last executing test programs: 8.078594629s ago: executing program 0 (id=420): r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r2, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x20, r1, 0x1, 0x70bd25, 0x25dfdc02, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x8, 0x1, 0x0, 0x1, [@nested={0x4, 0x10}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) sendfile$auto(r0, r0, &(0x7f0000000340)=0x7, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r5 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r6 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000380), r4) sendmsg$auto_NETDEV_CMD_NAPI_GET(r2, &(0x7f00000004c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000440)={0x5c, r6, 0x400, 0x70bd29, 0x25dfdbfe, {}, [@NETDEV_A_NAPI_ID={0x8, 0x2, 0x1ff}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x3}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x9}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x5b}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0xfffffff5}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0xf}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x9}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x2}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x1}]}, 0x5c}, 0x1, 0x0, 0x0, 0x14}, 0x8000) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/pcm\x00', 0x88002, 0x0) pread64$auto(r8, 0x0, 0x594c, 0x9fffffffd) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/flags\x00', 0x143262, 0x0) write$auto(r10, &(0x7f00000000c0)='1\x00\xc7k\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00j(=\xd1<\xf9\x96\x10>\xb9\x05\xbe\xc8v\x81-ILplM\x98\x88J\xfd\x17\xc8K\xdd\x89;T@d\xa3_\xfcb8\x7fA\x11\xba\xefL\xe1L\x8aE}\xa7\x05\b\xd7\xe2\xae\xfek\xbbw\x8c\x88\x1emW-\xf5\x94\xdak\x81\xe4\x1e\x1dS\xf2~>\xb1\xc6\xd1\xee\xc8\x19e\xc1w\xf05%\xd76]\x0f\v\x01\xa4(\xec\xd3\xca\a\x15&nv\xc1}\xfcD', 0x81) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r9, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) sendmsg$auto_NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x14) sendmsg$auto_OVS_FLOW_CMD_GET(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r5], 0x30}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) sendmmsg$auto(r7, &(0x7f00000000c0)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000002c0), 0x3, 0xa505}, 0x7ff}, 0x7, 0x4008) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x40200, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x100242, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r4, 0x80045010, &(0x7f0000000280)="7acca5c32b31b18d8888f8bb3c5ff5a718ebe172e690dbcbd1f9149c6bc53030efcf2a9c93c7a88c7dd1c5b612180b3dcada0bd2b16f9315ac254b541b2b6f893067de452f20e9d5437b5708022a4bd6b1ccf77916e13b338dd6ab6e46bb86d9307259341c28c37e0c18b7b72cd2de3ea88446f52cb59ba0d2e476614e0f762d84c6c09d64624d") 7.260759383s ago: executing program 0 (id=424): mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) (async) process_vm_readv$auto(0x0, &(0x7f0000000180)={&(0x7f00000001c0)="6845cf66e03cd0cb755f33db61d1604f3e161c3135a05672911b206d8bcb", 0xf1}, 0x0, 0x0, 0xffffffffffffffff, 0x80) (async) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3, 0x0) (async) ioctl$auto_XFS_IOC_ERROR_CLEARALL(0xffffffffffffffff, 0x40085875, &(0x7f0000000100)={0xffffffffffffffff, 0x80000000}) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000080), r0) r1 = getpid() (async, rerun: 32) r2 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/0u\x00', 0x22202, 0x0) (rerun: 32) pread64$auto(r2, 0x0, 0x3fffffd, 0x9) (async) read$auto_mon_fops_text_t_mon_text(r2, 0x0, 0x60) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x102, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0x0, 0x0) (async) r3 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/numa_maps\x00', 0x200, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) (async) memfd_create$auto(0x0, 0xe) (async) socket(0xa, 0x801, 0x106) (async, rerun: 32) pipe2$auto(0x0, 0x4800) (async, rerun: 32) splice$auto(0x4, 0x0, 0x2, 0x0, 0x1000, 0xf) (async) ioctl$auto_FS_IOC_RESVSP64(r2, 0x4030582a, 0x10000) (async, rerun: 32) setsockopt$auto_SO_KEEPALIVE(r3, 0xf, 0x9, 0x0, 0x1) (async, rerun: 32) process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0x10ffffffff}, 0x6, 0x0) 3.336586822s ago: executing program 2 (id=435): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) membarrier$auto(0x5, 0x10001, 0xfffffffd) r0 = socket(0x11, 0x80003, 0x300) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x1000000) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xffffffffffffc512, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x800, 0x6) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0xc) socket(0x2, 0x1, 0x0) setsockopt$auto(0x6, 0x8000000000000006, 0x11, 0x0, 0x7ffffc) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r2 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000140), r0) r3 = clone3$auto(&(0x7f0000000180)={0x6, 0x24000, 0x0, 0x6, 0x7, 0x1, 0x6, 0x80000000, 0xe, 0xfffffffffffffff8, 0x3}, 0x0) setfsuid$auto(0x0) sendmsg$auto_NBD_CMD_RECONFIGURE(r0, &(0x7f0000001480)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001440)={&(0x7f0000000200)={0x48, r2, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x4d}, @NBD_ATTR_CLIENT_FLAGS={0xc}, @NBD_ATTR_BACKEND_IDENTIFIER={0xf, 0xa, '/proc/mtrr\x00'}, @NBD_ATTR_DEVICE_LIST={0xc, 0x9, 0x0, 0x1, [@typed={0x8, 0xed, 0x0, 0x0, @pid=r3}]}, @NBD_ATTR_SOCKETS={0x4}]}, 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x10) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mq_open$auto(&(0x7f0000000000)='nlctrl\x00', 0x80, 0x8001, &(0x7f0000000040)={0x4, 0x1, 0x4c3, 0x28}) mmap$auto(0x0, 0x40006, 0xe2, 0x20009b72, 0x7, 0x28000) openat$auto_msr_fops_msr(0xffffffffffffff9c, 0x0, 0x121980, 0x0) dup2$auto(r1, r1) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, 0x0, 0x2) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) 2.965429826s ago: executing program 1 (id=436): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000280)=""/175, 0xaf) statmount$auto(0x0, 0x0, 0x1fe, 0x200d) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="e3b725bd7000fddbdf2519000000018248432df1772c795a58d2f101a9d3f498deb5cee60aa750cf7a912ea3b08bead54c2c41fb19dcbadf64ead5d2051bb82c2073349e4bbc22d98f2724730e97a0f25b803c7f3576b8384ac868996a1d8507d092bcade24ecb66fb42269cc87b765b37db"], 0x14}, 0x1, 0x0, 0x100000000000000, 0x10}, 0x48000) socket(0xa, 0x801, 0x84) setsockopt$auto(0x3, 0x10000000084, 0x75, 0x0, 0x8) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) mmap$auto(0xfffffffffffffffc, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) socket(0x29, 0x2, 0x0) r3 = socket(0x10, 0x3, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r3, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) close_range$auto(0x2, 0x8000, 0x0) r4 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f00000001c0), 0x280000, 0x0) ioctl$auto_USB_RAW_IOCTL_RUN(r4, 0x5501, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20881, 0x0) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x6, 0x810001, 0xffb, 0x8000000008011, 0x3, 0x10000) setsockopt$auto_SO_OOBINLINE(r5, 0x7fff, 0xa, &(0x7f0000000040)='/dev/nullb0\x00', 0x6) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000b40), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_FEATURES(r6, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x1c, r7, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@OVS_METER_ATTR_MAX_METERS={0x8, 0x7, 0x2}]}, 0x1c}, 0x1, 0xff9e, 0x0, 0x44081}, 0xc4) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$auto_cifs(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_CIFS_GENL_CMD_SWN_NOTIFY(r8, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100800}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r9, 0x10, 0x70bd2c, 0x25dfdbff, {}, [@CIFS_GENL_ATTR_SWN_RESOURCE_STATE={0x8, 0xd, 0xfffffff8}, @CIFS_GENL_ATTR_SWN_DOMAIN_NAME={0x10, 0xb, '/dev/nullb0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x50}, 0x4000810) 2.953342582s ago: executing program 3 (id=437): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000140), 0x189000, 0x0) readv$auto(r0, &(0x7f00000018c0)={&(0x7f0000001880), 0x1}, 0x9) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000002c0), 0x101080, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_STATUS64(r1, 0x80605414, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) madvise$auto(0x0, 0x20200, 0x15) 2.771412707s ago: executing program 1 (id=438): r0 = openat$auto_proc_pid_set_comm_operations_base(0xffffffffffffff9c, &(0x7f0000002540)='/proc/self/comm\x00', 0x1, 0x0) write$auto_proc_pid_set_comm_operations_base(r0, &(0x7f0000002580)="233dce0e24", 0x5) (fail_nth: 1) 2.365193631s ago: executing program 1 (id=439): mmap$auto(0x0, 0x202000f, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r0 = getsockopt$auto(0x100000006, 0x0, 0x50, 0x0, 0x0) r1 = openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x440, 0x0) pread64$auto(r1, 0x0, 0x10, 0x9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1, 0x0) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) prctl$auto(0x59616d61, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffe5) open(&(0x7f0000000040)='./file0\x00', 0x44, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio1\x00', 0x5018c2, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) syz_clone3(&(0x7f0000000400)={0x59958100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) mmap$auto(0x0, 0x10000, 0x8000, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x800, 0x2, 0xef1, 0xffffffffffffffff, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB='8 \x00\x00', @ANYRES16=r3, @ANYBLOB="1b0026bd700002dcdf250300000004000800080003800400028012000100898771f1c19f1779048590822ad9000004000280"], 0x38}, 0x1, 0x0, 0x0, 0x4004040}, 0x4800) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) 2.362981485s ago: executing program 2 (id=440): openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_pid\x00', 0x200, 0x0) r0 = openat$auto_proc_pid_set_comm_operations_base(0xffffffffffffff9c, &(0x7f0000002540)='/proc/self/comm\x00', 0x1, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x100842, 0x0) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f00000000c0)={{0x0, 0x2, 0x200800, 0xffffffff, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"}) ioctl$auto_SNDRV_TIMER_IOCTL_START_OLD(r2, 0x5420, 0x0) ioctl$auto_SNDCTL_TMR_CONTINUE(r1, 0x5404, 0x0) r3 = dup$auto(r2) read$auto_tomoyo_operations_securityfs_if(r3, &(0x7f0000000040)=""/120, 0x78) write$auto_proc_pid_set_comm_operations_base(r0, &(0x7f0000000080)="233dadac000231ce0e24c0cca571430bc6e79879845fcb1fece226404d723ab24fbe8c0ea180821fb531ab33e36f7ed6b137e1d0cab2ebe7119eb13827c75c42a5ea543d00000001bba6c1050c3e85f8008da442ffcaed651c7edcf3b6de463ef0d9388aa26ee93da6d74618e85607128d35ff286a3fe1f24ef7ceab13f262acc3c3f2661e8b3e7072934fa21ea3a29c2e36115de182476113c54a508e6305c2abbfca4f", 0xa4) 2.278518073s ago: executing program 0 (id=441): openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), r0) waitid$auto(0x9, r0, &(0x7f0000000140)={@_si_pad}, 0xfffffffd, &(0x7f0000000200)={{0x5, 0x7ffffffffffffffd}, {0xf6, 0x9}, 0x7ff, 0xffffbffffffffffb, 0xb, 0x7, 0x5a3, 0x8, 0x2, 0x100, 0x1, 0x80000001, 0xb6, 0x40, 0xfff, 0x7}) mmap$auto(0x1, 0x2020009, 0x10001, 0x8000000010011, 0xfffffffffffffffa, 0xb22a) mmap$auto(0x0, 0x2020008, 0x7, 0xb9, 0xfffffffffffffffa, 0x9) r1 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000240), 0xa002, 0x0) writev$auto(r1, 0x0, 0x100) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) unshare$auto(0x40000080) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/dummy0/mtu\x00', 0xe3542, 0x0) sendfile$auto(r2, r2, 0x0, 0x9) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r4 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r4, &(0x7f0000000680)={&(0x7f0000000540), 0x40200}, 0x3) ioctl$auto_SNDCTL_DSP_SPEED(r3, 0xc0045002, 0x0) ppoll$auto(&(0x7f0000000000)={r3, 0x40}, 0x2, 0x0, 0x0, 0x8) r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r5, &(0x7f0000000e00)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde4727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e28782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb1338074113579e665c6f3cffde5a8ee98a7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1fb124cab606faed24a393058cea1c1286001ee5c0c1fa26b6a81ebdd4718a94cebdb45bfe812c771df398d3305da03d37ced9d0242b6da212dc9f5c14d7ff999bee20f6621792d1442e449eba8589a823e5e99c65fdffbaefe89e2e32406ec4cf574e335e2d288e4cdad56f4b1b57c364ed3e28809e480d6f410c7ebf43bd2a605d6a8c9facae6b7f8f2c56f792ae21fc0cc5dd9beae0cab3547ebb5467183c2f01bc315bd7bd191088886752dc5108093bdbc91348743440130f33d3dfa9c25490245e5fa904f8660e82253c826b7bea4e9a7a1c627e10c56d71878a644bd176016f29cf5398be14cc0fdec45c65e2b967aedb75212eed1eb05a44da62190009d1c08163b74813b82c27f1e6cd681a4b5150f967444b7bc930da68603fd706e96ba8663b2e50ef0a9b04e321a8a337b08fea7288a3fef5062c7e4c17ad3d490870d39c10b78a74eab25c993527e313a4f59d86de55aa9a8a63f734c2db556692fe993b0cd08e0ab5434c9ec02d5127354f55e6b5d5a7b61685d02edae21ece71d203abf7408211229a9ebbfdeffa2c0f38db274066d0706d80398c172e6daf4a0dce62c2287cbf0d30cfa313d7baf4e5caa18f594f0ab0d854f3cef76ff83e96fa49d0e0f8a47193b51a0a45aee2e1d9a5b372b8ee828f645a06979ec351d798480c7824e846028c02f58b5641acbae1e2079abd86182a662bb1642c9346d7fba628fb012da293acef33b8b76a8885c2e5d685348b6148c5b44409f58d8d5f29344fe8a2e4c2432ae622bb1912ea65d5574bff895025bd72cd780d59cbaa0886afd5d6676d2de6266903115525c075cc3f75ce9eba3787a890e1f758f0e502c4c9c0538dc942cf4e2d69742edeeddb66b1d459fcf6f744b2c40111104ab21fd4e99b4477e25cc5a9af59108c8b2f569d4ba227c754f294fdc1e6b383fd89861a203f4d4ee33814aeb21ee411a0d6918533aa2450b1e35c97ab6f01f3829c8a4c33fe0fbc81dd579bbdb44eda4f335d2bc512ca7f38f603c29033c94df2c9533f4422432f574a021e90a0fe3a4cf54de46e25986315b30956face49e26e8dcbcc9e1363627a9f38a2ee8304307dab4013d77f4c337551e2a6ac230788513cdd15e734263e4973c75757d9809c510977adc3be6c5b110597b09c7dad1f54e4506744710b53221e4a7982ac4c59bfae6370258b5af7864a4ca680addd736e35da579cc0e975e6cdefa3d082c8b4b10b205415c32797d9450c002895c9b405e5d7470f1800000f5ae502a5fbe5cf40577b62030f3abf1a35583807c79a12e872bdcb893f4b279315053ce65c3fe48426eebe3cb23ce18f8f91f309920819dc120eb2441d9439b0f6d", 0xd8e) ioctl$auto_SNDCTL_DSP_SYNC(r3, 0x5001, 0xfffffffffffffffc) modify_ldt$auto(0x1, 0x0, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) r6 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r6, 0x0, 0x5, 0x8000400) r7 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r8 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r7, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(r8, 0x0, 0x20000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x40, 0x0) 2.193956896s ago: executing program 2 (id=442): r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r2, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x20, r1, 0x1, 0x70bd25, 0x25dfdc02, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x8, 0x1, 0x0, 0x1, [@nested={0x4, 0x10}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) sendfile$auto(r0, r0, &(0x7f0000000340)=0x7, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r5 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000380), r4) sendmsg$auto_NETDEV_CMD_NAPI_GET(r2, &(0x7f00000004c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000440)={0x5c, r5, 0x400, 0x70bd29, 0x25dfdbfe, {}, [@NETDEV_A_NAPI_ID={0x8, 0x2, 0x1ff}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x3}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x9}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x5b}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0xfffffff5}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0xf}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x9}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x2}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x1}]}, 0x5c}, 0x1, 0x0, 0x0, 0x14}, 0x8000) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/pcm\x00', 0x88002, 0x0) pread64$auto(r7, 0x0, 0x594c, 0x9fffffffd) r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/flags\x00', 0x143262, 0x0) write$auto(r10, &(0x7f00000000c0)='1\x00\xc7k\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00j(=\xd1<\xf9\x96\x10>\xb9\x05\xbe\xc8v\x81-ILplM\x98\x88J\xfd\x17\xc8K\xdd\x89;T@d\xa3_\xfcb8\x7fA\x11\xba\xefL\xe1L\x8aE}\xa7\x05\b\xd7\xe2\xae\xfek\xbbw\x8c\x88\x1emW-\xf5\x94\xdak\x81\xe4\x1e\x1dS\xf2~>\xb1\xc6\xd1\xee\xc8\x19e\xc1w\xf05%\xd76]\x0f\v\x01\xa4(\xec\xd3\xca\a\x15&nv\xc1}\xfcD', 0x81) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r9, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r8, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) sendmsg$auto_NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x14) sendmsg$auto_OVS_FLOW_CMD_GET(r6, 0x0, 0x800) sendmmsg$auto(r6, &(0x7f00000000c0)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000002c0), 0x3, 0xa505}, 0x7ff}, 0x7, 0x4008) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x40200, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x100242, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r4, 0x80045010, &(0x7f0000000280)="7acca5c32b31b18d8888f8bb3c5ff5a718ebe172e690dbcbd1f9149c6bc53030efcf2a9c93c7a88c7dd1c5b612180b3dcada0bd2b16f9315ac254b541b2b6f893067de452f20e9d5437b5708022a4bd6b1ccf77916e13b338dd6ab6e46bb86d9307259341c28c37e0c18b7b72cd2de3ea88446f52cb59ba0d2e476614e0f762d84c6c09d64624d") 2.114651308s ago: executing program 3 (id=443): close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = open(0x0, 0x628000, 0x64) read$auto(r0, 0x0, 0x1) mmap$auto(0x0, 0x400006, 0xdf, 0x809b72, 0x2, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x2) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) ioctl$auto(0x3, 0x4040ae79, 0x38) 1.920738855s ago: executing program 2 (id=444): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2, 0x3, 0x100) r1 = openat$auto_dev_fops_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close_range$auto(r1, r0, 0x5) socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffe2, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="906f1995", @ANYRES16=0x0, @ANYBLOB="10002cbd0000fddb79a71c"], 0x14}, 0x1, 0x0, 0x0, 0x20048000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x3, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.862547565s ago: executing program 1 (id=445): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/pci/00/03.0\x00', 0x181082, 0x0) ioctl$auto(0x3, 0x50434902, 0x38) mmap$auto(0x0, 0x9, 0x8, 0x8000000008011, 0x3, 0x8000) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0) pwrite64$auto(r0, 0x0, 0x6bc, 0x5) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_REQ_SET_REG(r1, 0x0, 0x40) readahead$auto(r1, 0x2, 0x8a) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x1, 0xe5e) sendmsg$auto_NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x90}, 0x4004050) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) ioctl$auto_TCSBRKP2(r2, 0x5425, 0x0) ioctl$auto_TCSBRKP2(r2, 0x5425, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x8000001ff, 0xe0, 0xffff, r1, 0x8000) madvise$auto(0x0, 0x2003f0, 0x15) write$auto(0x3, 0x0, 0x100082) madvise$auto(0x0, 0x200007, 0x19) socket$nl_generic(0x10, 0x3, 0x10) getrandom$auto(0x0, 0x6000000, 0x3) listmount$auto(0xfffffffffffffffd, 0x0, 0x8, 0x0) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) mbind$auto(0x4000000, 0x2, 0x4, 0x0, 0x6, 0x10001) madvise$auto(0x110c230000, 0x1, 0x9) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/pagetypeinfo\x00', 0x43102, 0x0) r3 = openat$auto_objects_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0) read$auto_objects_fops_(r3, &(0x7f0000000080)=""/72, 0x48) 1.643580846s ago: executing program 2 (id=446): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/adsp1\x00', 0x101142, 0x0) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0) read$auto(r1, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000280)={{&(0x7f0000000280), 0x1, &(0x7f0000000100)={&(0x7f0000000780)="4c0300000000000000a3677337f9ecba075f6bba44", 0xfffffffffffffff7}, 0x5, 0x0, 0x5, 0x1}, 0x8}, 0xfffffffe, 0x100) pivot_root$auto(0x0, 0x0) open(0x0, 0x7ffd, 0x12) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) madvise$auto(0x8001, 0x9, 0x138) connect$auto(0x3, 0x0, 0x10) unshare$auto(0x40000080) r2 = socket(0x2, 0x2, 0x1) getsockopt$auto(r2, 0x1, 0x4, &(0x7f0000000040)='/dev/cec27\x00', 0x0) madvise$auto(0x1a9c, 0x5, 0xe49) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) r3 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000002640), 0x20000, 0x0) ioctl$auto_USB_RAW_IOCTL_INIT(r3, 0x41015500, &(0x7f0000000140)={"a7a018b09bb196a05739a38a73473b93f5452886bc599ef976c54a71a5ce72a9af15390e93a8760df83859e16320e8d0b1161f13d12afae66b1d900a49586aa98d3504ca431aabab1964249251e57fa70517cc19b0e3974dc2a89e90c932b8859c767780d65e849700", "e600d778e82f8b8db7e27a036e39a8ac08de7e036d650e2184857e6b64f6a2c7fb08c6f5ce3828fb4e9498c076bef49c99c9cd91332e12b53664dc20fa879020fbd184c0d300c13be6047a70685ce029fb2385ae6e132c1c6adbcfbd873a3b925d397a08e8733e19ef5ec4f40b0b473c72efd18b8a9e9f3d12c5e44468922beb", 0x3}) ioctl$auto_USB_RAW_IOCTL_RUN(r3, 0x5501, 0x0) 1.10125416s ago: executing program 0 (id=447): r0 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/inject\x00', 0x2, 0x0) pwrite64$auto(r0, &(0x7f0000000340)='\v\f_U\xe0w\xbf\xe3\xb8\x92\xac.X_|\xc8R\x99!\xd2\xfb\xfe\xa7\xe4&#sn\x91p\xe6\x1eRN8\x99C\x05s\x1cJ\x99\x1d[s\x15z\x87\xe1\xb6\xba#7*/\x13\x00:\x00!\rW6\x00\x00\x00\x00\xb4\x1avP\x00\xc5\xc7\xf1\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2\xa7\xd1\xdd\x85\as*l\x9c\xa1\xf7\x8c\xa1\xfb\xb5\b\x00\x00\x00\x00\x00\x00\x00\xb4\xfb\x99\x00\xed\v\xfa\xaa[\f\xa2\xea40\r\xcd\x86\x9d\xac\xde\xec\x85\x93\x93\xd3G\x8c\x9b\x9d\a\xbf\x1f\x95n\x94\xbc[\xb5\xfa\xe0t\\\xbc\x11\x94\x0fF\xf9\xac\vv\xb5\xc3\xd9j\x05\boe\xa5\xc2l\x05\xbcTu\x18\xda\xf2#\x80\xd5\xb4\xf54\x04M\xc8G\x0e/\xae\xab\x9b\x14\x8f\xeb\x19\xc80Dq\x9f\f\x106\x1b\xa7\xe6jU\x00X\x8e\xe4\v\xbb\x91\a\x14\x8c\xc9z\'a\xdd\x89<\xf5\xeeC\xb4\xa7\x976\xfcO\x17\x1a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00<\xbc\xd7\xa7T^\x9fs\xec_Nl/+\x9a\xbb\xb3[\xcb\xf8\x87\x18\xe6,\xad_\xfe~M\x80X\x1ak7g\xff\xc8', 0x52, 0x5231) (async) r1 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/mnt\x00') ioctl$NS_GET_PARENT(r1, 0xb701, 0x0) (async) preadv$auto(r0, &(0x7f0000000080)={&(0x7f0000000000), 0x80}, 0x5, 0x0, 0x100000001) 1.086658886s ago: executing program 3 (id=448): r0 = openat$auto_proc_pid_set_comm_operations_base(0xffffffffffffff9c, &(0x7f0000002540)='/proc/self/comm\x00', 0x1, 0x0) write$auto_proc_pid_set_comm_operations_base(r0, &(0x7f0000002580)="233dce0e24", 0x5) (fail_nth: 2) 732.010962ms ago: executing program 0 (id=449): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) (async) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x5}, &(0x7f00000001c0)=0x6, &(0x7f0000000200)=0x1, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) ioctl$auto_KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f00000002c0)={0x8, r2, 0x0, 0x33}) (async) ioctl$auto_KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f00000002c0)={0x8, r2, 0x0, 0x33}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x5}, 0x20000b) (async) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x5}, 0x20000b) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) ioctl$auto(r3, 0xe03, 0x0) (async) ioctl$auto(r3, 0xe03, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) msgrcv$auto(0x9, 0x0, 0xfffffffffffffffd, 0x6, 0x80008) mmap$auto(0x1, 0x400008, 0xdf, 0x9b72, r0, 0x8000) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) (async) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) madvise$auto(0x2, 0x5c61fa2c, 0xf) r4 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="130029bd704fb068c18e97d09150d3fdaa6dd200fbdbdf25030000000400080914000180080002800400325908001400a9c12c20"], 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x800) (async) sendmsg$auto_OVS_FLOW_CMD_GET(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="130029bd704fb068c18e97d09150d3fdaa6dd200fbdbdf25030000000400080914000180080002800400325908001400a9c12c20"], 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x800) r6 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/security/tomoyo/exception_policy\x00', 0x0, 0x0) read$auto(r6, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x24000044) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, 0x0, 0x101000, 0x0) 668.466159ms ago: executing program 3 (id=450): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) socket(0x1e, 0x1, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/domain_policy\x00', 0xc4000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/block2mtd/parameters/block2mtd\x00', 0x601, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/blkio.throttle.write_iops_device\x00', 0x121002, 0x0) socket(0x22, 0x3, 0x0) mmap$auto(0x0, 0x40009, 0x7, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x80002, 0x73) sendmmsg$auto(r0, &(0x7f0000000200)={{&(0x7f0000000000), 0x3ff, &(0x7f0000000180)={&(0x7f00000000c0), 0x434b}, 0x9, &(0x7f00000001c0), 0x3ff, 0x24000000}, 0xb6}, 0x2, 0x2) openat$dir(0xffffffffffffff9c, 0x0, 0x840, 0xc) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x7a1000, 0x0) openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, 0x0, 0xc0401, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/mnt\x00') socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xffffffff, 0x9, 0x3, 0xe, 0x940, 0x1ffde, 0x3, 0x2000000000000006, 0x2, 0x9, 0x5, 0x80000000000002, 0x7, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x6, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, [0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1800000000000000, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x1fe, 0x2) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="1000"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40400c4) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) write$auto(r1, 0x0, 0xc3) 628.765852ms ago: executing program 1 (id=451): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r0 = epoll_create$auto(0x2) epoll_pwait2$auto(r0, 0x0, 0x8, &(0x7f0000000000)={0x0, 0x7ff9}, 0x0, 0x8) r1 = openat$auto_proc_pid_set_comm_operations_base(0xffffffffffffff9c, &(0x7f0000002540)='/proc/self/comm\x00', 0x1, 0x0) write$auto_proc_pid_set_comm_operations_base(r1, &(0x7f0000002580)="233dce0e24", 0x5) 541.811987ms ago: executing program 0 (id=452): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/irq/2/wakeup\x00', 0x80000, 0x0) mmap$auto(0x0, 0x400005, 0xffffffffffeffffe, 0x9b72, 0xc76, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, 0x0, 0x4000800) mmap$auto(0x0, 0x22009, 0x4000000000df, 0xeb1, 0x401, 0x1) socket(0xa, 0x3, 0x100) ioperm$auto(0x7, 0x5ad2, 0x8) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop10/queue/atomic_write_unit_min_bytes\x00', 0x60240, 0x0) read$auto(r2, &(0x7f0000000240)='/\x00', 0x100000001) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(0x3, 0x0, 0xfffffffffffffff7) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x48b41, 0x0) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) setreuid$auto(0x40000000003, 0xdf36) ioctl$auto(r3, 0x4b4a, 0x9) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000180), 0x20c00, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) mincore$auto(0x1000, 0x8001, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0x8, 0x0) ptrace$auto(0x4206, 0x1, 0x0, 0x200005) alarm$auto(0x80000000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000003b80)='/dev/snd/pcmC0D0c\x00', 0x8100, 0x0) 530.696396ms ago: executing program 1 (id=453): r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r2, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x20, r1, 0x1, 0x70bd25, 0x25dfdc02, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x8, 0x1, 0x0, 0x1, [@nested={0x4, 0x10}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) sendfile$auto(r0, r0, &(0x7f0000000340)=0x7, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r5 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000380), r4) sendmsg$auto_NETDEV_CMD_NAPI_GET(r2, &(0x7f00000004c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000440)={0x5c, r5, 0x400, 0x70bd29, 0x25dfdbfe, {}, [@NETDEV_A_NAPI_ID={0x8, 0x2, 0x1ff}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x3}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x9}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x5b}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0xfffffff5}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0xf}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x9}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x2}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x1}]}, 0x5c}, 0x1, 0x0, 0x0, 0x14}, 0x8000) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/pcm\x00', 0x88002, 0x0) pread64$auto(r7, 0x0, 0x594c, 0x9fffffffd) r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/flags\x00', 0x143262, 0x0) write$auto(r10, &(0x7f00000000c0)='1\x00\xc7k\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00j(=\xd1<\xf9\x96\x10>\xb9\x05\xbe\xc8v\x81-ILplM\x98\x88J\xfd\x17\xc8K\xdd\x89;T@d\xa3_\xfcb8\x7fA\x11\xba\xefL\xe1L\x8aE}\xa7\x05\b\xd7\xe2\xae\xfek\xbbw\x8c\x88\x1emW-\xf5\x94\xdak\x81\xe4\x1e\x1dS\xf2~>\xb1\xc6\xd1\xee\xc8\x19e\xc1w\xf05%\xd76]\x0f\v\x01\xa4(\xec\xd3\xca\a\x15&nv\xc1}\xfcD', 0x81) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r9, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r8, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) sendmsg$auto_NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x14) sendmsg$auto_OVS_FLOW_CMD_GET(r6, 0x0, 0x800) sendmmsg$auto(r6, &(0x7f00000000c0)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000002c0), 0x3, 0xa505}, 0x7ff}, 0x7, 0x4008) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x40200, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x100242, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r4, 0x80045010, &(0x7f0000000280)="7acca5c32b31b18d8888f8bb3c5ff5a718ebe172e690dbcbd1f9149c6bc53030efcf2a9c93c7a88c7dd1c5b612180b3dcada0bd2b16f9315ac254b541b2b6f893067de452f20e9d5437b5708022a4bd6b1ccf77916e13b338dd6ab6e46bb86d9307259341c28c37e0c18b7b72cd2de3ea88446f52cb59ba0d2e476614e0f762d84c6c09d64624d") 481.838345ms ago: executing program 2 (id=454): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x26}}, 0x71) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) r1 = io_uring_setup$auto(0x1, 0x0) sendmsg$auto_NL80211_CMD_PEER_MEASUREMENT_START(r0, 0x0, 0x4008080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x3) r2 = socketpair$auto(0x1, 0x0, 0xfffffffc, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) ioctl$auto(r3, 0x13, r2) socketpair$auto(0x4, 0x1, 0x20000, 0x0) ioctl$auto_TIOCVHANGUP2(r3, 0x5437, 0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/pid\x00') fchown$auto(r4, 0xfffe, 0x7ff) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) unshare$auto(0x40000080) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3b87, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r5 = openat$dir(0xffffffffffffff9c, 0x0, 0x200000, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r5, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) ioctl$auto_RNDADDENTROPY2(r1, 0x40085203, &(0x7f0000000080)=[0x3, 0x4010]) close_range$auto(0x2, 0x8, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x169000, 0x0) 362.794465ms ago: executing program 3 (id=455): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x149780, 0x0) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000080)='nfsd\x00', 0x7, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') lseek$auto(0xffffffffffffffff, 0x0, 0x1) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x1, 0x2020009, 0x80000003, 0xeb1, 0xfffffffffffffffa, 0x200000008000) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$auto_SNDCTL_MIDI_PRETIME(r0, 0xc0046d00, &(0x7f0000000280)="7dc0cbd221a5d93604efecee96c104b340f421198f06c83d8e3fb3685e7197a5fa3a37ca0a8d01ea074f9fa25cba17c5695377e0fd2b75f7a969b5600852edb6d0b8b22a1d79efa195b8f32c629a324730e282170feccde1e6bf8c35a0f2f00bd8f462eb884c6a86d799a0e6f9175855a3b72356b24d604d3d815791572ed8baac51f202aaf9ab829bf17135a8f42457376755010c7f810f8582702051567af581204432b2fc81f4eedeef450ca5361946accbc7a88d2f605ec1ae5f6c98880f8075bda250f750c1dd8b8fa0260b4f0e4b15418b22bf500a3b0930") r1 = io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) unshare$auto(0x8000000) mmap$auto(0x0, 0x70, 0xdf, 0x9b72, 0x2, 0x80000000008000) semctl$auto(0x7, 0x2, 0x13, 0x1) semctl$auto(0x3, 0x2, 0x13, 0x9) r2 = socket(0x11, 0x80003, 0x0) setsockopt$auto(r2, 0x8, 0x1, 0x0, 0xce24) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24044010}, 0xc0) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) socket(0x2, 0x801, 0x106) connect$auto(r0, &(0x7f0000000080)=@ethernet={0x6, @random="457ed856541b"}, 0x40) poll$auto(&(0x7f00000000c0)={0x3, 0x1, 0xa}, 0x5, 0x104) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/rose11/tx_queue_len\x00', 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/loginuid\x00', 0x4a482, 0x0) mmap$auto(0x3, 0x3, 0x4000000000e1, 0x40eb1, r1, 0x300000000000) move_pages$auto(0x1, 0x400000000f55, 0x0, 0x0, 0x0, 0x7) 0s ago: executing program 3 (id=456): mmap$auto(0x0, 0x2020009, 0x3, 0x20100000000eb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x10004) sync_file_range$auto(r0, 0xfffffffffffffff1, 0xa, 0x1) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0xad8c, 0x6, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) (async) clone$auto(0xad8c, 0x6, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) setsockopt$auto(0xffffffffffffffff, 0x400, 0xba, 0x0, 0xfb3) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) ustat$auto(0x801, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x129800, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0xf, 0x40007, 0x1000000007, 0x913, 0xffffffffffffffff, 0x8000) r2 = userfaultfd$auto(0xfffffffb) ioctl$auto(0x3, 0xc018aa3f, 0xf0b) syz_genetlink_get_family_id$auto_ila(&(0x7f0000000440), r1) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_macsec(0x0, r2) (async) syz_genetlink_get_family_id$auto_macsec(0x0, r2) socket(0x23, 0xa, 0x0) (async) socket(0x23, 0xa, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) (async) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r4, 0x0, 0x20) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x7}, 0x3) unshare$auto(0x40000080) (async) unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x10000001ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x3, 0x7, 0x201, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sg0\x00', 0x40200, 0x0) (async) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sg0\x00', 0x40200, 0x0) mmap$auto(0x6ca8, 0x400008, 0xdf, 0x9b72, r0, 0x8003) (async) mmap$auto(0x6ca8, 0x400008, 0xdf, 0x9b72, r0, 0x8003) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.123' (ED25519) to the list of known hosts. [ 76.043621][ T5850] cgroup: Unknown subsys name 'net' [ 76.160825][ T5850] cgroup: Unknown subsys name 'cpuset' [ 76.169482][ T5850] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 77.642290][ T5850] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 79.582395][ T5865] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 79.591569][ T5865] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 79.599438][ T5865] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 79.620902][ T5875] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 79.637602][ T5875] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 79.641660][ T5873] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 79.645807][ T5875] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 79.653318][ T5873] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 79.668014][ T5876] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 79.676046][ T5876] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 79.678670][ T5875] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 79.684444][ T5876] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 79.699370][ T5873] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 79.706483][ T5871] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 79.713889][ T5875] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 79.721680][ T5875] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 79.730482][ T5875] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 79.734364][ T5873] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 79.746003][ T5875] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 79.753363][ T5875] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 80.145290][ T5872] chnl_net:caif_netlink_parms(): no params data found [ 80.353206][ T5872] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.363888][ T5872] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.372065][ T5872] bridge_slave_0: entered allmulticast mode [ 80.380968][ T5872] bridge_slave_0: entered promiscuous mode [ 80.391255][ T5872] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.398623][ T5872] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.405797][ T5872] bridge_slave_1: entered allmulticast mode [ 80.413084][ T5872] bridge_slave_1: entered promiscuous mode [ 80.462696][ T5868] chnl_net:caif_netlink_parms(): no params data found [ 80.491073][ T5872] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.521486][ T5860] chnl_net:caif_netlink_parms(): no params data found [ 80.534027][ T5872] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.623907][ T5872] team0: Port device team_slave_0 added [ 80.655820][ T5872] team0: Port device team_slave_1 added [ 80.673555][ T5861] chnl_net:caif_netlink_parms(): no params data found [ 80.753249][ T5868] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.761028][ T5868] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.768407][ T5868] bridge_slave_0: entered allmulticast mode [ 80.775549][ T5868] bridge_slave_0: entered promiscuous mode [ 80.795240][ T5872] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.802339][ T5872] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.829290][ T5872] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.853797][ T5868] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.861016][ T5868] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.868579][ T5868] bridge_slave_1: entered allmulticast mode [ 80.875616][ T5868] bridge_slave_1: entered promiscuous mode [ 80.895984][ T5872] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.903081][ T5872] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.929568][ T5872] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.962486][ T5860] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.969893][ T5860] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.977050][ T5860] bridge_slave_0: entered allmulticast mode [ 80.984270][ T5860] bridge_slave_0: entered promiscuous mode [ 81.017927][ T5860] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.025093][ T5860] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.032680][ T5860] bridge_slave_1: entered allmulticast mode [ 81.039696][ T5860] bridge_slave_1: entered promiscuous mode [ 81.064016][ T5868] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.114467][ T5868] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.162449][ T5861] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.170895][ T5861] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.178570][ T5861] bridge_slave_0: entered allmulticast mode [ 81.185524][ T5861] bridge_slave_0: entered promiscuous mode [ 81.207079][ T5860] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.220329][ T5860] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.234258][ T5872] hsr_slave_0: entered promiscuous mode [ 81.241486][ T5872] hsr_slave_1: entered promiscuous mode [ 81.248777][ T5861] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.255946][ T5861] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.263456][ T5861] bridge_slave_1: entered allmulticast mode [ 81.270587][ T5861] bridge_slave_1: entered promiscuous mode [ 81.279248][ T5868] team0: Port device team_slave_0 added [ 81.325686][ T5868] team0: Port device team_slave_1 added [ 81.361698][ T5860] team0: Port device team_slave_0 added [ 81.370529][ T5860] team0: Port device team_slave_1 added [ 81.400631][ T5868] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 81.407701][ T5868] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.433902][ T5868] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 81.459182][ T5861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.475452][ T5868] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 81.482493][ T5868] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.509101][ T5868] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.539456][ T5861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.575761][ T5860] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 81.582840][ T5860] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.608897][ T5860] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 81.652794][ T5860] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 81.660118][ T5860] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.687462][ T5860] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.700633][ T5861] team0: Port device team_slave_0 added [ 81.710646][ T5875] Bluetooth: hci3: command tx timeout [ 81.734690][ T5861] team0: Port device team_slave_1 added [ 81.776772][ T5868] hsr_slave_0: entered promiscuous mode [ 81.783129][ T5868] hsr_slave_1: entered promiscuous mode [ 81.787658][ T5875] Bluetooth: hci0: command tx timeout [ 81.789181][ T5869] Bluetooth: hci1: command tx timeout [ 81.794511][ T5184] Bluetooth: hci2: command tx timeout [ 81.807902][ T5868] debugfs: 'hsr0' already exists in 'hsr' [ 81.813692][ T5868] Cannot create hsr debugfs directory [ 81.834004][ T5861] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 81.841087][ T5861] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.867716][ T5861] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 81.879906][ T5861] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 81.886898][ T5861] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.912871][ T5861] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.978772][ T5860] hsr_slave_0: entered promiscuous mode [ 81.985692][ T5860] hsr_slave_1: entered promiscuous mode [ 81.992045][ T5860] debugfs: 'hsr0' already exists in 'hsr' [ 81.998476][ T5860] Cannot create hsr debugfs directory [ 82.131850][ T5861] hsr_slave_0: entered promiscuous mode [ 82.138233][ T5861] hsr_slave_1: entered promiscuous mode [ 82.144468][ T5861] debugfs: 'hsr0' already exists in 'hsr' [ 82.150253][ T5861] Cannot create hsr debugfs directory [ 82.335024][ T5872] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 82.379549][ T5872] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 82.415842][ T5872] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 82.427382][ T5872] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 82.560812][ T5868] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 82.576794][ T5868] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 82.586925][ T5868] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 82.622485][ T5868] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 82.700275][ T5860] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 82.712573][ T5860] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 82.723505][ T5860] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 82.743331][ T5860] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 82.844162][ T5861] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 82.855700][ T5861] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 82.878116][ T5861] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 82.891471][ T5861] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 82.940620][ T5872] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.000058][ T5872] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.019816][ T5868] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.065174][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.072662][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.104600][ T4516] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.112053][ T4516] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.126251][ T5868] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.154466][ T4516] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.162001][ T4516] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.179629][ T5860] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.215251][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.222463][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.250808][ T5860] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.294446][ T5872] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 83.325128][ T1108] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.332308][ T1108] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.352908][ T5861] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.384899][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.392087][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.434107][ T5861] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.472716][ T4516] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.479914][ T4516] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.597304][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.604503][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.724795][ T5861] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 83.788925][ T5875] Bluetooth: hci3: command tx timeout [ 83.816576][ T5872] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.858598][ T5868] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.874277][ T5875] Bluetooth: hci0: command tx timeout [ 83.879843][ T5875] Bluetooth: hci2: command tx timeout [ 83.885265][ T5875] Bluetooth: hci1: command tx timeout [ 83.942484][ T5868] veth0_vlan: entered promiscuous mode [ 83.996025][ T5868] veth1_vlan: entered promiscuous mode [ 84.073381][ T5872] veth0_vlan: entered promiscuous mode [ 84.125978][ T5872] veth1_vlan: entered promiscuous mode [ 84.185073][ T5868] veth0_macvtap: entered promiscuous mode [ 84.200706][ T5868] veth1_macvtap: entered promiscuous mode [ 84.216731][ T5860] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.251863][ T5861] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.277010][ T5872] veth0_macvtap: entered promiscuous mode [ 84.294906][ T5868] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.327656][ T5872] veth1_macvtap: entered promiscuous mode [ 84.358462][ T5868] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.367983][ T5860] veth0_vlan: entered promiscuous mode [ 84.389555][ T5872] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.397091][ T3561] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.412074][ T3561] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.428440][ T5860] veth1_vlan: entered promiscuous mode [ 84.449784][ T3561] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.458938][ T3561] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.480610][ T5872] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.502846][ T5861] veth0_vlan: entered promiscuous mode [ 84.532043][ T3561] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.542288][ T3561] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.558305][ T5861] veth1_vlan: entered promiscuous mode [ 84.569131][ T3561] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.579250][ T3561] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.600808][ T5860] veth0_macvtap: entered promiscuous mode [ 84.663552][ T5860] veth1_macvtap: entered promiscuous mode [ 84.727700][ T1108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.735971][ T5861] veth0_macvtap: entered promiscuous mode [ 84.745050][ T1108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.765521][ T5860] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.778679][ T5861] veth1_macvtap: entered promiscuous mode [ 84.800228][ T5860] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.813797][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.829717][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.861666][ T1108] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.872862][ T1108] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.876668][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.897028][ T49] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.915034][ T49] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.956002][ T3561] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.964381][ T3561] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.968243][ T49] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.981794][ T49] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.998375][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.025665][ T5868] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 85.118831][ T1108] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.142351][ T5949] zram: Removed device: zram0 [ 85.156203][ T1108] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.172111][ T1108] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.195578][ T1108] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.248538][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.282759][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.395967][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.409602][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.488998][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.496950][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.649973][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.676019][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.864431][ T5961] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2'. [ 85.875175][ T5184] Bluetooth: hci3: command tx timeout [ 85.920474][ T5965] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2'. [ 85.948151][ T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!! [ 85.959056][ T5184] Bluetooth: hci1: command tx timeout [ 85.964488][ T5184] Bluetooth: hci2: command tx timeout [ 85.970797][ T5875] Bluetooth: hci0: command tx timeout [ 85.985580][ T5965] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2'. [ 85.995788][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 86.038723][ T5965] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2'. [ 86.040005][ T5968] netlink: 218 bytes leftover after parsing attributes in process `syz.1.2'. [ 86.058603][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 86.310277][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 86.617863][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 87.607608][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 87.616427][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 87.682488][ T5990] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 87.816604][ T5991] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 87.894391][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 87.964474][ T5184] Bluetooth: hci3: command tx timeout [ 88.027702][ T5184] Bluetooth: hci1: command tx timeout [ 88.030400][ T5875] Bluetooth: hci2: command tx timeout [ 88.033352][ T5184] Bluetooth: hci0: command tx timeout [ 88.185775][ T5991] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10'. [ 88.237779][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 89.079725][ T6011] netlink: 28 bytes leftover after parsing attributes in process `syz.1.14'. [ 89.143763][ T6008] ptrace attach of ""[6009] was attempted by "./syz-executor exec"[6008] [ 89.216092][ T6012] nfs4: Unknown parameter '€' [ 89.237442][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 90.274979][ T6011] Zero length message leads to an empty skb [ 90.978723][ T6028] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 91.938780][ T6036] openvswitch: netlink: IP tunnel dst address not specified [ 91.979436][ T93] cfg80211: failed to load regulatory.db [ 92.213234][ T6047] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 94.711698][ T6086] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 95.028314][ T6089] ptrace attach of "./syz-executor exec"[6093] was attempted by "./syz-executor exec"[6089] [ 97.813067][ T6129] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 98.786511][ T6149] openvswitch: netlink: IP tunnel dst address not specified [ 98.916656][ T6143] ptrace attach of ""[6145] was attempted by "./syz-executor exec"[6143] [ 98.931770][ T6150] zram: Added device: zram0 [ 99.025246][ T6117] kexec: Could not allocate control_code_buffer [ 99.966108][ T6153] syz.0.41 (6153) used greatest stack depth: 19064 bytes left [ 100.364594][ T6164] openvswitch: netlink: IP tunnel dst address not specified [ 102.008616][ T6187] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 102.016678][ T6187] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 102.032690][ T6187] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 102.054810][ T6187] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 102.066397][ T6187] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 102.084761][ T6187] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 102.107682][ T6187] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 102.113959][ T6187] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 102.141081][ T6187] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 102.303764][ T6187] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 102.317816][ T6187] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 102.442753][ T6190] openvswitch: netlink: IP tunnel dst address not specified [ 102.456475][ T6187] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 103.549798][ T6203] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 103.998206][ T6209] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 104.028648][ T5184] Bluetooth: hci1: command 0x0c1a tx timeout [ 104.117393][ T5184] Bluetooth: hci0: command 0x0c1a tx timeout [ 104.188477][ T5184] Bluetooth: hci2: command 0x0c1a tx timeout [ 104.348885][ T5184] Bluetooth: hci3: command 0x0c1a tx timeout [ 105.278914][ T6220] FAULT_INJECTION: forcing a failure. [ 105.278914][ T6220] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 105.318358][ T6220] CPU: 0 UID: 0 PID: 6220 Comm: syz.2.55 Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(full) [ 105.318394][ T6220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 105.318411][ T6220] Call Trace: [ 105.318419][ T6220] [ 105.318428][ T6220] dump_stack_lvl+0x16c/0x1f0 [ 105.318465][ T6220] should_fail_ex+0x512/0x640 [ 105.318499][ T6220] _copy_from_user+0x2e/0xd0 [ 105.318532][ T6220] copy_msghdr_from_user+0x98/0x160 [ 105.318564][ T6220] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 105.318596][ T6220] ? __pfx__kstrtoull+0x10/0x10 [ 105.318628][ T6220] ___sys_sendmsg+0xfe/0x1d0 [ 105.318655][ T6220] ? __pfx____sys_sendmsg+0x10/0x10 [ 105.318698][ T6220] ? find_held_lock+0x2b/0x80 [ 105.318746][ T6220] __sys_sendmmsg+0x200/0x420 [ 105.318776][ T6220] ? __pfx___sys_sendmmsg+0x10/0x10 [ 105.318814][ T6220] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 105.318856][ T6220] ? fput+0x9b/0xd0 [ 105.318888][ T6220] ? ksys_write+0x1ac/0x250 [ 105.318915][ T6220] ? __pfx_ksys_write+0x10/0x10 [ 105.318948][ T6220] __x64_sys_sendmmsg+0x9c/0x100 [ 105.318973][ T6220] ? lockdep_hardirqs_on+0x7c/0x110 [ 105.318996][ T6220] do_syscall_64+0xcd/0x490 [ 105.319025][ T6220] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.319050][ T6220] RIP: 0033:0x7f385518eb69 [ 105.319073][ T6220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 105.319099][ T6220] RSP: 002b:00007f385608f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 105.319122][ T6220] RAX: ffffffffffffffda RBX: 00007f38553b6080 RCX: 00007f385518eb69 [ 105.319138][ T6220] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000004 [ 105.319153][ T6220] RBP: 00007f385608f090 R08: 0000000000000000 R09: 0000000000000000 [ 105.319168][ T6220] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 105.319182][ T6220] R13: 0000000000000000 R14: 00007f38553b6080 R15: 00007fffe5be5968 [ 105.319231][ T6220] [ 105.814405][ T6229] random: crng reseeded on system resumption [ 105.987953][ T6233] binder: 6227:6233 ioctl 1260 7fffffffffffffff returned -22 [ 106.124658][ T5184] Bluetooth: hci1: command 0x0c1a tx timeout [ 106.187296][ T5184] Bluetooth: hci0: command 0x0c1a tx timeout [ 106.267286][ T5184] Bluetooth: hci2: command 0x0c1a tx timeout [ 106.311890][ T6239] netlink: 'syz.2.60': attribute type 1 has an invalid length. [ 106.427258][ T5184] Bluetooth: hci3: command 0x0c1a tx timeout [ 107.059261][ T6252] openvswitch: netlink: IP tunnel dst address not specified getty: ttyS0: read error: Resource temporarily unavailable [ 108.190449][ T5184] Bluetooth: hci1: command 0x0c1a tx timeout [ 108.267337][ T5184] Bluetooth: hci0: command 0x0c1a tx timeout [ 108.347527][ T5184] Bluetooth: hci2: command 0x0c1a tx timeout [ 108.507378][ T5184] Bluetooth: hci3: command 0x0c1a tx timeout [ 108.559036][ T6277] netlink: 342 bytes leftover after parsing attributes in process `syz.0.67'. [ 108.851117][ T6291] openvswitch: netlink: nsh attribute has 2 unknown bytes. [ 109.667840][ T6312] openvswitch: netlink: IP tunnel dst address not specified [ 110.904811][ T6339] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 110.945787][ T6339] netlink: 8 bytes leftover after parsing attributes in process `syz.0.77'. [ 110.967622][ T6340] mmap: syz.1.76 (6340) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 111.136769][ T6345] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 111.330746][ T6315] kexec: Could not allocate control_code_buffer [ 111.640482][ T6352] openvswitch: netlink: IP tunnel dst address not specified [ 112.165599][ T6357] FAULT_INJECTION: forcing a failure. [ 112.165599][ T6357] name fail_futex, interval 1, probability 0, space 0, times 1 [ 112.222772][ T6357] CPU: 1 UID: 0 PID: 6357 Comm: syz.1.82 Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(full) [ 112.222814][ T6357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 112.222827][ T6357] Call Trace: [ 112.222835][ T6357] [ 112.222843][ T6357] dump_stack_lvl+0x16c/0x1f0 [ 112.222862][ T6357] should_fail_ex+0x512/0x640 [ 112.222882][ T6357] get_futex_key+0x1d0/0x1560 [ 112.222901][ T6357] ? __pfx_get_futex_key+0x10/0x10 [ 112.222918][ T6357] ? __pfx___schedule+0x10/0x10 [ 112.222939][ T6357] ? trace_irq_enable.constprop.0+0x2f/0x120 [ 112.222963][ T6357] futex_wake+0xea/0x530 [ 112.222981][ T6357] ? try_to_wake_up+0x160/0x1870 [ 112.222996][ T6357] ? __pfx_futex_wake+0x10/0x10 [ 112.223014][ T6357] ? preempt_schedule_thunk+0x16/0x30 [ 112.223036][ T6357] ? preempt_schedule_thunk+0x16/0x30 [ 112.223058][ T6357] do_futex+0x1e3/0x350 [ 112.223076][ T6357] ? __pfx_do_futex+0x10/0x10 [ 112.223098][ T6357] __x64_sys_futex+0x1e0/0x4c0 [ 112.223116][ T6357] ? fput+0x9b/0xd0 [ 112.223135][ T6357] ? __pfx___x64_sys_futex+0x10/0x10 [ 112.223152][ T6357] ? xfd_validate_state+0x61/0x180 [ 112.223172][ T6357] ? __pfx_ksys_write+0x10/0x10 [ 112.223193][ T6357] do_syscall_64+0xcd/0x490 [ 112.223209][ T6357] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.223223][ T6357] RIP: 0033:0x7f512e98eb69 [ 112.223237][ T6357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 112.223250][ T6357] RSP: 002b:00007f512f7290e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 112.223264][ T6357] RAX: ffffffffffffffda RBX: 00007f512ebb5fa8 RCX: 00007f512e98eb69 [ 112.223273][ T6357] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f512ebb5fac [ 112.223281][ T6357] RBP: 00007f512ebb5fa0 R08: 00007f512f72a000 R09: 0000000000000000 [ 112.223300][ T6357] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f512ebb5fac [ 112.223309][ T6357] R13: 0000000000000000 R14: 00007ffdc8e91b80 R15: 00007ffdc8e91c68 [ 112.223326][ T6357] [ 112.523081][ T6366] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 112.563704][ T6368] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 112.828932][ T6373] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 114.892814][ T6403] netlink: 4 bytes leftover after parsing attributes in process `syz.3.93'. [ 115.571655][ T6408] openvswitch: netlink: IP tunnel dst address not specified [ 116.343123][ T6394] kexec: Could not allocate control_code_buffer [ 117.541449][ T6431] netlink: 206 bytes leftover after parsing attributes in process `syz.1.99'. [ 118.395894][ T6451] netlink: 8 bytes leftover after parsing attributes in process `syz.1.104'. [ 118.692183][ T6456] openvswitch: netlink: IP tunnel dst address not specified [ 119.255342][ T6462] netlink: 28 bytes leftover after parsing attributes in process `syz.1.106'. [ 119.279555][ T6462] team_slave_0: entered allmulticast mode syzkaller syzkaller login: [ 122.127044][ T6510] ptrace attach of ""[6514] was attempted by "./syz-executor exec"[6510] [ 122.373283][ T6523] netlink: 12 bytes leftover after parsing attributes in process `syz.2.115'. [ 122.566292][ T6525] openvswitch: netlink: IP tunnel dst address not specified [ 122.814660][ T6537] netlink: 4 bytes leftover after parsing attributes in process `syz.2.117'. [ 123.991313][ T6544] netlink: 206 bytes leftover after parsing attributes in process `syz.2.118'. [ 124.802345][ T6570] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 125.817432][ T6583] random: crng reseeded on system resumption [ 126.865182][ T6549] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 126.931649][ T6549] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 127.760009][ T6615] ptrace attach of "./syz-executor exec"[6617] was attempted by "./syz-executor exec"[6615] [ 129.466394][ T6639] capability: warning: `syz.2.134' uses 32-bit capabilities (legacy support in use) [ 131.035239][ T6672] ptrace attach of "./syz-executor exec"[6676] was attempted by "./syz-executor exec"[6672] [ 132.731638][ T6722] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 132.921677][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.930452][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.166334][ T6717] netlink: 206 bytes leftover after parsing attributes in process `syz.1.149'. [ 134.069043][ T6734] ptrace attach of "./syz-executor exec"[6735] was attempted by "./syz-executor exec"[6734] [ 134.348015][ T6738] ptrace attach of ""[6739] was attempted by "./syz-executor exec"[6738] [ 134.484868][ T6746] program syz.3.156 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 136.246309][ T6788] ptrace attach of "./syz-executor exec"[6791] was attempted by "./syz-executor exec"[6788] [ 136.415723][ T6800] openvswitch: netlink: Unknown nsh attribute 0 [ 136.554828][ T6803] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 136.609519][ T30] audit: type=1800 audit(1754383227.548:2): pid=6801 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm=2A2A204B434D207374617469737469 name="lu_gp_id" dev="configfs" ino=11565 res=0 errno=0 [ 136.740731][ T6805] process 'syz.1.170' launched './file0' with NULL argv: empty string added [ 136.784445][ T6805] netlink: 28 bytes leftover after parsing attributes in process `syz.1.170'. [ 137.240148][ T6805] bond0: (slave bond_slave_1): Releasing backup interface [ 137.395295][ T6816] ima: policy update failed [ 137.401727][ T30] audit: type=1802 audit(1754383228.358:3): pid=6816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.175" res=0 errno=0 [ 137.568550][ T6815] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 137.575685][ T6815] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 137.591500][ T6815] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 137.613170][ T6815] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 138.625792][ T6840] ptrace attach of "./syz-executor exec"[6841] was attempted by "./syz-executor exec"[6840] [ 139.638900][ T5184] Bluetooth: hci3: command 0x0c1a tx timeout [ 139.638949][ T5869] Bluetooth: hci0: command 0x0c1a tx timeout [ 139.644988][ T5184] Bluetooth: hci1: command 0x0c1a tx timeout [ 139.651430][ T5875] Bluetooth: hci2: command 0x0c1a tx timeout [ 139.776079][ T6854] netlink: 4 bytes leftover after parsing attributes in process `syz.1.185'. [ 140.922292][ T6863] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 140.953381][ T6863] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 140.978374][ T6863] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 141.056052][ T6863] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 141.291136][ T6867] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 141.317940][ T6867] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 141.347093][ T6867] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 141.353594][ T6867] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 141.814953][ T6880] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 142.673820][ T6889] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 142.751596][ T6880] could not allocate digest TFM handle [ 142.757599][ T6881] could not allocate digest TFM handle " [ 143.307340][ T5875] Bluetooth: hci1: command 0x0c1a tx timeout [ 143.395265][ T5875] Bluetooth: hci3: command 0x0c1a tx timeout [ 143.401601][ T5875] Bluetooth: hci2: command 0x0c1a tx timeout [ 143.407357][ T5184] Bluetooth: hci0: command 0x0c1a tx timeout [ 143.923062][ T6904] netlink: 342 bytes leftover after parsing attributes in process `syz.2.197'. [ 144.447524][ T6917] FAULT_INJECTION: forcing a failure. [ 144.447524][ T6917] name failslab, interval 1, probability 0, space 0, times 0 [ 144.484638][ T6917] CPU: 0 UID: 0 PID: 6917 Comm: syz.3.202 Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(full) [ 144.484679][ T6917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 144.484694][ T6917] Call Trace: [ 144.484704][ T6917] [ 144.484715][ T6917] dump_stack_lvl+0x16c/0x1f0 [ 144.484748][ T6917] should_fail_ex+0x512/0x640 [ 144.484778][ T6917] ? __kmalloc_noprof+0xbf/0x510 [ 144.484811][ T6917] ? memcg_list_lru_alloc+0x4e9/0x740 [ 144.484841][ T6917] should_failslab+0xc2/0x120 [ 144.484874][ T6917] __kmalloc_noprof+0xd2/0x510 [ 144.484901][ T6917] ? __lock_acquire+0x62e/0x1ce0 [ 144.484942][ T6917] memcg_list_lru_alloc+0x4e9/0x740 [ 144.484982][ T6917] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 144.485024][ T6917] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 144.485057][ T6917] __memcg_slab_post_alloc_hook+0x133/0x960 [ 144.485097][ T6917] ? kasan_save_track+0x14/0x30 [ 144.485140][ T6917] kmem_cache_alloc_lru_noprof+0x30f/0x3b0 [ 144.485171][ T6917] ? __pfx_stack_trace_save+0x10/0x10 [ 144.485200][ T6917] ? __d_alloc+0x32/0xae0 [ 144.485236][ T6917] __d_alloc+0x32/0xae0 [ 144.485272][ T6917] d_alloc_parallel+0x111/0x1480 [ 144.485311][ T6917] ? do_syscall_64+0xcd/0x490 [ 144.485336][ T6917] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.485371][ T6917] ? look_up_lock_class+0x59/0x150 [ 144.485397][ T6917] ? __pfx_d_alloc_parallel+0x10/0x10 [ 144.485439][ T6917] ? lockdep_init_map_type+0x5c/0x280 [ 144.485474][ T6917] ? lockdep_init_map_type+0x5c/0x280 [ 144.485515][ T6917] __lookup_slow+0x193/0x460 [ 144.485555][ T6917] ? __pfx___lookup_slow+0x10/0x10 [ 144.485600][ T6917] ? perf_trace_mm_compaction_suitable_template+0x2e0/0x5e0 [ 144.485646][ T6917] ? perf_trace_mm_compaction_suitable_template+0x2e0/0x5e0 [ 144.485683][ T6917] ? d_lookup+0xe7/0x190 [ 144.485726][ T6917] lookup_noperm+0xe1/0x110 [ 144.485765][ T6917] do_mq_open+0x29b/0x8c0 [ 144.485802][ T6917] ? __might_fault+0xe3/0x190 [ 144.485834][ T6917] ? __pfx_do_mq_open+0x10/0x10 [ 144.485880][ T6917] __x64_sys_mq_open+0x155/0x1e0 [ 144.485917][ T6917] ? __pfx___x64_sys_mq_open+0x10/0x10 [ 144.485974][ T6917] do_syscall_64+0xcd/0x490 [ 144.486003][ T6917] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.486029][ T6917] RIP: 0033:0x7f751338eb69 [ 144.486050][ T6917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.486074][ T6917] RSP: 002b:00007f75142a7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f0 [ 144.486105][ T6917] RAX: ffffffffffffffda RBX: 00007f75135b5fa0 RCX: 00007f751338eb69 [ 144.486129][ T6917] RDX: 000000000000b9fb RSI: 00000000000061df RDI: 0000200000000040 [ 144.486146][ T6917] RBP: 00007f7513411df1 R08: 0000000000000000 R09: 0000000000000000 [ 144.486161][ T6917] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000000 [ 144.486177][ T6917] R13: 0000000000000000 R14: 00007f75135b5fa0 R15: 00007ffc8567ceb8 [ 144.486214][ T6917] [ 146.599435][ T6963] netlink: 4 bytes leftover after parsing attributes in process `syz.3.209'. [ 147.136342][ T6969] netlink: 326 bytes leftover after parsing attributes in process `syz.1.211'. [ 147.461731][ T6973] ptrace attach of ""[6975] was attempted by "./syz-executor exec"[6973] [ 147.766332][ T6981] netlink: 206 bytes leftover after parsing attributes in process `syz.2.213'. [ 148.096800][ T6986] ovs_: entered promiscuous mode [ 149.308026][ T7001] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 149.325969][ T7001] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 149.486764][ T7001] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 149.537871][ T7001] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 149.799174][ T7008] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 149.901218][ T7013] ovs_: entered promiscuous mode [ 150.942277][ T7033] random: crng reseeded on system resumption [ 151.323677][ T7051] FAULT_INJECTION: forcing a failure. [ 151.323677][ T7051] name failslab, interval 1, probability 0, space 0, times 0 [ 151.351318][ T7044] ptrace attach of "./syz-executor exec"[7050] was attempted by "./syz-executor exec"[7044] [ 151.361850][ T7051] CPU: 0 UID: 0 PID: 7051 Comm: syz.0.236 Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(full) [ 151.361884][ T7051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 151.361897][ T7051] Call Trace: [ 151.361905][ T7051] [ 151.361914][ T7051] dump_stack_lvl+0x16c/0x1f0 [ 151.361944][ T7051] should_fail_ex+0x512/0x640 [ 151.361972][ T7051] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 151.362005][ T7051] should_failslab+0xc2/0x120 [ 151.362036][ T7051] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 151.362065][ T7051] ? security_file_alloc+0x34/0x2b0 [ 151.362099][ T7051] security_file_alloc+0x34/0x2b0 [ 151.362128][ T7051] init_file+0x93/0x4c0 [ 151.362162][ T7051] alloc_empty_file+0x73/0x1e0 [ 151.362197][ T7051] path_openat+0xda/0x2cb0 [ 151.362222][ T7051] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.362260][ T7051] ? __pfx_path_openat+0x10/0x10 [ 151.362298][ T7051] do_filp_open+0x20b/0x470 [ 151.362326][ T7051] ? __pfx_do_filp_open+0x10/0x10 [ 151.362379][ T7051] ? alloc_fd+0x471/0x7d0 [ 151.362413][ T7051] do_sys_openat2+0x11b/0x1d0 [ 151.362456][ T7051] ? __pfx_do_sys_openat2+0x10/0x10 [ 151.362493][ T7051] ? __fget_files+0x20e/0x3c0 [ 151.362525][ T7051] __x64_sys_openat+0x174/0x210 [ 151.362561][ T7051] ? __pfx___x64_sys_openat+0x10/0x10 [ 151.362595][ T7051] ? ksys_write+0x1ac/0x250 [ 151.362634][ T7051] do_syscall_64+0xcd/0x490 [ 151.362664][ T7051] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.362688][ T7051] RIP: 0033:0x7f5c53f8eb69 [ 151.362708][ T7051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 151.362729][ T7051] RSP: 002b:00007f5c54e66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 151.362752][ T7051] RAX: ffffffffffffffda RBX: 00007f5c541b5fa0 RCX: 00007f5c53f8eb69 [ 151.362767][ T7051] RDX: 0000000000000400 RSI: 0000200000000200 RDI: ffffffffffffff9c [ 151.362781][ T7051] RBP: 00007f5c54e66090 R08: 0000000000000000 R09: 0000000000000000 [ 151.362795][ T7051] R10: 000000000000003f R11: 0000000000000246 R12: 0000000000000001 [ 151.362808][ T7051] R13: 0000000000000000 R14: 00007f5c541b5fa0 R15: 00007ffdf306e758 [ 151.362840][ T7051] [ 151.757593][ T5184] Bluetooth: hci0: command 0x0c1a tx timeout [ 151.763673][ T5184] Bluetooth: hci1: command 0x0c1a tx timeout [ 151.770056][ T5184] Bluetooth: hci3: command 0x0c1a tx timeout [ 151.776295][ T5184] Bluetooth: hci2: command 0x0c1a tx timeout [ 151.982508][ T7064] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 153.426224][ T7083] openvswitch: netlink: IP tunnel dst address not specified [ 154.200760][ T7092] openvswitch: netlink: IP tunnel dst address not specified [ 154.443934][ T7099] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 154.568152][ T7101] netlink: 28 bytes leftover after parsing attributes in process `syz.3.246'. [ 154.601240][ T7101] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 154.630939][ T7101] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 154.666356][ T7101] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 154.698618][ T7101] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 155.522487][ T7110] FAULT_INJECTION: forcing a failure. [ 155.522487][ T7110] name failslab, interval 1, probability 0, space 0, times 0 [ 155.569932][ T7110] CPU: 1 UID: 0 PID: 7110 Comm: syz.0.249 Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(full) [ 155.569977][ T7110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 155.569992][ T7110] Call Trace: [ 155.570001][ T7110] [ 155.570012][ T7110] dump_stack_lvl+0x16c/0x1f0 [ 155.570045][ T7110] should_fail_ex+0x512/0x640 [ 155.570085][ T7110] ? fs_reclaim_acquire+0xae/0x150 [ 155.570126][ T7110] should_failslab+0xc2/0x120 [ 155.570160][ T7110] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 155.570193][ T7110] ? __kernfs_new_node+0xd2/0x8e0 [ 155.570230][ T7110] __kernfs_new_node+0xd2/0x8e0 [ 155.570267][ T7110] ? __pfx___kernfs_new_node+0x10/0x10 [ 155.570314][ T7110] ? find_held_lock+0x2b/0x80 [ 155.570341][ T7110] ? kernfs_root+0xee/0x2a0 [ 155.570382][ T7110] kernfs_new_node+0x13c/0x1e0 [ 155.570426][ T7110] kernfs_create_link+0xcc/0x240 [ 155.570456][ T7110] sysfs_do_create_link_sd+0x90/0x140 [ 155.570491][ T7110] sysfs_create_link+0x61/0xc0 [ 155.570522][ T7110] device_add+0xb14/0x1aa0 [ 155.570560][ T7110] ? __pfx_device_add+0x10/0x10 [ 155.570590][ T7110] ? __pfx___might_resched+0x10/0x10 [ 155.570614][ T7110] ? lockdep_hardirqs_on+0x7c/0x110 [ 155.570650][ T7110] __add_disk+0x457/0xf00 [ 155.570685][ T7110] add_disk_fwnode+0x13f/0x5d0 [ 155.570717][ T7110] loop_add+0x903/0xb70 [ 155.570756][ T7110] ? __pfx_loop_add+0x10/0x10 [ 155.570820][ T7110] ? find_held_lock+0x2b/0x80 [ 155.570851][ T7110] loop_control_ioctl+0x13e/0x630 [ 155.570890][ T7110] ? __pfx_loop_control_ioctl+0x10/0x10 [ 155.570934][ T7110] ? __pfx_loop_control_ioctl+0x10/0x10 [ 155.570974][ T7110] __x64_sys_ioctl+0x18b/0x210 [ 155.571016][ T7110] do_syscall_64+0xcd/0x490 [ 155.571046][ T7110] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.571079][ T7110] RIP: 0033:0x7f5c53f8eb69 [ 155.571101][ T7110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.571127][ T7110] RSP: 002b:00007f5c54e66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 155.571152][ T7110] RAX: ffffffffffffffda RBX: 00007f5c541b5fa0 RCX: 00007f5c53f8eb69 [ 155.571169][ T7110] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000006 [ 155.571185][ T7110] RBP: 00007f5c54011df1 R08: 0000000000000000 R09: 0000000000000000 [ 155.571201][ T7110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 155.571216][ T7110] R13: 0000000000000000 R14: 00007f5c541b5fa0 R15: 00007ffdf306e758 [ 155.571252][ T7110] [ 156.560425][ T7129] netlink: 206 bytes leftover after parsing attributes in process `syz.2.254'. [ 157.398406][ T7135] netlink: 8 bytes leftover after parsing attributes in process `syz.2.255'. [ 157.471345][ T7143] netlink: 206 bytes leftover after parsing attributes in process `syz.2.255'. [ 157.889877][ T7163] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 158.138357][ T7167] netlink: 4 bytes leftover after parsing attributes in process `syz.3.261'. [ 160.732194][ T7213] openvswitch: netlink: IP tunnel dst address not specified [ 161.093040][ T7227] netlink: 4 bytes leftover after parsing attributes in process `syz.3.272'. [ 161.258160][ T7229] ptrace attach of "./syz-executor exec"[7230] was attempted by "./syz-executor exec"[7229] [ 161.482552][ T7233] binder: 7232:7233 unknown command 3 [ 161.527627][ T7233] binder: 7232:7233 ioctl c0306201 0 returned -22 [ 162.736323][ T7249] netlink: zone id is out of range [ 162.763614][ T7249] netlink: zone id is out of range [ 163.046569][ T7256] syz.2.281 uses obsolete (PF_INET,SOCK_PACKET) [ 163.448816][ T7265] netlink: 4 bytes leftover after parsing attributes in process `syz.0.284'. [ 163.753120][ T5869] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 163.753157][ T5869] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 163.768365][ T5869] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 163.768422][ T5869] Bluetooth: hci1: adv larger than maximum supported [ 163.777977][ T5869] Bluetooth: hci1: Unknown advertising packet type: 0x7b [ 163.785719][ T5869] Bluetooth: hci1: Malformed LE Event: 0x0d [ 165.922965][ T7304] ptrace attach of ""[7307] was attempted by "./syz-executor exec"[7304] [ 166.893734][ T7325] netlink: 4 bytes leftover after parsing attributes in process `syz.3.295'. [ 167.276670][ T7332] netlink: 206 bytes leftover after parsing attributes in process `syz.3.298'. [ 168.193592][ T7299] kexec: Could not allocate control_code_buffer [ 169.462903][ T7377] FAULT_INJECTION: forcing a failure. [ 169.462903][ T7377] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 169.476511][ T7377] CPU: 0 UID: 0 PID: 7377 Comm: syz.1.310 Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(full) [ 169.476553][ T7377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 169.476563][ T7377] Call Trace: [ 169.476572][ T7377] [ 169.476578][ T7377] dump_stack_lvl+0x16c/0x1f0 [ 169.476601][ T7377] should_fail_ex+0x512/0x640 [ 169.476625][ T7377] should_fail_alloc_page+0xe7/0x130 [ 169.476647][ T7377] prepare_alloc_pages+0x3c2/0x610 [ 169.476668][ T7377] ? rcu_is_watching+0x12/0xc0 [ 169.476685][ T7377] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 169.476702][ T7377] ? css_rstat_updated+0x1c2/0x510 [ 169.476719][ T7377] ? __pfx_css_rstat_updated+0x10/0x10 [ 169.476741][ T7377] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 169.476765][ T7377] ? __lock_acquire+0x62e/0x1ce0 [ 169.476786][ T7377] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 169.476808][ T7377] ? policy_nodemask+0xea/0x4e0 [ 169.476827][ T7377] alloc_pages_mpol+0x1fb/0x550 [ 169.476846][ T7377] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 169.476866][ T7377] ? __lock_acquire+0x62e/0x1ce0 [ 169.476885][ T7377] folio_alloc_mpol_noprof+0x36/0x2f0 [ 169.476907][ T7377] vma_alloc_folio_noprof+0xed/0x1e0 [ 169.476927][ T7377] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 169.476954][ T7377] do_pte_missing+0x2230/0x3ba0 [ 169.476970][ T7377] ? find_held_lock+0x2b/0x80 [ 169.476988][ T7377] __handle_mm_fault+0x152a/0x2a50 [ 169.477008][ T7377] ? __pfx___handle_mm_fault+0x10/0x10 [ 169.477028][ T7377] ? __pte_offset_map_lock+0x174/0x310 [ 169.477049][ T7377] ? find_held_lock+0x2b/0x80 [ 169.477068][ T7377] ? follow_page_pte.constprop.0+0x5cf/0x1390 [ 169.477093][ T7377] handle_mm_fault+0x589/0xd10 [ 169.477129][ T7377] __get_user_pages+0x551/0x34a0 [ 169.477178][ T7377] ? __pfx___get_user_pages+0x10/0x10 [ 169.477218][ T7377] populate_vma_page_range+0x267/0x3f0 [ 169.477255][ T7377] ? __pfx_populate_vma_page_range+0x10/0x10 [ 169.477288][ T7377] ? __pfx_find_vma_intersection+0x10/0x10 [ 169.477313][ T7377] ? do_mmap+0x69c/0x1210 [ 169.477334][ T7377] __mm_populate+0x1d8/0x380 [ 169.477356][ T7377] ? __pfx___mm_populate+0x10/0x10 [ 169.477378][ T7377] ? up_write+0x1b2/0x520 [ 169.477399][ T7377] vm_mmap_pgoff+0x37f/0x470 [ 169.477421][ T7377] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 169.477439][ T7377] ? find_held_lock+0x2b/0x80 [ 169.477456][ T7377] ? __x64_sys_futex+0x1e0/0x4c0 [ 169.477473][ T7377] ? __x64_sys_futex+0x1e9/0x4c0 [ 169.477493][ T7377] ksys_mmap_pgoff+0x7d/0x5c0 [ 169.477511][ T7377] ? xfd_validate_state+0x61/0x180 [ 169.477550][ T7377] __x64_sys_mmap+0x125/0x190 [ 169.477575][ T7377] do_syscall_64+0xcd/0x490 [ 169.477593][ T7377] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.477608][ T7377] RIP: 0033:0x7f512e98eb69 [ 169.477622][ T7377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 169.477636][ T7377] RSP: 002b:00007f512f729038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 169.477650][ T7377] RAX: ffffffffffffffda RBX: 00007f512ebb5fa0 RCX: 00007f512e98eb69 [ 169.477660][ T7377] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 169.477670][ T7377] RBP: 00007f512ea11df1 R08: 0000000000000002 R09: 0000000000008000 [ 169.477679][ T7377] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 169.477686][ T7377] R13: 0000000000000000 R14: 00007f512ebb5fa0 R15: 00007ffdc8e91c68 [ 169.477704][ T7377] [ 171.821468][ T7399] kexec: Could not allocate control_code_buffer [ 172.163163][ T7420] netlink: 28 bytes leftover after parsing attributes in process `syz.0.315'. [ 172.316970][ T7425] binder: 7424:7425 unknown command 3 [ 172.322556][ T7425] binder: 7424:7425 ioctl c0306201 0 returned -22 [ 172.645755][ T7430] netlink: 28 bytes leftover after parsing attributes in process `syz.0.317'. [ 172.656288][ T7430] geneve1: entered promiscuous mode [ 172.666578][ T7430] geneve1: entered allmulticast mode [ 172.807435][ T7430] netlink: 28 bytes leftover after parsing attributes in process `syz.0.317'. [ 173.655282][ T7436] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 173.708513][ T7438] openvswitch: netlink: IP tunnel dst address not specified [ 175.061074][ T7450] FAULT_INJECTION: forcing a failure. [ 175.061074][ T7450] name failslab, interval 1, probability 0, space 0, times 0 [ 175.089400][ T7450] CPU: 1 UID: 0 PID: 7450 Comm: syz.2.322 Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(full) [ 175.089439][ T7450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 175.089454][ T7450] Call Trace: [ 175.089463][ T7450] [ 175.089473][ T7450] dump_stack_lvl+0x16c/0x1f0 [ 175.089505][ T7450] should_fail_ex+0x512/0x640 [ 175.089536][ T7450] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 175.089572][ T7450] should_failslab+0xc2/0x120 [ 175.089606][ T7450] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 175.089639][ T7450] ? alloc_inode+0x64/0x240 [ 175.089679][ T7450] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 175.089717][ T7450] alloc_inode+0x64/0x240 [ 175.089752][ T7450] new_inode+0x22/0x1c0 [ 175.089790][ T7450] __debugfs_create_file+0x11c/0x6b0 [ 175.089821][ T7450] debugfs_create_file_full+0x41/0x60 [ 175.089852][ T7450] ref_tracker_dir_debugfs+0x19d/0x290 [ 175.089897][ T7450] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 175.089973][ T7450] ? lockdep_init_map_type+0x5c/0x280 [ 175.090016][ T7450] preinit_net+0x296/0x8f0 [ 175.090047][ T7450] copy_net_ns+0x1da/0x5f0 [ 175.090081][ T7450] create_new_namespaces+0x3ea/0xa90 [ 175.090121][ T7450] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 175.090155][ T7450] ksys_unshare+0x45b/0xa40 [ 175.090188][ T7450] ? __pfx_ksys_unshare+0x10/0x10 [ 175.090224][ T7450] ? xfd_validate_state+0x61/0x180 [ 175.090281][ T7450] __x64_sys_unshare+0x31/0x40 [ 175.090316][ T7450] do_syscall_64+0xcd/0x490 [ 175.090346][ T7450] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.090372][ T7450] RIP: 0033:0x7f385518eb69 [ 175.090393][ T7450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 175.090417][ T7450] RSP: 002b:00007f38560b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 175.090441][ T7450] RAX: ffffffffffffffda RBX: 00007f38553b5fa0 RCX: 00007f385518eb69 [ 175.090459][ T7450] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 175.090474][ T7450] RBP: 00007f3855211df1 R08: 0000000000000000 R09: 0000000000000000 [ 175.090488][ T7450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 175.090503][ T7450] R13: 0000000000000000 R14: 00007f38553b5fa0 R15: 00007fffe5be5968 [ 175.090539][ T7450] [ 175.090549][ T7450] debugfs: out of free dentries, can not create file 'net_refcnt@ffff88805a9a0170' [ 175.108730][ T7455] netlink: 4 bytes leftover after parsing attributes in process `syz.1.323'. [ 175.347789][ T7460] netlink: 206 bytes leftover after parsing attributes in process `syz.1.323'. [ 176.683395][ T7480] netlink: 4 bytes leftover after parsing attributes in process `syz.3.328'. [ 178.085146][ T7496] could not allocate digest TFM handle binfmt_misc [ 180.990909][ T7546] FAULT_INJECTION: forcing a failure. [ 180.990909][ T7546] name failslab, interval 1, probability 0, space 0, times 0 [ 181.037838][ T7546] CPU: 0 UID: 0 PID: 7546 Comm: syz.1.342 Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(full) [ 181.037878][ T7546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 181.037893][ T7546] Call Trace: [ 181.037902][ T7546] [ 181.037912][ T7546] dump_stack_lvl+0x16c/0x1f0 [ 181.037946][ T7546] should_fail_ex+0x512/0x640 [ 181.037978][ T7546] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 181.038014][ T7546] should_failslab+0xc2/0x120 [ 181.038049][ T7546] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 181.038081][ T7546] ? __kernfs_new_node+0xd2/0x8e0 [ 181.038119][ T7546] __kernfs_new_node+0xd2/0x8e0 [ 181.038153][ T7546] ? kernfs_add_one+0x37d/0x840 [ 181.038188][ T7546] ? __pfx___kernfs_new_node+0x10/0x10 [ 181.038229][ T7546] ? find_held_lock+0x2b/0x80 [ 181.038257][ T7546] ? kernfs_root+0xee/0x2a0 [ 181.038295][ T7546] kernfs_new_node+0x13c/0x1e0 [ 181.038337][ T7546] __kernfs_create_file+0x53/0x350 [ 181.038369][ T7546] sysfs_add_file_mode_ns+0x207/0x3c0 [ 181.038409][ T7546] sysfs_create_file_ns+0x13d/0x1d0 [ 181.038440][ T7546] ? __pfx_sysfs_create_file_ns+0x10/0x10 [ 181.038467][ T7546] ? down_read+0x13d/0x480 [ 181.038498][ T7546] ? __pfx___up_read+0x10/0x10 [ 181.038534][ T7546] ? acpi_device_notify+0x351/0x480 [ 181.038575][ T7546] device_create_file+0xf2/0x1e0 [ 181.038618][ T7546] device_add+0x2bf/0x1aa0 [ 181.038654][ T7546] ? rcu_is_watching+0x12/0xc0 [ 181.038681][ T7546] ? __pfx_device_add+0x10/0x10 [ 181.038730][ T7546] device_create_groups_vargs+0x1f8/0x270 [ 181.038771][ T7546] device_create+0xed/0x130 [ 181.038808][ T7546] ? __pfx_device_create+0x10/0x10 [ 181.038846][ T7546] ? do_init_timer+0xc9/0x110 [ 181.038877][ T7546] ? ieee80211_roc_setup+0x136/0x270 [ 181.038915][ T7546] ? ieee80211_alloc_hw_nm+0x231/0x2260 [ 181.038949][ T7546] mac80211_hwsim_new_radio+0x369/0x54d0 [ 181.039005][ T7546] ? __asan_memset+0x23/0x50 [ 181.039033][ T7546] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 181.039081][ T7546] hwsim_new_radio_nl+0xb51/0x12c0 [ 181.039121][ T7546] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 181.039169][ T7546] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 181.039204][ T7546] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 181.039245][ T7546] genl_family_rcv_msg_doit+0x209/0x2f0 [ 181.039280][ T7546] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 181.039325][ T7546] ? bpf_lsm_capable+0x9/0x10 [ 181.039349][ T7546] ? security_capable+0x7e/0x260 [ 181.039388][ T7546] ? ns_capable+0xd7/0x110 [ 181.039419][ T7546] genl_rcv_msg+0x55c/0x800 [ 181.039455][ T7546] ? __pfx_genl_rcv_msg+0x10/0x10 [ 181.039488][ T7546] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 181.039544][ T7546] netlink_rcv_skb+0x158/0x420 [ 181.039573][ T7546] ? __pfx_genl_rcv_msg+0x10/0x10 [ 181.039607][ T7546] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 181.039653][ T7546] ? netlink_deliver_tap+0x1ae/0xd30 [ 181.039686][ T7546] genl_rcv+0x28/0x40 [ 181.039713][ T7546] netlink_unicast+0x5a7/0x870 [ 181.039747][ T7546] ? __pfx_netlink_unicast+0x10/0x10 [ 181.039774][ T7546] ? __pfx___might_resched+0x10/0x10 [ 181.039799][ T7546] ? __lock_acquire+0xb97/0x1ce0 [ 181.039843][ T7546] netlink_sendmsg+0x8d1/0xdd0 [ 181.039878][ T7546] ? __pfx_netlink_sendmsg+0x10/0x10 [ 181.039910][ T7546] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 181.039956][ T7546] ____sys_sendmsg+0xa98/0xc70 [ 181.039991][ T7546] ? copy_msghdr_from_user+0x10a/0x160 [ 181.040017][ T7546] ? __pfx_____sys_sendmsg+0x10/0x10 [ 181.040059][ T7546] ? __pfx_futex_wake_mark+0x10/0x10 [ 181.040102][ T7546] ___sys_sendmsg+0x134/0x1d0 [ 181.040131][ T7546] ? __pfx____sys_sendmsg+0x10/0x10 [ 181.040206][ T7546] __sys_sendmsg+0x16d/0x220 [ 181.040233][ T7546] ? __pfx___sys_sendmsg+0x10/0x10 [ 181.040255][ T7546] ? __x64_sys_futex+0x1e0/0x4c0 [ 181.040302][ T7546] do_syscall_64+0xcd/0x490 [ 181.040331][ T7546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.040357][ T7546] RIP: 0033:0x7f512e98eb69 [ 181.040377][ T7546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 181.040401][ T7546] RSP: 002b:00007f512f729038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 181.040425][ T7546] RAX: ffffffffffffffda RBX: 00007f512ebb5fa0 RCX: 00007f512e98eb69 [ 181.040441][ T7546] RDX: 00000000040000c0 RSI: 00002000000000c0 RDI: 0000000000000006 [ 181.040457][ T7546] RBP: 00007f512ea11df1 R08: 0000000000000000 R09: 0000000000000000 [ 181.040472][ T7546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 181.040487][ T7546] R13: 0000000000000000 R14: 00007f512ebb5fa0 R15: 00007ffdc8e91c68 [ 181.040521][ T7546] [ 181.879143][ T7554] openvswitch: netlink: IP tunnel dst address not specified [ 182.970875][ T7569] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 183.285607][ T7579] netlink: 4 bytes leftover after parsing attributes in process `syz.1.350'. [ 185.016153][ T7603] FAULT_INJECTION: forcing a failure. [ 185.016153][ T7603] name failslab, interval 1, probability 0, space 0, times 0 [ 185.038325][ T7603] CPU: 1 UID: 0 PID: 7603 Comm: syz.1.357 Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(full) [ 185.038363][ T7603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 185.038380][ T7603] Call Trace: [ 185.038388][ T7603] [ 185.038397][ T7603] dump_stack_lvl+0x16c/0x1f0 [ 185.038431][ T7603] should_fail_ex+0x512/0x640 [ 185.038462][ T7603] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 185.038499][ T7603] should_failslab+0xc2/0x120 [ 185.038532][ T7603] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 185.038564][ T7603] ? lockdep_init_map_type+0x5c/0x280 [ 185.038598][ T7603] ? __d_alloc+0x32/0xae0 [ 185.038634][ T7603] __d_alloc+0x32/0xae0 [ 185.038669][ T7603] d_alloc_pseudo+0x1c/0xc0 [ 185.038705][ T7603] alloc_file_pseudo+0xcf/0x230 [ 185.038744][ T7603] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 185.038781][ T7603] ? alloc_fd+0x471/0x7d0 [ 185.038814][ T7603] sock_alloc_file+0x50/0x210 [ 185.038843][ T7603] __sys_socket+0x1c0/0x260 [ 185.038879][ T7603] ? __pfx___sys_socket+0x10/0x10 [ 185.038913][ T7603] ? xfd_validate_state+0x61/0x180 [ 185.038947][ T7603] ? __pfx_ksys_write+0x10/0x10 [ 185.038981][ T7603] __x64_sys_socket+0x72/0xb0 [ 185.039013][ T7603] ? lockdep_hardirqs_on+0x7c/0x110 [ 185.039038][ T7603] do_syscall_64+0xcd/0x490 [ 185.039068][ T7603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.039094][ T7603] RIP: 0033:0x7f512e98eb69 [ 185.039115][ T7603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 185.039139][ T7603] RSP: 002b:00007f512f729038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 185.039165][ T7603] RAX: ffffffffffffffda RBX: 00007f512ebb5fa0 RCX: 00007f512e98eb69 [ 185.039182][ T7603] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 185.039206][ T7603] RBP: 00007f512ea11df1 R08: 0000000000000000 R09: 0000000000000000 [ 185.039222][ T7603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 185.039237][ T7603] R13: 0000000000000000 R14: 00007f512ebb5fa0 R15: 00007ffdc8e91c68 [ 185.039272][ T7603] [ 185.327563][ T7605] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 185.333813][ T7605] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 185.341432][ T7605] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 185.389286][ T7605] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 185.623478][ T7614] openvswitch: netlink: IPv4 tunnel dst address is zero [ 185.983230][ T7617] netlink: 206 bytes leftover after parsing attributes in process `syz.1.359'. [ 186.005457][ T7615] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 186.519543][ T7621] netlink: 4 bytes leftover after parsing attributes in process `syz.3.361'. [ 187.397308][ T5869] Bluetooth: hci2: command 0x0c1a tx timeout [ 187.403339][ T5869] Bluetooth: hci0: command 0x0c1a tx timeout [ 187.407351][ T5184] Bluetooth: hci1: command 0x0c1a tx timeout [ 187.467220][ T5184] Bluetooth: hci3: command 0x0c1a tx timeout [ 188.023421][ T5184] Bluetooth: hci1: unexpected event 0x35 length: 13 > 6 [ 189.794321][ T7686] openvswitch: netlink: IP tunnel dst address not specified [ 191.088376][ T7702] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 191.463759][ T7705] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 191.654823][ T7706] netlink: 206 bytes leftover after parsing attributes in process `syz.2.378'. [ 191.854968][ T7721] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 191.978666][ T6050] udevd[6050]: inotify_add_watch(7, /dev/nbd4128, 10) failed: No such file or directory [ 193.184806][ T7744] netlink: 28 bytes leftover after parsing attributes in process `syz.1.386'. [ 193.380543][ T7742] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 193.386804][ T7742] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 193.393349][ T7742] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 193.399674][ T7742] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 193.800295][ T7765] bond0: option all_slaves_active: invalid value () [ 193.944891][ T7766] bond0: option all_slaves_active: invalid value () [ 193.959456][ T7765] bond0: option all_slaves_active: invalid value () [ 194.356386][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.377544][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.478246][ T7774] netlink: 206 bytes leftover after parsing attributes in process `syz.2.391'. [ 194.584344][ T7774] netlink: 4 bytes leftover after parsing attributes in process `syz.2.391'. [ 194.598430][ T7774] tipc: Started in network mode [ 194.603770][ T7774] tipc: Node identity 30303030, cluster identity 4711 [ 194.612897][ T7774] tipc: Node number set to 808464432 [ 194.668182][ T7779] netlink: 4 bytes leftover after parsing attributes in process `syz.0.393'. [ 194.677289][ T5184] Bluetooth: hci1: command 0x0c1a tx timeout [ 195.387213][ T5184] Bluetooth: hci0: command 0x0c1a tx timeout [ 195.467241][ T5184] Bluetooth: hci3: command 0x0c1a tx timeout [ 195.472901][ T5875] Bluetooth: hci2: command 0x0c1a tx timeout [ 197.392373][ T7831] netlink: 206 bytes leftover after parsing attributes in process `syz.2.406'. [ 197.419992][ T7833] netlink: 8 bytes leftover after parsing attributes in process `syz.1.407'. [ 197.435647][ T7789] kexec: Could not allocate control_code_buffer [ 197.510330][ T7833] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 198.360695][ T7825] kexec: Could not allocate control_code_buffer [ 198.830977][ T7873] netlink: 28 bytes leftover after parsing attributes in process `syz.3.412'. [ 198.897353][ T7873] bridge0: port 2(bridge_slave_1) entered disabled state [ 198.931038][ T7873] bridge_slave_1 (unregistering): left allmulticast mode [ 198.940037][ T7876] netlink: 'syz.0.415': attribute type 22 has an invalid length. [ 198.949212][ T7876] netlink: 330 bytes leftover after parsing attributes in process `syz.0.415'. [ 198.958639][ T7873] bridge_slave_1 (unregistering): left promiscuous mode [ 198.967597][ T7873] bridge0: port 2(bridge_slave_1) entered disabled state [ 199.007401][ T7877] netlink: 'syz.0.415': attribute type 22 has an invalid length. [ 199.015288][ T7877] netlink: 330 bytes leftover after parsing attributes in process `syz.0.415'. [ 199.254782][ T7890] program syz.3.417 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 200.012171][ T7901] openvswitch: netlink: IP tunnel dst address not specified [ 200.316132][ T7904] ptrace attach of "./syz-executor exec"[7907] was attempted by "./syz-executor exec"[7904] [ 200.470121][ T7906] ptrace attach of "./syz-executor exec"[7908] was attempted by "./syz-executor exec"[7906] [ 202.978822][ T7932] kexec: Could not allocate control_code_buffer [ 203.396442][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 203.405045][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 203.549457][ T5875] Bluetooth: hci1: unexpected event 0x01 length: 5 > 1 [ 204.229726][ T7968] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 204.861261][ T7973] nbd: couldn't find a device at index 77 [ 205.252943][ T7975] netlink: 4 bytes leftover after parsing attributes in process `syz.1.436'. [ 205.414828][ T7980] FAULT_INJECTION: forcing a failure. [ 205.414828][ T7980] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 205.434512][ T7980] CPU: 1 UID: 0 PID: 7980 Comm: syz.1.438 Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(full) [ 205.434547][ T7980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 205.434561][ T7980] Call Trace: [ 205.434569][ T7980] [ 205.434578][ T7980] dump_stack_lvl+0x16c/0x1f0 [ 205.434608][ T7980] should_fail_ex+0x512/0x640 [ 205.434643][ T7980] _copy_from_user+0x2e/0xd0 [ 205.434677][ T7980] comm_write+0xc3/0x2c0 [ 205.434702][ T7980] ? __pfx_comm_write+0x10/0x10 [ 205.434744][ T7980] ? __pfx_comm_write+0x10/0x10 [ 205.434767][ T7980] vfs_write+0x2a0/0x1150 [ 205.434801][ T7980] ? __pfx___mutex_lock+0x10/0x10 [ 205.434827][ T7980] ? __pfx_vfs_write+0x10/0x10 [ 205.434865][ T7980] ? __fget_files+0x20e/0x3c0 [ 205.434902][ T7980] ksys_write+0x12a/0x250 [ 205.434929][ T7980] ? __pfx_ksys_write+0x10/0x10 [ 205.434967][ T7980] do_syscall_64+0xcd/0x490 [ 205.434995][ T7980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.435020][ T7980] RIP: 0033:0x7f512e98eb69 [ 205.435040][ T7980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 205.435062][ T7980] RSP: 002b:00007f512f729038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 205.435084][ T7980] RAX: ffffffffffffffda RBX: 00007f512ebb5fa0 RCX: 00007f512e98eb69 [ 205.435101][ T7980] RDX: 0000000000000005 RSI: 0000200000002580 RDI: 0000000000000003 [ 205.435115][ T7980] RBP: 00007f512f729090 R08: 0000000000000000 R09: 0000000000000000 [ 205.435130][ T7980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 205.435144][ T7980] R13: 0000000000000000 R14: 00007f512ebb5fa0 R15: 00007ffdc8e91c68 [ 205.435179][ T7980] [ 206.114668][ T7998] openvswitch: netlink: IP tunnel dst address not specified [ 206.367146][ T8004] netlink: 342 bytes leftover after parsing attributes in process `syz.2.444'. [ 207.138111][ T8020] FAULT_INJECTION: forcing a failure. [ 207.138111][ T8020] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 207.184025][ T8020] CPU: 1 UID: 0 PID: 8020 Comm: syz.3.448 Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(full) [ 207.184061][ T8020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 207.184073][ T8020] Call Trace: [ 207.184082][ T8020] [ 207.184091][ T8020] dump_stack_lvl+0x16c/0x1f0 [ 207.184119][ T8020] should_fail_ex+0x512/0x640 [ 207.184151][ T8020] _copy_to_user+0x32/0xd0 [ 207.184183][ T8020] simple_read_from_buffer+0xcb/0x170 [ 207.184208][ T8020] proc_fail_nth_read+0x197/0x240 [ 207.184233][ T8020] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 207.184259][ T8020] ? rw_verify_area+0xcf/0x6c0 [ 207.184281][ T8020] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 207.184304][ T8020] vfs_read+0x1e1/0xc60 [ 207.184333][ T8020] ? __pfx___mutex_lock+0x10/0x10 [ 207.184356][ T8020] ? __pfx_vfs_read+0x10/0x10 [ 207.184389][ T8020] ? __fget_files+0x20e/0x3c0 [ 207.184422][ T8020] ksys_read+0x12a/0x250 [ 207.184445][ T8020] ? __pfx_ksys_read+0x10/0x10 [ 207.184479][ T8020] do_syscall_64+0xcd/0x490 [ 207.184505][ T8020] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.184528][ T8020] RIP: 0033:0x7f751338d57c [ 207.184555][ T8020] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 207.184574][ T8020] RSP: 002b:00007f75142a7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 207.184595][ T8020] RAX: ffffffffffffffda RBX: 00007f75135b5fa0 RCX: 00007f751338d57c [ 207.184609][ T8020] RDX: 000000000000000f RSI: 00007f75142a70a0 RDI: 0000000000000004 [ 207.184622][ T8020] RBP: 00007f75142a7090 R08: 0000000000000000 R09: 0000000000000000 [ 207.184635][ T8020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 207.184648][ T8020] R13: 0000000000000000 R14: 00007f75135b5fa0 R15: 00007ffc8567ceb8 [ 207.184678][ T8020] [ 207.583930][ T8032] netlink: 28 bytes leftover after parsing attributes in process `syz.3.450'. [ 207.661220][ T8034] openvswitch: netlink: IP tunnel dst address not specified [ 208.129353][ T8046] ptrace attach of "./syz-executor exec"[5868] was attempted by "./syz-executor exec"[8046] [ 213.416470][ T8052] syz.3.456 (8052) used greatest stack depth: 18552 bytes left [ 255.790557][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.796875][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.232607][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.239310][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 362.667501][ T31] INFO: task kworker/u8:8:4516 blocked for more than 143 seconds. [ 362.675383][ T31] Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 [ 362.682838][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 362.691676][ T31] task:kworker/u8:8 state:D stack:23976 pid:4516 tgid:4516 ppid:2 task_flags:0x4248060 flags:0x00004000 [ 362.703873][ T31] Workqueue: writeback wb_workfn (flush-8:0) [ 362.709950][ T31] Call Trace: [ 362.713270][ T31] [ 362.716230][ T31] __schedule+0x1190/0x5de0 [ 362.720919][ T31] ? blk_mq_flush_plug_list+0x145/0x600 [ 362.726539][ T31] ? __lock_acquire+0x62e/0x1ce0 [ 362.731740][ T31] ? __pfx___schedule+0x10/0x10 [ 362.736936][ T31] ? __blk_flush_plug+0x2f3/0x4b0 [ 362.742111][ T31] ? find_held_lock+0x2b/0x80 [ 362.746814][ T31] ? schedule+0x2d7/0x3a0 [ 362.751235][ T31] schedule+0xe7/0x3a0 [ 362.755342][ T31] io_schedule+0xbf/0x130 [ 362.759838][ T31] bit_wait_io+0x15/0xe0 [ 362.764394][ T31] __wait_on_bit+0x65/0x180 [ 362.768983][ T31] ? __pfx_bit_wait_io+0x10/0x10 [ 362.773942][ T31] out_of_line_wait_on_bit+0xd9/0x110 [ 362.779470][ T31] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 362.785470][ T31] ? __pfx_wake_bit_function+0x10/0x10 [ 362.793555][ T31] do_get_write_access+0x93d/0x1320 [ 362.798842][ T31] jbd2_journal_get_write_access+0x1d6/0x280 [ 362.804936][ T31] __ext4_journal_get_write_access+0x6a/0x340 [ 362.812272][ T31] ext4_mb_mark_context+0x175/0xda0 [ 362.817596][ T31] ? __pfx_ext4_mb_mark_context+0x10/0x10 [ 362.823354][ T31] ext4_mb_mark_diskspace_used+0x466/0x8c0 [ 362.829466][ T31] ? ext4_mb_use_preallocated.constprop.0+0xec/0x1550 [ 362.836258][ T31] ? __pfx_ext4_mb_mark_diskspace_used+0x10/0x10 [ 362.843335][ T31] ? ext4_mb_new_blocks+0x977/0x4f70 [ 362.848743][ T31] ext4_mb_new_blocks+0xa5b/0x4f70 [ 362.853896][ T31] ? rcu_is_watching+0x12/0xc0 [ 362.858742][ T31] ? trace_kmalloc+0x2b/0xd0 [ 362.863357][ T31] ? __kmalloc_noprof+0x242/0x510 [ 362.868461][ T31] ? unwind_next_frame+0x3f4/0x20a0 [ 362.873678][ T31] ? __pfx_ext4_mb_new_blocks+0x10/0x10 [ 362.879375][ T31] ? ext4_ext_search_right+0x2c7/0xba0 [ 362.884867][ T31] ext4_ext_map_blocks+0x1cc0/0x5fe0 [ 362.890254][ T31] ? mark_held_locks+0x49/0x80 [ 362.895047][ T31] ? __lock_acquire+0xb97/0x1ce0 [ 362.901002][ T31] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 362.906692][ T31] ? __pfx___might_resched+0x10/0x10 [ 362.912339][ T31] ? __pfx_down_write+0x10/0x10 [ 362.917466][ T31] ? ext4_es_lookup_extent+0xc7/0xc50 [ 362.922875][ T31] ext4_map_blocks+0x570/0x1400 [ 362.927824][ T31] ? __pfx_ext4_map_blocks+0x10/0x10 [ 362.933137][ T31] ? trace_kmem_cache_alloc+0x28/0xc0 [ 362.938573][ T31] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 362.944549][ T31] ? ext4_ext_index_trans_blocks+0x159/0x190 [ 362.950793][ T31] ? __ext4_journal_ensure_credits+0x25e/0x2f0 [ 362.956981][ T31] ext4_do_writepages+0x1ffa/0x3cf0 [ 362.962269][ T31] ? __pfx_ext4_do_writepages+0x10/0x10 [ 362.967936][ T31] ? ext4_writepages+0x37a/0x7d0 [ 362.972910][ T31] ext4_writepages+0x37a/0x7d0 [ 362.977717][ T31] ? blk_finish_plug+0x16/0xa0 [ 362.982512][ T31] ? __pfx_ext4_writepages+0x10/0x10 [ 362.988194][ T31] ? __lock_acquire+0xb97/0x1ce0 [ 362.993228][ T31] ? __pfx_ext4_writepages+0x10/0x10 [ 362.999002][ T31] do_writepages+0x27a/0x600 [ 363.003932][ T31] ? __pfx_do_writepages+0x10/0x10 [ 363.009166][ T31] ? reacquire_held_locks+0xcd/0x1f0 [ 363.014478][ T31] ? writeback_sb_inodes+0x3b0/0xfa0 [ 363.019927][ T31] __writeback_single_inode+0x160/0xfb0 [ 363.025772][ T31] ? __pfx___writeback_single_inode+0x10/0x10 [ 363.032063][ T31] ? do_raw_spin_unlock+0x172/0x230 [ 363.037359][ T31] writeback_sb_inodes+0x60d/0xfa0 [ 363.042928][ T31] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 363.048697][ T31] ? __lock_acquire+0x62e/0x1ce0 [ 363.053717][ T31] ? __pfx___up_read+0x10/0x10 [ 363.058755][ T31] ? __writeback_inodes_wb+0x104/0x2d0 [ 363.064257][ T31] __writeback_inodes_wb+0xf8/0x2d0 [ 363.069553][ T31] ? __pfx___writeback_inodes_wb+0x10/0x10 [ 363.075416][ T31] ? queue_io+0x3f6/0x520 [ 363.079798][ T31] wb_writeback+0x7f3/0xb70 [ 363.084334][ T31] ? __pfx_wb_writeback+0x10/0x10 [ 363.089463][ T31] ? get_nr_dirty_inodes+0x170/0x1e0 [ 363.094768][ T31] wb_workfn+0x871/0xbe0 [ 363.099101][ T31] ? __pfx_wb_workfn+0x10/0x10 [ 363.103887][ T31] ? rcu_is_watching+0x12/0xc0 [ 363.108710][ T31] process_one_work+0x9cc/0x1b70 [ 363.113675][ T31] ? __pfx_process_one_work+0x10/0x10 [ 363.119136][ T31] ? assign_work+0x1a0/0x250 [ 363.123743][ T31] worker_thread+0x6c8/0xf10 [ 363.128408][ T31] ? __pfx_worker_thread+0x10/0x10 [ 363.133523][ T31] kthread+0x3c5/0x780 [ 363.137646][ T31] ? __pfx_kthread+0x10/0x10 [ 363.142253][ T31] ? rcu_is_watching+0x12/0xc0 [ 363.147401][ T31] ? __pfx_kthread+0x10/0x10 [ 363.152022][ T31] ret_from_fork+0x5d4/0x6f0 [ 363.156606][ T31] ? __pfx_kthread+0x10/0x10 [ 363.161242][ T31] ret_from_fork_asm+0x1a/0x30 [ 363.166029][ T31] [ 363.169329][ T31] INFO: task jbd2/sda1-8:5196 blocked for more than 143 seconds. [ 363.177088][ T31] Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 [ 363.184375][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 363.193131][ T31] task:jbd2/sda1-8 state:D stack:25848 pid:5196 tgid:5196 ppid:2 task_flags:0x240040 flags:0x00004000 [ 363.205125][ T31] Call Trace: [ 363.208528][ T31] [ 363.211563][ T31] __schedule+0x1190/0x5de0 [ 363.216071][ T31] ? __lock_acquire+0x62e/0x1ce0 [ 363.221066][ T31] ? __pfx___schedule+0x10/0x10 [ 363.225937][ T31] ? find_held_lock+0x2b/0x80 [ 363.230713][ T31] ? schedule+0x2d7/0x3a0 [ 363.235183][ T31] schedule+0xe7/0x3a0 [ 363.239481][ T31] io_schedule+0xbf/0x130 [ 363.243839][ T31] bit_wait_io+0x15/0xe0 [ 363.248435][ T31] __wait_on_bit+0x65/0x180 [ 363.252951][ T31] ? __pfx_bit_wait_io+0x10/0x10 [ 363.257918][ T31] out_of_line_wait_on_bit+0xd9/0x110 [ 363.263305][ T31] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 363.269338][ T31] ? __pfx_wake_bit_function+0x10/0x10 [ 363.274827][ T31] ? __pfx___might_resched+0x10/0x10 [ 363.280366][ T31] __wait_on_buffer+0x64/0x70 [ 363.285059][ T31] jbd2_journal_commit_transaction+0x3878/0x68f0 [ 363.291473][ T31] ? __pfx_jbd2_journal_commit_transaction+0x10/0x10 [ 363.298211][ T31] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 363.304019][ T31] ? debug_object_deactivate+0x1ec/0x3a0 [ 363.310844][ T31] ? __pfx_debug_object_deactivate+0x10/0x10 [ 363.316925][ T31] ? find_held_lock+0x2b/0x80 [ 363.325222][ T31] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 363.331392][ T31] ? rcu_is_watching+0x12/0xc0 [ 363.336204][ T31] kjournald2+0x1f4/0x760 [ 363.340913][ T31] ? __pfx_kjournald2+0x10/0x10 [ 363.345789][ T31] ? find_held_lock+0x2b/0x80 [ 363.351046][ T31] ? __pfx_autoremove_wake_function+0x10/0x10 [ 363.357401][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 363.362712][ T31] ? __kthread_parkme+0x19e/0x250 [ 363.368010][ T31] ? __pfx_kjournald2+0x10/0x10 [ 363.372882][ T31] kthread+0x3c5/0x780 [ 363.376949][ T31] ? __pfx_kthread+0x10/0x10 [ 363.381642][ T31] ? rcu_is_watching+0x12/0xc0 [ 363.386417][ T31] ? __pfx_kthread+0x10/0x10 [ 363.391245][ T31] ret_from_fork+0x5d4/0x6f0 [ 363.395863][ T31] ? __pfx_kthread+0x10/0x10 [ 363.400578][ T31] ret_from_fork_asm+0x1a/0x30 [ 363.405370][ T31] [ 363.408515][ T31] INFO: task syz-executor:5850 blocked for more than 144 seconds. [ 363.416323][ T31] Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 [ 363.423912][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 363.432682][ T31] task:syz-executor state:D stack:21592 pid:5850 tgid:5850 ppid:5849 task_flags:0x440100 flags:0x00004002 [ 363.444680][ T31] Call Trace: [ 363.448162][ T31] [ 363.451113][ T31] __schedule+0x1190/0x5de0 [ 363.455982][ T31] ? __pfx___schedule+0x10/0x10 [ 363.460902][ T31] ? find_held_lock+0x2b/0x80 [ 363.465576][ T31] ? schedule+0x2d7/0x3a0 [ 363.470123][ T31] schedule+0xe7/0x3a0 [ 363.474276][ T31] io_schedule+0xbf/0x130 [ 363.478697][ T31] bit_wait_io+0x15/0xe0 [ 363.482958][ T31] __wait_on_bit+0x65/0x180 [ 363.487523][ T31] ? __pfx_bit_wait_io+0x10/0x10 [ 363.492481][ T31] out_of_line_wait_on_bit+0xd9/0x110 [ 363.498085][ T31] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 363.504131][ T31] ? __pfx_wake_bit_function+0x10/0x10 [ 363.509693][ T31] do_get_write_access+0x93d/0x1320 [ 363.514913][ T31] jbd2_journal_get_write_access+0x1d6/0x280 [ 363.520958][ T31] __ext4_journal_get_write_access+0x6a/0x340 [ 363.527223][ T31] ext4_reserve_inode_write+0x1be/0x340 [ 363.533067][ T31] __ext4_mark_inode_dirty+0x197/0x870 [ 363.538577][ T31] ? trace_kmem_cache_alloc+0x28/0xc0 [ 363.543982][ T31] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 363.550023][ T31] ? rcu_is_watching+0x12/0xc0 [ 363.555151][ T31] ? trace_jbd2_handle_start+0x1a8/0x230 [ 363.560862][ T31] ? jbd2__journal_start+0xf6/0x6a0 [ 363.566103][ T31] ? __ext4_journal_start_sb+0x195/0x690 [ 363.571867][ T31] ? __ext4_journal_start_sb+0x19e/0x690 [ 363.577558][ T31] ? ext4_dirty_inode+0xa1/0x130 [ 363.582523][ T31] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 363.587997][ T31] ext4_dirty_inode+0xd9/0x130 [ 363.592784][ T31] ? rcu_is_watching+0x12/0xc0 [ 363.597705][ T31] __mark_inode_dirty+0x1ee/0xe50 [ 363.602839][ T31] generic_update_time+0xcf/0xf0 [ 363.608025][ T31] file_update_time+0x17d/0x1c0 [ 363.612921][ T31] ext4_page_mkwrite+0x33d/0x1880 [ 363.618064][ T31] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 363.623548][ T31] ? __mutex_unlock_slowpath+0x163/0x800 [ 363.629265][ T31] ? find_held_lock+0x2b/0x80 [ 363.633969][ T31] ? find_held_lock+0x2b/0x80 [ 363.638715][ T31] do_page_mkwrite+0x174/0x380 [ 363.643505][ T31] do_wp_page+0xb10/0x4f20 [ 363.648080][ T31] ? __pfx_do_wp_page+0x10/0x10 [ 363.652967][ T31] ? do_raw_spin_lock+0x12c/0x2b0 [ 363.658475][ T31] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 363.664026][ T31] ? ___pte_offset_map+0x2ad/0x4f0 [ 363.669224][ T31] __handle_mm_fault+0x1b2d/0x2a50 [ 363.674350][ T31] ? __pfx___handle_mm_fault+0x10/0x10 [ 363.679868][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 363.685074][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 363.690384][ T31] handle_mm_fault+0x589/0xd10 [ 363.695180][ T31] ? trace_raw_output_exceptions+0x121/0x150 [ 363.701247][ T31] do_user_addr_fault+0x60c/0x1370 [ 363.706380][ T31] ? rcu_is_watching+0x12/0xc0 [ 363.711259][ T31] exc_page_fault+0x5c/0xb0 [ 363.715790][ T31] asm_exc_page_fault+0x26/0x30 [ 363.720955][ T31] RIP: 0033:0x7fb6ebe68be5 [ 363.725672][ T31] RSP: 002b:00007ffc0e92d360 EFLAGS: 00010202 [ 363.731855][ T31] RAX: 00007fb6e7dc81fc RBX: 00007ffc0e92d460 RCX: 0000000000000000 [ 363.739889][ T31] RDX: 00007fb6e7dc81f8 RSI: 0000000000000008 RDI: 00007ffc0e92d460 [ 363.747931][ T31] RBP: 00000000000003e6 R08: 0000000000000000 R09: 0000000000000000 [ 363.755905][ T31] R10: 00007ffc0e92d440 R11: 0000000000000000 R12: 0000000000000000 [ 363.764229][ T31] R13: 0000000000037e04 R14: fffffffffffc81fc R15: 0000000000037e04 [ 363.772286][ T31] [ 363.775320][ T31] INFO: task syz.0.452:8042 blocked for more than 144 seconds. [ 363.782929][ T31] Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 [ 363.790257][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 363.799389][ T31] task:syz.0.452 state:D stack:26376 pid:8042 tgid:8029 ppid:5868 task_flags:0x400140 flags:0x00004004 [ 363.811398][ T31] Call Trace: [ 363.814666][ T31] [ 363.817631][ T31] __schedule+0x1190/0x5de0 [ 363.822205][ T31] ? __pfx___schedule+0x10/0x10 [ 363.827318][ T31] ? find_held_lock+0x2b/0x80 [ 363.832015][ T31] ? schedule+0x2d7/0x3a0 [ 363.836348][ T31] schedule+0xe7/0x3a0 [ 363.840599][ T31] io_schedule+0xbf/0x130 [ 363.845037][ T31] folio_wait_bit_common+0x3d6/0x9e0 [ 363.850411][ T31] ? folio_wait_bit_common+0x13a/0x9e0 [ 363.855897][ T31] ? __pfx_folio_wait_bit_common+0x10/0x10 [ 363.862090][ T31] ? filemap_get_folios_tag+0x46a/0xae0 [ 363.867833][ T31] ? __pfx_wake_page_function+0x10/0x10 [ 363.873382][ T31] folio_wait_writeback+0x3c/0x90 [ 363.878491][ T31] __filemap_fdatawait_range+0x11f/0x200 [ 363.884210][ T31] ? __pfx___filemap_fdatawait_range+0x10/0x10 [ 363.890550][ T31] file_write_and_wait_range+0x101/0x140 [ 363.896200][ T31] ext4_sync_file+0x310/0xf10 [ 363.900955][ T31] ? __pfx___up_read+0x10/0x10 [ 363.905734][ T31] ? __pfx_ext4_sync_file+0x10/0x10 [ 363.911072][ T31] vfs_fsync_range+0x136/0x220 [ 363.915848][ T31] __do_sys_msync+0x3cb/0x5c0 [ 363.920564][ T31] do_syscall_64+0xcd/0x490 [ 363.925075][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 363.931031][ T31] RIP: 0033:0x7f5c53f8eb69 [ 363.935472][ T31] RSP: 002b:00007f5c54e24038 EFLAGS: 00000246 ORIG_RAX: 000000000000001a [ 363.944081][ T31] RAX: ffffffffffffffda RBX: 00007f5c541b6160 RCX: 00007f5c53f8eb69 [ 363.952260][ T31] RDX: 0000000400000004 RSI: 0180000000000000 RDI: 000000001ffff000 [ 363.960290][ T31] RBP: 00007f5c54011df1 R08: 0000000000000000 R09: 0000000000000000 [ 363.968677][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 363.976661][ T31] R13: 0000000000000000 R14: 00007f5c541b6160 R15: 00007ffdf306e758 [ 363.984697][ T31] [ 363.987816][ T31] [ 363.987816][ T31] Showing all locks held in the system: [ 363.995537][ T31] 1 lock held by khungtaskd/31: [ 364.000449][ T31] #0: ffffffff8e5c0fe0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 364.011358][ T31] 4 locks held by kworker/u8:3/49: [ 364.016481][ T31] #0: ffff8880b843a458 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 364.026535][ T31] #1: ffff8880b8524088 (psi_seq){-.-.}-{0:0}, at: __schedule+0x1861/0x5de0 [ 364.035351][ T31] #2: ffff8880b8525b18 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x127/0x1d0 [ 364.044725][ T31] #3: ffffffff9b0c7ac8 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0x14c/0x4c0 [ 364.055344][ T31] 6 locks held by kworker/u8:8/4516: [ 364.060666][ T31] #0: ffff888020ecd948 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 364.071643][ T31] #1: ffffc9000d9c7d10 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 364.083724][ T31] #2: ffff88814dfb20e0 (&type->s_umount_key#31){++++}-{4:4}, at: super_trylock_shared+0x1e/0xf0 [ 364.094347][ T31] #3: ffff88814dfb4b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: do_writepages+0x27a/0x600 [ 364.104650][ T31] #4: ffff88814dfb6950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x5e4/0x1410 [ 364.114395][ T31] #5: ffff88807d5a5880 (&ei->i_data_sem){++++}-{4:4}, at: ext4_map_blocks+0x46f/0x1400 [ 364.124202][ T31] 3 locks held by syz-executor/5850: [ 364.129553][ T31] #0: ffff888076ed16c8 (vm_lock){++++}-{0:0}, at: do_user_addr_fault+0x452/0x1370 [ 364.138963][ T31] #1: ffff88814dfb2520 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x174/0x380 [ 364.148528][ T31] #2: ffff88814dfb6950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x5e4/0x1410 [ 364.158354][ T31] 2 locks held by getty/6501: [ 364.163039][ T31] #0: ffff8880354b40a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 364.173160][ T31] #1: ffffc9000342b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 364.183344][ T31] [ 364.185678][ T31] ============================================= [ 364.185678][ T31] [ 364.194154][ T31] NMI backtrace for cpu 0 [ 364.194170][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(full) [ 364.194194][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 364.194205][ T31] Call Trace: [ 364.194213][ T31] [ 364.194221][ T31] dump_stack_lvl+0x116/0x1f0 [ 364.194249][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 364.194279][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 364.194313][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 364.194345][ T31] watchdog+0xf0e/0x1260 [ 364.194382][ T31] ? __pfx_watchdog+0x10/0x10 [ 364.194410][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 364.194435][ T31] ? __kthread_parkme+0x19e/0x250 [ 364.194467][ T31] ? __pfx_watchdog+0x10/0x10 [ 364.194498][ T31] kthread+0x3c5/0x780 [ 364.194532][ T31] ? __pfx_kthread+0x10/0x10 [ 364.194568][ T31] ? rcu_is_watching+0x12/0xc0 [ 364.194593][ T31] ? __pfx_kthread+0x10/0x10 [ 364.194625][ T31] ret_from_fork+0x5d4/0x6f0 [ 364.194660][ T31] ? __pfx_kthread+0x10/0x10 [ 364.194694][ T31] ret_from_fork_asm+0x1a/0x30 [ 364.194741][ T31] [ 364.194750][ T31] Sending NMI from CPU 0 to CPUs 1: [ 364.313441][ C1] NMI backtrace for cpu 1 [ 364.313458][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(full) [ 364.313485][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 364.313496][ C1] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 364.313522][ C1] Code: ec 65 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d c3 a1 1a 00 fb f4 3c 0d 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 364.313541][ C1] RSP: 0018:ffffc90000197df8 EFLAGS: 000002c6 [ 364.313558][ C1] RAX: 00000000002452d5 RBX: 0000000000000001 RCX: ffffffff8b8f6bf9 [ 364.313572][ C1] RDX: 0000000000000000 RSI: ffffffff8de47a7e RDI: ffffffff8c161180 [ 364.313585][ C1] RBP: ffffed1003c55b40 R08: 0000000000000001 R09: ffffed10170a6655 [ 364.313599][ C1] R10: ffff8880b85332ab R11: 0000000000000000 R12: 0000000000000001 [ 364.313612][ C1] R13: ffff88801e2ada00 R14: ffffffff90ab2290 R15: 0000000000000000 [ 364.313625][ C1] FS: 0000000000000000(0000) GS:ffff8881247ce000(0000) knlGS:0000000000000000 [ 364.313645][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 364.313659][ C1] CR2: 000055dd7402c660 CR3: 000000000e380000 CR4: 00000000003526f0 [ 364.313673][ C1] Call Trace: [ 364.313679][ C1] [ 364.313686][ C1] default_idle+0x13/0x20 [ 364.313709][ C1] default_idle_call+0x6d/0xb0 [ 364.313732][ C1] do_idle+0x391/0x510 [ 364.313755][ C1] ? __pfx_do_idle+0x10/0x10 [ 364.313776][ C1] ? trace_sched_exit_tp+0x2f/0x120 [ 364.313810][ C1] cpu_startup_entry+0x4f/0x60 [ 364.313830][ C1] start_secondary+0x21d/0x2b0 [ 364.313859][ C1] ? __pfx_start_secondary+0x10/0x10 [ 364.313890][ C1] common_startup_64+0x13e/0x148 [ 364.313921][ C1] [ 364.322636][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 364.322656][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(full) [ 364.322687][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 364.322701][ T31] Call Trace: [ 364.322710][ T31] [ 364.322719][ T31] dump_stack_lvl+0x3d/0x1f0 [ 364.322749][ T31] vpanic+0x6e8/0x7a0 [ 364.322785][ T31] ? __pfx_vpanic+0x10/0x10 [ 364.322819][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 364.322864][ T31] panic+0xca/0xd0 [ 364.322895][ T31] ? __pfx_panic+0x10/0x10 [ 364.322929][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 364.322963][ T31] ? nmi_trigger_cpumask_backtrace+0x1b1/0x300 [ 364.322998][ T31] ? watchdog+0xd78/0x1260 [ 364.323031][ T31] ? watchdog+0xd6b/0x1260 [ 364.323065][ T31] watchdog+0xd89/0x1260 [ 364.323105][ T31] ? __pfx_watchdog+0x10/0x10 [ 364.323136][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 364.323163][ T31] ? __kthread_parkme+0x19e/0x250 [ 364.323194][ T31] ? __pfx_watchdog+0x10/0x10 [ 364.323227][ T31] kthread+0x3c5/0x780 [ 364.323261][ T31] ? __pfx_kthread+0x10/0x10 [ 364.323297][ T31] ? rcu_is_watching+0x12/0xc0 [ 364.323322][ T31] ? __pfx_kthread+0x10/0x10 [ 364.323362][ T31] ret_from_fork+0x5d4/0x6f0 [ 364.323397][ T31] ? __pfx_kthread+0x10/0x10 [ 364.323431][ T31] ret_from_fork_asm+0x1a/0x30 [ 364.323475][ T31] [ 364.330538][ T31] Kernel Offset: disabled