last executing test programs: 8.101017443s ago: executing program 1 (id=2899): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mbind$auto(0x2000, 0x100000008, 0x2100000000, 0x0, 0x6, 0x2) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/net/rpc/auth.unix.gid/channel\x00', 0x8f3b7a51b80ebd01, 0x0) write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)="20edd9d1027e0dc0023af10e9bfa1babfa3a3753ca9aee370a", 0x19) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_clone3(&(0x7f0000000140)={0x1045100, 0x0, 0x0, 0x0, {0x2d}, 0x0, 0x0, 0x0, 0x0}, 0x58) read$auto(0xffffffffffffffff, 0x0, 0x39b8) socketcall$auto_SYS_RECVMSG(0x11, 0x0) 5.647148847s ago: executing program 1 (id=2909): close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0xff, 0x400000000000401, 0x9}, 0x9, 0x0) landlock_restrict_self$auto(r0, 0x0) r1 = open(&(0x7f00000001c0)='./file0/file0\x00', 0x222240, 0x150) unlink$auto(&(0x7f0000000080)='./file0\x00') openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x72) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) read$auto(0x3, 0x0, 0x7fffffff) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fb0\x00', 0xc2000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) listmount$auto(&(0x7f0000000080)={0xfffffffe, @inferred=r2, 0x80000002, 0x100000001, 0xc}, 0x0, 0xf4240, 0x1) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) keyctl$auto(0x1d, 0xffffffffffffffff, 0x8, 0x5, 0x8) capset$auto(&(0x7f0000000200)={0x20080522}, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000002080)='/dev/ptyv8\x00', 0x480, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/tty46\x00', 0x88a42, 0x0) r3 = open(&(0x7f0000000000)='./file0\x00', 0x222c0, 0x0) ioctl$auto(0x3, 0x4b48, r3) ioctl$auto_TIOCSETD2(r1, 0x5423, &(0x7f00000000c0)="c67a73723c7e42e8a8dfd74af9b4684d7c8a499b071d04a35b5251c70e72c79901611d02f433db4fb10cf55a690afd24b174cb4685be2ec7ac339139a465371729bfa17c7f786dfd59104b77b6c6e293787356f05c891274deb80bda988775509b06b4ab50287659bdd89998c8bc386e1444abc90c5af3ec5218044cbe7a566612423f412417f45c8a0355aff3bd3c05c8484321d378988a08593325798a6825eae95f776d951dde4afb52e0f6d2515630632d0dea21b186208030721596f0209956ca6a7466e11aa5e12c1861df77f6e4ac101806209e6f5f94710b009c0f6fc820e6818eb4fee2a78146") 5.543059734s ago: executing program 1 (id=2910): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x0) r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram2/partscan\x00', 0x80200, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) poll$auto(&(0x7f00000003c0)={0xffffffffffffffff, 0x1000, 0x5}, 0x9, 0x9) openat$auto_vsock_device_ops_af_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x141000, 0x0) recvfrom$auto(r0, &(0x7f00000003c0), 0x8001, 0xe5ab, &(0x7f0000000400)=@in={0x2, 0x4e22, @empty}, &(0x7f0000000440)=0x6) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) io_uring_setup$auto(0x5b, &(0x7f0000000080)={0x7fffffff, 0xe, 0x2, 0x6, 0x5, 0x8, 0xffffffffffffffff, [], {0xd74c, 0x10000, 0x1, 0x29f, 0x100, 0xfff, 0x101, 0x6, 0x2}, {0xfb, 0x1001, 0x10001, 0x7, 0x1, 0x40, 0x100, 0x402005, 0x100000005}}) r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000240)='/dev/binderfs/binder0\x00', 0x80000, 0x0) r2 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/pcmC1D0c\x00', 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_STATUS642(r2, 0x80984120, &(0x7f0000000180)={0x8, "744fc3c9", 0x3, 0x401, 0xfffffffffffffff9, 0x8000, 0x10fac199, 0x3d02, 0x17fc, 0x2, 0xfffffffffffffffc, 0xfffffffffffffff7, 0x401, 0x9, 0x1, 0x200, 0x3, 0x3, 0x0, "dc6cdb104b5e79ab12df9bade8f4a1310a94b996"}) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/input/event1\x00', 0x40000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0xffffffffffffffff, 0x1, 0x5, 0x4, 0x15f4da0e, 0xffffffff, 0x9, 0x100000000000000c, 0x8, 0xfffffffffffffffe, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r1, 0x8000) socket(0x2, 0x1, 0x106) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x7, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) getpeername$auto(0x3, 0x0, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/stable_node_dups\x00', 0x20000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, 0x0, 0x0) close_range$auto(0x2, 0x8000, 0x0) 5.040552069s ago: executing program 0 (id=2915): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) memfd_secret$auto(0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) ftruncate$auto(0x3, 0x700) statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) sendmsg$auto_L2TP_CMD_SESSION_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0xd2}, 0x240040c4) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000040), 0x1a1f42, 0x0) openat2$auto(0xffffffffffffffff, 0x0, 0x0, 0x9) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/pcrypt/pencrypt/parallel_cpumask\x00', 0x80302, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sda1\x00', 0x2000, 0x0) socket(0x10, 0x2, 0x0) prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_OFF(0x7, 0x0, 0x0, 0x9, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='*\x00%i'], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x44) sendfile$auto(0x3, r1, 0x0, 0x100400000000006) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) sendfile$auto(r0, r0, 0x0, 0x1) keyctl$auto(0x17, 0x4, 0x7fffffffefff, 0x400, 0x0) listen$auto(0x3, 0x83) r2 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f00000028c0), 0x100, 0x0) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f0000000000)="c80d1b5d529b", 0x6) ioctl$auto_USB_RAW_IOCTL_EP_READ(r2, 0xc0085508, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) socket(0x23, 0x3, 0x80000300) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) 4.536972536s ago: executing program 1 (id=2916): remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) 4.42911968s ago: executing program 1 (id=2917): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mbind$auto(0x2000, 0x100000008, 0x2100000000, 0x0, 0x6, 0x2) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/net/rpc/auth.unix.gid/channel\x00', 0x8f3b7a51b80ebd01, 0x0) write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)="20edd9d1027e0dc0023af10e9bfa1babfa3a3753ca9aee370a", 0x19) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_clone3(&(0x7f0000000140)={0x1045100, 0x0, 0x0, 0x0, {0x2d}, 0x0, 0x0, 0x0, 0x0}, 0x58) read$auto(0xffffffffffffffff, 0x0, 0x39b8) socketcall$auto_SYS_RECVMSG(0x11, 0x0) 4.223656335s ago: executing program 2 (id=2918): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/workqueue/nvme_tcp_wq/max_active\x00', 0x182b02, 0x0) sendfile$auto(r0, r0, 0x0, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_DEL(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x20, r2, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@OVS_VPORT_ATTR_UPCALL_STATS={0x4}, @OVS_VPORT_ATTR_PORT_NO={0x8, 0x1, 0x8000000}]}, 0x20}, 0x1, 0x0, 0x0, 0x8800}, 0x4000000) r3 = socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0xc84f) r4 = socket$nl_generic(0x10, 0x3, 0x10) write$auto(0x3, 0x0, 0x7fffffff) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x1c, r5, 0xb01, 0x70bd27, 0x25dfdbfc, {}, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4000084) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000002680), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_DEL_DAEMON(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1cd99f00", @ANYRES16=r8, @ANYBLOB="01002dbd7000fbdbdf250a0000000800038004000100"], 0x1c}, 0x1, 0x0, 0x0, 0x40014}, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x2800, 0x0) mmap$auto(0x200000000000, 0x5, 0x4, 0x40eb2, 0x401, 0x300000000000) mq_getsetattr$auto(0x3, &(0x7f00000000c0)={0x0, 0xf, 0x80000000002, 0x4}, 0x0) stat$auto(&(0x7f00000008c0)='./file0\x00', &(0x7f0000000900)={0x101, 0x3, 0x2a31, 0x8, 0xee00, 0xee00, 0x0, 0x890, 0xe, 0x1, 0xffffffffffffffff, 0xc5d9, 0x6, 0x1000, 0x0, 0x80000000, 0x7fff}) sendmsg$auto_IPVS_CMD_SET_CONFIG(r3, &(0x7f00000011c0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001180)={&(0x7f0000001200)={0x7a4, r8, 0x200, 0x70bd25, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x3d4, 0x2, 0x0, 0x1, [@nested={0xca, 0xf8, 0x0, 0x1, [@nested={0x4, 0x139}, @generic, @nested={0x4, 0xbc}, @typed={0x8, 0xd7, 0x0, 0x0, @fd=r0}, @typed={0x76, 0x116, 0x0, 0x0, @binary="eab2fbe6bb915fa67855d59c55b982a615b16f1297efd29f3296154a865247d1cfc7038510eb1a494c759451cf80b7a150dbbacdd2e25cacf1e2d79ba188757b6130c5f6347d8ca5c951c422bbcdab4c3f8f8de978933ab75292e651ecafc99257fdb390d5ad732fd08d6cdcee1d33b34d95"}, @generic="c7effdd3ef38db64ce0fa928369bc23abc7b888f6fc358a647734c5eae5e86f73686246f823ca4a1e735a73a31a0b62e1232334c50df", @typed={0x8, 0x52, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x30}}]}, @generic="1e4e956cebfd639b6bbdde54353c48b56500d44b9aa0868784b4673742c12a5a322030ef856d6792f6bcc7b0367e275046c71158d339bac0d3dcf9801bdf9c950a160f7974aaf9c48b33af1df8ff60aa3df64c9a7542a59cfefd87cf42634fd5f7e9449f7e031f2635e5df8be9d2488ea52e7b17bdfdac5d7e924949318d15613d31b69d661009fe851b6ab636f3a4aad11203a1ff7702722ac9f0c1", @nested={0xdd, 0xcf, 0x0, 0x1, [@generic="da2b6f6285908475dbb93d2365dd573d4d12458228b2c6604e85b5bf147f016101ec27fdfc35b1271f70a0d5313c39a3063fc5507b734b623949052ad93e6e207ed29d933ca4b7b72a950c70d66cab60e521fec26de8ae6574b1572b04eda705fcb1deaa15abe8fa579beb3dc91d0bdc5bd7d76b02dba88bedd258bc8cc45ab1bcbe45393b96a3af1dbe85285d6f96a673491e1e02a9d3da393b0a42345b579f71d425c3761dbb6ce0336161b81f5539aee6a0dd8aac580ef1dd0412681b146cd10277b804749cb4868b35e91de5973f8b7f6fd2b8add90cd9"]}, @nested={0x139, 0xea, 0x0, 0x1, [@generic="ea80ea4e3138a61f9ca73462ba0642637c4264137e4b92c88e959aa9cf42f8c2684a3b2cc184be", @nested={0x4, 0xc}, @typed={0x8, 0x119, 0x0, 0x0, @fd=r0}, @generic="a22ff47271aacdc2514d8ef2e595f88e28cd13540a0f7352315c51609cf57dc231b21e317ac156f07135c290ffe885e395ccaec90fae02b4cc2f5716880800777b852e68ea17e687b801e85ff4a05fae7b14853e9947e52c64ae2a1a3dc80bd30b5b06e1b16e22b7d3237aad8d75b124cf24351a61619fc173f7c73fc969fc98f265806bdc4dd2c14ff2d1793c2b9fb06b2fbbbd3c08d429486d38249bce3ac5746e5bd1a176578b2f", @generic="b583f1a56bc5f513c7f50e74f2b24fad08a29bf18669affbc59ff6e7a7bc246e8a4d29364747200936d42a52a1f0b8b0e5b289c7f4e24e20c6a9fa685af33ba15949340f26609efa24a840d713", @nested={0x4, 0x3a}, @typed={0x8, 0x133, 0x0, 0x0, @uid=0xee01}]}, @generic="f091f27621721644e22071b183e7fab770a5f303dd9b6855251f6c280374d7c208025ab0ac858e22ef88340bb98e53c00662e32ce7de0bbfec60f39fc5db67c6b631ed71f4fd3d3805f9956a"]}, @IPVS_CMD_ATTR_DEST={0x38c, 0x2, 0x0, 0x1, [@generic="fa09583c92d88d9357a855b7e6317bf0e920a0a965c39be9c79ed106ade9e7ce3685a22422937867cec0c93e259d11c1af2e9da46ca17c8580747226cca0cbeba31e8307b99ccdf2766d92eb5892dfc87cd7c8d0bb52e2e1ccaf3e1408b95e5a37c0a5469e75bcb56dd01a940531c07254654ac9dd110e665de424130784245eedb7586bdc328a2dc9bcac5bf693f81baf04eb4b52339a1edb26b45c3807d22194ceaedebba187a7f27e7da2658b215766613a68b7519318d2cc785d15e4a9db45265823a940645574b1954b27f499a384dfc0b0ebbf3b6ccfb1cc3244261a7d4a880d3f67b434512908d6ca71c80b855cdb517c6ab92245", @nested={0x103, 0x9e, 0x0, 0x1, [@nested={0x4, 0x37}, @generic="aa183ad2fee9c9fec91a39559f6c1411bd98e9af57677868181eb45a0fae61635465ed8c3c091b3069b720bdde844b8dd5346c36eb51cee134ab8fafeed773d646aa003475dc53a116f11a1f610ab6aeedb1f129325a1456d894ee087d045250bfb72b829370360ca83f4956bfa4e22ba1102286d1b13a57d39608c0e2424998cc4888fae133beb9f6970962dee73863e0a417b24061a78dd02bd3bcfed3f9588b44c9747db1882e6417ed08ef8ec2689e866b713de1a434088a7d5d109fab9ebd94471fcca3a9be49b053ee955b03bf0423dae5582c964fb810d5673363432f28b3a7f9408372c9b1e7d7226049be9a0717b99636a42c121351a0"]}, @nested={0x11e, 0x105, 0x0, 0x1, [@nested={0x4, 0xe3}, @generic="6a11cd73a0dc4157fa1cc1964cbad8388c7331f66cdfbabcf2da48425f24d9ec30a9e00cd07ed6efcbf6408b126c723080bbb004f754ab4db9d06ee09ee6930d036fab496ca80050ddfb9fce8d5b57ecce43dbf4a99b9cf265d289d662dc4e160bd805cd717d6ff4d16691593fb48e274e36bacb46bcd460ad2dedb7504f4296af263527888362f4beb0b43ba875d2042342743c0f3fdb765d2e3018318a68e93a67f5fe7eabf339b00016cee95049824b4802182d9e84e134fd995516ff235256d0737af50b4a818d77b2c3ef6f2d18f34a72756c6c0e6f0585d7fed792629ac72b65482f8a3cae82a024fc428071e7cabc", @nested={0x4, 0x156}, @nested={0x4, 0x36}, @typed={0x4, 0xa1}, @nested={0x4, 0xa}, @typed={0x8, 0x12c, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, @nested={0x4, 0x18}, @typed={0x8, 0x12d, 0x0, 0x0, @u32=0x2}]}, @nested={0x69, 0xec, 0x0, 0x1, [@typed={0x14, 0x19, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}, @typed={0x8, 0x106, 0x0, 0x0, @uid=r9}, @generic="296be2685d101cc74b101423f58f7c36387aca70ea3fab68b3bd538cfec5895de9be555026e8ff4fff45971f8b574fd331a26fec5e3a46f73d1b86b57d8ef155a70584aba1a01af19e"]}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3a}]}, 0x7a4}, 0x1, 0x0, 0x0, 0x804}, 0x40801) sendmsg$auto_NL80211_CMD_GET_MPP(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="18000007", @ANYRES16=r6, @ANYBLOB="010b28bd7000fedbdf256b00000004000d01"], 0x18}, 0x1, 0x0, 0x0, 0x804}, 0x4000890) msgctl$auto(0x80000000, 0x5, &(0x7f00000000c0)={{0xfffffffa, 0xee00, 0xee01, 0x3, 0xfffffffb, 0x4, 0x7ff}, &(0x7f0000000040)=0x5, &(0x7f0000000080)=0x81, 0x7, 0x8, 0xffffffffffffffff, 0x3, 0x800, 0xa9, 0x2, 0x5, @raw=0xff, @raw=0xff}) openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000000840)='/dev/media4\x00', 0x280042, 0x0) shmctl$auto_SHM_INFO(0x9b, 0xe, &(0x7f0000000240)={{0x7, 0xee00, 0x0, 0x6f, 0x2, 0x2, 0x101}, 0x7, 0x4000000000000000, 0x3ff, 0x5, @raw=0x9, @inferred=0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000140)="77b889cfca66b2e50f154e410ef02488f17c86bd8d92c27ffdb7b0e786c14554f98a8e3aa15fdf8351bd7c99ea68387dcfbc877c8657084079469b62880a", &(0x7f0000000180)="54a9681f7803c3e63836976a684ca4ecd57bcb51a88ea19a4d80ab07243ed0eb8dab6800f0b4f2a3b6cc4f10490573255791c0327a6d579c53a29b4a0a276db1656dd37a054066b8bba1f258fd74b187b80ae4165aac863556242f903b376a7996781e3c2e5778a30dad450e1c3b889ecd99cf963d8561fc078fd37ca4aa1979f61dda2ce5bbb6be0649cf5d5b8f318c1ac7c3ce853edefcd09988645d472192a83858cc79031da0"}) r12 = semctl$auto(0x4, 0xe49c, 0x80000001, 0x8) sendmsg$auto_NL80211_CMD_DEL_STATION(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000340)={0x45c, r6, 0x100, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x1}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x8}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x9de}, @NL80211_ATTR_WDEV={0xc, 0x99, 0x3}, @NL80211_ATTR_MAC_MASK={0xfe, 0xd7, "ca1959b3ce5c82cb5fbd5865a0b3f7bd6f13cdf3b58f55dced145aa075572f446c26658a5d5948caed9edc75f8ec895dba2431668023f83731045b1f04ee5d1ac5aa8a1832c673d068076973683fdc5b51bf1bd22ab229742dfbedbcbf6d85efa7edb003f9a2b550369835e81a342b5b7d0b7b8bb1b3147c3d187cfdd402677212cea8d3bec1e3476e005ae1e933ad8e7d793f51a4713f28e564f50915b8a8680d4cf239961aedda07985d63b101439a4f35e080d90adbb209b0916961966e7357540366a858a6f464f2aa7c260115fb8ec800c3002ff7946273508778335ef9501ec7a3857e37c830c8e6f087d43469c09d8d8b30c190a59324"}, @NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0xe}, @NL80211_ATTR_CSA_IES={0x312, 0xb9, 0x0, 0x1, [@typed={0x8, 0x11f, 0x0, 0x0, @u32=0xfffffeff}, @nested={0x1ae, 0x104, 0x0, 0x1, [@nested={0x4, 0x52}, @generic="063489a0a688c7dcd87421c5c5f304c005706b4662dde1dbe51ee0aef92c3bfd6afa8915758535d2c8f226815d4c1c72ea136c05b7e3a70145a018fa5376f7e51b9b4785f9883bcbf310daf1252dd4b7320b5372de409cd966d22fcb3c99a9121c42bcf61c009ea7b61ac75c52501667266fca9eb681013b0ebee2029fe0472f0a25ef0624a736dc67ab8d004579b222d64a3b6bbc6897d51b5b082f5bcd307d5588a1bc36292167f578a8f4311e79f41c191978a9f09a1a4dfdfcfa2bef", @generic="1691f22af81b9758ae7926d2c5d36784c7f5ac335a10cb53d47ea808d365aa00449be608745edcdac140807e6777046e3791d92d71395c8b627c4e96d495f7d69e36bf1800a19345f41258bfdc353ef559237031a25ea0c6d03e030023b7c2ade997672bf6c8f19b9377b9a8c44595b139560ce0d5438e3769", @nested={0x4, 0xdf}, @typed={0x14, 0xcb, 0x0, 0x0, @ipv6=@loopback}, @generic="e6261741ecfc644fe052061db32f4baa0f44f7f86bc18ce60144342b4e0930c68408081b1f5aa3b7a40f32395121f413e37ceef7ce2b67f147cdf73303c8a4575b3f6bc482dfb85bc3842dad87fe50", @typed={0x8, 0x1f, 0x0, 0x0, @uid=r10}]}, @generic="46d21a93d4cbcdbb7c6a601ecccf22f1f56c21165ce1523bd68b0a44d71906961b819c733b08a3ef81f67114ef0c965411350bc3fd3e377ea291f8199b1817c3ff8b62b2c15753a0577689f991298bea2915d819bbb821ffae2fb4647fb6fc57d1fb41a0b7f0d316f946a556d8d8bae5c18e0fc97fdde82ce9937a88c12d9227337c9f7305e6307ab73800fadc9184d2e6e601bb99094b80b81a0d096685a34de196113bfea69916bf28106041daa2c9634e05655485aa68474282165525020ef825880bf536", @nested={0x68, 0x47, 0x0, 0x1, [@typed={0xd, 0xbd, 0x0, 0x0, @str='%[!{)\xe2}%\x00'}, @typed={0x8, 0x10f, 0x0, 0x0, @uid=r11}, @nested={0x4, 0x66}, @generic="9ab875b935ae67cf8e250253363f9b17697e0f04bd8ba4639f317fa08b7faf5fdac04779e7e9a7d4ea7315bbd442bb2c5ddb4beb150b2baddd688273", @typed={0x8, 0xd, 0x0, 0x0, @ipv4=@rand_addr=0x64010100}, @nested={0x4, 0x70}]}, @typed={0x8, 0x149, 0x0, 0x0, @fd=r0}, @nested={0x20, 0x12f, 0x0, 0x1, [@typed={0x8, 0xf3, 0x0, 0x0, @fd}, @typed={0xc, 0x131, 0x0, 0x0, @u64=0x5}, @typed={0x8, 0xc1, 0x0, 0x0, @pid=r12}]}]}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x7}]}, 0x45c}, 0x1, 0x0, 0x0, 0x4004004}, 0x4044000) syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000009c0), r7) 4.015041384s ago: executing program 0 (id=2920): r0 = socket(0x2a, 0x2, 0x6) mbind$auto(0xf000, 0x8000000000000001, 0x100000000, 0x0, 0x6, 0x2) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x80d00, 0x0) mmap$auto(0xcb62, 0x100, 0x8000000061, 0x9b72, r1, 0x8c) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x100000001, 0x4000000000df, 0x8010, 0x401, 0x8003) connect$auto(0xffffffffffffffff, 0x0, 0x2) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/stat_refresh\x00', 0x101382, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xf15a}, 0x6, 0x8, 0x5) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x2000, 0x0) r2 = creat$auto(0x0, 0x0) ioctl$auto_SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000000240)="7040efb7") socket$nl_generic(0x10, 0x3, 0x10) socket(0x8, 0x3, 0x0) readv$auto(0xffffffffffffffff, &(0x7f0000000040)={&(0x7f0000000840)="2b7fcc4752320aac9185147a06d8c2da166a5703ee90111fc8719b7dca716a15309c64efaa855e16f671e25a5285d1e963ebd97a431f39cd00962b03cadf7c55d8dc519f9f8145d1a039656ddea7b2a205767f7155c96fd61bdb1e3486467087f2b4cd0322df7b107fdc181f6e18f4b035805a5ac58894a90d414d03eb922b70baa147e760f5f970dc57f6", 0x3}, 0x85) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f0000000000)="c80d1b5d399b4b", 0xfdef) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xffffffffffffffff, 0x8000) write$auto(0x3, 0x0, 0xffd8) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = io_uring_setup$auto(0x6, 0x0) socket(0x1e, 0x2, 0x0) newfstatat$auto(r4, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x5, 0xffffffffffffbca6, 0x3, 0x10000, 0xee01, 0xee00, 0x0, 0x6, 0x0, 0x5, 0xfffffffffffffffa, 0x0, 0x8, 0xbee0, 0x97, 0x9, 0xed}, 0x7fff) shmctl$auto_IPC_STAT(0x56e, 0x2, &(0x7f0000000440)={{0x9, 0xee00, r5, 0xbe6b, 0x5, 0x8, 0x7ff}, 0x5, 0xfffffffffffffffd, 0x200, 0xd, @inferred=0xffffffffffffffff, @raw=0x101, 0xb353, 0x0, &(0x7f0000000280), &(0x7f0000000380)="f5ac7258843dffd7933d8cef85a334429a9189f7a5ae4ede57b3698f3f4b762b21c1e47ec4d09c24efc5b1609253d05a2fa6de6a2dc84dbab7127104ed91d0e738ee0dfb202ce02f25801bab92d8b150804fe615706deadced72be7d3bffcdc33b8da75b6eb40a74c43a59d06f28d9b7aa716e42f1377a9640"}) shutdown$auto(0x200000003, 0x2) bind$auto(r0, &(0x7f0000000240)=@qipcrtr={0x2a, 0x0, 0x7fff}, 0x6b) 3.919233497s ago: executing program 2 (id=2921): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x200, 0x2010000000000) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x400, 0x3d4, 0x8, &(0x7f0000000000)=0x8) socket$nl_generic(0x10, 0x3, 0x10) inotify_init1$auto(0x3000000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) ustat$auto(0x801, 0x0) r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000080), 0x48040, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x40146f2c, 0x0) bpf$auto(0x0, &(0x7f0000000200)=@bpf_attr_11={0x5, 0x3ff, 0x2, 0x81, 0x8689, 0x9ef, 0x6c38}, 0x14) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x10040026f34, 0x0) ioctl$auto(0x3, 0x40044900, 0x38) 3.860196546s ago: executing program 3 (id=2922): r0 = open(&(0x7f0000000800)='./file0\x00', 0x3cfb40, 0x39642ae5d3121abb) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) semget$auto(0x0, 0x13c, 0x1ff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x23, 0x0) socket(0xa, 0x1, 0x84) shutdown$auto(0x200000003, 0x0) select$auto(0x4, 0x0, 0x0, 0x0, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, 0x0, 0x4) (fail_nth: 2) ioctl$auto_IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x6) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x88c0, 0x0) mq_open$auto(&(0x7f0000000000)='\xd7\'^(-\x00', 0xfffffffb, 0x10, 0x0) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x2482, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/advisor_max_cpu\x00', 0xa001, 0x0) write$auto(r2, &(0x7f0000000200)='/dev/dvb/adapter0/frontend0\x00', 0x3) sendmsg$auto_NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB], 0xc4}, 0x1, 0x0, 0x0, 0x48485}, 0x20000000) mmap$auto(0x0, 0x4020009, 0x40000000df, 0xeb1, 0x401, 0x8000) openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/trigger\x00', 0x1, 0x0) 3.642916144s ago: executing program 0 (id=2923): openat$auto_tracing_total_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x8a2c0, 0x0) close_range$auto(0x0, 0x5, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/vivid.0/video4linux/video62/name\x00', 0x100, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card0/pcm0p/info\x00', 0x1b04, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x0) mmap$auto(0x0, 0x9, 0xdb, 0xeb1, 0x401, 0x8004) setreuid$auto(0x4, 0x8) futimesat$auto(0xda, 0x0, 0x0) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) fcntl$auto(0x3, 0x4, 0xa553) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/ext4/sda1/mb_stats\x00', 0x40000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mq_open$auto(&(0x7f0000000180)='%\\/%$.+{&\x00', 0xf, 0xfffa, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x24) 3.306655413s ago: executing program 2 (id=2924): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) (async, rerun: 32) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) (rerun: 32) prctl$auto(0x3e, 0x8001, 0x0, 0x1, 0x0) (async) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (async) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/snmp6\x00', 0x568640, 0x0) read$auto(r0, &(0x7f0000000000)='veth1\x00', 0x10) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async, rerun: 64) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (rerun: 64) unshare$auto(0x40000080) (async) mmap$auto(0x0, 0xf, 0x3, 0xeb1, 0xffffffffffffffff, 0x10000000008000) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x169000, 0x0) ioctl$auto(r1, 0xc040564a, r1) (async) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000540), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_GET_RADIO(0xffffffffffffffff, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="c85728bd700548dfc525060012e3233c0500258848926ac93886154fc1db4f84d509005f2b554a8a6c0000"], 0x14}, 0x1, 0x0, 0x0, 0x884}, 0x48030) (async) read$auto(0xffffffffffffffff, 0x0, 0x7f) (async) mprotect$auto(0x8000, 0x8, 0x8) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, 0x0) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002bbd7000fcdbdf2504"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) mmap$auto(0xfffffffffffffffc, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x3) (async, rerun: 64) syz_clone(0x4100000, 0x0, 0x0, 0x0, 0x0, 0x0) (rerun: 64) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/veth1_to_team/rp_filter\x00', 0x141241, 0x0) (async) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) recvmmsg$auto(0x3, 0x0, 0x9, 0x0, 0x0) (async) mmap$auto(0x0, 0x4000000, 0x61, 0x1800000000000010, 0xffffffffffffffff, 0x40000007ffc) mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) 3.306305313s ago: executing program 3 (id=2925): unshare$auto(0x40000080) mmap$auto(0xffffffffffffffff, 0x2020004, 0x203, 0xeb1, 0xffffffffffffffff, 0x208000) bind$auto(0x3, 0x0, 0x6d) rseq$auto(0x0, 0x8000, 0x0, 0x6) openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/free_buffer\x00', 0x20103, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r0, 0x1000000000008000) write$auto_trace_options_core_fops_trace(0xffffffffffffffff, &(0x7f0000000140)="f95afc1373a7abecac0abbfe6077c056b1a4d5461b078edd7b5c3403d518da5ab2553196a0e1c7b3d26bd96c35aec29c3d012af30173164480dff4409f8806ea9ee8a66091fa0c240f35cd4121e71313f71c3de24bc1b696300c49c221a33e8cf65c714d5d6f21eedc463cb16db74744e533ff74261df1f62339fe0d288a62c2d2789723", 0x84) madvise$auto(0x0, 0x2000040080000004, 0xe) socket(0x2, 0x801, 0x6) madvise$auto(0x0, 0xffffffffffff0005, 0x17) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="05082dbd7000ecdbdf257e000000"], 0x14}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/bond0/bonding/arp_validate\x00', 0x2002, 0x0) sendfile$auto(0x3, r0, 0x0, 0xffff) fanotify_init$auto(0x5, 0x0) mmap$auto(0x0, 0x5, 0x7, 0x400ff, 0xffffffffffffffff, 0x10008003) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) io_uring_setup$auto(0x5, 0x0) mknod$auto(&(0x7f0000000240)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x01\x00\x00\x00\x00\x00\x00\x00\xaeR\x81\r_\x0e\x19\b\x85\bvv(e\xdax)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbH\xd3^aD\x87\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x1c\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e\x00\x00\x00\x00\x00\x00\x00\xf1p\xeb\xe9(%\x89\xef\x85\xdfr\xce\x00\x00\x00\x00\xff\x00\xa2M\'d\x12\x1c\x12\xca\xa5_\x8d\xdf\xc5\x8d\x19?\xfc~\xb3X\x14\xa7\xa9M\x87\xfcTW\x1bR\xbci\x8d\x8aNEO\xb3~~\xa8\xa6\x894\x80;s\xb7\xa3V\x1b\x14|\x9e\xd4\x05\x85\x0f!\xab-E\'\x97Y\xb7\xe8fMv_\xf8\xa0S\xef\xb7\b\xe7!T.g\x92\x87\t$\x06\xa4\xfb\x83\x8c\x17^\x82\xe7\xd3\xf6q\x1a\xa0\xf82[W\x90\xdd\xe3\xde\xa9\xde\x94`-\x9a\x1e}\xebO*\xb85,v.\xfc5\xba?vlt\xda%\x06a\x15I\x1f\xe3\x05+\x810T2\xf9\x9b\xc7\xd1\t\x03\xf2\x8d\x8a\x90\xb54\bH<9\xf1\x91 D\x85g,\xaa\xca\xcd\xd5\xcb\x9a\xb1j\xf2F\xce\x14\x92\xf9\xd7\xec\xc5\x1e\x8aq2\xce\x881f\xd7\xd4\x9e\xf6\xb6P\x01\xe8T\xb5X\xb9d-I\xd6\x91\xc3\xe2\x88S\x82l=\x02t$p\t\x8cY\x06\r\x83\xb0\x86\xc6\x84\x1c\xce\xb6\xf0\xdfC\x9fj<\xfe\xa4\x1f\x82L\xe4\x13+H\x00\x00\x00\x00\x00\x00\x00\x01M\x16\xa0\xbeB6\xfb\xa2-\x17\x93Q\x9fKusl5\xa2$M\xb4\x18\x1db\xf3\xce\x8c\xe5Rna\xd5\xbbQ\xc7\xa7+\vH\xc1l\x1bIv\xe8_\x00', 0x1085, 0x9) acct$auto(&(0x7f0000000480)='u[,&*}\x00\a\x00\'\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x0f\x18\xc5\x82-s\x83\xe6\xaeR\x81\r_\x0e\x19\x12\x85\bvf(e\xday)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbHL9aD\xb4\x80\xed\xba>\"\xb6\x7f\xa3f\x1d\a\xa1\x87\x84uA\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e') open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0xb3) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, 0x0) mmap$auto(0xfffffffffffffffc, 0x2020009, 0x3, 0xeb4, r2, 0x2) close_range$auto(0x2, 0xa, 0x0) 2.507641933s ago: executing program 0 (id=2926): openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) r0 = openat$auto_rfcomm_sock_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x200, 0x0) lseek$auto(r0, 0x8000, 0x0) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) move_pages$auto(0x0, 0x1001, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) socket(0x2, 0x1, 0x106) connect$auto(0x3, 0x0, 0x54) pwrite64$auto(0xffffffffffffffff, &(0x7f0000000200)='/-\xc4-\'(])\x00', 0x8, 0x3) write$auto(0x3, 0x0, 0x1) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ram5\x00', 0x14fa02, 0x0) sendfile$auto(0x3, r1, 0x0, 0x400000000006) sysfs$auto(0x2, 0xd, 0x0) unshare$auto(0x40000080) mmap$auto(0x3dbcb68f, 0x7ff, 0xffb, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1, 0x1, 0x0, 0x402, 0xdd16) mseal$auto(0x0, 0x7dda, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa142, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cec10\x00', 0x101901, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00"]}) ioctl$auto_CEC_TRANSMIT(r2, 0xc0386105, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r3 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r3, &(0x7f0000000440), 0x0) 2.147428325s ago: executing program 3 (id=2927): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer1\x00', 0x180, 0x0) ioctl$auto_OSS_ALSAEMULVER(r2, 0x40086602, &(0x7f0000000100)) r3 = gettid() ptrace$auto(0x10, r3, 0x4, 0x7ff) r4 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/block/loop6/rqos/wbt/id\x00', 0x101a00, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r4, &(0x7f0000000340)=""/179, 0xb3) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r5 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154) execveat$auto(r5, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x10000) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f0000000200)='5', 0x1) syz_genetlink_get_family_id$auto_nl80211(0x0, r6) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) (fail_nth: 1) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000080)) mbind$auto(0xffffffffffffff00, 0xff, 0x9, &(0x7f0000000040)=0x100, 0x3, 0x7) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x8001, 0x0) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004) r8 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000b00)='/proc/self/smaps\x00', 0x42000, 0x0) read$auto_proc_pid_smaps_operations_internal(r8, 0x0, 0x0) 2.06931096s ago: executing program 2 (id=2928): r0 = socket(0xa, 0x3, 0x3c) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto_SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f0000000040)) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7ffd) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) r1 = socket(0xa, 0x5, 0x0) getsockopt$auto(r1, 0x0, 0x50, 0x0, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) ioctl$auto(0xffffffffffffffff, 0x4b3b, 0x9) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x9, 0x0, 0x0, 0x0, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmsg$auto_CTRL_CMD_GETFAMILY(0xffffffffffffffff, 0x0, 0x48050) write$auto(r0, &(0x7f0000000080)='+&\x00I\xaar\x1c\xbb\xde\ah\x15,\xeb|\x85\xe8\x97Z\xc30\xae}\xa1\x17K(\x80]]\x8d\xb5\xeb-\x9d\xc1\xceU\xbb_\xcf\xe8#U\xd0_|\x15f\x92\xaa\x9f\xa0l}7z#u\xf6\xd1\xe1\x8d\x05=w\xf1\xb9K\xf4\\\a\xdf\x87\xbb\x03d6\xe1\x14\xb1|\x98\x82$\xf3\xb2\xcf\xb7\x7f\xf8f*/\xc2\x82\x8c2\x8d^\x10\xc6\x1cs', 0x263f) 1.705997072s ago: executing program 0 (id=2929): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) memfd_secret$auto(0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) ftruncate$auto(0x3, 0x700) statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) sendmsg$auto_L2TP_CMD_SESSION_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0xd2}, 0x240040c4) r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000040), 0x1a1f42, 0x0) openat2$auto(0xffffffffffffffff, 0x0, 0x0, 0x9) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/pcrypt/pencrypt/parallel_cpumask\x00', 0x80302, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sda1\x00', 0x2000, 0x0) socket(0x10, 0x2, 0x0) prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_OFF(0x7, 0x0, 0x0, 0x9, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='*\x00%i'], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x44) sendfile$auto(0x3, r2, 0x0, 0x100400000000006) sendfile$auto(r1, r1, 0x0, 0x1) write$auto_proc_mem_operations_base(r0, 0x0, 0x0) keyctl$auto(0x17, 0x4, 0x7fffffffefff, 0x400, 0x0) listen$auto(0x3, 0x83) r3 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f00000028c0), 0x100, 0x0) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r4, &(0x7f0000000000)="c80d1b5d529b", 0x6) ioctl$auto_USB_RAW_IOCTL_EP_READ(r3, 0xc0085508, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) socket(0x23, 0x3, 0x80000300) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) 1.161184185s ago: executing program 2 (id=2930): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) memfd_secret$auto(0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) ftruncate$auto(0x3, 0x700) statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) sendmsg$auto_L2TP_CMD_SESSION_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0xd2}, 0x240040c4) r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000040), 0x1a1f42, 0x0) openat2$auto(0xffffffffffffffff, 0x0, 0x0, 0x9) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/pcrypt/pencrypt/parallel_cpumask\x00', 0x80302, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sda1\x00', 0x2000, 0x0) socket(0x10, 0x2, 0x0) prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_OFF(0x7, 0x0, 0x0, 0x9, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='*\x00%i'], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x44) sendfile$auto(0x3, r2, 0x0, 0x100400000000006) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) sendfile$auto(r1, r1, 0x0, 0x1) write$auto_proc_mem_operations_base(r0, 0x0, 0x0) keyctl$auto(0x17, 0x4, 0x7fffffffefff, 0x400, 0x0) listen$auto(0x3, 0x83) r3 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f00000028c0), 0x100, 0x0) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r4, &(0x7f0000000000)="c80d1b5d529b", 0x6) ioctl$auto_USB_RAW_IOCTL_EP_READ(r3, 0xc0085508, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) 985.19631ms ago: executing program 3 (id=2931): mknod$auto(&(0x7f0000000080)=':,\x00', 0xcb, 0xfffffffa) execve$auto(&(0x7f0000000100)=':,\x00', 0x0, 0x0) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = socket(0xa, 0x801, 0x100) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x10001) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, 0x0, 0x2) mmap$auto(0x6, 0x8, 0x3, 0x800000000000eb1, r0, 0x8000) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0x2741, 0x0) ioctl$auto(r2, 0x5522, 0xf15) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8001, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) r3 = ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x68) ioctl$auto_FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f00000002c0)="368fd0676c3430e258708de1c82eee38b06302f33fc0006bb9f6038ebc49956938598f238c1e0c05b8bce8dbf18d148ce13178f3f9d5b4ac55444d455b01b07eafe43fb01fcd0f8cefb5cb7ee15131be994100"/101) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) prctl$auto(0x2, 0x20c846, 0x0, 0x0, 0x0) execve$auto(&(0x7f0000000040)=':,\x00', &(0x7f00000000c0)=0x0, &(0x7f0000000200)=&(0x7f00000001c0)=':,\x00') socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x1b) close_range$auto(0x2, 0x8, 0x0) 823.794804ms ago: executing program 3 (id=2932): openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) r0 = openat$auto_rfcomm_sock_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x200, 0x0) lseek$auto(r0, 0x8000, 0x0) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) move_pages$auto(0x0, 0x1001, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) socket(0x2, 0x1, 0x106) connect$auto(0x3, 0x0, 0x54) pwrite64$auto(0xffffffffffffffff, &(0x7f0000000200)='/-\xc4-\'(])\x00', 0x8, 0x3) write$auto(0x3, 0x0, 0x1) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ram5\x00', 0x14fa02, 0x0) sendfile$auto(0x3, r1, 0x0, 0x400000000006) sysfs$auto(0x2, 0xd, 0x0) unshare$auto(0x40000080) mmap$auto(0x3dbcb68f, 0x7ff, 0xffb, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1, 0x1, 0x0, 0x402, 0xdd16) mseal$auto(0x0, 0x7dda, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa142, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cec10\x00', 0x101901, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00"]}) ioctl$auto_CEC_TRANSMIT(r2, 0xc0386105, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r3 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r3, &(0x7f0000000440), 0x0) 607.654178ms ago: executing program 1 (id=2933): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) memfd_secret$auto(0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) ftruncate$auto(0x3, 0x700) statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) sendmsg$auto_L2TP_CMD_SESSION_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0xd2}, 0x240040c4) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000040), 0x1a1f42, 0x0) openat2$auto(0xffffffffffffffff, 0x0, 0x0, 0x9) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/pcrypt/pencrypt/parallel_cpumask\x00', 0x80302, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sda1\x00', 0x2000, 0x0) socket(0x10, 0x2, 0x0) prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_OFF(0x7, 0x0, 0x0, 0x9, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='*\x00%i'], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x44) sendfile$auto(0x3, r1, 0x0, 0x100400000000006) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) sendfile$auto(r0, r0, 0x0, 0x1) keyctl$auto(0x17, 0x4, 0x7fffffffefff, 0x400, 0x0) listen$auto(0x3, 0x83) r2 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f00000028c0), 0x100, 0x0) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f0000000000)="c80d1b5d529b", 0x6) ioctl$auto_USB_RAW_IOCTL_EP_READ(r2, 0xc0085508, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) socket(0x23, 0x3, 0x80000300) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) 332.103836ms ago: executing program 3 (id=2934): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x0) r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram2/partscan\x00', 0x80200, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) poll$auto(&(0x7f00000003c0)={0xffffffffffffffff, 0x1000, 0x5}, 0x9, 0x9) openat$auto_vsock_device_ops_af_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x141000, 0x0) recvfrom$auto(r0, &(0x7f00000003c0), 0x8001, 0xe5ab, &(0x7f0000000400)=@in={0x2, 0x4e22, @empty}, &(0x7f0000000440)=0x6) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) io_uring_setup$auto(0x5b, &(0x7f0000000080)={0x7fffffff, 0xe, 0x2, 0x6, 0x5, 0x8, 0xffffffffffffffff, [], {0xd74c, 0x10000, 0x1, 0x29f, 0x100, 0xfff, 0x101, 0x6, 0x2}, {0xfb, 0x1001, 0x10001, 0x7, 0x1, 0x40, 0x100, 0x402005, 0x100000005}}) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/pcmC1D0c\x00', 0x0, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/input/event1\x00', 0x40000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0xffffffffffffffff, 0x1, 0x5, 0x4, 0x15f4da0e, 0xffffffff, 0x9, 0x100000000000000c, 0x8, 0xfffffffffffffffe, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8000, 0x0) 117.818335ms ago: executing program 0 (id=2935): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x2, 0x0, 0x1, 0xfffffffffffffffa) r2 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer1\x00', 0x180, 0x0) ioctl$auto_OSS_ALSAEMULVER(r2, 0x40086602, &(0x7f0000000100)) gettid() ptrace$auto(0x10, 0x0, 0x4, 0x7ff) r3 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/block/loop6/rqos/wbt/id\x00', 0x101a00, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r3, &(0x7f0000000340)=""/179, 0xb3) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154) execveat$auto(r4, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x10000) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000200)='5', 0x1) syz_genetlink_get_family_id$auto_nl80211(0x0, r5) mmap$auto(0x7, 0x400008, 0xdf, 0xfffffffe, r2, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000280)="bf26d979c30a39cdc8777ceb0c1a798348d8e1780bb3b5be7e0ba188611a4e96008fed11e259337c4dadf132e7c1d9e070020183d852c2065c452dbdc0eabd1e000000") mbind$auto(0xffffffffffffff00, 0xff, 0x9, &(0x7f0000000040)=0x100, 0x3, 0x7) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x8001, 0x0) keyctl$auto(0x1f, 0x1, 0x0, 0x3, 0x3ff) msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004) r7 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000b00)='/proc/self/smaps\x00', 0x42000, 0x0) read$auto_proc_pid_smaps_operations_internal(r7, 0x0, 0x0) 0s ago: executing program 2 (id=2936): r0 = open(&(0x7f0000000800)='./file0\x00', 0x3cfb40, 0x39642ae5d3121abb) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) semget$auto(0x0, 0x13c, 0x1ff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x23, 0x0) socket(0xa, 0x1, 0x84) shutdown$auto(0x200000003, 0x0) select$auto(0x4, 0x0, 0x0, 0x0, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, 0x0, 0x4) ioctl$auto_IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x6) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x88c0, 0x0) mq_open$auto(&(0x7f0000000000)='\xd7\'^(-\x00', 0xfffffffb, 0x10, 0x0) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x2482, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/advisor_max_cpu\x00', 0xa001, 0x0) write$auto(r2, &(0x7f0000000200)='/dev/dvb/adapter0/frontend0\x00', 0x3) sendmsg$auto_NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB], 0xc4}, 0x1, 0x0, 0x0, 0x48485}, 0x20000000) mmap$auto(0x0, 0x4020009, 0x40000000df, 0xeb1, 0x401, 0x8000) openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/trigger\x00', 0x1, 0x0) kernel console output (not intermixed with test programs): leftover after parsing attributes in process `syz.0.1575'. [ 447.789693][T12383] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 449.138024][T12411] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1583'. [ 449.169591][T12411] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1583'. [ 449.901423][T12427] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1588'. [ 450.055549][T12423] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1586'. [ 450.139836][T12435] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 451.286644][T12451] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1592'. [ 451.311521][T12451] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1592'. [ 453.100015][T12485] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1598'. [ 453.117979][T12485] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1598'. [ 453.534885][T12494] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1600'. [ 453.573761][T12494] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1600'. [ 453.965129][T12500] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 454.876183][T12519] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1606'. [ 455.276663][T12528] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1610'. [ 455.308022][T12528] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1610'. [ 455.923909][T12549] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1613'. [ 455.953872][T12548] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1612'. [ 455.964887][T12547] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1614'. [ 455.981399][T12548] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1612'. [ 455.992422][T12547] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1614'. [ 456.454367][T12554] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1616'. [ 456.463934][T12554] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1616'. [ 459.446815][T12627] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 459.897223][T12634] __nla_validate_parse: 2 callbacks suppressed [ 459.897237][T12634] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1635'. [ 461.412133][T12661] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 462.260000][T12683] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1645'. [ 462.286942][T12683] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1645'. [ 466.204951][T12751] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1659'. [ 467.513370][T12778] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1664'. [ 468.211140][T12788] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1667'. [ 468.222493][T12788] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1667'. [ 468.382008][T12793] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1668'. [ 469.298661][T12812] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1671'. [ 469.313169][T12811] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 470.026945][T12832] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1674'. [ 470.956926][T12841] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1677'. [ 470.997885][T12841] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1677'. [ 472.653514][T12878] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 473.156121][T12884] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1686'. [ 473.973457][T12907] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1691'. [ 474.568188][ T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!! [ 474.720591][T12915] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 474.876551][T12922] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1695'. [ 474.928969][T12922] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1695'. [ 477.006300][T12964] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1705'. [ 477.072333][T12964] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1705'. [ 477.167858][T12961] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 478.796818][T12992] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 479.513525][T13011] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1713'. [ 480.424867][T13031] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1719'. [ 481.303149][T13042] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1720'. [ 482.127378][T13065] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1724'. [ 482.943480][T13077] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1728'. [ 482.960850][T13077] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1728'. [ 483.748534][T13094] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1729'. [ 483.776725][T13094] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1729'. [ 484.524425][T13103] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 485.185858][T13115] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1733'. [ 486.932930][T13141] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 489.003620][T13181] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1746'. [ 489.039355][T13181] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1746'. [ 490.129093][T13206] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1751'. [ 490.184860][T13206] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1751'. [ 491.874489][T13227] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1754'. [ 492.671070][T13251] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1759'. [ 492.946692][T13261] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1762'. [ 492.960071][T13261] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1762'. [ 493.023447][T13257] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1760'. [ 493.045135][T13257] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1760'. [ 494.000614][T13285] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 495.281681][T13308] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1774'. [ 496.143559][T13327] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1778'. [ 498.345849][T13366] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1787'. [ 498.584029][T13375] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1789'. [ 499.122476][T13380] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 499.686105][T13400] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1795'. [ 499.729795][T13400] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1795'. [ 500.962698][T13416] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1799'. [ 501.463245][ T1313] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.469649][ T1313] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.808912][T13433] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1802'. [ 502.884301][T13458] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1807'. [ 503.316313][T13469] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1809'. [ 503.543787][T13474] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1810'. [ 504.061064][T13484] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1819'. [ 504.077697][T13484] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1819'. [ 506.010930][T13525] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1818'. [ 506.020435][T13525] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1818'. [ 506.111782][T13527] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1820'. [ 507.724585][T13565] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1825'. [ 509.249447][T13590] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1830'. [ 509.276223][T13590] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1830'. [ 509.652078][T13593] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1831'. [ 509.677242][T13593] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1831'. [ 510.351041][T13611] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1835'. [ 510.443493][T13613] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1836'. [ 512.852385][T13653] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1845'. [ 513.693209][T13670] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1847'. [ 513.996187][T13678] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1849'. [ 514.488652][T13683] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1851'. [ 516.050082][T13714] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1858'. [ 516.081393][T13714] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1858'. [ 516.793496][T13733] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1861'. [ 516.819220][T13733] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1861'. [ 518.684405][T13766] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1868'. [ 519.808607][T13791] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1874'. [ 519.818184][T13791] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1874'. [ 519.900182][T13794] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1872'. [ 520.817825][T13809] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1877'. [ 521.106247][T13818] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1878'. [ 523.785437][T13863] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1888'. [ 523.852600][T13863] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1888'. [ 524.439135][T13875] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 527.467790][T13935] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1902'. [ 527.875882][T13945] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 528.080718][T13949] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1905'. [ 528.106394][T13949] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1905'. [ 531.107726][T13999] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1915'. [ 531.201508][T14005] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1917'. [ 534.162277][T14054] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1926'. [ 534.199954][T14059] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1928'. [ 535.453161][T14088] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1933'. [ 535.478874][T14088] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1933'. [ 535.685167][T14094] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1935'. [ 535.696783][T14094] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1935'. [ 536.140558][T14105] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 536.820657][T14118] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1941'. [ 537.315028][T14133] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1944'. [ 537.341058][T14131] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1943'. [ 538.738568][T14162] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 539.972131][T14186] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1955'. [ 540.222959][T14190] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 540.782054][T14199] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1958'. [ 541.203596][T14210] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1961'. [ 541.253227][T14210] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1961'. [ 541.309197][T14220] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1964'. [ 542.579118][T14239] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1967'. [ 542.698866][T14247] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1969'. [ 543.291692][T14263] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1972'. [ 543.322630][T14255] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 543.334348][T14263] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1972'. [ 543.970799][T14273] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1975'. [ 545.863922][T14308] __nla_validate_parse: 1 callbacks suppressed [ 545.863944][T14308] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1981'. [ 545.896657][T14308] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1981'. [ 546.110981][T14313] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1982'. [ 546.162374][T14313] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1982'. [ 546.796436][T14327] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1984'. [ 546.829742][T14327] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1984'. [ 547.088796][T14336] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1987'. [ 547.109547][T14336] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1987'. [ 547.489898][T14346] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1989'. [ 547.520628][T14346] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1989'. [ 551.212505][T14434] __nla_validate_parse: 9 callbacks suppressed [ 551.212527][T14434] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2008'. [ 551.252161][T14434] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2008'. [ 551.824442][T14443] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2010'. [ 551.905389][T14449] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2011'. [ 554.852217][T14506] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2022'. [ 554.890696][T14506] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2022'. [ 555.587520][T14526] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 556.167779][T14541] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2029'. [ 556.224018][T14541] netlink: 350 bytes leftover after parsing attributes in process `syz.3.2029'. [ 558.265532][T14582] netlink: 504 bytes leftover after parsing attributes in process `syz.1.2040'. [ 558.306281][T14582] netlink: 350 bytes leftover after parsing attributes in process `syz.1.2040'. [ 558.892730][T14596] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 560.644852][T14630] netlink: 504 bytes leftover after parsing attributes in process `syz.2.2051'. [ 560.683195][T14630] netlink: 350 bytes leftover after parsing attributes in process `syz.2.2051'. [ 560.747421][T14627] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2050'. [ 560.783110][T14627] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2050'. [ 561.916273][T14649] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2055'. [ 561.950919][T14649] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2055'. [ 562.026406][T14651] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2056'. [ 562.830864][T14676] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2060'. [ 562.860004][T14676] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2060'. [ 562.900940][ T1313] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.910647][ T1313] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.355039][T14687] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2063'. [ 563.364459][T14687] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2063'. [ 564.144628][T14708] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2068'. [ 564.168954][T14708] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2068'. [ 566.545587][T14754] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 566.919948][T14762] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2079'. [ 566.929836][T14762] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2079'. [ 568.111644][T14781] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2082'. [ 569.697172][ T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!! [ 570.126774][T14827] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2093'. [ 570.460156][T14833] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2094'. [ 571.351329][T14853] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2099'. [ 571.395996][T14853] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2099'. [ 572.237458][T14871] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2101'. [ 572.276779][T14871] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2101'. [ 572.430283][T14876] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2102'. [ 573.335569][T14895] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2106'. [ 573.354588][T14895] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2106'. [ 573.663645][T14905] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2108'. [ 576.144953][T14958] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2120'. [ 576.232364][T14955] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2117'. [ 576.261267][T14961] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2121'. [ 576.288694][T14961] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2121'. [ 579.162970][T15018] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2132'. [ 579.771509][T15037] netlink: 350 bytes leftover after parsing attributes in process `syz.1.2137'. [ 579.931171][T15039] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2136'. [ 580.832310][T15058] netlink: 504 bytes leftover after parsing attributes in process `syz.2.2142'. [ 580.842853][T15058] netlink: 350 bytes leftover after parsing attributes in process `syz.2.2142'. [ 580.892445][T15061] netlink: 504 bytes leftover after parsing attributes in process `syz.1.2143'. [ 582.182158][T15087] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2150'. [ 582.198593][T15087] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2150'. [ 583.296148][T15110] netlink: 504 bytes leftover after parsing attributes in process `syz.2.2154'. [ 583.337788][T15110] netlink: 350 bytes leftover after parsing attributes in process `syz.2.2154'. [ 584.823304][T15140] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2162'. [ 586.176777][T15167] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2166'. [ 586.211558][T15167] netlink: 350 bytes leftover after parsing attributes in process `syz.3.2166'. [ 586.580154][T15177] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2168'. [ 586.596720][T15177] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2168'. [ 586.678681][T15174] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2167'. [ 587.153455][T15188] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2170'. [ 587.302691][T15192] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2171'. [ 587.357216][T15192] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2171'. [ 587.729178][T15198] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2172'. [ 589.925675][T15251] __nla_validate_parse: 3 callbacks suppressed [ 589.925697][T15251] netlink: 504 bytes leftover after parsing attributes in process `syz.2.2184'. [ 589.947284][T15251] netlink: 350 bytes leftover after parsing attributes in process `syz.2.2184'. [ 590.269962][T15253] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2185'. [ 590.983882][T15273] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2189'. [ 591.369082][T15279] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2190'. [ 591.397702][T15279] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2190'. [ 592.706228][T15311] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2196'. [ 592.725571][T15311] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2196'. [ 593.719510][T15335] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2200'. [ 593.750804][T15335] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2200'. [ 595.562321][T15373] __nla_validate_parse: 4 callbacks suppressed [ 595.562343][T15373] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2208'. [ 595.621422][T15373] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2208'. [ 597.391864][T15413] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2217'. [ 598.839587][T15439] netlink: 504 bytes leftover after parsing attributes in process `syz.2.2220'. [ 598.873764][T15439] netlink: 350 bytes leftover after parsing attributes in process `syz.2.2220'. [ 599.314686][T15450] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2223'. [ 599.342483][T15450] netlink: 350 bytes leftover after parsing attributes in process `syz.0.2223'. [ 599.569664][T15455] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2224'. [ 599.581837][T15455] netlink: 350 bytes leftover after parsing attributes in process `syz.0.2224'. [ 600.119635][T15473] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2230'. [ 600.611025][T15482] __nla_validate_parse: 1 callbacks suppressed [ 600.611039][T15482] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2232'. [ 600.637820][T15482] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2232'. [ 600.705077][T15485] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2233'. [ 600.717177][T15485] netlink: 350 bytes leftover after parsing attributes in process `syz.0.2233'. [ 601.101563][T15489] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2234'. [ 601.136646][T15489] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2234'. [ 601.313788][T15495] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2236'. [ 601.333564][T15495] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2236'. [ 602.554943][T15527] netlink: 504 bytes leftover after parsing attributes in process `syz.2.2243'. [ 602.595602][T15527] netlink: 350 bytes leftover after parsing attributes in process `syz.2.2243'. [ 606.396549][T15602] __nla_validate_parse: 8 callbacks suppressed [ 606.396564][T15602] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2259'. [ 606.440300][T15602] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2259'. [ 606.723847][T15613] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2262'. [ 606.903846][T15617] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2263'. [ 607.559620][T15634] netlink: 504 bytes leftover after parsing attributes in process `syz.2.2265'. [ 607.582599][T15634] netlink: 350 bytes leftover after parsing attributes in process `syz.2.2265'. [ 607.874629][T15644] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2269'. [ 607.874771][T15644] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2269'. [ 610.844988][T15701] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2280'. [ 611.342995][T15712] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2282'. [ 612.608852][T15739] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2287'. [ 613.276283][T15750] netlink: 504 bytes leftover after parsing attributes in process `syz.1.2288'. [ 613.322942][T15750] netlink: 350 bytes leftover after parsing attributes in process `syz.1.2288'. [ 613.769982][T15756] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2289'. [ 613.792776][T15756] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2289'. [ 614.018248][T15762] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2292'. [ 614.581968][T15778] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2294'. [ 614.611743][T15778] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2294'. [ 617.900787][T15848] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2309'. [ 617.924372][T15848] netlink: 350 bytes leftover after parsing attributes in process `syz.3.2309'. [ 619.562139][T15880] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2318'. [ 621.675280][T15924] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2328'. [ 622.137406][T15933] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2329'. [ 623.316614][T15956] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2333'. [ 623.955340][T15966] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2334'. [ 623.980279][T15966] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2334'. [ 624.340334][ T1313] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.349064][ T1313] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.672256][T15987] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2340'. [ 624.690886][T15987] netlink: 350 bytes leftover after parsing attributes in process `syz.0.2340'. [ 624.862559][T15983] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2339'. [ 625.103944][ T5636] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 625.113371][ T5636] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 625.124308][ T5636] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 625.136792][ T5636] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 625.145815][ T5636] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 625.790856][ T8384] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.139184][ T8384] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.211583][T16014] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2344'. [ 626.253482][ T8384] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.471854][ T8384] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.728767][ T8384] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.781932][T16027] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2346'. [ 627.228140][ T5641] Bluetooth: hci4: command tx timeout [ 627.428795][ T8384] bridge_slave_1: left allmulticast mode [ 627.443150][ T8384] bridge_slave_1: left promiscuous mode [ 627.470947][ T8384] bridge0: port 2(bridge_slave_1) entered disabled state [ 627.504259][ T8384] bridge_slave_0: left allmulticast mode [ 627.521667][ T8384] bridge_slave_0: left promiscuous mode [ 627.534013][ T8384] bridge0: port 1(bridge_slave_0) entered disabled state [ 628.329489][ T8384] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 628.408833][ T8384] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 628.426698][ T8384] bond0 (unregistering): Released all slaves [ 628.482201][ T5288] 8021q: adding VLAN 0 to HW filter on device eth1 [ 628.887101][T15996] bridge0: port 1(bridge_slave_0) entered blocking state [ 628.901094][T15996] bridge0: port 1(bridge_slave_0) entered disabled state [ 628.913022][T15996] bridge_slave_0: entered allmulticast mode [ 628.997840][T15996] bridge_slave_0: entered promiscuous mode [ 629.027477][T15996] bridge0: port 2(bridge_slave_1) entered blocking state [ 629.036040][T15996] bridge0: port 2(bridge_slave_1) entered disabled state [ 629.044727][T15996] bridge_slave_1: entered allmulticast mode [ 629.058798][T15996] bridge_slave_1: entered promiscuous mode [ 629.296917][ T5641] Bluetooth: hci4: command tx timeout [ 629.336024][T15996] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 629.406014][T15996] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 629.540885][ T8384] hsr_slave_0: left promiscuous mode [ 629.547528][ T8384] hsr_slave_1: left promiscuous mode [ 629.614673][ T8384] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 629.745365][ T8384] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 629.779491][ T8384] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 629.796990][ T8384] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 629.881558][ T8384] veth1_macvtap: left promiscuous mode [ 629.899814][ T8384] veth0_macvtap: left promiscuous mode [ 629.926217][ T8384] veth1_vlan: left promiscuous mode [ 629.941039][ T8384] veth0_vlan: left promiscuous mode [ 630.045673][T16096] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2352'. [ 630.714077][ T8384] team0 (unregistering): Port device team_slave_1 removed [ 630.755180][ T8384] team0 (unregistering): Port device team_slave_0 removed [ 631.194154][ T5288] 8021q: adding VLAN 0 to HW filter on device eth2 [ 631.223816][T15996] team0: Port device team_slave_0 added [ 631.263848][T15996] team0: Port device team_slave_1 added [ 631.376154][T15996] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 631.377633][ T5641] Bluetooth: hci4: command tx timeout [ 631.435285][T15996] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 631.518336][T15996] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 631.540951][T15996] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 631.548223][T15996] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 631.575149][T15996] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 631.781060][T15996] hsr_slave_0: entered promiscuous mode [ 631.799950][T15996] hsr_slave_1: entered promiscuous mode [ 631.824287][T15996] debugfs: 'hsr0' already exists in 'hsr' [ 631.866964][T15996] Cannot create hsr debugfs directory [ 632.194861][T16139] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2359'. [ 633.452798][T15996] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 633.456954][ T5641] Bluetooth: hci4: command tx timeout [ 633.502660][T15996] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 633.539588][T15996] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 633.574787][T15996] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 633.607811][T15996] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 633.640487][T15996] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 633.658596][T15996] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 633.688612][T15996] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 633.997231][T15996] 8021q: adding VLAN 0 to HW filter on device bond0 [ 634.070282][T15996] 8021q: adding VLAN 0 to HW filter on device team0 [ 634.121164][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 634.128384][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 634.227915][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 634.235067][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 634.386124][T15996] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 634.422024][T15996] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 635.539800][T15996] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 635.720952][T15996] veth0_vlan: entered promiscuous mode [ 635.824223][T15996] veth1_vlan: entered promiscuous mode [ 635.933776][T15996] veth0_macvtap: entered promiscuous mode [ 635.993847][T15996] veth1_macvtap: entered promiscuous mode [ 636.100421][T15996] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 636.180546][T15996] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 636.249313][ T146] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 636.283267][ T146] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 636.367829][ T146] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 636.381001][ T146] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 636.600191][T16247] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2366'. [ 636.688967][ T146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 636.716096][ T146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 636.849109][ T1338] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 636.883007][ T1338] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 638.596323][T16306] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2373'. [ 638.841241][T16314] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2375'. [ 640.718166][ T5636] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 640.730999][ T5636] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 640.739014][ T5636] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 640.748272][ T5636] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 640.757450][ T5636] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 641.313967][ T8384] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 641.480769][ T8384] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 641.744376][ T8384] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 641.931572][ T8384] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 641.951233][T16366] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2385'. [ 642.208429][T16376] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2386'. [ 642.641804][ T8384] bridge_slave_1: left allmulticast mode [ 642.650008][ T8384] bridge_slave_1: left promiscuous mode [ 642.669256][ T8384] bridge0: port 2(bridge_slave_1) entered disabled state [ 642.718059][ T8384] bridge_slave_0: left allmulticast mode [ 642.731658][ T8384] bridge_slave_0: left promiscuous mode [ 642.754061][ T8384] bridge0: port 1(bridge_slave_0) entered disabled state [ 642.816911][ T5641] Bluetooth: hci1: command tx timeout [ 643.188468][ T8384] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 643.201191][ T8384] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 643.213452][ T8384] bond0 (unregistering): Released all slaves [ 643.561953][ T5288] 8021q: adding VLAN 0 to HW filter on device eth1 [ 643.592216][T16344] bridge0: port 1(bridge_slave_0) entered blocking state [ 643.608586][T16344] bridge0: port 1(bridge_slave_0) entered disabled state [ 643.644752][T16344] bridge_slave_0: entered allmulticast mode [ 643.651912][T16344] bridge_slave_0: entered promiscuous mode [ 643.668327][T16344] bridge0: port 2(bridge_slave_1) entered blocking state [ 643.685704][T16344] bridge0: port 2(bridge_slave_1) entered disabled state [ 643.693101][T16344] bridge_slave_1: entered allmulticast mode [ 643.710144][T16344] bridge_slave_1: entered promiscuous mode [ 643.933564][T16344] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 644.027062][T16344] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 644.129548][ T8384] hsr_slave_0: left promiscuous mode [ 644.160520][ T8384] hsr_slave_1: left promiscuous mode [ 644.175140][ T8384] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 644.193826][ T8384] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 644.224714][ T8384] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 644.236124][ T8384] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 644.291682][ T8384] veth1_macvtap: left promiscuous mode [ 644.319494][ T8384] veth0_macvtap: left promiscuous mode [ 644.342852][ T8384] veth1_vlan: left promiscuous mode [ 644.362807][ T8384] veth0_vlan: left promiscuous mode [ 644.756998][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 644.760266][T16430] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2393'. [ 644.897980][ T5641] Bluetooth: hci1: command tx timeout [ 645.189383][ T8384] team0 (unregistering): Port device team_slave_1 removed [ 645.242449][ T8384] team0 (unregistering): Port device team_slave_0 removed [ 645.716538][T16344] team0: Port device team_slave_0 added [ 645.727640][T16430] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2393'. [ 645.738853][ T5288] 8021q: adding VLAN 0 to HW filter on device eth2 [ 645.760482][T16344] team0: Port device team_slave_1 added [ 645.844334][T16344] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 645.876045][T16344] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 645.974685][T16344] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 645.993755][T16344] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 646.009591][T16344] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 646.090688][T16344] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 646.292296][T16344] hsr_slave_0: entered promiscuous mode [ 646.352510][T16344] hsr_slave_1: entered promiscuous mode [ 646.371880][T16344] debugfs: 'hsr0' already exists in 'hsr' [ 646.378032][T16344] Cannot create hsr debugfs directory [ 646.915826][T16470] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 646.977060][ T5641] Bluetooth: hci1: command tx timeout [ 647.794087][T16344] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 647.836206][T16344] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 647.859174][T16344] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 647.895651][T16344] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 647.910770][T16344] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 647.944284][T16344] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 647.972564][T16344] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 648.009430][T16344] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 648.355722][T16344] 8021q: adding VLAN 0 to HW filter on device bond0 [ 648.498715][T16344] 8021q: adding VLAN 0 to HW filter on device team0 [ 648.600321][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 648.607497][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 648.725543][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 648.732681][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 649.057497][ T5641] Bluetooth: hci1: command tx timeout [ 650.329211][T16344] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 650.536177][T16344] veth0_vlan: entered promiscuous mode [ 650.661763][T16344] veth1_vlan: entered promiscuous mode [ 650.811996][T16344] veth0_macvtap: entered promiscuous mode [ 650.905414][T16344] veth1_macvtap: entered promiscuous mode [ 650.996282][T16344] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 651.084134][T16344] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 651.118693][ T8384] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 651.118764][ T8384] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 651.118809][ T8384] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 651.118851][ T8384] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 651.462419][ T8384] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 651.462460][ T8384] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 651.610822][T16227] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 651.610838][T16227] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 652.107172][T16603] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2406'. [ 652.165201][T16603] netlink: 350 bytes leftover after parsing attributes in process `syz.3.2406'. [ 653.339388][ T5636] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 653.351221][ T5636] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 653.361315][ T5636] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 653.371656][ T5636] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 653.382145][ T5636] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 654.339848][T16227] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 654.628846][T16640] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2412'. [ 654.638754][T16227] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 654.706269][T16640] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2412'. [ 654.753380][T16227] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 655.000215][T16227] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 655.457266][ T5641] Bluetooth: hci2: command tx timeout [ 655.779468][T16227] bridge_slave_1: left allmulticast mode [ 655.802876][T16227] bridge_slave_1: left promiscuous mode [ 655.816940][T16227] bridge0: port 2(bridge_slave_1) entered disabled state [ 655.833654][T16227] bridge_slave_0: left allmulticast mode [ 655.844749][T16227] bridge_slave_0: left promiscuous mode [ 655.851901][T16227] bridge0: port 1(bridge_slave_0) entered disabled state [ 655.925532][T16665] netlink: 350 bytes leftover after parsing attributes in process `syz.3.2414'. [ 656.350239][T16227] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 656.416725][T16227] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 656.453315][T16227] bond0 (unregistering): Released all slaves [ 656.497956][T16676] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 656.741743][T16620] bridge0: port 1(bridge_slave_0) entered blocking state [ 656.763731][T16620] bridge0: port 1(bridge_slave_0) entered disabled state [ 656.806722][T16620] bridge_slave_0: entered allmulticast mode [ 656.839246][T16620] bridge_slave_0: entered promiscuous mode [ 656.885467][T16620] bridge0: port 2(bridge_slave_1) entered blocking state [ 656.932685][T16620] bridge0: port 2(bridge_slave_1) entered disabled state [ 656.962793][T16620] bridge_slave_1: entered allmulticast mode [ 656.986325][T16620] bridge_slave_1: entered promiscuous mode [ 657.006992][ T5288] 8021q: adding VLAN 0 to HW filter on device eth1 [ 657.125499][T16620] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 657.189859][T16620] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 657.293630][T16620] team0: Port device team_slave_0 added [ 657.323926][T16620] team0: Port device team_slave_1 added [ 657.502178][T16227] hsr_slave_0: left promiscuous mode [ 657.536922][ T5641] Bluetooth: hci2: command tx timeout [ 657.545009][T16227] hsr_slave_1: left promiscuous mode [ 657.552177][T16227] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 657.561280][T16227] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 657.603537][T16227] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 657.635763][T16227] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 657.648001][T16227] veth1_macvtap: left promiscuous mode [ 657.653693][T16227] veth0_macvtap: left promiscuous mode [ 657.660232][T16227] veth1_vlan: left promiscuous mode [ 657.665610][T16227] veth0_vlan: left promiscuous mode [ 658.477589][T16227] team0 (unregistering): Port device team_slave_1 removed [ 658.551478][T16227] team0 (unregistering): Port device team_slave_0 removed [ 658.982362][T16620] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 659.014310][T16620] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 659.138279][T16620] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 659.191535][ T5288] 8021q: adding VLAN 0 to HW filter on device eth2 [ 659.223224][T16620] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 659.231136][T16620] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 659.257485][T16620] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 659.500615][T16620] hsr_slave_0: entered promiscuous mode [ 659.540949][T16620] hsr_slave_1: entered promiscuous mode [ 659.547450][T16620] debugfs: 'hsr0' already exists in 'hsr' [ 659.553285][T16620] Cannot create hsr debugfs directory [ 659.623835][ T5641] Bluetooth: hci2: command tx timeout [ 659.636996][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 660.056113][T16735] netlink: 350 bytes leftover after parsing attributes in process `syz.3.2421'. [ 661.080420][T16620] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 661.123245][T16620] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 661.145795][T16620] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 661.222156][T16620] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 661.231721][T16620] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 661.247295][T16620] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 661.255515][T16620] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 661.270190][T16620] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 661.584832][T16620] 8021q: adding VLAN 0 to HW filter on device bond0 [ 661.641868][T16620] 8021q: adding VLAN 0 to HW filter on device team0 [ 661.660662][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 661.667880][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 661.697468][ T5641] Bluetooth: hci2: command tx timeout [ 661.718050][ T146] bridge0: port 2(bridge_slave_1) entered blocking state [ 661.725208][ T146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 663.264368][T16620] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 663.390084][T16620] veth0_vlan: entered promiscuous mode [ 663.480099][T16818] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2429'. [ 663.503399][T16620] veth1_vlan: entered promiscuous mode [ 663.675140][T16620] veth0_macvtap: entered promiscuous mode [ 663.715270][T16620] veth1_macvtap: entered promiscuous mode [ 663.811678][T16620] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 663.854214][T16620] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 663.931375][T16227] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 664.000201][T16227] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 664.109061][T16227] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 664.129442][T16227] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 664.341232][ T146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 664.377642][ T146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 664.452742][ T8383] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 664.487825][ T8383] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 665.612775][T16865] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2433'. [ 666.079647][ T5636] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 666.094433][ T5636] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 666.103264][ T5636] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 666.115036][ T5636] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 666.123750][ T5636] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 666.881714][ T1338] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 667.113686][ T1338] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 667.295300][ T1338] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 667.475882][ T1338] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 668.176839][ T5641] Bluetooth: hci3: command tx timeout [ 668.339525][ T1338] bridge_slave_1: left allmulticast mode [ 668.363618][ T1338] bridge_slave_1: left promiscuous mode [ 668.387364][ T1338] bridge0: port 2(bridge_slave_1) entered disabled state [ 668.466084][ T1338] bridge_slave_0: left allmulticast mode [ 668.488743][ T1338] bridge_slave_0: left promiscuous mode [ 668.514418][ T1338] bridge0: port 1(bridge_slave_0) entered disabled state [ 669.197513][ T1338] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 669.241447][ T1338] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 669.260276][ T1338] bond0 (unregistering): Released all slaves [ 669.387281][ T5288] 8021q: adding VLAN 0 to HW filter on device eth1 [ 669.415178][T16883] bridge0: port 1(bridge_slave_0) entered blocking state [ 669.438273][T16883] bridge0: port 1(bridge_slave_0) entered disabled state [ 669.480042][T16883] bridge_slave_0: entered allmulticast mode [ 669.518192][T16883] bridge_slave_0: entered promiscuous mode [ 669.595242][T16883] bridge0: port 2(bridge_slave_1) entered blocking state [ 669.633696][T16883] bridge0: port 2(bridge_slave_1) entered disabled state [ 669.672352][T16883] bridge_slave_1: entered allmulticast mode [ 669.701188][T16883] bridge_slave_1: entered promiscuous mode [ 669.824019][T16883] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 669.871199][T16883] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 670.108192][T16883] team0: Port device team_slave_0 added [ 670.139025][T16883] team0: Port device team_slave_1 added [ 670.163907][ T1338] hsr_slave_0: left promiscuous mode [ 670.195730][ T1338] hsr_slave_1: left promiscuous mode [ 670.207258][ T1338] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 670.224880][ T1338] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 670.258931][ T5641] Bluetooth: hci3: command tx timeout [ 670.268918][ T1338] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 670.314442][ T1338] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 670.396661][ T1338] veth1_macvtap: left promiscuous mode [ 670.432077][ T1338] veth0_macvtap: left promiscuous mode [ 670.442411][ T1338] veth1_vlan: left promiscuous mode [ 670.448018][ T1338] veth0_vlan: left promiscuous mode [ 671.322283][ T1338] team0 (unregistering): Port device team_slave_1 removed [ 671.359995][ T1338] team0 (unregistering): Port device team_slave_0 removed [ 671.714854][ T5288] 8021q: adding VLAN 0 to HW filter on device eth2 [ 671.773775][T16883] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 671.796185][T16883] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 671.834047][T16883] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 671.885027][T16883] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 671.951486][T16883] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 671.995692][T16883] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 672.181478][T16883] hsr_slave_0: entered promiscuous mode [ 672.189936][T16883] hsr_slave_1: entered promiscuous mode [ 672.338194][ T5641] Bluetooth: hci3: command tx timeout [ 672.919149][T17004] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2446'. [ 674.034454][T16883] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 674.086422][T16883] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 674.137478][T16883] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 674.189623][T16883] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 674.231399][T16883] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 674.249056][T16883] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 674.262432][T16883] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 674.290931][T16883] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 674.416881][ T5641] Bluetooth: hci3: command tx timeout [ 674.588547][T17034] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2448'. [ 674.654231][T16883] 8021q: adding VLAN 0 to HW filter on device bond0 [ 674.732541][T16883] 8021q: adding VLAN 0 to HW filter on device team0 [ 674.754730][ T146] bridge0: port 1(bridge_slave_0) entered blocking state [ 674.761876][ T146] bridge0: port 1(bridge_slave_0) entered forwarding state [ 674.791091][ T146] bridge0: port 2(bridge_slave_1) entered blocking state [ 674.798299][ T146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 675.961623][T16883] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 676.202041][T16883] veth0_vlan: entered promiscuous mode [ 676.268388][T16883] veth1_vlan: entered promiscuous mode [ 676.410100][T16883] veth0_macvtap: entered promiscuous mode [ 676.486070][T16883] veth1_macvtap: entered promiscuous mode [ 676.520386][T16883] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 676.563454][T16883] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 676.655559][T16227] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 676.729190][T16227] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 676.849490][ T8383] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 676.887641][ T8383] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 677.195443][ T8383] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 677.247462][ T8383] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 677.401078][ T8384] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 677.435165][ T8384] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 678.251451][T17127] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2455'. [ 678.277514][T17127] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2455'. [ 680.085209][T17168] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2462'. [ 681.126979][T17192] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2465'. [ 681.280823][T17192] hsr_slave_0 (unregistering): left promiscuous mode [ 681.764505][T17197] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2466'. [ 682.323918][T17212] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2470'. [ 682.444534][T17212] T9h: entered promiscuous mode [ 682.455665][T17212] T9h: entered allmulticast mode [ 683.083911][T17227] futex_wake_op: syz.0.2474 tries to shift op by -2048; fix this program [ 683.149507][T17226] 0x000000000001-0x000000020000 : "" [ 683.173584][T17226] ftl_cs: FTL header corrupt! [ 683.775319][T17236] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2476'. [ 684.823060][T17247] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2477'. [ 685.209807][T17252] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2478'. [ 685.789237][ T1313] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.796553][ T1313] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.475941][T17236] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2476'. [ 687.636406][T17288] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2483'. [ 687.893476][T17268] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 688.260265][T17288] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2483'. [ 689.481459][T17315] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2488'. [ 689.513106][T17313] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2487'. [ 689.539591][T17313] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2487'. [ 690.672312][T17335] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2490'. [ 690.690945][T17335] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2490'. [ 690.819382][T17344] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 691.926033][T17358] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2495'. [ 692.249079][T17361] smpboot: CPU 1 is now offline [ 694.230171][T17404] can0: slcan on ttyS2. [ 695.015509][T17403] can0 (unregistered): slcan off ttyS2. [ 695.556700][T17424] netlink: 'syz.2.2506': attribute type 1 has an invalid length. [ 695.607164][T17424] nbd: error processing sock list [ 695.874344][T17433] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2507'. [ 696.120945][T17446] ubi0: attaching mtd0 [ 696.203927][T17446] ubi0: scanning is finished [ 696.254853][T17446] ubi0: empty MTD device detected [ 697.718862][T17446] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 697.923501][T17446] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 698.070550][T17446] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 698.209045][T17446] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 698.388283][T17446] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 698.484960][T17446] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 698.599855][T17446] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 4272093277 [ 698.711880][T17446] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 698.862887][T17481] ubi0: background thread "ubi_bgt0d" started, PID 17481 [ 698.920364][T17450] ubi0: detaching mtd0 [ 699.075925][T17450] ubi0: mtd0 is detached [ 699.907359][T17505] WARNING! power/level is deprecated; use power/control instead [ 700.211135][T17513] sg_write: data in/out 262108/1 bytes for SCSI command 0x7f-- guessing data in; [ 700.211135][T17513] program syz.1.2519 not setting count and/or reply_len properly [ 700.288682][T17516] netlink: 'syz.1.2519': attribute type 19 has an invalid length. [ 700.310046][T17511] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2518'. [ 700.363143][T17516] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2519'. [ 701.343641][T17533] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 702.370079][T17538] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2524'. [ 703.514102][ T5641] Bluetooth: hci2: unexpected event 0x1d length: 8 > 5 [ 703.691474][T17566] ubi0: attaching mtd0 [ 703.753256][T17566] ubi0: scanning is finished [ 704.301368][T17566] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 704.410561][T17566] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 704.556645][T17566] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 704.678167][T17566] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 704.813873][T17566] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 704.933559][T17580] bridge0: port 3(netdevsim3) entered blocking state [ 704.970960][T17566] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 705.082775][T17580] bridge0: port 3(netdevsim3) entered disabled state [ 705.106409][T17566] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 4272093277 [ 705.206426][T17566] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 705.217541][T17580] netdevsim netdevsim2 netdevsim3: entered allmulticast mode [ 705.303802][T17577] ubi0: background thread "ubi_bgt0d" started, PID 17577 [ 705.312006][T17574] ubi0: detaching mtd0 [ 705.396251][T17574] ubi0: mtd0 is detached [ 705.407573][T17580] netdevsim netdevsim2 netdevsim3: entered promiscuous mode [ 705.599037][T17580] bridge0: port 3(netdevsim3) entered blocking state [ 705.607279][T17580] bridge0: port 3(netdevsim3) entered forwarding state [ 706.891055][T17602] netlink: 350 bytes leftover after parsing attributes in process `syz.2.2536'. [ 708.857191][T17629] FAULT_INJECTION: forcing a failure. [ 708.857191][T17629] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 708.992705][T17629] CPU: 0 UID: 0 PID: 17629 Comm: syz.0.2539 Not tainted syzkaller #0 PREEMPT(full) [ 708.992726][T17629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 708.992735][T17629] Call Trace: [ 708.992740][T17629] [ 708.992746][T17629] dump_stack_lvl+0x100/0x190 [ 708.992768][T17629] should_fail_ex.cold+0x5/0xa [ 708.992787][T17629] _copy_to_user+0x32/0xd0 [ 708.992804][T17629] simple_read_from_buffer+0xcb/0x170 [ 708.992822][T17629] proc_fail_nth_read+0x1af/0x230 [ 708.992845][T17629] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 708.992872][T17629] ? rw_verify_area+0xce/0x6d0 [ 708.992886][T17629] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 708.992909][T17629] vfs_read+0x1e4/0xb30 [ 708.992927][T17629] ? __pfx_vfs_read+0x10/0x10 [ 708.992943][T17629] ? __fget_files+0x215/0x3d0 [ 708.992964][T17629] ? __fget_files+0x21f/0x3d0 [ 708.992985][T17629] ksys_read+0x12a/0x250 [ 708.993001][T17629] ? __pfx_ksys_read+0x10/0x10 [ 708.993019][T17629] ? rcu_is_watching+0x12/0xc0 [ 708.993039][T17629] do_syscall_64+0x10b/0xf80 [ 708.993053][T17629] ? clear_bhb_loop+0x40/0x90 [ 708.993070][T17629] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 708.993085][T17629] RIP: 0033:0x7f5bdbb5d68e [ 708.993097][T17629] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 708.993111][T17629] RSP: 002b:00007f5bd9dd4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 708.993125][T17629] RAX: ffffffffffffffda RBX: 00007f5bd9dd56c0 RCX: 00007f5bdbb5d68e [ 708.993135][T17629] RDX: 000000000000000f RSI: 00007f5bd9dd50a0 RDI: 0000000000000003 [ 708.993143][T17629] RBP: 00007f5bd9dd5090 R08: 0000000000000000 R09: 0000000000000000 [ 708.993151][T17629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 708.993160][T17629] R13: 00007f5bdbe16128 R14: 00007f5bdbe16090 R15: 00007ffd9d758928 [ 708.993178][T17629] [ 709.238392][T17634] hub 1-0:1.0: USB hub found [ 709.250169][T17634] hub 1-0:1.0: 1 port detected [ 709.266973][T17634] hub 1-0:1.0: USB hub found [ 709.271885][T17634] hub 1-0:1.0: 1 port detected [ 710.033290][T17655] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(9.262152.0), cmd(12) [ 710.869064][T17675] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2553'. [ 710.912622][T17675] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2553'. [ 711.137866][T17677] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2554'. [ 711.190478][T17685] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2556'. [ 711.220010][T17685] netlink: 354 bytes leftover after parsing attributes in process `syz.0.2556'. [ 712.403253][T17717] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2561'. [ 713.000381][T17742] usb usb21: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 713.589455][T17751] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2566'. [ 713.779905][T17754] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2567'. [ 714.661947][T17771] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2569'. [ 715.533999][T17788] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2574'. [ 716.755108][T17814] __nla_validate_parse: 1 callbacks suppressed [ 716.755122][T17814] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2578'. [ 717.073089][T17823] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2580'. [ 718.704737][T17858] netlink: 504 bytes leftover after parsing attributes in process `syz.1.2587'. [ 718.752697][T17858] netlink: 504 bytes leftover after parsing attributes in process `syz.1.2587'. [ 718.809271][T17847] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 719.731444][T17869] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2590'. [ 722.390331][T17932] ima: policy update failed [ 722.451800][ T30] audit: type=1802 audit(1843104974.271:9): pid=17932 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2600" res=0 errno=0 [ 722.947679][T17946] FAULT_INJECTION: forcing a failure. [ 722.947679][T17946] name failslab, interval 1, probability 0, space 0, times 0 [ 722.997419][T17942] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2603'. [ 723.020407][T17946] CPU: 0 UID: 0 PID: 17946 Comm: syz.1.2604 Not tainted syzkaller #0 PREEMPT(full) [ 723.020429][T17946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 723.020437][T17946] Call Trace: [ 723.020443][T17946] [ 723.020448][T17946] dump_stack_lvl+0x100/0x190 [ 723.020473][T17946] should_fail_ex.cold+0x5/0xa [ 723.020492][T17946] should_failslab+0xc2/0x120 [ 723.020512][T17946] __kmalloc_node_noprof+0xe6/0x850 [ 723.020526][T17946] ? load_msg+0x43/0x4a0 [ 723.020547][T17946] load_msg+0x43/0x4a0 [ 723.020568][T17946] do_msgsnd+0x1ad/0x1790 [ 723.020588][T17946] ? __fget_files+0x215/0x3d0 [ 723.020605][T17946] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 723.020623][T17946] ? __pfx_do_msgsnd+0x10/0x10 [ 723.020644][T17946] ? find_held_lock+0x2b/0x80 [ 723.020663][T17946] ? __might_fault+0xc5/0x140 [ 723.020684][T17946] ? __might_fault+0xc5/0x140 [ 723.020709][T17946] ? __x64_sys_msgsnd+0xe5/0x130 [ 723.020729][T17946] __x64_sys_msgsnd+0xe5/0x130 [ 723.020751][T17946] do_syscall_64+0x10b/0xf80 [ 723.020764][T17946] ? clear_bhb_loop+0x40/0x90 [ 723.020781][T17946] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 723.020796][T17946] RIP: 0033:0x7fbcfdf9ce59 [ 723.020808][T17946] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 723.020822][T17946] RSP: 002b:00007fbcfef23028 EFLAGS: 00000246 ORIG_RAX: 0000000000000045 [ 723.020836][T17946] RAX: ffffffffffffffda RBX: 00007fbcfe215fa0 RCX: 00007fbcfdf9ce59 [ 723.020845][T17946] RDX: 0000000000000008 RSI: 0000200000000000 RDI: 0000000000000000 [ 723.020853][T17946] RBP: 00007fbcfef23090 R08: 0000000000000000 R09: 0000000000000000 [ 723.020861][T17946] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000001 [ 723.020870][T17946] R13: 00007fbcfe216038 R14: 00007fbcfe215fa0 R15: 00007ffd8a7e7208 [ 723.020888][T17946] [ 723.994847][ T30] audit: type=1400 audit(1843104520.430:10): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=17949 comm="syz.3.2605" [ 724.464659][T17966] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2608'. [ 724.924828][T17985] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2613'. [ 726.316154][T18010] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2619'. [ 727.809518][T18041] FAULT_INJECTION: forcing a failure. [ 727.809518][T18041] name failslab, interval 1, probability 0, space 0, times 0 [ 727.841981][T18044] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2626'. [ 727.892928][T18041] CPU: 0 UID: 0 PID: 18041 Comm: syz.1.2625 Not tainted syzkaller #0 PREEMPT(full) [ 727.892950][T18041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 727.892959][T18041] Call Trace: [ 727.892964][T18041] [ 727.892970][T18041] dump_stack_lvl+0x100/0x190 [ 727.892991][T18041] should_fail_ex.cold+0x5/0xa [ 727.893010][T18041] should_failslab+0xc2/0x120 [ 727.893027][T18041] __kmalloc_cache_noprof+0x7a/0x6f0 [ 727.893047][T18041] ? resv_map_alloc+0x46/0x400 [ 727.893061][T18041] ? find_held_lock+0x2b/0x80 [ 727.893083][T18041] resv_map_alloc+0x46/0x400 [ 727.893098][T18041] hugetlbfs_get_inode+0x385/0x700 [ 727.893119][T18041] ? __fget_files+0x215/0x3d0 [ 727.893137][T18041] hugetlb_file_setup+0x15b/0x5b0 [ 727.893160][T18041] ksys_mmap_pgoff+0x242/0x610 [ 727.893180][T18041] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 727.893196][T18041] ? fput+0x79/0x100 [ 727.893215][T18041] ? ksys_write+0x1ac/0x250 [ 727.893231][T18041] ? __pfx_ksys_write+0x10/0x10 [ 727.893249][T18041] __x64_sys_mmap+0x125/0x190 [ 727.893267][T18041] do_syscall_64+0x10b/0xf80 [ 727.893280][T18041] ? clear_bhb_loop+0x40/0x90 [ 727.893302][T18041] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 727.893317][T18041] RIP: 0033:0x7fbcfdf9ce59 [ 727.893330][T18041] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 727.893343][T18041] RSP: 002b:00007fbcfef02028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 727.893358][T18041] RAX: ffffffffffffffda RBX: 00007fbcfe216090 RCX: 00007fbcfdf9ce59 [ 727.893367][T18041] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 727.893375][T18041] RBP: 00007fbcfef02090 R08: 0000000000000401 R09: 0000300000000000 [ 727.893384][T18041] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000001 [ 727.893392][T18041] R13: 00007fbcfe216128 R14: 00007fbcfe216090 R15: 00007ffd8a7e7208 [ 727.893410][T18041] [ 728.204638][T18048] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2627'. [ 730.443571][ T30] audit: type=1800 audit(1843104526.880:11): pid=18074 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2631" name="dbroot" dev="configfs" ino=73576 res=0 errno=0 [ 730.881398][T18100] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2637'. [ 732.372508][T18112] Process accounting resumed [ 732.430414][ T30] audit: type=1807 audit(1843104528.870:12): UNKNOWN=nl80211 res=0 [ 732.493599][ T30] audit: type=1802 audit(1843104528.920:13): pid=18134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.1.2644" res=0 errno=0 [ 732.586106][T18146] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2647'. [ 732.647368][T18137] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2646'. [ 733.026350][T18155] netlink: 504 bytes leftover after parsing attributes in process `syz.2.2649'. [ 733.078440][T18140] ima: policy update failed [ 733.127245][ T30] audit: type=1802 audit(1843104529.570:14): pid=18140 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.2644" res=0 errno=0 [ 733.721703][T18169] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2651'. [ 733.789963][T18169] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2651'. [ 734.221102][T18189] FAULT_INJECTION: forcing a failure. [ 734.221102][T18189] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 734.240324][ T5641] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 734.310980][T18189] CPU: 0 UID: 0 PID: 18189 Comm: syz.3.2654 Not tainted syzkaller #0 PREEMPT(full) [ 734.311002][T18189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 734.311011][T18189] Call Trace: [ 734.311016][T18189] [ 734.311022][T18189] dump_stack_lvl+0x100/0x190 [ 734.311042][T18189] should_fail_ex.cold+0x5/0xa [ 734.311061][T18189] _copy_from_user+0x2e/0xd0 [ 734.311077][T18189] copy_msghdr_from_user+0x9f/0x4f0 [ 734.311101][T18189] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 734.311127][T18189] ? __lock_acquire+0x4a5/0x2630 [ 734.311145][T18189] ___sys_recvmsg+0xdd/0x1a0 [ 734.311166][T18189] ? __pfx____sys_recvmsg+0x10/0x10 [ 734.311191][T18189] ? find_held_lock+0x2b/0x80 [ 734.311219][T18189] do_recvmmsg+0x301/0x760 [ 734.311243][T18189] ? __pfx_do_recvmmsg+0x10/0x10 [ 734.311264][T18189] ? ksys_write+0x190/0x250 [ 734.311284][T18189] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 734.311298][T18189] ? kernel_write+0x5e3/0x6c0 [ 734.311319][T18189] ? __fget_files+0x21f/0x3d0 [ 734.311340][T18189] __x64_sys_recvmmsg+0x22a/0x280 [ 734.311359][T18189] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 734.311379][T18189] ? rcu_is_watching+0x12/0xc0 [ 734.311398][T18189] do_syscall_64+0x10b/0xf80 [ 734.311411][T18189] ? clear_bhb_loop+0x40/0x90 [ 734.311428][T18189] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 734.311443][T18189] RIP: 0033:0x7efe6199ce59 [ 734.311454][T18189] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 734.311468][T18189] RSP: 002b:00007efe6289e028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 734.311482][T18189] RAX: ffffffffffffffda RBX: 00007efe61c16090 RCX: 00007efe6199ce59 [ 734.311491][T18189] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 734.311500][T18189] RBP: 00007efe6289e090 R08: 0000000000000000 R09: 0000000000000000 [ 734.311508][T18189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 734.311516][T18189] R13: 00007efe61c16128 R14: 00007efe61c16090 R15: 00007ffeb2fcc338 [ 734.311534][T18189] [ 734.524087][T18190] bridge0: port 3(bond0) entered blocking state [ 734.530431][T18190] bridge0: port 3(bond0) entered disabled state [ 734.536817][T18190] bond0: entered allmulticast mode [ 734.541931][T18190] bond_slave_0: entered allmulticast mode [ 734.547655][T18190] bond_slave_1: entered allmulticast mode [ 734.554691][T18190] bond0: entered promiscuous mode [ 734.559846][T18190] bond_slave_0: entered promiscuous mode [ 734.565588][T18190] bond_slave_1: entered promiscuous mode [ 734.571746][T18190] bridge0: port 3(bond0) entered blocking state [ 734.578063][T18190] bridge0: port 3(bond0) entered forwarding state [ 735.462774][T18200] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2657'. [ 735.607425][T18204] netlink: zone id is out of range [ 735.628480][T18204] netlink: zone id is out of range [ 735.646340][T18204] netlink: zone id is out of range [ 735.663141][T18204] netlink: zone id is out of range [ 735.689323][T18204] netlink: zone id is out of range [ 735.724840][T18204] netlink: zone id is out of range [ 735.765107][T18204] netlink: zone id is out of range [ 735.800974][T18204] netlink: zone id is out of range [ 735.850615][T18204] netlink: zone id is out of range [ 735.898886][T18204] netlink: zone id is out of range [ 736.259576][ T5641] Bluetooth: hci2: command 0x2016 tx timeout [ 736.303134][T18221] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2661'. [ 737.656477][T18252] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2666'. [ 737.698594][T18252] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2666'. [ 738.339500][ T5636] Bluetooth: hci2: command 0x2016 tx timeout [ 739.773085][T18279] FAULT_INJECTION: forcing a failure. [ 739.773085][T18279] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 739.831114][T18279] CPU: 0 UID: 0 PID: 18279 Comm: syz.0.2670 Not tainted syzkaller #0 PREEMPT(full) [ 739.831135][T18279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 739.831144][T18279] Call Trace: [ 739.831149][T18279] [ 739.831154][T18279] dump_stack_lvl+0x100/0x190 [ 739.831175][T18279] should_fail_ex.cold+0x5/0xa [ 739.831194][T18279] _copy_from_user+0x2e/0xd0 [ 739.831211][T18279] copy_msghdr_from_user+0x9f/0x4f0 [ 739.831235][T18279] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 739.831260][T18279] ? rcu_is_watching+0x12/0xc0 [ 739.831280][T18279] ? ___sys_recvmsg+0x177/0x1a0 [ 739.831300][T18279] ? kfree+0x1dd/0x6c0 [ 739.831323][T18279] ___sys_recvmsg+0xdd/0x1a0 [ 739.831345][T18279] ? __pfx____sys_recvmsg+0x10/0x10 [ 739.831377][T18279] ? __pfx___might_resched+0x10/0x10 [ 739.831397][T18279] do_recvmmsg+0x301/0x760 [ 739.831421][T18279] ? __pfx_do_recvmmsg+0x10/0x10 [ 739.831442][T18279] ? ksys_write+0x190/0x250 [ 739.831462][T18279] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 739.831476][T18279] ? kernel_write+0x5e3/0x6c0 [ 739.831501][T18279] ? __fget_files+0x21f/0x3d0 [ 739.831522][T18279] __x64_sys_recvmmsg+0x22a/0x280 [ 739.831542][T18279] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 739.831561][T18279] ? rcu_is_watching+0x12/0xc0 [ 739.831580][T18279] do_syscall_64+0x10b/0xf80 [ 739.831593][T18279] ? clear_bhb_loop+0x40/0x90 [ 739.831611][T18279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 739.831626][T18279] RIP: 0033:0x7f5bdbb9ce59 [ 739.831638][T18279] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 739.831651][T18279] RSP: 002b:00007f5bd9dd5028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 739.831665][T18279] RAX: ffffffffffffffda RBX: 00007f5bdbe16090 RCX: 00007f5bdbb9ce59 [ 739.831675][T18279] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000004 [ 739.831683][T18279] RBP: 00007f5bd9dd5090 R08: 0000000000000000 R09: 0000000000000000 [ 739.831691][T18279] R10: 000000000000000e R11: 0000000000000246 R12: 0000000000000001 [ 739.831699][T18279] R13: 00007f5bdbe16128 R14: 00007f5bdbe16090 R15: 00007ffd9d758928 [ 739.831717][T18279] [ 741.117396][T18319] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2679'. [ 741.545169][T18333] FAULT_INJECTION: forcing a failure. [ 741.545169][T18333] name failslab, interval 1, probability 0, space 0, times 0 [ 741.614030][T18333] CPU: 0 UID: 0 PID: 18333 Comm: syz.1.2681 Not tainted syzkaller #0 PREEMPT(full) [ 741.614053][T18333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 741.614062][T18333] Call Trace: [ 741.614068][T18333] [ 741.614073][T18333] dump_stack_lvl+0x100/0x190 [ 741.614095][T18333] should_fail_ex.cold+0x5/0xa [ 741.614115][T18333] should_failslab+0xc2/0x120 [ 741.614133][T18333] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 741.614149][T18333] ? __addrconf_sysctl_register+0xbb/0x360 [ 741.614174][T18333] kmemdup_noprof+0x29/0x60 [ 741.614190][T18333] __addrconf_sysctl_register+0xbb/0x360 [ 741.614213][T18333] ? __pfx___addrconf_sysctl_register+0x10/0x10 [ 741.614238][T18333] ? __asan_memcpy+0x3c/0x60 [ 741.614260][T18333] addrconf_init_net+0x5dd/0x8e0 [ 741.614282][T18333] ? __pfx_addrconf_init_net+0x10/0x10 [ 741.614301][T18333] ops_init+0x1e2/0x5f0 [ 741.614322][T18333] setup_net+0x118/0x3a0 [ 741.614340][T18333] ? __pfx_setup_net+0x10/0x10 [ 741.614364][T18333] ? mutex_init_lockdep+0xf1/0x120 [ 741.614384][T18333] copy_net_ns+0x46f/0x7c0 [ 741.614406][T18333] create_new_namespaces+0x3ea/0xac0 [ 741.614429][T18333] unshare_nsproxy_namespaces+0xf2/0x220 [ 741.614450][T18333] ksys_unshare+0x438/0xab0 [ 741.614471][T18333] ? __pfx_ksys_unshare+0x10/0x10 [ 741.614491][T18333] ? xfd_validate_state+0x129/0x190 [ 741.614512][T18333] __x64_sys_unshare+0x31/0x40 [ 741.614532][T18333] do_syscall_64+0x10b/0xf80 [ 741.614548][T18333] ? clear_bhb_loop+0x40/0x90 [ 741.614565][T18333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 741.614580][T18333] RIP: 0033:0x7fbcfdf9ce59 [ 741.614593][T18333] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 741.614607][T18333] RSP: 002b:00007fbcfef23028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 741.614622][T18333] RAX: ffffffffffffffda RBX: 00007fbcfe215fa0 RCX: 00007fbcfdf9ce59 [ 741.614631][T18333] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 741.614639][T18333] RBP: 00007fbcfe032d6f R08: 0000000000000000 R09: 0000000000000000 [ 741.614649][T18333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 741.614657][T18333] R13: 00007fbcfe216038 R14: 00007fbcfe215fa0 R15: 00007ffd8a7e7208 [ 741.614676][T18333] [ 742.507646][T18344] [U] ^R [ 742.631603][T18346] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2684'. [ 742.672671][T18353] FAULT_INJECTION: forcing a failure. [ 742.672671][T18353] name failslab, interval 1, probability 0, space 0, times 0 [ 742.705649][T18353] CPU: 0 UID: 0 PID: 18353 Comm: syz.2.2686 Not tainted syzkaller #0 PREEMPT(full) [ 742.705669][T18353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 742.705678][T18353] Call Trace: [ 742.705683][T18353] [ 742.705689][T18353] dump_stack_lvl+0x100/0x190 [ 742.705709][T18353] should_fail_ex.cold+0x5/0xa [ 742.705727][T18353] ? tomoyo_encode2+0xfb/0x3c0 [ 742.705745][T18353] should_failslab+0xc2/0x120 [ 742.705763][T18353] __kmalloc_noprof+0xe0/0x850 [ 742.705775][T18353] ? d_absolute_path+0x136/0x1b0 [ 742.705793][T18353] tomoyo_encode2+0xfb/0x3c0 [ 742.705814][T18353] tomoyo_encode+0x29/0x50 [ 742.705831][T18353] tomoyo_realpath_from_path+0x18c/0x690 [ 742.705854][T18353] tomoyo_path_number_perm+0x23c/0x580 [ 742.705870][T18353] ? tomoyo_path_number_perm+0x22e/0x580 [ 742.705886][T18353] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 742.705920][T18353] ? find_held_lock+0x2b/0x80 [ 742.705939][T18353] ? __fget_files+0x215/0x3d0 [ 742.705954][T18353] ? hook_file_ioctl_common+0x149/0x410 [ 742.705970][T18353] ? __fget_files+0x215/0x3d0 [ 742.705989][T18353] ? __fget_files+0x21f/0x3d0 [ 742.706009][T18353] security_file_ioctl+0xd3/0x230 [ 742.706026][T18353] __x64_sys_ioctl+0xb7/0x210 [ 742.706042][T18353] do_syscall_64+0x10b/0xf80 [ 742.706055][T18353] ? clear_bhb_loop+0x40/0x90 [ 742.706072][T18353] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 742.706087][T18353] RIP: 0033:0x7fc1ed19ce59 [ 742.706100][T18353] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 742.706113][T18353] RSP: 002b:00007fc1ee0d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 742.706127][T18353] RAX: ffffffffffffffda RBX: 00007fc1ed415fa0 RCX: 00007fc1ed19ce59 [ 742.706136][T18353] RDX: ffffffffffffffff RSI: 0000000000005412 RDI: 0000000000000003 [ 742.706145][T18353] RBP: 00007fc1ee0d8090 R08: 0000000000000000 R09: 0000000000000000 [ 742.706153][T18353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 742.706162][T18353] R13: 00007fc1ed416038 R14: 00007fc1ed415fa0 R15: 00007fff8cd8b068 [ 742.706180][T18353] [ 742.706484][T18353] ERROR: Out of memory at tomoyo_realpath_from_path. [ 742.718511][T18348] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2685'. [ 743.328848][T18369] ERROR: Out of memory at tomoyo_memory_ok. [ 743.328905][T18369] ERROR: Domain ' /sbin/init /etc/init.d/rcS /etc/init.d/S50sshd /sbin/start-stop-daemon /usr/sbin/sshd /usr/libexec/sshd-session /bin/sh /root/ci-qemu-gce-upstream-auto/syz-executor /root/ci-qemu-gce-upstream-auto/syz-executor /newroot/79/:,' not defined. [ 743.728880][T18383] ubi0: attaching mtd0 [ 743.774765][T18383] ubi0: scanning is finished [ 744.252503][T18383] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 744.422260][T18383] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 744.576832][T18383] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 744.618603][T18405] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2695'. [ 744.657124][T18383] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 744.751213][T18383] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 744.791903][T18407] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2695'. [ 744.835003][T18383] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 744.934446][T18383] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 4272093277 [ 745.056204][T18383] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 745.140073][T18399] ubi0: background thread "ubi_bgt0d" started, PID 18399 [ 745.148420][T18392] ubi0: detaching mtd0 [ 745.219567][T18392] ubi0: mtd0 is detached [ 746.390406][T18428] zswap: compressor not available [ 746.708630][T18435] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2700'. [ 747.221020][ T1313] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.227376][ T1313] ieee802154 phy1 wpan1: encryption failed: -22 [ 748.378851][ T30] audit: type=1800 audit(1843104544.790:15): pid=18453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2702" name="dbroot" dev="configfs" ino=75123 res=0 errno=0 [ 749.286172][T18479] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2708'. [ 749.302185][ T5636] Bluetooth: hci4: command 0x0406 tx timeout [ 749.348247][T18479] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2708'. [ 749.731943][T18489] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2711'. [ 749.777881][T18489] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2711'. [ 749.881116][T18495] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2712'. [ 750.684068][T18507] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2713'. [ 750.726421][T18507] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2713'. [ 751.078405][T18517] can: request_module (can-proto-0) failed. [ 751.639587][T18527] FAULT_INJECTION: forcing a failure. [ 751.639587][T18527] name failslab, interval 1, probability 0, space 0, times 0 [ 751.725287][T18527] CPU: 0 UID: 0 PID: 18527 Comm: syz.0.2719 Not tainted syzkaller #0 PREEMPT(full) [ 751.725310][T18527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 751.725319][T18527] Call Trace: [ 751.725324][T18527] [ 751.725331][T18527] dump_stack_lvl+0x100/0x190 [ 751.725353][T18527] should_fail_ex.cold+0x5/0xa [ 751.725372][T18527] should_failslab+0xc2/0x120 [ 751.725390][T18527] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 751.725411][T18527] ? security_inode_alloc+0x3b/0x2c0 [ 751.725427][T18527] ? lockdep_init_map_type+0x5c/0x250 [ 751.725444][T18527] security_inode_alloc+0x3b/0x2c0 [ 751.725460][T18527] inode_init_always_gfp+0xcc0/0x1000 [ 751.725481][T18527] alloc_inode+0x8e/0x250 [ 751.725502][T18527] new_inode+0x22/0x1c0 [ 751.725522][T18527] ? trace_kmem_cache_alloc+0xd5/0x100 [ 751.725541][T18527] shmem_get_inode+0x1e3/0xfb0 [ 751.725562][T18527] ? __pfx_shmem_get_inode+0x10/0x10 [ 751.725586][T18527] __shmem_file_setup+0x382/0x460 [ 751.725607][T18527] ? __pfx___shmem_file_setup+0x10/0x10 [ 751.725628][T18527] ? vm_area_alloc+0x1f/0x160 [ 751.725653][T18527] shmem_zero_setup+0x96/0x1b0 [ 751.725670][T18527] __mmap_region+0x24e9/0x2da0 [ 751.725695][T18527] ? __pfx___mmap_region+0x10/0x10 [ 751.725725][T18527] ? __lock_acquire+0x4a5/0x2630 [ 751.725748][T18527] ? trace_pelt_se_tp+0x13b/0x190 [ 751.725765][T18527] ? do_raw_spin_lock+0x128/0x260 [ 751.725794][T18527] ? do_raw_spin_lock+0x128/0x260 [ 751.725811][T18527] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 751.725835][T18527] ? hrtimer_start_range_ns+0x860/0x1a50 [ 751.725853][T18527] ? find_held_lock+0x2b/0x80 [ 751.725870][T18527] ? finish_task_switch.isra.0+0x2c6/0x1010 [ 751.725918][T18527] mmap_region+0x35d/0x620 [ 751.725932][T18527] ? rcu_is_watching+0x12/0xc0 [ 751.725949][T18527] ? __pfx_mmap_region+0x10/0x10 [ 751.725965][T18527] ? cap_mmap_addr+0x4b/0x120 [ 751.725985][T18527] ? bpf_lsm_mmap_addr+0x9/0x30 [ 751.725999][T18527] ? security_mmap_addr+0x71/0x1e0 [ 751.726016][T18527] ? __get_unmapped_area+0x255/0x3e0 [ 751.726036][T18527] do_mmap+0xc63/0x12f0 [ 751.726057][T18527] ? __pfx_do_mmap+0x10/0x10 [ 751.726074][T18527] ? __pfx_down_write_killable+0x10/0x10 [ 751.726094][T18527] vm_mmap_pgoff+0x29e/0x470 [ 751.726115][T18527] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 751.726135][T18527] ? do_futex+0x192/0x350 [ 751.726152][T18527] ? __pfx_do_futex+0x10/0x10 [ 751.726167][T18527] ? do_raw_spin_lock+0x128/0x260 [ 751.726186][T18527] ksys_mmap_pgoff+0xe4/0x610 [ 751.726203][T18527] ? __x64_sys_futex+0x358/0x4d0 [ 751.726219][T18527] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 751.726236][T18527] ? xfd_validate_state+0x129/0x190 [ 751.726255][T18527] __x64_sys_mmap+0x125/0x190 [ 751.726273][T18527] do_syscall_64+0x10b/0xf80 [ 751.726285][T18527] ? clear_bhb_loop+0x40/0x90 [ 751.726303][T18527] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 751.726317][T18527] RIP: 0033:0x7f5bdbb9ce59 [ 751.726331][T18527] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 751.726345][T18527] RSP: 002b:00007f5bd9df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 751.726359][T18527] RAX: ffffffffffffffda RBX: 00007f5bdbe15fa0 RCX: 00007f5bdbb9ce59 [ 751.726369][T18527] RDX: 0000000000000ca0 RSI: 0000000002020009 RDI: 0000000000000000 [ 751.726377][T18527] RBP: 00007f5bdbc32d6f R08: fffffffffffffffa R09: 0000000000008000 [ 751.726386][T18527] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 751.726395][T18527] R13: 00007f5bdbe16038 R14: 00007f5bdbe15fa0 R15: 00007ffd9d758928 [ 751.726414][T18527] [ 752.265073][T18534] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2721'. [ 752.306111][T18537] &#$@\]\-: entered promiscuous mode [ 752.324471][T18537] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26) [ 752.336353][T18537] ima: policy update failed [ 752.431390][T18539] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2724'. [ 752.440543][T18539] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2724'. [ 752.458451][ T30] audit: type=1802 audit(1843104548.800:16): pid=18537 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2722" res=0 errno=0 [ 753.650963][T18558] netlink: 444 bytes leftover after parsing attributes in process `syz.3.2726'. [ 753.720381][T18558] block nbd2: not configured, cannot reconfigure [ 756.189241][T18604] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2735'. [ 756.241441][T18604] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2735'. [ 756.761284][T18602] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2734'. [ 757.349206][T18625] FAULT_INJECTION: forcing a failure. [ 757.349206][T18625] name failslab, interval 1, probability 0, space 0, times 0 [ 757.524988][T18625] CPU: 0 UID: 0 PID: 18625 Comm: syz.0.2738 Not tainted syzkaller #0 PREEMPT(full) [ 757.525010][T18625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 757.525019][T18625] Call Trace: [ 757.525024][T18625] [ 757.525030][T18625] dump_stack_lvl+0x100/0x190 [ 757.525050][T18625] should_fail_ex.cold+0x5/0xa [ 757.525068][T18625] should_failslab+0xc2/0x120 [ 757.525085][T18625] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 757.525107][T18625] ? alloc_empty_file+0x5b/0x1c0 [ 757.525128][T18625] ? __pfx_stack_trace_save+0x10/0x10 [ 757.525151][T18625] alloc_empty_file+0x5b/0x1c0 [ 757.525172][T18625] path_openat+0xe8/0x31a0 [ 757.525189][T18625] ? kasan_save_stack+0x3f/0x50 [ 757.525202][T18625] ? kasan_save_stack+0x30/0x50 [ 757.525217][T18625] ? kasan_save_track+0x14/0x30 [ 757.525230][T18625] ? __kasan_slab_alloc+0x89/0x90 [ 757.525244][T18625] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 757.525266][T18625] ? do_getname+0x35/0x390 [ 757.525285][T18625] ? do_sys_openat2+0xc5/0x1e0 [ 757.525306][T18625] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 757.525329][T18625] ? __pfx_path_openat+0x10/0x10 [ 757.525353][T18625] do_file_open+0x20e/0x430 [ 757.525372][T18625] ? __pfx_do_file_open+0x10/0x10 [ 757.525402][T18625] ? alloc_fd+0x476/0x790 [ 757.525421][T18625] ? do_getname+0x191/0x390 [ 757.525443][T18625] do_sys_openat2+0x10d/0x1e0 [ 757.525465][T18625] ? __pfx_do_sys_openat2+0x10/0x10 [ 757.525485][T18625] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 757.525503][T18625] ? __fget_files+0x21f/0x3d0 [ 757.525522][T18625] __x64_sys_openat+0x12d/0x210 [ 757.525544][T18625] ? __pfx___x64_sys_openat+0x10/0x10 [ 757.525565][T18625] ? ksys_write+0x1ac/0x250 [ 757.525583][T18625] ? rcu_is_watching+0x12/0xc0 [ 757.525603][T18625] do_syscall_64+0x10b/0xf80 [ 757.525616][T18625] ? clear_bhb_loop+0x40/0x90 [ 757.525633][T18625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 757.525647][T18625] RIP: 0033:0x7f5bdbb9ce59 [ 757.525660][T18625] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 757.525673][T18625] RSP: 002b:00007f5bd9dd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 757.525687][T18625] RAX: ffffffffffffffda RBX: 00007f5bdbe16090 RCX: 00007f5bdbb9ce59 [ 757.525697][T18625] RDX: 0000000000042a81 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 757.525705][T18625] RBP: 00007f5bd9dd5090 R08: 0000000000000000 R09: 0000000000000000 [ 757.525714][T18625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 757.525722][T18625] R13: 00007f5bdbe16128 R14: 00007f5bdbe16090 R15: 00007ffd9d758928 [ 757.525740][T18625] [ 759.332344][T18659] hub 1-0:1.0: USB hub found [ 759.383434][T18659] hub 1-0:1.0: 1 port detected [ 759.501982][T18662] hub 1-0:1.0: USB hub found [ 759.536096][T18662] hub 1-0:1.0: 1 port detected [ 759.804159][T18671] net_ratelimit: 47 callbacks suppressed [ 759.804173][T18671] openvswitch: netlink: Duplicate key (type 15). [ 761.001886][T18689] ERROR: Out of memory at tomoyo_memory_ok. [ 761.146108][T18688] ERROR: Out of memory at tomoyo_memory_ok. [ 761.790618][T18703] FAULT_INJECTION: forcing a failure. [ 761.790618][T18703] name failslab, interval 1, probability 0, space 0, times 0 [ 761.790657][T18703] CPU: 0 UID: 0 PID: 18703 Comm: syz.1.2752 Not tainted syzkaller #0 PREEMPT(full) [ 761.790675][T18703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 761.790683][T18703] Call Trace: [ 761.790688][T18703] [ 761.790694][T18703] dump_stack_lvl+0x100/0x190 [ 761.790715][T18703] should_fail_ex.cold+0x5/0xa [ 761.790735][T18703] should_failslab+0xc2/0x120 [ 761.790752][T18703] __kmalloc_cache_noprof+0x7a/0x6f0 [ 761.790774][T18703] ? ima_calc_file_hash_tfm+0x236/0x350 [ 761.790789][T18703] ? sha256_init+0xd/0xc0 [ 761.790807][T18703] ima_calc_file_hash_tfm+0x236/0x350 [ 761.790822][T18703] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 761.790857][T18703] ? look_up_lock_class+0x55/0x120 [ 761.790881][T18703] ? ima_alloc_tfm+0x21a/0x2e0 [ 761.790898][T18703] ima_calc_file_hash+0x1e3/0x380 [ 761.790914][T18703] ima_collect_measurement+0x94f/0xb30 [ 761.790933][T18703] ? __pfx_ima_collect_measurement+0x10/0x10 [ 761.790959][T18703] ? process_measurement+0x5ab/0x2350 [ 761.790981][T18703] ? is_bad_inode+0xd/0x40 [ 761.790996][T18703] ? xattr_resolve_name+0x27d/0x3f0 [ 761.791025][T18703] ? vfs_getxattr_alloc+0xec/0x350 [ 761.791049][T18703] ? ima_get_hash_algo+0x22d/0x400 [ 761.791070][T18703] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 761.791095][T18703] ? process_measurement+0xdfe/0x2350 [ 761.791117][T18703] process_measurement+0xdfe/0x2350 [ 761.791144][T18703] ? stack_trace_save+0x8e/0xc0 [ 761.791163][T18703] ? __pfx_process_measurement+0x10/0x10 [ 761.791186][T18703] ? __lock_acquire+0x4a5/0x2630 [ 761.791200][T18703] ? __kasan_slab_alloc+0x89/0x90 [ 761.791214][T18703] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 761.791236][T18703] ? init_file+0x95/0x480 [ 761.791253][T18703] ? alloc_empty_file+0x79/0x1c0 [ 761.791272][T18703] ? alloc_file_pseudo+0x13a/0x230 [ 761.791292][T18703] ? ksys_mmap_pgoff+0x242/0x610 [ 761.791308][T18703] ? __x64_sys_mmap+0x125/0x190 [ 761.791323][T18703] ? do_syscall_64+0x10b/0xf80 [ 761.791352][T18703] ? __pfx_aa_file_perm+0x10/0x10 [ 761.791376][T18703] ima_file_mmap+0x1c4/0x1f0 [ 761.791398][T18703] ? __pfx_ima_file_mmap+0x10/0x10 [ 761.791424][T18703] security_mmap_file+0x278/0x9b0 [ 761.791443][T18703] vm_mmap_pgoff+0xec/0x470 [ 761.791463][T18703] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 761.791479][T18703] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 761.791501][T18703] ? hugetlbfs_get_inode+0x3f5/0x700 [ 761.791527][T18703] ksys_mmap_pgoff+0x285/0x610 [ 761.791546][T18703] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 761.791563][T18703] ? xfd_validate_state+0x129/0x190 [ 761.791582][T18703] __x64_sys_mmap+0x125/0x190 [ 761.791599][T18703] do_syscall_64+0x10b/0xf80 [ 761.791612][T18703] ? clear_bhb_loop+0x40/0x90 [ 761.791629][T18703] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 761.791644][T18703] RIP: 0033:0x7fbcfdf9ce59 [ 761.791657][T18703] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 761.791671][T18703] RSP: 002b:00007fbcfef02028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 761.791686][T18703] RAX: ffffffffffffffda RBX: 00007fbcfe216090 RCX: 00007fbcfdf9ce59 [ 761.791696][T18703] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000007000000 [ 761.791705][T18703] RBP: 00007fbcfe032d6f R08: 0000000000000401 R09: 0000300000000000 [ 761.791715][T18703] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 761.791723][T18703] R13: 00007fbcfe216128 R14: 00007fbcfe216090 R15: 00007ffd8a7e7208 [ 761.791743][T18703] [ 761.827666][ T30] audit: type=1800 audit(1843104558.260:17): pid=18703 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2752" name="anon_hugepage" dev="hugetlbfs" ino=75990 res=0 errno=0 [ 761.950887][T18705] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2753'. [ 762.540071][T18705] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2753'. [ 763.365412][T18720] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2756'. [ 763.365549][T18720] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2756'. [ 763.503232][T18727] random: crng reseeded on system resumption [ 763.553324][T18728] futex_wake_op: syz.3.2758 tries to shift op by -2048; fix this program [ 763.553458][T18728] futex_wake_op: syz.3.2758 tries to shift op by -2048; fix this program [ 763.555564][T18727] futex_wake_op: syz.3.2758 tries to shift op by -2048; fix this program [ 763.556010][T18727] 0x000000000001-0x000000020000 : "" [ 763.570661][T18727] ftl_cs: FTL header corrupt! [ 763.736022][T18731] ERROR: Out of memory at tomoyo_memory_ok. [ 764.639096][T18741] hub 1-0:1.0: USB hub found [ 764.641100][T18741] hub 1-0:1.0: 1 port detected [ 764.662123][ T5641] Bluetooth: hci1: command 0x0406 tx timeout [ 764.703853][T18741] random: crng reseeded on system resumption [ 764.880459][T18741] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 764.880521][T18741] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 764.880544][T18741] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 764.880561][T18741] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 764.880573][T18741] page dumped because: unmovable page [ 764.880584][T18741] page_owner info is not present (never set?) [ 765.270204][T18700] Process accounting paused [ 765.558106][T18759] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2763'. [ 765.599572][T18759] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2763'. [ 766.706379][T18794] FAULT_INJECTION: forcing a failure. [ 766.706379][T18794] name failslab, interval 1, probability 0, space 0, times 0 [ 766.772266][T18794] CPU: 0 UID: 0 PID: 18794 Comm: syz.3.2770 Not tainted syzkaller #0 PREEMPT(full) [ 766.772290][T18794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 766.772299][T18794] Call Trace: [ 766.772305][T18794] [ 766.772312][T18794] dump_stack_lvl+0x100/0x190 [ 766.772333][T18794] should_fail_ex.cold+0x5/0xa [ 766.772353][T18794] should_failslab+0xc2/0x120 [ 766.772371][T18794] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 766.772393][T18794] ? vm_area_alloc+0x1f/0x160 [ 766.772413][T18794] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 766.772437][T18794] vm_area_alloc+0x1f/0x160 [ 766.772456][T18794] __mmap_region+0x104d/0x2da0 [ 766.772481][T18794] ? __pfx___mmap_region+0x10/0x10 [ 766.772507][T18794] ? trace_pelt_se_tp+0x13b/0x190 [ 766.772529][T18794] ? do_raw_spin_lock+0x128/0x260 [ 766.772546][T18794] ? find_held_lock+0x2b/0x80 [ 766.772564][T18794] ? debug_object_activate+0x331/0x490 [ 766.772586][T18794] ? debug_object_activate+0x331/0x490 [ 766.772610][T18794] ? do_raw_spin_unlock+0x145/0x1e0 [ 766.772647][T18794] ? mark_held_locks+0x40/0x70 [ 766.772660][T18794] ? finish_task_switch.isra.0+0x2cb/0x1010 [ 766.772715][T18794] mmap_region+0x527/0x620 [ 766.772732][T18794] ? __pfx_mmap_region+0x10/0x10 [ 766.772748][T18794] ? cap_mmap_addr+0x4b/0x120 [ 766.772770][T18794] ? bpf_lsm_mmap_addr+0x9/0x30 [ 766.772784][T18794] ? security_mmap_addr+0x71/0x1e0 [ 766.772802][T18794] ? __get_unmapped_area+0x255/0x3e0 [ 766.772821][T18794] do_mmap+0xc63/0x12f0 [ 766.772842][T18794] ? __pfx_do_mmap+0x10/0x10 [ 766.772860][T18794] ? __pfx_down_write_killable+0x10/0x10 [ 766.772880][T18794] vm_mmap_pgoff+0x29e/0x470 [ 766.772902][T18794] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 766.772919][T18794] ? __fget_files+0x215/0x3d0 [ 766.772938][T18794] ? __fget_files+0x21f/0x3d0 [ 766.772958][T18794] ksys_mmap_pgoff+0x3cb/0x610 [ 766.772976][T18794] ? __x64_sys_futex+0x358/0x4d0 [ 766.772992][T18794] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 766.773009][T18794] ? xfd_validate_state+0x129/0x190 [ 766.773023][T18794] ? ksys_write+0x1ac/0x250 [ 766.773044][T18794] __x64_sys_mmap+0x125/0x190 [ 766.773061][T18794] do_syscall_64+0x10b/0xf80 [ 766.773074][T18794] ? clear_bhb_loop+0x40/0x90 [ 766.773092][T18794] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 766.773106][T18794] RIP: 0033:0x7efe6199ce59 [ 766.773120][T18794] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 766.773134][T18794] RSP: 002b:00007efe6289e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 766.773148][T18794] RAX: ffffffffffffffda RBX: 00007efe61c16090 RCX: 00007efe6199ce59 [ 766.773158][T18794] RDX: 0000000000000007 RSI: 00000000003fffff RDI: 0000000000000000 [ 766.773167][T18794] RBP: 00007efe61a32d6f R08: 00000000000000dd R09: 0000000000000000 [ 766.773176][T18794] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000 [ 766.773184][T18794] R13: 00007efe61c16128 R14: 00007efe61c16090 R15: 00007ffeb2fcc338 [ 766.773203][T18794] [ 767.087196][T18795] ubi0: attaching mtd0 [ 767.092420][T18795] ubi0: scanning is finished [ 767.459165][T18787] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2769'. [ 767.500709][T18787] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2769'. [ 767.964726][T18795] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4 [ 770.270196][T18372] syz.2.2689 (18372) used greatest stack depth: 17792 bytes left [ 770.281984][T18834] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2775'. [ 771.796206][T18864] ERROR: Out of memory at tomoyo_memory_ok. [ 774.440350][T18899] sctp: [Deprecated]: syz.1.2789 (pid 18899) Use of int in max_burst socket option deprecated. [ 774.440350][T18899] Use struct sctp_assoc_value instead [ 774.512774][T18893] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2786'. [ 774.683439][T18893] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2786'. [ 774.724995][T18861] ERROR: Out of memory at tomoyo_memory_ok. [ 775.072477][T18917] netlink: 504 bytes leftover after parsing attributes in process `syz.2.2790'. [ 775.621170][T18924] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2792'. [ 777.568635][T18954] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2799'. [ 777.648509][T18954] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2799'. [ 779.183226][T18982] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2802'. [ 779.518722][T18997] binder: 18996:18997 ioctl 40046210 0 returned -14 [ 779.712228][ T5641] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 779.760728][T18958] vivid-008: ================= START STATUS ================= [ 779.903008][T18958] vivid-008: ================== END STATUS ================== [ 780.019991][T19000] Bluetooth: hci2: command 0x2016 tx timeout [ 780.813327][T19009] ecryptfs_miscdev_write: Invalid packet size [0] [ 781.650428][T19029] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2812'. [ 781.780094][ T5641] Bluetooth: hci3: command 0x2016 tx timeout [ 783.458943][ T5636] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 783.860073][ T5636] Bluetooth: hci3: command 0x2016 tx timeout [ 786.851812][T19092] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 786.876915][T19092] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 786.906169][T19092] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 786.930296][T19092] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 786.950033][T19110] netlink: 504 bytes leftover after parsing attributes in process `syz.1.2828'. [ 786.968367][T19106] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2826'. [ 786.982462][T19092] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 786.993216][T19092] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 787.019859][T19092] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 787.040845][T19092] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 787.069211][T19092] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 787.445262][T19118] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2830'. [ 788.336931][T19000] Bluetooth: hci4: command 0x0406 tx timeout [ 788.895609][T19141] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2834'. [ 788.978185][T19000] Bluetooth: hci1: command 0x0406 tx timeout [ 789.056787][T19000] Bluetooth: hci3: command 0x2016 tx timeout [ 789.062820][ T5636] Bluetooth: hci2: command 0x2016 tx timeout [ 789.854505][T19158] usb usb21: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 790.295855][T19162] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2838'. [ 790.417547][ T5636] Bluetooth: hci4: command 0x0406 tx timeout [ 790.821754][T19170] ERROR: Out of memory at tomoyo_memory_ok. [ 791.057323][ T5636] Bluetooth: hci1: command 0x0406 tx timeout [ 791.136851][T19000] Bluetooth: hci3: command 0x2016 tx timeout [ 791.142924][ T5636] Bluetooth: hci2: command 0x2016 tx timeout [ 792.510542][T19210] FAULT_INJECTION: forcing a failure. [ 792.510542][T19210] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 792.609784][T19210] CPU: 0 UID: 0 PID: 19210 Comm: syz.2.2851 Not tainted syzkaller #0 PREEMPT(full) [ 792.609805][T19210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 792.609814][T19210] Call Trace: [ 792.609819][T19210] [ 792.609825][T19210] dump_stack_lvl+0x100/0x190 [ 792.609845][T19210] should_fail_ex.cold+0x5/0xa [ 792.609864][T19210] _copy_from_user+0x2e/0xd0 [ 792.609880][T19210] load_msg+0x19e/0x4a0 [ 792.609902][T19210] do_msgsnd+0x1ad/0x1790 [ 792.609928][T19210] ? __fget_files+0x215/0x3d0 [ 792.609945][T19210] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 792.609963][T19210] ? __pfx_do_msgsnd+0x10/0x10 [ 792.609984][T19210] ? find_held_lock+0x2b/0x80 [ 792.610002][T19210] ? __might_fault+0xc5/0x140 [ 792.610023][T19210] ? __might_fault+0xc5/0x140 [ 792.610048][T19210] ? __x64_sys_msgsnd+0xe5/0x130 [ 792.610068][T19210] __x64_sys_msgsnd+0xe5/0x130 [ 792.610091][T19210] do_syscall_64+0x10b/0xf80 [ 792.610103][T19210] ? clear_bhb_loop+0x40/0x90 [ 792.610121][T19210] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 792.610135][T19210] RIP: 0033:0x7fc1ed19ce59 [ 792.610148][T19210] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 792.610161][T19210] RSP: 002b:00007fc1ee0d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000045 [ 792.610175][T19210] RAX: ffffffffffffffda RBX: 00007fc1ed415fa0 RCX: 00007fc1ed19ce59 [ 792.610185][T19210] RDX: 0000000000000008 RSI: 0000200000000000 RDI: 0000000000000000 [ 792.610193][T19210] RBP: 00007fc1ee0d8090 R08: 0000000000000000 R09: 0000000000000000 [ 792.610201][T19210] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000001 [ 792.610210][T19210] R13: 00007fc1ed416038 R14: 00007fc1ed415fa0 R15: 00007fff8cd8b068 [ 792.610228][T19210] [ 793.259197][ T5636] Bluetooth: hci3: command 0x2016 tx timeout [ 793.601099][T19227] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2855'. [ 793.629921][T19227] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2855'. [ 794.952434][T19273] ubi0: attaching mtd0 [ 794.971486][T19262] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2858'. [ 794.982647][T19273] ubi0: scanning is finished [ 795.318740][T19273] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 795.403657][T19273] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 795.478489][T19273] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 795.583808][T19273] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 795.790662][T19273] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 795.790680][T19273] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 795.790702][T19273] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 4272093277 [ 795.790717][T19273] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 795.792263][T19288] ubi0: background thread "ubi_bgt0d" started, PID 19288 [ 795.796650][T19281] ubi0: detaching mtd0 [ 795.850096][T19281] ubi0: mtd0 is detached [ 797.050876][T19276] Process accounting resumed [ 797.174442][T19325] FAULT_INJECTION: forcing a failure. [ 797.174442][T19325] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 797.242994][T19325] CPU: 0 UID: 0 PID: 19325 Comm: syz.0.2871 Not tainted syzkaller #0 PREEMPT(full) [ 797.243016][T19325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 797.243025][T19325] Call Trace: [ 797.243030][T19325] [ 797.243036][T19325] dump_stack_lvl+0x100/0x190 [ 797.243057][T19325] should_fail_ex.cold+0x5/0xa [ 797.243076][T19325] _copy_from_iter+0x1f4/0x1690 [ 797.243097][T19325] ? __pfx__copy_from_iter+0x10/0x10 [ 797.243112][T19325] ? rcu_is_watching+0x12/0xc0 [ 797.243129][T19325] ? trace_kmalloc+0xe3/0x110 [ 797.243146][T19325] ? __kasan_kmalloc+0xaa/0xb0 [ 797.243161][T19325] ? __kmalloc_noprof+0x320/0x850 [ 797.243178][T19325] kernfs_fop_write_iter+0x186/0x5f0 [ 797.243207][T19325] vfs_write+0x6ac/0x1070 [ 797.243224][T19325] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 797.243246][T19325] ? __pfx_vfs_write+0x10/0x10 [ 797.243273][T19325] ksys_write+0x12a/0x250 [ 797.243289][T19325] ? __pfx_ksys_write+0x10/0x10 [ 797.243307][T19325] ? rcu_is_watching+0x12/0xc0 [ 797.243326][T19325] do_syscall_64+0x10b/0xf80 [ 797.243339][T19325] ? clear_bhb_loop+0x40/0x90 [ 797.243357][T19325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 797.243372][T19325] RIP: 0033:0x7f5bdbb9ce59 [ 797.243384][T19325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 797.243397][T19325] RSP: 002b:00007f5bd9df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 797.243411][T19325] RAX: ffffffffffffffda RBX: 00007f5bdbe15fa0 RCX: 00007f5bdbb9ce59 [ 797.243421][T19325] RDX: 0000000000000001 RSI: 0000200000000200 RDI: 0000000000000003 [ 797.243429][T19325] RBP: 00007f5bd9df6090 R08: 0000000000000000 R09: 0000000000000000 [ 797.243437][T19325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 797.243445][T19325] R13: 00007f5bdbe16038 R14: 00007f5bdbe15fa0 R15: 00007ffd9d758928 [ 797.243464][T19325] [ 797.715117][T19336] Format for adding new device is "id port_count num_queues" (uint uint uint). [ 798.161852][T19349] ERROR: Out of memory at tomoyo_memory_ok. [ 798.481557][T19347] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2876'. [ 798.508591][T19354] netlink: 504 bytes leftover after parsing attributes in process `syz.2.2878'. [ 798.543702][T19354] netlink: 350 bytes leftover after parsing attributes in process `syz.2.2878'. [ 798.906312][T19367] ubi0: attaching mtd0 [ 799.095380][T19367] ubi0: scanning is finished [ 799.490709][T19367] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 799.565870][T19367] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 799.706177][T19367] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 799.733075][T19384] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2882'. [ 799.798935][T19367] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 799.898288][T19367] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 799.898308][T19367] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 799.898321][T19367] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 4272093277 [ 799.898336][T19367] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 799.898377][T19374] ubi0: detaching mtd0 [ 799.940759][T19374] ubi0: mtd0 is detached [ 801.027482][T19409] ERROR: Out of memory at tomoyo_memory_ok. [ 802.404778][T19421] ubi0: attaching mtd0 [ 802.477371][T19421] ubi0: scanning is finished [ 802.836491][T19421] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 802.985108][T19421] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 803.148599][T19421] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 803.288835][T19421] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 803.367136][T19440] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2893'. [ 803.453259][T19440] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2893'. [ 803.487881][T19421] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 803.623071][T19421] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 803.778676][T19421] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 4272093277 [ 803.932911][T19421] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 804.071862][T19431] ubi0: detaching mtd0 [ 804.076001][T19433] ubi0: background thread "ubi_bgt0d" started, PID 19433 [ 804.155041][T19431] ubi0: mtd0 is detached [ 806.404780][T19495] FAULT_INJECTION: forcing a failure. [ 806.404780][T19495] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 806.463835][T19495] CPU: 0 UID: 0 PID: 19495 Comm: syz.0.2904 Not tainted syzkaller #0 PREEMPT(full) [ 806.463858][T19495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 806.463867][T19495] Call Trace: [ 806.463872][T19495] [ 806.463878][T19495] dump_stack_lvl+0x100/0x190 [ 806.463898][T19495] should_fail_ex.cold+0x5/0xa [ 806.463917][T19495] strncpy_from_user+0x3b/0x2d0 [ 806.463937][T19495] do_getname+0x78/0x390 [ 806.463961][T19495] do_sys_openat2+0xc5/0x1e0 [ 806.463990][T19495] ? __pfx_do_sys_openat2+0x10/0x10 [ 806.464016][T19495] ? __pfx_get_nodes+0x10/0x10 [ 806.464035][T19495] __x64_sys_openat+0x12d/0x210 [ 806.464060][T19495] ? __pfx___x64_sys_openat+0x10/0x10 [ 806.464086][T19495] ? rcu_is_watching+0x12/0xc0 [ 806.464105][T19495] do_syscall_64+0x10b/0xf80 [ 806.464118][T19495] ? clear_bhb_loop+0x40/0x90 [ 806.464135][T19495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 806.464150][T19495] RIP: 0033:0x7f5bdbb9ce59 [ 806.464163][T19495] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 806.464177][T19495] RSP: 002b:00007f5bd9df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 806.464191][T19495] RAX: ffffffffffffffda RBX: 00007f5bdbe15fa0 RCX: 00007f5bdbb9ce59 [ 806.464201][T19495] RDX: 0000000000000102 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 806.464210][T19495] RBP: 00007f5bdbc32d6f R08: 0000000000000000 R09: 0000000000000000 [ 806.464218][T19495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 806.464227][T19495] R13: 00007f5bdbe16038 R14: 00007f5bdbe15fa0 R15: 00007ffd9d758928 [ 806.464246][T19495] [ 807.033622][T19502] ERROR: Out of memory at tomoyo_memory_ok. [ 807.128008][T19500] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2905'. [ 807.344007][T19495] ERROR: Out of memory at tomoyo_memory_ok. [ 807.745158][T19523] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2912'. [ 808.661743][ T1313] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.668147][ T1313] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.171938][T19575] FAULT_INJECTION: forcing a failure. [ 809.171938][T19575] name failslab, interval 1, probability 0, space 0, times 0 [ 809.233131][T19575] CPU: 0 UID: 0 PID: 19575 Comm: syz.3.2922 Not tainted syzkaller #0 PREEMPT(full) [ 809.233152][T19575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 809.233161][T19575] Call Trace: [ 809.233166][T19575] [ 809.233171][T19575] dump_stack_lvl+0x100/0x190 [ 809.233192][T19575] should_fail_ex.cold+0x5/0xa [ 809.233211][T19575] ? tracepoint_add_func+0x3a8/0x1150 [ 809.233231][T19575] should_failslab+0xc2/0x120 [ 809.233248][T19575] __kmalloc_noprof+0xe0/0x850 [ 809.233265][T19575] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 809.233287][T19575] tracepoint_add_func+0x3a8/0x1150 [ 809.233307][T19575] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 809.233333][T19575] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 809.233353][T19575] tracepoint_probe_register+0xc4/0x110 [ 809.233376][T19575] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 809.233397][T19575] ? irqentry_exit+0x24d/0x7e0 [ 809.233409][T19575] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 809.233437][T19575] tracing_start_sched_switch+0xaf/0x170 [ 809.233458][T19575] __ftrace_event_enable_disable+0x557/0x6f0 [ 809.233483][T19575] __ftrace_set_clr_event_nolock+0x390/0xc30 [ 809.233507][T19575] ftrace_set_clr_event+0x1b7/0x3f0 [ 809.233525][T19575] ? __pfx_ftrace_set_clr_event+0x10/0x10 [ 809.233541][T19575] ? trace_get_user+0x3ae/0xa70 [ 809.233568][T19575] ftrace_event_write+0x259/0x2c0 [ 809.233585][T19575] ? __pfx_ftrace_event_write+0x10/0x10 [ 809.233609][T19575] vfs_write+0x2aa/0x1070 [ 809.233626][T19575] ? __pfx_ftrace_event_write+0x10/0x10 [ 809.233645][T19575] ? __pfx_vfs_write+0x10/0x10 [ 809.233660][T19575] ? __fget_files+0x215/0x3d0 [ 809.233682][T19575] ? __fget_files+0x21f/0x3d0 [ 809.233704][T19575] ksys_write+0x12a/0x250 [ 809.233720][T19575] ? __pfx_ksys_write+0x10/0x10 [ 809.233738][T19575] ? rcu_is_watching+0x12/0xc0 [ 809.233759][T19575] do_syscall_64+0x10b/0xf80 [ 809.233776][T19575] ? clear_bhb_loop+0x40/0x90 [ 809.233794][T19575] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 809.233809][T19575] RIP: 0033:0x7efe6199ce59 [ 809.233820][T19575] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 809.233834][T19575] RSP: 002b:00007efe6289e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 809.233848][T19575] RAX: ffffffffffffffda RBX: 00007efe61c16090 RCX: 00007efe6199ce59 [ 809.233857][T19575] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 809.233865][T19575] RBP: 00007efe6289e090 R08: 0000000000000000 R09: 0000000000000000 [ 809.233873][T19575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 809.233882][T19575] R13: 00007efe61c16128 R14: 00007efe61c16090 R15: 00007ffeb2fcc338 [ 809.233901][T19575] [ 809.523036][T19575] wakeup trace: Couldn't activate tracepoint probe to kernel_sched_wakeup [ 809.834443][T19588] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2924'. [ 810.682452][T19579] Process accounting resumed [ 811.227755][T19617] FAULT_INJECTION: forcing a failure. [ 811.227755][T19617] name failslab, interval 1, probability 0, space 0, times 0 [ 811.392302][T19617] CPU: 0 UID: 0 PID: 19617 Comm: syz.3.2927 Not tainted syzkaller #0 PREEMPT(full) [ 811.392322][T19617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 811.392331][T19617] Call Trace: [ 811.392336][T19617] [ 811.392341][T19617] dump_stack_lvl+0x100/0x190 [ 811.392362][T19617] should_fail_ex.cold+0x5/0xa [ 811.392381][T19617] should_failslab+0xc2/0x120 [ 811.392398][T19617] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 811.392420][T19617] ? mpol_new+0x11b/0x2d0 [ 811.392433][T19617] ? find_held_lock+0x2b/0x80 [ 811.392452][T19617] ? get_pid_task+0xfc/0x250 [ 811.392476][T19617] mpol_new+0x11b/0x2d0 [ 811.392491][T19617] do_mbind+0x210/0xfd0 [ 811.392514][T19617] ? __pfx_do_mbind+0x10/0x10 [ 811.392534][T19617] ? ksys_write+0x190/0x250 [ 811.392558][T19617] ? __pfx_get_nodes+0x10/0x10 [ 811.392573][T19617] ? __fget_files+0x21f/0x3d0 [ 811.392593][T19617] kernel_mbind+0x1b7/0x200 [ 811.392614][T19617] ? __pfx_kernel_mbind+0x10/0x10 [ 811.392634][T19617] ? rcu_is_watching+0x12/0xc0 [ 811.392654][T19617] do_syscall_64+0x10b/0xf80 [ 811.392667][T19617] ? clear_bhb_loop+0x40/0x90 [ 811.392684][T19617] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 811.392698][T19617] RIP: 0033:0x7efe6199ce59 [ 811.392711][T19617] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 811.392727][T19617] RSP: 002b:00007efe6285c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 811.392741][T19617] RAX: ffffffffffffffda RBX: 00007efe61c16270 RCX: 00007efe6199ce59 [ 811.392751][T19617] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 811.392759][T19617] RBP: 00007efe6285c090 R08: 0000000000000006 R09: 0000000000000002 [ 811.392768][T19617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 811.392776][T19617] R13: 00007efe61c16308 R14: 00007efe61c16270 R15: 00007ffeb2fcc338 [ 811.392794][T19617] [ 811.950023][T19632] ERROR: Out of memory at tomoyo_memory_ok. [ 812.861663][T19654] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2934'. [ 813.012464][T19667] ------------[ cut here ]------------ [ 813.018322][T19667] IS_ERR(old) [ 813.018330][T19667] WARNING: kernel/tracepoint.c:369 at tracepoint_probe_unregister+0x837/0xd10, CPU#0: syz.2.2936/19667 [ 813.034646][T19667] Modules linked in: [ 813.039372][T19667] CPU: 0 UID: 0 PID: 19667 Comm: syz.2.2936 Not tainted syzkaller #0 PREEMPT(full) [ 813.048784][T19667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 813.059014][T19667] RIP: 0010:tracepoint_probe_unregister+0x837/0xd10 [ 813.066161][T19667] Code: cc e8 4d 23 fe ff 48 8d 73 f0 48 c7 c2 60 d8 09 82 48 c7 c7 40 31 87 8e e8 36 27 e2 ff eb ba bb fe ff ff ff e8 2a 23 fe ff 90 <0f> 0b 90 eb ac e8 1f 23 fe ff 49 89 dd 45 31 ff 49 be 00 00 00 00 [ 813.085824][T19667] RSP: 0018:ffffc9000501f8a8 EFLAGS: 00010202 [ 813.091906][T19667] RAX: 0000000000000003 RBX: 00000000fffffffe RCX: ffffffff8209e6ca [ 813.099876][T19667] RDX: ffff888029869ec0 RSI: ffffffff8209e956 RDI: 0000000000400000 [ 813.108047][T19667] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 813.116056][T19667] R10: 0000000000000001 R11: 000000000007fffc R12: ffffffff82103f50 [ 813.124063][T19667] R13: 0000000000000202 R14: 0000000000000002 R15: ffffffff8ec14280 [ 813.132050][T19667] FS: 00007fc1ee0b76c0(0000) GS:ffff888124371000(0000) knlGS:0000000000000000 [ 813.141920][T19667] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 813.149049][T19667] CR2: 00007f1ca6ad72d0 CR3: 0000000067d16000 CR4: 00000000003526f0 [ 813.157050][T19667] Call Trace: [ 813.160309][T19667] [ 813.163226][T19667] tracing_stop_cmdline_record+0x66/0xa0 [ 813.168872][T19667] __ftrace_event_enable_disable+0x5c4/0x6f0 [ 813.174844][T19667] ftrace_event_set_open+0x224/0x380 [ 813.180138][T19667] do_dentry_open+0x6d8/0x1660 [ 813.184887][T19667] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 813.190716][T19667] vfs_open+0x82/0x3f0 [ 813.194793][T19667] path_openat+0x208c/0x31a0 [ 813.199398][T19667] ? __pfx_path_openat+0x10/0x10 [ 813.204342][T19667] do_file_open+0x20e/0x430 [ 813.208851][T19667] ? __pfx_do_file_open+0x10/0x10 [ 813.213872][T19667] ? alloc_fd+0x476/0x790 [ 813.218414][T19667] ? do_getname+0x191/0x390 [ 813.222924][T19667] do_sys_openat2+0x10d/0x1e0 [ 813.227626][T19667] ? __pfx_do_sys_openat2+0x10/0x10 [ 813.232813][T19667] ? do_raw_spin_lock+0x128/0x260 [ 813.238600][T19667] ? find_held_lock+0x2b/0x80 [ 813.243274][T19667] __x64_sys_openat+0x12d/0x210 [ 813.248712][T19667] ? __pfx___x64_sys_openat+0x10/0x10 [ 813.254160][T19667] ? kcov_ioctl+0x16a/0x720 [ 813.258684][T19667] ? rcu_is_watching+0x12/0xc0 [ 813.263437][T19667] do_syscall_64+0x10b/0xf80 [ 813.268036][T19667] ? clear_bhb_loop+0x40/0x90 [ 813.272709][T19667] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 813.278607][T19667] RIP: 0033:0x7fc1ed19ce59 [ 813.283002][T19667] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 813.302811][T19667] RSP: 002b:00007fc1ee0b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 813.311246][T19667] RAX: ffffffffffffffda RBX: 00007fc1ed416090 RCX: 00007fc1ed19ce59 [ 813.319230][T19667] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 813.327201][T19667] RBP: 00007fc1ed232d6f R08: 0000000000000000 R09: 0000000000000000 [ 813.335158][T19667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 813.343958][T19667] R13: 00007fc1ed416128 R14: 00007fc1ed416090 R15: 00007fff8cd8b068 [ 813.352550][T19667] [ 813.355577][T19667] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 813.362835][T19667] CPU: 0 UID: 0 PID: 19667 Comm: syz.2.2936 Not tainted syzkaller #0 PREEMPT(full) [ 813.372183][T19667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 813.382215][T19667] Call Trace: [ 813.385474][T19667] [ 813.388395][T19667] dump_stack_lvl+0x100/0x190 [ 813.393057][T19667] vpanic+0x552/0x970 [ 813.397020][T19667] ? __pfx_vpanic+0x10/0x10 [ 813.401512][T19667] panic+0xd1/0xe0 [ 813.405210][T19667] ? __pfx_panic+0x10/0x10 [ 813.409611][T19667] ? check_panic_on_warn+0x1f/0x90 [ 813.414700][T19667] check_panic_on_warn.cold+0x19/0x34 [ 813.420052][T19667] ? tracepoint_probe_unregister+0x837/0xd10 [ 813.426018][T19667] __warn.cold+0x191/0x328 [ 813.430413][T19667] __report_bug+0x296/0x3d0 [ 813.434901][T19667] ? tracepoint_probe_unregister+0x837/0xd10 [ 813.440867][T19667] ? __pfx___report_bug+0x10/0x10 [ 813.445880][T19667] ? rcu_is_watching+0x12/0xc0 [ 813.450625][T19667] ? trace_contention_end+0x122/0x170 [ 813.455976][T19667] ? __mutex_lock+0x26d/0x1b10 [ 813.460719][T19667] ? tracepoint_probe_unregister+0x31/0xd10 [ 813.466594][T19667] ? rcu_is_watching+0x12/0xc0 [ 813.471339][T19667] ? tracepoint_probe_unregister+0x837/0xd10 [ 813.477303][T19667] report_bug+0xb2/0x220 [ 813.481531][T19667] ? tracepoint_probe_unregister+0x837/0xd10 [ 813.487494][T19667] handle_bug+0x16a/0x2a0 [ 813.491808][T19667] exc_invalid_op+0x17/0x50 [ 813.496292][T19667] asm_exc_invalid_op+0x1a/0x20 [ 813.501122][T19667] RIP: 0010:tracepoint_probe_unregister+0x837/0xd10 [ 813.507694][T19667] Code: cc e8 4d 23 fe ff 48 8d 73 f0 48 c7 c2 60 d8 09 82 48 c7 c7 40 31 87 8e e8 36 27 e2 ff eb ba bb fe ff ff ff e8 2a 23 fe ff 90 <0f> 0b 90 eb ac e8 1f 23 fe ff 49 89 dd 45 31 ff 49 be 00 00 00 00 [ 813.527281][T19667] RSP: 0018:ffffc9000501f8a8 EFLAGS: 00010202 [ 813.533324][T19667] RAX: 0000000000000003 RBX: 00000000fffffffe RCX: ffffffff8209e6ca [ 813.541271][T19667] RDX: ffff888029869ec0 RSI: ffffffff8209e956 RDI: 0000000000400000 [ 813.549220][T19667] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 813.557166][T19667] R10: 0000000000000001 R11: 000000000007fffc R12: ffffffff82103f50 [ 813.565112][T19667] R13: 0000000000000202 R14: 0000000000000002 R15: ffffffff8ec14280 [ 813.573063][T19667] ? __pfx_probe_sched_switch+0x10/0x10 [ 813.578598][T19667] ? tracepoint_probe_unregister+0x5aa/0xd10 [ 813.584569][T19667] ? tracepoint_probe_unregister+0x836/0xd10 [ 813.590537][T19667] ? tracepoint_probe_unregister+0x836/0xd10 [ 813.596512][T19667] tracing_stop_cmdline_record+0x66/0xa0 [ 813.602129][T19667] __ftrace_event_enable_disable+0x5c4/0x6f0 [ 813.608097][T19667] ftrace_event_set_open+0x224/0x380 [ 813.613370][T19667] do_dentry_open+0x6d8/0x1660 [ 813.618116][T19667] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 813.623912][T19667] vfs_open+0x82/0x3f0 [ 813.627970][T19667] path_openat+0x208c/0x31a0 [ 813.632548][T19667] ? __pfx_path_openat+0x10/0x10 [ 813.637472][T19667] do_file_open+0x20e/0x430 [ 813.641966][T19667] ? __pfx_do_file_open+0x10/0x10 [ 813.646989][T19667] ? alloc_fd+0x476/0x790 [ 813.651301][T19667] ? do_getname+0x191/0x390 [ 813.655797][T19667] do_sys_openat2+0x10d/0x1e0 [ 813.660463][T19667] ? __pfx_do_sys_openat2+0x10/0x10 [ 813.665654][T19667] ? do_raw_spin_lock+0x128/0x260 [ 813.670659][T19667] ? find_held_lock+0x2b/0x80 [ 813.675320][T19667] __x64_sys_openat+0x12d/0x210 [ 813.680154][T19667] ? __pfx___x64_sys_openat+0x10/0x10 [ 813.685511][T19667] ? kcov_ioctl+0x16a/0x720 [ 813.689999][T19667] ? rcu_is_watching+0x12/0xc0 [ 813.694747][T19667] do_syscall_64+0x10b/0xf80 [ 813.699315][T19667] ? clear_bhb_loop+0x40/0x90 [ 813.703978][T19667] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 813.709848][T19667] RIP: 0033:0x7fc1ed19ce59 [ 813.714242][T19667] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 813.733830][T19667] RSP: 002b:00007fc1ee0b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 813.742221][T19667] RAX: ffffffffffffffda RBX: 00007fc1ed416090 RCX: 00007fc1ed19ce59 [ 813.750168][T19667] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 813.758119][T19667] RBP: 00007fc1ed232d6f R08: 0000000000000000 R09: 0000000000000000 [ 813.766065][T19667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 813.774012][T19667] R13: 00007fc1ed416128 R14: 00007fc1ed416090 R15: 00007fff8cd8b068 [ 813.781973][T19667] [ 813.785022][T19667] Kernel Offset: disabled [ 813.789329][T19667] Rebooting in 86400 seconds..