last executing test programs: 33.400487374s ago: executing program 2 (id=7): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_wireguard(0x0, r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'wg0\x00'}) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0xf000, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x2, 0x0) socket(0x28, 0x1, 0x0) r1 = socket(0x2, 0x5, 0x0) sysfs$auto(0x2, 0x0, 0x0) r2 = epoll_create$auto(0x7) r3 = socket$nl_generic(0x10, 0x3, 0x10) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0xffffffffffffffff, 0x2) epoll_ctl$auto(0x5, 0x1, r3, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) epoll_ctl$auto(0x5, 0x3, r3, 0x0) epoll_wait$auto(r2, 0x0, 0xe007, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x15) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x20040844) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x17}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r1, 0x0, 0x39b9) r4 = openat$auto_debug_help_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) read$auto_debug_help_fops_orangefs_debugfs(r4, &(0x7f0000000340)=""/231, 0xe7) writev$auto(0x3, 0x0, 0x8) 31.405061316s ago: executing program 2 (id=14): mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/trace_options\x00', 0xc200, 0x0) write$auto_def_blk_fops_fs(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x15, 0x5, 0x0) r1 = getsockopt$auto(r0, 0x114, 0x2718, 0xfffffffffffffffc, 0x0) linkat$auto(r1, &(0x7f0000000180)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00', 0xe28a) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) r2 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) close_range$auto(0x2, 0xa, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x22) socket(0xa, 0x2, 0x0) openat$auto_clk_dump_fops_(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/clk/clk_orphan_dump\x00', 0x42080, 0x0) read$auto_trace_fops_debugfs(r2, &(0x7f00000001c0)=""/227, 0xe3) unshare$auto(0x40000080) mmap$auto(0x0, 0x8, 0x1000e2, 0xeb1, 0x405, 0x100008000) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtdblock0\x00', 0x4ea06, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r3, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r0) sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000000b40)={0x3e4, r4, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, 0x5}, @NL80211_ATTR_ROAM_SUPPORT={0x4}, @NL80211_ATTR_DISABLE_EHT={0x4}, @NL80211_ATTR_TX_RATES={0x392, 0x5a, 0x0, 0x1, [@nested={0x68, 0x4d, 0x0, 0x1, [@typed={0x8, 0xd9, 0x0, 0x0, @fd}, @generic="25f46400e9801b908e0ebfcf0840ffab99e400ff1dccccbc3f1faaa2d14ced3bd89df02e5750da66020ff70ae6701b75b37a0dd16bea520d3875b786f9cfbf9ad5ccf1a895eaa28d7c3878d0ae216b5553f99d18", @nested={0x4, 0x112}, @nested={0x4, 0x3a}]}, @nested={0x2d7, 0xc5, 0x0, 0x1, [@generic="0f0c1ace004e0d43f4d22628667d9a8403f1359451c130d82bc571815ddc6c32814e0a9552a67a27971bc182586b56e9e7c4e1ca8b3edeee6ceea2d69c179de260b0905ceb9337a64fbf64c2e8942e73c02e76b0c1991902e1ffd6109c9523bfaf3722d7efd5b00d7704dcebccd919609ebc7b4fb0c59bf94463ad7146b1cbd498cc955807ce66bcfc7efb6adff89f0bec8531e395f6d6206da6bcc9620d4946761142f5c3b97ec05834273b1576a9d8a24453df3b33fdc7de350210a7f5d9fb0bf8cf5cc03dcafcbc6b346ef7bd46d4c46fd682530ddb991b894aad18f0aea2699fcddae08a60", @typed={0x6, 0xce, 0x0, 0x0, @str='#\x00'}, @typed={0xc, 0x6b, 0x0, 0x0, @u64=0x6}, @nested={0x4, 0x10d}, @nested={0x1cc, 0xe3, 0x0, 0x1, [@nested={0xec, 0x123, 0x0, 0x1, [@typed={0x8, 0x33, 0x0, 0x0, @ipv4=@private=0xa010102}, @generic="2e282db9ecfe31178a2d4609e99db4b9f52af9b1da896f91db3722ad717e11a3d0a1164be715cfca89bb1114f9a24cfc9103a2c50402be1bea97f44d4dcf191843a1abe09d2e09bf69334fb889fc0c8b9837761d4076bd0c26e7f60638f7bd7c22dbefbd17f64419727a3cf7d5691a8cec300b676a3e837691432bf4fb20e9c4d38a09b8efd59ed0276d6318e4a6fdcf0a11f232dbc4eae435e3b87548ee44be769cd7fd17704869a6a5f3c6544ada24ef86371d9c121347da3f42fabd63d8c42123b1ebdae8d406739f27098c4921ad50fba1c9a05a51645046b194501d424d"]}, @nested={0xd6, 0x11a, 0x0, 0x1, [@generic="20c2327217679ad5b4316e4a54a9dcb5dc354ece7d2a8a5aa04133ded7adb0041a0968e5453b921efa567baad2fda562dee1dc0f0e1397a2393db870d38f3fddfacab3de2ae3b1d89a54d63f2cf8d23f88db491c6a5627777530a5975c833490058a80d3a0ea27429d5102303f885efdd13c21dab60dfaa552d9731471990cd737ae74b8bf0e991591fad939188dbb1fb724a5fef736bbca877856cb6f996959632bb398e71d0e0ff20a410222c365d4ee0bc7634df19ed23928d53e", @nested={0x4, 0x28}, @nested={0x4, 0x11c}, @generic="ed9101d2b07c33d0ccc33fbf002a"]}, @generic="16a823df"]}, @typed={0x8, 0x56, 0x0, 0x0, @u32}]}, @typed={0x8, 0xa1, 0x0, 0x0, @u32=0x7}, @generic="60600624bf038e63d40f8eb31a1c546a52eaf1791895cae654f75cb5ab17596de8f9efa21439b1dae0a72cf794a3f0529fb8053980268237b18e4d7ddeea318f0c9a79a9eb60"]}, @NL80211_ATTR_FILS_KEK={0x14, 0xf2, "0000000000000006d7206f0b000000af"}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x5}, @NL80211_ATTR_STA_VLAN={0x8, 0x14, 0x10000}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0x6}]}, 0x3e4}, 0x1, 0x0, 0x0, 0x4008084}, 0x4080) socket(0x2b, 0x1, 0x1) r5 = getegid() setregid$auto(r5, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) getpid() mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) 28.846135758s ago: executing program 2 (id=19): sendmsg$auto_NL80211_CMD_NEW_MPATH(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x6c, 0x0, 0x20, 0x70bd2b, 0x25dfdbfe, {}, [@NL80211_ATTR_TDLS_OPERATION={0x5}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "a1b2bee040eb72f262e9e123bed4b123cf62018969fec1ea"}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2a0}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6}, @NL80211_ATTR_TIMEOUT_REASON={0x8, 0xf8, 0x3}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x8}, @NL80211_ATTR_CENTER_FREQ1_OFFSET={0x8, 0x123, 0x9}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x60}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40}, 0x84040) keyctl$auto(0x9, 0xfffffffb, 0xfffffffffffffffb, 0x9dc1, 0x200000ffe) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:01.0/remove\x00', 0xb01, 0x0) write$auto(r0, &(0x7f0000000100)='9\x00d1L\xff\x15\xba\xa17=w\xc1\xf8\xff\xff\v\xb5^\xa1/\xfb\xaf\xc8\xfc\\\xa9@\xc0\xee\xa2[', 0x1) getsockopt$auto_SO_RESERVE_MEM(r0, 0x3, 0x49, &(0x7f0000000000)='9\x00d1L\xff\x15\xba\xa17=w\xc1\xf8\xff\xff\v\xb5^\xa1/\xfb\xaf\xc8\xfc\\\xa9@\xc0\xee\xa2[', &(0x7f0000000040)=0x4) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) removexattr$auto(&(0x7f00000003c0)='./cgroup\x00', &(0x7f0000000400)='/dev/mtdblock0\x00') 28.249710565s ago: executing program 2 (id=20): r0 = socket(0x2a, 0x2, 0x1) connect$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0) r1 = pidfd_open$auto(0x1, 0x0) mmap$auto(0x0, 0x2, 0x3, 0x20eb3, r1, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x5, 0x3, 0x0, 0x0, 0x1) socket(0x1d, 0x2, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) lsm_set_self_attr$auto(0x9, 0x0, 0x80, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000240)='/dev/binderfs/binder0\x00', 0x800, 0x0) socket(0xa, 0x1, 0x100) socket(0x1e, 0x1, 0x0) socket(0x2c, 0x3, 0x9) r3 = socket(0x15, 0x5, 0x0) getsockopt$auto(r3, 0x114, 0x2713, 0xfffffffffffffffc, 0x0) write$auto(0x1, 0x0, 0x80000000) openat$auto_trace_options_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/options/test_nop_refuse\x00', 0x800, 0x0) preadv$auto(0x3, &(0x7f00000004c0)={0x0, 0x8000000}, 0x3, 0x10000, 0x10) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/netdevsim0/del_port\x00', 0xa001, 0x0) write$auto(r4, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1) fcntl$auto(0x0, 0x407, 0x100000) setns(r1, 0x60020000) umount2$auto(&(0x7f0000000000)='.\x00', 0x8) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r5, 0x0, 0x1f40) 25.808906061s ago: executing program 2 (id=29): ioctl$auto(0x3, 0x4b67, 0x38) 24.914666396s ago: executing program 2 (id=34): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_ipsec_dbg_fops_ipsec(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim6/ports/0/ipsec\x00', 0x80, 0x0) r0 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r0, 0x107, 0x5, 0x0, 0x8004) r1 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0xfff, 0xdf, 0xeb1, 0x401, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x182, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) ioperm$auto(0x3, 0xe, 0x2000000000000149) r4 = getpid() process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0x10ffffffff}, 0x6, 0x0) prctl$auto(0x7f, 0x7, r4, 0x80000000, 0xfffffffeffffffff) msgctl$auto_IPC_RMID(0x9, 0x0, 0x0) statx$auto(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x6, 0x7, &(0x7f0000000280)={0x8, 0x86c1, 0x120000000000, 0x5, 0x0, 0x0, 0x40, 0x0, 0xfffffffffffff5f7, 0x4, 0x7fffffff, 0xd7a2, {0xd, 0xccb}, {0x6, 0xcd}, {0xd, 0x3}, {0x2, 0x5}, 0xfffffbff, 0x1, 0xe, 0x5, 0xe, 0xfe, 0x6, 0x4, 0xf, 0x2, 0xc, 0xb0, [0x7fffffffffffffff, 0x2, 0x3, 0x40, 0x9, 0x7f, 0x4e4c, 0x8, 0xffffffffffff6f4c]}) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={0x0, 0x3d0}, 0x1, 0x0, 0x0, 0x4004004}, 0x800) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/stat/rt_cache\x00', 0x20000, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x8080, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x4, 0x0) socket(0x2, 0x3, 0xa) socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) connect$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x0, @rand_addr=0xe0}, 0x55) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x4000000) 24.473026263s ago: executing program 1 (id=35): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram11\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(0x0, 0xfffffff4, 0x0, 0x5) sysfs$auto(0xfffffffe, 0x10000000000002a, 0x4) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x5094c0, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r1, 0x4008af25, &(0x7f0000000000)=0x7) mmap$auto(0x0, 0x9, 0x8000, 0xe238, 0x602, 0x5) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) rseq$auto(&(0x7f0000000580)={0x5, 0x85, 0x9416, 0x1, 0x7, 0x6, "551e7285968d8e86bd4794a0e875ee9f7b35db28d0a7e72b7a19039c336389cb57a05ba0582cc612c6c0be4beb4cc54d8337d40c93638ba34c4a0435c32a206e808194584d8c359d418662d18943a5e3c6234e712a096205457b56f0a1e5d4d19835696295a54f38117d9d751e23b5fb61daa5a6b2c75148106dc167a20061e3fe55cc53ffadf62b0945da4b27515a0102a8d2d002a842362b4744b8972a5e11e8a6aab89c7b85947f3901d696d459641aa7e6b89b73387ec5fa2d2af6c992213d82c5774c4bcd4187585bcf652af094e988e75002e01f607abf5e25ae0f5548fd13175b681fc059c1f9160aef893bae78cf6cf62c30fa3f0c5c60cbe383a9c0cc1289519b0c7cff81cc3b4fec739fad19c662b0f98d607b61d825d10e2dd3b27b0f7a6b1adc5a452f344c39da5f086ea7c5d99674ca69c4f5635776e67c151bad72f906cd65231da3a55d6056e23b00686723714fabd752f3e2c86dafdee9d379230c0abeabfde9cf88cae099f3ccc76ea7e64a3734ced5ffe749a8012db53ad4d6a5e347bdd83bb409c1bdb762f4aba145df74833d73ccd583797d4fb4ed3e0c7c29d502aacaef02e114d9e60ca6b0bcb28f825f5d49e94ccd2f830933c39a3ba3782505453e3de872ad8da84a6a22aaa62970428bb9a95d1817dbeeded1c53c5d508dea6cc53d80153b05f954c263278bb9c8bc02f3b1805dd9299dc8b97ebff0165d615ba7bf5ce8c490f4dd273642a18267b0a61a594cb1d608f3dffb292991ea32bb647a6f9b951f283e118dc73b45843b5aa883410e402e3bec9ba889ec237462042cedaed761cca0c3b7058d3ffc276c9a75e18b79804f4e21650d911edbedb9fedd31959a8783b1e39d7d6408554bddb2a5d67703d225fe4422bf2367ca483e77fe479495be3235f4c77b3872a9e33946d2602486b83e84e7d8d1742d369e2d00b9dbb552385502c0f597b3615bed54de65af106b58d2b6bebbdd3fe625152527af965b67e9424da7be2e2574e1492aed568d4faaa9da508e0a2e687876fa291e38b7c3ef38643e2c49e0d46d0f2d53352da2f184c4ced2305865ab0ad1435644419773ea82336ffdf62dd325a6a8b2d199d96dba8a13bb5a86ff65b80818ceb37ee8a2b2a8813b33e474e5b110e1ed13dbc4f52efabbce38935a8ada53a0ed5a1a01453a254a1dc528492159591aa192ff6cfa0b372caf236c78d1a0c94dc37916746358b4cf3cc1c0132657818ce6465e58936dbf5991dfb74ff97382c066ba0ceb06ac4f0c005e4c9166e94161bc08e1c23df7ed3419b10ae229aa6bafb19e6af003c9e319956723d839dc50a7edd8d80bce971ba504e0aac811d76e65acffdc4f7e9836396ba98b824be6cc704c59f5849642b191437a5cf902fc1ac491e8c59241586c6791b282b5cfae57eb7e6792048c4769b5b3f21987ec5097e530fd001da5d2999db4ded708225e9a53a2b48d2be3401a063da3c19168769eccaef710d7c2e06818bb05c4a9aa0ce2785a5a6d2846bac9836f1905a9b042029dcc59d918450b6affb522fbf78116941c5cef4ecb82a2134ee8e67ea6091170b67bfc3abec9e2cfc8208d4ba3bb732230fe6a9470c1152ebdc31bbce93cb742b4484bc1cef4298ce897a36c7e8b3ef8bd1b0e3d4dfa46da8bf89b06d67d8a5da465e8f68f999ec38ef8d1b7972125d2d8492680f6698419313afb74b5f715c90aa5ca0a6ea5561acd89a25d0fd066234b1752d6535251be347d8e69afea162f0ae84aa08a1a5475e6860af5956babe0530b6349e918fa97f14e6a83f7e2054c85ec37424757c49c6b76a889cde8473eebc495ac1088fda54f5c70bb17ef4873bf7b524ae892cd8267adfcd1e7054ac0c8b904855f816cbab8a6c5332d2221060b97931130187e1f07b0b9fad917c06f56d3f9fbca9d0ad93c300d88a6025359eb609e86c2b604d6834cde1351ccb0ba238715d6a77953f58b23a78db05bc38cf1e47d5336226a966af0a88fa19b4d992fc82310b7fceee45a202bfdf759dedee618361082881f91f85020e5282fd6a4ff376455f09bd1ca73b165498937eb7396525f9be44e1d5455f2fb0e9b0d79a2b05104239ddb65afabac40f2568353"}, 0x6, 0x3, 0xff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x1, 0x40009, 0xdf, 0x13, r2, 0x10001) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8df41, 0x0) msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004) socket(0x2a, 0x800, 0x2d2) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3) sendmsg$auto_NL80211_CMD_VENDOR(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="210b2abd7000fedbdf25670010000800c3000000008045758fc058dcee9878afa51ff9a5"], 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x4000000) ioperm$auto(0x3, 0x8001, 0x2000000000000149) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, 0x0, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4) close_range$auto(0x2, 0xa, 0x0) 22.668606148s ago: executing program 3 (id=40): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0xc, 0x20009, 0x5, 0x14, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)) fcntl$auto(r0, 0x402, 0xffffffffffffffff) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x9, 0x7) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3) r1 = socket(0x10, 0x2, 0x6) r2 = syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)={0x24, r2, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@NL802154_ATTR_COORDINATOR={0x10, 0x1e, 0x0, 0x1, [@nested={0xc, 0x5e, 0x0, 0x1, [@nested={0x8, 0x46, 0x0, 0x1, [@nested={0x4, 0xf7}]}]}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008000}, 0x8044) r3 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r3, 0x107, 0x12, 0x0, 0x4) socket(0x11, 0x80003, 0x300) mmap$auto(0x3, 0x8001, 0x62, 0x10, r3, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) accept4$auto(r0, &(0x7f0000000000)=@llc={0x1a, 0x335, 0x80, 0x6, 0x9, 0x8, @remote}, &(0x7f0000000080)=0x2, 0x8) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x248340, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) fsopen$auto(0x0, 0x1) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_SOCK_GET(r4, &(0x7f00000022c0)={0x0, 0x0, &(0x7f0000002280)={&(0x7f0000000300)={0x14, r5, 0xe77c815741d6438d, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x42010}, 0x8cc) 22.648536193s ago: executing program 1 (id=41): setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b) 22.322757797s ago: executing program 0 (id=42): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x7ffc) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff) mmap$auto(0x2, 0xaa06, 0xe2, 0xeb1, 0xffffffffffffffff, 0x2) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nbd9\x00', 0x2000, 0x0) madvise$auto(0x4, 0xeba8, 0x17) close_range$auto(0x2, 0x8, 0x0) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000040), 0x18000, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x42c883, 0x0) mmap$auto(0x0, 0x428, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(r0, 0xffffffffffffffff, 0x40002) io_uring_setup$auto(0x7, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x181902, 0x0) io_uring_setup$auto(0x6, 0x0) mbind$auto(0x5, 0x0, 0xa98, &(0x7f0000000180)=0x100000000, 0xfffffffffffffffc, 0x3f) io_uring_register$auto(0x2, 0x1e, &(0x7f0000000180), 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/nr3/queues/rx-0/rps_flow_cnt\x00', 0x200, 0x0) read$auto(r1, 0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x20040, 0x0) openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/options/markers\x00', 0x42, 0x0) writev$auto(0x4, &(0x7f0000000080)={0x0, 0x8}, 0x1) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000300), 0x60081, 0x0) ioctl$auto_PPPIOCATTACH(r2, 0x4004743d, 0x0) 22.32261346s ago: executing program 1 (id=43): r0 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000480)='/sys/kernel/debug/dri/vkms/framebuffer\x00', 0x800, 0x0) read$auto(r0, &(0x7f00000004c0)='nl80211\x00', 0x8) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) read$auto(r1, 0x0, 0x1f40) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000080)={0x0, 0x8ece}, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_ipsec_dbg_fops_ipsec(0xffffffffffffff9c, 0x0, 0x80, 0x0) unshare$auto(0x40000080) r3 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r3, 0x107, 0x5, 0x0, 0x8004) r4 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0xfff, 0xdf, 0xeb1, 0x401, 0x8000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r5, 0x0, 0x20) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x182, 0x0) writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3) ioperm$auto(0x3, 0xe, 0x2000000000000149) msgctl$auto_IPC_RMID(0x9, 0x0, 0x0) statx$auto(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x6, 0x7, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000800)=ANY=[], 0x3d0}, 0x1, 0x0, 0x0, 0x4004004}, 0x800) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/stat/rt_cache\x00', 0x20000, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x8000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) 21.687918263s ago: executing program 0 (id=44): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x240009, 0xdf, 0x9b72, 0x7, 0x28000) lseek$auto(0x3, 0x7ffffffffffffffd, 0x2) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) mmap$auto(0xa, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x7}, 0x8) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) write$auto(r0, &(0x7f0000000300)='.o\xd3\xa49\xaf\xa9\xe4\xe17\x12\xb3Z\x17I\x82\xdc\xbeiw\xc1\xd1\x8d\x9b\r\x9aR\xe7\x9f\xd8\xab\x16`f\nT\xaa\xfap \xe6\xdaV\xdeD\x8dR5\xd2\xe58\n\xff\x19+\xeb\xb3+\xf6\xc6\a\x00\x00\x00\xf1A\xa5\x95\x1fk\x1f\xff\x99gP\x9e\x88\x97]\x93\xf4\xdd<\xe7p\x0e\xd4C\xdc\x84\v\xafz\xfd\x81\xa3\xb2\xbb\xa4\xd9\xf2P\xa8\xe9\x8f\x13\xa7\x98\x85\xf8\v\aB\xfc\xfa\x14E\xb8y\x884<\xa7\xffyb\x8a\b\xbb\x1b\x13W\xe3\xf7\xd8\x83\xc9\xd7\x8c', 0x6) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2deb43, 0x0) faccessat2$auto(0xffffffffffffffff, 0x0, 0x0, 0x7) read$auto(r1, 0x0, 0x20) r2 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48) faccessat$auto(r2, 0x0, 0x2) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) ptrace$auto(0x10, 0x0, 0x4, 0xff7) ptrace$auto(0x65, 0x0, 0xd33, 0x8000000000000004) ptrace$auto_PTRACE_SETSIGMASK(0x420b, 0x0, 0x2, 0x80000000) mmap$auto(0x2, 0x401, 0x1000, 0x8000000000000011, r0, 0x5) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000280), 0xffffffffffffffff) r4 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) write$auto(r4, 0x0, 0x1ff) mmap$auto(0x400000000000, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x40000008000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x5, 0x0) sendto$auto(0x3, 0x0, 0x13, 0xfffffff8, &(0x7f0000000440)=@tipc=@name={0x1e, 0x2, 0x3, {{0x1, 0x1}}}, 0x20) 21.286678424s ago: executing program 0 (id=45): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_wireguard(0x0, r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'wg0\x00'}) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0xf000, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x2, 0x0) socket(0x28, 0x1, 0x0) r1 = socket(0x2, 0x5, 0x0) sysfs$auto(0x2, 0x0, 0x0) r2 = epoll_create$auto(0x7) r3 = socket$nl_generic(0x10, 0x3, 0x10) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0xffffffffffffffff, 0x2) epoll_ctl$auto(0x5, 0x1, r3, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) epoll_ctl$auto(0x5, 0x3, r3, 0x0) epoll_wait$auto(r2, 0x0, 0xe007, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x15) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x20040844) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x17}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r1, 0x0, 0x39b9) r4 = openat$auto_debug_help_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) read$auto_debug_help_fops_orangefs_debugfs(r4, &(0x7f0000000340)=""/231, 0xe7) writev$auto(0x3, 0x0, 0x8) 21.008090488s ago: executing program 3 (id=46): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) statmount$auto(0x0, 0x0, 0x7ffffffff000, 0x0) 20.849928532s ago: executing program 3 (id=47): mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/trace_options\x00', 0xc200, 0x0) write$auto_def_blk_fops_fs(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x15, 0x5, 0x0) r1 = getsockopt$auto(r0, 0x114, 0x2718, 0xfffffffffffffffc, 0x0) linkat$auto(r1, &(0x7f0000000180)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00', 0xe28a) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) r2 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) close_range$auto(0x2, 0xa, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x22) socket(0xa, 0x2, 0x0) openat$auto_clk_dump_fops_(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/clk/clk_orphan_dump\x00', 0x42080, 0x0) read$auto_trace_fops_debugfs(r2, &(0x7f00000001c0)=""/227, 0xe3) unshare$auto(0x40000080) mmap$auto(0x0, 0x8, 0x1000e2, 0xeb1, 0x405, 0x100008000) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtdblock0\x00', 0x4ea06, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r3, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r0) sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000000b40)={0x3e4, r4, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, 0x5}, @NL80211_ATTR_ROAM_SUPPORT={0x4}, @NL80211_ATTR_DISABLE_EHT={0x4}, @NL80211_ATTR_TX_RATES={0x392, 0x5a, 0x0, 0x1, [@nested={0x68, 0x4d, 0x0, 0x1, [@typed={0x8, 0xd9, 0x0, 0x0, @fd}, @generic="25f46400e9801b908e0ebfcf0840ffab99e400ff1dccccbc3f1faaa2d14ced3bd89df02e5750da66020ff70ae6701b75b37a0dd16bea520d3875b786f9cfbf9ad5ccf1a895eaa28d7c3878d0ae216b5553f99d18", @nested={0x4, 0x112}, @nested={0x4, 0x3a}]}, @nested={0x2d7, 0xc5, 0x0, 0x1, [@generic="0f0c1ace004e0d43f4d22628667d9a8403f1359451c130d82bc571815ddc6c32814e0a9552a67a27971bc182586b56e9e7c4e1ca8b3edeee6ceea2d69c179de260b0905ceb9337a64fbf64c2e8942e73c02e76b0c1991902e1ffd6109c9523bfaf3722d7efd5b00d7704dcebccd919609ebc7b4fb0c59bf94463ad7146b1cbd498cc955807ce66bcfc7efb6adff89f0bec8531e395f6d6206da6bcc9620d4946761142f5c3b97ec05834273b1576a9d8a24453df3b33fdc7de350210a7f5d9fb0bf8cf5cc03dcafcbc6b346ef7bd46d4c46fd682530ddb991b894aad18f0aea2699fcddae08a60", @typed={0x6, 0xce, 0x0, 0x0, @str='#\x00'}, @typed={0xc, 0x6b, 0x0, 0x0, @u64=0x6}, @nested={0x4, 0x10d}, @nested={0x1cc, 0xe3, 0x0, 0x1, [@nested={0xec, 0x123, 0x0, 0x1, [@typed={0x8, 0x33, 0x0, 0x0, @ipv4=@private=0xa010102}, @generic="2e282db9ecfe31178a2d4609e99db4b9f52af9b1da896f91db3722ad717e11a3d0a1164be715cfca89bb1114f9a24cfc9103a2c50402be1bea97f44d4dcf191843a1abe09d2e09bf69334fb889fc0c8b9837761d4076bd0c26e7f60638f7bd7c22dbefbd17f64419727a3cf7d5691a8cec300b676a3e837691432bf4fb20e9c4d38a09b8efd59ed0276d6318e4a6fdcf0a11f232dbc4eae435e3b87548ee44be769cd7fd17704869a6a5f3c6544ada24ef86371d9c121347da3f42fabd63d8c42123b1ebdae8d406739f27098c4921ad50fba1c9a05a51645046b194501d424d"]}, @nested={0xd6, 0x11a, 0x0, 0x1, [@generic="20c2327217679ad5b4316e4a54a9dcb5dc354ece7d2a8a5aa04133ded7adb0041a0968e5453b921efa567baad2fda562dee1dc0f0e1397a2393db870d38f3fddfacab3de2ae3b1d89a54d63f2cf8d23f88db491c6a5627777530a5975c833490058a80d3a0ea27429d5102303f885efdd13c21dab60dfaa552d9731471990cd737ae74b8bf0e991591fad939188dbb1fb724a5fef736bbca877856cb6f996959632bb398e71d0e0ff20a410222c365d4ee0bc7634df19ed23928d53e", @nested={0x4, 0x28}, @nested={0x4, 0x11c}, @generic="ed9101d2b07c33d0ccc33fbf002a"]}, @generic="16a823df"]}, @typed={0x8, 0x56, 0x0, 0x0, @u32}]}, @typed={0x8, 0xa1, 0x0, 0x0, @u32=0x7}, @generic="60600624bf038e63d40f8eb31a1c546a52eaf1791895cae654f75cb5ab17596de8f9efa21439b1dae0a72cf794a3f0529fb8053980268237b18e4d7ddeea318f0c9a79a9eb60"]}, @NL80211_ATTR_FILS_KEK={0x14, 0xf2, "0000000000000006d7206f0b000000af"}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x5}, @NL80211_ATTR_STA_VLAN={0x8, 0x14, 0x10000}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0x6}]}, 0x3e4}, 0x1, 0x0, 0x0, 0x4008084}, 0x4080) socket(0x2b, 0x1, 0x1) r5 = getegid() setregid$auto(r5, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) getpid() mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) 18.237320619s ago: executing program 3 (id=48): r0 = socket$nl_generic(0x10, 0x3, 0x10) read$auto_tracing_readme_fops_trace(0xffffffffffffffff, &(0x7f00000000c0)=""/204, 0xcc) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001a40), r0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) sysfs$auto(0x2, 0x100001000000032, 0x0) mmap$auto(0x0, 0x400008, 0x803c, 0x9b72, 0xffffffffffffffff, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) inotify_rm_watch$auto(0x0, 0x9) r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x5) ioctl$auto(r2, 0x4004af07, r2) r3 = socket(0x2d, 0x2, 0x0) sendmsg$auto_SMC_NETLINK_ENABLE_SEID(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x2d, 0x0, 0x1f, 0x200000}, 0xc, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x8080}, 0x20040804) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r0, &(0x7f0000002f40)={0x0, 0x0, &(0x7f0000002f00)={&(0x7f00000002c0)={0x2c, r1, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@ETHTOOL_A_CABLE_TEST_TDR_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24040000}, 0x4000800) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = io_uring_setup$auto(0x6, 0x0) r6 = socket(0xa, 0x2, 0x88) r7 = bpf$auto(0x0, &(0x7f0000000000)=@link_update={r6, @new_prog_fd=0x4, 0x4, @old_prog_fd=r4}, 0xa3) bpf$auto(0x4, &(0x7f0000000040)=@link_update={r7, @new_prog_fd=r8, 0x1, @old_prog_fd=r5}, 0x9) write$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(r5, &(0x7f00000001c0)="7374dbc7cbbfb0b120343cecef24d4a21baeffe2113e45fbf9af99ee0818642737bb0ee5903085871e0f7867a6a0e5d7feaf4a9c70414ec76acd8518d1c5af1b04354500a8786aea1d6daa6402a7ca6696da16aeeb80dd041cdaf930655fdb25b7089a1a46ad602d8c7592a48743ed293a26d1510376a88ac790b1829328ffbde570dd0372e1f584461f206e3a5c102e8bc1d2303a5a1884f1c9f1efbad08d2f331c6db00aa57bf092247a1f6c4c631f811c9abb6cfd1a8c61ea0babec643ec4d8", 0xc1) 18.218829537s ago: executing program 0 (id=49): mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/maps\x00', 0x2000, 0x0) read$auto_proc_pid_maps_operations_internal(r0, &(0x7f0000000980)=""/4098, 0x1002) renameat2$auto(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x7) syz_clone3(&(0x7f0000000100)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) socket(0x2, 0x3, 0x100) pipe$auto(&(0x7f0000000000)=0xffffffffffffffff) splice$auto(r1, 0x0, 0x2, 0x0, 0x5c, 0x200b66) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x20001, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x106) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback=0xac14140a}, 0x55) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x5, 0x0) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) lseek$auto(0xffffffffffffffff, 0x8001, 0x4) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) settimeofday$auto(0x0, &(0x7f0000000100)={0x82, 0x4}) getsockopt$auto(0xffffffffffffffff, 0x10002, 0x2, 0x0, &(0x7f0000000040)=0x2000000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) 18.218041091s ago: executing program 1 (id=50): mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) unshare$auto(0x40000080) socket(0xa, 0x1, 0x100) r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x6f29, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) fadvise64$auto_POSIX_FADV_NOREUSE(r0, 0x0, 0xc, 0x5) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b) 17.125659971s ago: executing program 0 (id=51): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram11\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(0x0, 0xfffffff4, 0x0, 0x5) sysfs$auto(0xfffffffe, 0x10000000000002a, 0x4) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x5094c0, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r1, 0x4008af25, &(0x7f0000000000)=0x7) mmap$auto(0x0, 0x9, 0x8000, 0xe238, 0x602, 0x5) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) rseq$auto(&(0x7f0000000580)={0x5, 0x85, 0x9416, 0x1, 0x7, 0x6, "551e7285968d8e86bd4794a0e875ee9f7b35db28d0a7e72b7a19039c336389cb57a05ba0582cc612c6c0be4beb4cc54d8337d40c93638ba34c4a0435c32a206e808194584d8c359d418662d18943a5e3c6234e712a096205457b56f0a1e5d4d19835696295a54f38117d9d751e23b5fb61daa5a6b2c75148106dc167a20061e3fe55cc53ffadf62b0945da4b27515a0102a8d2d002a842362b4744b8972a5e11e8a6aab89c7b85947f3901d696d459641aa7e6b89b73387ec5fa2d2af6c992213d82c5774c4bcd4187585bcf652af094e988e75002e01f607abf5e25ae0f5548fd13175b681fc059c1f9160aef893bae78cf6cf62c30fa3f0c5c60cbe383a9c0cc1289519b0c7cff81cc3b4fec739fad19c662b0f98d607b61d825d10e2dd3b27b0f7a6b1adc5a452f344c39da5f086ea7c5d99674ca69c4f5635776e67c151bad72f906cd65231da3a55d6056e23b00686723714fabd752f3e2c86dafdee9d379230c0abeabfde9cf88cae099f3ccc76ea7e64a3734ced5ffe749a8012db53ad4d6a5e347bdd83bb409c1bdb762f4aba145df74833d73ccd583797d4fb4ed3e0c7c29d502aacaef02e114d9e60ca6b0bcb28f825f5d49e94ccd2f830933c39a3ba3782505453e3de872ad8da84a6a22aaa62970428bb9a95d1817dbeeded1c53c5d508dea6cc53d80153b05f954c263278bb9c8bc02f3b1805dd9299dc8b97ebff0165d615ba7bf5ce8c490f4dd273642a18267b0a61a594cb1d608f3dffb292991ea32bb647a6f9b951f283e118dc73b45843b5aa883410e402e3bec9ba889ec237462042cedaed761cca0c3b7058d3ffc276c9a75e18b79804f4e21650d911edbedb9fedd31959a8783b1e39d7d6408554bddb2a5d67703d225fe4422bf2367ca483e77fe479495be3235f4c77b3872a9e33946d2602486b83e84e7d8d1742d369e2d00b9dbb552385502c0f597b3615bed54de65af106b58d2b6bebbdd3fe625152527af965b67e9424da7be2e2574e1492aed568d4faaa9da508e0a2e687876fa291e38b7c3ef38643e2c49e0d46d0f2d53352da2f184c4ced2305865ab0ad1435644419773ea82336ffdf62dd325a6a8b2d199d96dba8a13bb5a86ff65b80818ceb37ee8a2b2a8813b33e474e5b110e1ed13dbc4f52efabbce38935a8ada53a0ed5a1a01453a254a1dc528492159591aa192ff6cfa0b372caf236c78d1a0c94dc37916746358b4cf3cc1c0132657818ce6465e58936dbf5991dfb74ff97382c066ba0ceb06ac4f0c005e4c9166e94161bc08e1c23df7ed3419b10ae229aa6bafb19e6af003c9e319956723d839dc50a7edd8d80bce971ba504e0aac811d76e65acffdc4f7e9836396ba98b824be6cc704c59f5849642b191437a5cf902fc1ac491e8c59241586c6791b282b5cfae57eb7e6792048c4769b5b3f21987ec5097e530fd001da5d2999db4ded708225e9a53a2b48d2be3401a063da3c19168769eccaef710d7c2e06818bb05c4a9aa0ce2785a5a6d2846bac9836f1905a9b042029dcc59d918450b6affb522fbf78116941c5cef4ecb82a2134ee8e67ea6091170b67bfc3abec9e2cfc8208d4ba3bb732230fe6a9470c1152ebdc31bbce93cb742b4484bc1cef4298ce897a36c7e8b3ef8bd1b0e3d4dfa46da8bf89b06d67d8a5da465e8f68f999ec38ef8d1b7972125d2d8492680f6698419313afb74b5f715c90aa5ca0a6ea5561acd89a25d0fd066234b1752d6535251be347d8e69afea162f0ae84aa08a1a5475e6860af5956babe0530b6349e918fa97f14e6a83f7e2054c85ec37424757c49c6b76a889cde8473eebc495ac1088fda54f5c70bb17ef4873bf7b524ae892cd8267adfcd1e7054ac0c8b904855f816cbab8a6c5332d2221060b97931130187e1f07b0b9fad917c06f56d3f9fbca9d0ad93c300d88a6025359eb609e86c2b604d6834cde1351ccb0ba238715d6a77953f58b23a78db05bc38cf1e47d5336226a966af0a88fa19b4d992fc82310b7fceee45a202bfdf759dedee618361082881f91f85020e5282fd6a4ff376455f09bd1ca73b165498937eb7396525f9be44e1d5455f2fb0e9b0d79a2b05104239ddb65afabac40f2568353"}, 0x6, 0x3, 0xff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x1, 0x40009, 0xdf, 0x13, r2, 0x10001) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8df41, 0x0) msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004) socket(0x2a, 0x800, 0x2d2) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3) sendmsg$auto_NL80211_CMD_VENDOR(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="210b2abd7000fedbdf25670010000800c3000000008045758fc058dcee9878afa51ff9a5"], 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x4000000) ioperm$auto(0x3, 0x8001, 0x2000000000000149) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, 0x0, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4) close_range$auto(0x2, 0xa, 0x0) 17.125498785s ago: executing program 3 (id=52): mq_unlink$auto(&(0x7f0000000040)='${[:\x00') socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x400000007f, 0x2000a, 0x7fffffff, 0x20000000eb1, 0x401, 0xd) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x121000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/5, 0x5) mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) rename$auto(&(0x7f00000000c0)=':,\x00', 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x11, 0x0) r3 = fsopen$auto(0x0, 0x1) fsconfig$auto(r3, 0x8, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) fcntl$auto_F_SETOWN_EX(r0, 0xf, 0xfffffffffffffff7) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) r4 = gettid() r5 = getpid() rt_tgsigqueueinfo$auto(r5, r4, 0xb, &(0x7f0000000400)={@siginfo_0_0={0x3, 0x3, 0x3, @_sigchld={0x0, 0x0, 0xceb, 0x5, 0x4}}}) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) 17.114188857s ago: executing program 1 (id=59): mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) unshare$auto(0x40000080) socket(0xa, 0x1, 0x100) r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x6f29, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) fadvise64$auto_POSIX_FADV_NOREUSE(r0, 0x0, 0xc, 0x5) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b) 16.875707709s ago: executing program 3 (id=53): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x240009, 0xdf, 0x9b72, 0x7, 0x28000) lseek$auto(0x3, 0x7ffffffffffffffd, 0x2) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) mmap$auto(0xa, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x7}, 0x8) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) write$auto(r0, &(0x7f0000000300)='.o\xd3\xa49\xaf\xa9\xe4\xe17\x12\xb3Z\x17I\x82\xdc\xbeiw\xc1\xd1\x8d\x9b\r\x9aR\xe7\x9f\xd8\xab\x16`f\nT\xaa\xfap \xe6\xdaV\xdeD\x8dR5\xd2\xe58\n\xff\x19+\xeb\xb3+\xf6\xc6\a\x00\x00\x00\xf1A\xa5\x95\x1fk\x1f\xff\x99gP\x9e\x88\x97]\x93\xf4\xdd<\xe7p\x0e\xd4C\xdc\x84\v\xafz\xfd\x81\xa3\xb2\xbb\xa4\xd9\xf2P\xa8\xe9\x8f\x13\xa7\x98\x85\xf8\v\aB\xfc\xfa\x14E\xb8y\x884<\xa7\xffyb\x8a\b\xbb\x1b\x13W\xe3\xf7\xd8\x83\xc9\xd7\x8c', 0x6) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2deb43, 0x0) faccessat2$auto(0xffffffffffffffff, 0x0, 0x0, 0x7) read$auto(r1, 0x0, 0x20) r2 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48) faccessat$auto(r2, 0x0, 0x2) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) ptrace$auto(0x10, 0x0, 0x4, 0xff7) ptrace$auto(0x65, 0x0, 0xd33, 0x8000000000000004) ptrace$auto_PTRACE_SETSIGMASK(0x420b, 0x0, 0x2, 0x80000000) mmap$auto(0x2, 0x401, 0x1000, 0x8000000000000011, r0, 0x5) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000280), 0xffffffffffffffff) r4 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) write$auto(r4, 0x0, 0x1ff) mmap$auto(0x400000000000, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x40000008000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x5, 0x0) sendto$auto(0x3, 0x0, 0x13, 0xfffffff8, &(0x7f0000000440)=@tipc=@name={0x1e, 0x2, 0x3, {{0x1, 0x1}}}, 0x20) 1.012771414s ago: executing program 32 (id=53): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x240009, 0xdf, 0x9b72, 0x7, 0x28000) lseek$auto(0x3, 0x7ffffffffffffffd, 0x2) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) mmap$auto(0xa, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x7}, 0x8) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) write$auto(r0, &(0x7f0000000300)='.o\xd3\xa49\xaf\xa9\xe4\xe17\x12\xb3Z\x17I\x82\xdc\xbeiw\xc1\xd1\x8d\x9b\r\x9aR\xe7\x9f\xd8\xab\x16`f\nT\xaa\xfap \xe6\xdaV\xdeD\x8dR5\xd2\xe58\n\xff\x19+\xeb\xb3+\xf6\xc6\a\x00\x00\x00\xf1A\xa5\x95\x1fk\x1f\xff\x99gP\x9e\x88\x97]\x93\xf4\xdd<\xe7p\x0e\xd4C\xdc\x84\v\xafz\xfd\x81\xa3\xb2\xbb\xa4\xd9\xf2P\xa8\xe9\x8f\x13\xa7\x98\x85\xf8\v\aB\xfc\xfa\x14E\xb8y\x884<\xa7\xffyb\x8a\b\xbb\x1b\x13W\xe3\xf7\xd8\x83\xc9\xd7\x8c', 0x6) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2deb43, 0x0) faccessat2$auto(0xffffffffffffffff, 0x0, 0x0, 0x7) read$auto(r1, 0x0, 0x20) r2 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48) faccessat$auto(r2, 0x0, 0x2) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) ptrace$auto(0x10, 0x0, 0x4, 0xff7) ptrace$auto(0x65, 0x0, 0xd33, 0x8000000000000004) ptrace$auto_PTRACE_SETSIGMASK(0x420b, 0x0, 0x2, 0x80000000) mmap$auto(0x2, 0x401, 0x1000, 0x8000000000000011, r0, 0x5) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000280), 0xffffffffffffffff) r4 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) write$auto(r4, 0x0, 0x1ff) mmap$auto(0x400000000000, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x40000008000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x5, 0x0) sendto$auto(0x3, 0x0, 0x13, 0xfffffff8, &(0x7f0000000440)=@tipc=@name={0x1e, 0x2, 0x3, {{0x1, 0x1}}}, 0x20) 1.376061ms ago: executing program 0 (id=55): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) statmount$auto(0x0, 0x0, 0x7ffffffff000, 0x0) 0s ago: executing program 1 (id=63): mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) unshare$auto(0x40000080) socket(0xa, 0x1, 0x100) r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x6f29, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) fadvise64$auto_POSIX_FADV_NOREUSE(r0, 0x0, 0xc, 0x5) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.145' (ED25519) to the list of known hosts. [ 100.136950][ T5853] cgroup: Unknown subsys name 'net' [ 100.267385][ T5853] cgroup: Unknown subsys name 'cpuset' [ 100.277960][ T5853] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 102.175129][ T5853] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 102.578921][ T9] cfg80211: failed to load regulatory.db [ 104.488670][ T5876] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 104.497642][ T5876] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 104.505946][ T5876] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 104.514468][ T5876] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 104.523058][ T5876] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 104.525882][ T5877] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 104.532806][ T5185] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 104.546505][ T5185] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 104.555612][ T5185] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 104.562472][ T5878] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 104.571307][ T5878] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 104.572526][ T5185] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 104.580523][ T5878] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 104.594432][ T5878] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 104.596756][ T5185] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 104.603361][ T5878] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 104.609554][ T5185] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 104.617705][ T5878] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 104.637483][ T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 104.659821][ T5877] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 105.209172][ T5864] chnl_net:caif_netlink_parms(): no params data found [ 105.407501][ T5866] chnl_net:caif_netlink_parms(): no params data found [ 105.468952][ T5863] chnl_net:caif_netlink_parms(): no params data found [ 105.592514][ T5864] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.599883][ T5864] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.608981][ T5864] bridge_slave_0: entered allmulticast mode [ 105.616792][ T5864] bridge_slave_0: entered promiscuous mode [ 105.631791][ T5865] chnl_net:caif_netlink_parms(): no params data found [ 105.652411][ T5864] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.660061][ T5864] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.668121][ T5864] bridge_slave_1: entered allmulticast mode [ 105.676745][ T5864] bridge_slave_1: entered promiscuous mode [ 105.785507][ T5864] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.831043][ T5866] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.838780][ T5866] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.846425][ T5866] bridge_slave_0: entered allmulticast mode [ 105.855342][ T5866] bridge_slave_0: entered promiscuous mode [ 105.864800][ T5866] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.872911][ T5866] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.880653][ T5866] bridge_slave_1: entered allmulticast mode [ 105.888675][ T5866] bridge_slave_1: entered promiscuous mode [ 105.899602][ T5864] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.974038][ T5863] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.981725][ T5863] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.989323][ T5863] bridge_slave_0: entered allmulticast mode [ 105.997505][ T5863] bridge_slave_0: entered promiscuous mode [ 106.029063][ T5864] team0: Port device team_slave_0 added [ 106.035925][ T5863] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.044394][ T5863] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.051708][ T5863] bridge_slave_1: entered allmulticast mode [ 106.060015][ T5863] bridge_slave_1: entered promiscuous mode [ 106.099213][ T5866] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 106.112114][ T5864] team0: Port device team_slave_1 added [ 106.153389][ T5865] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.160961][ T5865] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.168582][ T5865] bridge_slave_0: entered allmulticast mode [ 106.176660][ T5865] bridge_slave_0: entered promiscuous mode [ 106.188335][ T5866] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.243928][ T5863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 106.255364][ T5865] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.263157][ T5865] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.270814][ T5865] bridge_slave_1: entered allmulticast mode [ 106.279773][ T5865] bridge_slave_1: entered promiscuous mode [ 106.302815][ T5864] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.309920][ T5864] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.338091][ T5864] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.354869][ T5863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.381335][ T5866] team0: Port device team_slave_0 added [ 106.388630][ T5864] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.396122][ T5864] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.424734][ T5864] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.468846][ T5866] team0: Port device team_slave_1 added [ 106.519920][ T5865] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 106.533915][ T5865] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.573712][ T5863] team0: Port device team_slave_0 added [ 106.588098][ T5864] hsr_slave_0: entered promiscuous mode [ 106.596170][ T5864] hsr_slave_1: entered promiscuous mode [ 106.633832][ T5863] team0: Port device team_slave_1 added [ 106.640656][ T5866] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.648013][ T5866] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.675176][ T51] Bluetooth: hci0: command tx timeout [ 106.681434][ T5866] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.733359][ T5867] Bluetooth: hci2: command tx timeout [ 106.739455][ T5867] Bluetooth: hci3: command tx timeout [ 106.744732][ T51] Bluetooth: hci1: command tx timeout [ 106.753885][ T5866] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.760886][ T5866] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.787989][ T5866] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.811694][ T5865] team0: Port device team_slave_0 added [ 106.859060][ T5865] team0: Port device team_slave_1 added [ 106.865911][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.873505][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.901451][ T5863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.915058][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.922407][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.949247][ T5863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 107.052084][ T5865] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 107.059648][ T5865] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 107.086355][ T5865] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 107.100442][ T5865] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 107.107741][ T5865] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 107.134365][ T5865] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 107.180596][ T5863] hsr_slave_0: entered promiscuous mode [ 107.187468][ T5863] hsr_slave_1: entered promiscuous mode [ 107.194177][ T5863] debugfs: 'hsr0' already exists in 'hsr' [ 107.200190][ T5863] Cannot create hsr debugfs directory [ 107.232476][ T5866] hsr_slave_0: entered promiscuous mode [ 107.239347][ T5866] hsr_slave_1: entered promiscuous mode [ 107.246470][ T5866] debugfs: 'hsr0' already exists in 'hsr' [ 107.252459][ T5866] Cannot create hsr debugfs directory [ 107.396759][ T5865] hsr_slave_0: entered promiscuous mode [ 107.403648][ T5865] hsr_slave_1: entered promiscuous mode [ 107.410277][ T5865] debugfs: 'hsr0' already exists in 'hsr' [ 107.416534][ T5865] Cannot create hsr debugfs directory [ 107.717649][ T5864] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 107.759946][ T5864] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 107.796474][ T5864] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 107.808592][ T5864] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 107.934964][ T5866] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 107.950867][ T5866] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 107.963335][ T5866] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 107.984927][ T5866] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 108.075833][ T5863] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 108.096002][ T5863] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 108.118878][ T5863] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 108.130623][ T5863] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 108.260550][ T5865] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 108.271554][ T5865] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 108.286545][ T5865] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 108.304608][ T5865] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 108.391866][ T5864] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.452023][ T5866] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.477135][ T5864] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.508226][ T2993] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.515890][ T2993] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.528234][ T2993] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.535722][ T2993] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.620024][ T5866] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.660813][ T5863] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.695364][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.702877][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.732788][ T51] Bluetooth: hci0: command tx timeout [ 108.737098][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.745714][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.760897][ T5863] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.813673][ T51] Bluetooth: hci1: command tx timeout [ 108.819159][ T51] Bluetooth: hci3: command tx timeout [ 108.820809][ T5867] Bluetooth: hci2: command tx timeout [ 108.847601][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.854974][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.875237][ T5865] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.919343][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.926704][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 109.007897][ T5865] 8021q: adding VLAN 0 to HW filter on device team0 [ 109.070949][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.078164][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 109.109545][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.116925][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 109.239704][ T5864] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.456574][ T5864] veth0_vlan: entered promiscuous mode [ 109.490490][ T5864] veth1_vlan: entered promiscuous mode [ 109.610907][ T5864] veth0_macvtap: entered promiscuous mode [ 109.641440][ T5864] veth1_macvtap: entered promiscuous mode [ 109.716627][ T5864] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.758394][ T5864] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.787707][ T5866] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.817177][ T5863] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.825487][ T2913] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.842200][ T2913] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.867051][ T2913] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.889704][ T2913] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.966455][ T5865] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 110.062141][ T5866] veth0_vlan: entered promiscuous mode [ 110.105231][ T2913] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.120747][ T5863] veth0_vlan: entered promiscuous mode [ 110.125454][ T2913] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.130307][ T5866] veth1_vlan: entered promiscuous mode [ 110.160640][ T5863] veth1_vlan: entered promiscuous mode [ 110.228470][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.245064][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.275931][ T5863] veth0_macvtap: entered promiscuous mode [ 110.291785][ T5865] veth0_vlan: entered promiscuous mode [ 110.305778][ T5863] veth1_macvtap: entered promiscuous mode [ 110.339874][ T5865] veth1_vlan: entered promiscuous mode [ 110.358057][ T5866] veth0_macvtap: entered promiscuous mode [ 110.387310][ T5866] veth1_macvtap: entered promiscuous mode [ 110.408351][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.417456][ T5864] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 110.461629][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.471971][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.500240][ T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.558756][ T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.582044][ T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.596067][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.606828][ T5865] veth0_macvtap: entered promiscuous mode [ 110.616675][ T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.641752][ T5865] veth1_macvtap: entered promiscuous mode [ 110.665266][ T2993] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.686385][ T2993] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.700601][ T2993] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.730553][ T2993] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.813684][ T5867] Bluetooth: hci0: command tx timeout [ 110.872368][ T5865] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.893868][ T5877] Bluetooth: hci1: command tx timeout [ 110.895965][ T51] Bluetooth: hci2: command tx timeout [ 110.900668][ T5867] Bluetooth: hci3: command tx timeout [ 110.914960][ T5865] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 111.008233][ T2913] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.019363][ T2913] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.020331][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.031487][ T2913] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.047041][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.135805][ T2913] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.231948][ T5958] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 111.246542][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.273281][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.299682][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.329825][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.369718][ T2993] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.390916][ T2993] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.418144][ T30] audit: type=1800 audit(1754922552.037:2): pid=5958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.5" name="version" dev="configfs" ino=5980 res=0 errno=0 [ 111.643897][ T1109] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.651966][ T1109] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.792402][ T5968] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3'. [ 111.828422][ T5968] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3'. [ 111.850382][ T5968] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3'. [ 111.860939][ T5968] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3'. [ 111.877488][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.890901][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.919776][ T5969] netlink: 98 bytes leftover after parsing attributes in process `syz.2.3'. [ 111.941023][ T5969] Zero length message leads to an empty skb [ 112.154221][ T5965] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 112.436471][ T5981] bridge0: port 3(team0) entered blocking state [ 112.457637][ T5981] bridge0: port 3(team0) entered disabled state [ 112.498027][ T5981] team0: entered allmulticast mode [ 112.516052][ T5981] team_slave_0: entered allmulticast mode [ 112.576963][ T5981] team_slave_1: entered allmulticast mode [ 112.624434][ T5981] team0: entered promiscuous mode [ 112.656168][ T5981] team_slave_0: entered promiscuous mode [ 112.683166][ T5981] team_slave_1: entered promiscuous mode [ 112.709016][ T5981] bridge0: port 3(team0) entered blocking state [ 112.715940][ T5981] bridge0: port 3(team0) entered forwarding state [ 112.893125][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 112.902320][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 112.914529][ T5867] Bluetooth: hci0: command tx timeout [ 112.956065][ T5986] process 'syz.1.9' launched ':,' with NULL argv: empty string added [ 112.973340][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 112.982279][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 112.995080][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 113.003300][ T5867] Bluetooth: hci3: command tx timeout [ 113.011580][ T5867] Bluetooth: hci1: command tx timeout [ 113.018226][ T51] Bluetooth: hci2: command tx timeout [ 113.631677][ T5992] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 113.673269][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 113.699450][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 113.773924][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 113.936015][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.053643][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.217906][ T6000] FAULT_INJECTION: forcing a failure. [ 114.217906][ T6000] name failslab, interval 1, probability 0, space 0, times 1 [ 114.232914][ T6003] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 114.241763][ T6000] CPU: 0 UID: 0 PID: 6000 Comm: syz.1.13 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) [ 114.241814][ T6000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 114.241842][ T6000] Call Trace: [ 114.241859][ T6000] [ 114.241874][ T6000] dump_stack_lvl+0x16c/0x1f0 [ 114.241933][ T6000] should_fail_ex+0x512/0x640 [ 114.241982][ T6000] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 114.242034][ T6000] should_failslab+0xc2/0x120 [ 114.242083][ T6000] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 114.242129][ T6000] ? __pmd_alloc+0xbf/0x930 [ 114.242193][ T6000] __pmd_alloc+0xbf/0x930 [ 114.242251][ T6000] __handle_mm_fault+0xa06/0x2a50 [ 114.242296][ T6000] ? mt_find+0x3ef/0xa30 [ 114.242348][ T6000] ? __pfx___handle_mm_fault+0x10/0x10 [ 114.242383][ T6000] ? __pfx_mt_find+0x10/0x10 [ 114.242456][ T6000] ? find_vma+0xbf/0x140 [ 114.242504][ T6000] ? __pfx_find_vma+0x10/0x10 [ 114.242558][ T6000] handle_mm_fault+0x589/0xd10 [ 114.242597][ T6000] ? __bpf_trace_exceptions+0x1/0x40 [ 114.242663][ T6000] do_user_addr_fault+0x7a6/0x1370 [ 114.242726][ T6000] ? rcu_is_watching+0x12/0xc0 [ 114.242775][ T6000] exc_page_fault+0x5c/0xb0 [ 114.242811][ T6000] asm_exc_page_fault+0x26/0x30 [ 114.242840][ T6000] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 114.242892][ T6000] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 114.242922][ T6000] RSP: 0018:ffffc900045f7d18 EFLAGS: 00050202 [ 114.242948][ T6000] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000078 [ 114.242967][ T6000] RDX: fffff520008befd1 RSI: 0000000000000000 RDI: ffffc900045f7e10 [ 114.242988][ T6000] RBP: 0000000000000078 R08: 0000000000000001 R09: fffff520008befd0 [ 114.243008][ T6000] R10: ffffc900045f7e87 R11: 0000000000000000 R12: 0000000000000000 [ 114.243028][ T6000] R13: ffffc900045f7e10 R14: 0000000000000000 R15: 0000000000000000 [ 114.243077][ T6000] _copy_from_user+0x98/0xd0 [ 114.243132][ T6000] io_uring_setup+0xb4/0x2080 [ 114.243181][ T6000] ? __pfx_io_uring_setup+0x10/0x10 [ 114.243219][ T6000] ? do_futex+0x122/0x350 [ 114.243262][ T6000] ? __pfx_do_futex+0x10/0x10 [ 114.243305][ T6000] ? __pfx___might_resched+0x10/0x10 [ 114.243355][ T6000] ? xfd_validate_state+0x61/0x180 [ 114.243425][ T6000] __x64_sys_io_uring_setup+0xc2/0x170 [ 114.243474][ T6000] do_syscall_64+0xcd/0x490 [ 114.243520][ T6000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.243556][ T6000] RIP: 0033:0x7fc0d598ebe9 [ 114.243597][ T6000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 114.243632][ T6000] RSP: 002b:00007fc0d6821038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 114.243665][ T6000] RAX: ffffffffffffffda RBX: 00007fc0d5bb5fa0 RCX: 00007fc0d598ebe9 [ 114.243688][ T6000] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 114.243711][ T6000] RBP: 00007fc0d5a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 114.243732][ T6000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 114.243765][ T6000] R13: 00007fc0d5bb6038 R14: 00007fc0d5bb5fa0 R15: 00007ffd5c83f568 [ 114.243812][ T6000] [ 115.689359][ T6021] FAULT_INJECTION: forcing a failure. [ 115.689359][ T6021] name failslab, interval 1, probability 0, space 0, times 0 [ 115.729028][ T6021] CPU: 0 UID: 0 PID: 6021 Comm: syz.1.17 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) [ 115.729062][ T6021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 115.729076][ T6021] Call Trace: [ 115.729084][ T6021] [ 115.729093][ T6021] dump_stack_lvl+0x16c/0x1f0 [ 115.729128][ T6021] should_fail_ex+0x512/0x640 [ 115.729166][ T6021] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 115.729198][ T6021] should_failslab+0xc2/0x120 [ 115.729230][ T6021] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 115.729260][ T6021] ? __kernfs_new_node+0xd2/0x8e0 [ 115.729293][ T6021] __kernfs_new_node+0xd2/0x8e0 [ 115.729327][ T6021] ? __pfx___kernfs_new_node+0x10/0x10 [ 115.729366][ T6021] ? find_held_lock+0x2b/0x80 [ 115.729399][ T6021] ? kernfs_root+0xee/0x2a0 [ 115.729435][ T6021] kernfs_new_node+0x13c/0x1e0 [ 115.729474][ T6021] __kernfs_create_file+0x53/0x350 [ 115.729501][ T6021] sysfs_add_file_mode_ns+0x207/0x3c0 [ 115.729543][ T6021] internal_create_group+0x578/0xf30 [ 115.729588][ T6021] ? __pfx_internal_create_group+0x10/0x10 [ 115.729625][ T6021] ? kernfs_create_link+0x1bd/0x240 [ 115.729653][ T6021] internal_create_groups+0x9d/0x150 [ 115.729687][ T6021] device_add+0xf30/0x1aa0 [ 115.729728][ T6021] ? __pfx_device_add+0x10/0x10 [ 115.729764][ T6021] ? lockdep_init_map_type+0x5c/0x280 [ 115.729797][ T6021] ? __init_waitqueue_head+0xca/0x150 [ 115.729840][ T6021] netdev_register_kobject+0x1a9/0x3d0 [ 115.729880][ T6021] register_netdevice+0x13dc/0x2270 [ 115.729934][ T6021] ? __pfx_register_netdevice+0x10/0x10 [ 115.729976][ T6021] __ip_tunnel_create+0x540/0x6e0 [ 115.730012][ T6021] ? __pfx___ip_tunnel_create+0x10/0x10 [ 115.730061][ T6021] ip_tunnel_init_net+0x22f/0x7d0 [ 115.730100][ T6021] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 115.730141][ T6021] ? trace_kmalloc+0x2b/0xd0 [ 115.730174][ T6021] ? __kmalloc_noprof+0x242/0x510 [ 115.730199][ T6021] ? lockdep_init_map_type+0x5c/0x280 [ 115.730237][ T6021] ? __pfx_ipgre_init_net+0x10/0x10 [ 115.730265][ T6021] ops_init+0x1e2/0x5f0 [ 115.730299][ T6021] setup_net+0x10f/0x380 [ 115.730328][ T6021] ? lockdep_init_map_type+0x5c/0x280 [ 115.730361][ T6021] ? __pfx_setup_net+0x10/0x10 [ 115.730394][ T6021] ? debug_mutex_init+0x37/0x70 [ 115.730420][ T6021] copy_net_ns+0x2a6/0x5f0 [ 115.730458][ T6021] create_new_namespaces+0x3ea/0xa90 [ 115.730492][ T6021] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 115.730522][ T6021] ksys_unshare+0x45b/0xa40 [ 115.730554][ T6021] ? __pfx_ksys_unshare+0x10/0x10 [ 115.730598][ T6021] ? xfd_validate_state+0x61/0x180 [ 115.730643][ T6021] __x64_sys_unshare+0x31/0x40 [ 115.730675][ T6021] do_syscall_64+0xcd/0x490 [ 115.730708][ T6021] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 115.730732][ T6021] RIP: 0033:0x7fc0d598ebe9 [ 115.730750][ T6021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 115.730773][ T6021] RSP: 002b:00007fc0d6821038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 115.730796][ T6021] RAX: ffffffffffffffda RBX: 00007fc0d5bb5fa0 RCX: 00007fc0d598ebe9 [ 115.730811][ T6021] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 115.730825][ T6021] RBP: 00007fc0d5a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 115.730839][ T6021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 115.730853][ T6021] R13: 00007fc0d5bb6038 R14: 00007fc0d5bb5fa0 R15: 00007ffd5c83f568 [ 115.730882][ T6021] [ 116.354296][ T6009] kexec: Could not allocate control_code_buffer syzkaller syzkaller login: [ 116.749012][ T6025] FAULT_INJECTION: forcing a failure. [ 116.749012][ T6025] name failslab, interval 1, probability 0, space 0, times 0 [ 116.789154][ T6025] CPU: 1 UID: 0 PID: 6025 Comm: syz.3.18 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) [ 116.789200][ T6025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 116.789219][ T6025] Call Trace: [ 116.789229][ T6025] [ 116.789241][ T6025] dump_stack_lvl+0x16c/0x1f0 [ 116.789295][ T6025] should_fail_ex+0x512/0x640 [ 116.789342][ T6025] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 116.789386][ T6025] should_failslab+0xc2/0x120 [ 116.789429][ T6025] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 116.789470][ T6025] ? sk_prot_alloc+0x60/0x2a0 [ 116.789525][ T6025] sk_prot_alloc+0x60/0x2a0 [ 116.789578][ T6025] sk_alloc+0x36/0xc20 [ 116.789616][ T6025] kcm_create+0xfc/0x690 [ 116.789671][ T6025] __sock_create+0x335/0x8d0 [ 116.789729][ T6025] __sys_socket+0x14d/0x260 [ 116.789757][ T6025] ? __pfx___sys_socket+0x10/0x10 [ 116.789788][ T6025] ? rcu_is_watching+0x12/0xc0 [ 116.789827][ T6025] __x64_sys_socket+0x72/0xb0 [ 116.789852][ T6025] ? lockdep_hardirqs_on+0x7c/0x110 [ 116.789883][ T6025] do_syscall_64+0xcd/0x490 [ 116.789920][ T6025] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.789949][ T6025] RIP: 0033:0x7f67dbd8ebe9 [ 116.789972][ T6025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 116.790001][ T6025] RSP: 002b:00007f67dcbd3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 116.790031][ T6025] RAX: ffffffffffffffda RBX: 00007f67dbfb5fa0 RCX: 00007f67dbd8ebe9 [ 116.790050][ T6025] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000029 [ 116.790067][ T6025] RBP: 00007f67dbe11e19 R08: 0000000000000000 R09: 0000000000000000 [ 116.790086][ T6025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 116.790105][ T6025] R13: 00007f67dbfb6038 R14: 00007f67dbfb5fa0 R15: 00007ffcdfef0d78 [ 116.790146][ T6025] [ 118.308654][ T6048] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.434667][ T6061] program syz.3.26 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 119.690436][ T6065] FAULT_INJECTION: forcing a failure. [ 119.690436][ T6065] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 119.762821][ T6065] CPU: 0 UID: 0 PID: 6065 Comm: syz.0.28 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) [ 119.762868][ T6065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 119.762890][ T6065] Call Trace: [ 119.762901][ T6065] [ 119.762914][ T6065] dump_stack_lvl+0x16c/0x1f0 [ 119.762972][ T6065] should_fail_ex+0x512/0x640 [ 119.763022][ T6065] strncpy_from_user+0x3b/0x2e0 [ 119.763079][ T6065] getname_flags.part.0+0x8f/0x550 [ 119.763136][ T6065] getname_flags+0x93/0xf0 [ 119.763173][ T6065] do_sys_openat2+0xb8/0x1d0 [ 119.763224][ T6065] ? __pfx_do_sys_openat2+0x10/0x10 [ 119.763276][ T6065] ? __pfx___might_resched+0x10/0x10 [ 119.763319][ T6065] __x64_sys_openat+0x174/0x210 [ 119.763371][ T6065] ? __pfx___x64_sys_openat+0x10/0x10 [ 119.763439][ T6065] do_syscall_64+0xcd/0x490 [ 119.763482][ T6065] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.763516][ T6065] RIP: 0033:0x7f8218f8ebe9 [ 119.763546][ T6065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 119.763578][ T6065] RSP: 002b:00007f8219eb5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 119.763613][ T6065] RAX: ffffffffffffffda RBX: 00007f82191b5fa0 RCX: 00007f8218f8ebe9 [ 119.763634][ T6065] RDX: 0000000000000002 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 119.763652][ T6065] RBP: 00007f8219011e19 R08: 0000000000000000 R09: 0000000000000000 [ 119.763671][ T6065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 119.763690][ T6065] R13: 00007f82191b6038 R14: 00007f82191b5fa0 R15: 00007ffe5959c1f8 [ 119.763732][ T6065] [ 119.938728][ C0] vkms_vblank_simulate: vblank timer overrun [ 120.307517][ T6065] mmap: syz.0.28 (6065) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 120.344849][ T6075] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 120.624964][ T6081] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 121.526506][ T2993] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.049523][ T5867] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 122.059479][ T5867] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 122.067589][ T5867] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 122.077430][ T5867] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 122.085714][ T5867] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 122.206769][ T2993] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.440751][ T2993] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.570031][ T2993] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.642577][ T6087] kexec: Could not allocate control_code_buffer [ 123.214687][ T6112] FAULT_INJECTION: forcing a failure. [ 123.214687][ T6112] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 123.276562][ T6112] CPU: 0 UID: 0 PID: 6112 Comm: syz.1.43 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) [ 123.276610][ T6112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 123.276630][ T6112] Call Trace: [ 123.276641][ T6112] [ 123.276653][ T6112] dump_stack_lvl+0x16c/0x1f0 [ 123.276700][ T6112] should_fail_ex+0x512/0x640 [ 123.276754][ T6112] should_fail_alloc_page+0xe7/0x130 [ 123.276802][ T6112] prepare_alloc_pages+0x3c2/0x610 [ 123.276850][ T6112] ? __lock_acquire+0x62e/0x1ce0 [ 123.276909][ T6112] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 123.276952][ T6112] ? __lock_acquire+0x62e/0x1ce0 [ 123.277012][ T6112] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 123.277056][ T6112] ? __lock_acquire+0x62e/0x1ce0 [ 123.277105][ T6112] ? __lock_acquire+0x62e/0x1ce0 [ 123.277151][ T6112] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 123.277199][ T6112] ? policy_nodemask+0xea/0x4e0 [ 123.277243][ T6112] alloc_pages_mpol+0x1fb/0x550 [ 123.277288][ T6112] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 123.277343][ T6112] alloc_pages_noprof+0x131/0x390 [ 123.277387][ T6112] __pmd_alloc+0x3b/0x930 [ 123.277439][ T6112] __handle_mm_fault+0xa06/0x2a50 [ 123.277478][ T6112] ? mt_find+0x3ef/0xa30 [ 123.277525][ T6112] ? __pfx___handle_mm_fault+0x10/0x10 [ 123.277557][ T6112] ? __pfx_mt_find+0x10/0x10 [ 123.277624][ T6112] ? find_vma+0xbf/0x140 [ 123.277665][ T6112] ? __pfx_find_vma+0x10/0x10 [ 123.277715][ T6112] handle_mm_fault+0x589/0xd10 [ 123.277751][ T6112] ? __bpf_trace_exceptions+0x1/0x40 [ 123.277806][ T6112] do_user_addr_fault+0x7a6/0x1370 [ 123.277861][ T6112] ? rcu_is_watching+0x12/0xc0 [ 123.277916][ T6112] exc_page_fault+0x5c/0xb0 [ 123.277956][ T6112] asm_exc_page_fault+0x26/0x30 [ 123.277988][ T6112] RIP: 0010:strncpy_from_user+0x147/0x2e0 [ 123.278029][ T6112] Code: 00 00 4d 89 74 1d 00 48 83 ed 08 bf 07 00 00 00 48 83 c3 08 48 89 ee e8 47 42 a7 fc 48 83 fd 07 76 22 e8 cc 46 a7 fc 45 31 ff <49> 8b 04 1c 31 ff 44 89 fe 49 89 c6 e8 f8 41 a7 fc 45 85 ff 0f 84 [ 123.278060][ T6112] RSP: 0018:ffffc90004aafd10 EFLAGS: 00050246 [ 123.278087][ T6112] RAX: 0000000000000038 RBX: 0000000000000000 RCX: ffffc9000c263000 [ 123.278107][ T6112] RDX: 0000000000080000 RSI: ffffffff8513c8f4 RDI: 0000000000000007 [ 123.278128][ T6112] RBP: 0000000000000fe0 R08: 0000000000000007 R09: 0000000000000007 [ 123.278146][ T6112] R10: 0000000000000fe0 R11: 0000000000000000 R12: 0000000000000000 [ 123.278166][ T6112] R13: ffff888054a7b320 R14: 0000000000000fe0 R15: 0000000000000000 [ 123.278200][ T6112] ? strncpy_from_user+0x144/0x2e0 [ 123.278255][ T6112] getname_flags.part.0+0x8f/0x550 [ 123.278313][ T6112] getname_flags+0x93/0xf0 [ 123.278348][ T6112] do_sys_openat2+0xb8/0x1d0 [ 123.278398][ T6112] ? __pfx_do_sys_openat2+0x10/0x10 [ 123.278452][ T6112] ? __pfx___might_resched+0x10/0x10 [ 123.278505][ T6112] __x64_sys_openat+0x174/0x210 [ 123.278558][ T6112] ? __pfx___x64_sys_openat+0x10/0x10 [ 123.278627][ T6112] do_syscall_64+0xcd/0x490 [ 123.278672][ T6112] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.278705][ T6112] RIP: 0033:0x7fc0d598ebe9 [ 123.278731][ T6112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.278761][ T6112] RSP: 002b:00007fc0d6821038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 123.278790][ T6112] RAX: ffffffffffffffda RBX: 00007fc0d5bb5fa0 RCX: 00007fc0d598ebe9 [ 123.278810][ T6112] RDX: 0000000000000002 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 123.278831][ T6112] RBP: 00007fc0d5a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 123.278851][ T6112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 123.278869][ T6112] R13: 00007fc0d5bb6038 R14: 00007fc0d5bb5fa0 R15: 00007ffd5c83f568 [ 123.278917][ T6112] [ 123.660997][ C0] vkms_vblank_simulate: vblank timer overrun [ 123.699617][ T2993] bridge_slave_1: left allmulticast mode [ 123.709705][ T2993] bridge_slave_1: left promiscuous mode [ 123.733382][ T2993] bridge0: port 2(bridge_slave_1) entered disabled state [ 123.808743][ T2993] bridge_slave_0: left allmulticast mode [ 123.849174][ T2993] bridge_slave_0: left promiscuous mode [ 123.861791][ T2993] bridge0: port 1(bridge_slave_0) entered disabled state [ 124.173795][ T51] Bluetooth: hci3: command tx timeout [ 124.767638][ T2993] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 124.788662][ T2993] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 124.806236][ T2993] bond0 (unregistering): Released all slaves [ 125.238919][ T6094] chnl_net:caif_netlink_parms(): no params data found [ 125.916196][ T2993] hsr_slave_0: left promiscuous mode [ 125.923320][ T2993] hsr_slave_1: left promiscuous mode [ 125.930292][ T2993] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 125.941353][ T2993] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 125.955028][ T2993] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 125.962864][ T2993] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 125.989539][ T2993] veth1_macvtap: left promiscuous mode [ 126.000147][ T2993] veth0_macvtap: left promiscuous mode [ 126.006613][ T2993] veth1_vlan: left promiscuous mode [ 126.012260][ T2993] veth0_vlan: left promiscuous mode [ 126.254440][ T51] Bluetooth: hci3: command tx timeout [ 126.446140][ T2993] team0 (unregistering): Port device team_slave_1 removed [ 126.477526][ T2993] team0 (unregistering): Port device team_slave_0 removed [ 126.823643][ T6094] bridge0: port 1(bridge_slave_0) entered blocking state [ 126.831046][ T6094] bridge0: port 1(bridge_slave_0) entered disabled state [ 126.840634][ T6094] bridge_slave_0: entered allmulticast mode [ 126.850669][ T6094] bridge_slave_0: entered promiscuous mode [ 126.861016][ T6094] bridge0: port 2(bridge_slave_1) entered blocking state [ 126.868718][ T6094] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.876521][ T6094] bridge_slave_1: entered allmulticast mode [ 126.885732][ T6094] bridge_slave_1: entered promiscuous mode [ 126.981607][ T6094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 126.996301][ T6094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 127.044944][ T6094] team0: Port device team_slave_0 added [ 127.077439][ T6094] team0: Port device team_slave_1 added [ 127.119035][ T6094] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 127.127021][ T6094] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 127.155018][ T6094] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 127.178641][ T6094] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 127.190181][ T6094] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 127.239152][ T6094] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 127.450432][ T6094] hsr_slave_0: entered promiscuous mode [ 127.468059][ T6094] hsr_slave_1: entered promiscuous mode [ 127.488104][ T6094] debugfs: 'hsr0' already exists in 'hsr' [ 127.507403][ T6094] Cannot create hsr debugfs directory [ 128.337284][ T51] Bluetooth: hci3: command tx timeout [ 130.030201][ T6189] kexec: Could not allocate control_code_buffer [ 130.412869][ T51] Bluetooth: hci3: command tx timeout [ 143.537014][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.545229][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 144.720315][ T5867] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 144.736086][ T5867] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 144.745456][ T5867] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 144.757654][ T5867] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 144.766264][ T5867] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 144.980634][ T6252] chnl_net:caif_netlink_parms(): no params data found [ 145.072152][ T6252] bridge0: port 1(bridge_slave_0) entered blocking state [ 145.079673][ T6252] bridge0: port 1(bridge_slave_0) entered disabled state [ 145.087278][ T6252] bridge_slave_0: entered allmulticast mode [ 145.095668][ T6252] bridge_slave_0: entered promiscuous mode [ 145.105130][ T6252] bridge0: port 2(bridge_slave_1) entered blocking state [ 145.112842][ T6252] bridge0: port 2(bridge_slave_1) entered disabled state [ 145.120359][ T6252] bridge_slave_1: entered allmulticast mode [ 145.128514][ T6252] bridge_slave_1: entered promiscuous mode [ 145.170330][ T6252] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 145.182830][ T6252] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 145.220606][ T6252] team0: Port device team_slave_0 added [ 145.229871][ T6252] team0: Port device team_slave_1 added [ 145.264531][ T6252] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 145.273343][ T6252] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 145.299861][ T6252] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 145.313858][ T6252] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 145.321832][ T6252] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 145.348718][ T6252] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 145.407864][ T6252] hsr_slave_0: entered promiscuous mode [ 145.414725][ T6252] hsr_slave_1: entered promiscuous mode [ 145.421554][ T6252] debugfs: 'hsr0' already exists in 'hsr' [ 145.427585][ T6252] Cannot create hsr debugfs directory [ 146.813039][ T5867] Bluetooth: hci4: command tx timeout [ 148.892992][ T5867] Bluetooth: hci4: command tx timeout [ 150.972911][ T5867] Bluetooth: hci4: command tx timeout [ 153.052790][ T5867] Bluetooth: hci4: command tx timeout [ 182.180836][ T51] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 182.192287][ T51] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 182.201344][ T51] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 182.210936][ T51] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 182.219766][ T51] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 182.439265][ T6269] chnl_net:caif_netlink_parms(): no params data found [ 182.541615][ T6269] bridge0: port 1(bridge_slave_0) entered blocking state [ 182.549374][ T6269] bridge0: port 1(bridge_slave_0) entered disabled state [ 182.557131][ T6269] bridge_slave_0: entered allmulticast mode [ 182.565192][ T6269] bridge_slave_0: entered promiscuous mode [ 182.575521][ T6269] bridge0: port 2(bridge_slave_1) entered blocking state [ 182.584304][ T6269] bridge0: port 2(bridge_slave_1) entered disabled state [ 182.592139][ T6269] bridge_slave_1: entered allmulticast mode [ 182.600517][ T6269] bridge_slave_1: entered promiscuous mode [ 182.638869][ T6269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 182.654437][ T6269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 182.695336][ T6269] team0: Port device team_slave_0 added [ 182.704199][ T6269] team0: Port device team_slave_1 added [ 182.741930][ T6269] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 182.751329][ T6269] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 182.778699][ T6269] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 182.791307][ T6269] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 182.798532][ T6269] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 182.825470][ T6269] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 182.884943][ T6269] hsr_slave_0: entered promiscuous mode [ 182.891590][ T6269] hsr_slave_1: entered promiscuous mode [ 182.898452][ T6269] debugfs: 'hsr0' already exists in 'hsr' [ 182.904587][ T6269] Cannot create hsr debugfs directory [ 184.253144][ T5867] Bluetooth: hci5: command tx timeout [ 186.332974][ T5867] Bluetooth: hci5: command tx timeout [ 188.422849][ T5867] Bluetooth: hci5: command tx timeout [ 190.492908][ T5867] Bluetooth: hci5: command tx timeout [ 204.977500][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.984210][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 205.240545][ T51] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 205.249633][ T51] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 205.258944][ T51] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 205.268643][ T51] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 205.278319][ T51] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 205.500294][ T6285] chnl_net:caif_netlink_parms(): no params data found [ 205.598156][ T6285] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.605636][ T6285] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.614085][ T6285] bridge_slave_0: entered allmulticast mode [ 205.621554][ T6285] bridge_slave_0: entered promiscuous mode [ 205.631393][ T6285] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.638996][ T6285] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.647567][ T6285] bridge_slave_1: entered allmulticast mode [ 205.655803][ T6285] bridge_slave_1: entered promiscuous mode [ 205.702069][ T6285] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 205.715808][ T6285] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 205.758309][ T6285] team0: Port device team_slave_0 added [ 205.768102][ T6285] team0: Port device team_slave_1 added [ 205.808580][ T6285] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 205.816262][ T6285] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.844312][ T6285] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 205.857654][ T6285] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 205.865776][ T6285] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.893859][ T6285] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 205.952981][ T6285] hsr_slave_0: entered promiscuous mode [ 205.959981][ T6285] hsr_slave_1: entered promiscuous mode [ 205.967751][ T6285] debugfs: 'hsr0' already exists in 'hsr' [ 205.974486][ T6285] Cannot create hsr debugfs directory [ 207.372979][ T51] Bluetooth: hci6: command tx timeout [ 209.453061][ T51] Bluetooth: hci6: command tx timeout [ 211.533264][ T51] Bluetooth: hci6: command tx timeout [ 213.613036][ T51] Bluetooth: hci6: command tx timeout [ 227.538477][ T5878] Bluetooth: hci0: command 0x0406 tx timeout [ 227.538509][ T5876] Bluetooth: hci2: command 0x0406 tx timeout [ 227.553141][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 242.322936][ T5874] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 242.333572][ T5874] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 242.342737][ T5874] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 242.351878][ T5874] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 242.361461][ T5874] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 242.587111][ T6297] chnl_net:caif_netlink_parms(): no params data found [ 242.688935][ T6297] bridge0: port 1(bridge_slave_0) entered blocking state [ 242.696619][ T6297] bridge0: port 1(bridge_slave_0) entered disabled state [ 242.705384][ T6297] bridge_slave_0: entered allmulticast mode [ 242.714619][ T6297] bridge_slave_0: entered promiscuous mode [ 242.723851][ T6297] bridge0: port 2(bridge_slave_1) entered blocking state [ 242.731097][ T6297] bridge0: port 2(bridge_slave_1) entered disabled state [ 242.740141][ T6297] bridge_slave_1: entered allmulticast mode [ 242.748039][ T6297] bridge_slave_1: entered promiscuous mode [ 242.791533][ T6297] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 242.806426][ T6297] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 242.849015][ T6297] team0: Port device team_slave_0 added [ 242.859395][ T6297] team0: Port device team_slave_1 added [ 242.900132][ T6297] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 242.907730][ T6297] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 242.936557][ T6297] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 242.951823][ T6297] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 242.960217][ T6297] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 242.988023][ T6297] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 243.044897][ T6297] hsr_slave_0: entered promiscuous mode [ 243.051894][ T6297] hsr_slave_1: entered promiscuous mode [ 243.061058][ T6297] debugfs: 'hsr0' already exists in 'hsr' [ 243.067380][ T6297] Cannot create hsr debugfs directory [ 244.413064][ T5874] Bluetooth: hci7: command tx timeout [ 246.503575][ T5874] Bluetooth: hci7: command tx timeout [ 248.012837][ T5874] Bluetooth: hci3: command 0x0406 tx timeout [ 248.573208][ T5867] Bluetooth: hci7: command tx timeout [ 250.653073][ T5867] Bluetooth: hci7: command tx timeout [ 265.393283][ T5874] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 265.406288][ T5874] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 265.415197][ T5874] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 265.424213][ T5874] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 265.432183][ T5874] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 265.704643][ T6311] chnl_net:caif_netlink_parms(): no params data found [ 265.826047][ T6311] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.834605][ T6311] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.842133][ T6311] bridge_slave_0: entered allmulticast mode [ 265.850375][ T6311] bridge_slave_0: entered promiscuous mode [ 265.860934][ T6311] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.870706][ T6311] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.879521][ T6311] bridge_slave_1: entered allmulticast mode [ 265.888277][ T6311] bridge_slave_1: entered promiscuous mode [ 265.931657][ T6311] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 265.946330][ T6311] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 265.992971][ T6311] team0: Port device team_slave_0 added [ 266.002346][ T6311] team0: Port device team_slave_1 added [ 266.045662][ T6311] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 266.054029][ T6311] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 266.081666][ T6311] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 266.094806][ T6311] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 266.102984][ T6311] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 266.130414][ T6311] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 266.207135][ T6311] hsr_slave_0: entered promiscuous mode [ 266.214390][ T6311] hsr_slave_1: entered promiscuous mode [ 266.221376][ T6311] debugfs: 'hsr0' already exists in 'hsr' [ 266.227650][ T6311] Cannot create hsr debugfs directory [ 266.418191][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.426505][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 267.453095][ T5867] Bluetooth: hci8: command tx timeout [ 268.493033][ T5867] Bluetooth: hci4: command 0x0406 tx timeout [ 269.532924][ T5874] Bluetooth: hci8: command tx timeout [ 271.612948][ T5874] Bluetooth: hci8: command tx timeout [ 273.692849][ T5874] Bluetooth: hci8: command tx timeout [ 284.333757][ T31] INFO: task syz-executor:6094 blocked for more than 143 seconds. [ 284.342028][ T31] Not tainted 6.17.0-rc1-syzkaller #0 [ 284.355308][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 284.364558][ T31] task:syz-executor state:D stack:24328 pid:6094 tgid:6094 ppid:1 task_flags:0x480140 flags:0x00004006 [ 284.377242][ T31] Call Trace: [ 284.380561][ T31] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 284.383913][ T31] __schedule+0x1190/0x5de0 [ 284.388629][ T31] ? __lock_acquire+0x62e/0x1ce0 [ 284.400850][ T31] ? __pfx___schedule+0x10/0x10 [ 284.409036][ T31] ? find_held_lock+0x2b/0x80 [ 284.421825][ T31] ? schedule+0x2d7/0x3a0 [ 284.431032][ T31] schedule+0xe7/0x3a0 [ 284.441871][ T31] schedule_timeout+0x257/0x290 [ 284.449160][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 284.461176][ T31] ? mark_held_locks+0x49/0x80 [ 284.469335][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 284.481167][ T31] __wait_for_common+0x2fc/0x4e0 [ 284.488285][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 284.502092][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 284.510759][ T31] remove_one+0x312/0x420 [ 284.523048][ T31] ? find_next_child+0x18f/0x280 [ 284.528150][ T31] __simple_recursive_removal+0x158/0x610 [ 284.600652][ T31] ? __pfx_remove_one+0x10/0x10 [ 284.607627][ T31] debugfs_remove+0x5d/0x80 [ 284.640445][ T31] nsim_dev_health_exit+0x3b/0xe0 [ 284.661158][ T31] nsim_dev_reload_destroy+0x144/0x4d0 [ 284.666874][ T31] nsim_drv_remove+0x52/0x1d0 [ 284.671797][ T31] ? __pfx_nsim_bus_remove+0x10/0x10 [ 284.677290][ T31] device_remove+0xc8/0x170 [ 284.682036][ T31] device_release_driver_internal+0x44b/0x620 [ 284.688540][ T31] bus_remove_device+0x22f/0x420 [ 284.693751][ T31] device_del+0x396/0x9f0 [ 284.698254][ T31] ? __pfx_device_del+0x10/0x10 [ 284.703792][ T31] device_unregister+0x1d/0xc0 [ 284.708618][ T31] del_device_store+0x355/0x4a0 [ 284.713731][ T31] ? __pfx_del_device_store+0x10/0x10 [ 284.719629][ T31] ? find_held_lock+0x2b/0x80 [ 284.724765][ T31] ? sysfs_file_kobj+0xe4/0x290 [ 284.729675][ T31] ? __pfx_del_device_store+0x10/0x10 [ 284.736879][ T31] bus_attr_store+0x71/0xb0 [ 284.741477][ T31] ? __pfx_bus_attr_store+0x10/0x10 [ 284.747712][ T31] sysfs_kf_write+0xef/0x150 [ 284.752881][ T31] kernfs_fop_write_iter+0x351/0x510 [ 284.758394][ T31] ? __pfx_sysfs_kf_write+0x10/0x10 [ 284.764304][ T31] vfs_write+0x7d0/0x11d0 [ 284.769158][ T31] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 284.775196][ T31] ? __pfx_vfs_write+0x10/0x10 [ 284.780148][ T31] ? __pfx_do_sys_openat2+0x10/0x10 [ 284.785483][ T31] ? find_held_lock+0x2b/0x80 [ 284.790506][ T31] ksys_write+0x12a/0x250 [ 284.795325][ T31] ? __pfx_ksys_write+0x10/0x10 [ 284.800518][ T31] do_syscall_64+0xcd/0x490 [ 284.805618][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.811962][ T31] RIP: 0033:0x7fd7fff8d69f [ 284.816558][ T31] RSP: 002b:00007ffc94085540 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 284.825171][ T31] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fd7fff8d69f [ 284.833866][ T31] RDX: 0000000000000001 RSI: 00007ffc94085590 RDI: 0000000000000005 [ 284.843145][ T31] RBP: 00007fd8000130c1 R08: 0000000000000000 R09: 00007ffc94085397 [ 284.851803][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 284.861990][ T31] R13: 00007ffc94085590 R14: 00007fd800ce4620 R15: 0000000000000003 [ 284.870505][ T31] [ 284.874416][ T31] INFO: task syz.3.53:6184 blocked for more than 143 seconds. [ 284.882266][ T31] Not tainted 6.17.0-rc1-syzkaller #0 [ 284.888613][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 284.898115][ T31] task:syz.3.53 state:D stack:27272 pid:6184 tgid:6183 ppid:5865 task_flags:0x400140 flags:0x00004004 [ 284.910701][ T31] Call Trace: [ 284.914452][ T31] [ 284.917621][ T31] __schedule+0x1190/0x5de0 [ 284.922476][ T31] ? __pfx___schedule+0x10/0x10 [ 284.927838][ T31] ? find_held_lock+0x2b/0x80 [ 284.933845][ T31] ? schedule+0x2d7/0x3a0 [ 284.940503][ T31] ? devlink_health_report+0x3ba/0x9c0 [ 284.946295][ T31] schedule+0xe7/0x3a0 [ 284.950416][ T31] schedule_preempt_disabled+0x13/0x30 [ 284.957635][ T31] __mutex_lock+0x82a/0x10b0 [ 284.973021][ T31] ? devlink_health_report+0x3ba/0x9c0 [ 284.978626][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 284.992681][ T31] ? devlink_health_report+0x3ba/0x9c0 [ 285.002642][ T31] devlink_health_report+0x3ba/0x9c0 [ 285.008450][ T31] ? __pfx_devlink_health_report+0x10/0x10 [ 285.014936][ T31] ? _copy_from_user+0x59/0xd0 [ 285.019925][ T31] nsim_dev_health_break_write+0x166/0x210 [ 285.026253][ T31] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 285.033598][ T31] full_proxy_write+0x12e/0x1a0 [ 285.038640][ T31] ? __pfx_full_proxy_write+0x10/0x10 [ 285.046235][ T31] vfs_write+0x29d/0x11d0 [ 285.051028][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 285.056703][ T31] ? __pfx_vfs_write+0x10/0x10 [ 285.061646][ T31] ? __fget_files+0x20e/0x3c0 [ 285.066760][ T31] ksys_write+0x12a/0x250 [ 285.072222][ T31] ? __pfx_ksys_write+0x10/0x10 [ 285.078308][ T31] do_syscall_64+0xcd/0x490 [ 285.084337][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.090573][ T31] RIP: 0033:0x7f67dbd8ebe9 [ 285.095270][ T31] RSP: 002b:00007f67dcbd3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 285.104258][ T31] RAX: ffffffffffffffda RBX: 00007f67dbfb5fa0 RCX: 00007f67dbd8ebe9 [ 285.112631][ T31] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000005 [ 285.121362][ T31] RBP: 00007f67dbe11e19 R08: 0000000000000000 R09: 0000000000000000 [ 285.130986][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 285.149707][ T31] R13: 00007f67dbfb6038 R14: 00007f67dbfb5fa0 R15: 00007ffcdfef0d78 [ 285.162222][ T31] [ 285.171445][ T31] [ 285.171445][ T31] Showing all locks held in the system: [ 285.192651][ T31] 1 lock held by khungtaskd/31: [ 285.197753][ T31] #0: ffffffff8e5c1060 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 285.215725][ T31] 1 lock held by syslogd/5217: [ 285.220723][ T31] #0: ffff8880b843a458 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130 [ 285.234760][ T31] 1 lock held by syz-executor/5863: [ 285.240391][ T31] 1 lock held by syz-executor/5864: [ 285.248213][ T31] 2 locks held by getty/6023: [ 285.253816][ T31] #0: ffff8880351300a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 285.271685][ T31] #1: ffffc900032102f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 285.290054][ T31] 7 locks held by syz-executor/6094: [ 285.297965][ T31] #0: ffff88803530e428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 285.315965][ T31] #1: ffff888058efd888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 285.331393][ T31] #2: ffff888027f063c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 285.352530][ T31] #3: ffffffff8f8f5ac8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 285.371616][ T31] #4: ffff88807dc690e8 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xa4/0x620 [ 285.393799][ T31] #5: ffff88805ae86250 (&devlink->lock_key#2){+.+.}-{4:4}, at: nsim_drv_remove+0x4a/0x1d0 [ 285.413384][ T31] #6: ffff888059211ac0 (&sb->s_type->i_mutex_key#3/2){+.+.}-{4:4}, at: __simple_recursive_removal+0x354/0x610 [ 285.432664][ T31] 3 locks held by syz.3.53/6184: [ 285.437767][ T31] #0: ffff8880330650b8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 285.459104][ T31] #1: ffff8881412a2428 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 285.470953][ T31] #2: ffff88805ae86250 (&devlink->lock_key#2){+.+.}-{4:4}, at: devlink_health_report+0x3ba/0x9c0 [ 285.489644][ T31] 4 locks held by syz-executor/6252: [ 285.496408][ T31] #0: ffff88803530e428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 285.513823][ T31] #1: ffff88805acd9088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 285.531367][ T31] #2: ffff888027f063c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 285.542264][ T31] #3: ffffffff8f8f5ac8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 285.554325][ T31] 4 locks held by syz-executor/6269: [ 285.560118][ T31] #0: ffff88803530e428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 285.570243][ T31] #1: ffff88805accb488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 285.581214][ T31] #2: ffff888027f063c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 285.591658][ T31] #3: ffffffff8f8f5ac8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 285.602441][ T31] 4 locks held by syz-executor/6285: [ 285.608125][ T31] #0: ffff88803530e428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 285.617969][ T31] #1: ffff88807dad9488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 285.632165][ T31] #2: ffff888027f063c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 285.643004][ T31] #3: ffffffff8f8f5ac8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 285.654022][ T31] 4 locks held by syz-executor/6297: [ 285.660567][ T31] #0: ffff88803530e428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 285.671307][ T31] #1: ffff88807a8c2088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 285.682407][ T31] #2: ffff888027f063c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 285.693255][ T31] #3: ffffffff8f8f5ac8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 285.704483][ T31] 4 locks held by syz-executor/6311: [ 285.709893][ T31] #0: ffff88803530e428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 285.721585][ T31] #1: ffff8880480de888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 285.732775][ T31] #2: ffff888027f063c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 285.743202][ T31] #3: ffffffff8f8f5ac8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 285.754208][ T31] [ 285.756615][ T31] ============================================= [ 285.756615][ T31] [ 285.766829][ T31] NMI backtrace for cpu 1 [ 285.766854][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) [ 285.766889][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 285.766906][ T31] Call Trace: [ 285.766917][ T31] [ 285.766929][ T31] dump_stack_lvl+0x116/0x1f0 [ 285.766973][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 285.767022][ T31] ? _raw_spin_unlock_irqrestore+0x61/0x80 [ 285.767059][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 285.767106][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 285.767157][ T31] watchdog+0xf0e/0x1260 [ 285.767207][ T31] ? __pfx_watchdog+0x10/0x10 [ 285.767246][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 285.767282][ T31] ? __kthread_parkme+0x19e/0x250 [ 285.767324][ T31] ? __pfx_watchdog+0x10/0x10 [ 285.767365][ T31] kthread+0x3c5/0x780 [ 285.767410][ T31] ? __pfx_kthread+0x10/0x10 [ 285.767457][ T31] ? rcu_is_watching+0x12/0xc0 [ 285.767487][ T31] ? __pfx_kthread+0x10/0x10 [ 285.767527][ T31] ret_from_fork+0x5d4/0x6f0 [ 285.767565][ T31] ? __pfx_kthread+0x10/0x10 [ 285.767602][ T31] ret_from_fork_asm+0x1a/0x30 [ 285.767647][ T31] [ 285.767664][ T31] Sending NMI from CPU 1 to CPUs 0: [ 285.901058][ C0] NMI backtrace for cpu 0 [ 285.901091][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) [ 285.901121][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 285.901136][ C0] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 285.901172][ C0] Code: 5c 65 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 43 d1 19 00 fb f4 3c 0d 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 285.901202][ C0] RSP: 0018:ffffffff8e207e08 EFLAGS: 000002c6 [ 285.901222][ C0] RAX: 0000000000153aaf RBX: 0000000000000000 RCX: ffffffff8b903bf9 [ 285.901238][ C0] RDX: 0000000000000000 RSI: ffffffff8de4b996 RDI: ffffffff8c162880 [ 285.901254][ C0] RBP: fffffbfff1c52ef8 R08: 0000000000000001 R09: ffffed1017086655 [ 285.901270][ C0] R10: ffff8880b84332ab R11: 0000000000000000 R12: 0000000000000000 [ 285.901286][ C0] R13: ffffffff8e2977c0 R14: ffffffff90ab6b90 R15: 0000000000000000 [ 285.901302][ C0] FS: 0000000000000000(0000) GS:ffff8881246c6000(0000) knlGS:0000000000000000 [ 285.901325][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 285.901341][ C0] CR2: 00005613e437af58 CR3: 0000000073cb8000 CR4: 00000000003526f0 [ 285.901357][ C0] Call Trace: [ 285.901367][ C0] [ 285.901375][ C0] default_idle+0x13/0x20 [ 285.901410][ C0] default_idle_call+0x6d/0xb0 [ 285.901451][ C0] do_idle+0x391/0x510 [ 285.901478][ C0] ? __pfx_do_idle+0x10/0x10 [ 285.901502][ C0] ? trace_sched_exit_tp+0x2f/0x120 [ 285.901545][ C0] cpu_startup_entry+0x4f/0x60 [ 285.901570][ C0] rest_init+0x16b/0x2b0 [ 285.901606][ C0] ? acpi_subsystem_init+0x133/0x180 [ 285.901643][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 285.901668][ C0] start_kernel+0x3ee/0x4d0 [ 285.901708][ C0] x86_64_start_reservations+0x18/0x30 [ 285.901749][ C0] x86_64_start_kernel+0x130/0x190 [ 285.901789][ C0] common_startup_64+0x13e/0x148 [ 285.901824][ C0] [ 285.902083][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 286.115276][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) [ 286.126248][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 286.137656][ T31] Call Trace: [ 286.141331][ T31] [ 286.144575][ T31] dump_stack_lvl+0x3d/0x1f0 [ 286.149936][ T31] vpanic+0x6e8/0x7a0 [ 286.154425][ T31] ? __pfx_vpanic+0x10/0x10 [ 286.159256][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 286.166086][ T31] panic+0xca/0xd0 [ 286.170170][ T31] ? __pfx_panic+0x10/0x10 [ 286.174984][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 286.180740][ T31] ? nmi_trigger_cpumask_backtrace+0x1b1/0x300 [ 286.187397][ T31] ? watchdog+0xd78/0x1260 [ 286.192041][ T31] ? watchdog+0xd6b/0x1260 [ 286.196788][ T31] watchdog+0xd89/0x1260 [ 286.201112][ T31] ? __pfx_watchdog+0x10/0x10 [ 286.206087][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 286.211509][ T31] ? __kthread_parkme+0x19e/0x250 [ 286.216576][ T31] ? __pfx_watchdog+0x10/0x10 [ 286.221498][ T31] kthread+0x3c5/0x780 [ 286.226128][ T31] ? __pfx_kthread+0x10/0x10 [ 286.230766][ T31] ? rcu_is_watching+0x12/0xc0 [ 286.235920][ T31] ? __pfx_kthread+0x10/0x10 [ 286.240644][ T31] ret_from_fork+0x5d4/0x6f0 [ 286.245454][ T31] ? __pfx_kthread+0x10/0x10 [ 286.250356][ T31] ret_from_fork_asm+0x1a/0x30 [ 286.255511][ T31] [ 286.259356][ T31] Kernel Offset: disabled [ 286.264048][ T31] Rebooting in 86400 seconds..