last executing test programs: 5m25.795893721s ago: executing program 1 (id=1115): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) mseal$auto(0x0, 0x7dda, 0x0) r0 = socketpair$auto(0x2, 0x4, 0xf7c0, &(0x7f0000000000)) ioctl$auto(0xffffffffffffffff, 0x9210642d, 0xc5) r1 = dup$auto(0xffffffffffffffff) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000300), 0x50b480, 0x0) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) write$auto(r4, 0x0, 0x80000000) mmap$auto(0x4000, 0x810004, 0xff9, 0x8000000008011, r2, 0x8000) timer_create$auto(0x0, 0x0, 0x0) r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, 0x0, 0x0) mmap$auto(0x6, 0x3, 0x20004000000000dd, 0x19, r5, 0x2ffffffffffd) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x200000008000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0xfff) mmap$auto(0x0, 0x80000000, 0x2, 0xfc, r2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x1d, 0x6, 0x5, 0x8, 0xffffffffffffffff, [0x0, 0x0, 0x2], {0x6, 0x34b8, 0xf, 0x29f, 0x100, 0x946, 0xfe, 0x6, 0x2}, {0x100, 0xfb45, 0x5, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x8}}) io_uring_register$auto(0x2, 0x11, 0x0, 0x83) sendmsg$auto_NL80211_CMD_LEAVE_OCB(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="30000100a60b", @ANYRES16=0x0, @ANYBLOB="000028bd7000fcdbdf256d00000007000a00107c4c000400d1000600b400030000000500020000000000"], 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x40000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0) mbind$auto(0x8000, 0xfa9d, 0x2, &(0x7f0000000280)=0x20000000000000fb, 0x3, 0x1) set_mempolicy_home_node$auto(0x0, 0x2010001, 0x0, 0x0) ioctl$auto_PPPIOCATTACH(r3, 0x4004743d, 0x0) move_mount$auto(r0, &(0x7f0000000040)='./file0\x00', r1, &(0x7f00000000c0)='./file0\x00', 0x6) close_range$auto(0x2, 0x8, 0x0) 5m25.578677498s ago: executing program 1 (id=1117): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/mice\x00', 0x38d400, 0x0) r0 = semctl$auto_GETPID(0xe, 0x2, 0xb, 0x1) prctl$auto(0x3e, 0x1, r0, 0x1, 0x0) msync$auto(0x0, 0x2000000005, 0x6) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/i8042/serio0/description\x00', 0x20000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000001c00)=""/4111, 0x100f) socket(0xa, 0x3, 0x3b) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x8a240, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x44, r3, 0x1, 0x70bd2d, 0x25dfdbf9, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x58}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x11e789c}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, 0x3}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, 0x6}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x48080) r4 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0xc8201, 0x0) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x110}, 0x1, 0x0, 0x0, 0x4}, 0x40000) select$auto(0x11, 0x0, 0x0, 0x0, 0x0) r5 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_IEEE802154_ASSOCIATE_RESP(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='D\x00', @ANYRES16=r5, @ANYBLOB="000229bd7000ffffdf251300000002000000060000000500050008ec000005001d0004000000050017000d000000050828001200000005002100020000"], 0x44}}, 0xc80) sendmsg$auto_IEEE802154_LLSEC_ADD_DEVKEY(r4, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40420}, 0xc, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB='8\x00j\x00', @ANYRES16=r5, @ANYBLOB="100029bd7000fbdbdf252d00000014003000df9719fc3aff9cf2547c8af76715d1ac050022000000000005"], 0x38}, 0x1, 0x0, 0x0, 0x4084}, 0x4805) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r6, 0x5453, 0x0) 5m24.602393387s ago: executing program 1 (id=1124): r0 = fanotify_init$auto(0x200, 0x1) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) ioctl$auto_FBIO_CURSOR(r0, 0xc0684608, 0x0) (async) ioctl$auto_FBIO_CURSOR(r0, 0xc0684608, 0x0) ioperm$auto(0x7, 0x5ad2, 0x8) (async) ioperm$auto(0x7, 0x5ad2, 0x8) ioctl$auto_XFS_IOC_ERROR_INJECTION(r0, 0x40085874, &(0x7f0000000080)={r1}) ioctl$auto_KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)={0x9, 0x0, [{0xfffffffa, 0x7, 0xfff, 0x1, 0x3, 0x3, 0x7}, {0x2, 0xffffffff, 0x3, 0x10, 0x6, 0x7, 0x80}]}) 5m24.460514827s ago: executing program 1 (id=1125): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20b42, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r0, 0x5001, 0xfffffffffffffffc) (async) r1 = fanotify_init$auto(0x5, 0x2000000000002) r2 = open(&(0x7f0000000000)='.\x00', 0xc00, 0x409) fanotify_mark$auto(r1, 0x9, 0x9, r2, 0x0) (async) r3 = socket(0x10, 0x80802, 0x0) getpeername$auto(r3, 0x0, 0x0) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd11/queue/iostats_passthrough\x00', 0x2a001, 0x0) write$auto(r4, &(0x7f0000000040)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) fanotify_init$auto(0x6a1, 0x2000000000002) socket(0xb, 0x80805, 0x0) socket(0x28, 0x1, 0x0) (async) r5 = socket(0x8, 0x3, 0x8000) sendto$auto(r5, 0x0, 0x402, 0xacf8, &(0x7f0000000040)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = socket$nl_generic(0x10, 0x3, 0x10) (async) r8 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000280), r6) (async) r9 = socket$nl_generic(0x10, 0x3, 0x10) (async) r10 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r10, &(0x7f0000000000)="c80d1b2942", 0x5) (async) r11 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r9) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f00000001c0)={'wlan0\x00'}) (async) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYRESHEX=r9, @ANYRES16=r11, @ANYBLOB="2f212dbd7000fcdbdf252100000008000300", @ANYRES16, @ANYBLOB="08009e00"], 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000) (async) sendmsg$auto_NCSI_CMD_SET_CHANNEL_MASK(r7, &(0x7f0000000380)={&(0x7f0000000240), 0xc, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[@ANYBLOB="ff", @ANYRES16=r8, @ANYRES64, @ANYRES16=r8, @ANYRES64=r6, @ANYRESHEX=r11, @ANYBLOB], 0xfc}, 0x1, 0x0, 0x0, 0x4000010}, 0x800) (async) sendmsg$auto_NCSI_CMD_SEND_CMD(r1, &(0x7f00000001c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="d3000000", @ANYRES16=r8, @ANYBLOB="00022abd7000fbdbdf250400000008000700060000002700040098d0000004000600080004000800000008000700050000000000080009000000640205000b27d798bb127879d16d4d28de7dbe53a6cfea98ade20310c9cd63ae50117068848cf1710dbbefbef288f95920d08cb78a19ece9f4f5b6522d8b0f6c1ed0c553ecd9a03dd92134b45ff9080c07a5ec9a3833799bdb551d15ce48d991be4d227520715950d5cc77f422eee38887c6d8d0cff69439923ee0dd3632ed7dc018f8814d18f2dc80de19447fbc0baac847bd917534e160d5e846758342f3838803f2b240304511bed8d49a2134cf33ab5949ce713d0f688c42330322f6c298dab60d344d841083608cfde0a0e3055371cb7054f3968c76936dc54b39d0c853eb1789423d4778800ad438b9502fc8dd1b0f0725c8beee1f531e43b913980580264768978383351c9469da17ab6bc046f56be47d5b57e02f9a50076e9e526673360e7f3f52e558db8e54487af0555fae4bc73a04fbf9bb3a66a30e02d5a066ef3ec73dc7815fc213f2639911621107552b9139aae61b3fcc7ef96f4f28af34e50e75d696d9a8d2a683b1ede12ea8c7f29a43a8b2e618ed56c68a7a4a154029bb711dd4c48851137d04a15dd2c5d094dca3a5a868628f85c1aa43b068fa838f869c8238648dcf0d86952b1a678476f9eda17e2f8aec9e562ecbed49dc0dc5045da30415c92864d0bce8b2452aa00bedb502599de1edbcb4b358ad4221ec02862042ee40d16a021122e7bfae92e81c387b5e4635ee685fbaa6ac31f41aaf55d5b21594aa8548bcea3de478eb7c19c0b1cd0886ecdb3d7af12fb3f8b39f9395bdb6ac6a05403f9a18319eac7a5247fc1ebdcacc53a913be2acfb1316552e985c5fc35a18a942dfd01301629f0ab6f092f43f63010a0cd724d8571e327621006ea7c5c033345"], 0x2a0}, 0x1, 0x0, 0x0, 0x440e0}, 0x40) socket(0x1, 0x1, 0x1) open(&(0x7f0000000000)='./bus\x00', 0x22042, 0x10) (async) fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) 5m24.427217002s ago: executing program 1 (id=1127): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/fs/lockd/nlm_end_grace\x00', 0x8282, 0x0) write$auto(0x3, 0x0, 0x5c8) r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000009c0), 0x0, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_TREAD_OLD(r1, 0x40045402, &(0x7f0000000a00)=0x101) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) pipe2$auto(0x0, 0x80) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x6) 5m24.293219753s ago: executing program 1 (id=1129): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r1, 0x0, 0x800) lstat$auto(0x0, &(0x7f0000000180)={0x0, 0x800000000001c, 0xfffffffffffffffc, 0x63, 0x0, 0x0, 0x0, 0x1000, 0x2, 0x80000000000080e, 0x40000400, 0x2006, 0xfffffffffffff405, 0x4, 0x4, 0x7, 0x200000100100}) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r0, 0x0, 0x6) mmap$auto(0x0, 0x20009, 0x29b010c0, 0x100000eb1, 0x40000000000a1, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) socket(0x2b, 0x5, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x8502, 0x0) sendmmsg$auto(r2, 0x0, 0x7, 0x4008) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r0, 0x0, 0x4000000) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) move_pages$auto(0x1, 0x400000000f54, 0x0, 0x0, 0x0, 0x8000000000000000) r3 = getpgid(0x0) rt_tgsigqueueinfo$auto(0xffffffffffffffff, r3, 0x8, &(0x7f0000000100)={@siginfo_0_0={0x6, 0xe, 0x5, @_sigchld={r3, 0x0, 0x401, 0x5, 0x3}}}) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)=&(0x7f0000000080)='\xac\x00', 0x0) socket(0x1a, 0x1, 0xfffffffe) set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7, 0x9) mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40002, 0x300) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xd0, 0x0, 0x4) getrandom$auto(0x0, 0x6000000, 0x3) madvise$auto(0x0, 0xf663, 0x15) 5m9.19221805s ago: executing program 32 (id=1129): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r1, 0x0, 0x800) lstat$auto(0x0, &(0x7f0000000180)={0x0, 0x800000000001c, 0xfffffffffffffffc, 0x63, 0x0, 0x0, 0x0, 0x1000, 0x2, 0x80000000000080e, 0x40000400, 0x2006, 0xfffffffffffff405, 0x4, 0x4, 0x7, 0x200000100100}) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r0, 0x0, 0x6) mmap$auto(0x0, 0x20009, 0x29b010c0, 0x100000eb1, 0x40000000000a1, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) socket(0x2b, 0x5, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x8502, 0x0) sendmmsg$auto(r2, 0x0, 0x7, 0x4008) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r0, 0x0, 0x4000000) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) move_pages$auto(0x1, 0x400000000f54, 0x0, 0x0, 0x0, 0x8000000000000000) r3 = getpgid(0x0) rt_tgsigqueueinfo$auto(0xffffffffffffffff, r3, 0x8, &(0x7f0000000100)={@siginfo_0_0={0x6, 0xe, 0x5, @_sigchld={r3, 0x0, 0x401, 0x5, 0x3}}}) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)=&(0x7f0000000080)='\xac\x00', 0x0) socket(0x1a, 0x1, 0xfffffffe) set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7, 0x9) mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40002, 0x300) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xd0, 0x0, 0x4) getrandom$auto(0x0, 0x6000000, 0x3) madvise$auto(0x0, 0xf663, 0x15) 5.985818942s ago: executing program 4 (id=2857): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/overcommit_kbytes\x00', 0x202, 0x0) sendfile$auto(r0, r0, 0x0, 0x7fffe000) r1 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) setsockopt$auto(r1, 0x0, 0x80000001, 0x0, 0x0) (async) setsockopt$auto(r1, 0x0, 0x80000001, 0x0, 0x0) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) (async) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/ati_remote2/parameters/channel_mask\x00', 0x1e1842, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) open(&(0x7f0000000340)='./cgroup/file0\x00', 0x101840, 0x100) execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) rename$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='./cgroup\x00') (async) rename$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='./cgroup\x00') openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) (async) get_robust_list$auto(0x0, 0x0, 0x0) socket(0xa, 0x80000, 0x1) (async) r2 = socket(0xa, 0x80000, 0x1) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) (async) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) syz_genetlink_get_family_id$auto_nl80211(0x0, r2) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x20000000000, 0xe983, 0x7f, 0xeb1, 0x401, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001340)='/sys/module/l1oip/parameters/limit\x00', 0x80302, 0x0) sendfile$auto(r3, r3, 0x0, 0x3) (async) sendfile$auto(r3, r3, 0x0, 0x3) sendmsg$auto_NL802154_CMD_STOP_BEACONS(0xffffffffffffffff, 0x0, 0x50) sendmsg$auto_NL802154_CMD_DEL_SEC_DEVKEY(r2, 0x0, 0x20044841) ioctl$auto_SW_SYNC_IOC_INC(0xffffffffffffffff, 0x40045701, &(0x7f0000000200)=0x823) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 5.592643569s ago: executing program 0 (id=2860): syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/020/001\x00', 0x80000, 0x0) socket(0x25, 0x1, 0x3) setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x8) mknod$auto(&(0x7f00000000c0)='./file0\x00', 0x1001, 0x804) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0xa8200, 0x0) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'vcan0\x00'}) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x10, 0x2, 0x4) r1 = socket(0x1d, 0x2, 0x7) socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'dummy0\x00', 0x0}) r3 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000100), 0x200000, 0x0) r4 = ioctl$auto_SW_SYNC_IOC_INC(r3, 0x40045701, &(0x7f0000000140)=0x100) bind$auto(r1, &(0x7f0000000000)=@can={0x1d, r2}, 0x6a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r5}, 0x18) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r6) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000640)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_DEL_PMK(r6, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)={&(0x7f0000000c40)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="010026bd7000fbdbdf857000000008000300", @ANYRES32=r8], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x8000) sendmsg$auto_NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(r0, &(0x7f0000000500)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000", @ANYRES16=r7, @ANYBLOB="00022bbd7000fedbdf25700000000c002e01be695338000000000400830083004e01bfb35872ce1d964feb9dfe950ca585fd0eea3814931c23b56aa345f4529ca62b32b2fd4abd44799a90412f419f1570dcafa1160b228f90a6df23ed15efefae7e45844f8b805c548636668c363708b379f7d8b23f5502835afd9fa8ca6107e2a182125c72177655287a0d1d174fdde91eaaf50322fc183780a19b5a81076e8ab1287348af8012ce90e1f11a6e4d00050019005d0000000800b70000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x4000014}, 0x0) sendmmsg$auto(r3, &(0x7f0000000080)={{0x0, 0x687ca0b, &(0x7f00000002c0)={0x0, 0xffcc}, 0xb, 0x0, 0x8000000000000001, 0xb}, 0x9}, 0x4, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xe, 0x940, 0x801ffde, 0x3, 0x2000000000000006, 0x3, 0x8, 0x5, 0x6, 0x9, 0x1, 0x9, 0x2, 0x3, 0x5, 0xfffffffffffffffa, 0x0, 0x0, 0x0, 0x0, 0x3bc, 0x0, 0x4000000000, 0x8, 0x0, 0x7, 0x0, [0xffffffff00000000, 0x0, 0x200, 0x0, 0x0, 0x0, 0x1, 0x788, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x20c6, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0xfffffffffffffffc]}, 0x4, 0x2) syz_genetlink_get_family_id$auto_net_dm(&(0x7f00000003c0), r4) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r9 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0xffffff9e}, 0x40000) 5.210830727s ago: executing program 4 (id=2861): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) r2 = clone$auto(0x4, 0xf959, &(0x7f0000000080)=0x401, &(0x7f00000000c0)=0x8, 0x6b7a) ioctl$auto_VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f0000000000)={0xb, 0xffffffffffffffff}) r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), 0xffffffffffffffff) shmctl$auto_IPC_INFO(0x4, 0x3, &(0x7f0000000200)={{0x2, 0xee00, 0xee01, 0x80000001, 0x1, 0x3, 0x2}, 0x1, 0x3, 0x3, 0xfffffffffffff800, @inferred=0xffffffffffffffff, @raw=0xffff1cef, 0x7ff, 0x0, &(0x7f00000000c0), &(0x7f0000000140)="767fb4abcae0f8235c53127c104f1863dfe1bfac282ed5d3cac3cb7a7a24df74d231d547840ea071ff2dbf88bc84165030ab98a4416856fdca7ed0b59779b8505e44ba186c0fde0cdee4efc6040bfbc1ab385c53075257b7f7cfa7e980ee1c17c51b4462d95431738703177601c4549be15f63f36e37859cee0b0f544276a75e402b44f51277c5c4ccfd6bdef7a7eebc64062cdfa2c50f39f22f3a11ed0d0e4f1d3cb52bf2b3ce6ea2b47df56dff13253dca283aac3d43dd7e933a3ece"}) r6 = setfsuid$auto(0xee00) setreuid$auto(r6, 0x0) r7 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) move_pages$auto(r7, 0x1002, 0x0, 0x0, 0x0, 0x2) r8 = openat$auto_binder_features_fops_(0xffffffffffffff9c, &(0x7f0000000280)='/dev/binderfs/features/oneway_spam_detection\x00', 0x200, 0x0) r9 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCVHANGUP2(r9, 0x5437, 0x0) sendmsg$auto_MACSEC_CMD_UPD_OFFLOAD(r3, &(0x7f0000000840)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000800)={&(0x7f00000002c0)={0x438, r4, 0x100, 0x70bd29, 0x1, {}, [@MACSEC_ATTR_SA_CONFIG={0x422, 0x3, 0x0, 0x1, [@nested={0x8a, 0xa5, 0x0, 0x1, [@nested={0x4, 0x42}, @generic="f1b73f5dd43d4dba640122c38fe2c3438524204016d3a7db8cbf3771cac3dabad9f83f945e3067ee5933dba4aaa12a5be41ca43168eaa0c5c2707f62c1759a70d1323ac48fa45940b22cbeb681dce4550222ece6a650", @nested={0x4, 0x8e}, @typed={0x8, 0x17, 0x0, 0x0, @uid}, @nested={0x4, 0x11d}, @typed={0x8, 0xc2, 0x0, 0x0, @ipv4=@private=0xa010100}, @nested={0x4, 0x11}, @nested={0x4, 0xa4}, @typed={0x8, 0x49, 0x0, 0x0, @uid=r5}, @nested={0x4, 0xce}]}, @typed={0x8, 0x4a, 0x0, 0x0, @u32=0x8}, @nested={0x130, 0xa6, 0x0, 0x1, [@nested={0x4, 0xa7}, @generic="4616d657ddf966d1e765b1c75e31dcd952f03cdf47d1b1ce01f728edf96f3ecb41bbbc3929b483702f7aa523ecb724712af0a2d5da366e69f15c3135c396e12ecbd3bf1c801dc0de496fd267772a102b6bd31d853e1b1dd63e5e00b2e53244b08fcde6b6c9d1ab5eb57079ee15283ae81fb874670d5b65e422455a1ae3250e0c5f4eb4fae5607d2df177bfc61485ad26b769a1a7acdabb47e14de3d17ef70bf0aef672b1a1a18ea309bd5f7072488f3d293f89630c1e93b745bbe4bbdb3c036fe10315635765e8", @generic="473c59bd48ebfe1652cfa7317791c412a7f9bb366e2f673c85edb7c7bdd8c4317f93e55319c607b94fc0205f014b743ae62ad02ef942f762e59069ddcc34da3caf6a7df4f112f18214a8056c2eea1f6bb0ce8f0f19d140185dd114b483", @nested={0x4, 0x126}]}, @generic="3ec94976c901cb3b6459d6cada7f79c050008640f8f40bcccecaf2827be0fd1ce4295363ce643a92f65decf80694b4deb45daf133cd4ec20f933d920c4c29451389a3e5710bbe97b40e2877f4458f57630626833af7e5f7c7382a2e5937d2122586a55ed042482e8715c435473973f919de9eb07eafc8dda6278a5ac8965b5f6bbc3799be7f4200f314c8c0cafcf0bd6281db59034e268062cd959293c46babdaa2fc7f5cd87ec226223e9a81eef043eebeecead34f3333af1cb", @typed={0x8, 0xb2, 0x0, 0x0, @uid=r6}, @nested={0x18e, 0xfb, 0x0, 0x1, [@nested={0x4, 0xf8}, @nested={0x4, 0x124}, @generic="5ef9795435ca9dbc258bb4225cf3382b09ea31e88fb16631ecdf5707c0428fad1cbc63ab3477d39df9205028a239f403e6ba59bddc87dabc02e083", @typed={0x8, 0x7d, 0x0, 0x0, @pid=r7}, @typed={0x8, 0x6c, 0x0, 0x0, @u32=0x3d}, @typed={0x8, 0x118, 0x0, 0x0, @fd=r8}, @generic="cf862b0023a3e4fd11ee2503a29678351d4be325804c7b79152dd687fbb75ce7922fc6e1c01aa9701c19b68f78f87b73e0d10cd069cc38edf7144676c466041c291b883f3ffa6b92578257566c568bf1e9f4fd3c69a47937cc35fde154d2f8e506efe0c75ca0b05767c342c135fc18190e33558a792a9b33198edc8dd58cf32999a139322badd7f811b26e0d8b8eeae4617063d44aa481ddeef4432cb298a5cf104a49b7", @generic="6341b316308ca1617dbe2fda24442010a06902f0ec3765012fdf6a977ff23fc8a1435df64c0ea60b8352b925644828c97187ce11a8aa549219c502d010b1ef6f19eb2adb2eef0f5c150304392fe69ec2756cea05e6b5361702466cfd81c99eaf75d7b9fc3f464ad4331d36ad9e49330ea550613971e05e90723ca43144ba4943ea19571c9583eda529399f"]}, @typed={0x8, 0x6, 0x0, 0x0, @fd=r9}]}]}, 0x438}, 0x1, 0x0, 0x0, 0x4000084}, 0x4) sendmsg$auto_NL80211_CMD_GET_WIPHY(r0, &(0x7f0000000600)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000100)={0x498, 0x0, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_AP_SETTINGS_FLAGS={0x8, 0x135, 0x6}, @NL80211_ATTR_RECEIVE_MULTICAST={0x4}, @NL80211_ATTR_MBSSID_CONFIG={0x54, 0x132, 0x0, 0x1, [@NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY={0x5, 0x2, 0x5}, @NL80211_MBSSID_CONFIG_ATTR_INDEX={0x5, 0x3, 0x5}, @NL80211_MBSSID_CONFIG_ATTR_INDEX={0x5, 0x3, 0x9}, @NL80211_MBSSID_CONFIG_ATTR_INDEX={0x5, 0x3, 0x11}, @NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY={0x5, 0x2, 0xd3}, @NL80211_MBSSID_CONFIG_ATTR_MAX_INTERFACES={0x5, 0x1, 0x9}, @NL80211_MBSSID_CONFIG_ATTR_INDEX={0x5, 0x3, 0x8}, @NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX={0x8, 0x4, r1}, @NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY={0x5, 0x2, 0x7}, @NL80211_MBSSID_CONFIG_ATTR_INDEX={0x5, 0x3, 0x6}]}, @NL80211_ATTR_WIPHY_TXQ_PARAMS={0x2f8, 0x25, 0x0, 0x1, [@typed={0x8, 0x12b, 0x0, 0x0, @ipv4=@multicast2}, @typed={0xe7, 0x10a, 0x0, 0x0, @binary="c122d001d6ce0a1e5d193fca4574476aa07abe575fb0198dfa8f86cc2121a1f2b05d3d7bb7f021f92cdbda46cbf4d3b7fbd533060720e1509a44dbf1c078091d6484226d51c84d9f6c6f1bde8d8038b4e4499934862df81e0785e90f3fa012d1ae7545f725c73357a0a352fb4a3304d6920be12028ba9e40e8e137967fa4b535ae4d3f7c4804a19bd7fd349aeb25c7029348bb063ea6ee2d6901c3c9b8a3393c63fdef75b0480ac80b58b2136d9bf3eec6f8a0708af4677e7cbf84ce219deb56d15585743f0844260719a38be997e1635804733cd4ff9542ace7405c8cc349d44ded24"}, @nested={0x149, 0x35, 0x0, 0x1, [@generic="fae773bc6e1be45e48b842ca2844de9a43b0fdf570f4aaae07961e380ca16ef08047b87d848e6461790515439bddac118870a0bd4b0c880f11f8d0ac164219f451edc3b8afe25de598568ccffa086dafbe8398309de208f8dd5c957caa4505275f27760d1def2d0c6dd7d00d385b7a4bf51462a02ef105636a3bbadb3675cdb536846236cf8309d0191daa380d92abd653dfe790eff0647f9543d37a035346ea01dbdd6f0baf9530487bae07", @nested={0x4, 0x107}, @typed={0xc, 0x89, 0x0, 0x0, @u64=0x4b7f}, @generic="cbc15cf51fe44f0e2ec3536e", @typed={0xc, 0x1c, 0x0, 0x0, @u64=0xfffffffffffffff8}, @typed={0x8, 0x125, 0x0, 0x0, @ipv4=@private=0xa010102}, @generic="050eb13fc127bb9a2311ea0a2f2503ed730e125ab88434971a0d22543ae08b67a8bb8e5133ef1c7f948548c1da675fc638936972a1e77fd329d3e56e278d778dacbfeef2e83665f9817a1883b4e6ee9c3a9a3be516f34d4fa046404c0cd1942fcf", @typed={0x8, 0xe7, 0x0, 0x0, @pid=r2}]}, @typed={0xc, 0x72, 0x0, 0x0, @u64=0x8001}, @typed={0xa9, 0x11a, 0x0, 0x0, @binary="bdaa1b044b26082f402306812d5ba5371d6a48d4d6d4d60b08d36e40895c5ffd0b6590b2c847f56705e35ecd3e15479fee4f17a58b05d655556b3cee0b564f3c38bec81eec3472ad99ac3c9d8c163d7c8c5a37207a4f5a58e2a933b1507abff94a8a32134c377e85fe1debfb8ee39807c13700f41be82ec04091b2e0ed1dfb97965af63522206edfa23dbf643974686908e49366138560a8b8fcdb64b147314455d11237e1"}]}, @NL80211_ATTR_MAC_ADDRS={0x11a, 0xa6, 0x0, 0x1, [@typed={0x8, 0x62, 0x0, 0x0, @uid=r6}, @nested={0x18, 0x3c, 0x0, 0x1, [@typed={0x14, 0xd3, 0x0, 0x0, @ipv6=@private1}]}, @typed={0x5, 0xe6, 0x0, 0x0, @str='\x00'}, @generic="3b2128aaabc0e8fe68fe7d7f62057f8e53cb39582efbcdedb28446724f17742421a23f831f81843d00524a9779793504ff255e8512cfd739424f7e0c48187fb9b55059aab4846b9258a3e488fdae6ef548a190dbab57cf8f57c13ca1", @generic="35d1d8ffb53df520f15f79a1b39a2e198f7a897ed7e9dbd7c8d8faf6c540ef24f4b7ba4cd0adf533a1908d57a9fe233e9bd59c5e380edaa12f662f06417b024cd1f74d7f7449acebdf0f000f7a4c5ad0e25432d51a4b8f17db3bdbebbcad48e063a664f6d7fad2f7196dd5d312bf2083efab5f105455a77e7af4417570808007fc99df168824d95170f98c55170a20ad7d63"]}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8}, @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x4}]}, 0x498}, 0x1, 0x0, 0x0, 0x40010}, 0x20000801) r10 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/devices/virtual/block/ram12/events\x00', 0x101480, 0x0) read$auto(r10, 0x0, 0x9) socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond0\x00'}) (async) clone$auto(0x4, 0xf959, &(0x7f0000000080)=0x401, &(0x7f00000000c0)=0x8, 0x6b7a) (async) ioctl$auto_VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f0000000000)={0xb}) (async) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), 0xffffffffffffffff) (async) shmctl$auto_IPC_INFO(0x4, 0x3, &(0x7f0000000200)={{0x2, 0xee00, 0xee01, 0x80000001, 0x1, 0x3, 0x2}, 0x1, 0x3, 0x3, 0xfffffffffffff800, @inferred=0xffffffffffffffff, @raw=0xffff1cef, 0x7ff, 0x0, &(0x7f00000000c0), &(0x7f0000000140)="767fb4abcae0f8235c53127c104f1863dfe1bfac282ed5d3cac3cb7a7a24df74d231d547840ea071ff2dbf88bc84165030ab98a4416856fdca7ed0b59779b8505e44ba186c0fde0cdee4efc6040bfbc1ab385c53075257b7f7cfa7e980ee1c17c51b4462d95431738703177601c4549be15f63f36e37859cee0b0f544276a75e402b44f51277c5c4ccfd6bdef7a7eebc64062cdfa2c50f39f22f3a11ed0d0e4f1d3cb52bf2b3ce6ea2b47df56dff13253dca283aac3d43dd7e933a3ece"}) (async) setfsuid$auto(0xee00) (async) setreuid$auto(r6, 0x0) (async) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async) move_pages$auto(r7, 0x1002, 0x0, 0x0, 0x0, 0x2) (async) openat$auto_binder_features_fops_(0xffffffffffffff9c, &(0x7f0000000280)='/dev/binderfs/features/oneway_spam_detection\x00', 0x200, 0x0) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) (async) ioctl$auto_TIOCVHANGUP2(r9, 0x5437, 0x0) (async) sendmsg$auto_MACSEC_CMD_UPD_OFFLOAD(r3, &(0x7f0000000840)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000800)={&(0x7f00000002c0)={0x438, r4, 0x100, 0x70bd29, 0x1, {}, [@MACSEC_ATTR_SA_CONFIG={0x422, 0x3, 0x0, 0x1, [@nested={0x8a, 0xa5, 0x0, 0x1, [@nested={0x4, 0x42}, @generic="f1b73f5dd43d4dba640122c38fe2c3438524204016d3a7db8cbf3771cac3dabad9f83f945e3067ee5933dba4aaa12a5be41ca43168eaa0c5c2707f62c1759a70d1323ac48fa45940b22cbeb681dce4550222ece6a650", @nested={0x4, 0x8e}, @typed={0x8, 0x17, 0x0, 0x0, @uid}, @nested={0x4, 0x11d}, @typed={0x8, 0xc2, 0x0, 0x0, @ipv4=@private=0xa010100}, @nested={0x4, 0x11}, @nested={0x4, 0xa4}, @typed={0x8, 0x49, 0x0, 0x0, @uid=r5}, @nested={0x4, 0xce}]}, @typed={0x8, 0x4a, 0x0, 0x0, @u32=0x8}, @nested={0x130, 0xa6, 0x0, 0x1, [@nested={0x4, 0xa7}, @generic="4616d657ddf966d1e765b1c75e31dcd952f03cdf47d1b1ce01f728edf96f3ecb41bbbc3929b483702f7aa523ecb724712af0a2d5da366e69f15c3135c396e12ecbd3bf1c801dc0de496fd267772a102b6bd31d853e1b1dd63e5e00b2e53244b08fcde6b6c9d1ab5eb57079ee15283ae81fb874670d5b65e422455a1ae3250e0c5f4eb4fae5607d2df177bfc61485ad26b769a1a7acdabb47e14de3d17ef70bf0aef672b1a1a18ea309bd5f7072488f3d293f89630c1e93b745bbe4bbdb3c036fe10315635765e8", @generic="473c59bd48ebfe1652cfa7317791c412a7f9bb366e2f673c85edb7c7bdd8c4317f93e55319c607b94fc0205f014b743ae62ad02ef942f762e59069ddcc34da3caf6a7df4f112f18214a8056c2eea1f6bb0ce8f0f19d140185dd114b483", @nested={0x4, 0x126}]}, @generic="3ec94976c901cb3b6459d6cada7f79c050008640f8f40bcccecaf2827be0fd1ce4295363ce643a92f65decf80694b4deb45daf133cd4ec20f933d920c4c29451389a3e5710bbe97b40e2877f4458f57630626833af7e5f7c7382a2e5937d2122586a55ed042482e8715c435473973f919de9eb07eafc8dda6278a5ac8965b5f6bbc3799be7f4200f314c8c0cafcf0bd6281db59034e268062cd959293c46babdaa2fc7f5cd87ec226223e9a81eef043eebeecead34f3333af1cb", @typed={0x8, 0xb2, 0x0, 0x0, @uid=r6}, @nested={0x18e, 0xfb, 0x0, 0x1, [@nested={0x4, 0xf8}, @nested={0x4, 0x124}, @generic="5ef9795435ca9dbc258bb4225cf3382b09ea31e88fb16631ecdf5707c0428fad1cbc63ab3477d39df9205028a239f403e6ba59bddc87dabc02e083", @typed={0x8, 0x7d, 0x0, 0x0, @pid=r7}, @typed={0x8, 0x6c, 0x0, 0x0, @u32=0x3d}, @typed={0x8, 0x118, 0x0, 0x0, @fd=r8}, @generic="cf862b0023a3e4fd11ee2503a29678351d4be325804c7b79152dd687fbb75ce7922fc6e1c01aa9701c19b68f78f87b73e0d10cd069cc38edf7144676c466041c291b883f3ffa6b92578257566c568bf1e9f4fd3c69a47937cc35fde154d2f8e506efe0c75ca0b05767c342c135fc18190e33558a792a9b33198edc8dd58cf32999a139322badd7f811b26e0d8b8eeae4617063d44aa481ddeef4432cb298a5cf104a49b7", @generic="6341b316308ca1617dbe2fda24442010a06902f0ec3765012fdf6a977ff23fc8a1435df64c0ea60b8352b925644828c97187ce11a8aa549219c502d010b1ef6f19eb2adb2eef0f5c150304392fe69ec2756cea05e6b5361702466cfd81c99eaf75d7b9fc3f464ad4331d36ad9e49330ea550613971e05e90723ca43144ba4943ea19571c9583eda529399f"]}, @typed={0x8, 0x6, 0x0, 0x0, @fd=r9}]}]}, 0x438}, 0x1, 0x0, 0x0, 0x4000084}, 0x4) (async) sendmsg$auto_NL80211_CMD_GET_WIPHY(r0, &(0x7f0000000600)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000100)={0x498, 0x0, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_AP_SETTINGS_FLAGS={0x8, 0x135, 0x6}, @NL80211_ATTR_RECEIVE_MULTICAST={0x4}, @NL80211_ATTR_MBSSID_CONFIG={0x54, 0x132, 0x0, 0x1, [@NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY={0x5, 0x2, 0x5}, @NL80211_MBSSID_CONFIG_ATTR_INDEX={0x5, 0x3, 0x5}, @NL80211_MBSSID_CONFIG_ATTR_INDEX={0x5, 0x3, 0x9}, @NL80211_MBSSID_CONFIG_ATTR_INDEX={0x5, 0x3, 0x11}, @NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY={0x5, 0x2, 0xd3}, @NL80211_MBSSID_CONFIG_ATTR_MAX_INTERFACES={0x5, 0x1, 0x9}, @NL80211_MBSSID_CONFIG_ATTR_INDEX={0x5, 0x3, 0x8}, @NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX={0x8, 0x4, r1}, @NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY={0x5, 0x2, 0x7}, @NL80211_MBSSID_CONFIG_ATTR_INDEX={0x5, 0x3, 0x6}]}, @NL80211_ATTR_WIPHY_TXQ_PARAMS={0x2f8, 0x25, 0x0, 0x1, [@typed={0x8, 0x12b, 0x0, 0x0, @ipv4=@multicast2}, @typed={0xe7, 0x10a, 0x0, 0x0, @binary="c122d001d6ce0a1e5d193fca4574476aa07abe575fb0198dfa8f86cc2121a1f2b05d3d7bb7f021f92cdbda46cbf4d3b7fbd533060720e1509a44dbf1c078091d6484226d51c84d9f6c6f1bde8d8038b4e4499934862df81e0785e90f3fa012d1ae7545f725c73357a0a352fb4a3304d6920be12028ba9e40e8e137967fa4b535ae4d3f7c4804a19bd7fd349aeb25c7029348bb063ea6ee2d6901c3c9b8a3393c63fdef75b0480ac80b58b2136d9bf3eec6f8a0708af4677e7cbf84ce219deb56d15585743f0844260719a38be997e1635804733cd4ff9542ace7405c8cc349d44ded24"}, @nested={0x149, 0x35, 0x0, 0x1, [@generic="fae773bc6e1be45e48b842ca2844de9a43b0fdf570f4aaae07961e380ca16ef08047b87d848e6461790515439bddac118870a0bd4b0c880f11f8d0ac164219f451edc3b8afe25de598568ccffa086dafbe8398309de208f8dd5c957caa4505275f27760d1def2d0c6dd7d00d385b7a4bf51462a02ef105636a3bbadb3675cdb536846236cf8309d0191daa380d92abd653dfe790eff0647f9543d37a035346ea01dbdd6f0baf9530487bae07", @nested={0x4, 0x107}, @typed={0xc, 0x89, 0x0, 0x0, @u64=0x4b7f}, @generic="cbc15cf51fe44f0e2ec3536e", @typed={0xc, 0x1c, 0x0, 0x0, @u64=0xfffffffffffffff8}, @typed={0x8, 0x125, 0x0, 0x0, @ipv4=@private=0xa010102}, @generic="050eb13fc127bb9a2311ea0a2f2503ed730e125ab88434971a0d22543ae08b67a8bb8e5133ef1c7f948548c1da675fc638936972a1e77fd329d3e56e278d778dacbfeef2e83665f9817a1883b4e6ee9c3a9a3be516f34d4fa046404c0cd1942fcf", @typed={0x8, 0xe7, 0x0, 0x0, @pid=r2}]}, @typed={0xc, 0x72, 0x0, 0x0, @u64=0x8001}, @typed={0xa9, 0x11a, 0x0, 0x0, @binary="bdaa1b044b26082f402306812d5ba5371d6a48d4d6d4d60b08d36e40895c5ffd0b6590b2c847f56705e35ecd3e15479fee4f17a58b05d655556b3cee0b564f3c38bec81eec3472ad99ac3c9d8c163d7c8c5a37207a4f5a58e2a933b1507abff94a8a32134c377e85fe1debfb8ee39807c13700f41be82ec04091b2e0ed1dfb97965af63522206edfa23dbf643974686908e49366138560a8b8fcdb64b147314455d11237e1"}]}, @NL80211_ATTR_MAC_ADDRS={0x11a, 0xa6, 0x0, 0x1, [@typed={0x8, 0x62, 0x0, 0x0, @uid=r6}, @nested={0x18, 0x3c, 0x0, 0x1, [@typed={0x14, 0xd3, 0x0, 0x0, @ipv6=@private1}]}, @typed={0x5, 0xe6, 0x0, 0x0, @str='\x00'}, @generic="3b2128aaabc0e8fe68fe7d7f62057f8e53cb39582efbcdedb28446724f17742421a23f831f81843d00524a9779793504ff255e8512cfd739424f7e0c48187fb9b55059aab4846b9258a3e488fdae6ef548a190dbab57cf8f57c13ca1", @generic="35d1d8ffb53df520f15f79a1b39a2e198f7a897ed7e9dbd7c8d8faf6c540ef24f4b7ba4cd0adf533a1908d57a9fe233e9bd59c5e380edaa12f662f06417b024cd1f74d7f7449acebdf0f000f7a4c5ad0e25432d51a4b8f17db3bdbebbcad48e063a664f6d7fad2f7196dd5d312bf2083efab5f105455a77e7af4417570808007fc99df168824d95170f98c55170a20ad7d63"]}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8}, @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x4}]}, 0x498}, 0x1, 0x0, 0x0, 0x40010}, 0x20000801) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/devices/virtual/block/ram12/events\x00', 0x101480, 0x0) (async) read$auto(r10, 0x0, 0x9) (async) 4.540605383s ago: executing program 4 (id=2862): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0) read$auto(r0, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x805, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x4e40, 0x0) ioctl$auto(0x3, 0x40045532, 0x38) r1 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x88c00, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_PAUSE2(r1, 0x40044145, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xb8, 0xfffffffffffffffa, 0x8000) openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/kvm/host_state_reload\x00', 0x422463, 0x0) mmap$auto(0x20000000000, 0x4, 0x3, 0x12, 0xffffffffffffffff, 0x168d) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/\x98@dio1\x00', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r3 = socket(0x2b, 0x1, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)={0x14, r5, 0x1, 0x70bd2b, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20000010}, 0x4044000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) sysfs$auto(0x2, 0x100000000000036, 0x0) r6 = fsopen$auto(0x0, 0x1) fsconfig$auto(r6, 0x8, 0x0, 0x0, 0x0) sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c) shmctl$auto(0x0, 0xd, 0x0) recvmmsg$auto(0x3, 0x0, 0xfffe, 0x6, 0x0) 4.086821356s ago: executing program 0 (id=2865): r0 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010026bd7000ffdbdf25050000000c00010007000000000000000c00eeff03000000000000000c000100400000f900000000020020f1"], 0x50}, 0x1, 0x0, 0x0, 0x4048000}, 0x0) r1 = socket(0x10, 0x2, 0x6) socket(0x1d, 0x4, 0x5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) readv$auto(0xffffffffffffffff, 0x0, 0x3) ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f0000000140)) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r3) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)={0x2c, r4, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@ETHTOOL_A_TSINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040840}, 0x40000) readv$auto(0x3, 0x0, 0x1) r5 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x10000000, 0x1004, 0x10e3, 0xf030, 0xffffffffffffffff, 0x7) io_uring_setup$auto(0x401, 0x0) close_range$auto(0x2, 0x8, 0x0) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x9, 0x6, 0x63, 0x0, 0x0, 0x0, 0xac, 0x200, 0x2, 0x40000402, 0x9, 0x9, 0xffffffffffffffff, 0x6, 0x6, 0x200000100103}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) r6 = socket(0x10, 0x2, 0x6) socket(0xf, 0x3, 0x2) sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) syz_genetlink_get_family_id$auto_ethtool(0x0, r5) write$auto(0x3, 0x0, 0xffd8) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000040), 0x7, 0xa505}, 0x800}, 0x5, 0x400a) 3.751103169s ago: executing program 2 (id=2868): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_ovs_vport(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x1, 0x84) pipe2$auto(0x0, 0x80) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) close_range$auto(0x2, 0xa, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) write$auto(0xca, 0x0, 0x2b) 3.712363878s ago: executing program 3 (id=2869): mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) openat$auto_proc_fault_inject_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/make-it-fail\x00', 0x40842, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0xa800, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) socket(0x2b, 0x1, 0x0) ioctl$auto_TCSBRK2(r2, 0x5409, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mlock$auto(0x112, 0x80006) mlockall$auto(0x800000000000005) timerfd_gettime$auto(r0, &(0x7f0000000040)={{0x8, 0x5}, {0x7, 0x79e3}}) madvise$auto(0x0, 0x200007, 0x19) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video8\x00', 0x802, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0) r4 = openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/kernel/debug/bdi/1:15/wb_stats\x00', 0x40, 0x0) pread64$auto(r4, 0x0, 0x6, 0x9) listen$auto(0xffffffffffffffff, 0x5ed) r5 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x42842, 0x95) read$auto(r5, 0x0, 0x1) write$auto(0x3, 0x0, 0xfdef) write$auto(r3, &(0x7f0000000300)='\x00\x00\x00\x00\x00\xf2\x1e\xadp@f\x1b\xd9\xfb\xfa?$B\xcer\xec\xb2!\xdb\xd1\xcaA\b6q\xf6\x17[\xac;\xe9\xe5\fp\xef\xec\x1a\vt\xae\x86l\xb5w{\x0f\x9e\na\x02v\xe8/\xe1\x9e\\\xe0t\xcd\x9aT\xee\xbb\xb1\x04o\x8e\x13\'b\xc5\xf5\x03\x98\f:\x92T(i2U\x84\xbbW\']~\x8b,\x96\x12\xbb4\xfa\xb3X\x17u\xc2\xcc\x01\x1f\xaa\xa2>\x9a\x18\xe7\xa8\x01\x92\xf3\xef^\x16w6\xc8\xb6\xe0Y\tv\xb8\xe1\xcc\xb8d\x98\x9d4\x0f\x9f9c\xa5', 0x5) 3.175891786s ago: executing program 0 (id=2870): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000001140), r0) sendmsg$auto_WG_CMD_SET_DEVICE(r0, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f0000001940)={0x2c, r1, 0x21, 0x70bd27, 0x25dfdc00, {}, [@WGDEVICE_A_PEERS={0x4}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x2c}, 0x1, 0x0, 0x1000000}, 0x80) 2.78140092s ago: executing program 0 (id=2871): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/graphics/fbcon/rotate_all\x00', 0xa001, 0x0) mmap$auto(0x9, 0x4, 0x4000000000db, 0x40ebe, 0x401, 0x3) (async) socket(0xa, 0x3, 0x3b) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2a, 0x2, 0x0) ioctl$auto(r1, 0x8912, 0x38) (async) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async, rerun: 32) close_range$auto(0x2, 0x8, 0x0) (async) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r4 = ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_GET_MSRS(r2, 0xc018ae85, &(0x7f00000000c0)={0xdd}) (async) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000080), r4) sendmsg$auto_KSMBD_EVENT_UNSPEC(r5, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r6, 0x400, 0x70bd26, 0x25dfdbfe, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8040}, 0x4000048) connect$auto(0x3, 0x0, 0x58) (async) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) write$auto(0x3, 0x0, 0xfdf3) 2.755846591s ago: executing program 2 (id=2872): mmap$auto(0x2, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) semctl$auto(0x1ff, 0x2, 0x13, 0x4) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x21c880, 0x0) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex, 0x7f, 0x0, 0x8, 0x1, @relative_fd, 0xd}, 0x92) r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) write$auto(r1, &(0x7f0000000040)='S\x00\x00\x00\xfc\xff\xff\xff', 0x8587) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000180)=""/204, 0xcc) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001d80)='/sys/devices/virtual/sound/ctl-led/speaker/card0/attach\x00', 0x101080, 0x0) io_uring_register$auto_IORING_REGISTER_SEND_MSG_RING(r0, 0x1f, &(0x7f00000000c0), 0x400) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) bind$auto(0x3, 0x0, 0x6a) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0xa, 0x1, 0x84) r3 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x29, 0x7, 0x3e, 0xfffffffffffffffa, 0x1ffda, 0x0, 0xa, 0x2, 0x9, 0x9, 0x9, 0x4, 0xfffffffffffffff8, 0x9, 0x2, 0x10000, 0x7c, 0x7, 0x0, 0x7, 0x2000, 0x1, 0x7, 0x84, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0xadd, 0xe9, 0x0, 0x0, 0x0, 0x8, 0x0, 0x7ff, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x10000000000000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x1, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0xfffffffffffffffa, 0xfffffffffffffffd]}, 0x1ff, 0x200d) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r3, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES16=r4], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x6}, 0x3, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0x401, 0x8000) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r6, 0x0, 0x2000e1d) writev$auto(r5, &(0x7f0000000200)={0x0, 0xb}, 0x3) set_tid_address$auto(0x0) 2.677155708s ago: executing program 3 (id=2873): socket(0x10, 0x2, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x1fe, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/mac80211_hwsim/hwsim1/net/wlan1/statistics/rx_crc_errors\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000100)=""/4096, 0x1000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = fcntl$auto(0xff80000000000000, 0x409, 0x3f) fallocate$auto(r1, 0x1, 0xd, 0x5) socket(0x2, 0x1, 0x0) socket(0x25, 0x1, 0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x1d, 0x3, 0x1) unshare$auto(0x40000080) msgrcv$auto(0x0, 0x0, 0x1000, 0x8000000000000000, 0xb5) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MEDIA_GET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)={0x20, r3, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@typed={0x8, 0x1, 0x0, 0x0, @pid}]}]}, 0x20}, 0x1, 0x2000000, 0x0, 0x20010}, 0x20040880) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/007/001\x00', 0x482301, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0x2, 0x1d30, 0x100, 0x400000004, 0x15f4da0e, 0x6, 0x9, 0x100000000000000c, 0x9, 0x4, 0x1000000fca, 0x9, 0x4, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 2.452363761s ago: executing program 2 (id=2874): r0 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/etherd/revalidate\x00', 0x4000, 0x0) mmap$auto(0x1, 0x2000c, 0x1, 0x13, r0, 0x8000000000008000) (async, rerun: 64) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) (async, rerun: 64) socket(0x29, 0x2, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async, rerun: 64) select$auto(0x8, 0x0, 0x0, 0x0, 0x0) (rerun: 64) write$auto(r1, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) (async) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) (async) r2 = getpid() process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0) lseek$auto(0x3, 0x8, 0x1) (async) ioctl$auto(0x3, 0x400454ca, 0x38) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) select$auto(0xd, 0x0, 0x0, &(0x7f0000000200)={[0x8001ff, 0x7, 0xd, 0x8fd6, 0x948d, 0x3, 0x80, 0x3, 0x6, 0x8000000000000001, 0x7, 0x100000000000007, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmstat\x00', 0x20000, 0x0) pread64$auto(r3, &(0x7f00000002c0)='\x04\xefr\tbgc/\xd0\xe1\xf7$/tg/,s\b\xf5\xf7\x0f\x03\xd5\xef\xbf\xf6j\xe2\xed\x7f0\b\xff^\xe3th\xd2\x1bA\xba&\xba\xeeg\n\x00\x00\xa9l\x9cd\xcf\xff\x97=\xf4\xa1\xca\x82j\xf2\x17\t\x00\x00\x00\x00\x00\x00\x000\xf76\xb96\xd1\xb9\xde\xe2\x167\xc5\x94\x00A[B\xd9\x82\xaa\xc5\xfcoB\xfe\'\xfbI\xc9\xcb\xc3\xc1\x1e6~\x81\xb9\x0ff\x8e\xd3\x06\xba;yX\x966\x97#\xfb\x8d!F\xfc\x99\x86\x1d\xbb\xaf(\x92\x887\x01Z\xa7\xe3Y\x17\xd2#\x8aO\xef\r\xfa\xe0\x18IiI\xaek\xa9R\x02N;+@\x12>\'\x1a\xa6i\x93\x8c\x16BO@ \xb5\xd9\xd0\xb6S\xfc\x17\x11\x04\x8b?$\xean\xa1|D\xbbV%\xde\x87\xd1o\xf0\x8cM\xfdr\xc9\x86\xbaqp\x9f\xfaBu\xea\xd2\x17\xdc\xe20\xfb', 0x100003ffe, 0x6) (async) r4 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/config/nullb/features\x00', 0x80280, 0x0) read$auto(r4, 0x0, 0x10) (async) write$auto(0x3, 0x0, 0xffd8) 2.068742612s ago: executing program 0 (id=2875): r0 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x0, @rand_addr=0x640100fe}, 0x55) r1 = io_uring_setup$auto(0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth1_vlan\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_LIST(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000240)={&(0x7f0000000280)={0x50, 0x0, 0x204, 0x70bd27, 0x25dfdbfd, {}, [@HSR_A_IFINDEX={0x8, 0x2, r2}, @HSR_A_NODE_ADDR={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x19}}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @remote}, @HSR_A_NODE_ADDR={0xa, 0x1, @multicast}, @HSR_A_IF1_AGE={0x8, 0x3, 0x5}, @HSR_A_IF2_SEQ={0x6, 0x7, 0xff}]}, 0x50}, 0x1, 0x0, 0x0, 0x4}, 0x800) setsockopt$auto(0x3, 0x10000000084, 0x72, 0x0, 0xc) r3 = clone3$auto(&(0x7f0000000180)={0x8000000000000001, 0x3, 0x7, 0x10, 0x4, 0x1, 0x141, 0x9, 0x100, 0x0, 0x4}, 0x80) capget$auto(&(0x7f0000000200)={0x4, r3}, &(0x7f0000000300)={0x4a3, 0xfffffffb, 0x72}) 1.70007471s ago: executing program 3 (id=2876): mmap$auto(0x0, 0x40007, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x7) setrlimit$auto(0x0, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x10005, 0x1, 0xeb1, 0x40000000000a5, 0x8000) r2 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000180), 0x40900, 0x0) ioctl$auto_UBI_IOCATT(r2, 0x40186f40, 0x0) ioctl$auto_UBI_IOCDET(r2, 0x40046f41, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) pivot_root$auto(0x0, 0x0) open(0x0, 0x76bd, 0x12) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) ioctl$auto_KVM_CREATE_VM(r3, 0x4140aecd, 0x0) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2000040080000000, 0xe) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) 1.443528435s ago: executing program 2 (id=2877): mmap$auto(0x0, 0x4020009, 0xdc, 0xeb1, 0xffffffffffffffff, 0x8000) get_robust_list$auto(0x0, 0x0, 0x0) io_uring_setup$auto(0x1, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xa, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x3, 0x10, 0x8fd6, 0x316a, 0x803, 0x15f4da0a, 0x3, 0x3, 0x263, 0x4e55, 0x2007, 0x0, 0x9, 0x9, 0xffffffffffffff67]}, 0x0) r3 = waitid$auto_P_ALL(0x0, 0x1, &(0x7f0000000440)={@siginfo_0_0={0x3, 0x7f, 0x80000001, @_sigpoll={0x4}}}, 0x5, &(0x7f00000005c0)={{0xfffffffffffff001, 0x6}, {0x9, 0x5}, 0x8, 0x10000, 0x5, 0x3, 0xc00000003, 0x800000000000003, 0xb8, 0x9, 0x5, 0xd, 0xfffffffffffffffc, 0x4, 0xf4, 0x4}) move_pages$auto(r3, 0xab6, &(0x7f0000000680)=&(0x7f0000000500)="12695940bf3c626839ef841ee8b23bd6328ec1f44d0e7dbd1af5fc1b46d4ead32487c5e3b069ecf19ebe3b216400d3a55c783c13942101a366afe742a68adc370cc5ed04ed96e11d8e2e1bea6d96ed39a2ad189a650f927b6d61eca01710abc718fa", &(0x7f00000006c0)=0x8000, &(0x7f0000000700)=0x8001, 0x7fffffff) r4 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_CREATE(r4, 0x5501, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xa4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY\xad\xd6\xc5\xab`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4[\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/usb/usbmon/13u\x00', 0x200a00, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(0xffffffffffffffff, 0x80045010, &(0x7f0000004440)) keyctl$auto(0x10, 0x0, 0x9, 0x5, 0x80000003) mmap$auto(0x0, 0x8000000400008, 0x4, 0x9b72, 0xffffffffffffffff, 0x4008000) open_by_handle_at$auto(r2, &(0x7f00000002c0)={0xc, 0x136a, "8f42b1077e737d4629d7867b"}, 0x7d) mmap$auto(0x0, 0x7ff, 0xde, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vhci_hcd.8/usb25/25-0:1.0/usb25-port7/connect_type\x00', 0x8002, 0x0) ioperm$auto(0x7, 0x6, 0x2) prctl$auto(0xb3811503, 0x0, 0x0, 0x7, 0x1) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) sysfs$auto(0x2, 0x10000000000002d, 0x0) 851.932619ms ago: executing program 4 (id=2878): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) mprotect$auto(0x200000000000, 0x806121, 0x8) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = open_tree$auto(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x1) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, r2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) socket(0x1e, 0x4, 0x0) open(0x0, 0x2ac41, 0x0) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x7, 0x0) open(0x0, 0x10d543, 0x165) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40000, 0x0) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC2\x00', 0x8000, 0x0) ioctl$auto(r4, 0xc10c5541, r3) waitid$auto(0x0, 0x594d0417, 0x0, 0x1000004, &(0x7f0000000080)={{0x20000009, 0x4}, {0xb, 0xfffffffffffffff9}, 0x3ff, 0x281, 0x8000000000000000, 0xffffffffffffffff, 0x7f, 0x9, 0x1, 0x0, 0x4, 0x8000, 0x2, 0x6, 0x8, 0x12}) r5 = openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x361800, 0x0) bpf$auto_BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000140)=@bpf_attr_5={@target_fd=r0, r5, 0x4, 0x1, r0, @relative_id=0x8000, 0x101}, 0x5) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@HWSIM_ATTR_RADIO_NAME={0x5, 0x11, '.'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x4044820) 559.041433ms ago: executing program 3 (id=2879): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), r2) sendmsg$auto_WG_CMD_GET_DEVICE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x14, r3, 0x703, 0x70bd27, 0x25dfd9fc}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x4) sendmsg$auto_WG_CMD_SET_DEVICE(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x90, r3, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@WGDEVICE_A_PRIVATE_KEY={0x79, 0x3, "b1a7ef45f39b3fdcbf71071fc3f866a0f55b787f7bb3ccccaddd642b995178ecb26d8c82a9a8e8ca9f498fbc2692d69ef82ae48b861c9777e223e28fad7a835795c99f2b2cdc878f35461d7db2aa522bda00c0be274dc3c40a8edb45cb26a37343603b549c89c31cf6136dec0bd8a571c0ba8bdd04"}]}, 0x90}}, 0x0) ioctl$auto(r0, 0x540a, 0x0) 499.454067ms ago: executing program 4 (id=2880): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000001140), r0) sendmsg$auto_WG_CMD_SET_DEVICE(r0, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f0000001940)={0x2c, r1, 0x21, 0x70bd27, 0x25dfdc00, {}, [@WGDEVICE_A_PEERS={0x4}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x2c}, 0x1, 0x0, 0x100000000000000}, 0x80) 469.474789ms ago: executing program 3 (id=2881): r0 = socket(0xa, 0x80803, 0x6) bind$auto(r0, &(0x7f0000000040)=@generic={0xa, "2c551d000000fe8000"}, 0x1b) (async, rerun: 32) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000380), 0xffffffffffffffff) (rerun: 32) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)={0x50, r1, 0x16, 0x70bd2c, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_RESULT={0x5, 0xa, 0x3c}, @BATADV_ATTR_LOG_LEVEL={0x8, 0x36, 0xfffffff7}, @BATADV_ATTR_TQ={0x5, 0x19, 0x8}, @BATADV_ATTR_TT_CRC32={0x8, 0x13, 0x4}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_MESH_ADDRESS={0xa, 0x5, @broadcast}, @BATADV_ATTR_BANDWIDTH_DOWN={0x8, 0x1c, 0x7}]}, 0x50}, 0x1, 0x0, 0x0, 0x44001}, 0x10) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x100, 0x0) pread64$auto(r2, 0x0, 0x9, 0x2) (async) syz_clone(0x1600, &(0x7f0000000180)="5df48b7c224d9c509751b1f28183663bd11d14d437005dfffe0a165bc3542a25c3dc047229d7b021d92268f8d6c99b5a4a83b58c482b122a8b9dedc2c8da95e836d07faac36afe1024e64a3af5fbb56bc220f038dfcb9dc661463380d85ac913aeac6eeda9981f7977bf8b325e99383bcff87cd6e43a890dcf3bf929fdcc1681a5319bb0f20c45e0500c225bec01637d9b7e73fc1abd909764492f3f3ac8d68f50f16a189f73b1bd8db36f335187df2f2002aac8f45954f8bb70fead7addd9ff", 0xc0, &(0x7f0000000080), &(0x7f0000000100), &(0x7f0000000240)="cbffa7ade80db06076d00a3e4656a60587d5a9c07f63e9bd2c0af276b0d3fe344d36c29ddb9720087ae83001ff96fc03b80e0faa2e8875469008f040038ba8b346f32f5b20e3bf2e0b97452d8ca8894c79d58761f463e90ca0478e3d7730473043f3e437b7bf8b00a3364e0ab88de4698a189f4ac32e89ff13e362ef060df510d2254944cdcaa523032a535b9bfe356f1ac9782c602613090537e5278be8d6a7bc") (async) fadvise64$auto_POSIX_FADV_RANDOM(r2, 0x0, 0x8, 0x1) (async) r3 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r3, &(0x7f0000000440)="1100000007000000000000000000000001", 0x11) (async) r4 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer1\x00', 0x0, 0x0) r5 = dup$auto(r4) (async, rerun: 64) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64) unshare$auto(0x40000080) (async) ioctl$auto(0x3, 0xae60, 0x10000000000402) (async, rerun: 64) pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x06\x11\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9', 0xfdef, 0x3) (async, rerun: 64) ioctl$auto(0x3, 0x4008ae48, 0x38) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008000) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) openat$auto_trace_options_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/options/blk_classic\x00', 0x28302, 0x0) socketpair$auto(0x2, 0xdd79, 0x100, 0x0) getsockopt$auto_SO_PEERPIDFD(r5, 0x1, 0x4d, 0x0, &(0x7f00000000c0)=0x8) 296.224547ms ago: executing program 4 (id=2882): semtimedop$auto(0x9, &(0x7f0000000340)={0x2, 0x0, 0xb}, 0x2, &(0x7f0000000280)={0x1000000004, 0x7}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r0, &(0x7f0000000640)={{&(0x7f0000000000), 0x5ae, &(0x7f0000000100)={0x0, 0x49}, 0x5, 0x0, 0x5, 0x1}, 0x1}, 0x1a000, 0x100) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x45, 0x0) fsopen$auto(0x0, 0x5) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) sendmsg$auto_NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, 0x0, 0x0) read$auto(r1, 0x0, 0x1f40) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/msg_next_id\x00', 0xc0082, 0x0) bpf$auto(0x80000000, 0x0, 0x6f3) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/kernel/sched_rt_period_us\x00', 0x101202, 0x0) sendfile$auto(r3, r3, 0x0, 0x4) io_uring_register$auto(0xffffffffffffffff, 0x23, 0x0, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) semctl$auto(0x7, 0x6, 0x13, 0x1) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, r2, 0xffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x40, &(0x7f0000000080)={0x7fffffff, 0xc, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x5, 0x7f, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) io_uring_enter$auto(r4, 0x9, 0x820e, 0x29, 0x0, 0x18) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000200), 0x101802, 0x0) 247.074354ms ago: executing program 3 (id=2883): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 64) io_uring_setup$auto(0xfff, 0x0) (async, rerun: 64) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x10001, 0x15) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x1, 0x0) (async) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6e) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) (async) write$auto(0x3, 0x0, 0xfdef) (async) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/neigh/ipvlan1/retrans_time\x00', 0x242, 0x0) (async) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0) mmap$auto(0x2000, 0x80009, 0xb, 0x8000000008011, r2, 0x0) sendfile$auto(r1, r1, 0x0, 0x200) (async) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x96934967338325c9, 0x0) (async) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe\x00', 0x20c01, 0x0) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x80000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f0000000140)={{@raw=0x80000000, 0x304, 0xfffffffe, 0x8, "3112d598004a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe000900000000000755015e48d", @raw=0xfffffffc}, 0x3, 0x3, 0x4, @inferred, @integer={0x1, 0xfffffffffffffff9, 0x8}, "7a9fc199a16a2311eacf2fc7ae1da978dc3e8090334fdd7327b386425608af790ada8dbdd70925450e24e87212f0bcab84a16f7ce8cbce0bb32777702b8d7c2d"}) (async) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x100000001, 0xffffffffffffff7f, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x6, 0x2, 0xfffffffffffffffe]}, 0x0) (async, rerun: 32) getsockopt$auto_SO_RESERVE_MEM(r4, 0xfffffff8, 0x49, &(0x7f0000000080)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe\x00', &(0x7f0000000100)=0xfffffff0) (async, rerun: 32) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x90, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) (async) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) (async) mq_unlink$auto(&(0x7f0000000000)='-\x00') (async) madvise$auto(0x0, 0x200007, 0x19) 244.960624ms ago: executing program 2 (id=2884): clock_settime$auto(0x0, &(0x7f0000000000)={0x100000000, 0x3b9ac9ff}) adjtimex$auto(&(0x7f0000000280)={0xf, 0x0, 0xfffffffffffffffc, 0x100000001, 0x400000007f, 0x0, 0x2, 0x0, 0xe, 0x0, 0x10001, {0x200000000000007}, 0x7fffffffffffffff, 0x4, 0x5, 0x1, 0x0, 0x6, 0x400000000, 0x7, 0x40000000000d, 0x5, 0x1015c8}) adjtimex$auto(&(0x7f0000000540)={0x72, 0x0, 0x20000000000ff, 0x800, 0x5, 0x4, 0x3, 0x0, 0x101, 0x2000000000009533, 0x7, {0x1fe, 0x40000000000002}, 0x5, 0x40000000000081, 0x8000006, 0x6, 0x0, 0x100000004, 0x40000021, 0x18d, 0x6, 0x100000001, 0x2015}) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy1/net/wpan1/queues/rx-0/rps_flow_cnt\x00', 0xc0302, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) 79.532271ms ago: executing program 2 (id=2885): r0 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) write$auto(r0, &(0x7f0000000200)='&\x00', 0x8) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x2, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x8000003, 0x7) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) socket(0x3, 0x3, 0x100) (async) sysfs$auto(0x2, 0x4c, 0x0) (async) fsopen$auto(0x0, 0x1) socket(0x2, 0x5, 0x0) (async) r2 = socket(0x10, 0x2, 0x0) setsockopt$auto(r2, 0x104000000000010e, 0x1, 0x0, 0x16) (async) r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x80202, 0x0) ioctl$auto_USBDEVFS_CONTROL(r3, 0xc0185500, &(0x7f0000000000)={0x0, 0x3, 0x1, 0x8c53, 0x0, 0x1, 0x0}) bind$auto(r3, &(0x7f0000000000)=@nl=@kern={0x10, 0x0, 0x0, 0x4000000}, 0x3) io_uring_setup$auto(0x1, 0x0) (async) sched_setattr$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0xfffffffa, 0xfff, 0x6, 0x2, 0x400, 0x8, 0xf16, 0x9, 0x1f3401a1}, 0x4) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000900), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_NEW(r4, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000000)={0x24, r5, 0x1, 0x70bd27, 0x25dfdbff, {}, [@OVS_FLOW_ATTR_KEY={0x4}, @OVS_FLOW_ATTR_KEY={0x4}, @OVS_FLOW_ATTR_UFID_FLAGS={0x8, 0xa, 0x202}]}, 0x24}, 0x1, 0x0, 0x0, 0x50040}, 0x810) (async) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) ioctl$auto_TIOCSETD2(r6, 0x5423, 0x0) (async) bpf$auto(0x6, &(0x7f0000000000)=@bpf_attr_3={0x1, 0x9067, 0x40000080018c, 0x6a, 0x0, 0x8, 0x4, 0x57b8, 0xf, "63ac0600000033ebc15774e816ef77cf", 0x0, 0x100543, 0x4, 0x207, 0x3, 0x1009, 0x4, 0x2, 0xe, 0x5, @attach_btf_obj_fd, 0x166, 0x7fb, 0x6, 0xa, 0x48000000}, 0x10) writev$auto(0xc8, &(0x7f00000028c0)={&(0x7f0000000000), 0x200}, 0x9) (async) ioctl$auto_TIOCVHANGUP2(r1, 0x5437, 0x0) 0s ago: executing program 0 (id=2886): r0 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/numa_maps\x00', 0x422000, 0x0) keyctl$auto(0x200, 0xfffffffffffffffd, 0x0, 0x0, 0x9) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xc, 0x9c0b, 0x44eb2, 0xffffffffffffffff, 0x300000000000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0) mmap$auto(0x0, 0x7, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0x1a, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) socket(0x11, 0x3, 0x300) socket(0x2, 0xa, 0x106) socket$nl_generic(0x10, 0x3, 0x10) prctl$auto(0x4e, 0x1, 0x0, 0x0, 0x0) socket(0x2, 0x800, 0x9) madvise$auto(0x4000000, 0xffffffffffff0085, 0x1004) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x9, 0x6d3e, 0x9, 0x2, 0x1003f]}, 0x0) openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_marker\x00', 0x201, 0x0) write$auto(0x3, 0x0, 0xffd8) r2 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'vcan0\x00'}) r3 = getpid() process_vm_readv$auto(r3, &(0x7f0000000080)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) prctl$auto(0x1, 0x3ff, r3, 0x7fffffff, 0xd) bpf$auto(0x0, &(0x7f00000002c0)=@token_create={0x6, r0}, 0xf) openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/mixer\x00', 0x8800, 0x0) kernel console output (not intermixed with test programs): 0 [ 501.350473][T15995] __x64_sys_io_setup+0xc9/0x210 [ 501.350502][T15995] do_syscall_64+0xcd/0xfa0 [ 501.350530][T15995] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 501.350554][T15995] RIP: 0033:0x7f8763b8efc9 [ 501.350575][T15995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 501.350597][T15995] RSP: 002b:00007f8764ac6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 501.350619][T15995] RAX: ffffffffffffffda RBX: 00007f8763de6090 RCX: 00007f8763b8efc9 [ 501.350636][T15995] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000fff4 [ 501.350651][T15995] RBP: 00007f8763c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 501.350666][T15995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 501.350680][T15995] R13: 00007f8763de6128 R14: 00007f8763de6090 R15: 00007ffd371b2bf8 [ 501.350712][T15995] [ 501.795673][T15994] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2322'. [ 501.825099][T15995] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2322'. [ 502.099004][T16005] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2323'. [ 502.106741][T15807] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 502.144163][T15807] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 502.227842][T15807] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 502.261378][T15807] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 503.046704][T16040] FAULT_INJECTION: forcing a failure. [ 503.046704][T16040] name fail_futex, interval 1, probability 0, space 0, times 0 [ 503.077712][T16040] CPU: 1 UID: 0 PID: 16040 Comm: syz.4.2328 Not tainted syzkaller #0 PREEMPT(full) [ 503.077747][T16040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 503.077762][T16040] Call Trace: [ 503.077771][T16040] [ 503.077782][T16040] dump_stack_lvl+0x16c/0x1f0 [ 503.077814][T16040] should_fail_ex+0x512/0x640 [ 503.077856][T16040] get_futex_key+0x1d0/0x1560 [ 503.077892][T16040] ? __pfx_get_futex_key+0x10/0x10 [ 503.077936][T16040] futex_wake+0xea/0x530 [ 503.077969][T16040] ? trace_kmem_cache_alloc+0x28/0xc0 [ 503.078007][T16040] ? __pfx_futex_wake+0x10/0x10 [ 503.078047][T16040] ? errseq_sample+0x53/0x70 [ 503.078083][T16040] ? file_init_path+0x4fe/0x760 [ 503.078122][T16040] do_futex+0x1e3/0x350 [ 503.078155][T16040] ? __pfx_do_futex+0x10/0x10 [ 503.078188][T16040] ? fd_install+0x225/0x750 [ 503.078228][T16040] __x64_sys_futex+0x1e0/0x4c0 [ 503.078264][T16040] ? __sys_socket+0xac/0x260 [ 503.078296][T16040] ? __pfx___x64_sys_futex+0x10/0x10 [ 503.078329][T16040] ? xfd_validate_state+0x61/0x180 [ 503.078362][T16040] ? __pfx_do_writev+0x10/0x10 [ 503.078397][T16040] do_syscall_64+0xcd/0xfa0 [ 503.078427][T16040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.078451][T16040] RIP: 0033:0x7f045018efc9 [ 503.078472][T16040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 503.078496][T16040] RSP: 002b:00007f04510530e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 503.078520][T16040] RAX: ffffffffffffffda RBX: 00007f04503e5fa8 RCX: 00007f045018efc9 [ 503.078538][T16040] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f04503e5fac [ 503.078555][T16040] RBP: 00007f04503e5fa0 R08: 00007f0451054000 R09: 0000000000000000 [ 503.078571][T16040] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 503.078587][T16040] R13: 00007f04503e6038 R14: 00007ffd77a03b90 R15: 00007ffd77a03c78 [ 503.078624][T16040] [ 503.080031][T16040] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2328'. [ 503.427930][T15807] 8021q: adding VLAN 0 to HW filter on device bond0 [ 503.581806][T15807] 8021q: adding VLAN 0 to HW filter on device team0 [ 503.616266][ T6703] bridge0: port 1(bridge_slave_0) entered blocking state [ 503.623440][ T6703] bridge0: port 1(bridge_slave_0) entered forwarding state [ 503.666256][ T6703] bridge0: port 2(bridge_slave_1) entered blocking state [ 503.673444][ T6703] bridge0: port 2(bridge_slave_1) entered forwarding state [ 503.857152][T16062] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078006600 pfn:0x78000 [ 503.926393][T16062] flags: 0xfff18000000214(referenced|dirty|workingset|node=0|zone=1|lastcpupid=0x7ff) [ 503.998532][T16062] raw: 00fff18000000214 0000000000000000 dead000000000122 0000000000000000 [ 504.059646][T16062] raw: ffff888078006600 0000000000000000 00000001ffffffff 0000000000000000 [ 504.069242][T16062] page dumped because: unmovable page [ 504.087223][T16062] page_owner tracks the page as allocated [ 504.132477][T16062] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 11419, tgid 11419 (syz-executor), ts 323761895748, free_ts 277873807140 [ 504.201436][T16062] post_alloc_hook+0x1c0/0x230 [ 504.247010][T16062] get_page_from_freelist+0x10a3/0x3a30 [ 504.283480][T16062] __alloc_frozen_pages_noprof+0x25f/0x2470 [ 504.317129][T16062] alloc_pages_mpol+0x1fb/0x550 [ 504.322587][T16062] alloc_pages_noprof+0x131/0x390 [ 504.347986][T16062] __vmalloc_node_range_noprof+0x6f8/0x1480 [ 504.370081][T16062] vmalloc_user_noprof+0x9e/0xe0 [ 504.375089][T16062] kcov_ioctl+0x4c/0x730 [ 504.429805][T16062] __x64_sys_ioctl+0x18e/0x210 [ 504.446327][T16062] do_syscall_64+0xcd/0xfa0 [ 504.488514][T15807] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 504.501206][T16062] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 504.507161][T16062] page last free pid 10093 tgid 10091 stack trace: [ 504.549719][T16062] __free_frozen_pages+0x7df/0x1160 [ 504.579064][T16062] kimage_free_page_list+0x130/0x230 [ 504.598933][T16062] kimage_alloc_control_pages+0x3d3/0xa00 [ 504.604715][T16062] do_kexec_load+0x478/0x8a0 [ 504.630625][T16092] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2333'. [ 504.639796][T16062] __x64_sys_kexec_load+0x1bf/0x230 [ 504.645057][T16062] do_syscall_64+0xcd/0xfa0 [ 504.659749][T16092] netlink: 354 bytes leftover after parsing attributes in process `syz.4.2333'. [ 504.696697][T16062] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 504.753482][T15807] veth0_vlan: entered promiscuous mode [ 505.195956][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 505.202325][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 505.217032][T15807] veth1_vlan: entered promiscuous mode [ 505.762729][T16071] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078006600 pfn:0x78000 [ 505.775274][T15807] veth0_macvtap: entered promiscuous mode [ 505.786730][T15807] veth1_macvtap: entered promiscuous mode [ 505.803642][T16071] flags: 0xfff18000000214(referenced|dirty|workingset|node=0|zone=1|lastcpupid=0x7ff) [ 505.905874][T16071] raw: 00fff18000000214 0000000000000000 dead000000000122 0000000000000000 [ 505.969998][T16071] raw: ffff888078006600 0000000000000000 00000001ffffffff 0000000000000000 [ 506.024487][T16071] page dumped because: unmovable page [ 506.029950][T16071] page_owner tracks the page as allocated [ 506.034534][T15807] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 506.036702][T16071] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 11419, tgid 11419 (syz-executor), ts 323761895748, free_ts 277873807140 [ 506.064001][T16071] post_alloc_hook+0x1c0/0x230 [ 506.068820][T16071] get_page_from_freelist+0x10a3/0x3a30 [ 506.075003][T16071] __alloc_frozen_pages_noprof+0x25f/0x2470 [ 506.081329][T16071] alloc_pages_mpol+0x1fb/0x550 [ 506.086359][T16071] alloc_pages_noprof+0x131/0x390 [ 506.091490][T16071] __vmalloc_node_range_noprof+0x6f8/0x1480 [ 506.097549][T16071] vmalloc_user_noprof+0x9e/0xe0 [ 506.103022][T16071] kcov_ioctl+0x4c/0x730 [ 506.107327][T16071] __x64_sys_ioctl+0x18e/0x210 [ 506.111221][T15807] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 506.112811][T16071] do_syscall_64+0xcd/0xfa0 [ 506.125578][T16071] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 506.131663][T16071] page last free pid 10093 tgid 10091 stack trace: [ 506.148461][T16071] __free_frozen_pages+0x7df/0x1160 [ 506.160000][T16071] kimage_free_page_list+0x130/0x230 [ 506.169108][ T1090] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 506.170210][T16071] kimage_alloc_control_pages+0x3d3/0xa00 [ 506.209339][ T1090] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 506.214099][T16071] do_kexec_load+0x478/0x8a0 [ 506.263707][ T1090] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 506.304613][T16071] __x64_sys_kexec_load+0x1bf/0x230 [ 506.316556][T16071] do_syscall_64+0xcd/0xfa0 [ 506.329040][T16071] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 506.390182][ T1090] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 506.547683][T16127] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2336'. [ 507.156909][T16136] FAULT_INJECTION: forcing a failure. [ 507.156909][T16136] name failslab, interval 1, probability 0, space 0, times 0 [ 507.210415][T16136] CPU: 0 UID: 0 PID: 16136 Comm: syz.4.2339 Not tainted syzkaller #0 PREEMPT(full) [ 507.210449][T16136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 507.210464][T16136] Call Trace: [ 507.210472][T16136] [ 507.210482][T16136] dump_stack_lvl+0x16c/0x1f0 [ 507.210515][T16136] should_fail_ex+0x512/0x640 [ 507.210550][T16136] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 507.210578][T16136] should_failslab+0xc2/0x120 [ 507.210608][T16136] kmem_cache_alloc_noprof+0x75/0x6e0 [ 507.210632][T16136] ? sk_prot_alloc+0x60/0x2a0 [ 507.210664][T16136] ? sk_prot_alloc+0x60/0x2a0 [ 507.210691][T16136] sk_prot_alloc+0x60/0x2a0 [ 507.210722][T16136] sk_alloc+0x36/0xc20 [ 507.210757][T16136] pn_socket_create+0x22d/0x560 [ 507.210796][T16136] __sock_create+0x338/0x8d0 [ 507.210833][T16136] __sys_socket+0x14d/0x260 [ 507.210859][T16136] ? __pfx___sys_socket+0x10/0x10 [ 507.210887][T16136] ? xfd_validate_state+0x61/0x180 [ 507.210926][T16136] ? __pfx___do_sys_close_range+0x10/0x10 [ 507.210961][T16136] __x64_sys_socket+0x72/0xb0 [ 507.210991][T16136] ? lockdep_hardirqs_on+0x7c/0x110 [ 507.211014][T16136] do_syscall_64+0xcd/0xfa0 [ 507.211040][T16136] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 507.211062][T16136] RIP: 0033:0x7f045018efc9 [ 507.211081][T16136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 507.211104][T16136] RSP: 002b:00007f0451032038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 507.211127][T16136] RAX: ffffffffffffffda RBX: 00007f04503e6090 RCX: 00007f045018efc9 [ 507.211143][T16136] RDX: 0000000000000000 RSI: 0000000000080805 RDI: 0000000000000023 [ 507.211157][T16136] RBP: 00007f0450211f91 R08: 0000000000000000 R09: 0000000000000000 [ 507.211170][T16136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 507.211185][T16136] R13: 00007f04503e6128 R14: 00007f04503e6090 R15: 00007ffd77a03c78 [ 507.211218][T16136] [ 507.273837][ C0] vkms_vblank_simulate: vblank timer overrun [ 507.375034][ T4510] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 507.480719][ T4510] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 507.601157][T16144] netlink: zone id is out of range [ 507.604595][ T6681] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 507.611726][T16144] netlink: zone id is out of range [ 507.620276][T16144] netlink: zone id is out of range [ 507.629997][ T6681] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 507.632371][T16144] netlink: zone id is out of range [ 507.694969][T16144] netlink: zone id is out of range [ 507.700161][T16144] netlink: zone id is out of range [ 507.721433][T16144] netlink: zone id is out of range [ 507.726592][T16144] netlink: zone id is out of range [ 507.734824][T16144] netlink: zone id is out of range [ 507.739962][T16144] netlink: zone id is out of range [ 507.847703][T11573] smpboot: CPU 1 is now offline [ 507.967329][T16154] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2288'. [ 508.017818][T16154] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 508.153890][T16159] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2344'. [ 508.528257][T16169] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2347'. [ 508.823496][T16178] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2350'. [ 508.835185][T16176] FAULT_INJECTION: forcing a failure. [ 508.835185][T16176] name fail_futex, interval 1, probability 0, space 0, times 0 [ 508.886646][T16181] netlink: 354 bytes leftover after parsing attributes in process `syz.0.2350'. [ 508.904435][T16176] CPU: 0 UID: 0 PID: 16176 Comm: syz.4.2349 Not tainted syzkaller #0 PREEMPT(full) [ 508.904457][T16176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 508.904466][T16176] Call Trace: [ 508.904472][T16176] [ 508.904478][T16176] dump_stack_lvl+0x16c/0x1f0 [ 508.904499][T16176] should_fail_ex+0x512/0x640 [ 508.904523][T16176] get_futex_key+0x1d0/0x1560 [ 508.904544][T16176] ? __pfx_get_futex_key+0x10/0x10 [ 508.904563][T16176] ? import_iovec+0x86/0xb0 [ 508.904579][T16176] futex_wake+0xea/0x530 [ 508.904602][T16176] ? __pfx_futex_wake+0x10/0x10 [ 508.904622][T16176] ? __pfx_vfs_writev+0x10/0x10 [ 508.904643][T16176] do_futex+0x1e3/0x350 [ 508.904662][T16176] ? __pfx_do_futex+0x10/0x10 [ 508.904684][T16176] __x64_sys_futex+0x1e0/0x4c0 [ 508.904705][T16176] ? __pfx___x64_sys_futex+0x10/0x10 [ 508.904741][T16176] ? __pfx_do_writev+0x10/0x10 [ 508.904760][T16176] do_syscall_64+0xcd/0xfa0 [ 508.904777][T16176] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 508.904798][T16176] RIP: 0033:0x7f045018efc9 [ 508.904810][T16176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 508.904825][T16176] RSP: 002b:00007f04510530e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 508.904839][T16176] RAX: ffffffffffffffda RBX: 00007f04503e5fa8 RCX: 00007f045018efc9 [ 508.904849][T16176] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f04503e5fac [ 508.904861][T16176] RBP: 00007f04503e5fa0 R08: 00007f0451054000 R09: 0000000000000000 [ 508.904869][T16176] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 508.904877][T16176] R13: 00007f04503e6038 R14: 00007ffd77a03b90 R15: 00007ffd77a03c78 [ 508.904896][T16176] [ 509.086508][ C0] vkms_vblank_simulate: vblank timer overrun [ 509.944745][T16214] program syz.4.2359 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 511.694077][T16241] program syz.0.2365 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 511.814657][T16244] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2363'. [ 513.505092][T16278] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2371'. [ 513.627478][T16280] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2371'. [ 513.827105][T16278] netlink: 134 bytes leftover after parsing attributes in process `syz.2.2371'. [ 514.313585][T16290] program syz.2.2374 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 514.661008][T16293] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2376'. [ 515.255888][T16305] netlink: 268 bytes leftover after parsing attributes in process `syz.4.2377'. [ 515.460337][T16310] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2379'. [ 515.495385][T16308] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2378'. [ 515.854447][T16317] FAULT_INJECTION: forcing a failure. [ 515.854447][T16317] name failslab, interval 1, probability 0, space 0, times 0 [ 516.016570][T16317] CPU: 0 UID: 0 PID: 16317 Comm: syz.0.2381 Not tainted syzkaller #0 PREEMPT(full) [ 516.016594][T16317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 516.016603][T16317] Call Trace: [ 516.016608][T16317] [ 516.016614][T16317] dump_stack_lvl+0x16c/0x1f0 [ 516.016635][T16317] should_fail_ex+0x512/0x640 [ 516.016657][T16317] ? __kmalloc_cache_noprof+0x5f/0x780 [ 516.016682][T16317] should_failslab+0xc2/0x120 [ 516.016701][T16317] __kmalloc_cache_noprof+0x72/0x780 [ 516.016723][T16317] ? snd_seq_prioq_new+0x3f/0x110 [ 516.016745][T16317] ? lockdep_init_map_type+0x5c/0x280 [ 516.016767][T16317] ? snd_seq_prioq_new+0x3f/0x110 [ 516.016788][T16317] snd_seq_prioq_new+0x3f/0x110 [ 516.016809][T16317] snd_seq_queue_alloc+0x153/0x5a0 [ 516.016832][T16317] snd_seq_ioctl_create_queue+0xa9/0x390 [ 516.016850][T16317] call_seq_client_ctl+0x9f/0x110 [ 516.016866][T16317] snd_seq_kernel_client_ctl+0x77/0xd0 [ 516.016881][T16317] alloc_seq_queue+0xda/0x180 [ 516.016897][T16317] ? __pfx_alloc_seq_queue+0x10/0x10 [ 516.016923][T16317] ? mark_held_locks+0x49/0x80 [ 516.016940][T16317] ? _raw_spin_unlock_irq+0x23/0x50 [ 516.016953][T16317] ? lockdep_hardirqs_on+0x7c/0x110 [ 516.016971][T16317] snd_seq_oss_open+0x38c/0xa20 [ 516.016991][T16317] odev_open+0x79/0xc0 [ 516.017005][T16317] ? __pfx_odev_open+0x10/0x10 [ 516.017019][T16317] soundcore_open+0x40c/0x580 [ 516.017037][T16317] ? __pfx_soundcore_open+0x10/0x10 [ 516.017052][T16317] chrdev_open+0x234/0x6a0 [ 516.017068][T16317] ? __pfx_apparmor_file_open+0x10/0x10 [ 516.017088][T16317] ? __pfx_chrdev_open+0x10/0x10 [ 516.017105][T16317] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 516.017125][T16317] do_dentry_open+0x982/0x1530 [ 516.017141][T16317] ? __pfx_chrdev_open+0x10/0x10 [ 516.017161][T16317] vfs_open+0x82/0x3f0 [ 516.017182][T16317] path_openat+0x1de4/0x2cb0 [ 516.017204][T16317] ? __pfx_path_openat+0x10/0x10 [ 516.017220][T16317] ? __lock_acquire+0xb8a/0x1c90 [ 516.017240][T16317] do_filp_open+0x20b/0x470 [ 516.017255][T16317] ? __pfx_do_filp_open+0x10/0x10 [ 516.017293][T16317] ? alloc_fd+0x471/0x7d0 [ 516.017312][T16317] do_sys_openat2+0x11b/0x1d0 [ 516.017332][T16317] ? __pfx_do_sys_openat2+0x10/0x10 [ 516.017354][T16317] ? __pfx___might_resched+0x10/0x10 [ 516.017375][T16317] __x64_sys_openat+0x174/0x210 [ 516.017395][T16317] ? __pfx___x64_sys_openat+0x10/0x10 [ 516.017423][T16317] do_syscall_64+0xcd/0xfa0 [ 516.017442][T16317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 516.017457][T16317] RIP: 0033:0x7fef6f58efc9 [ 516.017469][T16317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 516.017484][T16317] RSP: 002b:00007fef70468038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 516.017498][T16317] RAX: ffffffffffffffda RBX: 00007fef6f7e6090 RCX: 00007fef6f58efc9 [ 516.017508][T16317] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 516.017517][T16317] RBP: 00007fef6f611f91 R08: 0000000000000000 R09: 0000000000000000 [ 516.017526][T16317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 516.017536][T16317] R13: 00007fef6f7e6128 R14: 00007fef6f7e6090 R15: 00007ffed8603e18 [ 516.017556][T16317] [ 516.673424][T16331] bond0: option primary_reselect: invalid value (badblocks,badblo) [ 516.789406][ T30] audit: type=1800 audit(4294967375.196:37): pid=16331 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2382" name="features" dev="configfs" ino=56659 res=0 errno=0 [ 518.799261][T16364] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2391'. [ 519.458049][T16380] Invalid ELF header magic: != ELF [ 520.426809][T16397] net_ratelimit: 39 callbacks suppressed [ 520.426825][T16397] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 521.731015][T16428] program syz.0.2405 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 522.145031][T16424] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 522.162999][T16424] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 522.191622][T16424] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 522.218101][T16424] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 522.242315][T16424] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 522.261017][T16424] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 522.286217][T16424] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 522.340479][T16424] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 522.372422][T16412] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 522.373739][T16425] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 522.650980][T16444] netlink: 'syz.2.2409': attribute type 1 has an invalid length. [ 523.481790][T15474] Bluetooth: hci0: command 0x0c1a tx timeout [ 524.188317][T16482] program syz.2.2417 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 524.197741][T15474] Bluetooth: hci2: command 0x0c1a tx timeout [ 524.203750][T15474] Bluetooth: hci4: command 0x0c1a tx timeout [ 524.276712][T15474] Bluetooth: hci3: command 0x0c1a tx timeout [ 525.090708][T16503] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2420'. [ 525.283343][T16498] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 525.335758][T16498] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 525.457912][T16498] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 525.608414][T16498] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 526.320850][T16529] netlink: 186 bytes leftover after parsing attributes in process `syz.4.2425'. [ 526.625947][T16532] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078006600 pfn:0x78000 [ 526.781951][T16532] flags: 0xfff18000000214(referenced|dirty|workingset|node=0|zone=1|lastcpupid=0x7ff) [ 526.914132][T16532] raw: 00fff18000000214 0000000000000000 dead000000000122 0000000000000000 [ 526.979275][T16532] raw: ffff888078006600 0000000000000000 00000001ffffffff 0000000000000000 [ 527.035889][T16532] page dumped because: unmovable page [ 527.089668][T16549] sg_write: data in/out 16121600/48 bytes for SCSI command 0x7b-- guessing data in; [ 527.089668][T16549] program syz.0.2424 not setting count and/or reply_len properly [ 527.159331][T16532] page_owner tracks the page as allocated [ 527.191638][T16532] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 11419, tgid 11419 (syz-executor), ts 323761895748, free_ts 277873807140 [ 527.211208][ C0] vkms_vblank_simulate: vblank timer overrun [ 527.240960][T16549] FAULT_INJECTION: forcing a failure. [ 527.240960][T16549] name failslab, interval 1, probability 0, space 0, times 0 [ 527.295353][T16549] CPU: 0 UID: 0 PID: 16549 Comm: syz.0.2424 Not tainted syzkaller #0 PREEMPT(full) [ 527.295376][T16549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 527.295385][T16549] Call Trace: [ 527.295390][T16549] [ 527.295396][T16549] dump_stack_lvl+0x16c/0x1f0 [ 527.295417][T16549] should_fail_ex+0x512/0x640 [ 527.295439][T16549] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 527.295462][T16549] should_failslab+0xc2/0x120 [ 527.295482][T16549] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 527.295497][T16549] ? __dquot_initialize+0x299/0xd50 [ 527.295515][T16549] ? __d_alloc+0x32/0xae0 [ 527.295534][T16549] ? __d_alloc+0x32/0xae0 [ 527.295548][T16549] __d_alloc+0x32/0xae0 [ 527.295565][T16549] d_alloc_pseudo+0x1c/0xc0 [ 527.295584][T16549] alloc_file_pseudo+0xcf/0x230 [ 527.295605][T16549] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 527.295629][T16549] __shmem_file_setup+0x1a3/0x330 [ 527.295653][T16549] shmem_zero_setup+0x93/0x1a0 [ 527.295669][T16549] __mmap_region+0x2076/0x27a0 [ 527.295685][T16549] ? __pfx___mmap_region+0x10/0x10 [ 527.295698][T16549] ? lock_acquire+0x179/0x350 [ 527.295717][T16549] ? find_held_lock+0x2b/0x80 [ 527.295731][T16549] ? finish_task_switch.isra.0+0x21c/0xc10 [ 527.295747][T16549] ? rcu_is_watching+0x12/0xc0 [ 527.295762][T16549] ? finish_task_switch.isra.0+0x221/0xc10 [ 527.295781][T16549] ? trace_sched_exit_tp+0xd1/0x120 [ 527.295801][T16549] ? __schedule+0x11a3/0x5de0 [ 527.295846][T16549] ? trace_cap_capable+0x18d/0x200 [ 527.295872][T16549] mmap_region+0x1ab/0x3f0 [ 527.295886][T16549] ? __get_unmapped_area+0x267/0x440 [ 527.295906][T16549] do_mmap+0xa3e/0x1210 [ 527.295927][T16549] ? __pfx_do_mmap+0x10/0x10 [ 527.295944][T16549] ? __pfx_down_write_killable+0x10/0x10 [ 527.295965][T16549] vm_mmap_pgoff+0x29e/0x470 [ 527.295986][T16549] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 527.296007][T16549] ? __x64_sys_futex+0x1e0/0x4c0 [ 527.296026][T16549] ? __x64_sys_futex+0x1e9/0x4c0 [ 527.296047][T16549] ksys_mmap_pgoff+0x7d/0x5c0 [ 527.296063][T16549] ? xfd_validate_state+0x61/0x180 [ 527.296082][T16549] ? __pfx_ksys_read+0x10/0x10 [ 527.296099][T16549] __x64_sys_mmap+0x125/0x190 [ 527.296121][T16549] do_syscall_64+0xcd/0xfa0 [ 527.296138][T16549] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 527.296152][T16549] RIP: 0033:0x7fef6f58efc9 [ 527.296165][T16549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 527.296179][T16549] RSP: 002b:00007fef70489038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 527.296193][T16549] RAX: ffffffffffffffda RBX: 00007fef6f7e5fa0 RCX: 00007fef6f58efc9 [ 527.296203][T16549] RDX: 00000000000000e2 RSI: 0000000000020009 RDI: 0000000000000000 [ 527.296211][T16549] RBP: 00007fef6f611f91 R08: 0000000000000405 R09: 0000000000008000 [ 527.296220][T16549] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 527.296228][T16549] R13: 00007fef6f7e6038 R14: 00007fef6f7e5fa0 R15: 00007ffed8603e18 [ 527.296248][T16549] [ 527.591014][ C0] vkms_vblank_simulate: vblank timer overrun [ 527.622047][T16532] post_alloc_hook+0x1c0/0x230 [ 527.627718][T16532] get_page_from_freelist+0x10a3/0x3a30 [ 527.633356][T16532] __alloc_frozen_pages_noprof+0x25f/0x2470 [ 527.639397][T16532] alloc_pages_mpol+0x1fb/0x550 [ 527.644307][T16532] alloc_pages_noprof+0x131/0x390 [ 527.649362][T16532] __vmalloc_node_range_noprof+0x6f8/0x1480 [ 527.655289][T16532] vmalloc_user_noprof+0x9e/0xe0 [ 527.660249][T16532] kcov_ioctl+0x4c/0x730 [ 527.664473][T16532] __x64_sys_ioctl+0x18e/0x210 [ 527.669307][T16532] do_syscall_64+0xcd/0xfa0 [ 527.673796][T16532] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 527.680043][T16532] page last free pid 10093 tgid 10091 stack trace: [ 527.686532][T16532] __free_frozen_pages+0x7df/0x1160 [ 527.691854][T16532] kimage_free_page_list+0x130/0x230 [ 527.697303][T16532] kimage_alloc_control_pages+0x3d3/0xa00 [ 527.703059][T16532] do_kexec_load+0x478/0x8a0 [ 527.707689][T16532] __x64_sys_kexec_load+0x1bf/0x230 [ 527.712890][T16532] do_syscall_64+0xcd/0xfa0 [ 527.717447][T16532] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 527.737393][T15474] Bluetooth: hci0: command 0x0c1a tx timeout [ 527.743460][T15474] Bluetooth: hci4: command 0x0c1a tx timeout [ 527.749502][T15474] Bluetooth: hci2: command 0x0c1a tx timeout [ 527.755478][T15474] Bluetooth: hci3: command 0x0c1a tx timeout [ 529.765477][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout [ 529.771613][T15474] Bluetooth: hci2: command 0x0c1a tx timeout [ 530.975928][T16639] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2439'. [ 531.010356][T16636] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 531.677501][T16663] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2444'. [ 535.723443][T16750] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 535.973265][T16754] netlink: zone id is out of range [ 535.987161][T16753] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2462'. [ 536.027069][T16753] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2462'. [ 536.645186][T16771] binder: binder_mmap: 16768 0-1000 bad vm_flags failed -1 [ 537.339473][T16793] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2470'. [ 538.171973][T16810] blktrace: Concurrent blktraces are not allowed on sg0 [ 538.656729][T16820] nbd: socks must be embedded in a SOCK_ITEM attr [ 538.879014][T16820] block nbd0: shutting down sockets [ 539.540825][T16845] netlink: 'syz.3.2484': attribute type 1 has an invalid length. [ 539.698207][T16845] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2484'. [ 539.933868][ T6681] [drm:drm_crtc_add_crc_entry] *ERROR* Overflow of CRC buffer, userspace reads too slow. [ 540.923194][T16875] netlink: 504 bytes leftover after parsing attributes in process `syz.4.2491'. [ 541.328383][T16883] erspan0: entered allmulticast mode [ 542.415417][ T30] audit: type=1800 audit(4294967401.082:38): pid=16897 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2495" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 543.582582][T16905] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 543.856174][T16924] netlink: 504 bytes leftover after parsing attributes in process `syz.2.2502'. [ 544.879275][T16949] netlink: 252 bytes leftover after parsing attributes in process `syz.0.2509'. [ 545.004410][T16954] netlink: 252 bytes leftover after parsing attributes in process `syz.0.2509'. [ 545.198642][T16957] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2512'. [ 545.248665][T16957] netlink: 17 bytes leftover after parsing attributes in process `syz.4.2512'. [ 545.517250][T16960] netlink: 122 bytes leftover after parsing attributes in process `syz.4.2514'. [ 545.748451][T16969] random: crng reseeded on system resumption [ 546.119554][T16964] HfR: entered promiscuous mode [ 546.396223][T16981] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2518'. [ 551.559189][T17095] ubi0: attaching mtd0 [ 551.598099][T17095] ubi0: scanning is finished [ 551.605193][T17105] netlink: 13 bytes leftover after parsing attributes in process `syz.4.2537'. [ 551.670847][T17095] ubi0: empty MTD device detected [ 552.238361][T17095] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 552.245854][T17095] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 552.342397][T17095] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 552.447840][T17095] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 552.456055][T17095] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 552.606842][T17095] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 552.673374][T17095] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3348040843 [ 552.766028][T17095] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 552.872168][T17127] ubi0: background thread "ubi_bgt0d" started, PID 17127 [ 552.887035][T17145] netlink: 'syz.4.2542': attribute type 4 has an invalid length. [ 552.952954][T17145] netlink: 314 bytes leftover after parsing attributes in process `syz.4.2542'. [ 554.129723][T17177] netlink: 'syz.3.2547': attribute type 1 has an invalid length. [ 554.152662][T17151] ubi0: detaching mtd0 [ 554.197679][T17151] ubi0: mtd0 is detached [ 555.031206][T17200] netlink: 'syz.0.2553': attribute type 1 has an invalid length. [ 555.032048][T17200] FAULT_INJECTION: forcing a failure. [ 555.032048][T17200] name fail_futex, interval 1, probability 0, space 0, times 0 [ 555.032073][T17200] CPU: 0 UID: 0 PID: 17200 Comm: syz.0.2553 Not tainted syzkaller #0 PREEMPT(full) [ 555.032090][T17200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 555.032099][T17200] Call Trace: [ 555.032104][T17200] [ 555.032110][T17200] dump_stack_lvl+0x16c/0x1f0 [ 555.032130][T17200] should_fail_ex+0x512/0x640 [ 555.032154][T17200] get_futex_key+0x1d0/0x1560 [ 555.032175][T17200] ? __pfx_get_futex_key+0x10/0x10 [ 555.032199][T17200] futex_wake+0xea/0x530 [ 555.032218][T17200] ? trace_kmem_cache_alloc+0x28/0xc0 [ 555.032240][T17200] ? __pfx_futex_wake+0x10/0x10 [ 555.032264][T17200] ? errseq_sample+0x53/0x70 [ 555.032284][T17200] ? file_init_path+0x4fe/0x760 [ 555.032306][T17200] do_futex+0x1e3/0x350 [ 555.032325][T17200] ? __pfx_do_futex+0x10/0x10 [ 555.032343][T17200] ? fd_install+0x225/0x750 [ 555.032360][T17200] __x64_sys_futex+0x1e0/0x4c0 [ 555.032380][T17200] ? __sys_socket+0xac/0x260 [ 555.032398][T17200] ? __pfx___x64_sys_futex+0x10/0x10 [ 555.032416][T17200] ? xfd_validate_state+0x61/0x180 [ 555.032435][T17200] ? __pfx_do_writev+0x10/0x10 [ 555.032453][T17200] do_syscall_64+0xcd/0xfa0 [ 555.032469][T17200] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 555.032483][T17200] RIP: 0033:0x7fef6f58efc9 [ 555.032494][T17200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 555.032507][T17200] RSP: 002b:00007fef704890e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 555.032521][T17200] RAX: ffffffffffffffda RBX: 00007fef6f7e5fa8 RCX: 00007fef6f58efc9 [ 555.032530][T17200] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fef6f7e5fac [ 555.032539][T17200] RBP: 00007fef6f7e5fa0 R08: 00007fef7048a000 R09: 0000000000000000 [ 555.032547][T17200] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 555.032555][T17200] R13: 00007fef6f7e6038 R14: 00007ffed8603d30 R15: 00007ffed8603e18 [ 555.032584][T17200] [ 560.563428][T17328] netlink: 'syz.2.2583': attribute type 10 has an invalid length. [ 560.642140][T17328] netlink: 230 bytes leftover after parsing attributes in process `syz.2.2583'. [ 560.954383][T17328] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 562.255636][T17346] netlink: 'syz.2.2587': attribute type 1 has an invalid length. [ 562.395961][T17346] FAULT_INJECTION: forcing a failure. [ 562.395961][T17346] name fail_futex, interval 1, probability 0, space 0, times 0 [ 562.541851][T17346] CPU: 0 UID: 0 PID: 17346 Comm: syz.2.2587 Not tainted syzkaller #0 PREEMPT(full) [ 562.541875][T17346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 562.541884][T17346] Call Trace: [ 562.541890][T17346] [ 562.541896][T17346] dump_stack_lvl+0x16c/0x1f0 [ 562.541917][T17346] should_fail_ex+0x512/0x640 [ 562.541941][T17346] get_futex_key+0x1d0/0x1560 [ 562.541962][T17346] ? __pfx_get_futex_key+0x10/0x10 [ 562.541986][T17346] futex_wake+0xea/0x530 [ 562.542006][T17346] ? trace_kmem_cache_alloc+0x28/0xc0 [ 562.542028][T17346] ? __pfx_futex_wake+0x10/0x10 [ 562.542055][T17346] ? errseq_sample+0x53/0x70 [ 562.542075][T17346] ? file_init_path+0x4fe/0x760 [ 562.542097][T17346] do_futex+0x1e3/0x350 [ 562.542126][T17346] ? __pfx_do_futex+0x10/0x10 [ 562.542145][T17346] ? fd_install+0x225/0x750 [ 562.542163][T17346] __x64_sys_futex+0x1e0/0x4c0 [ 562.542182][T17346] ? __sys_socket+0xac/0x260 [ 562.542201][T17346] ? __pfx___x64_sys_futex+0x10/0x10 [ 562.542219][T17346] ? xfd_validate_state+0x61/0x180 [ 562.542238][T17346] ? __pfx_do_writev+0x10/0x10 [ 562.542258][T17346] do_syscall_64+0xcd/0xfa0 [ 562.542274][T17346] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 562.542288][T17346] RIP: 0033:0x7f8763b8efc9 [ 562.542300][T17346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 562.542314][T17346] RSP: 002b:00007f8764ae70e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 562.542328][T17346] RAX: ffffffffffffffda RBX: 00007f8763de5fa8 RCX: 00007f8763b8efc9 [ 562.542338][T17346] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8763de5fac [ 562.542346][T17346] RBP: 00007f8763de5fa0 R08: 00007f8764ae8000 R09: 0000000000000000 [ 562.542355][T17346] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 562.542363][T17346] R13: 00007f8763de6038 R14: 00007ffd371b2b10 R15: 00007ffd371b2bf8 [ 562.542381][T17346] [ 562.736170][ C0] vkms_vblank_simulate: vblank timer overrun [ 563.909084][T17368] random: crng reseeded on system resumption [ 564.895373][T17380] netlink: 'syz.4.2597': attribute type 1 has an invalid length. [ 565.099596][T17380] FAULT_INJECTION: forcing a failure. [ 565.099596][T17380] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 565.300936][T17380] CPU: 0 UID: 0 PID: 17380 Comm: syz.4.2597 Not tainted syzkaller #0 PREEMPT(full) [ 565.300960][T17380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 565.300970][T17380] Call Trace: [ 565.300975][T17380] [ 565.300982][T17380] dump_stack_lvl+0x16c/0x1f0 [ 565.301003][T17380] should_fail_ex+0x512/0x640 [ 565.301028][T17380] _copy_from_iter+0x29f/0x1720 [ 565.301053][T17380] ? __alloc_skb+0x200/0x380 [ 565.301077][T17380] ? __pfx__copy_from_iter+0x10/0x10 [ 565.301097][T17380] ? aa_get_newest_label+0xd2/0x250 [ 565.301117][T17380] ? apparmor_capable+0x114/0x1d0 [ 565.301144][T17380] netlink_sendmsg+0x820/0xdd0 [ 565.301162][T17380] ? __pfx_netlink_sendmsg+0x10/0x10 [ 565.301178][T17380] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 565.301205][T17380] ____sys_sendmsg+0xa98/0xc70 [ 565.301222][T17380] ? copy_msghdr_from_user+0x10a/0x160 [ 565.301243][T17380] ? __pfx_____sys_sendmsg+0x10/0x10 [ 565.301264][T17380] ? __pfx_futex_wake_mark+0x10/0x10 [ 565.301289][T17380] ___sys_sendmsg+0x134/0x1d0 [ 565.301300][T17380] ? futex_private_hash_put+0x176/0x300 [ 565.301318][T17380] ? __pfx____sys_sendmsg+0x10/0x10 [ 565.301338][T17380] ? __lock_acquire+0x622/0x1c90 [ 565.301379][T17380] __sys_sendmsg+0x16d/0x220 [ 565.301392][T17380] ? __pfx___sys_sendmsg+0x10/0x10 [ 565.301404][T17380] ? __x64_sys_futex+0x1e0/0x4c0 [ 565.301433][T17380] do_syscall_64+0xcd/0xfa0 [ 565.301450][T17380] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 565.301465][T17380] RIP: 0033:0x7f045018efc9 [ 565.301477][T17380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 565.301491][T17380] RSP: 002b:00007f0451053038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 565.301506][T17380] RAX: ffffffffffffffda RBX: 00007f04503e5fa0 RCX: 00007f045018efc9 [ 565.301515][T17380] RDX: 0000000000040000 RSI: 0000200000001880 RDI: 0000000000000006 [ 565.301524][T17380] RBP: 00007f0450211f91 R08: 0000000000000000 R09: 0000000000000000 [ 565.301532][T17380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 565.301541][T17380] R13: 00007f04503e6038 R14: 00007f04503e5fa0 R15: 00007ffd77a03c78 [ 565.301560][T17380] [ 565.526994][ C0] vkms_vblank_simulate: vblank timer overrun [ 566.283396][T15474] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 566.295138][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 566.302746][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 566.312086][ T5149] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 566.327030][T15474] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 566.356901][T15474] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 566.388161][T15474] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 566.521659][T17404] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2602'. [ 567.074011][T17415] deleting an unspecified loop device is not supported. [ 567.633566][T17395] chnl_net:caif_netlink_parms(): no params data found [ 567.678914][T17429] ubi0: attaching mtd0 [ 567.710859][T17429] FAULT_INJECTION: forcing a failure. [ 567.710859][T17429] name failslab, interval 1, probability 0, space 0, times 0 [ 567.782105][T17429] CPU: 0 UID: 0 PID: 17429 Comm: syz.4.2607 Not tainted syzkaller #0 PREEMPT(full) [ 567.782135][T17429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 567.782144][T17429] Call Trace: [ 567.782149][T17429] [ 567.782155][T17429] dump_stack_lvl+0x16c/0x1f0 [ 567.782177][T17429] should_fail_ex+0x512/0x640 [ 567.782199][T17429] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 567.782217][T17429] should_failslab+0xc2/0x120 [ 567.782236][T17429] kmem_cache_alloc_noprof+0x75/0x6e0 [ 567.782249][T17429] ? __pfx_ubi_io_read+0x10/0x10 [ 567.782267][T17429] ? add_to_list+0xcc/0x5a0 [ 567.782290][T17429] ? add_to_list+0xcc/0x5a0 [ 567.782308][T17429] add_to_list+0xcc/0x5a0 [ 567.782327][T17429] ? ubi_io_read_vid_hdr+0x2f9/0x7a0 [ 567.782348][T17429] ubi_attach+0x2843/0x4be0 [ 567.782379][T17429] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 567.782400][T17429] ? __pfx_ubi_msg+0x10/0x10 [ 567.782421][T17429] ? __pfx_ubi_attach+0x10/0x10 [ 567.782445][T17429] ? ubi_attach_mtd_dev+0x155b/0x35d0 [ 567.782458][T17429] ? __vmalloc_node_noprof+0xad/0xf0 [ 567.782477][T17429] ? ubi_attach_mtd_dev+0x155b/0x35d0 [ 567.782493][T17429] ubi_attach_mtd_dev+0x15a7/0x35d0 [ 567.782515][T17429] ? __pfx_ubi_attach_mtd_dev+0x10/0x10 [ 567.782529][T17429] ? __pfx_get_mtd_device+0x10/0x10 [ 567.782552][T17429] ctrl_cdev_ioctl+0x337/0x3d0 [ 567.782566][T17429] ? __pfx_ctrl_cdev_ioctl+0x10/0x10 [ 567.782585][T17429] ? __pfx_ctrl_cdev_ioctl+0x10/0x10 [ 567.782600][T17429] __x64_sys_ioctl+0x18e/0x210 [ 567.782622][T17429] do_syscall_64+0xcd/0xfa0 [ 567.782638][T17429] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 567.782653][T17429] RIP: 0033:0x7f045018efc9 [ 567.782664][T17429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 567.782678][T17429] RSP: 002b:00007f0451053038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 567.782691][T17429] RAX: ffffffffffffffda RBX: 00007f04503e5fa0 RCX: 00007f045018efc9 [ 567.782700][T17429] RDX: 0000000000000000 RSI: 0000000040186f40 RDI: 0000000000000005 [ 567.782709][T17429] RBP: 00007f0450211f91 R08: 0000000000000000 R09: 0000000000000000 [ 567.782717][T17429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 567.782733][T17429] R13: 00007f04503e6038 R14: 00007f04503e5fa0 R15: 00007ffd77a03c78 [ 567.782754][T17429] [ 568.460293][T15474] Bluetooth: hci1: command tx timeout [ 568.596494][T17429] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -12 [ 568.757134][ T6698] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 568.843490][ T6698] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 568.954323][ T6698] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 569.092646][T17441] netlink: 'syz.4.2608': attribute type 1 has an invalid length. [ 569.122164][T17441] FAULT_INJECTION: forcing a failure. [ 569.122164][T17441] name failslab, interval 1, probability 0, space 0, times 0 [ 569.166587][ T6698] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 569.200197][T17441] CPU: 0 UID: 0 PID: 17441 Comm: syz.4.2608 Not tainted syzkaller #0 PREEMPT(full) [ 569.200220][T17441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 569.200229][T17441] Call Trace: [ 569.200234][T17441] [ 569.200240][T17441] dump_stack_lvl+0x16c/0x1f0 [ 569.200269][T17441] should_fail_ex+0x512/0x640 [ 569.200290][T17441] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 569.200308][T17441] should_failslab+0xc2/0x120 [ 569.200328][T17441] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 569.200341][T17441] ? __pfx___might_resched+0x10/0x10 [ 569.200357][T17441] ? sock_alloc_inode+0x25/0x1c0 [ 569.200376][T17441] ? __pfx_sock_alloc_inode+0x10/0x10 [ 569.200390][T17441] ? sock_alloc_inode+0x25/0x1c0 [ 569.200404][T17441] sock_alloc_inode+0x25/0x1c0 [ 569.200419][T17441] alloc_inode+0x64/0x240 [ 569.200438][T17441] sock_alloc+0x40/0x280 [ 569.200452][T17441] __sock_create+0xc1/0x8d0 [ 569.200472][T17441] __sys_socket+0x14d/0x260 [ 569.200490][T17441] ? __pfx___sys_socket+0x10/0x10 [ 569.200507][T17441] ? xfd_validate_state+0x61/0x180 [ 569.200526][T17441] ? __pfx_do_writev+0x10/0x10 [ 569.200543][T17441] __x64_sys_socket+0x72/0xb0 [ 569.200560][T17441] ? lockdep_hardirqs_on+0x7c/0x110 [ 569.200596][T17441] do_syscall_64+0xcd/0xfa0 [ 569.200614][T17441] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 569.200628][T17441] RIP: 0033:0x7f0450190ee7 [ 569.200640][T17441] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 569.200654][T17441] RSP: 002b:00007f0451051fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 569.200668][T17441] RAX: ffffffffffffffda RBX: 00007f04503e5fa0 RCX: 00007f0450190ee7 [ 569.200677][T17441] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 569.200685][T17441] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 569.200693][T17441] R10: 00002000000002c0 R11: 0000000000000286 R12: 0000000000000000 [ 569.200704][T17441] R13: 00007f04503e6038 R14: 00007f04503e5fa0 R15: 00007ffd77a03c78 [ 569.200730][T17441] [ 569.200741][T17441] socket: no more sockets [ 569.603495][T17395] bridge0: port 1(bridge_slave_0) entered blocking state [ 569.630079][T17395] bridge0: port 1(bridge_slave_0) entered disabled state [ 569.656816][T17395] bridge_slave_0: entered allmulticast mode [ 569.678840][T17395] bridge_slave_0: entered promiscuous mode [ 569.691197][T17395] bridge0: port 2(bridge_slave_1) entered blocking state [ 569.709114][T17395] bridge0: port 2(bridge_slave_1) entered disabled state [ 569.716293][T17395] bridge_slave_1: entered allmulticast mode [ 569.768410][T17395] bridge_slave_1: entered promiscuous mode [ 569.982481][T17395] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 570.049164][T17395] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 570.455738][T17395] team0: Port device team_slave_0 added [ 570.506747][T15474] Bluetooth: hci1: command tx timeout [ 570.526882][T17395] team0: Port device team_slave_1 added [ 570.690016][T17471] HfR: entered promiscuous mode [ 570.715929][T17395] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 570.743045][T17395] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 570.831143][T17395] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 570.869089][T17395] batman_adv: batadv0: Adding interface: batadv_slave_1 syzkaller syzkaller login: [ 570.897258][T17395] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 570.998526][T17395] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 571.193273][ T62] netdevsim netdevsim15 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 571.885942][T17498] vivid-007: ================= START STATUS ================= [ 571.900834][T17499] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2616'. [ 571.942889][T17498] vivid-007: Enable Output Cropping: true [ 571.979101][T17498] vivid-007: Enable Output Composing: true [ 572.000882][T17498] vivid-007: Enable Output Scaler: true [ 572.007316][T17498] vivid-007: Tx RGB Quantization Range: Automatic [ 572.024865][T17498] vivid-007: Transmit Mode: HDMI [ 572.037404][T17498] vivid-007: Hotplug Present: 0x00000000 [ 572.043308][T17498] vivid-007: RxSense Present: 0x00000000 [ 572.060241][T17498] vivid-007: EDID Present: 0x00000000 [ 572.072041][T17498] vivid-007: ================== END STATUS ================== [ 572.082799][ T6698] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 572.103117][ T6698] bond0 (unregistering): Released all slaves [ 572.245724][ T6698] ovs_: left promiscuous mode [ 572.286029][T17395] hsr_slave_0: entered promiscuous mode [ 572.312568][T17395] hsr_slave_1: entered promiscuous mode [ 572.346228][T17395] debugfs: 'hsr0' already exists in 'hsr' [ 572.372300][T17395] Cannot create hsr debugfs directory [ 572.390774][ T6698] tipc: Left network mode [ 572.576839][T15474] Bluetooth: hci1: command tx timeout [ 574.152596][T17562] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2627'. [ 574.190803][ T6698] hsr_slave_0: left promiscuous mode [ 574.215148][ T6698] hsr_slave_1: left promiscuous mode [ 574.230209][ T6698] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 574.285513][ T6698] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 574.315908][ T6698] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 574.332806][ T6698] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 574.386678][ T6698] veth1_macvtap: left allmulticast mode [ 574.400509][ T6698] veth1_macvtap: left promiscuous mode [ 574.414962][ T6698] veth1_vlan: left promiscuous mode [ 574.425947][ T6698] veth0_vlan: left promiscuous mode [ 574.649821][T15474] Bluetooth: hci1: command tx timeout [ 574.856347][ T6698] team0 (unregistering): Port device team_slave_1 removed [ 574.898722][ T6698] team0 (unregistering): Port device team_slave_0 removed [ 575.344544][T17568] random: crng reseeded on system resumption [ 575.475341][T17395] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 575.535670][T17395] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 575.594130][T17395] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 575.667563][T17395] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 576.351410][T17395] 8021q: adding VLAN 0 to HW filter on device bond0 [ 576.422427][T17395] 8021q: adding VLAN 0 to HW filter on device team0 [ 576.621802][T17600] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2634'. [ 576.672463][T17600] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2634'. [ 576.685666][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 576.692802][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 576.742534][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 576.749647][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 576.936853][T17395] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 577.069923][T17395] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 578.127736][T17395] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 578.282360][T17637] FAULT_INJECTION: forcing a failure. [ 578.282360][T17637] name failslab, interval 1, probability 0, space 0, times 0 [ 578.343574][T17395] veth0_vlan: entered promiscuous mode [ 578.369670][T17637] CPU: 0 UID: 0 PID: 17637 Comm: syz.0.2639 Not tainted syzkaller #0 PREEMPT(full) [ 578.369693][T17637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 578.369701][T17637] Call Trace: [ 578.369706][T17637] [ 578.369712][T17637] dump_stack_lvl+0x16c/0x1f0 [ 578.369734][T17637] should_fail_ex+0x512/0x640 [ 578.369756][T17637] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 578.369773][T17637] should_failslab+0xc2/0x120 [ 578.369792][T17637] kmem_cache_alloc_noprof+0x75/0x6e0 [ 578.369805][T17637] ? trace_sched_set_need_resched_tp+0xf3/0x150 [ 578.369819][T17637] ? alloc_empty_file+0x55/0x1e0 [ 578.369841][T17637] ? alloc_empty_file+0x55/0x1e0 [ 578.369859][T17637] alloc_empty_file+0x55/0x1e0 [ 578.369878][T17637] path_openat+0xda/0x2cb0 [ 578.369900][T17637] ? __pfx_path_openat+0x10/0x10 [ 578.369917][T17637] ? __lock_acquire+0xb8a/0x1c90 [ 578.369938][T17637] do_filp_open+0x20b/0x470 [ 578.369952][T17637] ? __pfx_do_filp_open+0x10/0x10 [ 578.369980][T17637] ? alloc_fd+0x471/0x7d0 [ 578.370001][T17637] do_sys_openat2+0x11b/0x1d0 [ 578.370026][T17637] ? __pfx_do_sys_openat2+0x10/0x10 [ 578.370046][T17637] ? __pfx___might_resched+0x10/0x10 [ 578.370073][T17637] __x64_sys_openat+0x174/0x210 [ 578.370097][T17637] ? __pfx___x64_sys_openat+0x10/0x10 [ 578.370126][T17637] do_syscall_64+0xcd/0xfa0 [ 578.370143][T17637] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 578.370158][T17637] RIP: 0033:0x7fef6f58efc9 [ 578.370170][T17637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 578.370183][T17637] RSP: 002b:00007fef70468038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 578.370197][T17637] RAX: ffffffffffffffda RBX: 00007fef6f7e6090 RCX: 00007fef6f58efc9 [ 578.370206][T17637] RDX: 0000000000000100 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 578.370215][T17637] RBP: 00007fef6f611f91 R08: 0000000000000000 R09: 0000000000000000 [ 578.370224][T17637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 578.370232][T17637] R13: 00007fef6f7e6128 R14: 00007fef6f7e6090 R15: 00007ffed8603e18 [ 578.370252][T17637] [ 578.582064][ C0] vkms_vblank_simulate: vblank timer overrun [ 578.663532][T17395] veth1_vlan: entered promiscuous mode [ 578.681738][T17395] veth0_macvtap: entered promiscuous mode [ 578.689930][T17395] veth1_macvtap: entered promiscuous mode [ 578.704441][T17395] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 578.714130][T17395] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 578.769775][ T62] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 578.779126][ T62] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 578.789083][ T62] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 578.797905][ T62] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 578.841879][T17627] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 578.862835][T17627] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 578.869274][T17627] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 578.876559][T17627] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 578.883440][T17627] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 578.891800][T17627] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 578.982213][ T6698] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 579.031841][ T6698] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 579.159661][ T6698] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 579.201581][ T6698] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 579.238591][T17651] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2642'. [ 579.282528][T17651] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2642'. [ 579.509100][T17660] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2598'. [ 580.213005][T15474] Bluetooth: hci4: command 0x0c1a tx timeout [ 580.929519][T15474] Bluetooth: hci1: command 0x0c1a tx timeout [ 580.935562][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout [ 580.941901][ T5835] Bluetooth: hci2: command 0x0c1a tx timeout [ 581.675782][T17713] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2654'. [ 581.956981][T17724] netlink: 350 bytes leftover after parsing attributes in process `syz.2.2657'. [ 582.046575][T17730] netlink: 350 bytes leftover after parsing attributes in process `syz.2.2657'. [ 582.201282][T17723] Invalid ELF header magic: != ELF [ 582.653008][T17744] random: crng reseeded on system resumption [ 582.998907][T17703] Bluetooth: hci1: command 0x0c1a tx timeout [ 583.232710][T17754] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2660'. [ 583.545905][T17768] netlink: 504 bytes leftover after parsing attributes in process `syz.4.2662'. [ 583.564735][T17769] FAULT_INJECTION: forcing a failure. [ 583.564735][T17769] name failslab, interval 1, probability 0, space 0, times 0 [ 583.663507][T17769] CPU: 0 UID: 0 PID: 17769 Comm: syz.0.2663 Not tainted syzkaller #0 PREEMPT(full) [ 583.663530][T17769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 583.663539][T17769] Call Trace: [ 583.663545][T17769] [ 583.663550][T17769] dump_stack_lvl+0x16c/0x1f0 [ 583.663571][T17769] should_fail_ex+0x512/0x640 [ 583.663593][T17769] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 583.663610][T17769] should_failslab+0xc2/0x120 [ 583.663629][T17769] kmem_cache_alloc_noprof+0x75/0x6e0 [ 583.663643][T17769] ? seq_open+0x55/0x170 [ 583.663665][T17769] ? seq_open+0x55/0x170 [ 583.663681][T17769] seq_open+0x55/0x170 [ 583.663708][T17769] kernfs_fop_open+0x59f/0xda0 [ 583.663727][T17769] do_dentry_open+0x982/0x1530 [ 583.663745][T17769] ? __pfx_kernfs_fop_open+0x10/0x10 [ 583.663763][T17769] vfs_open+0x82/0x3f0 [ 583.663784][T17769] path_openat+0x1de4/0x2cb0 [ 583.663806][T17769] ? __pfx_path_openat+0x10/0x10 [ 583.663822][T17769] ? __lock_acquire+0xb8a/0x1c90 [ 583.663843][T17769] do_filp_open+0x20b/0x470 [ 583.663858][T17769] ? __pfx_do_filp_open+0x10/0x10 [ 583.663890][T17769] ? alloc_fd+0x471/0x7d0 [ 583.663908][T17769] do_sys_openat2+0x11b/0x1d0 [ 583.663928][T17769] ? __pfx_do_sys_openat2+0x10/0x10 [ 583.663955][T17769] __x64_sys_openat+0x174/0x210 [ 583.663976][T17769] ? __pfx___x64_sys_openat+0x10/0x10 [ 583.664004][T17769] do_syscall_64+0xcd/0xfa0 [ 583.664021][T17769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 583.664035][T17769] RIP: 0033:0x7fef6f58efc9 [ 583.664047][T17769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 583.664061][T17769] RSP: 002b:00007fef70468038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 583.664075][T17769] RAX: ffffffffffffffda RBX: 00007fef6f7e6090 RCX: 00007fef6f58efc9 [ 583.664084][T17769] RDX: 000000000000a001 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 583.664093][T17769] RBP: 00007fef6f611f91 R08: 0000000000000000 R09: 0000000000000000 [ 583.664101][T17769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 583.664109][T17769] R13: 00007fef6f7e6128 R14: 00007fef6f7e6090 R15: 00007ffed8603e18 [ 583.664128][T17769] [ 583.880318][ C0] vkms_vblank_simulate: vblank timer overrun [ 584.071532][T17777] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2665'. [ 584.539164][T17795] random: crng reseeded on system resumption [ 584.786673][T17796] hub 1-0:1.0: USB hub found [ 584.853431][T17796] hub 1-0:1.0: 1 port detected [ 585.067955][T17703] Bluetooth: hci1: command 0x0c1a tx timeout [ 585.396201][T17703] Bluetooth: hci4: unexpected event 0x01 length: 5 > 1 [ 587.116461][T17850] netlink: zone id is out of range [ 587.278755][T17850] netlink: del zone limit has 4 unknown bytes [ 587.907815][T17867] random: crng reseeded on system resumption [ 588.547527][T17882] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2685'. [ 588.814876][T17888] nvme_fcloop: unknown parameter or missing value '0' [ 588.925240][T17888] FAULT_INJECTION: forcing a failure. [ 588.925240][T17888] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 589.040934][T17888] CPU: 0 UID: 0 PID: 17888 Comm: syz.3.2686 Not tainted syzkaller #0 PREEMPT(full) [ 589.040958][T17888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 589.040967][T17888] Call Trace: [ 589.040972][T17888] [ 589.040978][T17888] dump_stack_lvl+0x16c/0x1f0 [ 589.040999][T17888] should_fail_ex+0x512/0x640 [ 589.041023][T17888] _copy_from_user+0x2e/0xd0 [ 589.041046][T17888] snd_rawmidi_kernel_write1+0x50a/0x8a0 [ 589.041073][T17888] snd_rawmidi_write+0x26e/0xc10 [ 589.041097][T17888] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 589.041117][T17888] ? __pfx_default_wake_function+0x10/0x10 [ 589.041134][T17888] ? bpf_lsm_file_permission+0x9/0x10 [ 589.041150][T17888] ? security_file_permission+0x71/0x210 [ 589.041165][T17888] ? rw_verify_area+0xcf/0x6c0 [ 589.041179][T17888] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 589.041198][T17888] vfs_write+0x2a0/0x11d0 [ 589.041216][T17888] ? __pfx_vfs_write+0x10/0x10 [ 589.041229][T17888] ? find_held_lock+0x2b/0x80 [ 589.041244][T17888] ? __fget_files+0x204/0x3c0 [ 589.041260][T17888] ? __fget_files+0x20e/0x3c0 [ 589.041278][T17888] ksys_write+0x1f8/0x250 [ 589.041293][T17888] ? __pfx_ksys_write+0x10/0x10 [ 589.041320][T17888] do_syscall_64+0xcd/0xfa0 [ 589.041338][T17888] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 589.041353][T17888] RIP: 0033:0x7f5e88b8efc9 [ 589.041367][T17888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 589.041380][T17888] RSP: 002b:00007f5e89a6d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 589.041394][T17888] RAX: ffffffffffffffda RBX: 00007f5e88de5fa0 RCX: 00007f5e88b8efc9 [ 589.041403][T17888] RDX: 000000100000a3d9 RSI: 00002000000005c0 RDI: 0000000000000007 [ 589.041411][T17888] RBP: 00007f5e88c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 589.041419][T17888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 589.041428][T17888] R13: 00007f5e88de6038 R14: 00007f5e88de5fa0 R15: 00007ffdedcbf4a8 [ 589.041446][T17888] [ 589.714248][T17902] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2689'. [ 589.753934][T17902] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2689'. [ 590.509225][T17918] FAULT_INJECTION: forcing a failure. [ 590.509225][T17918] name failslab, interval 1, probability 0, space 0, times 0 [ 590.590088][T17922] random: crng reseeded on system resumption [ 590.615975][T17918] CPU: 0 UID: 0 PID: 17918 Comm: syz.2.2694 Not tainted syzkaller #0 PREEMPT(full) [ 590.615997][T17918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 590.616007][T17918] Call Trace: [ 590.616012][T17918] [ 590.616018][T17918] dump_stack_lvl+0x16c/0x1f0 [ 590.616040][T17918] should_fail_ex+0x512/0x640 [ 590.616061][T17918] ? fs_reclaim_acquire+0xae/0x150 [ 590.616082][T17918] should_failslab+0xc2/0x120 [ 590.616101][T17918] __kmalloc_noprof+0xdd/0x880 [ 590.616123][T17918] ? tomoyo_encode2+0x100/0x3e0 [ 590.616142][T17918] ? tomoyo_encode2+0x100/0x3e0 [ 590.616155][T17918] tomoyo_encode2+0x100/0x3e0 [ 590.616173][T17918] tomoyo_encode+0x29/0x50 [ 590.616187][T17918] tomoyo_realpath_from_path+0x18f/0x6e0 [ 590.616215][T17918] tomoyo_check_open_permission+0x2ab/0x3c0 [ 590.616239][T17918] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 590.616280][T17918] ? do_raw_spin_lock+0x12c/0x2b0 [ 590.616307][T17918] tomoyo_file_open+0x6b/0x90 [ 590.616326][T17918] security_file_open+0x84/0x1e0 [ 590.616341][T17918] do_dentry_open+0x596/0x1530 [ 590.616364][T17918] vfs_open+0x82/0x3f0 [ 590.616385][T17918] path_openat+0x1de4/0x2cb0 [ 590.616407][T17918] ? __pfx_path_openat+0x10/0x10 [ 590.616424][T17918] ? __lock_acquire+0xb8a/0x1c90 [ 590.616444][T17918] do_filp_open+0x20b/0x470 [ 590.616460][T17918] ? __pfx_do_filp_open+0x10/0x10 [ 590.616489][T17918] ? alloc_fd+0x471/0x7d0 [ 590.616507][T17918] do_sys_openat2+0x11b/0x1d0 [ 590.616528][T17918] ? __pfx_do_sys_openat2+0x10/0x10 [ 590.616555][T17918] __x64_sys_openat+0x174/0x210 [ 590.616575][T17918] ? __pfx___x64_sys_openat+0x10/0x10 [ 590.616604][T17918] do_syscall_64+0xcd/0xfa0 [ 590.616620][T17918] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 590.616635][T17918] RIP: 0033:0x7f8763b8efc9 [ 590.616647][T17918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 590.616661][T17918] RSP: 002b:00007f8764ae7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 590.616674][T17918] RAX: ffffffffffffffda RBX: 00007f8763de5fa0 RCX: 00007f8763b8efc9 [ 590.616684][T17918] RDX: 0000000000000080 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 590.616693][T17918] RBP: 00007f8763c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 590.616701][T17918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 590.616709][T17918] R13: 00007f8763de6038 R14: 00007f8763de5fa0 R15: 00007ffd371b2bf8 [ 590.616728][T17918] [ 590.616746][T17918] ERROR: Out of memory at tomoyo_realpath_from_path. [ 592.064387][T17957] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2701'. [ 592.096495][T17957] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2701'. [ 592.457903][T17964] program syz.3.2702 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 592.715433][T17968] [U] [ 592.718229][T17968] [U] [ 592.720904][T17968] [U] [ 592.723579][T17968] [U] [ 592.730635][T17969] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2703'. [ 592.762769][T17968] [U] [ 592.765474][T17968] [U] [ 592.768147][T17968] [U] [ 592.770820][T17968] [U] [ 592.873706][T17968] [U] [ 592.876439][T17968] [U] [ 592.879126][T17968] [U] [ 592.881798][T17968] [U] [ 593.022391][T17968] [U] [ 593.327839][T17984] netlink: 'syz.4.2707': attribute type 11 has an invalid length. [ 594.031999][T17703] Bluetooth: hci4: unexpected subevent 0x03 length: 253 > 9 [ 594.765255][T18019] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2714'. [ 595.034509][T18026] netlink: 504 bytes leftover after parsing attributes in process `syz.4.2716'. [ 595.102989][T18032] FAULT_INJECTION: forcing a failure. [ 595.102989][T18032] name failslab, interval 1, probability 0, space 0, times 0 [ 595.205391][T18032] CPU: 0 UID: 0 PID: 18032 Comm: syz.3.2717 Not tainted syzkaller #0 PREEMPT(full) [ 595.205415][T18032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 595.205424][T18032] Call Trace: [ 595.205429][T18032] [ 595.205435][T18032] dump_stack_lvl+0x16c/0x1f0 [ 595.205456][T18032] should_fail_ex+0x512/0x640 [ 595.205478][T18032] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 595.205496][T18032] should_failslab+0xc2/0x120 [ 595.205514][T18032] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 595.205529][T18032] ? __d_alloc+0x32/0xae0 [ 595.205548][T18032] ? __d_alloc+0x32/0xae0 [ 595.205562][T18032] __d_alloc+0x32/0xae0 [ 595.205579][T18032] d_alloc_pseudo+0x1c/0xc0 [ 595.205598][T18032] alloc_file_pseudo+0xcf/0x230 [ 595.205618][T18032] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 595.205638][T18032] ? alloc_fd+0x471/0x7d0 [ 595.205654][T18032] sock_alloc_file+0x50/0x210 [ 595.205670][T18032] __sys_socket+0x1c0/0x260 [ 595.205686][T18032] ? __fget_files+0x20e/0x3c0 [ 595.205699][T18032] ? __pfx___sys_socket+0x10/0x10 [ 595.205717][T18032] ? xfd_validate_state+0x61/0x180 [ 595.205740][T18032] __x64_sys_socket+0x72/0xb0 [ 595.205757][T18032] ? lockdep_hardirqs_on+0x7c/0x110 [ 595.205771][T18032] do_syscall_64+0xcd/0xfa0 [ 595.205788][T18032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 595.205809][T18032] RIP: 0033:0x7f5e88b8efc9 [ 595.205822][T18032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 595.205836][T18032] RSP: 002b:00007f5e89a4c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 595.205850][T18032] RAX: ffffffffffffffda RBX: 00007f5e88de6090 RCX: 00007f5e88b8efc9 [ 595.205860][T18032] RDX: 0000000000000100 RSI: 0000000000000001 RDI: 000000000000000a [ 595.205869][T18032] RBP: 00007f5e88c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 595.205878][T18032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 595.205887][T18032] R13: 00007f5e88de6128 R14: 00007f5e88de6090 R15: 00007ffdedcbf4a8 [ 595.205907][T18032] [ 595.416833][ C0] vkms_vblank_simulate: vblank timer overrun [ 595.968179][T18041] FAULT_INJECTION: forcing a failure. [ 595.968179][T18041] name failslab, interval 1, probability 0, space 0, times 0 [ 596.001976][T18041] CPU: 0 UID: 0 PID: 18041 Comm: syz.3.2721 Not tainted syzkaller #0 PREEMPT(full) [ 596.002000][T18041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 596.002009][T18041] Call Trace: [ 596.002014][T18041] [ 596.002020][T18041] dump_stack_lvl+0x16c/0x1f0 [ 596.002041][T18041] should_fail_ex+0x512/0x640 [ 596.002063][T18041] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 596.002081][T18041] should_failslab+0xc2/0x120 [ 596.002100][T18041] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 596.002120][T18041] ? __d_alloc+0x32/0xae0 [ 596.002139][T18041] ? __d_alloc+0x32/0xae0 [ 596.002153][T18041] __d_alloc+0x32/0xae0 [ 596.002170][T18041] d_alloc_pseudo+0x1c/0xc0 [ 596.002191][T18041] alloc_file_pseudo+0xcf/0x230 [ 596.002212][T18041] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 596.002232][T18041] ? alloc_fd+0x471/0x7d0 [ 596.002249][T18041] sock_alloc_file+0x50/0x210 [ 596.002265][T18041] __sys_socket+0x1c0/0x260 [ 596.002283][T18041] ? __pfx___sys_socket+0x10/0x10 [ 596.002304][T18041] ? xfd_validate_state+0x61/0x180 [ 596.002323][T18041] ? __pfx_ksys_write+0x10/0x10 [ 596.002341][T18041] __x64_sys_socket+0x72/0xb0 [ 596.002359][T18041] ? lockdep_hardirqs_on+0x7c/0x110 [ 596.002374][T18041] do_syscall_64+0xcd/0xfa0 [ 596.002391][T18041] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 596.002408][T18041] RIP: 0033:0x7f5e88b8efc9 [ 596.002421][T18041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 596.002435][T18041] RSP: 002b:00007f5e89a6d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 596.002449][T18041] RAX: ffffffffffffffda RBX: 00007f5e88de5fa0 RCX: 00007f5e88b8efc9 [ 596.002459][T18041] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000015 [ 596.002468][T18041] RBP: 00007f5e88c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 596.002476][T18041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 596.002484][T18041] R13: 00007f5e88de6038 R14: 00007f5e88de5fa0 R15: 00007ffdedcbf4a8 [ 596.002503][T18041] [ 596.212775][ C0] vkms_vblank_simulate: vblank timer overrun [ 596.853864][T18054] Console: switching to colour VGA+ 80x25 [ 597.283565][T18069] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2726'. [ 597.469775][T18074] ptrace attach of "./syz-executor exec"[17395] was attempted by ""[18074] [ 597.883546][T18079] binder: 18077:18079 ioctl c0046209 ffffffffffffffff returned -22 [ 598.430278][T18093] random: crng reseeded on system resumption [ 598.518502][T18095] zswap: compressor not available [ 599.098476][ T30] audit: type=1807 audit(4294967324.864:39): UNKNOWN=‡u™pòA‡Ò³>æ”NasÊÈ9Åç­î/0a;p¥Ï4÷ïWEzk res=0 [ 599.136869][T18116] ima: policy update failed [ 599.162688][T18120] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2738'. [ 599.174227][ T30] audit: type=1802 audit(4294967324.884:40): pid=18118 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.3.2737" res=0 errno=0 [ 599.245933][T18125] netlink: 354 bytes leftover after parsing attributes in process `syz.0.2738'. [ 599.350928][ T30] audit: type=1802 audit(4294967324.964:41): pid=18116 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2737" res=0 errno=0 [ 600.287814][T18152] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 600.598070][T18166] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2745'. [ 600.760503][T18168] bridge0: port 3(veth0_to_bridge) entered blocking state [ 600.862284][T18168] bridge0: port 3(veth0_to_bridge) entered disabled state [ 600.952896][T18177] FAULT_INJECTION: forcing a failure. [ 600.952896][T18177] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 600.969706][T18168] veth0_to_bridge: entered allmulticast mode [ 601.027022][T18177] CPU: 0 UID: 0 PID: 18177 Comm: syz.3.2748 Not tainted syzkaller #0 PREEMPT(full) [ 601.027045][T18177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 601.027054][T18177] Call Trace: [ 601.027059][T18177] [ 601.027065][T18177] dump_stack_lvl+0x16c/0x1f0 [ 601.027085][T18177] should_fail_ex+0x512/0x640 [ 601.027109][T18177] should_fail_alloc_page+0xe7/0x130 [ 601.027130][T18177] prepare_alloc_pages+0x3c2/0x610 [ 601.027150][T18177] ? rcu_is_watching+0x12/0xc0 [ 601.027166][T18177] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 601.027183][T18177] ? __lock_acquire+0xb8a/0x1c90 [ 601.027209][T18177] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 601.027224][T18177] ? do_raw_spin_lock+0x12c/0x2b0 [ 601.027246][T18177] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 601.027268][T18177] ? find_held_lock+0x2b/0x80 [ 601.027287][T18177] ? __lock_acquire+0xb8a/0x1c90 [ 601.027305][T18177] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 601.027330][T18177] ? policy_nodemask+0xea/0x4e0 [ 601.027351][T18177] alloc_pages_mpol+0x1fb/0x550 [ 601.027370][T18177] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 601.027394][T18177] folio_alloc_mpol_noprof+0x36/0x2f0 [ 601.027417][T18177] shmem_alloc_folio+0x135/0x160 [ 601.027484][T18177] shmem_alloc_and_add_folio+0x499/0xc20 [ 601.027512][T18177] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 601.027536][T18177] ? shmem_allowable_huge_orders+0xd4/0x3f0 [ 601.027555][T18177] shmem_get_folio_gfp+0x67f/0x1610 [ 601.027574][T18177] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 601.027590][T18177] ? filemap_map_pages+0xe01/0x1b70 [ 601.027606][T18177] shmem_fault+0x1fe/0xa30 [ 601.027622][T18177] ? __pfx_shmem_fault+0x10/0x10 [ 601.027638][T18177] ? __pfx_filemap_map_pages+0x10/0x10 [ 601.027657][T18177] ? __pfx_filemap_map_pages+0x10/0x10 [ 601.027670][T18177] __do_fault+0x10d/0x490 [ 601.027692][T18177] ? __pfx_filemap_map_pages+0x10/0x10 [ 601.027705][T18177] do_pte_missing+0xf4a/0x3ba0 [ 601.027726][T18177] ? find_held_lock+0x2b/0x80 [ 601.027741][T18177] ? __handle_mm_fault+0x1529/0x2aa0 [ 601.027765][T18177] __handle_mm_fault+0x1556/0x2aa0 [ 601.027788][T18177] ? mt_find+0x3e2/0xa20 [ 601.027809][T18177] ? __pfx___handle_mm_fault+0x10/0x10 [ 601.027829][T18177] ? __pfx_mt_find+0x10/0x10 [ 601.027855][T18177] ? find_vma+0xbf/0x140 [ 601.027871][T18177] ? __pfx_find_vma+0x10/0x10 [ 601.027889][T18177] handle_mm_fault+0x589/0xd10 [ 601.027911][T18177] ? __pkru_allows_pkey+0x11/0xb0 [ 601.027934][T18177] do_user_addr_fault+0x7a6/0x1370 [ 601.027949][T18177] ? rcu_is_watching+0x12/0xc0 [ 601.027965][T18177] exc_page_fault+0x64/0xc0 [ 601.027981][T18177] asm_exc_page_fault+0x26/0x30 [ 601.027994][T18177] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 601.028015][T18177] Code: 3c 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 601.028029][T18177] RSP: 0018:ffffc90004357930 EFLAGS: 00050202 [ 601.028041][T18177] RAX: 0000000000000001 RBX: 0000000000007fd8 RCX: 0000000000004fd8 [ 601.028050][T18177] RDX: 0000000000000000 RSI: 0000000000003000 RDI: ffff888066df3028 [ 601.028058][T18177] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100cdbefff [ 601.028067][T18177] R10: ffff888066df7fff R11: 0000000000000000 R12: ffffc90004357c48 [ 601.028075][T18177] R13: 0000000000007fd8 R14: ffff888066df0028 R15: 00007ffffffff000 [ 601.028094][T18177] _copy_from_iter+0x383/0x1720 [ 601.028119][T18177] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 601.028138][T18177] ? __pfx__copy_from_iter+0x10/0x10 [ 601.028158][T18177] ? __sk_mem_raise_allocated+0x817/0x14b0 [ 601.028181][T18177] mptcp_sendmsg+0x1050/0x1ec0 [ 601.028205][T18177] ? __pfx_mptcp_sendmsg+0x10/0x10 [ 601.028224][T18177] ? __pfx_mptcp_sendmsg+0x10/0x10 [ 601.028238][T18177] inet_sendmsg+0x11c/0x140 [ 601.028260][T18177] sock_write_iter+0x509/0x610 [ 601.028277][T18177] ? __pfx_sock_write_iter+0x10/0x10 [ 601.028301][T18177] ? bpf_lsm_file_permission+0x9/0x10 [ 601.028318][T18177] ? security_file_permission+0x71/0x210 [ 601.028333][T18177] ? rw_verify_area+0xcf/0x6c0 [ 601.028348][T18177] vfs_write+0x7d3/0x11d0 [ 601.028363][T18177] ? __pfx_sock_write_iter+0x10/0x10 [ 601.028382][T18177] ? __pfx_vfs_write+0x10/0x10 [ 601.028395][T18177] ? find_held_lock+0x2b/0x80 [ 601.028429][T18177] ksys_write+0x1f8/0x250 [ 601.028444][T18177] ? __pfx_ksys_write+0x10/0x10 [ 601.028465][T18177] do_syscall_64+0xcd/0xfa0 [ 601.028482][T18177] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 601.028495][T18177] RIP: 0033:0x7f5e88b8efc9 [ 601.028506][T18177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 601.028520][T18177] RSP: 002b:00007f5e89a4c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 601.028532][T18177] RAX: ffffffffffffffda RBX: 00007f5e88de6090 RCX: 00007f5e88b8efc9 [ 601.028541][T18177] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 601.028549][T18177] RBP: 00007f5e88c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 601.028558][T18177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 601.028566][T18177] R13: 00007f5e88de6128 R14: 00007f5e88de6090 R15: 00007ffdedcbf4a8 [ 601.028585][T18177] [ 601.538641][ C0] vkms_vblank_simulate: vblank timer overrun [ 601.597483][T18168] veth0_to_bridge: entered promiscuous mode [ 601.603585][T18168] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 601.616370][T18168] bridge0: port 3(veth0_to_bridge) entered blocking state [ 601.623562][T18168] bridge0: port 3(veth0_to_bridge) entered forwarding state [ 602.714445][T18201] Console: switching to colour frame buffer device 128x48 [ 603.896096][T18226] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2754'. [ 604.191950][ T30] audit: type=1800 audit(4294967329.980:42): pid=18229 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2755" name="members" dev="configfs" ino=66093 res=0 errno=0 [ 604.574154][T17703] Bluetooth: hci2: Malformed LE Event: 0x0b [ 604.987033][T18232] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2756'. [ 605.034696][T18232] netlink: 98 bytes leftover after parsing attributes in process `syz.3.2756'. [ 605.604133][T18251] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2761'. [ 606.236768][T18260] netlink: set zone limit has 8 unknown bytes [ 606.400590][T18265] random: crng reseeded on system resumption [ 606.624993][T18274] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 606.833145][T18275] netlink: 'syz.0.2767': attribute type 2 has an invalid length. [ 606.946409][T18275] futex_wake_op: syz.0.2767 tries to shift op by -9; fix this program [ 607.947983][T18286] FAULT_INJECTION: forcing a failure. [ 607.947983][T18286] name failslab, interval 1, probability 0, space 0, times 0 [ 608.007311][T18286] CPU: 0 UID: 0 PID: 18286 Comm: syz.0.2771 Not tainted syzkaller #0 PREEMPT(full) [ 608.007333][T18286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 608.007341][T18286] Call Trace: [ 608.007346][T18286] [ 608.007352][T18286] dump_stack_lvl+0x16c/0x1f0 [ 608.007372][T18286] should_fail_ex+0x512/0x640 [ 608.007393][T18286] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 608.007411][T18286] should_failslab+0xc2/0x120 [ 608.007430][T18286] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 608.007444][T18286] ? __dquot_initialize+0x299/0xd50 [ 608.007465][T18286] ? __d_alloc+0x32/0xae0 [ 608.007485][T18286] ? __d_alloc+0x32/0xae0 [ 608.007498][T18286] __d_alloc+0x32/0xae0 [ 608.007516][T18286] d_alloc_pseudo+0x1c/0xc0 [ 608.007536][T18286] alloc_file_pseudo+0xcf/0x230 [ 608.007557][T18286] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 608.007582][T18286] __shmem_file_setup+0x1a3/0x330 [ 608.007606][T18286] shmem_zero_setup+0x93/0x1a0 [ 608.007622][T18286] __mmap_region+0x2076/0x27a0 [ 608.007638][T18286] ? find_held_lock+0x2b/0x80 [ 608.007653][T18286] ? __pfx___mmap_region+0x10/0x10 [ 608.007665][T18286] ? finish_task_switch.isra.0+0x21c/0xc10 [ 608.007681][T18286] ? rcu_is_watching+0x12/0xc0 [ 608.007696][T18286] ? finish_task_switch.isra.0+0x221/0xc10 [ 608.007710][T18286] ? lockdep_hardirqs_on+0x7c/0x110 [ 608.007725][T18286] ? finish_task_switch.isra.0+0x221/0xc10 [ 608.007755][T18286] ? __pfx___schedule+0x10/0x10 [ 608.007791][T18286] ? trace_cap_capable+0x18d/0x200 [ 608.007817][T18286] mmap_region+0x1ab/0x3f0 [ 608.007830][T18286] ? __get_unmapped_area+0x267/0x440 [ 608.007851][T18286] do_mmap+0xa3e/0x1210 [ 608.007871][T18286] ? __pfx_do_mmap+0x10/0x10 [ 608.007889][T18286] ? __pfx_down_write_killable+0x10/0x10 [ 608.007917][T18286] vm_mmap_pgoff+0x29e/0x470 [ 608.007938][T18286] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 608.007960][T18286] ? __x64_sys_futex+0x1e0/0x4c0 [ 608.007979][T18286] ? __x64_sys_futex+0x1e9/0x4c0 [ 608.008000][T18286] ksys_mmap_pgoff+0x7d/0x5c0 [ 608.008016][T18286] ? xfd_validate_state+0x61/0x180 [ 608.008036][T18286] ? __pfx_ksys_write+0x10/0x10 [ 608.008053][T18286] __x64_sys_mmap+0x125/0x190 [ 608.008076][T18286] do_syscall_64+0xcd/0xfa0 [ 608.008093][T18286] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.008108][T18286] RIP: 0033:0x7fef6f58efc9 [ 608.008120][T18286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 608.008134][T18286] RSP: 002b:00007fef70489038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 608.008147][T18286] RAX: ffffffffffffffda RBX: 00007fef6f7e5fa0 RCX: 00007fef6f58efc9 [ 608.008157][T18286] RDX: 00000000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 608.008165][T18286] RBP: 00007fef6f611f91 R08: ffffffffffffffff R09: 0000000000008000 [ 608.008174][T18286] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 608.008182][T18286] R13: 00007fef6f7e6038 R14: 00007fef6f7e5fa0 R15: 00007ffed8603e18 [ 608.008201][T18286] [ 608.816913][T18290] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2772'. [ 608.845957][T18290] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2772'. [ 609.169732][T18295] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2775'. [ 612.076583][T18340] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2784'. [ 612.120023][T18340] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2784'. [ 612.475840][T18344] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 613.055184][T18345] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 613.079973][T18337] kexec: Could not allocate control_code_buffer [ 614.180832][T18369] program syz.0.2790 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 615.215904][T18396] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 615.618900][T18403] FAULT_INJECTION: forcing a failure. [ 615.618900][T18403] name failslab, interval 1, probability 0, space 0, times 0 [ 615.671239][T18403] CPU: 0 UID: 0 PID: 18403 Comm: syz.3.2798 Not tainted syzkaller #0 PREEMPT(full) [ 615.671262][T18403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 615.671271][T18403] Call Trace: [ 615.671276][T18403] [ 615.671281][T18403] dump_stack_lvl+0x16c/0x1f0 [ 615.671302][T18403] should_fail_ex+0x512/0x640 [ 615.671324][T18403] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 615.671341][T18403] should_failslab+0xc2/0x120 [ 615.671360][T18403] kmem_cache_alloc_node_noprof+0x78/0x770 [ 615.671382][T18403] ? copy_process+0x4b5/0x76a0 [ 615.671404][T18403] ? copy_process+0x4b5/0x76a0 [ 615.671420][T18403] copy_process+0x4b5/0x76a0 [ 615.671446][T18403] ? __pfx_copy_process+0x10/0x10 [ 615.671468][T18403] ? _copy_from_user+0x59/0xd0 [ 615.671492][T18403] kernel_clone+0xfc/0x930 [ 615.671510][T18403] ? __pfx_kernel_clone+0x10/0x10 [ 615.671526][T18403] ? futex_private_hash_put+0x18a/0x300 [ 615.671547][T18403] ? __pfx_futex_wait+0x10/0x10 [ 615.671573][T18403] __do_sys_clone3+0x212/0x290 [ 615.671590][T18403] ? __pfx___do_sys_clone3+0x10/0x10 [ 615.671630][T18403] do_syscall_64+0xcd/0xfa0 [ 615.671647][T18403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 615.671661][T18403] RIP: 0033:0x7f5e88b8efc9 [ 615.671673][T18403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 615.671686][T18403] RSP: 002b:00007f5e89a6cf08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 615.671700][T18403] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f5e88b8efc9 [ 615.671709][T18403] RDX: 00007f5e89a6cf20 RSI: 0000000000000058 RDI: 00007f5e89a6cf20 [ 615.671718][T18403] RBP: 00007f5e88c11f91 R08: 0000000000000000 R09: 0000000000000058 [ 615.671726][T18403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 615.671734][T18403] R13: 00007f5e88de6038 R14: 00007f5e88de5fa0 R15: 00007ffdedcbf4a8 [ 615.671753][T18403] [ 615.868649][ C0] vkms_vblank_simulate: vblank timer overrun [ 616.189584][T18420] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2803'. [ 616.246731][T18420] : renamed from vlan0 (while UP) [ 616.380121][T18429] netlink: 'syz.2.2805': attribute type 1 has an invalid length. [ 616.399538][T18429] FAULT_INJECTION: forcing a failure. [ 616.399538][T18429] name failslab, interval 1, probability 0, space 0, times 0 [ 616.424219][T18429] CPU: 0 UID: 0 PID: 18429 Comm: syz.2.2805 Not tainted syzkaller #0 PREEMPT(full) [ 616.424242][T18429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 616.424251][T18429] Call Trace: [ 616.424256][T18429] [ 616.424262][T18429] dump_stack_lvl+0x16c/0x1f0 [ 616.424283][T18429] should_fail_ex+0x512/0x640 [ 616.424305][T18429] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 616.424322][T18429] should_failslab+0xc2/0x120 [ 616.424341][T18429] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 616.424355][T18429] ? __pfx___might_resched+0x10/0x10 [ 616.424371][T18429] ? sock_alloc_inode+0x25/0x1c0 [ 616.424390][T18429] ? __pfx_sock_alloc_inode+0x10/0x10 [ 616.424409][T18429] ? sock_alloc_inode+0x25/0x1c0 [ 616.424431][T18429] sock_alloc_inode+0x25/0x1c0 [ 616.424447][T18429] alloc_inode+0x64/0x240 [ 616.424467][T18429] sock_alloc+0x40/0x280 [ 616.424482][T18429] __sock_create+0xc1/0x8d0 [ 616.424502][T18429] __sys_socket+0x14d/0x260 [ 616.424521][T18429] ? __pfx___sys_socket+0x10/0x10 [ 616.424538][T18429] ? xfd_validate_state+0x61/0x180 [ 616.424557][T18429] ? __pfx_do_writev+0x10/0x10 [ 616.424575][T18429] __x64_sys_socket+0x72/0xb0 [ 616.424592][T18429] ? lockdep_hardirqs_on+0x7c/0x110 [ 616.424607][T18429] do_syscall_64+0xcd/0xfa0 [ 616.424623][T18429] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 616.424637][T18429] RIP: 0033:0x7f8763b90ee7 [ 616.424649][T18429] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 616.424664][T18429] RSP: 002b:00007f8764ae5fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 616.424682][T18429] RAX: ffffffffffffffda RBX: 00007f8763de5fa0 RCX: 00007f8763b90ee7 [ 616.424692][T18429] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 616.424701][T18429] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 616.424710][T18429] R10: 00002000000002c0 R11: 0000000000000286 R12: 0000000000000000 [ 616.424719][T18429] R13: 00007f8763de6038 R14: 00007f8763de5fa0 R15: 00007ffd371b2bf8 [ 616.424738][T18429] [ 616.628652][ C0] vkms_vblank_simulate: vblank timer overrun [ 616.661695][T18420] : entered allmulticast mode [ 616.666599][T18420] veth0_vlan: entered allmulticast mode [ 617.149995][T18446] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2808'. [ 617.173140][T18429] socket: no more sockets [ 617.228225][T18452] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2810'. [ 617.492422][T18446] bond0: (slave bond_slave_1): Releasing backup interface [ 617.554435][T18452] bridge_slave_0: left allmulticast mode [ 617.617001][T18452] bridge_slave_0: left promiscuous mode [ 617.693259][T18452] bridge0: port 1(bridge_slave_0) entered disabled state [ 618.086843][T18473] netlink: 'syz.0.2813': attribute type 11 has an invalid length. [ 618.120912][T18473] netlink: 'syz.0.2813': attribute type 11 has an invalid length. [ 618.132258][T18458] Invalid ELF header magic: != ELF [ 618.154482][T18473] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2813'. [ 618.210004][T18473] netlink: 67 bytes leftover after parsing attributes in process `syz.0.2813'. [ 618.245500][T18473] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2813'. [ 618.297567][T18473] netlink: 200 bytes leftover after parsing attributes in process `syz.0.2813'. [ 618.415379][T18466] Invalid ELF header magic: != ELF [ 618.548495][T17703] Bluetooth: hci3: unexpected event 0x3e length: 728 > 260 [ 618.548519][T17703] Bluetooth: hci3: unexpected subevent 0x0c length: 727 > 5 [ 618.754120][T18488] FAULT_INJECTION: forcing a failure. [ 618.754120][T18488] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 618.883616][T18488] CPU: 0 UID: 0 PID: 18488 Comm: syz.0.2816 Not tainted syzkaller #0 PREEMPT(full) [ 618.883640][T18488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 618.883649][T18488] Call Trace: [ 618.883654][T18488] [ 618.883660][T18488] dump_stack_lvl+0x16c/0x1f0 [ 618.883680][T18488] should_fail_ex+0x512/0x640 [ 618.883705][T18488] strncpy_from_user+0x3b/0x2e0 [ 618.883731][T18488] getname_flags.part.0+0x8f/0x550 [ 618.883753][T18488] getname_flags+0x93/0xf0 [ 618.883768][T18488] do_sys_openat2+0xb8/0x1d0 [ 618.883788][T18488] ? __pfx_do_sys_openat2+0x10/0x10 [ 618.883807][T18488] ? lockdep_hardirqs_on+0x7c/0x110 [ 618.883828][T18488] __x64_sys_openat+0x174/0x210 [ 618.883848][T18488] ? __pfx___x64_sys_openat+0x10/0x10 [ 618.883870][T18488] ? syscall_user_dispatch+0x78/0x140 [ 618.883897][T18488] do_syscall_64+0xcd/0xfa0 [ 618.883913][T18488] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 618.883927][T18488] RIP: 0033:0x7fef6f58efc9 [ 618.883939][T18488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 618.883952][T18488] RSP: 002b:00007fef70489038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 618.883966][T18488] RAX: ffffffffffffffda RBX: 00007fef6f7e5fa0 RCX: 00007fef6f58efc9 [ 618.883975][T18488] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 618.883984][T18488] RBP: 00007fef6f611f91 R08: 0000000000000000 R09: 0000000000000000 [ 618.883992][T18488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 618.884000][T18488] R13: 00007fef6f7e6038 R14: 00007fef6f7e5fa0 R15: 00007ffed8603e18 [ 618.884018][T18488] [ 621.037970][T18542] size and base must be multiples of 4 kiB [ 621.080253][T18542] CPU: 0 UID: 0 PID: 18542 Comm: syz.4.2828 Not tainted syzkaller #0 PREEMPT(full) [ 621.080277][T18542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 621.080286][T18542] Call Trace: [ 621.080291][T18542] [ 621.080297][T18542] dump_stack_lvl+0x16c/0x1f0 [ 621.080318][T18542] mtrr_add+0xdf/0x110 [ 621.080339][T18542] mtrr_ioctl+0x7ef/0xcf0 [ 621.080358][T18542] ? __pfx_mtrr_ioctl+0x10/0x10 [ 621.080381][T18542] ? find_held_lock+0x2b/0x80 [ 621.080401][T18542] ? __fget_files+0x20e/0x3c0 [ 621.080415][T18542] ? __pfx_mtrr_ioctl+0x10/0x10 [ 621.080434][T18542] proc_reg_unlocked_ioctl+0x229/0x320 [ 621.080453][T18542] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 621.080473][T18542] __x64_sys_ioctl+0x18e/0x210 [ 621.080495][T18542] do_syscall_64+0xcd/0xfa0 [ 621.080511][T18542] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 621.080526][T18542] RIP: 0033:0x7f045018efc9 [ 621.080538][T18542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 621.080551][T18542] RSP: 002b:00007f0451053038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 621.080565][T18542] RAX: ffffffffffffffda RBX: 00007f04503e5fa0 RCX: 00007f045018efc9 [ 621.080574][T18542] RDX: 0000000000000009 RSI: 00000000400c4d01 RDI: 0000000000000009 [ 621.080582][T18542] RBP: 00007f0450211f91 R08: 0000000000000000 R09: 0000000000000000 [ 621.080590][T18542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 621.080598][T18542] R13: 00007f04503e6038 R14: 00007f04503e5fa0 R15: 00007ffd77a03c78 [ 621.080617][T18542] [ 621.857111][T18549] zswap: compressor not available [ 623.109060][T18594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2839'. [ 623.161722][T18595] netlink: 354 bytes leftover after parsing attributes in process `syz.3.2839'. [ 623.936911][T18611] netlink: 326 bytes leftover after parsing attributes in process `syz.2.2843'. [ 626.367261][T18664] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2853'. [ 626.393869][T18671] vhci_hcd: invalid port number 138 [ 626.419313][T18671] vhci_hcd: default hub control req: 23fd v0e00 i008a l24 [ 627.409448][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 627.427278][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 627.635974][T18702] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2860'. [ 628.447222][T18721] overlayfs: missing 'lowerdir' [ 628.875571][T18731] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2865'. [ 628.909780][T17703] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 628.941207][T18725] can: request_module (can-proto-5) failed. [ 629.439447][T18737] bond0: option all_slaves_active: invalid value () [ 629.850956][T18745] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2872'. [ 629.883919][T18745] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2872'. [ 630.246597][ T30] audit: type=1800 audit(4294967307.117:43): pid=18762 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2874" name="features" dev="configfs" ino=68760 res=0 errno=0 [ 630.266994][ C0] vkms_vblank_simulate: vblank timer overrun [ 630.926703][T18769] ubi0: attaching mtd0 [ 630.959219][T18769] FAULT_INJECTION: forcing a failure. [ 630.959219][T18769] name failslab, interval 1, probability 0, space 0, times 0 [ 631.033981][T18769] CPU: 0 UID: 0 PID: 18769 Comm: syz.3.2876 Not tainted syzkaller #0 PREEMPT(full) [ 631.034003][T18769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 631.034012][T18769] Call Trace: [ 631.034017][T18769] [ 631.034022][T18769] dump_stack_lvl+0x16c/0x1f0 [ 631.034043][T18769] should_fail_ex+0x512/0x640 [ 631.034065][T18769] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 631.034082][T18769] should_failslab+0xc2/0x120 [ 631.034101][T18769] kmem_cache_alloc_noprof+0x75/0x6e0 [ 631.034115][T18769] ? __pfx_ubi_io_read+0x10/0x10 [ 631.034133][T18769] ? add_to_list+0xcc/0x5a0 [ 631.034156][T18769] ? add_to_list+0xcc/0x5a0 [ 631.034174][T18769] add_to_list+0xcc/0x5a0 [ 631.034193][T18769] ? ubi_io_read_vid_hdr+0x2f9/0x7a0 [ 631.034213][T18769] ubi_attach+0x24d9/0x4be0 [ 631.034243][T18769] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 631.034263][T18769] ? __pfx_ubi_msg+0x10/0x10 [ 631.034284][T18769] ? __pfx_ubi_attach+0x10/0x10 [ 631.034308][T18769] ? ubi_attach_mtd_dev+0x155b/0x35d0 [ 631.034321][T18769] ? __vmalloc_node_noprof+0xad/0xf0 [ 631.034340][T18769] ? ubi_attach_mtd_dev+0x155b/0x35d0 [ 631.034368][T18769] ubi_attach_mtd_dev+0x15a7/0x35d0 [ 631.034391][T18769] ? __pfx_ubi_attach_mtd_dev+0x10/0x10 [ 631.034405][T18769] ? __pfx_get_mtd_device+0x10/0x10 [ 631.034431][T18769] ctrl_cdev_ioctl+0x337/0x3d0 [ 631.034445][T18769] ? __pfx_ctrl_cdev_ioctl+0x10/0x10 [ 631.034465][T18769] ? __pfx_ctrl_cdev_ioctl+0x10/0x10 [ 631.034480][T18769] __x64_sys_ioctl+0x18e/0x210 [ 631.034502][T18769] do_syscall_64+0xcd/0xfa0 [ 631.034519][T18769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 631.034533][T18769] RIP: 0033:0x7f5e88b8efc9 [ 631.034545][T18769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 631.034558][T18769] RSP: 002b:00007f5e89a6d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 631.034571][T18769] RAX: ffffffffffffffda RBX: 00007f5e88de5fa0 RCX: 00007f5e88b8efc9 [ 631.034581][T18769] RDX: 0000000000000000 RSI: 0000000040186f40 RDI: 0000000000000005 [ 631.034589][T18769] RBP: 00007f5e88c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 631.034597][T18769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 631.034605][T18769] R13: 00007f5e88de6038 R14: 00007f5e88de5fa0 R15: 00007ffdedcbf4a8 [ 631.034624][T18769] [ 631.274900][ C0] vkms_vblank_simulate: vblank timer overrun [ 631.842224][T18769] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -12 [ 632.497491][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 632.509733][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 632.522358][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 632.534571][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 632.547406][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 632.559672][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 632.572500][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 632.584706][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 632.597520][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 632.609748][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 637.479169][ C0] net_ratelimit: 9456 callbacks suppressed [ 637.479187][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 637.497339][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 637.510569][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 637.522838][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 637.535693][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 637.547914][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 637.560775][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 637.572977][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 637.585823][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 637.598126][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 642.463029][ C0] net_ratelimit: 11454 callbacks suppressed [ 642.463046][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 642.481850][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 642.494125][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 642.506374][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 642.519390][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 642.531718][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 642.544451][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 642.557400][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 642.569730][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 642.582244][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 642.594271][ C0] sched: DL replenish lagged too much [ 647.447175][ C0] net_ratelimit: 11949 callbacks suppressed [ 647.447193][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 647.465386][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 647.477601][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 647.490427][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 647.502672][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 647.514908][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 647.527911][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 647.540165][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 647.552624][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 647.565525][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 652.431546][ C0] net_ratelimit: 13436 callbacks suppressed [ 652.431566][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 652.450405][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 652.464384][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 652.476623][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 652.489426][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 652.501936][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 652.514262][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 652.526557][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 652.539371][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 652.552098][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 657.415381][ C0] net_ratelimit: 13723 callbacks suppressed [ 657.415398][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 657.434360][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 657.446708][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 657.459464][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 657.472091][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 657.484363][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 657.496922][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 657.509545][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 657.522161][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 657.534648][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 662.399480][ C0] net_ratelimit: 13777 callbacks suppressed [ 662.399498][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 662.418046][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 662.430432][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 662.442745][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 662.455350][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 662.467881][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 662.480226][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 662.492572][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 662.505263][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 662.519193][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 667.383427][ C0] net_ratelimit: 12898 callbacks suppressed [ 667.383445][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 667.401981][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 667.414294][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 667.426786][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 667.439316][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 667.452263][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 667.464854][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 667.477183][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 667.489909][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 667.502611][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 672.367638][ C0] net_ratelimit: 13354 callbacks suppressed [ 672.367655][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 672.386270][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 672.398612][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 672.411095][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 672.424689][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 672.437590][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 672.450011][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 672.462262][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 672.474889][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 672.487648][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 677.351608][ C0] net_ratelimit: 13476 callbacks suppressed [ 677.351625][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 677.369792][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 677.382436][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 677.394939][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 677.407292][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 677.419610][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 677.432250][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 677.445043][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 677.457463][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 677.470011][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 682.335774][ C0] net_ratelimit: 13585 callbacks suppressed [ 682.335792][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 682.353997][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 682.366306][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 682.378970][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 682.391576][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 682.403965][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 682.416369][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 682.428944][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 682.442035][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 682.454286][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 687.319861][ C0] net_ratelimit: 13813 callbacks suppressed [ 687.319878][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 687.338405][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 687.350687][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 687.362888][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 687.375427][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 687.388161][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 687.400402][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 687.412645][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 687.425358][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 687.438052][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 688.633002][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 688.646807][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 692.304171][ C0] net_ratelimit: 13534 callbacks suppressed [ 692.304191][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 692.323048][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 692.335832][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 692.348293][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 692.361570][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 692.374871][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 692.387614][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 692.400467][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 692.413412][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 692.426314][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 697.288168][ C0] net_ratelimit: 13414 callbacks suppressed [ 697.288185][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 697.306917][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 697.319163][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 697.331389][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 697.344087][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 697.356884][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 697.369251][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 697.381820][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 697.394646][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 697.407367][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 702.272153][ C0] net_ratelimit: 13563 callbacks suppressed [ 702.272171][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 702.290359][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 702.302675][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 702.315908][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 702.328833][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 702.341181][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 702.353690][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 702.366343][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 702.379013][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 702.391518][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 707.256220][ C0] net_ratelimit: 13842 callbacks suppressed [ 707.256238][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 707.274814][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 707.287055][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 707.299832][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 707.312515][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 707.325027][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 707.337345][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 707.350348][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 707.362980][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 707.375265][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 712.240207][ C0] net_ratelimit: 13556 callbacks suppressed [ 712.240229][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 712.259018][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 712.271831][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 712.284115][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 712.296542][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 712.309302][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 712.322419][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 712.334672][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 712.347046][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 712.359937][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 717.224680][ C0] net_ratelimit: 13587 callbacks suppressed [ 717.224696][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 717.243214][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 717.255568][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 717.267819][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 717.280354][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 717.292991][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 717.305558][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 717.317882][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 717.330565][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 717.343184][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 722.208733][ C0] net_ratelimit: 13611 callbacks suppressed [ 722.208750][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 722.227106][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 722.239463][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 722.252125][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 722.264777][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 722.276999][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 722.289281][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 722.301940][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 722.314515][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 722.326912][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 727.192479][ C0] net_ratelimit: 13651 callbacks suppressed [ 727.192497][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 727.210629][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 727.223373][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 727.236046][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 727.248356][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 727.260566][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 727.273088][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 727.285591][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 727.297792][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 727.310012][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 732.176637][ C0] net_ratelimit: 13817 callbacks suppressed [ 732.176655][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 732.194855][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 732.207163][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 732.219799][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 732.232304][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 732.244812][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 732.257135][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 732.269704][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 732.282263][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 732.294598][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 736.921804][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 736.928947][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P18797/1:b..l [ 736.937402][ C0] rcu: (detected by 0, t=10502 jiffies, g=87665, q=1493 ncpus=1) [ 736.945282][ C0] task:syz.3.2883 state:R running task stack:27592 pid:18797 tgid:18792 ppid:17395 task_flags:0x400140 flags:0x00080000 [ 736.959649][ C0] Call Trace: [ 736.962930][ C0] [ 736.966036][ C0] __schedule+0x1190/0x5de0 [ 736.970528][ C0] ? kernel_text_address+0x8d/0x100 [ 736.975808][ C0] ? arch_stack_walk+0xa6/0x100 [ 736.980651][ C0] ? __pfx___schedule+0x10/0x10 [ 736.985506][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 736.990982][ C0] ? __lock_acquire+0x622/0x1c90 [ 736.995957][ C0] preempt_schedule_irq+0x51/0x90 [ 737.001000][ C0] irqentry_exit+0x36/0x90 [ 737.005542][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 737.011601][ C0] RIP: 0010:write_comp_data+0x3/0x90 [ 737.016881][ C0] Code: bb 7c e4 11 48 8b 80 70 16 00 00 c3 cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 49 89 d2 <49> 89 f8 49 89 f1 65 48 8b 15 87 7c e4 11 65 8b 05 98 7c e4 11 a9 [ 737.036662][ C0] RSP: 0018:ffffc90019b6f708 EFLAGS: 00000293 [ 737.042743][ C0] RAX: 0000000000000000 RBX: 000000000005dfd8 RCX: ffffffff822fbe88 [ 737.050699][ C0] RDX: 0000000000000006 RSI: 000000000000001f RDI: 0000000000000005 [ 737.058742][ C0] RBP: 0000000000000018 R08: 0000000000000007 R09: 0000000000000000 [ 737.066885][ C0] R10: 0000000000000006 R11: 0000000000000001 R12: ffff88801e1df380 [ 737.074854][ C0] R13: ffff88801e1df37c R14: 0000000000000006 R15: dffffc0000000000 [ 737.082881][ C0] ? __page_table_check_zero+0x1e8/0x5d0 [ 737.088528][ C0] __page_table_check_zero+0x1e8/0x5d0 [ 737.094085][ C0] ? __pfx___page_table_check_zero+0x10/0x10 [ 737.100065][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 737.105257][ C0] post_alloc_hook+0x1af/0x230 [ 737.110013][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 737.115820][ C0] get_page_from_freelist+0x10a3/0x3a30 [ 737.121466][ C0] ? stack_depot_save_flags+0x29/0x9c0 [ 737.126939][ C0] __alloc_frozen_pages_noprof+0x25f/0x2470 [ 737.132911][ C0] ? kasan_save_stack+0x42/0x60 [ 737.137748][ C0] ? kasan_save_track+0x14/0x30 [ 737.142757][ C0] ? __kasan_kmalloc+0xaa/0xb0 [ 737.147594][ C0] ? __kvmalloc_node_noprof+0x3a3/0x9c0 [ 737.153134][ C0] ? io_create_region+0x696/0xd50 [ 737.158149][ C0] ? io_uring_setup+0x1126/0x20e0 [ 737.163167][ C0] ? __x64_sys_io_uring_setup+0xc2/0x170 [ 737.168790][ C0] ? do_syscall_64+0xcd/0xfa0 [ 737.173452][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 737.179799][ C0] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 737.186333][ C0] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 737.192250][ C0] ? policy_nodemask+0xea/0x4e0 [ 737.197119][ C0] alloc_pages_mpol+0x1fb/0x550 [ 737.201983][ C0] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 737.207364][ C0] ? trace_kmalloc+0x2b/0xd0 [ 737.211964][ C0] ? io_create_region+0x696/0xd50 [ 737.217109][ C0] alloc_pages_noprof+0x131/0x390 [ 737.222157][ C0] io_create_region+0x736/0xd50 [ 737.227016][ C0] ? rcu_is_watching+0x12/0xc0 [ 737.231876][ C0] ? __pfx_io_create_region+0x10/0x10 [ 737.237245][ C0] ? aa_get_newest_label+0xd2/0x250 [ 737.242581][ C0] ? apparmor_capable+0x114/0x1d0 [ 737.247639][ C0] ? bpf_lsm_capable+0x9/0x10 [ 737.252598][ C0] ? security_capable+0x7e/0x260 [ 737.257564][ C0] io_uring_setup+0x1126/0x20e0 [ 737.262584][ C0] ? __pfx_io_uring_setup+0x10/0x10 [ 737.267778][ C0] ? handle_mm_fault+0x2ab/0xd10 [ 737.272892][ C0] ? xfd_validate_state+0x61/0x180 [ 737.278000][ C0] __x64_sys_io_uring_setup+0xc2/0x170 [ 737.283492][ C0] do_syscall_64+0xcd/0xfa0 [ 737.288082][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 737.293958][ C0] RIP: 0033:0x7f5e88b8efc9 [ 737.298354][ C0] RSP: 002b:00007f5e89a4c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 737.306836][ C0] RAX: ffffffffffffffda RBX: 00007f5e88de6090 RCX: 00007f5e88b8efc9 [ 737.314831][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000fff [ 737.322801][ C0] RBP: 00007f5e88c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 737.330776][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 737.338740][ C0] R13: 00007f5e88de6128 R14: 00007f5e88de6090 R15: 00007ffdedcbf4a8 [ 737.346805][ C0] [ 737.349866][ C0] rcu: rcu_preempt kthread starved for 1339 jiffies! g87665 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 737.361052][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 737.371020][ C0] rcu: RCU grace-period kthread stack dump: [ 737.376896][ C0] task:rcu_preempt state:R running task stack:28696 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00080000 [ 737.390477][ C0] Call Trace: [ 737.393750][ C0] [ 737.396670][ C0] __schedule+0x1190/0x5de0 [ 737.401538][ C0] ? __lock_acquire+0x622/0x1c90 [ 737.406655][ C0] ? __pfx___schedule+0x10/0x10 [ 737.411586][ C0] ? find_held_lock+0x2b/0x80 [ 737.416250][ C0] ? schedule+0x2d7/0x3a0 [ 737.420565][ C0] schedule+0xe7/0x3a0 [ 737.424651][ C0] schedule_timeout+0x123/0x290 [ 737.429500][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 737.434899][ C0] ? __pfx_process_timeout+0x10/0x10 [ 737.440256][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 737.446164][ C0] ? prepare_to_swait_event+0xf5/0x480 [ 737.451886][ C0] rcu_gp_fqs_loop+0x1ea/0xaf0 [ 737.456645][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 737.461945][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 737.467161][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 737.472278][ C0] ? rcu_gp_cleanup+0x7c1/0xd90 [ 737.477131][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 737.483084][ C0] rcu_gp_kthread+0x26d/0x380 [ 737.487886][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 737.493115][ C0] ? rcu_is_watching+0x12/0xc0 [ 737.497870][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 737.503145][ C0] ? __kthread_parkme+0x19e/0x250 [ 737.508156][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 737.513363][ C0] kthread+0x3c5/0x780 [ 737.517446][ C0] ? __pfx_kthread+0x10/0x10 [ 737.522217][ C0] ? rcu_is_watching+0x12/0xc0 [ 737.527237][ C0] ? __pfx_kthread+0x10/0x10 [ 737.531992][ C0] ret_from_fork+0x675/0x7d0 [ 737.536592][ C0] ? __pfx_kthread+0x10/0x10 [ 737.541355][ C0] ret_from_fork_asm+0x1a/0x30 [ 737.546131][ C0] [ 737.549225][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 737.555633][ C0] CPU: 0 UID: 0 PID: 3410 Comm: kworker/R-bat_e Not tainted syzkaller #0 PREEMPT(full) [ 737.565432][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 737.575560][ C0] Workqueue: bat_events batadv_tt_purge [ 737.581289][ C0] RIP: 0010:__local_bh_enable_ip+0xac/0x120 [ 737.587349][ C0] Code: 1d d9 e5 23 12 65 8b 05 d2 e5 23 12 a9 00 ff ff 00 74 4d bf 01 00 00 00 e8 01 c0 0b 00 e8 1c 70 47 00 fb 65 8b 05 b4 e5 23 12 <85> c0 74 52 5b 5d e9 19 0d e3 09 65 8b 05 fe 23 24 12 85 c0 75 9e [ 737.607048][ C0] RSP: 0018:ffffc90000006e10 EFLAGS: 00000206 [ 737.613107][ C0] RAX: 0000000080000101 RBX: 00000000fffffe01 RCX: 0000000000000002 [ 737.621241][ C0] RDX: 0000000000000000 RSI: ffffffff8da26dd3 RDI: ffffffff8bf071c0 [ 737.629279][ C0] RBP: ffffffff8a1f2195 R08: 0000000000000001 R09: 0000000000000001 [ 737.637234][ C0] R10: ffffffff90822ad7 R11: ffff88815a88bbf8 R12: 1ffff92000000de6 [ 737.645377][ C0] R13: 0000000000000001 R14: dffffc0000000000 R15: ffff88802f4281b8 [ 737.653351][ C0] FS: 0000000000000000(0000) GS:ffff888124a12000(0000) knlGS:0000000000000000 [ 737.662286][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 737.668943][ C0] CR2: 00005577e7bd1240 CR3: 00000000282cc000 CR4: 00000000003526f0 [ 737.676932][ C0] Call Trace: [ 737.680212][ C0] [ 737.683071][ C0] ip6t_do_table+0xc02/0x1c30 [ 737.687765][ C0] ? __netif_receive_skb_core.constprop.0+0xa25/0x4bd0 [ 737.694647][ C0] ? ip6table_mangle_hook+0xcb/0x770 [ 737.700552][ C0] ? __pfx_ip6t_do_table+0x10/0x10 [ 737.705760][ C0] ? __pfx_ip6table_mangle_hook+0x10/0x10 [ 737.711487][ C0] ? lock_acquire+0x179/0x350 [ 737.716157][ C0] ? __pfx_ip6t_do_table+0x10/0x10 [ 737.721260][ C0] nf_hook_slow+0xbe/0x200 [ 737.725693][ C0] nf_hook+0x471/0x7a0 [ 737.729836][ C0] ? __pfx_br_nf_forward_finish+0x10/0x10 [ 737.735551][ C0] ? __pfx_nf_hook+0x10/0x10 [ 737.740130][ C0] ? find_held_lock+0x2b/0x80 [ 737.744978][ C0] ? __pfx_br_nf_forward_finish+0x10/0x10 [ 737.750803][ C0] br_nf_forward_ip.part.0+0x5de/0x810 [ 737.756275][ C0] ? __pfx_br_nf_forward_finish+0x10/0x10 [ 737.762047][ C0] br_nf_forward+0xf0f/0x1be0 [ 737.766760][ C0] ? __pfx_br_nf_forward+0x10/0x10 [ 737.771895][ C0] nf_hook_slow+0xbe/0x200 [ 737.776320][ C0] nf_hook+0x45e/0x780 [ 737.780376][ C0] ? __pfx_br_forward_finish+0x10/0x10 [ 737.785842][ C0] ? __pfx_nf_hook+0x10/0x10 [ 737.790423][ C0] ? __pfx_br_forward_finish+0x10/0x10 [ 737.795876][ C0] __br_forward+0x1be/0x5b0 [ 737.800367][ C0] ? __pfx_br_forward_finish+0x10/0x10 [ 737.805846][ C0] maybe_deliver+0xf1/0x180 [ 737.810450][ C0] br_flood+0x17c/0x650 [ 737.814602][ C0] br_handle_frame_finish+0x10e6/0x1ec0 [ 737.820164][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 737.826051][ C0] ? ip6t_do_table+0xc25/0x1c30 [ 737.830922][ C0] ? nf_hook_slow+0x132/0x200 [ 737.835611][ C0] br_nf_hook_thresh+0x307/0x410 [ 737.840535][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 737.846424][ C0] ? __pfx_br_nf_hook_thresh+0x10/0x10 [ 737.851869][ C0] ? ip6table_mangle_hook+0xcb/0x770 [ 737.857151][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 737.863184][ C0] ? __pfx_ip6table_mangle_hook+0x10/0x10 [ 737.869251][ C0] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 737.875326][ C0] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 737.881273][ C0] br_nf_pre_routing_finish_ipv6+0x76a/0xfc0 [ 737.887470][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 737.893452][ C0] br_nf_pre_routing_ipv6+0x3cd/0x8c0 [ 737.898816][ C0] ? __pfx_br_nf_pre_routing_ipv6+0x10/0x10 [ 737.904711][ C0] ? lock_acquire+0x179/0x350 [ 737.909469][ C0] ? __pfx_br_nf_pre_routing_finish_ipv6+0x10/0x10 [ 737.915959][ C0] ? net_generic+0xea/0x2a0 [ 737.920456][ C0] br_nf_pre_routing+0x860/0x15b0 [ 737.925468][ C0] br_handle_frame+0xad8/0x14b0 [ 737.930309][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 737.935583][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 737.941478][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 737.946756][ C0] __netif_receive_skb_core.constprop.0+0xa25/0x4bd0 [ 737.953428][ C0] ? kmem_cache_free+0x2d4/0x6c0 [ 737.958350][ C0] ? kfree_skbmem+0x1a4/0x1f0 [ 737.963018][ C0] ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10 [ 737.970128][ C0] ? kfree_skbmem+0x1a4/0x1f0 [ 737.974810][ C0] ? kfree_skbmem+0x1a4/0x1f0 [ 737.979493][ C0] ? sk_skb_reason_drop+0x136/0x1a0 [ 737.984718][ C0] ? ip6_mc_input+0x515/0xf60 [ 737.989416][ C0] ? __pfx_ip6_mc_input+0x10/0x10 [ 737.994445][ C0] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 737.999655][ C0] ? __lock_acquire+0x622/0x1c90 [ 738.004601][ C0] ? process_backlog+0x3e7/0x15e0 [ 738.009616][ C0] __netif_receive_skb_one_core+0xb0/0x1e0 [ 738.015587][ C0] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 738.022089][ C0] ? lock_acquire+0x179/0x350 [ 738.026761][ C0] ? process_backlog+0x3e7/0x15e0 [ 738.031774][ C0] __netif_receive_skb+0x1d/0x160 [ 738.036887][ C0] process_backlog+0x439/0x15e0 [ 738.041822][ C0] __napi_poll.constprop.0+0xba/0x550 [ 738.047193][ C0] ? skb_defer_free_flush+0x149/0x280 [ 738.052568][ C0] net_rx_action+0x97f/0xef0 [ 738.057263][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 738.062451][ C0] ? mark_held_locks+0x49/0x80 [ 738.067205][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 738.072417][ C0] ? tmigr_handle_remote+0x132/0x380 [ 738.077743][ C0] ? mark_held_locks+0x49/0x80 [ 738.082797][ C0] handle_softirqs+0x219/0x8e0 [ 738.087555][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 738.092826][ C0] ? batadv_tt_purge+0x25f/0xb80 [ 738.097755][ C0] do_softirq+0xb2/0xf0 [ 738.101910][ C0] [ 738.104822][ C0] [ 738.107758][ C0] __local_bh_enable_ip+0x100/0x120 [ 738.112944][ C0] batadv_tt_purge+0x25f/0xb80 [ 738.117706][ C0] ? __pfx_batadv_tt_purge+0x10/0x10 [ 738.123098][ C0] ? rcu_is_watching+0x12/0xc0 [ 738.127859][ C0] process_one_work+0x9cf/0x1b70 [ 738.132912][ C0] ? __pfx_process_one_work+0x10/0x10 [ 738.138283][ C0] ? assign_work+0x1a0/0x250 [ 738.142868][ C0] rescuer_thread+0x620/0xea0 [ 738.147801][ C0] ? rcu_is_watching+0x12/0xc0 [ 738.152569][ C0] ? __pfx_rescuer_thread+0x10/0x10 [ 738.157757][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 738.162940][ C0] ? __kthread_parkme+0x19e/0x250 [ 738.168035][ C0] ? __pfx_rescuer_thread+0x10/0x10 [ 738.173226][ C0] kthread+0x3c5/0x780 [ 738.177289][ C0] ? __pfx_kthread+0x10/0x10 [ 738.181873][ C0] ? rcu_is_watching+0x12/0xc0 [ 738.186618][ C0] ? __pfx_kthread+0x10/0x10 [ 738.191196][ C0] ret_from_fork+0x675/0x7d0 [ 738.195777][ C0] ? __pfx_kthread+0x10/0x10 [ 738.200366][ C0] ret_from_fork_asm+0x1a/0x30 [ 738.205147][ C0] [ 738.208723][ C0] net_ratelimit: 13195 callbacks suppressed [ 738.208737][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 738.226936][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 738.239466][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 738.251994][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 738.264246][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 738.276623][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 738.289271][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 738.301921][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 738.314242][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 738.326537][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 743.189266][ C0] net_ratelimit: 10825 callbacks suppressed [ 743.189284][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 743.208039][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 743.220585][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 743.233191][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 743.245827][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 743.258134][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 743.270496][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 743.283312][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 743.296019][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:e6:ab:83:51:f8:e1, vlan:0) [ 743.308385][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)