last executing test programs: 2m3.398267995s ago: executing program 1 (id=3868): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) mmap$auto(0x7f, 0x202000c, 0x3f15, 0xeb2, r0, 0x8000) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kcore\x00', 0x101000, 0x0) preadv$auto(r1, &(0x7f00000002c0)={0x0, 0x8010000}, 0x5, 0xfb, 0x8100000001) socket(0x1d, 0x2, 0x6) r2 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r3, 0xfd}, 0x6a) r4 = openat$auto_transaction_log_fops_(0xffffffffffffff9c, 0x0, 0x8000, 0x0) readv$auto(r4, 0x0, 0xc) syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x1000, 0xdf, 0x9b72, 0x2, 0x8000) r6 = socket(0x1d, 0x2, 0x6) r7 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$auto(r6, &(0x7f0000000040)=@can={0x1d, r8, 0xfd}, 0x6a) sendto$auto(0x3, 0x0, 0x79, 0x2, 0x0, 0x20) sendmsg$auto_OVS_FLOW_CMD_GET(r5, 0x0, 0x800) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0xa, 0x3, 0xe, 0x940, 0xfffffff8, 0x3, 0x1004, 0x1, 0x9, 0x5, 0x6, 0x7, 0x1001000, 0x8, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xfffffffffffffffe, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0x4, 0x40000081) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r9 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r9, &(0x7f0000000240)={0x0, 0x52, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x8044) r10 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) kcmp$auto_KCMP_FILE(r10, r10, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) prctl$auto(0xf8000000, 0x400, r10, 0x3, 0x1) 2m2.306947422s ago: executing program 1 (id=3874): mmap$auto(0x0, 0x202000b, 0x8, 0x9000000eb1, 0xffffffffffffffff, 0xfffffffffffffffe) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x20044010}, 0x20000008) r1 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES2(r1, 0x4008af25, &(0x7f0000000080)=0x3) mmap$auto(0x6, 0x40, 0x3, 0x18, 0xffffffffffffffff, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000200)=""/73, 0x49) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x1f, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) userfaultfd$auto(0x7fb) ioctl$auto(0x3, 0x80000541b, 0x38) close_range$auto(0x2, 0xa, 0x0) syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0) r2 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x28001, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty1\x00', 0xa0000, 0x0) r3 = openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) copy_file_range$auto(r3, 0x0, r4, 0x0, 0x21c3, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x7, 0x95f4da0a, 0xffffffffffffffff, 0x8000000000003, 0x64, 0x80000801, 0x400009, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000340)='\xae\xffB_i\xa7\x1d\xa9\xe9\x16h\t\xe7p\x04\x00}3\xfc\x18U\xb8\xd4.%\xef\xc5\x9f\x9c\xe6P}}\xdf|\x14\xaf\xa9\x8d\xdf\x03\x800do\xac\n\xcdc\x17\xd63s\xf9\x1c\xd5\x05\xcf#\x0eoP>\xd8\x11\xdd\x89\xd2\xf8\xef\xe8[-\xaf\xf72\x9d\x18\xfeKZ\x03r\xbdL\x98\xbe\xfc\r\xb2\x05\x9d+h\x8e\xf6\x9a\xb2B\xbfxy\x97\xd2\xeb1?\xe83n\x8d\x1c\xde\x89\'h\xf7I\x88\xfdD\xcd\xaa\x7f\xb8\xbf\x15\xc9!\xb6\xc3\x87\xc1J\xb8\x00\x00\x00\x00\x00\x00\x00', 0x81) select$auto(0x10, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x10000, 0x6, 0x800, 0x3, 0x749, 0xc, 0x400000010006, 0x3, 0x4, 0xfffffffffffffffe, 0x6, 0x9, 0xffffffffffffff81, 0x4]}, 0x0) close_range$auto(0x2, 0x8, 0x0) 2m1.285968006s ago: executing program 1 (id=3879): openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/uprobe_events\x00', 0x107282, 0x0) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) (async) r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/renderD128\x00', 0x88002, 0x0) mmap$auto(0x210, 0x100000002020009, 0x3, 0x800000000000010, r0, 0x8000) get_robust_list$auto(0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) socket(0x10, 0x2, 0x4) (async) socket(0x10, 0x3, 0x6) (async) r1 = socket(0x10, 0x3, 0x4) (async) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r2, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43344b15bd494886e355cf6d92c8fe670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014100005800c00c50003000000000000000c02368008027a8087010c800800e800", @ANYRES32=r1, @ANYBLOB="0800fb00", @ANYRES32], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x14) (async) socket(0x11, 0x2, 0x100300) socket(0x1d, 0x2, 0x7) (async) socket(0x2, 0x1, 0x0) (async) socket(0x22, 0x1, 0x200000) (async) socket(0x1d, 0x2, 0x7) (async) socket(0xa, 0x2, 0x73) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x2, 0x1, 0x0) (async) socket(0xa, 0x5, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup_max_time_ms\x00', 0xb480, 0x0) (async) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 2m0.900496499s ago: executing program 1 (id=3880): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) unshare$auto(0x40000080) ioctl$auto(0x4000000000000c8, 0x400454d9, 0x3) setresuid$auto(0x8, 0x0, 0x4) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x842, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/zram0/disksize\x00', 0x2202, 0x0) read$auto_cachefiles_daemon_fops_internal(r0, &(0x7f0000000080)=""/232, 0xe8) write$auto(r0, &(0x7f00000001c0)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x3dec) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) keyctl$auto(0xe, 0x1, 0x0, 0x5eaf, 0x8) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/vs/run_estimation\x00', 0x88042, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f602, 0x0) timer_settime$auto(0x0, 0x519a, &(0x7f0000000100)={{0xa6, 0x7}, {0x0, 0x3}}, 0x0) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') open(&(0x7f0000000100)='.\x00', 0x591002, 0x408) syz_clone(0x8000, 0x0, 0x0, 0x0, 0x0, 0x0) connect$auto(0xffffffffffffffff, &(0x7f0000000140)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x43, 0x4, 0x3}}, 0x100) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd.', 0xd, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) 2m0.330850416s ago: executing program 1 (id=3882): r0 = openat$auto_usbfs_devices_fops_usb(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) lseek$auto(r0, 0x0, 0x1) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cec4\x00', 0x181f82, 0x0) ioctl$auto_CEC_TRANSMIT(r2, 0xc0386105, &(0x7f0000000040)={0x40000000001, 0xfffffffffffffffe, 0x2, 0xffffffff, 0x4e3, 0xffffffff, '\x00', 0xa, 0x26, 0x82, 0x5, 0x4, 0x5, 0x3}) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/mpls/platform_labels\x00', 0x101202, 0x0) (async) ioctl$auto_VHOST_SET_VRING_BASE(r1, 0x4008af12, &(0x7f0000000340)={0x80000001, 0x7fffffff}) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/arp\x00', 0x0, 0x0) pread64$auto(r3, 0x0, 0x6, 0x809) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/tcp6\x00', 0x20100, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/pcm\x00', 0x88002, 0x0) pread64$auto(r4, 0x0, 0x594c, 0x9fffffffd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1fb, 0x40000007, 0xd3e, 0x1, 0x948b, 0x4, 0x95f4da0a, 0x10001, 0x3, 0x62, 0xc0000001, 0x7, 0x6d3b, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) 2m0.06643981s ago: executing program 1 (id=3885): futex$auto(&(0x7f0000000600)=0x4, 0xb, 0x4, 0x0, &(0x7f0000000680)=0xfff, 0xffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001180), r0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000c2844a908d2d320100432dd189d00d2ca0327e57fd586ebbf08a7ec3cd435a281b559ae4482b5cea6c5afda4ff2afd162a9c034ce1518d2f842ce48edf079f4bd3f95bbfe2a25bd680756ad4e8e4609e9775ebe2c8363b839dff2873e6c4f0cb5846080a2361ac29bc8dccad0ccd69baceae709d68dd48339103ea1e8bc92809e073d6369e8db67307c363d08a85cfe8", @ANYRES16=r1, @ANYBLOB="01002abd7000fddbdf250400000008000c0003000000"], 0x1c}, 0x1, 0x0, 0x0, 0x404c091}, 0x40000) 1m59.419697416s ago: executing program 32 (id=3885): futex$auto(&(0x7f0000000600)=0x4, 0xb, 0x4, 0x0, &(0x7f0000000680)=0xfff, 0xffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001180), r0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000c2844a908d2d320100432dd189d00d2ca0327e57fd586ebbf08a7ec3cd435a281b559ae4482b5cea6c5afda4ff2afd162a9c034ce1518d2f842ce48edf079f4bd3f95bbfe2a25bd680756ad4e8e4609e9775ebe2c8363b839dff2873e6c4f0cb5846080a2361ac29bc8dccad0ccd69baceae709d68dd48339103ea1e8bc92809e073d6369e8db67307c363d08a85cfe8", @ANYRES16=r1, @ANYBLOB="01002abd7000fddbdf250400000008000c0003000000"], 0x1c}, 0x1, 0x0, 0x0, 0x404c091}, 0x40000) 9.951846003s ago: executing program 4 (id=4440): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socketpair$auto(0x1e, 0x5, 0xfffffffe, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x103, 0x8, 0x100000000}}) ioctl$auto_SNDCTL_SEQ_TESTMIDI(r0, 0x40045108, &(0x7f0000000000)="6c82b33bec8d2a4cd120df8687b0a7c8b3f0a93a7afa9c763151bfaeb46d85") close_range$auto(r1, r1, 0xfffffe01) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone3(&(0x7f0000000080)={0x123060000, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, 0x0}, 0x58) madvise$auto(0x0, 0x2003f0, 0x15) 9.715845598s ago: executing program 4 (id=4441): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0x10001}, 0x5, 0x20000000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) ioctl$auto_RTC_IRQP_READ(0xffffffffffffffff, 0x8008700b, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) fadvise64$auto_POSIX_FADV_NORMAL(0xffffffffffffffff, 0x7, 0xd, 0x0) write$auto(0x3, 0x0, 0x7fffffff) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0xb, 0x2020005, 0x1, 0xfffffffffffff593, 0xffffffffffffffff, 0xffffffff) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) unshare$auto(0x40000080) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(r0, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) pread64$auto(0xffffffffffffffff, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) ioctl$auto_VHOST_SET_VRING_CALL(r1, 0x4008af21, 0x0) 6.815935316s ago: executing program 4 (id=4448): mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0) (async, rerun: 64) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (rerun: 64) mmap$auto(0x0, 0x1, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async, rerun: 32) futex$auto(&(0x7f0000000080)=0x1, 0xb, 0x1, 0x0, 0x0, 0xfffffffa) (async, rerun: 32) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) ptrace$auto_PTRACE_GET_SYSCALL_INFO(0x420e, r0, 0x5, 0xa) read$auto(0xffffffffffffffff, 0x0, 0x80000001) (async) setresuid$auto(0x2, 0x7, 0x8080) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0xc008010}, 0x4000001) (async) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x13, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8040) (async, rerun: 64) r1 = socket(0x10, 0x2, 0x0) (rerun: 64) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000140), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) (async) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) (async) write$auto(0x3, 0x0, 0xfffffdef) (async) io_uring_setup$auto(0x2006, 0x0) (async) madvise$auto(0x0, 0x200204, 0x15) (async) io_uring_setup$auto(0x1, 0x0) (async, rerun: 32) futex$auto(0x0, 0x56, 0xfffffffe, 0x0, 0x0, 0x2) (async, rerun: 32) uname$auto(0x0) (async) mmap$auto(0x0, 0x400008, 0x1000000000000df, 0x9b75, 0x2, 0x8000) (async) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/per_cpu/cpu0/trace\x00', 0x408880, 0x0) socket(0x11, 0x3, 0x9) (async) ioctl$auto_SG_GET_VERSION_NUM2(0xffffffffffffffff, 0x2282, &(0x7f0000000440)="a053388c103b1b46") openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, 0x0, 0x123880, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendfile$auto(0x1, 0x3, 0x0, 0x74c) inotify_init1$auto(0x3000000000000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x40000, 0x0) 5.565092804s ago: executing program 4 (id=4453): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8003) madvise$auto(0x9, 0xffffffffffff0005, 0x15) madvise$auto(0x0, 0xffffffffffff2001, 0x15) (async) madvise$auto(0x0, 0xffffffffffff2001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) rt_sigqueueinfo$auto(0x0, 0x1, 0x0) (async) rt_sigqueueinfo$auto(0x0, 0x1, 0x0) 4.572913597s ago: executing program 2 (id=4456): mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2a, 0x80000, 0x94) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon39\x00', 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/system/cpu/vulnerabilities/reg_file_data_sampling\x00', 0x719b02, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000080)=""/150, 0x96) ioctl$auto_MON_IOCH_MFLUSH(r0, 0x9208, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0x7, 0x13) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r2 = socket(0x2, 0x80002, 0x73) getpeername$auto(r2, 0x0, 0x0) r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) ioctl$auto(r3, 0x92106400, r3) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000ac0)='/proc/thread-self/net/sctp/remaddr\x00', 0x8200, 0x0) read$auto_proc_reg_file_ops_compat_inode(r4, &(0x7f0000000b00)=""/147, 0x93) 4.23338753s ago: executing program 3 (id=4458): write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) fsconfig$auto_FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, &(0x7f00000001c0)='\xf5\x00', 0x0, 0x0) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x149800, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) setresuid$auto(0x0, 0x0, 0x0) ioctl$auto_BLKALIGNOFF(0xffffffffffffffff, 0x127a, 0x0) sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, 0x0, 0x8000) write$auto(r1, &(0x7f0000000080)='/sys/devices/virtual/mtd/mtd0/bitflip_threshold\x00', 0x5) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x2c2001, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4, 0xfffffffffffffffe, 0x40eb1, 0x401, 0x300000000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/mtd/mtd0/bitflip_threshold\x00', 0x2062, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x181500, 0x0) sched_setattr$auto(0x0, 0x0, 0x7b) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r2, &(0x7f0000000100)="0a1b9a3c3e3e006e163bb154d7886d8ea5c2574c58e9867ecec3371cadb848770dc8f745d1c76eedba12b9f694dabdbcf3401910bb713aca465c9bbc23b5d40a", 0x40) fanotify_mark$auto(0xffffffffffffffff, 0x9, 0x9, 0xffffffffffffffff, 0x0) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r0, 0x0, 0x9) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/nr14/proto_down\x00', 0x82942, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) 3.976983268s ago: executing program 3 (id=4460): r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0xffffffffffffffff, 0x8, 0x2) mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r1 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r1, 0x0, 0xfffffdf1) fallocate$auto(r1, 0x3, 0x8, 0x9) linkat$auto(r1, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) mprotect$auto(0x0, 0x8000000000000001, 0x8) socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x9, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r2 = socket(0xf, 0xa, 0xf) setsockopt$auto(r2, 0x1, 0xc, 0x0, 0x7fffffff) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x1, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x154) read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000200)=""/53, 0x35) execve$auto(&(0x7f0000000280)='./file0\x00', 0x0, 0x0) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') execveat$auto(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) rename$auto(&(0x7f0000000000)='./file0\x00', &(0x7f00000002c0)='./file1\x00') inotify_init1$auto(0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) 3.556299806s ago: executing program 0 (id=4463): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0) ioctl$auto_KVM_CHECK_EXTENSION(r1, 0xae03, 0xec) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) madvise$auto(0x5, 0xc0, 0xfff) shutdown$auto(0x200000003, 0x2) unshare$auto(0x40000080) prctl$auto(0x39, 0x6, 0x4, 0x1, 0x3) connect$auto(r0, &(0x7f0000000140)=@xdp={0x2c, 0x2, 0x0, 0x2b}, 0x55) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000002440), 0x0, 0x0) write$auto(0x3, 0x0, 0x5c8) remap_file_pages$auto(0x5, 0x7f, 0x0, 0x8, 0x9) semctl$auto_SETVAL(0xb134, 0x9, 0x10, 0x3) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) landlock_create_ruleset$auto(0x0, 0x3, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x7) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x105843, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x4785, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyvf\x00', 0x0, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) ioctl$auto_TCFLSH2(r4, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r4, 0x5423, 0x0) socket(0x2, 0x80002, 0x73) mmap$auto(0x0, 0x202000a, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) fstat$auto(0xffffffffffffffff, &(0x7f0000000300)={0xff, 0x7, 0x48, 0x4, 0x0, 0x0, 0x0, 0x6, 0xe, 0x803, 0x9, 0x2006, 0x9, 0x7ff, 0x1, 0x100, 0x8}) 3.410243805s ago: executing program 2 (id=4464): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000080), r0) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) mmap$auto(0x1, 0x400008, 0x87, 0x9b72, r0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88ds\x1cJ\x99\x00:\x00!\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) r2 = socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getsockopt$auto_SO_SNDLOWAT(r1, 0x401, 0x13, 0x0, 0x0) read$auto(r1, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x0, 0x0) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x400000003) r4 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000040)="8c9700089d1b208365d5b5d112dbab029ed13881d2f2c7ba2eb01c3db79f77fdc2bb50c64a925009dff4cd1aca925c57100112d88f73348a54396800ed598a0e5500d7c0cbb6b1e91d", 0x40000000001243}, 0x4, 0x0) ioctl$auto(r4, 0x400454ca, 0x38) mmap$auto(0x3ff, 0x4020009, 0xdf, 0xeb1, r3, 0x8000) r6 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000a00)='/dev/sg0\x00', 0x101000, 0x0) process_madvise$auto_MADV_NORMAL(r2, &(0x7f00000001c0)={&(0x7f0000000240)="531bedf42bf4963ec068477080ff926376b948073c3744a1b3526146b0d01a85e700b7a079704aa5f2010bb43013a84682c2bfa9af640441ba2ba18ab28584fb17f0202b2312c8f547af80622a8915ebd0fbd599ba39009043b3cba56cbd5e9e1c606058e59d26330edb1e9ab49e6836d3ec0fa3d6153c817fc53c9dac72da47f9819a3bc70f88f3f63d6a7750a6a23e1b28fe", 0x7}, 0x5, 0x0, 0x6) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000300), 0xffffffffffffffff) ioctl$auto_BLKSECTGET2(r6, 0x1267, 0x200000000000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x73) r7 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0x20b42, 0x0) write$auto(0x3, 0x0, 0x100082) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r7, 0x40045010, 0x0) write$auto(0x3, 0x0, 0xffd8) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 2.975005647s ago: executing program 2 (id=4465): unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) prctl$auto(0x4000002a, 0x3, 0x0, 0x1, 0x0) (async) write$auto(0xffffffffffffffff, 0x0, 0xe43) (async) r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x640, 0x0) read$auto_mon_fops_binary_mon_bin(r0, 0x0, 0x0) ioctl$auto_MON_IOCG_STATS(r0, 0x80089203, 0x0) (async) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) close_range$auto(r0, 0x8, 0x0) (async) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) (async) openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f00000018c0)='/proc/thread-self/mounts\x00', 0x80, 0x0) (async) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) (async) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0x1000, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) (async) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8003) (async) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x11, 0x0) socketpair$auto(0xfff, 0xe, 0x7, 0x0) (async) r2 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0) ioctl$auto(r2, 0x3b84, r1) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x0, 0x0) recvmmsg$auto(0xffffffffffffffff, 0x0, 0xfffffff9, 0x10, 0x0) (async) bpf$auto_BPF_PROG_LOAD(0x5, 0x0, 0x9) (async) getpid() (async) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x2100, 0x0) (async, rerun: 64) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x40800) (async, rerun: 64) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) 2.95885411s ago: executing program 0 (id=4466): r0 = openat$auto_show_traces_fops_trace(0xffffffffffffff9c, &(0x7f0000001100)='/sys/kernel/tracing/available_tracers\x00', 0x800, 0x0) mmap$auto(0x0, 0x2, 0xdb, 0x18, r0, 0x8000) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x4}, 0x1000000000029, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) times$auto(0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) execve$auto(&(0x7f0000000080)='./file1\x00', 0x0, 0x0) r2 = open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x154) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x16240, 0x0) execve$auto(&(0x7f0000000280)='./file0\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x40, 0x400000eb1, 0xffffffffffffffff, 0x7ff7) mbind$auto(0x0, 0xfa9d, 0x8001, &(0x7f0000000280)=0xc9d, 0x400, 0x1) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/numa_maps\x00', 0x20000, 0x0) read$auto_proc_sessionid_operations_base(r3, &(0x7f00000000c0)=""/4073, 0xfe9) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) pwrite64$auto(0xc8, 0x0, 0xfdef, 0x3) socket(0x18, 0x80000, 0x4) socket$nl_generic(0x10, 0x3, 0x10) writev$auto(r2, &(0x7f0000000080)={&(0x7f00000010c0)="e14e430544a93eef44f34af1ff3336fb36000000d16496f43a5e271ce0de9e574110022fd00400000077110bf72ecc118f109df47b8f", 0x2}, 0x2000000000000003) openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer2\x00', 0x8100, 0x0) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, r1, 0x8000) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) 2.915854616s ago: executing program 3 (id=4467): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) capget$auto(&(0x7f0000000040)={0x400, r0}, &(0x7f0000000080)={0x9, 0x6, 0x9}) r1 = socket(0xa, 0x3, 0x3b) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) chroot$auto(&(0x7f0000000080)='}[,&*}\x00') r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) read$auto_proc_pid_set_timerslack_ns_operations_base(r2, 0x0, 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r2) sendmsg$auto_NL80211_CMD_JOIN_IBSS(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r3, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [@NL80211_ATTR_RECEIVE_MULTICAST={0x4}, @NL80211_ATTR_FILS_ERP_USERNAME={0xa, 0xf9, "23d6ceaa98e9"}]}, 0x24}, 0x1, 0x0, 0x0, 0x801}, 0x40800) sendmsg$auto_NL80211_CMD_NEW_MPATH(r1, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="f8100000", @ANYRES16=r3, @ANYBLOB="040026bd7000fddbdf25170000000800dc000b0000001c0081800500010004000000050001000100000005000200230000003400fd001b8847cf1cc4d1b7718770a02dd752511c6de82bbb6d8dcee679026eebd0fda80c95dc2f3a744be781948dbd718563f87800a6800c0081000400000000000000f6dcf4802fb011bbd02ff91deafe95ac54050ea21475b5ba749cbc8f4a57b9f4c85ed354f6460f5becfc3acc4685380174c1647b8bfd95a5af6fb78b66da02ed4910a13fb6286a73ee327544473240e59668ed5c526b685ba11a958b0b7fd55f0800f900b5530000080027000001000004109c00c646010d08db5726bbc4f90dc9d1a3d046d4028ccfd5b640bacd4c619f4bd4b6cd1b9a5dd72b3e8b5ea3b1e8dd1c461e625a7eeab454d103f58ba2c3e4bc41ffbf4e3cfd320552696321b1c6d07bfb73a06657f005079c8990e4410cc47f96de4817977b30cc4b08d25e7f4a10f83773ebeb61ebf9de15aebb70c734c6626b28721ee44527b2dd9e39e440ab5d02ab727f22b8a686d53f1633c0aa795c3b108852d3d54287036759b1921fa1f56b653473791abd2dcab7d058ce40ba6e5012c4763051b79e17e3575bfd1092085367fe67723e27c38040e63229c0a8b137cb836517c6915bde38d6f5378509930f9da89e14b203d11600657db4cd5e3daf696172ecd6797948da3bebda703145180ad874672bf0c872a0aff3f4559e34e76bce8e8b2d3f0dd05d5ae70d11c3e7166e20c3d1498d85d5b08590ee396f6efa804d22dbebcd74fab979c4a256c8eae89e9433d8e950366bdd47f306805cd9a2fa1eb40ade65d842a77809069a63c3285e12912b4f1b0ba1d8057449a74399c03f175f0433a88473597ec61014a31f30cc0905a23a6c8df6cfa170f056c71bfd3082c5d13e268fb290ada302a6237ccb26e085fbdf6b1fb63edba59813b32eb2dc0822afed83075e5410497b0b1be26a6439729cd82de7b6e5c86fbcf3ed878882170f23436d21e16a3f7cdf7ec6b6534b4139208b624eea288f8feaffe3dde806e4b7fa00af3e9e5c869e7f288fc2b83a66f7189c463005afb53ed82480d385cf3342e8565e660dbad3efd88abd8c9039d737ea2d48d498dbdc3046269593be5e4dcce48161aa74f50079d24901ad25cddeb93f41f51257b552d0a808eace62de65db34e5f12c8d91990ced14492e7c7341f3b697ad3a8f83614556673aaf97de2b2e2b8826464a2d36a826328560e0dfa271ddeee7fd55764f0a69d4f960602f8c5842a06d72df6033c221b626421771d0e81dc1442d2c3b2091e50e6ba312aa6ff81d770f376abe103a25e323ab6626c7f3849ae6611c0c108111afd17d4e92d65856e2ffe0c5541facaf6751f032fb0239c8cac94261f79eff2758db01c6db9d150e631365b543d921af8bf44f5fa7bdce10050ae3f56fb554df3997dfd57db19748cf3a5d145c0ab24f6b2dd33a8337a6801019dfa7f3ecfcb0813bf558149feefd7c88260d6ed113b550b9a53067fc617fe85277abda73b5473186b016873fcb90b8ba3ded92a02c40da4e03d93a53cc0625ae63cc3c858d618c4830994a01cd21f6a47d98ea6b6e561a4f501eb7a2fc78b80efcf6cfbd24e195a07fe02d017d5cab63e1b6cf3bf16032bee2fef463644192d6d850275439427e8fc93d3626dbc6829a87d4a445272c48d19302253b9a473882b10f70335ae1687ce4eb7d85cc262d1e59bb9bd32196b4ce024957987992c370f6b066c40f0277834f20b4c1d378ee5a7cd30e9ba1a64bd5a6baa62b68c96cbc930c683806b8305ffa1c01440eef4e6f75b7f142ddcbc6a63cf3b65652935be9ee31fb4ae770cc7b76388f409a4dbf7a5fca734e9cfebb13992da2ab151ef7622e26f1d33178f2ded6f33eeb7c7e5767d6e9c0eda2d07951c1add3d30c7c3c22648cbb1e9f2c5e181f18d96a7182ecfa69cb3c59751ab195ebad0daf6b84867dd96382f1f749906de243c64cbfe640be51beba96089fe4fa4b0021c164cf984a32be646ae933414d8cac0c3c7f2add7273bd2a0b36ea9b8e66f769722d5466236e7ecdde4618598c66c84ec38eee63bb0e2a74d00aa53cf590152e32d5b0da1900354f56e329e6c629ba9bc0f19dde95bd1b86b7f4a080b011eee851979f7e1004b1ed88b5cb0e55580e20cdf35b4d06a2f529744887c9df31786a941a6745306f567c4561897b2ef72c25b1588c5b25b33092f2e8e697245677ff6bdeaf5c228dc580b728bdad4708e88d4968e42ffc6c121b608886582b76b6c8bc9c14c627a233fe1cf7551fe47f94e8560bb3fd4c3c4434af0b9bdddf541471ee095f7f68838fd8ab2a89cf024f91de75accd036ed0500f5c64ac90c1f493594d8c8a77f8798fab4d3735e0bf484fd95b1530d6bdf8968ba1ef7794cd96bd46573e4c4bd317f1551476a540b6deb71621142acc1f316b759c9b6bfaef2de6a98ac40c4a0f1ef0e1430cfc066eb4721323953af26defd88577aa1d6b6456f3f7d1e7cc63612f45f02bfd1bcdc882a5f10e8c32e7b793b5c15dbc0fad77d23cf99d53bf817b25fcb0c447691d7eae34c2c22c94f909a16506e30a718cf2b2464dda732b0549802f03a08e8a8ce2fafda0a6cd77a4d6a5566911a09af21001af13f512d4a0c209d44a2218b8e5524777fad7abea833cde9376dbe8befb5cd735eb3be9669ceb7d378e1b1fd7175318e4540b3cc9d9df33f6de74aae69c692ff13cf393a3303295c12441d5578b67b4337ed6cce4f14de2397c4e1eb087a16c1b23e6d851533b4ab3b42ace4e90b4e56f27b7d92a47b59e544acb2e283a2c63ec6682a59aa8a682b35c6de62cd9dc33f432697005cb9ccdd987eae3f1f6526ed53478f32e84252c54436faaec6bf811622f76fcc43fd71e5950261598aa33c0eb171f62f255553660940875169c13402fff888cb77a90a599ccbb6a845fad93dd67987207adfa3ef1bcea0cf137b6ac4d073e7751c0c26406e7f7410e3a9ed1e24e37464c88a88892df1eddaff04a1e217c075060db42b8334993a9e29816cab20c153ff11bf3935bd9d86464edf289fde743c7448c4f1c0f2a7602b7fc6dcb174f33bb99ec66a5b3ad0632572da551bc3aa5d7c3a09c44b122acc72d82011e7def1bea920c9381e05674a33e95063655722e99d59d8f7f7e62bfc6ab2de4c8565d30175993ca4476007554fe2a89be4161134fa90979f79110c11a77edcd708c41bff3e8fd442b7926be1fc3b03fa2483049a8caeb7cbbb8f532e63fb901b558b96dc3489857c8746ec7cc564f88ebd70c2b492f1186c0acfd30736f05c9f9eab9c494d6c6998086ddd9b770f21320a701fdd265759dd2c468670878568ea9a41fee0bdbb2f0075432e4130ed7bc43c2f0da692e031c5e49ef9b2e8a27c28617bfcfc6d2db013f68f791fdc761464b8c7438a939fabc599a3fe44af1579f38d6d75a6ecc8d0c7f1fb0b8018e9af66a6bbd1cab5f7091bd0fc54ea025672e5465b24d797886aa708ed33b65ac7fca7918559a066ecfea27f7bb3f339e9a6c3b21905b9535c01ac70d9a8297ddfe46c81d629af9f138c6c122ebaa5bf1685a7bfa35f5b67fdb9e3b1bd3e519a5dfa201ee630da3e535df7ea8c8456ea7641d5ac52e089afb05363070e2c38076f39f71dc0f93980afd37ac133f9def0683b2745259b2c6f2d5943a1d19e45c4d4c38bd2c532ac95f7394720770c0caaec361e8541ff42b568aa2f116331253737067f0d91b1bb34bb2d04a587b487dbd4298a85be153cdbe84397df25265b1ca9e67f286a04b864162819b0c2362155c74f524b224e73f573339ae16844bd582a803ec40154fab2f8ff2136617f2c73b2d6bd9b8a204693307f8239d2ea2fd906f8650d06c02ae55ba3eddba227c1dfec34a7d852e948c2161624600d020a320912469226458a02285dc2af2849c39934ac95d18501d33e557dd7a6e281e028896b917b59f0db8571c1f4f5dc89a129ca6fd20f00a4ea0af79b7bfd51c6b8303ad9a72cdf4c7de388b84b59230a96eae5bbbf6cf0c27ec2cd442adac88949c1a9041f4d565a95bd06bcc264adf345b491bbcc5ffec4712c6a49e0d98c590837bed65a9199ec8bf17d2455ae7481a510d7425c0aa47de644ba37a45b81f479ecc452d6fb5872b82de4445e57b22c5d4b7949852ab4a34224ddae20778e5dbd30770959c25aff64db4f406fd167d8dc42b1051a80c2e212a5d209647454a2a009ef8702eca920c326c50654213385c2c2453f69e0fa033d58a56faa6d54b1f447f450fd7f2bdd8ce86debbfc85e41a11fac0cafa417cd3242e2e04fcdbab852bd489b5341b34fb7ca37615ed3fbcc9436ab7eb1fc90319853e018dae23982e4792672016768b10bc709aa1ae7b14500a1e70e9bc03288afd9e5352924f15c7866df424d95869061825f395659956e38604740b3c2aca1c28376fa6e8f92ff8da3aec1cab290d8f2d48a62347d5dd3437e898482ad72239c4c44d02b63cabc99144ade502d03edfe861824f8d84550f4e227fba7fc8674d1d58737e63ff5f7f1321f052c5a5d5139495e14cea7839b089966959eabc1ada4dd757e61c3128d1003593012bc328e26ddc2e6aefc28dc7e84237a0cb101d60cab7a6cd579478ea27cb8c457d3e5b2674380bf106ca37607cb97469c1fbdafd2f01bf8cd181d1ba9cb9fead0a10902803b320426a14cd72c0583f636ed71f9d2f849b9ab21be1ba59b3f007bb8ccbb26f407cde47d1a0b62c0bdde4a5450b17321ed2e1a17f9bb8709b42da0c215bc9ac837a7d4516ec4f5ad136513c29769ceb70026d048db7596c1dbe8bc1db3782734557bf04b193429481380c0db577ae3fa7ff66f863416138e5830a151f9f00714f490395e6e61a78ec00a3b50ef72a0cbda430fb1619f129de64748fe471c31e892599c94234bbc92edeb651b1ede8da3834eee5af08bd2b76fb12728884d9f11f1db1cd654b7adf755b54ab72a28c2d105773230e0a2c932e70a655523ba03e0ffc8b497a5a4da2bb63def1c7727e744f1b136aeba50a68ec4e108f71f227b22407bda34e0e96e6ac0ba7b93832bb85234a6787b53fcd11b9c96e2d01e3520a80e9deaeeb770edfadaa8e175cbfa13dc53a23b492f0e435721ab4d6621dd99e11d9cf678699acb330653d1c89f47ff7db877758f09b1723e4876b6d7125f33f6285efadc156fbc32308dd54c5f5bcc175d206e29cdfdbd5fca14e8298c6341eda48aee10db34c7fa8cf3f0d3ea99d9ec4a2db53aaad6d876d10dafc1e15104fff5309ca52faa0f69ee9a09e59019afb8d300e92f93b0ef6b54a8adf5f401a31815c7bc4c3e340a5c3be26ea95c2489e3f22d3ed782fdcbf8c5b5d24e9518bedb05fe5f8781d584f13e8f06fbda059f9b18d5f8ba8fa6d6f920d2884c7db0613559b058ba49c2ea1d14638cda94b3ffe090a23eecc200fcb7aad366ae11a9f97b48e392a157d2710485a957e4a61ad09b04e417227d69fd96bf227cc738334d949b740eeebf36d9da9dcdcb0b0604dda5d9eaa5038403666b1de704dacb1f733181df28b25625c6f6247f5438c0e5577dbfd380b8e7bb0aeb32ac46a207764fc3e5419d782520ce6b2e046938eb0f852f0bbe92d7dc524e8c183db60690756201942e7f23ff9083ebebf4d0472bb0180526d579782ab66bdb429ab7cd5dc74e0524c34bf263cd08f2ec25740560e80c130e854df06241b2628ced4468a953398e742b8bad492a7c9c02f106c1b145e4892e15afc126a4637b38777d4e081bee21f4b56a2bf64c39b4d495fd971afb63f484381b49461c7a59ce4b9c151823d5f1bbad7893946008526ce59a90d6d48afef28b1483442105581eeb0e8b9eb9fbd063c97bccd74785a3d4ae4ee3ff1f783f45c222c93f65b5aebb96b4da2d81271e21b41f95fce27e3725897a98068371b7e7fa5a8caf3731638d074f626df19d560baab23839d5a5e5841422029c1b52a376108acc867877f0167b7a9b1674f092cc0236fc72a78554efe9f6455e8ff31a8919bd78e561cedc62a2cbe2966fb6306421a18ee7d6e8ac5927e7071929deab208005d0040290000"], 0x10f8}}, 0xe0) r4 = getsockopt$auto(r1, 0x29, 0x3a, 0x0, 0x0) syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000000), r4) 2.680302564s ago: executing program 4 (id=4468): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x100, 0x0) r3 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D1p\x00', 0x8a300, 0x0) sendmsg$auto_TIPC_NL_MEDIA_GET(r0, &(0x7f0000000c00)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000100)={0xaa4, r1, 0x300, 0x70bd2a, 0x25dfdbfb, {}, [@TIPC_NLA_PUBL={0x90, 0x3, 0x0, 0x1, [@typed={0x8, 0x11d, 0x0, 0x0, @fd=r2}, @generic="fefa1ad22161848bc656894ff517f99dfe05b5187334745165921fc0f5c723f49d5dfcbd892d9107716362a6eaaf0ae5ab6fdcef5e822a7bf905eb0ec732efde0161d98d619e1717cd95be74e952c5cad0f61b30999fb9d0fab088104ec76e0272889b71fbeb373628fe7918", @typed={0xc, 0xab, 0x0, 0x0, @u64=0x7}, @typed={0xc, 0x9d, 0x0, 0x0, @u64=0x9}]}, @TIPC_NLA_PUBL={0x3c, 0x3, 0x0, 0x1, [@nested={0x24, 0x70, 0x0, 0x1, [@generic, @nested={0x4, 0xad}, @typed={0x8, 0x11e, 0x0, 0x0, @uid}, @nested={0x4, 0xe2}, @typed={0x8, 0x60, 0x0, 0x0, @ipv4=@remote}, @nested={0x4, 0xc4}, @nested={0x4, 0x32}]}, @typed={0x14, 0x10f, 0x0, 0x0, @ipv6=@empty}]}, @TIPC_NLA_MEDIA={0x470, 0x5, 0x0, 0x1, [@generic="f7219d9489c49723daab9aa4f18b4b43998fe9c61385d121e300573927995146d48cde595e047e78e4bc7875126bd11a4ff73209aa9cf70dab449ccbc4c4ac87c8809d57144ba146742392f36e3fb52a000e9addc162860a89512bd585b57fa798bed9fa71496c2d4dcd8a90c1e993449445afed550a4a7ac42b0c7244c572ba77d494d2c7568e5aa098f5488e354f4a85d36b2da49ff9dfb8c3059fa620153205452bb0be2a942c9db50576c70323b8706e8896d8fe5131ad2acf57be7666f1d70aa8379f6449e4e66c2d095398f1f2a0c610e43c89bd679ab762da8d", @nested={0x4, 0x7b}, @generic="ae9215bcd3f58a60f3d0f2d952234b167877967d59eac541a66ac8b7b10a4341f64677d6065d94bf6b804380b968177bc5967db9f51583f661bcb80690ddda0ee128394dd236", @generic="66800af2d4318edbb888673fc698c90682842d521e5d9a3dec475412dfbd47b5abff7ee0228d0e416017ae8cd4f06611589d04264f308a9d29b41cea246c1a313f3451426be78d7f73c1d59bb61350fcf4f984a9d77b4e3423f4e5f3cd9abdd51dc1497f9956211c96ee629ca000ec18894ba48294fcbad7b9b5ecd540db39cf795b9a9f278d1138ff", @typed={0x54, 0x108, 0x0, 0x0, @binary="2dfaee88adb086a5234c06f46d8c1ca3889e4697b047d3dc40a17d77ad55181216230cc3f7f35a5ab6936b1cf1f616dbcb8a069c2185f832f133e947918a510f6977f9abefd98b8d808cc2e0fe6f990d"}, @nested={0x267, 0x60, 0x0, 0x1, [@typed={0xca, 0x44, 0x0, 0x0, @binary="7a1529ba077f5304b4a3190f3a384af477a1b9fc610202097bdbf371378a850ec7e53b8da84cb4a78c232bfeb91ae469f2a66982dfd885aa198513195984f9a69852e77637323b9d5b6076cadbe4fe40fa43837098aa23f1c9b77d535e9ac2b808a561af480aa03e21759b40fbbbeb75824ae2e65f1b92e5dc720795d64796fcfc7962627223129ccf5819b2397f5274c6d0b125a6fcc729242fe976a47d93549f94ed915a6be5f7a0a1ff159fb4655d41834dfcb2a7a68c63d5aad8d7e9cc6a1b74787c3980"}, @generic="2c56110922a318854abf08d1f76cdddeee42760baa1cd0314365977161e20f85cf68d1b598102af2ca70a94c2c78eca55e6d77", @generic="9a0457435b58b39e7adffdf9983f7c8b2fb7f97e06f0fa96e9c8a250f41eea0202adcc53db542cc7f26be8cd07dff98d26e2f7710465b1d065224530f1eac68666d40222593e123001d9afd63defbb1c494833f039cb7a366e58f21532d07727c70cd719b416c5fb46590be701017ea16e6831cc38f25d7f0fd92c4210fe553f9198915e9a7307698149f6edf522d0ece073bb102739ebffe3b7dbed9b3c9832eae364db4e0a940cbd68e965522f0bb2e5e98654ef8ecf1bf033399499582bdc41221974f12625baf6c76fc64b690a1b6191068525b8ceafaf95ede242e649fedce7fea659a7f9847d16defd321da2312cc1520ff9c72c", @generic="735815823c3d3477f9", @nested={0x4, 0x19}, @generic="82cef0b171c5b49decc1f18b99d742c2221670fd07d56174ce3e717a161cf4359613e566a53c31696593bde16a870eb2a5d77073febe3ddff9e21b04", @generic="4194a3741d2b8a38481b799db704e4d650c887f4ed6f9445a8903c09aa713123", @nested={0x4, 0x44}]}]}, @TIPC_NLA_NODE={0x238, 0x6, 0x0, 0x1, [@generic="7dc9f311ac02a5bec170711609b3f91b82dacdf0948e75b76318a6f6ae839962c9be9bda2e96801ba3838d88cc17c2125f1b02ab1d5bd46c622df4279211046a5becef250a1ba30dc2a03eac59cd992d4fcd0e06c247e36d7ed3b41821f411e761e8143f5608b6fa2483e4c6cf7ed7e3fa21937151d2b28fc3862d370799692cc7afbdd9b5570589", @typed={0x8, 0xc4, 0x0, 0x0, @u32=0x80000001}, @generic="08a3a52ff8e0f4fdca142fb25c8c822ae86769e5b450b745491b96e74d389b2d854648b5c200d2364955f2947ad8234e249cecea649c4d714617fbe3467784effc27bba66a3642b4b81a43339cd0cfcf77ee84585de7f9855bf3ac73def07ceb2e4ff8e324554aeb6fef560d9c2688b94b25957babc3f9e5fc72890b92c393ca551ce4faf432b10bdf4fabbe009608dfc229b907babcd4ceaaa6bd47287b9c429f9213086b6a0204ad9cfc42d594fa2c19ef901444882f00", @generic="34a654ffd81f61361a7646ba04289234c4e039e4db510df4f49e3dd6b07bee3ba1de895e32d0648a944be487e6a05c84977849da1cc6d6b4596000435632e03446ac535b0fc670fc01da189fbe236b5495415bf7e271d65355c5e6", @nested={0xc, 0x122, 0x0, 0x1, [@nested={0x4, 0x6b}, @nested={0x4, 0x3d}]}, @generic="93260b739602848d6ced7551926a307ff03420c84575a06ded704456f7333f52f185f6bfe63fcc7ec4e5cc2c266a007210a1a975036251d48c294c8ae908ccda7764c042fef82d4ae3d25ba4a515e945b4a94d276707e881a61c430fab4fc3e334810fc81dfccd31bdfeb04bf9dd781bd7e0703755bf73904b80854ffbf9cd94562b598a7a"]}, @TIPC_NLA_NAME_TABLE={0xf0, 0x8, 0x0, 0x1, [@typed={0x8, 0x5, 0x0, 0x0, @ipv4=@broadcast}, @typed={0x8, 0x111, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x3f}}, @nested={0x7e, 0xb5, 0x0, 0x1, [@generic="eab04e90a54175c9e7c46c706d2ecb40104550254e72d5eef7e7ea00b4dc5f9e4ccee81e610606d8d269f57418d782beb43dda2519409a0e378f7e21025aaac4e6088e049fbc157b1049d6d84e2d5edfbf067c0f0e3fbe0fcd0d2a13e14590a114c6e90af3a3652f45a6de804e19469de6513853c148", @nested={0x4, 0x14f}]}, @typed={0x14, 0x125, 0x0, 0x0, @ipv6=@mcast1}, @nested={0x47, 0x64, 0x0, 0x1, [@nested={0x4, 0x4}, @typed={0x6, 0x3f, 0x0, 0x0, @str='{\x00'}, @nested={0x4, 0x14c}, @typed={0x5, 0x137, 0x0, 0x0, @str='\x00'}, @typed={0x8, 0x82, 0x0, 0x0, @ipv4=@loopback}, @generic="d1d71d954d8cd4b1e039e2c125701271eba64f159e3e5c4b2de566f3bb17f3297a8708"]}]}, @TIPC_NLA_BEARER={0x22c, 0x1, 0x0, 0x1, [@generic="9ae255b3523e423db89f7bbe988a5cbfdf8599745148aecd0a944be7c31f151379149289ec46f43acab90c4dd0c625cb765cf1148ba0087b3becc0eeb1f166e53e10ca9074a5fc41acf35a24f39e24e2b740bf4ad341ee7404bb216839d9", @typed={0x8, 0x46, 0x0, 0x0, @fd=r3}, @generic="830678b8f1e57a66d4e715b00006aa990213476b1e1949c36647b7d11c146c664ab903b65a8c0e90381d6413b03756470d14d1c6e1c6382bd44f74599b95c1fabed808456088633550da7111775807c877ed06da023521d84841ca42cb8d568096f512f8d3c06b134be134247916a375736580dd83e6b46ab080214109de203150ac1fd3", @generic="29f62d89bbd5cdbcbd324f5411cdeab0abb7", @generic="92cc6e58c8d87fe43ed2a7403cdf2fb195892a960819d29c125b6058d219fc84ddcfef5e5b35b61ac6287160cb91216965f3fd90e5994516", @generic="a6211d1639f08e60644ac6ae3437ca636615b69774e320d93df12dafd1e3920b1ec947af66747924ed102329ead7e4a4d9d66f07f51c60f8c593914636c7bef3a47ab62ca55215cc93a3f5b6ac9b64bf2743b460fe6e0265a4b90b0173baa79f877a06c49977296ddab87d9b6720409f7cce5ef80ee4eabfe0bbf136c7b453c648c6736f8a46bfc8b0df641bec04fc56f2efac706e6adce0db44fa5e1810a41249abe0cd85ae94fd4d46c836a56c39b7a18d35908db67ab3f16dbc9543758cbaf46ebcc00f67f99f94dac89de0e57ecbe98e7816c04b03b814a7de77bd4189008ca62f9b46a4bf03b19fcac5", @typed={0x8, 0x5e, 0x0, 0x0, @ipv4=@private=0xa010101}]}]}, 0xaa4}, 0x1, 0x0, 0x0, 0x4051}, 0x4480) r4 = socketpair$auto(0x2, 0x4, 0x2, &(0x7f0000000c40)=0x5dc7) r5 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000cc0), r0) sendmsg$auto_KSMBD_EVENT_TREE_CONNECT_REQUEST(r4, &(0x7f0000000d80)={&(0x7f0000000c80), 0xc, &(0x7f0000000d40)={&(0x7f0000000d00)={0x14, r5, 0x200, 0x70bd2a, 0x25dfdbfb, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x24000000) fsconfig$auto_SHMEM_HUGE_DENY(0xffffffffffffffff, 0x0, &(0x7f0000000dc0)='SMBD_GENL\x00', &(0x7f0000000e00)="178e186ba4658bf0028f2b22777472ca7501f6ccd9c20bcedfce37686fc11781e1a39f160656132a58bae24ea1844e0ab9d74a7dac9d4b6edb54155d483476161fa748be94af67a227c5e0383ff1754fcf6c105ce48f9a5d8211c4ae05a7bfc2363f", 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_DEL_KEY(r0, &(0x7f0000000f40)={&(0x7f0000000e80)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000f00)={&(0x7f0000000ec0)={0x24, 0x0, 0x8, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_MDID={0x6, 0xb1, 0xfff7}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, 0x8000}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x8000) getsockopt$auto_SO_PEERCRED(r0, 0x4, 0x11, &(0x7f0000000f80)=',!!\x00', &(0x7f0000000fc0)=0x5) r6 = ioctl$auto_SIOCGIFHWADDR2(r4, 0x8927, &(0x7f0000001000)="f9f8f201d42e6b71e69fd333505b8277855d85fcbf7ad36b9dc47503719aa5ec8fe87bfc3696bb6b6044a5ae502ba96ca72ae09487fe7fae580a2133eae8107315e2573063013cb6499221897e3d6a14f7301fa17b9ccda79c6cf946c09ac625be2e7cc94969d2e7ef8ff6492c3b6003a95a957a3f4dc5148275353d9d32b47b5aec315e31e513e29d17d9fd571d9279bd4d9a828760172493c8baabe6db79c4c8ae3505c73a8fb882ba33d7432cad3030efc676e5cc74") r7 = waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f00000011c0)={@siginfo_0_0={0x5, 0x3, 0x1ff, @_sigsys={&(0x7f00000010c0)="efe294fdff61d853ddf0cf9540f347d4d92042af148e27fb34dc117c922ec98cc34709131a3b8bd754e9a6f4c6fbb28759c9ba45c88ec0ce13297a77a3215e394b673fbd5e6290ec17f3aac5af2981e507825f42dd1b2823616d41d198ca7799858111a084253f640d28e9e5032c5165a3adfa054ffbe3c74bd6d3f55c2933ed3d2749fc00581111f921770523da5d5920ba1d098564f892cd6530b9e701263f2c5ed7f2cf5efcd333dbdfbb5f22a7dd2555fbe87f641b642bff2d2aeadce503a1bdc8664dfd3fbe9f840d642006a1b298410a786466dd958d1432a43ca432566cca5f9e3cfd8763a5726987dbd297a8710d7d2e8c29", 0xc, 0x6bf}}}, 0x4, &(0x7f0000001240)={{0x200, 0x18}, {0x8, 0x13c7}, 0x4, 0xfffffffffffffffd, 0x5, 0xa76, 0x7, 0x10000, 0x6, 0x200, 0x7fff, 0x40, 0x101, 0x5, 0x4, 0x1}) r8 = prctl$auto(0xf, 0x9, r7, 0x0, 0x68ee) sendmsg$auto_NL80211_CMD_DEL_KEY(r6, &(0x7f00000013c0)={&(0x7f0000001300)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001380)={&(0x7f0000001340)={0x24, 0x0, 0x200, 0x70bd27, 0x25dfdbfe, {}, [@NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xe}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x80000000}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000004}, 0x40000) r9 = openat$auto_vsock_device_ops_af_vsock(0xffffffffffffff9c, &(0x7f0000001400), 0x0, 0x0) read$auto_nodes_fops_netdebug(r6, &(0x7f0000001440)=""/134, 0x86) r10 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000001540), r0) sendmsg$auto_TCP_METRICS_CMD_DEL(r8, &(0x7f0000001640)={&(0x7f0000001500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001600)={&(0x7f0000001580)={0x54, r10, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@TCP_METRICS_ATTR_SADDR_IPV6={0x14, 0xc, @mcast1}, @TCP_METRICS_ATTR_SADDR_IPV4={0x8, 0xb, @broadcast}, @TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @broadcast}, @TCP_METRICS_ATTR_ADDR_IPV6={0x14, 0x2, @private2}, @TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @multicast1}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0xc000040) fcntl$auto_F_SETLEASE(r9, 0x400, 0x7fff) open(&(0x7f0000001680)='./file0\x00', 0x200800, 0xf4158254b054205c) msgctl$auto_IPC_RMID(0x1, 0x0, &(0x7f0000001780)={{0x6, 0xee01, 0x0, 0x7, 0x5, 0x1, 0x2d10}, &(0x7f0000001700)=0x9, &(0x7f0000001740)=0x1, 0x40, 0x92a8, 0x9, 0x4, 0x3, 0x2, 0x5, 0x1, @raw=0x2, @raw=0x8}) sendmsg$auto_NL80211_CMD_ABORT_SCAN(r0, &(0x7f0000001a40)={&(0x7f00000016c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001a00)={&(0x7f0000001800)={0x1ec, 0x0, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x4}, @NL80211_ATTR_SCHED_SCAN_MATCH={0x1d0, 0x84, 0x0, 0x1, [@typed={0x8, 0x48, 0x0, 0x0, @u32=0x10}, @nested={0x85, 0x105, 0x0, 0x1, [@nested={0x4, 0xc3}, @generic="3fca098c9777b8c3539730a570ca077272908b5b7ea800ba6ec3e2dbf4a9cb6e624856436fa208b6", @generic="d34a30e473dc3f4ac1b6947e9cd4588ee887c0d51f6d05f3b34f4d803641b9c82cf7244ee08e491a37ef59ff437aba990feb0a9588", @nested={0x4, 0x13b}, @typed={0x8, 0x45, 0x0, 0x0, @ipv4=@multicast2}, @nested={0x4, 0x97}, @nested={0x4, 0x1d}, @nested={0x4, 0xea}, @typed={0x8, 0x75, 0x0, 0x0, @ipv4=@loopback}]}, @typed={0xc, 0x8c, 0x0, 0x0, @u64=0x8be}, @typed={0x8, 0x14, 0x0, 0x0, @uid=r11}, @nested={0x126, 0x58, 0x0, 0x1, [@generic="b8805e49dda42e3bd7c9793b31e1", @nested={0x4, 0xc9}, @typed={0x8, 0xf, 0x0, 0x0, @fd=r2}, @typed={0x8, 0x9d, 0x0, 0x0, @fd=r3}, @typed={0x97, 0x13b, 0x0, 0x0, @binary="2471b20287c1718a1e958dd42143bfa8980619bc59e68f1d07ed33d53a1ed18520079ae5f183550f42a81ad7287a1fccd6c8a673ca881ed9ab8a1568f5f4df9b59a585a318f7a0b4ed976968fd45c3630681f72586f27bd2b23fbf44a8fea0b1f4db274da8c10907f31ef354d9c0c2801704b1cf98101957fcf3445b83eb72d8436286386ece7eab6521d54b29af38dba2c805"}, @nested={0x4, 0x2f}, @typed={0x5, 0xaf, 0x0, 0x0, @str='\x00'}, @nested={0x4, 0x4d}, @generic="d5c0c54549ba801008c67bd3f57a8314f842493c0ac68c5f6b122409272f3dd48eabf59d4a555ccad960d0f6ade62af6ff70b047303c1cf996c8a3437f5032535d1f2d23a22f0d629fe68143bd2a1710", @typed={0x8, 0xa0, 0x0, 0x0, @u32=0x3}]}]}]}, 0x1ec}, 0x1, 0x0, 0x0, 0x4000001}, 0xa800) getsockopt$auto_SO_ACCEPTCONN(r4, 0x7, 0x1e, &(0x7f0000001a80)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', &(0x7f0000001ac0)=0xc819) r12 = socket$nl_generic(0x10, 0x3, 0x10) r13 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001b40), r0) sendmsg$auto_NL80211_CMD_NEW_MPATH(r12, &(0x7f0000001c00)={&(0x7f0000001b00)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000001bc0)={&(0x7f0000001b80)={0x30, r13, 0x10, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_BSS_BASIC_RATES={0x1c, 0x24, "d825ae54a78b8723fba4f5832ddee947da96dd6b0fd61f2d"}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x44004) 2.627534276s ago: executing program 3 (id=4469): read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/quirks\x00', 0x0, 0x0) sendfile$auto(0xffffffffffffffff, r0, 0x0, 0x3) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x20000, 0x0) mseal$auto(0x1ffff000, 0xfffffffffffffff3, 0x0) mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) madvise$auto(0x108000, 0x2, 0xa) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x400, 0x2) r1 = syz_open_procfs$namespace(0x0, 0x0) fchdir$auto(r1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) bpf$auto(0x0, 0x0, 0x92) futex_requeue$auto(&(0x7f0000000040)={0xb, 0x6, 0x2, 0x2000000}, 0x0, 0xf, 0x9) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/neigh/nlmon0/mcast_solicit\x00', 0x189302, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r2, &(0x7f0000001680)="a7", 0xfffffc96) getsockopt$auto_SO_PASSPIDFD(r1, 0x6, 0x4c, &(0x7f0000000100)='SMC_GEN_NETLINK\x00', &(0x7f0000000140)=0x9) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f00000000c0), 0xffffffffffffffff) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) write$auto(r3, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/fail-nth\x00', 0x42000, 0x0) ioprio_set$auto(0x3, 0x0, 0x4b34) 1.331270101s ago: executing program 2 (id=4470): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_hcd.5/usb6/6-0:1.0/usb6-port1/over_current_count\x00', 0x60000, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r1, 0x401c5820, 0x0) truncate$auto(&(0x7f0000000080)='./file0\x00', 0x7fff) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001080)=""/98, 0x62) 1.325475852s ago: executing program 3 (id=4471): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r0, 0x80083314, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) fallocate$auto(r0, 0x1, 0x2, 0x6653) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) 1.237854883s ago: executing program 0 (id=4472): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), r0) sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x34, r1, 0x1, 0x70bd26, 0x65dbdbfb, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x40}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000840}, 0x400c880) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, r0, 0x2ffffffffffd) (async) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{&(0x7f00000003c0), 0x406a37, 0x0, 0x3, 0x0, 0x80, 0x5}, 0xa6}, 0x4, 0xdb22, 0x0) (async) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ipvlan1\x00'}) (async, rerun: 32) r2 = socket(0xa, 0x1, 0x84) (rerun: 32) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) getsockopt$auto(r2, 0x84, 0x1, 0x0, &(0x7f0000000000)=0x9d) (async) unshare$auto(0x40000080) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0xb0401, 0x0) (async) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0) (async, rerun: 64) r3 = getpid() (rerun: 64) ioctl$auto_LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82, r3) (async, rerun: 32) pidfd_open$auto(0x1, 0x0) (async, rerun: 32) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40000, 0x0) (async) r4 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000001b40)='/dev/cuse\x00', 0x1842, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20440, 0x0) pread64$auto(r4, 0x0, 0x5946, 0x7f) (async) r5 = socket(0x2, 0xa, 0x0) sendmmsg$auto(r5, &(0x7f00000000c0)={{&(0x7f0000000000), 0xd1, &(0x7f0000000080)={0x0, 0x5ea}, 0x1, 0x0, 0x1, 0xaf23}, 0x6}, 0x5, 0x1997b23d) 989.121862ms ago: executing program 2 (id=4473): mmap$auto(0x0, 0x40000c, 0xdf, 0x9b72, 0xffffffffffffffff, 0x7ffd) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) (async) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) msgctl$auto_MSG_INFO(0x0, 0xc, &(0x7f0000000180)={{0xfffffffc, 0x0, 0x0, 0x5, 0x5f, 0xcf, 0x5}, &(0x7f0000000100)=0xd, 0x0, 0x7, 0x7, 0x6, 0x3, 0x14cd21ec, 0x3, 0x7, 0x4, @inferred=0xffffffffffffffff}) (async) msgctl$auto_MSG_INFO(0x0, 0xc, &(0x7f0000000180)={{0xfffffffc, 0x0, 0x0, 0x5, 0x5f, 0xcf, 0x5}, &(0x7f0000000100)=0xd, 0x0, 0x7, 0x7, 0x6, 0x3, 0x14cd21ec, 0x3, 0x7, 0x4, @inferred=0xffffffffffffffff}) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x14) socket(0x1d, 0x80000, 0x3fd) (async) socket(0x1d, 0x80000, 0x3fd) socket(0x2, 0x1, 0x0) r0 = socket(0x10, 0x2, 0x0) socket(0x1d, 0x2, 0x7) socket(0xa, 0x2, 0x73) (async) socket(0xa, 0x2, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x106) (async) socket(0xa, 0x801, 0x106) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x53) setsockopt$auto(r0, 0x1, 0xfffffffe, &(0x7f0000000280)='\x98\x00', 0xb559) socket(0x2, 0x1, 0x0) socket(0xa, 0x5, 0x0) (async) socket(0xa, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x14) (async) r1 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r1], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x2}, 0x3, 0x0) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00082dbd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100aaaaaaaaaa35000008000200", @ANYRES32=r2, @ANYBLOB="060006000500dfff08000d"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) 892.698453ms ago: executing program 0 (id=4474): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x1e0a02, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) r1 = socket(0x5, 0x801, 0x9) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="6e0a44d2", @ANYRES64=r1, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRESOCT=r3, @ANYRES64=r2], 0x68}, 0x1, 0x0, 0x0, 0x2004000}, 0x40090) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000003b00), r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000003bc0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010026f7dd46db2ead009500000008000300", @ANYRES32=r6], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x180c0) r7 = eventfd$auto(0xbfd5) r8 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_DEACTIVATE_TARGET(r7, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000280)={&(0x7f00000003c0)={0xfc, r8, 0x8, 0x70bd2c, 0x25dfdbff, {}, [@NFC_ATTR_SE_APDU={0xe0, 0x19, "f98148337f693cdc8a276b50375f31b80510a92244557c737437051db323a716b17b44767e13f69e802c5e2fb192159d6a4a74f6fdc1ac7923604f9758b47c493fe80d42bd2bf8e9dba55a0d5b7735bf4ba465ba0be1d0d06ef97f0f099125f6628620464d7726def1ad3018850d17d56278e25130fec068a8dbde2550b8195e823faf311a7ced71c8e53ab1742c9d87b38c7123de912408aba78c4c1318128ac95ae0e408b1c4f9e7c9e4468e43b0c0a1b81118ddb67f8722913e1f9b62dc9954a969780cb6a1711ca0c99950d0e75b6caad5d7585f556aeb2a2c67"}, @NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0x5}]}, 0xfc}, 0x1, 0x0, 0x0, 0x4000}, 0x8014) sendmsg$auto_NL80211_CMD_GET_STATION(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x60, r5, 0x4, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_BEACON_TAIL={0xc, 0xf, "58fbee7ab9cd098e"}, @NL80211_ATTR_FILS_KEK={0x40, 0xf2, "0edc7bd6f9c19241a93331a4d2e9b21440b12def0c76ed77dd0823717ef4622003631f15e3040464ea56220d10fcf6d69a4c1918b357e7adafd583bd"}]}, 0x60}, 0x1, 0x0, 0x0, 0x8810}, 0x0) 765.028116ms ago: executing program 2 (id=4475): read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r1 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c) bpf$auto(0xbb0e, &(0x7f0000000180)=@bpf_attr_4={0x800, r0, 0x90000, r0}, 0x80000001) shmctl$auto(0x0, 0xd, 0x0) r2 = socket(0x2a, 0x2, 0x0) ioctl$auto(r2, 0x541b, 0x24) mmap$auto(0x0, 0x8c8e, 0x401, 0xffffffffffffffff, 0x7, 0x28000) recvmmsg$auto(0x3, 0x0, 0xfffe, 0x6, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r3 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322d53) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xc0001, 0x0) ioctl$auto(0x3, 0xc0104d03, r4) syz_clone3(&(0x7f00000003c0)={0x383201180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r3}}, 0x58) 663.065536ms ago: executing program 0 (id=4476): socket(0x2, 0x3, 0xa) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7ffffffffffffffb, 0x3) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x8402, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) r0 = openat$auto_show_traces_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/available_tracers\x00', 0x40000, 0x0) read$auto_show_traces_fops_trace(r0, &(0x7f0000000640)=""/188, 0xbc) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0) pidfd_open$auto(0x1, 0x0) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x0, 0x80000001, 0x7, 0x6d39, 0x5, 0x2, 0x1]}, 0x0) ioctl$auto_VHOST_SET_LOG_FD2(r1, 0xaf02, 0x0) r2 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/netdevsim/netdevsim3/hwstats/l3/disable_ifindex\x00', 0x1242, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/module/pcie_aspm/parameters/policy\x00', 0xa001, 0x0) write$auto(r3, &(0x7f00000002c0)='0\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k>\xc8\x1f\xad\xf6\xf0\xef\xe4s\x95\xf2\x00\x97S\xb9O\xac\xbe\xd6\\J<\x02YK\xd6M\xe6\xe7\xa0\xb8\xc3[\x01\xc5\xe8|\xb0\xb0\x80\xbf\xa5?=i\x88UB\x1d\x8e\xd3\xc2\x949\xb6\xfb\x006\x02\x9c\x83\x14\x13\x99\xc7\xb4)M\xed\tN $\xd4\x90^?J\x92\x9a?\xf8b\x03\xd8\xdd\x84\xdf\x92\xf0\xcd\xd8\xba\xab\x15\x80\x9eo,\xc8\xf2\x82\xd2\x88\xbeL\xa0\x1a\xd3\xd5Of\x95\xee\x13e\xeb}o\x9b\x86_\xf0?\f<\xf3t7\xb6\x0f\x93\xc79@\xd8x\x9e\xef!\x006\b\xdbWB\x84\xdd\xac\xdau\x86g\x8f\x02@O7\x0f\xf8\x8d(\x9c\xf2NyD\x7f3\x14\x9eg\x86%)\xd6\b\xcd\x1f\x03\x00:\xa6\x83\'\xf4\xf2\x9dd\xf4z\x89\xc5D\xc4\x02\\\x81\xcf\x02Ep\xf6`\xde*\x1dV', 0x81) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/batadv0/mcast_solicit\x00', 0x52482, 0x0) read$auto(r4, 0x0, 0x1ff) write$auto(r2, 0x0, 0x9) 576.752695ms ago: executing program 4 (id=4477): mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0xffffffffffffffff, 0x8000) r0 = openat$auto_transaction_log_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0) getsockopt$auto_SO_TIMESTAMPNS_OLD(r0, 0x4, 0x23, &(0x7f00000000c0)='&#:\x00', &(0x7f0000000100)=0x9) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_4={0x800000000012, 0x4, 0x80000001}, 0x6f4) mmap$auto(0x0, 0x400008, 0xdf, 0x14, 0x2, 0x8000) r1 = socket(0x2, 0x1, 0x106) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r2 = openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = socket(0xa, 0x801, 0x84) getsockopt$auto(r3, 0x84, 0x71, 0x0, &(0x7f0000000280)=0x22a) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0x1000, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) select$auto(0x8, &(0x7f00000000c0)={[0xeeda, 0x7, 0x6, 0x9, 0x34, 0x1ff, 0x6, 0x4, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8e, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f00000001c0)={0x6, 0xcb}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000240), r3) msgctl$auto_IPC_SET(0x8, 0x1, &(0x7f00000003c0)={{0x80000001, 0x0, 0xee01, 0x6, 0x1, 0x2, 0x10}, &(0x7f0000000340)=0x1e, &(0x7f0000000380)=0x7, 0xfffffffffffffff9, 0x0, 0x9, 0x1, 0x6, 0x5, 0x6, 0x1, @inferred, @raw=0x1}) sendmsg$auto_NL802154_CMD_NEW_SEC_DEVKEY(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000680)={&(0x7f0000000480)={0x1d8, r4, 0x0, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_SEC_OUT_KEY_ID={0x118, 0x2b, 0x0, 0x1, [@typed={0x14, 0x8e, 0x0, 0x0, @ipv6=@mcast2}, @typed={0x8, 0x3, 0x0, 0x0, @fd=r2}, @generic="02883562bcd1cc1fa1a56837357028d3a7c9ec110164032935a7460fc4fe98ef268695ec62f0335645419a4c3931160ab45877694f738d7c844e9d309a11839d8f4d32c7874e92f4576b2cbc0b701c40a88439c9ce45deb6fd95afb5e58cbb963b12e4bc6a23a9", @generic="cb58d8a876bb6cba035879becf69d1ee1ba7ae7fff4ac516533ab4a6e758f36906c56d58c38689e7354024e101f900c09e61b8b47dbefa9b73f5bca59e610518a54c97776e493a", @generic="1ee51f8a07a2c32544ec815419bd01c3621052c861e5febe236f6021880cc647b395d8df7b604f35e2f82f67f7a7a6a3628579967670a797671f43282977babc5ad55188e2a1258533ce"]}, @NL802154_ATTR_SEC_DEVKEY={0xa2, 0x2f, 0x0, 0x1, [@typed={0x8, 0xfb, 0x0, 0x0, @uid=r5}, @generic="457d5eafbf6dd1bc94aeb3139247fbe548b36107f5ae4ce8c6b93a6e04351eb66ab6c488d4f0939ce386b9ada71357b6b990e66fb2672828c966628ced8da59ab39da7bbdd8b1d1765e48abdc7b721e30f5b310bea98042f929dee4b7a5808e8831cf6f375f58d99afcf4f9481d1260df3dc13baa12d2a4c0f2390021c0c7ed331b7ae59e8b76228c245ddc67a69", @typed={0x8, 0xa2, 0x0, 0x0, @ipv4=@loopback}]}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x9}]}, 0x1d8}}, 0x40) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x24008054}, 0x40) sendmsg$auto_TCP_METRICS_CMD_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x8000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) shutdown$auto(0x200000003, 0x2) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) 275.425705ms ago: executing program 3 (id=4478): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0xfffffffffffffffe, 0x5, 0x7fffffff, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(0x0, r0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4144}, 0xc000) mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x10000000008000) r1 = socket$nl_generic(0x10, 0x3, 0x10) prctl$auto_PR_SET_MM_START_STACK(0x20f, 0x5, 0xffffffffffffffff, 0x100, 0x6) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r2 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x3ff, 0x2, 0x7, 0x48, 0x7ff, 0x5, 0x7, 0x4, 0x6, 0xe914, 0x3, 0x5, 0x21, 0xb4, 0xffffffffffffffff, 0x6, 0x10001, 0x80, 0x100000000, 0x800000, 0x7, 0x5, 0x200, 0xfffffffd, 0x84, 0x0, 0x1000006, 0x2, 0x0, 0x0, [0x0, 0x1ff, 0x1, 0xeffffffffffffffe, 0x1000000000, 0x0, 0xfffffffffffffffe, 0x0, 0x3, 0x80000000, 0x8003, 0x4000000, 0x0, 0x0, 0x0, 0x10000000000000, 0x0, 0x0, 0x0, 0x20000000000, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xec4e, 0x0, 0x8000000000000001, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9a]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x24, 0x4008) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000080), r3) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x8001, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) write$auto(0x3, 0x0, 0x5) close_range$auto(0x2, 0xa, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/sub0/status\x00', 0x0, 0x0) mmap$auto(0x4, 0x6, 0x6, 0x17, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/fs/xfs/stats/stats\x00', 0x248040, 0x0) write$auto_console_fops_tty_io(0xffffffffffffffff, &(0x7f0000000000)="c80d1b5d399b5b", 0xfdef) read$auto(r4, 0x0, 0x5) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r1) 0s ago: executing program 0 (id=4479): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) sendmsg$auto_SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x840}, 0x40d0) r2 = open_tree_attr$auto(0xffffffffffffff9c, 0x0, 0x100, 0x0, 0x8) socket(0x2, 0xa, 0xe57a) r3 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00'], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) r4 = socket(0x21, 0x2, 0x2) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/vivid.0/video4linux/video48/uevent\x00', 0x119804, 0x0) r6 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x20282, 0x0) ioctl$auto_UI_DEV_SETUP(r6, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x9, 0x4}, "6a034a07c7b8edb8fc3b39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabed4992f726b0a6c36b0b2fd1678e816201cf562367fe6586824588a2e3d84ba165f00", 0x8}) ioctl$auto_UI_DEV_CREATE(r6, 0x5501, 0x0) ioctl$auto_UI_SET_SNDBIT(r6, 0x4004556a, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000003f00)=""/46, 0x2e) sendmsg$auto_TIPC_NL_NODE_GET(r4, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x68, 0x0, 0x4, 0x70bd27, 0x25dfdbfb, {}, [@TIPC_NLA_NODE={0x52, 0x6, 0x0, 0x1, [@typed={0x8, 0x141, 0x0, 0x0, @uid}, @generic="06a38943cb4a3813ce6fa2de6af9649b50baad4178aabd48160799e0057ee070c8953c70a27bc461afddad4e7cfbb488f939054d81332e8862f24914af9bd6c554c6a12b287c"]}]}, 0x68}, 0x1, 0x0, 0x0, 0x4}, 0x20008804) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) swapon$auto(0x0, 0x8) sendfile$auto(r5, r5, &(0x7f0000000180), 0x6) setsockopt$auto_SO_PRIORITY(r5, 0x1, 0xc, &(0x7f0000000140)='+/$:/\x00', 0x1) shutdown$auto(r2, 0x4) getsockopt$auto_SO_KEEPALIVE(r4, 0xfff, 0x9, &(0x7f0000000040)='!\x00', &(0x7f0000000080)) setsockopt$auto(0x3, 0x1000000110, 0x2, 0xffffffffffffffff, 0x1) r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x42000, 0x0) read$auto_proc_reg_file_ops_compat_inode(r7, &(0x7f0000002100)=""/15, 0xf) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/radio25\x00', 0x182, 0x0) write$auto(r3, &(0x7f0000000000)='-\x00', 0x2fb) kernel console output (not intermixed with test programs): _freelist+0xd0b/0x31a0 [ 1042.848085][T24318] __alloc_frozen_pages_noprof+0x25f/0x2430 [ 1042.860339][T24318] alloc_pages_mpol+0x1fb/0x550 [ 1042.871295][T24318] new_slab+0x2c3/0x430 [ 1042.883202][T24318] ___slab_alloc+0xe18/0x1c90 [ 1042.893251][T24318] __slab_alloc.constprop.0+0x63/0x110 [ 1042.905405][T24318] kmem_cache_alloc_lru_noprof+0x451/0x770 [ 1042.917682][T24318] alloc_inode+0xc3/0x240 [ 1042.929787][T24318] iget_locked+0x1d9/0x6d0 [ 1042.947863][T24318] kernfs_get_inode+0x46/0x470 [ 1042.957928][T24318] kernfs_iop_lookup+0x1a7/0x2d0 [ 1042.968921][T24318] __lookup_slow+0x251/0x460 [ 1042.978970][T24318] lookup_slow+0x50/0x70 [ 1042.991270][T24318] path_lookupat+0x5e9/0xc40 [ 1043.001347][T24318] filename_lookup+0x224/0x5f0 [ 1043.013553][T24318] page last free pid 1 tgid 1 stack trace: [ 1043.026658][T24318] __free_frozen_pages+0x7df/0x1170 [ 1043.039169][T24318] free_contig_range+0x183/0x4a0 [ 1043.050254][T24318] destroy_args+0xb95/0x14e0 [ 1043.060330][T24318] debug_vm_pgtable+0x2220/0x38d0 [ 1043.071008][T24318] do_one_initcall+0x123/0x680 [ 1043.082443][T24318] kernel_init_freeable+0x5c8/0x920 [ 1043.097211][T24318] kernel_init+0x1c/0x2b0 [ 1043.107279][T24318] ret_from_fork+0x983/0xb10 [ 1043.116568][T24318] ret_from_fork_asm+0x1a/0x30 [ 1043.315512][T24339] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1045.144517][T24395] futex_wake_op: syz.0.3662 tries to shift op by -2048; fix this program [ 1045.175561][T24395] futex_wake_op: syz.0.3662 tries to shift op by -2048; fix this program [ 1045.210511][T24395] 0x000000000001-0x000000020000 : "" [ 1045.239046][T24395] ftl_cs: FTL header corrupt! [ 1045.345715][T24396] FAULT_INJECTION: forcing a failure. [ 1045.345715][T24396] name failslab, interval 1, probability 393216, space 0, times 0 [ 1045.425566][T24397] netlink: set zone limit has 8 unknown bytes [ 1045.451524][T24396] CPU: 1 UID: 0 PID: 24396 Comm: syz.1.3663 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1045.451551][T24396] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1045.451557][T24396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1045.451566][T24396] Call Trace: [ 1045.451571][T24396] [ 1045.451578][T24396] dump_stack_lvl+0x16c/0x1f0 [ 1045.451604][T24396] should_fail_ex+0x512/0x640 [ 1045.451621][T24396] ? kmem_cache_alloc_noprof+0x62/0x770 [ 1045.451642][T24396] should_failslab+0xc2/0x120 [ 1045.451664][T24396] kmem_cache_alloc_noprof+0x83/0x770 [ 1045.451681][T24396] ? xfd_validate_state+0x61/0x180 [ 1045.451695][T24396] ? alloc_pid+0xd8/0x13c0 [ 1045.451712][T24396] ? alloc_pid+0xd8/0x13c0 [ 1045.451723][T24396] alloc_pid+0xd8/0x13c0 [ 1045.451742][T24396] copy_process+0x4027/0x7430 [ 1045.451773][T24396] ? __pfx_copy_process+0x10/0x10 [ 1045.451802][T24396] ? _copy_from_user+0x59/0xd0 [ 1045.451827][T24396] kernel_clone+0xfc/0x910 [ 1045.451851][T24396] ? __pfx_kernel_clone+0x10/0x10 [ 1045.451877][T24396] ? __lock_acquire+0x436/0x2890 [ 1045.451895][T24396] __do_sys_clone3+0x212/0x290 [ 1045.451921][T24396] ? __pfx___do_sys_clone3+0x10/0x10 [ 1045.451967][T24396] do_syscall_64+0xcd/0xf80 [ 1045.451990][T24396] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1045.452005][T24396] RIP: 0033:0x7feb5a1c3f09 [ 1045.452018][T24396] Code: ee 08 00 48 8d 3d dc ee 08 00 e8 f2 28 f6 ff 66 90 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7 [ 1045.452033][T24396] RSP: 002b:00007ffe703810f8 EFLAGS: 00000206 ORIG_RAX: 00000000000001b3 [ 1045.452047][T24396] RAX: ffffffffffffffda RBX: 00007feb5a146300 RCX: 00007feb5a1c3f09 [ 1045.452057][T24396] RDX: 00007feb5a146300 RSI: 0000000000000058 RDI: 00007ffe70381140 [ 1045.452067][T24396] RBP: 00007feb5af676c0 R08: 00007feb5af676c0 R09: 00007ffe70381227 [ 1045.452076][T24396] R10: 0000000000000008 R11: 0000000000000206 R12: ffffffffffffffa8 [ 1045.452085][T24396] R13: 000000000000006e R14: 00007ffe70381140 R15: 00007ffe70381228 [ 1045.452104][T24396] [ 1045.895509][T24415] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1046.013623][T24417] Line length is too long: Should be less than 4094 [ 1046.033014][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1046.050860][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1046.359544][T24435] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1046.381830][T24435] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1046.577320][T24442] HfR: entered promiscuous mode [ 1046.623895][T24443] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3670'. [ 1046.637680][T24442] GUP no longer grows the stack in syz.1.3671 (24442): 14000-18000 (4000) [ 1046.687512][T24442] CPU: 1 UID: 0 PID: 24442 Comm: syz.1.3671 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1046.687544][T24442] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1046.687551][T24442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1046.687561][T24442] Call Trace: [ 1046.687567][T24442] [ 1046.687573][T24442] dump_stack_lvl+0x16c/0x1f0 [ 1046.687602][T24442] gup_vma_lookup+0x1d2/0x220 [ 1046.687626][T24442] __get_user_pages+0x241/0x3590 [ 1046.687655][T24442] ? find_held_lock+0x2b/0x80 [ 1046.687676][T24442] ? __pfx___get_user_pages+0x10/0x10 [ 1046.687704][T24442] get_user_pages_remote+0x243/0xab0 [ 1046.687730][T24442] ? __pfx_get_user_pages_remote+0x10/0x10 [ 1046.687753][T24442] ? __pfx___might_resched+0x10/0x10 [ 1046.687774][T24442] ? noop_dirty_folio+0x5e/0xb0 [ 1046.687797][T24442] __access_remote_vm+0x24d/0x850 [ 1046.687823][T24442] ? __pfx___access_remote_vm+0x10/0x10 [ 1046.687849][T24442] mem_rw+0x20e/0x640 [ 1046.687873][T24442] ? __pfx_mem_write+0x10/0x10 [ 1046.687893][T24442] vfs_write+0x2a0/0x11d0 [ 1046.687916][T24442] ? __pfx___mutex_lock+0x10/0x10 [ 1046.687941][T24442] ? __pfx_vfs_write+0x10/0x10 [ 1046.687967][T24442] ? __fget_files+0x20e/0x3c0 [ 1046.687994][T24442] ksys_write+0x12a/0x250 [ 1046.688014][T24442] ? __pfx_ksys_write+0x10/0x10 [ 1046.688042][T24442] do_syscall_64+0xcd/0xf80 [ 1046.688065][T24442] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1046.688081][T24442] RIP: 0033:0x7feb5a18f7c9 [ 1046.688095][T24442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1046.688110][T24442] RSP: 002b:00007feb5afa9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1046.688132][T24442] RAX: ffffffffffffffda RBX: 00007feb5a3e5fa0 RCX: 00007feb5a18f7c9 [ 1046.688143][T24442] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 1046.688153][T24442] RBP: 00007feb5a213f91 R08: 0000000000000000 R09: 0000000000000000 [ 1046.688162][T24442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1046.688172][T24442] R13: 00007feb5a3e6038 R14: 00007feb5a3e5fa0 R15: 00007ffe70381228 [ 1046.688194][T24442] [ 1046.992899][T24450] bridge_slave_1: left allmulticast mode [ 1046.999038][T24450] bridge_slave_1: left promiscuous mode [ 1047.005547][T24450] bridge0: port 2(bridge_slave_1) entered disabled state [ 1047.116213][T24443] zswap: compressor not available [ 1047.574523][T24475] netlink: 'syz.2.3678': attribute type 64 has an invalid length. [ 1047.601745][T24475] netlink: 74 bytes leftover after parsing attributes in process `syz.2.3678'. [ 1048.033066][T24457] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1048.052507][T24457] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1048.082494][T24457] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1048.101137][T24457] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1048.130314][T24457] CPU0 is offline. [ 1048.149157][T24459] random: crng reseeded on system resumption [ 1048.481165][T24514] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3686'. [ 1048.512692][T24514] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3686'. [ 1048.981509][T24527] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input47 [ 1049.302498][ T5828] Bluetooth: hci4: command 0x0406 tx timeout [ 1050.095192][T21975] Bluetooth: hci1: command 0x0406 tx timeout [ 1050.101236][ T5828] Bluetooth: hci5: command 0x0406 tx timeout [ 1050.107351][T21975] Bluetooth: hci3: command 0x0406 tx timeout [ 1050.842277][T24594] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3706'. [ 1050.970868][T24597] ALSA: mixer_oss: invalid OSS volume '0' [ 1051.020432][T24597] ALSA: mixer_oss: invalid OSS volume 'PHONET' [ 1051.026607][T24597] ALSA: mixer_oss: invalid OSS volume 'L2TP/IPv6' [ 1051.120473][T24604] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1051.504970][T24615] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3711'. [ 1052.443706][T24657] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1052.932586][T24668] Invalid ELF header magic: != ELF [ 1054.162237][T24698] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1054.346400][T24678] FAULT_INJECTION: forcing a failure. [ 1054.346400][T24678] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1054.425282][T24678] CPU: 1 UID: 0 PID: 24678 Comm: syz.0.3726 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1054.425309][T24678] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1054.425314][T24678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1054.425323][T24678] Call Trace: [ 1054.425328][T24678] [ 1054.425335][T24678] dump_stack_lvl+0x16c/0x1f0 [ 1054.425361][T24678] should_fail_ex+0x512/0x640 [ 1054.425382][T24678] get_futex_key+0x293/0x15f0 [ 1054.425400][T24678] ? __pfx_get_futex_key+0x10/0x10 [ 1054.425432][T24678] futex_wake+0xea/0x530 [ 1054.425454][T24678] ? __pfx_futex_wake+0x10/0x10 [ 1054.425482][T24678] do_futex+0x1e3/0x350 [ 1054.425499][T24678] ? __pfx_do_futex+0x10/0x10 [ 1054.425514][T24678] ? __might_fault+0xe3/0x190 [ 1054.425536][T24678] mm_release+0x24e/0x300 [ 1054.425556][T24678] do_exit+0x69e/0x2bd0 [ 1054.425574][T24678] ? __pfx_do_exit+0x10/0x10 [ 1054.425588][T24678] ? do_raw_spin_lock+0x12c/0x2b0 [ 1054.425604][T24678] ? find_held_lock+0x2b/0x80 [ 1054.425626][T24678] do_group_exit+0xd3/0x2a0 [ 1054.425641][T24678] get_signal+0x2671/0x26d0 [ 1054.425668][T24678] ? __pfx_get_signal+0x10/0x10 [ 1054.425689][T24678] ? do_futex+0x122/0x350 [ 1054.425706][T24678] arch_do_signal_or_restart+0x8f/0x7a0 [ 1054.425727][T24678] ? getname_flags.part.0+0x24c/0x550 [ 1054.425744][T24678] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1054.425771][T24678] ? __pfx___x64_sys_futex+0x10/0x10 [ 1054.425791][T24678] exit_to_user_mode_loop+0x8c/0x540 [ 1054.425811][T24678] do_syscall_64+0x4ee/0xf80 [ 1054.425835][T24678] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1054.425850][T24678] RIP: 0033:0x7f8d91f8f7c9 [ 1054.425863][T24678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1054.425877][T24678] RSP: 002b:00007f8d92e500e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1054.425892][T24678] RAX: fffffffffffffe00 RBX: 00007f8d921e5fa8 RCX: 00007f8d91f8f7c9 [ 1054.425901][T24678] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f8d921e5fa8 [ 1054.425910][T24678] RBP: 00007f8d921e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1054.425919][T24678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1054.425928][T24678] R13: 00007f8d921e6038 R14: 00007ffd2343eca0 R15: 00007ffd2343ed88 [ 1054.425947][T24678] [ 1055.881181][T24735] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1056.453155][T24752] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3745'. [ 1056.502310][T24753] netlink: 354 bytes leftover after parsing attributes in process `syz.2.3745'. [ 1057.706700][T24779] zswap: compressor not available [ 1057.984855][T24784] __vm_enough_memory: pid: 24784, comm: syz.1.3754, bytes: 4398046511104 not enough memory for the allocation [ 1058.069668][T24793] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1058.101894][T24793] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1058.413419][T24811] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3762'. [ 1058.856737][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1058.863721][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1058.997979][T24829] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1059.698375][T24846] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3769'. [ 1060.034322][T24854] netlink: 756 bytes leftover after parsing attributes in process `syz.2.3773'. [ 1060.394313][T24867] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1061.528062][T24890] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1061.713530][T24892] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1062.442100][T24905] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1064.120755][T24944] FAULT_INJECTION: forcing a failure. [ 1064.120755][T24944] name failslab, interval 1, probability 393216, space 0, times 0 [ 1064.228248][T24945] nfs: Unknown parameter 'w¾Ã`_' [ 1064.292977][T24944] CPU: 1 UID: 0 PID: 24944 Comm: syz.0.3793 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1064.293006][T24944] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1064.293012][T24944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1064.293022][T24944] Call Trace: [ 1064.293028][T24944] [ 1064.293034][T24944] dump_stack_lvl+0x16c/0x1f0 [ 1064.293062][T24944] should_fail_ex+0x512/0x640 [ 1064.293079][T24944] ? __kmalloc_node_track_caller_noprof+0xcb/0x930 [ 1064.293104][T24944] should_failslab+0xc2/0x120 [ 1064.293128][T24944] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 1064.293150][T24944] ? kstrdup_const+0x63/0x80 [ 1064.293171][T24944] ? kstrdup+0x53/0x100 [ 1064.293186][T24944] kstrdup+0x53/0x100 [ 1064.293204][T24944] kstrdup_const+0x63/0x80 [ 1064.293221][T24944] __kernfs_new_node+0x9b/0x990 [ 1064.293238][T24944] ? do_filp_open+0x20b/0x470 [ 1064.293259][T24944] ? do_sys_openat2+0x121/0x290 [ 1064.293275][T24944] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1064.293291][T24944] ? __pfx___kernfs_new_node+0x10/0x10 [ 1064.293313][T24944] ? find_held_lock+0x2b/0x80 [ 1064.293333][T24944] ? kernfs_root+0xee/0x2a0 [ 1064.293354][T24944] kernfs_new_node+0x13c/0x1e0 [ 1064.293378][T24944] kernfs_create_dir_ns+0x4c/0x1a0 [ 1064.293400][T24944] sysfs_create_dir_ns+0x13a/0x2b0 [ 1064.293418][T24944] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1064.293433][T24944] ? find_held_lock+0x2b/0x80 [ 1064.293455][T24944] ? do_raw_spin_unlock+0x172/0x230 [ 1064.293483][T24944] kobject_add_internal+0x2c4/0x9d0 [ 1064.293498][T24944] ? kmemdup_noprof+0x51/0x60 [ 1064.293519][T24944] kobject_init_and_add+0x11b/0x190 [ 1064.293536][T24944] ? __pfx_kobject_init_and_add+0x10/0x10 [ 1064.293556][T24944] ? up_write+0x282/0x4e0 [ 1064.293577][T24944] sysfs_slab_add+0x194/0x1f0 [ 1064.293598][T24944] do_kmem_cache_create+0x5c1/0x740 [ 1064.293624][T24944] __kmem_cache_create_args+0x1fc/0x3b0 [ 1064.293643][T24944] mon_text_open+0x333/0x510 [ 1064.293663][T24944] ? __pfx_mon_text_open+0x10/0x10 [ 1064.293685][T24944] ? __pfx_mon_text_ctor+0x10/0x10 [ 1064.293705][T24944] ? __pfx_apparmor_file_open+0x10/0x10 [ 1064.293720][T24944] ? lockdown_is_locked_down+0x3f/0x130 [ 1064.293742][T24944] ? bpf_lsm_locked_down+0x9/0x10 [ 1064.293765][T24944] ? __pfx_mon_text_open+0x10/0x10 [ 1064.293783][T24944] full_proxy_open_regular+0x1b9/0x350 [ 1064.293808][T24944] do_dentry_open+0x748/0x1590 [ 1064.293829][T24944] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 1064.293860][T24944] vfs_open+0x82/0x3f0 [ 1064.293878][T24944] path_openat+0x2078/0x3140 [ 1064.293907][T24944] ? __pfx_path_openat+0x10/0x10 [ 1064.293936][T24944] do_filp_open+0x20b/0x470 [ 1064.293959][T24944] ? __pfx_do_filp_open+0x10/0x10 [ 1064.293995][T24944] ? alloc_fd+0x471/0x7d0 [ 1064.294026][T24944] do_sys_openat2+0x121/0x290 [ 1064.294043][T24944] ? __pfx_do_sys_openat2+0x10/0x10 [ 1064.294067][T24944] __x64_sys_openat+0x174/0x210 [ 1064.294083][T24944] ? __pfx___x64_sys_openat+0x10/0x10 [ 1064.294109][T24944] do_syscall_64+0xcd/0xf80 [ 1064.294133][T24944] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1064.294149][T24944] RIP: 0033:0x7f8d91f8f7c9 [ 1064.294163][T24944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1064.294177][T24944] RSP: 002b:00007f8d92e50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1064.294192][T24944] RAX: ffffffffffffffda RBX: 00007f8d921e5fa0 RCX: 00007f8d91f8f7c9 [ 1064.294202][T24944] RDX: 0000000000020443 RSI: 0000200000001140 RDI: ffffffffffffff9c [ 1064.294212][T24944] RBP: 00007f8d92013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1064.294221][T24944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1064.294230][T24944] R13: 00007f8d921e6038 R14: 00007f8d921e5fa0 R15: 00007ffd2343ed88 [ 1064.294250][T24944] [ 1064.668554][T24944] kobject: kobject_add_internal failed for mon_text_ffff88813ff57c00 (error: -12 parent: slab) [ 1064.679957][T24944] SLUB: Unable to add cache mon_text_ffff88813ff57c00 to sysfs [ 1065.347937][T24957] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1066.255412][T24988] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3803'. [ 1066.278846][T24988] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3803'. [ 1066.426121][T24993] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1068.007867][T25029] binder: 25028:25029 ioctl c018620c 0 returned -1 [ 1068.042177][T25029] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3812'. [ 1068.383158][T25041] Invalid ELF header magic: != ELF [ 1068.400661][T25043] Invalid ELF header magic: != ELF [ 1068.872883][T25051] netlink: 'syz.1.3816': attribute type 21 has an invalid length. [ 1068.908582][T25051] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3816'. [ 1069.191621][T25056] sysfs_service_op_show: Client not running :-5: [ 1070.340214][T25073] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1070.635973][T25078] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3825'. [ 1071.016388][T25094] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3831'. [ 1071.159893][T25094] team0: Port device team_slave_1 removed [ 1071.230493][T25099] zswap: compressor not available [ 1071.481805][T25106] kernel read not supported for file /¾ò‚çgµîMQ¢_g¿ úò_N°{ùµ7vîGÙl¿†q w–Ùé¨áðÇÄĉuƒè}½O‘ÁUVW.¶­uw.ì`OÁç:ÉKÍdY•Ñ®Á›–ŸajÒüü7¯ÊnöÀwKÎçQ®ÉHgïÚ[壣%'Ï–X:DktÞ€ÝX‘ˆ¡ Ãñþ[“$O8 b´’ô¼Å¹˜9üFìÜ@ÝÚeMàUÈ;õç$Q8Ò‡ÝÅÅèµµ¸ßDÐètŠSª¾ªºž^0øYõJpuº˜ (pid: 25106 comm: syz.1.3833) [ 1071.613458][ T30] audit: type=1800 audit(4295028886.460:35): pid=25106 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3833" name=BEF282E71467B5EE4D5113A25F67BF09FAF25F4EB07BF9B53776EE47D96CBF8671207796D9E9A8E1F0C71F1EC4C4897583E87DBD7F4F91C15556572EB6AD047502772EEC604FC10E15E73AC91B4BCD64590395D1AEC19B969F616AD2FCFC1F37AFCA6EF6C0774BCEE751AEC9486701EFDA5BE5A3A325278FCF96583A04446B747FDE8001DD589188A109C3F1FE5B93244F382062B492F4BCC5B99839FC46ECDC40DDDA654DE055C83BF5E7245138D287DDC59DC5E8B5B5B8DF44D0E8748A53AABEAABA9E5E301AF859F54A700875BA98 dev="mqueue" ino=294202 res=0 errno=0 [ 1071.785811][T25117] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1071.968406][T25125] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1072.235986][T25134] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3841'. [ 1072.274030][T25134] netlink: 25 bytes leftover after parsing attributes in process `syz.3.3841'. [ 1073.163804][T25162] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1073.480322][T25168] program syz.3.3847 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1073.788072][T25174] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1075.619334][ T5839] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5 [ 1077.609957][T25251] cgroup: fork rejected by pids controller in /syz0 [ 1078.480296][T25294] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3868'. [ 1079.694308][T25326] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1080.492619][T25346] zram0: detected capacity change from 0 to 8 [ 1081.174993][T25359] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1081.960029][T25374] bridge0: port 3(veth1_macvtap) entered blocking state [ 1082.000405][T25374] bridge0: port 3(veth1_macvtap) entered disabled state [ 1082.051051][T25374] veth1_macvtap: entered allmulticast mode [ 1082.058123][T25374] veth1_macvtap: left allmulticast mode [ 1082.359823][T24576] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1082.381404][T24576] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1082.389752][T24576] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1082.398521][T24576] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1082.405902][T24576] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1082.617149][T25391] netlink: 266 bytes leftover after parsing attributes in process `syz.0.3890'. [ 1082.705396][T25391] IPv6: NLM_F_CREATE should be specified when creating new route [ 1083.574182][T25385] chnl_net:caif_netlink_parms(): no params data found [ 1083.856597][T25431] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1084.085216][T25385] bridge0: port 1(bridge_slave_0) entered blocking state [ 1084.134080][T25385] bridge0: port 1(bridge_slave_0) entered disabled state [ 1084.172136][T25385] bridge_slave_0: entered allmulticast mode [ 1084.209789][T25385] bridge_slave_0: entered promiscuous mode [ 1084.264322][T25385] bridge0: port 2(bridge_slave_1) entered blocking state [ 1084.320250][T25385] bridge0: port 2(bridge_slave_1) entered disabled state [ 1084.384019][T25385] bridge_slave_1: entered allmulticast mode [ 1084.414756][T25385] bridge_slave_1: entered promiscuous mode [ 1084.479423][T24576] Bluetooth: hci0: command tx timeout [ 1084.595753][T25385] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1084.641892][T25385] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1084.767290][T25385] team0: Port device team_slave_0 added [ 1084.821843][T25385] team0: Port device team_slave_1 added [ 1084.973010][T25385] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1085.000216][T25385] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1085.099201][T25385] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1085.255360][T25462] zswap: compressor not available [ 1085.314427][T25385] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1085.338583][T25385] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1085.438541][T25385] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1085.584400][T25385] hsr_slave_0: entered promiscuous mode [ 1085.597656][T25385] hsr_slave_1: entered promiscuous mode [ 1085.612838][T25385] debugfs: 'hsr0' already exists in 'hsr' [ 1085.625863][T25385] Cannot create hsr debugfs directory [ 1086.061469][T25474] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3901'. [ 1086.537350][T25385] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1086.546437][T24576] Bluetooth: hci0: command tx timeout [ 1086.627454][T25385] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1086.700729][T25385] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1086.781546][T25385] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1087.081751][T25385] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1087.089019][T25486] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1087.114906][T25486] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1087.148793][T25486] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1087.161085][T25385] 8021q: adding VLAN 0 to HW filter on device team0 [ 1087.179525][T25486] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1087.205048][T24379] bridge0: port 1(bridge_slave_0) entered blocking state [ 1087.212192][T24379] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1087.228503][T25486] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1087.270066][T25486] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1087.296393][T24379] bridge0: port 2(bridge_slave_1) entered blocking state [ 1087.303537][T24379] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1087.346561][T25486] CPU0 is offline. [ 1087.474098][T25509] input: f¬ as /devices/virtual/input/input48 [ 1087.631258][T25516] zram0: detected capacity change from 8 to 0 [ 1087.888096][T25516] zram: Removed device: zram0 [ 1088.133566][T25385] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1088.633941][T25555] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1088.774036][T24576] Bluetooth: hci4: command 0x0406 tx timeout [ 1089.130526][T25385] veth0_vlan: entered promiscuous mode [ 1089.171931][ T5828] Bluetooth: hci1: command 0x0406 tx timeout [ 1089.179333][ T5839] Bluetooth: hci5: command 0x0406 tx timeout [ 1089.185716][T24576] Bluetooth: hci0: command 0x0419 tx timeout [ 1089.531756][T25385] veth1_vlan: entered promiscuous mode [ 1089.662314][T25385] veth0_macvtap: entered promiscuous mode [ 1089.705017][T25385] veth1_macvtap: entered promiscuous mode [ 1089.828343][T25385] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1089.870226][T25385] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1089.910640][T25578] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1089.939644][T15782] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1089.981025][T15782] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1090.035950][T15782] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1090.089150][T15782] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1090.444333][T15782] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1090.480805][T15782] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1090.570016][T12402] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1090.715240][T12402] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1091.240800][T24576] Bluetooth: hci0: command 0x0419 tx timeout [ 1091.440518][T25598] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1091.842572][T25609] binder: 25602:25609 ioctl 40046f41 0 returned -22 [ 1091.899387][T25611] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input49 [ 1093.310374][T24576] Bluetooth: hci0: command 0x0419 tx timeout [ 1093.745248][T25637] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1095.016834][T25689] zswap: compressor û not available [ 1095.381340][ T5839] Bluetooth: hci0: command 0x0419 tx timeout [ 1095.771686][T25707] Process accounting resumed [ 1096.175327][T24576] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1096.843012][T25775] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1097.339128][T25783] netlink: 246 bytes leftover after parsing attributes in process `syz.2.3950'. [ 1097.741796][T25799] netlink: 'syz.4.3955': attribute type 22 has an invalid length. [ 1097.795655][T25799] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3955'. [ 1098.043944][T25808] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1098.200427][T25814] input: jJǸ-¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input50 [ 1098.267668][T25814] device-mapper: ioctl: Invalid ioctl structure: name §, dev 400008000010006 [ 1098.323331][T25817] netlink: 186 bytes leftover after parsing attributes in process `syz.2.3960'. [ 1098.813426][T24576] Bluetooth: hci4: Unable to find connection for big 0xd2 [ 1099.008501][T25845] ubi0: attaching mtd0 [ 1099.024553][T25845] ubi0: scanning is finished [ 1099.053628][T25845] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1099.403865][T25845] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1100.403851][T25874] zswap: compressor û not available [ 1100.944164][T25900] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1101.007089][T25900] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1101.797154][T25921] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1102.273971][T25938] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 1104.124733][T25984] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1104.974500][T26015] FAULT_INJECTION: forcing a failure. [ 1104.974500][T26015] name failslab, interval 1, probability 393216, space 0, times 0 [ 1105.071914][T26015] CPU: 1 UID: 0 PID: 26015 Comm: syz.3.3995 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1105.071941][T26015] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1105.071947][T26015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1105.071956][T26015] Call Trace: [ 1105.071961][T26015] [ 1105.071967][T26015] dump_stack_lvl+0x16c/0x1f0 [ 1105.071994][T26015] should_fail_ex+0x512/0x640 [ 1105.072021][T26015] ? kmem_cache_alloc_noprof+0x62/0x770 [ 1105.072041][T26015] should_failslab+0xc2/0x120 [ 1105.072064][T26015] kmem_cache_alloc_noprof+0x83/0x770 [ 1105.072082][T26015] ? alloc_empty_file+0x55/0x1e0 [ 1105.072101][T26015] ? alloc_empty_file+0x55/0x1e0 [ 1105.072115][T26015] alloc_empty_file+0x55/0x1e0 [ 1105.072131][T26015] alloc_file_pseudo+0x13a/0x230 [ 1105.072147][T26015] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1105.072164][T26015] ? alloc_fd+0x471/0x7d0 [ 1105.072188][T26015] sock_alloc_file+0x50/0x210 [ 1105.072210][T26015] __sys_socket+0x1c0/0x260 [ 1105.072224][T26015] ? __pfx___sys_socket+0x10/0x10 [ 1105.072238][T26015] ? syscall_user_dispatch+0x78/0x140 [ 1105.072265][T26015] __x64_sys_socket+0x72/0xb0 [ 1105.072279][T26015] do_syscall_64+0xcd/0xf80 [ 1105.072310][T26015] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1105.072325][T26015] RIP: 0033:0x7f555ab916e7 [ 1105.072338][T26015] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1105.072353][T26015] RSP: 002b:00007f555b98afa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 1105.072367][T26015] RAX: ffffffffffffffda RBX: 00007f555ade5fa0 RCX: 00007f555ab916e7 [ 1105.072377][T26015] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 1105.072386][T26015] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 1105.072395][T26015] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000 [ 1105.072404][T26015] R13: 00007f555ade6038 R14: 00007f555ade5fa0 R15: 00007ffd059eebe8 [ 1105.072423][T26015] [ 1106.307676][T26047] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1106.751083][T26059] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1106.771620][T26061] netlink: 334 bytes leftover after parsing attributes in process `syz.3.4007'. [ 1106.977261][T26066] netlink: 186 bytes leftover after parsing attributes in process `syz.2.4008'. [ 1108.141131][T26053] binder: 26051:26053 ioctl c018620c 0 returned -22 [ 1108.338549][T26086] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1109.502954][T26131] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1110.728774][T26173] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4035'. [ 1111.064807][T26186] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1111.119256][T26188] Invalid ELF header magic: != ELF [ 1111.881356][T26215] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4040'. [ 1112.063710][T26215] ipvlan0: entered promiscuous mode [ 1112.120734][T26215] ipvlan0: entered allmulticast mode [ 1112.200462][T26215] veth0_vlan: entered allmulticast mode [ 1112.615155][T26229] futex_wake_op: syz.4.4046 tries to shift op by -2048; fix this program [ 1112.630299][T26231] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1112.660823][T26229] futex_wake_op: syz.4.4046 tries to shift op by -2048; fix this program [ 1112.699911][T26229] ubi1: attaching mtd0 [ 1112.742272][T26229] ubi1: scanning is finished [ 1112.787404][T26239] netlink: 29 bytes leftover after parsing attributes in process `syz.2.4048'. [ 1112.801309][T26229] ubi1 error: ubi_read_volume_table: the layout volume was not found [ 1113.079457][T26229] ubi1 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1113.126236][T26241] zswap: compressor 000 not available [ 1114.210577][T26278] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1115.467918][ T36] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1115.627564][ T36] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1115.772062][ T36] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1115.940289][ T36] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1116.494932][T26320] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4064'. [ 1117.000935][ T36] bridge_slave_1: left allmulticast mode [ 1117.041067][ T36] bridge_slave_1: left promiscuous mode [ 1117.076937][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 1117.177724][ T36] bridge_slave_0: left allmulticast mode [ 1117.210428][ T36] bridge_slave_0: left promiscuous mode [ 1117.244679][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 1118.676966][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1118.697470][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1118.711952][ T36] bond0 (unregistering): Released all slaves [ 1118.829122][ T36] HfR: left promiscuous mode [ 1119.759357][T26381] zero sized request [ 1119.982488][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1119.988781][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1120.067475][T26383] FAULT_INJECTION: forcing a failure. [ 1120.067475][T26383] name failslab, interval 1, probability 393216, space 0, times 0 [ 1120.130207][T26383] CPU: 1 UID: 0 PID: 26383 Comm: syz.4.4074 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1120.130236][T26383] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1120.130242][T26383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1120.130253][T26383] Call Trace: [ 1120.130259][T26383] [ 1120.130265][T26383] dump_stack_lvl+0x16c/0x1f0 [ 1120.130293][T26383] should_fail_ex+0x512/0x640 [ 1120.130310][T26383] ? __kmalloc_noprof+0xca/0x910 [ 1120.130328][T26383] should_failslab+0xc2/0x120 [ 1120.130352][T26383] __kmalloc_noprof+0xeb/0x910 [ 1120.130368][T26383] ? kobject_get_path+0xd2/0x2d0 [ 1120.130394][T26383] ? kobject_get_path+0xd2/0x2d0 [ 1120.130419][T26383] kobject_get_path+0xd2/0x2d0 [ 1120.130445][T26383] kobject_uevent_env+0x289/0x1920 [ 1120.130461][T26383] ? up_write+0x1f0/0x4e0 [ 1120.130480][T26383] ? kernfs_remove_by_name_ns+0x9f/0x100 [ 1120.130504][T26383] __kobject_del+0x168/0x220 [ 1120.130519][T26383] kobject_put+0x34d/0x6f0 [ 1120.130534][T26383] net_rx_queue_update_kobjects+0x54d/0x770 [ 1120.130565][T26383] netdev_unregister_kobject+0x154/0x540 [ 1120.130587][T26383] ? rtmsg_ifinfo_send+0xcf/0x110 [ 1120.130611][T26383] unregister_netdevice_many_notify+0x151e/0x2590 [ 1120.130640][T26383] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 1120.130672][T26383] unregister_netdevice_queue+0x305/0x3c0 [ 1120.130694][T26383] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 1120.130717][T26383] ? __pfx_locks_remove_file+0x10/0x10 [ 1120.130742][T26383] ? __pfx_ppp_release+0x10/0x10 [ 1120.130763][T26383] ppp_release+0x209/0x230 [ 1120.130784][T26383] __fput+0x402/0xb70 [ 1120.130804][T26383] task_work_run+0x150/0x240 [ 1120.130822][T26383] ? __pfx_task_work_run+0x10/0x10 [ 1120.130836][T26383] ? __do_sys_close_range+0x278/0x730 [ 1120.130864][T26383] exit_to_user_mode_loop+0xfb/0x540 [ 1120.130885][T26383] do_syscall_64+0x4ee/0xf80 [ 1120.130909][T26383] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1120.130925][T26383] RIP: 0033:0x7f14d318f7c9 [ 1120.130938][T26383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1120.130953][T26383] RSP: 002b:00007f14d40bf038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1120.130968][T26383] RAX: 0000000000000000 RBX: 00007f14d33e5fa0 RCX: 00007f14d318f7c9 [ 1120.130978][T26383] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1120.130987][T26383] RBP: 00007f14d3213f91 R08: 0000000000000000 R09: 0000000000000000 [ 1120.130996][T26383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1120.131005][T26383] R13: 00007f14d33e6038 R14: 00007f14d33e5fa0 R15: 00007ffeb7b57ce8 [ 1120.131024][T26383] [ 1120.949932][T26408] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1121.348611][ T36] hsr_slave_0: left promiscuous mode [ 1121.411709][ T36] hsr_slave_1: left promiscuous mode [ 1121.465438][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1121.477065][T26423] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4080'. [ 1121.566183][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1121.650480][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1121.714389][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1121.837252][ T36] veth1_macvtap: left promiscuous mode [ 1121.863795][ T36] veth0_macvtap: left promiscuous mode [ 1121.888996][ T36] veth1_vlan: left promiscuous mode [ 1121.908112][ T36] veth0_vlan: left promiscuous mode [ 1123.414098][ T36] team0 (unregistering): Port device team_slave_1 removed [ 1123.458473][ T36] team0 (unregistering): Port device team_slave_0 removed [ 1124.220672][T26458] futex_wake_op: syz.4.4087 tries to shift op by -2048; fix this program [ 1124.291347][T26458] futex_wake_op: syz.4.4087 tries to shift op by -2048; fix this program [ 1124.371898][T26458] 0x000000000001-0x000000020000 : "" [ 1124.415154][T26458] ftl_cs: FTL header corrupt! [ 1125.310843][T26496] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4093'. [ 1125.793104][T26514] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1125.960786][T26458] Process accounting paused [ 1126.197891][T26531] Invalid input. Must be >= 4608 [ 1128.432719][T26589] netlink: 'syz.2.4110': attribute type 1 has an invalid length. [ 1128.509353][T26589] netlink: 'syz.2.4110': attribute type 1 has an invalid length. [ 1128.666575][T26589] netlink: 124 bytes leftover after parsing attributes in process `syz.2.4110'. [ 1128.791334][T26589] netlink: 100 bytes leftover after parsing attributes in process `syz.2.4110'. [ 1128.998742][T26601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1129.110615][ T5918] Process accounting resumed [ 1129.148679][T26602] FAULT_INJECTION: forcing a failure. [ 1129.148679][T26602] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1129.324261][T26602] CPU: 1 UID: 0 PID: 26602 Comm: syz.4.4112 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1129.324291][T26602] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1129.324297][T26602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1129.324306][T26602] Call Trace: [ 1129.324312][T26602] [ 1129.324319][T26602] dump_stack_lvl+0x16c/0x1f0 [ 1129.324346][T26602] should_fail_ex+0x512/0x640 [ 1129.324366][T26602] get_futex_key+0x1d0/0x15f0 [ 1129.324385][T26602] ? __pfx_get_futex_key+0x10/0x10 [ 1129.324400][T26602] ? rcu_is_watching+0x12/0xc0 [ 1129.324421][T26602] ? kfree+0x27d/0x6e0 [ 1129.324436][T26602] ? process_vm_rw+0x22b/0x2c0 [ 1129.324459][T26602] futex_wake+0xea/0x530 [ 1129.324481][T26602] ? __pfx_futex_wake+0x10/0x10 [ 1129.324504][T26602] ? ksys_write+0x190/0x250 [ 1129.324529][T26602] do_futex+0x1e3/0x350 [ 1129.324546][T26602] ? __pfx_do_futex+0x10/0x10 [ 1129.324562][T26602] ? find_held_lock+0x2b/0x80 [ 1129.324580][T26602] ? __might_fault+0xe3/0x190 [ 1129.324600][T26602] __x64_sys_futex+0x1e0/0x4c0 [ 1129.324619][T26602] ? __pfx___x64_sys_futex+0x10/0x10 [ 1129.324636][T26602] ? xfd_validate_state+0x61/0x180 [ 1129.324649][T26602] ? __task_pid_nr_ns+0x1f5/0x500 [ 1129.324669][T26602] do_syscall_64+0xcd/0xf80 [ 1129.324692][T26602] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1129.324707][T26602] RIP: 0033:0x7f14d318f7c9 [ 1129.324720][T26602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1129.324735][T26602] RSP: 002b:00007f14d409e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1129.324750][T26602] RAX: ffffffffffffffda RBX: 00007f14d33e6098 RCX: 00007f14d318f7c9 [ 1129.324760][T26602] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f14d33e609c [ 1129.324769][T26602] RBP: 00007f14d33e6090 R08: 00007f14d40c0000 R09: 0000000000000000 [ 1129.324779][T26602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1129.324787][T26602] R13: 00007f14d33e6128 R14: 00007ffeb7b57c00 R15: 00007ffeb7b57ce8 [ 1129.324807][T26602] [ 1129.985983][T26615] netlink: 25 bytes leftover after parsing attributes in process `syz.3.4115'. [ 1130.105494][T26613] zswap: compressor not available [ 1131.166538][T26638] zswap: compressor 000 not available [ 1131.937977][T26659] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1132.081894][T26664] netlink: 62 bytes leftover after parsing attributes in process `syz.0.4125'. [ 1133.023754][T24576] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1133.064722][T26686] tipc: Started in network mode [ 1133.114036][T26686] tipc: Node identity ffffffff, cluster identity 4711 [ 1133.180203][T26686] tipc: Node number set to 4294967295 [ 1133.514428][T26716] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1134.439128][T26739] block nbd2: not configured, cannot reconfigure [ 1135.225149][T26761] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1135.622339][T26776] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1135.642160][T26774] sp0: Synchronizing with TNC [ 1135.693809][T26776] FAULT_INJECTION: forcing a failure. [ 1135.693809][T26776] name failslab, interval 1, probability 393216, space 0, times 0 [ 1135.782943][T26776] CPU: 1 UID: 0 PID: 26776 Comm: syz.0.4147 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1135.782971][T26776] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1135.782977][T26776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1135.782986][T26776] Call Trace: [ 1135.782992][T26776] [ 1135.782999][T26776] dump_stack_lvl+0x16c/0x1f0 [ 1135.783025][T26776] should_fail_ex+0x512/0x640 [ 1135.783042][T26776] ? kmem_cache_alloc_noprof+0x62/0x770 [ 1135.783063][T26776] should_failslab+0xc2/0x120 [ 1135.783087][T26776] kmem_cache_alloc_noprof+0x83/0x770 [ 1135.783105][T26776] ? stack_depot_save_flags+0x29/0x9b0 [ 1135.783122][T26776] ? alloc_empty_file+0x55/0x1e0 [ 1135.783142][T26776] ? alloc_empty_file+0x55/0x1e0 [ 1135.783156][T26776] ? kasan_save_track+0x14/0x30 [ 1135.783175][T26776] alloc_empty_file+0x55/0x1e0 [ 1135.783191][T26776] path_openat+0xde/0x3140 [ 1135.783212][T26776] ? do_syscall_64+0xcd/0xf80 [ 1135.783233][T26776] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1135.783254][T26776] ? __pfx_path_openat+0x10/0x10 [ 1135.783283][T26776] do_filp_open+0x20b/0x470 [ 1135.783305][T26776] ? __pfx_do_filp_open+0x10/0x10 [ 1135.783340][T26776] ? alloc_fd+0x471/0x7d0 [ 1135.783367][T26776] do_sys_openat2+0x121/0x290 [ 1135.783384][T26776] ? __pfx_do_sys_openat2+0x10/0x10 [ 1135.783407][T26776] __x64_sys_openat+0x174/0x210 [ 1135.783424][T26776] ? __pfx___x64_sys_openat+0x10/0x10 [ 1135.783448][T26776] do_syscall_64+0xcd/0xf80 [ 1135.783472][T26776] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1135.783486][T26776] RIP: 0033:0x7f8d91f8f7c9 [ 1135.783499][T26776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1135.783514][T26776] RSP: 002b:00007f8d92e50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1135.783529][T26776] RAX: ffffffffffffffda RBX: 00007f8d921e5fa0 RCX: 00007f8d91f8f7c9 [ 1135.783539][T26776] RDX: 0000000000183841 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 1135.783549][T26776] RBP: 00007f8d92013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1135.783568][T26776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1135.783577][T26776] R13: 00007f8d921e6038 R14: 00007f8d921e5fa0 R15: 00007ffd2343ed88 [ 1135.783598][T26776] [ 1136.446743][T26795] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1137.132654][T26807] netlink: 62 bytes leftover after parsing attributes in process `syz.3.4153'. [ 1137.147292][T26815] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1137.908867][T26834] netlink: 244 bytes leftover after parsing attributes in process `syz.0.4158'. [ 1137.999155][T26838] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input53 [ 1138.202883][T26844] FAULT_INJECTION: forcing a failure. [ 1138.202883][T26844] name failslab, interval 1, probability 393216, space 0, times 0 [ 1138.413603][T26844] CPU: 1 UID: 0 PID: 26844 Comm: syz.3.4160 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1138.413631][T26844] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1138.413638][T26844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1138.413647][T26844] Call Trace: [ 1138.413654][T26844] [ 1138.413661][T26844] dump_stack_lvl+0x16c/0x1f0 [ 1138.413688][T26844] should_fail_ex+0x512/0x640 [ 1138.413705][T26844] ? __kmalloc_cache_noprof+0x5f/0x800 [ 1138.413725][T26844] should_failslab+0xc2/0x120 [ 1138.413748][T26844] __kmalloc_cache_noprof+0x80/0x800 [ 1138.413764][T26844] ? mark_held_locks+0x49/0x80 [ 1138.413778][T26844] ? __request_module+0x2ad/0x660 [ 1138.413801][T26844] ? __request_module+0x2ad/0x660 [ 1138.413827][T26844] __request_module+0x2ad/0x660 [ 1138.413847][T26844] ? __pfx___request_module+0x10/0x10 [ 1138.413875][T26844] ? crypto_alg_lookup+0x113/0x1e0 [ 1138.413902][T26844] crypto_alg_mod_lookup+0x367/0x520 [ 1138.413924][T26844] crypto_has_alg+0x22/0x80 [ 1138.413942][T26844] zswap_compressor_param_set+0x10c/0xa80 [ 1138.413964][T26844] param_attr_store+0x199/0x300 [ 1138.413986][T26844] ? __pfx_param_attr_store+0x10/0x10 [ 1138.414005][T26844] module_attr_store+0x58/0x80 [ 1138.414022][T26844] ? __pfx_module_attr_store+0x10/0x10 [ 1138.414039][T26844] sysfs_kf_write+0xf2/0x150 [ 1138.414056][T26844] kernfs_fop_write_iter+0x3af/0x570 [ 1138.414077][T26844] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1138.414094][T26844] vfs_write+0x7d3/0x11d0 [ 1138.414121][T26844] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1138.414146][T26844] ? __pfx_vfs_write+0x10/0x10 [ 1138.414181][T26844] ksys_write+0x12a/0x250 [ 1138.414203][T26844] ? __pfx_ksys_write+0x10/0x10 [ 1138.414230][T26844] do_syscall_64+0xcd/0xf80 [ 1138.414256][T26844] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1138.414272][T26844] RIP: 0033:0x7f555ab8f7c9 [ 1138.414285][T26844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1138.414299][T26844] RSP: 002b:00007f555b96b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1138.414329][T26844] RAX: ffffffffffffffda RBX: 00007f555ade6090 RCX: 00007f555ab8f7c9 [ 1138.414340][T26844] RDX: 0000000000000001 RSI: 0000200000003900 RDI: 0000000000000000 [ 1138.414349][T26844] RBP: 00007f555ac13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1138.414359][T26844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1138.414368][T26844] R13: 00007f555ade6128 R14: 00007f555ade6090 R15: 00007ffd059eebe8 [ 1138.414390][T26844] [ 1138.699070][T26844] zswap: compressor not available [ 1138.721453][T26852] program syz.4.4162 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1138.920087][ T30] audit: type=1807 audit(4294967326.412:36): UNKNOWN=0"û]$|Ë1jë0B|d™¹ýÓ‰OŸ¬+ö×/ÉéxÔóÈõWÓ¦–Ó^¸´gq%ḦrêOŽ res=0 [ 1138.952708][ T30] audit: type=1802 audit(4294967326.412:37): pid=26852 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.4.4162" res=0 errno=0 [ 1139.056175][T26851] ima: policy update failed [ 1139.060811][ T30] audit: type=1802 audit(4294967326.733:38): pid=26851 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.4162" res=0 errno=0 [ 1139.269508][T26864] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1139.455049][T26871] Invalid ELF header magic: != ELF [ 1140.697477][T26885] netlink: 342 bytes leftover after parsing attributes in process `syz.4.4169'. [ 1140.978865][T24576] Bluetooth: hci5: Malformed LE Event: 0x1d [ 1141.651303][ T30] audit: type=1800 audit(4294967329.347:39): pid=26930 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4175" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 1141.806269][T26944] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1143.283314][T27007] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4186'. [ 1143.504323][T27007] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4186'. [ 1143.687889][T27007] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4186'. [ 1143.727006][T27015] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1144.313274][T27027] FAULT_INJECTION: forcing a failure. [ 1144.313274][T27027] name failslab, interval 1, probability 393216, space 0, times 0 [ 1144.423137][T27027] CPU: 1 UID: 0 PID: 27027 Comm: syz.0.4190 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1144.423165][T27027] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1144.423172][T27027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1144.423181][T27027] Call Trace: [ 1144.423187][T27027] [ 1144.423193][T27027] dump_stack_lvl+0x16c/0x1f0 [ 1144.423221][T27027] should_fail_ex+0x512/0x640 [ 1144.423238][T27027] ? fs_reclaim_acquire+0xae/0x150 [ 1144.423264][T27027] should_failslab+0xc2/0x120 [ 1144.423287][T27027] __kmalloc_noprof+0xeb/0x910 [ 1144.423304][T27027] ? security_inode_init_security+0x113/0x370 [ 1144.423330][T27027] ? security_inode_init_security+0x113/0x370 [ 1144.423352][T27027] security_inode_init_security+0x113/0x370 [ 1144.423375][T27027] ? __pfx_shmem_initxattrs+0x10/0x10 [ 1144.423397][T27027] ? __pfx_security_inode_init_security+0x10/0x10 [ 1144.423426][T27027] shmem_mknod+0x229/0x3b0 [ 1144.423451][T27027] vfs_create+0x63a/0x9e0 [ 1144.423472][T27027] do_mknodat+0x4f2/0x6f0 [ 1144.423494][T27027] ? __pfx_do_mknodat+0x10/0x10 [ 1144.423515][T27027] ? getname_flags.part.0+0x1c5/0x550 [ 1144.423535][T27027] __x64_sys_mknod+0x87/0xb0 [ 1144.423574][T27027] do_syscall_64+0xcd/0xf80 [ 1144.423599][T27027] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1144.423615][T27027] RIP: 0033:0x7f8d91f8f7c9 [ 1144.423629][T27027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1144.423643][T27027] RSP: 002b:00007f8d92e2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 1144.423658][T27027] RAX: ffffffffffffffda RBX: 00007f8d921e6090 RCX: 00007f8d91f8f7c9 [ 1144.423668][T27027] RDX: 0000000000000017 RSI: 0000000000000e6c RDI: 0000200000000080 [ 1144.423679][T27027] RBP: 00007f8d92013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1144.423688][T27027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1144.423696][T27027] R13: 00007f8d921e6128 R14: 00007f8d921e6090 R15: 00007ffd2343ed88 [ 1144.423716][T27027] [ 1145.024439][T27033] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4193'. [ 1145.054548][T27033] netlink: 354 bytes leftover after parsing attributes in process `syz.3.4193'. [ 1145.594526][T27054] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1146.167040][T27067] ubi0: attaching mtd0 [ 1146.197742][T27067] ubi0: scanning is finished [ 1146.238058][T27067] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1146.411949][T27067] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1146.506596][T27076] netlink: 354 bytes leftover after parsing attributes in process `syz.3.4203'. [ 1146.831404][T27085] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1048706]. [ 1146.952549][T27090] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 1146.952549][T27090] The task syz.0.4204 (27090) triggered the difference, watch for misbehavior. [ 1148.408125][T27122] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1148.520484][T27126] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4216'. [ 1148.739839][T27132] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1149.071768][T27148] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4223'. [ 1149.377087][T27158] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4227'. [ 1149.461723][T27159] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4225'. [ 1149.489682][T27163] FAULT_INJECTION: forcing a failure. [ 1149.489682][T27163] name failslab, interval 1, probability 393216, space 0, times 0 [ 1149.585302][T27163] CPU: 1 UID: 0 PID: 27163 Comm: syz.3.4228 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1149.585332][T27163] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1149.585338][T27163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1149.585347][T27163] Call Trace: [ 1149.585354][T27163] [ 1149.585361][T27163] dump_stack_lvl+0x16c/0x1f0 [ 1149.585388][T27163] should_fail_ex+0x512/0x640 [ 1149.585406][T27163] ? kmem_cache_alloc_noprof+0x62/0x770 [ 1149.585427][T27163] should_failslab+0xc2/0x120 [ 1149.585451][T27163] kmem_cache_alloc_noprof+0x83/0x770 [ 1149.585469][T27163] ? __kernfs_new_node+0xd2/0x990 [ 1149.585491][T27163] ? __kernfs_new_node+0xd2/0x990 [ 1149.585507][T27163] __kernfs_new_node+0xd2/0x990 [ 1149.585526][T27163] ? __pfx___kernfs_new_node+0x10/0x10 [ 1149.585548][T27163] ? find_held_lock+0x2b/0x80 [ 1149.585568][T27163] ? kernfs_root+0xee/0x2a0 [ 1149.585589][T27163] kernfs_new_node+0x13c/0x1e0 [ 1149.585612][T27163] __kernfs_create_file+0x53/0x350 [ 1149.585637][T27163] sysfs_add_file_mode_ns+0x207/0x3c0 [ 1149.585658][T27163] sysfs_merge_group+0x1aa/0x340 [ 1149.585677][T27163] ? __pfx_sysfs_merge_group+0x10/0x10 [ 1149.585697][T27163] ? __pfx_dev_add_physical_location+0x10/0x10 [ 1149.585719][T27163] ? bus_to_subsys+0x131/0x160 [ 1149.585743][T27163] dpm_sysfs_add+0x237/0x280 [ 1149.585764][T27163] device_add+0x9cc/0x1980 [ 1149.585787][T27163] ? __pfx_device_add+0x10/0x10 [ 1149.585807][T27163] ? rcu_is_watching+0x12/0xc0 [ 1149.585828][T27163] ? lockdep_init_map_type+0x5c/0x270 [ 1149.585846][T27163] input_register_device+0x7e8/0x11b0 [ 1149.585866][T27163] ? input_ff_create+0x256/0x350 [ 1149.585882][T27163] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 1149.585898][T27163] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1149.585916][T27163] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 1149.585936][T27163] ? find_held_lock+0x2b/0x80 [ 1149.585964][T27163] ? __pfx_uinput_ioctl+0x10/0x10 [ 1149.585979][T27163] __x64_sys_ioctl+0x18e/0x210 [ 1149.585998][T27163] do_syscall_64+0xcd/0xf80 [ 1149.586021][T27163] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1149.586037][T27163] RIP: 0033:0x7f555ab8f7c9 [ 1149.586050][T27163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1149.586066][T27163] RSP: 002b:00007f555b98c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1149.586081][T27163] RAX: ffffffffffffffda RBX: 00007f555ade5fa0 RCX: 00007f555ab8f7c9 [ 1149.586091][T27163] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000008 [ 1149.586100][T27163] RBP: 00007f555ac13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1149.586109][T27163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1149.586118][T27163] R13: 00007f555ade6038 R14: 00007f555ade5fa0 R15: 00007ffd059eebe8 [ 1149.586138][T27163] [ 1150.182456][T27170] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1151.562403][T27207] MTRR 1 not used [ 1151.656369][T27207] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1151.705488][T27210] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4237'. [ 1152.051776][T27223] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1152.469263][T27234] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1152.828329][T27240] zswap: compressor not available [ 1154.211375][T27275] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1155.790747][T27317] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4263'. [ 1155.898059][T27317] hsr_slave_0: left promiscuous mode [ 1155.947905][T27317] hsr_slave_1: left promiscuous mode [ 1156.370426][T27330] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1157.038450][T27355] busy [ 1157.460144][T27367] random: crng reseeded on system resumption [ 1157.534092][T27369] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1157.718504][T27375] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1157.958733][T27369] netlink: 186 bytes leftover after parsing attributes in process `syz.0.4276'. [ 1158.040223][T24576] Bluetooth: hci5: unexpected subevent 0x0c length: 118 > 5 [ 1158.790272][T27394] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1160.009830][T27423] zswap: compressor not available [ 1160.045108][T27424] zswap: compressor not available [ 1160.423273][T27441] netlink: 'syz.0.4291': attribute type 2 has an invalid length. [ 1160.925394][T27459] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1162.544611][T27492] netlink: 'syz.2.4301': attribute type 10 has an invalid length. [ 1164.372985][T27525] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1165.133021][T27548] random: crng reseeded on system resumption [ 1167.250011][T27584] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1167.551562][T27598] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.4319: iget: checksum invalid [ 1167.682925][T27611] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4323'. [ 1167.708456][T27611] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1167.736025][T27598] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1167.736209][T27598] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.4319: iget: checksum invalid [ 1167.736352][T27598] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1167.736472][T27598] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.4319: iget: checksum invalid [ 1167.736597][T27598] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1167.736705][T27598] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.4319: iget: checksum invalid [ 1167.736826][T27598] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1167.736850][T27598] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1167.736865][T27598] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1167.978663][T27611] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1169.359252][T27653] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1170.408060][T27688] FAULT_INJECTION: forcing a failure. [ 1170.408060][T27688] name failslab, interval 1, probability 393216, space 0, times 0 [ 1170.446800][T27691] Invalid ELF header magic: != ELF [ 1170.585342][T27688] CPU: 1 UID: 0 PID: 27688 Comm: syz.0.4339 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1170.585372][T27688] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1170.585379][T27688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1170.585389][T27688] Call Trace: [ 1170.585395][T27688] [ 1170.585402][T27688] dump_stack_lvl+0x16c/0x1f0 [ 1170.585440][T27688] should_fail_ex+0x512/0x640 [ 1170.585457][T27688] ? __kmalloc_node_track_caller_noprof+0xcb/0x930 [ 1170.585483][T27688] should_failslab+0xc2/0x120 [ 1170.585506][T27688] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 1170.585528][T27688] ? kstrdup_const+0x63/0x80 [ 1170.585550][T27688] ? kstrdup+0x53/0x100 [ 1170.585565][T27688] kstrdup+0x53/0x100 [ 1170.585583][T27688] kstrdup_const+0x63/0x80 [ 1170.585600][T27688] __kernfs_new_node+0x9b/0x990 [ 1170.585621][T27688] ? __pfx___kernfs_new_node+0x10/0x10 [ 1170.585643][T27688] ? find_held_lock+0x2b/0x80 [ 1170.585664][T27688] ? kernfs_root+0xee/0x2a0 [ 1170.585685][T27688] kernfs_new_node+0x13c/0x1e0 [ 1170.585708][T27688] __kernfs_create_file+0x53/0x350 [ 1170.585733][T27688] cgroup_addrm_files+0x546/0xc20 [ 1170.585761][T27688] ? __xa_store+0x1dc/0x2e0 [ 1170.585775][T27688] ? __pfx_cgroup_addrm_files+0x10/0x10 [ 1170.585796][T27688] ? __pfx___xa_store+0x10/0x10 [ 1170.585817][T27688] ? do_raw_spin_unlock+0x172/0x230 [ 1170.585837][T27688] css_populate_dir+0x169/0x570 [ 1170.585859][T27688] cgroup_apply_control_enable+0x3f3/0xbb0 [ 1170.585887][T27688] cgroup_mkdir+0x5e0/0x12e0 [ 1170.585911][T27688] ? __pfx_cgroup_mkdir+0x10/0x10 [ 1170.585933][T27688] kernfs_iop_mkdir+0x111/0x190 [ 1170.585951][T27688] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 1170.585968][T27688] vfs_mkdir+0x731/0xb60 [ 1170.585989][T27688] do_mkdirat+0x442/0x5e0 [ 1170.586014][T27688] ? __pfx_do_mkdirat+0x10/0x10 [ 1170.586036][T27688] ? strncpy_from_user+0x203/0x2e0 [ 1170.586052][T27688] ? getname_flags.part.0+0x1c5/0x550 [ 1170.586071][T27688] __x64_sys_mkdir+0xef/0x140 [ 1170.586094][T27688] do_syscall_64+0xcd/0xf80 [ 1170.586117][T27688] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1170.586133][T27688] RIP: 0033:0x7f8d91f8f7c9 [ 1170.586150][T27688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1170.586165][T27688] RSP: 002b:00007f8d92e50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1170.586186][T27688] RAX: ffffffffffffffda RBX: 00007f8d921e5fa0 RCX: 00007f8d91f8f7c9 [ 1170.586196][T27688] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000 [ 1170.586207][T27688] RBP: 00007f8d92013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1170.586217][T27688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1170.586227][T27688] R13: 00007f8d921e6038 R14: 00007f8d921e5fa0 R15: 00007ffd2343ed88 [ 1170.586248][T27688] [ 1170.586256][T27688] cgroup: cgroup_addrm_files: failed to add cgroup.event_control, err=-12 [ 1171.998704][T27733] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4348'. [ 1172.198423][T27733] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4348'. [ 1172.411344][T27733] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4348'. [ 1173.151716][T27777] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1173.629337][T27790] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4357'. [ 1174.088895][T27805] bridge0: port 3(veth0_to_bridge) entered blocking state [ 1174.127870][T27805] bridge0: port 3(veth0_to_bridge) entered disabled state [ 1174.160116][T27805] veth0_to_bridge: entered allmulticast mode [ 1174.191596][T27805] FAULT_INJECTION: forcing a failure. [ 1174.191596][T27805] name failslab, interval 1, probability 393216, space 0, times 0 [ 1174.249488][T27805] CPU: 1 UID: 0 PID: 27805 Comm: syz.0.4362 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1174.249517][T27805] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1174.249524][T27805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1174.249534][T27805] Call Trace: [ 1174.249540][T27805] [ 1174.249546][T27805] dump_stack_lvl+0x16c/0x1f0 [ 1174.249573][T27805] should_fail_ex+0x512/0x640 [ 1174.249590][T27805] ? kmem_cache_alloc_noprof+0x62/0x770 [ 1174.249611][T27805] should_failslab+0xc2/0x120 [ 1174.249634][T27805] kmem_cache_alloc_noprof+0x83/0x770 [ 1174.249652][T27805] ? __kernfs_new_node+0xd2/0x990 [ 1174.249672][T27805] ? __kernfs_new_node+0xd2/0x990 [ 1174.249688][T27805] __kernfs_new_node+0xd2/0x990 [ 1174.249707][T27805] ? __pfx___kernfs_new_node+0x10/0x10 [ 1174.249729][T27805] ? find_held_lock+0x2b/0x80 [ 1174.249749][T27805] ? kernfs_root+0xee/0x2a0 [ 1174.249769][T27805] kernfs_new_node+0x13c/0x1e0 [ 1174.249790][T27805] ? __pfx_map_id_range_down+0x10/0x10 [ 1174.249813][T27805] __kernfs_create_file+0x53/0x350 [ 1174.249839][T27805] sysfs_add_file_mode_ns+0x207/0x3c0 [ 1174.249867][T27805] sysfs_create_file_ns+0x13d/0x1d0 [ 1174.249883][T27805] ? __pfx_sysfs_create_file_ns+0x10/0x10 [ 1174.249900][T27805] ? kernfs_create_link+0x1bd/0x240 [ 1174.249924][T27805] ? kernfs_put+0x35/0x60 [ 1174.249941][T27805] ? sysfs_do_create_link_sd+0xbb/0x140 [ 1174.249962][T27805] br_sysfs_addif+0xe4/0x220 [ 1174.249988][T27805] br_add_if+0x70d/0x1b70 [ 1174.250009][T27805] ? security_capable+0x7e/0x260 [ 1174.250036][T27805] add_del_if+0x114/0x160 [ 1174.250058][T27805] br_dev_siocdevprivate+0x908/0x1650 [ 1174.250082][T27805] ? __pfx_br_dev_siocdevprivate+0x10/0x10 [ 1174.250112][T27805] ? lock_acquire+0x179/0x330 [ 1174.250127][T27805] ? __pfx___might_resched+0x10/0x10 [ 1174.250152][T27805] ? netdev_name_node_lookup+0x127/0x180 [ 1174.250169][T27805] ? __mutex_lock+0x27b/0x1ca0 [ 1174.250194][T27805] dev_ifsioc+0x8ee/0x1ee0 [ 1174.250215][T27805] ? __pfx_dev_ifsioc+0x10/0x10 [ 1174.250232][T27805] ? __pfx___mutex_lock+0x10/0x10 [ 1174.250263][T27805] ? dev_load+0x8e/0x240 [ 1174.250283][T27805] dev_ioctl+0x1b2/0x1060 [ 1174.250303][T27805] sock_ioctl+0x5b3/0x6b0 [ 1174.250319][T27805] ? __pfx_sock_ioctl+0x10/0x10 [ 1174.250331][T27805] ? hook_file_ioctl_common+0x144/0x410 [ 1174.250352][T27805] ? __fget_files+0x20e/0x3c0 [ 1174.250376][T27805] ? __pfx_sock_ioctl+0x10/0x10 [ 1174.250391][T27805] __x64_sys_ioctl+0x18e/0x210 [ 1174.250410][T27805] do_syscall_64+0xcd/0xf80 [ 1174.250434][T27805] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1174.250450][T27805] RIP: 0033:0x7f8d91f8f7c9 [ 1174.250464][T27805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1174.250479][T27805] RSP: 002b:00007f8d92e50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1174.250497][T27805] RAX: ffffffffffffffda RBX: 00007f8d921e5fa0 RCX: 00007f8d91f8f7c9 [ 1174.250507][T27805] RDX: 0000200000000040 RSI: 00000000000089fc RDI: 0000000000000005 [ 1174.250516][T27805] RBP: 00007f8d92013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1174.250526][T27805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1174.250534][T27805] R13: 00007f8d921e6038 R14: 00007f8d921e5fa0 R15: 00007ffd2343ed88 [ 1174.250554][T27805] [ 1174.251110][T27805] veth0_to_bridge: left allmulticast mode [ 1175.530099][T27846] netlink: 'syz.4.4371': attribute type 11 has an invalid length. [ 1175.563279][T27846] netlink: 'syz.4.4371': attribute type 11 has an invalid length. [ 1175.571129][T27846] netlink: 'syz.4.4371': attribute type 11 has an invalid length. [ 1175.668158][T27846] netlink: 'syz.4.4371': attribute type 11 has an invalid length. [ 1176.296973][T27872] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1177.917174][T27899] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.4383: iget: checksum invalid [ 1177.972768][T27899] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1178.017919][T27899] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.4383: iget: checksum invalid [ 1178.073360][T27899] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1178.116308][T27899] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.4383: iget: checksum invalid [ 1178.172657][T27899] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1178.222337][T27899] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.4383: iget: checksum invalid [ 1178.268762][T27899] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1178.317399][T27899] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1178.370790][T27899] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1179.328379][T27936] FAULT_INJECTION: forcing a failure. [ 1179.328379][T27936] name failslab, interval 1, probability 393216, space 0, times 0 [ 1179.408804][T27936] CPU: 1 UID: 0 PID: 27936 Comm: syz.0.4392 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1179.408831][T27936] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1179.408838][T27936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1179.408856][T27936] Call Trace: [ 1179.408861][T27936] [ 1179.408868][T27936] dump_stack_lvl+0x16c/0x1f0 [ 1179.408896][T27936] should_fail_ex+0x512/0x640 [ 1179.408914][T27936] ? __kvmalloc_node_noprof+0x129/0xa40 [ 1179.408938][T27936] should_failslab+0xc2/0x120 [ 1179.408962][T27936] __kvmalloc_node_noprof+0x14a/0xa40 [ 1179.408984][T27936] ? bucket_table_alloc.isra.0+0x88/0x460 [ 1179.409012][T27936] ? bucket_table_alloc.isra.0+0x88/0x460 [ 1179.409035][T27936] bucket_table_alloc.isra.0+0x88/0x460 [ 1179.409060][T27936] rhashtable_init_noprof+0x41a/0x7e0 [ 1179.409095][T27936] ipc_init_ids+0x92/0x280 [ 1179.409115][T27936] copy_ipcs+0x5be/0x7d0 [ 1179.409134][T27936] create_new_namespaces+0x20a/0xab0 [ 1179.409155][T27936] ? security_capable+0x7e/0x260 [ 1179.409181][T27936] copy_namespaces+0x468/0x570 [ 1179.409202][T27936] copy_process+0x2a70/0x7430 [ 1179.409233][T27936] ? __pfx_copy_process+0x10/0x10 [ 1179.409260][T27936] ? _copy_from_user+0x59/0xd0 [ 1179.409277][T27936] kernel_clone+0xfc/0x910 [ 1179.409301][T27936] ? __pfx_kernel_clone+0x10/0x10 [ 1179.409321][T27936] ? futex_private_hash_put+0x160/0x1b0 [ 1179.409348][T27936] ? __pfx_futex_wait+0x10/0x10 [ 1179.409374][T27936] __do_sys_clone3+0x212/0x290 [ 1179.409397][T27936] ? __pfx___do_sys_clone3+0x10/0x10 [ 1179.409428][T27936] ? find_held_lock+0x2b/0x80 [ 1179.409462][T27936] do_syscall_64+0xcd/0xf80 [ 1179.409486][T27936] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1179.409502][T27936] RIP: 0033:0x7f8d91f8f7c9 [ 1179.409515][T27936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1179.409529][T27936] RSP: 002b:00007f8d92e4ff08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1179.409544][T27936] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f8d91f8f7c9 [ 1179.409554][T27936] RDX: 00007f8d92e4ff20 RSI: 0000000000000058 RDI: 00007f8d92e4ff20 [ 1179.409563][T27936] RBP: 00007f8d92013f91 R08: 0000000000000000 R09: 0000000000000058 [ 1179.409572][T27936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1179.409581][T27936] R13: 00007f8d921e6038 R14: 00007f8d921e5fa0 R15: 00007ffd2343ed88 [ 1179.409601][T27936] [ 1179.585738][T24576] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 1179.590228][T24576] Bluetooth: hci0: Invalid handle: 0x3a4a > 0x0eff [ 1179.590442][T24576] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 1179.590462][T24576] Bluetooth: hci0: Invalid handle: 0x3a4a > 0x0eff [ 1180.419785][T27963] netlink: 'syz.2.4395': attribute type 4 has an invalid length. [ 1180.970095][T27970] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1181.046790][T27973] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4399'. [ 1181.099370][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1181.105910][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1182.782720][T28021] netlink: 'syz.0.4408': attribute type 1 has an invalid length. [ 1182.887267][T28023] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1183.643493][T28042] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1183.701139][ T5839] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1183.714561][ T5839] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1183.723149][ T5839] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1183.733070][ T5839] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1183.741410][ T5839] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1184.362897][T28043] chnl_net:caif_netlink_parms(): no params data found [ 1184.691928][T28056] FAULT_INJECTION: forcing a failure. [ 1184.691928][T28056] name failslab, interval 1, probability 393216, space 0, times 0 [ 1184.775156][T28056] CPU: 1 UID: 0 PID: 28056 Comm: syz.0.4415 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1184.775184][T28056] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1184.775191][T28056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1184.775200][T28056] Call Trace: [ 1184.775206][T28056] [ 1184.775212][T28056] dump_stack_lvl+0x16c/0x1f0 [ 1184.775239][T28056] should_fail_ex+0x512/0x640 [ 1184.775257][T28056] ? fs_reclaim_acquire+0xae/0x150 [ 1184.775289][T28056] should_failslab+0xc2/0x120 [ 1184.775312][T28056] __kmalloc_cache_noprof+0x80/0x800 [ 1184.775330][T28056] ? lockdep_init_map_type+0x5c/0x270 [ 1184.775345][T28056] ? tomoyo_open_control+0x415/0xa30 [ 1184.775368][T28056] ? lockdep_init_map_type+0x5c/0x270 [ 1184.775384][T28056] ? tomoyo_open_control+0x415/0xa30 [ 1184.775406][T28056] tomoyo_open_control+0x415/0xa30 [ 1184.775432][T28056] do_dentry_open+0x748/0x1590 [ 1184.775453][T28056] ? __pfx_tomoyo_open+0x10/0x10 [ 1184.775478][T28056] vfs_open+0x82/0x3f0 [ 1184.775501][T28056] path_openat+0x2078/0x3140 [ 1184.775529][T28056] ? __pfx_path_openat+0x10/0x10 [ 1184.775558][T28056] do_filp_open+0x20b/0x470 [ 1184.775582][T28056] ? __pfx_do_filp_open+0x10/0x10 [ 1184.775617][T28056] ? alloc_fd+0x471/0x7d0 [ 1184.775644][T28056] do_sys_openat2+0x121/0x290 [ 1184.775660][T28056] ? __pfx_do_sys_openat2+0x10/0x10 [ 1184.775688][T28056] __x64_sys_openat+0x174/0x210 [ 1184.775705][T28056] ? __pfx___x64_sys_openat+0x10/0x10 [ 1184.775730][T28056] do_syscall_64+0xcd/0xf80 [ 1184.775755][T28056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1184.775771][T28056] RIP: 0033:0x7f8d91f8f7c9 [ 1184.775785][T28056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1184.775799][T28056] RSP: 002b:00007f8d92e50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1184.775813][T28056] RAX: ffffffffffffffda RBX: 00007f8d921e5fa0 RCX: 00007f8d91f8f7c9 [ 1184.775823][T28056] RDX: 0000000000062402 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 1184.775839][T28056] RBP: 00007f8d92013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1184.775848][T28056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1184.775858][T28056] R13: 00007f8d921e6038 R14: 00007f8d921e5fa0 R15: 00007ffd2343ed88 [ 1184.775878][T28056] [ 1185.355836][T28063] netlink: 'syz.4.4417': attribute type 4 has an invalid length. [ 1185.380930][T28063] netlink: 314 bytes leftover after parsing attributes in process `syz.4.4417'. [ 1185.394765][T28065] blktrace: Concurrent blktraces are not allowed on loop2 [ 1185.475174][T28059] zswap: compressor 000 not available [ 1185.505526][T28069] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1185.611862][T28043] bridge0: port 1(bridge_slave_0) entered blocking state [ 1185.649349][T28043] bridge0: port 1(bridge_slave_0) entered disabled state [ 1185.696566][T28043] bridge_slave_0: entered allmulticast mode [ 1185.742343][T28043] bridge_slave_0: entered promiscuous mode [ 1185.800248][ T5839] Bluetooth: hci2: command tx timeout [ 1185.874405][T28043] bridge0: port 2(bridge_slave_1) entered blocking state [ 1185.883737][T28079] netlink: 'syz.0.4420': attribute type 1 has an invalid length. [ 1185.942597][T28043] bridge0: port 2(bridge_slave_1) entered disabled state [ 1185.977451][T28043] bridge_slave_1: entered allmulticast mode [ 1186.001182][T28043] bridge_slave_1: entered promiscuous mode [ 1186.070058][T28084] FAULT_INJECTION: forcing a failure. [ 1186.070058][T28084] name failslab, interval 1, probability 393216, space 0, times 0 [ 1186.109875][T28084] CPU: 1 UID: 0 PID: 28084 Comm: syz.3.4422 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1186.109904][T28084] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1186.109911][T28084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1186.109920][T28084] Call Trace: [ 1186.109925][T28084] [ 1186.109932][T28084] dump_stack_lvl+0x16c/0x1f0 [ 1186.109959][T28084] should_fail_ex+0x512/0x640 [ 1186.109976][T28084] ? __kmalloc_noprof+0xca/0x910 [ 1186.109994][T28084] should_failslab+0xc2/0x120 [ 1186.110017][T28084] __kmalloc_noprof+0xeb/0x910 [ 1186.110034][T28084] ? sk_prot_alloc+0x1a8/0x2a0 [ 1186.110060][T28084] ? sk_prot_alloc+0x1a8/0x2a0 [ 1186.110080][T28084] sk_prot_alloc+0x1a8/0x2a0 [ 1186.110103][T28084] sk_alloc+0x36/0xe30 [ 1186.110121][T28084] __netlink_create+0x5e/0x2c0 [ 1186.110138][T28084] ? __wake_up+0x3f/0x60 [ 1186.110160][T28084] netlink_create+0x39e/0x620 [ 1186.110178][T28084] ? __pfx_genl_bind+0x10/0x10 [ 1186.110199][T28084] ? __pfx_genl_unbind+0x10/0x10 [ 1186.110219][T28084] ? __pfx_genl_release+0x10/0x10 [ 1186.110235][T28084] __sock_create+0x339/0x8a0 [ 1186.110253][T28084] __sys_socket+0x14d/0x260 [ 1186.110267][T28084] ? __pfx___sys_socket+0x10/0x10 [ 1186.110281][T28084] ? xfd_validate_state+0x61/0x180 [ 1186.110295][T28084] ? __pfx_kernel_set_mempolicy+0x10/0x10 [ 1186.110321][T28084] __x64_sys_socket+0x72/0xb0 [ 1186.110335][T28084] ? lockdep_hardirqs_on+0x7c/0x110 [ 1186.110357][T28084] do_syscall_64+0xcd/0xf80 [ 1186.110380][T28084] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1186.110396][T28084] RIP: 0033:0x7f555ab8f7c9 [ 1186.110409][T28084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1186.110423][T28084] RSP: 002b:00007f555b98c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1186.110438][T28084] RAX: ffffffffffffffda RBX: 00007f555ade5fa0 RCX: 00007f555ab8f7c9 [ 1186.110448][T28084] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 1186.110457][T28084] RBP: 00007f555ac13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1186.110467][T28084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1186.110476][T28084] R13: 00007f555ade6038 R14: 00007f555ade5fa0 R15: 00007ffd059eebe8 [ 1186.110496][T28084] [ 1186.375380][T28043] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1186.387177][T28043] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1186.413446][T28043] team0: Port device team_slave_0 added [ 1186.420935][T28043] team0: Port device team_slave_1 added [ 1186.444009][T28043] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1186.451065][T28043] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1186.477523][T28043] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1186.490137][T28043] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1186.497148][T28043] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1186.523222][T28043] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1186.561192][T28043] hsr_slave_0: entered promiscuous mode [ 1186.568096][T28043] hsr_slave_1: entered promiscuous mode [ 1186.574092][T28043] debugfs: 'hsr0' already exists in 'hsr' [ 1186.579864][T28043] Cannot create hsr debugfs directory [ 1186.814050][T28043] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1186.922322][T28091] bridge0: port 3(veth0_to_bridge) entered blocking state [ 1186.931198][T28091] bridge0: port 3(veth0_to_bridge) entered disabled state [ 1186.958240][T28091] veth0_to_bridge: entered allmulticast mode [ 1186.990581][T28091] veth0_to_bridge: entered promiscuous mode [ 1187.011572][T28091] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1187.039052][T28091] bridge0: port 3(veth0_to_bridge) entered blocking state [ 1187.046279][T28091] bridge0: port 3(veth0_to_bridge) entered forwarding state [ 1187.117579][T28043] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1187.217869][T28043] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1187.318209][T28043] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1187.347312][T28106] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1187.463102][T15782] bridge_slave_0: left allmulticast mode [ 1187.468978][T15782] bridge_slave_0: left promiscuous mode [ 1187.497288][T15782] bridge0: port 1(bridge_slave_0) entered disabled state [ 1187.866086][ T5839] Bluetooth: hci2: command tx timeout [ 1187.914919][T15782] erspan0 (unregistering): left allmulticast mode [ 1188.244832][T15782] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1188.269144][T15782] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1188.302113][T15782] bond0 (unregistering): Released all slaves [ 1188.387643][T15782] HfR: left promiscuous mode [ 1188.494019][T15782] ovs_: left promiscuous mode [ 1188.601246][T15782] tipc: Left network mode [ 1188.797578][T28043] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1188.847995][T28043] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1188.895920][T28043] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1188.933008][T28043] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1189.387863][T28043] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1189.405057][T28138] blkio.reset_stats is deprecated [ 1189.595600][T28043] 8021q: adding VLAN 0 to HW filter on device team0 [ 1189.665630][ T1159] bridge0: port 1(bridge_slave_0) entered blocking state [ 1189.672807][ T1159] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1189.787336][ T1159] bridge0: port 2(bridge_slave_1) entered blocking state [ 1189.794492][ T1159] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1189.889774][T15782] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1189.935347][ T5839] Bluetooth: hci2: command tx timeout [ 1189.946332][T15782] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1189.995083][T15782] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1190.020972][T15782] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1190.131717][T15782] veth1_macvtap: left promiscuous mode [ 1190.159253][T15782] veth0_macvtap: left promiscuous mode [ 1190.572504][T28152] FAULT_INJECTION: forcing a failure. [ 1190.572504][T28152] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1190.648894][T28152] CPU: 1 UID: 0 PID: 28152 Comm: syz.4.4438 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1190.648922][T28152] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1190.648927][T28152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1190.648936][T28152] Call Trace: [ 1190.648941][T28152] [ 1190.648948][T28152] dump_stack_lvl+0x16c/0x1f0 [ 1190.648974][T28152] should_fail_ex+0x512/0x640 [ 1190.648993][T28152] get_futex_key+0x1d0/0x15f0 [ 1190.649011][T28152] ? __lock_acquire+0x436/0x2890 [ 1190.649025][T28152] ? __pfx_get_futex_key+0x10/0x10 [ 1190.649047][T28152] futex_wait_setup+0x9d/0x570 [ 1190.649072][T28152] __futex_wait+0x193/0x2f0 [ 1190.649093][T28152] ? __pfx___futex_wait+0x10/0x10 [ 1190.649116][T28152] ? __pfx_futex_wake_mark+0x10/0x10 [ 1190.649138][T28152] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 1190.649156][T28152] ? __hrtimer_setup+0x176/0x280 [ 1190.649175][T28152] ? ktime_add_safe+0x60/0x70 [ 1190.649195][T28152] futex_wait+0xe8/0x380 [ 1190.649214][T28152] ? __pfx_futex_wait+0x10/0x10 [ 1190.649241][T28152] ? __lock_acquire+0x436/0x2890 [ 1190.649256][T28152] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 1190.649281][T28152] do_futex+0x229/0x350 [ 1190.649298][T28152] ? __pfx_do_futex+0x10/0x10 [ 1190.649313][T28152] ? rcu_is_watching+0x12/0xc0 [ 1190.649333][T28152] ? ktime_get+0x200/0x310 [ 1190.649346][T28152] ? lockdep_hardirqs_on+0x7c/0x110 [ 1190.649368][T28152] ? read_tsc+0x9/0x20 [ 1190.649390][T28152] __x64_sys_futex+0x1e0/0x4c0 [ 1190.649410][T28152] ? __pfx___x64_sys_futex+0x10/0x10 [ 1190.649427][T28152] ? xfd_validate_state+0x61/0x180 [ 1190.649446][T28152] do_syscall_64+0xcd/0xf80 [ 1190.649469][T28152] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1190.649484][T28152] RIP: 0033:0x7f14d318f7c9 [ 1190.649497][T28152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1190.649511][T28152] RSP: 002b:00007ffeb7b57e48 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1190.649526][T28152] RAX: ffffffffffffffda RBX: 000000000012305c RCX: 00007f14d318f7c9 [ 1190.649536][T28152] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f14d33e5fac [ 1190.649545][T28152] RBP: 0000000000000032 R08: 00007f14d40c0000 R09: 00000004b7b5813f [ 1190.649554][T28152] R10: 00007ffeb7b57f40 R11: 0000000000000246 R12: 00007f14d33e5fac [ 1190.649563][T28152] R13: 00007ffeb7b57f40 R14: 000000000012308e R15: 00007ffeb7b57f60 [ 1190.649582][T28152] [ 1191.154972][T28155] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1191.999361][ T5839] Bluetooth: hci2: command tx timeout [ 1192.961396][T15782] team0 (unregistering): Port device team_slave_0 removed [ 1194.485200][T28043] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1194.676610][T28216] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1194.951376][T28043] veth0_vlan: entered promiscuous mode [ 1195.003051][T28043] veth1_vlan: entered promiscuous mode [ 1195.059873][T28043] veth0_macvtap: entered promiscuous mode [ 1195.111127][T28225] HfR: entered promiscuous mode [ 1195.139289][T28225] Console: switching to colour VGA+ 80x25 [ 1195.208089][T28229] random: crng reseeded on system resumption [ 1195.248681][T28043] veth1_macvtap: entered promiscuous mode [ 1195.291064][T28233] Invalid ELF header magic: != ELF [ 1195.367975][T28043] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1195.400456][T28043] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1195.416963][T28232] Console: switching to colour frame buffer device 128x48 [ 1195.487018][T15782] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1195.492642][T15782] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1195.492676][T15782] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1195.492701][T15782] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1195.805260][T24380] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1195.842163][T24380] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1195.923214][T28244] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4454'. [ 1195.944294][ T1103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1195.980125][ T1103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1196.848579][T28262] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1198.121938][T28291] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1199.053857][T28324] FAULT_INJECTION: forcing a failure. [ 1199.053857][T28324] name failslab, interval 1, probability 393216, space 0, times 0 [ 1199.274919][T28324] CPU: 1 UID: 0 PID: 28324 Comm: syz.3.4469 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1199.274949][T28324] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1199.274955][T28324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1199.274965][T28324] Call Trace: [ 1199.274971][T28324] [ 1199.274977][T28324] dump_stack_lvl+0x16c/0x1f0 [ 1199.275007][T28324] should_fail_ex+0x512/0x640 [ 1199.275027][T28324] should_failslab+0xc2/0x120 [ 1199.275051][T28324] __kmalloc_cache_noprof+0x80/0x800 [ 1199.275069][T28324] ? __task_pid_nr_ns+0x1f5/0x500 [ 1199.275084][T28324] ? proc_thread_self_get_link+0x1c6/0x240 [ 1199.275106][T28324] ? proc_thread_self_get_link+0x1c6/0x240 [ 1199.275123][T28324] proc_thread_self_get_link+0x1c6/0x240 [ 1199.275143][T28324] pick_link+0xb09/0x13b0 [ 1199.275161][T28324] ? __pfx_proc_thread_self_get_link+0x10/0x10 [ 1199.275182][T28324] step_into_slowpath+0x6c6/0xf50 [ 1199.275205][T28324] ? __pfx_step_into_slowpath+0x10/0x10 [ 1199.275228][T28324] ? lookup_fast+0x156/0x610 [ 1199.275244][T28324] ? inode_permission+0x37b/0x640 [ 1199.275263][T28324] link_path_walk+0xd26/0x1c70 [ 1199.275289][T28324] path_openat+0x1bd/0x3140 [ 1199.275310][T28324] ? do_syscall_64+0xcd/0xf80 [ 1199.275331][T28324] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1199.275352][T28324] ? __pfx_path_openat+0x10/0x10 [ 1199.275381][T28324] do_filp_open+0x20b/0x470 [ 1199.275403][T28324] ? __pfx_do_filp_open+0x10/0x10 [ 1199.275439][T28324] ? alloc_fd+0x471/0x7d0 [ 1199.275473][T28324] do_sys_openat2+0x121/0x290 [ 1199.275491][T28324] ? __pfx_do_sys_openat2+0x10/0x10 [ 1199.275516][T28324] __x64_sys_openat+0x174/0x210 [ 1199.275534][T28324] ? __pfx___x64_sys_openat+0x10/0x10 [ 1199.275559][T28324] do_syscall_64+0xcd/0xf80 [ 1199.275583][T28324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1199.275598][T28324] RIP: 0033:0x7f555ab8f7c9 [ 1199.275611][T28324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1199.275626][T28324] RSP: 002b:00007f555b94a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1199.275642][T28324] RAX: ffffffffffffffda RBX: 00007f555ade6180 RCX: 00007f555ab8f7c9 [ 1199.275653][T28324] RDX: 0000000000042000 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 1199.275663][T28324] RBP: 00007f555ac13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1199.275673][T28324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1199.275682][T28324] R13: 00007f555ade6218 R14: 00007f555ade6180 R15: 00007ffd059eebe8 [ 1199.275702][T28324] [ 1200.059466][T28328] random: crng reseeded on system resumption [ 1200.208621][T28337] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1200.406577][T28342] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4473'. [ 1201.296968][T28365] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4478'. [ 1201.429310][T28368] FAULT_INJECTION: forcing a failure. [ 1201.429310][T28368] name failslab, interval 1, probability 393216, space 0, times 0 [ 1201.469660][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1201.482058][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1201.494464][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1201.506768][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1201.519152][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1201.531512][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1201.543896][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1201.556191][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1201.568582][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1201.580867][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1206.451816][ C1] net_ratelimit: 19888 callbacks suppressed [ 1206.451833][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1206.470034][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1206.482309][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1206.494594][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1206.506879][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1206.519138][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1206.531426][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1206.543675][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1206.555933][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1206.568209][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1211.435928][ C1] net_ratelimit: 20309 callbacks suppressed [ 1211.435946][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1211.454267][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1211.466537][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1211.478783][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1211.491055][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1211.503312][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1211.515583][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1211.527825][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1211.540072][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1211.552453][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1216.420288][ C1] net_ratelimit: 11187 callbacks suppressed [ 1216.420305][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1216.438428][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1216.450654][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1216.463437][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1216.475642][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1216.487887][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1216.500637][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1216.512832][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1216.525055][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1216.537801][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1221.403910][ C1] net_ratelimit: 12494 callbacks suppressed [ 1221.403927][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1221.422091][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1221.434930][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1221.447132][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1221.459335][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1221.471828][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1221.484622][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1221.496766][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1221.508943][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1221.521210][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1226.388065][ C1] net_ratelimit: 12972 callbacks suppressed [ 1226.388083][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1226.406265][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1226.418495][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1226.430791][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1226.443665][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1226.456164][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1226.468514][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1226.480783][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1226.493672][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1226.505886][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1228.813461][T28368] CPU: 1 UID: 0 PID: 28368 Comm: syz.0.4479 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1228.813512][T28368] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1228.813524][T28368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1228.813534][T28368] Call Trace: [ 1228.813540][T28368] [ 1228.813547][T28368] dump_stack_lvl+0x16c/0x1f0 [ 1228.813575][T28368] should_fail_ex+0x512/0x640 [ 1228.813592][T28368] ? kmem_cache_alloc_noprof+0x62/0x770 [ 1228.813613][T28368] should_failslab+0xc2/0x120 [ 1228.813643][T28368] kmem_cache_alloc_noprof+0x83/0x770 [ 1228.813662][T28368] ? __kernfs_new_node+0xd2/0x990 [ 1228.813683][T28368] ? __kernfs_new_node+0xd2/0x990 [ 1228.813699][T28368] __kernfs_new_node+0xd2/0x990 [ 1228.813719][T28368] ? __pfx___kernfs_new_node+0x10/0x10 [ 1228.813741][T28368] ? find_held_lock+0x2b/0x80 [ 1228.813761][T28368] ? kernfs_root+0xee/0x2a0 [ 1228.813782][T28368] kernfs_new_node+0x13c/0x1e0 [ 1228.813805][T28368] __kernfs_create_file+0x53/0x350 [ 1228.813830][T28368] sysfs_add_file_mode_ns+0x207/0x3c0 [ 1228.813852][T28368] internal_create_group+0x597/0xf70 [ 1228.813874][T28368] ? __pfx_internal_create_group+0x10/0x10 [ 1228.813895][T28368] ? kernfs_create_link+0x1bd/0x240 [ 1228.813921][T28368] internal_create_groups+0x9d/0x150 [ 1228.813941][T28368] device_add+0x757/0x1980 [ 1228.813964][T28368] ? __pfx_device_add+0x10/0x10 [ 1228.813985][T28368] ? rcu_is_watching+0x12/0xc0 [ 1228.814006][T28368] ? lockdep_init_map_type+0x5c/0x270 [ 1228.814024][T28368] input_register_device+0x7e8/0x11b0 [ 1228.814044][T28368] ? input_ff_create+0x256/0x350 [ 1228.814059][T28368] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 1228.814075][T28368] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1228.814093][T28368] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 1228.814113][T28368] ? find_held_lock+0x2b/0x80 [ 1228.814141][T28368] ? __pfx_uinput_ioctl+0x10/0x10 [ 1228.814156][T28368] __x64_sys_ioctl+0x18e/0x210 [ 1228.814175][T28368] do_syscall_64+0xcd/0xf80 [ 1228.814199][T28368] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1228.814214][T28368] RIP: 0033:0x7f8d91f8f7c9 [ 1228.814228][T28368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1228.814243][T28368] RSP: 002b:00007f8d92e50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1228.814257][T28368] RAX: ffffffffffffffda RBX: 00007f8d921e5fa0 RCX: 00007f8d91f8f7c9 [ 1228.814267][T28368] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000008 [ 1228.814276][T28368] RBP: 00007f8d92013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1228.814284][T28368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1228.814293][T28368] R13: 00007f8d921e6038 R14: 00007f8d921e5fa0 R15: 00007ffd2343ed88 [ 1228.814313][T28368] [ 1231.372377][ C1] net_ratelimit: 11774 callbacks suppressed [ 1231.372395][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1231.390524][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1231.402754][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1231.414990][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1231.427815][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1231.440012][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1231.452216][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1231.464487][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1231.477383][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1231.490591][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1236.356176][ C1] net_ratelimit: 12350 callbacks suppressed [ 1236.356193][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1236.374281][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1236.386552][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1236.399167][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1236.411984][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1236.424160][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1236.436385][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1236.448641][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1236.461433][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1236.473605][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1241.340238][ C1] net_ratelimit: 12495 callbacks suppressed [ 1241.340256][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1241.358381][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1241.370632][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1241.383542][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1241.395730][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1241.408027][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1241.420332][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1241.433192][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1241.445381][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1241.457767][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1246.324635][ C1] net_ratelimit: 12253 callbacks suppressed [ 1246.324654][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1246.342882][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1246.355338][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1246.367635][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1246.380541][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1246.392748][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1246.405007][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1246.417364][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1246.430235][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1246.442480][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1251.308649][ C1] net_ratelimit: 12118 callbacks suppressed [ 1251.308666][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1251.326796][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1251.339058][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1251.351328][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1251.364237][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1251.376569][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1251.388879][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1251.401216][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1251.414129][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1251.426343][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1256.293028][ C1] net_ratelimit: 12182 callbacks suppressed [ 1256.293046][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1256.311292][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1256.323548][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1256.336295][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1256.349085][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1256.361288][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1256.373506][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1256.385751][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1256.398624][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1256.410795][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1261.276679][ C1] net_ratelimit: 12376 callbacks suppressed [ 1261.276697][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1261.294870][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1261.307722][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1261.319945][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1261.332154][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1261.344547][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1261.357428][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1261.369602][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1261.381845][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1261.394101][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1266.260666][ C1] net_ratelimit: 12151 callbacks suppressed [ 1266.260683][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1266.279477][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1266.291695][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1266.305557][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1266.318399][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1266.332296][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1266.344526][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1266.356818][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1266.369186][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1266.382189][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1271.244753][ C1] net_ratelimit: 12003 callbacks suppressed [ 1271.244771][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1271.262994][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1271.275239][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1271.287543][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1271.300348][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1271.312501][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1271.324793][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1271.337072][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1271.349925][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1271.362102][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1276.228904][ C1] net_ratelimit: 12225 callbacks suppressed [ 1276.228922][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1276.247830][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1276.260152][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1276.272414][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1276.284788][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1276.297791][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1276.310146][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1276.322684][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1276.335105][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1276.348168][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1281.212994][ C1] net_ratelimit: 12233 callbacks suppressed [ 1281.213011][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1281.231468][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1281.244728][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1281.257089][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1281.269348][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1281.281847][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1281.295218][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1281.307538][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1281.319891][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1281.332346][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1286.197211][ C1] net_ratelimit: 12138 callbacks suppressed [ 1286.197246][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1286.215478][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1286.228321][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1286.240606][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1286.252792][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1286.265279][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1286.278353][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1286.290763][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1286.303097][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1286.315441][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1291.181205][ C1] net_ratelimit: 12175 callbacks suppressed [ 1291.181223][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1291.200002][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1291.212215][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1291.224594][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1291.237002][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1291.249888][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1291.262439][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1291.274880][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1291.287260][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1291.300204][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1296.165721][ C1] net_ratelimit: 12615 callbacks suppressed [ 1296.165738][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1296.183855][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1296.196663][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1296.208925][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1296.221713][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1296.233850][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1296.246020][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1296.258285][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1296.271049][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1296.283314][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1301.149372][ C1] net_ratelimit: 12963 callbacks suppressed [ 1301.149390][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1301.167973][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1301.180351][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1301.193339][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1301.205555][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1301.217872][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1301.230123][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1301.243070][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1301.255477][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1301.267719][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1306.133522][ C1] net_ratelimit: 12659 callbacks suppressed [ 1306.133542][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1306.151779][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1306.164625][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1306.176971][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1306.189371][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1306.201755][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1306.214797][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1306.227090][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1306.239427][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1306.251874][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1311.117525][ C1] net_ratelimit: 9202 callbacks suppressed [ 1311.117544][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1311.152292][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1311.170729][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1311.191579][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1311.211607][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1311.228172][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1311.247392][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1311.263276][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1311.278435][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1311.294746][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1312.088367][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 1312.096790][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P24537/1:b..l P19847/1:b..l P24019/1:b..l [ 1312.127234][ C1] rcu: (detected by 1, t=10502 jiffies, g=181369, q=570 ncpus=1) [ 1312.148249][ C1] task:udevd state:R running task stack:27512 pid:24019 tgid:24019 ppid:5198 task_flags:0x40014c flags:0x00080000 [ 1312.174805][ C1] Call Trace: [ 1312.178908][ C1] [ 1312.182818][ C1] ? __schedule+0x10b9/0x6150 [ 1312.188775][ C1] __schedule+0x1139/0x6150 [ 1312.194247][ C1] ? __pfx___schedule+0x10/0x10 [ 1312.208249][ C1] ? mark_held_locks+0x49/0x80 [ 1312.217467][ C1] preempt_schedule_irq+0x51/0x90 [ 1312.224236][ C1] irqentry_exit+0x1d8/0x8c0 [ 1312.230751][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1312.237520][ C1] RIP: 0010:__kasan_check_byte+0x9/0x50 [ 1312.247121][ C1] Code: 00 41 5c 41 5d e9 47 34 00 00 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 40 d6 41 54 49 89 f4 <55> 48 89 fd 53 e8 fd 24 00 00 89 c3 84 c0 74 0b 89 d8 5b 5d 41 5c [ 1312.272247][ C1] RSP: 0018:ffffc9000b56f6b0 EFLAGS: 00000202 [ 1312.280044][ C1] RAX: 0000000000000001 RBX: ffffffff8e3c9520 RCX: 0000000000000002 [ 1312.292632][ C1] RDX: 0000000000000000 RSI: ffffffff816c7681 RDI: ffffffff8e3c9520 [ 1312.302084][ C1] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 1312.313019][ C1] R10: 0000000000000002 R11: 000000000000632f R12: ffffffff816c7681 [ 1312.322498][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1312.333469][ C1] ? unwind_next_frame+0xd1/0x20b0 [ 1312.349394][ C1] ? unwind_next_frame+0xd1/0x20b0 [ 1312.356869][ C1] lock_acquire+0xfc/0x330 [ 1312.370128][ C1] ? unwind_next_frame+0x3fe/0x20b0 [ 1312.375527][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1312.382677][ C1] unwind_next_frame+0xd1/0x20b0 [ 1312.387915][ C1] ? unwind_next_frame+0xbd/0x20b0 [ 1312.393244][ C1] ? stack_trace_save+0x8e/0xc0 [ 1312.401258][ C1] ? __unwind_start+0x45f/0x7f0 [ 1312.408675][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1312.415372][ C1] arch_stack_walk+0x94/0x100 [ 1312.421530][ C1] ? stack_trace_save+0x8e/0xc0 [ 1312.427629][ C1] stack_trace_save+0x8e/0xc0 [ 1312.433853][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 1312.450775][ C1] ? __lock_acquire+0x436/0x2890 [ 1312.461839][ C1] kasan_save_stack+0x33/0x60 [ 1312.473073][ C1] kasan_record_aux_stack+0xa7/0xc0 [ 1312.482562][ C1] ? __pfx_slab_free_after_rcu_debug+0x10/0x10 [ 1312.490857][ C1] __call_rcu_common.constprop.0+0xa5/0xa10 [ 1312.498155][ C1] kmem_cache_free+0x171/0x770 [ 1312.508929][ C1] ? exit_mmap+0x507/0xb60 [ 1312.513639][ C1] ? exit_mmap+0x507/0xb60 [ 1312.521454][ C1] exit_mmap+0x507/0xb60 [ 1312.527469][ C1] ? __pfx_exit_mmap+0x10/0x10 [ 1312.533463][ C1] ? __lock_acquire+0x436/0x2890 [ 1312.541093][ C1] ? arch_uprobe_clear_state+0x16/0x150 [ 1312.554675][ C1] __mmput+0x12a/0x410 [ 1312.570139][ C1] mmput+0x62/0x70 [ 1312.574144][ C1] do_exit+0x7d7/0x2bd0 [ 1312.590711][ C1] ? do_raw_spin_lock+0x12c/0x2b0 [ 1312.600308][ C1] ? __pfx_do_exit+0x10/0x10 [ 1312.607668][ C1] ? rcu_is_watching+0x12/0xc0 [ 1312.615362][ C1] do_group_exit+0xd3/0x2a0 [ 1312.623693][ C1] __x64_sys_exit_group+0x3e/0x50 [ 1312.631916][ C1] x64_sys_call+0x151c/0x1740 [ 1312.637394][ C1] do_syscall_64+0xcd/0xf80 [ 1312.653732][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1312.666657][ C1] RIP: 0033:0x7efd964f16c5 [ 1312.671358][ C1] RSP: 002b:00007fff9cc67778 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 1312.684939][ C1] RAX: ffffffffffffffda RBX: 000055f5f0631ca0 RCX: 00007efd964f16c5 [ 1312.694002][ C1] RDX: 00000000000000e7 RSI: fffffffffffffe68 RDI: 0000000000000000 [ 1312.714506][ C1] RBP: 000055f5f062a910 R08: 0000000000000000 R09: 0000000000000000 [ 1312.732916][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1312.751372][ C1] R13: 00007fff9cc677c0 R14: 0000000000000000 R15: 0000000000000000 [ 1312.764170][ C1] [ 1312.770119][ C1] task:udevd state:R running task stack:25976 pid:19847 tgid:19847 ppid:5198 task_flags:0x40014c flags:0x00080000 [ 1312.795118][ C1] Call Trace: [ 1312.808794][ C1] [ 1312.811825][ C1] ? __schedule+0x10b9/0x6150 [ 1312.817043][ C1] __schedule+0x1139/0x6150 [ 1312.830270][ C1] ? lock_is_held_type+0x107/0x150 [ 1312.835857][ C1] ? __pfx___schedule+0x10/0x10 [ 1312.850953][ C1] ? find_held_lock+0x2b/0x80 [ 1312.857481][ C1] ? preempt_schedule_thunk+0x16/0x30 [ 1312.872850][ C1] preempt_schedule_common+0x44/0xc0 [ 1312.887216][ C1] preempt_schedule_thunk+0x16/0x30 [ 1312.894110][ C1] _raw_spin_unlock+0x3e/0x50 [ 1312.908103][ C1] unmap_page_range+0x1047/0x43c0 [ 1312.914405][ C1] ? __pfx_unmap_page_range+0x10/0x10 [ 1312.928246][ C1] ? mas_next_slot+0x12d3/0x1cb0 [ 1312.935400][ C1] unmap_single_vma+0x153/0x240 [ 1312.950258][ C1] unmap_vmas+0x218/0x470 [ 1312.954793][ C1] ? __pfx_unmap_vmas+0x10/0x10 [ 1312.970147][ C1] ? mas_next_slot+0x12d3/0x1cb0 [ 1312.975291][ C1] exit_mmap+0x1b0/0xb60 [ 1312.984194][ C1] ? __pfx_exit_mmap+0x10/0x10 [ 1312.991295][ C1] ? __lock_acquire+0x436/0x2890 [ 1312.996507][ C1] ? arch_uprobe_clear_state+0x16/0x150 [ 1313.008244][ C1] __mmput+0x12a/0x410 [ 1313.012527][ C1] mmput+0x62/0x70 [ 1313.016620][ C1] do_exit+0x7d7/0x2bd0 [ 1313.030437][ C1] ? do_raw_spin_lock+0x12c/0x2b0 [ 1313.035555][ C1] ? __pfx_do_exit+0x10/0x10 [ 1313.042841][ C1] ? rcu_is_watching+0x12/0xc0 [ 1313.052852][ C1] do_group_exit+0xd3/0x2a0 [ 1313.059701][ C1] __x64_sys_exit_group+0x3e/0x50 [ 1313.071643][ C1] x64_sys_call+0x151c/0x1740 [ 1313.079085][ C1] do_syscall_64+0xcd/0xf80 [ 1313.091533][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1313.098264][ C1] RIP: 0033:0x7efd964f16c5 [ 1313.105667][ C1] RSP: 002b:00007fff9cc67778 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 1313.117940][ C1] RAX: ffffffffffffffda RBX: 000055f5f0651b60 RCX: 00007efd964f16c5 [ 1313.127225][ C1] RDX: 00000000000000e7 RSI: fffffffffffffe68 RDI: 0000000000000000 [ 1313.136007][ C1] RBP: 000055f5f062a910 R08: 0000000000000000 R09: 0000000000000000 [ 1313.152710][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1313.165122][ C1] R13: 00007fff9cc677c0 R14: 0000000000000000 R15: 0000000000000000 [ 1313.176216][ C1] [ 1313.182112][ C1] task:udevd state:R running task stack:26136 pid:24537 tgid:24537 ppid:5198 task_flags:0x40014c flags:0x00080000 [ 1313.200717][ C1] Call Trace: [ 1313.206365][ C1] [ 1313.209508][ C1] ? __schedule+0x10b9/0x6150 [ 1313.216756][ C1] __schedule+0x1139/0x6150 [ 1313.224290][ C1] ? __pfx___schedule+0x10/0x10 [ 1313.234582][ C1] ? mark_held_locks+0x49/0x80 [ 1313.240917][ C1] preempt_schedule_irq+0x51/0x90 [ 1313.248643][ C1] irqentry_exit+0x1d8/0x8c0 [ 1313.255641][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1313.262623][ C1] RIP: 0010:lock_acquire+0x62/0x330 [ 1313.270471][ C1] Code: bb 18 12 83 f8 07 0f 87 a2 02 00 00 89 c0 48 0f a3 05 f2 63 ef 0e 0f 82 74 02 00 00 8b 35 6a 94 ef 0e 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 09 bb 18 12 0f 85 ad 02 00 00 48 83 c4 [ 1313.312602][ C1] RSP: 0018:ffffc9000bea7530 EFLAGS: 00000206 [ 1313.329662][ C1] RAX: 0000000000000046 RBX: ffffffff8e3c9520 RCX: 0000000029d7c355 [ 1313.349502][ C1] RDX: 0000000000000000 RSI: ffffffff8daa494a RDI: ffffffff8bf2b580 [ 1313.369383][ C1] RBP: 0000000000000002 R08: 000000009a61b8b6 R09: 0000000069a61b8b [ 1313.377812][ C1] R10: 0000000000000002 R11: ffff88807c9f66b0 R12: 0000000000000000 [ 1313.394209][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1313.406331][ C1] ? unwind_next_frame+0x3f4/0x20b0 [ 1313.412127][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1313.425455][ C1] unwind_next_frame+0xd1/0x20b0 [ 1313.433653][ C1] ? unwind_next_frame+0xbd/0x20b0 [ 1313.449376][ C1] ? exit_mmap+0x3f1/0xb60 [ 1313.454768][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1313.463742][ C1] arch_stack_walk+0x94/0x100 [ 1313.470366][ C1] ? exit_mmap+0x3f1/0xb60 [ 1313.475339][ C1] stack_trace_save+0x8e/0xc0 [ 1313.480927][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 1313.492522][ C1] ? __lock_acquire+0x436/0x2890 [ 1313.497726][ C1] ? __lock_acquire+0x436/0x2890 [ 1313.504306][ C1] kasan_save_stack+0x33/0x60 [ 1313.510241][ C1] ? kasan_save_stack+0x33/0x60 [ 1313.516141][ C1] ? kasan_save_track+0x14/0x30 [ 1313.523238][ C1] ? __kasan_kmalloc+0xaa/0xb0 [ 1313.530229][ C1] ? kmem_cache_free+0x147/0x770 [ 1313.535885][ C1] ? __put_anon_vma+0x114/0x3a0 [ 1313.548507][ C1] ? unlink_anon_vmas+0x58a/0x820 [ 1313.554444][ C1] ? free_pgtables+0x212/0xc10 [ 1313.563700][ C1] ? exit_mmap+0x3f1/0xb60 [ 1313.568976][ C1] kasan_save_track+0x14/0x30 [ 1313.574938][ C1] __kasan_kmalloc+0xaa/0xb0 [ 1313.579907][ C1] kmem_cache_free+0x147/0x770 [ 1313.588301][ C1] ? __put_anon_vma+0x114/0x3a0 [ 1313.595437][ C1] ? __put_anon_vma+0x114/0x3a0 [ 1313.610605][ C1] __put_anon_vma+0x114/0x3a0 [ 1313.615738][ C1] unlink_anon_vmas+0x58a/0x820 [ 1313.621378][ C1] free_pgtables+0x212/0xc10 [ 1313.628098][ C1] ? __pfx_free_pgtables+0x10/0x10 [ 1313.636129][ C1] ? __pfx_down_write+0x10/0x10 [ 1313.648028][ C1] exit_mmap+0x3f1/0xb60 [ 1313.652557][ C1] ? __pfx_exit_mmap+0x10/0x10 [ 1313.659954][ C1] ? __lock_acquire+0x436/0x2890 [ 1313.666269][ C1] ? arch_uprobe_clear_state+0x16/0x150 [ 1313.672708][ C1] __mmput+0x12a/0x410 [ 1313.677619][ C1] mmput+0x62/0x70 [ 1313.681575][ C1] do_exit+0x7d7/0x2bd0 [ 1313.686210][ C1] ? do_raw_spin_lock+0x12c/0x2b0 [ 1313.692487][ C1] ? __pfx_do_exit+0x10/0x10 [ 1313.697428][ C1] ? rcu_is_watching+0x12/0xc0 [ 1313.703971][ C1] do_group_exit+0xd3/0x2a0 [ 1313.711281][ C1] __x64_sys_exit_group+0x3e/0x50 [ 1313.716943][ C1] x64_sys_call+0x151c/0x1740 [ 1313.723082][ C1] do_syscall_64+0xcd/0xf80 [ 1313.731880][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1313.748659][ C1] RIP: 0033:0x7efd964f16c5 [ 1313.755176][ C1] RSP: 002b:00007fff9cc67778 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 1313.773604][ C1] RAX: ffffffffffffffda RBX: 000055f5f078d020 RCX: 00007efd964f16c5 [ 1313.792487][ C1] RDX: 00000000000000e7 RSI: fffffffffffffe68 RDI: 0000000000000000 [ 1313.811073][ C1] RBP: 000055f5f062a910 R08: 0000000000000000 R09: 0000000000000000 [ 1313.829362][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1313.845260][ C1] R13: 00007fff9cc677c0 R14: 0000000000000000 R15: 0000000000000000 [ 1313.857999][ C1] [ 1313.870017][ C1] rcu: rcu_preempt kthread starved for 7025 jiffies! g181369 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 1313.890948][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 1313.913997][ C1] rcu: RCU grace-period kthread stack dump: [ 1313.928594][ C1] task:rcu_preempt state:R running task stack:28024 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00080000 [ 1313.954850][ C1] Call Trace: [ 1313.963992][ C1] [ 1313.968292][ C1] ? __schedule+0x10b9/0x6150 [ 1313.975543][ C1] __schedule+0x1139/0x6150 [ 1313.983285][ C1] ? __lock_acquire+0x436/0x2890 [ 1313.989008][ C1] ? __mod_timer+0x8f2/0xd30 [ 1313.993974][ C1] ? __pfx___schedule+0x10/0x10 [ 1313.999951][ C1] ? find_held_lock+0x2b/0x80 [ 1314.008790][ C1] ? schedule+0x2d7/0x3a0 [ 1314.013757][ C1] schedule+0xe7/0x3a0 [ 1314.020197][ C1] schedule_timeout+0x123/0x290 [ 1314.033114][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 1314.048367][ C1] ? __pfx_process_timeout+0x10/0x10 [ 1314.054845][ C1] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1314.067415][ C1] ? prepare_to_swait_event+0xf5/0x480 [ 1314.073050][ C1] rcu_gp_fqs_loop+0x1ea/0xaf0 [ 1314.079021][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 1314.091026][ C1] ? lockdep_hardirqs_on+0x7c/0x110 [ 1314.097305][ C1] ? __pfx_rcu_gp_init+0x10/0x10 [ 1314.105602][ C1] ? rcu_gp_cleanup+0x7c1/0xe90 [ 1314.111764][ C1] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1314.120944][ C1] rcu_gp_kthread+0x26d/0x380 [ 1314.128234][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1314.134005][ C1] ? rcu_is_watching+0x12/0xc0 [ 1314.139830][ C1] ? lockdep_hardirqs_on+0x7c/0x110 [ 1314.150859][ C1] ? __kthread_parkme+0x19e/0x250 [ 1314.156795][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1314.174688][ C1] kthread+0x3c5/0x780 [ 1314.188386][ C1] ? __pfx_kthread+0x10/0x10 [ 1314.196141][ C1] ? rcu_is_watching+0x12/0xc0 [ 1314.208526][ C1] ? __pfx_kthread+0x10/0x10 [ 1314.213229][ C1] ret_from_fork+0x983/0xb10 [ 1314.228609][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 1314.234794][ C1] ? __switch_to+0x7af/0x10d0 [ 1314.249049][ C1] ? __pfx_kthread+0x10/0x10 [ 1314.253677][ C1] ret_from_fork_asm+0x1a/0x30 [ 1314.268890][ C1] [ 1314.272067][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 1314.291233][ C1] CPU: 1 UID: 0 PID: 15782 Comm: kworker/u8:34 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1314.317051][ C1] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1314.332509][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1314.352971][ C1] Workqueue: events_unbound cfg80211_wiphy_work [ 1314.364826][ C1] RIP: 0010:lock_acquire+0x133/0x330 [ 1314.372581][ C1] Code: 00 65 8b 05 a7 01 19 12 85 c0 0f 85 a2 00 00 00 65 48 8b 05 67 ba 18 12 8b 90 2c 0b 00 00 85 d2 0f 85 8c 00 00 00 9c 8f 04 24 48 c7 c7 fc ae bb 8d e8 a0 f9 db 09 45 89 e0 89 e9 44 89 ea 65 [ 1314.414368][ C1] RSP: 0018:ffffc90000a081d0 EFLAGS: 00000246 [ 1314.431966][ C1] RAX: ffff88802bcbbd00 RBX: ffffffff8e3c9520 RCX: 0000000000000001 [ 1314.452066][ C1] RDX: 0000000000000000 RSI: ffffffff816c7681 RDI: fffffbfff1c792a4 [ 1314.468238][ C1] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 1314.479203][ C1] R10: 0000000000000002 R11: 0000000000094318 R12: 0000000000000000 [ 1314.490650][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1314.503220][ C1] FS: 0000000000000000(0000) GS:ffff8881249fc000(0000) knlGS:0000000000000000 [ 1314.529053][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1314.536664][ C1] CR2: 00007fe07d46784f CR3: 00000000758fe000 CR4: 00000000003526f0 [ 1314.569216][ C1] Call Trace: [ 1314.573649][ C1] [ 1314.576946][ C1] ? unwind_next_frame+0x3f4/0x20b0 [ 1314.589453][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1314.597359][ C1] unwind_next_frame+0xd1/0x20b0 [ 1314.612561][ C1] ? unwind_next_frame+0xbd/0x20b0 [ 1314.629993][ C1] ? __netif_receive_skb_core.constprop.0+0x6b3/0x35b0 [ 1314.649560][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1314.656774][ C1] arch_stack_walk+0x94/0x100 [ 1314.671640][ C1] ? __pfx_br_handle_frame+0x10/0x10 [ 1314.677657][ C1] ? __netif_receive_skb_core.constprop.0+0x6b3/0x35b0 [ 1314.694341][ C1] stack_trace_save+0x8e/0xc0 [ 1314.708703][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 1314.715655][ C1] ? br_netif_receive_skb+0xff/0x200 [ 1314.729400][ C1] kasan_save_stack+0x33/0x60 [ 1314.735251][ C1] ? kasan_save_stack+0x33/0x60 [ 1314.750383][ C1] ? kasan_save_track+0x14/0x30 [ 1314.758754][ C1] ? __kasan_slab_alloc+0x89/0x90 [ 1314.772850][ C1] ? kmem_cache_alloc_noprof+0x25e/0x770 [ 1314.780998][ C1] ? __skb_ext_alloc+0x1a/0x80 [ 1314.794996][ C1] ? skb_ext_add+0x242/0x7b0 [ 1314.811526][ C1] ? br_nf_pre_routing_ipv6+0xca/0x8c0 [ 1314.818084][ C1] ? br_nf_pre_routing+0x860/0x15b0 [ 1314.829368][ C1] ? br_handle_frame+0xb28/0x14e0 [ 1314.837708][ C1] ? __netif_receive_skb_core.constprop.0+0x6b3/0x35b0 [ 1314.851880][ C1] kasan_save_track+0x14/0x30 [ 1314.865182][ C1] __kasan_slab_alloc+0x89/0x90 [ 1314.871289][ C1] kmem_cache_alloc_noprof+0x25e/0x770 [ 1314.877115][ C1] ? __skb_ext_alloc+0x1a/0x80 [ 1314.887191][ C1] ? __skb_ext_alloc+0x1a/0x80 [ 1314.892409][ C1] __skb_ext_alloc+0x1a/0x80 [ 1314.901427][ C1] skb_ext_add+0x242/0x7b0 [ 1314.908086][ C1] ? lockdep_hardirqs_on+0x7c/0x110 [ 1314.915586][ C1] ? ebt_do_table+0x1bc9/0x2190 [ 1314.927598][ C1] br_nf_pre_routing_ipv6+0xca/0x8c0 [ 1314.935223][ C1] ? __pfx_br_nf_pre_routing_ipv6+0x10/0x10 [ 1314.948832][ C1] ? lock_acquire+0x179/0x330 [ 1314.954055][ C1] ? find_held_lock+0x2b/0x80 [ 1314.965984][ C1] ? net_generic+0xea/0x2a0 [ 1314.974497][ C1] br_nf_pre_routing+0x860/0x15b0 [ 1314.982651][ C1] br_handle_frame+0xb28/0x14e0 [ 1314.990391][ C1] ? __pfx_br_handle_frame+0x10/0x10 [ 1314.997998][ C1] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 1315.006108][ C1] ? __pfx_br_handle_frame+0x10/0x10 [ 1315.011916][ C1] __netif_receive_skb_core.constprop.0+0x6b3/0x35b0 [ 1315.022851][ C1] ? kmem_cache_free+0x2d8/0x770 [ 1315.030832][ C1] ? find_held_lock+0x2b/0x80 [ 1315.037171][ C1] ? kfree_skbmem+0x1a4/0x1f0 [ 1315.051750][ C1] ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10 [ 1315.059447][ C1] ? kfree_skbmem+0x1a4/0x1f0 [ 1315.072099][ C1] ? kfree_skbmem+0x1a4/0x1f0 [ 1315.077052][ C1] ? sk_skb_reason_drop+0x136/0x1a0 [ 1315.088262][ C1] ? ip6_mc_input+0x515/0xf60 [ 1315.094892][ C1] ? __pfx_ip6_mc_input+0x10/0x10 [ 1315.108968][ C1] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 1315.115329][ C1] ? __lock_acquire+0x436/0x2890 [ 1315.126045][ C1] ? process_backlog+0x450/0x1650 [ 1315.131625][ C1] __netif_receive_skb_one_core+0xb0/0x1e0 [ 1315.138705][ C1] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 1315.152140][ C1] ? lock_acquire+0x179/0x330 [ 1315.169514][ C1] ? process_backlog+0x450/0x1650 [ 1315.176233][ C1] __netif_receive_skb+0x1d/0x160 [ 1315.184103][ C1] process_backlog+0x4a2/0x1650 [ 1315.190542][ C1] __napi_poll.constprop.0+0xb3/0x540 [ 1315.196595][ C1] net_rx_action+0x9f9/0xfa0 [ 1315.210176][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 1315.217063][ C1] ? __print_lock_name+0x50/0xe0 [ 1315.233115][ C1] ? kvm_sched_clock_read+0x11/0x20 [ 1315.248219][ C1] ? sched_clock+0x38/0x60 [ 1315.253893][ C1] ? sched_clock_cpu+0x6c/0x530 [ 1315.261902][ C1] ? mark_held_locks+0x49/0x80 [ 1315.272176][ C1] handle_softirqs+0x219/0x950 [ 1315.278098][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 1315.290924][ C1] ? cfg80211_inform_single_bss_data+0x9ad/0x1d30 [ 1315.308240][ C1] do_softirq+0xb2/0xf0 [ 1315.313953][ C1] [ 1315.316982][ C1] [ 1315.320919][ C1] __local_bh_enable_ip+0x100/0x120 [ 1315.329335][ C1] cfg80211_inform_single_bss_data+0x9ad/0x1d30 [ 1315.337205][ C1] ? unwind_next_frame+0x3f4/0x20b0 [ 1315.348223][ C1] ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10 [ 1315.369318][ C1] ? stack_trace_save+0x8e/0xc0 [ 1315.374457][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 1315.386096][ C1] ? stack_depot_save_flags+0x29/0x9b0 [ 1315.395444][ C1] ? cfg80211_inform_bss_data+0x22b/0x3be0 [ 1315.402711][ C1] cfg80211_inform_bss_data+0x22b/0x3be0 [ 1315.410481][ C1] ? __kasan_kmalloc+0xaa/0xb0 [ 1315.418208][ C1] ? __kmalloc_noprof+0x33d/0x910 [ 1315.430663][ C1] ? ieee802_11_parse_elems_full+0x1db/0x3780 [ 1315.437606][ C1] ? ieee80211_ibss_rx_queued_mgmt+0xc85/0x2fc0 [ 1315.453687][ C1] ? cfg80211_wiphy_work+0x3fb/0x560 [ 1315.468302][ C1] ? kthread+0x3c5/0x780 [ 1315.472915][ C1] ? ret_from_fork+0x983/0xb10 [ 1315.478472][ C1] ? ret_from_fork_asm+0x1a/0x30 [ 1315.493320][ C1] ? __pfx_cfg80211_inform_bss_data+0x10/0x10 [ 1315.504015][ C1] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1315.511162][ C1] ? _ieee802_11_parse_elems_full+0x695/0x45a0 [ 1315.521057][ C1] ? __lock_acquire+0x436/0x2890 [ 1315.529049][ C1] ? ieee802_11_parse_elems_full+0x143/0x3780 [ 1315.535841][ C1] cfg80211_inform_bss_frame_data+0x26f/0x720 [ 1315.548827][ C1] ieee80211_bss_info_update+0x310/0xab0 [ 1315.555282][ C1] ? __pfx_ieee80211_bss_info_update+0x10/0x10 [ 1315.565535][ C1] ? find_held_lock+0x2b/0x80 [ 1315.571064][ C1] ? ieee80211_ibss_rx_queued_mgmt+0x18ed/0x2fc0 [ 1315.577936][ C1] ieee80211_ibss_rx_queued_mgmt+0x1927/0x2fc0 [ 1315.590818][ C1] ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10 [ 1315.599948][ C1] ? kcov_remote_start+0x399/0x680 [ 1315.609286][ C1] ieee80211_iface_work+0xe28/0x1350 [ 1315.615723][ C1] ? rcu_is_watching+0x12/0xc0 [ 1315.626363][ C1] cfg80211_wiphy_work+0x3fb/0x560 [ 1315.632421][ C1] process_one_work+0x9ba/0x1b20 [ 1315.637937][ C1] ? __pfx_process_one_work+0x10/0x10 [ 1315.648883][ C1] ? assign_work+0x1a0/0x250 [ 1315.656410][ C1] worker_thread+0x6c8/0xf10 [ 1315.670006][ C1] ? __kthread_parkme+0x19e/0x250 [ 1315.675045][ C1] ? __pfx_worker_thread+0x10/0x10 [ 1315.689652][ C1] kthread+0x3c5/0x780 [ 1315.694151][ C1] ? __pfx_kthread+0x10/0x10 [ 1315.708297][ C1] ? rcu_is_watching+0x12/0xc0 [ 1315.716305][ C1] ? __pfx_kthread+0x10/0x10 [ 1315.733744][ C1] ret_from_fork+0x983/0xb10 [ 1315.748619][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 1315.757702][ C1] ? __switch_to+0x7af/0x10d0 [ 1315.769615][ C1] ? __pfx_kthread+0x10/0x10 [ 1315.774933][ C1] ret_from_fork_asm+0x1a/0x30 [ 1315.788795][ C1] [ 1316.102178][ C1] net_ratelimit: 1321 callbacks suppressed [ 1316.102201][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1316.130509][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1316.149811][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1316.168820][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1316.188032][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1316.210094][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1316.233532][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1316.252322][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1316.268729][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1316.289556][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1321.085610][ C1] net_ratelimit: 8043 callbacks suppressed [ 1321.085629][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1321.110592][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1321.127360][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1321.147667][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1321.163854][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1321.184408][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1321.204561][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1321.229024][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:56:55:42:7e:3d:d6, vlan:0) [ 1321.245708][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1321.264635][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)