last executing test programs: 8.857664963s ago: executing program 2 (id=2455): r0 = socket(0x2, 0x1, 0xa) connect$auto(r0, &(0x7f0000000080)=@l2={0x1f, 0x800, @none, 0x85, 0x1}, 0x54) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) io_submit$auto(0x2, 0xfffffffffffff096, &(0x7f0000000040)=&(0x7f0000000000)={0x2, 0xb, 0x8, 0x3, 0x2, 0x3b, 0xfffffffffffffc00, 0x2, 0x1001, 0x0, 0x6, 0xffffffffffffffff}) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000000), r1) sendmsg$auto_BATADV_CMD_SET_MESH(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=ANY=[@ANYRESHEX, @ANYRESDEC=r3, @ANYRESHEX, @ANYRESOCT=r3, @ANYRES16=r1, @ANYRESHEX], 0x14}, 0x1, 0x0, 0x0, 0x4000070}, 0x140000e5) writev$auto(0xc8, 0x0, 0x9) mmap$auto(0x0, 0x80005, 0xdf, 0x800000011, 0x2, 0x5) r4 = socket(0x22, 0x0, 0x1) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x8001, 0x0) r5 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x201, 0x0) r6 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/dri/vkms/vkms_config\x00', 0x301401, 0x0) ioctl$auto(r5, 0x80026f48, r6) socket(0x2a, 0x2, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8000, 0x0) close_range$auto(r4, 0xe903, 0x2) socket(0x1e, 0x4, 0x0) socket$nl_generic(0x10, 0x3, 0x10) statx$auto(r2, 0x0, 0x10001, 0x7e76, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/fs/nfs/net/nfs_client/identifier\x00', 0x82942, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r4) mmap$auto(0x0, 0x400008, 0x36, 0x1009b72, 0x2, 0x8002) prctl$auto(0x4, 0x419, 0x0, 0x2, 0x18) madvise$auto(0x0, 0x2003f2, 0x15) 7.858336078s ago: executing program 2 (id=2460): r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async) mmap$auto(0x0, 0x2020409, 0xa, 0xeb1, 0xffffffffffffffff, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x17) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x4000050) (async) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) (async) get_robust_list$auto(0x0, 0x0, 0x0) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f0000000200)={0x14, r2, 0x1, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x48080) (async) sendmsg$auto_NFSD_CMD_LISTENER_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r2, 0x1, 0x70bd2b, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000804}, 0x50) 7.712406683s ago: executing program 2 (id=2461): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, 0x0, 0x100000a3d9) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x20a00, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x15\x00p\x01\x99\x88c\x14\r>\x14\x1a\xd3\xd3\x1d\xf8?\xdb\xdb\xc1\xf5\xe3o\x8e\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\xe5}\xea\x1b\x95\xafQ;_L\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2\x10\x00\x00\x00\x00\x00/TX:\x8a\xddf\xa9H0\x06\xe7\xd2\xe2\xf6^\xfdo\x00\x9a>T\xd5\x1e\xe3\xeb\x89q\a\xd6h\xc9\xbc\x8f\x1dBk\x95\x174\xdc\x03\x05> -\xb6\x9d[\xe42(\xe4\n\x98u\xc9\xa1\xc4Zb\x04\xc2\xf1 \x8a\xbe]\xde\xfd8u\xb4\xde\xb3\xa1T/\xdfx\x14Y\xfe\x1e\x1f\x91\x19\xb7\xfc\xcd\x7fl\xb3\xa8#\xa0\xb9P\x8d\x04C\x87\xebR\x93\x12\x18H&N\x8b\'i)\xab@\xaf\xcb\xda\x00\x067\xce\xd6V4\xc2\xeeX\xb4\xe9\f\xee\xe8\xd8\x91\x1b\xcd\x00j\x14H\xcc-\x14\xde\xaaN\x87\x8d\x9b\xa05\xacHX\xc1\xce\x91\xee\xad\r\xbe\xb2&f\xa3\xe2\x8bp\xba\x8a\"\xf1\xfc\xa13\xfe\xe0JG\xe1v\x82s}v~`X%pJ\xbf\xc3`\xa9\x8f\"l\xc7XX\xa4\xb6\x0e\xbe\xa0wy\xfe\x03n+k\xf149*(\x15\xaa\xc2\x8aB\xf1\xbb$M\xfe%\xc7\x84\xf0\xa4}bd\xac\xa8T\xda\xffm\x86\xca\x80\xde3\xa7\xba\xc7Y]\xd7\xa2\xec)\xd6\xad\xbcI\x10\xa3#\xd4/J\xa8\x14\x1b<\x04\xbd\x89\xefQf\xc0Q\x92\x92\xa7\x99\xcf\xaekR\xf5\xb7\x14r[\x9fx\xaf+\xb3@\xf4\x83\xbf\xc7e\xe7\xc2\xd6\x10\x0fk\xee)\x92\bO\xa1\x1a\x9e\xef:5\x1e\x1c\"9\xd8\xdf\xa9C\xe2SHG6\xf2\xd5.\x12]\x17J\x8b\xc52\xe9\x9e\xbc\xdc\xae\xef\xed\xf9\xa6\x9e-\x92pZ\x12j/\x1dD{\xac\x17\\O\xee\x11\x10$\x12\xfc \xb0\xb7cA;\xa1,\x040\xa7\xd9\xb2\x19@1\x92\x10\xc4\xc0\x1f\x1d\xe1\xf6\x80lW\v,\xa2\x134no\xa0\x00l\xd8\xe4\xd3\x16\xd3%\x8b\xf5\x1e\x12{\xe6\xdb\xde\a\xdedH\x90\xf7\x19\xff\xcb\xacC\xeadOf\xb8\x15\xc39\xefLt\t\x11\xa1\x0e\x85\xac\xcc+\xc0\xb4.\xaa3>\xc0\x96\x84\xd5\x02\xc1\x94=\xb0\xfe\xda\x1d\xe9\xa7\xe1\xcf\x80|k\xdd\x95\xc9\xb0y\xb4\xbd\xc2W\x9c\xa4\x80\x13\xbc\x7fb=y\xdb]U\xd1HC\xe1\xa7\x94q\xb0C\xb8\x86\xd0\x9d\xe0\x8aD\x91x\'\xd6\x17\xd1\x9d\x16\xa7oZ\x8a\xce:\x9e@\xca\x17\x05f+\xee\xd8\xe6D\x9e\xb18Aw', 0xe, 0x3) r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000180), 0x40900, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f00000000c0)={{0x0, 0x2, 0x200800, 0xffffffff, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x20000000000e31, 0x40000000000a5, 0x8000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) madvise$auto(0x0, 0xffffffffffff0006, 0x17) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snd/controlC0\x00', 0x880, 0x0) ioctl$auto_UBI_IOCATT(r1, 0x40186f40, 0x0) ioctl$auto_UBI_IOCDET(r1, 0x40046f41, 0x0) mmap$auto(0x0, 0x61, 0x100001000000004, 0xfa31, 0x400, 0x8000) r2 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x401, 0x0) pwritev$auto(r2, &(0x7f0000000140)={0x0, 0x400000000001}, 0x5, 0x5, 0xd3b8) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001180), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x28, r4, 0x1, 0x70bd2b, 0x25dfdc03, {}, [@HWSIM_ATTR_PMSR_SUPPORT={0x14, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_TYPE_CAPA={0x10, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_MAX_FTMS_PER_BURST={0x5}]}]}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x40891}, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0x40000eb1, 0x401, 0x8000) clone$auto(0x100000008, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4000006) clone$auto(0x1, 0x1, 0x0, 0x0, 0x2) 5.227524367s ago: executing program 3 (id=2467): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x57e) fcntl$auto_F_ADD_SEALS(r0, 0x410, 0x0) r1 = open(&(0x7f0000000100)='.\x00', 0x0, 0x57e) openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x22) r2 = socketcall$auto_SYS_SOCKET(0x1, 0x0) ioctl$auto_UI_BEGIN_FF_UPLOAD(0xffffffffffffffff, 0xc06855c8, &(0x7f0000000080)={0x0, 0x1, {0x9, 0x4200, 0x101, {0x0, 0x5171}, {0x4, 0x8}, @condition=[{0x6, 0x7ff, 0xb, 0x1, 0x45, 0x1}, {0x1, 0xaf, 0x3ff, 0x5, 0x4, 0x4}]}, {0xfc00, 0x9, 0x0, {0xe1, 0x400}, {0xfff5, 0x6}, @constant={0x3, {0x400, 0x2, 0x3, 0xb555}}}}) syz_genetlink_get_family_id$auto_nl80211(0x0, r2) sendmsg$auto_NL80211_CMD_ADD_LINK(r2, 0x0, 0x0) msgctl$auto_IPC_SET(0x0, 0x1, &(0x7f0000002600)={{0x0, 0x0, 0xee00, 0x7fffffff, 0x4, 0x8b7, 0xdf}, 0x0, 0x0, 0x8b00000000000000, 0x2, 0x5, 0x86, 0x3, 0x6, 0x401, 0x6}) fcntl$auto_F_ADD_SEALS(r1, 0x410, 0x0) io_uring_setup$auto(0x0, &(0x7f0000000000)={0x8, 0x5, 0xa0000000, 0x4, 0x401, 0xffff8000, r1, [0x81, 0x4, 0xfffffffb], {0xa, 0x2, 0x1eebdc4e, 0x7fff, 0x8, 0xfffffff8, 0x8, 0x7ff, 0x3}, {0x9b, 0xe14c, 0xfffffff7, 0x8, 0x3, 0x5e, 0x6, 0xa, 0xffffffffffffff80}}) 4.676921501s ago: executing program 0 (id=2469): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) io_submit$auto(0x2, 0xfffffffffffff096, &(0x7f0000000040)=&(0x7f0000000000)={0x2, 0xb, 0x8, 0x3, 0x2, 0x3b, 0xfffffffffffffc00, 0x2, 0x1001, 0x0, 0x6}) writev$auto(0xc8, 0x0, 0x9) mmap$auto(0x0, 0x477, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x22, 0x0, 0x1) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x8001, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/mountinfo\x00', 0x20200, 0x0) select$auto(0x4, 0x0, &(0x7f0000000100)={[0x9, 0x7, 0xfffffffffffffff9, 0x9, 0x7ff, 0x3, 0x6, 0x2, 0x9, 0xffff, 0x1ff, 0xd, 0x3, 0x200000201, 0x7, 0x6]}, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r0) mmap$auto(0x0, 0x400008, 0x36, 0x1009b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x2003f2, 0x15) 4.188115773s ago: executing program 3 (id=2472): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x8000000000000000, 0xdb, 0x100eb4, 0xffffffffffffffff, 0x4) r0 = socketpair$auto(0x1, 0x5, 0x8, 0x0) mmap$auto(0xfffffffffffffffe, 0x2020009, 0x3, 0x800000000000eb1, r0, 0x8000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D2\x00', 0xc2103, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xd561, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x8000) r3 = socket(0x29, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_L2TP_CMD_SESSION_MODIFY(r3, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, 0x0, 0x2, 0x70bd2a, 0x25dfdbff, {}, [@L2TP_ATTR_OFFSET={0x6, 0x3, 0xbc33}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) socket(0x2, 0x80802, 0x0) r4 = socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000003040), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000000300)={0x28, r6, 0x159198c6007aa95d, 0x70bd29, 0x25dfdbfc, {}, [@OVS_METER_ATTR_KBPS={0x4}, @OVS_METER_ATTR_BANDS={0x8, 0x4, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}, @OVS_METER_ATTR_ID={0x8, 0x1, 0x6}]}, 0x28}, 0x1, 0x0, 0x0, 0xc0}, 0x40) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/bConfigurationValue\x00', 0x63102, 0x0) sendfile$auto(r7, r1, 0x0, 0x2) sendmmsg$auto(r4, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, 0x0, 0x9, 0x0, 0x1f, 0x9}, 0x800009}, 0x7, 0x20000000) setsockopt$auto(0x3, 0x9, 0x2f, 0x0, 0x9) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x26b, 0x4}, {0x0, 0x83}}, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0x5) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r2, &(0x7f0000000000)='/\x10\t\xe1', 0x80000000) mmap$auto(0x0, 0x4000050910, 0x7, 0x408000000008011, r5, 0x0) 3.661680139s ago: executing program 1 (id=2473): r0 = openat$auto_stats_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) r1 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000bc0)='/sys/kernel/tracing/dynamic_events\x00', 0x1, 0x0) write$auto_dynamic_events_ops_trace_dynevent(r1, &(0x7f0000000300), 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/fs/ocfs2/active_cluster_plugin\x00', 0x22100, 0x0) mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, r0, 0x8000) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) openat$auto_percpu_stats_fops_(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) r2 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) r6 = openat$auto_objects_fops_(0xffffffffffffff9c, &(0x7f00000002c0), 0x24000, 0x0) signalfd4$auto(r4, &(0x7f0000000100), 0x8, 0x10) read$auto_objects_fops_(r6, &(0x7f00000003c0)=""/211, 0xd3) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002bbd7000fcdbdf2504"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)={0x2c, r2, 0x301, 0x70b52c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_NAME={0x5, 0x2, '\x00'}, @CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x240}, @CTRL_ATTR_FAMILY_NAME={0x8, 0x2, 'HSR\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0) socket(0x10, 0xa, 0xfffffffd) syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000034c0), 0xffffffffffffffff) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x50, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}}, @HSR_A_IFINDEX={0x8}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x5}]}, 0x50}, 0x1, 0x0, 0x0, 0x40080}, 0x40) 3.161932027s ago: executing program 0 (id=2474): bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x200, 0x3, 0x8, 0xc, 0x2e, 0x0, 0x3}, 0x6f4) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/perf_event_max_contexts_per_stack\x00', 0x202, 0x0) setsockopt$auto_SO_RCVPRIORITY(r0, 0x6, 0x52, &(0x7f0000000200)='/sys/kernel/debug/netdevsim/netdevsim3/hwstats/l3/disable_ifindex\x00', 0x0) sendfile$auto(r1, r1, 0x0, 0x7fffe000) mmap$auto(0x0, 0x8, 0x5, 0xe91, 0xffffffffffffffff, 0x9) mmap$auto(0x0, 0xe, 0xdf, 0xeb1, 0x401, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x4) removexattr$auto(&(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00') unshare$auto(0x40000080) unshare$auto(0x40000080) syz_clone(0x1000, 0x0, 0x0, &(0x7f0000000300), 0x0, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/netdevsim/netdevsim3/hwstats/l3/disable_ifindex\x00', 0x1242, 0x0) write$auto(r3, 0x0, 0x9) 3.025389649s ago: executing program 1 (id=2475): r0 = syz_open_procfs$namespace(0x0, 0x0) r1 = socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) r2 = syz_genetlink_get_family_id$auto_tipcv2(0x0, r1) sendmsg$auto_TIPC_NL_LINK_RESET_STATS(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)={0x114, r2, 0x400, 0x70bd29, 0x25dfdbfc, {}, [@TIPC_NLA_MEDIA={0xf1, 0x5, 0x0, 0x1, [@generic="c15b28f4cb7aefac6e7368e2beb07238b8be42e9d6cccc80b46014ea76cdc3f58ce926f3ecec47741d28b104a3c5bf08bea70acee711daed857e82938c7a931aa9e0020ef2ebc8e8da65b14a5316f96cfb1dc6cb3b47ab2361583f0f78b7f38e9172eb010020a8bccfd1886d22e39e1c05b456029bd5a47a99742e9e106925756ba16e44cd3fbd777cb2ef90b608757ab2dda292ca27bdecad0f50cd5a45eaedfccdc5b21928d679046612483817fd0f62c5a947e3f159ade76b62b0d793523547eaf35bdbadebfc7cdaa816a084b8295428b8cccd1ee7f3d2ec3ef565ad444f759edc278c64fc2418d0d776f6"]}, @TIPC_NLA_LINK={0xc, 0x4, 0x0, 0x1, [@typed={0x8, 0x138, 0x0, 0x0, @fd=r0}]}]}, 0x114}, 0x1, 0x0, 0x0, 0x40040}, 0x20040044) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000600), 0x506c2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x100eb0, 0xfffffffffffffffa, 0x8000) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x501, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) getsockopt$auto_SO_BUF_LOCK(r3, 0x4534, 0x48, &(0x7f0000000580)='\x00\xba,\\\xf8\x00', 0x0) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000000900)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x1, 0x0) r4 = openat$auto_sc_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000380), 0x6040, 0x0) read$auto_sc_seq_fops_netdebug(r4, &(0x7f00000003c0)=""/106, 0x6a) r5 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x40000, 0x0) msgctl$auto_IPC_INFO(0x8, 0x3, 0x0) ioctl$auto(r7, 0x560a, r7) r8 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000480), r6) getsockopt$auto_SO_MARK(r6, 0xa, 0x24, &(0x7f0000000140)='})+%]\x00', &(0x7f00000005c0)=0x9) r9 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) wait4$auto(r9, 0x0, 0x8, 0x0) sendmsg$auto_NCSI_CMD_SET_PACKAGE_MASK(r5, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x34, r8, 0x100, 0x70bd27, 0x25dfdbfe, {}, [@NCSI_ATTR_PACKAGE_LIST={0x20, 0x2, 0x0, 0x1, [@typed={0x8, 0x109, 0x0, 0x0, @ipv4=@multicast1}, @typed={0x4, 0x3e}, @typed={0x8, 0x11f, 0x0, 0x0, @pid=r9}, @typed={0x8, 0x89, 0x0, 0x0, @ipv4=@empty}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x2040010}, 0x8014) 2.894391582s ago: executing program 2 (id=2476): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x127202, 0x0) socket(0x21, 0x2, 0xa) write$auto(0xffffffffffffffff, 0x0, 0x20003) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) ioctl$auto_USBDEVFS_REAPURBNDELAY32(r0, 0x4004550d, &(0x7f0000000000)=0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x20401, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) close_range$auto(r1, 0x8, 0x0) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) io_uring_setup$auto(0x3, 0x0) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) r2 = getpid() r3 = gettid() rt_tgsigqueueinfo$auto(r2, r3, 0x1f, 0x0) ppoll$auto(&(0x7f0000000100)={0xffffffffffffffff, 0x690, 0xffa1}, 0x5, 0x0, &(0x7f0000000140)={0x4}, 0x8) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x787806, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x801, 0x106) statx$auto(r4, &(0x7f0000000040)='./file0\x00', 0x7, 0x10000, &(0x7f0000000180)={0x1, 0x9, 0x450f12a1, 0xd84, 0xee00, 0xee01, 0x4, 0x1, 0x6, 0x8, 0xc, 0x0, {0xfffffffffffffffb, 0x7}, {0xbeb9, 0x9}, {0xff, 0x1}, {0x0, 0x2}, 0x2, 0x0, 0x8, 0x4, 0xffffffffffffffff, 0x0, 0x2, 0x7c43, 0x8000, 0x8be, 0x9, 0x9636, [0x4, 0x0, 0x7, 0x0, 0x9, 0x80000000, 0x4, 0x7]}) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) dup2$auto(0x5, 0x4) write$auto(0x6, 0x0, 0x100000001) 2.750921976s ago: executing program 3 (id=2477): sendmsg$auto_GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="01002d00080007000000000000000000", @ANYRES32, @ANYBLOB='\b\x00\b'], 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x0) r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) bind$auto(0x3, 0x0, 0x6d) syz_genetlink_get_family_id$auto_ipvs(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0xa, 0x15) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_BLKRRPART(0xffffffffffffffff, 0x125f, 0x0) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'veth0_macvtap\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000015c0)={&(0x7f0000003940)=ANY=[@ANYBLOB="34130000", @ANYRES16=r1, @ANYBLOB="00042abd7000fcdbdf251b000000380002800400210007002e002acd000014004900200100000000000000000000000000011400db00fe880000000000000000000000000001201002801c100e80070058002c250000fd7707d9b19d908bd6211344ba5cbdb83a94501ec93791ceddf1ffbb3477aa580ff56f9c976df96791b3e51e21913e640a8f4bd343237e9c30acb5dbd0dc052d1fc1e66b1757f78d4b1ffc125c4630ff8645028e4e44c4fb71d8684bd952bf56f171295e3f972d9b286d31a063128a9fbf98535b4904af1f5cc2ebd37ddeb2538519cb800c90a8f2f64cb299b59d5ae0be1be28f2d63a2ff0f73b79045c0bbcba5013af35647211f0826d04cbcd2300b548bb86db53c72950b05db7660d965400df5b2c5997f27548a2630b55652cbdda2c9a06616ae2406b9cfb06dabafd9b6fcd2304e612bf4f4e8365b8fe59192a4f018cdcc0b250ab0e9d9574c20aa544a516e4142d76cc1e923c34b3132129eeaef6c31c0cdd464a674c89b36c7867fc9728e5a9716899b39631c4d0d61a9809fd9f2dda50bfaa0d5b1e3db9f174d324dec6ba0eb27aea9913d01654fa1b6ed9e09a79531a4fea0b0b2a4da8e4860d348d21c26029f85dd0ac07bcdd5ffb7581e1eec4d966bc9b56db382b2c5604b382a9df510dadbf3b5e6657a79c820e8c425d44ea65f04c9326f001c82a275677a20b2d4d9030bff016182ecb05b73f69dd283f64c5cb8c1d083af80176b80d3b461dc4d6ddb81f144ffb7b6cf998d60fb544ef20d5dd784c747a469c3e5fae2ec48a4ad0bdc3f783b9404b006b068608d1ce69054755f1e854f4a5e8aa7d686639b08f5a56777b2f91ed79a6301a4ee9a512678e09358b0ed1184146a5e61c5450f2ddb458d0054c644bc8b252a5c56abe6f831217aa76167b236251efbe7016964b28ce8e9e355a77af4187b79aa7e3ce0e40d7ec6978a9efd287753d84d3f5392684723285327a42bfead31d805503a85e663a7fc24b3c997667e34086a50d52255b0bb2a876b85eae45edac1bbd0e8d097965da18dc111d777a3de84576cbc084953ebd60cb9a4034b054aa1645bd39178a162252307125ea8b3ec37a17685eb1648f2bd35200caad56ed608dcaa31f3f909e99549b292a71141568e32e1bc4558fd126a1fc258452656bd49ffc663f8d94c9f0229f212f0325e91c5cc4befbb7f888f64e817afca10062930a9107abae22914ae8d47feb5f007a5b88c5d5c4f8d990dec9933264eeae9557854138bde8f552fd0b4310a1d968769c7f4fcbcc2951c37da4958ce126210db1bce184fcb90a781d11f3fe58d0b87bc6c92784a4806eebd679feed6bea77dc2a4478f812bfe293147eb9f59d63d9d982044361107594b091cc5c0ea911de548a697c5e7ecabf1e91f47d579e79465fdb4b49975f3ca386c0e8568602925aaf1cb3b440ac6afde8490d5ac6957a72693930238a4a5ad9ea301aa0012d2da7688eceefa95a3d863de5e86eb8dc02c8834375315d4cfe809e3c488ff99f7228b097677f6069094ff5d173452325862a8f932b179e615cdb350aa022b5495dde3ba05bb691d72b1cbe54826b99a5e4b2771aa035d7156074f05969fd247b66cc0a1331888b1aa429bf7e571607bcab7aece505b405c2f8c9b316f48efc60ecd9c38d1288118a352e99297f9cea81970ecb8b1a231b357c0350ff883195dbc276f88615b2dc971c0e78216188dff5ad312db246a8d9faf0644b7319bb2e3156263c7f477f01c0a387ac5b17e2d7220b63ce130a8002a9a7893dacc74ee4f6dff0fdfa833f179590149fe0398236689a178833f0a8fd6730ed207d8b779d76804d9ff98e33cbd8a09559bc8b4749778510e7ef33dc41ceb53938d66ca0cd5721e074af0073be56c6645aa70859ad6109a001060e233fe50e47fd669d0d8557e5eac495e8d840a5eb730d974b21489fd48ca1b5b7c415533bba4881b68326370cd22304e5435506a5ff0e54f48317959f7c24fd314d5ce0aa8550616a8caa6a12175f8ce16bf38367c2b9d5b625be0f96c5f61041c183c982ce24e7baea899b8209a1d61c11cec9681d5e39d4082cf4ec4cd2715beb77d570bcdd31b493fdbea44298a2f37f56b2e0436146b63a5cf7a9dcb2bbbf134b2b2276f550e094c3fd5319257af48f7ccba42f965fa0b597c5bf5bc7b71207e397f48bfb09ef16fe20e06641ccacf8cbad59d3f19f377114f15059dfa44cff54317d5127261889e05b45d99b516b824b0c7dc3db2d53b43f369d71cbbfe897c2fb0a5d25330d9e6c4fcbb8bcc4ba4edfaae2f6810ab153a2ffda5f23f4b96312ab8fd5a318474c4e76373d1b60a5511e42d969a020f06f6f38ff8025984642805387443b56e4ee1289be50139c6ca1b666209056c3a69db2208491ba7a947fcd506e9cdd6a086b6f0bddc26641d6e398bee64112a74344807e4e0924420be3373f3e6866b836f87383b0e6500409e7062bff302b3457cc50993991279e66f9425f7c936a55c5b29b39d16d69d543d09d7049bba064eddb266b0c1e943fae1fc4f8cef51f2e9136916a3ca7e1dd69feaeff966cad5c92bf1cab620e28886576e3bc0195470b5a55b27b179cd917134ec007b929bc4f08efbbfbcf03eca5d17e3bf295bb70a27c48bb1f379b6c4eeef03d630f9a4d5ec543f6f65743ecbd7da7b6008813640c824eda334d7a58b238854bc330d9822e6f80b3d3872f2c4f3cf71fc38c12400cc1cdb68129642f360bf49956b7d1eb33a0925f2c39cf5621bfac96b4ae2df6e3d12bf5981b49379352e515b8c36c34189b410b33987f882e15ec46d4692ed2c93a797b8d50610e099cc0f9ed3e4cbd6b4b4e8e130fd5e3915156c7a0b14f9195b0f22662b0892e18fa5a8caa123679107b83b2220fd78dbb96c79a203e7ea35b5f6766a874ade4b0517cd93d062d3ee326ce2b7da71f193dc8e1c41fbc73ae61e0806dc0edfab11bf7cc39c3ff62ec0d35b75d5c47ca58983a6e79e27ebe7a9ce3dcdd0f04e48ee1355e39d0123c1b1168140e7a6aff428e56d28831fefaa42c75c364d76ca91089a639551fd479b29b8d97403a8d1d1e95a18cb6b924680f9ab84fec09ad227087d187f39d97673f93c100f44402f52417dddeffa3b3ed14f8d21cd21ad4f68410709f4779bb2f28a847842bdff73f4df1067580a59e66847b54e9b73270a3e03d7f343f103e094fd33899b27b1d7609444c15c47121699392496dd83c632372404317bce841081338236322bb046b03c288c7aafb46ff90718bea8f9ff47629649f3f7680615115f6afdfe5b4b198eff09398ac17957ce565ebaa41ec6407231324cf1db34fd7a7f63e3129a762158918154a2bb66759c8b1bfd0f12ec9a1af9c68d7dec3ae1f2358780a37e92da9242d010a4708d5315aac57f97e4b125cccbc7cf5c22e9e9c5746db926ec6e5852185f089f556b51b750ce1300257c7563421e461846fd2d0a7088a643bab1d99c851f60d8a99490809abec7c102bef7f3413080b420f4df14bea3cd903395eb1a401c8369fdf9d1f3baaf721b7794a4fe176764238c18f2094e3fc18bd3e519cf31d249ef7cb228e061190ef2adbdf3cbc0548e57c7c531cad4434989a01fbb94531fcd9dc5b0637fbe464290b3e043c0e56a7ae806e677b083bb2871e181f8c943f40e613efaf342a40602b6d3625bfa265618d75da5452d820b469bd51b247987479ec7fcf02e16d68e854a3ea20802e736291f44dece07a443571f2f106475d366402f81d32417a72cfeeb2bc8712597599ea375d261424816a8377155a3b8a95ae31157ea23d0e37c749534cb1969129423a5df4c99118bab44e8c5a221fee6e805e54032e4d7d8ad56763409f9c8b0db03fddacc5542961bfeaf68b2b220d8ae5903d3109e21dc1ad91b06fd26f4b4a4b1d4664494faab942375c449658d583032d0b6d298ecb5d23e8225a60d224c4a5182c9f226221c71295332dc1035489e44899206978057f5106a36ef88fd9b5c14453878a3ee043788ff8f26d423d04dc38441ed4ebe66d1579c98ecbffba13638ff651e8ff0752da12967aac2f03ee8b260ea743f7f5219e9ca610753497db9c26d4b0d7161990dc0b1fa8452442a74b0d9d3b3d8d52062eb501f7772fbbfc75da83596e48382a52a59364457712fd0e4601dcda0b7a003bbc6fdb1c7d5ebf54cbf465565a333c78e0e0b5623abea6636de0c55e8242c88ba57d45fbc1bc57366f11f22241a5e5951d4080f9b3c99c080738b2de2000815b3e2618d7e7ee8a80b7cedbcd5128f9541c6895e503e54bc430740b7fce4c9be9448f23aaca8ab9f4979cee3dd08745b16f933ff439342ac22fa175a72c1e0e4322c112ad05166c952647d711a552325864400220ac8191ec5113e096b5d9d765200943424ec8a35714f9c33f79dfe285c2b82b2bbf1cdea26b4b28dfff009841f4fe75b768345cd3f7a261b3e13c29ba289ea1d9ba6694a56881eaf8d30a7db9d73923e4538aea45cb7bf4b635b9148d4cdd21741b5f0cd299ca328d9898a845bfdbc923e7ec748a8420663fa23c3e79e90e2222b4f1d89bc49b0746b3b31b912cdb114590be114857bbcda5c8c6884a8ea6739d5908105a3e7c44439cc465c447c9d793532953764f545ec702a17b04d2438044627d9ccb96366118cb88f032b7692a3c862d377622353dac988900ea759eb14389390b18489acb3bab6b6cad24b022cc7f36e45aafcc76d9d08dcdf939bdec44aa900c0cc25741b93f670fd408c412716be6ccbf32b56d20417f1c0eb1649f9c17d1cbd062722341fac703daa82d190d5083b1f6defa7d8b01c6133d7522cf790be218956d181bd9b9609d206d979721b37027e8f8e00c19d916730db2d9a6662168572299da40e0aca2ce9e56cba9213e2ec28cd8ebb32194fb72caec2a87f827d667aa992b645e24c3dacb10097356ba908dff6085722d50448f26a0d510358838092ed592e95b07cef53d4c861d9349458dfaed87ea9c8bb7170b67bc1f4ea65037a9781c3e6a4112dd2774ad600da311d258bffb8ccb4bf801e1237ccb54eb3c90a556e783bfff6104a657bb9a82ffe07f7a2a4abd0cd190f089edb5b9d6860b3efb93629a96ea51e8fc2f4295d4332510c3cbae2492e228cb1c3caeb91666a7bb0d234e352b6ced58609de50f6a26d1d6537d50aff3d93078636dd81142318b55d1a844a19999001945fe97cfd49f68774edd3429c13bebb8f1707fc833b3556c790ce986c1f3b07ba316f61bf53ec4bf6c2c5d19bab09f28814671f7683e0cd13dd7f1bba2323d3d77c951d1e03c84ba5f5cfadf559a4e8df369c1e33dbd5f45e6714b7e4527ddfe666fc4b973c0728dc4aada592f042c5c321a7dfa28f2562817b510157335240cc6d730d0072b2adacbc9de4bd0a67f8cc63596d0150f7bbda6e3b732407e67892ebc34b25c130c84e851248d4c8677ab934ccb58e39b003aade67e8e59d147654853c5490d0fe9818e5ff229ad485566bb4faf970841cff0b6fa3cb6f02be26b727556eb4f43ae1ddd3260facdb46dc7ce0f5f2898a321ea1efe388c5b5f45edad239094907925e605ae1f2e722767095303dadc7a64ab6549962efd59384bcfc1c582e1242a8014af2e6a09c8311fcf3d17a69233c6faa521de4faf0481b469c0be5f7f47ebfff3b038457cbd78556aa2aa98daddc2451a176768d498b6277efb9af0f396bdd5384ed68d65575baaeba130063adadc179527aeebbaf5c1d2bab30dc39f2857c4d2f0f36841aa6ea7fee8e16f2907dd82d573e73e3c70a4714aacdfb8ed9aa59d7b1e2c65d492850d9e39f3dc7a4a941c3b5a8b4a7f851b7bb4f8196a6ea239290b1835c10b0a10e842ccf47303ff5d478309aa8e6c6ab0158cdb68afad4a2a2428a08000f00ac1e0101040016800400f380580001801400020076657468315f746f5f627269646765000800030001040000080004000a000000140002006e723000000000000000000000000000140002006e72300000000000", @ANYRES32=r2, @ANYBLOB="3b020280c3defdc5282a3b6129a5acc4aeebbd8dd903cb73678ac964be8cb4b36ea3ed693801fc1aa2b92397a812525bd943b3cad819b7f9f185f4b77a47991639f6c732bc7297766b74185aa3dd14ca8c7a9da834a3cdfffeb4be9f36def28472a4008eb11059eb779f5e5502e3907d75e02a75bfb69af8b83c174b8a66b94fa640134f52bcd3538f2bae2bf1a83e7ac2fb84ac34f558c87e2226ec683c6cf2274a46eb2e6aae9fb83fc69aaab0c708363fdfebd403abd21e0d634e46983b177addf66138360f85130c0384b44303e2dbf29fdc47a3f2a38035ce7e66f02ea3cebb27238c4acc5d7cb1c67e4c7767a716c7fc3a19cdee2f0cca4994202a761ca5c60fae28d7d28b3c08282e80516a551982390abea87043d36716b81e5fe5e3adba2c83c91f0df904c697daebaedc1ed75cd536bcdecf5f9b2dfa8e82149e48d678fbc3abfb3eaffbc4c5afee992be22a74b783d601ae6a9377fbb234c167cd6d4af308005100", @ANYRES32], 0x1334}, 0x1, 0x0, 0x0, 0x4050}, 0x20000040) r3 = socket(0x10, 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r4) sendmsg$auto_ETHTOOL_MSG_WOL_SET(r3, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="010027bd7000fcdbdf250a9e00ff15000000140001"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0xfffffffe, &(0x7f0000000100)={&(0x7f0000000080), 0x9}, 0x2, &(0x7f0000000140), 0x1, 0xa505}, 0x8}, 0x5, 0x6) 2.304803531s ago: executing program 3 (id=2478): rseq$auto(0x0, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x8, 0x9, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x70b801, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffa, 0x8000000008011, r0, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC2\x00', 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/max_page_sharing\x00', 0x12b141, 0x0) clock_gettime$auto(0xfffffffffffffbfb, 0xfffffffffffffffc) write$auto(r1, &(0x7f0000000140)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x6) r2 = socket(0x1e, 0x1, 0x0) mmap$auto(0x0, 0xac1, 0xdf, 0x100000009b72, r1, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) io_uring_setup$auto(0x200, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) ioctl$auto(r3, 0x8910, r2) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x381, 0x0) setsockopt$auto_SO_PASSSEC(r0, 0xfff, 0x22, &(0x7f0000000180)='\x00\x00', 0x394c00) socket(0x10, 0x3, 0x7) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x0, 0x0) write$auto(r4, &(0x7f0000000400)='/de\x05\x00@ucio1\x00', 0x5) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x29b9bc1b, 0x7, 0x0, 0x1, 0x948b, 0x1, 0x15f4da03, 0x6, 0x8, 0x2, 0x597, 0x1000, 0x5, 0x6, 0x2, 0x9]}, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) socket$nl_generic(0x10, 0x3, 0x10) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) 2.301725939s ago: executing program 0 (id=2486): socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x3fffff, 0x7, 0x11, 0xdd, 0x0) (async) sysfs$auto(0x2, 0x3b, 0x0) (async) fsopen$auto(0x0, 0x2) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x8d}, 0x7}, 0xb8ad, 0x0) (async) close_range$auto(0x0, 0xffffffffffffffff, 0x2) (async) socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0) (async) unshare$auto(0x40000080) (async) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) (async) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) (async) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) (async) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="1b0025bd7000f9dbdf2503000000040008000800038004000c803e85c680d837bbaa9b202d4b13c6fc51a5459fe8a28c08a40ce070e7abbb48bbaaac1f12f1e40d18b13ef89845eb21bba90a2b9a17cd0404bc4c5d4e1d4f38276dd508b2ec9623f60c7a6bd7618fe9d59e95e5593e92dc57670c230a9499dff1c964aa03974e78aab7c6a6628ac499288815cbb1d1b623de7f2795d61f44a8b6701f2cefa90b7521217b40bf4bb98dac4d06df57b896de136fedb9321aa6bb7d8bd992de18785deb3d34c6ff9d375c35dc3e38a78dde360fa868b88922b2e5a2dd9c11fd2abe768526ff939a9c23b726b84761f6093be9182d52b5d48c96b93da5ac"], 0x20}, 0x1, 0x0, 0x0, 0x50}, 0x400c880) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="777bd1701fb3da3b00ceb83b692b45", @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_0={0x8000, 0x1, 0x8, 0xc, 0x5, 0xffffffffffffffff, 0x80000001, "787d66da4a620eab7f736e854ef61529", 0x0, 0xffffffffffffffff, 0x7, 0xffff4e8b, 0x2, 0x1}, 0x7) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="eb1b5e11f7823d2923ff9b1d81e2e65cc5657dc730a53d56d712677af809ede01416d06dfe3ac89a64bc6a5c6f1bb5683d8196bf10e6ad27108e4c74d7cdee85d99048c29d54e006d2ae6d38500dbca70d12816c9911e0e2"], 0x1ac}, 0x1, 0x0, 0x0, 0x20000000}, 0x40090) (async) close_range$auto(0x2, 0x8, 0x0) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mtdblock0\x00', 0x2a742, 0x0) socket(0x2, 0x3, 0x100) (async) bind$auto(0x3, &(0x7f0000000400)=@l2={0x1f, 0x0, @any, 0x7856, 0x2}, 0x3) (async) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) (async) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 2.301166589s ago: executing program 1 (id=2479): write$auto_mousedev_fops_mousedev(0xffffffffffffffff, &(0x7f0000000080)="3ff9e5aff1026ca652cf19f36517c8869434ce832c806fac3a6dc43a85dbdb396f95d58f0ae825a892f2eb9e", 0x2c) 2.172416691s ago: executing program 1 (id=2480): shmat$auto(0x3, &(0x7f0000000000)='---\xc1@%]!\x00', 0x8000) shmat$auto(0x6, &(0x7f0000000040)='---\xc1@%]!\x00', 0xf3) write$auto(0xffffffffffffffff, &(0x7f0000000080)='---\xc1@%]!\x00', 0x6) shmat$auto(0x4, &(0x7f00000000c0)='\x00', 0x8) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_cifs(&(0x7f0000000100), r0) getsockopt$auto_SO_WIFI_STATUS(r0, 0x6, 0x29, &(0x7f0000000140)=',-\\\x00', &(0x7f0000000180)=0x2f02) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/fb0\x00', 0x0, 0x0) shmat$auto(0x4, &(0x7f0000000200)='cifs\x00', 0x5) ioctl$auto_FS_IOC_UNRESVSP(r0, 0x40305829, 0x8) shutdown$auto(r0, 0x7) r2 = io_uring_setup$auto(0x88, &(0x7f0000000240)={0x3, 0x1, 0x1, 0x5519, 0x2, 0x6, r0, [0x8, 0xf379, 0x9], {0x4, 0xc99f, 0x10001, 0x1ff, 0x1, 0x1, 0x8, 0x9, 0x9}, {0x9, 0xb, 0x9, 0xffffffff, 0x7fff, 0x9, 0x1, 0x8}}) close_range$auto(r3, 0xffffffffffffffff, 0x8) syz_genetlink_get_family_id$auto_net_dm(&(0x7f00000002c0), r2) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/pcmC0D0c\x00', 0x200000, 0x0) r4 = getsid$auto(0xffffffffffffffff) prctl$auto_SIGCONT(0x3, 0x12, r4, 0x7, 0x8000) prctl$auto(0x6, 0x3, 0x0, 0x948c, 0x5) write$auto_nsim_pp_hold_fops_netdev(0xffffffffffffffff, &(0x7f0000000340)="2009598a4e7cb3b49eeb0aa6bbf57552e102b5a396ed5396f371b7d39cd5ea6e2b1faceb72050d269b781b7115b27547e9ba561700db3665e8b9e3c6181e232b23bec1e2df85036e606ed56312c7dc4952da6686fb44e5fa6f300834009c1fd828d2a1a82f98bfcc2e344a7c5d3e5063aa18837128b7a0e43019ec58351eeec88e5cc291e1e4f66146cf1a471589938f5c24a3", 0x93) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000400), 0x240002, 0x0) r6 = ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) sendmsg$auto_NFSD_CMD_POOL_MODE_GET(r3, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x14, 0x0, 0x2, 0x70bd28, 0x25dfdbff, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x600480c4) getsockopt$auto_SO_TXREHASH(r1, 0x0, 0x4a, &(0x7f0000000540)='/dev/fb0\x00', &(0x7f0000000580)=0x3a) write$auto_nsim_dev_take_snapshot_fops_dev(r2, &(0x7f00000005c0)="9cf15887cfc031e0927aa26408f9274fc341c2170e4c777109b4d7da1fcf311635ec0f669932466682df3f62c70e40b69b5c9f104c4547d1ee326d1c804a96210348445726144ef396be45913ae45b25b7484dbd75828ece9bf4cddaff2f8e3b778a4a2b666bd295f8d6145530b0da28dc5404b099ff97", 0x77) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000640), r0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000680)='/sys/devices/platform/vhci_hcd.4/usb17/17-0:1.0/usb17-port1/quirks\x00', 0x800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000700)='/sys/devices/virtual/tty/ptybb/power/control\x00', 0xe571b8ad4f67f625, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000740)='/sys/devices/platform/vhci_hcd.0/usb9/9-0:1.0/usb9-port1/early_stop\x00', 0x101080, 0x0) fcntl$auto_F_GETPIPE_SZ(r1, 0x408, 0x6) ioctl$auto_PPPIOCSMRU(r6, 0x40047452, &(0x7f00000007c0)=0x4) 2.091759302s ago: executing program 1 (id=2481): prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x2, 0x10000) timer_create$auto(0x0, 0x0, 0x0) timer_settime$auto(0x0, 0x9, &(0x7f00000000c0)={{0x10080c, 0x18007}, {0x8}}, 0x0) timer_delete$auto(0x0) prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0) r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2401, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000100)={0x8000000000000000, 0x80000001}) r1 = socket(0x2, 0x1, 0x106) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x6, @private=0xa010102}, 0x6a) shutdown$auto(0x200000003, 0x2) connect$auto(r1, &(0x7f0000000080)=@nl=@unspec, 0x54) sysfs$auto(0x2, 0x4d, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) ioctl$auto(r2, 0x540a, 0x0) r3 = socket(0xa, 0x1, 0x0) timer_create$auto(0x0, 0x0, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/blkio.bfq.time_recursive\x00', 0x182b02, 0x0) sendfile$auto(r4, r3, 0x0, 0x3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) io_uring_setup$auto(0x10, &(0x7f0000000180)={0x7, 0x1, 0xb9, 0xd, 0x18da, 0x3, r2, [0x6, 0x7, 0x2], {0xff, 0x1ffe00, 0x75, 0x6, 0x2, 0x800, 0xf, 0x7db, 0x6}, {0x7, 0x80000000, 0xa99, 0x8001, 0x4, 0x7, 0x3, 0x9, 0x3}}) madvise$auto(0x4, 0xffffffffffff0008, 0x17) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x80008, 0x100000000}}) io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83) madvise$auto(0x0, 0xffffffffffff0005, 0x17) close_range$auto(0x2, 0x8, 0x0) 1.919579209s ago: executing program 0 (id=2482): mmap$auto(0xfffffffffffffffd, 0x2020009, 0xffffffffac286901, 0x2000000000007fff, 0xfffffffffffffffa, 0x7) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x17) (async) mbind$auto(0x2000, 0x100000008, 0x2100000000, 0x0, 0x6, 0x2) 1.75239734s ago: executing program 0 (id=2483): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_pid_set_comm_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/comm\x00', 0x50081, 0x0) mmap$auto(0x0, 0x20009, 0xb17a, 0xeb1, 0x3fd, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x11, 0xa, 0x300) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0) lseek$auto(0x3, 0x0, 0x1) read$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffffff, &(0x7f0000000440)=""/208, 0xd0) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) get_mempolicy$auto(0x0, 0x0, 0x3, 0x1ff, 0x3) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/nfs/exports\x00', 0x400, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0xfffffffffffffffd, 0x2020009, 0x100000003, 0xeb1, 0xfffffffffffffffa, 0x8005) mmap$auto(0x0, 0x2020009, 0x126, 0x19, 0xffffffffffffffff, 0x0) sysfs$auto(0x3, 0x2a, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r2) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r3, 0x805, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) sendmsg$auto_NL80211_CMD_REQ_SET_REG(r1, &(0x7f0000001bc0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000001b80)={&(0x7f0000000540)={0x14c, r3, 0x10, 0x70bd25, 0x25dfdbff, {}, [@NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x3}, @NL80211_ATTR_MLO_TTLM_ULINK={0xe2, 0x149, "3eb2cbd4b5c3f4737df506478c800ec25c8e7a16874995c032fc7e96be6f66414d8e902918ceda8b2c0dc295f0357ed4e07595bdbea504df509d599af7f4093aa55aabdb84f9ca049ba362d814dfa70b0f6f5f2016cf362a593dc25b8b489240ef36cc8f1cd47695185ad052b20e8f83900ff61d1032d20356c60f6f2feafd0e889d50a05f2fc046ff133bbd56662dfa01c856f2781cde6092a91dcd2ba300e5e9fbb8eaad27744a2281c295b77052ee3473c1c38cb22c26aade1874c25b87bb4478ad5b77f57f26bedd309d96315d5392d42c2120b100e486e0e07c0182"}, @NL80211_ATTR_STA_WME={0x4c, 0x81, 0x0, 0x1, [@NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x1}, @NL80211_STA_WME_MAX_SP={0x5}, @NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x4b}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x4}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x4}, @NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x3}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0xd}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x1}, @NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x40}]}]}, 0x14c}, 0x1, 0x0, 0x0, 0x24040880}, 0x0) acct$auto(&(0x7f0000000300)='/dev/vcsu\x00') mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x200005, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/ns/cgroup\x00', 0x426100, 0x0) sendmsg$auto_NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x54, 0x0, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x3}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x168849a2}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xc}, @NL80211_ATTR_ROAM_SUPPORT={0x4}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, "fc5ebe6d92fc215a310b0d81aaee38b1874416f6b575faae817d"}]}, 0x54}, 0x1, 0x0, 0x0, 0x3707bcf1f9d19fbb}, 0x40000c0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) get_mempolicy$auto(&(0x7f0000000000)=0x3, &(0x7f00000000c0)=0x6, 0x63bd, 0x10ca00000000000, 0x9) ioctl$auto_TCFLSH2(r4, 0x5408, 0x0) 1.747801235s ago: executing program 2 (id=2484): r0 = socket(0x2, 0x2, 0x0) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x52) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptys1\x00', 0x502, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) socket(0xa, 0x1, 0x84) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0300, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0x80111500, 0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) madvise$auto(0x0, 0xfffffffffffeffff, 0x15) socket(0x8, 0x3, 0xa) connect$auto(0x3, 0x0, 0x54) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x10000000400008, 0xdf, 0x12, r1, 0x40000008000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC0D0c\x00', 0x80000, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r3) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="05082dbd70000cdcdf8d6db35750"], 0x14}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) gettid() openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) close_range$auto(0x2, 0x8, 0x0) r5 = socket(0x2, 0x1, 0x0) bind$auto(r5, &(0x7f0000000040)=@ax25={0x3, @default, 0x40000007}, 0x6a) sendmmsg$auto(r5, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x1c, 0x20000000) r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) sendfile$auto(0x3, r6, 0x0, 0x400000000006) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) syz_clone(0x30004400, 0x0, 0x0, 0x0, 0x0, 0x0) 1.228232628s ago: executing program 0 (id=2485): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, 0x0, 0x100000a3d9) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x20a00, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x15\x00p\x01\x99\x88c\x14\r>\x14\x1a\xd3\xd3\x1d\xf8?\xdb\xdb\xc1\xf5\xe3o\x8e\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\xe5}\xea\x1b\x95\xafQ;_L\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2\x10\x00\x00\x00\x00\x00/TX:\x8a\xddf\xa9H0\x06\xe7\xd2\xe2\xf6^\xfdo\x00\x9a>T\xd5\x1e\xe3\xeb\x89q\a\xd6h\xc9\xbc\x8f\x1dBk\x95\x174\xdc\x03\x05> -\xb6\x9d[\xe42(\xe4\n\x98u\xc9\xa1\xc4Zb\x04\xc2\xf1 \x8a\xbe]\xde\xfd8u\xb4\xde\xb3\xa1T/\xdfx\x14Y\xfe\x1e\x1f\x91\x19\xb7\xfc\xcd\x7fl\xb3\xa8#\xa0\xb9P\x8d\x04C\x87\xebR\x93\x12\x18H&N\x8b\'i)\xab@\xaf\xcb\xda\x00\x067\xce\xd6V4\xc2\xeeX\xb4\xe9\f\xee\xe8\xd8\x91\x1b\xcd\x00j\x14H\xcc-\x14\xde\xaaN\x87\x8d\x9b\xa05\xacHX\xc1\xce\x91\xee\xad\r\xbe\xb2&f\xa3\xe2\x8bp\xba\x8a\"\xf1\xfc\xa13\xfe\xe0JG\xe1v\x82s}v~`X%pJ\xbf\xc3`\xa9\x8f\"l\xc7XX\xa4\xb6\x0e\xbe\xa0wy\xfe\x03n+k\xf149*(\x15\xaa\xc2\x8aB\xf1\xbb$M\xfe%\xc7\x84\xf0\xa4}bd\xac\xa8T\xda\xffm\x86\xca\x80\xde3\xa7\xba\xc7Y]\xd7\xa2\xec)\xd6\xad\xbcI\x10\xa3#\xd4/J\xa8\x14\x1b<\x04\xbd\x89\xefQf\xc0Q\x92\x92\xa7\x99\xcf\xaekR\xf5\xb7\x14r[\x9fx\xaf+\xb3@\xf4\x83\xbf\xc7e\xe7\xc2\xd6\x10\x0fk\xee)\x92\bO\xa1\x1a\x9e\xef:5\x1e\x1c\"9\xd8\xdf\xa9C\xe2SHG6\xf2\xd5.\x12]\x17J\x8b\xc52\xe9\x9e\xbc\xdc\xae\xef\xed\xf9\xa6\x9e-\x92pZ\x12j/\x1dD{\xac\x17\\O\xee\x11\x10$\x12\xfc \xb0\xb7cA;\xa1,\x040\xa7\xd9\xb2\x19@1\x92\x10\xc4\xc0\x1f\x1d\xe1\xf6\x80lW\v,\xa2\x134no\xa0\x00l\xd8\xe4\xd3\x16\xd3%\x8b\xf5\x1e\x12{\xe6\xdb\xde\a\xdedH\x90\xf7\x19\xff\xcb\xacC\xeadOf\xb8\x15\xc39\xefLt\t\x11\xa1\x0e\x85\xac\xcc+\xc0\xb4.\xaa3>\xc0\x96\x84\xd5\x02\xc1\x94=\xb0\xfe\xda\x1d\xe9\xa7\xe1\xcf\x80|k\xdd\x95\xc9\xb0y\xb4\xbd\xc2W\x9c\xa4\x80\x13\xbc\x7fb=y\xdb]U\xd1HC\xe1\xa7\x94q\xb0C\xb8\x86\xd0\x9d\xe0\x8aD\x91x\'\xd6\x17\xd1\x9d\x16\xa7oZ\x8a\xce:\x9e@\xca\x17\x05f+\xee\xd8\xe6D\x9e\xb18Aw', 0xe, 0x3) r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000180), 0x40900, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f00000000c0)={{0x0, 0x2, 0x200800, 0xffffffff, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x20000000000e31, 0x40000000000a5, 0x8000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) madvise$auto(0x0, 0xffffffffffff0006, 0x17) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snd/controlC0\x00', 0x880, 0x0) ioctl$auto_UBI_IOCATT(r1, 0x40186f40, 0x0) ioctl$auto_UBI_IOCDET(r1, 0x40046f41, 0x0) mmap$auto(0x0, 0x61, 0x100001000000004, 0xfa31, 0x400, 0x8000) r2 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x401, 0x0) pwritev$auto(r2, &(0x7f0000000140)={0x0, 0x400000000001}, 0x5, 0x5, 0xd3b8) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001180), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x28, r4, 0x1, 0x70bd2b, 0x25dfdc03, {}, [@HWSIM_ATTR_PMSR_SUPPORT={0x14, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_TYPE_CAPA={0x10, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_MAX_FTMS_PER_BURST={0x5}]}]}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x40891}, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0x40000eb1, 0x401, 0x8000) clone$auto(0x100000008, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4000006) clone$auto(0x1, 0x1, 0x0, 0x0, 0x2) 901.790362ms ago: executing program 3 (id=2487): sendmsg$auto_GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="01002d00080007000000000000000000", @ANYRES32, @ANYBLOB='\b\x00\b'], 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x0) r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) bind$auto(0x3, 0x0, 0x6d) syz_genetlink_get_family_id$auto_ipvs(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0xa, 0x15) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_BLKRRPART(0xffffffffffffffff, 0x125f, 0x0) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'veth0_macvtap\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000015c0)={&(0x7f0000003940)=ANY=[@ANYBLOB="34130000", @ANYRES16=r1, @ANYBLOB="00042abd7000fcdbdf251b000000380002800400210007002e002acd000014004900200100000000000000000000000000011400db00fe880000000000000000000000000001201002801c100e80070058002c250000fd7707d9b19d908bd6211344ba5cbdb83a94501ec93791ceddf1ffbb3477aa580ff56f9c976df96791b3e51e21913e640a8f4bd343237e9c30acb5dbd0dc052d1fc1e66b1757f78d4b1ffc125c4630ff8645028e4e44c4fb71d8684bd952bf56f171295e3f972d9b286d31a063128a9fbf98535b4904af1f5cc2ebd37ddeb2538519cb800c90a8f2f64cb299b59d5ae0be1be28f2d63a2ff0f73b79045c0bbcba5013af35647211f0826d04cbcd2300b548bb86db53c72950b05db7660d965400df5b2c5997f27548a2630b55652cbdda2c9a06616ae2406b9cfb06dabafd9b6fcd2304e612bf4f4e8365b8fe59192a4f018cdcc0b250ab0e9d9574c20aa544a516e4142d76cc1e923c34b3132129eeaef6c31c0cdd464a674c89b36c7867fc9728e5a9716899b39631c4d0d61a9809fd9f2dda50bfaa0d5b1e3db9f174d324dec6ba0eb27aea9913d01654fa1b6ed9e09a79531a4fea0b0b2a4da8e4860d348d21c26029f85dd0ac07bcdd5ffb7581e1eec4d966bc9b56db382b2c5604b382a9df510dadbf3b5e6657a79c820e8c425d44ea65f04c9326f001c82a275677a20b2d4d9030bff016182ecb05b73f69dd283f64c5cb8c1d083af80176b80d3b461dc4d6ddb81f144ffb7b6cf998d60fb544ef20d5dd784c747a469c3e5fae2ec48a4ad0bdc3f783b9404b006b068608d1ce69054755f1e854f4a5e8aa7d686639b08f5a56777b2f91ed79a6301a4ee9a512678e09358b0ed1184146a5e61c5450f2ddb458d0054c644bc8b252a5c56abe6f831217aa76167b236251efbe7016964b28ce8e9e355a77af4187b79aa7e3ce0e40d7ec6978a9efd287753d84d3f5392684723285327a42bfead31d805503a85e663a7fc24b3c997667e34086a50d52255b0bb2a876b85eae45edac1bbd0e8d097965da18dc111d777a3de84576cbc084953ebd60cb9a4034b054aa1645bd39178a162252307125ea8b3ec37a17685eb1648f2bd35200caad56ed608dcaa31f3f909e99549b292a71141568e32e1bc4558fd126a1fc258452656bd49ffc663f8d94c9f0229f212f0325e91c5cc4befbb7f888f64e817afca10062930a9107abae22914ae8d47feb5f007a5b88c5d5c4f8d990dec9933264eeae9557854138bde8f552fd0b4310a1d968769c7f4fcbcc2951c37da4958ce126210db1bce184fcb90a781d11f3fe58d0b87bc6c92784a4806eebd679feed6bea77dc2a4478f812bfe293147eb9f59d63d9d982044361107594b091cc5c0ea911de548a697c5e7ecabf1e91f47d579e79465fdb4b49975f3ca386c0e8568602925aaf1cb3b440ac6afde8490d5ac6957a72693930238a4a5ad9ea301aa0012d2da7688eceefa95a3d863de5e86eb8dc02c8834375315d4cfe809e3c488ff99f7228b097677f6069094ff5d173452325862a8f932b179e615cdb350aa022b5495dde3ba05bb691d72b1cbe54826b99a5e4b2771aa035d7156074f05969fd247b66cc0a1331888b1aa429bf7e571607bcab7aece505b405c2f8c9b316f48efc60ecd9c38d1288118a352e99297f9cea81970ecb8b1a231b357c0350ff883195dbc276f88615b2dc971c0e78216188dff5ad312db246a8d9faf0644b7319bb2e3156263c7f477f01c0a387ac5b17e2d7220b63ce130a8002a9a7893dacc74ee4f6dff0fdfa833f179590149fe0398236689a178833f0a8fd6730ed207d8b779d76804d9ff98e33cbd8a09559bc8b4749778510e7ef33dc41ceb53938d66ca0cd5721e074af0073be56c6645aa70859ad6109a001060e233fe50e47fd669d0d8557e5eac495e8d840a5eb730d974b21489fd48ca1b5b7c415533bba4881b68326370cd22304e5435506a5ff0e54f48317959f7c24fd314d5ce0aa8550616a8caa6a12175f8ce16bf38367c2b9d5b625be0f96c5f61041c183c982ce24e7baea899b8209a1d61c11cec9681d5e39d4082cf4ec4cd2715beb77d570bcdd31b493fdbea44298a2f37f56b2e0436146b63a5cf7a9dcb2bbbf134b2b2276f550e094c3fd5319257af48f7ccba42f965fa0b597c5bf5bc7b71207e397f48bfb09ef16fe20e06641ccacf8cbad59d3f19f377114f15059dfa44cff54317d5127261889e05b45d99b516b824b0c7dc3db2d53b43f369d71cbbfe897c2fb0a5d25330d9e6c4fcbb8bcc4ba4edfaae2f6810ab153a2ffda5f23f4b96312ab8fd5a318474c4e76373d1b60a5511e42d969a020f06f6f38ff8025984642805387443b56e4ee1289be50139c6ca1b666209056c3a69db2208491ba7a947fcd506e9cdd6a086b6f0bddc26641d6e398bee64112a74344807e4e0924420be3373f3e6866b836f87383b0e6500409e7062bff302b3457cc50993991279e66f9425f7c936a55c5b29b39d16d69d543d09d7049bba064eddb266b0c1e943fae1fc4f8cef51f2e9136916a3ca7e1dd69feaeff966cad5c92bf1cab620e28886576e3bc0195470b5a55b27b179cd917134ec007b929bc4f08efbbfbcf03eca5d17e3bf295bb70a27c48bb1f379b6c4eeef03d630f9a4d5ec543f6f65743ecbd7da7b6008813640c824eda334d7a58b238854bc330d9822e6f80b3d3872f2c4f3cf71fc38c12400cc1cdb68129642f360bf49956b7d1eb33a0925f2c39cf5621bfac96b4ae2df6e3d12bf5981b49379352e515b8c36c34189b410b33987f882e15ec46d4692ed2c93a797b8d50610e099cc0f9ed3e4cbd6b4b4e8e130fd5e3915156c7a0b14f9195b0f22662b0892e18fa5a8caa123679107b83b2220fd78dbb96c79a203e7ea35b5f6766a874ade4b0517cd93d062d3ee326ce2b7da71f193dc8e1c41fbc73ae61e0806dc0edfab11bf7cc39c3ff62ec0d35b75d5c47ca58983a6e79e27ebe7a9ce3dcdd0f04e48ee1355e39d0123c1b1168140e7a6aff428e56d28831fefaa42c75c364d76ca91089a639551fd479b29b8d97403a8d1d1e95a18cb6b924680f9ab84fec09ad227087d187f39d97673f93c100f44402f52417dddeffa3b3ed14f8d21cd21ad4f68410709f4779bb2f28a847842bdff73f4df1067580a59e66847b54e9b73270a3e03d7f343f103e094fd33899b27b1d7609444c15c47121699392496dd83c632372404317bce841081338236322bb046b03c288c7aafb46ff90718bea8f9ff47629649f3f7680615115f6afdfe5b4b198eff09398ac17957ce565ebaa41ec6407231324cf1db34fd7a7f63e3129a762158918154a2bb66759c8b1bfd0f12ec9a1af9c68d7dec3ae1f2358780a37e92da9242d010a4708d5315aac57f97e4b125cccbc7cf5c22e9e9c5746db926ec6e5852185f089f556b51b750ce1300257c7563421e461846fd2d0a7088a643bab1d99c851f60d8a99490809abec7c102bef7f3413080b420f4df14bea3cd903395eb1a401c8369fdf9d1f3baaf721b7794a4fe176764238c18f2094e3fc18bd3e519cf31d249ef7cb228e061190ef2adbdf3cbc0548e57c7c531cad4434989a01fbb94531fcd9dc5b0637fbe464290b3e043c0e56a7ae806e677b083bb2871e181f8c943f40e613efaf342a40602b6d3625bfa265618d75da5452d820b469bd51b247987479ec7fcf02e16d68e854a3ea20802e736291f44dece07a443571f2f106475d366402f81d32417a72cfeeb2bc8712597599ea375d261424816a8377155a3b8a95ae31157ea23d0e37c749534cb1969129423a5df4c99118bab44e8c5a221fee6e805e54032e4d7d8ad56763409f9c8b0db03fddacc5542961bfeaf68b2b220d8ae5903d3109e21dc1ad91b06fd26f4b4a4b1d4664494faab942375c449658d583032d0b6d298ecb5d23e8225a60d224c4a5182c9f226221c71295332dc1035489e44899206978057f5106a36ef88fd9b5c14453878a3ee043788ff8f26d423d04dc38441ed4ebe66d1579c98ecbffba13638ff651e8ff0752da12967aac2f03ee8b260ea743f7f5219e9ca610753497db9c26d4b0d7161990dc0b1fa8452442a74b0d9d3b3d8d52062eb501f7772fbbfc75da83596e48382a52a59364457712fd0e4601dcda0b7a003bbc6fdb1c7d5ebf54cbf465565a333c78e0e0b5623abea6636de0c55e8242c88ba57d45fbc1bc57366f11f22241a5e5951d4080f9b3c99c080738b2de2000815b3e2618d7e7ee8a80b7cedbcd5128f9541c6895e503e54bc430740b7fce4c9be9448f23aaca8ab9f4979cee3dd08745b16f933ff439342ac22fa175a72c1e0e4322c112ad05166c952647d711a552325864400220ac8191ec5113e096b5d9d765200943424ec8a35714f9c33f79dfe285c2b82b2bbf1cdea26b4b28dfff009841f4fe75b768345cd3f7a261b3e13c29ba289ea1d9ba6694a56881eaf8d30a7db9d73923e4538aea45cb7bf4b635b9148d4cdd21741b5f0cd299ca328d9898a845bfdbc923e7ec748a8420663fa23c3e79e90e2222b4f1d89bc49b0746b3b31b912cdb114590be114857bbcda5c8c6884a8ea6739d5908105a3e7c44439cc465c447c9d793532953764f545ec702a17b04d2438044627d9ccb96366118cb88f032b7692a3c862d377622353dac988900ea759eb14389390b18489acb3bab6b6cad24b022cc7f36e45aafcc76d9d08dcdf939bdec44aa900c0cc25741b93f670fd408c412716be6ccbf32b56d20417f1c0eb1649f9c17d1cbd062722341fac703daa82d190d5083b1f6defa7d8b01c6133d7522cf790be218956d181bd9b9609d206d979721b37027e8f8e00c19d916730db2d9a6662168572299da40e0aca2ce9e56cba9213e2ec28cd8ebb32194fb72caec2a87f827d667aa992b645e24c3dacb10097356ba908dff6085722d50448f26a0d510358838092ed592e95b07cef53d4c861d9349458dfaed87ea9c8bb7170b67bc1f4ea65037a9781c3e6a4112dd2774ad600da311d258bffb8ccb4bf801e1237ccb54eb3c90a556e783bfff6104a657bb9a82ffe07f7a2a4abd0cd190f089edb5b9d6860b3efb93629a96ea51e8fc2f4295d4332510c3cbae2492e228cb1c3caeb91666a7bb0d234e352b6ced58609de50f6a26d1d6537d50aff3d93078636dd81142318b55d1a844a19999001945fe97cfd49f68774edd3429c13bebb8f1707fc833b3556c790ce986c1f3b07ba316f61bf53ec4bf6c2c5d19bab09f28814671f7683e0cd13dd7f1bba2323d3d77c951d1e03c84ba5f5cfadf559a4e8df369c1e33dbd5f45e6714b7e4527ddfe666fc4b973c0728dc4aada592f042c5c321a7dfa28f2562817b510157335240cc6d730d0072b2adacbc9de4bd0a67f8cc63596d0150f7bbda6e3b732407e67892ebc34b25c130c84e851248d4c8677ab934ccb58e39b003aade67e8e59d147654853c5490d0fe9818e5ff229ad485566bb4faf970841cff0b6fa3cb6f02be26b727556eb4f43ae1ddd3260facdb46dc7ce0f5f2898a321ea1efe388c5b5f45edad239094907925e605ae1f2e722767095303dadc7a64ab6549962efd59384bcfc1c582e1242a8014af2e6a09c8311fcf3d17a69233c6faa521de4faf0481b469c0be5f7f47ebfff3b038457cbd78556aa2aa98daddc2451a176768d498b6277efb9af0f396bdd5384ed68d65575baaeba130063adadc179527aeebbaf5c1d2bab30dc39f2857c4d2f0f36841aa6ea7fee8e16f2907dd82d573e73e3c70a4714aacdfb8ed9aa59d7b1e2c65d492850d9e39f3dc7a4a941c3b5a8b4a7f851b7bb4f8196a6ea239290b1835c10b0a10e842ccf47303ff5d478309aa8e6c6ab0158cdb68afad4a2a2428a08000f00ac1e0101040016800400f380580001801400020076657468315f746f5f627269646765000800030001040000080004000a000000140002006e723000000000000000000000000000140002006e72300000000000", @ANYRES32=r2, @ANYBLOB="3b020280c3defdc5282a3b6129a5acc4aeebbd8dd903cb73678ac964be8cb4b36ea3ed693801fc1aa2b92397a812525bd943b3cad819b7f9f185f4b77a47991639f6c732bc7297766b74185aa3dd14ca8c7a9da834a3cdfffeb4be9f36def28472a4008eb11059eb779f5e5502e3907d75e02a75bfb69af8b83c174b8a66b94fa640134f52bcd3538f2bae2bf1a83e7ac2fb84ac34f558c87e2226ec683c6cf2274a46eb2e6aae9fb83fc69aaab0c708363fdfebd403abd21e0d634e46983b177addf66138360f85130c0384b44303e2dbf29fdc47a3f2a38035ce7e66f02ea3cebb27238c4acc5d7cb1c67e4c7767a716c7fc3a19cdee2f0cca4994202a761ca5c60fae28d7d28b3c08282e80516a551982390abea87043d36716b81e5fe5e3adba2c83c91f0df904c697daebaedc1ed75cd536bcdecf5f9b2dfa8e82149e48d678fbc3abfb3eaffbc4c5afee992be22a74b783d601ae6a9377fbb234c167cd6d4af308005100", @ANYRES32], 0x1334}, 0x1, 0x0, 0x0, 0x4050}, 0x20000040) r3 = socket(0x10, 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r4) sendmsg$auto_ETHTOOL_MSG_WOL_SET(r3, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="010027bd7000fcdbdf250a9e00ff15000000140001"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0xfffffffe, &(0x7f0000000100)={&(0x7f0000000080), 0x9}, 0x2, &(0x7f0000000140), 0x1, 0xa505}, 0x8}, 0x5, 0x6) 585.01539ms ago: executing program 1 (id=2488): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x10001) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'wlan0\x00'}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, 0x0, 0x4000000) sendmsg$auto_NL80211_CMD_CONTROL_PORT_FRAME(r1, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000100)={0x1c, r3, 0x10, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000004}, 0x10) getpriority$auto_PRIO_USER(0x2, 0x0) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r5 = prctl$auto(0x41, 0x8, 0x0, 0x4, 0x7) writev$auto(r4, &(0x7f0000000240)={0x0, 0x7}, 0x2) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) ioctl$auto_FBIOPUT_VSCREENINFO(r5, 0x4601, &(0x7f0000000280)="53309d3d92b2cfb5261f0250274a8cb728615a21df4f108ab424d985a1524a4a0d16c0caf354700c3ff4becf8f2a5cd844a43eb74ca302bde3fca89fb8f2d040406bd1e32144c4c3bd245a2e07000000000000008bd2e9be9d0bb0bc9ec58c091f59799f8a801e85858e1614efd900366316290e862185dc98e03ed1b162d22185fd") r6 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000000c0), r6) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto(0xffffffffffffffff, 0x4b47, 0x1) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0) r8 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) io_uring_setup$auto(0x1, 0x0) ioctl$auto_TIOCSETD2(r8, 0x5423, 0x0) ioctl$auto(r8, 0x89f0, r7) 573.414039ms ago: executing program 2 (id=2489): write$auto_mousedev_fops_mousedev(0xffffffffffffffff, &(0x7f0000000080)="3ff9e5aff1026ca652cf19f36517c8869434ce832c806fac3a6dc43a85dbdb396f95d58f0ae825a892f2eb9e", 0x2c) 0s ago: executing program 3 (id=2490): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) rseq$auto(0x0, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x8, 0x9, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x70b801, 0x0) mmap$auto(0x0, 0x810004, 0xffa, 0x8000000008011, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC2\x00', 0x0, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/max_page_sharing\x00', 0x12b141, 0x0) write$auto(r0, &(0x7f0000000140)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x6) r1 = socket(0x1e, 0xa, 0x0) mmap$auto(0x0, 0xac1, 0xdf, 0x100000009b72, r0, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) io_uring_setup$auto(0x200, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) ioctl$auto(r2, 0x8910, r1) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x381, 0x0) setsockopt$auto_SO_PASSSEC(0xffffffffffffffff, 0xfff, 0x22, &(0x7f0000000100)='#\x00', 0x394c00) socket(0x10, 0x3, 0x7) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x0, 0x0) write$auto(r3, &(0x7f0000000400)='/de\x05\x00@ucio1\x00', 0x5) socket$nl_generic(0x10, 0x3, 0x10) pipe$auto(&(0x7f0000000500)=0xffffffffffffffff) fcntl$auto_F_ADD_SEALS(r4, 0x409, 0x4) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000002e00), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PRIVFLAGS_SET(r5, &(0x7f0000003680)={0x0, 0x0, &(0x7f0000003640)={&(0x7f0000002f80)={0x18, r6, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x10}, 0x20000810) socket(0x2, 0x1, 0x106) socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000180), r5) kernel console output (not intermixed with test programs): 50442][T11146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 269.950453][T11146] R13: 00007f7f8ea16128 R14: 00007f7f8ea16090 R15: 00007ffcb9ca6038 [ 269.950475][T11146] [ 271.095790][ T5730] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 271.205867][T11201] smpboot: CPU 1 is now offline [ 271.673231][T11199] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 271.737266][T11199] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 271.779515][T11199] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 271.812608][T11199] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 271.846889][T11199] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 272.091164][ T10] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 272.926901][ T30] audit: type=1800 audit(4294972584.325:11): pid=11267 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1100" name="members" dev="configfs" ino=42602 res=0 errno=0 [ 273.086311][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 273.353383][T11287] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1103'. [ 273.388356][T11287] ipvlan1: entered promiscuous mode [ 273.404992][T11287] ipvlan1: entered allmulticast mode [ 273.425608][T11287] veth0_vlan: entered allmulticast mode [ 273.431665][T10429] Bluetooth: hci0: command 0x2016 tx timeout [ 273.745521][T10429] Bluetooth: hci1: command 0x0c1a tx timeout [ 273.825101][T10429] Bluetooth: hci3: command 0x0c1a tx timeout [ 273.831195][T10427] Bluetooth: hci2: command 0x0c1a tx timeout [ 274.048998][T11296] bond0: no command found in slaves file - use +ifname or -ifname [ 274.081627][ T10] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 274.939610][T11315] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1110'. [ 275.014585][ T30] audit: type=1800 audit(4294972586.424:12): pid=11330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1114" name="version" dev="configfs" ino=42978 res=0 errno=0 [ 275.076950][ T10] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 275.895943][T10427] Bluetooth: hci3: command 0x0c1a tx timeout [ 276.072345][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 276.234334][T11363] futex_wake_op: syz.2.1122 tries to shift op by -2048; fix this program [ 276.304698][T11363] futex_wake_op: syz.2.1122 tries to shift op by -2048; fix this program [ 277.067605][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 278.062921][ T10] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 278.511489][ T30] audit: type=1800 audit(4294972589.941:13): pid=11425 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1136" name="dbroot" dev="configfs" ino=43338 res=0 errno=0 [ 279.058271][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 279.258564][T11444] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1138'. [ 279.318295][T11443] pci 0000:00:01.3: enabling device (0000 -> 0001) [ 279.438294][T11443] ACPI: \_SB_.LNKS: No IRQ available. Try pci=noacpi or acpi=off [ 279.482675][T11443] pci 0000:00:01.3: PCI INT A: no GSI [ 279.953653][T10427] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 280.053566][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 281.048881][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 282.045164][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 282.056078][T10427] Bluetooth: hci2: unexpected event 0x3e length: 358 > 260 [ 282.056101][T10427] Bluetooth: hci2: unexpected subevent 0x1b length: 357 > 260 [ 282.103941][T11521] FAULT_INJECTION: forcing a failure. [ 282.103941][T11521] name fail_futex, interval 1, probability 0, space 0, times 0 [ 282.174518][T11521] CPU: 0 UID: 0 PID: 11521 Comm: syz.0.1155 Tainted: G L syzkaller #0 PREEMPT(full) [ 282.174551][T11521] Tainted: [L]=SOFTLOCKUP [ 282.174558][T11521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 282.174568][T11521] Call Trace: [ 282.174578][T11521] [ 282.174585][T11521] dump_stack_lvl+0x100/0x190 [ 282.174617][T11521] should_fail_ex.cold+0x5/0xa [ 282.174637][T11521] get_futex_key+0x1d2/0x14f0 [ 282.174662][T11521] ? __pfx_get_futex_key+0x10/0x10 [ 282.174685][T11521] ? trace_irq_enable.constprop.0+0x122/0x160 [ 282.174710][T11521] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 282.174737][T11521] ? add_device_randomness+0xc9/0x110 [ 282.174760][T11521] ? __pfx_add_device_randomness+0x10/0x10 [ 282.174783][T11521] futex_wake+0xf4/0x5e0 [ 282.174802][T11521] ? __pfx_futex_wake+0x10/0x10 [ 282.174824][T11521] do_futex+0x2b2/0x440 [ 282.174849][T11521] ? __pfx_do_futex+0x10/0x10 [ 282.174873][T11521] ? __do_sys_clone+0xd9/0x120 [ 282.174889][T11521] ? __pfx___do_sys_clone+0x10/0x10 [ 282.174905][T11521] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 282.174924][T11521] __x64_sys_futex+0x34f/0x4d0 [ 282.174951][T11521] ? __pfx___x64_sys_futex+0x10/0x10 [ 282.174979][T11521] ? rcu_is_watching+0x12/0xc0 [ 282.174995][T11521] do_syscall_64+0x115/0x840 [ 282.175011][T11521] ? clear_bhb_loop+0x40/0x90 [ 282.175030][T11521] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.175048][T11521] RIP: 0033:0x7f518dd9ce59 [ 282.175062][T11521] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 282.175079][T11521] RSP: 002b:00007f518eb880e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 282.175098][T11521] RAX: ffffffffffffffda RBX: 00007f518e016098 RCX: 00007f518dd9ce59 [ 282.175109][T11521] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f518e01609c [ 282.175120][T11521] RBP: 00007f518e016090 R08: 0000000000000001 R09: 0000000000000000 [ 282.175130][T11521] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 282.175141][T11521] R13: 00007f518e016128 R14: 00007ffe164f4190 R15: 00007ffe164f4278 [ 282.175156][T11521] [ 282.486963][T11524] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1156'. [ 282.915942][T11548] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1161'. [ 283.009887][T10427] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 283.035377][T11551] netlink: 178 bytes leftover after parsing attributes in process `syz.1.1162'. [ 283.044851][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 283.080449][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 283.098293][T11551] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1162'. [ 283.627223][T11579] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1167'. [ 284.034845][ T10] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 285.030195][ T10] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 285.052389][T10429] Bluetooth: hci0: command 0x2016 tx timeout [ 285.120912][T11627] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1179'. [ 286.019562][T11651] Invalid ELF header magic: != ELF [ 286.028892][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 286.671736][T11667] netlink: 'syz.3.1189': attribute type 1 has an invalid length. [ 286.713013][T10427] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 286.720899][T10427] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 286.781970][T11667] netlink: 306 bytes leftover after parsing attributes in process `syz.3.1189'. [ 286.827682][T11667] netlink: 'syz.3.1189': attribute type 1 has an invalid length. [ 286.863105][T11667] netlink: 306 bytes leftover after parsing attributes in process `syz.3.1189'. [ 286.901100][T11667] netlink: 'syz.3.1189': attribute type 1 has an invalid length. [ 286.937803][T11667] netlink: 306 bytes leftover after parsing attributes in process `syz.3.1189'. [ 286.977712][T11667] netlink: 'syz.3.1189': attribute type 1 has an invalid length. [ 287.010964][T11667] netlink: 306 bytes leftover after parsing attributes in process `syz.3.1189'. [ 287.021114][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 287.061966][T11667] netlink: 'syz.3.1189': attribute type 1 has an invalid length. [ 287.112678][T11667] netlink: 306 bytes leftover after parsing attributes in process `syz.3.1189'. [ 287.123635][T10008] Bluetooth: hci0: command 0x2016 tx timeout [ 287.160106][T11667] netlink: 'syz.3.1189': attribute type 1 has an invalid length. [ 287.195107][T11667] netlink: 306 bytes leftover after parsing attributes in process `syz.3.1189'. [ 287.232437][T11667] netlink: 'syz.3.1189': attribute type 1 has an invalid length. [ 287.266224][T11667] netlink: 306 bytes leftover after parsing attributes in process `syz.3.1189'. [ 287.307690][T11667] netlink: 'syz.3.1189': attribute type 1 has an invalid length. [ 287.343564][T11667] netlink: 306 bytes leftover after parsing attributes in process `syz.3.1189'. [ 287.395417][T11667] netlink: 'syz.3.1189': attribute type 1 has an invalid length. [ 287.427807][T11667] netlink: 306 bytes leftover after parsing attributes in process `syz.3.1189'. [ 288.016135][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 288.299063][T11599] Process accounting paused [ 288.487394][T11727] ======================================================= [ 288.487394][T11727] WARNING: The mand mount option has been deprecated and [ 288.487394][T11727] and is ignored by this kernel. Remove the mand [ 288.487394][T11727] option from the mount to silence this warning. [ 288.487394][T11727] ======================================================= [ 289.011463][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 290.006776][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 290.039331][T11769] ACPI: Enabling force_remove is not supported anymore. Please report to linux-acpi@vger.kernel.org if you depend on this functionality [ 290.807634][T11790] smc: net device dummy0 applied user defined pnetid DUMMY0 [ 291.012131][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 291.208270][T11799] netlink: 'syz.2.1217': attribute type 21 has an invalid length. [ 291.243656][T11799] __nla_validate_parse: 4 callbacks suppressed [ 291.243674][T11799] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1217'. [ 291.329097][T11806] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1217'. [ 291.390939][T11812] netlink: 28905 bytes leftover after parsing attributes in process `syz.2.1217'. [ 291.787928][T11824] can: request_module (can-proto-0) failed. [ 291.997420][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 292.486489][T11836] ubi31: attaching mtd0 [ 292.553597][T11836] ubi31: scanning is finished [ 292.649844][T11836] ubi31 error: ubi_read_volume_table: the layout volume was not found [ 292.772771][T11854] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1228'. [ 292.992735][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 293.161396][T11836] ubi31 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 293.360814][T11844] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1225'. [ 293.988063][ T10] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 294.983382][ T10] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 295.130246][T11900] Process accounting resumed [ 295.978729][ T10] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 296.757871][T11976] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1250'. [ 296.974029][ T10] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 296.997993][T11981] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1251'. [ 297.324065][T12015] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1260'. [ 297.969500][ T10] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 298.131922][T12046] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1264'. [ 298.964677][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 299.260545][T12116] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1278'. [ 299.960080][ T10] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 300.067888][T12143] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1285'. [ 300.120060][T12143] nbd: must specify at least one socket [ 300.442466][T12148] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1287'. [ 300.733388][T12160] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1289'. [ 300.955315][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 301.033012][T12186] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1293'. [ 301.089487][T12182] can: request_module (can-proto-5) failed. [ 301.120301][T12186] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1293'. [ 301.300366][T12192] sd 0:0:1:0: PR command failed: 1026 [ 301.327258][T12192] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 301.352718][T12195] futex_wake_op: syz.3.1295 tries to shift op by -2048; fix this program [ 301.365135][T12192] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 301.447784][T12195] futex_wake_op: syz.3.1295 tries to shift op by -2048; fix this program [ 301.532439][T12201] blktrace: Concurrent blktraces are not allowed on nbd5 [ 301.950627][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 302.818039][T10429] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 302.945968][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 302.959507][T12243] can: request_module (can-proto-3) failed. [ 303.941270][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 304.436795][T12276] random: crng reseeded on system resumption [ 304.880343][T10008] Bluetooth: hci1: command 0x0c1a tx timeout [ 304.937464][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 305.508594][T12317] __nla_validate_parse: 31 callbacks suppressed [ 305.508612][T12317] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1320'. [ 305.931925][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 305.946006][T12320] FAULT_INJECTION: forcing a failure. [ 305.946006][T12320] name failslab, interval 1, probability 0, space 0, times 0 [ 306.005224][T12320] CPU: 0 UID: 0 PID: 12320 Comm: syz.2.1319 Tainted: G L syzkaller #0 PREEMPT(full) [ 306.005256][T12320] Tainted: [L]=SOFTLOCKUP [ 306.005263][T12320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 306.005274][T12320] Call Trace: [ 306.005279][T12320] [ 306.005286][T12320] dump_stack_lvl+0x100/0x190 [ 306.005318][T12320] should_fail_ex.cold+0x5/0xa [ 306.005337][T12320] ? kmem_cache_alloc_noprof+0x54/0x6e0 [ 306.005363][T12320] should_failslab+0xc2/0x120 [ 306.005380][T12320] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 306.005405][T12320] ? sk_prot_alloc+0x60/0x2a0 [ 306.005431][T12320] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 306.005454][T12320] ? security_inode_alloc+0x3b/0x2c0 [ 306.005472][T12320] sk_prot_alloc+0x60/0x2a0 [ 306.005499][T12320] sk_alloc+0x36/0xe80 [ 306.005520][T12320] unix_create1+0xa6/0x700 [ 306.005538][T12320] unix_create+0x145/0x270 [ 306.005554][T12320] __sock_create+0x339/0x860 [ 306.005572][T12320] __sys_socketpair+0x1e4/0x5b0 [ 306.005595][T12320] ? __pfx___sys_socketpair+0x10/0x10 [ 306.005614][T12320] ? __fget_files+0x21f/0x3d0 [ 306.005629][T12320] ? xfd_validate_state+0x129/0x190 [ 306.005656][T12320] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 306.005682][T12320] __x64_sys_socketpair+0x96/0x100 [ 306.005701][T12320] do_syscall_64+0x115/0x840 [ 306.005718][T12320] ? clear_bhb_loop+0x40/0x90 [ 306.005737][T12320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.005755][T12320] RIP: 0033:0x7f7f8e79ce59 [ 306.005769][T12320] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 306.005786][T12320] RSP: 002b:00007f7f8f57d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 306.005805][T12320] RAX: ffffffffffffffda RBX: 00007f7f8ea15fa0 RCX: 00007f7f8e79ce59 [ 306.005817][T12320] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 306.005828][T12320] RBP: 00007f7f8e832d6f R08: 0000000000000000 R09: 0000000000000000 [ 306.005838][T12320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 306.005849][T12320] R13: 00007f7f8ea16038 R14: 00007f7f8ea15fa0 R15: 00007ffcb9ca6038 [ 306.005866][T12320] [ 306.927876][ T10] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 306.972247][T10429] Bluetooth: hci1: command 0x0c1a tx timeout [ 307.712334][T12377] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1332'. [ 307.922557][ T10] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 307.982180][T12382] HfR: entered promiscuous mode [ 308.022464][T12382] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1333'. [ 308.085309][T12382] HfR: left promiscuous mode [ 308.917912][ T10] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 308.969649][T12399] block nbd2: not configured, cannot reconfigure [ 309.591195][T12419] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1343'. [ 309.632530][T12419] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1343'. [ 309.913208][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 310.180729][T12448] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1353'. [ 310.270798][T12446] usb usb22: usbfs: process 12446 (syz.2.1352) did not claim interface 1 before use [ 310.478013][T12459] NFSD: Failed to start, no listeners configured. [ 310.538289][ T30] audit: type=1804 audit(4294974670.117:14): pid=12467 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1357" name="file0" dev="tmpfs" ino=1801 res=1 errno=0 [ 310.826228][T12487] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1362'. [ 310.908536][ T10] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 310.987330][T12475] futex_wake_op: syz.2.1358 tries to shift op by -2048; fix this program [ 311.070544][T12475] futex_wake_op: syz.2.1358 tries to shift op by -2048; fix this program [ 311.425076][T12510] FAULT_INJECTION: forcing a failure. [ 311.425076][T12510] name failslab, interval 1, probability 0, space 0, times 0 [ 311.507823][T12510] CPU: 0 UID: 0 PID: 12510 Comm: syz.2.1364 Tainted: G L syzkaller #0 PREEMPT(full) [ 311.507855][T12510] Tainted: [L]=SOFTLOCKUP [ 311.507862][T12510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 311.507872][T12510] Call Trace: [ 311.507878][T12510] [ 311.507884][T12510] dump_stack_lvl+0x100/0x190 [ 311.507917][T12510] should_fail_ex.cold+0x5/0xa [ 311.507936][T12510] ? __kmalloc_cache_noprof+0x53/0x6f0 [ 311.507959][T12510] should_failslab+0xc2/0x120 [ 311.507976][T12510] __kmalloc_cache_noprof+0x7a/0x6f0 [ 311.507998][T12510] ? vb2_vmalloc_alloc+0xf9/0x410 [ 311.508023][T12510] ? trace_kmalloc+0xeb/0x110 [ 311.508038][T12510] ? __kasan_kmalloc+0xaa/0xb0 [ 311.508064][T12510] vb2_vmalloc_alloc+0xf9/0x410 [ 311.508089][T12510] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 311.508115][T12510] __vb2_queue_alloc+0x8d5/0x1160 [ 311.508146][T12510] vb2_core_reqbufs+0x899/0xf30 [ 311.508173][T12510] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 311.508206][T12510] __vb2_init_fileio+0x32d/0x1000 [ 311.508230][T12510] ? aa_file_perm+0x7f3/0x14d0 [ 311.508255][T12510] __vb2_perform_fileio+0x91e/0x1380 [ 311.508283][T12510] ? __pfx___vb2_perform_fileio+0x10/0x10 [ 311.508309][T12510] ? __pfx___might_resched+0x10/0x10 [ 311.508331][T12510] ? lock_release+0x24d/0x310 [ 311.508354][T12510] vb2_fop_read+0x211/0x520 [ 311.508378][T12510] v4l2_read+0x229/0x2c0 [ 311.508399][T12510] ? __pfx_v4l2_read+0x10/0x10 [ 311.508420][T12510] vfs_read+0x1e4/0xb40 [ 311.508447][T12510] ? __pfx_vfs_read+0x10/0x10 [ 311.508473][T12510] ? __fget_files+0x215/0x3d0 [ 311.508487][T12510] ? rcu_is_watching+0x12/0xc0 [ 311.508502][T12510] ? __fget_files+0x215/0x3d0 [ 311.508515][T12510] ? lock_release+0x24d/0x310 [ 311.508538][T12510] ? __fget_files+0x21f/0x3d0 [ 311.508554][T12510] ksys_read+0x12a/0x250 [ 311.508569][T12510] ? __pfx_ksys_read+0x10/0x10 [ 311.508584][T12510] ? rcu_is_watching+0x12/0xc0 [ 311.508600][T12510] do_syscall_64+0x115/0x840 [ 311.508616][T12510] ? clear_bhb_loop+0x40/0x90 [ 311.508635][T12510] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 311.508653][T12510] RIP: 0033:0x7f7f8e79ce59 [ 311.508668][T12510] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 311.508685][T12510] RSP: 002b:00007f7f8f57d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 311.508711][T12510] RAX: ffffffffffffffda RBX: 00007f7f8ea15fa0 RCX: 00007f7f8e79ce59 [ 311.508722][T12510] RDX: 0000000000000028 RSI: 0000200000000280 RDI: 0000000000000005 [ 311.508733][T12510] RBP: 00007f7f8e832d6f R08: 0000000000000000 R09: 0000000000000000 [ 311.508744][T12510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 311.508754][T12510] R13: 00007f7f8ea16038 R14: 00007f7f8ea15fa0 R15: 00007ffcb9ca6038 [ 311.508770][T12510] [ 311.963532][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 312.663506][T12538] Process accounting resumed [ 312.900902][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 313.095448][T12510] FAULT_INJECTION: forcing a failure. [ 313.095448][T12510] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 313.138219][T12510] CPU: 0 UID: 0 PID: 12510 Comm: syz.2.1364 Tainted: G L syzkaller #0 PREEMPT(full) [ 313.138258][T12510] Tainted: [L]=SOFTLOCKUP [ 313.138265][T12510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 313.138276][T12510] Call Trace: [ 313.138282][T12510] [ 313.138288][T12510] dump_stack_lvl+0x100/0x190 [ 313.138320][T12510] should_fail_ex.cold+0x5/0xa [ 313.138340][T12510] strncpy_from_user+0x3b/0x2d0 [ 313.138363][T12510] do_getname+0x78/0x390 [ 313.138390][T12510] do_sys_openat2+0xc7/0x1e0 [ 313.138413][T12510] ? __pfx_do_sys_openat2+0x10/0x10 [ 313.138440][T12510] __x64_sys_openat+0x12d/0x210 [ 313.138463][T12510] ? __pfx___x64_sys_openat+0x10/0x10 [ 313.138488][T12510] ? rcu_is_watching+0x12/0xc0 [ 313.138505][T12510] do_syscall_64+0x115/0x840 [ 313.138527][T12510] ? clear_bhb_loop+0x40/0x90 [ 313.138547][T12510] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 313.138565][T12510] RIP: 0033:0x7f7f8e79ce59 [ 313.138580][T12510] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 313.138598][T12510] RSP: 002b:00007f7f8f57d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 313.138616][T12510] RAX: ffffffffffffffda RBX: 00007f7f8ea15fa0 RCX: 00007f7f8e79ce59 [ 313.138628][T12510] RDX: 0000000000101202 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 313.138638][T12510] RBP: 00007f7f8e832d6f R08: 0000000000000000 R09: 0000000000000000 [ 313.138649][T12510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 313.138660][T12510] R13: 00007f7f8ea16038 R14: 00007f7f8ea15fa0 R15: 00007ffcb9ca6038 [ 313.138682][T12510] [ 313.894517][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 314.602064][T12587] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1380'. [ 314.889832][ T5702] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 315.031533][T12573] sg_write: data in/out 262108/45 bytes for SCSI command 0x61-- guessing data in; [ 315.031533][T12573] program syz.0.1377 not setting count and/or reply_len properly [ 315.565502][T12611] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1384'. [ 315.766100][T12575] sg_read: process 1398 (syz.0.1377) changed security contexts after opening file descriptor, this is not allowed. [ 315.885132][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 316.826828][ T1326] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.834123][ T1326] ieee802154 phy1 wpan1: encryption failed: -22 [ 316.880448][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 316.924193][T12622] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1386'. [ 316.996340][T12619] can: request_module (can-proto-5) failed. [ 317.213106][T12630] futex_wake_op: syz.1.1388 tries to shift op by -2048; fix this program [ 317.396628][T12639] hub 1-0:1.0: USB hub found [ 317.425547][T12630] futex_wake_op: syz.1.1388 tries to shift op by -2048; fix this program [ 317.458351][T12639] hub 1-0:1.0: 1 port detected [ 317.562304][T12630] futex_wake_op: syz.1.1388 tries to shift op by -2048; fix this program [ 317.697310][T12630] futex_wake_op: syz.1.1388 tries to shift op by -2048; fix this program [ 317.823113][T12630] futex_wake_op: syz.1.1388 tries to shift op by -2048; fix this program [ 317.875790][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 317.938756][T12630] futex_wake_op: syz.1.1388 tries to shift op by -2048; fix this program [ 318.605840][T12649] Process accounting resumed [ 318.871219][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 319.866432][ T5702] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 320.861751][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 321.195406][T12732] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 321.367330][T12732] random: crng reseeded on system resumption [ 321.857581][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 322.852404][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 323.579953][T12792] vhci_hcd: not connected 4 [ 323.847720][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 324.265752][T12802] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1424'. [ 324.843445][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 325.280544][T12837] netlink: 'syz.1.1433': attribute type 4 has an invalid length. [ 325.317221][T12837] netlink: 'syz.1.1433': attribute type 5 has an invalid length. [ 325.363504][T12837] netlink: 10 bytes leftover after parsing attributes in process `syz.1.1433'. [ 325.838392][ T5702] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 326.833692][ T5702] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 327.058763][T12887] sctp: [Deprecated]: syz.0.1445 (pid 12887) Use of struct sctp_assoc_value in delayed_ack socket option. [ 327.058763][T12887] Use struct sctp_sack_info instead [ 327.829014][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 328.646792][T12954] could not allocate digest TFM handle [ 328.824320][ T5702] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 329.313009][T12980] ovs_: entered promiscuous mode [ 329.819654][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 330.291967][T13037] random: crng reseeded on system resumption [ 330.814969][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 331.810782][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 331.875711][T13087] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1481'. [ 332.203692][T13086] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1480'. [ 332.412296][T13104] binder: 13094:13104 ioctl c0046209 ffffffffffffffff returned -22 [ 332.631537][T13109] futex_wake_op: syz.2.1487 tries to shift op by -2048; fix this program [ 332.725687][T13109] 0x000000000001-0x000000020000 : "" [ 332.762282][T13109] ftl_cs: FTL header corrupt! [ 332.806391][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 333.081798][T13131] FAULT_INJECTION: forcing a failure. [ 333.081798][T13131] name failslab, interval 1, probability 0, space 0, times 0 [ 333.192675][T13131] CPU: 0 UID: 0 PID: 13131 Comm: syz.0.1492 Tainted: G L syzkaller #0 PREEMPT(full) [ 333.192706][T13131] Tainted: [L]=SOFTLOCKUP [ 333.192712][T13131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 333.192723][T13131] Call Trace: [ 333.192729][T13131] [ 333.192735][T13131] dump_stack_lvl+0x100/0x190 [ 333.192768][T13131] should_fail_ex.cold+0x5/0xa [ 333.192786][T13131] ? fs_reclaim_acquire+0x70/0x100 [ 333.192805][T13131] should_failslab+0xc2/0x120 [ 333.192821][T13131] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 333.192845][T13131] ? security_inode_alloc+0x3b/0x2c0 [ 333.192861][T13131] ? lockdep_init_map_type+0x5c/0x250 [ 333.192885][T13131] security_inode_alloc+0x3b/0x2c0 [ 333.192901][T13131] inode_init_always_gfp+0xc77/0xfb0 [ 333.192919][T13131] alloc_inode+0x8e/0x250 [ 333.192941][T13131] path_from_stashed+0x25b/0x750 [ 333.192959][T13131] ? do_raw_spin_unlock+0x145/0x1e0 [ 333.192986][T13131] ns_get_path+0x60/0x80 [ 333.193004][T13131] proc_ns_get_link+0x25b/0x2e0 [ 333.193030][T13131] ? __pfx_proc_ns_get_link+0x10/0x10 [ 333.193059][T13131] ? atime_needs_update+0x8b/0x6b0 [ 333.193082][T13131] pick_link+0xd17/0x13c0 [ 333.193106][T13131] ? __pfx_proc_ns_get_link+0x10/0x10 [ 333.193133][T13131] step_into_slowpath+0x9ba/0xf90 [ 333.193160][T13131] ? __pfx_step_into_slowpath+0x10/0x10 [ 333.193185][T13131] ? path_openat+0x21c4/0x4280 [ 333.193200][T13131] ? rcu_is_watching+0x12/0xc0 [ 333.193215][T13131] ? lock_release+0x24d/0x310 [ 333.193236][T13131] ? path_openat+0x1b8e/0x4280 [ 333.193251][T13131] ? lock_release+0x24d/0x310 [ 333.193273][T13131] path_openat+0x13b5/0x4280 [ 333.193293][T13131] ? __pfx_path_openat+0x10/0x10 [ 333.193311][T13131] do_file_open+0x20e/0x430 [ 333.193329][T13131] ? __pfx_do_file_open+0x10/0x10 [ 333.193351][T13131] ? alloc_fd+0x471/0x7a0 [ 333.193366][T13131] ? do_getname+0x191/0x390 [ 333.193387][T13131] do_sys_openat2+0x10f/0x1e0 [ 333.193417][T13131] ? __pfx_do_sys_openat2+0x10/0x10 [ 333.193442][T13131] __x64_sys_openat+0x12d/0x210 [ 333.193465][T13131] ? __pfx___x64_sys_openat+0x10/0x10 [ 333.193488][T13131] ? rcu_is_watching+0x12/0xc0 [ 333.193504][T13131] do_syscall_64+0x115/0x840 [ 333.193520][T13131] ? clear_bhb_loop+0x40/0x90 [ 333.193539][T13131] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.193556][T13131] RIP: 0033:0x7f518dd5d68e [ 333.193569][T13131] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 333.193587][T13131] RSP: 002b:00007f518eba8ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 333.193605][T13131] RAX: ffffffffffffffda RBX: 00007f518eba96c0 RCX: 00007f518dd5d68e [ 333.193616][T13131] RDX: 0000000000000002 RSI: 00007f518eba8f90 RDI: ffffffffffffff9c [ 333.193627][T13131] RBP: 00007f518de32d6f R08: 0000000000000000 R09: 0000000000000000 [ 333.193637][T13131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 333.193647][T13131] R13: 00007f518e016038 R14: 00007f518e015fa0 R15: 00007ffe164f4278 [ 333.193662][T13131] [ 334.796259][ T5696] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 335.121712][T13151] netlink: 290 bytes leftover after parsing attributes in process `syz.3.1496'. [ 335.609322][T10008] Bluetooth: hci1: unexpected event 0x10 length: 124 > 1 [ 335.609370][T10008] Bluetooth: hci1: hardware error 0x00 [ 335.791588][ T5696] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 335.919405][T13193] random: crng reseeded on system resumption [ 336.011784][T13198] hub 1-0:1.0: USB hub found [ 336.111724][T13198] hub 1-0:1.0: 1 port detected [ 336.475294][T13211] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1507'. [ 336.786900][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 336.863417][T13223] ubi31: attaching mtd0 [ 336.864054][T13223] ubi31: scanning is finished [ 336.864078][T13223] ubi31 error: ubi_read_volume_table: the layout volume was not found [ 337.132688][T13232] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1510'. [ 337.328289][T13223] ubi31 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 337.684924][T10008] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 337.782198][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 338.777535][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 338.932530][T13283] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1521'. [ 339.224526][T13293] netlink: 5208 bytes leftover after parsing attributes in process `syz.2.1523'. [ 339.772869][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 340.635284][ T30] audit: type=1806 audit(4294974700.359:15): xattr="" res=-22 [ 340.747277][T13343] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1531'. [ 340.770111][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 341.639425][T13339] kexec: Could not allocate control_code_buffer [ 341.763626][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 341.935087][T13384] nfs: Bad value for 'source' [ 342.424671][T13394] FAULT_INJECTION: forcing a failure. [ 342.424671][T13394] name failslab, interval 1, probability 0, space 0, times 0 [ 342.507898][T13394] CPU: 0 UID: 0 PID: 13394 Comm: syz.0.1539 Tainted: G L syzkaller #0 PREEMPT(full) [ 342.507930][T13394] Tainted: [L]=SOFTLOCKUP [ 342.507937][T13394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 342.507948][T13394] Call Trace: [ 342.507953][T13394] [ 342.507960][T13394] dump_stack_lvl+0x100/0x190 [ 342.507993][T13394] should_fail_ex.cold+0x5/0xa [ 342.508012][T13394] ? kmem_cache_alloc_node_noprof+0x5b/0x6f0 [ 342.508039][T13394] should_failslab+0xc2/0x120 [ 342.508055][T13394] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 342.508084][T13394] ? copy_process+0x69a/0x7ff0 [ 342.508099][T13394] ? rcu_is_watching+0x12/0xc0 [ 342.508116][T13394] copy_process+0x69a/0x7ff0 [ 342.508136][T13394] ? __pfx_copy_process+0x10/0x10 [ 342.508152][T13394] ? lockdep_init_map_type+0x5c/0x250 [ 342.508176][T13394] ? lockdep_init_map_type+0x5c/0x250 [ 342.508199][T13394] ? __pfx_vhost_run_work_list+0x10/0x10 [ 342.508223][T13394] ? __pfx_vhost_worker_killed+0x10/0x10 [ 342.508252][T13394] vhost_task_create+0x1db/0x370 [ 342.508273][T13394] ? __pfx_vhost_task_create+0x10/0x10 [ 342.508297][T13394] ? __pfx_vhost_task_fn+0x10/0x10 [ 342.508319][T13394] ? snprintf+0xc7/0x100 [ 342.508348][T13394] vhost_task_worker_create+0x8d/0x260 [ 342.508372][T13394] ? __pfx_vhost_task_worker_create+0x10/0x10 [ 342.508396][T13394] ? lockdep_init_map_type+0x5c/0x250 [ 342.508418][T13394] ? lockdep_init_map_type+0x5c/0x250 [ 342.508442][T13394] vhost_worker_create+0x243/0x310 [ 342.508464][T13394] ? __pfx_vhost_worker_create+0x10/0x10 [ 342.508488][T13394] vhost_dev_set_owner+0x719/0xa30 [ 342.508514][T13394] vhost_net_ioctl+0xfa3/0x1910 [ 342.508538][T13394] ? do_vfs_ioctl+0x226/0x13e0 [ 342.508561][T13394] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 342.508584][T13394] ? __pfx_vhost_net_ioctl+0x10/0x10 [ 342.508610][T13394] ? __fget_files+0x215/0x3d0 [ 342.508625][T13394] ? hook_file_ioctl_common+0x149/0x410 [ 342.508646][T13394] ? __fget_files+0x21f/0x3d0 [ 342.508662][T13394] ? __pfx_vhost_net_ioctl+0x10/0x10 [ 342.508686][T13394] __x64_sys_ioctl+0x18e/0x210 [ 342.508710][T13394] do_syscall_64+0x115/0x840 [ 342.508725][T13394] ? clear_bhb_loop+0x40/0x90 [ 342.508745][T13394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.508764][T13394] RIP: 0033:0x7f518dd9ce59 [ 342.508779][T13394] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 342.508796][T13394] RSP: 002b:00007f518bff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 342.508815][T13394] RAX: ffffffffffffffda RBX: 00007f518e016180 RCX: 00007f518dd9ce59 [ 342.508826][T13394] RDX: 0000000000000000 RSI: 000000000000af01 RDI: 0000000000000007 [ 342.508837][T13394] RBP: 00007f518de32d6f R08: 0000000000000000 R09: 0000000000000000 [ 342.508847][T13394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 342.508857][T13394] R13: 00007f518e016218 R14: 00007f518e016180 R15: 00007ffe164f4278 [ 342.508872][T13394] [ 343.413169][T13398] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1541'. [ 343.727161][T13387] Process accounting paused [ 343.754535][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 344.749474][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 345.746230][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 346.068593][T13470] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1555'. [ 346.678243][T13478] futex_wake_op: syz.1.1557 tries to shift op by -2048; fix this program [ 346.740104][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 346.938583][T13496] hub 1-0:1.0: USB hub found [ 347.025423][T13496] hub 1-0:1.0: 1 port detected [ 347.735433][ T9] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 347.785198][ T30] audit: type=1804 audit(4294974707.532:16): pid=13523 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1568" name="/newroot/390/file0" dev="tmpfs" ino=2054 res=1 errno=0 [ 348.500333][T13537] Process accounting paused [ 348.730760][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 349.726065][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 350.367200][T13589] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1581'. [ 350.421778][T13599] nfs: Bad value for 'source' [ 350.721390][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 351.124950][ T30] audit: type=1800 audit(4294974710.898:17): pid=13618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1586" name="features" dev="configfs" ino=55603 res=0 errno=0 [ 351.439711][T13633] FAULT_INJECTION: forcing a failure. [ 351.439711][T13633] name failslab, interval 1, probability 0, space 0, times 0 [ 351.493105][T13633] CPU: 0 UID: 0 PID: 13633 Comm: syz.2.1590 Tainted: G L syzkaller #0 PREEMPT(full) [ 351.493136][T13633] Tainted: [L]=SOFTLOCKUP [ 351.493142][T13633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 351.493159][T13633] Call Trace: [ 351.493190][T13633] [ 351.493196][T13633] dump_stack_lvl+0x100/0x190 [ 351.493282][T13633] should_fail_ex.cold+0x5/0xa [ 351.493320][T13633] ? __kmalloc_cache_noprof+0x53/0x6f0 [ 351.493363][T13633] should_failslab+0xc2/0x120 [ 351.493383][T13633] __kmalloc_cache_noprof+0x7a/0x6f0 [ 351.493405][T13633] ? __do_sys_fanotify_init+0x608/0xe80 [ 351.493445][T13633] __do_sys_fanotify_init+0x608/0xe80 [ 351.493474][T13633] do_syscall_64+0x115/0x840 [ 351.493545][T13633] ? clear_bhb_loop+0x40/0x90 [ 351.493577][T13633] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.493595][T13633] RIP: 0033:0x7f7f8e79ce59 [ 351.493608][T13633] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 351.493625][T13633] RSP: 002b:00007f7f8f57d028 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 351.493648][T13633] RAX: ffffffffffffffda RBX: 00007f7f8ea15fa0 RCX: 00007f7f8e79ce59 [ 351.493659][T13633] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00000000000004f1 [ 351.493669][T13633] RBP: 00007f7f8e832d6f R08: 0000000000000000 R09: 0000000000000000 [ 351.493679][T13633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 351.493689][T13633] R13: 00007f7f8ea16038 R14: 00007f7f8ea15fa0 R15: 00007ffcb9ca6038 [ 351.493704][T13633] [ 352.046467][T13649] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1593'. [ 352.712037][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 353.707354][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 353.916247][T13719] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1608'. [ 354.702669][ T5696] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 355.139372][T13764] smc: net device dummy0 applied user defined pnetid DUMMY0 [ 355.698952][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 356.694582][ T5696] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 357.556995][ T30] audit: type=1800 audit(4294974717.358:18): pid=13810 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1627" name="dbroot" dev="configfs" ino=56453 res=0 errno=0 [ 357.688636][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 357.709738][T10008] Bluetooth: hci2: Received unexpected HCI Event 0x00 [ 358.683963][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 359.679294][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 360.674612][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 360.972202][T13896] netlink: 178 bytes leftover after parsing attributes in process `syz.3.1645'. [ 361.671349][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 362.665272][ T5696] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 363.660581][ T5696] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 363.830826][T10008] Bluetooth: hci3: unexpected event 0x10 length: 124 > 1 [ 363.830869][T10429] Bluetooth: hci3: hardware error 0x00 [ 364.655889][ T5696] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 365.397264][T14059] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1682'. [ 365.651207][ T5696] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 365.872772][T10429] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 366.265867][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.273428][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.283008][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.290763][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.298980][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.306944][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.316716][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.325314][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.332894][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.341748][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.350291][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.358242][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.366412][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.373924][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.381990][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.389692][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.396385][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.404295][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.411105][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.418653][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.426768][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.435565][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.442326][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.449843][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.456712][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.464570][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.471972][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.481469][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.489588][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.497107][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.504145][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.511776][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.518531][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.529352][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.536126][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.543746][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.550910][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.558545][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.566317][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.574137][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.580794][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.588655][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.597873][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.606026][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.612917][ T5702] Process accounting resumed [ 366.617685][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.625154][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.632138][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.639728][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.646431][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.654007][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.660698][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.668746][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.675373][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.684197][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.693353][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.702491][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.709361][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.718323][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.725027][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.733431][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.740167][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.749452][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.756235][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.764020][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.771099][T10429] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 366.778784][T10429] Bluetooth: hci2: Invalid handle: 0x3a0a > 0x0eff [ 366.810567][ T5696] Process accounting resumed [ 367.104971][ T5696] Process accounting resumed [ 367.621261][T14102] Process accounting resumed [ 368.216821][T14148] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1698'. [ 369.645065][T14187] openvswitch: netlink: Missing valid actions attribute. [ 369.959011][T14176] Invalid ELF header magic: != ELF [ 369.999409][ T30] audit: type=1800 audit(4294974731.857:19): pid=14198 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1706" name="dbroot" dev="configfs" ino=58658 res=0 errno=0 [ 370.815428][T14212] ubi0: attaching mtd0 [ 370.834185][T14212] ubi0: scanning is finished [ 370.853819][T14212] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 371.000297][T14212] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 371.492736][T14235] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1716'. [ 372.383682][T14253] MTRR 1 not used [ 373.589620][T14292] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 373.589620][T14292] The task syz.0.1724 (14292) triggered the difference, watch for misbehavior. [ 373.899723][T14303] openvswitch: netlink: Missing valid actions attribute. [ 374.420258][T14319] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1731'. [ 374.469646][T14313] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1730'. [ 375.649820][T14359] openvswitch: netlink: Missing valid actions attribute. [ 376.212104][T14377] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 376.233784][T14377] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 376.269308][T14370] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1741'. [ 377.659369][T14439] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1756'. [ 377.971312][ T1326] ieee802154 phy0 wpan0: encryption failed: -22 [ 377.981362][ T1326] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.208942][T10429] Bluetooth: hci0: command 0x2016 tx timeout [ 378.288768][T10429] Bluetooth: hci2: command 0x0c1a tx timeout [ 378.440253][T14470] Process accounting resumed [ 379.370626][T14511] vivid-008: ================= START STATUS ================= [ 379.477928][T14511] vivid-008: ================== END STATUS ================== [ 379.866037][T14528] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1770'. [ 382.765849][T14583] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1781'. [ 384.365536][T14615] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1787'. [ 385.566064][T14633] Process accounting resumed [ 385.840811][T14654] loop6: detected capacity change from 0 to 8 [ 385.896914][T14658] hub 1-0:1.0: USB hub found [ 386.006771][T14658] hub 1-0:1.0: 1 port detected [ 386.377635][T14667] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1799'. [ 386.804814][T14676] netlink: 'syz.2.1801': attribute type 2 has an invalid length. [ 386.970157][T14671] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1800'. [ 387.825680][T14703] random: crng reseeded on system resumption [ 388.585626][T14725] kvm: kvm [14721]: vcpu5, guest rIP: 0xfff0 Unhandled RDMSR(0x40000029) [ 391.549130][T14809] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1829'. [ 392.331248][T13310] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u12:28: bg 3: bad block bitmap checksum [ 392.401543][T13310] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 2730 with max blocks 1 with error 74 [ 392.474492][T13310] EXT4-fs (sda1): This should not happen!! Data will be lost [ 392.474492][T13310] [ 392.553916][T13310] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 2735 with max blocks 1 with error 117 [ 392.622449][T13310] EXT4-fs (sda1): This should not happen!! Data will be lost [ 392.622449][T13310] [ 393.308167][T14840] kexec: Could not allocate control_code_buffer [ 393.350847][T14858] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1836'. [ 393.805281][T14878] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1841'. [ 394.271155][T14899] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1845'. [ 394.353265][T14903] EXT4-fs error (device sda1): ext4_discard_preallocations:5696: comm syz.0.1846: Error -117 reading block bitmap for 3 [ 394.475557][T14901] ima: policy update failed [ 394.492287][ T30] audit: type=1802 audit(4294974756.474:20): pid=14901 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1846" res=0 errno=0 [ 395.643532][T14946] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.3.1851: bg 4: bad block bitmap checksum [ 395.850353][T14946] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 2730 with max blocks 1 with error 74 [ 396.051243][T14946] EXT4-fs (sda1): This should not happen!! Data will be lost [ 396.051243][T14946] [ 396.738864][T14978] can: request_module (can-proto-5) failed. [ 397.443352][T14998] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1864'. [ 398.139535][T15034] FAULT_INJECTION: forcing a failure. [ 398.139535][T15034] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 398.234199][T15034] CPU: 0 UID: 0 PID: 15034 Comm: syz.2.1872 Tainted: G L syzkaller #0 PREEMPT(full) [ 398.234228][T15034] Tainted: [L]=SOFTLOCKUP [ 398.234235][T15034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 398.234245][T15034] Call Trace: [ 398.234251][T15034] [ 398.234257][T15034] dump_stack_lvl+0x100/0x190 [ 398.234290][T15034] should_fail_ex.cold+0x5/0xa [ 398.234309][T15034] should_fail_alloc_page+0xeb/0x140 [ 398.234328][T15034] prepare_alloc_pages+0x1f0/0x5f0 [ 398.234346][T15034] __alloc_frozen_pages_noprof+0x19a/0x2b60 [ 398.234372][T15034] ? pick_task_fair+0xe6/0x1bf0 [ 398.234430][T15034] ? kasan_save_stack+0x3f/0x50 [ 398.234455][T15034] ? kasan_save_stack+0x30/0x50 [ 398.234479][T15034] ? kasan_save_track+0x14/0x30 [ 398.234503][T15034] ? __kasan_slab_alloc+0x89/0x90 [ 398.234536][T15034] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 398.234559][T15034] ? ptlock_alloc+0x1f/0x70 [ 398.234585][T15034] ? pte_alloc_one+0x82/0x3d0 [ 398.234615][T15034] ? __pte_alloc+0x6d/0x380 [ 398.234629][T15034] ? copy_page_range+0x3dd8/0x5b20 [ 398.234649][T15034] ? dup_mmap+0xd44/0x21b0 [ 398.234666][T15034] ? copy_process+0x4588/0x7ff0 [ 398.234680][T15034] ? kernel_clone+0x176/0x9d0 [ 398.234694][T15034] ? __do_sys_clone+0xd9/0x120 [ 398.234708][T15034] ? do_syscall_64+0x115/0x840 [ 398.234728][T15034] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 398.234746][T15034] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 398.234775][T15034] ? __css_rstat_updated+0x1ce/0x5a0 [ 398.234811][T15034] ? __pfx___css_rstat_updated+0x10/0x10 [ 398.234833][T15034] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 398.234854][T15034] ? policy_nodemask+0xed/0x4f0 [ 398.234870][T15034] alloc_pages_mpol+0x1fb/0x540 [ 398.234887][T15034] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 398.234902][T15034] ? lock_release+0x24d/0x310 [ 398.234930][T15034] ? do_raw_spin_lock+0x128/0x260 [ 398.234956][T15034] alloc_pages_noprof+0x1a/0x160 [ 398.234976][T15034] pte_alloc_one+0x1c/0x3d0 [ 398.234997][T15034] __pte_alloc+0x6d/0x380 [ 398.235012][T15034] ? __pfx___pte_alloc+0x10/0x10 [ 398.235027][T15034] ? __pfx___might_resched+0x10/0x10 [ 398.235049][T15034] ? copy_page_range+0x1c4a/0x5b20 [ 398.235070][T15034] ? lock_release+0x24d/0x310 [ 398.235092][T15034] copy_page_range+0x3dd8/0x5b20 [ 398.235121][T15034] ? mas_wr_store_entry+0xa1/0x1e80 [ 398.235189][T15034] ? __pfx_copy_page_range+0x10/0x10 [ 398.235212][T15034] ? rcu_is_watching+0x12/0xc0 [ 398.235227][T15034] ? lock_acquire+0x301/0x370 [ 398.235248][T15034] ? __pfx___might_resched+0x10/0x10 [ 398.235270][T15034] ? dup_mmap+0xcfe/0x21b0 [ 398.235288][T15034] ? lock_release+0x24d/0x310 [ 398.235308][T15034] ? down_write+0x146/0x1f0 [ 398.235343][T15034] ? up_write+0x28c/0x4f0 [ 398.235368][T15034] dup_mmap+0xd44/0x21b0 [ 398.235389][T15034] ? __pfx_dup_mmap+0x10/0x10 [ 398.235407][T15034] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 398.235447][T15034] ? lock_release+0x24d/0x310 [ 398.235469][T15034] ? do_raw_spin_lock+0x128/0x260 [ 398.235494][T15034] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 398.235527][T15034] ? __percpu_counter_init_many+0x2bc/0x3b0 [ 398.235611][T15034] ? rcu_is_watching+0x12/0xc0 [ 398.235626][T15034] ? lock_acquire+0x301/0x370 [ 398.235649][T15034] copy_process+0x4588/0x7ff0 [ 398.235669][T15034] ? __pfx_copy_process+0x10/0x10 [ 398.235684][T15034] ? rcu_is_watching+0x12/0xc0 [ 398.235698][T15034] ? vfs_writev+0x1d5/0xdd0 [ 398.235739][T15034] kernel_clone+0x176/0x9d0 [ 398.235755][T15034] ? __pfx_kernel_clone+0x10/0x10 [ 398.235772][T15034] ? lock_release+0x24d/0x310 [ 398.235795][T15034] __do_sys_clone+0xd9/0x120 [ 398.235810][T15034] ? __pfx___do_sys_clone+0x10/0x10 [ 398.235826][T15034] ? __fget_files+0x21f/0x3d0 [ 398.235850][T15034] ? rcu_is_watching+0x12/0xc0 [ 398.235866][T15034] do_syscall_64+0x115/0x840 [ 398.235881][T15034] ? clear_bhb_loop+0x40/0x90 [ 398.235900][T15034] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 398.235917][T15034] RIP: 0033:0x7f7f8e79ce59 [ 398.235931][T15034] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 398.235949][T15034] RSP: 002b:00007f7f8f57cfd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 398.235967][T15034] RAX: ffffffffffffffda RBX: 00007f7f8ea15fa0 RCX: 00007f7f8e79ce59 [ 398.235978][T15034] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 398.235988][T15034] RBP: 00007f7f8e832d6f R08: 0000000000000000 R09: 0000000000000000 [ 398.235998][T15034] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 398.236008][T15034] R13: 00007f7f8ea16038 R14: 00007f7f8ea15fa0 R15: 00007ffcb9ca6038 [ 398.236023][T15034] [ 398.778501][T15045] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1875'. [ 398.897033][T15053] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1877'. [ 399.947775][T15098] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1887'. [ 400.108761][T15109] netlink: 'syz.0.1888': attribute type 11 has an invalid length. [ 400.132693][T15109] netlink: 'syz.0.1888': attribute type 11 has an invalid length. [ 400.159629][T15109] netlink: 'syz.0.1888': attribute type 11 has an invalid length. [ 401.546515][ T30] audit: type=1804 audit(4294974763.571:21): pid=15149 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1895" name="file0" dev="tmpfs" ino=2514 res=1 errno=0 [ 401.652789][ T30] audit: type=1804 audit(4294974763.611:22): pid=15159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1895" name="file0" dev="tmpfs" ino=2514 res=1 errno=0 [ 401.677655][T15142] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1895'. [ 402.697185][T15212] sd 0:0:1:0: PR command failed: 1026 [ 402.733626][T15212] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 402.801392][T15212] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 403.273335][T15226] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input11 [ 404.809758][T15260] sctp: [Deprecated]: syz.0.1910 (pid 15260) Use of struct sctp_assoc_value in delayed_ack socket option. [ 404.809758][T15260] Use struct sctp_sack_info instead [ 405.853213][T15291] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1915'. [ 406.283163][T15318] syz.2.1917 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 406.556569][T15333] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.3.1914: bg 5: bad block bitmap checksum [ 406.618991][T15333] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 0 with max blocks 1 with error 74 [ 406.666541][T15333] EXT4-fs (sda1): This should not happen!! Data will be lost [ 406.666541][T15333] [ 406.708108][T15334] sysfs_service_op_store: Client not running :-5: [ 408.183352][T15376] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1926'. [ 408.380494][T15398] vivid-007: ================= START STATUS ================= [ 408.508195][T15398] vivid-007: Enable Output Cropping: true [ 408.608164][T15398] vivid-007: Enable Output Composing: true [ 408.705516][T15398] vivid-007: Enable Output Scaler: true [ 408.810099][T15398] vivid-007: Tx RGB Quantization Range: Automatic [ 408.920413][T15398] vivid-007: Transmit Mode: HDMI [ 409.006351][T15398] vivid-007: Hotplug Present: 0x00000000 [ 409.100280][T15398] vivid-007: RxSense Present: 0x00000000 [ 409.204269][T15398] vivid-007: EDID Present: 0x00000000 [ 409.293007][T15434] netlink: 280 bytes leftover after parsing attributes in process `syz.0.1930'. [ 409.365989][T15398] vivid-007: ================== END STATUS ================== [ 409.920207][T15345] Process accounting paused [ 410.433435][T15447] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 2740 with max blocks 1 with error 117 [ 410.532554][T15447] EXT4-fs (sda1): This should not happen!! Data will be lost [ 410.532554][T15447] [ 411.191575][T15463] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1941'. [ 411.563796][T15490] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 2742 with max blocks 1 with error 117 [ 411.741506][T15493] usb usb16: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 411.807622][T15490] EXT4-fs (sda1): This should not happen!! Data will be lost [ 411.807622][T15490] [ 412.987677][T15525] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1955'. [ 413.122927][T15536] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1956'. [ 413.234085][T15533] FAULT_INJECTION: forcing a failure. [ 413.234085][T15533] name failslab, interval 1, probability 0, space 0, times 0 [ 413.357373][T15533] CPU: 0 UID: 0 PID: 15533 Comm: syz.0.1957 Tainted: G L syzkaller #0 PREEMPT(full) [ 413.357405][T15533] Tainted: [L]=SOFTLOCKUP [ 413.357412][T15533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 413.357423][T15533] Call Trace: [ 413.357429][T15533] [ 413.357436][T15533] dump_stack_lvl+0x100/0x190 [ 413.357469][T15533] should_fail_ex.cold+0x5/0xa [ 413.357488][T15533] ? __kmalloc_cache_node_noprof+0x57/0x770 [ 413.357517][T15533] should_failslab+0xc2/0x120 [ 413.357533][T15533] __kmalloc_cache_node_noprof+0x7d/0x770 [ 413.357560][T15533] ? __alloc_disk_node+0x5a/0x6b0 [ 413.357643][T15533] ? lock_release+0x24d/0x310 [ 413.357667][T15533] ? lock_release+0x24d/0x310 [ 413.357693][T15533] __alloc_disk_node+0x5a/0x6b0 [ 413.357715][T15533] __blk_alloc_disk+0xd2/0x170 [ 413.357733][T15533] ? __pfx___blk_alloc_disk+0x10/0x10 [ 413.357755][T15533] ? __pfx_idr_alloc+0x10/0x10 [ 413.357798][T15533] ? lockdep_init_map_type+0x5c/0x250 [ 413.357823][T15533] ? __raw_spin_lock_init+0x3a/0x110 [ 413.357849][T15533] ? __pfx_hot_add_show+0x10/0x10 [ 413.357919][T15533] zram_add+0x1bf/0x5d0 [ 413.357937][T15533] ? __pfx_zram_add+0x10/0x10 [ 413.357954][T15533] ? trace_contention_end+0x126/0x160 [ 413.357983][T15533] ? rcu_is_watching+0x12/0xc0 [ 413.358000][T15533] ? sysfs_file_kobj+0xe4/0x290 [ 413.358029][T15533] ? rcu_is_watching+0x12/0xc0 [ 413.358045][T15533] ? __pfx_hot_add_show+0x10/0x10 [ 413.358063][T15533] hot_add_show+0x21/0x80 [ 413.358080][T15533] class_attr_show+0x72/0xa0 [ 413.358144][T15533] ? __pfx_class_attr_show+0x10/0x10 [ 413.358169][T15533] sysfs_kf_seq_show+0x217/0x3f0 [ 413.358195][T15533] seq_read_iter+0x32f/0x1270 [ 413.358226][T15533] kernfs_fop_read_iter+0x46c/0x610 [ 413.358249][T15533] ? rw_verify_area+0xce/0x6d0 [ 413.358274][T15533] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 413.358298][T15533] vfs_read+0x82e/0xb40 [ 413.358335][T15533] ? __pfx_vfs_read+0x10/0x10 [ 413.358367][T15533] ksys_read+0x12a/0x250 [ 413.358382][T15533] ? __pfx_ksys_read+0x10/0x10 [ 413.358398][T15533] ? rcu_is_watching+0x12/0xc0 [ 413.358413][T15533] do_syscall_64+0x115/0x840 [ 413.358429][T15533] ? clear_bhb_loop+0x40/0x90 [ 413.358449][T15533] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 413.358468][T15533] RIP: 0033:0x7f518dd9ce59 [ 413.358482][T15533] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 413.358499][T15533] RSP: 002b:00007f518eba9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 413.358518][T15533] RAX: ffffffffffffffda RBX: 00007f518e015fa0 RCX: 00007f518dd9ce59 [ 413.358530][T15533] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000006 [ 413.358540][T15533] RBP: 00007f518de32d6f R08: 0000000000000000 R09: 0000000000000000 [ 413.358551][T15533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 413.358561][T15533] R13: 00007f518e016038 R14: 00007f518e015fa0 R15: 00007ffe164f4278 [ 413.358578][T15533] [ 413.847975][T15555] FAULT_INJECTION: forcing a failure. [ 413.847975][T15555] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 413.861777][T15555] CPU: 0 UID: 0 PID: 15555 Comm: syz.2.1961 Tainted: G L syzkaller #0 PREEMPT(full) [ 413.861807][T15555] Tainted: [L]=SOFTLOCKUP [ 413.861813][T15555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 413.861823][T15555] Call Trace: [ 413.861829][T15555] [ 413.861835][T15555] dump_stack_lvl+0x100/0x190 [ 413.861866][T15555] should_fail_ex.cold+0x5/0xa [ 413.861886][T15555] _copy_from_user+0x2e/0xd0 [ 413.861959][T15555] copy_msghdr_from_user+0x9f/0x4f0 [ 413.862024][T15555] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 413.862043][T15555] ? __pfx__kstrtoull+0x10/0x10 [ 413.862068][T15555] ? rcu_is_watching+0x12/0xc0 [ 413.862083][T15555] ? aa_file_perm+0x7e4/0x14d0 [ 413.862140][T15555] ___sys_sendmsg+0x106/0x1e0 [ 413.862157][T15555] ? __pfx____sys_sendmsg+0x10/0x10 [ 413.862177][T15555] ? rcu_is_watching+0x12/0xc0 [ 413.862197][T15555] __sys_sendmmsg+0x205/0x430 [ 413.862235][T15555] ? __pfx___sys_sendmmsg+0x10/0x10 [ 413.862257][T15555] ? rcu_is_watching+0x12/0xc0 [ 413.862283][T15555] ? fput+0x79/0x100 [ 413.862301][T15555] ? ksys_write+0x1ac/0x250 [ 413.862316][T15555] ? __pfx_ksys_write+0x10/0x10 [ 413.862363][T15555] __x64_sys_sendmmsg+0x9c/0x100 [ 413.862386][T15555] do_syscall_64+0x115/0x840 [ 413.862404][T15555] ? clear_bhb_loop+0x40/0x90 [ 413.862423][T15555] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 413.862440][T15555] RIP: 0033:0x7f7f8e79ce59 [ 413.862454][T15555] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 413.862472][T15555] RSP: 002b:00007f7f8c9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 413.862490][T15555] RAX: ffffffffffffffda RBX: 00007f7f8ea16090 RCX: 00007f7f8e79ce59 [ 413.862501][T15555] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 413.862511][T15555] RBP: 00007f7f8c9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 413.862521][T15555] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000001 [ 413.862532][T15555] R13: 00007f7f8ea16128 R14: 00007f7f8ea16090 R15: 00007ffcb9ca6038 [ 413.862547][T15555] [ 414.325024][T15533] zram: Error allocating disk structure for device 0 [ 415.068570][T15591] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1968'. [ 415.827796][T15615] Process accounting paused [ 415.918766][T15611] EXT4-fs error (device sda1): ext4_discard_preallocations:5696: comm syz.1.1970: Error -117 reading block bitmap for 4 [ 415.936869][T15611] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.1.1970: bg 1: bad block bitmap checksum [ 415.950732][T15611] EXT4-fs error (device sda1) in ext4_mb_clear_bb:6679: Filesystem failed CRC [ 416.586996][T15635] FAULT_INJECTION: forcing a failure. [ 416.586996][T15635] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 416.637658][T15635] CPU: 0 UID: 0 PID: 15635 Comm: syz.0.1977 Tainted: G L syzkaller #0 PREEMPT(full) [ 416.637690][T15635] Tainted: [L]=SOFTLOCKUP [ 416.637696][T15635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 416.637716][T15635] Call Trace: [ 416.637722][T15635] [ 416.637728][T15635] dump_stack_lvl+0x100/0x190 [ 416.637760][T15635] should_fail_ex.cold+0x5/0xa [ 416.637780][T15635] _copy_from_user+0x2e/0xd0 [ 416.637802][T15635] move_addr_to_kernel+0x65/0x170 [ 416.637820][T15635] copy_msghdr_from_user+0x417/0x4f0 [ 416.637837][T15635] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 416.637856][T15635] ? __pfx__kstrtoull+0x10/0x10 [ 416.637881][T15635] ? rcu_is_watching+0x12/0xc0 [ 416.637897][T15635] ? aa_file_perm+0x7e4/0x14d0 [ 416.637920][T15635] ___sys_sendmsg+0x106/0x1e0 [ 416.637937][T15635] ? __pfx____sys_sendmsg+0x10/0x10 [ 416.637957][T15635] ? rcu_is_watching+0x12/0xc0 [ 416.637977][T15635] __sys_sendmmsg+0x205/0x430 [ 416.638003][T15635] ? __pfx___sys_sendmmsg+0x10/0x10 [ 416.638026][T15635] ? rcu_is_watching+0x12/0xc0 [ 416.638046][T15635] ? fput+0x79/0x100 [ 416.638064][T15635] ? ksys_write+0x1ac/0x250 [ 416.638079][T15635] ? __pfx_ksys_write+0x10/0x10 [ 416.638095][T15635] __x64_sys_sendmmsg+0x9c/0x100 [ 416.638118][T15635] do_syscall_64+0x115/0x840 [ 416.638140][T15635] ? clear_bhb_loop+0x40/0x90 [ 416.638159][T15635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 416.638177][T15635] RIP: 0033:0x7f518dd9ce59 [ 416.638190][T15635] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 416.638207][T15635] RSP: 002b:00007f518eba9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 416.638224][T15635] RAX: ffffffffffffffda RBX: 00007f518e015fa0 RCX: 00007f518dd9ce59 [ 416.638236][T15635] RDX: 0000000000000002 RSI: 0000200000000400 RDI: 0000000000000002 [ 416.638246][T15635] RBP: 00007f518eba9090 R08: 0000000000000000 R09: 0000000000000000 [ 416.638256][T15635] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 416.638266][T15635] R13: 00007f518e016038 R14: 00007f518e015fa0 R15: 00007ffe164f4278 [ 416.638281][T15635] [ 417.431879][T15657] FAULT_INJECTION: forcing a failure. [ 417.431879][T15657] name failslab, interval 1, probability 0, space 0, times 0 [ 417.517148][T15657] CPU: 0 UID: 0 PID: 15657 Comm: syz.2.1982 Tainted: G L syzkaller #0 PREEMPT(full) [ 417.517184][T15657] Tainted: [L]=SOFTLOCKUP [ 417.517201][T15657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 417.517212][T15657] Call Trace: [ 417.517219][T15657] [ 417.517226][T15657] dump_stack_lvl+0x100/0x190 [ 417.517260][T15657] should_fail_ex.cold+0x5/0xa [ 417.517278][T15657] ? kmem_cache_alloc_noprof+0x54/0x6e0 [ 417.517305][T15657] should_failslab+0xc2/0x120 [ 417.517322][T15657] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 417.517347][T15657] ? do_getname+0x35/0x390 [ 417.517369][T15657] do_getname+0x35/0x390 [ 417.517390][T15657] do_sys_openat2+0xc7/0x1e0 [ 417.517412][T15657] ? __pfx_do_sys_openat2+0x10/0x10 [ 417.517438][T15657] __x64_sys_openat+0x12d/0x210 [ 417.517462][T15657] ? __pfx___x64_sys_openat+0x10/0x10 [ 417.517496][T15657] ? rcu_is_watching+0x12/0xc0 [ 417.517514][T15657] do_syscall_64+0x115/0x840 [ 417.517534][T15657] ? clear_bhb_loop+0x40/0x90 [ 417.517554][T15657] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.517572][T15657] RIP: 0033:0x7f7f8e79ce59 [ 417.517587][T15657] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 417.517605][T15657] RSP: 002b:00007f7f8c9d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 417.517624][T15657] RAX: ffffffffffffffda RBX: 00007f7f8ea16180 RCX: 00007f7f8e79ce59 [ 417.517635][T15657] RDX: 0000000000008040 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 417.517646][T15657] RBP: 00007f7f8e832d6f R08: 0000000000000000 R09: 0000000000000000 [ 417.517657][T15657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 417.517667][T15657] R13: 00007f7f8ea16218 R14: 00007f7f8ea16180 R15: 00007ffcb9ca6038 [ 417.517683][T15657] [ 418.542111][T15690] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1990'. [ 419.198542][T15720] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1997'. [ 419.523232][T15723] FAULT_INJECTION: forcing a failure. [ 419.523232][T15723] name failslab, interval 1, probability 0, space 0, times 0 [ 419.594012][T15723] CPU: 0 UID: 5 PID: 15723 Comm: syz.2.1998 Tainted: G L syzkaller #0 PREEMPT(full) [ 419.594042][T15723] Tainted: [L]=SOFTLOCKUP [ 419.594048][T15723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 419.594059][T15723] Call Trace: [ 419.594064][T15723] [ 419.594070][T15723] dump_stack_lvl+0x100/0x190 [ 419.594103][T15723] should_fail_ex.cold+0x5/0xa [ 419.594121][T15723] ? kmem_cache_alloc_noprof+0x54/0x6e0 [ 419.594146][T15723] should_failslab+0xc2/0x120 [ 419.594162][T15723] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 419.594185][T15723] ? __proc_create+0x2cb/0x8c0 [ 419.594204][T15723] ? lock_release+0x24d/0x310 [ 419.594235][T15723] __proc_create+0x2cb/0x8c0 [ 419.594254][T15723] ? __pfx___proc_create+0x10/0x10 [ 419.594272][T15723] ? do_raw_spin_lock+0x128/0x260 [ 419.594297][T15723] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 419.594323][T15723] ? rcu_is_watching+0x12/0xc0 [ 419.594339][T15723] proc_create_reg+0x75/0x170 [ 419.594360][T15723] proc_create_net_data+0x8e/0x1c0 [ 419.594380][T15723] ? __pfx_proc_create_net_data+0x10/0x10 [ 419.594401][T15723] ? __pfx___netlink_kernel_create+0x10/0x10 [ 419.594551][T15723] fib_proc_init+0x5e/0x1d0 [ 419.594600][T15723] fib_net_init+0x2af/0x3f0 [ 419.594615][T15723] ? is_module_address+0x69/0xf0 [ 419.594648][T15723] ? __pfx_fib_net_init+0x10/0x10 [ 419.594663][T15723] ? timer_init_key+0x150/0x310 [ 419.594683][T15723] ? __pfx_nl_fib_input+0x10/0x10 [ 419.594700][T15723] ? devinet_init_net+0x56c/0x8d0 [ 419.594733][T15723] ? __pfx_fib_net_init+0x10/0x10 [ 419.594747][T15723] ops_init+0x1e2/0x5f0 [ 419.594803][T15723] setup_net+0x118/0x3a0 [ 419.594826][T15723] ? __pfx_setup_net+0x10/0x10 [ 419.594849][T15723] ? mutex_init_lockdep+0xf1/0x120 [ 419.594873][T15723] copy_net_ns+0x46f/0x7c0 [ 419.594899][T15723] create_new_namespaces+0x3ea/0xac0 [ 419.594934][T15723] unshare_nsproxy_namespaces+0xf2/0x220 [ 419.594961][T15723] ksys_unshare+0x438/0xab0 [ 419.594977][T15723] ? __pfx_ksys_unshare+0x10/0x10 [ 419.594997][T15723] __x64_sys_unshare+0x31/0x40 [ 419.595014][T15723] do_syscall_64+0x115/0x840 [ 419.595029][T15723] ? clear_bhb_loop+0x40/0x90 [ 419.595049][T15723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 419.595066][T15723] RIP: 0033:0x7f7f8e79ce59 [ 419.595080][T15723] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 419.595098][T15723] RSP: 002b:00007f7f8f57d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 419.595116][T15723] RAX: ffffffffffffffda RBX: 00007f7f8ea15fa0 RCX: 00007f7f8e79ce59 [ 419.595127][T15723] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 419.595137][T15723] RBP: 00007f7f8e832d6f R08: 0000000000000000 R09: 0000000000000000 [ 419.595148][T15723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 419.595157][T15723] R13: 00007f7f8ea16038 R14: 00007f7f8ea15fa0 R15: 00007ffcb9ca6038 [ 419.595173][T15723] [ 420.464027][T15745] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2000'. [ 420.631237][T15738] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2001'. [ 420.661082][T15745] macsec0: entered promiscuous mode [ 420.673763][T15745] macsec0: entered allmulticast mode [ 420.686480][T15745] veth1_macvtap: entered allmulticast mode [ 420.968391][T15756] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2004'. [ 421.053031][T15756] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2004'. [ 422.859826][T13311] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u12:29: bg 2: bad block bitmap checksum [ 422.939782][T13311] EXT4-fs (sda1): Delayed block allocation failed for inode 2035 at logical offset 3519 with max blocks 65 with error 74 [ 423.017698][T13311] EXT4-fs (sda1): This should not happen!! Data will be lost [ 423.017698][T13311] [ 423.252163][T15850] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2023'. [ 423.838368][T15888] futex_wake_op: syz.3.2032 tries to shift op by -2048; fix this program [ 423.881092][T15895] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2033'. [ 424.511257][T15875] Process accounting resumed [ 424.675349][T10429] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 424.675376][T10429] Bluetooth: hci2: unexpected subevent 0x0e length: 725 > 15 [ 424.690649][T10429] Bluetooth: hci2: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 424.833978][T15900] Process accounting resumed [ 427.708446][T16055] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2064'. [ 427.996689][T16060] zswap: compressor not available [ 429.051135][T16102] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2073'. [ 430.320454][T16156] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2085'. [ 433.809517][T16298] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2119'. [ 434.155225][T16309] hub 1-0:1.0: USB hub found [ 434.180402][T16309] hub 1-0:1.0: 1 port detected [ 435.218698][T16362] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2133'. [ 435.931035][T16390] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2139'. [ 436.410506][T16406] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2142'. [ 436.572582][T16406] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2142'. [ 436.687233][T16406] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2142'. [ 436.782860][T16406] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2142'. [ 436.805041][T16425] bond0: invalid ARP target specified [ 436.835747][T16429] nbd: socks must be embedded in a SOCK_ITEM attr [ 436.879531][T16425] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2145'. [ 436.916090][T16406] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2142'. [ 436.937246][T16429] block nbd1: shutting down sockets [ 436.948708][T16406] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2142'. [ 437.385521][T16399] kexec: Could not allocate control_code_buffer [ 437.697874][T16453] nvme_fabrics: unknown parameter or missing value 'û@è' in ctrl creation request [ 438.817069][T16490] netlink: 218 bytes leftover after parsing attributes in process `syz.2.2159'. [ 439.095213][ T1326] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.102792][ T1326] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.711833][T16544] Process accounting resumed [ 441.061056][T16574] binder: 16572:16574 ioctl 80106f53 ffffffffffffffff returned -22 [ 441.568817][T16594] aoe: copy from user failed [ 441.593839][T16594] aoe: could not set interface list: too many interfaces [ 441.751544][T16605] random: crng reseeded on system resumption [ 442.098179][T16626] __nla_validate_parse: 1 callbacks suppressed [ 442.098196][T16626] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2183'. [ 442.513294][T16634] netlink: 206 bytes leftover after parsing attributes in process `syz.3.2185'. [ 442.543183][T16634] netlink: 206 bytes leftover after parsing attributes in process `syz.3.2185'. [ 443.538861][T16639] Process accounting resumed [ 446.685392][T16779] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2214'. [ 446.941772][T16785] could not allocate digest TFM handle ubifs [ 447.269662][T16803] device-mapper: ioctl: Invalid data size in the ioctl structure: 0 [ 448.880442][T16851] nvme_fabrics: missing parameter 'transport=%s' [ 448.916796][T16851] nvme_fabrics: missing parameter 'nqn=%s' [ 450.795266][T16920] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2242'. [ 452.489146][T16964] FAULT_INJECTION: forcing a failure. [ 452.489146][T16964] name fail_futex, interval 1, probability 0, space 0, times 0 [ 452.545463][T16964] CPU: 0 UID: 0 PID: 16964 Comm: syz.0.2250 Tainted: G L syzkaller #0 PREEMPT(full) [ 452.545495][T16964] Tainted: [L]=SOFTLOCKUP [ 452.545501][T16964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 452.545511][T16964] Call Trace: [ 452.545517][T16964] [ 452.545524][T16964] dump_stack_lvl+0x100/0x190 [ 452.545562][T16964] should_fail_ex.cold+0x5/0xa [ 452.545584][T16964] get_futex_key+0x295/0x14f0 [ 452.545612][T16964] ? __pfx_get_futex_key+0x10/0x10 [ 452.545636][T16964] ? rcu_is_watching+0x12/0xc0 [ 452.545654][T16964] ? lock_acquire+0x301/0x370 [ 452.545678][T16964] futex_wake+0xf4/0x5e0 [ 452.545695][T16964] ? __mutex_lock+0x26d/0x1bd0 [ 452.545722][T16964] ? __pfx_futex_wake+0x10/0x10 [ 452.545739][T16964] ? exit_mm_release+0x19/0x30 [ 452.545765][T16964] ? lock_release+0x24d/0x310 [ 452.545788][T16964] do_futex+0x2b2/0x440 [ 452.545813][T16964] ? __pfx_do_futex+0x10/0x10 [ 452.545836][T16964] ? lock_release+0x24d/0x310 [ 452.545859][T16964] mm_release+0x24a/0x2f0 [ 452.545882][T16964] do_exit+0x707/0x2ae0 [ 452.545902][T16964] ? __pfx_do_exit+0x10/0x10 [ 452.545919][T16964] ? do_raw_spin_lock+0x128/0x260 [ 452.545944][T16964] ? get_signal+0x7e0/0x21e0 [ 452.545970][T16964] do_group_exit+0xd5/0x2a0 [ 452.545989][T16964] get_signal+0x1ec7/0x21e0 [ 452.546015][T16964] ? putname+0xb1/0x110 [ 452.546035][T16964] ? __pfx_get_signal+0x10/0x10 [ 452.546061][T16964] ? do_futex+0x190/0x440 [ 452.546085][T16964] arch_do_signal_or_restart+0x91/0x7a0 [ 452.546138][T16964] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 452.546165][T16964] ? __x64_sys_openat+0x12d/0x210 [ 452.546187][T16964] ? rcu_is_watching+0x12/0xc0 [ 452.546203][T16964] exit_to_user_mode_loop+0x139/0x6f0 [ 452.546227][T16964] ? rcu_is_watching+0x12/0xc0 [ 452.546242][T16964] do_syscall_64+0x652/0x840 [ 452.546257][T16964] ? clear_bhb_loop+0x40/0x90 [ 452.546277][T16964] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 452.546295][T16964] RIP: 0033:0x7f518dd9ce59 [ 452.546308][T16964] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 452.546325][T16964] RSP: 002b:00007f518bbd30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 452.546344][T16964] RAX: fffffffffffffe00 RBX: 00007f518e016278 RCX: 00007f518dd9ce59 [ 452.546355][T16964] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f518e016278 [ 452.546365][T16964] RBP: 00007f518e016270 R08: 0000000000000000 R09: 0000000000000000 [ 452.546376][T16964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 452.546386][T16964] R13: 00007f518e016308 R14: 00007ffe164f4190 R15: 00007ffe164f4278 [ 452.546400][T16964] [ 453.568099][T16992] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2256'. [ 454.328031][T16998] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2259'. [ 454.417460][T16998] Process accounting paused [ 456.199198][T17058] Invalid ELF header magic: != ELF [ 456.960320][T17086] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 5 with max blocks 2 with error 117 [ 456.986788][T17086] EXT4-fs (sda1): This should not happen!! Data will be lost [ 456.986788][T17086] [ 457.811036][T17108] futex_wake_op: syz.1.2288 tries to shift op by -2048; fix this program [ 457.918604][T17113] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2290'. [ 457.953862][T17113] FAULT_INJECTION: forcing a failure. [ 457.953862][T17113] name failslab, interval 1, probability 0, space 0, times 0 [ 457.996921][T17113] CPU: 0 UID: 0 PID: 17113 Comm: syz.2.2290 Tainted: G L syzkaller #0 PREEMPT(full) [ 457.996952][T17113] Tainted: [L]=SOFTLOCKUP [ 457.996958][T17113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 457.996969][T17113] Call Trace: [ 457.996975][T17113] [ 457.996982][T17113] dump_stack_lvl+0x100/0x190 [ 457.997014][T17113] should_fail_ex.cold+0x5/0xa [ 457.997033][T17113] ? kmem_cache_alloc_noprof+0x54/0x6e0 [ 457.997061][T17113] should_failslab+0xc2/0x120 [ 457.997077][T17113] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 457.997101][T17113] ? seq_open+0x55/0x170 [ 457.997124][T17113] ? lockdep_init_map_type+0x5c/0x250 [ 457.997150][T17113] seq_open+0x55/0x170 [ 457.997181][T17113] kernfs_fop_open+0x590/0xd50 [ 457.997206][T17113] do_dentry_open+0x6ab/0x14d0 [ 457.997222][T17113] ? __pfx_kernfs_fop_open+0x10/0x10 [ 457.997246][T17113] vfs_open+0x82/0x3f0 [ 457.997268][T17113] path_openat+0x2873/0x4280 [ 457.997289][T17113] ? __pfx_path_openat+0x10/0x10 [ 457.997309][T17113] do_file_open+0x20e/0x430 [ 457.997327][T17113] ? __pfx_do_file_open+0x10/0x10 [ 457.997350][T17113] ? alloc_fd+0x471/0x7a0 [ 457.997366][T17113] ? do_getname+0x191/0x390 [ 457.997387][T17113] do_sys_openat2+0x10f/0x1e0 [ 457.997409][T17113] ? __pfx_do_sys_openat2+0x10/0x10 [ 457.997431][T17113] ? __fget_files+0x21f/0x3d0 [ 457.997448][T17113] __x64_sys_openat+0x12d/0x210 [ 457.997471][T17113] ? __pfx___x64_sys_openat+0x10/0x10 [ 457.997495][T17113] ? rcu_is_watching+0x12/0xc0 [ 457.997512][T17113] do_syscall_64+0x115/0x840 [ 457.997528][T17113] ? clear_bhb_loop+0x40/0x90 [ 457.997547][T17113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 457.997565][T17113] RIP: 0033:0x7f7f8e79ce59 [ 457.997579][T17113] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 457.997597][T17113] RSP: 002b:00007f7f8f57d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 457.997615][T17113] RAX: ffffffffffffffda RBX: 00007f7f8ea15fa0 RCX: 00007f7f8e79ce59 [ 457.997626][T17113] RDX: 0000000000182b02 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 457.997637][T17113] RBP: 00007f7f8e832d6f R08: 0000000000000000 R09: 0000000000000000 [ 457.997648][T17113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 457.997658][T17113] R13: 00007f7f8ea16038 R14: 00007f7f8ea15fa0 R15: 00007ffcb9ca6038 [ 457.997674][T17113] [ 458.677530][T17117] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2291'. [ 458.917919][T17128] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2293'. [ 459.023718][T17134] FAULT_INJECTION: forcing a failure. [ 459.023718][T17134] name failslab, interval 1, probability 0, space 0, times 0 [ 459.117058][T17134] CPU: 0 UID: 0 PID: 17134 Comm: syz.2.2294 Tainted: G L syzkaller #0 PREEMPT(full) [ 459.117091][T17134] Tainted: [L]=SOFTLOCKUP [ 459.117098][T17134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 459.117109][T17134] Call Trace: [ 459.117115][T17134] [ 459.117122][T17134] dump_stack_lvl+0x100/0x190 [ 459.117154][T17134] should_fail_ex.cold+0x5/0xa [ 459.117173][T17134] ? __kmalloc_node_track_caller_noprof+0xbd/0x850 [ 459.117204][T17134] should_failslab+0xc2/0x120 [ 459.117221][T17134] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 459.117248][T17134] ? key_alloc+0x423/0x1310 [ 459.117334][T17134] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 459.117360][T17134] kmemdup_noprof+0x29/0x60 [ 459.117397][T17134] key_alloc+0x423/0x1310 [ 459.117421][T17134] ? __pfx_key_alloc+0x10/0x10 [ 459.117444][T17134] keyring_alloc+0x44/0xc0 [ 459.117467][T17134] lookup_user_key+0x9b8/0x1300 [ 459.117502][T17134] ? __pfx_lookup_user_key+0x10/0x10 [ 459.117519][T17134] ? do_futex+0x190/0x440 [ 459.117544][T17134] ? __pfx_do_futex+0x10/0x10 [ 459.117569][T17134] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 459.117589][T17134] ? __x64_sys_futex+0x34f/0x4d0 [ 459.117615][T17134] ? __x64_sys_futex+0x358/0x4d0 [ 459.117641][T17134] ? __pfx___x64_sys_rt_tgsigqueueinfo+0x10/0x10 [ 459.117663][T17134] keyctl_watch_key+0x52/0x500 [ 459.117688][T17134] __do_sys_keyctl+0x29f/0x5a0 [ 459.117704][T17134] do_syscall_64+0x115/0x840 [ 459.117722][T17134] ? clear_bhb_loop+0x40/0x90 [ 459.117742][T17134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 459.117760][T17134] RIP: 0033:0x7f7f8e79ce59 [ 459.117776][T17134] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 459.117793][T17134] RSP: 002b:00007f7f8c9f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 459.117812][T17134] RAX: ffffffffffffffda RBX: 00007f7f8ea16090 RCX: 00007f7f8e79ce59 [ 459.117823][T17134] RDX: 0000000000000005 RSI: ffffffffffffffff RDI: 0200000000000020 [ 459.117834][T17134] RBP: 00007f7f8e832d6f R08: 0000000000000008 R09: 0000000000000000 [ 459.117846][T17134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 459.117857][T17134] R13: 00007f7f8ea16128 R14: 00007f7f8ea16090 R15: 00007ffcb9ca6038 [ 459.117873][T17134] [ 460.158604][T17161] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2299'. [ 460.194656][T17170] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2304'. [ 460.242133][T17161] bridge0: port 2(bridge_slave_1) entered disabled state [ 460.249633][T17161] bridge0: port 1(bridge_slave_0) entered disabled state [ 460.311003][T17161] bridge0: entered promiscuous mode [ 463.454083][T17268] ptrace attach of "ci-qemu-gce-upstream-auto/syz-executor exec"[5627] was attempted by "ci-qemu-gce-upstream-auto/syz-executor exec"[17268] [ 463.482199][T17269] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2323'. [ 463.522312][T17263] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2322'. [ 465.855739][T17356] FAULT_INJECTION: forcing a failure. [ 465.855739][T17356] name failslab, interval 1, probability 0, space 0, times 0 [ 465.950589][T17356] CPU: 0 UID: 0 PID: 17356 Comm: syz.0.2340 Tainted: G L syzkaller #0 PREEMPT(full) [ 465.950620][T17356] Tainted: [L]=SOFTLOCKUP [ 465.950626][T17356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 465.950637][T17356] Call Trace: [ 465.950643][T17356] [ 465.950649][T17356] dump_stack_lvl+0x100/0x190 [ 465.950683][T17356] should_fail_ex.cold+0x5/0xa [ 465.950701][T17356] ? kmem_cache_alloc_noprof+0x54/0x6e0 [ 465.950728][T17356] should_failslab+0xc2/0x120 [ 465.950744][T17356] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 465.950768][T17356] ? alloc_empty_file+0x5b/0x1c0 [ 465.950789][T17356] ? lock_release+0x24d/0x310 [ 465.950813][T17356] alloc_empty_file+0x5b/0x1c0 [ 465.950834][T17356] alloc_file_pseudo+0x183/0x290 [ 465.950856][T17356] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 465.950890][T17356] __shmem_file_setup+0x205/0x460 [ 465.950911][T17356] ? __pfx___shmem_file_setup+0x10/0x10 [ 465.950933][T17356] ? vm_area_alloc+0x1f/0x160 [ 465.950957][T17356] shmem_zero_setup+0x96/0x1b0 [ 465.950984][T17356] __mmap_region+0x2509/0x2dd0 [ 465.951009][T17356] ? __pfx___mmap_region+0x10/0x10 [ 465.951031][T17356] ? __pfx_stack_trace_save+0x10/0x10 [ 465.951053][T17356] ? rcu_is_watching+0x12/0xc0 [ 465.951071][T17356] ? rcu_is_watching+0x12/0xc0 [ 465.951086][T17356] ? __css_rstat_updated+0x1ce/0x5a0 [ 465.951109][T17356] ? do_raw_spin_lock+0x128/0x260 [ 465.951135][T17356] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 465.951160][T17356] ? debug_object_assert_init+0x1c4/0x300 [ 465.951233][T17356] ? rcu_is_watching+0x12/0xc0 [ 465.951252][T17356] ? trace_hrtimer_start+0x77/0x220 [ 465.951279][T17356] ? hrtimer_start_range_ns_common+0x78e/0x18b0 [ 465.951313][T17356] ? rcu_is_watching+0x12/0xc0 [ 465.951328][T17356] ? trace_irq_enable.constprop.0+0x122/0x160 [ 465.951380][T17356] mmap_region+0x35d/0x620 [ 465.951404][T17356] ? rcu_is_watching+0x12/0xc0 [ 465.951419][T17356] ? __pfx_mmap_region+0x10/0x10 [ 465.951444][T17356] ? cap_mmap_addr+0x4b/0x120 [ 465.951469][T17356] ? bpf_lsm_mmap_addr+0x9/0x30 [ 465.951499][T17356] ? security_mmap_addr+0x71/0x1e0 [ 465.951548][T17356] ? __get_unmapped_area+0x255/0x3e0 [ 465.951568][T17356] do_mmap+0xc63/0x12f0 [ 465.951587][T17356] ? __pfx_do_mmap+0x10/0x10 [ 465.951605][T17356] ? __pfx_down_write_killable+0x10/0x10 [ 465.951626][T17356] ? __pfx_futex_wait+0x10/0x10 [ 465.951645][T17356] vm_mmap_pgoff+0x29e/0x470 [ 465.951665][T17356] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 465.951684][T17356] ? __pfx_do_futex+0x10/0x10 [ 465.951709][T17356] ? __pfx___might_resched+0x10/0x10 [ 465.951732][T17356] ksys_mmap_pgoff+0xe4/0x610 [ 465.951749][T17356] ? __x64_sys_futex+0x358/0x4d0 [ 465.951775][T17356] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 465.951791][T17356] ? xfd_validate_state+0x129/0x190 [ 465.951827][T17356] __x64_sys_mmap+0x125/0x190 [ 465.951844][T17356] do_syscall_64+0x115/0x840 [ 465.951860][T17356] ? clear_bhb_loop+0x40/0x90 [ 465.951888][T17356] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 465.951907][T17356] RIP: 0033:0x7f518dd9ce59 [ 465.951922][T17356] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 465.951941][T17356] RSP: 002b:00007f518eb88028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 465.951959][T17356] RAX: ffffffffffffffda RBX: 00007f518e016090 RCX: 00007f518dd9ce59 [ 465.951971][T17356] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 465.951982][T17356] RBP: 00007f518de32d6f R08: 0000000000000401 R09: 0000000000008000 [ 465.951993][T17356] R10: 0040000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 465.952004][T17356] R13: 00007f518e016128 R14: 00007f518e016090 R15: 00007ffe164f4278 [ 465.952019][T17356] [ 467.546680][T17390] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2347'. [ 467.817804][ T5703] ACPI Error: Could not disable RealTimeClock events (20260408/evxfevnt-243) [ 468.006222][T17395] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2348'. [ 468.106334][T17409] nfs: Unknown parameter 'nl802154' [ 468.249582][T17410] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:106: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137 [ 468.336307][T17410] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:106: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138 [ 468.436714][T17410] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum [ 468.753183][T17427] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2355'. [ 468.870725][T10008] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 468.880234][T10008] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 468.887733][T10008] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 468.895344][T10008] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 468.902729][T10008] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 468.985731][T10008] Bluetooth: hci2: unexpected event 0x04 length: 435 > 10 [ 468.985774][T10008] Bluetooth: hci2: connection err: -111 [ 469.302059][T17435] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2357'. [ 469.523398][T17451] netlink: 350 bytes leftover after parsing attributes in process `syz.1.2360'. [ 469.631743][T17458] cougar: G6 mapped to space [ 469.676908][T13311] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 469.774095][T13311] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 469.831986][T13311] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 469.862656][ T30] audit: type=1800 audit(2147550259.548:23): pid=17459 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2361" name="features" dev="configfs" ino=75560 res=0 errno=0 [ 469.930313][T13311] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 470.134728][T13311] bridge_slave_1: left allmulticast mode [ 470.157865][T13311] bridge_slave_1: left promiscuous mode [ 470.182979][T13311] bridge0: port 2(bridge_slave_1) entered disabled state [ 470.209380][T13311] bridge_slave_0: left allmulticast mode [ 470.251437][T13311] bridge_slave_0: left promiscuous mode [ 470.294129][T13311] bridge0: port 1(bridge_slave_0) entered disabled state [ 470.510559][T13311] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 470.530783][T13311] bond0 (unregistering): Released all slaves [ 470.688940][T17504] random: crng reseeded on system resumption [ 470.945234][T10008] Bluetooth: hci4: command tx timeout [ 471.059448][T17428] bridge0: port 1(bridge_slave_0) entered blocking state [ 471.103471][T17428] bridge0: port 1(bridge_slave_0) entered disabled state [ 471.146841][T17428] bridge_slave_0: entered allmulticast mode [ 471.179284][T17428] bridge_slave_0: entered promiscuous mode [ 471.209657][T17428] bridge0: port 2(bridge_slave_1) entered blocking state [ 471.246815][T17428] bridge0: port 2(bridge_slave_1) entered disabled state [ 471.284000][T17428] bridge_slave_1: entered allmulticast mode [ 471.311006][T17428] bridge_slave_1: entered promiscuous mode [ 471.347947][ T5294] 8021q: adding VLAN 0 to HW filter on device eth1 [ 471.457380][T17428] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 471.503484][T17428] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 471.556902][T13311] hsr_slave_0: left promiscuous mode [ 471.591351][T13311] hsr_slave_1: left promiscuous mode [ 471.619831][T13311] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 471.635761][T17533] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2374'. [ 471.659982][T13311] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 471.698136][T13311] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 471.732289][T13311] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 471.783788][T13311] veth1_macvtap: left promiscuous mode [ 471.812591][T13311] veth0_macvtap: left promiscuous mode [ 472.145653][T13311] team0 (unregistering): Port device team_slave_1 removed [ 472.195281][T13311] team0 (unregistering): Port device team_slave_0 removed [ 472.348161][T13311] smc: removing net device dummy0 with user defined pnetid DUMMY0 [ 472.482876][T17428] team0: Port device team_slave_0 added [ 472.514001][T17428] team0: Port device team_slave_1 added [ 472.596006][T17428] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 472.627232][T17428] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 472.719574][T17428] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 472.760410][ T5294] 8021q: adding VLAN 0 to HW filter on device eth2 [ 472.778812][T17428] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 472.796329][T17428] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 472.888901][T17428] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 473.017573][T10008] Bluetooth: hci4: command tx timeout [ 473.075006][T17428] hsr_slave_0: entered promiscuous mode [ 473.108722][T17428] hsr_slave_1: entered promiscuous mode [ 473.137877][T17428] debugfs: 'hsr0' already exists in 'hsr' [ 473.165093][T17428] Cannot create hsr debugfs directory [ 473.912443][T17428] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 473.940221][T17428] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 473.965163][T17428] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 473.989903][T17428] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 474.014523][T17428] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 474.048976][T17428] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 474.090822][T17428] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 474.122671][T17428] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 474.327616][T17428] 8021q: adding VLAN 0 to HW filter on device bond0 [ 474.395730][T17428] 8021q: adding VLAN 0 to HW filter on device team0 [ 474.495566][T13307] bridge0: port 1(bridge_slave_0) entered blocking state [ 474.502725][T13307] bridge0: port 1(bridge_slave_0) entered forwarding state [ 474.589804][T13307] bridge0: port 2(bridge_slave_1) entered blocking state [ 474.597063][T13307] bridge0: port 2(bridge_slave_1) entered forwarding state [ 474.697199][T17536] Process accounting paused [ 474.903663][T17635] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2385'. [ 475.086294][T10008] Bluetooth: hci4: command tx timeout [ 476.237642][T17428] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 476.355898][T17428] veth0_vlan: entered promiscuous mode [ 476.413702][T17428] veth1_vlan: entered promiscuous mode [ 476.497445][T17428] veth0_macvtap: entered promiscuous mode [ 476.555256][T17428] veth1_macvtap: entered promiscuous mode [ 476.637436][T17428] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 476.694222][T17428] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 476.761653][T13306] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.825103][T13306] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.882908][T13306] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.932161][T13306] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.135840][T13308] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 477.157131][T10008] Bluetooth: hci4: command tx timeout [ 477.186112][T17707] can: request_module (can-proto-4) failed. [ 477.205161][T13308] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 477.360266][T13306] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 477.404228][T13306] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 478.128511][T10429] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 478.137295][T10429] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 478.145714][T10429] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 478.153645][T10429] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 478.161693][T10429] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 478.346603][ T30] audit: type=1804 audit(2147550268.067:24): pid=17749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2398" name="file0" dev="tmpfs" ino=3223 res=1 errno=0 [ 479.512940][T17755] bridge0: port 1(bridge_slave_0) entered blocking state [ 479.535140][T17755] bridge0: port 1(bridge_slave_0) entered disabled state [ 479.558728][T17755] bridge_slave_0: entered allmulticast mode [ 479.586124][T17755] bridge_slave_0: entered promiscuous mode [ 479.603753][T17755] bridge0: port 2(bridge_slave_1) entered blocking state [ 479.627680][T17755] bridge0: port 2(bridge_slave_1) entered disabled state [ 479.652489][T17755] bridge_slave_1: entered allmulticast mode [ 479.676181][T17755] bridge_slave_1: entered promiscuous mode [ 479.731968][T17755] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 479.765235][T17755] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 479.831827][T17755] team0: Port device team_slave_0 added [ 479.855084][T17755] team0: Port device team_slave_1 added [ 479.905580][T17755] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 479.928539][T17755] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 480.011503][T17755] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 480.047385][T17755] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 480.068911][T17755] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 480.150471][T17755] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 480.182953][T10429] Bluetooth: hci1: command tx timeout [ 480.240335][T17755] hsr_slave_0: entered promiscuous mode [ 480.262521][T17755] hsr_slave_1: entered promiscuous mode [ 480.279717][T17755] debugfs: 'hsr0' already exists in 'hsr' [ 480.299153][T17755] Cannot create hsr debugfs directory [ 480.446985][T17790] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 480.529617][T17755] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.598416][T17755] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.683491][T17755] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.854481][T17755] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 480.902412][T17755] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 480.933513][T17755] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 480.970909][T17755] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 481.002432][T17755] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 481.043279][T17755] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 481.083006][T17755] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 481.131777][T17755] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 481.329562][T17755] 8021q: adding VLAN 0 to HW filter on device bond0 [ 481.393608][T17755] 8021q: adding VLAN 0 to HW filter on device team0 [ 481.433020][T13301] bridge0: port 1(bridge_slave_0) entered blocking state [ 481.440199][T13301] bridge0: port 1(bridge_slave_0) entered forwarding state [ 481.505877][T13301] bridge0: port 2(bridge_slave_1) entered blocking state [ 481.513041][T13301] bridge0: port 2(bridge_slave_1) entered forwarding state [ 482.253428][T10429] Bluetooth: hci1: command tx timeout [ 482.590021][T17755] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 482.691925][T17755] veth0_vlan: entered promiscuous mode [ 482.727566][T17755] veth1_vlan: entered promiscuous mode [ 482.816711][T17755] veth0_macvtap: entered promiscuous mode [ 482.852645][T17755] veth1_macvtap: entered promiscuous mode [ 482.909718][T17755] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 482.958967][T17755] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 483.014008][T13311] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 483.043006][T13311] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 483.088685][T13311] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 483.141343][T13311] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 483.328533][T13311] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 483.371391][T13311] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 483.436813][T13311] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 483.478114][T13311] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 484.323655][T10429] Bluetooth: hci1: command tx timeout [ 484.692936][T10008] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 484.701039][T10008] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 484.709659][T10008] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 484.717929][T10008] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 484.728282][T10008] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 485.044690][T17885] random: crng reseeded on system resumption [ 486.257491][T17880] bridge0: port 1(bridge_slave_0) entered blocking state [ 486.291078][T17880] bridge0: port 1(bridge_slave_0) entered disabled state [ 486.321085][T17880] bridge_slave_0: entered allmulticast mode [ 486.358162][T17880] bridge_slave_0: entered promiscuous mode [ 486.390030][T17880] bridge0: port 2(bridge_slave_1) entered blocking state [ 486.397773][T10008] Bluetooth: hci1: command tx timeout [ 486.430065][T17880] bridge0: port 2(bridge_slave_1) entered disabled state [ 486.461747][T17880] bridge_slave_1: entered allmulticast mode [ 486.491725][T17880] bridge_slave_1: entered promiscuous mode [ 486.582349][T17880] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 486.628314][T17880] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 486.725728][T17880] team0: Port device team_slave_0 added [ 486.760302][T17880] team0: Port device team_slave_1 added [ 486.793104][T10008] Bluetooth: hci2: command tx timeout [ 486.806455][T17919] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2422'. [ 486.831915][T17880] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 486.864432][T17880] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 486.995597][T17880] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 487.034007][T17880] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 487.058346][T17880] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 487.148366][T17880] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 487.204177][T17937] FAULT_INJECTION: forcing a failure. [ 487.204177][T17937] name failslab, interval 1, probability 0, space 0, times 0 [ 487.240549][T17937] CPU: 0 UID: 0 PID: 17937 Comm: syz.3.2432 Tainted: G L syzkaller #0 PREEMPT(full) [ 487.240582][T17937] Tainted: [L]=SOFTLOCKUP [ 487.240588][T17937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 487.240599][T17937] Call Trace: [ 487.240605][T17937] [ 487.240612][T17937] dump_stack_lvl+0x100/0x190 [ 487.240645][T17937] should_fail_ex.cold+0x5/0xa [ 487.240665][T17937] ? kmem_cache_alloc_noprof+0x54/0x6e0 [ 487.240691][T17937] should_failslab+0xc2/0x120 [ 487.240708][T17937] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 487.240732][T17937] ? __anon_vma_prepare+0x344/0x5e0 [ 487.240753][T17937] ? rcu_is_cpu_rrupt_from_idle+0x1d3/0x270 [ 487.240772][T17937] __anon_vma_prepare+0x344/0x5e0 [ 487.240793][T17937] ? __filemap_get_folio_mpol+0x369/0x1280 [ 487.240820][T17937] __vmf_anon_prepare+0x11f/0x250 [ 487.240838][T17937] hugetlb_no_page+0xf6f/0x1b00 [ 487.240859][T17937] ? huge_pte_alloc+0x4ce/0x730 [ 487.240880][T17937] hugetlb_fault+0x5e5/0x1410 [ 487.240901][T17937] ? __pfx_hugetlb_fault+0x10/0x10 [ 487.240924][T17937] ? find_vma+0xbf/0x140 [ 487.240939][T17937] ? __pfx_find_vma+0x10/0x10 [ 487.240954][T17937] handle_mm_fault+0x5ff/0xa30 [ 487.240978][T17937] do_user_addr_fault+0x74c/0x12f0 [ 487.241000][T17937] exc_page_fault+0x6f/0xd0 [ 487.241075][T17937] asm_exc_page_fault+0x26/0x30 [ 487.241093][T17937] RIP: 0010:rep_movs_alternative+0x33/0xa0 [ 487.241118][T17937] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb [ 487.241136][T17937] RSP: 0018:ffffc90004f9fe78 EFLAGS: 00050246 [ 487.241152][T17937] RAX: 0079616c7265766f RBX: 0000000000000008 RCX: 0000000000000008 [ 487.241164][T17937] RDX: 0000000000000001 RSI: ffffffff8bf54260 RDI: 0000000000000000 [ 487.241176][T17937] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff17ea84c [ 487.241186][T17937] R10: ffffffff8bf54267 R11: 0000000000000000 R12: ffffffff8bf54260 [ 487.241198][T17937] R13: 0000000000000008 R14: 00007ffffffff000 R15: 0000000000000000 [ 487.241223][T17937] _copy_to_user+0xa4/0xd0 [ 487.241249][T17937] fs_name+0x25e/0x4a0 [ 487.241271][T17937] __x64_sys_sysfs+0xe6/0x120 [ 487.241293][T17937] do_syscall_64+0x115/0x840 [ 487.241310][T17937] ? clear_bhb_loop+0x40/0x90 [ 487.241330][T17937] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 487.241349][T17937] RIP: 0033:0x7ff78019ce59 [ 487.241364][T17937] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 487.241382][T17937] RSP: 002b:00007ff780f7f028 EFLAGS: 00000246 ORIG_RAX: 000000000000008b [ 487.241399][T17937] RAX: ffffffffffffffda RBX: 00007ff780415fa0 RCX: 00007ff78019ce59 [ 487.241411][T17937] RDX: 0000000000000000 RSI: 0100000000000036 RDI: 0000000000000002 [ 487.241423][T17937] RBP: 00007ff780232d6f R08: 0000000000000000 R09: 0000000000000000 [ 487.241434][T17937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 487.241446][T17937] R13: 00007ff780416038 R14: 00007ff780415fa0 R15: 00007ffc9ed6b9a8 [ 487.241463][T17937] [ 488.283617][T13307] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 488.359826][T17880] hsr_slave_0: entered promiscuous mode [ 488.383232][T17880] hsr_slave_1: entered promiscuous mode [ 488.400308][T17880] debugfs: 'hsr0' already exists in 'hsr' [ 488.420320][T17880] Cannot create hsr debugfs directory [ 488.446823][T13307] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 488.501136][T13307] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 488.630212][T13307] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 488.863301][T10008] Bluetooth: hci2: command tx timeout [ 488.879014][T13307] bond0: left allmulticast mode [ 488.898244][T13307] bond_slave_0: left allmulticast mode [ 488.906653][T17959] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 488.931497][T13307] bond_slave_1: left allmulticast mode [ 488.959760][T13307] bond0: left promiscuous mode [ 488.987043][T13307] bond_slave_0: left promiscuous mode [ 489.015265][T13307] bond_slave_1: left promiscuous mode [ 489.047121][T13307] bridge0: port 3(bond0) entered disabled state [ 489.083006][T13307] bridge_slave_1: left allmulticast mode [ 489.106188][T13307] bridge_slave_1: left promiscuous mode [ 489.137501][T13307] bridge0: port 2(bridge_slave_1) entered disabled state [ 489.196408][T13307] bridge_slave_0: left allmulticast mode [ 489.217634][T13307] bridge_slave_0: left promiscuous mode [ 489.246645][T13307] bridge0: port 1(bridge_slave_0) entered disabled state [ 489.519973][T13307] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 489.564635][T13307] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 489.610368][T13307] bond0 (unregistering): Released all slaves [ 489.712600][T13307] tipc: Left network mode [ 490.050363][T17985] usb usb13: check_ctrlrecip: process 17985 (syz.3.2433) requesting ep 01 but needs 81 [ 490.095393][T17985] usb usb13: usbfs: process 17985 (syz.3.2433) did not claim interface 0 before use [ 490.133742][T17880] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 490.185827][T17880] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 490.234532][T17880] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 490.295808][T17880] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 490.382849][T17880] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 490.437959][T17880] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 490.480801][T17880] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 490.520029][T17880] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 490.657898][T13307] hsr_slave_0: left promiscuous mode [ 490.685587][T13307] hsr_slave_1: left promiscuous mode [ 490.706700][T13307] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 490.741191][T13307] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 490.750893][T13307] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 490.750912][T13307] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 490.780136][T13307] veth1_macvtap: left allmulticast mode [ 490.780270][T13307] veth1_macvtap: left promiscuous mode [ 490.780289][T13307] veth0_macvtap: left promiscuous mode [ 490.933953][T10008] Bluetooth: hci2: command tx timeout [ 491.069075][T13307] team0 (unregistering): Port device team_slave_1 removed [ 491.085764][T13307] team0 (unregistering): Port device team_slave_0 removed [ 491.561573][T17880] 8021q: adding VLAN 0 to HW filter on device bond0 [ 491.640872][T17880] 8021q: adding VLAN 0 to HW filter on device team0 [ 491.701761][T13307] bridge0: port 1(bridge_slave_0) entered blocking state [ 491.708925][T13307] bridge0: port 1(bridge_slave_0) entered forwarding state [ 491.795379][T18038] bdi 43:192: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead. [ 491.822941][T13307] bridge0: port 2(bridge_slave_1) entered blocking state [ 491.830114][T13307] bridge0: port 2(bridge_slave_1) entered forwarding state [ 491.932324][T18034] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2439'. [ 492.104201][T18053] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2442'. [ 492.348327][T18059] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2443'. [ 492.898597][T17880] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 493.003843][T10008] Bluetooth: hci2: command tx timeout [ 493.039491][T17880] veth0_vlan: entered promiscuous mode [ 493.078804][T17880] veth1_vlan: entered promiscuous mode [ 493.154891][T17880] veth0_macvtap: entered promiscuous mode [ 493.200961][T17880] veth1_macvtap: entered promiscuous mode [ 493.246502][T13301] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 11 with max blocks 1 with error 117 [ 493.274957][T17880] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 493.318695][T17880] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 493.330017][T13301] EXT4-fs (sda1): This should not happen!! Data will be lost [ 493.330017][T13301] [ 493.388010][T13311] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 493.433096][T13311] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 493.484251][T13311] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 493.531714][T13311] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 493.704114][T13311] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 493.745358][T13311] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 493.811191][T13307] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 493.843329][T13307] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 494.791426][T18109] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2450'. [ 496.155566][T18150] random: crng reseeded on system resumption [ 496.244479][T18152] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2458'. [ 497.371973][T18179] ubi0: attaching mtd0 [ 497.434555][T18179] ubi0: scanning is finished [ 497.489317][T18179] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 497.881822][T18179] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 500.253405][ T1326] ieee802154 phy0 wpan0: encryption failed: -22 [ 500.262668][ T1326] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.372567][T18237] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2473'. [ 501.705349][T18248] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 502.193133][T18256] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2477'. [ 502.542529][T18275] random: crng reseeded on system resumption [ 504.034803][T18301] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2487'. [ 504.120696][T18306] FAULT_INJECTION: forcing a failure. [ 504.120696][T18306] name failslab, interval 1, probability 0, space 0, times 0 [ 504.156162][T18308] ubi0: attaching mtd0 [ 504.191396][T18308] ubi0: scanning is finished [ 504.208257][T18306] CPU: 0 UID: 0 PID: 18306 Comm: syz.1.2488 Tainted: G L syzkaller #0 PREEMPT(full) [ 504.208287][T18306] Tainted: [L]=SOFTLOCKUP [ 504.208294][T18306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 504.208304][T18306] Call Trace: [ 504.208310][T18306] [ 504.208317][T18306] dump_stack_lvl+0x100/0x190 [ 504.208350][T18306] should_fail_ex.cold+0x5/0xa [ 504.208369][T18306] ? fs_reclaim_acquire+0x70/0x100 [ 504.208389][T18306] ? tomoyo_encode2+0xfb/0x3c0 [ 504.208479][T18306] should_failslab+0xc2/0x120 [ 504.208503][T18306] __kmalloc_noprof+0xe0/0x850 [ 504.208526][T18306] ? d_absolute_path+0x136/0x1b0 [ 504.208552][T18306] tomoyo_encode2+0xfb/0x3c0 [ 504.208580][T18306] tomoyo_encode+0x29/0x50 [ 504.208601][T18306] tomoyo_realpath_from_path+0x18c/0x690 [ 504.208628][T18306] tomoyo_check_open_permission+0x2af/0x3c0 [ 504.208648][T18306] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 504.208667][T18306] ? do_sys_openat2+0x10f/0x1e0 [ 504.208688][T18306] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 504.208708][T18306] ? hook_file_open+0x24e/0x7a0 [ 504.208750][T18306] ? rcu_is_watching+0x12/0xc0 [ 504.208766][T18306] tomoyo_file_open+0x6b/0x90 [ 504.208792][T18306] security_file_open+0xb5/0x1e0 [ 504.208813][T18306] do_dentry_open+0x588/0x14d0 [ 504.208832][T18306] vfs_open+0x82/0x3f0 [ 504.208859][T18306] path_openat+0x2873/0x4280 [ 504.208878][T18306] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 504.208897][T18306] ? __pfx_path_openat+0x10/0x10 [ 504.208925][T18306] do_file_open+0x20e/0x430 [ 504.208942][T18306] ? __pfx_do_file_open+0x10/0x10 [ 504.208966][T18306] ? alloc_fd+0x471/0x7a0 [ 504.208982][T18306] ? do_getname+0x191/0x390 [ 504.209003][T18306] do_sys_openat2+0x10f/0x1e0 [ 504.209024][T18306] ? __pfx_do_sys_openat2+0x10/0x10 [ 504.209047][T18306] ? trace_irq_enable.constprop.0+0x122/0x160 [ 504.209074][T18306] __x64_sys_openat+0x12d/0x210 [ 504.209097][T18306] ? __pfx___x64_sys_openat+0x10/0x10 [ 504.209122][T18306] ? rcu_is_watching+0x12/0xc0 [ 504.209139][T18306] do_syscall_64+0x115/0x840 [ 504.209155][T18306] ? clear_bhb_loop+0x40/0x90 [ 504.209174][T18306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 504.209192][T18306] RIP: 0033:0x7f97cd59ce59 [ 504.209207][T18306] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 504.209224][T18306] RSP: 002b:00007f97ce44f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 504.209243][T18306] RAX: ffffffffffffffda RBX: 00007f97cd815fa0 RCX: 00007f97cd59ce59 [ 504.209254][T18306] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 504.209265][T18306] RBP: 00007f97cd632d6f R08: 0000000000000000 R09: 0000000000000000 [ 504.209276][T18306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 504.209287][T18306] R13: 00007f97cd816038 R14: 00007f97cd815fa0 R15: 00007ffd9a06f798 [ 504.209303][T18306] [ 504.209329][T18306] ERROR: Out of memory at tomoyo_realpath_from_path. [ 504.550110][T18308] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 504.857428][ T5627] Process accounting resumed [ 505.159869][T18308] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 505.244384][T10429] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 505.311419][T10429] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 505.357753][T10429] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 505.421400][T10427] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 505.448484][T10427] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 505.483138][T18194] ------------[ cut here ]------------ [ 505.488872][T18194] ODEBUG: free active (active state 0) object: ffff8880356fd438 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 505.502205][T18194] WARNING: lib/debugobjects.c:629 at debug_print_object+0x18e/0x2a0, CPU#0: syz.2.2461/18194 [ 505.512852][T18194] Modules linked in: [ 505.516920][T18194] CPU: 0 UID: 0 PID: 18194 Comm: syz.2.2461 Tainted: G L syzkaller #0 PREEMPT(full) [ 505.527963][T18194] Tainted: [L]=SOFTLOCKUP [ 505.532303][T18194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 505.542425][T18194] RIP: 0010:debug_print_object+0x19b/0x2a0 [ 505.548640][T18194] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d f2 de e1 0b 41 56 48 8b 14 dd c0 90 1c 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 0c 55 d7 0b 01 48 83 c4 18 5b 5d 41 5c 41 [ 505.568307][T18194] RSP: 0000:ffffc9000346f738 EFLAGS: 00010246 [ 505.574389][T18194] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 505.582401][T18194] RDX: ffffffff8c1c9000 RSI: ffffffff8c1c8c20 RDI: ffffffff90e2b320 [ 505.590597][T18194] RBP: 0000000000000001 R08: ffff8880356fd438 R09: ffffffff8bb2e020 [ 505.599151][T18194] R10: 0000000000000000 R11: ffffffff8a88ba6b R12: ffffffff8c1c8c20 [ 505.607532][T18194] R13: ffffffff8bb2e060 R14: ffffffff8a91cc80 R15: ffffc9000346f838 [ 505.615519][T18194] FS: 0000000000000000(0000) GS:ffff888124384000(0000) knlGS:0000000000000000 [ 505.624606][T18194] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 505.631398][T18194] CR2: 0000000000160000 CR3: 000000007af22000 CR4: 00000000003526f0 [ 505.639446][T18194] Call Trace: [ 505.642735][T18194] [ 505.645727][T18194] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 505.651218][T18194] ? trace_irq_enable.constprop.0+0x122/0x160 [ 505.657373][T18194] debug_check_no_obj_freed+0x4da/0x630 [ 505.662938][T18194] ? rcu_is_watching+0x12/0xc0 [ 505.667972][T18194] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 505.674168][T18194] ? rcu_is_watching+0x12/0xc0 [ 505.679004][T18194] ? __page_table_check_zero+0x333/0x410 [ 505.684646][T18194] ? __page_table_check_zero+0x338/0x410 [ 505.690421][T18194] __free_frozen_pages+0x3fc/0x10a0 [ 505.696059][T18194] hci_release_dev+0x4ef/0x630 [ 505.700928][T18194] ? __pfx_hci_release_dev+0x10/0x10 [ 505.706585][T18194] ? device_release+0x97/0x270 [ 505.711374][T18194] ? rcu_is_watching+0x12/0xc0 [ 505.716186][T18194] ? device_release+0x97/0x270 [ 505.721075][T18194] bt_host_release+0x6b/0xb0 [ 505.725767][T18194] ? __pfx_bt_host_release+0x10/0x10 [ 505.731066][T18194] device_release+0xd2/0x270 [ 505.735674][T18194] kobject_put+0x1f7/0x640 [ 505.740114][T18194] put_device+0x1f/0x30 [ 505.744292][T18194] vhci_release+0x185/0x230 [ 505.749161][T18194] ? __pfx_vhci_release+0x10/0x10 [ 505.754301][T18194] __fput+0x3ff/0xb50 [ 505.758360][T18194] task_work_run+0x150/0x240 [ 505.762967][T18194] ? __pfx_task_work_run+0x10/0x10 [ 505.768392][T18194] ? free_uts_ns+0x16e/0x330 [ 505.773180][T18194] do_exit+0x951/0x2ae0 [ 505.777362][T18194] ? __pfx_do_exit+0x10/0x10 [ 505.781951][T18194] ? __pfx_proc_coredump_connector+0x10/0x10 [ 505.788033][T18194] do_group_exit+0xd5/0x2a0 [ 505.792543][T18194] get_signal+0x1ec7/0x21e0 [ 505.797522][T18194] ? __pfx_get_signal+0x10/0x10 [ 505.802727][T18194] ? __pfx_force_sig_fault+0x10/0x10 [ 505.808080][T18194] arch_do_signal_or_restart+0x91/0x7a0 [ 505.813663][T18194] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 505.819900][T18194] ? rcu_is_watching+0x12/0xc0 [ 505.824997][T18194] irqentry_exit+0x402/0xa00 [ 505.829592][T18194] asm_exc_page_fault+0x26/0x30 [ 505.834455][T18194] RIP: 0033:0x4021000 [ 505.838486][T18194] Code: Unable to access opcode bytes at 0x4020fd6. [ 505.845103][T18194] RSP: 002b:0000000000000011 EFLAGS: 00010246 [ 505.851176][T18194] RAX: 0000000000000000 RBX: 00007f7f8ea16270 RCX: 00007f7f8e79ce59 [ 505.859179][T18194] RDX: 9999999999999999 RSI: 0000000000000009 RDI: 0000000100000008 [ 505.867174][T18194] RBP: 00007f7f8e832d6f R08: 0000000004000006 R09: 0000000000000000 [ 505.875258][T18194] R10: ffffffff81000000 R11: 0000000000000246 R12: 0000000000000000 [ 505.883228][T18194] R13: 00007f7f8ea16308 R14: 00007f7f8ea16270 R15: 00007ffcb9ca6038 [ 505.891322][T18194] ? 0xffffffff81000000 [ 505.895507][T18194] [ 505.898547][T18194] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 505.905837][T18194] CPU: 0 UID: 0 PID: 18194 Comm: syz.2.2461 Tainted: G L syzkaller #0 PREEMPT(full) [ 505.916859][T18194] Tainted: [L]=SOFTLOCKUP [ 505.921174][T18194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 505.931246][T18194] Call Trace: [ 505.934523][T18194] [ 505.937449][T18194] dump_stack_lvl+0x100/0x190 [ 505.942156][T18194] vpanic+0x552/0x970 [ 505.946135][T18194] ? __pfx_vpanic+0x10/0x10 [ 505.950720][T18194] ? lock_release+0x24d/0x310 [ 505.955402][T18194] panic+0xd1/0xe0 [ 505.959116][T18194] ? __pfx_panic+0x10/0x10 [ 505.963527][T18194] ? check_panic_on_warn+0x1f/0x90 [ 505.968778][T18194] check_panic_on_warn.cold+0x19/0x34 [ 505.974324][T18194] ? debug_print_object+0x18e/0x2a0 [ 505.979541][T18194] __warn.cold+0x191/0x318 [ 505.983953][T18194] __report_bug+0x296/0x3d0 [ 505.988517][T18194] ? debug_print_object+0x18e/0x2a0 [ 505.993767][T18194] ? __pfx___report_bug+0x10/0x10 [ 505.998865][T18194] ? lock_release+0x24d/0x310 [ 506.003561][T18194] ? bpf_ksym_find+0x124/0x1c0 [ 506.008359][T18194] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 506.014561][T18194] report_bug_entry+0xe1/0x290 [ 506.019447][T18194] ? debug_print_object+0x19b/0x2a0 [ 506.024677][T18194] handle_bug+0x1cd/0x2a0 [ 506.029031][T18194] exc_invalid_op+0x17/0x50 [ 506.033737][T18194] asm_exc_invalid_op+0x1a/0x20 [ 506.038604][T18194] RIP: 0010:debug_print_object+0x19b/0x2a0 [ 506.044528][T18194] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d f2 de e1 0b 41 56 48 8b 14 dd c0 90 1c 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 0c 55 d7 0b 01 48 83 c4 18 5b 5d 41 5c 41 [ 506.064441][T18194] RSP: 0000:ffffc9000346f738 EFLAGS: 00010246 [ 506.070521][T18194] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 506.078658][T18194] RDX: ffffffff8c1c9000 RSI: ffffffff8c1c8c20 RDI: ffffffff90e2b320 [ 506.086643][T18194] RBP: 0000000000000001 R08: ffff8880356fd438 R09: ffffffff8bb2e020 [ 506.094895][T18194] R10: 0000000000000000 R11: ffffffff8a88ba6b R12: ffffffff8c1c8c20 [ 506.102978][T18194] R13: ffffffff8bb2e060 R14: ffffffff8a91cc80 R15: ffffc9000346f838 [ 506.110969][T18194] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 506.116542][T18194] ? bt_host_release+0x6b/0xb0 [ 506.121311][T18194] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 506.126879][T18194] ? trace_irq_enable.constprop.0+0x122/0x160 [ 506.133230][T18194] debug_check_no_obj_freed+0x4da/0x630 [ 506.138791][T18194] ? rcu_is_watching+0x12/0xc0 [ 506.143650][T18194] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 506.149820][T18194] ? rcu_is_watching+0x12/0xc0 [ 506.154693][T18194] ? __page_table_check_zero+0x333/0x410 [ 506.160345][T18194] ? __page_table_check_zero+0x338/0x410 [ 506.166086][T18194] __free_frozen_pages+0x3fc/0x10a0 [ 506.171309][T18194] hci_release_dev+0x4ef/0x630 [ 506.176165][T18194] ? __pfx_hci_release_dev+0x10/0x10 [ 506.181527][T18194] ? device_release+0x97/0x270 [ 506.186306][T18194] ? rcu_is_watching+0x12/0xc0 [ 506.191171][T18194] ? device_release+0x97/0x270 [ 506.195945][T18194] bt_host_release+0x6b/0xb0 [ 506.200565][T18194] ? __pfx_bt_host_release+0x10/0x10 [ 506.205867][T18194] device_release+0xd2/0x270 [ 506.210468][T18194] kobject_put+0x1f7/0x640 [ 506.214930][T18194] put_device+0x1f/0x30 [ 506.219097][T18194] vhci_release+0x185/0x230 [ 506.223609][T18194] ? __pfx_vhci_release+0x10/0x10 [ 506.228640][T18194] __fput+0x3ff/0xb50 [ 506.232642][T18194] task_work_run+0x150/0x240 [ 506.237251][T18194] ? __pfx_task_work_run+0x10/0x10 [ 506.242386][T18194] ? free_uts_ns+0x16e/0x330 [ 506.247024][T18194] do_exit+0x951/0x2ae0 [ 506.251399][T18194] ? __pfx_do_exit+0x10/0x10 [ 506.256108][T18194] ? __pfx_proc_coredump_connector+0x10/0x10 [ 506.262099][T18194] do_group_exit+0xd5/0x2a0 [ 506.266610][T18194] get_signal+0x1ec7/0x21e0 [ 506.271223][T18194] ? __pfx_get_signal+0x10/0x10 [ 506.276103][T18194] ? __pfx_force_sig_fault+0x10/0x10 [ 506.281426][T18194] arch_do_signal_or_restart+0x91/0x7a0 [ 506.287000][T18194] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 506.293172][T18194] ? rcu_is_watching+0x12/0xc0 [ 506.298030][T18194] irqentry_exit+0x402/0xa00 [ 506.302658][T18194] asm_exc_page_fault+0x26/0x30 [ 506.307673][T18194] RIP: 0033:0x4021000 [ 506.311665][T18194] Code: Unable to access opcode bytes at 0x4020fd6. [ 506.318332][T18194] RSP: 002b:0000000000000011 EFLAGS: 00010246 [ 506.324422][T18194] RAX: 0000000000000000 RBX: 00007f7f8ea16270 RCX: 00007f7f8e79ce59 [ 506.332422][T18194] RDX: 9999999999999999 RSI: 0000000000000009 RDI: 0000000100000008 [ 506.340448][T18194] RBP: 00007f7f8e832d6f R08: 0000000004000006 R09: 0000000000000000 [ 506.348507][T18194] R10: ffffffff81000000 R11: 0000000000000246 R12: 0000000000000000 [ 506.356477][T18194] R13: 00007f7f8ea16308 R14: 00007f7f8ea16270 R15: 00007ffcb9ca6038 [ 506.364462][T18194] ? 0xffffffff81000000 [ 506.368628][T18194] [ 506.371723][T18194] Kernel Offset: disabled [ 506.376104][T18194] Rebooting in 86400 seconds..