last executing test programs: 11.680270931s ago: executing program 1 (id=353): mmap$auto(0x0, 0x533, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x2) madvise$auto(0x10, 0x9, 0x100000e) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r1 = socket(0x2, 0x1, 0x106) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x200}, 0x55) setsockopt$auto(r1, 0x0, 0x21, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000080)={{&(0x7f0000000080), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xf}, 0x800008}, 0x5, 0x20000000) write$auto(r0, 0x0, 0xd1) read$auto(0x3, 0x0, 0xfdef) open(&(0x7f0000000040)='./cgroup.cpu/cpuset.cpus\x00', 0x30501, 0x1) clone$auto(0x1001, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.6/usb7/power/wakeup_active_count\x00') madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x7ffffffffffff7ff, 0x7ffffffffffffffd, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x4003) capset$auto(0x0, 0x0) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x1ac}}, 0x40000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0xfcffffff, &(0x7f0000000000)={0x0, 0xfc2}, 0x6, 0x0, 0x3, 0x3}, 0x804}, 0x7, 0x4008) prctl$auto_PR_SET_TAGGED_ADDR_CTRL(0x37, 0x2, 0x0, 0xfffffffffffffffe, 0x81) sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB='J\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd7000fcdbdf2502"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) 9.568373553s ago: executing program 0 (id=360): mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x3000, 0x6, 0x8, 0x7fffffff, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c47, 0x29f, 0x100, 0x7ffffffb, 0x101, 0x800, 0x3}, {0x8, 0x1, 0x52, 0x5, 0x2, 0x40, 0x76c5, 0x8, 0x100000000}}) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) io_uring_enter$auto(0x3, 0x5, 0xffffffff, 0x3, 0x0, 0x2) r2 = socket(0x23, 0x80805, 0x0) getsockopt$auto(r2, 0x40000000113, 0x3, 0xfffffffffffffffc, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) writev$auto(r1, &(0x7f00000000c0)={&(0x7f0000000040)="3a436bce4bcb691da2f2d63967752586466f282b3c52535b8f980e8a232e1af0ec2dd5a07533e3c81d7c9b60067cf4ceca106a3f71fcb38e03744499f7628b3540939a19dbfa4cf1efd71f359680de6dd50f9fdad1bcea", 0x8f1b}, 0x400) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0xa, 0x2, 0x0) r3 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execveat$auto(r3, 0x0, 0x0, 0x0, 0x1000) connect$auto(0x3, 0x0, 0x8) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0xa, 0x3, 0x3b) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) msgctl$auto(0x0, 0x3, 0x0) r4 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r4, 0x107, 0x12, 0x0, 0x8) close_range$auto(r4, r4, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) unshare$auto(0x40000080) getsockopt$auto_SO_RCVMARK(r4, 0xa, 0x4b, &(0x7f0000000100)='[:\xbf{:\x00', &(0x7f0000000140)=0x20b) 9.223014653s ago: executing program 2 (id=362): r0 = getsockopt$auto_SO_RCVBUF(0xffffffffffffffff, 0xffff0e35, 0x8, &(0x7f0000000040)='^\xeb/.{\x00', &(0x7f0000000080)=0x9) mmap$auto(0x0, 0x4020008, 0xdf, 0xeb1, r0, 0x8000) set_mempolicy$auto(0x4005, &(0x7f0000000000)=0x1, 0x4) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) kexec_load$auto(0x880b, 0x2, 0x0, 0x4) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) 8.644427055s ago: executing program 1 (id=363): r0 = socket$nl_generic(0x10, 0x3, 0x10) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), r0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x20, r1, 0x1, 0x70bd25, 0x25dfdbff, {}, [@HWSIM_ATTR_PERM_ADDR={0xa, 0x16, '\x00\x00\x00\x00\x00\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x4004040) 8.224639328s ago: executing program 1 (id=365): r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x80802, 0x0) ioctl$auto(r0, 0x800064ba, 0x1e6) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x0) r1 = fcntl$auto(0x3, 0x4, 0xa553) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @dev={0xac, 0x14, 0x14, 0xd}}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000300)="c20b53d2d61911af9734917786b26197b0a66595d1dc82b23a270201fe1622b8383aecdf0000cc71912781313f2d375dfc0557390e7912795b4865fcc350289e915380f667babd3aefab14b1960cf72f55fe36d2815e43dee699d150dd74f5ec8c0a6cae3ef74b080f6638994aad8c56dcaa0074ba2ae3fdea03bd750f445002b459d6d2b49ccfb57a5c9dfed112c1c908d535698772866707f5b30a1530d0e31e564b43c5f3cb402dff7738ffebb51d8b741ccb37198879f95fa6fe4d92c659d09a7a6630ce2a886d9a564e6c784d45212eaadf3cae30f205980fffa76b1f726697b0e5", 0x12, 0x0, 0x101, 0x0, 0x5, 0x9ad}, 0x5}, 0x5, 0x20000000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) mmap$auto(0x9, 0x3020009, 0x4, 0xeb1, 0xffffffffffffffff, 0x8000) semctl$auto(0x9, 0xc1b8, 0x4, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x801008000) r2 = socket(0x29, 0x5, 0x0) syz_clone(0x40100100, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0) dup2$auto(r2, r2) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_MULTICAST_TO_UNICAST(0xffffffffffffffff, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_STATION(r2, 0x0, 0x40) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) pwrite64$auto(r3, 0x0, 0x1, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/class/devcoredump/disabled\x00', 0xe3102, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_genetlink_get_family_id$auto_ovs_datapath(0x0, 0xffffffffffffffff) fcntl$auto(0x3, 0x4, 0xa553) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x3ec0) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff) 7.606775428s ago: executing program 2 (id=367): mmap$auto(0x0, 0x9, 0x3ff57697, 0x9b72, 0x2, 0x8000000000008000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) r0 = socket(0x2, 0x1, 0x106) write$auto(0xffffffffffffffff, 0x0, 0x81) ioctl$auto_UI_BEGIN_FF_UPLOAD(0xffffffffffffffff, 0xc06855c8, &(0x7f00000000c0)={0x800, 0xfffffff3, {0xa, 0x0, 0x8, {0x4, 0x81}, {0x1, 0x7}, @rumble={0xff00, 0x3ff}}, {0x9a9b, 0x6, 0xd, {0xc, 0x2}, {0xfff}, @ramp={0xd7, 0x4, {0xb, 0x78e, 0x8, 0x5}}}}) setsockopt$auto(r0, 0x6, 0xd, &(0x7f0000000280)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00', 0x4) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20082, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r1, 0x8000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r2, 0x4b52, 0xffffffffffffffff) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) statmount$auto(0x0, 0x0, 0x7ffffffff000, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, r0) sendmsg$auto_NL80211_CMD_CHANGE_NAN_CONFIG(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8801}, 0x20004000) mmap$auto(0x4, 0x8, 0x1, 0x19, 0xffffffffffffffff, 0x5) close_range$auto(r0, r0, 0xd95) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) io_uring_setup$auto(0x877, 0x0) poll$auto(0x0, 0xb, 0x101) getsockopt$auto_SO_TXTIME(r0, 0x809, 0x3d, &(0x7f0000000240)='^j^-#+*^-}\x00', &(0x7f00000002c0)=0x9) syz_clone(0x80022000, &(0x7f0000000300)="2ef8cdcd3c2f291d0488b2740f40ce1a92c836", 0x13, &(0x7f0000000380), 0x0, &(0x7f0000000400)="54beb44f248a1215c3955e1b64229ef5c2cddb1de068bfc7aec1ba9641c37f1887d945c0e1e0aa0cbdf2024b4984838fcb93436cf0d045c6d9529609f22769e03b1f9233cb4df8a3676b3019824d88cc8a36aecc70eb4a2617e44f38abd17e16c30bcb1913d8af55445fd32909f2401dc15ca8302d0d35b345ad70df0ec9eca2c67fa7bf5d14c0a093c16d372aa20c3ee92950") syz_genetlink_get_family_id$auto_ovs_meter(0x0, r0) adjtimex$auto(&(0x7f0000000100)={0xfffffff5, 0x0, 0x1, 0x8000, 0xffffffffffffffff, 0x5, 0x401, 0x0, 0x9, 0x94b, 0xc3, {0x8000000000000001, 0x10}, 0x1, 0x64d1, 0x7, 0x6, 0x0, 0x6, 0x6, 0x7f, 0x3, 0x9, 0xfffffffe}) 6.748475374s ago: executing program 0 (id=369): mmap$auto(0x0, 0x7, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x10, 0xa, 0x0) (async) syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="95ffb461", @ANYRES16=0x0, @ANYBLOB="00012abd7000fbdbdf251f000000"], 0x14}}, 0x0) (async) recvmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x2009, 0x0, 0x5, 0x0, 0x1, 0x4}, 0x4}, 0x10000, 0x300, 0x0) (async) sendmsg$auto_HANDSHAKE_CMD_ACCEPT(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x8014}, 0x4011) (async) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) (async) openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/filter\x00', 0x2, 0x0) (async) socketpair$auto(0x1e, 0x5, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/dmi/id/uevent\x00', 0x0, 0x0) (async) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) (async, rerun: 32) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd8\x00', 0x0, 0x0) (rerun: 32) ioctl$auto(r2, 0xab02, r1) (async, rerun: 32) mmap$auto(0x0, 0x20009, 0x3, 0xeb1, 0x401, 0x8000) (rerun: 32) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) io_uring_setup$auto(0x9, 0x0) (async, rerun: 32) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32) close_range$auto(0x0, 0xfffffffffffff001, 0x2) (async) madvise$auto(0x0, 0x200007, 0x67) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x202000a, 0xffffffffffffffff, 0xdf, 0xfffffffffffffffa, 0xe) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/veth0/ra_defrtr_metric\x00', 0x141241, 0x0) (async) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/net/teql0/statistics/rx_dropped\x00', 0x80000, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram12/queue/io_poll_delay\x00', 0x80000, 0x0) read$auto(r4, 0x0, 0x9) (async) read$auto(r3, 0x0, 0x9) (async) write$auto(0x3, 0x0, 0xfdef) 6.589017485s ago: executing program 3 (id=370): mknod$auto(&(0x7f0000000040)=':,\x00', 0xc9, 0xc8) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/dmi/id/power/runtime_suspended_time\x00', 0x123902, 0x0) pwrite64$auto(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/memory.pressure\x00', 0x6bc, 0x5) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) mount$auto(&(0x7f0000000000)='pimreg\x00', &(0x7f0000000040)='\x00', 0x0, 0x10dfd057, 0x0) mkdir$auto(&(0x7f0000000100)='./file0\x00', 0x8) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x10000, 0x41) fallocate$auto(r1, 0x0, 0x8000000000000001, 0x4) mount$auto(0x0, &(0x7f0000000040)=':,\x00', 0x0, 0xaa6, &(0x7f00000000c0)) setsockopt$auto(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000040)='nsKcg>', 0x2) bpf$auto(0x3ff, &(0x7f0000000100)=@link_detach={r0}, 0x2) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) 6.378059562s ago: executing program 2 (id=371): r0 = epoll_create$auto(0x0) mmap$auto(0x1, 0x7fffffffffffffff, 0xdf, 0x9b72, r0, 0x0) listxattr$auto(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='\x00', 0x8) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) socket(0x2, 0x1, 0x106) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) fanotify_init$auto(0x4f1, 0x1) setsockopt$auto(0x3, 0x6, 0x19, 0x0, 0xfb3) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptyr1\x00', 0x800, 0x0) select$auto(0xb, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x4, 0x6, 0x1000, 0x47, 0x3ff, 0xf, 0x0, 0x0, 0xe, 0xd59, 0x2000000000181, 0x3966, 0x100000002, 0x3]}, 0x0, 0x0) ioctl$auto_TCFLSH2(r1, 0x802c542a, 0x0) 6.108448306s ago: executing program 3 (id=372): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="110b27bd7000ffdbdf2509000008"], 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x1000) (async) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="110b27bd7000ffdbdf2509000008"], 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x1000) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4) (async) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4) r0 = socket(0x10, 0x2, 0x0) r1 = socketcall$auto_SYS_ACCEPT4(0x12, &(0x7f0000000000)=0x9) open(&(0x7f0000000140)='}[,&*}\x00', 0x68940, 0x0) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000080)='nfsd\x00', 0x7, 0x0) write$auto_fake_panic_fops_(r1, &(0x7f0000000100)="dfff232f55a7723159a83f9128f231fa83bd02e627c6c4e41ef195c4158fdd52018e2c83b8fc329ff60a00c28454935e0d2da8c2", 0x34) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 6.020447411s ago: executing program 2 (id=373): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x2400, 0x0) socket(0xa, 0x2, 0x0) r0 = socket(0x11, 0x80003, 0x304) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x4) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x4) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb3, 0x401, 0x8000) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, 0x0, 0x82000, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6b, 0x0, 0x7d, 0xfffffffffffffffd, 0xd4, 0x4, 0x4, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0x0, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) socket(0x2, 0x1, 0x0) epoll_create$auto(0x4) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x0, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x10000000007, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffd]}, 0x0) mmap$auto(0x0, 0x432, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto(0x3, 0x40085618, 0x38) 5.501695061s ago: executing program 1 (id=374): munmap$auto(0x0, 0x2000000c) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x14, &(0x7f0000000040), 0x3) socket(0x15, 0x0, 0x302) socket(0x22, 0x2, 0x2) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0x5}, 0x5, 0x80000000) r0 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000006900)='/sys/kernel/config/target/dbroot\x00', 0x189002, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.3/usb4/4-0:1.0/authorized\x00', 0x10b142, 0x0) sendfile$auto(r1, r1, 0x0, 0x1000200) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) write$auto_configfs_file_operations_configfs_internal(r0, &(0x7f00000000c0)="9b", 0x1) close_range$auto(0x2, 0x8000, 0x0) socket(0xa, 0x800, 0x73) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000080), 0x2140, 0x0) unshare$auto(0x40000080) 5.22847331s ago: executing program 0 (id=375): openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/kvm/halt_poll_invalid\x00', 0x0, 0x0) r0 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) mmap$auto(0xffffffffffffffff, 0x40000000ea8, 0x10000000000df, 0xeb6, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x1, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x200, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) socket(0xa, 0x5, 0x0) listen$auto(0x3, 0x81) io_uring_setup$auto(0x6, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0x8000, 0x0) open(0x0, 0x22240, 0x144) open(0x0, 0xa240, 0x1de) ioprio_set$auto(0x2, 0x800000000, 0x8) recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r1, 0x8937, 0x24) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x1, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x312) bpf$auto(0x15, &(0x7f0000000400)=@bpf_attr_1={0xffffffffffffffff, 0x7, @next_key=0xfffffffffffffffd}, 0x7f) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0x2000, 0x2, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_FORWARD(0xffffffffffffffff, 0x40084149, &(0x7f0000000000)=0x1) 4.950843294s ago: executing program 3 (id=376): read$auto_fops_u32_ro_(0xffffffffffffffff, 0x0, 0x0) statmount$auto(&(0x7f0000000540)={0x5, @inferred, 0x101, 0x5, 0x9}, &(0x7f0000000580)={0x13, 0x7, 0x8, 0x1000, 0x6, 0x8, 0x0, 0xffffffff, 0x40, 0x8, 0xc000000, 0x1a0, 0x401, 0x0, 0x6, 0x7, 0x0, 0xe9e3, 0x3, 0x2, 0x7, 0x0, 0x9, 0xe, 0x80000001, 0x37ea, [0x6, 0x2, 0x80000001, 0x5, 0x3ff, 0x5, 0x7ff, 0x6, 0x4, 0x4a, 0x7, 0x3, 0x4, 0x88, 0x9, 0x1, 0x7, 0x5, 0x95, 0xd, 0x1, 0x6, 0x8, 0x0, 0x8000, 0x7, 0x100000000, 0x80000001, 0x1880000000, 0x6, 0x8, 0xe, 0x8, 0x8000, 0x6, 0x6, 0x2, 0x0, 0x1800000000000000, 0x6, 0x6d4, 0xa167, 0x401, 0x8, 0xd, 0x1], "5570dc3f9ad44830af3163d864bc95e7c2f20b73514acedd76c758302594d65bd302ca9ecc185d57394faba70458781ee273422a086f4150b7bbc62f378698dc4bb416012fe83757c2a6b6138782a93efaae631832d1320a2c445e677ab57af787304d6fc35065c814476477528a5064f7d5182c487e52524bb82234"}, 0xb6ea, 0x6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) fsopen$auto(0x0, 0x3) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffff9c, &(0x7f0000000080), 0xdaea6d7da654cc89, 0x0) fsetxattr$auto(r0, &(0x7f00000000c0)='/dev/dma_heap/system\x00', 0x0, 0x7, 0x10001) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x1d, 0x801, 0x84) getsockopt$auto(r1, 0x84, 0x75, 0x0, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0) mmap$auto(0x0, 0x9, 0xff7, 0x8000000008012, 0x1000000004, 0x0) socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x401, 0x1ff, 0x7, 0x48, 0x4909b6f8, 0x1ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x3, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x800000, 0x7, 0x8, 0x200, 0xfffffffd, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x2000, 0x0, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x0, 0x0, 0x2, 0x0, 0xffffffffffffbffd, 0xfffffffffffffffd, 0x1, 0x400000040000000, 0xffffffffffffffff, 0x4, 0x4, 0x2000000000000000, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x0, 0x0, 0x11af, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x0, 0x3, 0xfffffffffffffffe, 0x8, 0x4000000000, 0x7, 0x2]}, 0x1fe, 0xd) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x405040, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) connect$auto(0xffffffffffffffff, &(0x7f00000018c0)=@phonet={0x23, 0x65, 0xd3, 0x5}, 0x55) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x7, 0xffffffffffff0005, 0x0) 4.591698287s ago: executing program 0 (id=377): r0 = socket(0x10, 0x2, 0x0) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x124, r1, 0x1, 0x70bd29, 0x25dfdc00, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x10c, 0x1, 0x0, 0x1, [@nested={0x108, 0x10, 0x0, 0x1, [@typed={0x104, 0x8, 0x0, 0x0, @binary="f5410300000086ed0a2185b6d50b7a195a4bb64bd40742b2d1bdd2db61685198fc0ddc18d62c0bc98dec4106d0effd7dcf69854a5a3552db9f7e1eb364745b5582714d0909309e2031a7632e8715e020e42398908cc4be88234d97971f626832eb0da89bddcbf7e1d18c39f4af9d9dc002672f0207da76011279c06826d54d93fde4cb2c68065fb6c32f52c5a3b7a6b174c53e47db7b36e887a2a0229fbf3f7c76b03a4e35ea7813f5024b635efb7a5b232fef6f8d7c0dd4906cc5b0d9e32587d5c223fe082365c78b76591dfee39b4a94cd222bc26667dacefc9738abdef504fbd722b546a9fc06918e36274e400144e01000496297b7755d72a531fec479ee"}]}]}]}, 0x124}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) msgctl$auto(0x9, 0xa, &(0x7f0000000340)={{0x100000, 0x0, 0x0, 0x4, 0x1ff, 0x406, 0x320}, 0x0, 0x0, 0xb, 0xffffffffffffa9ee, 0xb, 0x1, 0x100, 0x2d, 0x78, 0x2, @inferred=0xffffffffffffffff}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYRESDEC=r3, @ANYBLOB='v\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40010) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) clone$auto(0xf, 0xfffffffffffeffff, 0x0, 0x0, 0x7) r4 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/smaps_rollup\x00', 0x1a3000, 0x0) pread64$auto(r4, 0x0, 0xa8, 0x7) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) writev$auto(r0, &(0x7f0000000000)={&(0x7f00000003c0)="6821743f0351648578481a587814d22ba8060ec5ed94e877614d4b356ed6d69a3f9ea30b8e494f7e36784c292a0547600642a9afba07efbaf557b88d4b2f00a834784ee0aadfa1b145811ee84e55424041f7fa37a2b15e7ff7010397a516ad25d25941def491a3e34b97a481beac913057a48daf3e7c9683d4b829e34711aa33676113c7b6bb832977009a039d49ceec99b30d023172d15276111686ee71d2cfef653b4586c291c089fe811ade3410b8437f26c75fff08426c641995a97c2a05748287b53ca910e6f860b0cbeac14d0239fc58c40844752010eba8fe842d7dd60496f1f0c053a6e9b9943d1ee00705fcd9bdeace3b171ebeb96a93b6ac6db5a180fed05b1833bc9dd0961b302701ea7da9699f16e769255f03796b9201d0771ccb84bb2571c2a64df9a0f0f8e92c3cc82e69e6c9d674793900b455fb48d2a7ce070bbd4896651db5d255de3a5ae4aaf397239b1f622c8dafc9a3aa0955732510555b9ba4823f2d838372977fb1fba8bae1ab61b019816bfbf74c30fff3173eebc9b9b66f5579f37dd94ada1444b60db7805ec3da3d00d0f21a3ef780c99bbcc363eddda89cd7492b36f8e2deed0fe3e2aaaa050d0a0848ccbdd1923114d91acefcfe83eb174ed826fc2be6b3cd0a2841f84ffc58bf56fe81bfcee15aff4c8bb8691178439ef4cd9d6999d60737954a7114d1f42c5684f6e0227cf5615b73e00e4a036a841fec42b8ea47be1b7d626051922216e38f637122b00bcf0b04f401a9aea9235540f22a64f7c2ef561d9c1ab8b59807ae171ec7a81c57fed5ddaf4aaa2c6f007942218c49836860b2f5bba5a06a7e0f564180fb0fb55aeb9d54e03012140c629f70c6b205f8e3fc231d279fce17632189386ab68fd1cfa806558896e85985b7f0f969ffa17344765b053a77442e726870764433e9d492d82643455e412fcf3e6eb9deb21673392745d60bdcfdba5e24805afa57402c3a9087f49a35b63beb89fa9eaeec9364625351dea60971728aaec167aed1addf260f2ec4773d8fa30b17b213437f76815ad27ea4cd39246b7714aab66f4744af7f20c47909653ad74f177beee7457fdea397d3966c2b238e70cac983282faf1c03dd6797a767d5d41ad7528da049698260d7bacc51f73aa5066e2b99b6133a50a0c073839a731f4ea689c801be08813c5a75dfdce3ab2468173e3b9161df45b3161f0d20ab5c259f3ad9288afd1dcba6d08a129f3f5dda7cb4234a089626b67f6376fef394446b53d389924cdeb7b02fc1c791329250c5513f4e8e6473a2ff56c840be2eac087f4fecbbffd694fa063fb2cd320aee38f665cbeea19b478e7bba1e427cb9fc1b31595602a6bf877edbb3c4b942839d5516629d9ba27b0aa9e3df946146681c92d32b28fa033b5b2babf7b93a53e4d12fbeed66e655b3e3359ab479db9b1961909d11491fb081ff9a7d3c915e0dd45deb0fe5dc5c218336b4035170d4abacb03a2722115ce2175c4f2cda03b7aa71c0e96025d07297a98c21093863bbd607570a614c1d490c2067537cd426a8f809ce0c87f043d3df4cf89e2afd32bbd152bdf1f527d29b5e28d319ca8c72319c6f80fcee47b61d698cfb1fced776dc8e07a0e90b83a009633d33fa1e786eb9939b0e4df9045b81a0b01386d4072e97a5407d3d7d3451b991aff0bc2568b67a3579d34d73fd5f42fc7fd1a4af602a5022133a014d03c86b5f674d4c865fb6415fa458cb32947adf3a1176174faa5bca0fcb1a85ae9c198e950b7aab1c2855f06680df61c146939971476f44ff3ecfe07e9843135f8d2cd4a03365faa8d3dbbeb2a6f55e4afb36c97aaad93fc7b7cd1953a80a1327fb6ed7fbd070ca1865a4c1b352b621acb2d0d3c391e9092e52ea317b22af4f8d6b3c8385da2802a3630ae160a3417c75d860c8007c67ab03fcf4ea21026e09e3d608bec1c792787cce9405513d7ee18066f29b1f86578336ce6adac943d755d0081e09ab09d665a22eae31a9e0ffdb8e12f2cca319506d4abf39e23d2e0e2d9ca08d23835eb994c32e7d0d7488eca1a595738d4af28f36703b87c39ae1d5f8edadd787ccfa9d9c4b80ea3cf06170157e02261274f58e03cce9d6b535f4e8c41f051e0c2c19c826461171edfca11cdfd7eeeaa8f208ae7a01e468141e13895eb1ad01926f05417684b20b02ea6dd13a782b7ccd6fe7c2e1b4c7155877aec226b7a0fddd890229b4f38b710f9df0fe2175c5971152057953aaadc6ea2ad0e58a4cd5acd40f1ebc9400e88c3e164d526e3df3529136690fc2b71c3fa5fbc134de8ebef71049ff16e5e8955a02bf7eee7deec0322a42f87b95c9eda240b20178a60491c2d5b37bd5835d3985144c892c377ba17bb6b2372bdf9d05ea853801ea6028ac5bfeec0b6dcd42716731eb0c3b951edf736d707bfce492f5e94e603279e1c97830d1b51e0b59c3e36d24321bdec440a3cb4113c81a6b74c15d7944904a7c981e0b8a50a7f0ad7c3ba369504341e2c87a87bebd3fa09d2e74a9162e7ade9a1429a87b58e3c5d3e2b85f9e8ef260fc5c10effe1240aaf1d6ae032d15256e1f3d4096dc35bd3348406b0874fdd07af4bb328038eeff19795f4f5580dbb776adbd8f532c1dcdb0957c009d2d6b0a31a6d0e06e1d1c7e63bcd2cfc80ad75a60b1fb69c8f2c59c63b89592dbf14cf0207ed9c48872bb233fde9db6afadabca9115795d972dfab2c393fa6eae569369232458d56586669c8404d5486b0137fcd8b9a3b7250190db39cf43a8e74a287a7d603888745b7b53b771ca365b88335a161e6c269e353402f479b227fb3b8cde13f948bb144f580da141282dbd36680a71afcd5fac764be92dbc9a22f30659436cd98e8aebafa3a0153b6cb51ee0985e71dd82559d0a1d76d463cbab821e9f1a1b842f88b6f26de719360f6a7bf98064eb4daa3498bcf8b0dcf572c1ebf38e863aec2164530bd1c3c1003216203d69e59499fad93eac51b726608ad13c5221f7974e9ca8384635cb47b27ae415bc41f569e253d273dd235ef4e86eded2b277a994d9dd783638d9877d187fabeb539f0e17d81fd7a11174e4d832690ec64c9ea9eb07db106eea3373066d41c159d82678f370fa04a974a4223185ed6186814e896a15adf5495c6aa09df0ec824de20b5d590c1e3099be5b91389f0624391b0621d704df9f50e02daf97be665568ad3c0484178b0a91c7cb2e90ff7bad4209bf9541ec5149155fad77c9cac184a72c0744a49486ea89d7ba116e57acd3e709edd3f48fbdf6c20e861a5b6759b5fae25018fce4fc605a6c117941dc197c8fae145e292bf17675ac84121c51b7cf3a3084d902d30b2deea3b2c2703e3bd5807180aac75c138298fbecf15454d434e86bcc0092ac7744239029fb9e2a6bd983a3aea1f1c5f343d0861dcd4fcb97710be7d8e6c8d21a74546bf60dd0be838720e8231903d20aa00f90118e5e3781bf8ea1041557a8972f3d8bb7e309826ddeefc4e3571ec3506822c5f308df0455b56c5ddcaf3b657f76e70ff8ce583383c8739ad22cdc32d0a6a255e29a70d656b6d2e4e59837516276cc4a93f043922c14abfb165f29ddecf190f7644f326647e7ae7905984fe4a4764aa63ae7460c72a9cfd0a685a4dc1dfb46042b7182388e085b1b6403f261b55b2bf7117a930d8f54f086c0631244a010b0b27ab3bb6909d6b3f7b8860df78b9decc196b2cfb673aad59473f0b2915ef7dc9244c8fdddf359b619d0f2884ab2b18cb572c155200056528785e784c1352e3791784331ae95e6d303089aef9cfa8b00c836fac2c18d82659a6e12d3ea366d7f252fb80e02d5a4c589ceb8b3feac484c614838eee808be11b0999c63f350cf757356fe968367839b30b94c3a7296c4464523e8f04ee22768e406708918ddb5afc19676e6d8de6e1b13a8ea04fb0a72b8173abacdd9e41c02718ed1a01362d061ffbe995e855385edd1740ad023e29665351a95d51fc8ce68fd036faefddaedd2b446d8d7338fc08bdb2dff91c30cb7b9a1966411895dc724623c3b08d100063c59a7a938f963f7022d8a457b9e4f31d87be00bb236174ce0738cfa725e40a0fc9a385f7d903b1bd6ddd91785387be7ce97a3b21faab0db63a3ecc481454075bf12cfce29aed6fa38a2a082cc80228f9a480aba1f4a2b2495e86231c5e0126f3885db534b7991c8b3e97470e5df18251131e8a0f649d8561546339615c680454438529d8dc31df129deb02b49da3874609f6ef528015deb2649d1ab112eb6664a631273b387c0ed0e40cacf43a38d3221a5cf67346a60ff573e2dacbd0e9b1903caa598f24f9973bd0787e57a38429f5c18e3c71ccc63434ad02993ce208b045c583efa992ad5352c45ad3ed52d73c2fccb839f0b5afb035b5e070a32626aaf0c9c3c073a673f30ab09fb748d6a48cd50d049eb3b650e0ef3198db422688fe0283ccb1371fa1dc6c5e60cdbde16d58a4737817e6cf0390aec7d637ef4a233c1ecfa0825ebadb30cf6c7a6df2537a16c6cd18d63dcb803c681f906b2c76c91d24115fbc5242921de1b4d6e6f28517eff30ce37aa09bf24675d27d9260143d6f4b755fae67deaa38e6fe538bce0c7770cfbb7faa8bd8d1a6f78afc634ed7e086f06d8e2a0a4bee830ef2ee3c1470bb9b62f815ed535410a25887c539eba7a110c57515ddd6a0a0e258825f7e0aa6a56e87a4b029480fb0dab2357a3ead9cb08b813b3167a4b844fff73031d630664e5d24a80402e487c513e1932b63657b3e3228393416a77eac9161604480b053cd523c7465609e01f8342a13adb9c87ef3ba9cc0e6aa8708febfcdf68235dd704fff41643d2a03239c986c4c956bad8b904a73f8e0f58b2fcb1c5e61a7df5410159ed63835e19af4875d76e3303aeb0263ddec5137ac65c3fb005f30b3e8251179d694d2220aefc3b750252a848e0ce68f27b99692db53b45dbfb44363f5e5f7d2ba58c5b0819902ec507325caab902213c371fcb85235693875311183292b50f0da3b8109202ebcfe27d195160a9a2597bf23c0ad4aa4fc609bd0efced387dd29f223e40f254274260236cbcbb0ca62aaf9b21cde88f579eec3789d483ecc5113f685782a93f7ca86f764945af2e91bcca30355cf3f4b60869607fe402f9dae4e505c853fa76d4d8e9205543b00519a156d8ed6dde49597a924149281f55d4ca8f97c1b0d68674d4d235cc09fbf27d63095b4d543d6cca086ef5cb71072ce84c7b0073c22d1ab3adff0c23ed24af57acb1668aa08a9981ee7821e16aa89119f9f38eae0effb52c6a4da41f80c060eae0f7c6a6193591a91a023be85e8426f7a3f239b21ae79aa5754fc778a8b53301933f189f9481f3c7433abccfd83bd0f1a38da908ad2e61db595a084c18cbf9fe46e14fb8b4d6b62b0daefecb87c088fa2058acc074b5de6a732e66e5e823ef7b53c757773826703ecad1cf09a4789cd31e37aa531b75a61c710d64e74f09706bce8045413a224dfd64d95ea42d06f63a4b73f9b194322935c12df2ddd282bc73ebf03d5726306480e3fd71464c235b707089d123f0015f446625b699ed13f820dd82a24bd82b210bc3d34539ea6c0256633553db8e8386e81c46882882a75fdfcb6fff93b52da5057dc315106cf92aec2ccf78ace1a96bb804301a5bbc062f8054a3c09c18b76f4517662d0c43dd9765e9d50e0a79ba68cb72a1c6043f195de0fb4b32c7c1739a96563a36e2f69df6345b81a39cfeae303b3d1aa9f0d387ecf62e8252bd82738aa18b5f4d148a9a1c109bb0", 0x7ff}, 0x10001) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) 4.452469847s ago: executing program 1 (id=378): keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0x0, 0xe) clone$auto(0x3, 0x10001, 0x0, 0x0, 0x9) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000048c0)='/dev/dsp1\x00', 0x20000, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x3a) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) getsockopt$auto(0x6, 0x0, 0x60, 0xfffffffffffffffe, 0x0) ioctl$auto_BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000440)={@inferred=r0, 0x6, 0xfffffffffffff4c4, @unused, @name="04862b6732af38c60c6cf4ce49c7e16668f1206beb30e29034379d9fcb87b0bc68153e37950cd9fc24084a9dc6128a4a8b6f69a8478c7065d5b59a3844882d1a1366d99d811e8e559488d4a15559b7b3a16ea121ee7a812c7c984837b8eae06f89b05023168751ef377e296b53b1dcfc666d4f9054df29160b25639449a6ba4065372f65f17c2b983b67b3505ca1d5ec9526af1e0612d230939728a58b2682425978da6d9a01c7353b4895025a9d1c95f29ef2aba14b597d9f16f1936181ea2be27a3674760eb6facba201b479613c1e95d1576af4208d00ac9cb85c356420d3a4452f8b85ac10d9b4ef55cc08fb1f6a7694a941982ff226d041754613b673e674a67a1cf03289821567150899377be5eaed29297d236fcdd8367ab7f1ffbd002fafc6aa04e122ca52a2fd78eee706d75596e9309669a32f9209a0448af18bfe2fd974d23c0d6051bc8cfb4edea5d20a779f9efc278bcdd69a5ebacff5c1edfba0f23f609f1b612ef97d34155a538a01a14cd03dfe60f329e7b21b2a93a4b9976404433129d96c47f48056bce092c05bb66a0657f64e91cf76975a0408b71e0ec0ae6f9fd20080017699a5a8a3bcb2c12b4b014789aa7d0c497ae5259faf7fc83019bca9fed0073fca3001e072170fa3b79418bb2721230e56387a521853b1d2411b5772959e2d23561a02a1b594181f874e8e8df93d1cdb2b0465aa149ac95b7289a4adb70d95109f4e1f8173e54ccb4aa7e6c5670e9a574b1fec02ed3d3125d66dd90bbf22be124384194b274e0b250fcc99565feea40ffb55e557e29d57be11f89fe07b6f2f1fe237e644d2e2ce897cbf4af5b6d44a58362cf2d6b3230dd791a307d1ac6052d9428e2c0496d72855ecc05d2a9181ac9666971dff9c0b0ff216df83654ad75d1832314fe13c1eee4506cead8abe993f41fd8fb89a440dadd3c29008887584a326574a39b05dc06ac07d61d05d1a532cfd99bed15d93832b3b727b6f18cfdb99b48b72e539d67babe63580a9118827e713642dc44a872c5774dae7fa0a3753ba5f750988d6f3ee4047f8f1395d8568cec1bb7fc08dc837d6729761bc288ec1735824c006c048302fbbf9643445f8118a342691e180035e112f46801b5dd41d0866fa4cd36664295cc6f62dd7cd2b4c236aaefce04eb04722b06b3f571e0370c859ff5121ee530108ce52bb3a38106d96ff60577df9fa46c84230f7db3a273f575fc04c348c0d2e09f8c4bacd84f41b2d2b10bd461d0454d75705b36a610cb34bfe38630f0ce7a3e2658800101acfee06ef21d375dad3c81d1d1e7ba1ea971eebfccef8dd973f16182473608d3013425a3d84121a2f724bbb0bb3bcc26f797b82267acdd42bb01d84cd8843b96d78c3058067a69d79dd901210eb78b1d3ebf46fdb93bae9a5dd47880edfe13ef058c92231f7d00d918e12fd00f568900c5e0569445b602763497af901bd98a945d20bcdbcd209e5a56fc8f960d5b60e321600515565277254971201c8c35f3b437ff72c5e9e749fecba16fc9de24ea06d6b596f7985b19e95e2c866a9fff9cc515c1f4cf35d65fc35891c5d7b57f669f245a57e364d80d8f1df471212e917bc4348c197a27fad4f22c93f53df659dc68ca6b22d70af29096e6c107ae7249e0aca50b0c347541ebbf2a93f61f45e28e18b8afe0de826081748bca15299dd687057bfe2772228c1cf90ba4deda9c87a313990651c9dccb116b0079aa0a8cb10e754f12511e8bd97cd7037c00f9bad0ca90344d6db37b2b787d997cbd519de99036f6d2a366c6a4c552eb28a1b4a9ee769b475fbf07a7c30806b51f9d27a62c5c6aa5f8b0203032cbebbe675b66b7d2cb178216bc0582fb742bc211aae2fe17fc79759fd14b5822a72f981ef86dcafbe6973973957a268274b92dafa5df48e1bac25d53a1a2bf8453e66ccb93afe0bbb215b12d07871b363254466b9d757e08b3b6204d0daa4c72f00dc4ff076599305749160512891ef5213b34c26054a0c3d6bf2d8c91cdc6d8f78b9b58ec0e5267bbd0d3b180ac299750d0ef4b10db4b09960f1f920fd6e3fa401128f84e48290b9a397971641386e5d4ddcbfc346b26495ff2555bd912c5b13cf1a05def2a65b3672f3083c244a4bcda3b5131926989cbe2678f14bc5fd0b27915ba2b4e8f4947f839b8e5927046548e49545cbae8eab2b187df7d039758c965ff3b60d04853724354026e2b17dd1d7576fd86b433eaf369a2a3c26ec28fecc31204d342a9aa89252b38bc9d8a8706ccf4f4109fd65beeeafc13cba6b4e7275b9d9a4d8fa535d1f270a2b3f7f758c20a888e0c6baf797b401f367e08d4a7b9909940d6019ac0deebe5162552540cc3a8398ee51b93ab8ce49f3898db0c7068e3fcdca48c4e898adabd74c4843a28d0b245b811c38bfdef3cd1a2d870b672795ab962a512c64aa198ba69777574bee1896e159a197cd9a4dfcec592fb8c0e6be7f171b13a3ac4f2a21a6d8822e405665813b2a7fc616446600c2a4cb84786907bf4df5750e84c07d4ab177ff33ec0522704dfcf54ec55d04d6437d067c4fc534d89ee232747709dd65a8e3136e0526a346668d57b5d0961f79266538ca6e159f488f2fe807f14a583ade00175e9edf86a6c8eb234d0933ab02c0ddc23543f4c69a82d95c549c4d27a224bd2c34e77ef3e10ad277525d1923c987952e4282a14adb8ffd97323724482d235f2839bc02be562aafbc8ffb2bd585184e760ba86b3e340488742d68f92141e02de02f18ef51201ac8283c530344d3811166743be7cc71f114bb1b437b004edfeaa5f9bfcb4dda124f02a90cefe67b9076721c1f7aeff4e5d1d0fa2ad30ede5d3d81c0a813f972cb3d215db0e9bb1dfa6ff45f9bd0ce1e37caeb65ec9202743cdbae8e1dee7615b4fe0229bf1d216e43d2746d73910735ffd2e078de7f009c6e59be3febad1210986228e5d90c0803ba66743fca19f6be4c457ffe1106091281638982163cb8555ca95680a3af71d12c2ac61469c670e1487dd317e188b747901a05c69b8cd95bdf4d88ea00c866a599f5f6a1c17ddee69818d7fd8a824e64ef6946ac1459f9bab3fa40d5e16ebe7269494c50378933dea35fda56388d7e8811e1271e7c143b8d750d86daeb57a8e27d9a982ea18da82bc5f2c27b9a722b4ffec090dc005b905452b8cfb3b2f87df3b6c077f07458d5e2e77269afb6fbae38dee59cb3e859fd88e2368a0bb2f91d0167eaed49c73652c73c130109f65d94926943b297eda6f42aa05302ab43df5f1ca1c3e616b6b3990d40062b66d4d9a9c706bb29bf5c8c27e88fa16aae122c7becf69e127f25a92c292cab05d534032eaedb3d94b5962f9a32e9cc0b96427807ccb74ce702ec1dfc064ad1b7da4120f923482b5db2198c37bdde3ecb9974e65ffac49796558bcf64783d12c2fff4dd2d0f88ac63fcc864c44574f0cea794a9fb75c92734b5c1b3a189e99c0132203aa89d7380a7ea2fbe2ffcc9c6ace389e4903f66d3176b1342aebd66d162232813f9cca0aacf7fad956eb3fe3d451f95be3bb3e42d03137e4b371f52eaea06d8fb25a053def934f333af0091a30264db8c81c68654f0441e268d01105764f304d33afd2e4819053818576c8f6450540d3a3016a4d0b7ee7eb918e63e5c6e4527432e3f0647bda5e1038eab5c42af3856bb54393e78d8493a4b810cba5f9b9482200ad82a775eba921f1bf7674d09b6bef020281ed09c3085654ed1fcd431f82844ec43a766db05f06232b0044cfb76f7628f3df5bd99d14420c13690bfb6aa187483cd5483d681029ee0fdda66f79b0bfce0e775fcec2d15be23108bf3eedfae9ebc7cd853aa4af27a08fe32401ca5e1920bd4c7399511b19fa0787a9dde8e6c412b215a6b9ab2f7ec9d8e0befbc62eb8eb893c2974b90fc8b7b07cbd53acfa1e4222b1d2bd9176d7805eb1993bfcc74976d8fe99f2e31bd2711525f6cfa3af25a1593a7ae736c5859b3020f9731504badb6b898c776bb93e0441d5f52dfeac7388a2fd634acb74a0e0e6b9e0e10213da437e4ff7e3832feb6e5751ec6f2663404f3331eda2bc0a237d46443446b4e8d9f2272c318c126f1e5e6570a6856ff1353828a6cd1678ad67a8fee25fe8075d887618e078e7c91b88a7072b630b3d04fa02a96f91f7df55d6b0950d7fa6ec8d69461796b6603fb2b2ec80ca8e03b2c9f3aabbc240ab1835db0f00cdc96893058b56b74c9c0569667ee8052cfe91a5ec5dbb6530025ecaf9de85d7eb645375275cb3bf0b8f0c026815c64dba0cdeeb040189d4140259314f5c0d1eff7997dcf789d59eb5351e19bcb0f01ef871bc5e0061d35e110918a5eefec23db190b50841e829a7b66be1a87ae07171ad472ba5a64447a5762674624500294425aa47275a803ec6f5cd9482b03812e60558914e81c63458bc3f8b22b65aeb67719212bcdf2b5cb7a880f1e4ae73039e4bba8387022c89d51badc1ef93e485276bc5abd633a4369265a23bfe643ef60ce4a9444a7b906c768d5c4345e954635cdb565680a8ba4d9680ed168b741df78c3b0738ef0e8e16d8bf1ca21961a46252f5ab296fa1cc063ca8cc13a37e8ab82ece00d8fb27544f913daa4c546f99a9f859fcb6011c05519ab119af630cf5e1fed3e6cf050c7f8998f748e72c3c461593f429869faad2100133e2c53a9d218d15ce3e5792b6d3519323ffe9cd315d30d332fa4c0a77311f1fd1aa5a23cfe90659d79f79abcc54aa3f4e7007011734c95230a90d5a5e81dd83ceeaef843afcc095f1894731459cb2e099b36f1b5a4086d48f3155589808af22f2bf2296f53760015e4135b1e2807487228fb7c77a49b33497bedf8831dd98135183197b1da8365b1c99c45849cc472405b07db0af4525affdc5ab5824bf0ebc6e60ef633147abc5493a8cc9c0f7ed8f8433a920bef1543bc081cc21c8f0a5330a4b2f0137b019e3098b0b1aa4e9f4acf9bf44b11b17799a7eb6182673ad7d301a157357ed0690c56b5529bb0b2ebeb13cb8e90549bd8aff7e7ac34c6e4287105f6778a9df18c6e02207ec4083558dd241df0b0b059c325adf36d16d1e1d8a9e2f2959503c29626dc1d490286832965f22206543f245c0e1be3b0490f88003a5ce4a826f26dd82736f1f84015be855e186282c3ee0481bc00f99563ecb1b2b6825b7cd2bcc4a5f7f463b8f65ba6b56b02c0b650195c76521a2135977aa0c283af3042822b7ebcb507bb36475cc89830e39d5f55e8b46ec5bf553c11ee878933cf1aa332de8b23b2af89f143d2e6907caebe98395ce1cbf2d675bf76be52daf860076184793b28faff64408de4e52c5c0e0cc2ab2f5ccd785a8b5514ecedb8c6a4f25bda8f001146e43b30083b6d013fa8c6d5b5cac50637c2bb1e5d26558c54fae43345d134149c606b769c1da752b462d0180da5e417bbc8b4b778e1c898226ae55727985cdbb005bb82208c16daeb8486b8dc8f9d611bc5a77e5bc3dc9cd5768c1936249e43494d88d30011072190afea576beb54c71869ce5af3ed36be989c45b52b9506d5dd9fe673c0d121cae4f680f750e790d1d926982460696d98b285a863f24fa9c114cb11bbf25cc444b66ab0a154f67713dfc09890db307aa0d41e9295a205b4bdcedd54c9506ab9b693ce060b59d6e7f96ba6c4de7ac35cd8c0a8a0e8088cd3e2e0d6ead0dd9ec69b4c205c83d82814"}) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x201, 0x0) openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/fail_io_timeout/probability\x00', 0x22002, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/cpu1/topology/core_id\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) write$auto(0x3, 0x0, 0x7fffffff) select$auto(0x4, 0x0, &(0x7f0000000100)={[0x9, 0x7, 0xfffffffffffffff9, 0x9, 0x7ff, 0x3, 0x6, 0x2, 0x9, 0xffff, 0x1ff, 0xd, 0x3, 0x200000201, 0x7, 0x6]}, 0x0, 0x0) 3.647765675s ago: executing program 2 (id=379): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x1c) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), 0xffffffffffffffff) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) ioctl$auto(0xffffffffffffffff, 0x40025504, 0xea3) sendmsg$auto_NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000840)={0x0, 0x75c}, 0x1, 0x0, 0x0, 0x24048000}, 0x1) bpf$auto(0x5, &(0x7f0000000100)=@bpf_attr_3={0x6, 0x5, 0xffffffffffff8001, 0x9, 0x8, 0x7ff, 0x2, 0x9, 0x6, "4e96070077cac613ae7600", 0x0, 0x401, 0xffffffffffffffff, 0x4, 0x4, 0x1, 0x5, 0x865, 0x6, 0x9, @attach_prog_fd, 0x8, 0x7fffffffffffffff, 0x4, 0x0, 0x6}, 0x201) 3.278643393s ago: executing program 3 (id=380): mmap$auto(0x0, 0x7, 0x4000000000df, 0x40020000000eb1, 0xffffffffffffffff, 0xf782) (async) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) sendmmsg$auto(0x3, 0x0, 0x8, 0x7) (async) fsopen$auto(&(0x7f0000000000)='nlctrl\x00', 0x3) (async) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/dev/cdrom/autoclose\x00', 0x202, 0x0) sendfile$auto(r0, r0, 0x0, 0x1) (async) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_ipsec_dbg_fops_ipsec(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim0/ports/1/ipsec\x00', 0xc2040, 0x0) read$auto_ipsec_dbg_fops_ipsec(r1, 0x0, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32) open(0x0, 0x22240, 0x155) (async, rerun: 32) r2 = socket(0xa, 0x3, 0x3b) (async, rerun: 64) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vhci_hcd.2/usb14/dev\x00', 0x74000, 0x0) (async, rerun: 64) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) (async, rerun: 64) sendmmsg$auto(0x3, 0x0, 0x200, 0x7000000) (async, rerun: 64) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff) (async) readv$auto(0x0, &(0x7f0000000080)={&(0x7f0000000040), 0x6}, 0x7ff) (async, rerun: 64) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, 0x0, 0xc040810) (async, rerun: 64) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0xb, 0x20006, 0x4000000000e1, 0xebd, 0x4, 0x8000) (async) sendmmsg$auto(r2, 0x0, 0x9a6, 0x7fffffe) keyctl$auto(0x0, 0x8000000000000000, 0x6, 0x946c, 0x4) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000004c0), r3) (async) sendmsg$auto_ETHTOOL_MSG_PAUSE_GET(r3, &(0x7f0000001a00)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f00000001c0)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x40080}, 0x0) (async, rerun: 64) read$auto(0x4, 0x0, 0xfdef) (rerun: 64) mmap$auto(0x7, 0x8, 0x0, 0x17, r1, 0x9) 3.070075162s ago: executing program 1 (id=381): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/7:5/max_ratio\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, 0x0, 0x0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mkdir$auto(&(0x7f0000000040)='}[,&*}\x00', 0x40) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x5, 0x0) (async) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') (async) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) (async) sysfs$auto(0x6, 0x4, 0x10000) openat$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffff9c, 0x0, 0xc4000, 0x0) set_mempolicy$auto(0x8001, &(0x7f0000001a00)=0x4257, 0xf) (async) unshare$auto(0x40000080) (async) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(0xffffffffffffffff, 0x80083314, &(0x7f00000001c0)=0x9) (async) getdents64$auto(0x0, 0x0, 0x41) (async) mmap$auto(0x0, 0x2020005, 0x2000003, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) getdents64$auto(0x0, 0x0, 0x41) getdents$auto(0x0, 0x0, 0x100) 1.880447038s ago: executing program 3 (id=382): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vhci_hcd.7/usb24/bcdDevice\x00', 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001d80)='/sys/devices/virtual/sound/ctl-led/speaker/card0/attach\x00', 0x1, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)="311d4d", 0x3) mmap$auto(0x0, 0x2020009, 0xbe, 0xeb1, 0xfffffffffffffffa, 0x2000000000008000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NFC_CMD_LLC_SET_PARAMS(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) prctl$auto(0x28, 0x0, 0x4, 0x5, 0x2) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) r1 = socket(0x10, 0x2, 0xc) syz_genetlink_get_family_id$auto_gtp(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48090}, 0x0) r2 = io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x205) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dsp1\x00', 0x101200, 0x0) ioctl$auto_OSS_GETVERSION2(r3, 0x80044d76, 0x0) syz_clone3(&(0x7f0000000300)={0x20000000, &(0x7f0000000100), &(0x7f0000000140)=0x0, &(0x7f0000000180), {0x30}, &(0x7f0000000240)=""/121, 0x79, &(0x7f00000001c0)=""/47, &(0x7f00000002c0)=[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x8, {r2}}, 0x58) fcntl$auto_F_GETFL(r1, 0x3, r4) socket(0x2, 0xa, 0xa) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket(0xa, 0x3, 0x5) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd) sendmmsg$auto(r5, &(0x7f0000000000)={{&(0x7f0000000040), 0xc88, 0x0, 0x0, &(0x7f0000000140), 0x8, 0x80000000}, 0x1}, 0x398b, 0x800) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) 1.731321312s ago: executing program 2 (id=383): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20082, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) (async, rerun: 64) ioctl$auto(0x3, 0xae41, r1) (rerun: 64) ioctl$auto_KVM_CREATE_VM(r0, 0x4080aea2, 0x0) 1.33984485s ago: executing program 0 (id=384): openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001180)='/dev/input/mice\x00', 0x1a1382, 0x0) sendmsg$auto_NETDEV_CMD_NAPI_GET(0xffffffffffffffff, 0x0, 0x0) openat$auto_rfcomm_dlc_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x2682, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x80011, 0x0) write$auto_seq_oss_f_ops_seq_oss(r0, &(0x7f0000000840)="faa203ba390b5364b0c45f1ccb02cf457a69d8d1", 0x14) r1 = socket$nl_generic(0x10, 0x3, 0x10) mlockall$auto(0x7) mmap$auto(0x0, 0x1000, 0xdf, 0x9b72, r1, 0x8) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtd0ro\x00', 0x59b002, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) userfaultfd$auto(0x1) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socket(0xa, 0x801, 0x84) socket(0xa, 0x3, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1, 0x1, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x2, 0x801, 0x106) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x2, 0x0) r2 = socket(0xa, 0x2, 0x88) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r2, @new_prog_fd=0x4, 0x4, @old_prog_fd=r2}, 0xa3) bpf$auto(0x4, &(0x7f0000000040)=@query={@target_ifindex, 0x7, 0x6, 0x9, 0x9, @prog_cnt=0x4, 0x0, 0x80000000, 0xc, 0x9, 0xffffffffffffff66}, 0x7) r3 = socket(0x1d, 0x2, 0x6) r4 = getsockopt$auto(r3, 0x6a, 0x1, 0x0, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRESOCT=r4, @ANYBLOB="01002bbd7000fcdbdf250403000004001000"], 0x18}, 0x1, 0x0, 0x0, 0x4000040}, 0x18800) 232.468593ms ago: executing program 0 (id=385): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(r0, 0x2, r1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TCFLSH2(r4, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) ioctl$auto_TCFLSH2(r3, 0x8926, 0x0) sendmsg$auto_NFC_CMD_ENABLE_SE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x40081) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x48041, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x5}, 0xa) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000e00), 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0xa, 0x2, 0x3a) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r7, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000001c0)={0x3c, r8, 0x1, 0x50bd25, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [@nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}]}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x200000000006}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xaa24}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x8880) sendmsg$auto_NL80211_CMD_TDLS_OPER(r2, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000000040)={0x110, r6, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xfb, 0xe8, "6bf4a33b24041e8036da3dfb5a0adc4d76f872457dce0f23632a73568622b0844595e40674df68bfc8cb13920c764430688d2b721638762184e8518b274258683265a98f8c4dce8d0affbca7157b9b9fc5882202df038c4207b888c7eedffbe7397d67aad03c58ad479109c07f316080cd98864a54d0d8f220af07dba78f6277346612ae78723704e775ec212a9420ec1a9212909f911fa0b33a22a8305b2137e6385a1deb832cd01b0404f3aa7264ce77af9fb9f343c9b4606f9dad17501eea4c3b4651c60f2c087b3b61b3a351345c19e9596346fb02ba6d439f8ab38e0aa5ba6f7d1555b2421662ce24980ecb22b9aa66b8e92157f9"}]}, 0x110}, 0x1, 0x0, 0x0, 0x40008c5}, 0x40000c4) 0s ago: executing program 3 (id=386): openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/031/001\x00', 0xa901, 0x0) ioctl$auto(r0, 0x5522, 0xf15) ioctl$auto(r0, 0x5523, r0) mmap$auto(0xfffffffffffffff2, 0xa, 0xdb, 0x200009b72, 0x5, 0x8000) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0x0, 0x0) setsockopt$auto(0xffffffffffffffff, 0x1, 0x21, 0x0, 0x9) prctl$auto(0x8000, 0xb50, 0x0, 0x6, 0x20000000000000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) prctl$auto(0x41555856, 0x6, 0x0, 0x0, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0x40047452, &(0x7f0000000080)=0x4) getgroups$auto(0x0, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffff7ffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x2, 0x5, 0x15) madvise$auto(0x0, 0xffffffffffff0001, 0x15) rseq$auto(0x0, 0x8004, 0x0, 0x6) madvise$auto(0x0, 0xffffffffffff0005, 0x19) iopl$auto(0x3) madvise$auto(0x0, 0x8000000000000003, 0xa) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x23, 0x2, 0x10002fe) socket(0x10, 0x2, 0x80000000) ioperm$auto(0x8, 0x5, 0x8) r3 = open(&(0x7f0000000000)='./cgroup/file0\x00', 0x48000, 0xb5d1af1605322c3a) open_by_handle_at$auto(r3, &(0x7f0000000040)={0x8, 0x2, "0200000000000000"}, 0x2) sendfile$auto(r2, r2, 0x0, 0x2) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.111' (ED25519) to the list of known hosts. syzkaller login: [ 67.161366][ T5828] cgroup: Unknown subsys name 'net' [ 67.281136][ T5828] cgroup: Unknown subsys name 'cpuset' [ 67.292151][ T5828] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 68.709305][ T5828] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 70.786397][ T5843] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 70.801881][ T5851] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 70.812532][ T5851] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 70.824172][ T5854] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 70.848354][ T5854] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 70.851379][ T5850] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 70.867719][ T5854] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 70.877019][ T5854] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 70.892372][ T5853] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 70.901231][ T5854] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 70.902148][ T5855] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 70.910581][ T5854] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 70.919763][ T5853] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 70.925452][ T5854] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 70.931064][ T5853] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 70.938673][ T5854] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 70.946386][ T5853] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 70.951779][ T5855] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 70.960254][ T5853] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 70.967871][ T5854] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 70.976976][ T5853] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 70.991527][ T5854] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 70.994157][ T5853] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 71.007095][ T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 71.441199][ T5839] chnl_net:caif_netlink_parms(): no params data found [ 71.486131][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 71.525250][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 71.584450][ T5840] chnl_net:caif_netlink_parms(): no params data found [ 71.674610][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.683217][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.691283][ T5839] bridge_slave_0: entered allmulticast mode [ 71.698829][ T5839] bridge_slave_0: entered promiscuous mode [ 71.739238][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.746991][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.755493][ T5839] bridge_slave_1: entered allmulticast mode [ 71.762736][ T5839] bridge_slave_1: entered promiscuous mode [ 71.771335][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.779611][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.789031][ T5837] bridge_slave_0: entered allmulticast mode [ 71.795808][ T5837] bridge_slave_0: entered promiscuous mode [ 71.810420][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.817600][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.829369][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.836531][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.844378][ T5838] bridge_slave_0: entered allmulticast mode [ 71.851539][ T5838] bridge_slave_0: entered promiscuous mode [ 71.859707][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.867478][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.875093][ T5838] bridge_slave_1: entered allmulticast mode [ 71.882727][ T5838] bridge_slave_1: entered promiscuous mode [ 71.906348][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.914777][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.923217][ T5837] bridge_slave_1: entered allmulticast mode [ 71.930544][ T5837] bridge_slave_1: entered promiscuous mode [ 71.956685][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.969986][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.025610][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.033934][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.042106][ T5840] bridge_slave_0: entered allmulticast mode [ 72.051077][ T5840] bridge_slave_0: entered promiscuous mode [ 72.062589][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.088747][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.100391][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.110458][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.120289][ T5840] bridge_slave_1: entered allmulticast mode [ 72.128769][ T5840] bridge_slave_1: entered promiscuous mode [ 72.141830][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.166104][ T5839] team0: Port device team_slave_0 added [ 72.175616][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.222033][ T5838] team0: Port device team_slave_0 added [ 72.236723][ T5839] team0: Port device team_slave_1 added [ 72.246352][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.264284][ T5838] team0: Port device team_slave_1 added [ 72.283633][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.299439][ T5837] team0: Port device team_slave_0 added [ 72.334488][ T5837] team0: Port device team_slave_1 added [ 72.352639][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.361179][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.393701][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.409788][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.422983][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.460229][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.497207][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.505772][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.535922][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.549282][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.556793][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.584895][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.624119][ T5840] team0: Port device team_slave_0 added [ 72.640883][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.648795][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.677005][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.698655][ T5840] team0: Port device team_slave_1 added [ 72.705354][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.714223][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.741924][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.806611][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.817362][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.847457][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.892169][ T5839] hsr_slave_0: entered promiscuous mode [ 72.899693][ T5839] hsr_slave_1: entered promiscuous mode [ 72.907017][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.914929][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.943069][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.961168][ T5837] hsr_slave_0: entered promiscuous mode [ 72.970432][ T5837] hsr_slave_1: entered promiscuous mode [ 72.980612][ T5837] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.990720][ T5837] Cannot create hsr debugfs directory [ 73.000635][ T5838] hsr_slave_0: entered promiscuous mode [ 73.009273][ T5838] hsr_slave_1: entered promiscuous mode [ 73.016847][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 73.025984][ T5838] Cannot create hsr debugfs directory [ 73.078772][ T5843] Bluetooth: hci1: command tx timeout [ 73.078773][ T53] Bluetooth: hci0: command tx timeout [ 73.079206][ T53] Bluetooth: hci2: command tx timeout [ 73.097716][ T5853] Bluetooth: hci3: command tx timeout [ 73.164169][ T5840] hsr_slave_0: entered promiscuous mode [ 73.172251][ T5840] hsr_slave_1: entered promiscuous mode [ 73.179412][ T5840] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 73.187373][ T5840] Cannot create hsr debugfs directory [ 73.433931][ T5838] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 73.446990][ T5838] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 73.460795][ T5838] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 73.484093][ T5838] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 73.533072][ T5839] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 73.544067][ T5839] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 73.558027][ T5839] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 73.570819][ T5839] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 73.636214][ T5837] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 73.668369][ T5837] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 73.683726][ T5837] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 73.721045][ T5837] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 73.790204][ T5840] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 73.820311][ T5840] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 73.840553][ T5840] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 73.859353][ T5840] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 73.894128][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.931788][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.956010][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.985743][ T67] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.995144][ T67] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.045250][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.052836][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.089700][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.108598][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.144524][ T67] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.152602][ T67] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.176032][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.184209][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.200910][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.230456][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.256770][ T3578] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.264600][ T3578] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.283873][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.309827][ T3578] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.317793][ T3578] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.368256][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.375854][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.402252][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.410298][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.540731][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.656174][ T5838] veth0_vlan: entered promiscuous mode [ 74.701696][ T5838] veth1_vlan: entered promiscuous mode [ 74.753944][ T5838] veth0_macvtap: entered promiscuous mode [ 74.783916][ T5838] veth1_macvtap: entered promiscuous mode [ 74.822750][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.883811][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.926130][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.955073][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.964488][ T5838] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.980463][ T5838] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.991052][ T5838] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.001736][ T5838] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.016597][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.062561][ T5839] veth0_vlan: entered promiscuous mode [ 75.136642][ T5839] veth1_vlan: entered promiscuous mode [ 75.152489][ T5840] veth0_vlan: entered promiscuous mode [ 75.159373][ T5853] Bluetooth: hci2: command tx timeout [ 75.168947][ T5853] Bluetooth: hci3: command tx timeout [ 75.168976][ T5148] Bluetooth: hci0: command tx timeout [ 75.188277][ T53] Bluetooth: hci1: command tx timeout [ 75.196568][ T5837] veth0_vlan: entered promiscuous mode [ 75.232656][ T5837] veth1_vlan: entered promiscuous mode [ 75.240935][ T5840] veth1_vlan: entered promiscuous mode [ 75.266658][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.282281][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.325975][ T5839] veth0_macvtap: entered promiscuous mode [ 75.345306][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.355024][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.366216][ T5839] veth1_macvtap: entered promiscuous mode [ 75.391272][ T5837] veth0_macvtap: entered promiscuous mode [ 75.406795][ T5837] veth1_macvtap: entered promiscuous mode [ 75.424202][ T5840] veth0_macvtap: entered promiscuous mode [ 75.442398][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.459797][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.475384][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.496901][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.508621][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.519525][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.533203][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.545172][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.570005][ T5840] veth1_macvtap: entered promiscuous mode [ 75.594415][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.596255][ T5838] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 75.611720][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.636282][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.646251][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.659092][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.670506][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.682065][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.694762][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.710182][ T5837] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.722886][ T5837] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.734385][ T5837] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.743863][ T5837] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.757504][ T5839] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.768394][ T5839] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.778387][ T5839] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.789923][ T5839] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.893549][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.909849][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.915477][ T5906] FAULT_INJECTION: forcing a failure. [ 75.915477][ T5906] name failslab, interval 1, probability 0, space 0, times 1 [ 75.922731][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.936605][ T5906] CPU: 0 UID: 0 PID: 5906 Comm: syz.0.1 Not tainted 6.14.0-rc1-syzkaller #0 [ 75.936640][ T5906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 75.936663][ T5906] Call Trace: [ 75.936670][ T5906] [ 75.936682][ T5906] dump_stack_lvl+0x16c/0x1f0 [ 75.936728][ T5906] should_fail_ex+0x50a/0x650 [ 75.936756][ T5906] ? fs_reclaim_acquire+0xae/0x150 [ 75.936798][ T5906] should_failslab+0xc2/0x120 [ 75.936826][ T5906] __kmalloc_noprof+0xce/0x4f0 [ 75.936853][ T5906] ? __register_sysctl_table+0xeac/0x18c0 [ 75.936888][ T5906] __register_sysctl_table+0xeac/0x18c0 [ 75.936921][ T5906] ? __pfx___register_sysctl_table+0x10/0x10 [ 75.936947][ T5906] ? is_module_address+0x2a/0x50 [ 75.936975][ T5906] ? register_net_sysctl_sz+0x228/0x3e0 [ 75.937012][ T5906] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 75.937043][ T5906] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 75.937071][ T5906] nf_lwtunnel_net_init+0x60/0xf0 [ 75.937100][ T5906] ops_init+0x1df/0x5f0 [ 75.937128][ T5906] setup_net+0x21f/0x860 [ 75.937160][ T5906] ? __pfx_setup_net+0x10/0x10 [ 75.937193][ T5906] ? down_read_killable+0xcc/0x380 [ 75.937219][ T5906] ? __pfx_down_read_killable+0x10/0x10 [ 75.937248][ T5906] ? debug_mutex_init+0x37/0x70 [ 75.937291][ T5906] copy_net_ns+0x2b4/0x6c0 [ 75.937321][ T5906] create_new_namespaces+0x3ea/0xad0 [ 75.937362][ T5906] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 75.937396][ T5906] ksys_unshare+0x45d/0xa40 [ 75.937430][ T5906] ? __pfx_ksys_unshare+0x10/0x10 [ 75.937460][ T5906] ? xfd_validate_state+0x5d/0x180 [ 75.937502][ T5906] __x64_sys_unshare+0x31/0x40 [ 75.937535][ T5906] do_syscall_64+0xcd/0x250 [ 75.937560][ T5906] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.937592][ T5906] RIP: 0033:0x7fa2fbf8cda9 [ 75.937610][ T5906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.937632][ T5906] RSP: 002b:00007fa2fce7d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 75.937653][ T5906] RAX: ffffffffffffffda RBX: 00007fa2fc1a5fa0 RCX: 00007fa2fbf8cda9 [ 75.937669][ T5906] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 75.937682][ T5906] RBP: 00007fa2fc00e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 75.937695][ T5906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.937708][ T5906] R13: 0000000000000000 R14: 00007fa2fc1a5fa0 R15: 00007ffcba7fd438 [ 75.937739][ T5906] [ 75.937798][ T5906] sysctl could not get directory: [ 75.999717][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.002795][ T5906] / [ 76.013808][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.014416][ T5906] net -12 [ 76.021093][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.272242][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.298658][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.313496][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.325244][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.336619][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.347462][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.359139][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.371835][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.409974][ T5840] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.429846][ T5840] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.444247][ T5840] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.458041][ T5840] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.557453][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.617408][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.651088][ T2977] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.686335][ T2977] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.830813][ T3578] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.867406][ T3578] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.036729][ T3578] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.070389][ T3578] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.111588][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.127611][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.171188][ T3578] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.205139][ T3578] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.237394][ T53] Bluetooth: hci1: command tx timeout [ 77.237640][ T5148] Bluetooth: hci3: command tx timeout [ 77.243019][ T5843] Bluetooth: hci0: command tx timeout [ 77.254814][ T5853] Bluetooth: hci2: command tx timeout [ 78.400270][ T5937] FAULT_INJECTION: forcing a failure. [ 78.400270][ T5937] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 78.739546][ T5937] CPU: 1 UID: 0 PID: 5937 Comm: syz.0.7 Not tainted 6.14.0-rc1-syzkaller #0 [ 78.739583][ T5937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 78.739598][ T5937] Call Trace: [ 78.739605][ T5937] [ 78.739615][ T5937] dump_stack_lvl+0x16c/0x1f0 [ 78.739659][ T5937] should_fail_ex+0x50a/0x650 [ 78.739688][ T5937] ? __pfx___might_resched+0x10/0x10 [ 78.739726][ T5937] should_fail_alloc_page+0xe7/0x130 [ 78.739759][ T5937] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 78.739798][ T5937] ? stack_depot_save_flags+0x36d/0x9e0 [ 78.739832][ T5937] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 78.739863][ T5937] ? mark_held_locks+0x9f/0xe0 [ 78.739894][ T5937] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 78.739925][ T5937] ? lockdep_hardirqs_on+0x7c/0x110 [ 78.739960][ T5937] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 78.739993][ T5937] ? stack_depot_save_flags+0x36d/0x9e0 [ 78.740025][ T5937] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 78.740057][ T5937] ? kasan_save_stack+0x42/0x60 [ 78.740082][ T5937] ? kasan_save_stack+0x33/0x60 [ 78.740106][ T5937] ? kasan_save_track+0x14/0x30 [ 78.740130][ T5937] ? __kasan_kmalloc+0xaa/0xb0 [ 78.740161][ T5937] ? mon_bin_open+0x1a8/0x4a0 [ 78.740187][ T5937] ? chrdev_open+0x237/0x6a0 [ 78.740219][ T5937] ? __x64_sys_openat+0x175/0x210 [ 78.740251][ T5937] ? do_syscall_64+0xcd/0x250 [ 78.740273][ T5937] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.740314][ T5937] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 78.740349][ T5937] ? policy_nodemask+0xea/0x4e0 [ 78.740382][ T5937] alloc_pages_mpol+0x1fc/0x540 [ 78.740414][ T5937] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 78.740454][ T5937] alloc_pages_noprof+0x131/0x390 [ 78.740485][ T5937] get_zeroed_page_noprof+0x14/0x50 [ 78.740519][ T5937] mon_alloc_buff+0xc0/0x190 [ 78.740542][ T5937] ? kasan_save_track+0x14/0x30 [ 78.740572][ T5937] mon_bin_open+0x207/0x4a0 [ 78.740597][ T5937] ? __pfx_mon_bin_open+0x10/0x10 [ 78.740621][ T5937] chrdev_open+0x237/0x6a0 [ 78.740649][ T5937] ? __pfx_chrdev_open+0x10/0x10 [ 78.740680][ T5937] ? file_set_fsnotify_mode+0x163/0x5d0 [ 78.740721][ T5937] do_dentry_open+0x735/0x1c40 [ 78.740747][ T5937] ? __pfx_chrdev_open+0x10/0x10 [ 78.740776][ T5937] ? inode_permission+0xdd/0x5f0 [ 78.740812][ T5937] vfs_open+0x82/0x3f0 [ 78.740840][ T5937] ? may_open+0x1f2/0x400 [ 78.740876][ T5937] path_openat+0x1e88/0x2d80 [ 78.740911][ T5937] ? __pfx_path_openat+0x10/0x10 [ 78.740934][ T5937] ? __pfx___lock_acquire+0x10/0x10 [ 78.740962][ T5937] ? lock_acquire.part.0+0x11b/0x380 [ 78.740993][ T5937] ? find_held_lock+0x2d/0x110 [ 78.741036][ T5937] do_filp_open+0x20c/0x470 [ 78.741065][ T5937] ? __pfx_do_filp_open+0x10/0x10 [ 78.741090][ T5937] ? find_held_lock+0x2d/0x110 [ 78.741160][ T5937] ? alloc_fd+0x41f/0x760 [ 78.741197][ T5937] do_sys_openat2+0x17a/0x1e0 [ 78.741230][ T5937] ? __pfx_do_sys_openat2+0x10/0x10 [ 78.741278][ T5937] __x64_sys_openat+0x175/0x210 [ 78.741312][ T5937] ? __pfx___x64_sys_openat+0x10/0x10 [ 78.741348][ T5937] ? syscall_user_dispatch+0x77/0x140 [ 78.741391][ T5937] do_syscall_64+0xcd/0x250 [ 78.741416][ T5937] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.741449][ T5937] RIP: 0033:0x7fa2fbf8cda9 [ 78.741470][ T5937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.741493][ T5937] RSP: 002b:00007fa2fce5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 78.741516][ T5937] RAX: ffffffffffffffda RBX: 00007fa2fc1a6080 RCX: 00007fa2fbf8cda9 [ 78.741533][ T5937] RDX: 0000000000000640 RSI: 00000000200000c0 RDI: ffffffffffffff9c [ 78.741549][ T5937] RBP: 00007fa2fc00e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 78.741564][ T5937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 78.741578][ T5937] R13: 0000000000000000 R14: 00007fa2fc1a6080 R15: 00007ffcba7fd438 [ 78.741613][ T5937] [ 79.202119][ T5935] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 79.319402][ T5853] Bluetooth: hci2: command tx timeout [ 79.325704][ T53] Bluetooth: hci1: command tx timeout [ 79.331491][ T5843] Bluetooth: hci0: command tx timeout [ 79.331503][ T5148] Bluetooth: hci3: command tx timeout [ 79.889636][ T5952] Zero length message leads to an empty skb [ 81.156605][ T5956] program syz.1.11 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 85.014939][ T91] cfg80211: failed to load regulatory.db [ 85.307404][ T6020] capability: warning: `syz.1.23' uses 32-bit capabilities (legacy support in use) [ 89.363892][ T6061] netlink: 28 bytes leftover after parsing attributes in process `syz.1.31'. [ 89.535203][ T6064] netlink: 36 bytes leftover after parsing attributes in process `syz.2.33'. [ 90.054410][ T6079] FAULT_INJECTION: forcing a failure. [ 90.054410][ T6079] name failslab, interval 1, probability 0, space 0, times 0 [ 90.084760][ T6079] CPU: 0 UID: 0 PID: 6079 Comm: syz.2.37 Not tainted 6.14.0-rc1-syzkaller #0 [ 90.084802][ T6079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 90.084815][ T6079] Call Trace: [ 90.084822][ T6079] [ 90.084833][ T6079] dump_stack_lvl+0x16c/0x1f0 [ 90.084874][ T6079] should_fail_ex+0x50a/0x650 [ 90.084902][ T6079] ? fs_reclaim_acquire+0xae/0x150 [ 90.084940][ T6079] should_failslab+0xc2/0x120 [ 90.084968][ T6079] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 90.084994][ T6079] ? lockdep_init_map_type+0x16d/0x7d0 [ 90.085021][ T6079] ? security_inode_alloc+0x3b/0x2b0 [ 90.085050][ T6079] security_inode_alloc+0x3b/0x2b0 [ 90.085075][ T6079] inode_init_always_gfp+0xce4/0x1030 [ 90.085106][ T6079] alloc_inode+0x82/0x230 [ 90.085133][ T6079] sock_alloc+0x40/0x280 [ 90.085160][ T6079] sock_create_lite+0x82/0x120 [ 90.085187][ T6079] __netlink_kernel_create+0xbe/0x750 [ 90.085220][ T6079] ? __pfx___netlink_kernel_create+0x10/0x10 [ 90.085255][ T6079] ? find_held_lock+0x2d/0x110 [ 90.085293][ T6079] ? __pfx_genl_pernet_init+0x10/0x10 [ 90.085328][ T6079] genl_pernet_init+0xbe/0x170 [ 90.085363][ T6079] ? __pfx_genl_pernet_init+0x10/0x10 [ 90.085400][ T6079] ? __pfx_genl_rcv+0x10/0x10 [ 90.085431][ T6079] ? __pfx_genl_bind+0x10/0x10 [ 90.085462][ T6079] ? __pfx_genl_unbind+0x10/0x10 [ 90.085494][ T6079] ? __pfx_genl_release+0x10/0x10 [ 90.085528][ T6079] ? __pfx_netlink_tap_init_net+0x10/0x10 [ 90.085557][ T6079] ? debug_mutex_init+0x37/0x70 [ 90.085596][ T6079] ops_init+0x1df/0x5f0 [ 90.085623][ T6079] setup_net+0x21f/0x860 [ 90.085650][ T6079] ? __pfx_setup_net+0x10/0x10 [ 90.085672][ T6079] ? down_read_killable+0xcc/0x380 [ 90.085697][ T6079] ? __pfx_down_read_killable+0x10/0x10 [ 90.085723][ T6079] ? debug_mutex_init+0x37/0x70 [ 90.085761][ T6079] copy_net_ns+0x2b4/0x6c0 [ 90.085804][ T6079] create_new_namespaces+0x3ea/0xad0 [ 90.085848][ T6079] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 90.085884][ T6079] ksys_unshare+0x45d/0xa40 [ 90.085916][ T6079] ? __pfx_ksys_unshare+0x10/0x10 [ 90.085941][ T6079] ? xfd_validate_state+0x5d/0x180 [ 90.085981][ T6079] __x64_sys_unshare+0x31/0x40 [ 90.086014][ T6079] do_syscall_64+0xcd/0x250 [ 90.086039][ T6079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.086070][ T6079] RIP: 0033:0x7f29df58cda9 [ 90.086088][ T6079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 90.086110][ T6079] RSP: 002b:00007f29e0306038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 90.086132][ T6079] RAX: ffffffffffffffda RBX: 00007f29df7a5fa0 RCX: 00007f29df58cda9 [ 90.086147][ T6079] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 90.086159][ T6079] RBP: 00007f29df60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 90.086172][ T6079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 90.086185][ T6079] R13: 0000000000000000 R14: 00007f29df7a5fa0 R15: 00007ffed82d60e8 [ 90.086215][ T6079] [ 93.888098][ T6117] netlink: 28 bytes leftover after parsing attributes in process `syz.3.45'. [ 94.130282][ T6132] netlink: 36 bytes leftover after parsing attributes in process `syz.1.48'. [ 94.398131][ T6139] FAULT_INJECTION: forcing a failure. [ 94.398131][ T6139] name failslab, interval 1, probability 0, space 0, times 0 [ 94.417465][ T6139] CPU: 0 UID: 0 PID: 6139 Comm: syz.3.49 Not tainted 6.14.0-rc1-syzkaller #0 [ 94.417502][ T6139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 94.417516][ T6139] Call Trace: [ 94.417525][ T6139] [ 94.417536][ T6139] dump_stack_lvl+0x16c/0x1f0 [ 94.417580][ T6139] should_fail_ex+0x50a/0x650 [ 94.417644][ T6139] ? fs_reclaim_acquire+0xae/0x150 [ 94.417686][ T6139] should_failslab+0xc2/0x120 [ 94.417718][ T6139] __kmalloc_noprof+0xce/0x4f0 [ 94.417748][ T6139] ? ops_init+0x77/0x5f0 [ 94.417780][ T6139] ops_init+0x77/0x5f0 [ 94.417809][ T6139] setup_net+0x21f/0x860 [ 94.417838][ T6139] ? __pfx_setup_net+0x10/0x10 [ 94.417863][ T6139] ? down_read_killable+0xcc/0x380 [ 94.417890][ T6139] ? __pfx_down_read_killable+0x10/0x10 [ 94.417918][ T6139] ? debug_mutex_init+0x37/0x70 [ 94.417958][ T6139] copy_net_ns+0x2b4/0x6c0 [ 94.417991][ T6139] create_new_namespaces+0x3ea/0xad0 [ 94.418032][ T6139] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 94.418068][ T6139] ksys_unshare+0x45d/0xa40 [ 94.418105][ T6139] ? __pfx_ksys_unshare+0x10/0x10 [ 94.418138][ T6139] ? xfd_validate_state+0x5d/0x180 [ 94.418181][ T6139] __x64_sys_unshare+0x31/0x40 [ 94.418215][ T6139] do_syscall_64+0xcd/0x250 [ 94.418241][ T6139] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.418273][ T6139] RIP: 0033:0x7f0806d8cda9 [ 94.418292][ T6139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 94.418314][ T6139] RSP: 002b:00007f0807c95038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 94.418336][ T6139] RAX: ffffffffffffffda RBX: 00007f0806fa5fa0 RCX: 00007f0806d8cda9 [ 94.418359][ T6139] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 94.418374][ T6139] RBP: 00007f0806e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 94.418395][ T6139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 94.418409][ T6139] R13: 0000000000000000 R14: 00007f0806fa5fa0 R15: 00007ffffb7b9758 [ 94.418442][ T6139] [ 98.793186][ T6186] netlink: 36 bytes leftover after parsing attributes in process `syz.3.59'. [ 98.973029][ T6190] netlink: 28 bytes leftover after parsing attributes in process `syz.2.61'. [ 99.590862][ T6199] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 99.601536][ T6199] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 103.720413][ T6252] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 103.765038][ T6252] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 107.030572][ T6307] program syz.0.87 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 108.246114][ T6326] program syz.2.98 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 108.655516][ T6341] FAULT_INJECTION: forcing a failure. [ 108.655516][ T6341] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 108.815820][ T6341] CPU: 1 UID: 0 PID: 6341 Comm: syz.1.101 Not tainted 6.14.0-rc1-syzkaller #0 [ 108.815865][ T6341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 108.815879][ T6341] Call Trace: [ 108.815886][ T6341] [ 108.815896][ T6341] dump_stack_lvl+0x16c/0x1f0 [ 108.815941][ T6341] should_fail_ex+0x50a/0x650 [ 108.815970][ T6341] ? __pfx___might_resched+0x10/0x10 [ 108.816009][ T6341] should_fail_alloc_page+0xe7/0x130 [ 108.816041][ T6341] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 108.816083][ T6341] ? arch_stack_walk+0xa7/0x100 [ 108.816123][ T6341] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 108.816161][ T6341] ? stack_trace_save+0x95/0xd0 [ 108.816184][ T6341] ? __pfx_stack_trace_save+0x10/0x10 [ 108.816207][ T6341] ? stack_depot_save_flags+0x28/0x9e0 [ 108.816238][ T6341] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 108.816276][ T6341] ? kasan_save_stack+0x42/0x60 [ 108.816300][ T6341] ? kasan_save_stack+0x33/0x60 [ 108.816324][ T6341] ? kasan_save_track+0x14/0x30 [ 108.816349][ T6341] ? __kasan_kmalloc+0xaa/0xb0 [ 108.816371][ T6341] ? mon_bin_open+0x1a8/0x4a0 [ 108.816394][ T6341] ? chrdev_open+0x237/0x6a0 [ 108.816424][ T6341] ? __x64_sys_openat+0x175/0x210 [ 108.816454][ T6341] ? do_syscall_64+0xcd/0x250 [ 108.816476][ T6341] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.816519][ T6341] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 108.816552][ T6341] ? policy_nodemask+0xea/0x4e0 [ 108.816585][ T6341] alloc_pages_mpol+0x1fc/0x540 [ 108.816613][ T6341] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 108.816654][ T6341] alloc_pages_noprof+0x131/0x390 [ 108.816685][ T6341] get_zeroed_page_noprof+0x14/0x50 [ 108.816719][ T6341] mon_alloc_buff+0xc0/0x190 [ 108.816742][ T6341] ? kasan_save_track+0x14/0x30 [ 108.816771][ T6341] mon_bin_open+0x207/0x4a0 [ 108.816804][ T6341] ? __pfx_mon_bin_open+0x10/0x10 [ 108.816848][ T6341] chrdev_open+0x237/0x6a0 [ 108.816876][ T6341] ? __pfx_apparmor_file_open+0x10/0x10 [ 108.816905][ T6341] ? __pfx_chrdev_open+0x10/0x10 [ 108.816937][ T6341] ? file_set_fsnotify_mode+0x163/0x5d0 [ 108.816979][ T6341] do_dentry_open+0x735/0x1c40 [ 108.817005][ T6341] ? __pfx_chrdev_open+0x10/0x10 [ 108.817034][ T6341] ? inode_permission+0xdd/0x5f0 [ 108.817070][ T6341] vfs_open+0x82/0x3f0 [ 108.817098][ T6341] ? may_open+0x1f2/0x400 [ 108.817212][ T6341] path_openat+0x1e88/0x2d80 [ 108.817255][ T6341] ? __pfx_path_openat+0x10/0x10 [ 108.817282][ T6341] ? __pfx___lock_acquire+0x10/0x10 [ 108.817311][ T6341] ? lock_acquire.part.0+0x11b/0x380 [ 108.817342][ T6341] ? find_held_lock+0x2d/0x110 [ 108.817384][ T6341] do_filp_open+0x20c/0x470 [ 108.817412][ T6341] ? __pfx_do_filp_open+0x10/0x10 [ 108.817437][ T6341] ? find_held_lock+0x2d/0x110 [ 108.817498][ T6341] ? alloc_fd+0x41f/0x760 [ 108.817534][ T6341] do_sys_openat2+0x17a/0x1e0 [ 108.817566][ T6341] ? __pfx_do_sys_openat2+0x10/0x10 [ 108.817612][ T6341] __x64_sys_openat+0x175/0x210 [ 108.817645][ T6341] ? __pfx___x64_sys_openat+0x10/0x10 [ 108.817681][ T6341] ? syscall_user_dispatch+0x77/0x140 [ 108.817725][ T6341] do_syscall_64+0xcd/0x250 [ 108.817753][ T6341] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.817787][ T6341] RIP: 0033:0x7f39e2f8cda9 [ 108.817807][ T6341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 108.817830][ T6341] RSP: 002b:00007f39e3e4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 108.817853][ T6341] RAX: ffffffffffffffda RBX: 00007f39e31a6080 RCX: 00007f39e2f8cda9 [ 108.817869][ T6341] RDX: 0000000000000640 RSI: 00000000200000c0 RDI: ffffffffffffff9c [ 108.817884][ T6341] RBP: 00007f39e300e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 108.817900][ T6341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 108.817925][ T6341] R13: 0000000000000000 R14: 00007f39e31a6080 R15: 00007ffc9680a708 [ 108.817960][ T6341] [ 110.147014][ T6352] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 110.198928][ T6352] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 112.964642][ T6402] FAULT_INJECTION: forcing a failure. [ 112.964642][ T6402] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 113.114773][ T6402] CPU: 1 UID: 0 PID: 6402 Comm: syz.3.106 Not tainted 6.14.0-rc1-syzkaller #0 [ 113.114815][ T6402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 113.114829][ T6402] Call Trace: [ 113.114837][ T6402] [ 113.114847][ T6402] dump_stack_lvl+0x16c/0x1f0 [ 113.114893][ T6402] should_fail_ex+0x50a/0x650 [ 113.114921][ T6402] ? __pfx___might_resched+0x10/0x10 [ 113.114960][ T6402] should_fail_alloc_page+0xe7/0x130 [ 113.114994][ T6402] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 113.115032][ T6402] ? arch_stack_walk+0xa7/0x100 [ 113.115072][ T6402] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 113.115109][ T6402] ? stack_trace_save+0x95/0xd0 [ 113.115133][ T6402] ? __pfx_stack_trace_save+0x10/0x10 [ 113.115156][ T6402] ? stack_depot_save_flags+0x28/0x9e0 [ 113.115188][ T6402] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 113.115221][ T6402] ? kasan_save_stack+0x42/0x60 [ 113.115246][ T6402] ? kasan_save_stack+0x33/0x60 [ 113.115270][ T6402] ? kasan_save_track+0x14/0x30 [ 113.115294][ T6402] ? __kasan_kmalloc+0xaa/0xb0 [ 113.115317][ T6402] ? mon_bin_open+0x1a8/0x4a0 [ 113.115341][ T6402] ? chrdev_open+0x237/0x6a0 [ 113.115371][ T6402] ? __x64_sys_openat+0x175/0x210 [ 113.115401][ T6402] ? do_syscall_64+0xcd/0x250 [ 113.115422][ T6402] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.115462][ T6402] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 113.115496][ T6402] ? policy_nodemask+0xea/0x4e0 [ 113.115529][ T6402] alloc_pages_mpol+0x1fc/0x540 [ 113.115561][ T6402] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 113.115602][ T6402] alloc_pages_noprof+0x131/0x390 [ 113.115633][ T6402] get_zeroed_page_noprof+0x14/0x50 [ 113.115683][ T6402] mon_alloc_buff+0xc0/0x190 [ 113.115719][ T6402] ? kasan_save_track+0x14/0x30 [ 113.115750][ T6402] mon_bin_open+0x207/0x4a0 [ 113.115776][ T6402] ? __pfx_mon_bin_open+0x10/0x10 [ 113.115801][ T6402] chrdev_open+0x237/0x6a0 [ 113.115830][ T6402] ? __pfx_apparmor_file_open+0x10/0x10 [ 113.115856][ T6402] ? __pfx_chrdev_open+0x10/0x10 [ 113.115887][ T6402] ? file_set_fsnotify_mode+0x163/0x5d0 [ 113.115927][ T6402] do_dentry_open+0x735/0x1c40 [ 113.115954][ T6402] ? __pfx_chrdev_open+0x10/0x10 [ 113.115983][ T6402] ? inode_permission+0xdd/0x5f0 [ 113.116019][ T6402] vfs_open+0x82/0x3f0 [ 113.116053][ T6402] ? may_open+0x1f2/0x400 [ 113.116089][ T6402] path_openat+0x1e88/0x2d80 [ 113.116141][ T6402] ? __pfx_path_openat+0x10/0x10 [ 113.116168][ T6402] ? __pfx___lock_acquire+0x10/0x10 [ 113.116195][ T6402] ? lock_acquire.part.0+0x11b/0x380 [ 113.116223][ T6402] ? find_held_lock+0x2d/0x110 [ 113.116275][ T6402] do_filp_open+0x20c/0x470 [ 113.116303][ T6402] ? __pfx_do_filp_open+0x10/0x10 [ 113.116332][ T6402] ? find_held_lock+0x2d/0x110 [ 113.116395][ T6402] ? alloc_fd+0x41f/0x760 [ 113.116437][ T6402] do_sys_openat2+0x17a/0x1e0 [ 113.116467][ T6402] ? __pfx_do_sys_openat2+0x10/0x10 [ 113.116513][ T6402] __x64_sys_openat+0x175/0x210 [ 113.116552][ T6402] ? __pfx___x64_sys_openat+0x10/0x10 [ 113.116592][ T6402] ? syscall_user_dispatch+0x77/0x140 [ 113.116636][ T6402] do_syscall_64+0xcd/0x250 [ 113.116663][ T6402] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.116704][ T6402] RIP: 0033:0x7f0806d8cda9 [ 113.116725][ T6402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 113.116759][ T6402] RSP: 002b:00007f0807c74038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 113.116782][ T6402] RAX: ffffffffffffffda RBX: 00007f0806fa6080 RCX: 00007f0806d8cda9 [ 113.116799][ T6402] RDX: 0000000000000640 RSI: 00000000200000c0 RDI: ffffffffffffff9c [ 113.116814][ T6402] RBP: 00007f0806e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 113.116829][ T6402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 113.116844][ T6402] R13: 0000000000000000 R14: 00007f0806fa6080 R15: 00007ffffb7b9758 [ 113.116882][ T6402] [ 117.128402][ T6444] cougar: G6 mapped to space [ 118.158301][ T6464] FAULT_INJECTION: forcing a failure. [ 118.158301][ T6464] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 118.246007][ T6464] CPU: 1 UID: 0 PID: 6464 Comm: syz.2.120 Not tainted 6.14.0-rc1-syzkaller #0 [ 118.246039][ T6464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 118.246054][ T6464] Call Trace: [ 118.246061][ T6464] [ 118.246071][ T6464] dump_stack_lvl+0x16c/0x1f0 [ 118.246115][ T6464] should_fail_ex+0x50a/0x650 [ 118.246145][ T6464] ? __pfx___might_resched+0x10/0x10 [ 118.246182][ T6464] should_fail_alloc_page+0xe7/0x130 [ 118.246216][ T6464] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 118.246257][ T6464] ? arch_stack_walk+0xa7/0x100 [ 118.246303][ T6464] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 118.246344][ T6464] ? stack_trace_save+0x95/0xd0 [ 118.246367][ T6464] ? __pfx_stack_trace_save+0x10/0x10 [ 118.246391][ T6464] ? stack_depot_save_flags+0x28/0x9e0 [ 118.246423][ T6464] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 118.246457][ T6464] ? kasan_save_stack+0x42/0x60 [ 118.246481][ T6464] ? kasan_save_stack+0x33/0x60 [ 118.246506][ T6464] ? kasan_save_track+0x14/0x30 [ 118.246530][ T6464] ? __kasan_kmalloc+0xaa/0xb0 [ 118.246558][ T6464] ? mon_bin_open+0x1a8/0x4a0 [ 118.246581][ T6464] ? chrdev_open+0x237/0x6a0 [ 118.246612][ T6464] ? __x64_sys_openat+0x175/0x210 [ 118.246642][ T6464] ? do_syscall_64+0xcd/0x250 [ 118.246664][ T6464] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.246705][ T6464] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 118.246739][ T6464] ? policy_nodemask+0xea/0x4e0 [ 118.246773][ T6464] alloc_pages_mpol+0x1fc/0x540 [ 118.246805][ T6464] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 118.246847][ T6464] alloc_pages_noprof+0x131/0x390 [ 118.246879][ T6464] get_zeroed_page_noprof+0x14/0x50 [ 118.246913][ T6464] mon_alloc_buff+0xc0/0x190 [ 118.246936][ T6464] ? kasan_save_track+0x14/0x30 [ 118.246966][ T6464] mon_bin_open+0x207/0x4a0 [ 118.246999][ T6464] ? __pfx_mon_bin_open+0x10/0x10 [ 118.247024][ T6464] chrdev_open+0x237/0x6a0 [ 118.247052][ T6464] ? __pfx_apparmor_file_open+0x10/0x10 [ 118.247079][ T6464] ? __pfx_chrdev_open+0x10/0x10 [ 118.247110][ T6464] ? file_set_fsnotify_mode+0x163/0x5d0 [ 118.247145][ T6464] do_dentry_open+0x735/0x1c40 [ 118.247169][ T6464] ? __pfx_chrdev_open+0x10/0x10 [ 118.247194][ T6464] ? inode_permission+0xdd/0x5f0 [ 118.247228][ T6464] vfs_open+0x82/0x3f0 [ 118.247256][ T6464] ? may_open+0x1f2/0x400 [ 118.247292][ T6464] path_openat+0x1e88/0x2d80 [ 118.247333][ T6464] ? __pfx_path_openat+0x10/0x10 [ 118.247359][ T6464] ? __pfx___lock_acquire+0x10/0x10 [ 118.247386][ T6464] ? lock_acquire.part.0+0x11b/0x380 [ 118.247426][ T6464] ? find_held_lock+0x2d/0x110 [ 118.247465][ T6464] do_filp_open+0x20c/0x470 [ 118.247492][ T6464] ? __pfx_do_filp_open+0x10/0x10 [ 118.247515][ T6464] ? find_held_lock+0x2d/0x110 [ 118.247573][ T6464] ? alloc_fd+0x41f/0x760 [ 118.247607][ T6464] do_sys_openat2+0x17a/0x1e0 [ 118.247638][ T6464] ? __pfx_do_sys_openat2+0x10/0x10 [ 118.247683][ T6464] __x64_sys_openat+0x175/0x210 [ 118.247715][ T6464] ? __pfx___x64_sys_openat+0x10/0x10 [ 118.247748][ T6464] ? syscall_user_dispatch+0x77/0x140 [ 118.247791][ T6464] do_syscall_64+0xcd/0x250 [ 118.247816][ T6464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.247848][ T6464] RIP: 0033:0x7f29df58cda9 [ 118.247867][ T6464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 118.247889][ T6464] RSP: 002b:00007f29dd3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 118.247911][ T6464] RAX: ffffffffffffffda RBX: 00007f29df7a6080 RCX: 00007f29df58cda9 [ 118.247926][ T6464] RDX: 0000000000000640 RSI: 00000000200000c0 RDI: ffffffffffffff9c [ 118.247940][ T6464] RBP: 00007f29df60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 118.247954][ T6464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 118.247967][ T6464] R13: 0000000000000000 R14: 00007f29df7a6080 R15: 00007ffed82d60e8 [ 118.248008][ T6464] [ 124.959541][ T6566] syz.1.146 uses obsolete (PF_INET,SOCK_PACKET) [ 125.754616][ T6580] process 'syz.2.149' launched '/dev/fd/5' with NULL argv: empty string added [ 126.506132][ T6591] WARNING! power/level is deprecated; use power/control instead [ 126.529497][ T6592] openvswitch: netlink: IP tunnel TTL not specified. [ 126.704355][ T6597] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 126.719546][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 127.587454][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 127.622487][ T6619] netlink: 20 bytes leftover after parsing attributes in process `syz.0.154'. [ 127.655245][ T6621] sysfs_service_op_show: Client not running :-5: [ 127.694334][ T6625] ptrace attach of "./syz-executor exec"[5839] was attempted by "./syz-executor exec"[6625] [ 127.724928][ T6622] ptrace attach of "./syz-executor exec"[5839] was attempted by "./syz-executor exec"[6622] [ 129.407731][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 129.705976][ T6655] openvswitch: netlink: Message has 119 unknown bytes. [ 129.737573][ T6655] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 130.171970][ T6666] netlink: 338 bytes leftover after parsing attributes in process `syz.3.170'. [ 130.908117][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 131.917526][ T6683] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 131.935088][ T6683] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 132.019571][ T6683] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 132.027701][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 132.043702][ T6683] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 132.077434][ T6683] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 132.239125][ T6683] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 132.280775][ T6683] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 132.300835][ T6683] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 132.334646][ T6683] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 132.382694][ T6683] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 132.415708][ T6683] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 132.536318][ T6683] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 132.927726][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c0!!! [ 132.956892][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 133.240806][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.247598][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.557299][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 134.117939][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 134.357335][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 134.439548][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 134.447531][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 135.186541][ T6737] Invalid ELF header magic: != ELF [ 135.198689][ T6746] netlink: 4 bytes leftover after parsing attributes in process `syz.3.186'. [ 135.260921][ T6746] netlink: 4 bytes leftover after parsing attributes in process `syz.3.186'. [ 135.652711][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 136.208959][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 136.447447][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 136.518462][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 136.974860][ T6816] netlink: 28 bytes leftover after parsing attributes in process `syz.3.192'. [ 137.719862][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 138.204541][ T6866] FAULT_INJECTION: forcing a failure. [ 138.204541][ T6866] name failslab, interval 1, probability 0, space 0, times 0 [ 138.227299][ T6866] CPU: 1 UID: 0 PID: 6866 Comm: syz.2.203 Not tainted 6.14.0-rc1-syzkaller #0 [ 138.227334][ T6866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 138.227348][ T6866] Call Trace: [ 138.227356][ T6866] [ 138.227366][ T6866] dump_stack_lvl+0x16c/0x1f0 [ 138.227409][ T6866] should_fail_ex+0x50a/0x650 [ 138.227437][ T6866] ? fs_reclaim_acquire+0xae/0x150 [ 138.227474][ T6866] should_failslab+0xc2/0x120 [ 138.227503][ T6866] __kmalloc_node_track_caller_noprof+0xcf/0x520 [ 138.227532][ T6866] ? kstrdup_const+0x63/0x80 [ 138.227568][ T6866] kstrdup+0x42/0xb0 [ 138.227600][ T6866] kstrdup_const+0x63/0x80 [ 138.227635][ T6866] wakeup_source_create+0x61/0x160 [ 138.227657][ T6866] wakeup_source_register+0x1b/0x140 [ 138.227682][ T6866] ep_create_wakeup_source+0x13a/0x2e0 [ 138.227718][ T6866] ? __pfx_ep_create_wakeup_source+0x10/0x10 [ 138.227754][ T6866] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 138.227787][ T6866] ? lock_acquire+0x2f/0xb0 [ 138.227812][ T6866] ? do_epoll_ctl+0x2365/0x35d0 [ 138.227852][ T6866] do_epoll_ctl+0x1dab/0x35d0 [ 138.227900][ T6866] ? __pfx_do_epoll_ctl+0x10/0x10 [ 138.227931][ T6866] ? __pfx_do_futex+0x10/0x10 [ 138.227974][ T6866] ? __might_fault+0xe3/0x190 [ 138.228016][ T6866] ? __x64_sys_epoll_ctl+0x15d/0x1e0 [ 138.228050][ T6866] __x64_sys_epoll_ctl+0x15d/0x1e0 [ 138.228091][ T6866] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 138.228136][ T6866] do_syscall_64+0xcd/0x250 [ 138.228161][ T6866] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.228195][ T6866] RIP: 0033:0x7f29df58cda9 [ 138.228214][ T6866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.228236][ T6866] RSP: 002b:00007f29e0306038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 138.228258][ T6866] RAX: ffffffffffffffda RBX: 00007f29df7a5fa0 RCX: 00007f29df58cda9 [ 138.228275][ T6866] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000005 [ 138.228289][ T6866] RBP: 00007f29df60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 138.228304][ T6866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 138.228317][ T6866] R13: 0000000000000000 R14: 00007f29df7a5fa0 R15: 00007ffed82d60e8 [ 138.228349][ T6866] [ 138.475596][ T29] audit: type=1326 audit(1738620147.636:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6869 comm="syz.3.206" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0806d8cda9 code=0x0 [ 138.500462][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 138.517552][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 138.597836][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 139.687342][ T6911] netlink: 342 bytes leftover after parsing attributes in process `syz.0.213'. [ 139.934476][ T6919] Invalid ELF header magic: != ELF [ 140.069650][ T6925] netlink: 'syz.1.215': attribute type 28 has an invalid length. [ 140.162559][ T6925] netlink: 'syz.1.215': attribute type 29 has an invalid length. [ 140.223485][ T6925] netlink: 'syz.1.215': attribute type 30 has an invalid length. [ 140.232868][ T6925] netlink: 'syz.1.215': attribute type 31 has an invalid length. [ 140.245653][ T6925] netlink: 'syz.1.215': attribute type 32 has an invalid length. [ 140.253527][ T6925] netlink: 'syz.1.215': attribute type 33 has an invalid length. [ 140.295316][ T6925] netlink: 'syz.1.215': attribute type 35 has an invalid length. [ 140.313602][ T6925] netlink: 'syz.1.215': attribute type 37 has an invalid length. [ 140.323161][ T6925] netlink: 'syz.1.215': attribute type 39 has an invalid length. [ 140.336233][ T6925] netlink: 'syz.1.215': attribute type 40 has an invalid length. [ 140.345315][ T6925] netlink: 18 bytes leftover after parsing attributes in process `syz.1.215'. [ 140.379408][ T6931] netlink: 342 bytes leftover after parsing attributes in process `syz.3.217'. [ 140.409890][ T6931] netlink: 342 bytes leftover after parsing attributes in process `syz.3.217'. [ 141.656848][ T6959] can: request_module (can-proto-0) failed. [ 144.602461][ T7016] netlink: 28 bytes leftover after parsing attributes in process `syz.3.236'. [ 144.652114][ T7009] random: crng reseeded on system resumption [ 146.313097][ T29] audit: type=1400 audit(6033587451.473:3): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=7049 comm="syz.2.244" [ 146.445047][ T7051] Process accounting resumed [ 146.630082][ T7064] netlink: 342 bytes leftover after parsing attributes in process `syz.1.248'. [ 147.176433][ T7094] netlink: 186 bytes leftover after parsing attributes in process `syz.0.252'. [ 148.714702][ T7170] FAULT_INJECTION: forcing a failure. [ 148.714702][ T7170] name failslab, interval 1, probability 0, space 0, times 0 [ 148.751464][ T7170] CPU: 0 UID: 0 PID: 7170 Comm: syz.1.260 Not tainted 6.14.0-rc1-syzkaller #0 [ 148.751499][ T7170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 148.751513][ T7170] Call Trace: [ 148.751520][ T7170] [ 148.751530][ T7170] dump_stack_lvl+0x16c/0x1f0 [ 148.751571][ T7170] should_fail_ex+0x50a/0x650 [ 148.751599][ T7170] ? fs_reclaim_acquire+0xae/0x150 [ 148.751637][ T7170] ? snd_seq_timer_new+0x42/0x190 [ 148.751663][ T7170] should_failslab+0xc2/0x120 [ 148.751693][ T7170] __kmalloc_cache_noprof+0x68/0x420 [ 148.751717][ T7170] ? lockdep_init_map_type+0x16d/0x7d0 [ 148.751754][ T7170] snd_seq_timer_new+0x42/0x190 [ 148.751780][ T7170] snd_seq_queue_alloc+0x177/0x550 [ 148.751821][ T7170] snd_seq_ioctl_create_queue+0xa9/0x310 [ 148.751851][ T7170] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 148.751885][ T7170] alloc_seq_queue+0xc2/0x160 [ 148.751914][ T7170] ? __pfx_alloc_seq_queue+0x10/0x10 [ 148.751976][ T7170] ? mark_held_locks+0x9f/0xe0 [ 148.752006][ T7170] ? _raw_spin_unlock_irq+0x23/0x50 [ 148.752045][ T7170] snd_seq_oss_open+0x38c/0xa20 [ 148.752083][ T7170] odev_open+0x6f/0x90 [ 148.752110][ T7170] ? __pfx_odev_open+0x10/0x10 [ 148.752138][ T7170] soundcore_open+0x409/0x580 [ 148.752170][ T7170] ? __pfx_soundcore_open+0x10/0x10 [ 148.752198][ T7170] chrdev_open+0x237/0x6a0 [ 148.752228][ T7170] ? __pfx_apparmor_file_open+0x10/0x10 [ 148.752254][ T7170] ? __pfx_chrdev_open+0x10/0x10 [ 148.752285][ T7170] ? file_set_fsnotify_mode+0x163/0x5d0 [ 148.752327][ T7170] do_dentry_open+0x735/0x1c40 [ 148.752354][ T7170] ? __pfx_chrdev_open+0x10/0x10 [ 148.752382][ T7170] ? inode_permission+0xdd/0x5f0 [ 148.752417][ T7170] vfs_open+0x82/0x3f0 [ 148.752445][ T7170] ? may_open+0x1f2/0x400 [ 148.752478][ T7170] path_openat+0x1e88/0x2d80 [ 148.752512][ T7170] ? __pfx_path_openat+0x10/0x10 [ 148.752536][ T7170] ? __pfx___lock_acquire+0x10/0x10 [ 148.752561][ T7170] ? lock_acquire.part.0+0x11b/0x380 [ 148.752587][ T7170] ? find_held_lock+0x2d/0x110 [ 148.752622][ T7170] do_filp_open+0x20c/0x470 [ 148.752645][ T7170] ? __pfx_do_filp_open+0x10/0x10 [ 148.752667][ T7170] ? find_held_lock+0x2d/0x110 [ 148.752723][ T7170] ? alloc_fd+0x41f/0x760 [ 148.752758][ T7170] do_sys_openat2+0x17a/0x1e0 [ 148.752785][ T7170] ? __pfx_do_sys_openat2+0x10/0x10 [ 148.752828][ T7170] __x64_sys_openat+0x175/0x210 [ 148.752859][ T7170] ? __pfx___x64_sys_openat+0x10/0x10 [ 148.752905][ T7170] do_syscall_64+0xcd/0x250 [ 148.752930][ T7170] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.752972][ T7170] RIP: 0033:0x7f39e2f8cda9 [ 148.752990][ T7170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.753010][ T7170] RSP: 002b:00007f39e3e6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 148.753031][ T7170] RAX: ffffffffffffffda RBX: 00007f39e31a5fa0 RCX: 00007f39e2f8cda9 [ 148.753046][ T7170] RDX: 0000000000000002 RSI: 0000000020000080 RDI: ffffffffffffff9c [ 148.753059][ T7170] RBP: 00007f39e300e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 148.753073][ T7170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 148.753085][ T7170] R13: 0000000000000000 R14: 00007f39e31a5fa0 R15: 00007ffc9680a708 [ 148.753114][ T7170] [ 149.292441][ T7151] kexec: Could not allocate control_code_buffer [ 149.423787][ T7176] netlink: 146 bytes leftover after parsing attributes in process `syz.1.261'. [ 149.609284][ T7179] Invalid ELF header magic: != ELF [ 149.751074][ T7190] mmap: syz.1.265 (7190) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 150.268829][ T7186] netlink: 28 bytes leftover after parsing attributes in process `syz.2.263'. [ 150.439276][ T7208] syz.3.268(7208): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 151.133204][ T7226] netlink: 28 bytes leftover after parsing attributes in process `syz.1.272'. [ 152.178139][ T7259] netlink: 4872 bytes leftover after parsing attributes in process `syz.0.279'. [ 152.189519][ T7257] validate_nla: 1 callbacks suppressed [ 152.189551][ T7257] netlink: 'syz.1.278': attribute type 1 has an invalid length. [ 152.249743][ T7257] sp0: Synchronizing with TNC [ 152.266713][ T7261] bridge0: port 3(bond0) entered blocking state [ 152.281876][ T7261] bridge0: port 3(bond0) entered disabled state [ 152.288540][ T7261] bond0: entered allmulticast mode [ 152.293818][ T7261] bond_slave_0: entered allmulticast mode [ 152.300351][ T7261] bond_slave_1: entered allmulticast mode [ 152.307944][ T7261] bond0: entered promiscuous mode [ 152.313171][ T7261] bond_slave_0: entered promiscuous mode [ 152.319200][ T7261] bond_slave_1: entered promiscuous mode [ 152.325890][ T7261] bridge0: port 3(bond0) entered blocking state [ 152.333295][ T7261] bridge0: port 3(bond0) entered forwarding state [ 153.244150][ T7290] Process accounting resumed [ 154.901703][ T7323] netlink: 92 bytes leftover after parsing attributes in process `syz.0.295'. [ 154.943540][ T7323] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 155.128465][ T7322] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 155.187905][ T7322] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 155.254351][ T7322] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 155.279188][ T7322] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 155.749539][ T7334] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 155.776583][ T7334] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 155.801578][ T7334] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 155.824603][ T7334] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 156.444773][ T7363] cougar: G6 mapped to space [ 157.687407][ T7404] netlink: 12 bytes leftover after parsing attributes in process `syz.3.307'. [ 157.805036][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 157.805052][ T53] Bluetooth: hci2: command 0x0c1a tx timeout [ 157.877303][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 157.883537][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 162.320199][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 162.582671][ T7486] queue_state_write: unsupported operation '' [ 162.624268][ T7486] queue_state_write: use 'run', 'start' or 'kick' syzkaller syzkaller login: [ 162.787991][ T7497] netlink: 20 bytes leftover after parsing attributes in process `syz.0.327'. [ 165.032857][ T7518] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 165.068512][ T7518] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 165.075454][ T7518] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 165.152325][ T7518] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 166.068548][ T7537] netlink: 342 bytes leftover after parsing attributes in process `syz.3.335'. [ 166.757274][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 167.077619][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 167.082416][ T53] Bluetooth: hci3: command 0x0c1a tx timeout [ 167.237361][ T53] Bluetooth: hci1: command 0x0c1a tx timeout [ 167.912659][ T7579] netlink: 28 bytes leftover after parsing attributes in process `syz.1.343'. [ 168.034411][ T7579] netdevsim netdevsim1 netdevsim2: entered allmulticast mode [ 169.867813][ T7609] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 169.874020][ T7609] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 169.880921][ T7609] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 169.888257][ T7609] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 170.291054][ T7620] netlink: 342 bytes leftover after parsing attributes in process `syz.0.352'. [ 170.352520][ T7620] netlink: 4 bytes leftover after parsing attributes in process `syz.0.352'. [ 170.429181][ T7620] netlink: 354 bytes leftover after parsing attributes in process `syz.0.352'. [ 170.490801][ T7623] netlink: 350 bytes leftover after parsing attributes in process `syz.0.352'. [ 170.816059][ T7627] Invalid ELF header magic: != ELF [ 171.052463][ T7638] bridge0: port 3(team0) entered blocking state [ 171.067364][ T7638] bridge0: port 3(team0) entered disabled state [ 171.097413][ T7638] team0: entered allmulticast mode [ 171.115389][ T7638] team_slave_0: entered allmulticast mode [ 171.145279][ T7638] team_slave_1: entered allmulticast mode [ 171.178762][ T7638] team0: entered promiscuous mode [ 171.183969][ T7638] team_slave_0: entered promiscuous mode [ 171.234788][ T7638] team_slave_1: entered promiscuous mode [ 171.266963][ T7638] bridge0: port 3(team0) entered blocking state [ 171.273499][ T7638] bridge0: port 3(team0) entered forwarding state [ 171.589281][ T7643] FAULT_INJECTION: forcing a failure. [ 171.589281][ T7643] name fail_futex, interval 1, probability 0, space 0, times 1 [ 171.617772][ T7643] CPU: 1 UID: 0 PID: 7643 Comm: syz.3.358 Not tainted 6.14.0-rc1-syzkaller #0 [ 171.617804][ T7643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 171.617816][ T7643] Call Trace: [ 171.617823][ T7643] [ 171.617831][ T7643] dump_stack_lvl+0x16c/0x1f0 [ 171.617872][ T7643] should_fail_ex+0x50a/0x650 [ 171.617900][ T7643] ? __lock_acquire+0x15a9/0x3c40 [ 171.617928][ T7643] get_futex_key+0x4a3/0x1000 [ 171.617969][ T7643] ? __pfx_get_futex_key+0x10/0x10 [ 171.618014][ T7643] futex_wake+0xe8/0x4e0 [ 171.618044][ T7643] ? __pfx_futex_wake+0x10/0x10 [ 171.618073][ T7643] ? find_held_lock+0x2d/0x110 [ 171.618113][ T7643] do_futex+0x1e5/0x350 [ 171.618137][ T7643] ? __pfx_do_futex+0x10/0x10 [ 171.618159][ T7643] ? __might_fault+0xe3/0x190 [ 171.618188][ T7643] ? __might_fault+0xe3/0x190 [ 171.618219][ T7643] mm_release+0x24e/0x300 [ 171.618248][ T7643] do_exit+0x886/0x2d70 [ 171.618272][ T7643] ? get_signal+0x8f7/0x2610 [ 171.618299][ T7643] ? __pfx_do_exit+0x10/0x10 [ 171.618319][ T7643] ? do_raw_spin_lock+0x12d/0x2c0 [ 171.618349][ T7643] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 171.618383][ T7643] do_group_exit+0xd3/0x2a0 [ 171.618406][ T7643] get_signal+0x2576/0x2610 [ 171.618446][ T7643] ? __pfx_get_signal+0x10/0x10 [ 171.618477][ T7643] ? __pfx_do_futex+0x10/0x10 [ 171.618503][ T7643] arch_do_signal_or_restart+0x90/0x7e0 [ 171.618529][ T7643] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 171.618571][ T7643] syscall_exit_to_user_mode+0x150/0x2a0 [ 171.618605][ T7643] do_syscall_64+0xda/0x250 [ 171.618628][ T7643] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.618658][ T7643] RIP: 0033:0x7f0806d8cda9 [ 171.618687][ T7643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 171.618708][ T7643] RSP: 002b:00007f0807c950e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 171.618729][ T7643] RAX: fffffffffffffe00 RBX: 00007f0806fa5fa8 RCX: 00007f0806d8cda9 [ 171.618744][ T7643] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f0806fa5fa8 [ 171.618756][ T7643] RBP: 00007f0806fa5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 171.618769][ T7643] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0806fa5fac [ 171.618782][ T7643] R13: 0000000000000000 R14: 00007ffffb7b9670 R15: 00007ffffb7b9758 [ 171.618810][ T7643] [ 171.877368][ T53] Bluetooth: hci3: command 0x0c1a tx timeout [ 171.884454][ T53] Bluetooth: hci2: command 0x0c1a tx timeout [ 171.957393][ T53] Bluetooth: hci1: command 0x0c1a tx timeout [ 171.963603][ T53] Bluetooth: hci0: command 0x0c1a tx timeout [ 173.954239][ T7663] kexec: Could not allocate control_code_buffer [ 175.309144][ T7705] ======================================================= [ 175.309144][ T7705] WARNING: The mand mount option has been deprecated and [ 175.309144][ T7705] and is ignored by this kernel. Remove the mand [ 175.309144][ T7705] option from the mount to silence this warning. [ 175.309144][ T7705] ======================================================= [ 176.147932][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 176.166185][ T7714] netlink: 342 bytes leftover after parsing attributes in process `syz.3.372'. [ 176.456109][ T7715] netlink: 342 bytes leftover after parsing attributes in process `syz.3.372'. [ 176.936516][ T29] audit: type=1800 audit(6033587482.073:4): pid=7720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.374" name="dbroot" dev="configfs" ino=16123 res=0 errno=0 [ 177.419434][ T7735] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 179.055473][ T7744] FAULT_INJECTION: forcing a failure. [ 179.055473][ T7744] name failslab, interval 1, probability 0, space 0, times 0 [ 179.172793][ T7744] CPU: 0 UID: 0 PID: 7744 Comm: syz.2.379 Not tainted 6.14.0-rc1-syzkaller #0 [ 179.172816][ T7744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 179.172824][ T7744] Call Trace: [ 179.172829][ T7744] [ 179.172835][ T7744] dump_stack_lvl+0x16c/0x1f0 [ 179.172861][ T7744] should_fail_ex+0x50a/0x650 [ 179.172878][ T7744] ? fs_reclaim_acquire+0xae/0x150 [ 179.172902][ T7744] should_failslab+0xc2/0x120 [ 179.172919][ T7744] __kmalloc_node_track_caller_noprof+0xcf/0x520 [ 179.172944][ T7744] ? kstrdup_const+0x63/0x80 [ 179.172967][ T7744] kstrdup+0x42/0xb0 [ 179.172988][ T7744] kstrdup_const+0x63/0x80 [ 179.173007][ T7744] alloc_vfsmnt+0xdf/0x6f0 [ 179.173025][ T7744] clone_mnt+0x6d/0xf90 [ 179.173047][ T7744] copy_tree+0x39e/0x9c0 [ 179.173066][ T7744] copy_mnt_ns+0x1b5/0xa70 [ 179.173080][ T7744] ? kmem_cache_alloc_noprof+0x21b/0x3b0 [ 179.173095][ T7744] ? create_new_namespaces+0x30/0xad0 [ 179.173119][ T7744] create_new_namespaces+0xd3/0xad0 [ 179.173139][ T7744] ? bpf_lsm_capable+0x9/0x10 [ 179.173156][ T7744] ? security_capable+0x7e/0x260 [ 179.173179][ T7744] copy_namespaces+0x468/0x560 [ 179.173198][ T7744] copy_process+0x251a/0x6f20 [ 179.173224][ T7744] ? __pfx_copy_process+0x10/0x10 [ 179.173244][ T7744] ? futex_wait+0x121/0x380 [ 179.173263][ T7744] kernel_clone+0xfd/0x960 [ 179.173283][ T7744] ? __pfx_kernel_clone+0x10/0x10 [ 179.173304][ T7744] ? do_futex+0x123/0x350 [ 179.173317][ T7744] ? __pfx_do_futex+0x10/0x10 [ 179.173331][ T7744] ? 0xffffffff81000000 [ 179.173341][ T7744] __do_sys_clone+0xba/0x100 [ 179.173361][ T7744] ? __pfx___do_sys_clone+0x10/0x10 [ 179.173380][ T7744] ? 0xffffffff81000000 [ 179.173399][ T7744] do_syscall_64+0xcd/0x250 [ 179.173413][ T7744] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.173432][ T7744] RIP: 0033:0x7f29df58cda9 [ 179.173444][ T7744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 179.173456][ T7744] RSP: 002b:00007f29e0306038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 179.173468][ T7744] RAX: ffffffffffffffda RBX: 00007f29df7a5fa0 RCX: 00007f29df58cda9 [ 179.173476][ T7744] RDX: 9999999999999999 RSI: 0000000000000009 RDI: 0000000000021002 [ 179.173484][ T7744] RBP: 00007f29df60e2a0 R08: 0000000000000009 R09: 0000000000000000 [ 179.173492][ T7744] R10: ffffffff81000000 R11: 0000000000000246 R12: 0000000000000000 [ 179.173499][ T7744] R13: 0000000000000000 R14: 00007f29df7a5fa0 R15: 00007ffed82d60e8 [ 179.173510][ T7744] ? 0xffffffff81000000 [ 179.173524][ T7744] [ 181.186901][ T7776] KVM: debugfs: duplicate directory 7776-4 [ 181.249327][ T7776] KVM: debugfs: duplicate directory 7776-5 [ 181.288209][ T7776] KVM: debugfs: duplicate directory 7776-6 [ 181.332218][ T7776] KVM: debugfs: duplicate directory 7776-7 [ 181.386229][ T7776] KVM: debugfs: duplicate directory 7776-8 [ 181.456209][ T7776] KVM: debugfs: duplicate directory 7776-9 [ 181.512084][ T7776] KVM: debugfs: duplicate directory 7776-10 [ 181.536016][ T7776] KVM: debugfs: duplicate directory 7776-11 [ 181.591254][ T7776] KVM: debugfs: duplicate directory 7776-12 [ 181.638718][ T7776] KVM: debugfs: duplicate directory 7776-13 [ 182.327426][ T7783] nbd2: detected capacity change from 0 to 68719476736 [ 182.389133][ T5856] block nbd2: Send control failed (result -22) [ 182.423957][ T5856] block nbd2: Request send failed, requeueing [ 182.462365][ T5843] block nbd2: Receive control failed (result -32) [ 182.463041][ T58] block nbd2: Dead connection, failed to find a fallback [ 182.482862][ T58] block nbd2: shutting down sockets [ 182.490251][ T58] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 182.501083][ T58] Buffer I/O error on dev nbd2, logical block 0, async page read [ 182.511984][ T5856] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 182.523691][ T5856] Buffer I/O error on dev nbd2, logical block 0, async page read [ 182.532828][ T5856] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 182.542601][ T5856] Buffer I/O error on dev nbd2, logical block 0, async page read [ 182.550994][ T5856] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 182.560380][ T5856] Buffer I/O error on dev nbd2, logical block 0, async page read [ 182.573017][ T5856] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 182.583250][ T5856] Buffer I/O error on dev nbd2, logical block 0, async page read [ 182.605570][ T5856] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 182.637443][ T5856] Buffer I/O error on dev nbd2, logical block 0, async page read [ 182.645419][ T5856] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 182.697415][ T5856] Buffer I/O error on dev nbd2, logical block 0, async page read [ 182.705404][ T5856] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 182.747383][ T5856] Buffer I/O error on dev nbd2, logical block 0, async page read [ 182.760060][ T5856] ldm_validate_partition_table(): Disk read failed. [ 182.787316][ T5856] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 182.827308][ T5856] Buffer I/O error on dev nbd2, logical block 0, async page read [ 182.835396][ T5856] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 182.863882][ T5856] Buffer I/O error on dev nbd2, logical block 0, async page read [ 182.893799][ T5856] Dev nbd2: unable to read RDB block 0 [ 182.937798][ T5856] nbd2: unable to read partition table [ 183.009850][ T5856] ldm_validate_partition_table(): Disk read failed. [ 183.016957][ T5856] Dev nbd2: unable to read RDB block 0 [ 183.050882][ T5856] nbd2: unable to read partition table [ 183.068909][ T5856] [ 183.071374][ T5856] ====================================================== [ 183.078628][ T5856] WARNING: possible circular locking dependency detected [ 183.085729][ T5856] 6.14.0-rc1-syzkaller #0 Not tainted [ 183.091129][ T5856] ------------------------------------------------------ [ 183.098359][ T5856] udevd/5856 is trying to acquire lock: [ 183.103930][ T5856] ffff88814330dc88 (&q->q_usage_counter(io)#51){++++}-{0:0}, at: __submit_bio+0x3d1/0x690 [ 183.114186][ T5856] [ 183.114186][ T5856] but task is already holding lock: [ 183.121599][ T5856] ffff888023814e40 (mapping.invalidate_lock#2){.+.+}-{4:4}, at: page_cache_ra_unbounded+0x173/0x7d0 [ 183.133009][ T5856] [ 183.133009][ T5856] which lock already depends on the new lock. [ 183.133009][ T5856] [ 183.143516][ T5856] [ 183.143516][ T5856] the existing dependency chain (in reverse order) is: [ 183.152647][ T5856] [ 183.152647][ T5856] -> #6 (mapping.invalidate_lock#2){.+.+}-{4:4}: [ 183.161582][ T5856] down_read+0x9a/0x330 [ 183.166271][ T5856] filemap_fault+0x2e7/0x2ca0 [ 183.171478][ T5856] __do_fault+0x10a/0x490 [ 183.176331][ T5856] do_pte_missing+0xecf/0x3e10 [ 183.181904][ T5856] __handle_mm_fault+0x1166/0x2c60 [ 183.187626][ T5856] handle_mm_fault+0x3fa/0xaa0 [ 183.193107][ T5856] __get_user_pages+0x773/0x36f0 [ 183.198581][ T5856] populate_vma_page_range+0x27f/0x3a0 [ 183.204886][ T5856] __mm_populate+0x1d6/0x380 [ 183.210328][ T5856] vm_mmap_pgoff+0x2d3/0x3a0 [ 183.216108][ T5856] ksys_mmap_pgoff+0x32c/0x5c0 [ 183.221543][ T5856] __x64_sys_mmap+0x125/0x190 [ 183.226776][ T5856] do_syscall_64+0xcd/0x250 [ 183.232067][ T5856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.238570][ T5856] [ 183.238570][ T5856] -> #5 (&mm->mmap_lock){++++}-{4:4}: [ 183.246778][ T5856] __might_fault+0x11b/0x190 [ 183.251913][ T5856] _copy_from_user+0x29/0xd0 [ 183.257151][ T5856] csum_and_copy_from_iter_full+0x218/0x1eb0 [ 183.263934][ T5856] ip_generic_getfrag+0x175/0x260 [ 183.269570][ T5856] raw6_getfrag+0x1ed/0x270 [ 183.275709][ T5856] __ip6_append_data.isra.0+0x3dca/0x4650 [ 183.282579][ T5856] ip6_append_data+0x1e6/0x500 [ 183.287873][ T5856] rawv6_sendmsg+0x15ce/0x4460 [ 183.293176][ T5856] inet_sendmsg+0x119/0x140 [ 183.298235][ T5856] ____sys_sendmsg+0x907/0xb40 [ 183.303725][ T5856] ___sys_sendmsg+0x135/0x1e0 [ 183.308975][ T5856] __sys_sendmsg+0x16e/0x220 [ 183.314294][ T5856] do_syscall_64+0xcd/0x250 [ 183.319682][ T5856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.326115][ T5856] [ 183.326115][ T5856] -> #4 (sk_lock-AF_INET6){+.+.}-{0:0}: [ 183.334113][ T5856] lock_sock_nested+0x3a/0xf0 [ 183.341094][ T5856] inet_autobind+0x1a/0x1a0 [ 183.346938][ T5856] inet_send_prepare+0x317/0x530 [ 183.352413][ T5856] inet_sendmsg+0x43/0x140 [ 183.357359][ T5856] sock_sendmsg+0x324/0x410 [ 183.362922][ T5856] __sock_xmit+0x1e8/0x4f0 [ 183.367870][ T5856] nbd_send_cmd+0x8ec/0x1c90 [ 183.373152][ T5856] nbd_queue_rq+0x941/0x1220 [ 183.378643][ T5856] blk_mq_dispatch_rq_list+0x443/0x1dc0 [ 183.384753][ T5856] __blk_mq_sched_dispatch_requests+0xcdf/0x1620 [ 183.391694][ T5856] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 183.398401][ T5856] blk_mq_run_hw_queue+0x239/0x670 [ 183.404160][ T5856] blk_mq_flush_plug_list+0x673/0x1c60 [ 183.410601][ T5856] __blk_flush_plug+0x2c5/0x4b0 [ 183.416510][ T5856] __submit_bio+0x547/0x690 [ 183.421655][ T5856] submit_bio_noacct_nocheck+0x698/0xd70 [ 183.427917][ T5856] submit_bio_noacct+0x50d/0x1ec0 [ 183.435054][ T5856] block_read_full_folio+0x812/0xa50 [ 183.440958][ T5856] filemap_read_folio+0xc6/0x2a0 [ 183.446797][ T5856] do_read_cache_folio+0x263/0x5c0 [ 183.452867][ T5856] read_part_sector+0xd4/0x310 [ 183.458454][ T5856] adfspart_check_ICS+0xa7/0x8c0 [ 183.464038][ T5856] bdev_disk_changed+0x6c6/0x14e0 [ 183.470640][ T5856] blkdev_get_whole+0x187/0x290 [ 183.476034][ T5856] bdev_open+0x2c7/0xe20 [ 183.480839][ T5856] blkdev_open+0x272/0x3f0 [ 183.485988][ T5856] do_dentry_open+0x735/0x1c40 [ 183.491718][ T5856] vfs_open+0x82/0x3f0 [ 183.496324][ T5856] path_openat+0x1e88/0x2d80 [ 183.501439][ T5856] do_filp_open+0x20c/0x470 [ 183.506634][ T5856] do_sys_openat2+0x17a/0x1e0 [ 183.511919][ T5856] __x64_sys_openat+0x175/0x210 [ 183.517307][ T5856] do_syscall_64+0xcd/0x250 [ 183.522332][ T5856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.528928][ T5856] [ 183.528928][ T5856] -> #3 (&nsock->tx_lock){+.+.}-{4:4}: [ 183.536688][ T5856] __mutex_lock+0x19b/0xb10 [ 183.541903][ T5856] nbd_queue_rq+0x424/0x1220 [ 183.547011][ T5856] blk_mq_dispatch_rq_list+0x443/0x1dc0 [ 183.553088][ T5856] __blk_mq_sched_dispatch_requests+0xcdf/0x1620 [ 183.559941][ T5856] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 183.566450][ T5856] blk_mq_run_hw_queue+0x239/0x670 [ 183.572092][ T5856] blk_mq_flush_plug_list+0x673/0x1c60 [ 183.578080][ T5856] __blk_flush_plug+0x2c5/0x4b0 [ 183.583458][ T5856] __submit_bio+0x547/0x690 [ 183.588585][ T5856] submit_bio_noacct_nocheck+0x698/0xd70 [ 183.594750][ T5856] submit_bio_noacct+0x50d/0x1ec0 [ 183.600302][ T5856] block_read_full_folio+0x812/0xa50 [ 183.607170][ T5856] filemap_read_folio+0xc6/0x2a0 [ 183.613608][ T5856] do_read_cache_folio+0x263/0x5c0 [ 183.620767][ T5856] read_part_sector+0xd4/0x310 [ 183.626172][ T5856] adfspart_check_ICS+0xa7/0x8c0 [ 183.631650][ T5856] bdev_disk_changed+0x6c6/0x14e0 [ 183.638184][ T5856] blkdev_get_whole+0x187/0x290 [ 183.644316][ T5856] bdev_open+0x2c7/0xe20 [ 183.649103][ T5856] blkdev_open+0x272/0x3f0 [ 183.654131][ T5856] do_dentry_open+0x735/0x1c40 [ 183.660043][ T5856] vfs_open+0x82/0x3f0 [ 183.664742][ T5856] path_openat+0x1e88/0x2d80 [ 183.669866][ T5856] do_filp_open+0x20c/0x470 [ 183.674891][ T5856] do_sys_openat2+0x17a/0x1e0 [ 183.680095][ T5856] __x64_sys_openat+0x175/0x210 [ 183.685561][ T5856] do_syscall_64+0xcd/0x250 [ 183.690584][ T5856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.697036][ T5856] [ 183.697036][ T5856] -> #2 (&cmd->lock){+.+.}-{4:4}: [ 183.705466][ T5856] __mutex_lock+0x19b/0xb10 [ 183.710579][ T5856] nbd_queue_rq+0xbe/0x1220 [ 183.717801][ T5856] blk_mq_dispatch_rq_list+0x443/0x1dc0 [ 183.724421][ T5856] __blk_mq_sched_dispatch_requests+0xcdf/0x1620 [ 183.731348][ T5856] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 183.739813][ T5856] blk_mq_run_hw_queue+0x239/0x670 [ 183.745998][ T5856] blk_mq_flush_plug_list+0x673/0x1c60 [ 183.752080][ T5856] __blk_flush_plug+0x2c5/0x4b0 [ 183.757747][ T5856] __submit_bio+0x547/0x690 [ 183.764143][ T5856] submit_bio_noacct_nocheck+0x698/0xd70 [ 183.771114][ T5856] submit_bio_noacct+0x50d/0x1ec0 [ 183.777199][ T5856] block_read_full_folio+0x812/0xa50 [ 183.783010][ T5856] filemap_read_folio+0xc6/0x2a0 [ 183.788481][ T5856] do_read_cache_folio+0x263/0x5c0 [ 183.794207][ T5856] read_part_sector+0xd4/0x310 [ 183.800473][ T5856] adfspart_check_ICS+0xa7/0x8c0 [ 183.805979][ T5856] bdev_disk_changed+0x6c6/0x14e0 [ 183.812098][ T5856] blkdev_get_whole+0x187/0x290 [ 183.817484][ T5856] bdev_open+0x2c7/0xe20 [ 183.822352][ T5856] blkdev_open+0x272/0x3f0 [ 183.827319][ T5856] do_dentry_open+0x735/0x1c40 [ 183.832625][ T5856] vfs_open+0x82/0x3f0 [ 183.837233][ T5856] path_openat+0x1e88/0x2d80 [ 183.842361][ T5856] do_filp_open+0x20c/0x470 [ 183.847397][ T5856] do_sys_openat2+0x17a/0x1e0 [ 183.852618][ T5856] __x64_sys_openat+0x175/0x210 [ 183.857996][ T5856] do_syscall_64+0xcd/0x250 [ 183.863025][ T5856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.869448][ T5856] [ 183.869448][ T5856] -> #1 (set->srcu){.+.+}-{0:0}: [ 183.876576][ T5856] __synchronize_srcu+0xa9/0x2a0 [ 183.882041][ T5856] blk_mq_update_nr_requests+0x288/0x670 [ 183.888229][ T5856] queue_requests_store+0x161/0x210 [ 183.894040][ T5856] queue_attr_store+0x370/0x510 [ 183.899435][ T5856] sysfs_kf_write+0x117/0x170 [ 183.904682][ T5856] kernfs_fop_write_iter+0x33d/0x500 [ 183.910713][ T5856] vfs_write+0x5ae/0x1150 [ 183.915656][ T5856] ksys_write+0x12b/0x250 [ 183.920866][ T5856] do_syscall_64+0xcd/0x250 [ 183.926700][ T5856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.933585][ T5856] [ 183.933585][ T5856] -> #0 (&q->q_usage_counter(io)#51){++++}-{0:0}: [ 183.942282][ T5856] __lock_acquire+0x249e/0x3c40 [ 183.947658][ T5856] lock_acquire.part.0+0x11b/0x380 [ 183.953384][ T5856] blk_mq_submit_bio+0x20db/0x25f0 [ 183.959024][ T5856] __submit_bio+0x3d1/0x690 [ 183.964055][ T5856] submit_bio_noacct_nocheck+0x698/0xd70 [ 183.970255][ T5856] submit_bio_noacct+0x50d/0x1ec0 [ 183.975913][ T5856] mpage_readahead+0x41d/0x590 [ 183.981214][ T5856] read_pages+0x1a7/0xc60 [ 183.986110][ T5856] page_cache_ra_unbounded+0x426/0x7d0 [ 183.992116][ T5856] force_page_cache_ra+0x24b/0x340 [ 183.997847][ T5856] page_cache_sync_ra+0x158/0xa30 [ 184.003432][ T5856] filemap_get_pages+0xb62/0x1c30 [ 184.009094][ T5856] filemap_read+0x3c5/0xe70 [ 184.014212][ T5856] blkdev_read_iter+0x187/0x4b0 [ 184.019583][ T5856] vfs_read+0x886/0xbf0 [ 184.024884][ T5856] ksys_read+0x12b/0x250 [ 184.029840][ T5856] do_syscall_64+0xcd/0x250 [ 184.034877][ T5856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.041304][ T5856] [ 184.041304][ T5856] other info that might help us debug this: [ 184.041304][ T5856] [ 184.051840][ T5856] Chain exists of: [ 184.051840][ T5856] &q->q_usage_counter(io)#51 --> &mm->mmap_lock --> mapping.invalidate_lock#2 [ 184.051840][ T5856] [ 184.066898][ T5856] Possible unsafe locking scenario: [ 184.066898][ T5856] [ 184.074520][ T5856] CPU0 CPU1 [ 184.079881][ T5856] ---- ---- [ 184.085356][ T5856] rlock(mapping.invalidate_lock#2); [ 184.091088][ T5856] lock(&mm->mmap_lock); [ 184.097964][ T5856] lock(mapping.invalidate_lock#2); [ 184.105975][ T5856] rlock(&q->q_usage_counter(io)#51); [ 184.111457][ T5856] [ 184.111457][ T5856] *** DEADLOCK *** [ 184.111457][ T5856] [ 184.120049][ T5856] 1 lock held by udevd/5856: [ 184.124631][ T5856] #0: ffff888023814e40 (mapping.invalidate_lock#2){.+.+}-{4:4}, at: page_cache_ra_unbounded+0x173/0x7d0 [ 184.136613][ T5856] [ 184.136613][ T5856] stack backtrace: [ 184.142502][ T5856] CPU: 1 UID: 0 PID: 5856 Comm: udevd Not tainted 6.14.0-rc1-syzkaller #0 [ 184.142525][ T5856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 184.142537][ T5856] Call Trace: [ 184.142543][ T5856] [ 184.142563][ T5856] dump_stack_lvl+0x116/0x1f0 [ 184.142597][ T5856] print_circular_bug+0x490/0x760 [ 184.142621][ T5856] check_noncircular+0x31a/0x400 [ 184.142641][ T5856] ? __pfx_check_noncircular+0x10/0x10 [ 184.142661][ T5856] ? __kernel_text_address+0xd/0x40 [ 184.142687][ T5856] ? unwind_get_return_address+0x59/0xa0 [ 184.142716][ T5856] ? lockdep_lock+0xc6/0x200 [ 184.142743][ T5856] ? __pfx_lockdep_lock+0x10/0x10 [ 184.142772][ T5856] __lock_acquire+0x249e/0x3c40 [ 184.142796][ T5856] ? __pfx___lock_acquire+0x10/0x10 [ 184.142817][ T5856] ? hlock_class+0x4e/0x130 [ 184.142842][ T5856] ? mark_lock+0xb5/0xc60 [ 184.142860][ T5856] ? page_cache_ra_unbounded+0x426/0x7d0 [ 184.142887][ T5856] ? page_cache_sync_ra+0x158/0xa30 [ 184.142913][ T5856] lock_acquire.part.0+0x11b/0x380 [ 184.142934][ T5856] ? __submit_bio+0x3d1/0x690 [ 184.142960][ T5856] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 184.142982][ T5856] ? rcu_is_watching+0x12/0xc0 [ 184.143008][ T5856] ? trace_lock_acquire+0x14e/0x1f0 [ 184.143024][ T5856] ? __submit_bio+0x3d1/0x690 [ 184.143049][ T5856] ? lock_acquire+0x2f/0xb0 [ 184.143068][ T5856] ? __submit_bio+0x3d1/0x690 [ 184.143093][ T5856] blk_mq_submit_bio+0x20db/0x25f0 [ 184.143120][ T5856] ? __submit_bio+0x3d1/0x690 [ 184.143146][ T5856] ? __pfx_blk_mq_submit_bio+0x10/0x10 [ 184.143172][ T5856] ? mark_lock+0xb5/0xc60 [ 184.143191][ T5856] ? __pfx___lock_acquire+0x10/0x10 [ 184.143211][ T5856] ? trace_lock_acquire+0x14e/0x1f0 [ 184.143227][ T5856] ? __pfx_mark_lock+0x10/0x10 [ 184.143247][ T5856] ? find_held_lock+0x2d/0x110 [ 184.143275][ T5856] __submit_bio+0x3d1/0x690 [ 184.143300][ T5856] ? __pfx___submit_bio+0x10/0x10 [ 184.143327][ T5856] ? ktime_get+0x200/0x310 [ 184.143346][ T5856] ? lockdep_hardirqs_on+0x7c/0x110 [ 184.143379][ T5856] ? submit_bio_noacct_nocheck+0x698/0xd70 [ 184.143405][ T5856] submit_bio_noacct_nocheck+0x698/0xd70 [ 184.143441][ T5856] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 184.143469][ T5856] ? __pfx___might_resched+0x10/0x10 [ 184.143495][ T5856] submit_bio_noacct+0x50d/0x1ec0 [ 184.143523][ T5856] mpage_readahead+0x41d/0x590 [ 184.143547][ T5856] ? __pfx_mpage_readahead+0x10/0x10 [ 184.143576][ T5856] ? __pfx_blkdev_get_block+0x10/0x10 [ 184.143595][ T5856] ? __folio_batch_add_and_move+0x5f3/0xc60 [ 184.143613][ T5856] ? __pfx_lock_release+0x10/0x10 [ 184.143633][ T5856] ? trace_lock_acquire+0x14e/0x1f0 [ 184.143650][ T5856] ? __pfx_blkdev_readahead+0x10/0x10 [ 184.143668][ T5856] read_pages+0x1a7/0xc60 [ 184.143698][ T5856] ? __folio_batch_add_and_move+0x689/0xc60 [ 184.143720][ T5856] ? __pfx_read_pages+0x10/0x10 [ 184.143748][ T5856] page_cache_ra_unbounded+0x426/0x7d0 [ 184.143779][ T5856] force_page_cache_ra+0x24b/0x340 [ 184.143806][ T5856] page_cache_sync_ra+0x158/0xa30 [ 184.143831][ T5856] ? __lock_acquire+0xcc5/0x3c40 [ 184.143852][ T5856] filemap_get_pages+0xb62/0x1c30 [ 184.143874][ T5856] ? __pfx_filemap_get_pages+0x10/0x10 [ 184.143894][ T5856] ? __pfx___might_resched+0x10/0x10 [ 184.143918][ T5856] filemap_read+0x3c5/0xe70 [ 184.143935][ T5856] ? trace_lock_acquire+0x14e/0x1f0 [ 184.143956][ T5856] ? __pfx_filemap_read+0x10/0x10 [ 184.143983][ T5856] ? apparmor_file_permission+0x251/0x400 [ 184.144012][ T5856] blkdev_read_iter+0x187/0x4b0 [ 184.144031][ T5856] vfs_read+0x886/0xbf0 [ 184.144051][ T5856] ? __pfx_vfs_read+0x10/0x10 [ 184.144068][ T5856] ? blkdev_llseek+0x9b/0xd0 [ 184.144085][ T5856] ? __pfx_lock_release+0x10/0x10 [ 184.144107][ T5856] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 184.144133][ T5856] ksys_read+0x12b/0x250 [ 184.144150][ T5856] ? __pfx_ksys_read+0x10/0x10 [ 184.144170][ T5856] do_syscall_64+0xcd/0x250 [ 184.144188][ T5856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.144220][ T5856] RIP: 0033:0x7fe9d8d16b6a [ 184.144240][ T5856] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83 [ 184.144257][ T5856] RSP: 002b:00007fffe3eb2da8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 184.144274][ T5856] RAX: ffffffffffffffda RBX: 00001fffffff0000 RCX: 00007fe9d8d16b6a [ 184.144286][ T5856] RDX: 0000000000000040 RSI: 000055f7b98ca0b8 RDI: 0000000000000009 [ 184.144297][ T5856] RBP: 0000000000000040 R08: 000055f7b98ca090 R09: 00007fe9d8df1b60 [ 184.144309][ T5856] R10: 0000000000000007 R11: 0000000000000246 R12: 000055f7b98ca090 [ 184.144320][ T5856] R13: 000055f7b98ca0a8 R14: 000055f7b98d0b48 R15: 000055f7b98d0af0 [ 184.144337][ T5856]