last executing test programs: 27.638236796s ago: executing program 2 (id=2524): r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000240)='/dev/cec19\x00', 0x244c1, 0x0) ioctl$auto_CEC_TRANSMIT(r0, 0xc0386105, &(0x7f00000001c0)={0x40000000001, 0x1, 0x9, 0x8, 0x2, 0xcf, "000044b1f90000000800", 0x0, 0x10, 0x9, 0x9, 0x5, 0x5, 0x81}) r1 = socket(0x2, 0x2, 0x1) connect$auto(r1, &(0x7f00000000c0)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x41}}, 0x55) connect$auto(r1, &(0x7f0000000000)=@l2tp={0x2, 0x0, @multicast2, 0x1}, 0x7f) r2 = socket(0x25, 0x1, 0x0) sendto$auto(r2, 0x0, 0x0, 0x0, 0x0, 0x3) r3 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(0xffffffffffffffff, 0x80083314, 0x0) mmap$auto(0x0, 0x3, 0xf9, 0xeb1, r0, 0x8400) mmap$auto(0x0, 0x4000002020009, 0x3, 0xeb1, r0, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0xfffffdef) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) timer_create$auto(0x3, 0x0, 0x0) io_uring_setup$auto(0x40000002c55, 0x0) syz_clone(0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x100, 0x4, 0xffffffffffff8001, 0x18, r3, 0xd3d) r4 = socket(0xa, 0x801, 0x84) getsockopt$auto(r4, 0x84, 0x7f, 0x0, 0x0) shutdown$auto(0xffffffffffffffff, 0x2) socket(0xa, 0x1, 0x100) r5 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r5, 0x0, 0x7ff, 0x400) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x1, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0x1]}, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959\x05\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1fb, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) 26.597603902s ago: executing program 2 (id=2528): openat$auto_bm_entry_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x400, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) mmap$auto(0x200000, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x280000400000000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/fail-nth\x00', 0x303542, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2061, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x82000, 0x0) r1 = openat$auto_tracing_thresh_fops_trace(0xffffffffffffff9c, 0x0, 0x200, 0x0) read$auto_tracing_thresh_fops_trace(r1, 0x0, 0x0) r2 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = fcntl$auto_F_UNLCK(r0, 0x0, 0x2) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="0000a704000000", @ANYRES16=r2, @ANYBLOB="00042abd7040fddbdf250700000008003f00186500000400440108002600360a00000500a30004000000"], 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x0) sysfs$auto(0x2, 0x23, 0x0) r4 = fsopen$auto(0x0, 0x1) fsconfig$auto(r4, 0x8, 0x0, 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(0xffffffffffffffff, 0xc1004111, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/personality\x00', 0x8002, 0x0) prctl$auto_PR_GET_TSC(0x19, 0xa, 0x0, 0x0, 0xd) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) socket(0x10, 0x2, 0xc) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) r6 = socket(0x10, 0x2, 0xc) r7 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x24, r7, 0x10, 0x70bd2c, 0x25dfdbfa, {0xa, 0x0, 0xa00}, [@CTRL_ATTR_FAMILY_NAME={0x0, 0x2, '%/\x00\xe2\xa8\\A\xe7Z\x02q[\xcb\xc0\xb0N\\\xdc\xdf(\xff\xfee\xc3\x17py\x9f\xda\xb88\xaa\xf6q*\x82\xe6(\xc9\xe6B\x9aJ82\v-i(c\x92{\xd7D\xb4\xf7\xb4\t\xb2\x98b\xd3%vu\xd4\xfd\t\xd7J\x83\x19)\xb1\x00[\xdd(\xef?\xc5\xae(\x84\xefjx\xfe\xdb\xeb\xbceaAw\x1eW\x12Bh\xc3y2\xc9\x0e\xc9\x99#\x92j\x97\xbbDOi\x03\xa4\x11\x02F0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x28, r4, 0x1, 0x70bd2a, 0x25dfdbfe, {}, [@ETHTOOL_A_COALESCE_RX_USECS_LOW={0x8, 0xe, 0x5}, @ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x4000040) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="13002cbd7040450e531c87abd4f908000300", @ANYRES32=r8, @ANYBLOB="0800610002000000080062"], 0x2c}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'macvlan1\x00'}) r9 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a000006000700008000000800020085b628bbf01dbaecb11956a10860999d1502aa5705bbf8352bdef4b54931a2a730a34a9fd0466ef8ee79", @ANYRES32=r10, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r10, @ANYRES16=r4], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syzkaller1\x00'}) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="01010000", @ANYRES16=r1, @ANYBLOB="04002dbd7000f9dbdf2501000fff060002003f00000005000d00ce00000000000e00ee00000008000a000c00000014001f00ff01000000000000000000000000000108001100ff010000"], 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x404c800) sendmsg$auto_ETHTOOL_MSG_STATS_GET(r0, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000280)={&(0x7f0000000680)={0x400, r4, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@ETHTOOL_A_STATS_SRC={0x8, 0x5, 0x8}, @ETHTOOL_A_STATS_GROUPS={0x34, 0x3, 0x0, 0x1, [@typed={0x8, 0x65, 0x0, 0x0, @fd=r7}, @typed={0x4, 0xcc}, @generic="196dcb0b41155af775e3a32d900b8090bd0124d6fe2ffabb8977f815136a938f0e21925a"]}, @ETHTOOL_A_STATS_HEADER={0xc, 0x2, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_STATS_GROUPS={0x3a3, 0x3, 0x0, 0x1, [@typed={0xc, 0xa1, 0x0, 0x0, @u64=0x8}, @nested={0x83, 0xcf, 0x0, 0x1, [@generic="6d8a79ef1964acb02afef0bd6b9b656c5f893fe3f573121c064bf1c90072e63f9dea6b9909f510af5cb25f62422ea8b0fdfba8739e9b51a06ff3580fc61d01eeaee5873593f9b289ba9f787601c1a1a4a7008b0a0324fcc13a7822e0dba392f3d84a634838c78eba63b72f36560703a940f2a438be7c8e9de903ff7ceff4dd"]}, @generic="022cb852d265bddf1b526053ea373167799390094649ca88b178", @typed={0x100, 0xe3, 0x0, 0x0, @binary="c98065c89fc11a97ee7ae1ea30f8d81f8af8202d40d1d5f9dab1c0131c4f42aa746a1c73e1e0f445761de5803dff1f9151a27aa0ebd79e2ff20b6f36948c44f9c91bb3750b62f9a30450f8ec031bed29efe970aa0c075052bca623dbdfe1e8204749c15891da5b740955316753b9e0db25881686b50be7650114b42567e58ede031d3d4459e2a0c4e8eac5f88d550793e5784880436aa16218213fc5f1b4152e3a61abf4995428ab13e5d16eea894c726ea0ecb4e5cbb17e271eb72c19c7914e9fd8032ae6cca30c7dc9c05df03695d1819dec8f4da62a7a3180d2d744ff3a77c8b5bd4cce7c5a257c5b889fc5cf31a0ee66085a97a8e2023de8b7d2"}, @generic="65889b62eb7f944f8f3a96038bd6c3489360be8b3255b64bd2cac63e63e2eca5aadf92b227ed43fecb2d", @typed={0x4, 0x1b}, @nested={0xc7, 0xe6, 0x0, 0x1, [@generic="811a90c8eee11538e73f92d3e2bd670b9c4ccc4e230640fbfff18fbceb11e67bd45268d48cf873801452f604421d80878b32ceb90fd90c15a718338697144c437cbc7858230c3b04e3efb14cc90353e7d8fcdc78fbc165c0a4fbb64239d6cc78c1e7752de232da55bacf366d896e8c57c40fd05ea8f5e8d7da0076f4c9c025914325021ee2c80435df76ed957fd5991c2d2573bd5279c37a329ae838c145c5cbd2f0c53053c55879b663a3d3040f53d7061527183bd1f342920d09e5a2ab07fefe222f"]}, @typed={0x8, 0x7b, 0x0, 0x0, @u32=0x412}, @generic="49afe35435d6c9422e57bf8f316fc914cc2a19fc519d939c06acaa65bfcb384976ea93561021306f9cafc83055f8231b5e064eba3a86a4b0ebaa959eb0df54ee79abe2ec867cc5264391381c2c326191e4ec983be86eb817366cde9d8834d6f888939e6c0b70cdd9a02bae8f48040a25c70758b2b351049c1dd557b859fb13456d08a4dfc400f86625b14e314e07be928b93739b9cc65615027a2317126011c9fd78e1882b63893f841a71ee61b682db2ec13945688ce7adc0cb217223d0d03644bd83e226b3c9c4e65e3cc2b3de52d9235de70a97e27a4582ffba25abfdf8fcaf2338a97400b065ae3f932f47f3d49720d226b52a3cf7"]}]}, 0x400}, 0x1, 0x0, 0x0, 0x884}, 0x0) 20.298686045s ago: executing program 1 (id=2552): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) prctl$auto_PR_GET_PDEATHSIG(0x2, 0x7, 0xffffffffffffffff, 0x1, 0x7) setsockopt$auto_SO_SNDBUF(r0, 0xc7b, 0x7, &(0x7f0000000140)='{]\x00', 0x10) ioctl$auto(r0, 0x3b89, 0x38) r1 = openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0) pwrite64$auto(r1, 0x0, 0x400000, 0xc) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x2, 0x801, 0x84) r3 = open_tree$auto(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x9) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000180)={0x8, "11dd52827ca5d6cb117de1d0641f3d2faf33f7010b37338a4dcd470bff8389f3", @inferred=r2}) socket(0x3, 0x4, 0xf) close_range$auto(0x2, 0xa, 0x0) fanotify_init$auto(0x6, 0x1) fsopen$auto(0x0, 0x1) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2c9dca26347b287dc4e2b13f164747000000", @ANYRES16=r5, @ANYBLOB="e5b724bd7000fcdbdd251900000018000180140002006d616376746170300000000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x4010}, 0x4048800) 20.132093342s ago: executing program 1 (id=2553): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, 0x0, 0x511200, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x581d40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) ioctl$auto_I2C_FUNCS(r0, 0x705, &(0x7f00000000c0)) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/ip6gre0/carrier_up_count\x00', 0x381002, 0x0) sendfile$auto(r2, r2, 0x0, 0x7) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) setsockopt$auto(0xffffffffffffffff, 0x110, 0x4, 0x0, 0xfff) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x4) ioctl$auto_FIDEDUPERANGE(r3, 0xc0189436, 0x8000) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r6, r5, 0x4, 0x1ff, 0xffffffffffffffff, @relative_id=0x13, 0xe600}, 0xf) sysfs$auto(0x2, 0x11, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000004ec0)='/dev/snd/pcmC0D0p\x00', 0x2, 0x0) r7 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/conf/sit0/arp_evict_nocarrier\x00', 0x6a0002, 0x0) write$auto(r7, &(0x7f0000005900)='\x00', 0x6) 19.819369681s ago: executing program 0 (id=2554): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, 0x0, 0x511200, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x581d40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) ioctl$auto_I2C_FUNCS(r0, 0x705, &(0x7f00000000c0)) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/mm/hugepages/hugepages-1048576kB/demote_size\x00', 0x102, 0x0) fsconfig$auto_JFFS2_COMPR_MODE_FORCELZO(r1, 0x89, &(0x7f0000000180)='-#\x00', &(0x7f0000000200)="57a1ce97f6d7c141aecd15cb0ff3922eb140bebfb2850f4c4da2014cc6628c18e22d995781f4d0b1272e8c7010159c06", 0x4) sendfile$auto(r2, r2, 0x0, 0x7) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) setsockopt$auto(0xffffffffffffffff, 0x110, 0x4, 0x0, 0xfff) r4 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r4, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) writev$auto(r4, &(0x7f0000000040)={0x0, 0xffffffeffffff474}, 0x4) ioctl$auto_FIDEDUPERANGE(r3, 0xc0189436, 0x8000) bpf$auto_BPF_MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)=@bpf_attr_11={0x3, 0x6, 0x100, 0x8, 0x2, 0x2, 0x1ff, r0}, 0x10000) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) r7 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r6, r5, 0x4, 0x1ff, 0xffffffffffffffff, @relative_id=0x13, 0xe600}, 0xf) sysfs$auto(0x2, 0x11, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000004ec0)='/dev/snd/pcmC0D0p\x00', 0x2, 0x0) r10 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/conf/sit0/arp_evict_nocarrier\x00', 0x6a0002, 0x0) r11 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000400), r5) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000440)={'vxcan1\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'geneve1\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f00000004c0)={'veth1_to_team\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_WOL_GET(r5, &(0x7f0000000740)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000700)={&(0x7f0000000500)={0x1e8, r11, 0x1000, 0x70bd25, 0x25dfdbfd, {}, [@ETHTOOL_A_WOL_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}, @ETHTOOL_A_WOL_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}]}, @ETHTOOL_A_WOL_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}]}, @ETHTOOL_A_WOL_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x470d}]}, @ETHTOOL_A_WOL_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}]}, @ETHTOOL_A_WOL_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}]}, @ETHTOOL_A_WOL_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}]}, @ETHTOOL_A_WOL_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}]}, @ETHTOOL_A_WOL_HEADER={0xb4, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x50d3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}]}, 0x1e8}, 0x1, 0x0, 0x0, 0x4000}, 0x44080) write$auto(r10, &(0x7f0000005900)='\x00', 0x6) 19.72126895s ago: executing program 0 (id=2555): syz_clone3(&(0x7f0000000100)={0x10040000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0, 0x44}, 0x58) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) preadv$auto(0x40000000000003, 0x0, 0x6, 0x5ff4, 0x1) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, 0x0, 0x280e40, 0x0) write$auto(0x3, 0x0, 0x7fffffff) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, 0x0, 0x400c080) 18.773223014s ago: executing program 0 (id=2560): r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/scsi/sg/debug\x00', 0x100, 0x0) pread64$auto(r0, 0x0, 0x80000006, 0x7) r1 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) read$auto(r1, 0x0, 0xa) write$auto(r1, 0x0, 0x81) 18.687366868s ago: executing program 0 (id=2561): r0 = openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0) pwrite64$auto(r0, 0x0, 0x10200000000, 0xc) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2, 0x801, 0x84) r2 = open_tree$auto(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x9) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000180)={0x8, "11dd52827ca5d6cb117de1d0641f3d2faf33f7010b37338a4dcd470bff8389f3", @inferred=r1}) r3 = socket(0x15, 0x3, 0x10) close_range$auto(r3, r3, 0xfffffffc) fanotify_init$auto(0x200006, 0x10001) fsopen$auto(0x0, 0x1) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) tee$auto(r4, r4, 0x6, 0x0) unshare$auto(0x5) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r2) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x20c741, 0x0) prctl$auto(0x1000003e, 0x7, 0xffffffffffffffff, 0x1, 0x0) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0xffffffffffffffff, 0x0, 0x8000000000000001) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/auth.unix.ip/flush\x00', 0x40d81, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x2100, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x40800) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_memtype_fops_memtype(0xffffffffffffff9c, &(0x7f0000000000), 0xa8680, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x40b6, 0x2) 18.412741505s ago: executing program 0 (id=2563): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, 0x0, 0x511200, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x581d40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) ioctl$auto_I2C_FUNCS(r0, 0x705, &(0x7f00000000c0)) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/mm/hugepages/hugepages-1048576kB/demote_size\x00', 0x102, 0x0) sendfile$auto(r2, r2, 0x0, 0x7) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/trace_clock\x00', 0x404080, 0x0) write$auto_trace_clock_fops_trace(r4, &(0x7f00000002c0)="a64d6340462af0b8dd18370124a3a1ecb922608201c32586538941ec98dab47f99c6269519b26a1dae669c83b2fe8dd44f32282059558b600ab6ff9b4ce269d45b3866fdfa8aee50d59177613ff0098a23cb18b316b7a036a8b60c4fd56f4567103320d02e0821559c34668474032d426b9fdd31e8b9ef73904935ca8e665f76f2970c52a4c1493d633ebabd398c6390803b4010ec14911b5f887881e0ba7e1a5a2236d9ae2b3d05e9ad3ea167c4ebe4fc524605827a68d9c9991a4fcbdad66738fce507645b29c1f8a6c03921283fe19d067626df13f1e86daa1785211ffb0df5de230f926a49cb8ea1d25295e934eb6da13a6decbaa4e7214b6a22238ac6269abead5416fe44f0061cd036aa24c1413d685d7bf29a6a2b27adb3f07f0463e255cfcbfcf39993397b769f3e0d221fed1cc3bb3eccca8442800862812a343c8f5f79ea9b4a10c4b2f64b6e696ef4cb140a7f7af4343667d770fd413c47eb4038ded655661d037338fde3ea118c14dea2e1b4dc6ced6f88bef661362006884aa027f71608378994b9b9fb3d7666caccbf1aade4ca2b2987e72396cc6b0903fda999e70356afd5f6e59b967bba2df149bd6a7929106f93b75ccf674bd50f321cd9051edef2ef99c5825139649b71caaff338a1393fed6a7935970bdada73c4b3f9243b42edcdb7f4b089b0d1db2ffded66e17e9b5cedf9c928070f8369773aec82ea4990c8790c44d47f30b8c2bff0b0c260c650fd77423f84cf61f1658bb4ddfb9b97adbd740c803b1712849c628dc4d1150870faf09c86f8b2dc6be1efcf0bd0a72254b3ef56e63a3e35534af3f7e7d2a5514ee9ae8d42ffc302696e0e3d3272616dc0c01f24ee44f0a8ff66dfe8d7fa5a3e58572a438ac6c23ecf83eb409378690849f51f588d362593e4e91f945d9ad350186f5dc2ea9f6fb8968958d09e28f780aadf541a795d789af80b5b128e2074b19b1a0d4f0c9f9ca8e5502973595af18b4a581991e8549136ecbfd93d758779e24fc6abdf0c56cc8704f302d041a18b45f4de0136a8dc7452c91366d7553434654c2e015fd254390131b296ad174889175849872bffb2d546b0ea2e631ee9d4314e1243e2e50d6e9a80849c9657e9be45cdb558a003372a909b138dcb957b0112be8dd065f4ede62e97a6bb5d9ab9af391703643a671499852f01ca23ba7872e28f416e933e0785a85876d5b91e819052a665e8f37e491b94381492d07e6fdbbee9b35b8a4f15f1a3997e6b43ca2dca263b4bf0bd7c063c617ddca50a2db03b244616bfa49a0d3e87140e1e5c24bd14bdeb62802275e1ebdd22057e24e4a9a87275df15bbf2e95abad63ff79c4a6cf6ca18b81e8188098386b9716408163a0ecdf837c7a14fdfb5c857f24824de9c7f8feb86504098c6510afd6abecf905b4f6f0f1f07881dcb7341bdd2176480ef1b38bbfb04f8446eeab4bb5fa3e06b81c1b328c7dc3f88ce1a211cc01c4b3d2407b3233eab08643747d336f14f4b89908af885ba1fd1d69b42046a0fd841c4bab743ff8b44c5157d9db70ac6a3a9c47c384b9505fd2d626f241cefa63bb7a5a5c202aa084db268be383e6a1867857c7e47e04f1da727774dab0dfac4c870cb1a06897c5dbfdcc56728763ffb0b2f14df353b202be777b62ee3a7426cabb1dad5d28fd7356ca5ded94392d20806052ec90e62a79af0c32139e4544c3042b09645166833950304ffe2925921b527cf97a5aa4f2143fba8474a48530aa4b2f8807f4258c3179054d774739ab17687a6beb1ec97ff49493bdf077ee794553b5cf887dcfa4e643a80e695656b4d18e4a584f5a1b652c94b1098e016cf05e5d3fc3a5d0d0b0b4158c594190506e1f5fe91d2b606577ace1db85e31be4cc639c190ed14d67ed786f1c7ae4bed0b18d1e62e75f91f037201eb17194f7fcf6aa074baf14d9390951d30fce038b5d5071d0a5aa07ad61015eeea33c0d758b8c206aebe6e3ac41595a8beab5fa2dd4720888f5eebcc2cc4164cc2b3c9ac95c01cfa58a6e8c4194c3e84654f8c4fb412a90c90662a4cb761d046c9abad64819c09a7c22586be1cb5c7908d6e0d3ccd1c68de01c1207103001b8e1f531af1852bd88cf9f1fd61cbe69a120077af83acc52fb0aedfa9bca3886e82bb2b6216fc87a9cfd2ab63d26fd8fa7f6bbe1ccae5a0ed127a1f05a0fa52d9631f2c6a40503baa44b52f127bbfb96f714ad31a1c67cf406aede936482b0543d3e2a8a549e15cf92919dc2e5246f1ddca0eb67fb03bbbb7840852eb3c84e59edf0f0e92218caadd3035661d9132daff77fa2f8503043b2e0e80e03cb201bb58725db8cbfb59d1962468477ea72df94fc1f64f6a08aa8fa91152384ef93349d0b5799547a1a74856f9c95418a3102b505a11d83167649f87bfa41c222110af523bb2c8bfb16ca4b9e4c3350cec4f626a1ef83169e5a3ecb4702c3ea4ce9e6cd36fb805bbb849c7e1314fccdb26fa805eda6ae5ba4267c526e4bb0dd1329ceb11828ab7a6922bee32db6189b57b4b7bbddb289a04a6a9ce8fafd5007472351772ea428cf7011f31d12fc310641c092de7dc681f0efd9a71f1d2144dd5bccbe1fc6a1a911e626f7273f2636d6979a1ee1cd328ba1c18e493d280cfd78e1bea453a2606eebdfd97cf11f2e101d9c836d24ad860f5a4f88cd9c3c2d5ba5bbe4885a44a8792109bd20920020aba3e49be0cfdb038f1d2d0013ac794b53bfe85ffa7c86c795581295471c86ba13f4c24780acfc27c27e134adbf193c273f4e38a6822c3c722a28b037ce40fb7a956ab6b1a5cc83389300748674c2c33e64b0e2fd64505551b808c29d66f3632e9b7868e43314921b17a799006a4f718f3b9908eb10cd218e3491500284c07f8ba4d2eb7fdb7077d216065ba4d4fbc2428bd66cdd1cc18687d5ff8542b27651d55cbe9127fda7ff584fc9c51e8810d3f0e382681d25bc06308211942872fdebc411afa0a366f4fde2c915ca289e2222d20c290c011071d8fe8ad019a08d62a52b33aafdf3e5c4a6e523b9a39e85e28c11e7a1d41b0f366a05cb36f434371e79f2e7351b78b8f6ee1ea2ae786b12740deb4103694f01dfdf58dd3bb32cfa64e071e48e4576dc72d723f805bce50bf6d1bd8d7cd00a17eaded00f496ddf8bef4ea345d18013a6fa276bf72d2ceb65dcc0dcb6486b7209182a3c038e5a461c982b0bbd0cdddc4c2547a5bcc1b3524777469b7d95acb1b5e88e2762b94ee1566419c6a8dea9333c6bdef9c09cf5f08a44649cadc5e29ad217234091c773ff5db9bff84e7725cf483abab8f0bba272f722a390792b5cfdfb6d5f051408138dffb9609fcc0a7ce87b0026ebeac579594f56b9f996444c8cb4e87eb4885b41b95a7a84ac88877588bfeb9a73023179e8303d38a5a0a5e01465cf0733dd24d8d470b4a59c7504ab0102ec9e8914c8d066260a33c7c7a400fd742310803d051deadf05d77b54bba4586bd4079975f61f46ff7a34b8ffff798ab10378c5e0f69d8cf7fed7d29756b3a354f04ad47507d647a34ec508ff041a06b7f182b97c9300360c68e77b1a0007786fba501c0ed38f950db14e670a420b85a4b99f9c26e515241ab31986e8a20db7817765b50897660efb928c5915e0852c6078dd092270d3c43085befa0764778867554fb640064ee7c221f723a83174891f9d8c72c0b35908665a513e09e20f90118d8877adae087edd71499b38d4f68db59c8e5b7d3bc8fd19cfe15dcb81c427fd2cbb95bbe40015b51dbd0f82f565924945726f7288732c5e8212946431cdddbc652856fda24261e543a5891fde21d0bd091c219ba9f1426411ce4576684766f17105da96082dbc0d01d8e3a561bcb4c944d2926a8e96ada9a5a66763fcf25e4f58e99c7f8495226f830fbf736b72c2d9bef5150a6a3b0e661d40ad3e1a7cd2fca60f2468f5ff12aa1953297e834f08574f122e58c2008af9ee2232f54fb9e8f77bdc98a2e3cb211aeb71a702b9ad25a1604875ff7677f2fe4a35d12a95f32b2687e4d5374e5c39a0f162754272d781a1929152459b4c6b80ed2db430860dc0af664348347305a080acf5cfd4b594c5799fb4eb30fb905ee2f637f17ae20832f894964ff8722b52427e6b8f23ae1c963e206c4c5d2ee45ece74150c87a7c4adcd03fd632a14fa6b4e01128cbfc12fc84b1c6a3d5f1030421a45e372939bc69cd0e4f507e6140341991d0a658ac2f5fc4f70268e36d7c1883792ae616a1ae97ba063b7d5c3e477c6eae14b470d4311572e578bc6c0585906d7142085c31e6c74af78480adddad0621899e408523f17f1f50d274d2986e0de188195a8e423dcbbdd5fe98824780800052ea721316eda6bec7041bc8f4070c21ff1be08feb55c0215eb35bd7cd5be1b40c45234d6449caa1da8416169378569a1886c7c754aea463bf1ae9f26d4315a1cce5437f73b0bb17a4e03692e499820549a32dd71e26c153ddf55bd82970a8bf16e504cd1ff0e69abd69eb8bfcb365cd8007872f49b3783eb8ed7ad52ab16a67fc698be3dfc31e44a5976be17841d61c5a0401b6ecf524055d39317eb688e0db363e11c4689297c395f407242af121c107b7bd6e64ee9f2280a05e17236ec77a5f5a13056cfad32c113d3295d3710d549fc76af78db21cdbd56ae896903b93e4a7d9d3f63e4ef2a7ecc99e4b3cf1d3473e7df5a719aa60962fbe7bd555743ede0f1653a09a1d7a6ffb0f15317bb25b2a6ab960a1e24cd2ac3d50dc0412463df462fb13274707836c10b003f27b8e324388172914f521798502ccdaa56684a2f82f5b1ea00c55342964e200662265f2b483f014987b023032d56e6a64df96bb20bc54235961f070d7686545434fa8909d527407ae2c42b35f190acd6071c05d74d3a75bbe5cb1cd8157de01c499f169693ac7bc8444bbde14b8ea1aa321c249e0dbb6f14d00295cce00abec4137bc67104ea545bfe4ebc2210cfae38e56e01549b7c0b9f8402e428139557620f5694bbebbb0129d81b7d7a36bf76fe3e58a25fd75b883571a7a36cea28940d999945d3842def31db2a81bf0e73d380f8b610b7527d4c691d6696f57988891d9417df7b7f8e52d055f21d780ab785b4388e820f94f1f2a34e2f7bfb814f9cce189a2b3bf466b47451e1e528ae0915de1af81afcbe1d89c4d067430da5777af631364663b1179d950edc8030a17fd7457e6a276459ef6132b8611b0f746e1375e6bdbb8aa4cace40eaf3211df9ab43d12af215cacd285b16bf7e6f48de32f1150d8c85a75fb9b7eb05d01258cac41d06f17afa3365e7e4720350fd372f4ef8cff4ca3c79384098e1f73d18d2ab36c8415b1e07b8df5437265b0db868f9af876e041bcad95513ef003abb86d0b6ea42aa0d26fc1482847a3f260affc8d3ac7e8e825bb968001776f605c3e8f9407d407f7528a6f837654936ba05a6bb1f4ee6162f0bd32033cd5432b80659bf007e6afc53818e857021bea8a00225de8bdde0e2ec4964cb0b0aa16b7e6ffd39522fd805d1d2d875b892a61859400b63f448edc9ad372d8ee39d77fb5e7670a6088d35cf4d742427541751a636e58380e192d3ee00a31dcd10effa7f56868cdfe4812f549a4a9d02b955fc42b16329e228faeb6b890e164e4b3fbaab68d617c075abdd487e58bc089c11a4b7b05813a8a6eaca7f2d50a5437366316b2227532a8d16f545c85f7d483e7a752f01fe4b8e58008bfc3be527dcdf20ce19ea8642a9f8a5858f8b0af31814cacfd5cb56939c4d97078b4924bd90c1fd4cbe8ae3eb", 0x1000) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) setsockopt$auto(0xffffffffffffffff, 0x110, 0x4, 0x0, 0xfff) writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x4) ioctl$auto_FIDEDUPERANGE(r3, 0xc0189436, 0x8000) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r7, r6, 0x4, 0x1ff, 0xffffffffffffffff, @relative_id=0x13, 0xe600}, 0xf) sysfs$auto(0x2, 0x11, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000004ec0)='/dev/snd/pcmC0D0p\x00', 0x2, 0x0) r8 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/conf/sit0/arp_evict_nocarrier\x00', 0x6a0002, 0x0) write$auto(r8, &(0x7f0000005900)='\x00', 0x6) 4.217360527s ago: executing program 32 (id=2553): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, 0x0, 0x511200, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x581d40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) ioctl$auto_I2C_FUNCS(r0, 0x705, &(0x7f00000000c0)) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/ip6gre0/carrier_up_count\x00', 0x381002, 0x0) sendfile$auto(r2, r2, 0x0, 0x7) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) setsockopt$auto(0xffffffffffffffff, 0x110, 0x4, 0x0, 0xfff) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x4) ioctl$auto_FIDEDUPERANGE(r3, 0xc0189436, 0x8000) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r6, r5, 0x4, 0x1ff, 0xffffffffffffffff, @relative_id=0x13, 0xe600}, 0xf) sysfs$auto(0x2, 0x11, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000004ec0)='/dev/snd/pcmC0D0p\x00', 0x2, 0x0) r7 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/conf/sit0/arp_evict_nocarrier\x00', 0x6a0002, 0x0) write$auto(r7, &(0x7f0000005900)='\x00', 0x6) 3.095687637s ago: executing program 33 (id=2563): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, 0x0, 0x511200, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x581d40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) ioctl$auto_I2C_FUNCS(r0, 0x705, &(0x7f00000000c0)) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/mm/hugepages/hugepages-1048576kB/demote_size\x00', 0x102, 0x0) sendfile$auto(r2, r2, 0x0, 0x7) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/trace_clock\x00', 0x404080, 0x0) write$auto_trace_clock_fops_trace(r4, &(0x7f00000002c0)="a64d6340462af0b8dd18370124a3a1ecb922608201c32586538941ec98dab47f99c6269519b26a1dae669c83b2fe8dd44f32282059558b600ab6ff9b4ce269d45b3866fdfa8aee50d59177613ff0098a23cb18b316b7a036a8b60c4fd56f4567103320d02e0821559c34668474032d426b9fdd31e8b9ef73904935ca8e665f76f2970c52a4c1493d633ebabd398c6390803b4010ec14911b5f887881e0ba7e1a5a2236d9ae2b3d05e9ad3ea167c4ebe4fc524605827a68d9c9991a4fcbdad66738fce507645b29c1f8a6c03921283fe19d067626df13f1e86daa1785211ffb0df5de230f926a49cb8ea1d25295e934eb6da13a6decbaa4e7214b6a22238ac6269abead5416fe44f0061cd036aa24c1413d685d7bf29a6a2b27adb3f07f0463e255cfcbfcf39993397b769f3e0d221fed1cc3bb3eccca8442800862812a343c8f5f79ea9b4a10c4b2f64b6e696ef4cb140a7f7af4343667d770fd413c47eb4038ded655661d037338fde3ea118c14dea2e1b4dc6ced6f88bef661362006884aa027f71608378994b9b9fb3d7666caccbf1aade4ca2b2987e72396cc6b0903fda999e70356afd5f6e59b967bba2df149bd6a7929106f93b75ccf674bd50f321cd9051edef2ef99c5825139649b71caaff338a1393fed6a7935970bdada73c4b3f9243b42edcdb7f4b089b0d1db2ffded66e17e9b5cedf9c928070f8369773aec82ea4990c8790c44d47f30b8c2bff0b0c260c650fd77423f84cf61f1658bb4ddfb9b97adbd740c803b1712849c628dc4d1150870faf09c86f8b2dc6be1efcf0bd0a72254b3ef56e63a3e35534af3f7e7d2a5514ee9ae8d42ffc302696e0e3d3272616dc0c01f24ee44f0a8ff66dfe8d7fa5a3e58572a438ac6c23ecf83eb409378690849f51f588d362593e4e91f945d9ad350186f5dc2ea9f6fb8968958d09e28f780aadf541a795d789af80b5b128e2074b19b1a0d4f0c9f9ca8e5502973595af18b4a581991e8549136ecbfd93d758779e24fc6abdf0c56cc8704f302d041a18b45f4de0136a8dc7452c91366d7553434654c2e015fd254390131b296ad174889175849872bffb2d546b0ea2e631ee9d4314e1243e2e50d6e9a80849c9657e9be45cdb558a003372a909b138dcb957b0112be8dd065f4ede62e97a6bb5d9ab9af391703643a671499852f01ca23ba7872e28f416e933e0785a85876d5b91e819052a665e8f37e491b94381492d07e6fdbbee9b35b8a4f15f1a3997e6b43ca2dca263b4bf0bd7c063c617ddca50a2db03b244616bfa49a0d3e87140e1e5c24bd14bdeb62802275e1ebdd22057e24e4a9a87275df15bbf2e95abad63ff79c4a6cf6ca18b81e8188098386b9716408163a0ecdf837c7a14fdfb5c857f24824de9c7f8feb86504098c6510afd6abecf905b4f6f0f1f07881dcb7341bdd2176480ef1b38bbfb04f8446eeab4bb5fa3e06b81c1b328c7dc3f88ce1a211cc01c4b3d2407b3233eab08643747d336f14f4b89908af885ba1fd1d69b42046a0fd841c4bab743ff8b44c5157d9db70ac6a3a9c47c384b9505fd2d626f241cefa63bb7a5a5c202aa084db268be383e6a1867857c7e47e04f1da727774dab0dfac4c870cb1a06897c5dbfdcc56728763ffb0b2f14df353b202be777b62ee3a7426cabb1dad5d28fd7356ca5ded94392d20806052ec90e62a79af0c32139e4544c3042b09645166833950304ffe2925921b527cf97a5aa4f2143fba8474a48530aa4b2f8807f4258c3179054d774739ab17687a6beb1ec97ff49493bdf077ee794553b5cf887dcfa4e643a80e695656b4d18e4a584f5a1b652c94b1098e016cf05e5d3fc3a5d0d0b0b4158c594190506e1f5fe91d2b606577ace1db85e31be4cc639c190ed14d67ed786f1c7ae4bed0b18d1e62e75f91f037201eb17194f7fcf6aa074baf14d9390951d30fce038b5d5071d0a5aa07ad61015eeea33c0d758b8c206aebe6e3ac41595a8beab5fa2dd4720888f5eebcc2cc4164cc2b3c9ac95c01cfa58a6e8c4194c3e84654f8c4fb412a90c90662a4cb761d046c9abad64819c09a7c22586be1cb5c7908d6e0d3ccd1c68de01c1207103001b8e1f531af1852bd88cf9f1fd61cbe69a120077af83acc52fb0aedfa9bca3886e82bb2b6216fc87a9cfd2ab63d26fd8fa7f6bbe1ccae5a0ed127a1f05a0fa52d9631f2c6a40503baa44b52f127bbfb96f714ad31a1c67cf406aede936482b0543d3e2a8a549e15cf92919dc2e5246f1ddca0eb67fb03bbbb7840852eb3c84e59edf0f0e92218caadd3035661d9132daff77fa2f8503043b2e0e80e03cb201bb58725db8cbfb59d1962468477ea72df94fc1f64f6a08aa8fa91152384ef93349d0b5799547a1a74856f9c95418a3102b505a11d83167649f87bfa41c222110af523bb2c8bfb16ca4b9e4c3350cec4f626a1ef83169e5a3ecb4702c3ea4ce9e6cd36fb805bbb849c7e1314fccdb26fa805eda6ae5ba4267c526e4bb0dd1329ceb11828ab7a6922bee32db6189b57b4b7bbddb289a04a6a9ce8fafd5007472351772ea428cf7011f31d12fc310641c092de7dc681f0efd9a71f1d2144dd5bccbe1fc6a1a911e626f7273f2636d6979a1ee1cd328ba1c18e493d280cfd78e1bea453a2606eebdfd97cf11f2e101d9c836d24ad860f5a4f88cd9c3c2d5ba5bbe4885a44a8792109bd20920020aba3e49be0cfdb038f1d2d0013ac794b53bfe85ffa7c86c795581295471c86ba13f4c24780acfc27c27e134adbf193c273f4e38a6822c3c722a28b037ce40fb7a956ab6b1a5cc83389300748674c2c33e64b0e2fd64505551b808c29d66f3632e9b7868e43314921b17a799006a4f718f3b9908eb10cd218e3491500284c07f8ba4d2eb7fdb7077d216065ba4d4fbc2428bd66cdd1cc18687d5ff8542b27651d55cbe9127fda7ff584fc9c51e8810d3f0e382681d25bc06308211942872fdebc411afa0a366f4fde2c915ca289e2222d20c290c011071d8fe8ad019a08d62a52b33aafdf3e5c4a6e523b9a39e85e28c11e7a1d41b0f366a05cb36f434371e79f2e7351b78b8f6ee1ea2ae786b12740deb4103694f01dfdf58dd3bb32cfa64e071e48e4576dc72d723f805bce50bf6d1bd8d7cd00a17eaded00f496ddf8bef4ea345d18013a6fa276bf72d2ceb65dcc0dcb6486b7209182a3c038e5a461c982b0bbd0cdddc4c2547a5bcc1b3524777469b7d95acb1b5e88e2762b94ee1566419c6a8dea9333c6bdef9c09cf5f08a44649cadc5e29ad217234091c773ff5db9bff84e7725cf483abab8f0bba272f722a390792b5cfdfb6d5f051408138dffb9609fcc0a7ce87b0026ebeac579594f56b9f996444c8cb4e87eb4885b41b95a7a84ac88877588bfeb9a73023179e8303d38a5a0a5e01465cf0733dd24d8d470b4a59c7504ab0102ec9e8914c8d066260a33c7c7a400fd742310803d051deadf05d77b54bba4586bd4079975f61f46ff7a34b8ffff798ab10378c5e0f69d8cf7fed7d29756b3a354f04ad47507d647a34ec508ff041a06b7f182b97c9300360c68e77b1a0007786fba501c0ed38f950db14e670a420b85a4b99f9c26e515241ab31986e8a20db7817765b50897660efb928c5915e0852c6078dd092270d3c43085befa0764778867554fb640064ee7c221f723a83174891f9d8c72c0b35908665a513e09e20f90118d8877adae087edd71499b38d4f68db59c8e5b7d3bc8fd19cfe15dcb81c427fd2cbb95bbe40015b51dbd0f82f565924945726f7288732c5e8212946431cdddbc652856fda24261e543a5891fde21d0bd091c219ba9f1426411ce4576684766f17105da96082dbc0d01d8e3a561bcb4c944d2926a8e96ada9a5a66763fcf25e4f58e99c7f8495226f830fbf736b72c2d9bef5150a6a3b0e661d40ad3e1a7cd2fca60f2468f5ff12aa1953297e834f08574f122e58c2008af9ee2232f54fb9e8f77bdc98a2e3cb211aeb71a702b9ad25a1604875ff7677f2fe4a35d12a95f32b2687e4d5374e5c39a0f162754272d781a1929152459b4c6b80ed2db430860dc0af664348347305a080acf5cfd4b594c5799fb4eb30fb905ee2f637f17ae20832f894964ff8722b52427e6b8f23ae1c963e206c4c5d2ee45ece74150c87a7c4adcd03fd632a14fa6b4e01128cbfc12fc84b1c6a3d5f1030421a45e372939bc69cd0e4f507e6140341991d0a658ac2f5fc4f70268e36d7c1883792ae616a1ae97ba063b7d5c3e477c6eae14b470d4311572e578bc6c0585906d7142085c31e6c74af78480adddad0621899e408523f17f1f50d274d2986e0de188195a8e423dcbbdd5fe98824780800052ea721316eda6bec7041bc8f4070c21ff1be08feb55c0215eb35bd7cd5be1b40c45234d6449caa1da8416169378569a1886c7c754aea463bf1ae9f26d4315a1cce5437f73b0bb17a4e03692e499820549a32dd71e26c153ddf55bd82970a8bf16e504cd1ff0e69abd69eb8bfcb365cd8007872f49b3783eb8ed7ad52ab16a67fc698be3dfc31e44a5976be17841d61c5a0401b6ecf524055d39317eb688e0db363e11c4689297c395f407242af121c107b7bd6e64ee9f2280a05e17236ec77a5f5a13056cfad32c113d3295d3710d549fc76af78db21cdbd56ae896903b93e4a7d9d3f63e4ef2a7ecc99e4b3cf1d3473e7df5a719aa60962fbe7bd555743ede0f1653a09a1d7a6ffb0f15317bb25b2a6ab960a1e24cd2ac3d50dc0412463df462fb13274707836c10b003f27b8e324388172914f521798502ccdaa56684a2f82f5b1ea00c55342964e200662265f2b483f014987b023032d56e6a64df96bb20bc54235961f070d7686545434fa8909d527407ae2c42b35f190acd6071c05d74d3a75bbe5cb1cd8157de01c499f169693ac7bc8444bbde14b8ea1aa321c249e0dbb6f14d00295cce00abec4137bc67104ea545bfe4ebc2210cfae38e56e01549b7c0b9f8402e428139557620f5694bbebbb0129d81b7d7a36bf76fe3e58a25fd75b883571a7a36cea28940d999945d3842def31db2a81bf0e73d380f8b610b7527d4c691d6696f57988891d9417df7b7f8e52d055f21d780ab785b4388e820f94f1f2a34e2f7bfb814f9cce189a2b3bf466b47451e1e528ae0915de1af81afcbe1d89c4d067430da5777af631364663b1179d950edc8030a17fd7457e6a276459ef6132b8611b0f746e1375e6bdbb8aa4cace40eaf3211df9ab43d12af215cacd285b16bf7e6f48de32f1150d8c85a75fb9b7eb05d01258cac41d06f17afa3365e7e4720350fd372f4ef8cff4ca3c79384098e1f73d18d2ab36c8415b1e07b8df5437265b0db868f9af876e041bcad95513ef003abb86d0b6ea42aa0d26fc1482847a3f260affc8d3ac7e8e825bb968001776f605c3e8f9407d407f7528a6f837654936ba05a6bb1f4ee6162f0bd32033cd5432b80659bf007e6afc53818e857021bea8a00225de8bdde0e2ec4964cb0b0aa16b7e6ffd39522fd805d1d2d875b892a61859400b63f448edc9ad372d8ee39d77fb5e7670a6088d35cf4d742427541751a636e58380e192d3ee00a31dcd10effa7f56868cdfe4812f549a4a9d02b955fc42b16329e228faeb6b890e164e4b3fbaab68d617c075abdd487e58bc089c11a4b7b05813a8a6eaca7f2d50a5437366316b2227532a8d16f545c85f7d483e7a752f01fe4b8e58008bfc3be527dcdf20ce19ea8642a9f8a5858f8b0af31814cacfd5cb56939c4d97078b4924bd90c1fd4cbe8ae3eb", 0x1000) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) setsockopt$auto(0xffffffffffffffff, 0x110, 0x4, 0x0, 0xfff) writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x4) ioctl$auto_FIDEDUPERANGE(r3, 0xc0189436, 0x8000) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r7, r6, 0x4, 0x1ff, 0xffffffffffffffff, @relative_id=0x13, 0xe600}, 0xf) sysfs$auto(0x2, 0x11, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000004ec0)='/dev/snd/pcmC0D0p\x00', 0x2, 0x0) r8 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/conf/sit0/arp_evict_nocarrier\x00', 0x6a0002, 0x0) write$auto(r8, &(0x7f0000005900)='\x00', 0x6) 1.018142866s ago: executing program 3 (id=2581): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = prctl$auto(0x5, 0x80000000, 0x0, 0x78, 0x8) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r1, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) syz_clone(0x21000000, 0x0, 0x0, 0x0, 0x0, 0x0) shmdt$auto(&(0x7f0000000000)='(\x00') mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/pci/00/01.3\x00', 0x149041, 0x0) setresuid$auto(0xd, 0x0, 0x221) setrlimit$auto(0x6, &(0x7f0000000140)={0x0, 0x6}) setresuid$auto(0x0, 0x8, 0x8000) writev$auto(r2, &(0x7f0000000200)={0x0, 0x5}, 0xa) getsockopt$auto_SO_REUSEADDR(r0, 0x8000, 0x2, &(0x7f0000000040)='^\x92[\x00', &(0x7f00000000c0)=0x6) openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/failslab/probability\x00', 0x22042, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x20) write$auto(0xffffffffffffffff, 0x0, 0xc) r3 = socket(0x2, 0x1, 0x0) getsockopt$auto(r3, 0x0, 0x62, 0x0, &(0x7f00000000c0)=0x565) write$auto(0xffffffffffffffff, 0x0, 0xffff) getrlimit$auto(0x8, 0x0) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB='<', @ANYRES16=r5, @ANYBLOB="010026bd7000f7dbdf2503000000180001801400020073797a5f74756e0000000000000000000500030000000000aa2db6e05632f9eb"], 0x3c}, 0x1, 0x0, 0x0, 0x4000840}, 0x2000c840) ioctl$auto_BLKZEROOUT(r4, 0x127f, 0x0) socket(0x1e, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 585.406903ms ago: executing program 3 (id=2582): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000f9", @ANYRES16=r0, @ANYBLOB="130026bd7000fcdbdf250200000008000300", @ANYRES32=r2, @ANYBLOB="0c0002000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x4004080}, 0x48000) r3 = socket(0x10, 0x2, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = socket(0x1e, 0x4, 0x0) r7 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000100), r5) r8 = getuid() sendmsg$auto_TIPC_NL_UDP_GET_REMOTEIP(r3, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000001c0)={&(0x7f0000008800)=ANY=[@ANYBLOB="cc310000", @ANYRES16=r7, @ANYBLOB="080a26bd7000ffdbdf2516000000090309800c00e78008009200640101020602bf60393b8e8c11f6cd9517d218fb1332b73000bf0615509cbcfe065420c5a8267e38c3168162b01da5b94d7ecf0e134186aff62b953239185b0eaa5deac2d64935195b895c1a9410cd67f6b3e723b4eda49c1f83d8ad650ffaecdc3f8d2085c1f4a44f5c7f3110806bc714133668fc964068183d21c40bfd007b8014000900fe8000000000000000000000000000aa0800b700", @ANYRES32=r5, @ANYBLOB="5707be7cd8848e7744de2fb3b8bd1dfbcab32ed5616e3e0b305ea367d9c1a760158c9e347046ff09af0a5f8bdb4724075cf1d6f3b30fceabe162bf7d38c2346cdc953da7703957c1acfd0b58c9848d992fd8d3d4ec080400098008003c00", @ANYRES32=r4, @ANYBLOB="7178669e76246d0bc3144878e993b15b24a61a6ce71dc43fc7bc4df85b46f4b8ba3240ea8cda08d05aa5a711f537e936ecf7e5589e21e8bc861a0e1658c42a0cedb0c864c8d5b28ab645ddc35c64d6df7202fa74528f3c6c6270e4076b9f42d53ede867696940ae692320400418008002700", @ANYRES32=0x0, @ANYBLOB="04009b800800340000000000000000ab008680040003808352f74ae947fb23c79111bc17b6bf8c6c3d619fc962743d7d14007e000000000000000000000000000000000004001e8027a418ee81d8d4625e800957f968a786b97aee04fe05f579d40c5406fd0d5ef0103e622a30d7ae796f01424e1cee1b2f82b798bd87ce1151af749262a081ccbf323c40080d96e502fc77c2b2b0fd240a6602b1352d77649318b9f91026a21728eb7be75449a5e5d620d983c79b7dc4e8e54200729c70094e951838c6c10d02f507d846b1b09fe0b19842d0f79322ee4d223f6dc68534052022adf30b8b217a692b6e184d0912bbb191ec1ddff9644dcd5c67984d729df9c870a12cd2d0562e8ceae6f8eeda8d3416a8c1f094839f061a4add8fa9044cedd640a014fd2752c2ca03ae256937be3e449f21cfea42723a8109f039b474e345a11a7aabaced775bbeb653270c8e20853679dd1a8f236fcc1c563943a06ab168fb6141682e19907ba333753b79debc5f1f003d80e2a50e9926de63ef942dfb2e3f4ba87020906ef84b514ccb6c18dc00000000fe0005800800c400", @ANYRES32=r3, @ANYBLOB="1800698014006600fe8000000000000000000000000000262000358004007d8008002f00", @ANYRES32=r4, @ANYBLOB="080017009507000006008d007b0000002000db8004001b8014007b00fc0100000000000000000000000000fe0400d0800400ca000400f380b1ac8cc2f2532445cf4f070f70d7db4240319ce22baa1cf45c6edb6123a7506113f7079cc5befdb7efcda99dac56274f77e6b4ca6b73f565baeef0b044e16f50868aedae53adacfda229944027b08ed35e913361503c477b8a27a558d116498ae75b105aef6daa44b7122d40822b426b7c575fbd2a8c94408c1d9b433df908c397a18891960715dcd2690800078004001a800000c319048074f21ce5a5e37b59bba86390d6a50f13a4e57d6930a27e61bdefaba25562857af34f54bbbf8dea09e7a686e70c823e96714d85668df3e2e9e7f9f4ca706ffd6459535b4d95db88cac6366775fe26b4bbabcdf79f129d7a62a73aa01b0ba3f0841be3c22f5235d97787ed04006700ec8e2fde77cc9bd71b33a7b512814872ac7413ad8314006600ff0100000000000000000000000000018500fa00c73c78455c0a7ca08f4b32c31a1d076653e2cf8b4c301619322c2ff6f53738535c3f71b2416c8b2b9c62fbea50ab0e7758015868ff1d31842799499e6d7cc3a5a4406b1c1686ca977cc478d2f25cc58157dc2f243c84004c1095aa042ddf3b1c22441999a56ee9bebe99594a2702bb9059b51571dfe10e6b159308cd4990becdf2000000147ef978ae28b1ef61321c766aa0a3016c8bc6596d6f3c6a9e9446250e8b86a258e6499b151e464b780fd59260cf4ce97e92aad0cb7a986f7e97491d9969dccae556fc5e507aee23f40c83991fe894a004094302893261344a2d78852392bf3585a819f96cfe3ed7a5fecb572454a7c0b2e676dab4d8d7b2357897fd1777ee5c816efdcd4444df833cc7978c7f54cde157e3cf7ccfa646c7235ab050abed6fd8677a46243793bbf5360b4b0d1a50eec2b37b1349afb4bb1e04dd13ef491943ffa0d4ae24374dc12a6fa2470c00ba006e6c38303231310004d47c0d9b4ad7f8f1ba5e1d4ce660da5746da27992b293af0b807528f50d0e6d2b0b41dda172fac34905fdf98d3a9c40763a69180fb674c8ba86a92a8d5c3ac005422a41b56f551334db5df652458ffba182a702b85d440044379ae1df187237977de397d8bfcf368bf761ceed204113d6ced259b58d060e305d661fba532a3f5e7a54f2194e6f22bfb7dfdd1a44892d2d87ee055110e72df2fd4743cfd5aba77251cf3b95e2c491d1454f3e35526fdb2e0daa740925be684ba711ccffeb3d031df3589a7eff265544c8d585cb4b2898ec8788846f49a21fb36b8db2da2ab1ef9e5165880c500f2008c2f10666443f1ac1a8cc60ad8ddc6a49e9e70c93aa8ecefcc6d50059327ce7606eee6f19670a825d18c98b36652368e2425406316cae751284ed1cee6a102b1784aa20c22843d1414e11dea7129fcc0e01e7d043014ffb1f2d13dd923f12beca055612cf1fb886971986086142fea1f2d8a2c46343e77a69c945859eda4921e04c1b15035eae070bd6fb6c8b83a1951480e0cb6c6c32ec2a90d958ba7bbad5a3f609a38e89b66ea6ea05d5e20383b5aa988fe761fec4bd3ec1b467105714c08fd0000000400a98036ffa99410db814df01973d68db033f4ee87aec2a3892d37ad2087ad0def0d948efa748f812c6d02424d38d8c88e1dd5049980f3ce2f4b66266222d08e96478ed174efeaa00b88389ae193eb30c196206d44b7915e039d40785ac0ddfaa1149b3d82a2e7cd7cf432ecdd877519ce49d7d4d9fc821ba8fb40726714cd8775b0d5af9863379226847e153d5a22ca94d7168c52c09d3e11e1b6c74d4b756dc823dd5ab47f79d75b62c0b872872040582510e6927fd5850e5d784d04002b80b6148a8008003600", @ANYRES32=0x0, @ANYBLOB="82daf0c8f4171571a867d2ada8495e06101bfcdb636a4611cf0066cdb28fa39011301f1f0a0ce872459df3d5d93fc42a9dc2f768a340ec6014193380937c8c0800ee000000000037d953af0b7ace95d661ff712622451ee562580d9a00e9f9de87ae8f96f2bb825e3367dcc19300ee726b2c7ede15bc1d3a1cdc2f42efb9fc2d06b08a89887a47cf2936075e248d069391e951afd2bfb6bf1ea08bc55b727e473d3bd64f3c56d194974f2c87ce81e4fe86e940af68f42613f2af7ce3d562eb9e3061d1219d0fab194403a439da14272a41336cfbc54dce2fd2ad91e384882e80bd9023fd714eb550200c2c49e2c6f7344d2645ca4df4dff56a7be9a370c277f5c1b90f3bab0ab063ffbb2b4c9b20bdc4cc7f4956776097da0152d6f2c404710fe1d566698d89f39f03af2a358c29b9f49c5d66ca553af307066b5008104b800400138046c152a51512af32b1777bcfe64863b7732d54820ba95444306e5cf0e25cbd33c2b8db02b11ba650d255b11e46ef6d3e93b617fdfb22bb73066f097caeb34eacd69c9a12933835973f3dc16bf76c5327b882d7838d34b001a8568f3e1e6a61c05532518ab61f5eb510aa63b2cbab418a1b0e5462711f284eab849d33f725fe4a47c3cee6e8d55f3ca49f209eafe3064ee98bcca7edbc43cab3a2ac75e37b3900089bf866c2cbca66beb1457e70f09a378f14f754e46da15f39c1776bef0674e4e9ce5ea14dd879e2c53c4bd2cc4ec6bc1ea20d1db71c8a9f2c4a642202c52578c3d4df719798235457bfb90ec5e763e8001c0ae3937d25dddc821461e1adb24bfca03431db9b0095f04e889011aa4dbac961bd2d097f58c002b2dd488176ecf4c9a34c748c1792c68acd6231c92221e8d084af43a5f2070764ec8832b2c37bc648205053814e5e27bc6a566b32ecfadd4052eaf306cb1288474ab88f00cdcd5398dea41ca17397090e43577838fdf2104fec250c0c1452c692d13d63a13d166d09f924117fac3b047eed73562f242bafd4d04b492eb8fe964303c4ada44374f0a0995e8c5eaddbe45679fe1ff42bb874d758d74f37576319924680c7636f7683773e7dec7af75f51dc1c96d9568e36d6b60b6c6d4d671c7c86ff175ffaf78ff92919675aece6ee38310fcfec508283b69cc0452d26e8b92f81a1a27f05fa34892dcb69ffc388e8a1c77ff2d6d9d66e6c5b374c3fe23e9abbc13ceaa94ed577cc041fd91dc4e381ab96f476e1b99157c15a3330d6682b1b41f0c05a8ceabdbf7e4e9bdaea37adf873574386b5bdbe3d410ab108d43ea59646dd9fd4b859e7a4419f92f8ff06b5fdc4ffc2199fd764854181ed61b0c6f5b8c8776a3339d5f630b4c82beed728b364251b43f084530e7baa2420f71f333b1f4274876a220a7ed1024b6fe3df81634f3dd4046ebb19f86a2d72771cecc10eae833be5b71d8956eb0ea729e28e6f960c73c4f6f84c72a5f99191cca1ee0ba3460bd5794f8dfe55d87e9985f15443aca3c11ca79dc74301457885f5c1551630b1a2dbde85b3688a838b51942608f9f14f77e1c71f126fa031c49e251f4e6c65e721623eeae2dd4dba583ab9d89a175c2160f70c0eb7f71492966f113d913a4f83adf5fb1679a7de091b9539a4c86e8b807301a9ce1f744ea5c09b587f6d675c8bd5f66ca468636f0a39e23fe3e36f3e3a86956630e562a6a26da35cbf027e5e76ff76dd0a9a15c4584ee5ce61edc859bb4296da9cfc5cf6de0138786e94ca30bac912a476a348ced4c3cb7573796e9163dcaccaf39c0e045b11553563eaaa93eb96888c946f88e74c030c1794be5f5817bdc6925ef01a7b673bfacc36efa2c25c9e45025999898913038bb5dd219b47a7c5f849d07fb22a04ad4ee4ce200c4243e7c4e054420ab8f1e611e4821f03f214071bd9fd7ade20fe5be429e45e5f5d0be1be628f8381e623a9021c119a46ccb7c33ef918417014237164a627250134d8a75f0e6c08af860ebbb0d76c29782888b5bdc4e867fc2a94a5dcdb67cbb128ba0214a328d419a9d8d38b055742f550fe5354e9437e3ed2db65702e7ec6220af9fcc27f0f7ebbda73a68d7c7a84e600090df4ecbec42c6d85b38115a4c919e39bac03f06687ba1b752d9d1262a641c2a3120c995a34618510df75d349b11e05d7417c80824c84b246fba34d3469a0a857eb58a12b6cd40e28cef16dc85bb317218f27facc33e64b2f2f66e8a35ea207e877e23586aca70534382382d5105dbb891b4c636bdafd842d4f1c32c34f835c7f17ec339b6e3b75e5635e2ed0432db27550ecd3f787d1c92fa684c7b754f46bd0cfd7b6ae02297b77b575a30b1d3d8cd78d3d8e8716964992bcf655fb6ad2a5f6f54ffdd6af09f5ff94b1712d835929ca6394427750f17fb6e63a03e361bc009f9cc934b598744b6d77f8ab53c4a8dd7160923fcb20cbf92b161e48c99622436af109d13707924d70e2b8ca0db4d46aadfe080a6565a336891aed26de135599579c55d10fdad560db11851c80ca03cd979a7eb101bda46bbef21e59b7b9f0598b6ca8ac66e5f3261fe957634fb3c716a8cdc8633c41302d5d0d9c525a90b46f5ab769c4f6282ac54d68a8d57c6d8f5dd1fb1c58d9cf7b7cc9ffad96fb43a2c09836e63fff7adf59958284801c6de36ef207a481a324568779f17bf2ec309b456f3ce24ac3110338052972bab65a16510a16d13150378b3c7e026b52c4a665e552d0d60d0e39419af6e0a0c47608ac168dbbd5a33fe067fadb1178339030756e30e53d92bd5570f0da9a101f6142bec7e15dfe58b7377e98f46f930a4599905fa0b059aa813c34ee6a8fbd456ecacbfbebca0075dae68da00920ba24f485dd5c1f6ac3f072619037dc65f555f18f3b109b6b3f7ea62983ae336716dd5f751a0121ec83c12f408f80d12f219d1fd9c3e9554eecb72b21bf67cdac65d2e835b3d1249cba872868afb5e0de23401c73744f1c5da7cf4bb044a0f2ea7b0a7cbe30326fde94768d3a548b5c3ed2f7481a48790214b7698c842c255439cfb9eabc153b5a4ba9d0ed78337f556a5e434da047bdd49736ae7eaa5d33686c1216195962ffc9ed4c58def83dbf74a18541632261ee019e3342e80bbd6eea13136314f9642c2d79ef71127b564d5e393f4976bee2eabe1cb934198e1f9f965e61c87356ae8f97b914ac5be0b2f64d69139e28832668ecde3fe0c11785c6aa60e5b8b0416fc2f03ac7d625e3db8c34bb91e7a74daea7bfb4ad3a4163e1461e1769d9b6ad8fdbac65a0f5171b74f0252c1269a107528c62b32c4fe2fb39ba96f077ea33411d2eda5e2024bebd6f304a85777387bc9f61d02da720edcb9e39d0ce050254720dcbec712fb6aa211120b17707fbd47f8cc8cdee90953331a6137e7b988ab03873d4e6aac11d4f80ab4c0eac9c1f6cb1d3bd0822afe5111ea5908df2bdb9d40210a1743d5b2dd6a86fab9c10418f84a8b633fae54625285a7506bf2138808405e2f925e7de33bcc76453f06f942fd0f7685634d1fb93956802d03eda2c2c7912035127a0677d461dc625c9081918228aa8b8a569eb65e4e61d31f9b9bcd8448d697839c3ec4d1a02b27ca74a255bc05c57fc7dc5de07b78ddeb69dadee22181dbcde8dfd466a90b154bce12e36cb1b75757139aabd572c95b36860b83758033267f33dbb5ead8b16e9a4495335e6b5ff3c08f9dbd4fa0a4c5e795004aa6bf86418bfcb931d19817d037a9fc623f6929082a8372cf0d5e02dcf4487c7556671ef81adb550afc0d6c3b17742a018b7637422c923d362ec3f0fe778f9747e84541f83f75ac3a9d74dc1d4866fb133da2d48522cfe1b0da7de1b486195171bbd4db4db26128e5cd3607de5d1459119819bcd7fe50edc516bb8e9edb98cc0287eece632c2a2dda1e80bc8e7583a9d1e79ccc0cfd7e85e4ee627a4502f91db1f3272858a71a6f2c2ca5d21a691d37efa1ffaa67c6a176d06d459d8719c8fbaae3954248885766d37f0820dda3df0ddf665e0fa087afb463160f8b051ea1a42f6aa22ca050d2b4d571838df8c01d173565fdc299b54d17c9c1fc411dd94052f0ce62825c12d43c0b1fadee6d89334e2ec52b8a70cd87379ce5f7d63c32191089fd9a4226b2f0dd72107f0541df5719a31f76ec37be360e1a092bb107e4767ba8b4cf881a2fd2843f720aaaf3f31fe70e70640f480532401e396a2ecfaa45474b3874c3a143e9e2dd2b7c8ef3bfad99d13f03dd97da814a2248f040690644cdd1cc9ba0fa2668fcffaa0eb6336fb6528df9530bfa43be551c2b307b159754bf857f27cdd624415448b258e974fec40d36ba3da29b98457ec17ea24d22865b30cff7f24dda0a252f6a1c39bbe2b610c24ea7f31bd7bbc577100cd5985dd19171c097078e34c2f1b63c3787dbfd51bf3345b1935ca83ab7617b23bff551185bb8e4c9bed45a1d417bdcab722778e85de2a8acc427f213ef321c86887bc9d76412204046f748699d5bae35e10d11fa450c8d3bb4f1a94a4d9cb2f4e9da4bc7eada8f33429d6b6b89fbf8f2ca9a4b4c89b9da1414b35899bd8fd3d026d08289035a9dce06a59b34ce6421a6514a567996b776a4617cfe34c6a8e03b2e49833c3c12f0485dfbe8732f9c463fb53b67ed30565947f3dddd9c539f1bc39afd3dc3070e4ad33b5b3b7fefe8f281075db38c8267ed2843bce09616022eb6940d7f8e5045c90b958b64fcb13b3bf77670aa46df7cc8d9a4ca4c2ae7ea36159ad8877b72234a2d665647f1d9af95a0c9641de18b63596d63147bb358d6a49eb1ccdef66f71266ce9fbf3b299d38e1105da6e7e403b5ad46426aafb9421e91248f93141e408d64dff1cb0598ac2a114b7662fa8d533888e4fe77ef82e0071bdc0e62bc3ae74773f5855427c0f231e4682e29a58ef10408cf5ec52a88353cde543d8638b9f7a783c9660c62cc5c89f71be8459c5c7222fc9488773227c6b4a198c8d7c7f9a20b510f6883fef1248c95f407028ea55df32673485ba2e71499561e0bd1fee68e91b18d01e0da0208301266e9ef04daa158eaee283606dbffe126cafd70808d3cd9061fbf500ca78f32d9b4587cd1d282174cce92d65e646e3742c47ef86ef14b139648a9ef0a527e79444dbce384dde001c9d2960aa0646f5cad61beefb629100d2812b3938cd079198fd8826bba2f3962b641f758439215b42205e3850c9bf00335d224e20c02afe3e12de2baf520422a0c969c6d875c0aacf76bd1537b12a95da800c84ba70ae5a47f989ce47eaf6e4361a8c009ff9dd7a56de4be3fae611d3ea0f615ff9a424600f301cbcc0b17e48174c649884b56ee25f27fd885bcdd7f76266b090e1108e1a913b26ae77c17c176c6a029fc27d8bd53da3398c4803b4d51285049ff1342a6a4c5ffc3bf9999842fd2fdc38a7cb2ff46337f6f117f3a847d385548db82ed1e1a473a706409eb04a71f1eeea39c773692e5be4c8c3f9301869d2c8d1a085728d133957afdcb7456e093d32582b443443ab3f4209914f5c28d357f854d089ff3976d223cf6b7dca7e39263e1bdf4ecf26582d0af7b50be8bca1b0ef847245745d52c891087f303687e9e8176e7908ba5113c8eb65a721754e40172fb1b8a215664b98dacaf6c32484034d948838035752e909b668b4a75c2d5110067fb329cd5b9b6ca8aa624b216ca84e260c5b8dc60d8248295dfea4ca5486066914e20f780ff7068e1d2130f15075b24e3f991f110fd8622152622645f346c4cf550bc1a09a1bc085c3e537240562186157488497e85f80386fc79904108f938092657d83cf7621bc50b6df15c8012c1cc7a0348a2c0b30f12375eacf656b688a1ec95c003cc87ecc1da319d8728f9e58730011df17fef3e6678e45a05076d94b4ff84bd7457a19ce32574b54dad7c5db58c29088119626b92bc83f3b6ae0252b3ed65841ecc19db4c814dd2d6d898aee456ab928f8899aa827f783e17ffc6477080390e04ea5ef9723b3852191eb6977c9b80fa7e03c6777c62d87c407052e76dd453fa4e0406120720bb84d778170859ab8e4751f8be994f964215b64b9ca9c46dc768bf4106073d8bff2c76b1dffdd319ab2ba4776b41bb5de4bd6dbe0724708a0476968f95220693d690a7c0dd2c55f4ed94c076857a480b9f70b0e14c3685afb7ce497287c3cf92145d12b5ce42c1557c45fe2e763aa181e9ec6882ec1cd0dd83e4f2b5731df78e4f1f22bdf7df84c9c45214ddff20b141167feeafc1b67fb3fdff126889d704311f30b28403a7d710ad6360f8328503c43937794823c854d2d09ca8889bd6ccf1f650659b17048a66688c154f59730426c8edaed464c21e13a84df3ce1eabd3ecca25c37d49b7de7f928630fae04e9d3be5853a7491ec26036e333f8060d2d433a562c0465fd1d5b68d57df464ff2870f4f7d02d41c7d82ce20429aaa9354cd129055f86c79fbd0bc61afa354107824da195e3b028f5e0417f1288f2cb2009b8051099866b8c144288891c34d764110206dbdb63a35c4adfb3e8c17a76df51ca3b9deb9a6721b6091e14dfc456e97580db491fff4c4a7cf1561cf93e279d7894419f2af548e09ec3041e3cef3d1e65b5e04b457d610358eb76ee4f12eb9ba05af7790537082100e587708ef7c66c39c1c1b55bc784447cf3e3c801b08d6d7660a2e489ede515e6ddd8b1168679ef14b419a299c7752598c56ca0b9f535400858c8ca8f9d68c4087ec4fe238d5ea53000029013c8004007680c261241a71d1f72dc11da741aff028807f4dac0cbaa18611d8b77515f265b4e1ea15d7c08d504ca348171c7ac177b24a7a5f210b5d60885c48d1559e0659142a6931a6e9ef0c9bd5e821afd8e9a3d581af643365b423c95300565cfa3a3e2b9e0433b7468fb6000200a95a9c3e93c963fc57d8f442f89a02bc73c710a0759958b90555d5817acaa5cf9d50890524faeb0e7eac39321d69d5e0117dc11af0b6cfe2bc0c0f91a662827302d7de881ac2a64b59ad7432a7a3e5556a8570ef793c0cf274b0b053b5f272febdfce8185a19d76623789cde1c1aaa9a6f31bb5fe11ed5a445794b2f66fe7465392346ba3e6e3c2e63b57d8997c4d4a2093fc5d164d4bd061ef3a0651e0607be3f646017adc22173d17cf4cff55a4d6b5bd600000400a88000000004004380bd60b79ed4e6e0acfa012504fe6d03ab20e58a4157b184e2c72755687ac2cbfb541bd886a5fde49cdf15ae4d2b8328230e695a14cf74537acad05241689f5e7c4767645747adb3365787c82894e20b1102f626b00deaa62c5843b4b94b05a271832e67e5404bdf5362c78afcb025d3998d1197f28aec603edb2fd3410d16c8cfea6fde132f20472a6ad6e24af8f6cd8e5f894db53e9c5079c8a27b451f6fa0554c90081a937d8d4e744a2f25b310533076e3e773e1221a86896c9c24b5af9bfdd042f9ca86e49b59d12143757d7b1525a056b3b1d10375b54bae1a00006349f52cfe47010a6362ea7dcc494290bee854dbb918d06a3ada2227eb6dfb9d1346108d2b08f0e207d195c30fd1f65ecf89789aedc304f22e1d151e0b801572b23685b7e575e6743c184802e0e616fca6283f4011441f1638e96e337587558d698a2edd4e06cde17243e4cf12c44c4bf021fc2dee596bd8da56ce7c4a514aa94abdd637ab491b301736b54c14009300fc000000000000000000000000000001000000002300098008000900", @ANYRES32=r8, @ANYBLOB="b71002a5bde72381af72c09e7c0534fc92793d7b724ea600c310038004105100f9285420e55059bb5e6e4c3a1918c4ebeb3a825afc60c9022a9964b33e3ff2ebd3971cfedee938c31a03a597fbf1a4b4cbf2d7a19a6aa2cbd28ba6f8eb0e1715721bbd409c74473a4c909df0f6df2952094685dffbf67add3bfcdcbbbd3bea23a4010941e282ecde4898b703d260d7d455d6009db1b077dbf2d70a47fa7f8fa0ba3ee7eb6c276e56a9c6aadb1357800c946633186c162f19cbe0e1f2a8a0a650244dccc4f2b817a9135ee9b78de78bfb2158d9d63ba99bbdc4f02e52061c8a0dd81a93e8c3400341f94b4cc1f4f5c8ac086f33dfd188361e708d2d1f559ad622990b08bcfa672f5e4c1bf1ecf7c0020823b4f5c932227d5513dac1f11dd92b97801dd56eabaebfebbd46673ad64054401a73c761154af6e0862cf8f2479577b1ed98cd92ce6aad2dfcaa89f5217fb0af768733b1756bc5e9475c5ca3f5f36463c12c9711e41ae1d7613b21116b8e6c0781f79b232cb77457664d6d5c0b59ccedb478f713bce2dba33c7cee12b09577d57c316553360e8033df52fb1aed502c2017e695e9f18d6a8fab5d12e569216afc9b57512dfbfa5276468bcd7c70d7675103f236bc900703f21dbe0ffe07c7ab276696000349aa9e8c90879a02008fc772121eff01157cbbe0dddb2917c03991116365831e16a18f090edabd8fa6c3078cf9535f54dbff778f89496783eed2e5276d4256c693321379797c3227a2434af8aa66c91be6dba813619b4b06659e5e858d2bd034bb255ac0c211723925289444fa22e9edd67b48fbed66296db8839b03e42483d849df6d53ebe4ce0ba49481d3bc3626b0b7a967576284d7cef19bfae3d995516a0ed1a7ed989e5f63d71f936630d61781748673d2c6b2878675d044b82736d3f37485e4053ca02f2c51a2814a6c9930433c6fd29b3785e9f70b9204f812ee87305493593d1b5155fdf38037dc185898eda143349e06e47bc45b9929719889d231b30be43eeefa79cc3af2eb4f286fd8e2863588e625478b6d62d7641d4813bbb1b28c58aeb7e72224974fd94c504a51f04684f738d0b9b6d1e726d09bf32c6bcc6b0b19436f6b3b1023942209743907487eaadb26d76333c00e2e3f6c51833d05c582986d0490ed5123f0ac37a021139474be66530b0ed2662eedd59cb42d01bb760d99b9891a867f088ea5350fece17e40793db96edcd0c5cca79ca487b2ff59d235ff7a322476f4a71d337b00ae03fc18cdbc653400d935a42b5faedaf7372ccc6a67faffbfa5cf1ced823250f4c9a25d22b3e0afc69550ac0251f7d2a04ba5ae015819f79328deea70f5c524aaff6c4a356bba783c63c18c6088b9d4b37bc5a5169b9bec7441871e2887dee98f9c8e138eae21bbdc0c2961b1c768818dc30ef107696838206179bd8ff77b03ddfdad3f1d1c030bcacd8c46014c75a4a1784cea99fb3ec49e3527a94e78d38e29e8fbd36efd36027e6a43d8cebc88a0753d50f21d376cae71653450d6a0528a50855282806276482ea7ad8ab402109c23402a3503c8752ec89e79293579ceef1482ddbaee9c2302f09e7551edb6127765b274b053f2b736a1047308169f460b51cde6347b4961157d2adb9306a3c1a7d1e2bf21728e7f76a63afe5e386f5ad0c3e50ea814665461292d5e52b8f06657d4cd1381cb759ec47dd13ae42dd50e2ef951024f1659ba9ecf621a7ae553cf5a76140e3df2230459d89f3ae01fc6b88feb34ef4c19e9624e73fbb65862e0ae15bc821113f893ebc1ea095ecce3fc3301b1d1ff7dc3a3a0ee22176d0bc1880a698a0d5141985b375561c7c10d7dde64ce3c8f1a901f3801233f6390c0d2c0105c605a9b06b8adec307b4ba435c31ee4f87858c4867b045cb339dec80bb4f3e865460238dfda2e1a5e6a523efd6400525bed1386ae2d3c992ee49a859ffad16dfa5ae0ede9d4310c8e3e01c20a74f62b4c7eae311f8c7ac91a6a6113a14882f1ca48569269cde84df103cf4dcc403d43e2ba65577d88c6998e490c68ec33d52488d27f5b1b41cdef6fe7a835edf8ed005238520d8cbf84e37b95439de281d25dc12e5223384f918bde14c30937ad61547d5e722ddbfa585704320e446540cda1afc618005ab314e821f34217a3da9530a3df5ee033c7d843b1573bb5601ddaced44c578001d6dd9a34170002dd0187adb469f65887ad53d374b82354229536b2184a0235302bba247564c781b947b1a9a0f9ee6e29b5d969c93da5ad56fc2c9f72bb874acbefe43c7d15b39b58032ff7c662f44255fcdd3ae42bf6984049daa4f3d33afd1faa6c0037630b43d418cd5f96e356b45ce60a338bf881d991c6fd96a08acfa14f56f8283b809eb1e9419a0d42509bd913cc43317b98b15a02ce50da6622e49b5a46fdf4622cc2369e6601c4380bb03a49b765d0e00e5cfa22a30a646605ac02607f76bb847f084cb381c8deae8e15879f81b0a70909f05710db6e0825601d949f6a7acefd3f316c7cd59a9e6494d4c015c00875114e5294cf9441ec0470f2e0aba8659dc1829120e3352c09c7254fa7965a917c6996317be831d0e223c977344babb1acac14f30474e94dc69e4d3a4e4f198e0897701a20e499f6c666220a0266bda09b53d39b7190522f2e5144bb050d6f90d25f9582be5de10d9881d4b436dab033329caced04161eaea8e183edca1d57ab8f409bf4cc1694282abff17f5d6d0ad33bafd69db69db0abf60ff94f551c53b3ab621a49aa65dd2aff5444887bb341e6a19bced7aebf0320abc87aa993c996df2cd9fcb2623070d3fc1f18f8990e7bc3f40ee1d1666f19ce57e21437cc8fdb499125e692a9943672932605217e5488cea1aad857bc974e1e51c38ab79b1d660308170aa71d9f51f92371e4f0ef02e3af785dba843f8dbc949425577d7fa0308ce032052073a1b692ed371a4987f627e66f902da0692849854e4096f6532fa302b6dfba585845428afd8cb64e94026302affcda88befb7ac999a6c5033dc93f0151f38f89fc8f6b21047ba9c4bcdbeb09c4e9609760c0e48ec201782d3be32e84a7ebc0010f994cd1c6f2e4b91ef6d77c21f3071dad14c73ec823ae60a91246739d795484f3b2c9501db296431b45019031c115b6a2ad94d4f0624986de77917ccbcd926717f899a8147f0278c83d3597178fe540877afecf69df75cd558019af4eed8fbb632c6daf6ee2b2b5872287048412c3977ceb2f44b4e3c2de344a98b94a3a5b335a8ae8288574a82612e11b5b6535da414683a116312e211f3aa668b39087b9b5a7e29721fb99d259defe16eb10603a51d4f56a94417c4ca1e808a6ceef798185b0449752aaae5e2a96bda97200f51126d42ee0e1ef92617764540bd814fe4e6f57523c66ce0a98a6afe62fdcc2d485b06c31bc74e829ca505b176c67735b1bdb809290c6b28b79ac78e694db31bbdec575f8e6126f142c33083884e013910e2801460b8ea5eb2db0c766b2e2c77015c61546e2f8a1626d9b508ad6d3efc644d41383bb2d56c5177f618fabc41978ba967d36a7418a986ccd9520e9c4d7b283b2561ca3288e5b5fd23a5f54555e258b465813d763be673107d2dad633669f5c6dfc59152f98f96c3d917631395419110af25dab93f1ff1d3cefa9c0473562e83c71b6569d354a27bb2db56a5cc271582025c0b0ef040fd19ee8ba47a810f7f2e4e60b68fdbb469ecaf570d74879c8d13d1cfe63e8153565f948fcc0b2890b9d2ec626280352d382507947048336cf838efc14e7d08c25881846e072100ec7f5f95223c4a9ac0273524683fddcf8a0fb8504c917de074882ccdc1be94bbaeb13370ab882e49f2662c1356b3a34dcee19cc237b10a5346bef6b7a066704d556f911568067e6734a272a773c939bbd505ea594f7117e2ecef252628f1452afd97aca30ca076e346e518bc46c9c0ab8decf31c71e5b6c4b3dbb08e581d3f1ceb3a97ef82263f51655ab4c4dd36a07f47c55fe1b912e0691e2804ab523f3fd06e78029028b06c013f478e67a2440d7d61ba370b77085c07dab187c3b4764b84a522cbb4d92701fd1b6c558c170beccbbd48e6ecf154f1de07d24d3158d2a2282d4fb2bc80427e85cbd5b78db635826e7644ce3b2673d5a3174f2bcf7e1fb940aef842a709435e26a5e7f66165dcb83704919c9efbcb70626f8a35c5aed52ed567925abca9b1cc18d65731989858dea40cb12e866ea997176009dc61540444f332b5d711e5fe2deafcd119e51aae32ad85a07664312f450103d9a8241e4a306f6d92bde3725bec30aa87b6a39f76a450e8e9ef0c317dd778261a159c3494db09cc707d177d3ac005779ed836e97639a61e47abec5da1a055883f1fbd624a75ace39516881d6be84cca861e2da60e70c75c17efe60aacd905880c10d0763e9178a5acdf98c5a98141cdc7e53dc8f9cc3ded59885ce25f62f8703be973397a3256b17418bc8e544e8174dbbb64a46c77e3b94deee89739818e87af94b219caa8d89d0a0be9a090573a5592f2072613ebd066210aaea218339f23cfc68205e06dc7a632effd457b9724cc4c399cc3235cbb627b642aa2d8331f6f25fbb164a3717f5ddfad90f8eeeeb45f850160e1ac47a1eb6b9598506306e0437e5577fc4baf2f2cd54598908bca053848fe1063fc19ba7f15e2fa84e03c50c8c7457862342253122c5a8a846fb7c9de522d7c5fe7d299eb6932a4c8878e16c47e46889d69b39f15bf5d03f2cc18e507fae68386abf65aa2cdee6609354ed53befbc471eeb397e5ef8caec8671801fea90b867aa36ea2f65a8c9517e8c6e451d8e463d4af816b76875490a8321b0c84324f0c6b9d9f98a2c0165c1df7ecd6ca979870d93d43ce66bcbee1798f34ac0c60617370617481a82c40572e20ca831ebdd56a67d71a890f321e5d3d5a4155efb794bdd8df2ac1b108d2fd1523759aef7097d927f654b8a0b2537f47d116e0ef526b3a1f6e711f7b41c1ac414ce8205f38b548f809afce6aa3e02aedbbe89acc839efcb54b472b3c0c974315410ee299f7e0eace582d1715cd9d29cac410912b7fa5fedc140d83f0440b2b9341b7717d3aab3817094eb155fb27b28a2f6627ae7de636126d017494f8c239e2337dd2ccea01ef4ddb71b63ed50b150b1e575e95ce2935bcdc34c12584df4fc5a6de9a62a003cfd0c7540a69fd2b0468c4e91e5d3f5b53fb384ae34ff046196bc2377390752e263012f86dd1f3299733db7cb87f2b7a72d0c149b990e4bb1e8b461f8c2cce6e68d75979fedc7626cdb1c735e6609d10b2fa049af85ea8b8ec823389c858ae4ec8557c0495d9f2949be3590c8ce7ab27e11fee75904c7ea0dcf3e0eafe5be99d8cd6c9fbfbf01c005cb546bf8e798e5827aa37c7b5317a4dca4c70f4dad6c9ebbf5abb27c18e6a0b6b9acfb35aa65d90ad1c0324e33fcc1048564ef606848a3abc49142c0261eb1d1aba822dfd69ce51b952dc846c670e54adb8ba9d6a5e94d565facc5ff341e8514c419ed4d0565ccc082e0e7719a89d05b3630fe463eb0a26b058fe0165e4eb2d8895c0237c7f8577c8ce4df1f2c1fd27788ce0a5556542a8e52a96723b3e45c085462d5187f23ede6690ef77a399afd9892b88c9cf767af0eb6184582fa91c928386a3481e363754e80c45fc6f58680b3eb578ab87be4401e5627b701080b239601f9d400efba8bab965f414a655ef4fb192cf30d624801b011f63bddc4d0b5f1a6c278cf65fbc5d0dee4a4ba42830742e7c7fcade4b4ff9c0fec4c0d7e84fd88a258dc6e4916b87c49e847dd8ca6167218f1069a2cbc496924b57196c2fe559efc5592abb34a84423975e67a3a28d351f164ac302aaef0f47394268a1556aeefd908bb041f89b00d82b668d4f806ec736469a605c258ce645c6d07773a00fe2910903c56582f2aaef17c0ca4d31a0b62bbd8fd21cff46eee9afb1a7f30854d24c78ba522b0a0634017ea3b9c3001d72f42e2b4201a5b678a4c5e5a882e75e9ea0b0acc895457eb3896b572a653eabbe390725af6050656c846c74029e9609c61a98fc1dad5ebf01c6cca5235711d0832900ba00048087838d0e87af029ef2ecc2691d4dc00829ea618bb4b8c5cd2434676749271a4ffe26f6b1662a7c5c02f4c598bd1f7fa03c5bbeae561f92e033dc40a21956cb5ffc4a7b9c9d514ef22056a719020842366f3e37036b8bcef77c9b2326b624c5447f4da527311c1c8e46c0818ab8dc695d1285b35d7c2c33d9bcea46d8038738000980140019000000000000000000000000000000000108004200", @ANYRES32=r3, @ANYBLOB="0c001c0006000000000000000800a6000a01010204007580000003020280fd00f980bd303502d572a153126393fcf955a7f3fc4b6effc2938fe89d05c24c13d274de030f62905fda4401fb967408b20b56ddfe2af28a54701b98c669538caf8ea9a9eaf01ab6307a64d7a290268db39ea238256f7e41647035a93ed2b9015bf9febc51c74c9999d055496f461b108e1aab72c2d16af33fb964f55013a250db66c4facb472b056ae66fcadf553973fccc6f067d6b154f45854261a02b42e7371279410e98ba9d5a6fc4b1cde86d2dd4d69fe37565011087d55a49d5f7a44ea78a4e53d4145f77770e4c9aad0775257175e58480ba8552a812154698ad8e85ff0ac2b04c08004000", @ANYRES32=r6, @ANYBLOB="08001200", @ANYRES32=r4, @ANYBLOB="0800fc00", @ANYRES32, @ANYBLOB="0000000800a600640101013d8dd36080fa7aa05b59b135f2b57c9eda9e52eab69a4c50d5abb614cc556824f73f6691cbca4326fd9b905235abff3f077b5f11cff5ab049e5e24b37d5503eda9050acf407b963665f8323be4eecd9e9d9ca15b7561c456b6a8d7b1b6583d8db1671a7cbf986c606cd23097e42e53606aad329982da6d0a14de4362e141689da6e56898d4eecc97defd881a7d2ce5b8a87074f131688557b7a1d8638c0c67e386abf5d922cb90fb9a9ec5715ff287c2ca99a601a00f0146d433caf1aff5bf13395c86eee32620637a3ab607522b6ae1221bb9eac7b3712479e2f8c4a0f821386c3e17ba37e6b1c5df07d6129a6d2353e4d399e55c9fce00040004803a000000b0030dea85a2ec43a7936b290b90f49ac78d7bce4ff8f9834e3e1bc51e40efe34a1ce6e0042d61d6c303f58a859d26ccb207e4dd2dd70000"], 0x31cc}, 0x1, 0x0, 0x0, 0x80}, 0x14) r9 = prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) bpf$auto_BPF_PROG_LOAD(0x5, &(0x7f0000000300)=@bpf_attr_0={0x9a, 0x2, 0x5, 0x8, 0x7eb, r5, 0x5, "e03f43200a26d5ea743998fb7500", 0x0, r9, 0x9, 0x1, 0x4, 0x7, r6, r6}, 0x7ff) r12 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r11) r13 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r13, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r14], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097d751f33e}, 0x4080) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip6gretap0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f00000003c0)={'pimreg\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'veth0_vlan\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'macvtap0\x00'}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'veth0_to_bond\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'macsec0\x00'}) sendmsg$auto_ETHTOOL_MSG_LINKINFO_GET(r1, &(0x7f0000000440)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="24010000", @ANYRES16=0x0, @ANYBLOB="675f29bd7000fcdbdf25020000000c00018008000100", @ANYRES32=0x0, @ANYBLOB="1c1f0400000000000000018008000104", @ANYRES32=r2, @ANYBLOB="3800018008000100", @ANYRES32, @ANYBLOB="0800030007000000140002006d6163766c616e30000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=r14, @ANYBLOB="5c00018008000100", @ANYRES32=r15, @ANYBLOB="0800030002000000080003000500000008000300070000000800030007000000140002006970766c616e3100000000000000000008000100", @ANYRES32=r16, @ANYBLOB="140002006d6163767461700000000c0001800000", @ANYRES32=r17, @ANYBLOB="180001801400020073797a6b616c6c6572300000000000002c00018008000100", @ANYRES32, @ANYBLOB="1129c7000000000000000000", @ANYRES64=r6, @ANYBLOB="08000100", @ANYRES32=r18, @ANYBLOB="08000100", @ANYRESHEX=r10, @ANYBLOB="1400018008000300090000000800030097090000"], 0x124}, 0x1, 0x0, 0x0, 0x4004000}, 0x4800) io_uring_setup$auto(0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/sound/ctl-led/speaker/mode\x00', 0x182, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x2000007) 399.023099ms ago: executing program 3 (id=2583): close_range$auto(0x2, 0x8, 0x0) r0 = prctl$auto(0x3e, 0x20000000000000, 0x0, 0x1, 0xfffffffffffffffd) mmap$auto(0x0, 0x40000000004, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0xfffd, 0x8000, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) r3 = socket(0x18, 0x3, 0x2) accept$auto(r3, 0x0, 0x0) write$auto_tty_fops_tty_io(r2, &(0x7f00000001c0)="976f09bd689a850edbe36136c8535f59333128", 0x13) sched_get_priority_min$auto(0x40) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0xb49dc2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000002140)='/proc/sys/fs/file-nr\x00', 0x0, 0x0) socket(0x6, 0x2, 0x80000000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(r1, 0x0, 0x10084) sendmmsg$auto(r0, 0x0, 0x802, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) bpf$auto(0x0, 0x0, 0x96) openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x0, 0x0) r4 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) write$auto_proc_clear_refs_operations_internal(r4, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0xc) setsockopt$auto(0x5, 0x104000000000010e, 0x2, 0x0, 0x16) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x801, 0x0) 355.845377ms ago: executing program 3 (id=2584): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/scsi/device_info\x00', 0x8002, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000000)=@task_fd_query={0x0, 0xffffffffffffffff, 0xb0, 0x8bd, 0x8, 0x2, 0xffffffffffffffff, 0x6, 0x6}, 0xa3) bpf$auto(0x0, &(0x7f0000000000)=@link_update={0xa, @new_map_fd=0x2, 0x7, @old_map_fd=r1}, 0xa3) write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000240)="22edd92f26639ec07e6e5d09f20c7c160a4dc5023a92446435820bd54b8004043262db0a8686bd579dcf16f50e9bfa20abfa3a", 0x33) r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cec2\x00', 0x20081, 0x0) ioctl$auto_CEC_TRANSMIT(r2, 0xc0386105, &(0x7f0000000080)={0x40000000001, 0x1, 0x7, 0x8, 0x2, 0xcb, "8a9750a07c00", 0x6, 0x6, 0x6, 0x9, 0x8, 0x5, 0x81}) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) r3 = socket(0xa, 0x1, 0x84) io_uring_setup$auto(0x401, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$auto(r3, 0x84, 0x82, 0x0, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, 0x0, 0x20040894) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x9, 0x0, 0x4000000000007}, 0x800}, 0x4, 0x4008) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x06\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') 40.848246ms ago: executing program 3 (id=2585): r0 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/extfrag/extfrag_index\x00', 0x101000, 0x0) r1 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000040), 0x121040, 0x0) read$auto_ima_ascii_measurements_ops_ima_fs(r1, &(0x7f0000000100), 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:04.0/numa_node\x00', 0xa001, 0x0) r3 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000001f80), 0xffffffffffffffff) r4 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000180), r2) sendmsg$auto_IEEE802154_LLSEC_GETPARAMS(r2, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r4, 0x300, 0x70bd27, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x7}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, 0x2}, @IEEE802154_ATTR_LLSEC_ENABLED={0x5}]}, 0x30}, 0x1, 0x0, 0x0, 0x8040}, 0x24000000) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_BLA_CLAIM(r2, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={&(0x7f00000000c0)={0x1c, r3, 0x59e638bc4fbb3f7d, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48018}, 0x400c080) read$auto(r0, &(0x7f00000001c0)='\x00\x11\xd4\x01\xb8~\xab\xb1\xbe\xdb\x98\x90_Xd<\x0f.c\xdf(p\xc7:a\xb4\xd2\xe0\xa6\x1c\xa4\x01z\xc4\x13\xe9\x88~\xe7\rc@\xf5f\x12\xbe\xc90n\xe4eA\x1di[\x01\xa7', 0x200) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 0s ago: executing program 3 (id=2586): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) setresuid$auto(0x0, 0x0, 0x0) (async) setresuid$auto(0x0, 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x181500, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/self/pagemap\x00', 0x0, 0x0) ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x6, 0x50b301a, 0x2c, 0x2c, 0x0, 0x2}) (async) ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x6, 0x50b301a, 0x2c, 0x2c, 0x0, 0x2}) fanotify_mark$auto(0xffffffffffffffff, 0x9, 0x9, 0xffffffffffffffff, 0x0) r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r3, 0x0, 0x400018) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) (async) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) ioctl$auto_VHOST_SET_VRING_KICK2(r1, 0x4008af20, &(0x7f0000000080)={0x4, r0}) kernel console output (not intermixed with test programs): nished [ 399.094505][T12653] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1443'. [ 399.103455][T12654] ubi1 error: ubi_read_volume_table: the layout volume was not found [ 399.495336][T12654] ubi1 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 403.631159][T12730] hub 1-0:1.0: USB hub found [ 403.662930][T12730] hub 1-0:1.0: 1 port detected [ 403.665684][T12733] netlink: 396 bytes leftover after parsing attributes in process `syz.2.1463'. [ 406.931320][T12762] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1468'. [ 409.650774][T12783] FAULT_INJECTION: forcing a failure. [ 409.650774][T12783] name failslab, interval 1, probability 0, space 0, times 0 [ 409.695310][T12783] CPU: 0 UID: 0 PID: 12783 Comm: syz.2.1472 Not tainted syzkaller #0 PREEMPT(full) [ 409.695347][T12783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 409.695363][T12783] Call Trace: [ 409.695372][T12783] [ 409.695383][T12783] dump_stack_lvl+0x16c/0x1f0 [ 409.695422][T12783] should_fail_ex+0x512/0x640 [ 409.695458][T12783] ? __kmalloc_noprof+0xca/0x8f0 [ 409.695492][T12783] should_failslab+0xc2/0x120 [ 409.695518][T12783] __kmalloc_noprof+0xdd/0x8f0 [ 409.695548][T12783] ? devlink_fmsg_put_name+0xec/0x3c0 [ 409.695588][T12783] ? devlink_fmsg_put_name+0xec/0x3c0 [ 409.695620][T12783] devlink_fmsg_put_name+0xec/0x3c0 [ 409.695657][T12783] devlink_fmsg_string_pair_put+0xb6/0x1b0 [ 409.695698][T12783] nsim_dev_dummy_fmsg_put+0x77/0x1e0 [ 409.695735][T12783] devlink_health_do_dump+0x243/0x620 [ 409.695777][T12783] devlink_health_report+0x6c3/0xaa0 [ 409.695827][T12783] ? __pfx_devlink_health_report+0x10/0x10 [ 409.695870][T12783] ? _copy_from_user+0x59/0xd0 [ 409.695911][T12783] nsim_dev_health_break_write+0x166/0x210 [ 409.695947][T12783] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 409.695996][T12783] full_proxy_write+0x131/0x1a0 [ 409.696031][T12783] ? __pfx_full_proxy_write+0x10/0x10 [ 409.696061][T12783] vfs_write+0x2a0/0x11d0 [ 409.696102][T12783] ? __pfx___mutex_lock+0x10/0x10 [ 409.696141][T12783] ? __pfx_vfs_write+0x10/0x10 [ 409.696190][T12783] ? __fget_files+0x20e/0x3c0 [ 409.696239][T12783] ksys_write+0x12a/0x250 [ 409.696276][T12783] ? __pfx_ksys_write+0x10/0x10 [ 409.696324][T12783] do_syscall_64+0xcd/0xf80 [ 409.696361][T12783] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 409.696387][T12783] RIP: 0033:0x7f6bd218f7c9 [ 409.696408][T12783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 409.696432][T12783] RSP: 002b:00007f6bd3059038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 409.696457][T12783] RAX: ffffffffffffffda RBX: 00007f6bd23e5fa0 RCX: 00007f6bd218f7c9 [ 409.696475][T12783] RDX: 0000000000000006 RSI: 0000200000005900 RDI: 0000000000000008 [ 409.696491][T12783] RBP: 00007f6bd2213f91 R08: 0000000000000000 R09: 0000000000000000 [ 409.696507][T12783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 409.696522][T12783] R13: 00007f6bd23e6038 R14: 00007f6bd23e5fa0 R15: 00007ffffd9f69d8 [ 409.696561][T12783] [ 418.686337][T12848] hub 1-0:1.0: USB hub found [ 418.744738][T12848] hub 1-0:1.0: 1 port detected [ 418.902137][T12855] FAULT_INJECTION: forcing a failure. [ 418.902137][T12855] name failslab, interval 1, probability 0, space 0, times 0 [ 418.926401][T12845] netlink: 396 bytes leftover after parsing attributes in process `syz.3.1483'. [ 419.092789][T12855] CPU: 1 UID: 0 PID: 12855 Comm: syz.0.1485 Not tainted syzkaller #0 PREEMPT(full) [ 419.092828][T12855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 419.092843][T12855] Call Trace: [ 419.092852][T12855] [ 419.092862][T12855] dump_stack_lvl+0x16c/0x1f0 [ 419.092907][T12855] should_fail_ex+0x512/0x640 [ 419.092940][T12855] ? __kmalloc_cache_noprof+0x5f/0x800 [ 419.092976][T12855] should_failslab+0xc2/0x120 [ 419.093003][T12855] __kmalloc_cache_noprof+0x72/0x800 [ 419.093033][T12855] ? devlink_fmsg_nest_common.part.0+0x48/0x1e0 [ 419.093076][T12855] ? devlink_fmsg_nest_common.part.0+0x48/0x1e0 [ 419.093109][T12855] devlink_fmsg_nest_common.part.0+0x48/0x1e0 [ 419.093143][T12855] devlink_fmsg_binary_pair_put+0x3fe/0x4f0 [ 419.093186][T12855] nsim_dev_dummy_fmsg_put+0xb5/0x1e0 [ 419.093218][T12855] devlink_health_do_dump+0x243/0x620 [ 419.093254][T12855] devlink_health_report+0x6c3/0xaa0 [ 419.093295][T12855] ? __pfx_devlink_health_report+0x10/0x10 [ 419.093334][T12855] ? _copy_from_user+0x59/0xd0 [ 419.093369][T12855] nsim_dev_health_break_write+0x166/0x210 [ 419.093405][T12855] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 419.093452][T12855] full_proxy_write+0x131/0x1a0 [ 419.093486][T12855] ? __pfx_full_proxy_write+0x10/0x10 [ 419.093515][T12855] vfs_write+0x2a0/0x11d0 [ 419.093554][T12855] ? __pfx___mutex_lock+0x10/0x10 [ 419.093588][T12855] ? __pfx_vfs_write+0x10/0x10 [ 419.093632][T12855] ? __fget_files+0x20e/0x3c0 [ 419.093673][T12855] ksys_write+0x12a/0x250 [ 419.093705][T12855] ? __pfx_ksys_write+0x10/0x10 [ 419.093749][T12855] do_syscall_64+0xcd/0xf80 [ 419.093781][T12855] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 419.093809][T12855] RIP: 0033:0x7fb9e258f7c9 [ 419.093829][T12855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 419.093854][T12855] RSP: 002b:00007fb9e33e2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 419.093887][T12855] RAX: ffffffffffffffda RBX: 00007fb9e27e5fa0 RCX: 00007fb9e258f7c9 [ 419.093903][T12855] RDX: 0000000000000006 RSI: 0000200000005900 RDI: 0000000000000008 [ 419.093919][T12855] RBP: 00007fb9e2613f91 R08: 0000000000000000 R09: 0000000000000000 [ 419.093934][T12855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 419.093948][T12855] R13: 00007fb9e27e6038 R14: 00007fb9e27e5fa0 R15: 00007ffffd8bf6e8 [ 419.093983][T12855] [ 421.040757][ T30] audit: type=1326 audit(4294969504.415:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12879 comm="syz.1.1491" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6090b8f7c9 code=0x0 [ 423.324336][T12928] hub 1-0:1.0: USB hub found [ 423.341770][T12928] hub 1-0:1.0: 1 port detected [ 423.394490][T12930] netlink: 396 bytes leftover after parsing attributes in process `syz.1.1501'. [ 423.573057][T12938] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1502'. [ 423.589868][T12938] netlink: 93 bytes leftover after parsing attributes in process `syz.3.1502'. [ 423.677313][T12940] FAULT_INJECTION: forcing a failure. [ 423.677313][T12940] name failslab, interval 1, probability 0, space 0, times 0 [ 423.715604][T12940] CPU: 0 UID: 0 PID: 12940 Comm: syz.1.1503 Not tainted syzkaller #0 PREEMPT(full) [ 423.715627][T12940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 423.715636][T12940] Call Trace: [ 423.715641][T12940] [ 423.715647][T12940] dump_stack_lvl+0x16c/0x1f0 [ 423.715671][T12940] should_fail_ex+0x512/0x640 [ 423.715691][T12940] ? __kmalloc_noprof+0xca/0x8f0 [ 423.715709][T12940] should_failslab+0xc2/0x120 [ 423.715723][T12940] __kmalloc_noprof+0xdd/0x8f0 [ 423.715738][T12940] ? devlink_fmsg_put_name+0xec/0x3c0 [ 423.715760][T12940] ? devlink_fmsg_put_name+0xec/0x3c0 [ 423.715777][T12940] devlink_fmsg_put_name+0xec/0x3c0 [ 423.715795][T12940] devlink_fmsg_string_pair_put+0xb6/0x1b0 [ 423.715824][T12940] nsim_dev_dummy_fmsg_put+0x77/0x1e0 [ 423.715845][T12940] devlink_health_do_dump+0x243/0x620 [ 423.715868][T12940] devlink_health_report+0x6c3/0xaa0 [ 423.715891][T12940] ? __pfx_devlink_health_report+0x10/0x10 [ 423.715914][T12940] ? _copy_from_user+0x59/0xd0 [ 423.715934][T12940] nsim_dev_health_break_write+0x166/0x210 [ 423.715953][T12940] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 423.715978][T12940] full_proxy_write+0x131/0x1a0 [ 423.715996][T12940] ? __pfx_full_proxy_write+0x10/0x10 [ 423.716012][T12940] vfs_write+0x2a0/0x11d0 [ 423.716033][T12940] ? __pfx___mutex_lock+0x10/0x10 [ 423.716053][T12940] ? __pfx_vfs_write+0x10/0x10 [ 423.716078][T12940] ? __fget_files+0x20e/0x3c0 [ 423.716103][T12940] ksys_write+0x12a/0x250 [ 423.716122][T12940] ? __pfx_ksys_write+0x10/0x10 [ 423.716147][T12940] do_syscall_64+0xcd/0xf80 [ 423.716166][T12940] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 423.716180][T12940] RIP: 0033:0x7f6090b8f7c9 [ 423.716192][T12940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 423.716206][T12940] RSP: 002b:00007f608edf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 423.716220][T12940] RAX: ffffffffffffffda RBX: 00007f6090de5fa0 RCX: 00007f6090b8f7c9 [ 423.716229][T12940] RDX: 0000000000000006 RSI: 0000200000005900 RDI: 0000000000000008 [ 423.716237][T12940] RBP: 00007f6090c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 423.716245][T12940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 423.716252][T12940] R13: 00007f6090de6038 R14: 00007f6090de5fa0 R15: 00007fffbc87ebe8 [ 423.716272][T12940] [ 425.079555][T12960] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1515'. [ 425.120933][T12960] netlink: 93 bytes leftover after parsing attributes in process `syz.0.1515'. [ 427.277445][ T30] audit: type=1800 audit(4294969510.677:26): pid=13006 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1516" name="lu_gp_id" dev="configfs" ino=46656 res=0 errno=0 [ 427.745134][T12997] Process accounting paused [ 427.871920][T13013] FAULT_INJECTION: forcing a failure. [ 427.871920][T13013] name failslab, interval 1, probability 0, space 0, times 0 [ 427.903548][T13013] CPU: 0 UID: 0 PID: 13013 Comm: syz.3.1518 Not tainted syzkaller #0 PREEMPT(full) [ 427.903584][T13013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 427.903595][T13013] Call Trace: [ 427.903600][T13013] [ 427.903607][T13013] dump_stack_lvl+0x16c/0x1f0 [ 427.903631][T13013] should_fail_ex+0x512/0x640 [ 427.903650][T13013] ? __kmalloc_noprof+0xca/0x8f0 [ 427.903669][T13013] should_failslab+0xc2/0x120 [ 427.903683][T13013] __kmalloc_noprof+0xdd/0x8f0 [ 427.903698][T13013] ? devlink_fmsg_put_value+0xaa/0x2d0 [ 427.903720][T13013] ? devlink_fmsg_put_value+0xaa/0x2d0 [ 427.903736][T13013] devlink_fmsg_put_value+0xaa/0x2d0 [ 427.903756][T13013] devlink_fmsg_binary_pair_put+0x210/0x4f0 [ 427.903781][T13013] nsim_dev_dummy_fmsg_put+0xb5/0x1e0 [ 427.903801][T13013] devlink_health_do_dump+0x243/0x620 [ 427.903822][T13013] devlink_health_report+0x6c3/0xaa0 [ 427.903844][T13013] ? __pfx_devlink_health_report+0x10/0x10 [ 427.903865][T13013] ? _copy_from_user+0x59/0xd0 [ 427.903886][T13013] nsim_dev_health_break_write+0x166/0x210 [ 427.903904][T13013] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 427.903929][T13013] full_proxy_write+0x131/0x1a0 [ 427.903947][T13013] ? __pfx_full_proxy_write+0x10/0x10 [ 427.903963][T13013] vfs_write+0x2a0/0x11d0 [ 427.903984][T13013] ? __pfx___mutex_lock+0x10/0x10 [ 427.904004][T13013] ? __pfx_vfs_write+0x10/0x10 [ 427.904029][T13013] ? __fget_files+0x20e/0x3c0 [ 427.904054][T13013] ksys_write+0x12a/0x250 [ 427.904073][T13013] ? __pfx_ksys_write+0x10/0x10 [ 427.904098][T13013] do_syscall_64+0xcd/0xf80 [ 427.904118][T13013] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 427.904132][T13013] RIP: 0033:0x7f50a438f7c9 [ 427.904145][T13013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 427.904157][T13013] RSP: 002b:00007f50a51e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 427.904170][T13013] RAX: ffffffffffffffda RBX: 00007f50a45e5fa0 RCX: 00007f50a438f7c9 [ 427.904179][T13013] RDX: 0000000000000006 RSI: 0000200000005900 RDI: 0000000000000008 [ 427.904188][T13013] RBP: 00007f50a4413f91 R08: 0000000000000000 R09: 0000000000000000 [ 427.904196][T13013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 427.904205][T13013] R13: 00007f50a45e6038 R14: 00007f50a45e5fa0 R15: 00007ffd425c2898 [ 427.904225][T13013] [ 434.051485][T13109] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1537'. [ 434.176572][T13109] netlink: 93 bytes leftover after parsing attributes in process `syz.1.1537'. [ 435.838344][ T30] audit: type=1800 audit(4294969519.282:27): pid=13141 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1542" name="lu_gp_id" dev="configfs" ino=47025 res=0 errno=0 [ 436.931985][T13160] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1547'. [ 436.945908][T13163] random: crng reseeded on system resumption [ 436.980509][T13160] netlink: 93 bytes leftover after parsing attributes in process `syz.3.1547'. [ 438.494235][ T30] audit: type=1800 audit(4294969521.955:28): pid=13200 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1556" name="lu_gp_id" dev="configfs" ino=47165 res=0 errno=0 [ 438.518348][T13205] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 440.454146][T13207] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 444.381606][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 444.388269][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 444.482309][T13312] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 445.210051][T13313] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 450.508442][T13413] random: crng reseeded on system resumption [ 450.619456][T13422] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 451.146562][T13425] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 453.776931][T13480] random: crng reseeded on system resumption [ 454.477567][T13496] FAULT_INJECTION: forcing a failure. [ 454.477567][T13496] name failslab, interval 1, probability 0, space 0, times 0 [ 454.490805][T13496] CPU: 1 UID: 0 PID: 13496 Comm: syz.2.1612 Not tainted syzkaller #0 PREEMPT(full) [ 454.490827][T13496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 454.490836][T13496] Call Trace: [ 454.490841][T13496] [ 454.490847][T13496] dump_stack_lvl+0x16c/0x1f0 [ 454.490871][T13496] should_fail_ex+0x512/0x640 [ 454.490890][T13496] ? __kmalloc_cache_node_noprof+0x62/0x820 [ 454.490913][T13496] should_failslab+0xc2/0x120 [ 454.490928][T13496] __kmalloc_cache_node_noprof+0x75/0x820 [ 454.490947][T13496] ? bdi_alloc+0x44/0x170 [ 454.490968][T13496] ? bdi_alloc+0x44/0x170 [ 454.490984][T13496] bdi_alloc+0x44/0x170 [ 454.491001][T13496] __alloc_disk_node+0xac/0x640 [ 454.491020][T13496] __blk_mq_alloc_disk+0x89/0x120 [ 454.491035][T13496] loop_add+0x490/0xb70 [ 454.491056][T13496] ? __pfx_loop_add+0x10/0x10 [ 454.491087][T13496] ? find_held_lock+0x2b/0x80 [ 454.491110][T13496] loop_control_ioctl+0x13e/0x630 [ 454.491130][T13496] ? __pfx_loop_control_ioctl+0x10/0x10 [ 454.491152][T13496] ? __pfx_loop_control_ioctl+0x10/0x10 [ 454.491172][T13496] __x64_sys_ioctl+0x18e/0x210 [ 454.491192][T13496] do_syscall_64+0xcd/0xf80 [ 454.491211][T13496] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 454.491224][T13496] RIP: 0033:0x7f6bd218f7c9 [ 454.491236][T13496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 454.491249][T13496] RSP: 002b:00007f6bd3059038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 454.491263][T13496] RAX: ffffffffffffffda RBX: 00007f6bd23e5fa0 RCX: 00007f6bd218f7c9 [ 454.491272][T13496] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000004 [ 454.491280][T13496] RBP: 00007f6bd2213f91 R08: 0000000000000000 R09: 0000000000000000 [ 454.491288][T13496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 454.491296][T13496] R13: 00007f6bd23e6038 R14: 00007f6bd23e5fa0 R15: 00007ffffd9f69d8 [ 454.491315][T13496] [ 455.778316][T13520] random: crng reseeded on system resumption [ 457.955112][T13554] Process accounting resumed [ 458.319840][T13570] random: crng reseeded on system resumption [ 460.145929][T13606] i8042 aux 00:02: in use; can't configure [ 460.169053][ T30] audit: type=1800 audit(4294967306.312:29): pid=13606 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1640" name="members" dev="configfs" ino=48055 res=0 errno=0 [ 461.397302][T13619] random: crng reseeded on system resumption [ 462.377904][T13635] random: crng reseeded on system resumption [ 463.387402][T13657] netlink: 'syz.3.1647': attribute type 11 has an invalid length. [ 463.810213][T13669] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1650'. [ 463.821849][T13668] i8042 aux 00:02: in use; can't configure [ 463.852864][ T30] audit: type=1800 audit(4294967302.392:30): pid=13668 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1651" name="members" dev="configfs" ino=49250 res=0 errno=0 [ 465.876904][T13709] netlink: 'syz.2.1664': attribute type 11 has an invalid length. [ 466.418758][T13716] i8042 aux 00:02: in use; can't configure [ 466.465631][ T30] audit: type=1800 audit(4294967305.015:31): pid=13716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1666" name="members" dev="configfs" ino=50359 res=0 errno=0 [ 466.518834][T13722] i8042 aux 00:02: in use; can't configure [ 466.550634][T13722] i8042 aux 00:02: in use; can't configure [ 466.551070][T13721] netlink: 93 bytes leftover after parsing attributes in process `syz.3.1668'. [ 467.693833][T13756] netlink: 4944 bytes leftover after parsing attributes in process `syz.3.1673'. [ 468.090588][T13767] netlink: 'syz.0.1675': attribute type 11 has an invalid length. [ 468.377114][T13771] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1676'. [ 468.415032][T13771] netlink: 93 bytes leftover after parsing attributes in process `syz.1.1676'. [ 469.520176][T13803] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1683'. [ 469.569919][T13803] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1683'. [ 470.199873][T13820] zswap: compressor not available [ 471.240498][ T30] audit: type=1800 audit(4294967309.810:32): pid=13846 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1695" name="dbroot" dev="configfs" ino=49642 res=0 errno=0 [ 472.097731][T13855] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1697'. [ 472.176806][T13857] netlink: 93 bytes leftover after parsing attributes in process `syz.1.1697'. [ 473.191354][T13879] can0: slcan on pty238. [ 473.267650][T13876] zswap: compressor not available [ 473.351912][T13864] can0 (unregistered): slcan off pty238. [ 473.663569][ T30] audit: type=1800 audit(4294967312.203:33): pid=13892 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1707" name="dbroot" dev="configfs" ino=49755 res=0 errno=0 [ 474.155446][T13907] netlink: 'syz.1.1710': attribute type 4 has an invalid length. [ 474.198790][T13907] netlink: 'syz.1.1710': attribute type 1 has an invalid length. [ 476.477085][ T30] audit: type=1800 audit(4294967315.077:34): pid=13960 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1720" name="dbroot" dev="configfs" ino=50966 res=0 errno=0 [ 476.711271][T13958] zswap: compressor not available [ 477.178629][T13977] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1721'. [ 484.229647][T14099] usb usb3: usbfs: process 14099 (syz.3.1754) did not claim interface 2 before use [ 484.665095][T14107] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1752'. [ 488.565427][ T30] audit: type=1800 audit(4294967327.220:35): pid=14156 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1772" name="dbroot" dev="configfs" ino=51423 res=0 errno=0 [ 488.638391][ T30] audit: type=1326 audit(4294967327.230:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14151 comm="syz.2.1765" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6bd218f7c9 code=0x0 [ 488.687674][T14150] Process accounting paused [ 489.262100][T14171] serio: Serial port pty6 [ 489.728510][T14178] usb usb3: usbfs: process 14178 (syz.2.1768) did not claim interface 2 before use [ 492.920306][T14216] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1779'. [ 493.004783][ T30] audit: type=1326 audit(4294967331.693:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14218 comm="syz.3.1778" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f50a438f7c9 code=0x0 [ 493.303224][T14231] usb usb3: usbfs: process 14231 (syz.1.1783) did not claim interface 2 before use [ 493.580490][T14238] serio: Serial port pty6 [ 494.436903][T14244] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1785'. [ 494.462965][T14244] netlink: 93 bytes leftover after parsing attributes in process `syz.1.1785'. [ 495.691817][T14269] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1791'. [ 497.197563][T14298] serio: Serial port pty6 [ 501.033081][T14355] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1808'. [ 505.486260][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 505.492692][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.034784][T14448] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1828'. [ 506.082517][T14448] netlink: 93 bytes leftover after parsing attributes in process `syz.1.1828'. [ 508.650095][T14493] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1838'. [ 508.673230][T14493] netlink: 93 bytes leftover after parsing attributes in process `syz.3.1838'. [ 518.526466][T14659] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1870'. [ 518.581313][T14659] Process accounting resumed [ 521.734020][T14712] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1881'. [ 525.390377][T14776] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1902'. [ 525.452994][T14781] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1902'. [ 529.180373][T14851] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1907'. [ 529.312035][T14851] netlink: 93 bytes leftover after parsing attributes in process `syz.1.1907'. [ 532.809889][T14913] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1918'. [ 532.873619][T14915] netlink: 93 bytes leftover after parsing attributes in process `syz.1.1918'. [ 534.606198][T14937] netlink: 'syz.3.1922': attribute type 1 has an invalid length. [ 535.501026][T14951] netlink: 'syz.1.1933': attribute type 1 has an invalid length. [ 539.653019][T15021] netlink: 'syz.0.1936': attribute type 1 has an invalid length. [ 540.415566][T15038] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1948'. [ 540.468135][T15039] netlink: 93 bytes leftover after parsing attributes in process `syz.0.1948'. [ 542.972699][T15088] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1953'. [ 543.026959][T15088] netlink: 93 bytes leftover after parsing attributes in process `syz.3.1953'. [ 544.045525][T15106] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1963'. [ 544.086944][T15105] netlink: 93 bytes leftover after parsing attributes in process `syz.0.1963'. [ 546.552033][T15153] openvswitch: HfR: Dropping previously announced user features [ 546.755029][T15160] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1968'. [ 546.815505][T15162] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1968'. [ 548.623129][T15184] Process accounting paused [ 550.206147][T15217] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1980'. [ 550.231677][T15217] netlink: 93 bytes leftover after parsing attributes in process `syz.3.1980'. [ 551.195657][T15234] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1989'. [ 551.242739][T15234] netlink: 93 bytes leftover after parsing attributes in process `syz.3.1989'. [ 554.173031][T15292] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1995'. [ 554.221359][T15292] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1995'. [ 557.957755][T15356] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2006'. [ 557.996372][T15356] netlink: 93 bytes leftover after parsing attributes in process `syz.2.2006'. [ 566.623398][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 566.630009][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 568.015520][T15529] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2035'. [ 572.248034][T15602] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2046'. [ 572.316812][T15603] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2046'. [ 573.046599][T15615] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2059'. [ 573.097113][T15615] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2059'. [ 573.820654][T15631] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2054'. [ 573.913781][T15634] netlink: 93 bytes leftover after parsing attributes in process `syz.2.2054'. [ 575.925753][T15672] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2066'. [ 575.999229][T15672] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2066'. [ 577.306871][T15695] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2071'. [ 577.391842][T15697] netlink: 93 bytes leftover after parsing attributes in process `syz.3.2071'. [ 577.639001][T15703] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2072'. [ 577.685227][T15703] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2072'. [ 578.221120][T15719] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2076'. [ 578.241132][T15719] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2076'. [ 578.876689][T15728] Process accounting resumed [ 579.060064][T15734] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2079'. [ 579.197784][T15733] netlink: 93 bytes leftover after parsing attributes in process `syz.2.2079'. [ 579.765564][T15749] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2085'. [ 579.826428][T15754] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2085'. [ 579.916132][T15756] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2087'. [ 579.953170][T15756] netlink: 93 bytes leftover after parsing attributes in process `syz.0.2087'. [ 581.290821][T15785] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2092'. [ 581.331232][T15785] netlink: 93 bytes leftover after parsing attributes in process `syz.3.2092'. [ 583.983795][T15847] __nla_validate_parse: 4 callbacks suppressed [ 583.983815][T15847] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2106'. [ 584.062246][T15847] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2106'. [ 584.533070][T15860] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2109'. [ 584.662701][T15866] netlink: 93 bytes leftover after parsing attributes in process `syz.3.2109'. [ 586.372733][T15896] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2113'. [ 586.391390][T15896] netlink: 93 bytes leftover after parsing attributes in process `syz.3.2113'. [ 586.697395][T15903] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2115'. [ 586.751876][T15904] netlink: 93 bytes leftover after parsing attributes in process `syz.0.2115'. [ 588.002624][T15929] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2119'. [ 588.075390][T15931] netlink: 93 bytes leftover after parsing attributes in process `syz.0.2119'. [ 589.877347][T15964] __nla_validate_parse: 4 callbacks suppressed [ 589.878101][T15964] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2128'. [ 589.941971][T15964] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2128'. [ 590.147200][T15970] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2129'. [ 590.195359][T15970] netlink: 93 bytes leftover after parsing attributes in process `syz.2.2129'. [ 590.822175][T15988] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2134'. [ 590.935794][T15992] netlink: 93 bytes leftover after parsing attributes in process `syz.2.2134'. [ 593.358387][T16037] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2141'. [ 593.416645][T16040] netlink: 93 bytes leftover after parsing attributes in process `syz.0.2141'. [ 593.938069][T16049] netlink: 93 bytes leftover after parsing attributes in process `syz.0.2142'. [ 594.810544][T16069] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2146'. [ 595.592254][T16082] __nla_validate_parse: 1 callbacks suppressed [ 595.592324][T16082] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2148'. [ 595.684979][T16085] netlink: 93 bytes leftover after parsing attributes in process `syz.3.2148'. [ 595.736976][T16086] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2151'. [ 595.817468][T16086] netlink: 93 bytes leftover after parsing attributes in process `syz.2.2151'. [ 596.432863][T16099] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2152'. [ 596.490629][T16101] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2155'. [ 596.505019][T16104] netlink: 93 bytes leftover after parsing attributes in process `syz.0.2152'. [ 597.201294][T16112] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2156'. [ 597.257551][T16112] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2156'. [ 599.226885][T16146] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2164'. [ 601.008686][T16186] __nla_validate_parse: 5 callbacks suppressed [ 601.008754][T16186] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2173'. [ 601.103145][T16187] netlink: 93 bytes leftover after parsing attributes in process `syz.3.2173'. [ 601.475156][T16194] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2175'. [ 601.522350][T16194] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2175'. [ 601.720289][T16202] netlink: 93 bytes leftover after parsing attributes in process `syz.3.2177'. [ 603.209356][T16225] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2182'. [ 603.223517][T16225] netlink: 93 bytes leftover after parsing attributes in process `syz.2.2182'. [ 603.529331][T16234] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2183'. [ 603.557136][T16234] netlink: 93 bytes leftover after parsing attributes in process `syz.2.2183'. [ 604.012440][T16245] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2185'. [ 607.010485][T16310] __nla_validate_parse: 5 callbacks suppressed [ 607.010500][T16310] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2198'. [ 608.971886][T16333] Process accounting paused [ 609.357016][T16364] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2211'. [ 610.633972][T16393] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2218'. [ 611.455948][T16405] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2221'. [ 612.815991][T16432] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2228'. [ 615.854698][T16488] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2239'. [ 617.866404][T16521] netlink: 93 bytes leftover after parsing attributes in process `syz.3.2247'. [ 618.424391][T16535] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2249'. [ 621.554636][T16593] netlink: 93 bytes leftover after parsing attributes in process `syz.0.2260'. [ 622.407293][T16608] netlink: 93 bytes leftover after parsing attributes in process `syz.0.2264'. [ 623.925679][ T5160] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 623.937140][ T5160] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 623.945153][ T5160] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 623.953173][ T5160] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 623.960711][ T5160] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 624.449119][ T4500] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 624.498739][T16644] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2270'. [ 624.533337][T16644] netlink: 93 bytes leftover after parsing attributes in process `syz.0.2270'. [ 624.599645][ T4500] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 624.756615][ T4500] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 624.805708][T16649] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2279'. [ 624.837590][T16649] FAULT_INJECTION: forcing a failure. [ 624.837590][T16649] name failslab, interval 1, probability 0, space 0, times 0 [ 624.870777][T16649] CPU: 1 UID: 0 PID: 16649 Comm: syz.0.2279 Not tainted syzkaller #0 PREEMPT(full) [ 624.870797][T16649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 624.870806][T16649] Call Trace: [ 624.870812][T16649] [ 624.870817][T16649] dump_stack_lvl+0x16c/0x1f0 [ 624.870842][T16649] should_fail_ex+0x512/0x640 [ 624.870862][T16649] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 624.870884][T16649] should_failslab+0xc2/0x120 [ 624.870898][T16649] kmem_cache_alloc_noprof+0x75/0x760 [ 624.870915][T16649] ? skb_clone+0x190/0x3f0 [ 624.870932][T16649] ? skb_clone+0x190/0x3f0 [ 624.870943][T16649] skb_clone+0x190/0x3f0 [ 624.870957][T16649] netlink_deliver_tap+0xabd/0xd30 [ 624.870976][T16649] netlink_unicast+0x64c/0x870 [ 624.870995][T16649] ? __pfx_netlink_unicast+0x10/0x10 [ 624.871017][T16649] netlink_sendmsg+0x8c8/0xdd0 [ 624.871036][T16649] ? __pfx_netlink_sendmsg+0x10/0x10 [ 624.871054][T16649] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 624.871076][T16649] ____sys_sendmsg+0xa5d/0xc30 [ 624.871093][T16649] ? copy_msghdr_from_user+0x10a/0x160 [ 624.871114][T16649] ? __pfx_____sys_sendmsg+0x10/0x10 [ 624.871129][T16649] ? __lock_acquire+0x433/0x22f0 [ 624.871153][T16649] ___sys_sendmsg+0x134/0x1d0 [ 624.871175][T16649] ? __pfx____sys_sendmsg+0x10/0x10 [ 624.871195][T16649] ? __lock_acquire+0x433/0x22f0 [ 624.871231][T16649] __sys_sendmsg+0x16d/0x220 [ 624.871244][T16649] ? __pfx___sys_sendmsg+0x10/0x10 [ 624.871269][T16649] do_syscall_64+0xcd/0xf80 [ 624.871289][T16649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 624.871303][T16649] RIP: 0033:0x7fb9e258f7c9 [ 624.871321][T16649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 624.871334][T16649] RSP: 002b:00007fb9e33e2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 624.871347][T16649] RAX: ffffffffffffffda RBX: 00007fb9e27e5fa0 RCX: 00007fb9e258f7c9 [ 624.871356][T16649] RDX: 0000000010044010 RSI: 0000200000000100 RDI: 0000000000000004 [ 624.871365][T16649] RBP: 00007fb9e33e2090 R08: 0000000000000000 R09: 0000000000000000 [ 624.871373][T16649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 624.871381][T16649] R13: 00007fb9e27e6038 R14: 00007fb9e27e5fa0 R15: 00007ffffd8bf6e8 [ 624.871400][T16649] [ 624.871427][T16649] netlink: 93 bytes leftover after parsing attributes in process `syz.0.2279'. [ 625.032971][T16655] netlink: 93 bytes leftover after parsing attributes in process `syz.2.2272'. [ 625.152292][ T4500] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 625.213696][T16631] chnl_net:caif_netlink_parms(): no params data found [ 625.554196][T16631] bridge0: port 1(bridge_slave_0) entered blocking state [ 625.569808][T16631] bridge0: port 1(bridge_slave_0) entered disabled state [ 625.584309][T16631] bridge_slave_0: entered allmulticast mode [ 625.598242][T16631] bridge_slave_0: entered promiscuous mode [ 625.614072][T16665] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2275'. [ 625.621407][T16631] bridge0: port 2(bridge_slave_1) entered blocking state [ 625.631101][T16631] bridge0: port 2(bridge_slave_1) entered disabled state [ 625.638999][T16631] bridge_slave_1: entered allmulticast mode [ 625.646894][T16631] bridge_slave_1: entered promiscuous mode [ 625.791061][T16631] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 625.846986][T16631] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 625.879038][ T4500] bridge_slave_1: left allmulticast mode [ 625.885197][ T4500] bridge_slave_1: left promiscuous mode [ 625.893601][ T4500] bridge0: port 2(bridge_slave_1) entered disabled state [ 625.919780][ T4500] bridge_slave_0: left allmulticast mode [ 625.929214][ T4500] bridge_slave_0: left promiscuous mode [ 625.935306][ T4500] bridge0: port 1(bridge_slave_0) entered disabled state [ 625.978575][ T5160] Bluetooth: hci4: command tx timeout [ 626.265331][ T4500] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 626.299699][ T4500] bond0 (unregistering): Released all slaves [ 626.354228][T16631] team0: Port device team_slave_0 added [ 626.374266][T16631] team0: Port device team_slave_1 added [ 626.584145][T16631] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 626.591426][T16631] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 626.642116][T16631] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 626.740686][T16631] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 626.754677][T16631] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 626.863613][T16631] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 626.941218][ T4500] hsr_slave_1: left promiscuous mode [ 626.966389][ T4500] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 627.016888][ T4500] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 627.032909][ T4500] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 627.040656][ T4500] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 627.076546][ T4500] veth1_macvtap: left promiscuous mode [ 627.088092][ T4500] veth0_macvtap: left promiscuous mode [ 627.098191][ T4500] veth1_vlan: left promiscuous mode [ 627.106630][ T4500] veth0_vlan: left promiscuous mode [ 627.745730][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 627.752212][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 628.046164][ T5160] Bluetooth: hci4: command tx timeout [ 628.242328][ T4500] team0 (unregistering): Port device team_slave_1 removed [ 628.292577][ T4500] team0 (unregistering): Port device team_slave_0 removed [ 629.032961][T16631] hsr_slave_0: entered promiscuous mode [ 629.052755][T16631] hsr_slave_1: entered promiscuous mode [ 630.115351][ T5160] Bluetooth: hci4: command tx timeout [ 631.467849][T16631] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 631.498818][T16631] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 631.521492][T16631] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 631.541215][T16631] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 631.721265][T16631] 8021q: adding VLAN 0 to HW filter on device bond0 [ 631.759500][T16631] 8021q: adding VLAN 0 to HW filter on device team0 [ 631.793030][ T2131] bridge0: port 1(bridge_slave_0) entered blocking state [ 631.800242][ T2131] bridge0: port 1(bridge_slave_0) entered forwarding state [ 631.849524][ T4500] bridge0: port 2(bridge_slave_1) entered blocking state [ 631.856771][ T4500] bridge0: port 2(bridge_slave_1) entered forwarding state [ 632.126109][T16788] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2297'. [ 632.145978][T16789] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2289'. [ 632.184785][ T5160] Bluetooth: hci4: command tx timeout [ 632.680979][T16631] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 632.828545][T16631] veth0_vlan: entered promiscuous mode [ 632.994464][T16631] veth1_vlan: entered promiscuous mode [ 633.384658][T16829] zero sized request [ 633.988216][T16631] veth0_macvtap: entered promiscuous mode [ 634.092398][T16631] veth1_macvtap: entered promiscuous mode [ 634.308456][T16631] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 634.467131][T16631] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 634.563140][ T4500] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 634.614085][ T4500] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 634.674555][ T4500] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 634.708923][ T4500] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 634.913717][ T3461] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 634.943757][ T3461] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 635.411280][ T4500] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 635.426903][ T4500] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 635.741521][T16880] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 636.152541][T16900] FAULT_INJECTION: forcing a failure. [ 636.152541][T16900] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 636.204245][T16900] CPU: 1 UID: 0 PID: 16900 Comm: syz.1.2306 Not tainted syzkaller #0 PREEMPT(full) [ 636.204266][T16900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 636.204274][T16900] Call Trace: [ 636.204279][T16900] [ 636.204285][T16900] dump_stack_lvl+0x16c/0x1f0 [ 636.204309][T16900] should_fail_ex+0x512/0x640 [ 636.204331][T16900] _copy_from_user+0x2e/0xd0 [ 636.204351][T16900] core_sys_select+0x361/0xae0 [ 636.204377][T16900] ? __pfx_core_sys_select+0x10/0x10 [ 636.204400][T16900] ? proc_fail_nth_write+0x9f/0x220 [ 636.204431][T16900] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 636.204455][T16900] kern_select+0x15d/0x1e0 [ 636.204477][T16900] ? __pfx_kern_select+0x10/0x10 [ 636.204503][T16900] ? __pfx_ksys_write+0x10/0x10 [ 636.204526][T16900] __x64_sys_select+0xbd/0x160 [ 636.204545][T16900] ? do_syscall_64+0x91/0xf80 [ 636.204562][T16900] ? lockdep_hardirqs_on+0x7c/0x110 [ 636.204580][T16900] do_syscall_64+0xcd/0xf80 [ 636.204599][T16900] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 636.204613][T16900] RIP: 0033:0x7fc1c4d8f7c9 [ 636.204625][T16900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 636.204638][T16900] RSP: 002b:00007fc1c5c6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 636.204651][T16900] RAX: ffffffffffffffda RBX: 00007fc1c4fe5fa0 RCX: 00007fc1c4d8f7c9 [ 636.204661][T16900] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000a [ 636.204668][T16900] RBP: 00007fc1c5c6a090 R08: 0000000000000000 R09: 0000000000000000 [ 636.204677][T16900] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001 [ 636.204685][T16900] R13: 00007fc1c4fe6038 R14: 00007fc1c4fe5fa0 R15: 00007ffe638edf58 [ 636.204703][T16900] [ 637.156976][T16946] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2310'. [ 637.211576][T16946] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2310'. [ 637.563459][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 637.594257][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 637.602837][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 637.611257][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 637.628469][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 637.723909][T16957] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2311'. [ 637.782988][T16957] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2311'. [ 637.832516][T16957] FAULT_INJECTION: forcing a failure. [ 637.832516][T16957] name failslab, interval 1, probability 0, space 0, times 0 [ 637.870415][T16957] CPU: 0 UID: 0 PID: 16957 Comm: syz.1.2311 Not tainted syzkaller #0 PREEMPT(full) [ 637.870436][T16957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 637.870445][T16957] Call Trace: [ 637.870450][T16957] [ 637.870456][T16957] dump_stack_lvl+0x16c/0x1f0 [ 637.870479][T16957] should_fail_ex+0x512/0x640 [ 637.870498][T16957] ? kmem_cache_alloc_noprof+0x62/0x760 [ 637.870518][T16957] should_failslab+0xc2/0x120 [ 637.870533][T16957] kmem_cache_alloc_noprof+0x75/0x760 [ 637.870549][T16957] ? skb_clone+0x190/0x3f0 [ 637.870566][T16957] ? skb_clone+0x190/0x3f0 [ 637.870582][T16957] skb_clone+0x190/0x3f0 [ 637.870595][T16957] nfnetlink_rcv_batch+0x1cf/0x2350 [ 637.870621][T16957] ? irq_work_queue+0xce/0x100 [ 637.870646][T16957] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 637.870667][T16957] ? find_held_lock+0x2b/0x80 [ 637.870696][T16957] ? __pfx____ratelimit+0x10/0x10 [ 637.870714][T16957] ? rcu_is_watching+0x12/0xc0 [ 637.870735][T16957] ? do_trace_netlink_extack+0x164/0x1b0 [ 637.870755][T16957] ? __nla_validate_parse+0x600/0x2880 [ 637.870774][T16957] ? __pfx___nla_validate_parse+0x10/0x10 [ 637.870790][T16957] ? apparmor_capable+0x1d7/0x4e0 [ 637.870813][T16957] ? __nla_parse+0x40/0x60 [ 637.870829][T16957] nfnetlink_rcv+0x3c1/0x430 [ 637.870848][T16957] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 637.870872][T16957] netlink_unicast+0x5aa/0x870 [ 637.870891][T16957] ? __pfx_netlink_unicast+0x10/0x10 [ 637.870913][T16957] netlink_sendmsg+0x8c8/0xdd0 [ 637.870932][T16957] ? __pfx_netlink_sendmsg+0x10/0x10 [ 637.870950][T16957] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 637.870970][T16957] ____sys_sendmsg+0xa5d/0xc30 [ 637.870987][T16957] ? copy_msghdr_from_user+0x10a/0x160 [ 637.871008][T16957] ? __pfx_____sys_sendmsg+0x10/0x10 [ 637.871022][T16957] ? __lock_acquire+0x433/0x22f0 [ 637.871045][T16957] ___sys_sendmsg+0x134/0x1d0 [ 637.871066][T16957] ? __pfx____sys_sendmsg+0x10/0x10 [ 637.871086][T16957] ? __lock_acquire+0x433/0x22f0 [ 637.871121][T16957] __sys_sendmsg+0x16d/0x220 [ 637.871134][T16957] ? __pfx___sys_sendmsg+0x10/0x10 [ 637.871158][T16957] do_syscall_64+0xcd/0xf80 [ 637.871178][T16957] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.871192][T16957] RIP: 0033:0x7fc1c4d8f7c9 [ 637.871203][T16957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 637.871216][T16957] RSP: 002b:00007fc1c5c6a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 637.871229][T16957] RAX: ffffffffffffffda RBX: 00007fc1c4fe5fa0 RCX: 00007fc1c4d8f7c9 [ 637.871238][T16957] RDX: 0000000010044010 RSI: 0000200000000100 RDI: 0000000000000004 [ 637.871247][T16957] RBP: 00007fc1c5c6a090 R08: 0000000000000000 R09: 0000000000000000 [ 637.871255][T16957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 637.871263][T16957] R13: 00007fc1c4fe6038 R14: 00007fc1c4fe5fa0 R15: 00007ffe638edf58 [ 637.871282][T16957] [ 638.397074][T16934] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 638.638333][T16934] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 638.813152][T16934] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 638.875142][T16954] chnl_net:caif_netlink_parms(): no params data found [ 638.955709][T16934] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 639.228861][T16982] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2316'. [ 639.309850][T16982] netlink: 93 bytes leftover after parsing attributes in process `syz.2.2316'. [ 639.334478][T16954] bridge0: port 1(bridge_slave_0) entered blocking state [ 639.353702][T16954] bridge0: port 1(bridge_slave_0) entered disabled state [ 639.373496][T16954] bridge_slave_0: entered allmulticast mode [ 639.384422][T16954] bridge_slave_0: entered promiscuous mode [ 639.415971][T16954] bridge0: port 2(bridge_slave_1) entered blocking state [ 639.423727][T16954] bridge0: port 2(bridge_slave_1) entered disabled state [ 639.431400][T16954] bridge_slave_1: entered allmulticast mode [ 639.439582][T16954] bridge_slave_1: entered promiscuous mode [ 639.583947][T16954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 639.641845][T16954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 639.692423][ T5160] Bluetooth: hci0: command tx timeout [ 639.742334][T17001] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2320'. [ 639.785055][T16954] team0: Port device team_slave_0 added [ 639.793817][T17001] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2320'. [ 639.814957][T16934] bridge_slave_1: left allmulticast mode [ 639.820622][T16934] bridge_slave_1: left promiscuous mode [ 639.859468][T17006] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2321'. [ 639.868673][T16934] bridge0: port 2(bridge_slave_1) entered disabled state [ 639.886805][T17006] netlink: 93 bytes leftover after parsing attributes in process `syz.2.2321'. [ 639.918195][T16934] bridge_slave_0: left allmulticast mode [ 639.935808][T16934] bridge_slave_0: left promiscuous mode [ 639.946346][T16934] bridge0: port 1(bridge_slave_0) entered disabled state [ 640.454978][T16934] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 640.476598][T16934] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 640.489002][T16934] bond0 (unregistering): Released all slaves [ 640.502902][T16954] team0: Port device team_slave_1 added [ 640.638059][T16954] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 640.647005][T16954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 640.684340][T16954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 640.728887][T16954] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 640.736083][T16954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 640.762760][T16954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 640.922162][T16954] hsr_slave_0: entered promiscuous mode [ 640.928400][T16954] hsr_slave_1: entered promiscuous mode [ 640.936897][T16954] debugfs: 'hsr0' already exists in 'hsr' [ 640.944072][T16954] Cannot create hsr debugfs directory [ 640.963224][T16934] hsr_slave_1: left promiscuous mode [ 640.973248][T16934] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 640.982615][T16934] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 640.992130][T16934] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 641.000224][T16934] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 641.030165][T16934] veth1_macvtap: left promiscuous mode [ 641.035746][T16934] veth0_macvtap: left promiscuous mode [ 641.323557][T16934] team0 (unregistering): Port device team_slave_1 removed [ 641.378836][T16934] team0 (unregistering): Port device team_slave_0 removed [ 641.744751][ T5160] Bluetooth: hci0: command tx timeout [ 643.358567][T16954] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 643.468332][T16954] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 643.511649][T16954] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 643.566386][T16954] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 643.803955][ T5160] Bluetooth: hci0: command tx timeout [ 644.115531][T16954] 8021q: adding VLAN 0 to HW filter on device bond0 [ 644.150468][T16954] 8021q: adding VLAN 0 to HW filter on device team0 [ 644.226921][T16910] bridge0: port 1(bridge_slave_0) entered blocking state [ 644.234237][T16910] bridge0: port 1(bridge_slave_0) entered forwarding state [ 644.393117][T16924] bridge0: port 2(bridge_slave_1) entered blocking state [ 644.400339][T16924] bridge0: port 2(bridge_slave_1) entered forwarding state [ 645.328058][T17116] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2336'. [ 645.392733][T17116] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2336'. [ 645.873497][ T5160] Bluetooth: hci0: command tx timeout [ 646.086023][T16954] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 646.332151][T16954] veth0_vlan: entered promiscuous mode [ 646.386717][T16954] veth1_vlan: entered promiscuous mode [ 646.475243][T16954] veth0_macvtap: entered promiscuous mode [ 646.504983][T16954] veth1_macvtap: entered promiscuous mode [ 646.528677][T16954] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 646.541658][T16954] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 646.584603][T16910] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 646.646339][T16910] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 646.689567][T16910] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 646.742173][T16910] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 646.969294][T16924] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 647.037275][T16924] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 647.185986][T16926] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 647.211043][T17168] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2341'. [ 647.211454][T16926] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 647.270784][T17168] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2341'. [ 647.594769][T17201] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2344'. [ 647.605613][T17201] netlink: 93 bytes leftover after parsing attributes in process `syz.0.2344'. [ 647.961015][T17234] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2345'. [ 648.012353][T17236] netlink: 93 bytes leftover after parsing attributes in process `syz.0.2345'. [ 648.025991][T17236] FAULT_INJECTION: forcing a failure. [ 648.025991][T17236] name failslab, interval 1, probability 0, space 0, times 0 [ 648.042559][T17236] CPU: 1 UID: 0 PID: 17236 Comm: syz.0.2345 Not tainted syzkaller #0 PREEMPT(full) [ 648.042590][T17236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 648.042603][T17236] Call Trace: [ 648.042608][T17236] [ 648.042614][T17236] dump_stack_lvl+0x16c/0x1f0 [ 648.042637][T17236] should_fail_ex+0x512/0x640 [ 648.042663][T17236] ? kmem_cache_alloc_noprof+0x62/0x760 [ 648.042683][T17236] should_failslab+0xc2/0x120 [ 648.042697][T17236] kmem_cache_alloc_noprof+0x75/0x760 [ 648.042714][T17236] ? skb_clone+0x190/0x3f0 [ 648.042730][T17236] ? skb_clone+0x190/0x3f0 [ 648.042741][T17236] skb_clone+0x190/0x3f0 [ 648.042754][T17236] nfnetlink_rcv_batch+0x1cf/0x2350 [ 648.042779][T17236] ? irq_work_queue+0xce/0x100 [ 648.042805][T17236] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 648.042825][T17236] ? find_held_lock+0x2b/0x80 [ 648.042854][T17236] ? __pfx____ratelimit+0x10/0x10 [ 648.042871][T17236] ? rcu_is_watching+0x12/0xc0 [ 648.042892][T17236] ? do_trace_netlink_extack+0x164/0x1b0 [ 648.042913][T17236] ? __nla_validate_parse+0x600/0x2880 [ 648.042932][T17236] ? __pfx___nla_validate_parse+0x10/0x10 [ 648.042947][T17236] ? apparmor_capable+0x1d7/0x4e0 [ 648.042970][T17236] ? __nla_parse+0x40/0x60 [ 648.042986][T17236] nfnetlink_rcv+0x3c1/0x430 [ 648.043005][T17236] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 648.043030][T17236] netlink_unicast+0x5aa/0x870 [ 648.043048][T17236] ? __pfx_netlink_unicast+0x10/0x10 [ 648.043071][T17236] netlink_sendmsg+0x8c8/0xdd0 [ 648.043089][T17236] ? __pfx_netlink_sendmsg+0x10/0x10 [ 648.043107][T17236] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 648.043128][T17236] ____sys_sendmsg+0xa5d/0xc30 [ 648.043145][T17236] ? copy_msghdr_from_user+0x10a/0x160 [ 648.043166][T17236] ? __pfx_____sys_sendmsg+0x10/0x10 [ 648.043180][T17236] ? __lock_acquire+0x433/0x22f0 [ 648.043202][T17236] ___sys_sendmsg+0x134/0x1d0 [ 648.043224][T17236] ? __pfx____sys_sendmsg+0x10/0x10 [ 648.043244][T17236] ? __lock_acquire+0x433/0x22f0 [ 648.043278][T17236] __sys_sendmsg+0x16d/0x220 [ 648.043295][T17236] ? __pfx___sys_sendmsg+0x10/0x10 [ 648.043323][T17236] do_syscall_64+0xcd/0xf80 [ 648.043342][T17236] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 648.043356][T17236] RIP: 0033:0x7fb9e258f7c9 [ 648.043368][T17236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 648.043381][T17236] RSP: 002b:00007fb9e33c1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 648.043394][T17236] RAX: ffffffffffffffda RBX: 00007fb9e27e6090 RCX: 00007fb9e258f7c9 [ 648.043403][T17236] RDX: 0000000010044010 RSI: 0000200000000100 RDI: 0000000000000004 [ 648.043412][T17236] RBP: 00007fb9e33c1090 R08: 0000000000000000 R09: 0000000000000000 [ 648.043420][T17236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 648.043428][T17236] R13: 00007fb9e27e6128 R14: 00007fb9e27e6090 R15: 00007ffffd8bf6e8 [ 648.043446][T17236] [ 648.408444][T17238] FAULT_INJECTION: forcing a failure. [ 648.408444][T17238] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 648.423123][T17238] CPU: 0 UID: 0 PID: 17238 Comm: syz.1.2346 Not tainted syzkaller #0 PREEMPT(full) [ 648.423157][T17238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 648.423170][T17238] Call Trace: [ 648.423178][T17238] [ 648.423187][T17238] dump_stack_lvl+0x16c/0x1f0 [ 648.423224][T17238] should_fail_ex+0x512/0x640 [ 648.423261][T17238] _copy_to_user+0x32/0xd0 [ 648.423297][T17238] simple_read_from_buffer+0xcb/0x170 [ 648.423335][T17238] proc_fail_nth_read+0x197/0x240 [ 648.423363][T17238] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 648.423393][T17238] ? rw_verify_area+0xcf/0x6c0 [ 648.423425][T17238] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 648.423452][T17238] vfs_read+0x1e4/0xcf0 [ 648.423491][T17238] ? __pfx___mutex_lock+0x10/0x10 [ 648.423527][T17238] ? __pfx_vfs_read+0x10/0x10 [ 648.423571][T17238] ? __fget_files+0x20e/0x3c0 [ 648.423616][T17238] ksys_read+0x12a/0x250 [ 648.423649][T17238] ? __pfx_ksys_read+0x10/0x10 [ 648.423695][T17238] do_syscall_64+0xcd/0xf80 [ 648.423728][T17238] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 648.423752][T17238] RIP: 0033:0x7fc1c4d8e1dc [ 648.423771][T17238] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 648.423793][T17238] RSP: 002b:00007fc1c5c6a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 648.423815][T17238] RAX: ffffffffffffffda RBX: 00007fc1c4fe5fa0 RCX: 00007fc1c4d8e1dc [ 648.423832][T17238] RDX: 000000000000000f RSI: 00007fc1c5c6a0a0 RDI: 0000000000000005 [ 648.423852][T17238] RBP: 00007fc1c5c6a090 R08: 0000000000000000 R09: 0000000000000000 [ 648.423867][T17238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 648.423881][T17238] R13: 00007fc1c4fe6038 R14: 00007fc1c4fe5fa0 R15: 00007ffe638edf58 [ 648.423918][T17238] [ 649.630787][T17310] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2352'. [ 651.586303][T17407] nvme_fcloop: unknown parameter or missing value 'ٛ' [ 651.992344][T17416] FAULT_INJECTION: forcing a failure. [ 651.992344][T17416] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 652.051111][T17416] CPU: 0 UID: 0 PID: 17416 Comm: syz.1.2375 Not tainted syzkaller #0 PREEMPT(full) [ 652.051144][T17416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 652.051157][T17416] Call Trace: [ 652.051165][T17416] [ 652.051174][T17416] dump_stack_lvl+0x16c/0x1f0 [ 652.051207][T17416] should_fail_ex+0x512/0x640 [ 652.051242][T17416] should_fail_alloc_page+0xe7/0x130 [ 652.051267][T17416] prepare_alloc_pages+0x3c2/0x610 [ 652.051295][T17416] __alloc_frozen_pages_noprof+0x18b/0x2440 [ 652.051331][T17416] ? stack_trace_save+0x8e/0xc0 [ 652.051356][T17416] ? __pfx_stack_trace_save+0x10/0x10 [ 652.051393][T17416] ? stack_depot_save_flags+0x29/0x9b0 [ 652.051425][T17416] ? bpf_ksym_find+0x124/0x1c0 [ 652.051454][T17416] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 652.051482][T17416] ? kasan_save_stack+0x33/0x60 [ 652.051515][T17416] ? __kasan_kmalloc+0xaa/0xb0 [ 652.051546][T17416] ? copy_splice_read+0x1a8/0xc20 [ 652.051578][T17416] ? do_splice_read+0x285/0x370 [ 652.051610][T17416] ? splice_direct_to_actor+0x2a1/0xa30 [ 652.051642][T17416] ? do_splice_direct+0x174/0x240 [ 652.051674][T17416] ? do_sendfile+0xb06/0xe50 [ 652.051705][T17416] ? __x64_sys_sendfile64+0x1d8/0x220 [ 652.051729][T17416] ? do_syscall_64+0xcd/0xf80 [ 652.051784][T17416] alloc_pages_bulk_noprof+0x77b/0x1010 [ 652.051828][T17416] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 652.051869][T17416] ? copy_splice_read+0x1a8/0xc20 [ 652.051911][T17416] copy_splice_read+0x1e1/0xc20 [ 652.051954][T17416] ? __pfx_copy_splice_read+0x10/0x10 [ 652.051992][T17416] ? look_up_lock_class+0x59/0x130 [ 652.052027][T17416] ? lockdep_init_map_type+0x5c/0x270 [ 652.052056][T17416] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 652.052093][T17416] ? __pfx_copy_splice_read+0x10/0x10 [ 652.052126][T17416] do_splice_read+0x285/0x370 [ 652.052169][T17416] splice_direct_to_actor+0x2a1/0xa30 [ 652.052206][T17416] ? __pfx_direct_splice_actor+0x10/0x10 [ 652.052249][T17416] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 652.052283][T17416] ? get_pid_task+0xfc/0x250 [ 652.052317][T17416] do_splice_direct+0x174/0x240 [ 652.052354][T17416] ? __pfx_do_splice_direct+0x10/0x10 [ 652.052397][T17416] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 652.052437][T17416] ? rw_verify_area+0xcf/0x6c0 [ 652.052472][T17416] do_sendfile+0xb06/0xe50 [ 652.052512][T17416] ? __pfx_do_sendfile+0x10/0x10 [ 652.052545][T17416] ? __fget_files+0x20e/0x3c0 [ 652.052588][T17416] __x64_sys_sendfile64+0x1d8/0x220 [ 652.052612][T17416] ? ksys_write+0x1ac/0x250 [ 652.052646][T17416] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 652.052683][T17416] do_syscall_64+0xcd/0xf80 [ 652.052716][T17416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 652.052740][T17416] RIP: 0033:0x7fc1c4d8f7c9 [ 652.052759][T17416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 652.052782][T17416] RSP: 002b:00007fc1c5c6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 652.052804][T17416] RAX: ffffffffffffffda RBX: 00007fc1c4fe5fa0 RCX: 00007fc1c4d8f7c9 [ 652.052821][T17416] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 652.052835][T17416] RBP: 00007fc1c5c6a090 R08: 0000000000000000 R09: 0000000000000000 [ 652.052849][T17416] R10: 0000000002000007 R11: 0000000000000246 R12: 0000000000000001 [ 652.052863][T17416] R13: 00007fc1c4fe6038 R14: 00007fc1c4fe5fa0 R15: 00007ffe638edf58 [ 652.052899][T17416] [ 653.251799][T17477] synth uevent: /bus/hid/drivers/zeroplus: unknown uevent action string [ 654.411358][T17548] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2380'. [ 654.441315][T17548] netlink: 93 bytes leftover after parsing attributes in process `syz.0.2380'. [ 654.741178][T17580] FAULT_INJECTION: forcing a failure. [ 654.741178][T17580] name failslab, interval 1, probability 0, space 0, times 0 [ 654.840728][T17580] CPU: 0 UID: 0 PID: 17580 Comm: syz.1.2382 Not tainted syzkaller #0 PREEMPT(full) [ 654.840761][T17580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 654.840770][T17580] Call Trace: [ 654.840774][T17580] [ 654.840781][T17580] dump_stack_lvl+0x16c/0x1f0 [ 654.840804][T17580] should_fail_ex+0x512/0x640 [ 654.840824][T17580] ? __kvmalloc_node_noprof+0x129/0xa50 [ 654.840845][T17580] should_failslab+0xc2/0x120 [ 654.840860][T17580] __kvmalloc_node_noprof+0x13c/0xa50 [ 654.840878][T17580] ? set_page_refcounted+0x88/0x190 [ 654.840899][T17580] ? seq_read_iter+0x830/0x12d0 [ 654.840923][T17580] ? seq_read_iter+0x830/0x12d0 [ 654.840943][T17580] seq_read_iter+0x830/0x12d0 [ 654.840962][T17580] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 654.840986][T17580] kernfs_fop_read_iter+0x46c/0x610 [ 654.841005][T17580] copy_splice_read+0x618/0xc20 [ 654.841030][T17580] ? __pfx_copy_splice_read+0x10/0x10 [ 654.841052][T17580] ? look_up_lock_class+0x59/0x130 [ 654.841074][T17580] ? lockdep_init_map_type+0x5c/0x270 [ 654.841091][T17580] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 654.841129][T17580] ? __pfx_copy_splice_read+0x10/0x10 [ 654.841152][T17580] do_splice_read+0x285/0x370 [ 654.841174][T17580] splice_direct_to_actor+0x2a1/0xa30 [ 654.841196][T17580] ? __pfx_direct_splice_actor+0x10/0x10 [ 654.841220][T17580] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 654.841239][T17580] ? get_pid_task+0xfc/0x250 [ 654.841258][T17580] do_splice_direct+0x174/0x240 [ 654.841278][T17580] ? __pfx_do_splice_direct+0x10/0x10 [ 654.841299][T17580] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 654.841323][T17580] ? rw_verify_area+0xcf/0x6c0 [ 654.841343][T17580] do_sendfile+0xb06/0xe50 [ 654.841366][T17580] ? __pfx_do_sendfile+0x10/0x10 [ 654.841390][T17580] ? __fget_files+0x20e/0x3c0 [ 654.841415][T17580] __x64_sys_sendfile64+0x1d8/0x220 [ 654.841429][T17580] ? ksys_write+0x1ac/0x250 [ 654.841448][T17580] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 654.841468][T17580] do_syscall_64+0xcd/0xf80 [ 654.841487][T17580] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 654.841502][T17580] RIP: 0033:0x7fc1c4d8f7c9 [ 654.841514][T17580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 654.841527][T17580] RSP: 002b:00007fc1c5c6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 654.841540][T17580] RAX: ffffffffffffffda RBX: 00007fc1c4fe5fa0 RCX: 00007fc1c4d8f7c9 [ 654.841549][T17580] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 654.841557][T17580] RBP: 00007fc1c5c6a090 R08: 0000000000000000 R09: 0000000000000000 [ 654.841565][T17580] R10: 0000000002000007 R11: 0000000000000246 R12: 0000000000000001 [ 654.841573][T17580] R13: 00007fc1c4fe6038 R14: 00007fc1c4fe5fa0 R15: 00007ffe638edf58 [ 654.841592][T17580] [ 655.160609][T17593] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2384'. [ 656.314359][T17655] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 656.695938][T17685] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2397'. [ 656.893943][T17702] FAULT_INJECTION: forcing a failure. [ 656.893943][T17702] name failslab, interval 1, probability 0, space 0, times 0 [ 656.952633][T17702] CPU: 1 UID: 0 PID: 17702 Comm: syz.2.2398 Not tainted syzkaller #0 PREEMPT(full) [ 656.952653][T17702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 656.952662][T17702] Call Trace: [ 656.952667][T17702] [ 656.952672][T17702] dump_stack_lvl+0x16c/0x1f0 [ 656.952695][T17702] should_fail_ex+0x512/0x640 [ 656.952714][T17702] ? __kmalloc_noprof+0xca/0x8f0 [ 656.952732][T17702] should_failslab+0xc2/0x120 [ 656.952745][T17702] __kmalloc_noprof+0xdd/0x8f0 [ 656.952761][T17702] ? iter_file_splice_write+0x1cc/0x12b0 [ 656.952778][T17702] ? iter_file_splice_write+0x1cc/0x12b0 [ 656.952790][T17702] iter_file_splice_write+0x1cc/0x12b0 [ 656.952806][T17702] ? kfree+0x2f8/0x6e0 [ 656.952820][T17702] ? copy_splice_read+0x897/0xc20 [ 656.952843][T17702] ? copy_splice_read+0x897/0xc20 [ 656.952862][T17702] ? copy_splice_read+0x89c/0xc20 [ 656.952881][T17702] ? __pfx_iter_file_splice_write+0x10/0x10 [ 656.952896][T17702] ? __lock_acquire+0x433/0x22f0 [ 656.952912][T17702] ? __pfx_copy_splice_read+0x10/0x10 [ 656.952942][T17702] ? __pfx_iter_file_splice_write+0x10/0x10 [ 656.952957][T17702] direct_splice_actor+0x192/0x6c0 [ 656.952982][T17702] splice_direct_to_actor+0x345/0xa30 [ 656.953005][T17702] ? __pfx_direct_splice_actor+0x10/0x10 [ 656.953029][T17702] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 656.953048][T17702] ? get_pid_task+0xfc/0x250 [ 656.953067][T17702] do_splice_direct+0x174/0x240 [ 656.953088][T17702] ? __pfx_do_splice_direct+0x10/0x10 [ 656.953109][T17702] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 656.953132][T17702] ? rw_verify_area+0xcf/0x6c0 [ 656.953153][T17702] do_sendfile+0xb06/0xe50 [ 656.953176][T17702] ? __pfx_do_sendfile+0x10/0x10 [ 656.953195][T17702] ? __fget_files+0x20e/0x3c0 [ 656.953220][T17702] __x64_sys_sendfile64+0x1d8/0x220 [ 656.953240][T17702] ? ksys_write+0x1ac/0x250 [ 656.953259][T17702] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 656.953290][T17702] do_syscall_64+0xcd/0xf80 [ 656.953324][T17702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 656.953340][T17702] RIP: 0033:0x7f6bd218f7c9 [ 656.953352][T17702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 656.953366][T17702] RSP: 002b:00007f6bd3059038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 656.953384][T17702] RAX: ffffffffffffffda RBX: 00007f6bd23e5fa0 RCX: 00007f6bd218f7c9 [ 656.953400][T17702] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 656.953414][T17702] RBP: 00007f6bd3059090 R08: 0000000000000000 R09: 0000000000000000 [ 656.953429][T17702] R10: 0000000002000007 R11: 0000000000000246 R12: 0000000000000001 [ 656.953438][T17702] R13: 00007f6bd23e6038 R14: 00007f6bd23e5fa0 R15: 00007ffffd9f69d8 [ 656.953458][T17702] [ 657.585018][T17768] syz.2.2401 (17768): attempted to duplicate a private mapping with mremap. This is not supported. [ 658.554169][T17837] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2409'. [ 658.750359][T17850] FAULT_INJECTION: forcing a failure. [ 658.750359][T17850] name failslab, interval 1, probability 0, space 0, times 0 [ 658.794092][T17850] CPU: 1 UID: 0 PID: 17850 Comm: syz.3.2412 Not tainted syzkaller #0 PREEMPT(full) [ 658.794123][T17850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 658.794137][T17850] Call Trace: [ 658.794145][T17850] [ 658.794155][T17850] dump_stack_lvl+0x16c/0x1f0 [ 658.794191][T17850] should_fail_ex+0x512/0x640 [ 658.794224][T17850] ? __kmalloc_noprof+0xca/0x8f0 [ 658.794255][T17850] should_failslab+0xc2/0x120 [ 658.794280][T17850] __kmalloc_noprof+0xdd/0x8f0 [ 658.794307][T17850] ? kernfs_fop_write_iter+0x237/0x570 [ 658.794338][T17850] ? kernfs_fop_write_iter+0x237/0x570 [ 658.794361][T17850] kernfs_fop_write_iter+0x237/0x570 [ 658.794390][T17850] iter_file_splice_write+0xa24/0x12b0 [ 658.794435][T17850] ? copy_splice_read+0x89c/0xc20 [ 658.794470][T17850] ? __pfx_iter_file_splice_write+0x10/0x10 [ 658.794502][T17850] ? __pfx_copy_splice_read+0x10/0x10 [ 658.794558][T17850] ? __pfx_iter_file_splice_write+0x10/0x10 [ 658.794584][T17850] direct_splice_actor+0x192/0x6c0 [ 658.794626][T17850] splice_direct_to_actor+0x345/0xa30 [ 658.794671][T17850] ? __pfx_direct_splice_actor+0x10/0x10 [ 658.794714][T17850] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 658.794749][T17850] ? get_pid_task+0xfc/0x250 [ 658.794784][T17850] do_splice_direct+0x174/0x240 [ 658.794820][T17850] ? __pfx_do_splice_direct+0x10/0x10 [ 658.794863][T17850] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 658.794906][T17850] ? rw_verify_area+0xcf/0x6c0 [ 658.794943][T17850] do_sendfile+0xb06/0xe50 [ 658.794983][T17850] ? __pfx_do_sendfile+0x10/0x10 [ 658.795018][T17850] ? __fget_files+0x20e/0x3c0 [ 658.795063][T17850] __x64_sys_sendfile64+0x1d8/0x220 [ 658.795087][T17850] ? ksys_write+0x1ac/0x250 [ 658.795122][T17850] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 658.795160][T17850] do_syscall_64+0xcd/0xf80 [ 658.795195][T17850] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 658.795219][T17850] RIP: 0033:0x7f6a80d8f7c9 [ 658.795239][T17850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 658.795262][T17850] RSP: 002b:00007f6a81b85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 658.795284][T17850] RAX: ffffffffffffffda RBX: 00007f6a80fe5fa0 RCX: 00007f6a80d8f7c9 [ 658.795301][T17850] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 658.795315][T17850] RBP: 00007f6a81b85090 R08: 0000000000000000 R09: 0000000000000000 [ 658.795330][T17850] R10: 0000000002000007 R11: 0000000000000246 R12: 0000000000000001 [ 658.795344][T17850] R13: 00007f6a80fe6038 R14: 00007f6a80fe5fa0 R15: 00007ffc329097b8 [ 658.795381][T17850] [ 659.198294][T17894] kafs: addr_prefs: Invalid Command [ 659.817278][T17960] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2424'. [ 660.617564][T18012] FAULT_INJECTION: forcing a failure. [ 660.617564][T18012] name failslab, interval 1, probability 0, space 0, times 0 [ 660.630556][T18012] CPU: 0 UID: 0 PID: 18012 Comm: syz.1.2433 Not tainted syzkaller #0 PREEMPT(full) [ 660.630586][T18012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 660.630601][T18012] Call Trace: [ 660.630609][T18012] [ 660.630618][T18012] dump_stack_lvl+0x16c/0x1f0 [ 660.630656][T18012] should_fail_ex+0x512/0x640 [ 660.630689][T18012] ? __kmalloc_noprof+0xca/0x8f0 [ 660.630729][T18012] should_failslab+0xc2/0x120 [ 660.630753][T18012] __kmalloc_noprof+0xdd/0x8f0 [ 660.630781][T18012] ? copy_splice_read+0x1a8/0xc20 [ 660.630822][T18012] ? copy_splice_read+0x1a8/0xc20 [ 660.630855][T18012] copy_splice_read+0x1a8/0xc20 [ 660.630890][T18012] ? __pfx_iter_file_splice_write+0x10/0x10 [ 660.630921][T18012] ? __pfx_copy_splice_read+0x10/0x10 [ 660.630967][T18012] ? find_held_lock+0x2b/0x80 [ 660.631006][T18012] ? __pfx_copy_splice_read+0x10/0x10 [ 660.631041][T18012] do_splice_read+0x285/0x370 [ 660.631081][T18012] splice_direct_to_actor+0x2a1/0xa30 [ 660.631119][T18012] ? __pfx_direct_splice_actor+0x10/0x10 [ 660.631160][T18012] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 660.631193][T18012] ? get_pid_task+0xfc/0x250 [ 660.631226][T18012] do_splice_direct+0x174/0x240 [ 660.631263][T18012] ? __pfx_do_splice_direct+0x10/0x10 [ 660.631300][T18012] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 660.631342][T18012] ? rw_verify_area+0xcf/0x6c0 [ 660.631378][T18012] do_sendfile+0xb06/0xe50 [ 660.631419][T18012] ? __pfx_do_sendfile+0x10/0x10 [ 660.631453][T18012] ? __fget_files+0x20e/0x3c0 [ 660.631497][T18012] __x64_sys_sendfile64+0x1d8/0x220 [ 660.631522][T18012] ? ksys_write+0x1ac/0x250 [ 660.631556][T18012] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 660.631594][T18012] do_syscall_64+0xcd/0xf80 [ 660.631629][T18012] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.631653][T18012] RIP: 0033:0x7fc1c4d8f7c9 [ 660.631672][T18012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 660.631695][T18012] RSP: 002b:00007fc1c5c6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 660.631724][T18012] RAX: ffffffffffffffda RBX: 00007fc1c4fe5fa0 RCX: 00007fc1c4d8f7c9 [ 660.631740][T18012] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 660.631754][T18012] RBP: 00007fc1c5c6a090 R08: 0000000000000000 R09: 0000000000000000 [ 660.631768][T18012] R10: 0000000002000007 R11: 0000000000000246 R12: 0000000000000001 [ 660.631783][T18012] R13: 00007fc1c4fe6038 R14: 00007fc1c4fe5fa0 R15: 00007ffe638edf58 [ 660.631820][T18012] [ 661.503147][T18032] synth uevent: /bus/hid/drivers/zeroplus: unknown uevent action string [ 662.249622][T18080] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2443'. [ 662.285277][T18080] netlink: 93 bytes leftover after parsing attributes in process `syz.0.2443'. [ 662.452751][T18094] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2444'. [ 662.493031][T18094] netlink: 93 bytes leftover after parsing attributes in process `syz.3.2444'. [ 662.805731][T18109] blktrace: Concurrent blktraces are not allowed on loop2 [ 663.222820][T18123] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2449'. [ 663.274567][T18123] netlink: 93 bytes leftover after parsing attributes in process `syz.2.2449'. [ 663.378613][T18136] synth uevent: /bus/hid/drivers/zeroplus: unknown uevent action string [ 663.488681][T18156] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2451'. [ 663.499489][T18156] netlink: 93 bytes leftover after parsing attributes in process `syz.2.2451'. [ 664.304581][T18213] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2453'. [ 665.699184][T18266] FAULT_INJECTION: forcing a failure. [ 665.699184][T18266] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 665.749999][T18266] CPU: 0 UID: 0 PID: 18266 Comm: syz.2.2460 Not tainted syzkaller #0 PREEMPT(full) [ 665.750034][T18266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 665.750048][T18266] Call Trace: [ 665.750056][T18266] [ 665.750065][T18266] dump_stack_lvl+0x16c/0x1f0 [ 665.750103][T18266] should_fail_ex+0x512/0x640 [ 665.750140][T18266] should_fail_alloc_page+0xe7/0x130 [ 665.750167][T18266] prepare_alloc_pages+0x3c2/0x610 [ 665.750196][T18266] __alloc_frozen_pages_noprof+0x18b/0x2440 [ 665.750231][T18266] ? stack_trace_save+0x8e/0xc0 [ 665.750256][T18266] ? __pfx_stack_trace_save+0x10/0x10 [ 665.750277][T18266] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 665.750302][T18266] ? stack_depot_save_flags+0x29/0x9b0 [ 665.750338][T18266] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 665.750365][T18266] ? kasan_save_stack+0x33/0x60 [ 665.750397][T18266] ? __kasan_kmalloc+0xaa/0xb0 [ 665.750427][T18266] ? copy_splice_read+0x1a8/0xc20 [ 665.750460][T18266] ? do_splice_read+0x285/0x370 [ 665.750491][T18266] ? splice_direct_to_actor+0x2a1/0xa30 [ 665.750523][T18266] ? do_splice_direct+0x174/0x240 [ 665.750555][T18266] ? do_sendfile+0xb06/0xe50 [ 665.750585][T18266] ? __x64_sys_sendfile64+0x1d8/0x220 [ 665.750616][T18266] ? do_syscall_64+0xcd/0xf80 [ 665.750656][T18266] alloc_pages_bulk_noprof+0x77b/0x1010 [ 665.750680][T18266] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 665.750703][T18266] ? copy_splice_read+0x1a8/0xc20 [ 665.750726][T18266] copy_splice_read+0x1e1/0xc20 [ 665.750751][T18266] ? __pfx_copy_splice_read+0x10/0x10 [ 665.750777][T18266] ? find_held_lock+0x2b/0x80 [ 665.750799][T18266] ? __pfx_copy_splice_read+0x10/0x10 [ 665.750818][T18266] do_splice_read+0x285/0x370 [ 665.750840][T18266] splice_direct_to_actor+0x2a1/0xa30 [ 665.750862][T18266] ? __pfx_direct_splice_actor+0x10/0x10 [ 665.750886][T18266] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 665.750906][T18266] ? get_pid_task+0xfc/0x250 [ 665.750924][T18266] do_splice_direct+0x174/0x240 [ 665.750945][T18266] ? __pfx_do_splice_direct+0x10/0x10 [ 665.750965][T18266] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 665.750988][T18266] ? rw_verify_area+0xcf/0x6c0 [ 665.751008][T18266] do_sendfile+0xb06/0xe50 [ 665.751031][T18266] ? __pfx_do_sendfile+0x10/0x10 [ 665.751050][T18266] ? __fget_files+0x20e/0x3c0 [ 665.751075][T18266] __x64_sys_sendfile64+0x1d8/0x220 [ 665.751089][T18266] ? ksys_write+0x1ac/0x250 [ 665.751108][T18266] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 665.751128][T18266] do_syscall_64+0xcd/0xf80 [ 665.751147][T18266] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 665.751160][T18266] RIP: 0033:0x7f6bd218f7c9 [ 665.751173][T18266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 665.751186][T18266] RSP: 002b:00007f6bd3059038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 665.751200][T18266] RAX: ffffffffffffffda RBX: 00007f6bd23e5fa0 RCX: 00007f6bd218f7c9 [ 665.751209][T18266] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 665.751217][T18266] RBP: 00007f6bd3059090 R08: 0000000000000000 R09: 0000000000000000 [ 665.751225][T18266] R10: 0000000002000007 R11: 0000000000000246 R12: 0000000000000001 [ 665.751233][T18266] R13: 00007f6bd23e6038 R14: 00007f6bd23e5fa0 R15: 00007ffffd9f69d8 [ 665.751252][T18266] [ 666.996801][T18332] __nla_validate_parse: 1 callbacks suppressed [ 666.996816][T18332] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2466'. [ 667.074139][T18332] netlink: 93 bytes leftover after parsing attributes in process `syz.0.2466'. [ 667.823949][T18371] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2470'. [ 667.861824][T18371] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2470'. [ 667.987057][T18385] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 668.008639][ T30] audit: type=1326 audit(4294967507.603:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18384 comm="syz.3.2471" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6a80d8f7c9 code=0x0 [ 669.047421][T18467] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2477'. [ 669.115726][T18467] netlink: 93 bytes leftover after parsing attributes in process `syz.3.2477'. [ 670.407657][T18544] FAULT_INJECTION: forcing a failure. [ 670.407657][T18544] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 670.457087][T18544] CPU: 0 UID: 0 PID: 18544 Comm: syz.2.2483 Not tainted syzkaller #0 PREEMPT(full) [ 670.457118][T18544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 670.457127][T18544] Call Trace: [ 670.457131][T18544] [ 670.457137][T18544] dump_stack_lvl+0x16c/0x1f0 [ 670.457160][T18544] should_fail_ex+0x512/0x640 [ 670.457183][T18544] _copy_to_user+0x32/0xd0 [ 670.457204][T18544] simple_read_from_buffer+0xcb/0x170 [ 670.457226][T18544] proc_fail_nth_read+0x197/0x240 [ 670.457243][T18544] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 670.457260][T18544] ? rw_verify_area+0xcf/0x6c0 [ 670.457278][T18544] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 670.457299][T18544] vfs_read+0x1e4/0xcf0 [ 670.457319][T18544] ? __pfx___mutex_lock+0x10/0x10 [ 670.457340][T18544] ? __pfx_vfs_read+0x10/0x10 [ 670.457365][T18544] ? __fget_files+0x20e/0x3c0 [ 670.457390][T18544] ksys_read+0x12a/0x250 [ 670.457410][T18544] ? __pfx_ksys_read+0x10/0x10 [ 670.457435][T18544] do_syscall_64+0xcd/0xf80 [ 670.457454][T18544] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.457469][T18544] RIP: 0033:0x7f6bd218e1dc [ 670.457480][T18544] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 670.457493][T18544] RSP: 002b:00007f6bd3059030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 670.457507][T18544] RAX: ffffffffffffffda RBX: 00007f6bd23e5fa0 RCX: 00007f6bd218e1dc [ 670.457521][T18544] RDX: 000000000000000f RSI: 00007f6bd30590a0 RDI: 0000000000000004 [ 670.457530][T18544] RBP: 00007f6bd3059090 R08: 0000000000000000 R09: 0000000000000000 [ 670.457538][T18544] R10: 0000000002000007 R11: 0000000000000246 R12: 0000000000000002 [ 670.457546][T18544] R13: 00007f6bd23e6038 R14: 00007f6bd23e5fa0 R15: 00007ffffd9f69d8 [ 670.457565][T18544] [ 670.767391][T18547] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2493'. [ 670.827994][T18555] FAULT_INJECTION: forcing a failure. [ 670.827994][T18555] name failslab, interval 1, probability 0, space 0, times 0 [ 670.875649][T18555] CPU: 0 UID: 0 PID: 18555 Comm: syz.2.2493 Not tainted syzkaller #0 PREEMPT(full) [ 670.875686][T18555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 670.875701][T18555] Call Trace: [ 670.875709][T18555] [ 670.875719][T18555] dump_stack_lvl+0x16c/0x1f0 [ 670.875759][T18555] should_fail_ex+0x512/0x640 [ 670.875794][T18555] ? kmem_cache_alloc_noprof+0x62/0x760 [ 670.875830][T18555] should_failslab+0xc2/0x120 [ 670.875855][T18555] kmem_cache_alloc_noprof+0x75/0x760 [ 670.875886][T18555] ? dup_fd+0x52/0xc70 [ 670.875912][T18555] ? dup_fd+0x52/0xc70 [ 670.875932][T18555] dup_fd+0x52/0xc70 [ 670.875956][T18555] ? apparmor_task_alloc+0x2c1/0x3b0 [ 670.876001][T18555] copy_process+0x22b3/0x74e0 [ 670.876038][T18555] ? __pfx___futex_wait+0x10/0x10 [ 670.876073][T18555] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 670.876120][T18555] ? __pfx_copy_process+0x10/0x10 [ 670.876156][T18555] ? find_held_lock+0x2b/0x80 [ 670.876192][T18555] ? futex_private_hash_put+0x160/0x1b0 [ 670.876227][T18555] kernel_clone+0xfc/0x910 [ 670.876267][T18555] ? __pfx_kernel_clone+0x10/0x10 [ 670.876324][T18555] __do_sys_clone+0xce/0x120 [ 670.876360][T18555] ? __pfx___do_sys_clone+0x10/0x10 [ 670.876414][T18555] ? xfd_validate_state+0x61/0x180 [ 670.876450][T18555] ? __pfx_ksys_write+0x10/0x10 [ 670.876499][T18555] do_syscall_64+0xcd/0xf80 [ 670.876537][T18555] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.876562][T18555] RIP: 0033:0x7f6bd218f7c9 [ 670.876583][T18555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 670.876607][T18555] RSP: 002b:00007f6bd3037fe8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 670.876629][T18555] RAX: ffffffffffffffda RBX: 00007f6bd23e6090 RCX: 00007f6bd218f7c9 [ 670.876644][T18555] RDX: 0000200000000680 RSI: 0000200000000670 RDI: 0000000000000080 [ 670.876658][T18555] RBP: 00007f6bd2213f91 R08: 0000200000000700 R09: 0000200000000700 [ 670.876673][T18555] R10: 00002000000006c0 R11: 0000000000000202 R12: 0000000000000000 [ 670.876688][T18555] R13: 00007f6bd23e6128 R14: 00007f6bd23e6090 R15: 00007ffffd9f69d8 [ 670.876722][T18555] [ 672.043482][T18628] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2499'. [ 672.071057][T18628] netlink: 93 bytes leftover after parsing attributes in process `syz.2.2499'. [ 672.589560][T18659] Invalid ELF header magic: != ELF [ 673.202065][T18659] Invalid ELF header magic: != ELF [ 673.937552][T18706] FAULT_INJECTION: forcing a failure. [ 673.937552][T18706] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 673.937618][T18706] CPU: 1 UID: 0 PID: 18706 Comm: syz.1.2501 Not tainted syzkaller #0 PREEMPT(full) [ 673.937646][T18706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 673.937659][T18706] Call Trace: [ 673.937667][T18706] [ 673.937677][T18706] dump_stack_lvl+0x16c/0x1f0 [ 673.937712][T18706] should_fail_ex+0x512/0x640 [ 673.937752][T18706] _copy_from_user+0x2e/0xd0 [ 673.937785][T18706] memdup_user_nul+0x6c/0x120 [ 673.937819][T18706] nsim_dev_health_break_write+0xbd/0x210 [ 673.937854][T18706] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 673.937898][T18706] full_proxy_write+0x131/0x1a0 [ 673.937931][T18706] ? __pfx_full_proxy_write+0x10/0x10 [ 673.937959][T18706] vfs_write+0x2a0/0x11d0 [ 673.937997][T18706] ? __pfx___mutex_lock+0x10/0x10 [ 673.938042][T18706] ? __pfx_vfs_write+0x10/0x10 [ 673.938087][T18706] ? __fget_files+0x20e/0x3c0 [ 673.938133][T18706] ksys_write+0x12a/0x250 [ 673.938167][T18706] ? __pfx_ksys_write+0x10/0x10 [ 673.938213][T18706] do_syscall_64+0xcd/0xf80 [ 673.938248][T18706] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 673.938271][T18706] RIP: 0033:0x7fc1c4d8f7c9 [ 673.938291][T18706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 673.938312][T18706] RSP: 002b:00007fc1c5c6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 673.938336][T18706] RAX: ffffffffffffffda RBX: 00007fc1c4fe5fa0 RCX: 00007fc1c4d8f7c9 [ 673.938352][T18706] RDX: 0000000000000006 RSI: 0000200000005900 RDI: 0000000000000008 [ 673.938367][T18706] RBP: 00007fc1c5c6a090 R08: 0000000000000000 R09: 0000000000000000 [ 673.938381][T18706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 673.938395][T18706] R13: 00007fc1c4fe6038 R14: 00007fc1c4fe5fa0 R15: 00007ffe638edf58 [ 673.938431][T18706] [ 674.187532][ T52] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 674.190560][ T52] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 674.191381][ T52] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 674.195581][ T52] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 674.197691][ T52] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 674.290492][T18717] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2503'. [ 674.689426][T16923] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 674.841775][T16923] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 674.914110][T18719] chnl_net:caif_netlink_parms(): no params data found [ 674.981210][T16923] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 675.255393][T18719] bridge0: port 1(bridge_slave_0) entered blocking state [ 675.263880][T18719] bridge0: port 1(bridge_slave_0) entered disabled state [ 675.272477][T18719] bridge_slave_0: entered allmulticast mode [ 675.279841][T18719] bridge_slave_0: entered promiscuous mode [ 675.305200][T18719] bridge0: port 2(bridge_slave_1) entered blocking state [ 675.325596][T18719] bridge0: port 2(bridge_slave_1) entered disabled state [ 675.335333][T18719] bridge_slave_1: entered allmulticast mode [ 675.348884][T18719] bridge_slave_1: entered promiscuous mode [ 675.517206][T18719] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 675.591907][T18719] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 675.774295][T18719] team0: Port device team_slave_0 added [ 675.805418][T16923] bridge_slave_1: left allmulticast mode [ 675.819649][T16923] bridge_slave_1: left promiscuous mode [ 675.835514][T16923] bridge0: port 2(bridge_slave_1) entered disabled state [ 675.851107][T16923] bridge_slave_0: left allmulticast mode [ 675.867686][T16923] bridge_slave_0: left promiscuous mode [ 675.889810][T16923] bridge0: port 1(bridge_slave_0) entered disabled state [ 676.276868][ T52] Bluetooth: hci2: command tx timeout [ 676.725318][T16923] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 676.736063][T16923] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 676.746246][T16923] bond0 (unregistering): Released all slaves [ 676.777273][T18719] team0: Port device team_slave_1 added [ 676.847173][T16923] HfR: left promiscuous mode [ 676.966186][T18719] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 676.999887][T18719] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 677.025879][ C0] vkms_vblank_simulate: vblank timer overrun [ 677.072167][T18719] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 677.137582][T18719] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 677.151541][T18719] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 677.177497][ C0] vkms_vblank_simulate: vblank timer overrun [ 677.221370][T18719] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 677.407768][T16923] hsr_slave_1: left promiscuous mode [ 677.416721][T16923] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 677.430828][T16923] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 677.442081][T16923] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 677.449677][T16923] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 677.580078][T16923] veth1_macvtap: left promiscuous mode [ 677.586471][T16923] veth0_macvtap: left promiscuous mode [ 677.593686][T16923] veth1_vlan: left promiscuous mode [ 677.599103][T16923] veth0_vlan: left promiscuous mode [ 677.787431][T19005] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2517'. [ 677.818213][T19005] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2517'. [ 678.344887][ T52] Bluetooth: hci2: command tx timeout [ 678.621000][T16923] team0 (unregistering): Port device team_slave_1 removed [ 678.666792][T16923] team0 (unregistering): Port device team_slave_0 removed [ 679.117545][T18719] hsr_slave_0: entered promiscuous mode [ 679.124535][T18719] hsr_slave_1: entered promiscuous mode [ 679.132409][T18719] debugfs: 'hsr0' already exists in 'hsr' [ 679.138562][T18719] Cannot create hsr debugfs directory [ 680.413981][ T52] Bluetooth: hci2: command tx timeout [ 680.723693][T18719] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 680.743051][T18719] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 680.782991][T18719] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 680.817849][T18719] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 680.853574][T19187] random: crng reseeded on system resumption [ 681.153207][T18719] 8021q: adding VLAN 0 to HW filter on device bond0 [ 681.399353][T18719] 8021q: adding VLAN 0 to HW filter on device team0 [ 681.461007][T16922] bridge0: port 1(bridge_slave_0) entered blocking state [ 681.468170][T16922] bridge0: port 1(bridge_slave_0) entered forwarding state [ 681.728133][T16917] bridge0: port 2(bridge_slave_1) entered blocking state [ 681.735289][T16917] bridge0: port 2(bridge_slave_1) entered forwarding state [ 682.135762][T19258] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2528'. [ 682.482859][ T52] Bluetooth: hci2: command tx timeout [ 682.894058][T18719] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 683.348052][T18719] veth0_vlan: entered promiscuous mode [ 683.653872][T18719] veth1_vlan: entered promiscuous mode [ 683.828439][T19347] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2536'. [ 683.903498][T19347] netlink: 93 bytes leftover after parsing attributes in process `syz.3.2536'. [ 684.076671][T19374] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2537'. [ 684.086571][T19374] netlink: 93 bytes leftover after parsing attributes in process `syz.3.2537'. [ 684.364305][T18719] veth0_macvtap: entered promiscuous mode [ 684.461836][T18719] veth1_macvtap: entered promiscuous mode [ 684.590354][T18719] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 684.621189][T18719] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 684.674839][T16911] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 684.714222][T16911] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 684.778698][T16911] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 684.787686][T16911] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 685.083380][T16920] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 685.121243][T16920] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 685.301148][T19465] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2542'. [ 685.363379][T19456] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2542'. [ 685.390832][T16922] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 685.400574][T16922] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 685.763437][T19490] Unable to find swap-space signature [ 686.928281][T19557] FAULT_INJECTION: forcing a failure. [ 686.928281][T19557] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 686.994483][T19557] CPU: 1 UID: 0 PID: 19557 Comm: syz.0.2546 Not tainted syzkaller #0 PREEMPT(full) [ 686.994514][T19557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 686.994527][T19557] Call Trace: [ 686.994535][T19557] [ 686.994544][T19557] dump_stack_lvl+0x16c/0x1f0 [ 686.994574][T19557] should_fail_ex+0x512/0x640 [ 686.994597][T19557] _copy_to_user+0x32/0xd0 [ 686.994618][T19557] simple_read_from_buffer+0xcb/0x170 [ 686.994640][T19557] proc_fail_nth_read+0x197/0x240 [ 686.994660][T19557] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 686.994677][T19557] ? rw_verify_area+0xcf/0x6c0 [ 686.994695][T19557] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 686.994711][T19557] vfs_read+0x1e4/0xcf0 [ 686.994731][T19557] ? __pfx___mutex_lock+0x10/0x10 [ 686.994752][T19557] ? __pfx_vfs_read+0x10/0x10 [ 686.994777][T19557] ? __fget_files+0x20e/0x3c0 [ 686.994803][T19557] ksys_read+0x12a/0x250 [ 686.994822][T19557] ? __pfx_ksys_read+0x10/0x10 [ 686.994856][T19557] do_syscall_64+0xcd/0xf80 [ 686.994878][T19557] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 686.994892][T19557] RIP: 0033:0x7f0c1a18e1dc [ 686.994905][T19557] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 686.994918][T19557] RSP: 002b:00007f0c1b0bd030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 686.994931][T19557] RAX: ffffffffffffffda RBX: 00007f0c1a3e5fa0 RCX: 00007f0c1a18e1dc [ 686.994941][T19557] RDX: 000000000000000f RSI: 00007f0c1b0bd0a0 RDI: 0000000000000009 [ 686.994954][T19557] RBP: 00007f0c1b0bd090 R08: 0000000000000000 R09: 0000000000000000 [ 686.994963][T19557] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000002 [ 686.994971][T19557] R13: 00007f0c1a3e6038 R14: 00007f0c1a3e5fa0 R15: 00007ffd7a965988 [ 686.994990][T19557] [ 687.826411][ T5160] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 687.841480][ T5160] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 687.858207][ T5160] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 687.866957][ T5160] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 687.878377][ T5160] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 688.051747][T16926] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 688.386282][T16926] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 688.488559][T16926] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 688.579664][T16926] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 688.773175][T19588] chnl_net:caif_netlink_parms(): no params data found [ 688.865289][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 688.871750][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 688.940233][T19588] bridge0: port 1(bridge_slave_0) entered blocking state [ 688.947864][T19588] bridge0: port 1(bridge_slave_0) entered disabled state [ 688.959245][T19588] bridge_slave_0: entered allmulticast mode [ 688.967449][T19588] bridge_slave_0: entered promiscuous mode [ 688.976333][T19588] bridge0: port 2(bridge_slave_1) entered blocking state [ 688.984314][T19588] bridge0: port 2(bridge_slave_1) entered disabled state [ 688.999181][T19588] bridge_slave_1: entered allmulticast mode [ 689.007233][T19588] bridge_slave_1: entered promiscuous mode [ 689.066410][T19588] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 689.081873][T19588] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 689.130443][T19588] team0: Port device team_slave_0 added [ 689.142391][T19588] team0: Port device team_slave_1 added [ 689.198778][T19588] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 689.206388][T19588] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 689.235423][T19588] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 689.252584][T19588] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 689.261491][T19588] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 689.288101][T19588] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 689.416628][T19588] hsr_slave_0: entered promiscuous mode [ 689.431144][T19588] hsr_slave_1: entered promiscuous mode [ 689.439128][T19588] debugfs: 'hsr0' already exists in 'hsr' [ 689.445421][T19588] Cannot create hsr debugfs directory [ 689.921932][T19942] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2562'. [ 689.933043][T19942] netlink: 93 bytes leftover after parsing attributes in process `syz.3.2562'. [ 689.964043][ T5160] Bluetooth: hci1: command tx timeout [ 690.386344][ T30] audit: type=1800 audit(4294967312.580:39): pid=19969 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2568" name="lu_gp_id" dev="configfs" ino=77107 res=0 errno=0 [ 690.414001][ T30] audit: type=1800 audit(4294967312.610:40): pid=19969 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2568" name="version" dev="configfs" ino=76419 res=0 errno=0 [ 690.473255][T19971] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2569'. [ 692.033491][ T5160] Bluetooth: hci1: command tx timeout [ 694.102589][ T5160] Bluetooth: hci1: command tx timeout [ 696.171701][ T5160] Bluetooth: hci1: command tx timeout [ 704.496841][ T52] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 704.508135][ T52] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 704.516362][ T52] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 704.525134][ T52] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 704.534558][ T52] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 704.715942][T19994] chnl_net:caif_netlink_parms(): no params data found [ 704.808483][T19994] bridge0: port 1(bridge_slave_0) entered blocking state [ 704.815659][T19994] bridge0: port 1(bridge_slave_0) entered disabled state [ 704.824661][T19994] bridge_slave_0: entered allmulticast mode [ 704.832562][T19994] bridge_slave_0: entered promiscuous mode [ 704.840468][T19994] bridge0: port 2(bridge_slave_1) entered blocking state [ 704.849495][T19994] bridge0: port 2(bridge_slave_1) entered disabled state [ 704.857479][T19994] bridge_slave_1: entered allmulticast mode [ 704.864544][T19994] bridge_slave_1: entered promiscuous mode [ 704.896128][T19994] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 704.909381][T19994] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 704.945369][T19994] team0: Port device team_slave_0 added [ 704.953069][T19994] team0: Port device team_slave_1 added [ 704.984571][T19994] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 704.992245][T19994] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 705.020139][T19994] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 705.032981][T19994] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 705.040205][T19994] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 705.066201][T19994] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 705.113764][T19994] hsr_slave_0: entered promiscuous mode [ 705.120104][T19994] hsr_slave_1: entered promiscuous mode [ 705.126662][T19994] debugfs: 'hsr0' already exists in 'hsr' [ 705.133166][T19994] Cannot create hsr debugfs directory [ 705.566943][ T52] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 705.580844][ T52] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 705.590976][ T52] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 705.601223][ T52] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 705.609279][ T52] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 705.916181][T20265] chnl_net:caif_netlink_parms(): no params data found [ 706.107509][T20265] bridge0: port 1(bridge_slave_0) entered blocking state [ 706.115249][T20265] bridge0: port 1(bridge_slave_0) entered disabled state [ 706.123192][T20265] bridge_slave_0: entered allmulticast mode [ 706.131497][T20265] bridge_slave_0: entered promiscuous mode [ 706.139670][T20265] bridge0: port 2(bridge_slave_1) entered blocking state [ 706.148590][T20265] bridge0: port 2(bridge_slave_1) entered disabled state [ 706.157140][T20265] bridge_slave_1: entered allmulticast mode [ 706.165267][T20265] bridge_slave_1: entered promiscuous mode [ 706.221704][T20265] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 706.243505][T20265] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 706.344000][T20265] team0: Port device team_slave_0 added [ 706.357104][T20265] team0: Port device team_slave_1 added [ 706.415765][T20265] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 706.423008][T20265] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 706.449623][T20265] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 706.463459][T20265] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 706.471478][T20265] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 706.499236][T20265] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 706.572972][T20265] hsr_slave_0: entered promiscuous mode [ 706.581606][T20265] hsr_slave_1: entered promiscuous mode [ 706.588963][T20265] debugfs: 'hsr0' already exists in 'hsr' [ 706.595827][T20265] Cannot create hsr debugfs directory [ 706.602548][ T52] Bluetooth: hci3: command tx timeout [ 706.626326][T20523] random: crng reseeded on system resumption [ 706.667167][T20500] zswap: compressor not available [ 707.642446][ T52] Bluetooth: hci5: command tx timeout [ 707.858622][T20599] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2582'. [ 708.057971][T20608] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 708.057971][T20608] M' is too long [ 708.068513][T20608] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 708.068513][T20608] W ' is too long [ 708.666824][ T52] Bluetooth: hci3: command tx timeout [ 709.701815][ T52] Bluetooth: hci5: command tx timeout [ 710.746109][ T52] Bluetooth: hci3: command tx timeout [ 711.771563][ T52] Bluetooth: hci5: command tx timeout [ 712.815281][ T52] Bluetooth: hci3: command tx timeout [ 713.840018][ T52] Bluetooth: hci5: command tx timeout [ 746.895057][T16632] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 746.904089][T16632] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 746.912130][T16632] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 746.922181][T16632] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 746.931835][T16632] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 746.947698][T16632] Bluetooth: hci4: command 0x0406 tx timeout [ 747.099014][T20620] chnl_net:caif_netlink_parms(): no params data found [ 747.189696][T20620] bridge0: port 1(bridge_slave_0) entered blocking state [ 747.197598][T20620] bridge0: port 1(bridge_slave_0) entered disabled state [ 747.205045][T20620] bridge_slave_0: entered allmulticast mode [ 747.213079][T20620] bridge_slave_0: entered promiscuous mode [ 747.220801][T20620] bridge0: port 2(bridge_slave_1) entered blocking state [ 747.228077][T20620] bridge0: port 2(bridge_slave_1) entered disabled state [ 747.235256][T20620] bridge_slave_1: entered allmulticast mode [ 747.243018][T20620] bridge_slave_1: entered promiscuous mode [ 747.273441][T20620] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 747.284926][T20620] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 747.318912][T20620] team0: Port device team_slave_0 added [ 747.326605][T20620] team0: Port device team_slave_1 added [ 747.357835][T20620] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 747.364807][T20620] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 747.391367][T20620] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 747.403420][T20620] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 747.410646][T20620] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 747.436907][T20620] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 747.483907][T20620] hsr_slave_0: entered promiscuous mode [ 747.490228][T20620] hsr_slave_1: entered promiscuous mode [ 747.496467][T20620] debugfs: 'hsr0' already exists in 'hsr' [ 747.502190][T20620] Cannot create hsr debugfs directory [ 749.026973][ T52] Bluetooth: hci6: command tx timeout [ 749.974767][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 749.981210][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 751.086162][ T52] Bluetooth: hci6: command tx timeout [ 753.165669][ T52] Bluetooth: hci6: command tx timeout [ 755.224895][ T52] Bluetooth: hci6: command tx timeout [ 762.232492][ T52] Bluetooth: hci0: command 0x0406 tx timeout [ 764.866311][ T52] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 764.876505][ T52] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 764.884683][ T52] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 764.892654][ T52] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 764.901875][ T52] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 765.068146][T20887] chnl_net:caif_netlink_parms(): no params data found [ 765.153539][T20887] bridge0: port 1(bridge_slave_0) entered blocking state [ 765.160691][T20887] bridge0: port 1(bridge_slave_0) entered disabled state [ 765.168796][T20887] bridge_slave_0: entered allmulticast mode [ 765.176363][T20887] bridge_slave_0: entered promiscuous mode [ 765.187432][T20887] bridge0: port 2(bridge_slave_1) entered blocking state [ 765.194712][T20887] bridge0: port 2(bridge_slave_1) entered disabled state [ 765.201876][T20887] bridge_slave_1: entered allmulticast mode [ 765.209104][T20887] bridge_slave_1: entered promiscuous mode [ 765.240005][T20887] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 765.251458][T20887] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 765.288626][T20887] team0: Port device team_slave_0 added [ 765.296205][T20887] team0: Port device team_slave_1 added [ 765.326014][T20887] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 765.333012][T20887] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 765.359584][T20887] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 765.372765][T20887] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 765.379722][T20887] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 765.405999][T20887] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 765.453948][T20887] hsr_slave_0: entered promiscuous mode [ 765.460427][T20887] hsr_slave_1: entered promiscuous mode [ 765.467218][T20887] debugfs: 'hsr0' already exists in 'hsr' [ 765.473010][T20887] Cannot create hsr debugfs directory [ 765.873237][ T52] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 765.883694][ T52] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 765.895227][ T52] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 765.903603][ T52] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 765.912938][ T52] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 766.082367][T21144] chnl_net:caif_netlink_parms(): no params data found [ 766.170961][T21144] bridge0: port 1(bridge_slave_0) entered blocking state [ 766.178727][T21144] bridge0: port 1(bridge_slave_0) entered disabled state [ 766.186470][T21144] bridge_slave_0: entered allmulticast mode [ 766.195102][T21144] bridge_slave_0: entered promiscuous mode [ 766.202825][T21144] bridge0: port 2(bridge_slave_1) entered blocking state [ 766.210147][T21144] bridge0: port 2(bridge_slave_1) entered disabled state [ 766.217762][T21144] bridge_slave_1: entered allmulticast mode [ 766.224810][T21144] bridge_slave_1: entered promiscuous mode [ 766.256615][T21144] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 766.268315][T21144] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 766.303272][T21144] team0: Port device team_slave_0 added [ 766.310853][T21144] team0: Port device team_slave_1 added [ 766.340026][T21144] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 766.347033][T21144] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 766.374131][T21144] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 766.387046][T21144] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 766.394009][T21144] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 766.419923][T21144] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 766.468438][T21144] hsr_slave_0: entered promiscuous mode [ 766.474768][T21144] hsr_slave_1: entered promiscuous mode [ 766.481144][T21144] debugfs: 'hsr0' already exists in 'hsr' [ 766.487650][T21144] Cannot create hsr debugfs directory [ 766.924184][T20624] Bluetooth: hci7: command tx timeout [ 767.958573][T20624] Bluetooth: hci8: command tx timeout [ 768.993351][T20624] Bluetooth: hci7: command tx timeout [ 770.027644][T20624] Bluetooth: hci8: command tx timeout [ 771.072123][T20624] Bluetooth: hci7: command tx timeout [ 772.096928][T20624] Bluetooth: hci8: command tx timeout [ 773.131484][T20624] Bluetooth: hci7: command tx timeout [ 774.166139][T20624] Bluetooth: hci8: command tx timeout [ 797.882874][ T52] Bluetooth: hci2: command 0x0406 tx timeout [ 806.728577][ T52] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 806.739338][ T52] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 806.749206][ T52] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 806.758075][ T52] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 806.765758][ T52] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 806.936736][T21403] chnl_net:caif_netlink_parms(): no params data found [ 807.025348][T21403] bridge0: port 1(bridge_slave_0) entered blocking state [ 807.033049][T21403] bridge0: port 1(bridge_slave_0) entered disabled state [ 807.045029][T21403] bridge_slave_0: entered allmulticast mode [ 807.052146][T21403] bridge_slave_0: entered promiscuous mode [ 807.060205][T21403] bridge0: port 2(bridge_slave_1) entered blocking state [ 807.067427][T21403] bridge0: port 2(bridge_slave_1) entered disabled state [ 807.074623][T21403] bridge_slave_1: entered allmulticast mode [ 807.082061][T21403] bridge_slave_1: entered promiscuous mode [ 807.114293][T21403] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 807.127032][T21403] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 807.159754][T21403] team0: Port device team_slave_0 added [ 807.167546][T21403] team0: Port device team_slave_1 added [ 807.199184][T21403] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 807.206696][T21403] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 807.232986][T21403] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 807.245705][T21403] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 807.252650][T21403] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 807.278772][T21403] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 807.328525][T21403] hsr_slave_0: entered promiscuous mode [ 807.334920][T21403] hsr_slave_1: entered promiscuous mode [ 807.341626][T21403] debugfs: 'hsr0' already exists in 'hsr' [ 807.347800][T21403] Cannot create hsr debugfs directory [ 808.786172][ T52] Bluetooth: hci9: command tx timeout [ 810.855360][ T52] Bluetooth: hci9: command tx timeout [ 811.098766][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 811.105257][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 812.924748][T20624] Bluetooth: hci9: command tx timeout [ 813.165643][T20624] Bluetooth: hci1: command 0x0406 tx timeout [ 814.993810][ T52] Bluetooth: hci9: command tx timeout [ 824.682075][T20624] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 824.697019][T20624] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 824.705783][T20624] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 824.716572][T20624] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 824.724556][T20624] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 824.899127][T21668] chnl_net:caif_netlink_parms(): no params data found [ 824.989381][T21668] bridge0: port 1(bridge_slave_0) entered blocking state [ 824.997235][T21668] bridge0: port 1(bridge_slave_0) entered disabled state [ 825.004562][T21668] bridge_slave_0: entered allmulticast mode [ 825.011776][T21668] bridge_slave_0: entered promiscuous mode [ 825.019544][T21668] bridge0: port 2(bridge_slave_1) entered blocking state [ 825.026878][T21668] bridge0: port 2(bridge_slave_1) entered disabled state [ 825.036328][T21668] bridge_slave_1: entered allmulticast mode [ 825.043638][T21668] bridge_slave_1: entered promiscuous mode [ 825.075334][T21668] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 825.086926][T21668] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 825.122374][T21668] team0: Port device team_slave_0 added [ 825.130062][T21668] team0: Port device team_slave_1 added [ 825.158697][T21668] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 825.165935][T21668] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 825.191973][T21668] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 825.204412][T21668] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 825.211435][T21668] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 825.237646][T21668] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 825.285933][T21668] hsr_slave_0: entered promiscuous mode [ 825.293675][T21668] hsr_slave_1: entered promiscuous mode [ 825.301677][T21668] debugfs: 'hsr0' already exists in 'hsr' [ 825.307409][T21668] Cannot create hsr debugfs directory [ 825.694808][T20624] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 825.704118][T20624] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 825.712489][T20624] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 825.722192][T20624] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 825.731757][T20624] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 825.914865][T21925] chnl_net:caif_netlink_parms(): no params data found [ 826.005612][T21925] bridge0: port 1(bridge_slave_0) entered blocking state [ 826.012900][T21925] bridge0: port 1(bridge_slave_0) entered disabled state [ 826.020234][T21925] bridge_slave_0: entered allmulticast mode [ 826.028522][T21925] bridge_slave_0: entered promiscuous mode [ 826.036409][T21925] bridge0: port 2(bridge_slave_1) entered blocking state [ 826.043570][T21925] bridge0: port 2(bridge_slave_1) entered disabled state [ 826.053507][T21925] bridge_slave_1: entered allmulticast mode [ 826.061581][T21925] bridge_slave_1: entered promiscuous mode [ 826.093911][T21925] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 826.105708][T21925] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 826.145144][T21925] team0: Port device team_slave_0 added [ 826.153413][T21925] team0: Port device team_slave_1 added [ 826.181306][T21925] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 826.188321][T21925] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 826.214315][T21925] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 826.227682][T21925] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 826.234634][T21925] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 826.261018][T21925] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 826.316362][T21925] hsr_slave_0: entered promiscuous mode [ 826.322809][T21925] hsr_slave_1: entered promiscuous mode [ 826.329325][T21925] debugfs: 'hsr0' already exists in 'hsr' [ 826.335153][T21925] Cannot create hsr debugfs directory [ 826.772590][T22134] Bluetooth: hci10: command tx timeout [ 827.807247][T22134] Bluetooth: hci11: command tx timeout [ 828.449807][T16632] Bluetooth: hci3: command 0x0406 tx timeout [ 828.458055][T22134] Bluetooth: hci5: command 0x0406 tx timeout [ 828.841900][T20624] Bluetooth: hci10: command tx timeout [ 829.876614][T20624] Bluetooth: hci11: command tx timeout [ 830.911056][T20624] Bluetooth: hci10: command tx timeout [ 831.945713][T20624] Bluetooth: hci11: command tx timeout [ 832.980176][T20624] Bluetooth: hci10: command tx timeout [ 834.015052][T20624] Bluetooth: hci11: command tx timeout [ 836.564211][ T31] INFO: task kworker/u8:34:16926 blocked for more than 143 seconds. [ 836.572834][ T31] Not tainted syzkaller #0 [ 836.577767][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 836.586547][ T31] task:kworker/u8:34 state:D stack:23544 pid:16926 tgid:16926 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 836.598627][ T31] Workqueue: netns cleanup_net [ 836.603507][ T31] Call Trace: [ 836.606789][ T31] [ 836.609707][ T31] ? __schedule+0x10b9/0x6150 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 836.614449][ T31] __schedule+0x1139/0x6150 [ 836.619493][ T31] ? __pfx___schedule+0x10/0x10 [ 836.625248][ T31] ? find_held_lock+0x2b/0x80 [ 836.629966][ T31] ? schedule+0x2d7/0x3a0 [ 836.635369][ T31] schedule+0xe7/0x3a0 [ 836.639472][ T31] schedule_timeout+0x257/0x290 [ 836.645555][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 836.651613][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 836.657036][ T31] do_wait_for_common+0x2d7/0x4c0 [ 836.662326][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 836.667727][ T31] ? __pfx_do_wait_for_common+0x10/0x10 [ 836.710800][ T31] ? do_raw_spin_lock+0x12c/0x2b0 [ 836.715901][ T31] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 836.740678][ T31] ? __pfx___might_resched+0x10/0x10 [ 836.746054][ T31] wait_for_completion+0x49/0x60 [ 836.758977][ T31] remove_one+0x312/0x420 [ 836.763454][ T31] ? find_next_child+0x18f/0x280 [ 836.768423][ T31] __simple_recursive_removal+0x15b/0x610 [ 836.774213][ T31] ? __pfx_remove_one+0x10/0x10 [ 836.779669][ T31] debugfs_remove+0x5d/0x80 [ 836.784294][ T31] nsim_dev_health_exit+0x3b/0xe0 [ 836.789341][ T31] nsim_dev_reload_destroy+0x144/0x4d0 [ 836.794864][ T31] nsim_dev_reload_down+0x66/0xd0 [ 836.799901][ T31] devlink_reload+0x1a1/0x7c0 [ 836.804929][ T31] ? __pfx_devlink_reload+0x10/0x10 [ 836.810157][ T31] devlink_pernet_pre_exit+0x1a0/0x2b0 [ 836.815674][ T31] ? __pfx_devlink_pernet_pre_exit+0x10/0x10 [ 836.821699][ T31] ? up_write+0x282/0x4e0 [ 836.826042][ T31] ? kobject_put+0xab/0x590 [ 836.830574][ T31] ? __pfx_devlink_pernet_pre_exit+0x10/0x10 [ 836.836575][ T31] ops_undo_list+0x187/0xab0 [ 836.841243][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 836.846363][ T31] ? cleanup_net+0x347/0x830 [ 836.851613][ T31] ? idr_destroy+0x62/0x2e0 [ 836.856137][ T31] cleanup_net+0x41b/0x830 [ 836.860586][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 836.865540][ T31] ? rcu_is_watching+0x12/0xc0 [ 836.870354][ T31] process_one_work+0x9ba/0x1b20 [ 836.875307][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 836.881678][ T31] ? __pfx_process_one_work+0x10/0x10 [ 836.887090][ T31] ? assign_work+0x1a0/0x250 [ 836.891888][ T31] worker_thread+0x6c8/0xf10 [ 836.896512][ T31] ? __pfx_worker_thread+0x10/0x10 [ 836.901788][ T31] kthread+0x3c5/0x780 [ 836.905874][ T31] ? __pfx_kthread+0x10/0x10 [ 836.910544][ T31] ? rcu_is_watching+0x12/0xc0 [ 836.915329][ T31] ? __pfx_kthread+0x10/0x10 [ 836.920020][ T31] ret_from_fork+0x983/0xb10 [ 836.924620][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 836.929859][ T31] ? __switch_to+0x7af/0x10d0 [ 836.934551][ T31] ? __pfx_kthread+0x10/0x10 [ 836.939131][ T31] ret_from_fork_asm+0x1a/0x30 [ 836.944183][ T31] [ 836.947316][ T31] INFO: task syz-executor:19588 blocked for more than 143 seconds. [ 836.955602][ T31] Not tainted syzkaller #0 [ 836.960853][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 836.969609][ T31] task:syz-executor state:D stack:23928 pid:19588 tgid:19588 ppid:1 task_flags:0x400140 flags:0x00080002 [ 836.981643][ T31] Call Trace: [ 836.984935][ T31] [ 836.987879][ T31] ? __schedule+0x10b9/0x6150 [ 836.992738][ T31] __schedule+0x1139/0x6150 [ 836.997289][ T31] ? __pfx___schedule+0x10/0x10 [ 837.002243][ T31] ? find_held_lock+0x2b/0x80 [ 837.006956][ T31] ? schedule+0x2d7/0x3a0 [ 837.011411][ T31] schedule+0xe7/0x3a0 [ 837.015509][ T31] schedule_preempt_disabled+0x13/0x30 [ 837.021048][ T31] __mutex_lock+0xcf8/0x1b10 [ 837.025673][ T31] ? device_del+0xa0/0x9f0 [ 837.030200][ T31] ? xas_create+0x1d7/0x1460 [ 837.034819][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 837.040156][ T31] ? mark_held_locks+0x49/0x80 [ 837.044947][ T31] ? device_del+0xa0/0x9f0 [ 837.049635][ T31] device_del+0xa0/0x9f0 [ 837.054148][ T31] ? __pfx_ida_free+0x10/0x10 [ 837.058848][ T31] ? __pfx_device_del+0x10/0x10 [ 837.064712][ T31] ? __lock_acquire+0x433/0x22f0 [ 837.070015][ T31] device_unregister+0x1d/0xc0 [ 837.074806][ T31] del_device_store+0x355/0x4a0 [ 837.081119][ T31] ? __pfx_del_device_store+0x10/0x10 [ 837.086531][ T31] ? find_held_lock+0x2b/0x80 [ 837.091701][ T31] ? sysfs_file_kobj+0xe4/0x290 [ 837.096576][ T31] ? __pfx_del_device_store+0x10/0x10 [ 837.102444][ T31] bus_attr_store+0x74/0xb0 [ 837.106978][ T31] ? __pfx_bus_attr_store+0x10/0x10 [ 837.112708][ T31] sysfs_kf_write+0xf2/0x150 [ 837.117334][ T31] kernfs_fop_write_iter+0x3af/0x570 [ 837.123147][ T31] ? __pfx_sysfs_kf_write+0x10/0x10 [ 837.128375][ T31] vfs_write+0x7d3/0x11d0 [ 837.133211][ T31] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 837.139364][ T31] ? __pfx_vfs_write+0x10/0x10 [ 837.144168][ T31] ? __pfx_do_sys_openat2+0x10/0x10 [ 837.149532][ T31] ksys_write+0x12a/0x250 [ 837.153980][ T31] ? __pfx_ksys_write+0x10/0x10 [ 837.159168][ T31] do_syscall_64+0xcd/0xf80 [ 837.163676][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 837.169715][ T31] RIP: 0033:0x7f26e8f8e27f [ 837.174137][ T31] RSP: 002b:00007ffc2b4abb30 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 837.182670][ T31] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f26e8f8e27f [ 837.190720][ T31] RDX: 0000000000000001 RSI: 00007ffc2b4abb80 RDI: 0000000000000005 [ 837.199015][ T31] RBP: 00007f26e90152cb R08: 0000000000000000 R09: 00007ffc2b4ab987 [ 837.207003][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 837.215061][ T31] R13: 00007ffc2b4abb80 R14: 00007f26e9d14620 R15: 0000000000000003 [ 837.223135][ T31] [ 837.226240][ T31] INFO: task syz.1.2553:19634 blocked for more than 144 seconds. [ 837.234109][ T31] Not tainted syzkaller #0 [ 837.239088][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 837.247739][ T31] task:syz.1.2553 state:D stack:27048 pid:19634 tgid:19633 ppid:16631 task_flags:0x400140 flags:0x00080002 [ 837.259913][ T31] Call Trace: [ 837.263202][ T31] [ 837.266122][ T31] ? __schedule+0x10b9/0x6150 [ 837.271005][ T31] __schedule+0x1139/0x6150 [ 837.275540][ T31] ? __pfx___schedule+0x10/0x10 [ 837.280859][ T31] ? find_held_lock+0x2b/0x80 [ 837.285576][ T31] ? schedule+0x2d7/0x3a0 [ 837.289988][ T31] schedule+0xe7/0x3a0 [ 837.294075][ T31] schedule_preempt_disabled+0x13/0x30 [ 837.299704][ T31] __mutex_lock+0xcf8/0x1b10 [ 837.304317][ T31] ? devlink_health_report+0x6b4/0xaa0 [ 837.309850][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 837.314898][ T31] ? devlink_recover_notify.constprop.0+0x200/0x670 [ 837.321591][ T31] ? devlink_health_report+0x6b4/0xaa0 [ 837.327067][ T31] devlink_health_report+0x6b4/0xaa0 [ 837.332444][ T31] ? __pfx_devlink_health_report+0x10/0x10 [ 837.338308][ T31] ? _copy_from_user+0x59/0xd0 [ 837.343068][ T31] nsim_dev_health_break_write+0x166/0x210 [ 837.348928][ T31] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 837.355278][ T31] full_proxy_write+0x131/0x1a0 [ 837.360561][ T31] ? __pfx_full_proxy_write+0x10/0x10 [ 837.365955][ T31] vfs_write+0x2a0/0x11d0 [ 837.370587][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 837.375637][ T31] ? __pfx_vfs_write+0x10/0x10 [ 837.380652][ T31] ? __fget_files+0x20e/0x3c0 [ 837.385348][ T31] ksys_write+0x12a/0x250 [ 837.389748][ T31] ? __pfx_ksys_write+0x10/0x10 [ 837.394626][ T31] do_syscall_64+0xcd/0xf80 [ 837.399210][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 837.405109][ T31] RIP: 0033:0x7fc1c4d8f7c9 [ 837.409588][ T31] RSP: 002b:00007fc1c5c6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 837.418058][ T31] RAX: ffffffffffffffda RBX: 00007fc1c4fe5fa0 RCX: 00007fc1c4d8f7c9 [ 837.426018][ T31] RDX: 0000000000000006 RSI: 0000200000005900 RDI: 0000000000000008 [ 837.434055][ T31] RBP: 00007fc1c4e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 837.442221][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 837.450280][ T31] R13: 00007fc1c4fe6038 R14: 00007fc1c4fe5fa0 R15: 00007ffe638edf58 [ 837.458411][ T31] [ 837.461631][ T31] INFO: task syz.0.2563:19947 blocked for more than 144 seconds. [ 837.476630][ T31] Not tainted syzkaller #0 [ 837.481672][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 837.490490][ T31] task:syz.0.2563 state:D stack:27048 pid:19947 tgid:19946 ppid:18719 task_flags:0x400140 flags:0x00080002 [ 837.502501][ T31] Call Trace: [ 837.505784][ T31] [ 837.508758][ T31] ? __schedule+0x10b9/0x6150 [ 837.513451][ T31] __schedule+0x1139/0x6150 [ 837.518537][ T31] ? __pfx___schedule+0x10/0x10 [ 837.523416][ T31] ? find_held_lock+0x2b/0x80 [ 837.528265][ T31] ? schedule+0x2d7/0x3a0 [ 837.532621][ T31] schedule+0xe7/0x3a0 [ 837.536787][ T31] schedule_preempt_disabled+0x13/0x30 [ 837.542264][ T31] rwsem_down_read_slowpath+0x64b/0xbf0 [ 837.547880][ T31] ? __pfx_rwsem_down_read_slowpath+0x10/0x10 [ 837.553975][ T31] ? __pfx___might_resched+0x10/0x10 [ 837.559333][ T31] down_read+0xef/0x460 [ 837.563732][ T31] ? __pfx_down_read+0x10/0x10 [ 837.568575][ T31] ? mnt_get_write_access+0x1e9/0x2f0 [ 837.573967][ T31] path_openat+0x1248/0x3140 [ 837.578633][ T31] ? __pfx_path_openat+0x10/0x10 [ 837.583586][ T31] do_filp_open+0x20b/0x470 [ 837.588228][ T31] ? __pfx_do_filp_open+0x10/0x10 [ 837.593279][ T31] ? alloc_fd+0x471/0x7d0 [ 837.597895][ T31] do_sys_openat2+0x11f/0x280 [ 837.602594][ T31] ? __pfx_do_sys_openat2+0x10/0x10 [ 837.607871][ T31] ? find_held_lock+0x2b/0x80 [ 837.612573][ T31] __x64_sys_openat+0x174/0x210 [ 837.617490][ T31] ? __pfx___x64_sys_openat+0x10/0x10 [ 837.622885][ T31] do_syscall_64+0xcd/0xf80 [ 837.627464][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 837.633371][ T31] RIP: 0033:0x7f0c1a18f7c9 [ 837.637844][ T31] RSP: 002b:00007f0c1b0bd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 837.646293][ T31] RAX: ffffffffffffffda RBX: 00007f0c1a3e5fa0 RCX: 00007f0c1a18f7c9 [ 837.654254][ T31] RDX: 0000000000048081 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 837.662425][ T31] RBP: 00007f0c1a213f91 R08: 0000000000000000 R09: 0000000000000000 [ 837.670542][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 837.678640][ T31] R13: 00007f0c1a3e6038 R14: 00007f0c1a3e5fa0 R15: 00007ffd7a965988 [ 837.686735][ T31] [ 837.689872][ T31] [ 837.689872][ T31] Showing all locks held in the system: [ 837.697692][ T31] 1 lock held by khungtaskd/31: [ 837.702555][ T31] #0: ffffffff8e3c9140 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 837.728498][ T31] 2 locks held by udevd/5210: [ 837.733215][ T31] #0: ffff8880b853acd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130 [ 837.743245][ T31] #1: ffff8880343de018 (&pid_list->lock){-.-.}-{2:2}, at: trace_pid_list_is_set+0x4c/0x150 [ 837.753439][ T31] 2 locks held by getty/9452: [ 837.758382][ T31] #0: ffff888034d4f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 837.768496][ T31] #1: ffffc900030422f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 837.778750][ T31] 6 locks held by kworker/u8:34/16926: [ 837.784206][ T31] #0: ffff88801badf148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 [ 837.794627][ T31] #1: ffffc9000c54fc90 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 [ 837.804653][ T31] #2: ffffffff901042f0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x830 [ 837.814033][ T31] #3: ffff88805b3a50e8 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x12c/0x2b0 [ 837.824249][ T31] #4: ffff88805b3a6250 (&devlink->lock_key#2){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x136/0x2b0 [ 837.835661][ T31] #5: ffff88807f7f1f78 (&sb->s_type->i_mutex_key#8/2){+.+.}-{4:4}, at: __simple_recursive_removal+0x354/0x610 [ 837.847545][ T31] 2 locks held by syz-executor/16954: [ 837.852901][ T31] #0: ffffffff9011a948 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230 [ 837.861968][ T31] #1: ffffffff8e3d48b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x284/0x3c0 [ 837.872195][ T31] 5 locks held by syz-executor/19588: [ 837.877675][ T31] #0: ffff88802470e420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 837.886738][ T31] #1: ffff8880305ef088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 837.896563][ T31] #2: ffff8881437ad968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 837.906649][ T31] #3: ffffffff8f6952a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 837.917265][ T31] #4: ffff88805b3a50e8 (&dev->mutex){....}-{4:4}, at: device_del+0xa0/0x9f0 [ 837.926278][ T31] 3 locks held by syz.1.2553/19634: [ 837.931478][ T31] #0: ffff888052e0f5f8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 837.940609][ T31] #1: ffff88801eec4420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 837.949676][ T31] #2: ffff88805b3a6250 (&devlink->lock_key#2){+.+.}-{4:4}, at: devlink_health_report+0x6b4/0xaa0 [ 837.960365][ T31] 2 locks held by syz.0.2563/19947: [ 837.965585][ T31] #0: ffff88801eec4420 (sb_writers#8){.+.+}-{0:0}, at: path_openat+0x183a/0x3140 [ 837.975138][ T31] #1: ffff88807f7f1f78 (&sb->s_type->i_mutex_key#16){++++}-{4:4}, at: path_openat+0x1248/0x3140 [ 837.985773][ T31] 4 locks held by syz-executor/19994: [ 837.991130][ T31] #0: ffff88802470e420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 838.000356][ T31] #1: ffff888031d9f888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 838.010204][ T31] #2: ffff8881437ad968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 838.020285][ T31] #3: ffffffff8f6952a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 838.030623][ T31] 4 locks held by syz-executor/20265: [ 838.036190][ T31] #0: ffff88802470e420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 838.045251][ T31] #1: ffff88803093d088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 838.055054][ T31] #2: ffff8881437ad968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 838.065137][ T31] #3: ffffffff8f6952a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 838.075981][ T31] 4 locks held by syz-executor/20620: [ 838.081345][ T31] #0: ffff88802470e420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 838.090381][ T31] #1: ffff88805a69ac88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 838.100255][ T31] #2: ffff8881437ad968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 838.110410][ T31] #3: ffffffff8f6952a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 838.120773][ T31] 4 locks held by syz-executor/20887: [ 838.126205][ T31] #0: ffff88802470e420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 838.135271][ T31] #1: ffff888030e63488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 838.145211][ T31] #2: ffff8881437ad968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 838.155316][ T31] #3: ffffffff8f6952a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 838.165663][ T31] 4 locks held by syz-executor/21144: [ 838.171034][ T31] #0: ffff88802470e420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 838.180321][ T31] #1: ffff88805a643088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 838.190157][ T31] #2: ffff8881437ad968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 838.200261][ T31] #3: ffffffff8f6952a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 838.210622][ T31] 4 locks held by syz-executor/21403: [ 838.216039][ T31] #0: ffff88802470e420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 838.225083][ T31] #1: ffff88802cb2c488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 838.235106][ T31] #2: ffff8881437ad968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 838.245179][ T31] #3: ffffffff8f6952a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 838.255638][ T31] 4 locks held by syz-executor/21668: [ 838.261024][ T31] #0: ffff88802470e420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 838.270081][ T31] #1: ffff888059d90888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 838.280048][ T31] #2: ffff8881437ad968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 838.290122][ T31] #3: ffffffff8f6952a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 838.300480][ T31] 4 locks held by syz-executor/21925: [ 838.305917][ T31] #0: ffff88802470e420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 838.315077][ T31] #1: ffff8880a0e96488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 838.324925][ T31] #2: ffff8881437ad968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 838.335032][ T31] #3: ffffffff8f6952a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 838.345454][ T31] [ 838.347803][ T31] ============================================= [ 838.347803][ T31] [ 838.356580][ T31] NMI backtrace for cpu 0 [ 838.356602][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 838.356630][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 838.356644][ T31] Call Trace: [ 838.356651][ T31] [ 838.356662][ T31] dump_stack_lvl+0x116/0x1f0 [ 838.356697][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 838.356722][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 838.356747][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 838.356771][ T31] watchdog+0xf14/0x1140 [ 838.356796][ T31] ? rcu_is_watching+0x12/0xc0 [ 838.356827][ T31] ? __pfx_watchdog+0x10/0x10 [ 838.356845][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 838.356878][ T31] ? __kthread_parkme+0x19e/0x250 [ 838.356916][ T31] ? __pfx_watchdog+0x10/0x10 [ 838.356937][ T31] kthread+0x3c5/0x780 [ 838.356963][ T31] ? __pfx_kthread+0x10/0x10 [ 838.356991][ T31] ? rcu_is_watching+0x12/0xc0 [ 838.357026][ T31] ? __pfx_kthread+0x10/0x10 [ 838.357046][ T31] ret_from_fork+0x983/0xb10 [ 838.357067][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 838.357098][ T31] ? __switch_to+0x7af/0x10d0 [ 838.357126][ T31] ? __pfx_kthread+0x10/0x10 [ 838.357152][ T31] ret_from_fork_asm+0x1a/0x30 [ 838.357202][ T31] [ 838.357216][ T31] Sending NMI from CPU 0 to CPUs 1: [ 838.487753][ C1] NMI backtrace for cpu 1 [ 838.487771][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full) [ 838.487797][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 838.487810][ C1] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 838.487845][ C1] Code: 86 76 02 e9 93 2f 03 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 73 f1 2b 00 fb f4 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 838.487866][ C1] RSP: 0018:ffffc90000197de8 EFLAGS: 000002c2 [ 838.487884][ C1] RAX: 000000000072ed5b RBX: 0000000000000001 RCX: ffffffff8b5e66f9 [ 838.487899][ C1] RDX: 0000000000000000 RSI: ffffffff8daa5989 RDI: ffffffff8bf1d600 [ 838.487913][ C1] RBP: ffffed1003b54b70 R08: 0000000000000001 R09: ffffed10170a671d [ 838.487927][ C1] R10: ffff8880b85338eb R11: 00000000ffffffff R12: 0000000000000001 [ 838.487941][ C1] R13: ffff88801daa5b80 R14: ffffffff908632d0 R15: 0000000000000000 [ 838.487956][ C1] FS: 0000000000000000(0000) GS:ffff888124a93000(0000) knlGS:0000000000000000 [ 838.487976][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 838.487991][ C1] CR2: 00007ffdcdc31d84 CR3: 000000003130e000 CR4: 00000000003526f0 [ 838.488005][ C1] Call Trace: [ 838.488012][ C1] [ 838.488019][ C1] default_idle+0x13/0x20 [ 838.488060][ C1] default_idle_call+0x6c/0xb0 [ 838.488078][ C1] do_idle+0x38d/0x510 [ 838.488111][ C1] ? __pfx_do_idle+0x10/0x10 [ 838.488145][ C1] cpu_startup_entry+0x4f/0x60 [ 838.488174][ C1] start_secondary+0x21d/0x2b0 [ 838.488207][ C1] ? __pfx_start_secondary+0x10/0x10 [ 838.488243][ C1] common_startup_64+0x13e/0x148 [ 838.488275][ C1]