] [U] [ 361.251512][ T9109] [U] [ 361.254311][ T9109] [U] [ 361.257075][ T9109] [U] [ 361.259833][ T9109] [U] [ 361.284823][ T9109] [U] [ 361.287636][ T9109] [U] [ 361.290394][ T9109] [U] [ 361.293150][ T9109] [U] [ 361.371880][ T9111] [U] [ 363.053899][ T9135] ptrace attach of "./syz-executor exec"[7578] was attempted by "./syz-executor exec"[9135] [ 364.621258][ T5841] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 364.621315][ T5841] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 364.636863][ T5841] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 364.636948][ T5841] Bluetooth: hci3: Malformed LE Event: 0x0d [ 365.817991][ T9154] Invalid ELF header magic: != ELF [ 366.451174][ T5841] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 367.415659][ T9212] FAULT_INJECTION: forcing a failure. [ 367.415659][ T9212] name failslab, interval 1, probability 0, space 0, times 0 [ 367.554894][ T9212] CPU: 0 UID: 0 PID: 9212 Comm: syz.0.538 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 367.554943][ T9212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 367.554962][ T9212] Call Trace: [ 367.554972][ T9212] [ 367.554984][ T9212] dump_stack_lvl+0x16c/0x1f0 [ 367.555037][ T9212] should_fail_ex+0x512/0x640 [ 367.555076][ T9212] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 367.555123][ T9212] should_failslab+0xc2/0x120 [ 367.555170][ T9212] __kmalloc_cache_noprof+0x6a/0x3e0 [ 367.555206][ T9212] ? __io_uring_add_tctx_node+0x132/0x500 [ 367.555261][ T9212] __io_uring_add_tctx_node+0x132/0x500 [ 367.555310][ T9212] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 367.555359][ T9212] ? __anon_inode_getfile+0x18b/0x370 [ 367.555399][ T9212] io_uring_setup+0x14fb/0x1ff0 [ 367.555438][ T9212] ? __pfx_io_uring_setup+0x10/0x10 [ 367.555483][ T9212] ? find_held_lock+0x2b/0x80 [ 367.555547][ T9212] ? rcu_is_watching+0x12/0xc0 [ 367.555586][ T9212] __x64_sys_io_uring_setup+0xc2/0x170 [ 367.555622][ T9212] do_syscall_64+0xcd/0x230 [ 367.555672][ T9212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 367.555703][ T9212] RIP: 0033:0x7fbf7c58e169 [ 367.555727][ T9212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 367.555757][ T9212] RSP: 002b:00007fbf7d3fc038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 367.555786][ T9212] RAX: ffffffffffffffda RBX: 00007fbf7c7b6080 RCX: 00007fbf7c58e169 [ 367.555807][ T9212] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 367.555825][ T9212] RBP: 00007fbf7c610a68 R08: 0000000000000000 R09: 0000000000000000 [ 367.555843][ T9212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 367.555861][ T9212] R13: 0000000000000000 R14: 00007fbf7c7b6080 R15: 00007ffd7533d1a8 [ 367.555901][ T9212] [ 372.476698][ T9295] netlink: 28 bytes leftover after parsing attributes in process `syz.2.544'. [ 373.186635][ T9295] bond0: (slave bond_slave_1): Releasing backup interface [ 376.911555][ T9335] FAULT_INJECTION: forcing a failure. [ 376.911555][ T9335] name failslab, interval 1, probability 0, space 0, times 0 [ 376.964243][ T9335] CPU: 1 UID: 0 PID: 9335 Comm: syz.1.551 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 376.964293][ T9335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 376.964313][ T9335] Call Trace: [ 376.964323][ T9335] [ 376.964335][ T9335] dump_stack_lvl+0x16c/0x1f0 [ 376.964392][ T9335] should_fail_ex+0x512/0x640 [ 376.964432][ T9335] ? __kmalloc_noprof+0xbf/0x510 [ 376.964476][ T9335] ? slhc_init+0x1ad/0x570 [ 376.964509][ T9335] should_failslab+0xc2/0x120 [ 376.964553][ T9335] __kmalloc_noprof+0xd2/0x510 [ 376.964602][ T9335] slhc_init+0x1ad/0x570 [ 376.964637][ T9335] ? kasan_save_track+0x14/0x30 [ 376.964680][ T9335] slip_open+0x8ee/0x1150 [ 376.964718][ T9335] ? __pfx_n_tty_close+0x10/0x10 [ 376.964770][ T9335] ? __pfx_slip_open+0x10/0x10 [ 376.964805][ T9335] ? down_write+0x14d/0x200 [ 376.964862][ T9335] ? __pfx_slip_open+0x10/0x10 [ 376.964897][ T9335] tty_ldisc_open+0x9c/0x120 [ 376.964948][ T9335] tty_set_ldisc+0x32b/0x780 [ 376.965004][ T9335] tty_ioctl+0xc42/0x1610 [ 376.965037][ T9335] ? __pfx_tty_ioctl+0x10/0x10 [ 376.965078][ T9335] ? fdget+0x187/0x210 [ 376.965109][ T9335] ? __sys_sendmsg+0x199/0x220 [ 376.965153][ T9335] ? hook_file_ioctl_common+0x145/0x410 [ 376.965203][ T9335] ? xfd_validate_state+0x5d/0x180 [ 376.965248][ T9335] ? __pfx_tty_ioctl+0x10/0x10 [ 376.965280][ T9335] __x64_sys_ioctl+0x190/0x200 [ 376.965333][ T9335] do_syscall_64+0xcd/0x230 [ 376.965386][ T9335] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.965421][ T9335] RIP: 0033:0x7f7dde58e169 [ 376.965447][ T9335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 376.965479][ T9335] RSP: 002b:00007f7ddf3be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 376.965509][ T9335] RAX: ffffffffffffffda RBX: 00007f7dde7b5fa0 RCX: 00007f7dde58e169 [ 376.965530][ T9335] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000001 [ 376.965550][ T9335] RBP: 00007f7dde610a68 R08: 0000000000000000 R09: 0000000000000000 [ 376.965569][ T9335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 376.965589][ T9335] R13: 0000000000000000 R14: 00007f7dde7b5fa0 R15: 00007ffdfe4815e8 [ 376.965632][ T9335] [ 377.189441][ C1] vkms_vblank_simulate: vblank timer overrun [ 382.754028][ T9404] netlink: 28 bytes leftover after parsing attributes in process `syz.0.562'. [ 383.236110][ T9404] bond0: (slave bond_slave_1): Releasing backup interface [ 383.743086][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.758591][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.342593][ T9421] netlink: Conntrack attr type has unexpected length (type=3, length=0, expected=8) [ 387.961783][ T9450] scsi_dev_info_list_add_str: bad dev info string ')zD 5fk+*X#R84*VsndvqQW}~YrȀ-8VGDƘLB%v†v}Ypq|?O[,! 7xWDr%[}E$3?G9Ff=lrGH;2L<=|8 -c Fո"[v9q4Mmvqk[(iNDСMX PSqqX4X`V!;r֍)y]WzfIH0,v{q8שUܹ䑉m؛HTwCz-nR%2]x05oՕ|3>lS*L/Cdgӑ[C=Cwem)l#' ''S.sHgi-TY%ܹF*8nFTH?i{' '' [ 389.160581][ T9480] netlink: 28 bytes leftover after parsing attributes in process `syz.3.575'. [ 389.759855][ T9480] bond0: (slave bond_slave_1): Releasing backup interface [ 394.138845][ T9526] FAULT_INJECTION: forcing a failure. [ 394.138845][ T9526] name fail_futex, interval 1, probability 0, space 0, times 1 [ 394.187307][ T9526] CPU: 0 UID: 0 PID: 9526 Comm: syz.1.581 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 394.187356][ T9526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 394.187376][ T9526] Call Trace: [ 394.187386][ T9526] [ 394.187398][ T9526] dump_stack_lvl+0x16c/0x1f0 [ 394.187452][ T9526] should_fail_ex+0x512/0x640 [ 394.187497][ T9526] get_futex_key+0x49e/0x1000 [ 394.187540][ T9526] ? __pfx_get_futex_key+0x10/0x10 [ 394.187591][ T9526] futex_wake+0xe7/0x4e0 [ 394.187649][ T9526] ? __pfx_futex_wake+0x10/0x10 [ 394.187699][ T9526] ? kmem_cache_free+0x2d4/0x4d0 [ 394.187736][ T9526] ? fd_install+0x225/0x750 [ 394.187763][ T9526] ? putname+0x154/0x1a0 [ 394.187809][ T9526] do_futex+0x1e3/0x350 [ 394.187847][ T9526] ? __pfx_do_futex+0x10/0x10 [ 394.187896][ T9526] __x64_sys_futex+0x1e0/0x4c0 [ 394.187938][ T9526] ? __x64_sys_openat+0x174/0x210 [ 394.187986][ T9526] ? __pfx___x64_sys_futex+0x10/0x10 [ 394.188026][ T9526] ? rcu_is_watching+0x12/0xc0 [ 394.188071][ T9526] do_syscall_64+0xcd/0x230 [ 394.188123][ T9526] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 394.188156][ T9526] RIP: 0033:0x7f7dde58e169 [ 394.188182][ T9526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 394.188214][ T9526] RSP: 002b:00007f7ddf39d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 394.188244][ T9526] RAX: ffffffffffffffda RBX: 00007f7dde7b6088 RCX: 00007f7dde58e169 [ 394.188265][ T9526] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7dde7b608c [ 394.188285][ T9526] RBP: 00007f7dde7b6080 R08: 00007f7ddf3bf000 R09: 0000000000000000 [ 394.188304][ T9526] R10: 0000000000000008 R11: 0000000000000246 R12: 00007f7dde7b608c [ 394.188322][ T9526] R13: 0000000000000000 R14: 00007ffdfe481500 R15: 00007ffdfe4815e8 [ 394.188363][ T9526] [ 396.174379][ T9530] FAULT_INJECTION: forcing a failure. [ 396.174379][ T9530] name failslab, interval 1, probability 0, space 0, times 0 [ 396.237578][ T9530] CPU: 1 UID: 0 PID: 9530 Comm: syz.1.583 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 396.237625][ T9530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 396.237644][ T9530] Call Trace: [ 396.237654][ T9530] [ 396.237666][ T9530] dump_stack_lvl+0x16c/0x1f0 [ 396.237719][ T9530] should_fail_ex+0x512/0x640 [ 396.237758][ T9530] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 396.237804][ T9530] should_failslab+0xc2/0x120 [ 396.237848][ T9530] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 396.237887][ T9530] ? stack_depot_save_flags+0x28/0xa50 [ 396.237927][ T9530] ? __d_alloc+0x31/0xaa0 [ 396.237971][ T9530] __d_alloc+0x31/0xaa0 [ 396.238013][ T9530] d_alloc+0x4a/0x1e0 [ 396.238052][ T9530] d_alloc_parallel+0xe3/0x12e0 [ 396.238111][ T9530] ? find_held_lock+0x2b/0x80 [ 396.238149][ T9530] ? __pfx_d_alloc_parallel+0x10/0x10 [ 396.238200][ T9530] ? __d_lookup+0x266/0x4a0 [ 396.238260][ T9530] lookup_open.isra.0+0x665/0x1580 [ 396.238320][ T9530] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 396.238382][ T9530] ? mnt_get_write_access+0x20c/0x300 [ 396.238425][ T9530] path_openat+0x905/0x2d40 [ 396.238473][ T9530] ? __pfx_path_openat+0x10/0x10 [ 396.238512][ T9530] do_filp_open+0x20b/0x470 [ 396.238542][ T9530] ? __pfx_do_filp_open+0x10/0x10 [ 396.238583][ T9530] ? __pfx_kfree_link+0x10/0x10 [ 396.238633][ T9530] ? alloc_fd+0x471/0x7d0 [ 396.238668][ T9530] do_sys_openat2+0x11b/0x1d0 [ 396.238707][ T9530] ? __pfx_do_sys_openat2+0x10/0x10 [ 396.238760][ T9530] __x64_sys_openat+0x174/0x210 [ 396.238799][ T9530] ? __pfx___x64_sys_openat+0x10/0x10 [ 396.238841][ T9530] ? rcu_is_watching+0x12/0xc0 [ 396.238878][ T9530] do_syscall_64+0xcd/0x230 [ 396.238920][ T9530] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 396.238947][ T9530] RIP: 0033:0x7f7dde58e169 [ 396.238969][ T9530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 396.238995][ T9530] RSP: 002b:00007f7ddf3be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 396.239021][ T9530] RAX: ffffffffffffffda RBX: 00007f7dde7b5fa0 RCX: 00007f7dde58e169 [ 396.239039][ T9530] RDX: 0000000000000200 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 396.239056][ T9530] RBP: 00007f7dde610a68 R08: 0000000000000000 R09: 0000000000000000 [ 396.239072][ T9530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 396.239087][ T9530] R13: 0000000000000000 R14: 00007f7dde7b5fa0 R15: 00007ffdfe4815e8 [ 396.239120][ T9530] [ 398.572654][ T9582] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 398.936080][ T5841] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 398.936124][ T5841] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 398.957141][ T5841] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 398.957227][ T5841] Bluetooth: hci1: Malformed LE Event: 0x0d [ 399.275277][ T9589] FAULT_INJECTION: forcing a failure. [ 399.275277][ T9589] name fail_futex, interval 1, probability 0, space 0, times 0 [ 399.417134][ T9589] CPU: 1 UID: 0 PID: 9589 Comm: syz.3.594 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 399.417181][ T9589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 399.417201][ T9589] Call Trace: [ 399.417211][ T9589] [ 399.417225][ T9589] dump_stack_lvl+0x16c/0x1f0 [ 399.417279][ T9589] should_fail_ex+0x512/0x640 [ 399.417332][ T9589] get_futex_key+0x49e/0x1000 [ 399.417374][ T9589] ? __pfx_get_futex_key+0x10/0x10 [ 399.417426][ T9589] futex_wake+0xe7/0x4e0 [ 399.417475][ T9589] ? __pfx_futex_wake+0x10/0x10 [ 399.417525][ T9589] ? kmem_cache_free+0x2d4/0x4d0 [ 399.417561][ T9589] ? fd_install+0x225/0x750 [ 399.417588][ T9589] ? putname+0x154/0x1a0 [ 399.417636][ T9589] do_futex+0x1e3/0x350 [ 399.417674][ T9589] ? __pfx_do_futex+0x10/0x10 [ 399.417724][ T9589] __x64_sys_futex+0x1e0/0x4c0 [ 399.417765][ T9589] ? __x64_sys_openat+0x174/0x210 [ 399.417814][ T9589] ? __pfx___x64_sys_futex+0x10/0x10 [ 399.417855][ T9589] ? rcu_is_watching+0x12/0xc0 [ 399.417900][ T9589] do_syscall_64+0xcd/0x230 [ 399.417951][ T9589] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 399.417984][ T9589] RIP: 0033:0x7f438e58e169 [ 399.418009][ T9589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 399.418040][ T9589] RSP: 002b:00007f438f49d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 399.418081][ T9589] RAX: ffffffffffffffda RBX: 00007f438e7b5fa8 RCX: 00007f438e58e169 [ 399.418101][ T9589] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f438e7b5fac [ 399.418132][ T9589] RBP: 00007f438e7b5fa0 R08: 00007f438f49e000 R09: 0000000000000000 [ 399.418150][ T9589] R10: 000000000000000c R11: 0000000000000246 R12: 00007f438e7b5fac [ 399.418167][ T9589] R13: 0000000000000000 R14: 00007ffe7f8846e0 R15: 00007ffe7f8847c8 [ 399.418223][ T9589] [ 402.694911][ T9614] ptrace attach of "./syz-executor exec"[7578] was attempted by "./syz-executor exec"[9614] [ 404.755588][ T9658] FAULT_INJECTION: forcing a failure. [ 404.755588][ T9658] name failslab, interval 1, probability 0, space 0, times 0 [ 404.768689][ T9658] CPU: 1 UID: 0 PID: 9658 Comm: syz.3.605 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 404.768731][ T9658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 404.768748][ T9658] Call Trace: [ 404.768758][ T9658] [ 404.768768][ T9658] dump_stack_lvl+0x16c/0x1f0 [ 404.768816][ T9658] should_fail_ex+0x512/0x640 [ 404.768850][ T9658] ? fs_reclaim_acquire+0xae/0x150 [ 404.768899][ T9658] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 404.768948][ T9658] should_failslab+0xc2/0x120 [ 404.768985][ T9658] __kmalloc_noprof+0xd2/0x510 [ 404.769028][ T9658] tomoyo_realpath_from_path+0xc2/0x6e0 [ 404.769079][ T9658] tomoyo_check_open_permission+0x2ab/0x3c0 [ 404.769116][ T9658] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 404.769195][ T9658] ? find_held_lock+0x2b/0x80 [ 404.769240][ T9658] tomoyo_file_open+0x6b/0x90 [ 404.769271][ T9658] security_file_open+0x84/0x1e0 [ 404.769312][ T9658] do_dentry_open+0x596/0x1c10 [ 404.769355][ T9658] vfs_open+0x82/0x3f0 [ 404.769397][ T9658] path_openat+0x1e5e/0x2d40 [ 404.769439][ T9658] ? __pfx_path_openat+0x10/0x10 [ 404.769478][ T9658] do_filp_open+0x20b/0x470 [ 404.769508][ T9658] ? __pfx_do_filp_open+0x10/0x10 [ 404.769563][ T9658] ? alloc_fd+0x471/0x7d0 [ 404.769599][ T9658] do_sys_openat2+0x11b/0x1d0 [ 404.769637][ T9658] ? __pfx_do_sys_openat2+0x10/0x10 [ 404.769693][ T9658] __x64_sys_openat+0x174/0x210 [ 404.769734][ T9658] ? __pfx___x64_sys_openat+0x10/0x10 [ 404.769776][ T9658] ? rcu_is_watching+0x12/0xc0 [ 404.769815][ T9658] do_syscall_64+0xcd/0x230 [ 404.769859][ T9658] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 404.769887][ T9658] RIP: 0033:0x7f438e58e169 [ 404.769917][ T9658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 404.769945][ T9658] RSP: 002b:00007f438f47c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 404.769971][ T9658] RAX: ffffffffffffffda RBX: 00007f438e7b6080 RCX: 00007f438e58e169 [ 404.769990][ T9658] RDX: 00000000001c1041 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 404.770009][ T9658] RBP: 00007f438e610a68 R08: 0000000000000000 R09: 0000000000000000 [ 404.770027][ T9658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 404.770045][ T9658] R13: 0000000000000000 R14: 00007f438e7b6080 R15: 00007ffe7f8847c8 [ 404.770084][ T9658] [ 404.770097][ T9658] ERROR: Out of memory at tomoyo_realpath_from_path. [ 408.466069][ T9676] FAULT_INJECTION: forcing a failure. [ 408.466069][ T9676] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 408.487400][ T9676] CPU: 0 UID: 0 PID: 9676 Comm: syz.3.610 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 408.487434][ T9676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 408.487448][ T9676] Call Trace: [ 408.487456][ T9676] [ 408.487467][ T9676] dump_stack_lvl+0x16c/0x1f0 [ 408.487506][ T9676] should_fail_ex+0x512/0x640 [ 408.487538][ T9676] strncpy_from_user+0x3b/0x2e0 [ 408.487566][ T9676] getname_flags.part.0+0x8f/0x550 [ 408.487603][ T9676] getname_flags+0x93/0xf0 [ 408.487625][ T9676] do_sys_openat2+0xb8/0x1d0 [ 408.487657][ T9676] ? __pfx_do_sys_openat2+0x10/0x10 [ 408.487701][ T9676] __x64_sys_openat+0x174/0x210 [ 408.487742][ T9676] ? __pfx___x64_sys_openat+0x10/0x10 [ 408.487777][ T9676] ? rcu_is_watching+0x12/0xc0 [ 408.487809][ T9676] do_syscall_64+0xcd/0x230 [ 408.487845][ T9676] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.487868][ T9676] RIP: 0033:0x7f438e58e169 [ 408.487886][ T9676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 408.487908][ T9676] RSP: 002b:00007f438f49d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 408.487929][ T9676] RAX: ffffffffffffffda RBX: 00007f438e7b5fa0 RCX: 00007f438e58e169 [ 408.487944][ T9676] RDX: 0000000000000200 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 408.487959][ T9676] RBP: 00007f438e610a68 R08: 0000000000000000 R09: 0000000000000000 [ 408.487972][ T9676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 408.487985][ T9676] R13: 0000000000000000 R14: 00007f438e7b5fa0 R15: 00007ffe7f8847c8 [ 408.488013][ T9676] [ 408.888972][ T9699] [U]  [ 408.891838][ T9699] [U] [ 408.894574][ T9699] [U] [ 408.897303][ T9699] [U] [ 408.901304][ T9699] [U] [ 408.904046][ T9699] [U] [ 408.906806][ T9699] [U] [ 408.909558][ T9699] [U] [ 408.918965][ T9699] [U] [ 408.921747][ T9699] [U] [ 408.924524][ T9699] [U] [ 408.927286][ T9699] [U] [ 408.931589][ T9699] [U] [ 408.934355][ T9699] [U] [ 408.937132][ T9699] [U] [ 408.939877][ T9699] [U] [ 408.968011][ T9699] [U] [ 408.970883][ T9699] [U] [ 408.973666][ T9699] [U] [ 408.976418][ T9699] [U] [ 409.092150][ T9705] [U] [ 410.062540][ T9711] FAULT_INJECTION: forcing a failure. [ 410.062540][ T9711] name failslab, interval 1, probability 0, space 0, times 0 [ 410.084113][ T9711] CPU: 1 UID: 0 PID: 9711 Comm: syz.0.613 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 410.084163][ T9711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 410.084183][ T9711] Call Trace: [ 410.084194][ T9711] [ 410.084206][ T9711] dump_stack_lvl+0x16c/0x1f0 [ 410.084261][ T9711] should_fail_ex+0x512/0x640 [ 410.084302][ T9711] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 410.084342][ T9711] should_failslab+0xc2/0x120 [ 410.084388][ T9711] __kmalloc_cache_noprof+0x6a/0x3e0 [ 410.084424][ T9711] ? slip_open+0x8cc/0x1150 [ 410.084457][ T9711] ? kasan_save_track+0x14/0x30 [ 410.084500][ T9711] slip_open+0x8cc/0x1150 [ 410.084537][ T9711] ? __pfx_n_tty_close+0x10/0x10 [ 410.084580][ T9711] ? __pfx_slip_open+0x10/0x10 [ 410.084623][ T9711] ? down_write+0x14d/0x200 [ 410.084679][ T9711] ? __pfx_slip_open+0x10/0x10 [ 410.084715][ T9711] tty_ldisc_open+0x9c/0x120 [ 410.084765][ T9711] tty_set_ldisc+0x32b/0x780 [ 410.084823][ T9711] tty_ioctl+0xc42/0x1610 [ 410.084856][ T9711] ? __pfx_tty_ioctl+0x10/0x10 [ 410.084897][ T9711] ? fdget+0x187/0x210 [ 410.084928][ T9711] ? __sys_sendmsg+0x199/0x220 [ 410.084971][ T9711] ? hook_file_ioctl_common+0x145/0x410 [ 410.085021][ T9711] ? xfd_validate_state+0x5d/0x180 [ 410.085060][ T9711] ? __pfx_tty_ioctl+0x10/0x10 [ 410.085093][ T9711] __x64_sys_ioctl+0x190/0x200 [ 410.085146][ T9711] do_syscall_64+0xcd/0x230 [ 410.085198][ T9711] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 410.085231][ T9711] RIP: 0033:0x7fbf7c58e169 [ 410.085258][ T9711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 410.085289][ T9711] RSP: 002b:00007fbf7d41d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 410.085320][ T9711] RAX: ffffffffffffffda RBX: 00007fbf7c7b5fa0 RCX: 00007fbf7c58e169 [ 410.085342][ T9711] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000001 [ 410.085361][ T9711] RBP: 00007fbf7c610a68 R08: 0000000000000000 R09: 0000000000000000 [ 410.085380][ T9711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 410.085399][ T9711] R13: 0000000000000000 R14: 00007fbf7c7b5fa0 R15: 00007ffd7533d1a8 [ 410.085442][ T9711] [ 410.306636][ C1] vkms_vblank_simulate: vblank timer overrun [ 411.481966][ T9721] netlink: Conntrack attr type has unexpected length (type=3, length=0, expected=8) [ 414.006359][ T9759] [U]  [ 414.009249][ T9759] [U] [ 414.012002][ T9759] [U] [ 414.014755][ T9759] [U] [ 414.022697][ T9759] [U] [ 414.025581][ T9759] [U] [ 414.028341][ T9759] [U] [ 414.031113][ T9759] [U] [ 414.035303][ T9759] [U] [ 414.038095][ T9759] [U] [ 414.040861][ T9759] [U] [ 414.043647][ T9759] [U] [ 414.048547][ T9759] [U] [ 414.051352][ T9759] [U] [ 414.054103][ T9759] [U] [ 414.056837][ T9759] [U] [ 414.077876][ T9759] [U] [ 414.080684][ T9759] [U] [ 414.083449][ T9759] [U] [ 414.086213][ T9759] [U] [ 414.099377][ T9759] [U] [ 414.102188][ T9759] [U] [ 414.105044][ T9759] [U] [ 414.107777][ T9759] [U] [ 414.139104][ T9759] [U] [ 414.141918][ T9759] [U] [ 414.144680][ T9759] [U] [ 414.147450][ T9759] [U] [ 414.223882][ T9760] [U] [ 415.368565][ T9784] bond0: option all_slaves_active: invalid value () [ 417.743897][ T9814] capability: warning: `syz.0.639' uses 32-bit capabilities (legacy support in use) [ 417.898624][ T9820] [U]  [ 417.901501][ T9820] [U] [ 417.904256][ T9820] [U] [ 417.907007][ T9820] [U] [ 417.914133][ T9820] [U] [ 417.916945][ T9820] [U] [ 417.919693][ T9820] [U] [ 417.922453][ T9820] [U] [ 417.925841][ T9820] [U] [ 417.926344][ T9822] netlink: 12 bytes leftover after parsing attributes in process `syz.0.639'. [ 417.928676][ T9820] [U] [ 417.928738][ T9820] [U] [ 417.928795][ T9820] [U] [ 417.935878][ T9820] [U] [ 417.948582][ T9820] [U] [ 417.951325][ T9820] [U] [ 417.954068][ T9820] [U] [ 417.956862][ C1] vkms_vblank_simulate: vblank timer overrun [ 417.982483][ T9814] HfR: entered promiscuous mode [ 418.022013][ T9814] device-mapper: ioctl: Unable to rename non-existent device,  to [ 418.043965][ T9823] [U] [ 418.073141][ T9822] HfR: left promiscuous mode [ 418.216558][ T9819] netlink: Conntrack attr type has unexpected length (type=3, length=0, expected=8) [ 418.365705][ T9827] netlink: 342 bytes leftover after parsing attributes in process `syz.2.634'. [ 418.390529][ T9827] netlink: 342 bytes leftover after parsing attributes in process `syz.2.634'. [ 418.453370][ T9827] zram: Added device: zram1 [ 418.679321][ T9836] netlink: 28 bytes leftover after parsing attributes in process `syz.3.635'. [ 418.688431][ T9836] macvtap0: left promiscuous mode [ 418.693615][ T9836] macvtap0: left allmulticast mode [ 418.975061][ T9844] device-mapper: ioctl: device name cannot contain '/' [ 419.347188][ T9850] ptrace attach of "./syz-executor exec"[5848] was attempted by "./syz-executor exec"[9850] [ 419.785430][ T9861] netlink: 20 bytes leftover after parsing attributes in process `syz.2.642'. [ 420.904985][ T1135] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:6: bg 2: bad block bitmap checksum [ 420.941149][ T1135] EXT4-fs (sda1): Delayed block allocation failed for inode 1932 at logical offset 922 with max blocks 2 with error 74 [ 420.958072][ T1135] EXT4-fs (sda1): This should not happen!! Data will be lost [ 420.958072][ T1135] [ 421.048386][ T1135] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:6: bg 3: bad block bitmap checksum [ 421.138136][ T1135] EXT4-fs (sda1): Delayed block allocation failed for inode 1932 at logical offset 1359 with max blocks 11 with error 74 [ 421.153431][ T1135] EXT4-fs (sda1): This should not happen!! Data will be lost [ 421.153431][ T1135] [ 421.623586][ T9875] Console: switching to colour VGA+ 80x25 [ 421.653469][ T9875] FAULT_INJECTION: forcing a failure. [ 421.653469][ T9875] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 421.667315][ T9875] CPU: 0 UID: 0 PID: 9875 Comm: syz.3.645 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 421.667360][ T9875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 421.667379][ T9875] Call Trace: [ 421.667390][ T9875] [ 421.667402][ T9875] dump_stack_lvl+0x16c/0x1f0 [ 421.667454][ T9875] should_fail_ex+0x512/0x640 [ 421.667498][ T9875] should_fail_alloc_page+0xe7/0x130 [ 421.667543][ T9875] prepare_alloc_pages+0x3c2/0x610 [ 421.667593][ T9875] ? rcu_is_watching+0x12/0xc0 [ 421.667629][ T9875] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 421.667677][ T9875] ? __lock_acquire+0x5ca/0x1ba0 [ 421.667725][ T9875] ? xas_create+0x1d7/0x1460 [ 421.667755][ T9875] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 421.667794][ T9875] ? cgroup_rstat_updated+0x2a/0xb20 [ 421.667861][ T9875] ? __lock_acquire+0x5ca/0x1ba0 [ 421.667904][ T9875] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 421.667952][ T9875] ? policy_nodemask+0xea/0x4e0 [ 421.667995][ T9875] alloc_pages_mpol+0x1fb/0x550 [ 421.668040][ T9875] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 421.668088][ T9875] ? filemap_get_entry+0x1a7/0x3b0 [ 421.668143][ T9875] folio_alloc_noprof+0x20/0x2d0 [ 421.668194][ T9875] filemap_alloc_folio_noprof+0x3a1/0x470 [ 421.668236][ T9875] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 421.668276][ T9875] ? rcu_is_watching+0x12/0xc0 [ 421.668318][ T9875] __filemap_get_folio+0x5e9/0xc10 [ 421.668377][ T9875] ioctx_alloc+0x761/0x2060 [ 421.668449][ T9875] ? __pfx_ioctx_alloc+0x10/0x10 [ 421.668498][ T9875] ? __might_fault+0x13b/0x190 [ 421.668550][ T9875] __x64_sys_io_setup+0xc9/0x210 [ 421.668607][ T9875] do_syscall_64+0xcd/0x230 [ 421.668659][ T9875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.668692][ T9875] RIP: 0033:0x7f438e58e169 [ 421.668718][ T9875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 421.668750][ T9875] RSP: 002b:00007f438f49d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 421.668781][ T9875] RAX: ffffffffffffffda RBX: 00007f438e7b5fa0 RCX: 00007f438e58e169 [ 421.668802][ T9875] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 421.668822][ T9875] RBP: 00007f438e610a68 R08: 0000000000000000 R09: 0000000000000000 [ 421.668848][ T9875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 421.668867][ T9875] R13: 0000000000000000 R14: 00007f438e7b5fa0 R15: 00007ffe7f8847c8 [ 421.668907][ T9875] [ 421.957133][ T9875] ================================================================== [ 421.957153][ T9875] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0xa03/0xc70 [ 421.957193][ T9875] Read of size 14 at addr ffff88802764ebbe by task syz.3.645/9875 [ 421.957217][ T9875] [ 421.957231][ T9875] CPU: 1 UID: 0 PID: 9875 Comm: syz.3.645 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 421.957268][ T9875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 421.957286][ T9875] Call Trace: [ 421.957294][ T9875] [ 421.957304][ T9875] dump_stack_lvl+0x116/0x1f0 [ 421.957348][ T9875] print_report+0xc3/0x670 [ 421.957384][ T9875] ? __virt_addr_valid+0x5e/0x590 [ 421.957422][ T9875] ? __phys_addr+0xc6/0x150 [ 421.957461][ T9875] ? fbcon_prepare_logo+0xa03/0xc70 [ 421.957487][ T9875] kasan_report+0xe0/0x110 [ 421.957523][ T9875] ? fbcon_prepare_logo+0xa03/0xc70 [ 421.957554][ T9875] kasan_check_range+0xef/0x1a0 [ 421.957609][ T9875] __asan_memcpy+0x23/0x60 [ 421.957638][ T9875] fbcon_prepare_logo+0xa03/0xc70 [ 421.957673][ T9875] fbcon_init+0xd77/0x1900 [ 421.957701][ T9875] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 421.957746][ T9875] visual_init+0x31d/0x620 [ 421.957783][ T9875] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 421.957833][ T9875] store_bind+0x61d/0x760 [ 421.957877][ T9875] ? sysfs_file_kobj+0xe4/0x290 [ 421.957919][ T9875] ? __pfx_store_bind+0x10/0x10 [ 421.957959][ T9875] dev_attr_store+0x55/0x80 [ 421.957986][ T9875] ? __pfx_dev_attr_store+0x10/0x10 [ 421.958013][ T9875] sysfs_kf_write+0xef/0x150 [ 421.958055][ T9875] kernfs_fop_write_iter+0x351/0x510 [ 421.958092][ T9875] ? __pfx_sysfs_kf_write+0x10/0x10 [ 421.958134][ T9875] vfs_write+0x5ba/0x1180 [ 421.958162][ T9875] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 421.958201][ T9875] ? __pfx___mutex_lock+0x10/0x10 [ 421.958243][ T9875] ? __pfx_vfs_write+0x10/0x10 [ 421.958282][ T9875] ksys_write+0x12a/0x240 [ 421.958309][ T9875] ? __pfx_ksys_write+0x10/0x10 [ 421.958337][ T9875] ? rcu_is_watching+0x12/0xc0 [ 421.958370][ T9875] do_syscall_64+0xcd/0x230 [ 421.958411][ T9875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.958439][ T9875] RIP: 0033:0x7f438e58e169 [ 421.958462][ T9875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 421.958492][ T9875] RSP: 002b:00007f438f49d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 421.958518][ T9875] RAX: ffffffffffffffda RBX: 00007f438e7b5fa0 RCX: 00007f438e58e169 [ 421.958538][ T9875] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 421.958556][ T9875] RBP: 00007f438e610a68 R08: 0000000000000000 R09: 0000000000000000 [ 421.958581][ T9875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 421.958599][ T9875] R13: 0000000000000000 R14: 00007f438e7b5fa0 R15: 00007ffe7f8847c8 [ 421.958627][ T9875] [ 421.958637][ T9875] [ 421.958643][ T9875] Allocated by task 5499: [ 421.958657][ T9875] kasan_save_stack+0x33/0x60 [ 421.958688][ T9875] kasan_save_track+0x14/0x30 [ 421.958717][ T9875] __kasan_kmalloc+0xaa/0xb0 [ 421.958745][ T9875] __kmalloc_noprof+0x223/0x510 [ 421.958775][ T9875] tomoyo_commit_ok+0x21/0xa0 [ 421.958809][ T9875] tomoyo_update_domain+0x603/0x870 [ 421.958838][ T9875] tomoyo_write_misc+0x14e/0x1e0 [ 421.958866][ T9875] tomoyo_write_domain2+0x128/0x1e0 [ 421.958905][ T9875] tomoyo_supervisor+0x7dd/0x13b0 [ 421.958928][ T9875] tomoyo_env_perm+0x191/0x200 [ 421.958954][ T9875] tomoyo_find_next_domain+0xec2/0x20b0 [ 421.958982][ T9875] tomoyo_bprm_check_security+0x12e/0x1d0 [ 421.959007][ T9875] security_bprm_check+0x1b9/0x1e0 [ 421.959033][ T9875] bprm_execve+0x810/0x1650 [ 421.959055][ T9875] do_execveat_common.isra.0+0x4a5/0x610 [ 421.959079][ T9875] __x64_sys_execve+0x8e/0xb0 [ 421.959103][ T9875] do_syscall_64+0xcd/0x230 [ 421.959140][ T9875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.959168][ T9875] [ 421.959175][ T9875] The buggy address belongs to the object at ffff88802764eb80 [ 421.959175][ T9875] which belongs to the cache kmalloc-64 of size 64 [ 421.959198][ T9875] The buggy address is located 22 bytes to the right of [ 421.959198][ T9875] allocated 40-byte region [ffff88802764eb80, ffff88802764eba8) [ 421.959226][ T9875] [ 421.959233][ T9875] The buggy address belongs to the physical page: [ 421.959255][ T9875] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2764e [ 421.959282][ T9875] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 421.959305][ T9875] page_type: f5(slab) [ 421.959330][ T9875] raw: 00fff00000000000 ffff88801b4418c0 ffffea0001849500 dead000000000004 [ 421.959357][ T9875] raw: 0000000000000000 0000000000200020 00000000f5000000 0000000000000000 [ 421.959374][ T9875] page dumped because: kasan: bad access detected [ 421.959392][ T9875] page_owner tracks the page as allocated [ 421.959401][ T9875] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 12, tgid 12 (kworker/u8:0), ts 14644633901, free_ts 0 [ 421.959454][ T9875] post_alloc_hook+0x181/0x1b0 [ 421.959483][ T9875] get_page_from_freelist+0x135c/0x3920 [ 421.959513][ T9875] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 421.959545][ T9875] alloc_pages_mpol+0x1fb/0x550 [ 421.959602][ T9875] new_slab+0x244/0x340 [ 421.959626][ T9875] ___slab_alloc+0xd9c/0x1940 [ 421.959650][ T9875] __slab_alloc.constprop.0+0x56/0xb0 [ 421.959677][ T9875] __kmalloc_node_noprof+0x2ed/0x500 [ 421.959710][ T9875] __vmalloc_node_range_noprof+0x3eb/0x1540 [ 421.959736][ T9875] __vmalloc_node_noprof+0x74/0xa0 [ 421.959762][ T9875] copy_process+0x2ead/0x91a0 [ 421.959796][ T9875] kernel_clone+0xfc/0x960 [ 421.959830][ T9875] user_mode_thread+0xc7/0x110 [ 421.959920][ T9875] call_usermodehelper_exec_work+0xcb/0x170 [ 421.959960][ T9875] process_one_work+0x9cc/0x1b70 [ 421.959986][ T9875] worker_thread+0x6c8/0xf10 [ 421.960012][ T9875] page_owner free stack trace missing [ 421.960022][ T9875] [ 421.960029][ T9875] Memory state around the buggy address: [ 421.960044][ T9875] ffff88802764ea80: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 421.960065][ T9875] ffff88802764eb00: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 421.960086][ T9875] >ffff88802764eb80: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 421.960102][ T9875] ^ [ 421.960119][ T9875] ffff88802764ec00: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 421.960139][ T9875] ffff88802764ec80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 421.960155][ T9875] ================================================================== [ 421.960172][ T9875] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 421.960192][ T9875] CPU: 1 UID: 0 PID: 9875 Comm: syz.3.645 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) [ 421.960231][ T9875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 421.960250][ T9875] Call Trace: [ 421.960261][ T9875] [ 421.960272][ T9875] dump_stack_lvl+0x3d/0x1f0 [ 421.960315][ T9875] panic+0x71c/0x800 [ 421.960357][ T9875] ? __pfx_panic+0x10/0x10 [ 421.960403][ T9875] ? __pfx__printk+0x10/0x10 [ 421.960448][ T9875] ? fbcon_prepare_logo+0xa03/0xc70 [ 421.960476][ T9875] check_panic_on_warn+0xab/0xb0 [ 421.960522][ T9875] end_report+0x107/0x170 [ 421.960580][ T9875] kasan_report+0xee/0x110 [ 421.960617][ T9875] ? fbcon_prepare_logo+0xa03/0xc70 [ 421.960650][ T9875] kasan_check_range+0xef/0x1a0 [ 421.960694][ T9875] __asan_memcpy+0x23/0x60 [ 421.960722][ T9875] fbcon_prepare_logo+0xa03/0xc70 [ 421.960756][ T9875] fbcon_init+0xd77/0x1900 [ 421.960784][ T9875] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 421.960832][ T9875] visual_init+0x31d/0x620 [ 421.960873][ T9875] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 421.960924][ T9875] store_bind+0x61d/0x760 [ 421.960973][ T9875] ? sysfs_file_kobj+0xe4/0x290 [ 421.961017][ T9875] ? __pfx_store_bind+0x10/0x10 [ 421.961059][ T9875] dev_attr_store+0x55/0x80 [ 421.961089][ T9875] ? __pfx_dev_attr_store+0x10/0x10 [ 421.961118][ T9875] sysfs_kf_write+0xef/0x150 [ 421.961160][ T9875] kernfs_fop_write_iter+0x351/0x510 [ 421.961199][ T9875] ? __pfx_sysfs_kf_write+0x10/0x10 [ 421.961243][ T9875] vfs_write+0x5ba/0x1180 [ 421.961274][ T9875] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 421.961314][ T9875] ? __pfx___mutex_lock+0x10/0x10 [ 421.961356][ T9875] ? __pfx_vfs_write+0x10/0x10 [ 421.961396][ T9875] ksys_write+0x12a/0x240 [ 421.961424][ T9875] ? __pfx_ksys_write+0x10/0x10 [ 421.961453][ T9875] ? rcu_is_watching+0x12/0xc0 [ 421.961487][ T9875] do_syscall_64+0xcd/0x230 [ 421.961532][ T9875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.961572][ T9875] RIP: 0033:0x7f438e58e169 [ 421.961598][ T9875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 421.961630][ T9875] RSP: 002b:00007f438f49d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 421.961658][ T9875] RAX: ffffffffffffffda RBX: 00007f438e7b5fa0 RCX: 00007f438e58e169 [ 421.961680][ T9875] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 421.961698][ T9875] RBP: 00007f438e610a68 R08: 0000000000000000 R09: 0000000000000000 [ 421.961716][ T9875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 421.961734][ T9875] R13: 0000000000000000 R14: 00007f438e7b5fa0 R15: 00007ffe7f8847c8 [ 421.961762][ T9875] [ 421.962057][ T9875] Kernel Offset: disabled