last executing test programs: 7.403905599s ago: executing program 2 (id=149): syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r0 = ioctl$auto_SIOCGIFHWADDR2(0xffffffffffffffff, 0x8927, &(0x7f0000000400)="597f7f79e7e23037fa03dd2f7188c8038cb2538c77bded083e49c701caaa09560e5752ce609a7fcf1b72e8d26339ac7e6d74bb8b221d102819b67be53a926ea5d428a24942daf7e49b7327299d3ea5bc7d3ae174609686909caf54597e357b58a87e595c63c6365c7fadacc1d3128310ad843f5f43e0560b55242aaf6d69a9718d52d67bcc989a4be1fb99e07fbaac95a27327bd7f930192963be05ddbcc06cfe8b3640c114b6463dd86dac0ea48679497c7b47b14eea65155651c4029b9f4880baae7434e8d46cadd4d1805da4f38d02ffd7fc8b631976f6e634a976137ec404523650b402e906ce696091b0ca959a208b97fae8561982305612900ef61de6fda49d02c89f2a3862501001ecf90ad7e5d75d129f0dc486a77581dbc6066bd275dbddd0b13433f761f427f8c541a1ee519f14e49f217c402b65d2e0ea09632d60452e1caf2caedc3784f1690451a6bf538d1774fd6a0794214c2bb3ee5bf64b5da6034d68770858583ff19d0cf50a9151e1033a777493a54dfc60fe89e56afbdc69a767eef8dafff3f1d3bfbb50da49bc325d6a789a519b1473d8de2f05c70f376e98de00bf8642e0e6a151b72acea0d2c0f97fa9d03dfea4d457505f6c9f72619a00e4b2889052b301a58a15ae041eed10a9d21d06026e7bcfb23a0fcb36879e7c0415fcc4e59984ea8b32afcd8ff89d5baa65d0e4e9141271fd2305253c5deecbf3be6c33d7a14257044e124a7ae429f01e36af1238c7c4cbee670a8bc88040cb72cfc2b8204f49aae472bb538e1f1734f1627be183a46e2352bbddef364adf5cafef5543f02f3a493833886c6347cbc8d9aeda1603f98f13b63f8a03c7cc574b74b5e3206d87446f2f12cc6aec3f1672eecab947579c4ce4b01e37bd9a7b76d71de9341f71856c6c89973224bd51d318125989c00b5c8b6bb03758d24b379c3666e1881808ab5246f662a209519ed2e575dee77918801dd62c39451ed04928b866cfbc0d4605f97fa06481779d9a4aa5900512c7f955b4f5acac50a0351cf40a88669b96aac07e255dca35ba8480bec0e7ec1f2cde0f0d42e068ff602a8e83c3ac6b7a972b16fc801dfbd78b9e85ca6a13b50d56a8ecf7941b06e9b192fb9ec874532f738ee6aca65c4c0bfe08db8018b7fe22dc3f17257e445a962a2792615d85a56554e8520dceb50386637956c6775798457ed620855cd93729964360ec58cba23df45e6659af25a33884ebada3a46e13c3b7a7150cc64ae519284d520af443affeed3eb98064ed755fd99bfc1a9bcbad1ab06f9ceb4f4d739095421d970124c186289c32d18cd4b4890f919eb4b3ab645b9fbc39e77e0ad4ce9854af44e622de55ffc160c01f63393e4fb0323a3bf2de444fb284026a7e2a59fc7369f3f21d8f0dfdc7ed4798a5680d3ae9f15f4164f0f0fd21cf4456f38cc00cb9cbef47aee89b957fcee5aea4a783be110d5f8d43563bb885dffb43d06d58670e002fdb5ed64d9db95bfead2e30b4edc0701c389a815931e1faa66ed05c0732859747943eb4c30865c3f1b0b0e4181612b4fe1bb3569a5e790ac3faf1ca28b2c16822ca35b3dc1d10188789aaeb71a48a6d610a8f6ab466bc23224806302ef1152c79266420dbe406e0bfe148f638a73754870c56cf8182819cdcd320bb6496247b58ba7b10f10aefa9e61372d5d003ed0dd670affee78a222b5697cc5ec840cbf8ea39699e94c926f0a91680c74faac76b1223a0ec25ad8c1e45702daaf6d8bb2709482536fdb5d51ee08bf1a04f174e5672165b974f094a535907c00e4a48628637b632fd19099874163ab99586119b9ca165268651a4258d9511e7e9c6540739b5b64d0f6371ce8f5f9bb861e4f60148b5bfd071ae36f36e41ab598ed0f9fac47a94af362803f26010042916069bc344683f705dd1a1177306e219a05442a496889a773dedb575659ae1e6c945c7489bc2467f330a750a17aca290849d04a01935d55daeee334d68c98e84023e37dc95453114970d0afb2c6f044bdf105039a8a20ca1cc1479d49f5b91e6a72eddfceaf2a052b08fc73b6506bf5aac7c1364d956a212ede345f07bca8c3af4e3a3fe7f9d485d2d463bde23c6e3fba9ff8cfcd25f65c3afd954570c7332f58d7482c4d5c2d4f53fe76d52c06e3e0f92459124d557a6d7d1cfeb3c2bd02dbc590debd72739d32a9e8cd5438ff2111f883deab0e072d4437c862314e59d085b262976863175b894914f15f5c0e9ddc6025e686ff54ac33ede6f66244b06f70356b9caeb5a15ef85a02359d336b70380e912c057b29c07180be3516ffd21ab99ad6e654ff413cbf0b2e6739560b97b4f4f2043c76867211cccd0b3c0f8c4dad345726d84bc41c066b6d0d02df3d7a9da9b44c3df143973e5e7af72cefced1ff863f5231527b465633c1a8d84988a5d5c1f69e0361fa528642eddafdfb2eea1aadc40f680d5d3d61cc754af6922c3c0bc69e5f8c07796017929015d2c9e150fda345126e183deb62555226ae133efa3ee5a1398fe1d803de5f63ac70738d3d113df96229f0b45f795cf6be20692b39c8c84a9d9d4c1509371bf57a3d5eca682e85f230545c30413b0691a02316a65caa341fee4ad9f899aef92572434e65cdb7e15199cbed21b966a8de7a9b97d42d6f55d9f1c41130048dcaea9cbcde97170a916fabe5d0917b29d79b018df051f0985500165af05ba60db5424a4f2f50c61dd3445219c7d284792caf3c42202941e59b43f7d220f50f1068ecad3304df7f0cfe13708083743a9d1c788b6e5c5df06c04cb699c99dc23b9340f18ff32f7a7116a1d6a28c0866246b7e93d7b78c658f3637e0e11fb6ab3184fb0aa21832a157c2fa91c29e05a8ba9886240c799b9250eeea949adf9390807249df06fa4cc5c65b1d381083f0bde2fe75bd662c0df83e8d9ff30afbf5bd68d589056c6dc11efe816028a8496219bdc0c7eb35d7acc0922cd7ec2fd7a538d7c389bd711eb49d6b4827c4b3ba60648ecac6ffa9e4a3245c6dc3b64e720688f3782a6913d599aaff2ff33976438af62ae76973fd5bbffa8108d6f1bbaecfdd6b3f13acd50e7c1d6a3fbed687a714ce5ef22a7a2a75dcc2d2742baca526e7406725f221180f3909a775038f2ac737eed69139d89e09f74178e9e2a19eba944e6bb5c518e8b4076168a42eb1f69ded69c2ee79c486f0ac9ac9c046e5ae0af32982e13c3254d08c6738d4a8a565ad518701e855db3895efdc7bf317be60d6c7899e9237f8e2f966ab8ab4d41da9c283f8f3cc9cd753af849a11d5b4fd7e3029192201cc259d291abf930ace9673d0dfdbca303a387e8f2181cb687768e91fef6382d6d21517d3ecacaad68e0ecdb3b65b6e3ce5f4aea4fe688bc56bc0c2c14aae5a75059e06e2c874482c03f65559c80e2eb2e40c6fb699262783d9dd0e37942e67da4f0d49ea0242d2e03bdc478eb2e38dc44915ee3f7436c0ac2e93842720bfade1494ebf10c2b840f79dc85b87427daae50dabea95420ffef5042fd04dd780cb854b05a6778b77ea9fd4910e97d256dbe565ddf7fdc310f6c8a594610c484e3517032eb78bfd0e680e0578822b333acc4de5005467649ab0fd0425d764fe528d90b3290b768dd09c6d2a1fb6a82a715b561afedeb8d86d7bd77b6de73784bf8c44be1cca7329f5b0b3bc577976965d749095a3ed299ea9e5daebbfa62a8c0150b53adc40a1208954b5fa3a06fec89a0c190ade8ea3764d8b856b18de514446dda80bfcfefb6ac4b398fd7c44b38f2dacd0327bca14daf6f1e81f0ee24b0720e3a7c8407a20c587b797ac7226704141ef2fc574d4e6baa46fbacc6bb3ecb78aa71781ca3492dcdf8ef870e25df49bbf7a74e0f32352352f2604addc4a621035f5c54e21717430413ff23e8a635b33f26834f9386166721c70c181904fde653d85ef823adc640b3d40a5af3d3b75ca97405f913da4944edf8293aabaaf696b9a60be6efd0f8d611c0fc47c3eed1f53d4e3b779413302c806ba7f0eb8ca5ae69627107f03a2e62a4111aa9971fbc4a147ae0609451d671df3c5f7a95a627ca0194eb0c2fa746980d77e9e70415d07b19de9b6907362208dac7c6c746b10ce78572c4401fdc7f55f01025fa304db624a38036a7f6f9c73858caa68966bbc7ddca13f7905cf94e4d47df1c07e92efc226c1511dd036cfabb290e03ef0859205e3d428b134ed58c193557afdb98a1f7a4825c79d1c306f230b5894eab943a3a892f6347012e7e5ebd68d4b29faf32612603ef8e9d1bdd80aaa67c509cf3cb207799bdca732432263a944fcac9dc91ef2b1f2f1df05607a40aadbe96f4923646c25788899ae504e675c8fc7106c0641e1e7067f6e6a5992519d601113e45c7cb4902f5a2ebd1fb8ce8ab2969f101d509ca1c27b9cfe770175f71109b73efa7e4412e66ea134c0c10a7575f1cb703b7595a76c5723b12761e8f431c482b457b64b5a3f2eacefabf9f0012a09968c2b134b4fd3bd4732e0a69052dad87dcd8a4c6021c68cb18749d2b669464056c01fe242db5141c51ce2f9338eba48ed8024bd6bc377869bea20e7e0251756ea6907845a9fefed238fc390cf0f2eead60687eb53b115cdc39a0b2bd9f7bef182670df732d64fd666ebdd0cc0e2d8656a38ed4e2d4353d6b12a5bee9d9251ff718be5acf35958cba22c1739dd0818ffb91851b5c68d691a83993a03472029c45a419718001bafed699cd1a28386729474ecb6685227ecdbcd9febcdd2a2cd524f9e57a7a0b7085453671e863adafb74282f6febb5ca37a1fdd7caeb1ca337c6b8f47a7048eb53460feed9651fda0819ac861fa4e130082ac620c0b4d305040640b1a1670a104df697ee22aec1f6cba9185f4685f9d166f42c5ae5c6d0e1647561efc95efdb7cfdc860694b0f0ba2f4df9b1328c926c1a0214cf914c7a0afd58c93edd3c6ef9bd3e171f5c51659ca183cb5589d60ca1cc23ef1157b8ffc0118e8deae1ea259bb4704d23267eb166922787fe137bd3d405b8dc3680b1d13ee498e3fd28af64eea461b6f7f9f7a13e8280f0071dfb90d78219f08f74e8dd227306a94327cbfdec450626b3f86d0eafb5147dadf54fbaf6502ff05172bd7900d1ac8f7812c8d88110c6bd7b67f6683a67d7217c506f214c83af96a689822f7fd7a811f14e52adb8cc06b75e421b85e88ca70fdc68d695c173fce4502d40b1afa11885a2d8018be7af76951fb32252331627ea9d3e65f7297a6cb3b7a6e129749d6ac925afe327bc4cf3e2a35c5bbdf1eb2bb45c6e1d61d426710156c7af3666abfabe2526c833feb33dc33c217a40bbcf701d10e52896ae285a2db3194c529f96380ff668c515d06f1366dfc7f81bcaa88f5c1837520bfc1876079705ece7f7a6f8f7a7d066472525cac5bf2fc4309b87c22918ba8472ec75305bd7dfea2cb8856cf9f78b688b70b4a5a9c42043e7fc1d591d312e8b8d03ba089021efd254cd91478b7ba528160adcb71bdd5e43a051764be57cb6400c2c67d1f1096a0588ca39d953172953c88a0835dbadd0568a487f80b063a704d016c35f9ff161994bbface6f8a6f468f245bedd89b5f2b0d7343416053c1b2a2978c37d0670ed85c51f9555c64244df1cff8dcdc3d23dd1cc24e8c59a290165bd5f6e3adbbd8e690ee5b8a4202eccb708c51a265fdabbe7893e805880ddda08084c29895e93f0f47f54b21021be77ef48d494c0384051db431e38ae97567c62a67cd49b7e4c9698d970401a7f15773509dbd8ae7cac4") r1 = syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f00000000c0), 0xffffffffffffffff) newfstatat$auto(0xffffffffffffff9c, 0x0, &(0x7f00000001c0)={0x10000, 0x1, 0x3, 0x5, 0xee01, 0xee00, 0x0, 0x8, 0x8001, 0x43, 0x0, 0x26e2de87, 0xa, 0x9, 0x5, 0x0, 0x5}, 0x3) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000580)={0x2c, r2, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0xf4e379f37c5b8231}, 0x10000) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_RSS_GET(r3, 0x0, 0x44010) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f0000001400)=ANY=[@ANYBLOB="ff010000", @ANYRES16=r1, @ANYBLOB="200026bd7000fcdbdf250300000008000100070000000400028004000280a4000380cdd1ce5b2a69fac2ec5884d7062e744072cae7f0035b1af346b811d56a87d30de69b7981d456c1b86f3a5217a05d6cef480a0f049fd72de7146d1e2fe7951ec7adc4c730ddd69dab0e174feccd89814aa69dc286db95555d5b623ae9e55b21e32cc689d90829cdc08ed19582c9a9bcbe51b3dce25213d121e8fd14a2660f7102ef98dec156267df90800ac00070000000d00b3006f76735f666c6f77000000005000038010000f800400038004004180040039800c17e75548653d23b618e9e3cf2dafeed1c22bde10b2dfbbf97bc3c27e53c72b86a433e39f30b123fc28c68b29731a43cd0894acec207f299c3636640c000380080097800400f980"], 0x124}, 0x1, 0x0, 0x0, 0x884}, 0x4000810) truncate$auto(0x0, 0xfffffffffffffff9) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$auto(r4, 0x0, 0x3, 0xd9) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r5 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r5, 0x0, 0x1f40) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x80000000009b72, 0x2, 0x8000) setrlimit$auto(0x1000000007, 0x0) mq_open$auto(&(0x7f0000000000)='/proc/thread-self/net/rpc/nfsd\x00', 0x7, 0x3ff, 0x0) writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = gettid() kill$auto(r8, 0x11) syz_genetlink_get_family_id$auto_ila(0x0, r3) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000002ec0), r7) sendmsg$auto_OVS_FLOW_CMD_GET(r4, 0x0, 0x448c0) 6.419946499s ago: executing program 2 (id=150): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/026/001\x00', 0x8002, 0x0) ioctl$auto_USBDEVFS_DISCSIGNAL(r0, 0x8010550e, &(0x7f0000000140)={0x5, 0x0}) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x403, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) socket(0x23, 0x80805, 0x0) ioctl$auto(0x8000000000000001, 0x89ef, 0x9) sendmsg$auto_HWSIM_CMD_GET_RADIO(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)={0x28, 0x0, 0x400, 0x70bd26, 0x25dfdbfd, {}, [@HWSIM_ATTR_RADIO_NAME={0xc, 0x11, 'ethtool\x00'}, @HWSIM_ATTR_SIGNAL={0x8, 0x6, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x40000d0) kcmp$auto(0x1, 0x1, 0x0, 0x100000004, 0x100000001) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000804}, 0x40000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) r3 = socket(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="2d124ea7", @ANYRES16=r4, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32"], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0xff0cb17c42d5c1f9) 5.874003982s ago: executing program 2 (id=153): read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) capset$auto(0x0, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x100) unshare$auto(0x40000080) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x8080) mmap$auto(0x0, 0x2020009, 0x3, 0x15, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = memfd_secret$auto(0x0) ftruncate$auto(r0, 0x101) ftruncate$auto(0x3, 0x0) execve$auto(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=&(0x7f0000000080)='/sys/kernel/mm/transparent_hugepage/shmem_enabled\x00', &(0x7f0000000140)=&(0x7f0000000100)='/sys/kernel/mm/transparent_hugepage/shmem_enabled\x00') clone$auto(0xfffffffffffffffb, 0x401, 0x0, 0x0, 0x7) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) acct$auto(0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x80502, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/transparent_hugepage/shmem_enabled\x00', 0xc8002, 0x0) mmap$auto(0x8000000000000, 0x2000c, 0x10000000000df, 0xeb2, 0x401, 0x8000) read$auto(0x3, 0x0, 0x80) 5.766171513s ago: executing program 3 (id=154): r0 = socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) setsockopt$auto(r0, 0x6, 0xd, &(0x7f0000000280)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00', 0x4) sendmsg$auto_IEEE802154_SET_MACPARAMS(r0, &(0x7f00000004c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xb899f7530191df37}, 0xc, &(0x7f0000000480)={&(0x7f0000000240)={0x14, 0x0, 0x200, 0x70bd2d, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x80) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x800000002, 0x8000) sendmsg$auto_OVS_FLOW_CMD_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x18}, 0x1, 0x0, 0x0, 0x40000}, 0x94) syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f00000001c0), r0) socketpair$auto(0x2, 0xfffff671, 0x8, &(0x7f0000000000)=0xc8) write$auto(0x3, 0x0, 0x80000002) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r1 = prctl$auto(0x1000000003b, 0x1, 0x0, 0x2, 0x1007) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2, 0x1, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8182, 0x0) write$auto_fops_init_pkru_pkeys(r2, &(0x7f0000000440), 0x0) readv$auto(r1, 0x0, 0x8) 5.216618864s ago: executing program 1 (id=155): r0 = openat$auto_null_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x101, 0x0) fcntl$auto_F_SETLK(r0, 0x6, 0x9) r1 = socket(0x1e, 0x1, 0x0) bind$auto(r1, &(0x7f0000000040)=@tipc=@nameseq={0x1e, 0x1, 0x3, {0x40, 0x0, 0x2}}, 0x66) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r2) close_range$auto(0x2, 0x8, 0x100) socket(0x18, 0x4, 0x0) writev$auto(0x3, 0x0, 0x8) open(0x0, 0x7ffd, 0x12) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ad00, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) r3 = socket(0xa, 0x801, 0x84) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_INFO(0x100, 0x3, &(0x7f00000012c0)={{0x632, 0xffffffffffffffff, 0xee00, 0x1, 0x5, 0x1, 0x80}, 0x0, 0x0, 0x1b, 0x7, 0x5, 0x7, 0x1, 0xdd34, 0x7, 0x8, @raw=0xffff}) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) msgctl$auto_IPC_RMID(0xffff, 0x0, &(0x7f0000000280)={{0x4, r5, r6, 0xfffffffd, 0x9, 0xd, 0xb}, &(0x7f0000000200)=0x5, &(0x7f0000000240)=0x5, 0x1, 0x1, 0x6e, 0xe811, 0x5, 0x4, 0x5, 0x10, @raw=0x5, @raw=0x7}) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x54) get_robust_list$auto(0x0, 0x0, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) setsockopt$auto(r3, 0x1, 0x3f, 0x0, 0xb) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0xffffffff, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) 5.192714599s ago: executing program 2 (id=156): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x3) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r2 = epoll_create$auto(0x7) epoll_wait$auto(r2, 0x0, 0xe007, 0x1) socket(0x23, 0x80805, 0x0) write$auto(0x3, 0x0, 0xfdef) sendfile$auto(r0, r0, &(0x7f00000000c0)=0x1, 0x7) ioctl$auto(0x3, 0x89ed, 0xfffffffffffff4e0) mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x401, 0x66) r3 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r3, &(0x7f0000001680)="a7", 0x80000) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x68a80, 0x0) 4.035928256s ago: executing program 1 (id=159): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0) ioctl$auto_USBDEVFS_FREE_STREAMS(r0, 0x8008551d, 0x0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vhci_hcd.10/usb30/30-0:1.0/bAlternateSetting\x00', 0x480140, 0x0) memfd_secret$auto(0x0) (async) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) ftruncate$auto(0x3, 0x700) (async) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async) io_uring_setup$auto(0x6, &(0x7f0000000080)={0x7ffeffff, 0xd, 0x800, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0x8c48, 0x429f, 0x100, 0x7f, 0x125, 0x6, 0x2}, {0x1, 0x1, 0xe6, 0x5, 0x1, 0x0, 0x8, 0x8, 0xffffffff}}) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) (async) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) epoll_create$auto(0x4) (async) socket(0x25, 0x1, 0x1) (async) select$auto(0xc, 0x0, 0x0, &(0x7f00000002c0)={[0x1fd, 0x8, 0x1, 0x1, 0x948b, 0x2, 0x15f4da0b, 0x6, 0x80000000080, 0x1fffe000000000, 0x80000001, 0x5, 0x6d3c, 0x401]}, 0x0) (async) writev$auto(0xffffffffffffffff, 0x0, 0xa) (async) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x367, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) (async) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) (async) mmap$auto(0x4, 0x0, 0xdf, 0x9b72, 0x2, 0x8000) (async) setxattrat$auto(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x1000, &(0x7f00000001c0)='ns/mnt\x00', 0x0, 0xb9) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/neigh/veth0_virt_wifi/base_reachable_time\x00', 0x0, 0x0) (async) socket(0x2, 0x1, 0x0) (async) sysfs$auto(0x2, 0x0, 0x0) (async) clone$auto(0xb74b, 0xfffffffe, &(0x7f00000003c0)=0x99, 0x0, 0xc) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) (async) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) 3.884603365s ago: executing program 3 (id=161): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="02002cbd7000fedbdf2502000000080003008000400008001d"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {0xa, 0x0, 0xa00}}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) (async, rerun: 64) socket(0x10, 0x2, 0x0) (rerun: 64) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async, rerun: 64) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) (rerun: 64) r0 = openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) mmap$auto(0x7f, 0x7, 0x80000df, 0x9b72, r0, 0xb31) (async) get_mempolicy$auto(0x0, 0x0, 0x9, 0x0, 0x1) (async, rerun: 32) prctl$auto_PR_SET_SHADOW_STACK_STATUS(0x4b, 0x0, 0x0, 0x9, 0x3) (rerun: 32) get_mempolicy$auto(&(0x7f0000000040)=0x8, &(0x7f00000000c0)=0x3, 0x380, 0x7fffffffffffffff, 0x9) 3.801461131s ago: executing program 0 (id=162): socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/firmware/memmap/2/type\x00', 0x18b740, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2000000000000021, 0x2, 0x10000000000002) socket(0x2a, 0x2, 0x0) r0 = socket(0x2a, 0x2, 0x1) connect$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0x4001}, 0x55) bind$auto(0x3, &(0x7f0000000080)=@qipcrtr={0x2a, 0x1, 0x8000}, 0x6b) 3.603439986s ago: executing program 0 (id=163): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20008, 0x3, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) r0 = socket(0x2, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRES16, @ANYBLOB="afa72dbd7000ffdbdf250e000000"], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x20000000) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x89\x06s\x1cJ\x99\x00:\x00!\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x10, 0x6) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, r2) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f00000001c0), r3) unshare$auto(0x40000080) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) io_uring_register$auto(r0, 0x14, &(0x7f00000002c0)="0baaf2fceca7f95b42bb57e35b49a365d4a1a7c43065bd3a1281f8c63ff3c75939d16d4cf406b1aa5aea95d949356c4c1d62bd55cb9fc9dd46b25d89ffcedcf205a626a5616f936f42857474e3d3f675244b9c738482a5b6e4472e7f35aa9abdda7380f7142d7aa244723c5932a894f5f5f56f880000000000000000", 0x200082) fsopen$auto(&(0x7f0000000000)='nlctrl\x00', 0x3) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) 3.416178687s ago: executing program 3 (id=164): r0 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r0, 0x107, 0xc, 0x0, 0x4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="02002cbd7000fedbdf2502000000080003008000400008001d"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) sendmsg$auto_CGROUPSTATS_CMD_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="13000000", @ANYRES16=0x0, @ANYBLOB="2586f2bd7000fedbdf2504"], 0x1c}, 0x1, 0x0, 0x0, 0x400c9d0}, 0x4080) r1 = pidfd_open$auto(0x1, 0x0) pidfd_send_signal$auto_PIDFD_SIGNAL_THREAD_GROUP(r1, 0x8, &(0x7f0000000440)={@siginfo_0_0={0x8, 0x80, 0x676164a5, @_rt={0x0, 0x0, @sival_ptr=0x0}}}, 0x2) r2 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB='r'], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x200440c0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0x8001c01, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x7}, 0x3d55, 0x0) 3.154031022s ago: executing program 3 (id=165): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r0) sendmsg$auto_NL80211_CMD_GET_WIPHY(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB="0610000047118fd4e36bfa81591ad25497bfb18d53254a2314cb4bbb8bec93ef5301084304975fc8149336f320b70b", @ANYRES16=r1, @ANYBLOB="810b25bd7080fbdbdf25010000"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(r2, 0x0, 0x4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) madvise$auto(0x0, 0xf663, 0x8) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) write$auto(0x1, 0x0, 0x80000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) openat$auto_nsim_dev_max_vfs_fops_dev(0xffffffffffffff9c, &(0x7f00000089c0)='/sys/kernel/debug/netdevsim/netdevsim1/max_vfs\x00', 0x101000, 0x0) mmap$auto(0x0, 0xfffffffffffffffd, 0xdf, 0x10, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socket$nl_generic(0x10, 0x3, 0x10) socket(0x3, 0x80000, 0x6) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/amidi2\x00', 0x402000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty0\x00', 0x102, 0x0) writev$auto(r4, &(0x7f0000000040)={&(0x7f0000000000), 0xff}, 0x1) socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r5 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x8000, 0x0) read$auto(r5, 0x0, 0x1f40) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3) 3.034396433s ago: executing program 1 (id=166): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_GET_TXSC(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001940)={0x14, r1, 0x186f202170196f7b, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x200008d0}, 0x40080c4) 2.793189756s ago: executing program 1 (id=167): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2008000) r0 = socket(0xa, 0x2, 0x0) setsockopt$auto(r0, 0x0, 0x30, 0x0, 0x568) socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm0p/sub0/hw_params\x00', 0x1c1282, 0x0) r2 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/block/nbd1/hctx0/flags\x00', 0x42, 0x0) pread64$auto(r2, 0x0, 0x1000f42d, 0x100) read$auto_proc_reg_file_ops_compat_inode(r1, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f0000000e00)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde4727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e28782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb1338074113579e665c6f3cffde5a8ee98a7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1fb124cab606faed24a393058cea1c1286001ee5c0c1fa26b6a81ebdd4718a94cebdb45bfe812c771df398d3305da03d37ced9d0242b6da212dc9f5c14d7ff999bee20f6621792d1442e449eba8589a823e5e99c65fdffbaefe89e2e32406ec4cf574e335e2d288e4cdad56f4b1b57c364ed3e28809e480d6f410c7ebf43bd2a605d6a8c9facae6b7f8f2c56f792ae21fc0cc5dd9beae0cab3547ebb5467183c2f01bc315bd7bd191088886752dc5108093bdbc91348743440130f33d3dfa9c25490245e5fa904f8660e82253c826b7bea4e9a7a1c627e10c56d71878a644bd176016f29cf5398be14cc0fdec45c65e2b967aedb75212eed1eb05a44da62190009d1c08163b74813b82c27f1e6cd681a4b5150f967444b7bc930da68603fd706e96ba8663b2e50ef0a9b04e321a8a337b08fea7288a3fef5062c7e4c17ad3d490870d39c10b78a74eab25c993527e313a4f59d86de55aa9a8a63f734c2db556692fe993b0cd08e0ab5434c9ec02d5127354f55e6b5d5a7b61685d02edae21ece71d203abf7408211229a9ebbfdeffa2c0f38db274066d0706d80398c172e6daf4a0dce62c2287cbf0d30cfa313d7baf4e5caa18f594f0ab0d854f3cef76ff83e96fa49d0e0f8a47193b51a0a45aee2e1d9a5b372b8ee828f645a06979ec351d798480c7824e846028c02f58b5641acbae1e2079abd86182a662bb1642c9346d7fba628fb012da293acef33b8b76a8885c2e5d685348b6148c5b44409f58d8d5f29344fe8a2e4c2432ae622bb1912ea65d5574bff895025bd72cd780d59cbaa0886afd5d6676d2de6266903115525c075cc3f75ce9eba3787a890e1f758f0e502c4c9c0538dc942cf4e2d69742edeeddb66b1d459fcf6f744b2c40111104ab21fd4e99b4477e25cc5a9af59108c8b2f569d4ba227c754f294fdc1e6b383fd89861a203f4d4ee33814aeb21ee411a0d6918533aa2450b1e35c97ab6f01f3829c8a4c33fe0fbc81dd579bbdb44eda4f335d2bc512ca7f38f603c29033c94df2c9533f4422432f574a021e90a0fe3a4cf54de46e25986315b30956face49e26e8dcbcc9e1363627a9f38a2ee8304307dab4013d77f4c337551e2a6ac230788513cdd15e734263e4973c75757d9809c510977adc3be6c5b110597b09c7dad1f54e4506744710b53221e4a7982ac4c59bfae6370258b5af7864a4ca680addd736e35da579cc0e975e6cdefa3d082c8b4b10b205415c32797d9450c002895c9b40", 0xd44) mmap$auto(0x0, 0x10000, 0x8000, 0xeb1, 0xfffffffffffffffa, 0x8000) ppoll$auto(0x0, 0x9, 0x0, 0x0, 0x8) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) futex_wait$auto(0x0, 0x0, 0x7f, 0x2, 0x0, 0x1) futex_wake$auto(0x0, 0x7, 0xfffffffb, 0x2) sysfs$auto(0x2, 0x23, 0x0) r4 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r4, 0x0, 0x4) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_VERSION_SET(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000001}, 0x4010) 2.084947082s ago: executing program 3 (id=168): socket(0x10, 0x2, 0xa) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000306b87000fedbdf250300000004000800040003"], 0x28}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB='$'], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000c4) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.91538752s ago: executing program 3 (id=169): openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x2a801, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) getrandom$auto(0x0, 0x6000000, 0x3) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x8c00, 0x0) listmount$auto(0x0, 0x0, 0x1, 0x1) mmap$auto(0x0, 0xf6, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x1f, 0x717c, 0x1ffdf, 0x7, 0x4, 0x9, 0x9, 0x3, 0x0, 0x1, 0xb4, 0x9, 0x8, 0x810003, 0x80, 0x4, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40]}, 0x1fe, 0xd) r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PHY_GET(0xffffffffffffffff, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010326bd7000ffdbdf252d"], 0x20}, 0x1, 0x0, 0x0, 0x2404c012}, 0x80) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) write$auto(0x1, 0x0, 0x80000000) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f00000001c0)) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) statmount$auto(&(0x7f0000000000)={0x7e, @raw, 0x80000020, 0xd95, 0x2}, 0x0, 0x7ffffffff000, 0x0) socket(0xa, 0x3, 0x3c) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty48\x00', 0x800, 0x0) 1.765222216s ago: executing program 1 (id=170): open(&(0x7f0000000100)='.\x00', 0x591002, 0x408) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x3, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1, 0x1, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x2, 0x801, 0x106) socket(0xa, 0x1, 0x0) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x2, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socket(0xa, 0x2, 0x3a) io_uring_setup$auto(0x6, 0x0) r0 = socket(0xa, 0x2, 0x88) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x4, @old_prog_fd=r0}, 0xa3) bpf$auto(0x1, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x7f, @prog_cnt=0x4, 0x0, 0x80000000, 0xc, 0xb, 0x5}, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0x7fffffff) 1.474946627s ago: executing program 0 (id=171): socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/firmware/memmap/2/type\x00', 0x18b740, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2000000000000021, 0x2, 0x10000000000002) socket(0x2a, 0x2, 0x0) r0 = socket(0x2a, 0x2, 0x1) connect$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0x4001}, 0x55) bind$auto(0x3, &(0x7f0000000080)=@qipcrtr={0x2a, 0x1, 0x8000}, 0x6b) 1.383267509s ago: executing program 2 (id=172): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="02002cbd7000fedbdf2502000000080003008000400008001d"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) sendmsg$auto_CGROUPSTATS_CMD_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="13000000", @ANYRES16=0x0, @ANYBLOB="2586f2bd7000fedbdf2504"], 0x1c}, 0x1, 0x0, 0x0, 0x400c9d0}, 0x4080) r0 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB='r'], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x200440c0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x8001c01, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x7}, 0x3d55, 0x0) 1.10765126s ago: executing program 0 (id=173): mmap$auto(0x0, 0x428, 0xdf, 0xeb1, 0x401, 0x8000) (async) r0 = ioctl$auto_TUNSETDEBUG(0xffffffffffffffff, 0x400454c9, &(0x7f00000001c0)=0x401) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/mm/ksm/stable_node_chains_prune_millisecs\x00', 0x400, 0x0) read$auto(r1, 0x0, 0x9) sendmmsg$auto(r0, 0x0, 0xfffffffd, 0xe1d3) (async) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001100)='/proc/bus/pci/00/03.0\x00', 0xa0581, 0x0) write$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f0000001140)="8cbdca", 0x3) (async) writev$auto(r2, &(0x7f0000001d40)={0x0, 0x2}, 0x6) r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/034/001\x00', 0x181042, 0x0) ioctl$auto_USBDEVFS_CLEAR_HALT(r3, 0x80045515, &(0x7f0000000140)=0x81) (async) io_uring_setup$auto(0x59, 0x0) (async) open(0x0, 0x64842, 0x94) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8000, 0x0) (async) io_uring_setup$auto(0x6, 0x0) (async) socket(0x2, 0x3, 0x2) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) (async) sendto$auto(0x3, 0x0, 0xffeb, 0xe, &(0x7f0000000100)=@in={0x2, 0x4e22, @multicast2}, 0x19) (async) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x805, 0x0) (async) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) ioctl$auto(0x3, 0x40045532, 0x38) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x100, 0x0) 661.345628ms ago: executing program 1 (id=174): mq_notify$auto(0xffffffffffffffff, &(0x7f00000002c0)={@sival_int=0x221a, @inferred, 0x3, @_tid}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bpf$auto(0x0, 0x0, 0xd) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x80) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) adjtimex$auto(0x0) socket(0x5, 0x3, 0x200040) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x9, 0x6, 0x63, 0x0, 0x0, 0x0, 0x8, 0x200, 0x2, 0x40000402, 0x9, 0x9, 0x2, 0xd, 0x6, 0x200000100103}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) r0 = socket(0x27, 0x800, 0x6) read$auto(0x3, 0x0, 0xf3c) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}, 0x1, 0x0, 0x0, 0x24008000}, 0x4004) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000480)='/sys/kernel/debug/ieee80211/phy10/netdev:wlan0/stations/08:02:11:00:00:01/aid\x00', 0x20100, 0x0) read$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(r2, 0x0, 0x0) bind$auto(r1, &(0x7f0000000040)=@ax25={0x3, @bcast, 0x2}, 0x6a) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = io_uring_setup$auto(0x6, 0x0) setsockopt$auto_SO_RCVLOWAT(r4, 0xfff00000, 0x12, &(0x7f0000000100)='*\x94{[[\'%-%\x00', 0x6) write$auto(r3, &(0x7f0000000280)='/dev/audio1\x00', 0xfffffffffffffffd) sendmsg$auto_TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, 0x0, 0x20) futex$auto(0x0, 0x6, 0x0, &(0x7f0000000140)={0x3, 0x9}, &(0x7f0000000180)=0x8, 0xffffff00) bind$auto(0x3, 0x0, 0x6a) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) madvise$auto(0x110c230000, 0x8031ca, 0x9) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto_SNDCTL_DSP_GETODELAY(0xffffffffffffffff, 0x80045017, &(0x7f0000000c00)) socket(0x29, 0x2, 0x0) 572.253321ms ago: executing program 0 (id=175): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_GET_TXSC(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001940)={0x14, r1, 0x186f202170196f7b, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x200008d0}, 0x40080c4) 365.814057ms ago: executing program 0 (id=176): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1ff, 0x7c9, 0x25, 0x4909b6f5, 0x1ffde, 0x7, 0x3, 0x20000009, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x255b, 0x0, 0xa, 0x22000, 0x1ff, 0xffffff28, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0xffff, 0x10, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffffffe]}, 0x1fe, 0x9) r0 = open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x4) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r0, 0x80083314, &(0x7f0000000040)=0xce) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="1100"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r1 = socket(0x10, 0x4, 0x0) setsockopt$auto_SO_RXQ_OVFL(r1, 0x1, 0x28, 0x0, 0x7) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x1892, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000140), 0xb, 0xa505}, 0x800}, 0x7, 0x4008) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/netfilter/nfnetlink_queue\x00', 0x101000, 0x0) r2 = socket(0x10, 0x2, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) clone$auto(0x7fff, 0x200, 0x0, 0x0, 0xf) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) r5 = socket(0xa, 0x3, 0x3a) getsockopt$auto(r5, 0x29, 0xd1, 0x0, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000001008011, 0x3, 0x8000) madvise$auto(0x0, 0x454, 0x9) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) r6 = ioctl$auto_KVM_CREATE_VM(r3, 0x4004ae99, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(r0, 0x8, 0x10000) close_range$auto(0xffffffffffffffff, 0xfffffffffffff000, 0x2) io_uring_enter$auto(r2, 0x1, 0x82400001, 0x0, 0x0, 0x18) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000080), r6) unshare$auto(0x40000080) 0s ago: executing program 2 (id=177): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_L2TP_CMD_SESSION_CREATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x40) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/controlC2\x00', 0x4000, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x6, 0x38, 0x1000000000065f, 0x1ffde, 0x7, 0x3, 0x20000002, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x6, 0x2, 0x80, 0x4, 0x0, 0x7, 0x2000, 0x203, 0x0, 0x84}, 0x1fe, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) ioctl$auto_FS_IOC_GETFLAGS(r1, 0x80086601, 0x3) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.31' (ED25519) to the list of known hosts. [ 99.009927][ T5816] cgroup: Unknown subsys name 'net' [ 99.168150][ T5816] cgroup: Unknown subsys name 'cpuset' [ 99.178150][ T5816] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 101.029759][ T5816] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 102.255114][ T9] cfg80211: failed to load regulatory.db [ 103.356368][ T5827] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 103.374922][ T5827] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 103.396826][ T5827] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 103.420059][ T5829] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 103.428218][ T5829] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 103.439539][ T55] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 103.448014][ T55] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 103.456935][ T55] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 103.465737][ T55] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 103.474395][ T55] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 103.497485][ T5832] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 103.497495][ T5836] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 103.516790][ T5140] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 103.527965][ T5140] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 103.535677][ T5836] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 103.544346][ T5140] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 103.564868][ T5836] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 103.572287][ T5140] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 103.583893][ T5140] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 103.594239][ T5140] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 104.117209][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 104.271734][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 104.356220][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 104.368433][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 104.425918][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.433754][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.441969][ T5828] bridge_slave_0: entered allmulticast mode [ 104.451908][ T5828] bridge_slave_0: entered promiscuous mode [ 104.464614][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.472002][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.479830][ T5828] bridge_slave_1: entered allmulticast mode [ 104.490905][ T5828] bridge_slave_1: entered promiscuous mode [ 104.658616][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.675576][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.796778][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.807616][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.818615][ T5831] bridge_slave_0: entered allmulticast mode [ 104.827641][ T5831] bridge_slave_0: entered promiscuous mode [ 104.852190][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.859892][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.867423][ T5825] bridge_slave_0: entered allmulticast mode [ 104.875813][ T5825] bridge_slave_0: entered promiscuous mode [ 104.885068][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.892422][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.900250][ T5825] bridge_slave_1: entered allmulticast mode [ 104.908438][ T5825] bridge_slave_1: entered promiscuous mode [ 104.919027][ T5828] team0: Port device team_slave_0 added [ 104.928706][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.936326][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.943886][ T5831] bridge_slave_1: entered allmulticast mode [ 104.951322][ T5831] bridge_slave_1: entered promiscuous mode [ 104.990010][ T5828] team0: Port device team_slave_1 added [ 105.017002][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.024310][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.031521][ T5835] bridge_slave_0: entered allmulticast mode [ 105.039602][ T5835] bridge_slave_0: entered promiscuous mode [ 105.088701][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.098331][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.105679][ T5835] bridge_slave_1: entered allmulticast mode [ 105.113491][ T5835] bridge_slave_1: entered promiscuous mode [ 105.124582][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.137772][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.165252][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.179149][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.230911][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.239048][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.265159][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.298221][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.323329][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.330335][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.356781][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.386016][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.414937][ T5825] team0: Port device team_slave_0 added [ 105.431112][ T5831] team0: Port device team_slave_0 added [ 105.440908][ T5831] team0: Port device team_slave_1 added [ 105.465706][ T5825] team0: Port device team_slave_1 added [ 105.475030][ T5835] team0: Port device team_slave_0 added [ 105.534116][ T5832] Bluetooth: hci1: command tx timeout [ 105.549205][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.556444][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.583039][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.597919][ T5835] team0: Port device team_slave_1 added [ 105.613317][ T5832] Bluetooth: hci2: command tx timeout [ 105.613904][ T5140] Bluetooth: hci0: command tx timeout [ 105.623690][ T5832] Bluetooth: hci3: command tx timeout [ 105.636791][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.644035][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.670611][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.696553][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.704397][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.730871][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.764341][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.771361][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.798113][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.838259][ T5828] hsr_slave_0: entered promiscuous mode [ 105.845654][ T5828] hsr_slave_1: entered promiscuous mode [ 105.854832][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.861921][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.888607][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.902135][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.909306][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.935361][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.061763][ T5825] hsr_slave_0: entered promiscuous mode [ 106.069028][ T5825] hsr_slave_1: entered promiscuous mode [ 106.075583][ T5825] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 106.083519][ T5825] Cannot create hsr debugfs directory [ 106.135534][ T5831] hsr_slave_0: entered promiscuous mode [ 106.142524][ T5831] hsr_slave_1: entered promiscuous mode [ 106.149808][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 106.157543][ T5831] Cannot create hsr debugfs directory [ 106.173932][ T5835] hsr_slave_0: entered promiscuous mode [ 106.180385][ T5835] hsr_slave_1: entered promiscuous mode [ 106.186811][ T5835] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 106.194661][ T5835] Cannot create hsr debugfs directory [ 106.702520][ T5828] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 106.719340][ T5828] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 106.744438][ T5828] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 106.766442][ T5828] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 106.811069][ T5835] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 106.852555][ T5835] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 106.877900][ T5835] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 106.892193][ T5835] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 106.957385][ T5831] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 106.978445][ T5831] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 106.995493][ T5831] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 107.038096][ T5831] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 107.158437][ T5825] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 107.178350][ T5825] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 107.195640][ T5825] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 107.209532][ T5825] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 107.244997][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.357971][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.419372][ T3486] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.427837][ T3486] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.481364][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.496324][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.504303][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.532504][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.613671][ T5832] Bluetooth: hci1: command tx timeout [ 107.632232][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.669974][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.693866][ T5832] Bluetooth: hci0: command tx timeout [ 107.694728][ T5140] Bluetooth: hci3: command tx timeout [ 107.701176][ T5832] Bluetooth: hci2: command tx timeout [ 107.724371][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.736911][ T1337] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.746130][ T1337] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.758642][ T1337] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.766585][ T1337] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.791209][ T1337] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.801776][ T1337] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.824479][ T1337] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.836857][ T1337] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.888439][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.915201][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.924607][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.936655][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.944725][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.091359][ T5825] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 108.438392][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.586852][ T5828] veth0_vlan: entered promiscuous mode [ 108.669990][ T5828] veth1_vlan: entered promiscuous mode [ 108.706540][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.722598][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.740563][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.822469][ T5828] veth0_macvtap: entered promiscuous mode [ 108.857928][ T5828] veth1_macvtap: entered promiscuous mode [ 108.902996][ T5825] veth0_vlan: entered promiscuous mode [ 108.936359][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.957481][ T5835] veth0_vlan: entered promiscuous mode [ 108.978063][ T5825] veth1_vlan: entered promiscuous mode [ 108.992482][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.026189][ T5828] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.037873][ T5828] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.049936][ T5828] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.060839][ T5828] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.079132][ T5831] veth0_vlan: entered promiscuous mode [ 109.085722][ T5835] veth1_vlan: entered promiscuous mode [ 109.132734][ T5831] veth1_vlan: entered promiscuous mode [ 109.181370][ T5825] veth0_macvtap: entered promiscuous mode [ 109.213008][ T5825] veth1_macvtap: entered promiscuous mode [ 109.297870][ T5831] veth0_macvtap: entered promiscuous mode [ 109.311401][ T5835] veth0_macvtap: entered promiscuous mode [ 109.327595][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 109.340391][ T151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.350562][ T151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.355017][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.375299][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.388122][ T5831] veth1_macvtap: entered promiscuous mode [ 109.408849][ T5835] veth1_macvtap: entered promiscuous mode [ 109.426586][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 109.438159][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.451977][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.501479][ T5825] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.512822][ T5825] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.525536][ T5825] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.536222][ T5825] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.570613][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 109.581444][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.581881][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.597674][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.603757][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 109.621163][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.637385][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.649973][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 109.661151][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.672184][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 109.683863][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.694182][ T5832] Bluetooth: hci1: command tx timeout [ 109.702091][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.711002][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 109.721983][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.732238][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 109.745067][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.755599][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 109.766928][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.777956][ T5832] Bluetooth: hci3: command tx timeout [ 109.778009][ T5832] Bluetooth: hci0: command tx timeout [ 109.783592][ T5140] Bluetooth: hci2: command tx timeout [ 109.798410][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.839591][ T5835] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.850785][ T5835] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.862253][ T5835] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.871622][ T5835] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.888144][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 109.901951][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.912877][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 109.924128][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.936993][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 109.947970][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.963777][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.010213][ T5831] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.020258][ T5831] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.030643][ T5831] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.040811][ T5831] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.053906][ T5828] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 110.260870][ T3486] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.288762][ T3486] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.330418][ T3486] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.343754][ T3486] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.421326][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.439549][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.484639][ T3486] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.492633][ T3486] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.627258][ T3486] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.655585][ T3486] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.801357][ T3486] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.832267][ T3486] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.141368][ T5900] nvme_fcloop: unknown parameter or missing value '7' [ 111.180676][ T5900] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2'. [ 111.426779][ T5900] team0 (unregistering): Port device team_slave_0 removed [ 111.446060][ T5900] team0 (unregistering): Port device team_slave_1 removed [ 111.774074][ T5140] Bluetooth: hci1: command tx timeout [ 111.854745][ T5140] Bluetooth: hci2: command tx timeout [ 111.860275][ T5140] Bluetooth: hci0: command tx timeout [ 111.869177][ T5140] Bluetooth: hci3: command tx timeout [ 112.344664][ T5918] capability: warning: `syz.2.8' uses 32-bit capabilities (legacy support in use) [ 112.468025][ T5919] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 112.750492][ T5918] HfR: entered promiscuous mode [ 113.436950][ T5934] aoe: can't write to that file. [ 113.819724][ T5940] mmap: syz.3.11 (5940) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 115.836015][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 115.848089][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 115.859256][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 115.893736][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.225279][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 117.449351][ T5952] netlink: 12 bytes leftover after parsing attributes in process `syz.2.15'. [ 117.526921][ T5976] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 117.548643][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 117.563811][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 117.623557][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 118.392787][ T5994] Zero length message leads to an empty skb [ 118.452348][ T30] audit: type=1800 audit(4294967301.850:2): pid=5994 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.21" name="members" dev="configfs" ino=8245 res=0 errno=0 [ 119.104372][ T6002] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 119.471768][ T5998] openvswitch: HfR: Dropping previously announced user features [ 119.524692][ T6007] random: crng reseeded on system resumption [ 120.109641][ T6015] Invalid ELF header magic: != ELF [ 121.572381][ T6045] netlink: 12 bytes leftover after parsing attributes in process `syz.3.30'. [ 124.143413][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 124.154139][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 126.839700][ T5140] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 127.402994][ T6102] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 127.414204][ T6102] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 127.440974][ T6102] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 127.558101][ T6102] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 127.590801][ T6102] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 127.717762][ T6102] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 127.794805][ T6102] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 127.844659][ T6102] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 127.866140][ T6102] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 127.878175][ T6102] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 127.935164][ T6102] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 127.942117][ T6102] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 127.952436][ T6102] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 128.265555][ T6129] netlink: ct family unspecified [ 128.343350][ T5140] Bluetooth: hci0: command 0x0c1a tx timeout [ 128.756475][ T6141] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 128.982603][ T6137] HfR: entered promiscuous mode [ 129.343350][ T6135] netlink: 26 bytes leftover after parsing attributes in process `syz.0.51'. [ 129.383536][ T6135] openvswitch: netlink: IP tunnel dst address not specified [ 129.613597][ T5140] Bluetooth: hci1: command 0x0c1a tx timeout [ 129.853432][ T5140] Bluetooth: hci2: command 0x0c1a tx timeout [ 129.933330][ T5140] Bluetooth: hci3: command 0x0c1a tx timeout [ 130.413294][ T5140] Bluetooth: hci0: command 0x0c1a tx timeout [ 131.350304][ T6168] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 131.358575][ T6168] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 131.370820][ T6168] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 131.413514][ T6168] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 131.738153][ T6186] openvswitch: HfR: Dropping previously announced user features [ 131.793226][ T6186] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 132.338646][ T6187] netlink: 26 bytes leftover after parsing attributes in process `syz.1.64'. [ 132.359389][ T6187] openvswitch: netlink: IP tunnel dst address not specified [ 132.813329][ T5140] Bluetooth: hci0: command 0x0c1a tx timeout [ 133.042976][ T6212] FAULT_INJECTION: forcing a failure. [ 133.042976][ T6212] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 133.065054][ T6212] CPU: 1 UID: 0 PID: 6212 Comm: syz.0.69 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) [ 133.065096][ T6212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 133.065119][ T6212] Call Trace: [ 133.065129][ T6212] [ 133.065145][ T6212] dump_stack_lvl+0x16c/0x1f0 [ 133.065199][ T6212] should_fail_ex+0x512/0x640 [ 133.065250][ T6212] should_fail_alloc_page+0xe7/0x130 [ 133.065301][ T6212] prepare_alloc_pages+0x3c2/0x610 [ 133.065350][ T6212] ? __lock_acquire+0x5ca/0x1ba0 [ 133.065394][ T6212] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 133.065432][ T6212] ? __lock_acquire+0x5ca/0x1ba0 [ 133.065488][ T6212] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 133.065526][ T6212] ? find_held_lock+0x2b/0x80 [ 133.065573][ T6212] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 133.065608][ T6212] ? is_bpf_text_address+0x94/0x1a0 [ 133.065647][ T6212] ? kernel_text_address+0x8d/0x100 [ 133.065699][ T6212] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 133.065743][ T6212] ? policy_nodemask+0xea/0x4e0 [ 133.065784][ T6212] alloc_pages_mpol+0x1fb/0x550 [ 133.065825][ T6212] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 133.065862][ T6212] ? lockdep_hardirqs_on+0x7c/0x110 [ 133.065910][ T6212] alloc_pages_noprof+0x131/0x390 [ 133.065950][ T6212] __pmd_alloc+0x3f/0x870 [ 133.065994][ T6212] ? find_held_lock+0x2b/0x80 [ 133.066026][ T6212] __handle_mm_fault+0x948/0x2a40 [ 133.066071][ T6212] ? __pfx___handle_mm_fault+0x10/0x10 [ 133.066128][ T6212] ? find_vma+0xbf/0x140 [ 133.066169][ T6212] ? __pfx_find_vma+0x10/0x10 [ 133.066217][ T6212] handle_mm_fault+0x3fe/0xad0 [ 133.066255][ T6212] do_user_addr_fault+0x7a6/0x1370 [ 133.066291][ T6212] ? rcu_is_watching+0x12/0xc0 [ 133.066325][ T6212] exc_page_fault+0x5c/0xc0 [ 133.066364][ T6212] asm_exc_page_fault+0x26/0x30 [ 133.066394][ T6212] RIP: 0010:rep_movs_alternative+0x33/0x90 [ 133.066427][ T6212] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb [ 133.066462][ T6212] RSP: 0018:ffffc900047afaf8 EFLAGS: 00050202 [ 133.066487][ T6212] RAX: 7720737961776c61 RBX: 000000000000002d RCX: 000000000000002d [ 133.066506][ T6212] RDX: ffffed100ff05006 RSI: ffff88807f828000 RDI: 0000000000000000 [ 133.066524][ T6212] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed100ff05005 [ 133.066549][ T6212] R10: ffff88807f82802c R11: 0000000000000000 R12: 0000000000000000 [ 133.066567][ T6212] R13: ffffc900047afda0 R14: 000000000000002d R15: ffff88807f828000 [ 133.066609][ T6212] _copy_to_iter+0x391/0x15a0 [ 133.066669][ T6212] ? __pfx__copy_to_iter+0x10/0x10 [ 133.066718][ T6212] ? kernfs_seq_stop+0xcd/0x120 [ 133.066764][ T6212] ? kernfs_put_active+0x86/0xe0 [ 133.066802][ T6212] seq_read_iter+0xcf8/0x12c0 [ 133.066866][ T6212] kernfs_fop_read_iter+0x40f/0x5a0 [ 133.066904][ T6212] ? rw_verify_area+0xcf/0x680 [ 133.066957][ T6212] vfs_read+0x8c8/0xc70 [ 133.066991][ T6212] ? __pfx___mutex_lock+0x10/0x10 [ 133.067032][ T6212] ? __pfx_vfs_read+0x10/0x10 [ 133.067088][ T6212] ksys_read+0x12a/0x240 [ 133.067115][ T6212] ? __pfx_ksys_read+0x10/0x10 [ 133.067140][ T6212] ? rcu_is_watching+0x12/0xc0 [ 133.067180][ T6212] do_syscall_64+0xcd/0x230 [ 133.067225][ T6212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.067254][ T6212] RIP: 0033:0x7f871578e969 [ 133.067279][ T6212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.067307][ T6212] RSP: 002b:00007f871666d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 133.067334][ T6212] RAX: ffffffffffffffda RBX: 00007f87159b6080 RCX: 00007f871578e969 [ 133.067353][ T6212] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000003 [ 133.067370][ T6212] RBP: 00007f871666d090 R08: 0000000000000000 R09: 0000000000000000 [ 133.067388][ T6212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 133.067406][ T6212] R13: 0000000000000000 R14: 00007f87159b6080 R15: 00007ffe52e57608 [ 133.067447][ T6212] [ 133.543910][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 133.550559][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 133.562184][ T5140] Bluetooth: hci2: command 0x0c1a tx timeout [ 134.146423][ T6214] netlink: 12 bytes leftover after parsing attributes in process `syz.3.70'. [ 134.391984][ T6219] netlink: 12 bytes leftover after parsing attributes in process `syz.2.71'. [ 135.579609][ T6239] syz.0.75 uses obsolete (PF_INET,SOCK_PACKET) [ 135.613741][ T5140] Bluetooth: hci3: command 0x0c1a tx timeout [ 135.613749][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 135.627887][ T6242] FAULT_INJECTION: forcing a failure. [ 135.627887][ T6242] name failslab, interval 1, probability 0, space 0, times 1 [ 135.657747][ T6242] CPU: 0 UID: 0 PID: 6242 Comm: syz.0.75 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) [ 135.657785][ T6242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 135.657799][ T6242] Call Trace: [ 135.657807][ T6242] [ 135.657817][ T6242] dump_stack_lvl+0x16c/0x1f0 [ 135.657859][ T6242] should_fail_ex+0x512/0x640 [ 135.657897][ T6242] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 135.657931][ T6242] should_failslab+0xc2/0x120 [ 135.657960][ T6242] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 135.657990][ T6242] ? virtual_ncidev_open+0x6f/0x220 [ 135.658025][ T6242] ? kvasprintf_const+0x66/0x1a0 [ 135.658072][ T6242] kvasprintf+0xbc/0x160 [ 135.658126][ T6242] ? __pfx_kvasprintf+0x10/0x10 [ 135.658170][ T6242] ? rcu_is_watching+0x12/0xc0 [ 135.658195][ T6242] ? kfree+0x252/0x4d0 [ 135.658235][ T6242] ? mark_held_locks+0x49/0x80 [ 135.658269][ T6242] kvasprintf_const+0x66/0x1a0 [ 135.658311][ T6242] kobject_set_name_vargs+0x5a/0x140 [ 135.658366][ T6242] dev_set_name+0xc7/0x100 [ 135.658413][ T6242] ? __pfx_dev_set_name+0x10/0x10 [ 135.658467][ T6242] ? nfc_allocate_device+0x190/0x5e0 [ 135.658512][ T6242] nfc_allocate_device+0x206/0x5e0 [ 135.658558][ T6242] nci_allocate_device+0x23b/0x430 [ 135.658594][ T6242] virtual_ncidev_open+0x6f/0x220 [ 135.658634][ T6242] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 135.658674][ T6242] misc_open+0x35a/0x420 [ 135.658721][ T6242] ? __pfx_misc_open+0x10/0x10 [ 135.658769][ T6242] chrdev_open+0x231/0x6a0 [ 135.658800][ T6242] ? __pfx_apparmor_file_open+0x10/0x10 [ 135.658839][ T6242] ? __pfx_chrdev_open+0x10/0x10 [ 135.658875][ T6242] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 135.658927][ T6242] do_dentry_open+0x741/0x1c10 [ 135.658959][ T6242] ? __pfx_chrdev_open+0x10/0x10 [ 135.658998][ T6242] vfs_open+0x82/0x3f0 [ 135.659044][ T6242] path_openat+0x1e5e/0x2d40 [ 135.659089][ T6242] ? __pfx_path_openat+0x10/0x10 [ 135.659127][ T6242] do_filp_open+0x20b/0x470 [ 135.659155][ T6242] ? __pfx_do_filp_open+0x10/0x10 [ 135.659212][ T6242] ? alloc_fd+0x471/0x7d0 [ 135.659269][ T6242] do_sys_openat2+0x11b/0x1d0 [ 135.659310][ T6242] ? __pfx_do_sys_openat2+0x10/0x10 [ 135.659371][ T6242] __x64_sys_openat+0x174/0x210 [ 135.659413][ T6242] ? __pfx___x64_sys_openat+0x10/0x10 [ 135.659456][ T6242] ? rcu_is_watching+0x12/0xc0 [ 135.659496][ T6242] do_syscall_64+0xcd/0x230 [ 135.659542][ T6242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.659573][ T6242] RIP: 0033:0x7f871578e969 [ 135.659599][ T6242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 135.659628][ T6242] RSP: 002b:00007f871662b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 135.659656][ T6242] RAX: ffffffffffffffda RBX: 00007f87159b6240 RCX: 00007f871578e969 [ 135.659674][ T6242] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 135.659692][ T6242] RBP: 00007f8715810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 135.659709][ T6242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 135.659725][ T6242] R13: 0000000000000000 R14: 00007f87159b6240 R15: 00007ffe52e57608 [ 135.659762][ T6242] [ 136.036553][ C0] vkms_vblank_simulate: vblank timer overrun [ 136.046476][ T5140] Bluetooth: hci2: command 0x0c1a tx timeout [ 137.910769][ T6283] netlink: 12 bytes leftover after parsing attributes in process `syz.1.85'. [ 138.100437][ T5140] Bluetooth: hci2: command 0x0c1a tx timeout [ 138.111979][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.124968][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 139.068173][ T6307] random: crng reseeded on system resumption [ 140.651531][ T6336] netlink: 338 bytes leftover after parsing attributes in process `syz.0.95'. [ 142.214457][ T6373] netlink: 28 bytes leftover after parsing attributes in process `syz.2.104'. [ 143.141967][ T6385] process 'syz.2.107' launched ':,' with NULL argv: empty string added [ 143.270288][ T6392] FAULT_INJECTION: forcing a failure. [ 143.270288][ T6392] name failslab, interval 1, probability 0, space 0, times 0 [ 143.287802][ T6392] CPU: 0 UID: 0 PID: 6392 Comm: syz.3.108 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) [ 143.287852][ T6392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 143.287868][ T6392] Call Trace: [ 143.287878][ T6392] [ 143.287890][ T6392] dump_stack_lvl+0x16c/0x1f0 [ 143.287934][ T6392] should_fail_ex+0x512/0x640 [ 143.287976][ T6392] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 143.288031][ T6392] should_failslab+0xc2/0x120 [ 143.288069][ T6392] __kmalloc_cache_noprof+0x6a/0x3e0 [ 143.288119][ T6392] ? cachefiles_daemon_open+0xa0/0x550 [ 143.288172][ T6392] cachefiles_daemon_open+0xa0/0x550 [ 143.288218][ T6392] ? __pfx_cachefiles_daemon_open+0x10/0x10 [ 143.288265][ T6392] misc_open+0x35a/0x420 [ 143.288315][ T6392] ? __pfx_misc_open+0x10/0x10 [ 143.288362][ T6392] chrdev_open+0x231/0x6a0 [ 143.288394][ T6392] ? __pfx_apparmor_file_open+0x10/0x10 [ 143.288434][ T6392] ? __pfx_chrdev_open+0x10/0x10 [ 143.288470][ T6392] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 143.288525][ T6392] do_dentry_open+0x741/0x1c10 [ 143.288558][ T6392] ? __pfx_chrdev_open+0x10/0x10 [ 143.288599][ T6392] vfs_open+0x82/0x3f0 [ 143.288646][ T6392] path_openat+0x1e5e/0x2d40 [ 143.288692][ T6392] ? __pfx_path_openat+0x10/0x10 [ 143.288733][ T6392] do_filp_open+0x20b/0x470 [ 143.288763][ T6392] ? __pfx_do_filp_open+0x10/0x10 [ 143.288832][ T6392] ? alloc_fd+0x471/0x7d0 [ 143.288889][ T6392] do_sys_openat2+0x11b/0x1d0 [ 143.288931][ T6392] ? __pfx_do_sys_openat2+0x10/0x10 [ 143.288989][ T6392] __x64_sys_openat+0x174/0x210 [ 143.289032][ T6392] ? __pfx___x64_sys_openat+0x10/0x10 [ 143.289077][ T6392] ? rcu_is_watching+0x12/0xc0 [ 143.289118][ T6392] do_syscall_64+0xcd/0x230 [ 143.289163][ T6392] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.289195][ T6392] RIP: 0033:0x7fc22578e969 [ 143.289219][ T6392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.289248][ T6392] RSP: 002b:00007fc226623038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 143.289276][ T6392] RAX: ffffffffffffffda RBX: 00007fc2259b6080 RCX: 00007fc22578e969 [ 143.289296][ T6392] RDX: 0000000000008400 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 143.289316][ T6392] RBP: 00007fc225810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 143.289334][ T6392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 143.289352][ T6392] R13: 0000000000000000 R14: 00007fc2259b6080 R15: 00007ffdb4925048 [ 143.289393][ T6392] [ 143.576368][ T6392] FAULT_INJECTION: forcing a failure. [ 143.576368][ T6392] name failslab, interval 1, probability 0, space 0, times 0 [ 143.594006][ T6392] CPU: 0 UID: 0 PID: 6392 Comm: syz.3.108 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) [ 143.594049][ T6392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 143.594066][ T6392] Call Trace: [ 143.594076][ T6392] [ 143.594087][ T6392] dump_stack_lvl+0x16c/0x1f0 [ 143.594133][ T6392] should_fail_ex+0x512/0x640 [ 143.594176][ T6392] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 143.594214][ T6392] ? __pfx_hugetlb_vm_op_close+0x10/0x10 [ 143.594256][ T6392] should_failslab+0xc2/0x120 [ 143.594292][ T6392] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 143.594326][ T6392] ? vma_merge_new_range+0x3f8/0xc10 [ 143.594359][ T6392] ? vm_area_alloc+0x1f/0x160 [ 143.594399][ T6392] ? __pfx_hugetlb_vm_op_close+0x10/0x10 [ 143.594441][ T6392] vm_area_alloc+0x1f/0x160 [ 143.594475][ T6392] __mmap_region+0xfd0/0x27c0 [ 143.594509][ T6392] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 143.594542][ T6392] ? __pfx___mmap_region+0x10/0x10 [ 143.594576][ T6392] ? kernel_text_address+0x8d/0x100 [ 143.594655][ T6392] ? stack_depot_save_flags+0x28/0xa50 [ 143.594749][ T6392] ? trace_cap_capable+0x18d/0x200 [ 143.594782][ T6392] ? cap_capable+0xb3/0x250 [ 143.594818][ T6392] mmap_region+0x32b/0x3f0 [ 143.594869][ T6392] do_mmap+0xd8e/0x11b0 [ 143.594922][ T6392] ? __pfx_do_mmap+0x10/0x10 [ 143.594967][ T6392] ? __pfx_down_write_killable+0x10/0x10 [ 143.595020][ T6392] vm_mmap_pgoff+0x281/0x450 [ 143.595074][ T6392] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 143.595112][ T6392] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 143.595156][ T6392] ? hugetlbfs_get_inode+0x31f/0x730 [ 143.595208][ T6392] ksys_mmap_pgoff+0x1c8/0x5c0 [ 143.595253][ T6392] ? rcu_is_watching+0x12/0xc0 [ 143.595285][ T6392] __x64_sys_mmap+0x125/0x190 [ 143.595321][ T6392] do_syscall_64+0xcd/0x230 [ 143.595363][ T6392] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.595394][ T6392] RIP: 0033:0x7fc22578e969 [ 143.595418][ T6392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.595446][ T6392] RSP: 002b:00007fc226623038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 143.595474][ T6392] RAX: ffffffffffffffda RBX: 00007fc2259b6080 RCX: 00007fc22578e969 [ 143.595495][ T6392] RDX: 0000000000000002 RSI: 0000000000a00006 RDI: 0000000000000000 [ 143.595513][ T6392] RBP: 00007fc225810ab1 R08: 0000000000000602 R09: 0000300000000000 [ 143.595532][ T6392] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 143.595551][ T6392] R13: 0000000000000000 R14: 00007fc2259b6080 R15: 00007ffdb4925048 [ 143.595592][ T6392] [ 144.796536][ T6409] netlink: 48 bytes leftover after parsing attributes in process `syz.3.111'. [ 145.128404][ T6416] random: crng reseeded on system resumption [ 145.861000][ T6429] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 146.378912][ T6436] FAULT_INJECTION: forcing a failure. [ 146.378912][ T6436] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 146.437665][ T6436] CPU: 1 UID: 0 PID: 6436 Comm: syz.1.115 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) [ 146.437710][ T6436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 146.437727][ T6436] Call Trace: [ 146.437737][ T6436] [ 146.437748][ T6436] dump_stack_lvl+0x16c/0x1f0 [ 146.437795][ T6436] should_fail_ex+0x512/0x640 [ 146.437846][ T6436] _copy_from_user+0x2e/0xd0 [ 146.437894][ T6436] restore_sigcontext+0xcb/0x6a0 [ 146.437940][ T6436] ? __pfx_restore_sigcontext+0x10/0x10 [ 146.438015][ T6436] ? __pfx_restore_altstack+0x10/0x10 [ 146.438064][ T6436] ? _raw_spin_unlock_irq+0x23/0x50 [ 146.438101][ T6436] ? lockdep_hardirqs_on+0x7c/0x110 [ 146.438145][ T6436] __do_sys_rt_sigreturn+0x1bb/0x230 [ 146.438191][ T6436] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 146.438247][ T6436] do_syscall_64+0xcd/0x230 [ 146.438293][ T6436] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.438335][ T6436] RIP: 0033:0x7f325eb2ab39 [ 146.438360][ T6436] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25 [ 146.438389][ T6436] RSP: 002b:00007f325fa92a80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f [ 146.438418][ T6436] RAX: ffffffffffffffda RBX: 00007f325edb5fa0 RCX: 00007f325eb2ab39 [ 146.438438][ T6436] RDX: 00007f325fa92a80 RSI: 00007f325fa92bb0 RDI: 0000000000000011 [ 146.438458][ T6436] RBP: 00007f325ec10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 146.438478][ T6436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 146.438496][ T6436] R13: 0000000000000000 R14: 00007f325edb5fa0 R15: 00007fffc5bcf9a8 [ 146.438535][ T6436] [ 147.340384][ T6459] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 147.395742][ T6461] FAULT_INJECTION: forcing a failure. [ 147.395742][ T6461] name failslab, interval 1, probability 0, space 0, times 0 [ 147.451364][ T6461] CPU: 1 UID: 0 PID: 6461 Comm: syz.2.122 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) [ 147.451411][ T6461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 147.451429][ T6461] Call Trace: [ 147.451440][ T6461] [ 147.451452][ T6461] dump_stack_lvl+0x16c/0x1f0 [ 147.451499][ T6461] should_fail_ex+0x512/0x640 [ 147.451546][ T6461] ? __kvmalloc_node_noprof+0x122/0x600 [ 147.451585][ T6461] should_failslab+0xc2/0x120 [ 147.451625][ T6461] __kvmalloc_node_noprof+0x135/0x600 [ 147.451661][ T6461] ? io_alloc_cache_init+0x33/0x170 [ 147.451700][ T6461] ? io_alloc_cache_init+0x33/0x170 [ 147.451728][ T6461] io_alloc_cache_init+0x33/0x170 [ 147.451761][ T6461] io_uring_setup+0x63b/0x1ff0 [ 147.451806][ T6461] ? __pfx_io_uring_setup+0x10/0x10 [ 147.451845][ T6461] ? do_futex+0x122/0x350 [ 147.451877][ T6461] ? __pfx_do_futex+0x10/0x10 [ 147.451910][ T6461] ? fd_install+0x225/0x750 [ 147.451980][ T6461] ? rcu_is_watching+0x12/0xc0 [ 147.452017][ T6461] __x64_sys_io_uring_setup+0xc2/0x170 [ 147.452060][ T6461] do_syscall_64+0xcd/0x230 [ 147.452108][ T6461] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.452141][ T6461] RIP: 0033:0x7f5ebb58e969 [ 147.452165][ T6461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 147.452195][ T6461] RSP: 002b:00007f5eb93f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 147.452225][ T6461] RAX: ffffffffffffffda RBX: 00007f5ebb7b5fa0 RCX: 00007f5ebb58e969 [ 147.452245][ T6461] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 147.452263][ T6461] RBP: 00007f5ebb610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 147.452291][ T6461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 147.452310][ T6461] R13: 0000000000000000 R14: 00007f5ebb7b5fa0 R15: 00007ffd81826f58 [ 147.452351][ T6461] [ 147.721811][ T6478] netlink: 8 bytes leftover after parsing attributes in process `syz.0.121'. [ 148.968222][ T6503] FAULT_INJECTION: forcing a failure. [ 148.968222][ T6503] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 148.982329][ T6503] CPU: 0 UID: 0 PID: 6503 Comm: syz.3.128 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) [ 148.982371][ T6503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 148.982388][ T6503] Call Trace: [ 148.982398][ T6503] [ 148.982410][ T6503] dump_stack_lvl+0x16c/0x1f0 [ 148.982454][ T6503] should_fail_ex+0x512/0x640 [ 148.982505][ T6503] should_fail_alloc_page+0xe7/0x130 [ 148.982547][ T6503] prepare_alloc_pages+0x3c2/0x610 [ 148.982600][ T6503] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 148.982651][ T6503] ? __lock_acquire+0xaa4/0x1ba0 [ 148.982696][ T6503] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 148.982749][ T6503] ? __lock_acquire+0xaa4/0x1ba0 [ 148.982798][ T6503] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 148.982843][ T6503] ? policy_nodemask+0xea/0x4e0 [ 148.982884][ T6503] alloc_pages_mpol+0x1fb/0x550 [ 148.982924][ T6503] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 148.982963][ T6503] ? __anon_vma_prepare+0x2db/0x5e0 [ 148.983003][ T6503] folio_alloc_mpol_noprof+0x36/0x2f0 [ 148.983055][ T6503] vma_alloc_folio_noprof+0xed/0x1e0 [ 148.983104][ T6503] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 148.983146][ T6503] ? __anon_vma_prepare+0x2e2/0x5e0 [ 148.983191][ T6503] do_pte_missing+0x223d/0x3fb0 [ 148.983229][ T6503] ? __pmd_alloc+0x3c2/0x870 [ 148.983279][ T6503] __handle_mm_fault+0x103d/0x2a40 [ 148.983324][ T6503] ? __pfx___handle_mm_fault+0x10/0x10 [ 148.983382][ T6503] ? find_vma+0xbf/0x140 [ 148.983424][ T6503] ? __pfx_find_vma+0x10/0x10 [ 148.983473][ T6503] handle_mm_fault+0x3fe/0xad0 [ 148.983511][ T6503] do_user_addr_fault+0x7a6/0x1370 [ 148.983548][ T6503] ? rcu_is_watching+0x12/0xc0 [ 148.983581][ T6503] exc_page_fault+0x5c/0xc0 [ 148.983621][ T6503] asm_exc_page_fault+0x26/0x30 [ 148.983651][ T6503] RIP: 0010:rep_movs_alternative+0x33/0x90 [ 148.983681][ T6503] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb [ 148.983709][ T6503] RSP: 0018:ffffc90003b5faf8 EFLAGS: 00050202 [ 148.983734][ T6503] RAX: 7720737961776c61 RBX: 000000000000002d RCX: 000000000000002d [ 148.983753][ T6503] RDX: ffffed100618d806 RSI: ffff888030c6c000 RDI: 0000000000000000 [ 148.983772][ T6503] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed100618d805 [ 148.983791][ T6503] R10: ffff888030c6c02c R11: 0000000000000000 R12: 0000000000000000 [ 148.983809][ T6503] R13: ffffc90003b5fda0 R14: 000000000000002d R15: ffff888030c6c000 [ 148.983852][ T6503] _copy_to_iter+0x391/0x15a0 [ 148.983909][ T6503] ? __pfx__copy_to_iter+0x10/0x10 [ 148.983959][ T6503] ? kernfs_seq_stop+0xcd/0x120 [ 148.984004][ T6503] ? kernfs_put_active+0x86/0xe0 [ 148.984042][ T6503] seq_read_iter+0xcf8/0x12c0 [ 148.984114][ T6503] kernfs_fop_read_iter+0x40f/0x5a0 [ 148.984154][ T6503] ? rw_verify_area+0xcf/0x680 [ 148.984205][ T6503] vfs_read+0x8c8/0xc70 [ 148.984239][ T6503] ? __pfx___mutex_lock+0x10/0x10 [ 148.984282][ T6503] ? __pfx_vfs_read+0x10/0x10 [ 148.984339][ T6503] ksys_read+0x12a/0x240 [ 148.984368][ T6503] ? __pfx_ksys_read+0x10/0x10 [ 148.984393][ T6503] ? rcu_is_watching+0x12/0xc0 [ 148.984434][ T6503] do_syscall_64+0xcd/0x230 [ 148.984479][ T6503] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.984510][ T6503] RIP: 0033:0x7fc22578e969 [ 148.984534][ T6503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.984562][ T6503] RSP: 002b:00007fc226623038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 148.984589][ T6503] RAX: ffffffffffffffda RBX: 00007fc2259b6080 RCX: 00007fc22578e969 [ 148.984609][ T6503] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000003 [ 148.984627][ T6503] RBP: 00007fc226623090 R08: 0000000000000000 R09: 0000000000000000 [ 148.984645][ T6503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 148.984663][ T6503] R13: 0000000000000000 R14: 00007fc2259b6080 R15: 00007ffdb4925048 [ 148.984704][ T6503] [ 150.008946][ T6522] netlink: 326 bytes leftover after parsing attributes in process `syz.3.133'. [ 150.616270][ T6540] sg_write: process 137 (syz.0.136) changed security contexts after opening file descriptor, this is not allowed. [ 151.085618][ T6552] Device name cannot be null; rc = [-22] [ 151.146733][ T6555] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 151.732155][ T6551] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 151.739115][ T6551] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 151.755174][ T6551] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 151.762752][ T6551] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 152.215784][ T6565] FAULT_INJECTION: forcing a failure. [ 152.215784][ T6565] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 152.287633][ T6565] CPU: 0 UID: 0 PID: 6565 Comm: syz.0.141 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) [ 152.287675][ T6565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 152.287692][ T6565] Call Trace: [ 152.287702][ T6565] [ 152.287713][ T6565] dump_stack_lvl+0x16c/0x1f0 [ 152.287835][ T6565] should_fail_ex+0x512/0x640 [ 152.287887][ T6565] _copy_to_user+0x32/0xd0 [ 152.287937][ T6565] simple_read_from_buffer+0xcb/0x170 [ 152.287987][ T6565] proc_fail_nth_read+0x197/0x270 [ 152.288041][ T6565] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 152.288089][ T6565] ? rw_verify_area+0xcf/0x680 [ 152.288133][ T6565] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 152.288177][ T6565] vfs_read+0x1de/0xc70 [ 152.288211][ T6565] ? __pfx___mutex_lock+0x10/0x10 [ 152.288256][ T6565] ? __pfx_vfs_read+0x10/0x10 [ 152.288297][ T6565] ? __fget_files+0x20e/0x3c0 [ 152.288361][ T6565] ksys_read+0x12a/0x240 [ 152.288387][ T6565] ? __pfx_ksys_read+0x10/0x10 [ 152.288413][ T6565] ? rcu_is_watching+0x12/0xc0 [ 152.288453][ T6565] do_syscall_64+0xcd/0x230 [ 152.288496][ T6565] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.288525][ T6565] RIP: 0033:0x7f871578d37c [ 152.288548][ T6565] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 152.288577][ T6565] RSP: 002b:00007f871666d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 152.288606][ T6565] RAX: ffffffffffffffda RBX: 00007f87159b6080 RCX: 00007f871578d37c [ 152.288625][ T6565] RDX: 000000000000000f RSI: 00007f871666d0a0 RDI: 0000000000000004 [ 152.288643][ T6565] RBP: 00007f871666d090 R08: 0000000000000000 R09: 0000000000000000 [ 152.288666][ T6565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 152.288684][ T6565] R13: 0000000000000000 R14: 00007f87159b6080 R15: 00007ffe52e57608 [ 152.288727][ T6565] [ 152.824603][ T30] audit: type=1800 audit(4294967342.232:3): pid=6573 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.145" name="features" dev="configfs" ino=9895 res=0 errno=0 [ 153.223228][ T5140] Bluetooth: hci0: command 0x0c1a tx timeout [ 153.700799][ T5140] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 153.773251][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout [ 153.773344][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 153.779554][ T5140] Bluetooth: hci3: command 0x0c1a tx timeout [ 154.185442][ T6602] netlink: 342 bytes leftover after parsing attributes in process `syz.2.150'. [ 155.337748][ T6620] FAULT_INJECTION: forcing a failure. [ 155.337748][ T6620] name failslab, interval 1, probability 0, space 0, times 0 [ 155.375195][ T6620] CPU: 1 UID: 0 PID: 6620 Comm: syz.2.156 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) [ 155.375242][ T6620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 155.375266][ T6620] Call Trace: [ 155.375277][ T6620] [ 155.375291][ T6620] dump_stack_lvl+0x16c/0x1f0 [ 155.375342][ T6620] should_fail_ex+0x512/0x640 [ 155.375389][ T6620] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 155.375430][ T6620] should_failslab+0xc2/0x120 [ 155.375469][ T6620] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 155.375505][ T6620] ? security_file_alloc+0x34/0x2b0 [ 155.375554][ T6620] security_file_alloc+0x34/0x2b0 [ 155.375597][ T6620] init_file+0x93/0x4c0 [ 155.375636][ T6620] alloc_empty_file+0x73/0x1e0 [ 155.375680][ T6620] alloc_file_pseudo+0x13a/0x230 [ 155.375725][ T6620] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 155.375769][ T6620] ? do_raw_spin_unlock+0x172/0x230 [ 155.375833][ T6620] __anon_inode_getfile+0xf7/0x370 [ 155.375891][ T6620] do_epoll_create+0x31b/0x470 [ 155.375939][ T6620] __x64_sys_epoll_create+0x45/0x70 [ 155.375985][ T6620] do_syscall_64+0xcd/0x230 [ 155.376033][ T6620] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.376067][ T6620] RIP: 0033:0x7f5ebb58e969 [ 155.376093][ T6620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.376123][ T6620] RSP: 002b:00007f5eb93f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5 [ 155.376154][ T6620] RAX: ffffffffffffffda RBX: 00007f5ebb7b5fa0 RCX: 00007f5ebb58e969 [ 155.376175][ T6620] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 155.376194][ T6620] RBP: 00007f5ebb610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 155.376214][ T6620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 155.376232][ T6620] R13: 0000000000000000 R14: 00007f5ebb7b5fa0 R15: 00007ffd81826f58 [ 155.376273][ T6620] [ 156.509238][ T6633] netlink: 'syz.3.161': attribute type 29 has an invalid length. [ 156.567942][ T6633] netlink: 334 bytes leftover after parsing attributes in process `syz.3.161'. [ 160.604217][ T6702] netlink: 28 bytes leftover after parsing attributes in process `syz.2.177'. [ 199.537433][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.547276][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 260.978003][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.984905][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.417193][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.423782][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 324.333522][ T31] INFO: task jbd2/sda1-8:5162 blocked for more than 143 seconds. [ 324.341387][ T31] Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 [ 324.349590][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 324.358354][ T31] task:jbd2/sda1-8 state:D stack:26616 pid:5162 tgid:5162 ppid:2 task_flags:0x240040 flags:0x00004000 [ 324.370443][ T31] Call Trace: [ 324.373856][ T31] [ 324.376856][ T31] __schedule+0x116f/0x5de0 [ 324.381436][ T31] ? __lock_acquire+0x5ca/0x1ba0 [ 324.386539][ T31] ? __lock_acquire+0x5ca/0x1ba0 [ 324.391555][ T31] ? __pfx___schedule+0x10/0x10 [ 324.396611][ T31] ? find_held_lock+0x2b/0x80 [ 324.401351][ T31] ? schedule+0x2d7/0x3a0 [ 324.405873][ T31] schedule+0xe7/0x3a0 [ 324.410011][ T31] io_schedule+0xbf/0x130 [ 324.417597][ T31] bit_wait_io+0x15/0xe0 [ 324.421931][ T31] __wait_on_bit+0x62/0x180 [ 324.427194][ T31] ? __pfx_bit_wait_io+0x10/0x10 [ 324.437161][ T31] out_of_line_wait_on_bit+0xd9/0x110 [ 324.442624][ T31] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 324.448788][ T31] ? __pfx_wake_bit_function+0x10/0x10 [ 324.458729][ T31] ? __pfx___might_resched+0x10/0x10 [ 324.464206][ T31] __wait_on_buffer+0x64/0x70 [ 324.468963][ T31] jbd2_journal_commit_transaction+0x382e/0x6830 [ 324.478744][ T31] ? __pfx_jbd2_journal_commit_transaction+0x10/0x10 [ 324.485627][ T31] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 324.491761][ T31] ? debug_object_deactivate+0x1ec/0x3a0 [ 324.500922][ T31] ? __pfx_debug_object_deactivate+0x10/0x10 [ 324.508185][ T31] ? find_held_lock+0x2b/0x80 [ 324.512933][ T31] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 324.522360][ T31] ? rcu_is_watching+0x12/0xc0 [ 324.529043][ T31] kjournald2+0x1f4/0x760 [ 324.537042][ T31] ? __pfx_kjournald2+0x10/0x10 [ 324.541987][ T31] ? find_held_lock+0x2b/0x80 [ 324.547836][ T31] ? __pfx_autoremove_wake_function+0x10/0x10 [ 324.557305][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 324.562669][ T31] ? __kthread_parkme+0x19e/0x250 [ 324.568964][ T31] ? __pfx_kjournald2+0x10/0x10 [ 324.574197][ T31] kthread+0x3c2/0x780 [ 324.578339][ T31] ? __pfx_kthread+0x10/0x10 [ 324.583128][ T31] ? __pfx_kthread+0x10/0x10 [ 324.587783][ T31] ? __pfx_kthread+0x10/0x10 [ 324.592436][ T31] ? __pfx_kthread+0x10/0x10 [ 324.597144][ T31] ? rcu_is_watching+0x12/0xc0 [ 324.601960][ T31] ? __pfx_kthread+0x10/0x10 [ 324.606747][ T31] ret_from_fork+0x45/0x80 [ 324.611256][ T31] ? __pfx_kthread+0x10/0x10 [ 324.617040][ T31] ret_from_fork_asm+0x1a/0x30 [ 324.621865][ T31] [ 324.625382][ T31] INFO: task syz-executor:5816 blocked for more than 143 seconds. [ 324.633632][ T31] Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 [ 324.641389][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 324.650270][ T31] task:syz-executor state:D stack:23112 pid:5816 tgid:5816 ppid:5814 task_flags:0x440100 flags:0x00000002 [ 324.662473][ T31] Call Trace: [ 324.666132][ T31] [ 324.669117][ T31] __schedule+0x116f/0x5de0 [ 324.673791][ T31] ? __lock_acquire+0x5ca/0x1ba0 [ 324.678818][ T31] ? __pfx___schedule+0x10/0x10 [ 324.683847][ T31] ? find_held_lock+0x2b/0x80 [ 324.688572][ T31] ? schedule+0x2d7/0x3a0 [ 324.692934][ T31] schedule+0xe7/0x3a0 [ 324.697121][ T31] io_schedule+0xbf/0x130 [ 324.701559][ T31] bit_wait_io+0x15/0xe0 [ 324.706063][ T31] __wait_on_bit+0x62/0x180 [ 324.710646][ T31] ? __pfx_bit_wait_io+0x10/0x10 [ 324.715700][ T31] out_of_line_wait_on_bit+0xd9/0x110 [ 324.721145][ T31] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 324.727343][ T31] ? __pfx_wake_bit_function+0x10/0x10 [ 324.733300][ T31] do_get_write_access+0x93d/0x12a0 [ 324.738590][ T31] jbd2_journal_get_write_access+0x1d6/0x280 [ 324.744754][ T31] __ext4_journal_get_write_access+0x6a/0x340 [ 324.751048][ T31] ext4_reserve_inode_write+0x1be/0x320 [ 324.756736][ T31] __ext4_mark_inode_dirty+0x197/0x870 [ 324.762303][ T31] ? trace_kmem_cache_alloc+0x28/0xc0 [ 324.767847][ T31] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 324.774048][ T31] ? rcu_is_watching+0x12/0xc0 [ 324.778866][ T31] ? trace_jbd2_handle_start+0x1a8/0x230 [ 324.784683][ T31] ? jbd2__journal_start+0xf6/0x6a0 [ 324.789943][ T31] ? __ext4_journal_start_sb+0x195/0x690 [ 324.795691][ T31] ? __ext4_journal_start_sb+0x19e/0x690 [ 324.801380][ T31] ? ext4_dirty_inode+0xa1/0x130 [ 324.806453][ T31] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 324.811882][ T31] ext4_dirty_inode+0xd9/0x130 [ 324.817089][ T31] ? rcu_is_watching+0x12/0xc0 [ 324.821920][ T31] __mark_inode_dirty+0x1eb/0xe50 [ 324.827327][ T31] generic_update_time+0xcf/0xf0 [ 324.832330][ T31] file_update_time+0x17d/0x1c0 [ 324.837920][ T31] ext4_page_mkwrite+0x35e/0x1750 [ 324.843263][ T31] ? anon_pipe_read+0xc85/0x1210 [ 324.848262][ T31] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 324.853923][ T31] ? vm_normal_page+0x13b/0x2b0 [ 324.858844][ T31] ? find_held_lock+0x2b/0x80 [ 324.863617][ T31] ? find_held_lock+0x2b/0x80 [ 324.868337][ T31] do_page_mkwrite+0x171/0x380 [ 324.873239][ T31] do_wp_page+0xb9e/0x58e0 [ 324.877749][ T31] ? __pfx_do_wp_page+0x10/0x10 [ 324.882629][ T31] ? do_raw_spin_lock+0x12c/0x2b0 [ 324.887761][ T31] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 324.893946][ T31] ? ___pte_offset_map+0x1bc/0x540 [ 324.899242][ T31] __handle_mm_fault+0x1ada/0x2a40 [ 324.904674][ T31] ? __pfx___handle_mm_fault+0x10/0x10 [ 324.910213][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 324.915597][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 324.920946][ T31] handle_mm_fault+0x3fe/0xad0 [ 324.925806][ T31] do_user_addr_fault+0x60c/0x1370 [ 324.931057][ T31] exc_page_fault+0x5c/0xc0 [ 324.936082][ T31] asm_exc_page_fault+0x26/0x30 [ 324.941087][ T31] RIP: 0033:0x7fb41ac689c5 [ 324.945596][ T31] RSP: 002b:00007ffc2ac01000 EFLAGS: 00010206 [ 324.951709][ T31] RAX: 00007fb4159f41e0 RBX: 00007ffc2ac01100 RCX: 0000000000000000 [ 324.959889][ T31] RDX: 00007fb4159f41dc RSI: 0000000000000008 RDI: 00007ffc2ac01100 [ 324.967964][ T31] RBP: 00000000000003e6 R08: 0000000000000000 R09: 0000000000000000 [ 324.976123][ T31] R10: 00007ffc2ac010e0 R11: 0000000000000000 R12: 0000000000000000 [ 324.984578][ T31] R13: 000000000000be20 R14: ffffffffffff41e0 R15: 000000000000be20 [ 324.992796][ T31] [ 324.996096][ T31] INFO: task kworker/u8:9:6153 blocked for more than 144 seconds. [ 325.004612][ T31] Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 [ 325.012795][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 325.022067][ T31] task:kworker/u8:9 state:D stack:23992 pid:6153 tgid:6153 ppid:2 task_flags:0x4248060 flags:0x00004000 [ 325.035465][ T31] Workqueue: writeback wb_workfn (flush-8:0) [ 325.041831][ T31] Call Trace: [ 325.045302][ T31] [ 325.048299][ T31] __schedule+0x116f/0x5de0 [ 325.053112][ T31] ? blk_mq_flush_plug_list+0x75a/0x1c70 [ 325.058921][ T31] ? __lock_acquire+0x5ca/0x1ba0 [ 325.064001][ T31] ? __pfx___schedule+0x10/0x10 [ 325.068923][ T31] ? __blk_flush_plug+0x2f3/0x4b0 [ 325.074102][ T31] ? find_held_lock+0x2b/0x80 [ 325.078829][ T31] ? schedule+0x2d7/0x3a0 [ 325.083284][ T31] schedule+0xe7/0x3a0 [ 325.087414][ T31] io_schedule+0xbf/0x130 [ 325.091799][ T31] bit_wait_io+0x15/0xe0 [ 325.096272][ T31] __wait_on_bit+0x62/0x180 [ 325.100870][ T31] ? __pfx_bit_wait_io+0x10/0x10 [ 325.105938][ T31] out_of_line_wait_on_bit+0xd9/0x110 [ 325.111369][ T31] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 325.117482][ T31] ? __pfx_wake_bit_function+0x10/0x10 [ 325.123153][ T31] do_get_write_access+0x93d/0x12a0 [ 325.128557][ T31] jbd2_journal_get_write_access+0x1d6/0x280 [ 325.134820][ T31] __ext4_journal_get_write_access+0x6a/0x340 [ 325.141369][ T31] ext4_mb_mark_context+0x175/0xd40 [ 325.146749][ T31] ? find_held_lock+0x2b/0x80 [ 325.151479][ T31] ? __pfx_ext4_mb_mark_context+0x10/0x10 [ 325.157408][ T31] ext4_mb_mark_diskspace_used+0x466/0x8c0 [ 325.163422][ T31] ? ext4_mb_use_preallocated.constprop.0+0xec/0x1550 [ 325.170261][ T31] ? __pfx_ext4_mb_mark_diskspace_used+0x10/0x10 [ 325.176704][ T31] ? ext4_mb_new_blocks+0x977/0x4f00 [ 325.182055][ T31] ext4_mb_new_blocks+0xa5b/0x4f00 [ 325.187374][ T31] ? rcu_is_watching+0x12/0xc0 [ 325.192213][ T31] ? __pfx_ext4_mb_new_blocks+0x10/0x10 [ 325.197972][ T31] ? ext4_ext_search_right+0x2c2/0xb90 [ 325.203710][ T31] ext4_ext_map_blocks+0x1b95/0x5d60 [ 325.209108][ T31] ? stack_trace_save+0x8e/0xc0 [ 325.214079][ T31] ? __pfx_stack_trace_save+0x10/0x10 [ 325.219513][ T31] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 325.225262][ T31] ? __kasan_slab_alloc+0x89/0x90 [ 325.230340][ T31] ? ext4_do_writepages+0x1432/0x3490 [ 325.235872][ T31] ? __pfx___might_resched+0x10/0x10 [ 325.241220][ T31] ? __pfx_down_write+0x10/0x10 [ 325.246561][ T31] ? ext4_es_lookup_extent+0xc7/0xc50 [ 325.252050][ T31] ext4_map_blocks+0x45b/0x1390 [ 325.257308][ T31] ? __pfx_ext4_map_blocks+0x10/0x10 [ 325.262724][ T31] ? trace_kmem_cache_alloc+0x28/0xc0 [ 325.268193][ T31] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 325.273974][ T31] ext4_do_writepages+0x1a2c/0x3490 [ 325.279264][ T31] ? __pfx_ext4_do_writepages+0x10/0x10 [ 325.284960][ T31] ? ext4_writepages+0x37a/0x7d0 [ 325.289966][ T31] ext4_writepages+0x37a/0x7d0 [ 325.294967][ T31] ? __pfx_ext4_writepages+0x10/0x10 [ 325.300331][ T31] ? do_writepages+0x6b6/0x820 [ 325.305226][ T31] ? __pfx_ext4_writepages+0x10/0x10 [ 325.310617][ T31] do_writepages+0x1b2/0x820 [ 325.315298][ T31] ? __pfx_do_writepages+0x10/0x10 [ 325.320452][ T31] ? __lock_acquire+0xaa4/0x1ba0 [ 325.325560][ T31] ? reacquire_held_locks+0xcd/0x1f0 [ 325.330975][ T31] __writeback_single_inode+0x160/0xfb0 [ 325.336664][ T31] ? __pfx___writeback_single_inode+0x10/0x10 [ 325.342791][ T31] ? do_raw_spin_unlock+0x172/0x230 [ 325.348482][ T31] writeback_sb_inodes+0x601/0xf90 [ 325.353720][ T31] ? sched_balance_find_src_group+0x92/0xc90 [ 325.359753][ T31] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 325.365551][ T31] ? _raw_spin_unlock+0x28/0x50 [ 325.370469][ T31] ? move_expired_inodes+0x5a0/0x850 [ 325.376227][ T31] __writeback_inodes_wb+0xf8/0x2d0 [ 325.381634][ T31] ? __pfx___writeback_inodes_wb+0x10/0x10 [ 325.387723][ T31] ? queue_io+0x3f6/0x520 [ 325.392316][ T31] wb_writeback+0x7f3/0xb70 [ 325.396942][ T31] ? __pfx_wb_writeback+0x10/0x10 [ 325.402028][ T31] ? get_nr_dirty_inodes+0x170/0x1e0 [ 325.407436][ T31] wb_workfn+0x8ca/0xbe0 [ 325.411736][ T31] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 325.417659][ T31] ? __pfx_wb_workfn+0x10/0x10 [ 325.422487][ T31] ? rcu_is_watching+0x12/0xc0 [ 325.427358][ T31] process_one_work+0x9cc/0x1b70 [ 325.432384][ T31] ? __pfx_process_one_work+0x10/0x10 [ 325.437898][ T31] ? assign_work+0x1a0/0x250 [ 325.442569][ T31] worker_thread+0x6c8/0xf10 [ 325.447722][ T31] ? __kthread_parkme+0x19e/0x250 [ 325.452821][ T31] ? __pfx_worker_thread+0x10/0x10 [ 325.458123][ T31] kthread+0x3c2/0x780 [ 325.462268][ T31] ? __pfx_kthread+0x10/0x10 [ 325.466971][ T31] ? __pfx_kthread+0x10/0x10 [ 325.471711][ T31] ? __pfx_kthread+0x10/0x10 [ 325.476406][ T31] ? __pfx_kthread+0x10/0x10 [ 325.481058][ T31] ? rcu_is_watching+0x12/0xc0 [ 325.485926][ T31] ? __pfx_kthread+0x10/0x10 [ 325.490582][ T31] ret_from_fork+0x45/0x80 [ 325.495110][ T31] ? __pfx_kthread+0x10/0x10 [ 325.499787][ T31] ret_from_fork_asm+0x1a/0x30 [ 325.504676][ T31] [ 325.507731][ T31] [ 325.507731][ T31] Showing all locks held in the system: [ 325.515583][ T31] 1 lock held by khungtaskd/31: [ 325.520463][ T31] #0: ffffffff8e3bf440 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 325.530652][ T31] 2 locks held by getty/5581: [ 325.535495][ T31] #0: ffff88814d8910a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 325.545465][ T31] #1: ffffc90002fee2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 325.555965][ T31] 3 locks held by syz-executor/5816: [ 325.561289][ T31] #0: ffff888025ed56c8 (vm_lock){++++}-{0:0}, at: do_user_addr_fault+0x452/0x1370 [ 325.570727][ T31] #1: ffff88814cea2518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x171/0x380 [ 325.580370][ T31] #2: ffff88814cea6950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x5e4/0x1410 [ 325.590183][ T31] 6 locks held by kworker/u8:9/6153: [ 325.595577][ T31] #0: ffff8881412ec148 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 325.606523][ T31] #1: ffffc9000545fd18 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 325.618634][ T31] #2: ffff88814cea20e0 (&type->s_umount_key#31){++++}-{4:4}, at: super_trylock_shared+0x1e/0xf0 [ 325.631637][ T31] #3: ffff88814cea4b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: do_writepages+0x1b2/0x820 [ 325.642510][ T31] #4: ffff88814cea6950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x5e4/0x1410 [ 325.652772][ T31] #5: ffff88807b87e5d8 (&ei->i_data_sem){++++}-{4:4}, at: ext4_map_blocks+0x355/0x1390 [ 325.663125][ T31] 2 locks held by syz.0.176/6694: [ 325.668378][ T31] #0: ffff888148d02a20 (&sb->s_type->i_mutex_key#8){++++}-{4:4}, at: blkdev_fallocate+0x1bd/0x3b0 [ 325.679323][ T31] #1: ffff888148d02bc0 (mapping.invalidate_lock){++++}-{4:4}, at: blkdev_fallocate+0x1e5/0x3b0 [ 325.689973][ T31] [ 325.692326][ T31] ============================================= [ 325.692326][ T31] [ 325.700874][ T31] NMI backtrace for cpu 1 [ 325.700900][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) [ 325.700935][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 325.700951][ T31] Call Trace: [ 325.700961][ T31] [ 325.700971][ T31] dump_stack_lvl+0x116/0x1f0 [ 325.701015][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 325.701045][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 325.701092][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 325.701128][ T31] watchdog+0xf70/0x12c0 [ 325.701177][ T31] ? __pfx_watchdog+0x10/0x10 [ 325.701214][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 325.701255][ T31] ? __kthread_parkme+0x19e/0x250 [ 325.701295][ T31] ? __pfx_watchdog+0x10/0x10 [ 325.701335][ T31] kthread+0x3c2/0x780 [ 325.701378][ T31] ? __pfx_kthread+0x10/0x10 [ 325.701418][ T31] ? __pfx_kthread+0x10/0x10 [ 325.701461][ T31] ? __pfx_kthread+0x10/0x10 [ 325.701512][ T31] ? __pfx_kthread+0x10/0x10 [ 325.701556][ T31] ? rcu_is_watching+0x12/0xc0 [ 325.701586][ T31] ? __pfx_kthread+0x10/0x10 [ 325.701631][ T31] ret_from_fork+0x45/0x80 [ 325.701679][ T31] ? __pfx_kthread+0x10/0x10 [ 325.701721][ T31] ret_from_fork_asm+0x1a/0x30 [ 325.701786][ T31] [ 325.701797][ T31] Sending NMI from CPU 1 to CPUs 0: [ 325.834892][ C0] NMI backtrace for cpu 0 [ 325.834918][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) [ 325.834949][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 325.834964][ C0] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 325.835001][ C0] Code: 36 65 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 43 c9 20 00 fb f4 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 325.835025][ C0] RSP: 0018:ffffffff8e007e10 EFLAGS: 000002c2 [ 325.835044][ C0] RAX: 0000000000178f1b RBX: 0000000000000000 RCX: ffffffff8b6923e9 [ 325.835060][ C0] RDX: 0000000000000000 RSI: ffffffff8dbda8eb RDI: ffffffff8bf467e0 [ 325.835075][ C0] RBP: fffffbfff1c12ee8 R08: 0000000000000001 R09: ffffed10170865bd [ 325.835091][ C0] R10: ffff8880b8432deb R11: 0000000000000000 R12: 0000000000000000 [ 325.835106][ C0] R13: ffffffff8e097740 R14: ffffffff90851a10 R15: 0000000000000000 [ 325.835122][ C0] FS: 0000000000000000(0000) GS:ffff8881249ec000(0000) knlGS:0000000000000000 [ 325.835144][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 325.835160][ C0] CR2: 000055b19862a680 CR3: 00000000349a0000 CR4: 00000000003526f0 [ 325.835176][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 325.835190][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 325.835205][ C0] Call Trace: [ 325.835212][ C0] [ 325.835221][ C0] default_idle+0x13/0x20 [ 325.835257][ C0] default_idle_call+0x6d/0xb0 [ 325.835293][ C0] do_idle+0x391/0x510 [ 325.835319][ C0] ? __pfx_do_idle+0x10/0x10 [ 325.835341][ C0] ? find_held_lock+0x2b/0x80 [ 325.835368][ C0] cpu_startup_entry+0x4f/0x60 [ 325.835392][ C0] rest_init+0x16b/0x2b0 [ 325.835411][ C0] ? acpi_subsystem_init+0x133/0x180 [ 325.835451][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 325.835483][ C0] start_kernel+0x3e9/0x4d0 [ 325.835510][ C0] x86_64_start_reservations+0x18/0x30 [ 325.835539][ C0] x86_64_start_kernel+0xb0/0xc0 [ 325.835568][ C0] common_startup_64+0x13e/0x148 [ 325.835605][ C0] [ 325.835879][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 326.051052][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) [ 326.062891][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 326.072991][ T31] Call Trace: [ 326.076298][ T31] [ 326.079254][ T31] dump_stack_lvl+0x3d/0x1f0 [ 326.083892][ T31] panic+0x71c/0x800 [ 326.087829][ T31] ? __pfx_panic+0x10/0x10 [ 326.092463][ T31] ? __pfx__printk+0x10/0x10 [ 326.097096][ T31] ? ret_from_fork_asm+0x1a/0x30 [ 326.102079][ T31] ? nmi_backtrace_stall_check+0x6e/0x540 [ 326.107839][ T31] ? irq_work_queue+0xce/0x100 [ 326.112642][ T31] ? watchdog+0xdda/0x12c0 [ 326.117117][ T31] ? watchdog+0xdcd/0x12c0 [ 326.121572][ T31] watchdog+0xdeb/0x12c0 [ 326.125861][ T31] ? __pfx_watchdog+0x10/0x10 [ 326.130574][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 326.135832][ T31] ? __kthread_parkme+0x19e/0x250 [ 326.140920][ T31] ? __pfx_watchdog+0x10/0x10 [ 326.145646][ T31] kthread+0x3c2/0x780 [ 326.149757][ T31] ? __pfx_kthread+0x10/0x10 [ 326.154387][ T31] ? __pfx_kthread+0x10/0x10 [ 326.159020][ T31] ? __pfx_kthread+0x10/0x10 [ 326.163658][ T31] ? __pfx_kthread+0x10/0x10 [ 326.168296][ T31] ? rcu_is_watching+0x12/0xc0 [ 326.173096][ T31] ? __pfx_kthread+0x10/0x10 [ 326.177745][ T31] ret_from_fork+0x45/0x80 [ 326.182218][ T31] ? __pfx_kthread+0x10/0x10 [ 326.186859][ T31] ret_from_fork_asm+0x1a/0x30 [ 326.191763][ T31] [ 326.195095][ T31] Kernel Offset: disabled [ 326.199437][ T31] Rebooting in 86400 seconds..