last executing test programs: 2m3.35561008s ago: executing program 3 (id=224): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8000008, 0x1, 0x38a1, 0x3, 0x26, 0x940, 0x1ffdd, 0x3, 0x6, 0x5, 0x29, 0x400005, 0x3, 0x4, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x0, 0xffffffff, 0xfffffffe, 0x0, 0x0, 0x0, [0x3, 0x3, 0x200000000, 0x400000000, 0x0, 0x2, 0x0, 0x4, 0xff, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9, 0xffffffff00000001, 0x4, 0x0, 0xceb, 0x0, 0xffbffffffffffffc, 0x0, 0x1, 0x96f, 0x1, 0x2, 0x4001, 0x3, 0x0, 0xb548, 0x8, 0x1, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0xfffff7fffffffffa, 0x81) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = socket(0x2, 0x6, 0x0) getsockopt$auto(r2, 0x10d, 0x6, 0x0, &(0x7f0000000000)=0xb) shmctl$auto_SHM_UNLOCK(0x7, 0xc, &(0x7f00000004c0)={{0x4860, 0x0, 0x0, 0x7fffffff, 0x401, 0x1, 0x1}, 0xec4, 0x8000000000000000, 0x0, 0x3933a2ec, @inferred, @inferred, 0x49, 0x0, &(0x7f0000000380)="dc5ba1433bfb9fb366ff398ab0aa5282e52140f5820563673167eb37a7f0d241dc63e117c08c2d8ee9bd61ab9373b95beb77558a449617bde86ce7a07035e72206a181ba0ab491bd9fa1eca9e4812755a863481d68ba7be79a0014b60f986c7520f1a04095457764730e6e2dc48d4eca1d5f2876d6ad8ac3c67c215be034def41eb18b732d1a1fdba7ee35c009962e2a8c3c601d81353fd5d38794f69977fdd6ee8ca7453485791bb7c289e6290d4a55a31f55b8f7371d7a196d748788460cb187ea7b0d5532b15bcd", 0x0}) 2m2.930497017s ago: executing program 3 (id=225): r0 = socket(0xf, 0x2, 0x8d) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, r0, 0x28000) r1 = io_uring_setup$auto(0x6, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r2 = prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x7fff, 0x0, 0x5, 0x7) ioctl$auto(r1, 0x80026f47, r2) mmap$auto(0x0, 0x2020009, 0xb2, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x19e, 0xa675, &(0x7f0000000000)=0x9) socket(0x2, 0x3, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0xffffffffffffffff, 0x0, 0x67) socket(0xa, 0x2, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop10/mq/0/nr_tags\x00', 0x20000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000040)=""/156, 0x9c) connect$auto(0x3, 0x0, 0x51) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) shutdown$auto(0x200000003, 0x2) sendmsg$auto_NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, 0x0, 0x20048800) r4 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) mmap$auto(0x0, 0xe983, 0xde, 0xeb1, 0x401, 0x8000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) seccomp$auto(0x3, 0x8, 0x0) bpf$auto(0x9, &(0x7f00000000c0)=@raw_tracepoint={0xa, 0xffffffffffffffff, 0x0, 0x47a0}, 0x7f) ioctl$auto_MON_IOCX_MFETCH(r4, 0xc0109207, &(0x7f0000000100)={0x0, 0x4, 0x7}) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x28402, 0x0) 2m2.457096213s ago: executing program 3 (id=226): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='./cgroup.net/blkio.bfq.dequeue\x00', 0x8ad00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/trace_clock\x00', 0x800, 0x0) write$auto_trace_clock_fops_trace(r1, &(0x7f0000000100)="e45c3d0fe768e7a93166c7155453458e75deade1b781ca34a3f45016cac99ec1f387aa2328834f4f85905e5175470162f076b2b122befc522ca586a3a386257d6cce509d8007c71a9d71627221ae1ea177f90ad797e02336ab91e4be481da4b35f405853642e1716dce3b3d13c0690d287ddadd4fd0c70a490bd91a1c52e75f0df1b058b456b564885f103c4789c511c71f5fc25efe11d05cb61b9cda863f836c1bb1173936c4ec407f67a4d6891a6d33bfb0ed6e0367efde2f1", 0xba) socket(0xa, 0x5, 0x0) mmap$auto_kernfs_file_fops_kernfs_internal(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2, 0x2010, r0, 0x9013) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x2c, 0x3, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x806, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55) 2m1.64147214s ago: executing program 3 (id=229): mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) r0 = getpgid$auto(0x0) prctl$auto(0x3f, 0xfffefffffffffff8, r0, 0x3, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) shmdt$auto(0x0) madvise$auto(0x0, 0x3, 0x15) fchmod$auto(0x0, 0x9b9a) gettid() 2m0.122215515s ago: executing program 3 (id=236): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x1, 0x20007, 0x8, 0xeb1, 0x401, 0x3) r0 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0) pread64$auto(r0, 0x0, 0x59, 0x7) read$auto_mon_fops_text_t_mon_text(r0, 0x0, 0x0) r1 = openat$auto_hwsim_fops_group_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy3/hwsim/group\x00', 0x151440, 0x0) sendfile$auto(r1, r1, 0x0, 0x7) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x200, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x101003, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x8002, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/ip_local_port_range\x00', 0x20202, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) r2 = socket(0x11, 0x80003, 0x300) sendfile$auto(0x1, r2, 0x0, 0x8fb5) 1m58.557084998s ago: executing program 3 (id=242): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/kernel/perf_cpu_time_max_percent\x00', 0xa042, 0x0) sendfile$auto(r0, r0, 0x0, 0x48) mmap$auto(0x0, 0x20009, 0x2000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r1 = socket(0x10, 0x2, 0x0) mmap$auto(0x400, 0x2020009, 0x3, 0xeb1, r0, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) setsockopt$auto(r1, 0x104000000000010e, 0x1, 0x0, 0x16) write$auto(r1, &(0x7f0000000000)='\x00', 0xfffffffffffffff9) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/004/001\x00', 0x42, 0x0) ioctl$auto_USBDEVFS_SETINTERFACE(r3, 0x80085504, &(0x7f0000000040)={0x1ff, 0x7fff}) fcntl$auto(r2, 0x7, 0x3) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, &(0x7f0000000080)={'macvtap0\x00'}) fcntl$auto(0x8000000000000001, 0xfffffff7, 0x0) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x5, 0x0) r4 = socket(0x2, 0x5, 0x0) r5 = socket(0x23, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) getsockopt$auto(r4, 0x84, 0xd, 0x0, 0x0) io_uring_setup$auto(0x1, 0x0) fcntl$auto(r5, 0x0, 0x4) 1m43.417293191s ago: executing program 32 (id=242): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/kernel/perf_cpu_time_max_percent\x00', 0xa042, 0x0) sendfile$auto(r0, r0, 0x0, 0x48) mmap$auto(0x0, 0x20009, 0x2000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r1 = socket(0x10, 0x2, 0x0) mmap$auto(0x400, 0x2020009, 0x3, 0xeb1, r0, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) setsockopt$auto(r1, 0x104000000000010e, 0x1, 0x0, 0x16) write$auto(r1, &(0x7f0000000000)='\x00', 0xfffffffffffffff9) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/004/001\x00', 0x42, 0x0) ioctl$auto_USBDEVFS_SETINTERFACE(r3, 0x80085504, &(0x7f0000000040)={0x1ff, 0x7fff}) fcntl$auto(r2, 0x7, 0x3) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, &(0x7f0000000080)={'macvtap0\x00'}) fcntl$auto(0x8000000000000001, 0xfffffff7, 0x0) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x5, 0x0) r4 = socket(0x2, 0x5, 0x0) r5 = socket(0x23, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) getsockopt$auto(r4, 0x84, 0xd, 0x0, 0x0) io_uring_setup$auto(0x1, 0x0) fcntl$auto(r5, 0x0, 0x4) 6.794061907s ago: executing program 0 (id=549): socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0) futex$auto(0x0, 0x6, 0x7, 0x0, 0x0, 0x80000002) setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x566) r0 = open(&(0x7f0000000000)='./cgroup\x00', 0x121180, 0x8c) fchdir$auto(r0) ioctl$auto_BTRFS_IOC_FS_INFO(r0, 0x8400941f, &(0x7f0000000240)={0x5, 0x10f, "9c7037cbbd09e63819ab1383f009a5b4", 0x2, 0x80000001, 0x6, 0x2, 0x5, 0x5, 0x0, "f426761c60286ae95d8078678bcda83b", "b5f0bd344dbc86ac456d42814a9e8e121aea4a4813c870a38017be0059d2418b80793a3d38f10dce1abd5f3e3eecbb6574db8093384fcfd46623cff36d9e51282bb36fb69e8f83dc379e8a949c5919dd97f34df61231ed51f6c96174f357f62051f1831329195f7e08db158c7520a1c2efb874c5339828ff90ca523c863ee233c8e7ec8337e7d6b2eb648aa4a7feab6b4de62136318f14ad410cdaac98c68dc1a85718c35b12b371dd40b8cad26a0e545ede71900d6a298b62306e7c3bfe733754129a48bd424fae38d20a894ad8d2560ff56b25593731aa7287b306998f926333bdda6bd88d41ba96ed90a8e2d2a739ab45480eabb94b763acf46b49269c9c0baf4ae373439386ad6132667d31d8daaf38d77189b338be2a96524cc3ff540b14338ee79e8beca7454fb33f46ad117a491bdf3c25eb87f84700eb28a164b82a96eaaf3d1281e16f0d55270388ee7a19adb049b493eb56927faf6007af4d4f87fc5f2f05f9a91e31469336ca387dc63b51c765f38b782eb56c0dd471feabd9da554b6a56f2e593562530b71ad71b7f3ad22f3ac918c5ccc6d0be3eadde91bafc656af570859983ca2966d219c4c4d9eb7fcf6250c74cb584b654534109c677af97eee93d1968ccc6b57d998e768dd8b5a3d9b02ac94cfc0358397881a2373c81d95aa9d0150edc7684e2f8b54d16ed5a4e07eabb5dd39aa1406405edee5bf70e0d639a3d398c15c0c38710f6af93a5e55f2e68e943b27d852bccf14c2d80ae84ab4dac591c3aeb67cec4e1a2c02de4368b10b54c4de6dda3ece5b8e6fb778313a56abdeed61a04ad553a1ee5e7e3cc19f0a9615dc2ea8967e7ca3fbac3d39dd578b9838e805c561ae943c784a1883e71369103a04270b35632b2834c675c867e42e56b4982ac45106141f1c860ba5221180d54adebefd2d9b8623ffde4cc2df1e6191aa4b211039040b9577863703f847baa3a66a3a46e9326bf7e214f4426df0a8800a4e25d44a60267ad2aa313d2a6ab2f3b4c66abe8b5d36a9161e254a1153422a1f39936a81ac9a0d3c3019cedf1503b6e1cf90659b087528dc231a5f307dfcf94106c791ab8755be0b3149f413cfbe48c9b13dc24cbe3ca6ed4b696c71b2688c2e4cd78ad61124c6585e9baa61f83f1fff1fc8f45929039f54b4bc944177258c772d511f28702b5f0471415eb1dc809eba8aa7ad1684a4995680c848fd7b94b9cd491667136d91a20acec9cae4d1e402b0d41b90a70b14b908b83f59352b4b578923c2f17f895e5e1c9e988c6df9a122191351aa48c115c6a932d18e4f91bb74a672fcd5ee03eef65b8dc5ee5dba"}) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/midiC2D1\x00', 0x428040, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0x4040ae9e, 0x0) ioctl$auto(0x3, 0x5420, 0x38) 5.815361198s ago: executing program 2 (id=552): close_range$auto(0x2, 0x8, 0x0) r0 = memfd_secret$auto(0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) mmap$auto(0x0, 0x8, 0xfffffffffffffffa, 0x13, 0x3, 0x0) mmap$auto(0x0, 0x5894, 0x100000000000001, 0xeb1, 0xffffffffffffffff, 0x8) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1c5d80, 0x0) socket(0x28, 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/net/protocols\x00', 0x400, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB='/!'], 0x14}}, 0x4000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd, 0x20, 0x948b, 0x4460, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x0, 0x5, 0x2]}, 0x0) close_range$auto(0x2, 0x8, 0x0) request_key$auto_KEY_SPEC_REQKEY_AUTH_KEY(0x0, 0x0, &(0x7f00000001c0)='\x00', 0xfffffffffffffff9) prctl$auto(0x39, 0x1, 0x0, 0xfffffffffffffffa, 0x0) r2 = openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x40802, 0x0) sendmmsg$auto(r0, 0x0, 0x3, 0x0) ioctl$auto(0xffffffffffffffff, 0x800064bc, 0x1e6) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto_SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000480)="f17d9456ac964d7a9d73c932d73700a882860f0a7b185f7ed86bb4d98c4b638afc933044e722baa807b4dd5b0282e719f70c7a3d1a8c2fcf62bf1de6b96b8ade2a98386a331b2f775acf1a8b90a8325bfae4e915c38aa9a6b5599e34540911423d3786b37f4d8c492f6e113c4f76b3af3b3aac6193287d783b5270c81e4dbfa84b169aef547fe7962e6fa7f672ff93e6bce002c536076d45036b190ab37a53a193dcc532959cb5417e3bb16f0cd5160b82a68defa9320734f1382f56be5db540fdf8857d58e92956c607a4d4c274c4916126e4574328d4da4d861c3f9057c0f08a3312a6613340a37e75cef1db24b4ab1394605b2f891a35ccd3f87237c2feb212021fff66e1bcdeefca63a908dde8c4b587785fc38ec2987f7fabf2a7f10cd577fca35dda1cb0e2706a42ccd13b65b6796836c544532d75b02a05281d178e06a4c2a6533f1d2337e374d724d2de13c10f282577b4c4ee3a8105f6a30f7617279dc8e13923b36b248d7e3955cbe93c57652e7847baef35c0e95ff964ad43ba281539a03dcab3eb7f746bd12c019ab898924aa56fd5a65d2a62230b6b8a93cc588a8a89de3110bf85dc37fc4005ec050f12264c9063294228aebd73060899d404c50e6517efe635cd24da5422fd107e657bc9b1e4a1126c04957b24c9e0da02ecd42aa080533d389bbaa94c5fd196cceb0054e61a3576346d7b6c85d3f7abb8dd7c188766db5fe4a1682a336e7eb1a5d40466e9deabad0d5815df3d228d091eafa573fe4970180fd442211e2df8ddef07c7effbb934d1f1dec89e54386377c556c7862e060a6217ba2915fbbb8ba535e7811e2a0bcf833054135f46e56bdc2a053ea37ed20e023f8cad4b37cddb101f9aaeacd25c51823243904257c6a12e7338eb9672606974983c74c6bbfbe6955db1349077bbc9f9834e3f91528a988c78e231cab5d98b051eb8fa7daf9c14bdeec73c73a04d69dbb774df7a6c5049162e424798dacbdef0737197c0fac37dbb490f3f726ff83f6c5e712095a2736fbcb8ca7c16b9056389a99b743c7197c973c1becdd7f0d688c0823b06d4b300da243860c8c6877cb7ebb8b3a82ddc91a80db73b8409083198e394d5da9780f1cb34f1a3cc8ae342c7d403d460b9b40096519b7fd689ca417245f25d5a5e60ae84b8ce793ada965cec7474705496902f5d1822d8ea28e25d902497e38d2288337d895748eaa11d90ed8b611f1f77094fc253a0e08db7024260d09abe0b593edebee8e59796510aad780164a2aed20e290106e5eda1215cb6b396ea48677aeed913749b0274dbe4b6d8ed3166c317b62469ac4d880b56416a9d7a3f9fbdf020bf132be48c8f1dacc300d4ff44f218d03839866e9470c0df95bb14b05cd19025a80737e45f49e0af3aac2aecd3ddf1c1a30d27554a1522858fabc1b30cbe80a8fc2a96cb4b4956b522e747455f730214b9ecdf344a861457eaa6fa1467711c33e42b7d127c49ea20f717ceb0b8af2eb97e014a9a6d6d7e6e845434d99950858394da993e6faa760a1d7fabe0ad07a7be314551a4cece21f5ccd321e1f0dcd96a88db16f69ff1728fbdbd75c6ff0ec09007e4235d5caed480c93dfae477ff5c999659e10245538b00735a70a4dce0298636bcaeefad86920b3e7e6adf2d41020b72a1c65cad74cf286618ca51145e63357a7e495c1d209ee7b339084144c609fc210093b18c2b89294f6cdd06edebf4bdfccf32c59239627afe4533188f864ade7167adbf592be2214809535125238c8c0b3e64e819efc09b79342f792c652f7c5930860a8614cbfb1194c979ad896e1cbcba195e07bee9a31ffd9ebc24d9e0535ecf1b217ce361df35da196bab286bdfb0a0748d51efb8e360647640d14d52a1293aba1516832783d20dfecf4ed5c21c4d079b570b469b4c92de02e6e781baa798567eb16c94559eadb78cd48a1db96b139592517ba9f9a328a1514aa0968eb15c3bd6c72ae69216489d41cf4431b45d30e7f461d9cf1dcc73b84dcdff3b40d80bef8a272a881deff7b2f3da34c4d232698bc39f47d5562db98bb0aede36e696b303d69147bf3e2fd53e9b2860bbcf58bf75a1733e432ecb8920079b124729d37be4b5c95ce4430ff300aad6c6629573df774d9b607b8799d5dff49cb8a01266a080da665df5d376736665963c431b53e5067d0e16dd5635998bd469369eaa2d2fe89fa5ed256baca4f3fce3ae3daa198de53daf923dc2f69b498b763d3c4d14e7e784d4d6319ff2908b51491dc30ff6af5190052a3808b62f93c10a8ece7ebe47e4d3e6a162fcbd33da24615aea967394788bc93881ec4044a7cbf345a6509d9690a80f9a66c9f1baf7510aface500db3a7d64335a855166b7c77da1fcab44837c926630c4fd93b4c1e99fbd4a6f9721e5d9359f64c7de9c21993e3b70d2e5a0d80826390b96414eb2e52afbc9ec7ed7ad76132401c3f076dd0221228bd5565b1a078e6c7c944a226fac4e37b3bcd5f9029d36350eeef828e5de0d717c96d0814a5d4fa1030a4eeb2a03008fa1bd58ce4e9ddf787fbdc87b07ca8a95c45403d5479b70a399f06a6a27691c2542b5ba6fd62ae31de4f9f69f2d80b8b69f91b1b803ba497da755e0b00ee9ab199cac858524bd09dc397cd1826c0047dae4d3f6926355b161af534194bf90c6f94fcea3b796142dba58a051bbbd296483b3b3ef543b09a07ac") 5.610328445s ago: executing program 0 (id=554): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x1, 0x8, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x640, 0x0) read$auto_mon_fops_binary_mon_bin(r0, 0x0, 0x0) ioctl$auto_MON_IOCG_STATS(r0, 0x80089203, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/006/001\x00', 0xa901, 0x0) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, 0x0, 0x2880, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0xeca0, 0x13, 0x4, 0x5, 0x7) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x8, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') r1 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) poll$auto(&(0x7f0000000040)={r1, 0xfff7, 0x9816}, 0x7f, 0x0) ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x0) r3 = open(&(0x7f0000000100)='.\x00', 0x100, 0x0) getdents64$auto(r3, 0x0, 0x400) ioctl$auto(0x3, 0x4008af03, 0x0) ioctl$auto_VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, 0x0) unlinkat$auto(r2, &(0x7f0000000080)='}[,&*}\x00', 0x4) capget$auto(0x0, 0xfffffffffffffffe) madvise$auto(0x0, 0xffffffffffff0005, 0x17) close_range$auto(0x2, 0x8, 0x0) 5.494553995s ago: executing program 2 (id=555): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='./cgroup.net/blkio.bfq.dequeue\x00', 0x8ad00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x7fffffffffffffff) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x5) setsockopt$auto(0x3, 0x1000000110, 0x1, 0xffffffffffffffff, 0x1) r0 = socket(0xa, 0x801, 0x84) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x163700, 0x0) socket(0x2c, 0x3, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) get_robust_list$auto(0x0, 0x0, 0x0) ioctl$auto_TIOCMBIC2(0xffffffffffffffff, 0x5417, &(0x7f0000001100)="4d86cc89fb97caa80f1acd8fa2f593feb9da4fc4dca615f5874ebe7430e287931e8639b5594c595bd396b7a8803ca9bd9f7ca1ef200e51c314f3b719fc8d59ef99f51b3d8a086c460280e7cf84eecd181f1f9a65628e2e22fa4e084a620a432ecce8ac7534d1f77d1a6e78fedd5c608a41e628b3") lsm_list_modules$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x1, 0x3f, 0x0, 0xb) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) setpriority$auto(0x1, 0x0, 0x2) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 5.439083665s ago: executing program 4 (id=556): close_range$auto(0x2, 0x8, 0x0) r0 = memfd_secret$auto(0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) mmap$auto(0x0, 0x8, 0xfffffffffffffffa, 0x13, 0x3, 0x0) mmap$auto(0x0, 0x5894, 0x100000000000001, 0xeb1, 0xffffffffffffffff, 0x8) socket(0x28, 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/net/protocols\x00', 0x400, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="2f212abd"], 0x14}}, 0x4000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd, 0x20, 0x948b, 0x4460, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x0, 0x5, 0x2]}, 0x0) close_range$auto(0x2, 0x8, 0x0) request_key$auto_KEY_SPEC_REQKEY_AUTH_KEY(0x0, 0x0, &(0x7f00000001c0)='\x00', 0xfffffffffffffff9) prctl$auto(0x39, 0x1, 0x0, 0xfffffffffffffffa, 0x0) r2 = openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x40802, 0x0) sendmmsg$auto(r0, 0x0, 0x3, 0x0) ioctl$auto(0xffffffffffffffff, 0x800064bc, 0x1e6) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto_SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000480)="f17d9456ac964d7a9d73c932d73700a882860f0a7b185f7ed86bb4d98c4b638afc933044e722baa807b4dd5b0282e719f70c7a3d1a8c2fcf62bf1de6b96b8ade2a98386a331b2f775acf1a8b90a8325bfae4e915c38aa9a6b5599e34540911423d3786b37f4d8c492f6e113c4f76b3af3b3aac6193287d783b5270c81e4dbfa84b169aef547fe7962e6fa7f672ff93e6bce002c536076d45036b190ab37a53a193dcc532959cb5417e3bb16f0cd5160b82a68defa9320734f1382f56be5db540fdf8857d58e92956c607a4d4c274c4916126e4574328d4da4d861c3f9057c0f08a3312a6613340a37e75cef1db24b4ab1394605b2f891a35ccd3f87237c2feb212021fff66e1bcdeefca63a908dde8c4b587785fc38ec2987f7fabf2a7f10cd577fca35dda1cb0e2706a42ccd13b65b6796836c544532d75b02a05281d178e06a4c2a6533f1d2337e374d724d2de13c10f282577b4c4ee3a8105f6a30f7617279dc8e13923b36b248d7e3955cbe93c57652e7847baef35c0e95ff964ad43ba281539a03dcab3eb7f746bd12c019ab898924aa56fd5a65d2a62230b6b8a93cc588a8a89de3110bf85dc37fc4005ec050f12264c9063294228aebd73060899d404c50e6517efe635cd24da5422fd107e657bc9b1e4a1126c04957b24c9e0da02ecd42aa080533d389bbaa94c5fd196cceb0054e61a3576346d7b6c85d3f7abb8dd7c188766db5fe4a1682a336e7eb1a5d40466e9deabad0d5815df3d228d091eafa573fe4970180fd442211e2df8ddef07c7effbb934d1f1dec89e54386377c556c7862e060a6217ba2915fbbb8ba535e7811e2a0bcf833054135f46e56bdc2a053ea37ed20e023f8cad4b37cddb101f9aaeacd25c51823243904257c6a12e7338eb9672606974983c74c6bbfbe6955db1349077bbc9f9834e3f91528a988c78e231cab5d98b051eb8fa7daf9c14bdeec73c73a04d69dbb774df7a6c5049162e424798dacbdef0737197c0fac37dbb490f3f726ff83f6c5e712095a2736fbcb8ca7c16b9056389a99b743c7197c973c1becdd7f0d688c0823b06d4b300da243860c8c6877cb7ebb8b3a82ddc91a80db73b8409083198e394d5da9780f1cb34f1a3cc8ae342c7d403d460b9b40096519b7fd689ca417245f25d5a5e60ae84b8ce793ada965cec7474705496902f5d1822d8ea28e25d902497e38d2288337d895748eaa11d90ed8b611f1f77094fc253a0e08db7024260d09abe0b593edebee8e59796510aad780164a2aed20e290106e5eda1215cb6b396ea48677aeed913749b0274dbe4b6d8ed3166c317b62469ac4d880b56416a9d7a3f9fbdf020bf132be48c8f1dacc300d4ff44f218d03839866e9470c0df95bb14b05cd19025a80737e45f49e0af3aac2aecd3ddf1c1a30d27554a1522858fabc1b30cbe80a8fc2a96cb4b4956b522e747455f730214b9ecdf344a861457eaa6fa1467711c33e42b7d127c49ea20f717ceb0b8af2eb97e014a9a6d6d7e6e845434d99950858394da993e6faa760a1d7fabe0ad07a7be314551a4cece21f5ccd321e1f0dcd96a88db16f69ff1728fbdbd75c6ff0ec09007e4235d5caed480c93dfae477ff5c999659e10245538b00735a70a4dce0298636bcaeefad86920b3e7e6adf2d41020b72a1c65cad74cf286618ca51145e63357a7e495c1d209ee7b339084144c609fc210093b18c2b89294f6cdd06edebf4bdfccf32c59239627afe4533188f864ade7167adbf592be2214809535125238c8c0b3e64e819efc09b79342f792c652f7c5930860a8614cbfb1194c979ad896e1cbcba195e07bee9a31ffd9ebc24d9e0535ecf1b217ce361df35da196bab286bdfb0a0748d51efb8e360647640d14d52a1293aba1516832783d20dfecf4ed5c21c4d079b570b469b4c92de02e6e781baa798567eb16c94559eadb78cd48a1db96b139592517ba9f9a328a1514aa0968eb15c3bd6c72ae69216489d41cf4431b45d30e7f461d9cf1dcc73b84dcdff3b40d80bef8a272a881deff7b2f3da34c4d232698bc39f47d5562db98bb0aede36e696b303d69147bf3e2fd53e9b2860bbcf58bf75a1733e432ecb8920079b124729d37be4b5c95ce4430ff300aad6c6629573df774d9b607b8799d5dff49cb8a01266a080da665df5d376736665963c431b53e5067d0e16dd5635998bd469369eaa2d2fe89fa5ed256baca4f3fce3ae3daa198de53daf923dc2f69b498b763d3c4d14e7e784d4d6319ff2908b51491dc30ff6af5190052a3808b62f93c10a8ece7ebe47e4d3e6a162fcbd33da24615aea967394788bc93881ec4044a7cbf345a6509d9690a80f9a66c9f1baf7510aface500db3a7d64335a855166b7c77da1fcab44837c926630c4fd93b4c1e99fbd4a6f9721e5d9359f64c7de9c21993e3b70d2e5a0d80826390b96414eb2e52afbc9ec7ed7ad76132401c3f076dd0221228bd5565b1a078e6c7c944a226fac4e37b3bcd5f9029d36350eeef828e5de0d717c96d0814a5d4fa1030a4eeb2a03008fa1bd58ce4e9ddf787fbdc87b07ca8a95c45403d5479b70a399f06a6a27691c2542b5ba6fd62ae31de4f9f69f2d80b8b69f91b1b803ba497da755e0b00ee9ab199cac858524bd09dc397cd1826c0047dae4d3f6926355b161af534194bf90c6f94fcea3b796142dba58a051bbbd296483b3b3ef543b09a07ac") 4.846733486s ago: executing program 1 (id=557): r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000001380), 0x0, 0x0) mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x51, 0x0) read$auto(0x3, 0x0, 0x80) timerfd_create$auto(0x8, 0x9) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0x2003ef, 0x17) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x80502, 0x0) r2 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bluetooth/hci7/hci7:201\x00', 0x202000, 0x0) ioctl$auto_XFS_IOC_EXCHANGE_RANGE(r2, 0x40285881, &(0x7f0000000080)={r0, 0x0, 0x5, 0x7ff, 0x2dd, 0xc}) ioctl$auto_TIOCGPTPEER2(r1, 0x5441, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x10, 0x2, 0xc) r5 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) mmap$auto(0x0, 0x2000c, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="01"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x3, &(0x7f00000002c0)={0x0, 0xc4}, 0x3, 0x0, 0x1, 0x9}, 0x7}, 0x3, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='q\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="4cb245184f86db27df250a000a"], 0xf8}}, 0x10004010) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmallocinfo\x00', 0x100182, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x40047452, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto(0x3, 0xc040564a, 0x38) r6 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000004d40), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_DEL_RXSC(r3, &(0x7f0000007500)={0x0, 0x0, &(0x7f00000074c0)={&(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="01002abd7000fbdbdf2502000000"], 0x14}, 0x1, 0x0, 0x0, 0xc1}, 0x80) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) readlink$auto(&(0x7f0000000000)='.\x00', 0x0, 0x1be) close_range$auto(0x2, 0x8, 0x0) 4.834748281s ago: executing program 4 (id=558): r0 = socket(0xf, 0x2, 0x8d) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, r0, 0x28000) r1 = io_uring_setup$auto(0x6, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r2 = prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x7fff, 0x0, 0x5, 0x7) ioctl$auto(r1, 0x80026f47, r2) mmap$auto(0x0, 0x2020009, 0xb2, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x19e, 0xa675, &(0x7f0000000000)=0x9) socket(0x2, 0x3, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x2, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) shutdown$auto(0x200000003, 0x2) r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) bpf$auto(0x9, &(0x7f00000000c0)=@raw_tracepoint={0xa, 0xffffffffffffffff, 0x0, 0x47a0}, 0x7f) ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(0xffffffffffffffff, 0x1, &(0x7f00000000c0)) ioctl$auto_MON_IOCX_MFETCH(r3, 0xc0109207, &(0x7f0000000100)={0x0, 0x4, 0x7}) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x28402, 0x0) 4.465195808s ago: executing program 2 (id=559): socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0) futex$auto(0x0, 0x6, 0x7, 0x0, 0x0, 0x80000002) setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x566) r0 = open(&(0x7f0000000000)='./cgroup\x00', 0x121180, 0x8c) fchdir$auto(r0) ioctl$auto_BTRFS_IOC_FS_INFO(r0, 0x8400941f, &(0x7f0000000240)={0x5, 0x10f, "9c7037cbbd09e63819ab1383f009a5b4", 0x2, 0x80000001, 0x6, 0x2, 0x5, 0x5, 0x0, "f426761c60286ae95d8078678bcda83b", "b5f0bd344dbc86ac456d42814a9e8e121aea4a4813c870a38017be0059d2418b80793a3d38f10dce1abd5f3e3eecbb6574db8093384fcfd46623cff36d9e51282bb36fb69e8f83dc379e8a949c5919dd97f34df61231ed51f6c96174f357f62051f1831329195f7e08db158c7520a1c2efb874c5339828ff90ca523c863ee233c8e7ec8337e7d6b2eb648aa4a7feab6b4de62136318f14ad410cdaac98c68dc1a85718c35b12b371dd40b8cad26a0e545ede71900d6a298b62306e7c3bfe733754129a48bd424fae38d20a894ad8d2560ff56b25593731aa7287b306998f926333bdda6bd88d41ba96ed90a8e2d2a739ab45480eabb94b763acf46b49269c9c0baf4ae373439386ad6132667d31d8daaf38d77189b338be2a96524cc3ff540b14338ee79e8beca7454fb33f46ad117a491bdf3c25eb87f84700eb28a164b82a96eaaf3d1281e16f0d55270388ee7a19adb049b493eb56927faf6007af4d4f87fc5f2f05f9a91e31469336ca387dc63b51c765f38b782eb56c0dd471feabd9da554b6a56f2e593562530b71ad71b7f3ad22f3ac918c5ccc6d0be3eadde91bafc656af570859983ca2966d219c4c4d9eb7fcf6250c74cb584b654534109c677af97eee93d1968ccc6b57d998e768dd8b5a3d9b02ac94cfc0358397881a2373c81d95aa9d0150edc7684e2f8b54d16ed5a4e07eabb5dd39aa1406405edee5bf70e0d639a3d398c15c0c38710f6af93a5e55f2e68e943b27d852bccf14c2d80ae84ab4dac591c3aeb67cec4e1a2c02de4368b10b54c4de6dda3ece5b8e6fb778313a56abdeed61a04ad553a1ee5e7e3cc19f0a9615dc2ea8967e7ca3fbac3d39dd578b9838e805c561ae943c784a1883e71369103a04270b35632b2834c675c867e42e56b4982ac45106141f1c860ba5221180d54adebefd2d9b8623ffde4cc2df1e6191aa4b211039040b9577863703f847baa3a66a3a46e9326bf7e214f4426df0a8800a4e25d44a60267ad2aa313d2a6ab2f3b4c66abe8b5d36a9161e254a1153422a1f39936a81ac9a0d3c3019cedf1503b6e1cf90659b087528dc231a5f307dfcf94106c791ab8755be0b3149f413cfbe48c9b13dc24cbe3ca6ed4b696c71b2688c2e4cd78ad61124c6585e9baa61f83f1fff1fc8f45929039f54b4bc944177258c772d511f28702b5f0471415eb1dc809eba8aa7ad1684a4995680c848fd7b94b9cd491667136d91a20acec9cae4d1e402b0d41b90a70b14b908b83f59352b4b578923c2f17f895e5e1c9e988c6df9a122191351aa48c115c6a932d18e4f91bb74a672fcd5ee03eef65b8dc5ee5dba"}) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/midiC2D1\x00', 0x428040, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0x4040ae9e, 0x0) ioctl$auto(0x3, 0x5420, 0x38) 4.461276697s ago: executing program 0 (id=567): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='./cgroup.net/blkio.bfq.dequeue\x00', 0x8ad00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/trace_clock\x00', 0x800, 0x0) write$auto_trace_clock_fops_trace(r1, &(0x7f0000000100)="e45c3d0fe768e7a93166c7155453458e75deade1b781ca34a3f45016cac99ec1f387aa2328834f4f85905e5175470162f076b2b122befc522ca586a3a386257d6cce509d8007c71a9d71627221ae1ea177f90ad797e02336ab91e4be481da4b35f405853642e1716dce3b3d13c0690d287ddadd4fd0c70a490bd91a1c52e75f0df1b058b456b564885f103c4789c511c71f5fc25efe11d05cb61b9cda863f836c1bb1173936c4ec407f67a4d6891a6d33bfb0ed6e0367efde2f1", 0xba) socket(0xa, 0x5, 0x0) mmap$auto_kernfs_file_fops_kernfs_internal(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2, 0x2010, r0, 0x9013) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x2c, 0x3, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x806, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55) 4.284566492s ago: executing program 1 (id=560): r0 = fanotify_init$auto(0x5, 0x2000000000002) r1 = open(&(0x7f0000000000)='.\x00', 0xc00, 0x409) fanotify_mark$auto(r0, 0xa, 0x2, r1, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_CREATE_VM(r2, 0x8090ae81, 0x0) r4 = socketcall$auto_SYS_ACCEPT4(0x12, &(0x7f0000000000)=0xfffffffffffffc00) close_range$auto(r4, 0x5, 0x0) pipe$auto(0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000002ac0), r5) sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(r5, &(0x7f0000002bc0)={0x0, 0x0, &(0x7f0000002b80)={&(0x7f0000002b00)={0x1c, r6, 0x1f97227bd58c1f83, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}, 0x1, 0xa6, 0x0, 0x20004041}, 0x40004) sendmsg$auto_NL802154_CMD_LIST_ASSOCIATIONS(r4, 0x0, 0x885) pipe$auto(0x0) write$auto(0x3, 0x0, 0xfff5) tee$auto(0x2000000000000, 0x3, 0x402, 0xd) futex_waitv$auto(&(0x7f0000000040)={0x5, 0x733, 0x6}, 0xb90, 0x80000001, &(0x7f0000000080)={0x8, 0xdc}, 0x1ff) close_range$auto(0x0, 0xfffffffffffff000, 0x0) 4.224320843s ago: executing program 4 (id=561): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='./cgroup.net/blkio.bfq.dequeue\x00', 0x8ad00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/trace_clock\x00', 0x800, 0x0) write$auto_trace_clock_fops_trace(r1, &(0x7f0000000100)="e45c3d0fe768e7a93166c7155453458e75deade1b781ca34a3f45016cac99ec1f387aa2328834f4f85905e5175470162f076b2b122befc522ca586a3a386257d6cce509d8007c71a9d71627221ae1ea177f90ad797e02336ab91e4be481da4b35f405853642e1716dce3b3d13c0690d287ddadd4fd0c70a490bd91a1c52e75f0df1b058b456b564885f103c4789c511c71f5fc25efe11d05cb61b9cda863f836c1bb1173936c4ec407f67a4d6891a6d33bfb0ed6e0367efde2f1", 0xba) socket(0xa, 0x5, 0x0) mmap$auto_kernfs_file_fops_kernfs_internal(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2, 0x2010, r0, 0x9013) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x2c, 0x3, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x806, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) ioctl$auto_TIOCMBIC2(r2, 0x5417, &(0x7f0000001100)="4d86cc89fb97caa80f1acd8fa2f593feb9da4fc4dca615f5874ebe7430e287931e8639b5594c595bd396b7a8803ca9bd9f7ca1ef200e51c314f3b719fc8d59ef99f51b3d8a086c460280e7cf84eecd181f1f9a65628e2e22fa4e084a620a432ecce8ac7534d1f77d1a6e78fedd5c608a41e628b3a64742b8dc32e7da17fd78e2c2c9c1b992365d0aa5374227012956a56a3ff7ac750dae93860eb6d7e5a42e4c9c1ae00123af87d375cdf6f6382d2b8f") lsm_list_modules$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 3.837601704s ago: executing program 1 (id=562): r0 = socket(0x2, 0x5, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000200), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002dbd7000f9dbdf2501000000060002000100000005000700570000000800090108000000050004000300000014001f00fe88000000000000000000000000000114002000ff010000000000000000000000000001"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) write$auto(r3, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) sendmsg$auto_TIPC_NL_BEARER_SET(r1, &(0x7f0000002040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x1c, r2, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x8, 0x1, 0x0, 0x1, [@nested={0x4, 0x3}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44}, 0x40044) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r4) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000002b40)=ANY=[@ANYBLOB="7c000100", @ANYRES16=r5, @ANYBLOB="01002abd7000fbdbdf25040000002d0011002f50136a450cf972f5a3d28479f92a9b221ca46c2d19fda4f47902c296fa844c12cd83f712d3c41e5d000000080004000000010030001a80080001008703000004000480040002001c000480180001800800060000000000040004000800060001000000"], 0x7c}, 0x1, 0x0, 0x0, 0x4008040}, 0x4000800) r6 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/set_event\x00', 0x40, 0x0) pread64$auto(r6, &(0x7f0000000000)='\xae\xa9\x16\xee\xb5\x84\xde\xff\x9f_\a\xa9\x89N\x86\xbc\xb1\xfe\xf6&\v\xe9\xac\',Yd[\xac\x94C\x93\xe8\'-\x92N\xc6\xeaKZA\xde\x98j\x10\xe0f\xc7\x81\xa1\xf3L\xec\'c\xe4\xe8\xe5\xfdU\xa39\x11a\xb7\xf7\xef\xf3^w\xbeP\xfbynT|l;\xf2\xc7u\xcd\x17', 0xf, 0x5af) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r7 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) lseek$auto(r7, 0xbfffffffffffffff, 0x0) r8 = getsockopt$auto_SO_LOCK_FILTER(r6, 0x8, 0x2c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/set_event\x00', &(0x7f0000000100)=0xc418) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), r8) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x11, 0x3, 0x6) geteuid() syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/pid\x00') close_range$auto(0x2, 0x8, 0x0) 3.1602306s ago: executing program 2 (id=563): r0 = fanotify_init$auto(0x5, 0x2000000000002) r1 = open(&(0x7f0000000000)='.\x00', 0xc00, 0x409) fanotify_mark$auto(r0, 0xa, 0x2, r1, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_CREATE_VM(r2, 0x8090ae81, 0x0) r4 = socketcall$auto_SYS_ACCEPT4(0x12, &(0x7f0000000000)=0xfffffffffffffc00) close_range$auto(r4, 0x5, 0x0) pipe$auto(0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000002ac0), r5) sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(r5, &(0x7f0000002bc0)={0x0, 0x0, &(0x7f0000002b80)={&(0x7f0000002b00)={0x1c, r6, 0x1f97227bd58c1f83, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}, 0x1, 0xa6, 0x0, 0x20004041}, 0x40004) sendmsg$auto_NL802154_CMD_LIST_ASSOCIATIONS(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x885) pipe$auto(0x0) write$auto(0x3, 0x0, 0xfff5) tee$auto(0x2000000000000, 0x3, 0x402, 0xd) futex_waitv$auto(&(0x7f0000000040)={0x5, 0x733, 0x6}, 0xb90, 0x80000001, &(0x7f0000000080)={0x8, 0xdc}, 0x1ff) close_range$auto(0x0, 0xfffffffffffff000, 0x0) 3.104351467s ago: executing program 0 (id=564): close_range$auto(0x2, 0x8, 0x0) r0 = memfd_secret$auto(0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) mmap$auto(0x0, 0x8, 0xfffffffffffffffa, 0x13, 0x3, 0x0) mmap$auto(0x0, 0x5894, 0x100000000000001, 0xeb1, 0xffffffffffffffff, 0x8) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1c5d80, 0x0) socket(0x28, 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/net/protocols\x00', 0x400, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB='/!'], 0x14}}, 0x4000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd, 0x20, 0x948b, 0x4460, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x0, 0x5, 0x2]}, 0x0) close_range$auto(0x2, 0x8, 0x0) request_key$auto_KEY_SPEC_REQKEY_AUTH_KEY(0x0, 0x0, &(0x7f00000001c0)='\x00', 0xfffffffffffffff9) prctl$auto(0x39, 0x1, 0x0, 0xfffffffffffffffa, 0x0) r2 = openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x40802, 0x0) sendmmsg$auto(r0, 0x0, 0x3, 0x0) ioctl$auto(0xffffffffffffffff, 0x800064bc, 0x1e6) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto_SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000480)="f17d9456ac964d7a9d73c932d73700a882860f0a7b185f7ed86bb4d98c4b638afc933044e722baa807b4dd5b0282e719f70c7a3d1a8c2fcf62bf1de6b96b8ade2a98386a331b2f775acf1a8b90a8325bfae4e915c38aa9a6b5599e34540911423d3786b37f4d8c492f6e113c4f76b3af3b3aac6193287d783b5270c81e4dbfa84b169aef547fe7962e6fa7f672ff93e6bce002c536076d45036b190ab37a53a193dcc532959cb5417e3bb16f0cd5160b82a68defa9320734f1382f56be5db540fdf8857d58e92956c607a4d4c274c4916126e4574328d4da4d861c3f9057c0f08a3312a6613340a37e75cef1db24b4ab1394605b2f891a35ccd3f87237c2feb212021fff66e1bcdeefca63a908dde8c4b587785fc38ec2987f7fabf2a7f10cd577fca35dda1cb0e2706a42ccd13b65b6796836c544532d75b02a05281d178e06a4c2a6533f1d2337e374d724d2de13c10f282577b4c4ee3a8105f6a30f7617279dc8e13923b36b248d7e3955cbe93c57652e7847baef35c0e95ff964ad43ba281539a03dcab3eb7f746bd12c019ab898924aa56fd5a65d2a62230b6b8a93cc588a8a89de3110bf85dc37fc4005ec050f12264c9063294228aebd73060899d404c50e6517efe635cd24da5422fd107e657bc9b1e4a1126c04957b24c9e0da02ecd42aa080533d389bbaa94c5fd196cceb0054e61a3576346d7b6c85d3f7abb8dd7c188766db5fe4a1682a336e7eb1a5d40466e9deabad0d5815df3d228d091eafa573fe4970180fd442211e2df8ddef07c7effbb934d1f1dec89e54386377c556c7862e060a6217ba2915fbbb8ba535e7811e2a0bcf833054135f46e56bdc2a053ea37ed20e023f8cad4b37cddb101f9aaeacd25c51823243904257c6a12e7338eb9672606974983c74c6bbfbe6955db1349077bbc9f9834e3f91528a988c78e231cab5d98b051eb8fa7daf9c14bdeec73c73a04d69dbb774df7a6c5049162e424798dacbdef0737197c0fac37dbb490f3f726ff83f6c5e712095a2736fbcb8ca7c16b9056389a99b743c7197c973c1becdd7f0d688c0823b06d4b300da243860c8c6877cb7ebb8b3a82ddc91a80db73b8409083198e394d5da9780f1cb34f1a3cc8ae342c7d403d460b9b40096519b7fd689ca417245f25d5a5e60ae84b8ce793ada965cec7474705496902f5d1822d8ea28e25d902497e38d2288337d895748eaa11d90ed8b611f1f77094fc253a0e08db7024260d09abe0b593edebee8e59796510aad780164a2aed20e290106e5eda1215cb6b396ea48677aeed913749b0274dbe4b6d8ed3166c317b62469ac4d880b56416a9d7a3f9fbdf020bf132be48c8f1dacc300d4ff44f218d03839866e9470c0df95bb14b05cd19025a80737e45f49e0af3aac2aecd3ddf1c1a30d27554a1522858fabc1b30cbe80a8fc2a96cb4b4956b522e747455f730214b9ecdf344a861457eaa6fa1467711c33e42b7d127c49ea20f717ceb0b8af2eb97e014a9a6d6d7e6e845434d99950858394da993e6faa760a1d7fabe0ad07a7be314551a4cece21f5ccd321e1f0dcd96a88db16f69ff1728fbdbd75c6ff0ec09007e4235d5caed480c93dfae477ff5c999659e10245538b00735a70a4dce0298636bcaeefad86920b3e7e6adf2d41020b72a1c65cad74cf286618ca51145e63357a7e495c1d209ee7b339084144c609fc210093b18c2b89294f6cdd06edebf4bdfccf32c59239627afe4533188f864ade7167adbf592be2214809535125238c8c0b3e64e819efc09b79342f792c652f7c5930860a8614cbfb1194c979ad896e1cbcba195e07bee9a31ffd9ebc24d9e0535ecf1b217ce361df35da196bab286bdfb0a0748d51efb8e360647640d14d52a1293aba1516832783d20dfecf4ed5c21c4d079b570b469b4c92de02e6e781baa798567eb16c94559eadb78cd48a1db96b139592517ba9f9a328a1514aa0968eb15c3bd6c72ae69216489d41cf4431b45d30e7f461d9cf1dcc73b84dcdff3b40d80bef8a272a881deff7b2f3da34c4d232698bc39f47d5562db98bb0aede36e696b303d69147bf3e2fd53e9b2860bbcf58bf75a1733e432ecb8920079b124729d37be4b5c95ce4430ff300aad6c6629573df774d9b607b8799d5dff49cb8a01266a080da665df5d376736665963c431b53e5067d0e16dd5635998bd469369eaa2d2fe89fa5ed256baca4f3fce3ae3daa198de53daf923dc2f69b498b763d3c4d14e7e784d4d6319ff2908b51491dc30ff6af5190052a3808b62f93c10a8ece7ebe47e4d3e6a162fcbd33da24615aea967394788bc93881ec4044a7cbf345a6509d9690a80f9a66c9f1baf7510aface500db3a7d64335a855166b7c77da1fcab44837c926630c4fd93b4c1e99fbd4a6f9721e5d9359f64c7de9c21993e3b70d2e5a0d80826390b96414eb2e52afbc9ec7ed7ad76132401c3f076dd0221228bd5565b1a078e6c7c944a226fac4e37b3bcd5f9029d36350eeef828e5de0d717c96d0814a5d4fa1030a4eeb2a03008fa1bd58ce4e9ddf787fbdc87b07ca8a95c45403d5479b70a399f06a6a27691c2542b5ba6fd62ae31de4f9f69f2d80b8b69f91b1b803ba497da755e0b00ee9ab199cac858524bd09dc397cd1826c0047dae4d3f6926355b161af534194bf90c6f94fcea3b796142dba58a051bbbd296483b3b3ef543b09a07ac") 3.08584333s ago: executing program 4 (id=565): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000200), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002dbd7000f9dbdf2501000000060002000100000005000700570000000800090108000000050004000300000014001f00fe88000000000000000000000000000114002000ff010000000000000000000000000001"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) write$auto(r2, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) sendmsg$auto_TIPC_NL_BEARER_SET(r0, &(0x7f0000002040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x1c, r1, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x8, 0x1, 0x0, 0x1, [@nested={0x4, 0x3}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44}, 0x40044) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r3) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000002b40)=ANY=[@ANYBLOB="7c000100", @ANYRES16=r4, @ANYBLOB="01002abd7000fbdbdf25040000002d0011002f50136a450cf972f5a3d28479f92a9b221ca46c2d19fda4f47902c296fa844c12cd83f712d3c41e5d000000080004000000010030001a80080001008703000004000480040002001c000480180001800800060000000000040004000800060001000000"], 0x7c}, 0x1, 0x0, 0x0, 0x4008040}, 0x4000800) r5 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/set_event\x00', 0x40, 0x0) pread64$auto(r5, &(0x7f0000000000)='\xae\xa9\x16\xee\xb5\x84\xde\xff\x9f_\a\xa9\x89N\x86\xbc\xb1\xfe\xf6&\v\xe9\xac\',Yd[\xac\x94C\x93\xe8\'-\x92N\xc6\xeaKZA\xde\x98j\x10\xe0f\xc7\x81\xa1\xf3L\xec\'c\xe4\xe8\xe5\xfdU\xa39\x11a\xb7\xf7\xef\xf3^w\xbeP\xfbynT|l;\xf2\xc7u\xcd\x17', 0xf, 0x5af) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r6 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) lseek$auto(r6, 0xbfffffffffffffff, 0x0) r7 = getsockopt$auto_SO_LOCK_FILTER(r5, 0x8, 0x2c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/set_event\x00', &(0x7f0000000100)=0xc418) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), r7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x11, 0x3, 0x6) geteuid() syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/pid\x00') close_range$auto(0x2, 0x8, 0x0) 2.762920652s ago: executing program 2 (id=566): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='./cgroup.net/blkio.bfq.dequeue\x00', 0x8ad00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x7fffffffffffffff) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2b, 0x1, 0x0) setsockopt$auto(0x3, 0x6, 0x9, 0x0, 0xfb3) socket(0x21, 0x2, 0x2) write$auto(r0, 0x0, 0x5) setsockopt$auto(0x3, 0x1000000110, 0x1, 0xffffffffffffffff, 0x1) r1 = socket(0xa, 0x801, 0x84) socket(0x2c, 0x3, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) get_robust_list$auto(0x0, 0x0, 0x0) ioctl$auto_TIOCMBIC2(0xffffffffffffffff, 0x5417, &(0x7f0000001100)="4d86cc89fb97caa80f1acd8fa2f593feb9da4fc4dca615f5874ebe7430e287931e8639b5594c595bd396b7a8803ca9bd9f7ca1ef200e51c314f3b719fc8d59ef99f51b3d8a086c460280e7cf84eecd181f1f9a65628e2e22fa4e084a620a432ecce8ac7534d1f77d1a6e78fedd5c608a41e628b3") setsockopt$auto(r1, 0x1, 0x3f, 0x0, 0xb) mmap$auto(0x0, 0x2020009, 0x3, 0x15, r0, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 2.75510119s ago: executing program 0 (id=568): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='./cgroup.net/blkio.bfq.dequeue\x00', 0x8ad00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x7fffffffffffffff) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x5) setsockopt$auto(0x3, 0x1000000110, 0x1, 0xffffffffffffffff, 0x1) r0 = socket(0xa, 0x801, 0x84) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x163700, 0x0) socket(0x2c, 0x3, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) get_robust_list$auto(0x0, 0x0, 0x0) ioctl$auto_TIOCMBIC2(0xffffffffffffffff, 0x5417, &(0x7f0000001100)="4d86cc89fb97caa80f1acd8fa2f593feb9da4fc4dca615f5874ebe7430e287931e8639b5594c595bd396b7a8803ca9bd9f7ca1ef200e51c314f3b719fc8d59ef99f51b3d8a086c460280e7cf84eecd181f1f9a65628e2e22fa4e084a620a432ecce8ac7534d1f77d1a6e78fedd5c608a41e628b3") lsm_list_modules$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x1, 0x3f, 0x0, 0xb) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) setpriority$auto(0x1, 0x0, 0x2) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 2.665787724s ago: executing program 1 (id=569): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='./cgroup.net/blkio.bfq.dequeue\x00', 0x8ad00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, r0, 0x0) socket(0xa, 0x5, 0x0) socket(0xa, 0x801, 0x84) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x2c, 0x3, 0x0) clock_getres$auto(0x3, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0xa, 0x3, 0x5) sendmmsg$auto(r3, &(0x7f0000000000)={{&(0x7f0000000040), 0xc88, 0x0, 0x0, &(0x7f0000000140), 0x8, 0x80000000}, 0x5}, 0x3b8b, 0x800) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmsg$auto(0x4, 0x0, 0x33c) ioctl$auto(0x3, 0x80000541b, 0xffffffffffffffff) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0xfffffffd, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xcf, 0xe}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x42, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r1) r6 = semctl$auto_IPC_RMID(0x7, 0xffffb1ed, 0x0, 0x4) r7 = semctl$auto(0x5, 0x3, 0x6, 0x4) sendmsg$auto_NL80211_CMD_GET_STATION(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000140)={&(0x7f0000003700)=ANY=[@ANYBLOB='\f)\x00\x00', @ANYRES16=r5, @ANYBLOB="08002cbd7000ffdbdf251100000008005200", @ANYRES32=r6, @ANYRES64=r5, @ANYRES32=r2, @ANYRES16=r3, @ANYRES32=r0, @ANYBLOB="0c004e800800fa00", @ANYRES32=r7, @ANYBLOB="00174f27b300000054537871b09e0e7000c6ffeac7000000e0710739d18174f73fd1e4f545108b5a11bfd61a069745c004a5633a87fd654f8f23defd71cdd19263d76ff96554ba91cbde82b2ce84da6cae55b454404628b7de82cf46ee13bac776a993e2807b9caca2a2"], 0x290c}}, 0x0) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) get_robust_list$auto(0x0, 0x0, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) 1.865857975s ago: executing program 4 (id=570): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp1\x00', 0x802, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(r0, 0x8, 0xffffffed) socket(0x10, 0x2, 0x4) socket(0x10, 0x3, 0x6) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x80000000004, 0xfffffffffffffffd, 0x63, 0x0, 0x0, 0x0, 0x8, 0x200, 0x800000000100002, 0x40000406, 0x1, 0xc, 0x0, 0x11, 0x6, 0x7}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:01/status\x00', 0x100, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) socket(0x2b, 0x1, 0x0) setsockopt$auto(0x3, 0x11b, 0x2, 0xffffffffffffffff, 0x9) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="13002cbd7000dddbdf250200000008000300", @ANYRES32=0x0, @ANYBLOB="08006100010000000800620000000080"], 0x2c}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x9}, 0x3) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000400)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000440)="661b0cbd4aeb2c", 0x1}, 0x1, &(0x7f0000000280), 0x5, 0xffffffff}, 0x5}, 0x2, 0x100) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x109080, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xd}}, 0x6a) openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/filter\x00', 0x200, 0x0) 1.578775178s ago: executing program 0 (id=571): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x1, 0x8, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x640, 0x0) read$auto_mon_fops_binary_mon_bin(r0, 0x0, 0x0) ioctl$auto_MON_IOCG_STATS(r0, 0x80089203, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/006/001\x00', 0xa901, 0x0) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, 0x0, 0x2880, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0xeca0, 0x13, 0x4, 0x5, 0x7) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x8, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') r1 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) poll$auto(&(0x7f0000000040)={r1, 0xfff7, 0x9816}, 0x7f, 0x0) ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x0) r3 = open(&(0x7f0000000100)='.\x00', 0x100, 0x0) getdents64$auto(r3, 0x0, 0x400) ioctl$auto(0x3, 0x4008af03, 0x0) ioctl$auto_VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, 0x0) unlinkat$auto(r2, &(0x7f0000000080)='}[,&*}\x00', 0x4) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x17) close_range$auto(0x2, 0x8, 0x0) 1.524370916s ago: executing program 2 (id=572): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd7\x00', 0x80000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000001280)={0x2c, r1, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x5}, @NBD_ATTR_INDEX={0x8, 0x1, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x8880) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) bind$auto(0x3, 0x0, 0x6a) connect$auto(0x3, 0x0, 0x54) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) io_uring_setup$auto(0x6, 0x0) clone$auto(0xb30a, 0x3, 0x0, 0x0, 0xcb) madvise$auto(0x0, 0x2003f0, 0x15) unshare$auto(0x40000080) mmap$auto(0x0, 0x0, 0xffffffffffffffff, 0xeb1, 0xffffffffffffffff, 0x8000) fanotify_init$auto(0x21245899, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/mempolicy/weighted_interleave/node0\x00', 0xc2082, 0x0) write$auto(r2, 0x0, 0x5) 1.414493574s ago: executing program 1 (id=573): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='./cgroup.net/blkio.bfq.dequeue\x00', 0x8ad00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/trace_clock\x00', 0x800, 0x0) write$auto_trace_clock_fops_trace(r1, &(0x7f0000000100)="e45c3d0fe768e7a93166c7155453458e75deade1b781ca34a3f45016cac99ec1f387aa2328834f4f85905e5175470162f076b2b122befc522ca586a3a386257d6cce509d8007c71a9d71627221ae1ea177f90ad797e02336ab91e4be481da4b35f405853642e1716dce3b3d13c0690d287ddadd4fd0c70a490bd91a1c52e75f0df1b058b456b564885f103c4789c511c71f5fc25efe11d05cb61b9cda863f836c1bb1173936c4ec407f67a4d6891a6d33bfb0ed6e0367efde2f1", 0xba) socket(0xa, 0x5, 0x0) mmap$auto_kernfs_file_fops_kernfs_internal(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2, 0x2010, r0, 0x9013) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x2c, 0x3, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x806, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) ioctl$auto_TIOCMBIC2(r2, 0x5417, &(0x7f0000001100)="4d86cc89fb97caa80f1acd8fa2f593feb9da4fc4dca615f5874ebe7430e287931e8639b5594c595bd396b7a8803ca9bd9f7ca1ef200e51c314f3b719fc8d59ef99f51b3d8a086c460280e7cf84eecd181f1f9a65628e2e22fa4e084a620a432ecce8ac7534d1f77d1a6e78fedd5c608a41e628b3a64742b8dc32e7da17fd78e2c2c9c1b992365d0aa5374227012956a56a3ff7ac750dae93860eb6d7e5a42e4c9c1ae00123af87d375cdf6f6382d2b8f") lsm_list_modules$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 627.244575ms ago: executing program 4 (id=574): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='./cgroup.net/blkio.bfq.dequeue\x00', 0x8ad00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) r0 = socket(0xa, 0x801, 0x84) r1 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r2, &(0x7f0000006200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)={0x38, r3, 0x23, 0x70bd27, 0x25dfdbfc, {}, [@MACSEC_ATTR_SA_CONFIG={0x18, 0x3, 0x0, 0x1, [@nested={0x5, 0x1, 0x0, 0x1, [@generic="03"]}, @typed={0xc, 0x2, 0x0, 0x0, @u64=0xfffffffffffffffe}]}, @MACSEC_ATTR_RXSC_CONFIG={0x4}, @MACSEC_ATTR_IFINDEX={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008000}, 0x0) write$auto(r1, 0x0, 0xe) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x1, 0x0) openat$auto_tracing_stats_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu0/stats\x00', 0x0, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) socket(0x2c, 0x3, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) get_robust_list$auto(0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x23, 0x5, 0x0) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x8) ioctl$auto_TIOCMBIC2(0xffffffffffffffff, 0x5417, &(0x7f0000001100)="4d86cc89fb97caa80f1acd8fa2f593feb9da4fc4dca615f5874ebe7430e287931e8639b5594c595bd396b7a8803ca9bd9f7ca1ef200e51c314f3b719fc8d59ef99f51b3d8a086c460280e7cf84eecd181f1f9a65628e2e22fa4e084a620a432ecce8ac7534d1f77d1a6e78fedd5c608a41e628b3") lsm_list_modules$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x1, 0x3f, 0x0, 0xb) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) 0s ago: executing program 1 (id=575): r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000001380), 0x0, 0x0) mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x51, 0x0) read$auto(0x3, 0x0, 0x80) timerfd_create$auto(0x8, 0x9) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0x2003ef, 0x17) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x80502, 0x0) r2 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, 0x0, 0x202000, 0x0) ioctl$auto_XFS_IOC_EXCHANGE_RANGE(r2, 0x40285881, &(0x7f0000000080)={r0, 0x0, 0x5, 0x7ff, 0x2dd, 0xc}) ioctl$auto_TIOCGPTPEER2(r1, 0x5441, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x10, 0x2, 0xc) r5 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) mmap$auto(0x0, 0x2000c, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="01"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x3, &(0x7f00000002c0)={0x0, 0xc4}, 0x3, 0x0, 0x1, 0x9}, 0x7}, 0x3, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='q\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="4cb245184f86db27df250a000a"], 0xf8}}, 0x10004010) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmallocinfo\x00', 0x100182, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x40047452, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto(0x3, 0xc040564a, 0x38) r6 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000004d40), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_DEL_RXSC(r3, &(0x7f0000007500)={0x0, 0x0, &(0x7f00000074c0)={&(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="01002abd7000fbdbdf2502000000"], 0x14}, 0x1, 0x0, 0x0, 0xc1}, 0x80) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) readlink$auto(&(0x7f0000000000)='.\x00', 0x0, 0x1be) close_range$auto(0x2, 0x8, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.10.46' (ED25519) to the list of known hosts. [ 83.308192][ T5825] cgroup: Unknown subsys name 'net' [ 83.423087][ T5825] cgroup: Unknown subsys name 'cpuset' [ 83.431622][ T5825] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 85.143824][ T5825] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 87.274454][ T5844] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 87.299025][ T5844] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 87.308352][ T5844] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 87.312627][ T5848] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 87.323854][ T5848] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 87.328394][ T5844] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 87.334279][ T5848] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 87.338749][ T5844] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 87.348227][ T5852] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 87.359747][ T5852] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 87.363323][ T5850] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 87.367507][ T5852] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 87.376438][ T5844] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 87.386647][ T5850] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 87.395052][ T5852] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 87.395964][ T5844] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 87.404774][ T5852] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 87.409705][ T5844] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 87.416890][ T5852] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 87.437672][ T5852] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 87.439283][ T5844] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 87.469860][ T5852] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 87.479389][ T5852] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 87.486804][ T5852] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 87.809417][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 87.911246][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 88.032115][ T5836] chnl_net:caif_netlink_parms(): no params data found [ 88.054467][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.062770][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.070312][ T5835] bridge_slave_0: entered allmulticast mode [ 88.077245][ T5835] bridge_slave_0: entered promiscuous mode [ 88.108195][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.115376][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.123127][ T5835] bridge_slave_1: entered allmulticast mode [ 88.130102][ T5835] bridge_slave_1: entered promiscuous mode [ 88.146708][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 88.207280][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.216149][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.223756][ T5837] bridge_slave_0: entered allmulticast mode [ 88.231098][ T5837] bridge_slave_0: entered promiscuous mode [ 88.239421][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.246525][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.253903][ T5837] bridge_slave_1: entered allmulticast mode [ 88.260741][ T5837] bridge_slave_1: entered promiscuous mode [ 88.270423][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.303147][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.351380][ T5835] team0: Port device team_slave_0 added [ 88.359432][ T5835] team0: Port device team_slave_1 added [ 88.383998][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.396599][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.475820][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.483105][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.509392][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.531648][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.542847][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.550602][ T5836] bridge_slave_0: entered allmulticast mode [ 88.557373][ T5836] bridge_slave_0: entered promiscuous mode [ 88.568361][ T5837] team0: Port device team_slave_0 added [ 88.574912][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.582214][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.608313][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.625875][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.633075][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.640493][ T5834] bridge_slave_0: entered allmulticast mode [ 88.647353][ T5834] bridge_slave_0: entered promiscuous mode [ 88.654739][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.662329][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.669953][ T5836] bridge_slave_1: entered allmulticast mode [ 88.677845][ T5836] bridge_slave_1: entered promiscuous mode [ 88.686061][ T5837] team0: Port device team_slave_1 added [ 88.711926][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.719058][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.745057][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.756509][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.764476][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.772396][ T5834] bridge_slave_1: entered allmulticast mode [ 88.780001][ T5834] bridge_slave_1: entered promiscuous mode [ 88.814069][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.821715][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.848483][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.892473][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.905050][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.927629][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.959572][ T5835] hsr_slave_0: entered promiscuous mode [ 88.965967][ T5835] hsr_slave_1: entered promiscuous mode [ 88.993290][ T5837] hsr_slave_0: entered promiscuous mode [ 89.000154][ T5837] hsr_slave_1: entered promiscuous mode [ 89.006326][ T5837] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.014224][ T5837] Cannot create hsr debugfs directory [ 89.022527][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.074561][ T5836] team0: Port device team_slave_0 added [ 89.092116][ T5834] team0: Port device team_slave_0 added [ 89.107328][ T5836] team0: Port device team_slave_1 added [ 89.132012][ T5834] team0: Port device team_slave_1 added [ 89.187169][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.194279][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.221031][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.234181][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.241570][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.268311][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.306037][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.316690][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.343256][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.376343][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.383843][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.410670][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.499316][ T5840] Bluetooth: hci2: command tx timeout [ 89.499319][ T5844] Bluetooth: hci0: command tx timeout [ 89.499808][ T5852] Bluetooth: hci1: command tx timeout [ 89.509239][ T5836] hsr_slave_0: entered promiscuous mode [ 89.523355][ T5836] hsr_slave_1: entered promiscuous mode [ 89.529975][ T5836] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.537572][ T5836] Cannot create hsr debugfs directory [ 89.578167][ T5852] Bluetooth: hci3: command tx timeout [ 89.593368][ T5834] hsr_slave_0: entered promiscuous mode [ 89.599703][ T5834] hsr_slave_1: entered promiscuous mode [ 89.606086][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.614218][ T5834] Cannot create hsr debugfs directory [ 89.731885][ T5837] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 89.746675][ T5837] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 89.782422][ T5837] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 89.797146][ T5837] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 89.875837][ T5835] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 89.894624][ T5835] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 89.905091][ T5835] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 89.915902][ T5835] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 90.002381][ T5836] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 90.025408][ T5836] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 90.039966][ T5836] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 90.052730][ T5836] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 90.124385][ T5834] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 90.147743][ T5834] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 90.182908][ T5834] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 90.209051][ T5834] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 90.244580][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.257641][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.279196][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.315551][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.322871][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.363840][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.371020][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.384803][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.409018][ T4173] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.416164][ T4173] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.444395][ T33] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.451650][ T33] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.484909][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.565909][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.634263][ T5837] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 90.659754][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.666899][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.698338][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.705486][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.733234][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.822858][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.846121][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.853334][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.891494][ T33] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.898714][ T33] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.965201][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.093571][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.164866][ T5835] veth0_vlan: entered promiscuous mode [ 91.213973][ T5835] veth1_vlan: entered promiscuous mode [ 91.282343][ T5837] veth0_vlan: entered promiscuous mode [ 91.323175][ T5837] veth1_vlan: entered promiscuous mode [ 91.351209][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.361240][ T5835] veth0_macvtap: entered promiscuous mode [ 91.381628][ T5835] veth1_macvtap: entered promiscuous mode [ 91.425763][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.437409][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.455498][ T5837] veth0_macvtap: entered promiscuous mode [ 91.473312][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.492519][ T5837] veth1_macvtap: entered promiscuous mode [ 91.501667][ T5835] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.515808][ T5835] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.525278][ T5835] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.537672][ T5835] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.580428][ T5852] Bluetooth: hci1: command tx timeout [ 91.580437][ T5844] Bluetooth: hci2: command tx timeout [ 91.589927][ T5844] Bluetooth: hci0: command tx timeout [ 91.626745][ T5836] veth0_vlan: entered promiscuous mode [ 91.645461][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.658256][ T5844] Bluetooth: hci3: command tx timeout [ 91.671188][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.686876][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.722242][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.733355][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.745132][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.756447][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.760145][ T5837] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.774176][ T5837] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.782982][ T5837] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.792070][ T5837] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.801337][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.836143][ T5834] veth0_vlan: entered promiscuous mode [ 91.855885][ T5836] veth1_vlan: entered promiscuous mode [ 91.875067][ T5057] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.903863][ T5057] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.931466][ T5834] veth1_vlan: entered promiscuous mode [ 92.011631][ T5836] veth0_macvtap: entered promiscuous mode [ 92.029776][ T5834] veth0_macvtap: entered promiscuous mode [ 92.040495][ T5836] veth1_macvtap: entered promiscuous mode [ 92.108433][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.116318][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.129727][ T5835] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 92.148182][ T5834] veth1_macvtap: entered promiscuous mode [ 92.177714][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.188609][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.199710][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.210350][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.239660][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.261800][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.288931][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.308013][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.340006][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.373703][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.408396][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.430184][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.451025][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.475678][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.493015][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.493061][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.494317][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.503369][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.503402][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.503418][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.503441][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.503460][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.503483][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.504615][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.506079][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.506133][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.526496][ T5836] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.526546][ T5836] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.526596][ T5836] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.526635][ T5836] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.531327][ T5834] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.531383][ T5834] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.531428][ T5834] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.531491][ T5834] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.746820][ T4173] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.746851][ T4173] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.946273][ T5057] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.946303][ T5057] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.947780][ T5057] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.947803][ T5057] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.237599][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.237629][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.583901][ T5916] capability: warning: `syz.3.4' uses 32-bit capabilities (legacy support in use) [ 93.642814][ T5916] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4'. [ 93.646007][ T5916] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4'. [ 93.658976][ T5844] Bluetooth: hci1: command tx timeout [ 93.659026][ T5844] Bluetooth: hci0: command tx timeout [ 93.659067][ T5844] Bluetooth: hci2: command tx timeout [ 93.749296][ T5852] Bluetooth: hci3: command tx timeout [ 94.011292][ T5922] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 94.088450][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.096596][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.097456][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.098308][ T0] NOHZ tick-stop error: local softirq work is pending, handler #2c0!!! [ 94.120910][ T5923] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 94.122568][ T5923] Zero length message leads to an empty skb [ 94.851070][ T5932] netlink: 'syz.2.6': attribute type 3 has an invalid length. [ 95.739383][ T5852] Bluetooth: hci2: command tx timeout [ 95.739404][ T5844] Bluetooth: hci0: command tx timeout [ 95.739455][ T5844] Bluetooth: hci1: command tx timeout [ 95.818481][ T5844] Bluetooth: hci3: command tx timeout [ 97.389375][ T9] cfg80211: failed to load regulatory.db [ 99.275323][ T5987] netlink: 93 bytes leftover after parsing attributes in process `syz.1.20'. [ 100.280164][ T5999] netlink: 32 bytes leftover after parsing attributes in process `syz.2.25'. [ 102.358686][ T6024] : Can't lookup blockdev [ 102.695983][ T6032] netlink: 'syz.1.33': attribute type 3 has an invalid length. [ 103.666173][ T6044] netlink: 4 bytes leftover after parsing attributes in process `syz.2.35'. [ 103.817353][ T6044] FAULT_INJECTION: forcing a failure. [ 103.817353][ T6044] name failslab, interval 1, probability 0, space 0, times 1 [ 103.859781][ T6044] CPU: 1 UID: 0 PID: 6044 Comm: syz.2.35 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 103.859820][ T6044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 103.859836][ T6044] Call Trace: [ 103.859846][ T6044] [ 103.859861][ T6044] dump_stack_lvl+0x16c/0x1f0 [ 103.859911][ T6044] should_fail_ex+0x50a/0x650 [ 103.859961][ T6044] ? fs_reclaim_acquire+0xae/0x150 [ 103.860007][ T6044] ? __register_sysctl_table+0xeaf/0x1910 [ 103.860057][ T6044] should_failslab+0xc2/0x120 [ 103.860089][ T6044] __kmalloc_noprof+0xcb/0x510 [ 103.860146][ T6044] __register_sysctl_table+0xeaf/0x1910 [ 103.860203][ T6044] ? __pfx___register_sysctl_table+0x10/0x10 [ 103.860255][ T6044] ? is_module_address+0x2a/0x50 [ 103.860301][ T6044] ? register_net_sysctl_sz+0x228/0x3e0 [ 103.860344][ T6044] ? __asan_memcpy+0x3c/0x60 [ 103.860390][ T6044] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 103.860436][ T6044] nf_lwtunnel_net_init+0x60/0xf0 [ 103.860497][ T6044] ops_init+0x1df/0x5f0 [ 103.860548][ T6044] setup_net+0x21f/0x860 [ 103.860597][ T6044] ? __pfx_setup_net+0x10/0x10 [ 103.860642][ T6044] ? down_read_killable+0xcc/0x380 [ 103.860689][ T6044] ? __pfx_down_read_killable+0x10/0x10 [ 103.860743][ T6044] ? __raw_spin_lock_init+0x3a/0x110 [ 103.860776][ T6044] ? debug_mutex_init+0x37/0x70 [ 103.860813][ T6044] copy_net_ns+0x2a6/0x5f0 [ 103.860848][ T6044] create_new_namespaces+0x3ea/0xad0 [ 103.860907][ T6044] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 103.860962][ T6044] ksys_unshare+0x45d/0xa40 [ 103.860995][ T6044] ? __pfx_ksys_unshare+0x10/0x10 [ 103.861043][ T6044] ? xfd_validate_state+0x5d/0x180 [ 103.861096][ T6044] __x64_sys_unshare+0x31/0x40 [ 103.861126][ T6044] do_syscall_64+0xcd/0x250 [ 103.861169][ T6044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.861210][ T6044] RIP: 0033:0x7f14aaf8d169 [ 103.861231][ T6044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 103.861267][ T6044] RSP: 002b:00007f14abdbe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 103.861294][ T6044] RAX: ffffffffffffffda RBX: 00007f14ab1a5fa0 RCX: 00007f14aaf8d169 [ 103.861312][ T6044] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 103.861328][ T6044] RBP: 00007f14ab00e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 103.861344][ T6044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 103.861360][ T6044] R13: 0000000000000000 R14: 00007f14ab1a5fa0 R15: 00007fffff741ad8 [ 103.861395][ T6044] [ 103.861474][ T6044] sysctl could not get directory: /net -12 [ 104.228150][ T6047] netlink: 'syz.0.36': attribute type 3 has an invalid length. [ 104.662043][ T6055] Invalid ELF header magic: != ELF [ 107.168138][ T6084] Invalid ELF header magic: != ELF [ 110.778543][ T6106] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 111.259833][ T6112] syz.0.54 uses obsolete (PF_INET,SOCK_PACKET) [ 111.809724][ T6128] ima: policy update failed [ 111.818931][ T6128] netlink: 346 bytes leftover after parsing attributes in process `syz.0.57'. [ 111.856671][ T29] audit: type=1802 audit(6036179078.099:2): pid=6128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.57" res=0 errno=0 [ 116.603064][ T6175] zero sized request [ 118.889794][ T6235] mmap: syz.2.81 (6235) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 122.915548][ T6303] netlink: 'syz.3.88': attribute type 3 has an invalid length. [ 133.198734][ T6401] netlink: 'syz.2.101': attribute type 3 has an invalid length. [ 133.659074][ T6423] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed. [ 133.938402][ T6392] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 134.853769][ T6437] netlink: 'syz.1.111': attribute type 3 has an invalid length. [ 135.494250][ T6441] process 'syz.0.112' launched '/dev/fd/2' with NULL argv: empty string added [ 138.306432][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.318023][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 140.257917][ T6474] netlink: 93 bytes leftover after parsing attributes in process `syz.0.119'. [ 140.840709][ T6473] nbd: nbd7 already in use [ 141.932260][ T6487] netlink: 330 bytes leftover after parsing attributes in process `syz.0.121'. [ 145.414491][ T6519] random: crng reseeded on system resumption [ 147.253285][ T6546] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 147.987367][ T6560] netlink: 'syz.0.136': attribute type 3 has an invalid length. [ 148.919252][ T6576] netlink: 93 bytes leftover after parsing attributes in process `syz.3.141'. [ 153.973173][ T6632] netlink: 'syz.0.154': attribute type 3 has an invalid length. [ 155.356392][ T6652] netlink: 'syz.0.159': attribute type 3 has an invalid length. [ 156.215006][ T6663] netlink: 'syz.3.161': attribute type 3 has an invalid length. [ 157.749835][ T6675] netlink: 'syz.3.163': attribute type 3 has an invalid length. [ 158.212161][ T6656] nbd: nbd7 already in use [ 159.580365][ T6691] synth uevent: /bus/memstick: unknown uevent action string [ 161.048513][ T6707] netlink: 'syz.1.171': attribute type 3 has an invalid length. [ 161.176481][ T6712] Invalid ELF header magic: != ELF [ 162.090870][ T6723] netlink: 93 bytes leftover after parsing attributes in process `syz.1.175'. [ 162.146916][ T6726] netlink: 330 bytes leftover after parsing attributes in process `syz.0.176'. [ 166.509734][ T6789] netlink: 93 bytes leftover after parsing attributes in process `syz.3.193'. [ 166.754796][ T6797] Invalid ELF header magic: != ELF [ 168.730142][ T6816] netlink: 'syz.0.201': attribute type 2 has an invalid length. [ 169.754917][ T6836] netlink: 93 bytes leftover after parsing attributes in process `syz.0.206'. [ 169.854522][ T6843] FAULT_INJECTION: forcing a failure. [ 169.854522][ T6843] name failslab, interval 1, probability 0, space 0, times 0 [ 169.875199][ T6843] CPU: 0 UID: 0 PID: 6843 Comm: syz.1.207 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 169.875239][ T6843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 169.875257][ T6843] Call Trace: [ 169.875266][ T6843] [ 169.875279][ T6843] dump_stack_lvl+0x16c/0x1f0 [ 169.875327][ T6843] should_fail_ex+0x50a/0x650 [ 169.875385][ T6843] ? sctp_add_bind_addr+0x9a/0x3d0 [ 169.875416][ T6843] should_failslab+0xc2/0x120 [ 169.875447][ T6843] __kmalloc_cache_noprof+0x68/0x410 [ 169.875502][ T6843] sctp_add_bind_addr+0x9a/0x3d0 [ 169.875544][ T6843] sctp_copy_local_addr_list+0x39e/0x5a0 [ 169.875590][ T6843] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 169.875637][ T6843] ? sctp_auth_asoc_copy_shkeys+0x2a7/0x360 [ 169.875680][ T6843] ? sctp_bind_addr_copy+0xe0/0x530 [ 169.875708][ T6843] sctp_bind_addr_copy+0xe0/0x530 [ 169.875745][ T6843] sctp_connect_new_asoc+0x1d8/0x790 [ 169.875788][ T6843] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 169.875833][ T6843] ? mark_held_locks+0x9f/0xe0 [ 169.875881][ T6843] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 169.875928][ T6843] sctp_sendmsg+0x1610/0x1eb0 [ 169.875981][ T6843] ? __pfx_sctp_sendmsg+0x10/0x10 [ 169.876045][ T6843] ? __pfx_aa_sk_perm+0x10/0x10 [ 169.876081][ T6843] ? __pfx_sctp_sendmsg+0x10/0x10 [ 169.876123][ T6843] inet_sendmsg+0x119/0x140 [ 169.876168][ T6843] ____sys_sendmsg+0x98c/0xc90 [ 169.876201][ T6843] ? __pfx_____sys_sendmsg+0x10/0x10 [ 169.876229][ T6843] ? __lock_acquire+0xcc5/0x3c40 [ 169.876281][ T6843] ___sys_sendmsg+0x135/0x1e0 [ 169.876324][ T6843] ? __pfx____sys_sendmsg+0x10/0x10 [ 169.876380][ T6843] ? trace_lock_acquire+0x14e/0x1f0 [ 169.876435][ T6843] __sys_sendmmsg+0x201/0x420 [ 169.876479][ T6843] ? __pfx___sys_sendmmsg+0x10/0x10 [ 169.876529][ T6843] ? __pfx_do_futex+0x10/0x10 [ 169.876578][ T6843] ? xfd_validate_state+0x5d/0x180 [ 169.876615][ T6843] ? rcu_is_watching+0x12/0xc0 [ 169.876651][ T6843] __x64_sys_sendmmsg+0x9c/0x100 [ 169.876690][ T6843] ? lockdep_hardirqs_on+0x7c/0x110 [ 169.876724][ T6843] do_syscall_64+0xcd/0x250 [ 169.876763][ T6843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.876801][ T6843] RIP: 0033:0x7f01aa98d169 [ 169.876823][ T6843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 169.876848][ T6843] RSP: 002b:00007f01ab7d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 169.876879][ T6843] RAX: ffffffffffffffda RBX: 00007f01aaba6080 RCX: 00007f01aa98d169 [ 169.876897][ T6843] RDX: 0000000000000005 RSI: 0000400000000140 RDI: 0000000000000008 [ 169.876913][ T6843] RBP: 00007f01aaa0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 169.876929][ T6843] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000000 [ 169.876945][ T6843] R13: 0000000000000000 R14: 00007f01aaba6080 R15: 00007ffd7ed1e7b8 [ 169.876979][ T6843] [ 170.187037][ T6846] FAULT_INJECTION: forcing a failure. [ 170.187037][ T6846] name failslab, interval 1, probability 0, space 0, times 0 [ 170.223106][ T6846] CPU: 1 UID: 0 PID: 6846 Comm: syz.0.209 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 170.223151][ T6846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 170.223169][ T6846] Call Trace: [ 170.223179][ T6846] [ 170.223191][ T6846] dump_stack_lvl+0x16c/0x1f0 [ 170.223242][ T6846] should_fail_ex+0x50a/0x650 [ 170.223295][ T6846] ? fs_reclaim_acquire+0xae/0x150 [ 170.223341][ T6846] should_failslab+0xc2/0x120 [ 170.223373][ T6846] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 170.223424][ T6846] ? vma_merge_new_range+0x40a/0xbb0 [ 170.223474][ T6846] ? vm_area_alloc+0x134/0x230 [ 170.223529][ T6846] vm_area_alloc+0x134/0x230 [ 170.223578][ T6846] __mmap_region+0x108d/0x2760 [ 170.223613][ T6846] ? __pfx___mmap_region+0x10/0x10 [ 170.223663][ T6846] ? hlock_class+0x4e/0x130 [ 170.223698][ T6846] ? mark_lock+0xb5/0xc60 [ 170.223756][ T6846] ? schedule+0x298/0x350 [ 170.223842][ T6846] ? cap_capable+0xb3/0x250 [ 170.223884][ T6846] mmap_region+0x1ab/0x3f0 [ 170.223921][ T6846] do_mmap+0xd8d/0x11b0 [ 170.223972][ T6846] ? __pfx_do_mmap+0x10/0x10 [ 170.224016][ T6846] ? __pfx_down_write_killable+0x10/0x10 [ 170.224079][ T6846] vm_mmap_pgoff+0x203/0x3a0 [ 170.224134][ T6846] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 170.224186][ T6846] ? __x64_sys_futex+0x1e1/0x4c0 [ 170.224223][ T6846] ? __x64_sys_futex+0x1ea/0x4c0 [ 170.224268][ T6846] ksys_mmap_pgoff+0x7d/0x5c0 [ 170.224303][ T6846] ? rcu_is_watching+0x12/0xc0 [ 170.224335][ T6846] __x64_sys_mmap+0x125/0x190 [ 170.224381][ T6846] do_syscall_64+0xcd/0x250 [ 170.224418][ T6846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.224455][ T6846] RIP: 0033:0x7f2db258d169 [ 170.224476][ T6846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 170.224503][ T6846] RSP: 002b:00007f2db3328038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 170.224528][ T6846] RAX: ffffffffffffffda RBX: 00007f2db27a5fa0 RCX: 00007f2db258d169 [ 170.224546][ T6846] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 170.224562][ T6846] RBP: 00007f2db260e2a0 R08: 0000000000000002 R09: 0000000000008000 [ 170.224578][ T6846] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 170.224593][ T6846] R13: 0000000000000000 R14: 00007f2db27a5fa0 R15: 00007fff0bf26058 [ 170.224627][ T6846] [ 170.488787][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 171.077847][ T6856] FAULT_INJECTION: forcing a failure. [ 171.077847][ T6856] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 171.140487][ T6856] CPU: 1 UID: 0 PID: 6856 Comm: syz.1.212 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 171.140551][ T6856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 171.140571][ T6856] Call Trace: [ 171.140580][ T6856] [ 171.140593][ T6856] dump_stack_lvl+0x16c/0x1f0 [ 171.140655][ T6856] should_fail_ex+0x50a/0x650 [ 171.140706][ T6856] ? __pfx___might_resched+0x10/0x10 [ 171.140782][ T6856] should_fail_alloc_page+0xe7/0x130 [ 171.140832][ T6856] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 171.140886][ T6856] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 171.140962][ T6856] ? __pfx_mark_lock+0x10/0x10 [ 171.141018][ T6856] ? mas_next_slot+0x12d3/0x21b0 [ 171.141067][ T6856] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 171.141147][ T6856] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 171.141202][ T6856] ? policy_nodemask+0xea/0x4e0 [ 171.141237][ T6856] alloc_pages_mpol+0x1fc/0x540 [ 171.141271][ T6856] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 171.141302][ T6856] ? find_held_lock+0x2d/0x110 [ 171.141346][ T6856] alloc_pages_noprof+0x131/0x390 [ 171.141379][ T6856] __pmd_alloc+0x3f/0x870 [ 171.141427][ T6856] __handle_mm_fault+0x9fb/0x2c60 [ 171.141488][ T6856] ? __pfx___handle_mm_fault+0x10/0x10 [ 171.141878][ T6856] handle_mm_fault+0x3fa/0xaa0 [ 171.141956][ T6856] __get_user_pages+0x773/0x36f0 [ 171.142406][ T6856] ? __pfx_mt_find+0x10/0x10 [ 171.142479][ T6856] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 171.142534][ T6856] ? __pfx___get_user_pages+0x10/0x10 [ 171.142593][ T6856] ? __mm_populate+0x21d/0x380 [ 171.142654][ T6856] populate_vma_page_range+0x27f/0x3a0 [ 171.142710][ T6856] ? __pfx_populate_vma_page_range+0x10/0x10 [ 171.142861][ T6856] ? __pfx_find_vma_intersection+0x10/0x10 [ 171.142910][ T6856] ? vm_mmap_pgoff+0x29b/0x3a0 [ 171.142962][ T6856] __mm_populate+0x1d6/0x380 [ 171.143016][ T6856] ? __pfx___mm_populate+0x10/0x10 [ 171.143070][ T6856] ? up_write+0x1b2/0x520 [ 171.143126][ T6856] vm_mmap_pgoff+0x2d3/0x3a0 [ 171.143180][ T6856] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 171.143233][ T6856] ? __x64_sys_futex+0x1e1/0x4c0 [ 171.143273][ T6856] ? __x64_sys_futex+0x1ea/0x4c0 [ 171.143321][ T6856] ksys_mmap_pgoff+0x7d/0x5c0 [ 171.143362][ T6856] ? rcu_is_watching+0x12/0xc0 [ 171.143403][ T6856] __x64_sys_mmap+0x125/0x190 [ 171.143456][ T6856] do_syscall_64+0xcd/0x250 [ 171.143505][ T6856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.143564][ T6856] RIP: 0033:0x7f01aa98d169 [ 171.143590][ T6856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 171.143621][ T6856] RSP: 002b:00007f01ab7fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 171.143651][ T6856] RAX: ffffffffffffffda RBX: 00007f01aaba5fa0 RCX: 00007f01aa98d169 [ 171.143672][ T6856] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 171.143691][ T6856] RBP: 00007f01aaa0e2a0 R08: 0000000000000002 R09: 0000000000008000 [ 171.143711][ T6856] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 171.143730][ T6856] R13: 0000000000000000 R14: 00007f01aaba5fa0 R15: 00007ffd7ed1e7b8 [ 171.143771][ T6856] [ 173.865339][ T6895] netlink: 93 bytes leftover after parsing attributes in process `syz.3.223'. [ 174.638172][ T6887] nbd: nbd7 already in use [ 177.208039][ T6927] netlink: 306 bytes leftover after parsing attributes in process `syz.2.231'. [ 179.010767][ T6961] netlink: 330 bytes leftover after parsing attributes in process `syz.1.238'. [ 179.048573][ T6961] net veth1_virt_wifi : renamed from virt_wifi0 [ 179.781307][ T6980] GUP no longer grows the stack in syz.2.244 (6980): 9000-401000 (8000) [ 179.818091][ T6980] CPU: 1 UID: 0 PID: 6980 Comm: syz.2.244 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 179.818155][ T6980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 179.818175][ T6980] Call Trace: [ 179.818185][ T6980] [ 179.818198][ T6980] dump_stack_lvl+0x16c/0x1f0 [ 179.818250][ T6980] gup_vma_lookup+0x1d2/0x220 [ 179.818297][ T6980] __get_user_pages+0x236/0x36f0 [ 179.818345][ T6980] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 179.818400][ T6980] ? __gup_longterm_locked+0x124/0x1870 [ 179.818450][ T6980] ? __gup_longterm_locked+0x124/0x1870 [ 179.818502][ T6980] ? __pfx___get_user_pages+0x10/0x10 [ 179.818547][ T6980] ? down_read_killable+0xcc/0x380 [ 179.818595][ T6980] ? __pfx_down_read_killable+0x10/0x10 [ 179.818649][ T6980] ? find_held_lock+0x2d/0x110 [ 179.818687][ T6980] __gup_longterm_locked+0x212/0x1870 [ 179.818736][ T6980] ? __pfx_lock_release+0x10/0x10 [ 179.818780][ T6980] ? trace_lock_acquire+0x14e/0x1f0 [ 179.818825][ T6980] ? __pfx___gup_longterm_locked+0x10/0x10 [ 179.818872][ T6980] ? gup_fast_fallback+0x84c/0x2690 [ 179.818920][ T6980] ? __pfx_lock_release+0x10/0x10 [ 179.818965][ T6980] ? try_get_folio+0x517/0x800 [ 179.819010][ T6980] ? sanity_check_pinned_pages+0x3ab/0x11e0 [ 179.819065][ T6980] gup_fast_fallback+0x1802/0x2690 [ 179.819145][ T6980] ? __pfx_gup_fast_fallback+0x10/0x10 [ 179.819193][ T6980] ? blkdev_write_iter+0x6f9/0xdd0 [ 179.819237][ T6980] ? vfs_write+0x5ae/0x1150 [ 179.819281][ T6980] ? ksys_write+0x12b/0x250 [ 179.819325][ T6980] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.819373][ T6980] ? __pfx_mark_lock+0x10/0x10 [ 179.819429][ T6980] pin_user_pages_fast+0xa8/0x100 [ 179.819478][ T6980] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 179.819540][ T6980] iov_iter_extract_pages+0x3a5/0x2010 [ 179.819589][ T6980] ? rcu_is_watching+0x12/0xc0 [ 179.819623][ T6980] ? __pfx_iov_iter_extract_pages+0x10/0x10 [ 179.819659][ T6980] ? find_held_lock+0x2d/0x110 [ 179.819704][ T6980] ? find_held_lock+0x2d/0x110 [ 179.819748][ T6980] bio_iov_iter_get_pages+0x37c/0x1100 [ 179.819780][ T6980] ? _raw_spin_unlock+0x28/0x50 [ 179.819833][ T6980] ? __pfx_bio_iov_iter_get_pages+0x10/0x10 [ 179.819885][ T6980] __blkdev_direct_IO_simple+0x361/0x820 [ 179.819939][ T6980] ? __pfx___blkdev_direct_IO_simple+0x10/0x10 [ 179.820020][ T6980] ? rcu_is_watching+0x12/0xc0 [ 179.820054][ T6980] ? trace_inode_set_ctime_to_ts+0x17f/0x1f0 [ 179.820086][ T6980] ? iov_iter_is_aligned+0xf2/0x5a0 [ 179.820123][ T6980] ? iov_iter_npages+0xf0/0x5a0 [ 179.820158][ T6980] blkdev_direct_IO+0xaa9/0x1c40 [ 179.820220][ T6980] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 179.820262][ T6980] ? rcu_is_watching+0x12/0xc0 [ 179.820300][ T6980] ? __mark_inode_dirty+0x2a5/0xe50 [ 179.820336][ T6980] ? filemap_check_errors+0xa9/0x160 [ 179.820403][ T6980] blkdev_write_iter+0x6f9/0xdd0 [ 179.820455][ T6980] vfs_write+0x5ae/0x1150 [ 179.820500][ T6980] ? __pfx_blkdev_write_iter+0x10/0x10 [ 179.820549][ T6980] ? __pfx_vfs_write+0x10/0x10 [ 179.820590][ T6980] ? do_futex+0x123/0x350 [ 179.820632][ T6980] ? __fget_files+0x40/0x3a0 [ 179.820698][ T6980] ksys_write+0x12b/0x250 [ 179.820742][ T6980] ? __pfx_ksys_write+0x10/0x10 [ 179.820798][ T6980] do_syscall_64+0xcd/0x250 [ 179.820845][ T6980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.820887][ T6980] RIP: 0033:0x7f14aaf8d169 [ 179.820913][ T6980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 179.820944][ T6980] RSP: 002b:00007f14abd9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 179.820974][ T6980] RAX: ffffffffffffffda RBX: 00007f14ab1a6080 RCX: 00007f14aaf8d169 [ 179.820995][ T6980] RDX: 000000007fff8fff RSI: 0000000000000000 RDI: 0000000000000003 [ 179.821014][ T6980] RBP: 00007f14ab00e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 179.821032][ T6980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 179.821050][ T6980] R13: 0000000000000000 R14: 00007f14ab1a6080 R15: 00007fffff741ad8 [ 179.821089][ T6980] [ 180.325958][ T6979] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input6 [ 180.918287][ T6990] FAULT_INJECTION: forcing a failure. [ 180.918287][ T6990] name failslab, interval 1, probability 0, space 0, times 0 [ 180.931182][ T6990] CPU: 1 UID: 0 PID: 6990 Comm: syz.0.247 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 180.931224][ T6990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 180.931243][ T6990] Call Trace: [ 180.931253][ T6990] [ 180.931265][ T6990] dump_stack_lvl+0x16c/0x1f0 [ 180.931314][ T6990] should_fail_ex+0x50a/0x650 [ 180.931366][ T6990] ? fs_reclaim_acquire+0xae/0x150 [ 180.931412][ T6990] should_failslab+0xc2/0x120 [ 180.931443][ T6990] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 180.931494][ T6990] ? vma_merge_new_range+0x40a/0xbb0 [ 180.931554][ T6990] ? vm_area_alloc+0x134/0x230 [ 180.931624][ T6990] vm_area_alloc+0x134/0x230 [ 180.931670][ T6990] __mmap_region+0x108d/0x2760 [ 180.931705][ T6990] ? __pfx___mmap_region+0x10/0x10 [ 180.931746][ T6990] ? hlock_class+0x4e/0x130 [ 180.931791][ T6990] ? mark_lock+0xb5/0xc60 [ 180.931854][ T6990] ? schedule+0x298/0x350 [ 180.931936][ T6990] ? cap_capable+0xb3/0x250 [ 180.931976][ T6990] mmap_region+0x1ab/0x3f0 [ 180.932012][ T6990] do_mmap+0xd8d/0x11b0 [ 180.932060][ T6990] ? __pfx_do_mmap+0x10/0x10 [ 180.932104][ T6990] ? __pfx_down_write_killable+0x10/0x10 [ 180.932159][ T6990] vm_mmap_pgoff+0x203/0x3a0 [ 180.932210][ T6990] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 180.932261][ T6990] ? __x64_sys_futex+0x1e1/0x4c0 [ 180.932298][ T6990] ? __x64_sys_futex+0x1ea/0x4c0 [ 180.932342][ T6990] ksys_mmap_pgoff+0x7d/0x5c0 [ 180.932382][ T6990] ? rcu_is_watching+0x12/0xc0 [ 180.932420][ T6990] __x64_sys_mmap+0x125/0x190 [ 180.932470][ T6990] do_syscall_64+0xcd/0x250 [ 180.932515][ T6990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.932559][ T6990] RIP: 0033:0x7f2db258d169 [ 180.932583][ T6990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.932613][ T6990] RSP: 002b:00007f2db3328038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 180.932646][ T6990] RAX: ffffffffffffffda RBX: 00007f2db27a5fa0 RCX: 00007f2db258d169 [ 180.932667][ T6990] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 180.932684][ T6990] RBP: 00007f2db260e2a0 R08: 0000000000000002 R09: 0000000000008000 [ 180.932702][ T6990] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 180.932719][ T6990] R13: 0000000000000000 R14: 00007f2db27a5fa0 R15: 00007fff0bf26058 [ 180.932756][ T6990] [ 181.629253][ T7000] FAULT_INJECTION: forcing a failure. [ 181.629253][ T7000] name fail_futex, interval 1, probability 0, space 0, times 1 [ 181.678611][ T7000] CPU: 1 UID: 0 PID: 7000 Comm: syz.2.250 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 181.678655][ T7000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 181.678673][ T7000] Call Trace: [ 181.678682][ T7000] [ 181.678694][ T7000] dump_stack_lvl+0x16c/0x1f0 [ 181.678744][ T7000] should_fail_ex+0x50a/0x650 [ 181.678803][ T7000] get_futex_key+0x4a3/0x1000 [ 181.678845][ T7000] ? __pfx_get_futex_key+0x10/0x10 [ 181.678886][ T7000] ? __destroy_inode+0x2e4/0x730 [ 181.678920][ T7000] ? __pfx_sock_free_inode+0x10/0x10 [ 181.678960][ T7000] futex_wake+0xe8/0x4e0 [ 181.679014][ T7000] ? __pfx_evict+0x10/0x10 [ 181.679047][ T7000] ? __pfx_futex_wake+0x10/0x10 [ 181.679112][ T7000] do_futex+0x1e5/0x350 [ 181.679153][ T7000] ? __pfx_do_futex+0x10/0x10 [ 181.679193][ T7000] ? __sock_release+0x20b/0x270 [ 181.679253][ T7000] __x64_sys_futex+0x1e1/0x4c0 [ 181.679295][ T7000] ? __sys_socket+0xad/0x260 [ 181.679333][ T7000] ? __pfx___x64_sys_futex+0x10/0x10 [ 181.679376][ T7000] ? rcu_is_watching+0x12/0xc0 [ 181.679423][ T7000] do_syscall_64+0xcd/0x250 [ 181.679470][ T7000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.679515][ T7000] RIP: 0033:0x7f14aaf8d169 [ 181.679539][ T7000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 181.679569][ T7000] RSP: 002b:00007f14abdbe0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 181.679599][ T7000] RAX: ffffffffffffffda RBX: 00007f14ab1a5fa8 RCX: 00007f14aaf8d169 [ 181.679619][ T7000] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f14ab1a5fac [ 181.679637][ T7000] RBP: 00007f14ab1a5fa0 R08: 00007f14abdbf000 R09: 0000000000000000 [ 181.679656][ T7000] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f14ab1a5fac [ 181.679675][ T7000] R13: 0000000000000000 R14: 00007fffff7419f0 R15: 00007fffff741ad8 [ 181.679726][ T7000] [ 182.198280][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 182.206620][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 182.858355][ T6995] netlink: 93 bytes leftover after parsing attributes in process `syz.1.248'. [ 183.355087][ T29] audit: type=1326 audit(6036179157.641:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6996 comm="syz.0.249" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2db258d169 code=0x0 [ 185.878561][ T7039] FAULT_INJECTION: forcing a failure. [ 185.878561][ T7039] name failslab, interval 1, probability 0, space 0, times 0 [ 185.918004][ T7039] CPU: 1 UID: 0 PID: 7039 Comm: syz.2.258 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 185.918046][ T7039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 185.918065][ T7039] Call Trace: [ 185.918074][ T7039] [ 185.918086][ T7039] dump_stack_lvl+0x16c/0x1f0 [ 185.918133][ T7039] should_fail_ex+0x50a/0x650 [ 185.918182][ T7039] ? fs_reclaim_acquire+0xae/0x150 [ 185.918224][ T7039] should_failslab+0xc2/0x120 [ 185.918251][ T7039] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 185.918297][ T7039] ? vma_merge_new_range+0x40a/0xbb0 [ 185.918342][ T7039] ? vm_area_alloc+0x134/0x230 [ 185.918393][ T7039] vm_area_alloc+0x134/0x230 [ 185.918442][ T7039] __mmap_region+0x108d/0x2760 [ 185.918475][ T7039] ? __pfx___mmap_region+0x10/0x10 [ 185.918514][ T7039] ? hlock_class+0x4e/0x130 [ 185.918547][ T7039] ? mark_lock+0xb5/0xc60 [ 185.918603][ T7039] ? schedule+0x298/0x350 [ 185.918696][ T7039] ? cap_capable+0xb3/0x250 [ 185.918736][ T7039] mmap_region+0x1ab/0x3f0 [ 185.918773][ T7039] do_mmap+0xd8d/0x11b0 [ 185.918823][ T7039] ? __pfx_do_mmap+0x10/0x10 [ 185.918867][ T7039] ? __pfx_down_write_killable+0x10/0x10 [ 185.918922][ T7039] vm_mmap_pgoff+0x203/0x3a0 [ 185.918975][ T7039] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 185.919028][ T7039] ? __x64_sys_futex+0x1e1/0x4c0 [ 185.919067][ T7039] ? __x64_sys_futex+0x1ea/0x4c0 [ 185.919114][ T7039] ksys_mmap_pgoff+0x7d/0x5c0 [ 185.919156][ T7039] ? rcu_is_watching+0x12/0xc0 [ 185.919195][ T7039] __x64_sys_mmap+0x125/0x190 [ 185.919248][ T7039] do_syscall_64+0xcd/0x250 [ 185.919296][ T7039] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.919342][ T7039] RIP: 0033:0x7f14aaf8d169 [ 185.919368][ T7039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 185.919398][ T7039] RSP: 002b:00007f14abdbe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 185.919428][ T7039] RAX: ffffffffffffffda RBX: 00007f14ab1a5fa0 RCX: 00007f14aaf8d169 [ 185.919449][ T7039] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 185.919467][ T7039] RBP: 00007f14ab00e2a0 R08: 0000000000000002 R09: 0000000000008000 [ 185.919485][ T7039] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 185.919503][ T7039] R13: 0000000000000000 R14: 00007f14ab1a5fa0 R15: 00007fffff741ad8 [ 185.919542][ T7039] [ 188.459314][ T7055] netlink: 93 bytes leftover after parsing attributes in process `syz.1.262'. [ 188.485214][ T7053] netlink: 93 bytes leftover after parsing attributes in process `syz.0.263'. [ 189.022179][ T7065] netlink: 'syz.0.266': attribute type 1 has an invalid length. [ 189.030864][ T7065] netlink: 8 bytes leftover after parsing attributes in process `syz.0.266'. [ 189.792025][ T7077] netlink: 'syz.1.268': attribute type 1 has an invalid length. [ 189.903768][ T7077] netlink: 8 bytes leftover after parsing attributes in process `syz.1.268'. [ 191.859020][ T7088] Invalid ELF header magic: != ELF [ 195.633195][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 195.642433][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 195.654542][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 195.671651][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 195.688719][ T5840] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 195.698926][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 195.780534][ T7123] FAULT_INJECTION: forcing a failure. [ 195.780534][ T7123] name failslab, interval 1, probability 0, space 0, times 0 [ 195.839337][ T7123] CPU: 0 UID: 0 PID: 7123 Comm: syz.0.280 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 195.839380][ T7123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 195.839398][ T7123] Call Trace: [ 195.839407][ T7123] [ 195.839418][ T7123] dump_stack_lvl+0x16c/0x1f0 [ 195.839466][ T7123] should_fail_ex+0x50a/0x650 [ 195.839517][ T7123] ? fs_reclaim_acquire+0xae/0x150 [ 195.839562][ T7123] should_failslab+0xc2/0x120 [ 195.839592][ T7123] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 195.839653][ T7123] ? vma_merge_new_range+0x40a/0xbb0 [ 195.839713][ T7123] ? vm_area_alloc+0x134/0x230 [ 195.839764][ T7123] vm_area_alloc+0x134/0x230 [ 195.839808][ T7123] __mmap_region+0x108d/0x2760 [ 195.839840][ T7123] ? __pfx___mmap_region+0x10/0x10 [ 195.839877][ T7123] ? hlock_class+0x4e/0x130 [ 195.839907][ T7123] ? mark_lock+0xb5/0xc60 [ 195.839957][ T7123] ? schedule+0x298/0x350 [ 195.840034][ T7123] ? cap_capable+0xb3/0x250 [ 195.840072][ T7123] mmap_region+0x1ab/0x3f0 [ 195.840106][ T7123] do_mmap+0xd8d/0x11b0 [ 195.840151][ T7123] ? __pfx_do_mmap+0x10/0x10 [ 195.840191][ T7123] ? __pfx_down_write_killable+0x10/0x10 [ 195.840243][ T7123] vm_mmap_pgoff+0x203/0x3a0 [ 195.840293][ T7123] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 195.840341][ T7123] ? __x64_sys_futex+0x1e1/0x4c0 [ 195.840376][ T7123] ? __x64_sys_futex+0x1ea/0x4c0 [ 195.840417][ T7123] ksys_mmap_pgoff+0x7d/0x5c0 [ 195.840455][ T7123] ? rcu_is_watching+0x12/0xc0 [ 195.840489][ T7123] __x64_sys_mmap+0x125/0x190 [ 195.840536][ T7123] do_syscall_64+0xcd/0x250 [ 195.840576][ T7123] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 195.840616][ T7123] RIP: 0033:0x7f2db258d169 [ 195.840647][ T7123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 195.840675][ T7123] RSP: 002b:00007f2db3328038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 195.840702][ T7123] RAX: ffffffffffffffda RBX: 00007f2db27a5fa0 RCX: 00007f2db258d169 [ 195.840721][ T7123] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 195.840738][ T7123] RBP: 00007f2db260e2a0 R08: 0000000000000002 R09: 0000000000008000 [ 195.840755][ T7123] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 195.840772][ T7123] R13: 0000000000000000 R14: 00007f2db27a5fa0 R15: 00007fff0bf26058 [ 195.840807][ T7123] [ 196.802024][ T7120] chnl_net:caif_netlink_parms(): no params data found [ 197.287996][ T7120] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.317573][ T7120] bridge0: port 1(bridge_slave_0) entered disabled state [ 197.332913][ T7120] bridge_slave_0: entered allmulticast mode [ 197.372432][ T7120] bridge_slave_0: entered promiscuous mode [ 197.399367][ T7120] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.406683][ T7120] bridge0: port 2(bridge_slave_1) entered disabled state [ 197.438463][ T7120] bridge_slave_1: entered allmulticast mode [ 197.445891][ T7120] bridge_slave_1: entered promiscuous mode [ 197.590911][ T7120] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 197.641330][ T7120] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 197.738177][ T5844] Bluetooth: hci4: command tx timeout [ 198.152136][ T7120] team0: Port device team_slave_0 added [ 198.168801][ T7120] team0: Port device team_slave_1 added [ 198.935322][ T7120] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 198.957202][ T7120] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 199.045612][ T7120] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 199.098449][ T7120] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 199.119286][ T7120] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 199.154145][ T7120] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 199.574312][ T7120] hsr_slave_0: entered promiscuous mode [ 199.598978][ T7120] hsr_slave_1: entered promiscuous mode [ 199.660239][ T7120] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 199.667862][ T7120] Cannot create hsr debugfs directory [ 199.740901][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.747433][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.827970][ T5844] Bluetooth: hci4: command tx timeout [ 200.621795][ T7120] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 200.671133][ T7120] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 201.217481][ T7120] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 201.271160][ T7120] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 201.664262][ T7120] 8021q: adding VLAN 0 to HW filter on device bond0 [ 201.715423][ T7120] 8021q: adding VLAN 0 to HW filter on device team0 [ 201.752798][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 201.760019][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 201.839442][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 201.846589][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 201.899228][ T5844] Bluetooth: hci4: command tx timeout [ 203.143335][ T7120] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 203.980306][ T5844] Bluetooth: hci4: command tx timeout [ 204.055051][ T7120] veth0_vlan: entered promiscuous mode [ 204.187609][ T7120] veth1_vlan: entered promiscuous mode [ 204.369419][ T7120] veth0_macvtap: entered promiscuous mode [ 204.448844][ T7120] veth1_macvtap: entered promiscuous mode [ 204.544909][ T7120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 204.584788][ T7120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.616080][ T7120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 204.637445][ T7120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.667647][ T7120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 204.721400][ T7120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.734105][ T7120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 204.745549][ T7120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.757230][ T7120] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 204.794054][ T7120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 204.842677][ T7120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.867399][ T7120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 204.898364][ T7120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.936115][ T7120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 204.964106][ T7120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.988030][ T7120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 205.023973][ T7120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.049898][ T7120] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 205.109239][ T7120] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.166596][ T7120] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.182472][ T7120] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.192809][ T7120] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.545818][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 205.565949][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 205.610233][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 205.628856][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 206.371808][ T7215] netlink: 4 bytes leftover after parsing attributes in process `syz.2.302'. [ 206.400242][ T7215] netlink: 354 bytes leftover after parsing attributes in process `syz.2.302'. [ 212.063843][ T5850] Bluetooth: hci1: command 0x0406 tx timeout [ 212.068663][ T54] Bluetooth: hci2: command 0x0406 tx timeout [ 212.070090][ T5850] Bluetooth: hci3: command 0x0406 tx timeout [ 215.028464][ T5852] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 215.028508][ T5852] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 215.045219][ T5852] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 215.045285][ T5852] Bluetooth: hci2: adv larger than maximum supported [ 215.053132][ T5852] Bluetooth: hci2: Unknown advertising packet type: 0x20 [ 215.059984][ T5852] Bluetooth: hci2: Unknown advertising packet type: 0x20 [ 215.067093][ T5852] Bluetooth: hci2: Malformed LE Event: 0x0d [ 217.701372][ T7377] netlink: 'syz.0.329': attribute type 3 has an invalid length. [ 218.216224][ T7368] FAULT_INJECTION: forcing a failure. [ 218.216224][ T7368] name fail_futex, interval 1, probability 0, space 0, times 0 [ 218.299816][ T7368] CPU: 1 UID: 0 PID: 7368 Comm: syz.1.328 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 218.299857][ T7368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 218.299874][ T7368] Call Trace: [ 218.299883][ T7368] [ 218.299894][ T7368] dump_stack_lvl+0x16c/0x1f0 [ 218.299941][ T7368] should_fail_ex+0x50a/0x650 [ 218.299998][ T7368] get_futex_key+0x4a3/0x1000 [ 218.300039][ T7368] ? __pfx_get_futex_key+0x10/0x10 [ 218.300072][ T7368] ? hlock_class+0x4e/0x130 [ 218.300104][ T7368] ? __lock_acquire+0xcc5/0x3c40 [ 218.300170][ T7368] futex_wake+0xe8/0x4e0 [ 218.300216][ T7368] ? __pfx_futex_wake+0x10/0x10 [ 218.300269][ T7368] ? find_held_lock+0x2d/0x110 [ 218.300307][ T7368] do_futex+0x1e5/0x350 [ 218.300346][ T7368] ? __pfx_do_futex+0x10/0x10 [ 218.300385][ T7368] ? __count_memcg_events+0x439/0x5c0 [ 218.300438][ T7368] __x64_sys_futex+0x1e1/0x4c0 [ 218.300477][ T7368] ? handle_mm_fault+0x497/0xaa0 [ 218.300524][ T7368] ? __pfx___x64_sys_futex+0x10/0x10 [ 218.300566][ T7368] ? do_user_addr_fault+0x83d/0x13f0 [ 218.300618][ T7368] do_syscall_64+0xcd/0x250 [ 218.300664][ T7368] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 218.300708][ T7368] RIP: 0033:0x7f01aa98d169 [ 218.300732][ T7368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 218.300760][ T7368] RSP: 002b:00007ffd7ed1e918 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 218.300788][ T7368] RAX: ffffffffffffffda RBX: 00007f01aaba5fa8 RCX: 00007f01aa98d169 [ 218.300806][ T7368] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f01aaba5fa8 [ 218.300824][ T7368] RBP: 0000000000000000 R08: 0000000000000002 R09: 000000117ed1ec0f [ 218.300841][ T7368] R10: 00007f01aaba5fa0 R11: 0000000000000246 R12: 00007f01aaba5fac [ 218.300859][ T7368] R13: 00007f01aaba5fa0 R14: 0000000000001b2c R15: 0000000000000003 [ 218.300894][ T7368] [ 220.524215][ T7399] FAULT_INJECTION: forcing a failure. [ 220.524215][ T7399] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 220.538250][ T7399] CPU: 1 UID: 0 PID: 7399 Comm: syz.1.335 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 220.538290][ T7399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 220.538309][ T7399] Call Trace: [ 220.538318][ T7399] [ 220.538330][ T7399] dump_stack_lvl+0x16c/0x1f0 [ 220.538380][ T7399] should_fail_ex+0x50a/0x650 [ 220.538432][ T7399] ? __pfx___might_resched+0x10/0x10 [ 220.538489][ T7399] should_fail_alloc_page+0xe7/0x130 [ 220.538523][ T7399] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 220.538576][ T7399] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 220.538635][ T7399] ? page_ext_put+0x3e/0xd0 [ 220.538683][ T7399] ? __pfx_lock_release+0x10/0x10 [ 220.538729][ T7399] ? page_ext_get+0x34/0x310 [ 220.538793][ T7399] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 220.538851][ T7399] ? mark_lock+0xb5/0xc60 [ 220.538894][ T7399] ? page_ext_put+0x48/0xd0 [ 220.538941][ T7399] ? page_table_check_set.part.0+0x3b8/0x550 [ 220.539000][ T7399] ? mark_lock+0xb5/0xc60 [ 220.539042][ T7399] ? mark_lock+0xb5/0xc60 [ 220.539088][ T7399] ? __pfx_mark_lock+0x10/0x10 [ 220.539132][ T7399] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 220.539191][ T7399] ? policy_nodemask+0xea/0x4e0 [ 220.539225][ T7399] alloc_pages_mpol+0x1fc/0x540 [ 220.539258][ T7399] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 220.539293][ T7399] ? find_held_lock+0x2d/0x110 [ 220.539332][ T7399] folio_alloc_mpol_noprof+0x36/0x2f0 [ 220.539384][ T7399] vma_alloc_folio_noprof+0xee/0x1b0 [ 220.539421][ T7399] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 220.539459][ T7399] ? __pfx___lock_acquire+0x10/0x10 [ 220.539510][ T7399] do_wp_page+0x1f68/0x4670 [ 220.539561][ T7399] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 220.539608][ T7399] ? __pfx_do_wp_page+0x10/0x10 [ 220.539646][ T7399] ? rcu_is_watching+0x12/0xc0 [ 220.539683][ T7399] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 220.539713][ T7399] ? lock_acquire+0x2f/0xb0 [ 220.539760][ T7399] ? __handle_mm_fault+0xf22/0x2c60 [ 220.539815][ T7399] __handle_mm_fault+0x1c7c/0x2c60 [ 220.539866][ T7399] ? lock_vma_under_rcu+0x6b9/0x980 [ 220.539912][ T7399] ? __pfx___handle_mm_fault+0x10/0x10 [ 220.539995][ T7399] handle_mm_fault+0x3fa/0xaa0 [ 220.540050][ T7399] do_user_addr_fault+0x60d/0x13f0 [ 220.540104][ T7399] exc_page_fault+0x5c/0xc0 [ 220.540145][ T7399] asm_exc_page_fault+0x26/0x30 [ 220.540188][ T7399] RIP: 0033:0x7f01aa946cb5 [ 220.540230][ T7399] Code: 0f 1f 44 00 00 8b 57 18 64 8b 04 25 d0 02 00 00 39 c2 0f 84 0d 01 00 00 41 54 55 53 83 7f 30 02 48 89 fb 74 28 b8 08 00 00 00 0f c1 03 83 c0 08 85 c0 0f 88 fc 00 00 00 a8 01 75 78 31 d2 5b [ 220.540260][ T7399] RSP: 002b:00007f01ab7f8de0 EFLAGS: 00010293 [ 220.540285][ T7399] RAX: 0000000000000008 RBX: 00007f01ab6d7d60 RCX: 0000000000000000 [ 220.540305][ T7399] RDX: 0000000000000000 RSI: 00007f01aaa4b200 RDI: 00007f01ab6d7d60 [ 220.540324][ T7399] RBP: 00007f01ab7f8f00 R08: 0000000000000000 R09: 0000000000000005 [ 220.540342][ T7399] R10: 0000000000000000 R11: 0000000000000293 R12: 00007f01aaa4ae80 [ 220.540361][ T7399] R13: 0000000000000009 R14: 00007f01aab7c440 R15: 0000000000000000 [ 220.540400][ T7399] [ 220.540655][ T7399] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 220.649891][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.110753][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.320706][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.559489][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.758249][ T12] bridge_slave_1: left allmulticast mode [ 222.764488][ T12] bridge_slave_1: left promiscuous mode [ 222.801257][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 222.894507][ T12] bridge_slave_0: left allmulticast mode [ 222.900764][ T12] bridge_slave_0: left promiscuous mode [ 222.906637][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.235103][ T7420] ima: policy update failed [ 223.242258][ T29] audit: type=1802 audit(6036179197.531:4): pid=7420 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.340" res=0 errno=0 [ 225.033279][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 225.099560][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 225.132693][ T12] bond0 (unregistering): Released all slaves [ 225.199958][ T7462] netlink: 4 bytes leftover after parsing attributes in process `syz.0.348'. [ 225.672280][ T7483] netlink: 330 bytes leftover after parsing attributes in process `syz.0.352'. [ 226.914819][ T7495] FAULT_INJECTION: forcing a failure. [ 226.914819][ T7495] name failslab, interval 1, probability 0, space 0, times 0 [ 226.989208][ T7495] CPU: 1 UID: 0 PID: 7495 Comm: syz.0.354 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 226.989258][ T7495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 226.989277][ T7495] Call Trace: [ 226.989286][ T7495] [ 226.989299][ T7495] dump_stack_lvl+0x16c/0x1f0 [ 226.989350][ T7495] should_fail_ex+0x50a/0x650 [ 226.989400][ T7495] ? fs_reclaim_acquire+0xae/0x150 [ 226.989444][ T7495] should_failslab+0xc2/0x120 [ 226.989474][ T7495] __kmalloc_node_track_caller_noprof+0xcf/0x510 [ 226.989530][ T7495] ? __pfx__proc_mkdir+0x10/0x10 [ 226.989558][ T7495] ? nf_lwtunnel_net_init+0x38/0xf0 [ 226.989603][ T7495] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 226.989647][ T7495] kmemdup_noprof+0x29/0x60 [ 226.989686][ T7495] nf_lwtunnel_net_init+0x38/0xf0 [ 226.989729][ T7495] ops_init+0x1df/0x5f0 [ 226.989782][ T7495] setup_net+0x21f/0x860 [ 226.989835][ T7495] ? __pfx_setup_net+0x10/0x10 [ 226.989884][ T7495] ? down_read_killable+0xcc/0x380 [ 226.989931][ T7495] ? __pfx_down_read_killable+0x10/0x10 [ 226.989977][ T7495] ? __raw_spin_lock_init+0x3a/0x110 [ 226.990010][ T7495] ? debug_mutex_init+0x37/0x70 [ 226.990048][ T7495] copy_net_ns+0x2a6/0x5f0 [ 226.990084][ T7495] create_new_namespaces+0x3ea/0xad0 [ 226.990145][ T7495] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 226.990200][ T7495] ksys_unshare+0x45d/0xa40 [ 226.990241][ T7495] ? __pfx_ksys_unshare+0x10/0x10 [ 226.990273][ T7495] ? xfd_validate_state+0x5d/0x180 [ 226.990330][ T7495] __x64_sys_unshare+0x31/0x40 [ 226.990363][ T7495] do_syscall_64+0xcd/0x250 [ 226.990409][ T7495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.990454][ T7495] RIP: 0033:0x7f2db258d169 [ 226.990477][ T7495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.990505][ T7495] RSP: 002b:00007f2db3328038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 226.990533][ T7495] RAX: ffffffffffffffda RBX: 00007f2db27a5fa0 RCX: 00007f2db258d169 [ 226.990553][ T7495] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 226.990572][ T7495] RBP: 00007f2db260e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 226.990590][ T7495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 226.990607][ T7495] R13: 0000000000000000 R14: 00007f2db27a5fa0 R15: 00007fff0bf26058 [ 226.990645][ T7495] [ 227.304903][ T12] hsr_slave_0: left promiscuous mode [ 227.319105][ T12] hsr_slave_1: left promiscuous mode [ 227.365124][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 227.411035][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 227.529555][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 227.537030][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 227.707785][ T12] veth1_macvtap: left promiscuous mode [ 227.716761][ T12] veth0_macvtap: left promiscuous mode [ 227.744307][ T12] veth1_vlan: left promiscuous mode [ 227.750895][ T12] veth0_vlan: left promiscuous mode [ 230.625174][ T12] team0 (unregistering): Port device team_slave_1 removed [ 230.679323][ T12] team0 (unregistering): Port device team_slave_0 removed [ 230.721402][ T7555] netlink: zone id is out of range [ 230.726597][ T7555] netlink: zone id is out of range [ 230.732371][ T7555] netlink: zone id is out of range [ 230.737537][ T7555] netlink: zone id is out of range [ 230.743187][ T7555] netlink: zone id is out of range [ 230.749417][ T7555] netlink: zone id is out of range [ 230.764089][ T7555] netlink: zone id is out of range [ 230.787248][ T7556] netlink: 172 bytes leftover after parsing attributes in process `syz.1.366'. [ 230.798436][ T7555] netlink: zone id is out of range [ 230.804348][ T7555] netlink: zone id is out of range [ 230.810372][ T7555] netlink: zone id is out of range [ 231.448561][ T7552] netlink: 'syz.4.365': attribute type 33 has an invalid length. [ 231.457011][ T7552] netlink: 322 bytes leftover after parsing attributes in process `syz.4.365'. [ 232.821577][ T7581] bond0: option all_slaves_active: invalid value () [ 237.398618][ T7636] kexec: Could not allocate control_code_buffer [ 238.885482][ T7713] netlink: 8 bytes leftover after parsing attributes in process `syz.0.389'. [ 239.801791][ T7723] usbcore.quirks: string doesn't fit in 127 chars. [ 243.006141][ T7786] FAULT_INJECTION: forcing a failure. [ 243.006141][ T7786] name failslab, interval 1, probability 0, space 0, times 0 [ 243.019388][ T7786] CPU: 0 UID: 0 PID: 7786 Comm: syz.1.402 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 243.019424][ T7786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 243.019446][ T7786] Call Trace: [ 243.019455][ T7786] [ 243.019470][ T7786] dump_stack_lvl+0x116/0x1f0 [ 243.019516][ T7786] should_fail_ex+0x50a/0x650 [ 243.019564][ T7786] ? __pfx___lock_acquire+0x10/0x10 [ 243.019613][ T7786] should_failslab+0xc2/0x120 [ 243.019642][ T7786] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 243.019691][ T7786] ? mon_text_event+0x1a7/0x1230 [ 243.019744][ T7786] mon_text_event+0x1a7/0x1230 [ 243.019791][ T7786] ? do_raw_spin_lock+0x12d/0x2c0 [ 243.019834][ T7786] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 243.019865][ T7786] ? __pfx_mon_text_event+0x10/0x10 [ 243.019941][ T7786] ? mon_bus_submit+0x25/0x140 [ 243.019999][ T7786] mon_bus_submit+0xcc/0x140 [ 243.020039][ T7786] ? chrdev_open+0x237/0x6a0 [ 243.020091][ T7786] mon_submit+0x4b/0x70 [ 243.020132][ T7786] usb_hcd_submit_urb+0x12d/0x1c60 [ 243.020192][ T7786] usb_submit_urb+0x87c/0x1730 [ 243.020230][ T7786] ? __init_swait_queue_head+0xca/0x150 [ 243.020271][ T7786] usb_start_wait_urb+0x103/0x4c0 [ 243.020307][ T7786] ? __pfx_usb_start_wait_urb+0x10/0x10 [ 243.020355][ T7786] ? __asan_memset+0x23/0x50 [ 243.020405][ T7786] usb_control_msg+0x327/0x4b0 [ 243.020439][ T7786] ? __pfx_usb_control_msg+0x10/0x10 [ 243.020469][ T7786] ? __pfx___lock_acquire+0x10/0x10 [ 243.020526][ T7786] hub_ext_port_status+0x14e/0x670 [ 243.020593][ T7786] hub_activate+0x6e6/0x1be0 [ 243.020639][ T7786] ? __pfx_hub_activate+0x10/0x10 [ 243.020672][ T7786] ? __pfx_lock_release+0x10/0x10 [ 243.020715][ T7786] ? usbfs_notify_resume+0x25/0xf0 [ 243.020756][ T7786] hub_resume+0xaa/0x3f0 [ 243.020789][ T7786] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 243.020835][ T7786] ? __pfx_hub_resume+0x10/0x10 [ 243.020870][ T7786] ? __pfx_hcd_bus_resume+0x10/0x10 [ 243.020927][ T7786] usb_resume_interface.constprop.0.isra.0+0x2c2/0x3e0 [ 243.020987][ T7786] usb_resume_both+0x274/0x800 [ 243.021035][ T7786] ? __pfx_usb_resume_both+0x10/0x10 [ 243.021087][ T7786] ? __pfx_usb_runtime_resume+0x10/0x10 [ 243.021136][ T7786] __rpm_callback+0xc5/0x4c0 [ 243.021174][ T7786] ? __pfx_usb_runtime_resume+0x10/0x10 [ 243.021225][ T7786] rpm_callback+0x192/0x1d0 [ 243.021260][ T7786] ? __pfx_usb_runtime_resume+0x10/0x10 [ 243.021309][ T7786] rpm_resume+0xd25/0x1330 [ 243.021342][ T7786] ? lock_acquire.part.0+0xf1/0x380 [ 243.021398][ T7786] ? __pfx_rpm_resume+0x10/0x10 [ 243.021444][ T7786] ? do_raw_spin_lock+0x12d/0x2c0 [ 243.021473][ T7786] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 243.021506][ T7786] ? lock_acquire+0x2f/0xb0 [ 243.021545][ T7786] ? __pm_runtime_resume+0xa9/0x170 [ 243.021590][ T7786] __pm_runtime_resume+0xb6/0x170 [ 243.021629][ T7786] usb_autoresume_device+0x23/0xe0 [ 243.021677][ T7786] usbdev_open+0x22a/0x8c0 [ 243.021726][ T7786] ? kobject_get_unless_zero+0x157/0x1e0 [ 243.021772][ T7786] ? __pfx_usbdev_open+0x10/0x10 [ 243.021818][ T7786] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 243.021848][ T7786] ? lock_acquire+0x2f/0xb0 [ 243.021888][ T7786] ? chrdev_open+0x80/0x6a0 [ 243.021939][ T7786] ? __pfx_usbdev_open+0x10/0x10 [ 243.021992][ T7786] chrdev_open+0x237/0x6a0 [ 243.022039][ T7786] ? __pfx_apparmor_file_open+0x10/0x10 [ 243.022078][ T7786] ? __pfx_chrdev_open+0x10/0x10 [ 243.022130][ T7786] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 243.022179][ T7786] do_dentry_open+0x735/0x1c40 [ 243.022224][ T7786] ? __pfx_chrdev_open+0x10/0x10 [ 243.022274][ T7786] ? inode_permission+0xdd/0x5f0 [ 243.022311][ T7786] vfs_open+0x82/0x3f0 [ 243.022340][ T7786] ? may_open+0x1f2/0x400 [ 243.022378][ T7786] path_openat+0x1e88/0x2d80 [ 243.022438][ T7786] ? __pfx_path_openat+0x10/0x10 [ 243.022481][ T7786] ? __pfx___lock_acquire+0x10/0x10 [ 243.022521][ T7786] ? lock_acquire.part.0+0x11b/0x380 [ 243.022565][ T7786] ? find_held_lock+0x2d/0x110 [ 243.022603][ T7786] do_filp_open+0x20c/0x470 [ 243.022649][ T7786] ? __pfx_do_filp_open+0x10/0x10 [ 243.022691][ T7786] ? find_held_lock+0x2d/0x110 [ 243.022752][ T7786] ? alloc_fd+0x41f/0x760 [ 243.022807][ T7786] do_sys_openat2+0x17a/0x1e0 [ 243.022839][ T7786] ? __pfx_do_sys_openat2+0x10/0x10 [ 243.022877][ T7786] ? __fget_files+0x206/0x3a0 [ 243.022929][ T7786] __x64_sys_openat+0x175/0x210 [ 243.022962][ T7786] ? __pfx___x64_sys_openat+0x10/0x10 [ 243.023001][ T7786] ? ksys_write+0x1ba/0x250 [ 243.023057][ T7786] do_syscall_64+0xcd/0x250 [ 243.023101][ T7786] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.023143][ T7786] RIP: 0033:0x7f01aa98d169 [ 243.023167][ T7786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 243.023195][ T7786] RSP: 002b:00007f01ab7d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 243.023223][ T7786] RAX: ffffffffffffffda RBX: 00007f01aaba6080 RCX: 00007f01aa98d169 [ 243.023242][ T7786] RDX: 000000000000a101 RSI: 0000400000000000 RDI: ffffffffffffff9c [ 243.023260][ T7786] RBP: 00007f01ab7d9090 R08: 0000000000000000 R09: 0000000000000000 [ 243.023277][ T7786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 243.023293][ T7786] R13: 0000000000000000 R14: 00007f01aaba6080 R15: 00007ffd7ed1e7b8 [ 243.023331][ T7786] [ 245.877667][ T7832] warning: `syz.2.406' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 246.410036][ T7848] netlink: 'syz.0.410': attribute type 11 has an invalid length. [ 246.670292][ T7854] netlink: 338 bytes leftover after parsing attributes in process `syz.2.411'. [ 246.705932][ T7858] netlink: 342 bytes leftover after parsing attributes in process `syz.2.411'. [ 246.761487][ T7856] netlink: 338 bytes leftover after parsing attributes in process `syz.2.411'. [ 247.888007][ T7873] usbcore.quirks: string doesn't fit in 127 chars. [ 250.925010][ T7928] usbcore.quirks: string doesn't fit in 127 chars. [ 251.255964][ T7936] random: crng reseeded on system resumption [ 251.341030][ T7891] kexec: Could not allocate control_code_buffer [ 261.180997][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.187415][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 263.169540][ T8131] FAULT_INJECTION: forcing a failure. [ 263.169540][ T8131] name failslab, interval 1, probability 0, space 0, times 0 [ 263.214553][ T8131] CPU: 0 UID: 0 PID: 8131 Comm: syz.4.458 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 263.214593][ T8131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 263.214610][ T8131] Call Trace: [ 263.214619][ T8131] [ 263.214630][ T8131] dump_stack_lvl+0x16c/0x1f0 [ 263.214676][ T8131] should_fail_ex+0x50a/0x650 [ 263.214725][ T8131] ? fs_reclaim_acquire+0xae/0x150 [ 263.214771][ T8131] should_failslab+0xc2/0x120 [ 263.214802][ T8131] __kmalloc_node_track_caller_noprof+0xcf/0x510 [ 263.214874][ T8131] ? xfrm_sysctl_init+0x10a/0x2d0 [ 263.214911][ T8131] kmemdup_noprof+0x29/0x60 [ 263.214948][ T8131] xfrm_sysctl_init+0x10a/0x2d0 [ 263.214984][ T8131] xfrm_net_init+0x83f/0xcb0 [ 263.215041][ T8131] ? __pfx_xfrm_net_init+0x10/0x10 [ 263.215102][ T8131] ops_init+0x1df/0x5f0 [ 263.215152][ T8131] setup_net+0x21f/0x860 [ 263.215201][ T8131] ? __pfx_setup_net+0x10/0x10 [ 263.215245][ T8131] ? down_read_killable+0xcc/0x380 [ 263.215300][ T8131] ? __pfx_down_read_killable+0x10/0x10 [ 263.215367][ T8131] ? __raw_spin_lock_init+0x3a/0x110 [ 263.215402][ T8131] ? debug_mutex_init+0x37/0x70 [ 263.215448][ T8131] copy_net_ns+0x2a6/0x5f0 [ 263.215485][ T8131] create_new_namespaces+0x3ea/0xad0 [ 263.215550][ T8131] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 263.215607][ T8131] ksys_unshare+0x45d/0xa40 [ 263.215640][ T8131] ? __pfx_ksys_unshare+0x10/0x10 [ 263.215671][ T8131] ? xfd_validate_state+0x5d/0x180 [ 263.215728][ T8131] __x64_sys_unshare+0x31/0x40 [ 263.215761][ T8131] do_syscall_64+0xcd/0x250 [ 263.215807][ T8131] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.215853][ T8131] RIP: 0033:0x7fe28c98d169 [ 263.215879][ T8131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 263.215909][ T8131] RSP: 002b:00007fe28d8d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 263.215938][ T8131] RAX: ffffffffffffffda RBX: 00007fe28cba5fa0 RCX: 00007fe28c98d169 [ 263.215959][ T8131] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 263.215979][ T8131] RBP: 00007fe28ca0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 263.215998][ T8131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 263.216016][ T8131] R13: 0000000000000000 R14: 00007fe28cba5fa0 R15: 00007ffd292a4dc8 [ 263.216057][ T8131] [ 263.615688][ T8143] Invalid ELF header magic: != ELF [ 272.897707][ T8260] netlink: 342 bytes leftover after parsing attributes in process `syz.0.482'. [ 273.910365][ T8280] FAULT_INJECTION: forcing a failure. [ 273.910365][ T8280] name failslab, interval 1, probability 0, space 0, times 0 [ 273.945351][ T8280] CPU: 0 UID: 0 PID: 8280 Comm: syz.1.486 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 273.945392][ T8280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 273.945409][ T8280] Call Trace: [ 273.945418][ T8280] [ 273.945430][ T8280] dump_stack_lvl+0x16c/0x1f0 [ 273.945478][ T8280] should_fail_ex+0x50a/0x650 [ 273.945528][ T8280] ? fs_reclaim_acquire+0xae/0x150 [ 273.945572][ T8280] ? create_rule.isra.0+0x6e/0x390 [ 273.945621][ T8280] should_failslab+0xc2/0x120 [ 273.945651][ T8280] __kmalloc_noprof+0xcb/0x510 [ 273.945709][ T8280] create_rule.isra.0+0x6e/0x390 [ 273.945766][ T8280] insert_rule+0x657/0x8a0 [ 273.945819][ T8280] ? __pfx_insert_rule+0x10/0x10 [ 273.945875][ T8280] ? find_held_lock+0x2d/0x110 [ 273.945910][ T8280] ? __pfx___mutex_lock+0x10/0x10 [ 273.945961][ T8280] landlock_insert_rule+0x97/0xd0 [ 273.945992][ T8280] ? __pfx_landlock_insert_rule+0x10/0x10 [ 273.946022][ T8280] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 273.946053][ T8280] ? lock_acquire+0x2f/0xb0 [ 273.946108][ T8280] ? landlock_append_fs_rule+0x61d/0x970 [ 273.946156][ T8280] landlock_append_fs_rule+0x447/0x970 [ 273.946200][ T8280] ? do_raw_spin_lock+0x12d/0x2c0 [ 273.946233][ T8280] ? __pfx_landlock_append_fs_rule+0x10/0x10 [ 273.946278][ T8280] ? lock_acquire+0x2f/0xb0 [ 273.946319][ T8280] ? lockref_get+0x15/0x50 [ 273.946361][ T8280] add_rule_path_beneath+0x3da/0x520 [ 273.946411][ T8280] ? __pfx_add_rule_path_beneath+0x10/0x10 [ 273.946466][ T8280] ? fput+0x67/0x440 [ 273.946504][ T8280] __x64_sys_landlock_add_rule+0x1a9/0x240 [ 273.946559][ T8280] do_syscall_64+0xcd/0x250 [ 273.946605][ T8280] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.946650][ T8280] RIP: 0033:0x7f01aa98d169 [ 273.946674][ T8280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.946703][ T8280] RSP: 002b:00007f01ab7fa038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bd [ 273.946732][ T8280] RAX: ffffffffffffffda RBX: 00007f01aaba5fa0 RCX: 00007f01aa98d169 [ 273.946751][ T8280] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000003 [ 273.946767][ T8280] RBP: 00007f01ab7fa090 R08: 0000000000000000 R09: 0000000000000000 [ 273.946783][ T8280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 273.946800][ T8280] R13: 0000000000000000 R14: 00007f01aaba5fa0 R15: 00007ffd7ed1e7b8 [ 273.946843][ T8280] [ 274.256933][ T8285] program syz.4.487 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 279.121271][ T8335] Invalid ELF header magic: != ELF [ 284.570973][ T8428] netlink: 'syz.4.523': attribute type 3 has an invalid length. [ 288.819748][ T8499] FAULT_INJECTION: forcing a failure. [ 288.819748][ T8499] name failslab, interval 1, probability 0, space 0, times 0 [ 288.858408][ T8499] CPU: 1 UID: 0 PID: 8499 Comm: syz.1.539 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 288.858478][ T8499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 288.858497][ T8499] Call Trace: [ 288.858507][ T8499] [ 288.858519][ T8499] dump_stack_lvl+0x16c/0x1f0 [ 288.858568][ T8499] should_fail_ex+0x50a/0x650 [ 288.858621][ T8499] ? fs_reclaim_acquire+0xae/0x150 [ 288.858668][ T8499] should_failslab+0xc2/0x120 [ 288.858706][ T8499] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 288.858758][ T8499] ? vma_merge_new_range+0x40a/0xbb0 [ 288.858807][ T8499] ? vm_area_alloc+0x134/0x230 [ 288.858863][ T8499] vm_area_alloc+0x134/0x230 [ 288.858912][ T8499] __mmap_region+0x108d/0x2760 [ 288.858946][ T8499] ? __pfx___mmap_region+0x10/0x10 [ 288.858988][ T8499] ? hlock_class+0x4e/0x130 [ 288.859021][ T8499] ? mark_lock+0xb5/0xc60 [ 288.859078][ T8499] ? schedule+0x298/0x350 [ 288.859163][ T8499] ? cap_capable+0xb3/0x250 [ 288.859204][ T8499] mmap_region+0x1ab/0x3f0 [ 288.859241][ T8499] do_mmap+0xd8d/0x11b0 [ 288.859292][ T8499] ? __pfx_do_mmap+0x10/0x10 [ 288.859336][ T8499] ? __pfx_down_write_killable+0x10/0x10 [ 288.859398][ T8499] vm_mmap_pgoff+0x203/0x3a0 [ 288.859452][ T8499] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 288.859506][ T8499] ? __x64_sys_futex+0x1e1/0x4c0 [ 288.859545][ T8499] ? __x64_sys_futex+0x1ea/0x4c0 [ 288.859591][ T8499] ksys_mmap_pgoff+0x7d/0x5c0 [ 288.859632][ T8499] ? rcu_is_watching+0x12/0xc0 [ 288.859671][ T8499] __x64_sys_mmap+0x125/0x190 [ 288.859729][ T8499] do_syscall_64+0xcd/0x250 [ 288.859777][ T8499] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.859822][ T8499] RIP: 0033:0x7f01aa98d169 [ 288.859847][ T8499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 288.859876][ T8499] RSP: 002b:00007f01ab7fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 288.859905][ T8499] RAX: ffffffffffffffda RBX: 00007f01aaba5fa0 RCX: 00007f01aa98d169 [ 288.859925][ T8499] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 288.859943][ T8499] RBP: 00007f01aaa0e2a0 R08: 0000000000000002 R09: 0000000000008000 [ 288.859961][ T8499] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 288.859979][ T8499] R13: 0000000000000000 R14: 00007f01aaba5fa0 R15: 00007ffd7ed1e7b8 [ 288.860017][ T8499] [ 289.123708][ T8495] netlink: 93 bytes leftover after parsing attributes in process `syz.2.538'. [ 289.491372][ T8512] netlink: 93 bytes leftover after parsing attributes in process `syz.4.540'. [ 293.242987][ T8573] netlink: 93 bytes leftover after parsing attributes in process `syz.1.557'. [ 294.422680][ T8597] netlink: 'syz.1.562': attribute type 3 has an invalid length. [ 294.846786][ T8605] netlink: 'syz.4.565': attribute type 3 has an invalid length. [ 297.282045][ T8635] nbd: nbd7 already in use [ 297.760973][ T8642] netlink: 'syz.4.574': attribute type 2 has an invalid length. [ 297.779153][ T8642] ================================================================== [ 297.787369][ T8642] BUG: KASAN: slab-use-after-free in force_devcd_write+0x317/0x330 [ 297.795301][ T8642] Read of size 8 at addr ffff888035c47000 by task syz.4.574/8642 [ 297.803061][ T8642] [ 297.805398][ T8642] CPU: 0 UID: 0 PID: 8642 Comm: syz.4.574 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 297.805430][ T8642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 297.805447][ T8642] Call Trace: [ 297.805456][ T8642] [ 297.805466][ T8642] dump_stack_lvl+0x116/0x1f0 [ 297.805507][ T8642] print_report+0xc3/0x670 [ 297.805531][ T8642] ? __virt_addr_valid+0x5e/0x590 [ 297.805557][ T8642] ? __phys_addr+0xc6/0x150 [ 297.805584][ T8642] kasan_report+0xd9/0x110 [ 297.805607][ T8642] ? force_devcd_write+0x317/0x330 [ 297.805643][ T8642] ? force_devcd_write+0x317/0x330 [ 297.805681][ T8642] force_devcd_write+0x317/0x330 [ 297.805717][ T8642] ? __pfx_force_devcd_write+0x10/0x10 [ 297.805753][ T8642] ? __debugfs_file_get+0x1ff/0x850 [ 297.805789][ T8642] ? __pfx___debugfs_file_get+0x10/0x10 [ 297.805824][ T8642] ? rcu_is_watching+0x12/0xc0 [ 297.805851][ T8642] ? trace_lock_acquire+0x14e/0x1f0 [ 297.805884][ T8642] full_proxy_write+0x13c/0x200 [ 297.805919][ T8642] ? __pfx_full_proxy_write+0x10/0x10 [ 297.805953][ T8642] vfs_write+0x24c/0x1150 [ 297.805989][ T8642] ? __fget_files+0x1fc/0x3a0 [ 297.806035][ T8642] ? __pfx___mutex_lock+0x10/0x10 [ 297.806070][ T8642] ? __pfx_vfs_write+0x10/0x10 [ 297.806109][ T8642] ? __fget_files+0x206/0x3a0 [ 297.806153][ T8642] ksys_write+0x12b/0x250 [ 297.806189][ T8642] ? __pfx_ksys_write+0x10/0x10 [ 297.806230][ T8642] do_syscall_64+0xcd/0x250 [ 297.806268][ T8642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.806305][ T8642] RIP: 0033:0x7fe28c98d169 [ 297.806325][ T8642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 297.806350][ T8642] RSP: 002b:00007fe28d8d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 297.806374][ T8642] RAX: ffffffffffffffda RBX: 00007fe28cba5fa0 RCX: 00007fe28c98d169 [ 297.806391][ T8642] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000004 [ 297.806406][ T8642] RBP: 00007fe28ca0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 297.806421][ T8642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 297.806437][ T8642] R13: 0000000000000000 R14: 00007fe28cba5fa0 R15: 00007ffd292a4dc8 [ 297.806460][ T8642] [ 297.806470][ T8642] [ 298.028792][ T8642] Allocated by task 8563: [ 298.033221][ T8642] kasan_save_stack+0x33/0x60 [ 298.037937][ T8642] kasan_save_track+0x14/0x30 [ 298.042655][ T8642] __kasan_kmalloc+0xaa/0xb0 [ 298.047277][ T8642] sctp_transport_new+0x94/0x790 [ 298.052245][ T8642] sctp_assoc_add_peer+0x2e5/0x1530 [ 298.057472][ T8642] sctp_process_init+0x2744/0x2d60 [ 298.062607][ T8642] sctp_do_sm+0x15df/0x5c90 [ 298.067134][ T8642] sctp_assoc_bh_rcv+0x392/0x6f0 [ 298.072101][ T8642] sctp_inq_push+0x1d8/0x270 [ 298.076907][ T8642] sctp_backlog_rcv+0x169/0x590 [ 298.081798][ T8642] __release_sock+0x35f/0x400 [ 298.086514][ T8642] release_sock+0x5a/0x220 [ 298.090975][ T8642] sctp_wait_for_connect+0x1c6/0x5c0 [ 298.096378][ T8642] __sctp_connect+0x9c9/0xc60 [ 298.101091][ T8642] sctp_inet_connect+0x15f/0x200 [ 298.106065][ T8642] __sys_connect_file+0x13e/0x1a0 [ 298.111118][ T8642] __sys_connect+0x14f/0x170 [ 298.115733][ T8642] __x64_sys_connect+0x72/0xb0 [ 298.120519][ T8642] do_syscall_64+0xcd/0x250 [ 298.125048][ T8642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.130973][ T8642] [ 298.133311][ T8642] Freed by task 16: [ 298.137122][ T8642] kasan_save_stack+0x33/0x60 [ 298.141827][ T8642] kasan_save_track+0x14/0x30 [ 298.146534][ T8642] kasan_save_free_info+0x3b/0x60 [ 298.151579][ T8642] __kasan_slab_free+0x51/0x70 [ 298.156374][ T8642] kfree+0x2c4/0x4d0 [ 298.160385][ T8642] rcu_core+0x79d/0x14d0 [ 298.164649][ T8642] handle_softirqs+0x213/0x8f0 [ 298.169439][ T8642] run_ksoftirqd+0x3a/0x60 [ 298.173879][ T8642] smpboot_thread_fn+0x661/0xa30 [ 298.178827][ T8642] kthread+0x3af/0x750 [ 298.182918][ T8642] ret_from_fork+0x45/0x80 [ 298.187364][ T8642] ret_from_fork_asm+0x1a/0x30 [ 298.192169][ T8642] [ 298.194499][ T8642] Last potentially related work creation: [ 298.200237][ T8642] kasan_save_stack+0x33/0x60 [ 298.205033][ T8642] kasan_record_aux_stack+0xb8/0xd0 [ 298.210253][ T8642] __call_rcu_common.constprop.0+0x9a/0x870 [ 298.216267][ T8642] sctp_transport_put+0x10f/0x170 [ 298.221327][ T8642] sctp_association_free+0x4d3/0x7e0 [ 298.226636][ T8642] sctp_do_sm+0x22e4/0x5c90 [ 298.231163][ T8642] sctp_assoc_bh_rcv+0x392/0x6f0 [ 298.236135][ T8642] sctp_inq_push+0x1d8/0x270 [ 298.240759][ T8642] sctp_backlog_rcv+0x169/0x590 [ 298.245628][ T8642] __release_sock+0x35f/0x400 [ 298.250349][ T8642] release_sock+0x5a/0x220 [ 298.254811][ T8642] sctp_close+0x44c/0x930 [ 298.259207][ T8642] inet_release+0x13c/0x280 [ 298.264267][ T8642] inet6_release+0x4f/0x70 [ 298.268702][ T8642] __sock_release+0xb0/0x270 [ 298.273410][ T8642] sock_close+0x1c/0x30 [ 298.277687][ T8642] __fput+0x3ff/0xb70 [ 298.281777][ T8642] task_work_run+0x14e/0x250 [ 298.286411][ T8642] get_signal+0x1d3/0x26c0 [ 298.290863][ T8642] arch_do_signal_or_restart+0x90/0x7e0 [ 298.296430][ T8642] syscall_exit_to_user_mode+0x150/0x2a0 [ 298.302103][ T8642] do_syscall_64+0xda/0x250 [ 298.306651][ T8642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.312578][ T8642] [ 298.314910][ T8642] The buggy address belongs to the object at ffff888035c47000 [ 298.314910][ T8642] which belongs to the cache kmalloc-1k of size 1024 [ 298.328983][ T8642] The buggy address is located 0 bytes inside of [ 298.328983][ T8642] freed 1024-byte region [ffff888035c47000, ffff888035c47400) [ 298.342720][ T8642] [ 298.345079][ T8642] The buggy address belongs to the physical page: [ 298.351519][ T8642] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x35c40 [ 298.360310][ T8642] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 298.368835][ T8642] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 298.376411][ T8642] page_type: f5(slab) [ 298.380414][ T8642] raw: 00fff00000000040 ffff88801b041dc0 dead000000000100 dead000000000122 [ 298.389024][ T8642] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 298.397630][ T8642] head: 00fff00000000040 ffff88801b041dc0 dead000000000100 dead000000000122 [ 298.406394][ T8642] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 298.415091][ T8642] head: 00fff00000000003 ffffea0000d71001 ffffffffffffffff 0000000000000000 [ 298.423781][ T8642] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 298.432469][ T8642] page dumped because: kasan: bad access detected [ 298.438916][ T8642] page_owner tracks the page as allocated [ 298.444636][ T8642] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 33976884875, free_ts 0 [ 298.464400][ T8642] post_alloc_hook+0x181/0x1b0 [ 298.469204][ T8642] get_page_from_freelist+0xfce/0x2f80 [ 298.474710][ T8642] __alloc_frozen_pages_noprof+0x221/0x2470 [ 298.480645][ T8642] alloc_pages_mpol+0x1fc/0x540 [ 298.485529][ T8642] new_slab+0x23d/0x330 [ 298.489721][ T8642] ___slab_alloc+0xc5d/0x1720 [ 298.494431][ T8642] __slab_alloc.constprop.0+0x56/0xb0 [ 298.500705][ T8642] __kmalloc_noprof+0x2ec/0x510 [ 298.505592][ T8642] load_elf_phdrs+0x103/0x210 [ 298.510304][ T8642] load_elf_binary+0x153d/0x4fc0 [ 298.515272][ T8642] bprm_execve+0x8dd/0x16d0 [ 298.519912][ T8642] kernel_execve+0x2ef/0x3b0 [ 298.524546][ T8642] kernel_init+0x14a/0x2b0 [ 298.529006][ T8642] ret_from_fork+0x45/0x80 [ 298.533449][ T8642] ret_from_fork_asm+0x1a/0x30 [ 298.538233][ T8642] page_owner free stack trace missing [ 298.543615][ T8642] [ 298.545950][ T8642] Memory state around the buggy address: [ 298.551592][ T8642] ffff888035c46f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 298.559667][ T8642] ffff888035c46f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 298.567745][ T8642] >ffff888035c47000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 298.575818][ T8642] ^ [ 298.579898][ T8642] ffff888035c47080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 298.588154][ T8642] ffff888035c47100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 298.596333][ T8642] ================================================================== [ 298.654967][ T8642] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 298.662228][ T8642] CPU: 1 UID: 0 PID: 8642 Comm: syz.4.574 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 298.672860][ T8642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 298.682953][ T8642] Call Trace: [ 298.686265][ T8642] [ 298.689220][ T8642] dump_stack_lvl+0x3d/0x1f0 [ 298.693855][ T8642] panic+0x71d/0x800 [ 298.697777][ T8642] ? __pfx_panic+0x10/0x10 [ 298.702223][ T8642] ? preempt_schedule_thunk+0x1a/0x30 [ 298.707629][ T8642] ? preempt_schedule_common+0x44/0xc0 [ 298.713126][ T8642] check_panic_on_warn+0xab/0xb0 [ 298.718097][ T8642] end_report+0x117/0x180 [ 298.722454][ T8642] kasan_report+0xe9/0x110 [ 298.726887][ T8642] ? force_devcd_write+0x317/0x330 [ 298.732030][ T8642] ? force_devcd_write+0x317/0x330 [ 298.737173][ T8642] force_devcd_write+0x317/0x330 [ 298.742145][ T8642] ? __pfx_force_devcd_write+0x10/0x10 [ 298.747635][ T8642] ? __debugfs_file_get+0x1ff/0x850 [ 298.752871][ T8642] ? __pfx___debugfs_file_get+0x10/0x10 [ 298.758450][ T8642] ? rcu_is_watching+0x12/0xc0 [ 298.763253][ T8642] ? trace_lock_acquire+0x14e/0x1f0 [ 298.768479][ T8642] full_proxy_write+0x13c/0x200 [ 298.773360][ T8642] ? __pfx_full_proxy_write+0x10/0x10 [ 298.778761][ T8642] vfs_write+0x24c/0x1150 [ 298.783123][ T8642] ? __fget_files+0x1fc/0x3a0 [ 298.787835][ T8642] ? __pfx___mutex_lock+0x10/0x10 [ 298.792912][ T8642] ? __pfx_vfs_write+0x10/0x10 [ 298.797727][ T8642] ? __fget_files+0x206/0x3a0 [ 298.802440][ T8642] ksys_write+0x12b/0x250 [ 298.806801][ T8642] ? __pfx_ksys_write+0x10/0x10 [ 298.811689][ T8642] do_syscall_64+0xcd/0x250 [ 298.816223][ T8642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.822154][ T8642] RIP: 0033:0x7fe28c98d169 [ 298.826585][ T8642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 298.846217][ T8642] RSP: 002b:00007fe28d8d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 298.854653][ T8642] RAX: ffffffffffffffda RBX: 00007fe28cba5fa0 RCX: 00007fe28c98d169 [ 298.862648][ T8642] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000004 [ 298.870640][ T8642] RBP: 00007fe28ca0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 298.878634][ T8642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 298.886673][ T8642] R13: 0000000000000000 R14: 00007fe28cba5fa0 R15: 00007ffd292a4dc8 [ 298.894676][ T8642] [ 298.898078][ T8642] Kernel Offset: disabled [ 298.902412][ T8642] Rebooting in 86400 seconds..