last executing test programs: 27.99411059s ago: executing program 2 (id=757): ioctl$auto(0xffffffffffffffff, 0xc0045401, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x400, 0x0) ioctl$auto(0x3, 0x541b, 0x38) close_range$auto(0x2, 0x8, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/audit\x00', 0x200, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/rose11/tx_queue_len\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) mmap$auto(0x0, 0x400005, 0x5, 0x9b72, 0x2, 0x8000) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/pagemap\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/003/001\x00', 0x8001, 0x0) ioctl$auto_USBDEVFS_CLAIM_PORT(r4, 0x80045518, &(0x7f0000000040)) ioctl$auto(0x3, 0xc018aec0, r2) write$auto(0xffffffffffffffff, 0x0, 0x8ed) mmap$auto(0x0, 0x1000000004, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0) sendfile$auto(r5, r5, 0x0, 0x3) 25.095563183s ago: executing program 2 (id=764): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/usbip-vudc.0/usbip_sockfd\x00', 0x103841, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x6, 0xd, 0xfffffffe, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x10001, 0xb, 0x2de, 0x504, 0x1, 0x101, 0x6, 0x6}, {0xfff7ffff, 0x2, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x8000000000000000}}) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) r2 = socket(0xa, 0x2, 0x0) setsockopt$auto(r2, 0x29, 0x30, 0x0, 0x56b) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_ADDR_LEGACY_GET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000007a00)={0x14, r4, 0x1, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x24044081}, 0x24000800) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = ioctl$auto_TUNSETVNETLE2(0xffffffffffffffff, 0x400454dc, &(0x7f0000000180)=0x1) r7 = syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_SESSION_DELETE(r6, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="020026bd7000ffdb06001c000000000014001f00fe88000000000000000000000000010100"/49], 0x38}, 0x1, 0x0, 0x0, 0x20004000}, 0x20000000) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r5, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="83000000", @ANYRES16=r7, @ANYBLOB="000228bd7000f4dbdf2501000000080018000400000008001700", @ANYRES32=r0, @ANYBLOB="0c000f000600000000000000050007000a00000000001400080000001400200000000000000000000000ffffe0000002080018000100000008001900000000000800090007000000060001000c000000"], 0x74}, 0x1, 0x0, 0x0, 0x240488c0}, 0x4000000) setsockopt$auto_SO_PREFER_BUSY_POLL(r6, 0x61e376e5, 0x45, &(0x7f00000002c0)='/sys/devices/platform/usbip-vudc.0/usbip_sockfd\x00', 0x2) r8 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x100082) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) ioctl$auto_BLKPG2(r8, 0x1269, 0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) write$auto(r0, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xabxo\xd9\x90\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xa5\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5Y\a\xc1\xe9(\x85R\x96\xe4\x86\\\x13\xa9\x1a&\x19\x8a9\x82\xf0\x83\f\xf7\xeb\x00\x00\x00\x00\x00\x00\x00\x00v\x92f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), 0xffffffffffffffff) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0x2, 0x8000) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/mtd\x00', 0xc40, 0x0) read$auto_proc_iter_file_ops_compat_inode(r1, 0x0, 0x4d) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r2 = gettid() process_vm_writev$auto(r2, &(0x7f0000002980)={0x0, 0x7ff}, 0x3, &(0x7f0000002a40)={0x0, 0x100000004007}, 0x4, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TCFLSH2(r4, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) r5 = ioctl$auto_TUNSETVNETLE2(0xffffffffffffffff, 0x400454dc, &(0x7f0000000040)) r6 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NCSI_CMD_SET_CHANNEL_MASK(r5, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r6, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@NCSI_ATTR_PACKAGE_ID={0x8, 0x3, 0x7}, @NCSI_ATTR_PACKAGE_MASK={0x8, 0x7, 0xffffffc5}]}, 0x24}, 0x1, 0x0, 0x0, 0x11}, 0x440c0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x102, 0x0) ioctl$auto(r3, 0x89f0, r3) 24.525170167s ago: executing program 2 (id=767): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = socket(0x2, 0x2, 0x0) r1 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) write$auto(r1, &(0x7f0000000c40)='gthtool\x00', 0x5) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x8, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x3) socket(0xa, 0x2, 0x3a) read$auto(r0, 0x0, 0x2000000000007) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) io_uring_setup$auto(0x52, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffff}, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x3, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 23.146120612s ago: executing program 2 (id=769): mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x11, 0x80003, 0x300) bpf$auto(0x9, &(0x7f00000002c0)=@raw_tracepoint={0xfffffffffffffff7, r0, 0x0, 0xc}, 0x2f9) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0xa801, 0x0) write$auto(0x3, 0x0, 0x7ffffffa) write$auto(0x3, 0x0, 0x5c8) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x89fc, &(0x7f0000000000)={'tunl0\x00'}) write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xabxo\xd9\x90\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xa5\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5Y\a\xc1\xe9(\x85R\x96\xe4\x86\\\x13\xa9\x1a&\x19\x8a9\x82\xf0\x83\f\xf7\xeb\x00\x00\x00\x00\x00\x00\x00\x00v\x92f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) migrate_pages$auto(0x0, 0x3, 0x0, &(0x7f0000000140)=0x2) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/platform/dummy_hcd.3/usb4/power/connected_duration\x00', 0x88a00, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000180)=""/102, 0x66) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/igmp6\x00', 0x101d41, 0x0) socket(0x2, 0x80002, 0x73) read$auto_proc_pid_attr_operations_base(r3, &(0x7f00000002c0)=""/166, 0xa6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop7/trace/act_mask\x00', 0x40402, 0x0) write$auto(0x3, 0x0, 0xfdef) 22.054355609s ago: executing program 0 (id=772): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) r1 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0) fadvise64$auto_POSIX_FADV_NORMAL(r1, 0x7, 0xd, 0x0) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, r2, 0x300, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x400c080) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x70, 0xdf, 0x9b72, 0x2, 0x80000000008000) connect$auto(0x3, 0x0, 0x55) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0xa001, 0x0) read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) ioctl$auto_BLKRRPART(r4, 0x125f, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) 21.991051072s ago: executing program 2 (id=773): keyctl$auto(0xf, 0x400, 0x8001, 0x100, 0x3) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) read$auto_long_retry_limit_ops_(r0, &(0x7f0000000280)=""/140, 0x8c) sendmsg$auto_HSR_C_GET_NODE_STATUS(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='\b\x00\x00:', @ANYRES16, @ANYBLOB="04002dbd7000fbdbdf2503000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x4000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket(0x2, 0x801, 0x106) getsockopt$auto(r2, 0x11c, 0x1, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r3 = openat$auto_hwflags_ops_debugfs(0xffffffffffffff9c, 0x0, 0x101000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0xb5, 0x10, 0x7, 0x4, 0xffffffffffffffff, 0xa, "2af051a940806ec05be276cfc83ce63f", 0x0, r3, 0x5, 0x7, 0xe5, 0x3}, 0x10) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r4, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0xffffffffffffb8f1, 0x5, 0x3, 0x613, 0xfffffffffffffffa, 0x100000000000006) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r5, 0x0, 0x80000000) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r6) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000002b40)={0x28, r7, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@HWSIM_ATTR_PMSR_SUPPORT={0x14, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_TYPE_CAPA={0x10, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_MAX_BURSTS_EXPONENT={0x5, 0x7, 0x4}]}]}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008040}, 0x4000800) 20.5704825s ago: executing program 0 (id=777): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/arp_validate\x00', 0x20042, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x202, 0x0) mmap$auto(0x0, 0x7, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0xca, 0x0, 0x1ff) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv6/neigh/bond_slave_1/proxy_qlen\x00', 0x40001, 0x0) mmap$auto(0x9, 0x20007, 0xffffffffffff7fff, 0xeb1, 0xfffffffffffffffd, 0x40000007ffe) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/fs/xfs/panic_mask\x00', 0xa0202, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_4={0x12, 0x1, 0xa6, r0}, 0x6f4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8094}, 0x40000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) bind$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x3, @empty}, 0x6a) fsconfig$auto_HIDEPID_OFF(0xffffffffffffffff, 0x3ff, &(0x7f0000000280)='/sys/devices/virtual/net/nr12/address\x00', &(0x7f0000000380)="d06dcecd5b21824cba9e7ba66a3bc2fb9a1edf72dd77bb162f6c2df60e4417e2a9d33deb35d03f15a78958adc02a2a57bda02db8f9e74d", 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0x1a000}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x274441, 0xc4) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) eventfd$auto(0x8e) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x22a40, 0x0) socket(0x2, 0x801, 0x100) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vkms/drm/card1/card1-Virtual-1/status\x00', 0x20b42, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x21f}, 0x800000007) lsm_set_self_attr$auto(0xb143, &(0x7f00000003c0)={0x1, 0x5, 0x8, 0x40, "f2ce3f6e0feb23d329c1a44c6022428afde1187129a829f8f25f2ba45ce7c1a942f3d722706c26f4585d0f3a95db554033b3cdbfc86b0abd30ce488dfa7e887a"}, 0xc, 0x3) ioperm$auto(0x7, 0x6, 0x2) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone3(&(0x7f0000000300)={0x2d022000, 0x0, 0x0, 0x0, {0x23}, 0x0, 0x0, 0x0, 0x0}, 0x58) 19.890283376s ago: executing program 0 (id=778): r0 = fcntl$auto(0x3, 0x4, 0xa553) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x400, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r1, 0x4c00, 0xfffffffffffffffd) syslog$auto(0x1, &(0x7f0000000080)='\x00', 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/usbip-vudc.0/dev_desc\x00', 0x200, 0x0) read$auto(0x3, 0x0, 0x8) socketpair$auto(0x3, 0xffffffff, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x20000010) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r3 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r3, 0xaf01, 0x5) ioctl$auto_VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000000)={0x6}) write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) getpid() socket(0x28, 0x1, 0x0) r4 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa1\x00', 0x101041, 0x0) write$auto(r4, &(0x7f0000000000)='/sys/kernel/security/integrity/evm/evm_xattrs\x00', 0x3) syslog$auto(0x3, &(0x7f0000000040)='(*&(+{\\\'\x00', 0x80) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) 18.125993839s ago: executing program 0 (id=788): mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x100000000000027, 0x0) fsopen$auto(0x0, 0x1) socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1, 0x8, 0xd, 0xe13, 0x81, 0xe, 0x2000000000000002, 0x0, 0x9, 0x1, 0x2, 0x80000001, 0x8627, 0x9, 0x20000800001, 0x3, 0x5, 0x7, 0x6, 0x7, 0x0, 0xffffffee, 0x2a17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x18, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x9, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0xc090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4044810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4000010}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) ptrace$auto(0x10, r0, 0x4, 0x8000) ptrace$auto_PTRACE_PEEKSIGINFO(0x4209, r0, 0xb4, 0x5) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = io_uring_setup$auto(0x6, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x802, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(r2, 0xc1205531, r1) socket(0x10, 0x5, 0x0) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, 0x0, 0x0, 0x0) setitimer$auto(0x2, &(0x7f0000000040)={{}, {0x0, 0x8}}, 0x0) mmap$auto(0x0, 0x20000a, 0xffffffffffffffff, 0x40eb1, 0x602, 0x300000000000) writev$auto(0xffffffffffffffff, 0x0, 0x100) unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) 15.43679467s ago: executing program 0 (id=785): lseek$auto(0x3, 0x7ffffffffffffffd, 0x2) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0xffffffffffffffff) ioctl$auto(0x3, 0xae64, 0x38) readv$auto(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x7}, 0x8) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x12bc00, 0x0) faccessat2$auto(0xffffffffffffffff, 0x0, 0x0, 0x7) read$auto(r1, 0x0, 0x20) r2 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48) faccessat$auto(r2, 0x0, 0x2) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xc44c1, 0x0) mmap$auto(0x5b2, 0x80005, 0xfff, 0x8000000000000011, 0x10006, 0x300000000006) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snd/controlC2\x00', 0x440501, 0x0) socket(0x10, 0x2, 0x0) r4 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) write$auto(r4, 0x0, 0x1ff) unlink$auto(&(0x7f0000000640)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00') openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f00000000c0), 0x100000, 0x0) 9.953617324s ago: executing program 1 (id=794): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/usbip-vudc.0/usbip_sockfd\x00', 0x103841, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x6, 0xd, 0xfffffffe, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x10001, 0xb, 0x2de, 0x504, 0x1, 0x101, 0x6, 0x6}, {0xfff7ffff, 0x2, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x8000000000000000}}) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) r2 = socket(0xa, 0x2, 0x0) setsockopt$auto(r2, 0x29, 0x30, 0x0, 0x56b) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_ADDR_LEGACY_GET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000007a00)={0x14, r4, 0x1, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x24044081}, 0x24000800) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = ioctl$auto_TUNSETVNETLE2(0xffffffffffffffff, 0x400454dc, &(0x7f0000000180)=0x1) r7 = syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_SESSION_DELETE(r6, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="020026bd7000ffdb06001c000000000014001f00fe88000000000000000000000000010100"/49], 0x38}, 0x1, 0x0, 0x0, 0x20004000}, 0x20000000) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r5, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="83000000", @ANYRES16=r7, @ANYBLOB="000228bd7000f4dbdf2501000000080018000400000008001700", @ANYRES32=r0, @ANYBLOB="0c000f000600000000000000050007000a00000000001400080000001400200000000000000000000000ffffe0000002080018000100000008001900000000000800090007000000060001000c000000"], 0x74}, 0x1, 0x0, 0x0, 0x240488c0}, 0x4000000) r8 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x100082) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) ioctl$auto_BLKPG2(r8, 0x1269, 0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) write$auto(r0, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xabxo\xd9\x90\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xa5\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5Y\a\xc1\xe9(\x85R\x96\xe4\x86\\\x13\xa9\x1a&\x19\x8a9\x82\xf0\x83\f\xf7\xeb\x00\x00\x00\x00\x00\x00\x00\x00v\x92f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb\xff\xff\xff\x7f\xe2\xae,\x95k8\x83\xcf\xc5,\xd3S\xbf1\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x00\x00\x19R\t\x00\x00\x00\x00\x00\x00\x00\xe8\xfb\x00`\xc2\xcezU\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3', 0x100000a3da) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r1, 0x0, 0xfff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/tty/tty2/power/runtime_active_time\x00', 0xf5292a190ad5cf67, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) write$auto(0xffffffffffffffff, 0x0, 0x2fb) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0001, 0x9) remap_file_pages$auto(0x8, 0xda, 0x5, 0x4, 0x4) mmap$auto(0x0, 0x6, 0x4000000000df, 0xeb1, 0x401, 0x20000008000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) madvise$auto(0x4, 0xffffffffffff0005, 0x1b) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/events/vmalloc/free_vmap_area_noflush/enable\x00', 0x80000, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 8.643095484s ago: executing program 1 (id=805): unshare$auto(0x40000080) r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x640, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x7, 0xfffffffffffffffd, 0xd4, 0x4, 0x28c, 0x0, 0x3, 0x368e, 0x9, {0xfffffffe, 0x10000}, 0x8, 0x6, 0xfffffffffff7fffd, 0x1007ffd, 0x0, 0xfe, 0x81, 0xffffffffffff628e, 0x3d, 0xdeb1, 0x803}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r0, r1, 0x40004) landlock_create_ruleset$auto(0x0, 0x9, 0x0) landlock_restrict_self$auto(r1, 0x0) mkdir$auto(&(0x7f0000004440)='./file0\x00', 0x1) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x8) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, 0x0, 0x100, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/acpi/wakeup\x00', 0x48041, 0x0) write$auto(r3, 0x0, 0x0) mount$auto(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='xfs\x00', 0x5, 0x0) rt_sigqueueinfo$auto(0x0, 0x1, &(0x7f0000000680)={@siginfo_0_0={0xfffffff7, 0x5, 0x9, @_sigchld={0x0, 0x0, 0x400, 0xcad, 0x5}}}) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$auto_MON_IOCG_STATS(r0, 0x80089203, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0xb) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) select$auto(0xe, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x7}) 7.684119376s ago: executing program 1 (id=797): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) socket(0xf, 0x3, 0x2) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x2, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3d, 0x1, 0x100000001, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x208000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wlan1\x00'}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/vkms/graphics/fb0/cursor\x00', 0x161000, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9) recvmmsg$auto(0x4, &(0x7f0000000200)={{0x0, 0x4, &(0x7f0000000140)={0x0, 0x4da}, 0x4, 0x0, 0x8, 0x800}, 0x1000}, 0xffffffff, 0x0, 0x0) 7.464797927s ago: executing program 3 (id=799): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x96141, 0x0) r0 = socket(0x1b, 0x3, 0x76) madvise$auto(0x0, 0x2000040080000003, 0xe) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000040)='//\xf2\x00', 0x80000000) getsockopt$auto_SO_RCVPRIORITY(r0, 0x2, 0x52, 0x0, &(0x7f0000000240)=0x7) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000380)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x801, 0x106) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), r0) socket(0x10, 0x2, 0x0) pread64$auto(0xffffffffffffffff, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{o2?\x0f\x11\x90^\xdf/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x5) sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000780)=ANY=[], 0xf5c}, 0x1, 0x0, 0x0, 0x4044055}, 0x20008811) readahead$auto(0xffffffffffffffff, 0xcc7f, 0x6) mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x113002, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000100)='/dev/tty5\x00', 0xa) 6.19158848s ago: executing program 3 (id=800): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f0, 0x15) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x00\rs\x1cJ\x99\x00:c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r2 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/dri/vgem/clients\x00', 0x60000, 0x0) read$auto_drm_debugfs_entry_fops_drm_debugfs(r2, &(0x7f0000000100)=""/153, 0x99) getpid() r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), r1) sendmsg$auto_NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000006c0)={&(0x7f0000000200)={0x46c, r3, 0x8, 0x70bd2d, 0x25dfdbfd, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0xea9}, @NL80211_ATTR_REG_RULES={0x7c, 0x22, 0x0, 0x1, [@typed={0x6, 0x3c, 0x0, 0x0, @str='-\x00'}, @typed={0x14, 0x13a, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @nested={0x59, 0xc2, 0x0, 0x1, [@typed={0x8, 0xd2, 0x0, 0x0, @fd}, @generic="0e44fa88af7cd22a8d7edf7beca8fbc865f4f91db2c9c79375a38d475d98d2f0ca00c1af9a078be33c194bcab2f7dfe39ff3a6e41145fd562e22a515eeb343f1dca52d9aa7c7a884928f5d73aa"]}]}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xfffc}, @NL80211_ATTR_HW_TIMESTAMP_ENABLED={0x4}, @NL80211_ATTR_IE_RIC={0x320, 0xb2, "3dee359144840120efa2009f60696a96d87de0f5821f496de5d08df0abdce8a8357cc609c8d8584fd2134762545b50ae8d554f3cbcfa13bcab7e4eab723cc86bb6462e364d907f8d218dce233b2e3ef1df0039b81e6101288b3ad9f21600dc6c069cdf496b61153aa2aa3a36a4f380dfc5205ab36b25c4f919957f3657c143a5cd0778d57c22aa20f06a0caea37bb4763da4dab69edb57d970b11d2f7c8de249805485489a3e193fd3791bdc868e1dae22d4c0499dccd315a5ed9594101a08547adda50af093130ef33c5b059152c668d0889a8f8c0fa5b1e6056a7ac0d83a54b942766aecd7e264046d587243d78fbd7c3f37b0fce678806066e9d9eb66840b5625cb0bb377da0e560293a4dfa4c0b252a7039ebf14f701e9f6b7a0d30acbe2f354ddfd79962e686866c30a88925856358022ff8b7d74d94fbb15f5dbb482035918b318e97d2879df32a7abfdf35e661406e4cc1192034a9b34e7bebb377b8026a7ef117874cbe5c65af27ff7681ab0ffd04c43d2fbc05b61bc3640106dc74b4fc75b33be1f0974c2766d214283d97ea551410c0d8618f145d8a72d3b8c32f9f62809b62f1f5c6d4a970b86f1da6c1bad2c6dc0f093cccb48ff4b320426ec51c03443164f6ef67a5fa7f5944e32483c75b7215ff77996e01effb3f7cb4fb8d4acca104a0c5f393230c5805622bca19f48b25f2934b46a580792b5b50a15c759be3deed1b788c9b599ac319cd0cb4923fefd09dc51b0ce0930fb17815723969c577f41ab6668998a90476a6181bd717a40438d257998c963e5c546355352e4223be1b34751fb49b0d5746608f6ae535b2031a6e6f3203e81ba67b3741cce279b554a97285112b3f2ed9bd3482725ce53fd079d7231c1e2b1b6544b9e5ce0104f2cc6da151b2a4a926fa81e8a9b611c54a19f04172ed1dbb5f31121df5e0bee8fc5d4888f9c8c13397e13fce35c797d11f930e028183048e7a8238a2186ce4772b88c75d82205ce6f758236ef258406b2721be7ae3b13670f0fdedd4c5692d81644ee8d9d81a19a874b2bae56727fc6f6798681af256438aae34df5fce4040621f4cefbf9674df33dd1236e3b4428c3ea2e7e878c9e8b9d6fa32f4142"}, @NL80211_ATTR_S1G_CAPABILITY_MASK={0xa8, 0x129, "08fa7064bfc1458c00a9d41e8b6624f20fceba0c1a808ffbc12a3abb112abcb7ad7afc5bfdced03e378a0de31061617391af2dca7ba917be4d516f7ab9a980ec3d595ecd2f94834d0c9219dc80794259e8573d48139ce9a43ca752f208c1a8db0417085f294a177a5ed330b43646d04fc565928f039a4e849ef93f1d65756d55b8ee94564bbbe89bbd1fd3bc720295a9a199219fd7ae6d66d1b81ad7faa4b9e942589de3"}]}, 0x46c}, 0x1, 0x0, 0x0, 0x10}, 0x40) r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r4, 0x0, 0xb4d3) socket$nl_generic(0x10, 0x3, 0x10) splice$auto(0x4, 0x0, 0x2, 0x0, 0x3, 0x9) write$auto(0x3, 0x0, 0xffd8) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/packets_per_slave\x00', 0x182b02, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/net/rose10/addr_len\x00', 0x20800, 0x0) read$auto(r5, 0x0, 0x9) write$auto(0x3, 0x0, 0xfdef) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 6.19062574s ago: executing program 1 (id=809): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) r0 = io_uring_setup$auto(0x6, 0x0) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0x6, 0x2}, 0x8000, 0x0, 0x6) open(&(0x7f0000000040)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x0f\x18\xc5\x82-s\x83\xe6\xaeR\x81\r_\x0e\x19\x12\x85\bvf(e\xday)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbHL9aD\xb4\x80\xed\xba>\"\xb6\x7f\xa3f\x1d\a\xa1\x87\x84uA\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e\x00', 0x12ba7e, 0x81) acct$auto(&(0x7f0000000380)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x0f\x18\xc5\x82-s\x83\xe6\xaeR\x81\r_\x0e\x19\x12\x85\bvf(e\xday)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbHL9aD\xb4\x80\xed\xba>\"\xb6\x7f\xa3f\x1d\a\xa1\x87\x84uA\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e') acct$auto(0x0) sysfs$auto(0x2, 0x10000000000002b, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000380)='/proc/thread-self/net/ip_mr_vif\x00', 0xb00, 0x0) pread64$auto(r1, 0x0, 0x594c, 0x9fffffffd) sendmsg$auto_NL80211_CMD_SET_COALESCE(r0, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x38, 0x0, 0x4, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_INDOOR={0x4}, @NL80211_ATTR_REG_INDOOR={0x4}, @NL80211_ATTR_TDLS_SUPPORT={0x4}, @NL80211_ATTR_HT_CAPABILITY={0x7, 0x1f, "c6bbb7"}, @NL80211_ATTR_ASSOC_SPP_AMSDU={0x4}, @NL80211_ATTR_SCHED_SCAN_MULTI={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_WIPHY_DYN_ACK={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x400}, 0x8010) fsopen$auto(0x0, 0x1) r2 = open(&(0x7f00000000c0)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) flock$auto(r2, 0x6) flock$auto(0xffffffffffffffff, 0x2) open(0x0, 0x4242, 0xe1d2b27bdc14aab4) ioperm$auto(0x2, 0x6, 0x7) mbind$auto(0x7, 0x9, 0x2, &(0x7f0000000040)=0x4, 0xb3, 0x9) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) 207.374619ms ago: executing program 32 (id=785): lseek$auto(0x3, 0x7ffffffffffffffd, 0x2) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0xffffffffffffffff) ioctl$auto(0x3, 0xae64, 0x38) readv$auto(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x7}, 0x8) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x12bc00, 0x0) faccessat2$auto(0xffffffffffffffff, 0x0, 0x0, 0x7) read$auto(r1, 0x0, 0x20) r2 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48) faccessat$auto(r2, 0x0, 0x2) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xc44c1, 0x0) mmap$auto(0x5b2, 0x80005, 0xfff, 0x8000000000000011, 0x10006, 0x300000000006) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snd/controlC2\x00', 0x440501, 0x0) socket(0x10, 0x2, 0x0) r4 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) write$auto(r4, 0x0, 0x1ff) unlink$auto(&(0x7f0000000640)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00') openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f00000000c0), 0x100000, 0x0) 202.194114ms ago: executing program 1 (id=802): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/arp_validate\x00', 0x20042, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x202, 0x0) mmap$auto(0x0, 0x7, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0xca, 0x0, 0x1ff) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv6/neigh/bond_slave_1/proxy_qlen\x00', 0x40001, 0x0) mmap$auto(0x9, 0x20007, 0xffffffffffff7fff, 0xeb1, 0xfffffffffffffffd, 0x40000007ffe) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/fs/xfs/panic_mask\x00', 0xa0202, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_4={0x12, 0x1, 0xa6, r0}, 0x6f4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8094}, 0x40000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) bind$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x3, @empty}, 0x6a) fsconfig$auto_HIDEPID_OFF(0xffffffffffffffff, 0x3ff, &(0x7f0000000280)='/sys/devices/virtual/net/nr12/address\x00', &(0x7f0000000380)="d06dcecd5b21824cba9e7ba66a3bc2fb9a1edf72dd77bb162f6c2df60e4417e2a9d33deb35d03f15a78958adc02a2a57bda02db8f9e74d", 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0x1a000}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x274441, 0xc4) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) eventfd$auto(0x8e) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x22a40, 0x0) socket(0x2, 0x801, 0x100) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vkms/drm/card1/card1-Virtual-1/status\x00', 0x20b42, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x21f}, 0x800000007) lsm_set_self_attr$auto(0xb143, &(0x7f00000003c0)={0x1, 0x5, 0x8, 0x40, "f2ce3f6e0feb23d329c1a44c6022428afde1187129a829f8f25f2ba45ce7c1a942f3d722706c26f4585d0f3a95db554033b3cdbfc86b0abd30ce488dfa7e887a"}, 0xc, 0x3) ioperm$auto(0x7, 0x6, 0x2) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone3(&(0x7f0000000300)={0x2d022000, 0x0, 0x0, 0x0, {0x23}, 0x0, 0x0, 0x0, 0x0}, 0x58) 192.777173ms ago: executing program 3 (id=803): sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0x10006, 0x300000000000) r0 = socket(0x2, 0x3, 0x6) r1 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) bpf$auto_BPF_ENABLE_STATS(0x20, &(0x7f0000000180)=@bpf_attr_0={0x3ff, 0x8, 0xffff, 0x7fffffff, 0xc2, r0, 0x7, "3f8850b8c665dabcdf3c01e5fde04738", 0x0, r0, 0x10001, 0x0, 0x1, 0x2, r0, r0}, 0xffffffc0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(r0, 0x10f, 0xb, 0x0, 0x400) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r2) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/quirks\x00', 0x103a42, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/module/psmouse/parameters/proto\x00', 0x20a42, 0x0) openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/kernel/debug/bdi/1:15/wb_stats\x00', 0x40, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) socket(0x2, 0x1, 0x0) socketpair$auto(0x1e, 0x3, 0xfffffffe, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x3}, 0x7}, 0x3, 0xcad7) 25.431231ms ago: executing program 1 (id=804): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2, 0x3, 0x100) preadv2$auto(r0, &(0x7f0000001000)={0x0, 0x80000000}, 0xffffffffffffffff, 0xffffe00000000002, 0x7, 0x2e) mmap$auto(0x0, 0x400008, 0xdf, 0x1ff, 0x2, 0x8000) r1 = socket(0x37, 0x4, 0xa) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) r2 = syz_open_procfs$namespace(0x0, 0x0) fstat$auto(r2, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[], 0x64}, 0x1, 0x0, 0x0, 0x40}, 0x0) r3 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) read$auto_ftrace_enable_fops_trace_events(r3, &(0x7f0000000200)=""/34, 0x22) ioctl$auto(0x3, 0x40081271, 0x38) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x580f, 0xffb, 0x8000000008011, 0x3, 0x0) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xfffffffffff70001, 0x1) r4 = getpid() shmctl$auto_SHM_UNLOCK(0x40a03811, 0xc, &(0x7f0000000240)={{0x200, 0x0, 0x0, 0x10001, 0x8, 0x400, 0x3}, 0x8, 0x3b04, 0xc, 0x81, @raw=0x10000, @inferred=r4, 0x7, 0x0, &(0x7f0000000480), 0x0}) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x5) 0s ago: executing program 3 (id=806): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = socket(0x2, 0x2, 0x0) r1 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) write$auto(r1, &(0x7f0000000c40)='gthtool\x00', 0x5) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x24, r3, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0xfffffffc}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0xffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x4002000}, 0x40010) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x8, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x3) socket(0xa, 0x2, 0x3a) read$auto(r0, 0x0, 0x2000000000007) mmap$auto(0x1f00, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) io_uring_setup$auto(0x52, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffff}, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x3, 0x0) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r4, 0x8000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.145' (ED25519) to the list of known hosts. [ 99.683955][ T5851] cgroup: Unknown subsys name 'net' [ 99.819687][ T5851] cgroup: Unknown subsys name 'cpuset' [ 99.829294][ T5851] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 101.672470][ T5851] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 102.292886][ T44] cfg80211: failed to load regulatory.db [ 103.869087][ T5865] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 103.885857][ T5865] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 103.905081][ T5865] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 103.924969][ T5865] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 103.935323][ T5865] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 103.995488][ T5865] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 104.004057][ T5865] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 104.012260][ T5865] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 104.021106][ T5865] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 104.029284][ T5865] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 104.083867][ T5865] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 104.092717][ T5865] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 104.102058][ T5873] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 104.110984][ T5873] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 104.119219][ T5873] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 104.127291][ T5873] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 104.136060][ T5873] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 104.144618][ T5873] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 104.159634][ T5874] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 104.228736][ T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 104.562168][ T5863] chnl_net:caif_netlink_parms(): no params data found [ 104.717820][ T5866] chnl_net:caif_netlink_parms(): no params data found [ 104.880597][ T5863] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.888690][ T5863] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.896351][ T5863] bridge_slave_0: entered allmulticast mode [ 104.903911][ T5863] bridge_slave_0: entered promiscuous mode [ 104.913354][ T5868] chnl_net:caif_netlink_parms(): no params data found [ 104.966232][ T5863] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.973401][ T5863] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.981082][ T5863] bridge_slave_1: entered allmulticast mode [ 104.988569][ T5863] bridge_slave_1: entered promiscuous mode [ 105.102457][ T5863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.149632][ T5863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.186715][ T5866] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.193924][ T5866] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.201800][ T5866] bridge_slave_0: entered allmulticast mode [ 105.209343][ T5866] bridge_slave_0: entered promiscuous mode [ 105.231229][ T5869] chnl_net:caif_netlink_parms(): no params data found [ 105.246960][ T5863] team0: Port device team_slave_0 added [ 105.260591][ T5866] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.268859][ T5866] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.276263][ T5866] bridge_slave_1: entered allmulticast mode [ 105.283708][ T5866] bridge_slave_1: entered promiscuous mode [ 105.292637][ T5863] team0: Port device team_slave_1 added [ 105.411070][ T5866] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.449161][ T5868] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.456681][ T5868] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.463894][ T5868] bridge_slave_0: entered allmulticast mode [ 105.471830][ T5868] bridge_slave_0: entered promiscuous mode [ 105.482408][ T5866] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.494353][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.501431][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.527595][ T5863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.547612][ T5868] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.555095][ T5868] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.562316][ T5868] bridge_slave_1: entered allmulticast mode [ 105.569958][ T5868] bridge_slave_1: entered promiscuous mode [ 105.594708][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.602170][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.628378][ T5863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.676249][ T5866] team0: Port device team_slave_0 added [ 105.713704][ T5866] team0: Port device team_slave_1 added [ 105.751992][ T5868] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.766046][ T5868] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.849901][ T5866] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.857498][ T5866] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.883545][ T5866] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.898117][ T5866] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.905243][ T5866] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.932066][ T5866] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.943517][ T5869] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.950919][ T5869] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.958213][ T5869] bridge_slave_0: entered allmulticast mode [ 105.965978][ T5869] bridge_slave_0: entered promiscuous mode [ 105.979153][ T5863] hsr_slave_0: entered promiscuous mode [ 105.986340][ T5863] hsr_slave_1: entered promiscuous mode [ 106.012850][ T5869] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.020291][ T5869] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.027586][ T5869] bridge_slave_1: entered allmulticast mode [ 106.035373][ T5869] bridge_slave_1: entered promiscuous mode [ 106.046633][ T5865] Bluetooth: hci0: command tx timeout [ 106.079766][ T5868] team0: Port device team_slave_0 added [ 106.091785][ T5869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 106.105210][ T5869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.116839][ T5868] team0: Port device team_slave_1 added [ 106.124926][ T5865] Bluetooth: hci1: command tx timeout [ 106.204959][ T5865] Bluetooth: hci2: command tx timeout [ 106.243254][ T5866] hsr_slave_0: entered promiscuous mode [ 106.250444][ T5866] hsr_slave_1: entered promiscuous mode [ 106.257354][ T5866] debugfs: 'hsr0' already exists in 'hsr' [ 106.263209][ T5866] Cannot create hsr debugfs directory [ 106.284929][ T5865] Bluetooth: hci3: command tx timeout [ 106.286983][ T5869] team0: Port device team_slave_0 added [ 106.297255][ T5868] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.304252][ T5868] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.330736][ T5868] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.343546][ T5868] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.350665][ T5868] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.376735][ T5868] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.397134][ T5869] team0: Port device team_slave_1 added [ 106.521535][ T5869] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.528669][ T5869] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.555027][ T5869] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.601605][ T5869] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.609324][ T5869] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.635384][ T5869] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.720825][ T5868] hsr_slave_0: entered promiscuous mode [ 106.727995][ T5868] hsr_slave_1: entered promiscuous mode [ 106.734211][ T5868] debugfs: 'hsr0' already exists in 'hsr' [ 106.740124][ T5868] Cannot create hsr debugfs directory [ 106.823692][ T5869] hsr_slave_0: entered promiscuous mode [ 106.830823][ T5869] hsr_slave_1: entered promiscuous mode [ 106.838239][ T5869] debugfs: 'hsr0' already exists in 'hsr' [ 106.844020][ T5869] Cannot create hsr debugfs directory [ 107.062111][ T5863] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 107.078383][ T5863] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 107.128005][ T5863] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 107.167639][ T5863] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 107.276803][ T5866] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 107.307501][ T5866] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 107.319163][ T5866] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 107.331801][ T5866] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 107.434106][ T5868] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 107.452603][ T5868] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 107.477689][ T5868] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 107.493577][ T5868] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 107.614103][ T5869] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 107.642967][ T5869] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 107.667769][ T5869] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 107.684296][ T5869] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 107.739256][ T5866] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.799173][ T5863] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.836934][ T5866] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.854656][ T5863] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.883387][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.890749][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.906951][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.914207][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.924102][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.931310][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.976704][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.983879][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.125664][ T5865] Bluetooth: hci0: command tx timeout [ 108.138580][ T5869] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.162893][ T5868] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.202079][ T5869] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.209712][ T5865] Bluetooth: hci1: command tx timeout [ 108.247186][ T1167] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.254467][ T1167] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.287388][ T5865] Bluetooth: hci2: command tx timeout [ 108.304946][ T1167] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.312172][ T1167] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.347751][ T5868] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.366726][ T5865] Bluetooth: hci3: command tx timeout [ 108.439378][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.446672][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.467431][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.474662][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.759111][ T5866] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.887622][ T5863] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.990900][ T5866] veth0_vlan: entered promiscuous mode [ 109.050957][ T5866] veth1_vlan: entered promiscuous mode [ 109.137810][ T5863] veth0_vlan: entered promiscuous mode [ 109.151770][ T5869] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.189774][ T5863] veth1_vlan: entered promiscuous mode [ 109.217546][ T5866] veth0_macvtap: entered promiscuous mode [ 109.252007][ T5866] veth1_macvtap: entered promiscuous mode [ 109.280795][ T5868] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.309978][ T5863] veth0_macvtap: entered promiscuous mode [ 109.329713][ T5869] veth0_vlan: entered promiscuous mode [ 109.342464][ T5863] veth1_macvtap: entered promiscuous mode [ 109.376690][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.391886][ T5869] veth1_vlan: entered promiscuous mode [ 109.408744][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.433976][ T36] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.446032][ T36] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.470563][ T36] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.480175][ T36] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.496083][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.523171][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.552795][ T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.577521][ T5868] veth0_vlan: entered promiscuous mode [ 109.588047][ T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.597654][ T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.619089][ T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.653726][ T5869] veth0_macvtap: entered promiscuous mode [ 109.670485][ T5868] veth1_vlan: entered promiscuous mode [ 109.697324][ T5869] veth1_macvtap: entered promiscuous mode [ 109.757974][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.771298][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.877868][ T5869] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.886953][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.892892][ T5868] veth0_macvtap: entered promiscuous mode [ 109.901256][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.935409][ T5869] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.949452][ T5868] veth1_macvtap: entered promiscuous mode [ 109.983299][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.994082][ T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.018094][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.037858][ T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.057469][ T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.071940][ T5866] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 110.083605][ T5868] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.117714][ T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.179641][ T5868] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.203132][ T1167] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.216371][ T5865] Bluetooth: hci0: command tx timeout [ 110.229365][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.249888][ T1167] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.261188][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.263831][ T1167] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.285134][ T5865] Bluetooth: hci1: command tx timeout [ 110.297240][ T1167] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.365567][ T5865] Bluetooth: hci2: command tx timeout [ 110.445269][ T5865] Bluetooth: hci3: command tx timeout [ 110.512539][ T1167] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.557812][ T1167] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.678698][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.714389][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.848478][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.878560][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.948302][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.993430][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.494456][ T5962] mmap: syz.3.4 (5962) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 112.022356][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 112.287902][ T5865] Bluetooth: hci0: command tx timeout [ 112.375315][ T5865] Bluetooth: hci1: command tx timeout [ 112.444970][ T5865] Bluetooth: hci2: command tx timeout [ 112.633258][ T5865] Bluetooth: hci3: command tx timeout [ 113.205241][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 113.214110][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 113.565257][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 113.673754][ T5992] Zero length message leads to an empty skb [ 113.935134][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.285371][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 114.635031][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.935207][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.944333][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.954026][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 115.403922][ T6032] process 'syz.1.13' launched './file0' with NULL argv: empty string added [ 117.865980][ T6069] netlink: 28 bytes leftover after parsing attributes in process `syz.2.20'. [ 117.883170][ T6069] ipvlan0: entered allmulticast mode [ 117.975118][ T6069] veth0_vlan: entered allmulticast mode [ 119.683542][ T6084] can: request_module (can-proto-0) failed. [ 120.523288][ T6101] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78002 [ 120.548214][ T6101] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 120.558283][ T6101] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 120.575470][ T6101] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 120.584148][ T6101] page dumped because: unmovable page [ 120.594873][ T6101] page_owner tracks the page as allocated [ 120.600928][ T6101] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 5788, tgid 5788 (dhcpcd-run-hook), ts 86368797311, free_ts 86368765829 [ 120.709277][ T6101] post_alloc_hook+0x1c0/0x230 [ 120.740708][ T6101] get_page_from_freelist+0x132b/0x38e0 [ 120.768169][ T6101] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 120.784538][ T6101] alloc_pages_bulk_noprof+0x71c/0x1410 [ 120.793280][ T6101] alloc_pages_bulk_mempolicy_noprof+0x244/0x1280 [ 120.956354][ T6101] __vmalloc_node_range_noprof+0x526/0x14b0 [ 121.066343][ T6101] __vmalloc_node_noprof+0xad/0xf0 [ 121.081017][ T6101] copy_process+0x2c70/0x7690 [ 121.098131][ T6101] kernel_clone+0xfc/0x930 [ 121.177678][ T6101] __do_sys_clone+0xce/0x120 [ 121.214890][ T6101] do_syscall_64+0xcd/0x490 [ 121.372708][ T6101] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.404489][ T6101] page last free pid 5788 tgid 5788 stack trace: [ 121.479559][ T6101] __free_frozen_pages+0x7d5/0x10f0 [ 121.519081][ T6101] kasan_populate_vmalloc+0x13d/0x1f0 [ 121.578458][ T6101] alloc_vmap_area+0x959/0x29c0 [ 121.597783][ T6101] __get_vm_area_node+0x1ca/0x330 [ 121.602892][ T6101] __vmalloc_node_range_noprof+0x271/0x14b0 [ 121.619650][ T6101] __vmalloc_node_noprof+0xad/0xf0 [ 121.629800][ T6101] copy_process+0x2c70/0x7690 [ 121.634562][ T6101] kernel_clone+0xfc/0x930 [ 121.643014][ T6101] __do_sys_clone+0xce/0x120 [ 121.653177][ T6101] do_syscall_64+0xcd/0x490 [ 121.664689][ T6101] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.682461][ T30] audit: type=1804 audit(1754121541.630:2): pid=6123 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.29" name="/newroot/8/file0" dev="tmpfs" ino=58 res=1 errno=0 [ 121.765435][ T30] audit: type=1804 audit(1754121541.630:3): pid=6124 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.29" name="/newroot/8/file0" dev="tmpfs" ino=58 res=1 errno=0 [ 123.071236][ T6151] netlink: 28 bytes leftover after parsing attributes in process `syz.0.34'. [ 123.208230][ T6151] ipvlan0: entered allmulticast mode [ 123.233135][ T6151] veth0_vlan: entered allmulticast mode [ 127.269467][ T6197] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78002 [ 127.287917][ T6197] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 127.296750][ T6197] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 127.309392][ T6197] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 127.318198][ T6197] page dumped because: unmovable page [ 127.375110][ T6197] page_owner tracks the page as allocated [ 127.392278][ T6197] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 5788, tgid 5788 (dhcpcd-run-hook), ts 86368797311, free_ts 86368765829 [ 127.435022][ T6197] post_alloc_hook+0x1c0/0x230 [ 127.440036][ T6197] get_page_from_freelist+0x132b/0x38e0 [ 127.453767][ T6197] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 127.494092][ T6197] alloc_pages_bulk_noprof+0x71c/0x1410 [ 127.500853][ T6197] alloc_pages_bulk_mempolicy_noprof+0x244/0x1280 [ 127.509140][ T6197] __vmalloc_node_range_noprof+0x526/0x14b0 [ 127.551620][ T6197] __vmalloc_node_noprof+0xad/0xf0 [ 127.609575][ T6197] copy_process+0x2c70/0x7690 [ 127.614542][ T6197] kernel_clone+0xfc/0x930 [ 127.629476][ T6197] __do_sys_clone+0xce/0x120 [ 127.634208][ T6197] do_syscall_64+0xcd/0x490 [ 127.638877][ T6197] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.650597][ T6197] page last free pid 5788 tgid 5788 stack trace: [ 127.659561][ T6197] __free_frozen_pages+0x7d5/0x10f0 [ 127.665142][ T6197] kasan_populate_vmalloc+0x13d/0x1f0 [ 127.744943][ T6197] alloc_vmap_area+0x959/0x29c0 [ 127.749913][ T6197] __get_vm_area_node+0x1ca/0x330 [ 127.816913][ T6197] __vmalloc_node_range_noprof+0x271/0x14b0 [ 127.822935][ T6197] __vmalloc_node_noprof+0xad/0xf0 [ 127.936050][ T6197] copy_process+0x2c70/0x7690 [ 127.967690][ T6197] kernel_clone+0xfc/0x930 [ 127.983669][ T6197] __do_sys_clone+0xce/0x120 [ 128.034905][ T6197] do_syscall_64+0xcd/0x490 [ 128.048176][ T6197] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.816498][ T6248] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 131.408305][ T6278] netlink: 28 bytes leftover after parsing attributes in process `syz.1.48'. [ 131.437727][ T6278] ipvlan0: entered allmulticast mode [ 131.443153][ T6278] veth0_vlan: entered allmulticast mode [ 138.183725][ T6382] netlink: 28 bytes leftover after parsing attributes in process `syz.0.63'. [ 138.865339][ T6390] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 142.576802][ T6439] delete_channel: no stack [ 142.710428][ T6433] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(1) [ 143.236979][ T6447] FAULT_INJECTION: forcing a failure. [ 143.236979][ T6447] name failslab, interval 1, probability 0, space 0, times 1 [ 143.286744][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.329712][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 143.391550][ T6447] CPU: 1 UID: 0 PID: 6447 Comm: syz.1.77 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 143.391593][ T6447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 143.391614][ T6447] Call Trace: [ 143.391624][ T6447] [ 143.391634][ T6447] dump_stack_lvl+0x16c/0x1f0 [ 143.391688][ T6447] should_fail_ex+0x512/0x640 [ 143.391716][ T6447] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 143.391752][ T6447] should_failslab+0xc2/0x120 [ 143.391789][ T6447] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 143.391822][ T6447] ? d_instantiate+0x77/0x90 [ 143.391856][ T6447] ? alloc_empty_file+0x55/0x1e0 [ 143.391903][ T6447] alloc_empty_file+0x55/0x1e0 [ 143.391944][ T6447] alloc_file_pseudo+0x13a/0x230 [ 143.391987][ T6447] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 143.392030][ T6447] ? hugetlbfs_get_inode+0x31f/0x730 [ 143.392064][ T6447] hugetlb_file_setup+0x4ce/0x620 [ 143.392096][ T6447] ksys_mmap_pgoff+0x189/0x5c0 [ 143.392140][ T6447] __x64_sys_mmap+0x125/0x190 [ 143.392196][ T6447] do_syscall_64+0xcd/0x490 [ 143.392243][ T6447] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.392272][ T6447] RIP: 0033:0x7f0d2a38eb69 [ 143.392298][ T6447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.392324][ T6447] RSP: 002b:00007f0d2b17c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 143.392350][ T6447] RAX: ffffffffffffffda RBX: 00007f0d2a5b5fa0 RCX: 00007f0d2a38eb69 [ 143.392368][ T6447] RDX: 0000000000400002 RSI: 0000000000a00006 RDI: 0000000000000000 [ 143.392385][ T6447] RBP: 00007f0d2a411df1 R08: 0000000000000602 R09: 0000300000000000 [ 143.392402][ T6447] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 143.392418][ T6447] R13: 0000000000000000 R14: 00007f0d2a5b5fa0 R15: 00007fff7e8e7b28 [ 143.392453][ T6447] [ 143.949052][ T6458] FAULT_INJECTION: forcing a failure. [ 143.949052][ T6458] name failslab, interval 1, probability 0, space 0, times 0 [ 144.005916][ T6458] CPU: 1 UID: 0 PID: 6458 Comm: syz.3.79 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 144.005963][ T6458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 144.005983][ T6458] Call Trace: [ 144.005994][ T6458] [ 144.006006][ T6458] dump_stack_lvl+0x16c/0x1f0 [ 144.006106][ T6458] should_fail_ex+0x512/0x640 [ 144.006139][ T6458] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 144.006180][ T6458] should_failslab+0xc2/0x120 [ 144.006226][ T6458] __kmalloc_cache_noprof+0x6a/0x3e0 [ 144.006261][ T6458] ? fqdir_init+0x4f/0x1f0 [ 144.006297][ T6458] fqdir_init+0x4f/0x1f0 [ 144.006330][ T6458] ipv6_frags_init_net+0x2b/0x350 [ 144.006370][ T6458] ? __pfx_ipv6_frags_init_net+0x10/0x10 [ 144.006408][ T6458] ops_init+0x1e2/0x5f0 [ 144.006467][ T6458] setup_net+0x10f/0x380 [ 144.006493][ T6458] ? lockdep_init_map_type+0x5c/0x280 [ 144.006542][ T6458] ? __pfx_setup_net+0x10/0x10 [ 144.006575][ T6458] ? debug_mutex_init+0x37/0x70 [ 144.006612][ T6458] copy_net_ns+0x2a6/0x5f0 [ 144.006651][ T6458] create_new_namespaces+0x3ea/0xa90 [ 144.006700][ T6458] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 144.006742][ T6458] ksys_unshare+0x45b/0xa40 [ 144.006790][ T6458] ? __pfx_ksys_unshare+0x10/0x10 [ 144.006836][ T6458] ? xfd_validate_state+0x61/0x180 [ 144.006900][ T6458] __x64_sys_unshare+0x31/0x40 [ 144.006945][ T6458] do_syscall_64+0xcd/0x490 [ 144.007002][ T6458] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.007036][ T6458] RIP: 0033:0x7f760c18eb69 [ 144.007062][ T6458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.007103][ T6458] RSP: 002b:00007f760d045038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 144.007134][ T6458] RAX: ffffffffffffffda RBX: 00007f760c3b5fa0 RCX: 00007f760c18eb69 [ 144.007156][ T6458] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 144.007176][ T6458] RBP: 00007f760c211df1 R08: 0000000000000000 R09: 0000000000000000 [ 144.007196][ T6458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 144.007216][ T6458] R13: 0000000000000000 R14: 00007f760c3b5fa0 R15: 00007fffc6a88b58 [ 144.007260][ T6458] [ 145.162951][ T6470] random: crng reseeded on system resumption [ 146.483511][ T6484] program syz.3.83 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 147.266796][ T6494] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 148.018210][ T6499] [U]  [ 148.021264][ T6499] [U] [ 148.023983][ T6499] [U] [ 148.026693][ T6499] [U] [ 148.053256][ T6499] [U] [ 148.056155][ T6499] [U] [ 148.058937][ T6499] [U] [ 148.061697][ T6499] [U] [ 148.099558][ T6499] [U] [ 148.102317][ T6499] [U] [ 148.105059][ T6499] [U] [ 148.107788][ T6499] [U] [ 148.117986][ T6499] [U] [ 148.120744][ T6499] [U] [ 148.123475][ T6499] [U] [ 148.126274][ T6499] [U] [ 148.131065][ T6499] [U] [ 148.133942][ T6499] [U] [ 148.136708][ T6499] [U] [ 148.139451][ T6499] [U] [ 148.164429][ T6499] [U] [ 148.167231][ T6499] [U] [ 148.169972][ T6499] [U] [ 148.172709][ T6499] [U] [ 148.268873][ T6499] [U] [ 148.271697][ T6499] [U] [ 148.274466][ T6499] [U] [ 148.277215][ T6499] [U] [ 148.331175][ T6499] [U] [ 148.446590][ T6515] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 150.018646][ T6531] FAULT_INJECTION: forcing a failure. [ 150.018646][ T6531] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 150.070929][ T6531] CPU: 0 UID: 0 PID: 6531 Comm: syz.0.93 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 150.070980][ T6531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 150.071001][ T6531] Call Trace: [ 150.071011][ T6531] [ 150.071022][ T6531] dump_stack_lvl+0x16c/0x1f0 [ 150.071078][ T6531] should_fail_ex+0x512/0x640 [ 150.071118][ T6531] should_fail_alloc_page+0xe7/0x130 [ 150.071167][ T6531] prepare_alloc_pages+0x3c2/0x610 [ 150.071217][ T6531] ? rcu_is_watching+0x12/0xc0 [ 150.071255][ T6531] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 150.071299][ T6531] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 150.071352][ T6531] ? __lock_acquire+0x62e/0x1ce0 [ 150.071400][ T6531] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 150.071439][ T6531] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 150.071511][ T6531] ? rcu_read_unlock+0x17/0x60 [ 150.071587][ T6531] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 150.071636][ T6531] ? policy_nodemask+0xea/0x4e0 [ 150.071682][ T6531] alloc_pages_mpol+0x1fb/0x550 [ 150.071726][ T6531] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 150.071767][ T6531] ? __kvmalloc_node_noprof.cold+0x60/0x65 [ 150.071814][ T6531] ? trace_kmalloc+0x2b/0xd0 [ 150.071856][ T6531] ? __kmalloc_noprof.cold+0x5c/0x61 [ 150.071899][ T6531] ? relay_open_buf.part.0+0x194/0xc80 [ 150.071951][ T6531] alloc_pages_noprof+0x131/0x390 [ 150.071994][ T6531] relay_open_buf.part.0+0x262/0xc80 [ 150.072048][ T6531] relay_open+0x653/0xad0 [ 150.072089][ T6531] ? debugfs_create_file_full+0x41/0x60 [ 150.072125][ T6531] do_blk_trace_setup+0x503/0xb50 [ 150.072164][ T6531] blk_trace_setup+0xed/0x1b0 [ 150.072198][ T6531] ? __pfx_blk_trace_setup+0x10/0x10 [ 150.072231][ T6531] ? __pfx_snprintf+0x10/0x10 [ 150.072287][ T6531] ? do_vfs_ioctl+0x128/0x14f0 [ 150.072341][ T6531] blk_trace_ioctl+0x146/0x280 [ 150.072377][ T6531] ? __pfx_blk_trace_ioctl+0x10/0x10 [ 150.072422][ T6531] ? hook_file_ioctl_common+0x145/0x410 [ 150.072478][ T6531] blkdev_ioctl+0x108/0x6d0 [ 150.072522][ T6531] ? __pfx_blkdev_ioctl+0x10/0x10 [ 150.072578][ T6531] ? __pfx_blkdev_ioctl+0x10/0x10 [ 150.072624][ T6531] __x64_sys_ioctl+0x18b/0x210 [ 150.072677][ T6531] do_syscall_64+0xcd/0x490 [ 150.072730][ T6531] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.072761][ T6531] RIP: 0033:0x7ff72cf8eb69 [ 150.072786][ T6531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.072817][ T6531] RSP: 002b:00007ff72dd46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 150.072847][ T6531] RAX: ffffffffffffffda RBX: 00007ff72d1b5fa0 RCX: 00007ff72cf8eb69 [ 150.072867][ T6531] RDX: 0000200000000140 RSI: 00000000c0481273 RDI: 000000000000000a [ 150.072887][ T6531] RBP: 00007ff72d011df1 R08: 0000000000000000 R09: 0000000000000000 [ 150.072905][ T6531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 150.072924][ T6531] R13: 0000000000000000 R14: 00007ff72d1b5fa0 R15: 00007ffd67e77438 [ 150.072965][ T6531] [ 150.368001][ C0] vkms_vblank_simulate: vblank timer overrun [ 154.311827][ T6572] FAULT_INJECTION: forcing a failure. [ 154.311827][ T6572] name failslab, interval 1, probability 0, space 0, times 0 [ 154.354022][ T6584] random: crng reseeded on system resumption [ 154.487007][ T6572] CPU: 1 UID: 0 PID: 6572 Comm: syz.3.99 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 154.487054][ T6572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 154.487072][ T6572] Call Trace: [ 154.487082][ T6572] [ 154.487094][ T6572] dump_stack_lvl+0x16c/0x1f0 [ 154.487156][ T6572] should_fail_ex+0x512/0x640 [ 154.487189][ T6572] ? fs_reclaim_acquire+0xae/0x150 [ 154.487250][ T6572] ? tomoyo_encode2+0x100/0x3e0 [ 154.487289][ T6572] should_failslab+0xc2/0x120 [ 154.487333][ T6572] __kmalloc_noprof+0xd2/0x510 [ 154.487371][ T6572] ? d_absolute_path+0x136/0x1a0 [ 154.487424][ T6572] tomoyo_encode2+0x100/0x3e0 [ 154.487471][ T6572] tomoyo_encode+0x29/0x50 [ 154.487509][ T6572] tomoyo_realpath_from_path+0x18f/0x6e0 [ 154.487569][ T6572] tomoyo_path_number_perm+0x245/0x580 [ 154.487603][ T6572] ? tomoyo_path_number_perm+0x237/0x580 [ 154.487641][ T6572] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 154.487721][ T6572] ? find_held_lock+0x2b/0x80 [ 154.487754][ T6572] ? hook_file_ioctl_common+0x145/0x410 [ 154.487817][ T6572] ? __fget_files+0x20e/0x3c0 [ 154.487861][ T6572] security_file_ioctl+0x9b/0x240 [ 154.487899][ T6572] __x64_sys_ioctl+0xb7/0x210 [ 154.487955][ T6572] do_syscall_64+0xcd/0x490 [ 154.488011][ T6572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.488045][ T6572] RIP: 0033:0x7f760c18eb69 [ 154.488071][ T6572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.488102][ T6572] RSP: 002b:00007f760d003038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 154.488132][ T6572] RAX: ffffffffffffffda RBX: 00007f760c3b6160 RCX: 00007f760c18eb69 [ 154.488155][ T6572] RDX: 0000000000000000 RSI: 000000000000125f RDI: 0000000000000003 [ 154.488174][ T6572] RBP: 00007f760c211df1 R08: 0000000000000000 R09: 0000000000000000 [ 154.488194][ T6572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 154.488213][ T6572] R13: 0000000000000000 R14: 00007f760c3b6160 R15: 00007fffc6a88b58 [ 154.488267][ T6572] [ 154.488295][ T6572] ERROR: Out of memory at tomoyo_realpath_from_path. [ 161.366415][ T6655] netlink: 28 bytes leftover after parsing attributes in process `syz.0.112'. [ 162.110097][ T6671] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 163.045000][ T6672] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 163.875472][ T6692] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078001dc0 pfn:0x78001 [ 163.885953][ T6692] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 163.904970][ T6692] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 163.945342][ T6692] raw: ffff888078001dc0 0000000000000000 00000001ffffffff 0000000000000000 [ 163.978859][ T6692] page dumped because: unmovable page [ 164.012057][ T6692] page_owner tracks the page as allocated [ 164.039790][ T6692] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2cc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN), pid 6690, tgid 6689 (syz.1.120), ts 163814068293, free_ts 160716772099 [ 164.064729][ T5953] Process accounting resumed [ 164.116802][ T6692] post_alloc_hook+0x1c0/0x230 [ 164.121651][ T6692] get_page_from_freelist+0x132b/0x38e0 [ 164.136765][ T6693] netlink: 4 bytes leftover after parsing attributes in process `syz.2.121'. [ 164.156118][ T6692] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 164.162266][ T6692] alloc_pages_mpol+0x1fb/0x550 [ 164.214235][ T6692] alloc_pages_noprof+0x131/0x390 [ 164.240135][ T6692] __vmalloc_node_range_noprof+0x72f/0x14b0 [ 164.282377][ T6692] __vmalloc_node_noprof+0xad/0xf0 [ 164.325755][ T6692] __snd_dma_alloc_pages+0x50/0x90 [ 164.338067][ T6692] snd_dma_alloc_dir_pages+0x151/0x240 [ 164.347520][ T6692] do_alloc_pages+0x136/0x2d0 [ 164.352393][ T6692] snd_pcm_lib_malloc_pages+0x3df/0x980 [ 164.358592][ T6692] snd_pcm_hw_params+0x1656/0x1ba0 [ 164.363967][ T6692] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 164.372448][ T6692] snd_pcm_oss_change_params_locked+0x1432/0x3a30 [ 164.379454][ T6692] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 164.398148][ T6692] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 164.403383][ T6692] page last free pid 15 tgid 15 stack trace: [ 164.433876][ T6692] __free_frozen_pages+0x7d5/0x10f0 [ 164.440452][ T6692] rcu_core+0x799/0x1530 [ 164.444950][ T6692] handle_softirqs+0x219/0x8e0 [ 164.449834][ T6692] run_ksoftirqd+0x3a/0x60 [ 164.454302][ T6692] smpboot_thread_fn+0x3f7/0xae0 [ 164.459581][ T6692] kthread+0x3c2/0x780 [ 164.463739][ T6692] ret_from_fork+0x5d4/0x6f0 [ 164.468606][ T6692] ret_from_fork_asm+0x1a/0x30 [ 165.018547][ T6707] ======================================================= [ 165.018547][ T6707] WARNING: The mand mount option has been deprecated and [ 165.018547][ T6707] and is ignored by this kernel. Remove the mand [ 165.018547][ T6707] option from the mount to silence this warning. [ 165.018547][ T6707] ======================================================= [ 165.776839][ T6710] random: crng reseeded on system resumption [ 166.182985][ T6714] Invalid ELF header magic: != ELF [ 168.629853][ T30] audit: type=1800 audit(1754121588.570:4): pid=6754 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.129" name="lu_gp_id" dev="configfs" ino=9599 res=0 errno=0 [ 169.814407][ T6774] zswap: compressor not available [ 174.589578][ T6852] netlink: 28 bytes leftover after parsing attributes in process `syz.2.141'. [ 178.819654][ T6905] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 182.293742][ T6953] zswap: compressor not available [ 183.651898][ T6969] kexec: Could not allocate control_code_buffer [ 191.131404][ T7070] ICMPv6: process `syz.0.167' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 192.312334][ T7081] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 196.949266][ T7124] FAULT_INJECTION: forcing a failure. [ 196.949266][ T7124] name failslab, interval 1, probability 0, space 0, times 0 [ 196.963033][ T7124] CPU: 1 UID: 0 PID: 7124 Comm: syz.1.174 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 196.963079][ T7124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 196.963098][ T7124] Call Trace: [ 196.963109][ T7124] [ 196.963122][ T7124] dump_stack_lvl+0x16c/0x1f0 [ 196.963181][ T7124] should_fail_ex+0x512/0x640 [ 196.963214][ T7124] ? __kmalloc_noprof+0xbf/0x510 [ 196.963256][ T7124] ? devlink_fmsg_put_name+0xf0/0x3f0 [ 196.963307][ T7124] should_failslab+0xc2/0x120 [ 196.963351][ T7124] __kmalloc_noprof+0xd2/0x510 [ 196.963401][ T7124] devlink_fmsg_put_name+0xf0/0x3f0 [ 196.963458][ T7124] devlink_fmsg_u8_pair_put+0xff/0x2f0 [ 196.963504][ T7124] ? __pfx_devlink_fmsg_u8_pair_put+0x10/0x10 [ 196.963538][ T7124] ? __kasan_kmalloc+0x20/0xb0 [ 196.963578][ T7124] ? devlink_fmsg_nest_common.part.0+0xcd/0x1e0 [ 196.963639][ T7124] nsim_dev_dummy_fmsg_put+0xf8/0x1e0 [ 196.963694][ T7124] devlink_health_do_dump+0x240/0x620 [ 196.963734][ T7124] devlink_health_report+0x3c9/0x9c0 [ 196.963775][ T7124] ? __pfx_devlink_health_report+0x10/0x10 [ 196.963811][ T7124] ? _copy_from_user+0x59/0xd0 [ 196.963856][ T7124] nsim_dev_health_break_write+0x166/0x210 [ 196.963911][ T7124] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 196.963976][ T7124] full_proxy_write+0x12e/0x1a0 [ 196.964023][ T7124] ? __pfx_full_proxy_write+0x10/0x10 [ 196.964063][ T7124] vfs_write+0x29d/0x1150 [ 196.964106][ T7124] ? __pfx___mutex_lock+0x10/0x10 [ 196.964156][ T7124] ? __pfx_vfs_write+0x10/0x10 [ 196.964203][ T7124] ? __fget_files+0x20e/0x3c0 [ 196.964249][ T7124] ksys_write+0x12a/0x250 [ 196.964285][ T7124] ? __pfx_ksys_write+0x10/0x10 [ 196.964333][ T7124] do_syscall_64+0xcd/0x490 [ 196.964388][ T7124] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.964420][ T7124] RIP: 0033:0x7f0d2a38eb69 [ 196.964445][ T7124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 196.964476][ T7124] RSP: 002b:00007f0d2b17c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 196.964517][ T7124] RAX: ffffffffffffffda RBX: 00007f0d2a5b5fa0 RCX: 00007f0d2a38eb69 [ 196.964538][ T7124] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000007 [ 196.964558][ T7124] RBP: 00007f0d2a411df1 R08: 0000000000000000 R09: 0000000000000000 [ 196.964578][ T7124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 196.964597][ T7124] R13: 0000000000000000 R14: 00007f0d2a5b5fa0 R15: 00007fff7e8e7b28 [ 196.964641][ T7124] [ 197.929745][ T7122] zswap: compressor not available [ 199.839625][ T7153] kexec: Could not allocate control_code_buffer [ 202.151794][ T7192] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 202.211716][ T7189] syz.3.183 (7189) used greatest stack depth: 19752 bytes left [ 202.237402][ T7192] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 202.325908][ T7192] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 202.495485][ T7192] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 202.572978][ T7192] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 202.642480][ T7192] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 202.787910][ T7192] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 202.828820][ T7192] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 202.957114][ T7192] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 203.282842][ T7192] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 203.295971][ T7192] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 203.405056][ T5865] Bluetooth: hci0: command 0x0c1a tx timeout [ 203.442343][ T7192] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 203.738802][ T7206] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 204.524938][ T5865] Bluetooth: hci1: command 0x0c1a tx timeout [ 204.689642][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.696213][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 204.854889][ T5865] Bluetooth: hci2: command 0x0c1a tx timeout [ 205.324978][ T5865] Bluetooth: hci3: command 0x0c1a tx timeout [ 205.485003][ T5865] Bluetooth: hci0: command 0x0c1a tx timeout [ 206.604948][ T5865] Bluetooth: hci1: command 0x0c1a tx timeout [ 206.927963][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 207.405000][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 207.566141][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 208.684868][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 208.844086][ T30] audit: type=1800 audit(1754121628.790:5): pid=7302 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=11261 res=0 errno=0 [ 209.024868][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 209.485381][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 211.202903][ T7332] FAULT_INJECTION: forcing a failure. [ 211.202903][ T7332] name failslab, interval 1, probability 0, space 0, times 0 [ 211.218713][ T7332] CPU: 0 UID: 0 PID: 7332 Comm: syz.2.197 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 211.218759][ T7332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 211.218779][ T7332] Call Trace: [ 211.218790][ T7332] [ 211.218804][ T7332] dump_stack_lvl+0x16c/0x1f0 [ 211.218862][ T7332] should_fail_ex+0x512/0x640 [ 211.218894][ T7332] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 211.218927][ T7332] should_failslab+0xc2/0x120 [ 211.218965][ T7332] __kmalloc_cache_noprof+0x6a/0x3e0 [ 211.218993][ T7332] ? devlink_fmsg_u8_pair_put+0x225/0x2f0 [ 211.219019][ T7332] ? devlink_fmsg_nest_common.part.0+0x48/0x1e0 [ 211.219069][ T7332] devlink_fmsg_nest_common.part.0+0x48/0x1e0 [ 211.219117][ T7332] devlink_fmsg_obj_nest_end+0xa2/0xc0 [ 211.219163][ T7332] nsim_dev_dummy_fmsg_put+0x100/0x1e0 [ 211.219211][ T7332] devlink_health_do_dump+0x240/0x620 [ 211.219244][ T7332] devlink_health_report+0x3c9/0x9c0 [ 211.219277][ T7332] ? __pfx_devlink_health_report+0x10/0x10 [ 211.219307][ T7332] ? _copy_from_user+0x59/0xd0 [ 211.219343][ T7332] nsim_dev_health_break_write+0x166/0x210 [ 211.219388][ T7332] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 211.219444][ T7332] full_proxy_write+0x12e/0x1a0 [ 211.219484][ T7332] ? __pfx_full_proxy_write+0x10/0x10 [ 211.219520][ T7332] vfs_write+0x29d/0x1150 [ 211.219565][ T7332] ? __pfx___mutex_lock+0x10/0x10 [ 211.219610][ T7332] ? __pfx_vfs_write+0x10/0x10 [ 211.219651][ T7332] ? __fget_files+0x20e/0x3c0 [ 211.219691][ T7332] ksys_write+0x12a/0x250 [ 211.219722][ T7332] ? __pfx_ksys_write+0x10/0x10 [ 211.219764][ T7332] do_syscall_64+0xcd/0x490 [ 211.219811][ T7332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.219838][ T7332] RIP: 0033:0x7f3f83b8eb69 [ 211.219860][ T7332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 211.219886][ T7332] RSP: 002b:00007f3f84acc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 211.219913][ T7332] RAX: ffffffffffffffda RBX: 00007f3f83db5fa0 RCX: 00007f3f83b8eb69 [ 211.219931][ T7332] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000007 [ 211.219946][ T7332] RBP: 00007f3f83c11df1 R08: 0000000000000000 R09: 0000000000000000 [ 211.219963][ T7332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 211.219978][ T7332] R13: 0000000000000000 R14: 00007f3f83db5fa0 R15: 00007fffcd2a6de8 [ 211.220012][ T7332] [ 219.527771][ T7471] random: crng reseeded on system resumption [ 223.903790][ T7507] FAULT_INJECTION: forcing a failure. [ 223.903790][ T7507] name failslab, interval 1, probability 0, space 0, times 0 [ 223.917846][ T7507] CPU: 1 UID: 0 PID: 7507 Comm: syz.3.218 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 223.917892][ T7507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 223.917910][ T7507] Call Trace: [ 223.917921][ T7507] [ 223.917933][ T7507] dump_stack_lvl+0x16c/0x1f0 [ 223.917992][ T7507] should_fail_ex+0x512/0x640 [ 223.918024][ T7507] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 223.918062][ T7507] should_failslab+0xc2/0x120 [ 223.918104][ T7507] __kmalloc_cache_noprof+0x6a/0x3e0 [ 223.918139][ T7507] ? devlink_fmsg_nest_common.part.0+0x48/0x1e0 [ 223.918200][ T7507] devlink_fmsg_nest_common.part.0+0x48/0x1e0 [ 223.918258][ T7507] devlink_fmsg_pair_nest_end+0xa2/0xc0 [ 223.918313][ T7507] nsim_dev_dummy_fmsg_put+0x108/0x1e0 [ 223.918369][ T7507] devlink_health_do_dump+0x240/0x620 [ 223.918410][ T7507] devlink_health_report+0x3c9/0x9c0 [ 223.918457][ T7507] ? __pfx_devlink_health_report+0x10/0x10 [ 223.918494][ T7507] ? _copy_from_user+0x59/0xd0 [ 223.918539][ T7507] nsim_dev_health_break_write+0x166/0x210 [ 223.918596][ T7507] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 223.918665][ T7507] full_proxy_write+0x12e/0x1a0 [ 223.918713][ T7507] ? __pfx_full_proxy_write+0x10/0x10 [ 223.918756][ T7507] vfs_write+0x29d/0x1150 [ 223.918800][ T7507] ? __pfx___mutex_lock+0x10/0x10 [ 223.918852][ T7507] ? __pfx_vfs_write+0x10/0x10 [ 223.918900][ T7507] ? __fget_files+0x20e/0x3c0 [ 223.918948][ T7507] ksys_write+0x12a/0x250 [ 223.918983][ T7507] ? __pfx_ksys_write+0x10/0x10 [ 223.919030][ T7507] do_syscall_64+0xcd/0x490 [ 223.919083][ T7507] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.919115][ T7507] RIP: 0033:0x7f760c18eb69 [ 223.919140][ T7507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 223.919200][ T7507] RSP: 002b:00007f760d045038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 223.919231][ T7507] RAX: ffffffffffffffda RBX: 00007f760c3b5fa0 RCX: 00007f760c18eb69 [ 223.919253][ T7507] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000007 [ 223.919272][ T7507] RBP: 00007f760c211df1 R08: 0000000000000000 R09: 0000000000000000 [ 223.919292][ T7507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 223.919311][ T7507] R13: 0000000000000000 R14: 00007f760c3b5fa0 R15: 00007fffc6a88b58 [ 223.919354][ T7507] [ 224.708872][ T7527] random: crng reseeded on system resumption [ 230.016279][ T7597] FAULT_INJECTION: forcing a failure. [ 230.016279][ T7597] name failslab, interval 1, probability 0, space 0, times 0 [ 230.066788][ T7597] CPU: 0 UID: 0 PID: 7597 Comm: syz.0.232 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 230.066838][ T7597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 230.066857][ T7597] Call Trace: [ 230.066869][ T7597] [ 230.066882][ T7597] dump_stack_lvl+0x16c/0x1f0 [ 230.066940][ T7597] should_fail_ex+0x512/0x640 [ 230.066973][ T7597] ? __kmalloc_noprof+0xbf/0x510 [ 230.067015][ T7597] ? devlink_fmsg_put_name+0xf0/0x3f0 [ 230.067066][ T7597] should_failslab+0xc2/0x120 [ 230.067113][ T7597] __kmalloc_noprof+0xd2/0x510 [ 230.067164][ T7597] devlink_fmsg_put_name+0xf0/0x3f0 [ 230.067222][ T7597] devlink_fmsg_arr_pair_nest_start+0xad/0x130 [ 230.067290][ T7597] nsim_dev_dummy_fmsg_put+0x11f/0x1e0 [ 230.067348][ T7597] devlink_health_do_dump+0x240/0x620 [ 230.067389][ T7597] devlink_health_report+0x3c9/0x9c0 [ 230.067431][ T7597] ? __pfx_devlink_health_report+0x10/0x10 [ 230.067467][ T7597] ? _copy_from_user+0x59/0xd0 [ 230.067511][ T7597] nsim_dev_health_break_write+0x166/0x210 [ 230.067567][ T7597] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 230.067638][ T7597] full_proxy_write+0x12e/0x1a0 [ 230.067698][ T7597] ? __pfx_full_proxy_write+0x10/0x10 [ 230.067743][ T7597] vfs_write+0x29d/0x1150 [ 230.067784][ T7597] ? __pfx___mutex_lock+0x10/0x10 [ 230.067822][ T7597] ? __pfx_vfs_write+0x10/0x10 [ 230.067857][ T7597] ? __fget_files+0x20e/0x3c0 [ 230.067891][ T7597] ksys_write+0x12a/0x250 [ 230.067918][ T7597] ? __pfx_ksys_write+0x10/0x10 [ 230.067954][ T7597] do_syscall_64+0xcd/0x490 [ 230.067993][ T7597] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.068017][ T7597] RIP: 0033:0x7ff72cf8eb69 [ 230.068036][ T7597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 230.068058][ T7597] RSP: 002b:00007ff72dd46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 230.068080][ T7597] RAX: ffffffffffffffda RBX: 00007ff72d1b5fa0 RCX: 00007ff72cf8eb69 [ 230.068095][ T7597] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000007 [ 230.068108][ T7597] RBP: 00007ff72d011df1 R08: 0000000000000000 R09: 0000000000000000 [ 230.068122][ T7597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 230.068135][ T7597] R13: 0000000000000000 R14: 00007ff72d1b5fa0 R15: 00007ffd67e77438 [ 230.068165][ T7597] [ 232.362373][ T7643] random: crng reseeded on system resumption [ 238.246080][ T7712] random: crng reseeded on system resumption syzkaller syzkaller login: [ 248.071215][ T7847] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(1) [ 249.948673][ T7888] FAULT_INJECTION: forcing a failure. [ 249.948673][ T7888] name failslab, interval 1, probability 0, space 0, times 0 [ 249.974949][ T7888] CPU: 0 UID: 0 PID: 7888 Comm: syz.2.278 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 249.974985][ T7888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 249.974999][ T7888] Call Trace: [ 249.975007][ T7888] [ 249.975015][ T7888] dump_stack_lvl+0x16c/0x1f0 [ 249.975058][ T7888] should_fail_ex+0x512/0x640 [ 249.975082][ T7888] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 249.975109][ T7888] should_failslab+0xc2/0x120 [ 249.975142][ T7888] __kmalloc_cache_noprof+0x6a/0x3e0 [ 249.975166][ T7888] ? devlink_fmsg_u8_pair_put+0x225/0x2f0 [ 249.975190][ T7888] ? devlink_fmsg_nest_common.part.0+0x48/0x1e0 [ 249.975233][ T7888] devlink_fmsg_nest_common.part.0+0x48/0x1e0 [ 249.975287][ T7888] devlink_fmsg_obj_nest_end+0xa2/0xc0 [ 249.975342][ T7888] nsim_dev_dummy_fmsg_put+0x100/0x1e0 [ 249.975395][ T7888] devlink_health_do_dump+0x240/0x620 [ 249.975435][ T7888] devlink_health_report+0x3c9/0x9c0 [ 249.975474][ T7888] ? __pfx_devlink_health_report+0x10/0x10 [ 249.975509][ T7888] ? _copy_from_user+0x59/0xd0 [ 249.975553][ T7888] nsim_dev_health_break_write+0x166/0x210 [ 249.975608][ T7888] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 249.975674][ T7888] full_proxy_write+0x12e/0x1a0 [ 249.975721][ T7888] ? __pfx_full_proxy_write+0x10/0x10 [ 249.975764][ T7888] vfs_write+0x29d/0x1150 [ 249.975808][ T7888] ? __pfx___mutex_lock+0x10/0x10 [ 249.975860][ T7888] ? __pfx_vfs_write+0x10/0x10 [ 249.975909][ T7888] ? __fget_files+0x20e/0x3c0 [ 249.975972][ T7888] ksys_write+0x12a/0x250 [ 249.976011][ T7888] ? __pfx_ksys_write+0x10/0x10 [ 249.976064][ T7888] do_syscall_64+0xcd/0x490 [ 249.976115][ T7888] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.976148][ T7888] RIP: 0033:0x7f3f83b8eb69 [ 249.976174][ T7888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 249.976205][ T7888] RSP: 002b:00007f3f84acc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 249.976233][ T7888] RAX: ffffffffffffffda RBX: 00007f3f83db5fa0 RCX: 00007f3f83b8eb69 [ 249.976253][ T7888] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000007 [ 249.976271][ T7888] RBP: 00007f3f83c11df1 R08: 0000000000000000 R09: 0000000000000000 [ 249.976290][ T7888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 249.976308][ T7888] R13: 0000000000000000 R14: 00007f3f83db5fa0 R15: 00007fffcd2a6de8 [ 249.976350][ T7888] [ 252.970460][ T7945] random: crng reseeded on system resumption [ 265.624094][ T983] Process accounting resumed [ 266.128735][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.135180][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 280.740874][ T8353] random: crng reseeded on system resumption [ 285.862106][ T8423] random: crng reseeded on system resumption [ 289.172905][ T8470] random: crng reseeded on system resumption [ 296.849094][ T5856] Process accounting resumed [ 304.131420][ T8706] random: crng reseeded on system resumption [ 309.663585][ T983] Process accounting resumed [ 310.964106][ T8823] random: crng reseeded on system resumption [ 323.334076][ T983] Process accounting resumed [ 325.299506][ T983] Process accounting resumed [ 325.932505][ T9044] random: crng reseeded on system resumption [ 327.572631][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 327.579781][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 329.090423][ T1214] Process accounting resumed [ 329.707854][ T5870] Process accounting resumed [ 335.645781][ T1214] Process accounting resumed [ 336.911502][ T24] Process accounting resumed [ 338.956222][ T9266] syz.0.438 uses obsolete (PF_INET,SOCK_PACKET) [ 339.086073][ T9271] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 340.249151][ T51] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 340.683534][ T9274] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 346.163789][ T9358] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 348.122523][ T10] Process accounting resumed [ 348.927031][ T10] Process accounting resumed [ 349.578245][ T9] Process accounting resumed [ 351.332071][ T9421] ICMPv6: process `syz.3.460' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 356.222804][ T9475] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 356.234171][ T24] Process accounting resumed [ 356.382841][ T9495] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 357.615978][ T9496] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 357.848489][ T9513] random: crng reseeded on system resumption [ 362.556545][ T9] Process accounting resumed [ 363.483492][ T5856] Process accounting resumed [ 364.116502][ T9595] FAULT_INJECTION: forcing a failure. [ 364.116502][ T9595] name failslab, interval 1, probability 0, space 0, times 0 [ 364.150244][ T9595] CPU: 0 UID: 0 PID: 9595 Comm: syz.2.483 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 364.150290][ T9595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 364.150320][ T9595] Call Trace: [ 364.150338][ T9595] [ 364.150350][ T9595] dump_stack_lvl+0x16c/0x1f0 [ 364.150406][ T9595] should_fail_ex+0x512/0x640 [ 364.150438][ T9595] ? __kmalloc_noprof+0xbf/0x510 [ 364.150479][ T9595] ? __register_sysctl_table+0xea2/0x1900 [ 364.150528][ T9595] should_failslab+0xc2/0x120 [ 364.150572][ T9595] __kmalloc_noprof+0xd2/0x510 [ 364.150608][ T9595] ? __register_sysctl_table+0xe8e/0x1900 [ 364.150667][ T9595] __register_sysctl_table+0xea2/0x1900 [ 364.150725][ T9595] ? __pfx___register_sysctl_table+0x10/0x10 [ 364.150773][ T9595] ? is_module_address+0x69/0xf0 [ 364.150820][ T9595] ? register_net_sysctl_sz+0x228/0x3e0 [ 364.150863][ T9595] brnf_init_net+0x289/0x450 [ 364.150922][ T9595] ? __pfx_brnf_init_net+0x10/0x10 [ 364.150972][ T9595] ops_init+0x1e2/0x5f0 [ 364.151029][ T9595] setup_net+0x10f/0x380 [ 364.151056][ T9595] ? lockdep_init_map_type+0x5c/0x280 [ 364.151103][ T9595] ? __pfx_setup_net+0x10/0x10 [ 364.151136][ T9595] ? debug_mutex_init+0x37/0x70 [ 364.151173][ T9595] copy_net_ns+0x2a6/0x5f0 [ 364.151210][ T9595] create_new_namespaces+0x3ea/0xa90 [ 364.151263][ T9595] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 364.151305][ T9595] ksys_unshare+0x45b/0xa40 [ 364.151361][ T9595] ? __pfx_ksys_unshare+0x10/0x10 [ 364.151409][ T9595] ? xfd_validate_state+0x61/0x180 [ 364.151471][ T9595] __x64_sys_unshare+0x31/0x40 [ 364.151516][ T9595] do_syscall_64+0xcd/0x490 [ 364.151571][ T9595] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 364.151604][ T9595] RIP: 0033:0x7f3f83b8eb69 [ 364.151630][ T9595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 364.151662][ T9595] RSP: 002b:00007f3f84acc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 364.151693][ T9595] RAX: ffffffffffffffda RBX: 00007f3f83db5fa0 RCX: 00007f3f83b8eb69 [ 364.151714][ T9595] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 364.151734][ T9595] RBP: 00007f3f83c11df1 R08: 0000000000000000 R09: 0000000000000000 [ 364.151754][ T9595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 364.151772][ T9595] R13: 0000000000000000 R14: 00007f3f83db5fa0 R15: 00007fffcd2a6de8 [ 364.151816][ T9595] [ 364.256678][ T9595] sysctl could not get directory: /net/bridge -12 [ 365.127106][ T9600] __vm_enough_memory: pid: 9600, comm: syz.1.484, bytes: 4398046511104 not enough memory for the allocation [ 365.633902][ T9611] netlink: 4 bytes leftover after parsing attributes in process `syz.2.487'. [ 365.668442][ T9611] netlink: 354 bytes leftover after parsing attributes in process `syz.2.487'. [ 367.473841][ T9641] random: crng reseeded on system resumption [ 374.050474][ T10] Process accounting resumed [ 374.421100][ T9744] random: crng reseeded on system resumption [ 377.326686][ T51] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 381.280569][ T9778] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 384.495671][ T9857] usbip-vudc usbip-vudc.0: gadget not bound [ 385.071080][ T9861] ICMPv6: process `syz.2.519' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 389.052517][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 389.069315][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 390.783085][ T5865] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 391.789365][ T9958] ICMPv6: process `syz.2.525' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 391.878508][ T9953] netlink: set zone limit has 8 unknown bytes [ 395.515186][T10021] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 396.966325][T10022] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 397.478123][T10031] usbip-vudc usbip-vudc.0: gadget not bound [ 397.979719][T10041] usbip-vudc usbip-vudc.0: gadget not bound [ 398.376950][ T51] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 400.532288][T10082] random: crng reseeded on system resumption [ 401.826851][T10086] FAULT_INJECTION: forcing a failure. [ 401.826851][T10086] name failslab, interval 1, probability 0, space 0, times 0 [ 401.869723][T10086] CPU: 0 UID: 0 PID: 10086 Comm: syz.0.542 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 401.869769][T10086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 401.869790][T10086] Call Trace: [ 401.869800][T10086] [ 401.869813][T10086] dump_stack_lvl+0x16c/0x1f0 [ 401.869883][T10086] should_fail_ex+0x512/0x640 [ 401.869917][T10086] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 401.869967][T10086] should_failslab+0xc2/0x120 [ 401.870013][T10086] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 401.870060][T10086] ? brnf_init_net+0x42/0x450 [ 401.870116][T10086] ? __pfx_brnf_init_net+0x10/0x10 [ 401.870169][T10086] kmemdup_noprof+0x29/0x60 [ 401.870211][T10086] brnf_init_net+0x42/0x450 [ 401.870269][T10086] ? __pfx_brnf_init_net+0x10/0x10 [ 401.870322][T10086] ops_init+0x1e2/0x5f0 [ 401.870381][T10086] setup_net+0x10f/0x380 [ 401.870409][T10086] ? lockdep_init_map_type+0x5c/0x280 [ 401.870456][T10086] ? __pfx_setup_net+0x10/0x10 [ 401.870488][T10086] ? debug_mutex_init+0x37/0x70 [ 401.870527][T10086] copy_net_ns+0x2a6/0x5f0 [ 401.870566][T10086] create_new_namespaces+0x3ea/0xa90 [ 401.870616][T10086] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 401.870660][T10086] ksys_unshare+0x45b/0xa40 [ 401.870709][T10086] ? __pfx_ksys_unshare+0x10/0x10 [ 401.870758][T10086] ? xfd_validate_state+0x61/0x180 [ 401.870821][T10086] __x64_sys_unshare+0x31/0x40 [ 401.870881][T10086] do_syscall_64+0xcd/0x490 [ 401.870939][T10086] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 401.870974][T10086] RIP: 0033:0x7ff72cf8eb69 [ 401.871002][T10086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 401.871034][T10086] RSP: 002b:00007ff72dd46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 401.871065][T10086] RAX: ffffffffffffffda RBX: 00007ff72d1b5fa0 RCX: 00007ff72cf8eb69 [ 401.871087][T10086] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 401.871107][T10086] RBP: 00007ff72d011df1 R08: 0000000000000000 R09: 0000000000000000 [ 401.871127][T10086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 401.871146][T10086] R13: 0000000000000000 R14: 00007ff72d1b5fa0 R15: 00007ffd67e77438 [ 401.871189][T10086] [ 402.242156][T10092] random: crng reseeded on system resumption [ 402.335246][ T5870] Process accounting resumed [ 403.429318][T10107] usbip-vudc usbip-vudc.0: gadget not bound [ 404.345805][T10115] random: crng reseeded on system resumption [ 404.422655][T10123] netlink: 28 bytes leftover after parsing attributes in process `syz.1.553'. [ 404.437121][T10123] bridge0: port 2(bridge_slave_1) entered disabled state [ 404.739147][T10123] bridge_slave_1 (unregistering): left allmulticast mode [ 404.800212][T10123] bridge_slave_1 (unregistering): left promiscuous mode [ 404.888182][T10123] bridge0: port 2(bridge_slave_1) entered disabled state [ 405.026750][T10131] ICMPv6: process `syz.0.556' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 409.762905][T10153] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 413.352711][T10236] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 413.377036][T10220] random: crng reseeded on system resumption [ 413.867388][T10219] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 413.877776][T10219] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 413.903965][T10238] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 414.680930][T10252] FAULT_INJECTION: forcing a failure. [ 414.680930][T10252] name failslab, interval 1, probability 0, space 0, times 0 [ 414.694235][T10252] CPU: 1 UID: 0 PID: 10252 Comm: syz.3.574 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 414.694282][T10252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 414.694303][T10252] Call Trace: [ 414.694313][T10252] [ 414.694325][T10252] dump_stack_lvl+0x16c/0x1f0 [ 414.694383][T10252] should_fail_ex+0x512/0x640 [ 414.694417][T10252] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 414.694463][T10252] should_failslab+0xc2/0x120 [ 414.694508][T10252] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 414.694546][T10252] ? __proc_create+0xc3/0x8e0 [ 414.694593][T10252] ? __proc_create+0x2ce/0x8e0 [ 414.694650][T10252] __proc_create+0x2ce/0x8e0 [ 414.694699][T10252] ? __pfx___proc_create+0x10/0x10 [ 414.694753][T10252] ? _raw_write_unlock+0x28/0x50 [ 414.694808][T10252] ? proc_register+0x314/0x5f0 [ 414.694860][T10252] proc_create_reg+0x7d/0x180 [ 414.694912][T10252] ? __pfx_can_rcvlist_proc_show+0x10/0x10 [ 414.694964][T10252] proc_create_net_single+0x86/0x180 [ 414.695016][T10252] ? __pfx_proc_create_net_single+0x10/0x10 [ 414.695082][T10252] can_init_proc+0x2b3/0x4d0 [ 414.695131][T10252] can_pernet_init+0x1e4/0x370 [ 414.695178][T10252] ? __pfx_can_pernet_init+0x10/0x10 [ 414.695222][T10252] ops_init+0x1e2/0x5f0 [ 414.695270][T10252] setup_net+0x10f/0x380 [ 414.695291][T10252] ? lockdep_init_map_type+0x5c/0x280 [ 414.695331][T10252] ? __pfx_setup_net+0x10/0x10 [ 414.695358][T10252] ? debug_mutex_init+0x37/0x70 [ 414.695389][T10252] copy_net_ns+0x2a6/0x5f0 [ 414.695420][T10252] create_new_namespaces+0x3ea/0xa90 [ 414.695460][T10252] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 414.695495][T10252] ksys_unshare+0x45b/0xa40 [ 414.695533][T10252] ? __pfx_ksys_unshare+0x10/0x10 [ 414.695572][T10252] ? xfd_validate_state+0x61/0x180 [ 414.695623][T10252] __x64_sys_unshare+0x31/0x40 [ 414.695660][T10252] do_syscall_64+0xcd/0x490 [ 414.695705][T10252] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 414.695733][T10252] RIP: 0033:0x7f760c18eb69 [ 414.695755][T10252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 414.695804][T10252] RSP: 002b:00007f760d045038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 414.695831][T10252] RAX: ffffffffffffffda RBX: 00007f760c3b5fa0 RCX: 00007f760c18eb69 [ 414.695849][T10252] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 414.695866][T10252] RBP: 00007f760c211df1 R08: 0000000000000000 R09: 0000000000000000 [ 414.695883][T10252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 414.695899][T10252] R13: 0000000000000000 R14: 00007f760c3b5fa0 R15: 00007fffc6a88b58 [ 414.695933][T10252] [ 416.860603][ T1214] Process accounting resumed [ 418.161026][ T1214] Process accounting resumed [ 419.237020][T10294] random: crng reseeded on system resumption [ 419.308714][T10294] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 419.321828][T10294] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 422.790134][T10308] kexec: Could not allocate control_code_buffer [ 424.496151][ T5953] Process accounting resumed [ 424.568544][T10367] netlink: 28 bytes leftover after parsing attributes in process `syz.0.596'. [ 424.651601][T10367] bridge0: port 2(bridge_slave_1) entered disabled state [ 425.004004][T10367] bridge_slave_1 (unregistering): left allmulticast mode [ 425.053629][T10367] bridge_slave_1 (unregistering): left promiscuous mode [ 425.127701][T10367] bridge0: port 2(bridge_slave_1) entered disabled state [ 425.241701][T10375] netlink: 28 bytes leftover after parsing attributes in process `syz.2.599'. [ 425.365989][ T5953] Process accounting resumed [ 425.674435][T10375] team0: Port device team_slave_1 removed [ 426.066291][ T9] Process accounting resumed [ 428.147615][T10409] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 428.175863][T10411] random: crng reseeded on system resumption [ 430.063234][T10403] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 431.437319][T10433] random: crng reseeded on system resumption [ 431.938106][T10431] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 432.093436][T10431] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 432.619371][T10459] usbip-vudc usbip-vudc.0: gadget not bound [ 432.877145][T10465] netlink: 28 bytes leftover after parsing attributes in process `syz.1.618'. [ 433.269151][T10465] team0: Port device team_slave_1 removed [ 434.166088][T10482] device-mapper: ioctl: Invalid ioctl structure: uuid ±, name , dev 5 [ 434.180855][T10482] netlink: 146 bytes leftover after parsing attributes in process `syz.0.621'. [ 434.363345][T10484] random: crng reseeded on system resumption [ 437.508419][ T30] audit: type=1800 audit(1754121857.410:6): pid=10516 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.627" name="features" dev="configfs" ino=21176 res=0 errno=0 [ 438.405256][T10515] random: crng reseeded on system resumption [ 438.780332][T10518] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 438.856208][T10518] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 440.467593][T10554] netlink: 28 bytes leftover after parsing attributes in process `syz.3.632'. [ 441.329222][T10554] team0: Port device team_slave_1 removed [ 442.130796][T10561] kexec: Could not allocate control_code_buffer [ 442.421725][T10567] random: crng reseeded on system resumption [ 442.516959][T10572] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 446.772085][T10600] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 450.050805][T10676] capability: warning: `syz.0.646' uses 32-bit capabilities (legacy support in use) [ 450.455495][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 450.461875][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 453.819183][T10717] random: crng reseeded on system resumption [ 458.116285][ T9] Process accounting resumed [ 459.748488][T10784] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 460.199422][ T5856] Process accounting resumed [ 461.935720][T10807] device-mapper: ioctl: Invalid ioctl structure: uuid ±, name , dev 5 [ 461.978524][T10807] netlink: 146 bytes leftover after parsing attributes in process `syz.2.668'. [ 462.545994][T10816] usbip-vudc usbip-vudc.0: gadget not bound [ 466.811771][ T5856] Process accounting resumed [ 466.941948][T10863] usbip-vudc usbip-vudc.0: gadget not bound [ 467.217330][T10843] random: crng reseeded on system resumption [ 467.316010][T10843] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 467.352418][T10843] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 472.318922][ T10] Process accounting resumed [ 473.307126][T10943] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 473.539858][ T5953] Process accounting resumed [ 474.817975][T10964] device-mapper: ioctl: Invalid ioctl structure: uuid ±, name , dev 5 [ 474.840320][T10964] netlink: 146 bytes leftover after parsing attributes in process `syz.1.692'. [ 475.409320][ T10] Process accounting resumed [ 475.934710][ T30] audit: type=1800 audit(1754121895.880:7): pid=10979 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.696" name="features" dev="configfs" ino=22051 res=0 errno=0 [ 476.898257][T10987] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 477.440871][ T5870] Process accounting resumed [ 478.478871][T11008] usbip-vudc usbip-vudc.0: gadget not bound [ 479.218785][ T5870] Process accounting resumed [ 481.586649][T11039] device-mapper: ioctl: Invalid ioctl structure: uuid ±, name , dev 5 [ 481.678791][T11039] netlink: 146 bytes leftover after parsing attributes in process `syz.3.705'. [ 482.000639][ T10] Process accounting resumed [ 489.954538][ T9] Process accounting resumed [ 491.657697][T11178] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 492.861257][T11180] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 494.066882][T11205] usbip-vudc usbip-vudc.0: gadget not bound [ 496.248662][T11234] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 496.661323][ T5870] Process accounting resumed [ 497.585859][T11247] FAULT_INJECTION: forcing a failure. [ 497.585859][T11247] name failslab, interval 1, probability 0, space 0, times 0 [ 497.605175][T11247] CPU: 0 UID: 0 PID: 11247 Comm: syz.1.739 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 497.605221][T11247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 497.605240][T11247] Call Trace: [ 497.605250][T11247] [ 497.605263][T11247] dump_stack_lvl+0x16c/0x1f0 [ 497.605323][T11247] should_fail_ex+0x512/0x640 [ 497.605355][T11247] ? __kmalloc_noprof+0xbf/0x510 [ 497.605397][T11247] ? devlink_fmsg_put_value+0xaa/0x2d0 [ 497.605449][T11247] should_failslab+0xc2/0x120 [ 497.605493][T11247] __kmalloc_noprof+0xd2/0x510 [ 497.605544][T11247] devlink_fmsg_put_value+0xaa/0x2d0 [ 497.605601][T11247] devlink_fmsg_u32_put+0xef/0x150 [ 497.605653][T11247] ? __pfx_devlink_fmsg_u32_put+0x10/0x10 [ 497.605719][T11247] ? devlink_fmsg_arr_pair_nest_start+0xec/0x130 [ 497.605772][T11247] nsim_dev_dummy_fmsg_put+0x131/0x1e0 [ 497.605823][T11247] devlink_health_do_dump+0x240/0x620 [ 497.605859][T11247] devlink_health_report+0x3c9/0x9c0 [ 497.605895][T11247] ? __pfx_devlink_health_report+0x10/0x10 [ 497.605930][T11247] ? _copy_from_user+0x59/0xd0 [ 497.605968][T11247] nsim_dev_health_break_write+0x166/0x210 [ 497.606019][T11247] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 497.606082][T11247] full_proxy_write+0x12e/0x1a0 [ 497.606130][T11247] ? __pfx_full_proxy_write+0x10/0x10 [ 497.606173][T11247] vfs_write+0x29d/0x1150 [ 497.606216][T11247] ? __pfx___mutex_lock+0x10/0x10 [ 497.606270][T11247] ? __pfx_vfs_write+0x10/0x10 [ 497.606321][T11247] ? __fget_files+0x20e/0x3c0 [ 497.606365][T11247] ksys_write+0x12a/0x250 [ 497.606402][T11247] ? __pfx_ksys_write+0x10/0x10 [ 497.606453][T11247] do_syscall_64+0xcd/0x490 [ 497.606508][T11247] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 497.606542][T11247] RIP: 0033:0x7f0d2a38eb69 [ 497.606561][T11247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 497.606584][T11247] RSP: 002b:00007f0d2b17c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 497.606607][T11247] RAX: ffffffffffffffda RBX: 00007f0d2a5b5fa0 RCX: 00007f0d2a38eb69 [ 497.606623][T11247] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000008 [ 497.606636][T11247] RBP: 00007f0d2a411df1 R08: 0000000000000000 R09: 0000000000000000 [ 497.606651][T11247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 497.606676][T11247] R13: 0000000000000000 R14: 00007f0d2a5b5fa0 R15: 00007fff7e8e7b28 [ 497.606705][T11247] [ 498.172726][T11238] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 498.678936][T11256] : Can't lookup blockdev [ 499.376101][T11265] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 500.058644][T11265] svc: failed to register nfsdv3 RPC service (errno 111). [ 500.129444][T11265] svc: failed to register nfsaclv3 RPC service (errno 111). [ 501.200004][T11290] random: crng reseeded on system resumption [ 503.811467][T11332] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 504.658571][ T5856] Process accounting resumed [ 507.839468][T11375] usbip-vudc usbip-vudc.0: gadget not bound [ 508.161861][T11385] netlink: 'syz.1.766': attribute type 1 has an invalid length. [ 508.249705][T11388] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 508.311513][T11391] netlink: zone id is out of range [ 508.349093][T11391] netlink: zone id is out of range [ 508.388169][T11391] netlink: zone id is out of range [ 508.393339][T11391] netlink: zone id is out of range [ 508.411730][T11391] netlink: zone id is out of range [ 508.423277][T11391] netlink: zone id is out of range [ 508.429456][T11391] netlink: zone id is out of range [ 508.448305][T11391] netlink: zone id is out of range [ 508.453487][T11391] netlink: zone id is out of range [ 508.589637][T11391] netlink: zone id is out of range [ 511.774949][T11442] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 511.889630][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 511.896741][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 512.457502][T11441] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 512.464884][T11441] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 512.502647][T11441] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 512.522802][T11441] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 512.552719][T11441] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 512.561861][T11441] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 512.632134][ T5865] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 512.657446][ T5865] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 512.665902][ T5865] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 512.676962][ T5865] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 512.685540][ T5865] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 512.874578][T11466] FAULT_INJECTION: forcing a failure. [ 512.874578][T11466] name failslab, interval 1, probability 0, space 0, times 0 [ 512.917401][T11466] CPU: 1 UID: 0 PID: 11466 Comm: syz.0.778 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 512.917449][T11466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 512.917468][T11466] Call Trace: [ 512.917479][T11466] [ 512.917491][T11466] dump_stack_lvl+0x16c/0x1f0 [ 512.917546][T11466] should_fail_ex+0x512/0x640 [ 512.917576][T11466] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 512.917609][T11466] should_failslab+0xc2/0x120 [ 512.917640][T11466] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 512.917669][T11466] ? sk_prot_alloc+0x60/0x2a0 [ 512.917697][T11466] sk_prot_alloc+0x60/0x2a0 [ 512.917724][T11466] sk_alloc+0x36/0xc20 [ 512.917758][T11466] __vsock_create.constprop.0+0x3c/0xbb0 [ 512.917791][T11466] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 512.917829][T11466] vsock_create+0x139/0x500 [ 512.917866][T11466] __sock_create+0x335/0x8d0 [ 512.917899][T11466] __sys_socket+0x14d/0x260 [ 512.917927][T11466] ? __pfx___sys_socket+0x10/0x10 [ 512.917955][T11466] ? xfd_validate_state+0x61/0x180 [ 512.917989][T11466] ? __task_pid_nr_ns+0x17c/0x500 [ 512.918028][T11466] __x64_sys_socket+0x72/0xb0 [ 512.918055][T11466] ? lockdep_hardirqs_on+0x7c/0x110 [ 512.918090][T11466] do_syscall_64+0xcd/0x490 [ 512.918129][T11466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 512.918153][T11466] RIP: 0033:0x7ff72cf8eb69 [ 512.918171][T11466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 512.918193][T11466] RSP: 002b:00007ff72dd46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 512.918215][T11466] RAX: ffffffffffffffda RBX: 00007ff72d1b5fa0 RCX: 00007ff72cf8eb69 [ 512.918230][T11466] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000028 [ 512.918243][T11466] RBP: 00007ff72d011df1 R08: 0000000000000000 R09: 0000000000000000 [ 512.918257][T11466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 512.918270][T11466] R13: 0000000000000000 R14: 00007ff72d1b5fa0 R15: 00007ffd67e77438 [ 512.918298][T11466] [ 514.269356][T11459] chnl_net:caif_netlink_parms(): no params data found [ 514.284846][ T5865] Bluetooth: hci0: command 0x0c1a tx timeout [ 514.531511][ T5865] Bluetooth: hci2: command 0x0c1a tx timeout [ 514.605158][ T5865] Bluetooth: hci3: command 0x0c1a tx timeout [ 514.768960][ T5865] Bluetooth: hci1: command tx timeout [ 514.787912][T11459] bridge0: port 1(bridge_slave_0) entered blocking state [ 514.835155][T11459] bridge0: port 1(bridge_slave_0) entered disabled state [ 514.842613][T11459] bridge_slave_0: entered allmulticast mode [ 514.850543][T11459] bridge_slave_0: entered promiscuous mode [ 514.860611][T11459] bridge0: port 2(bridge_slave_1) entered blocking state [ 514.868560][T11459] bridge0: port 2(bridge_slave_1) entered disabled state [ 514.876044][T11459] bridge_slave_1: entered allmulticast mode [ 514.887092][T11459] bridge_slave_1: entered promiscuous mode [ 514.993659][T11459] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 515.052159][T11459] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 515.126190][T11487] netlink: 28 bytes leftover after parsing attributes in process `syz.0.788'. [ 515.164085][T11487] bridge_slave_0: left allmulticast mode [ 515.179850][T11487] bridge_slave_0: left promiscuous mode [ 515.206332][T11487] bridge0: port 1(bridge_slave_0) entered disabled state [ 515.493049][T11459] team0: Port device team_slave_0 added [ 515.513049][T11459] team0: Port device team_slave_1 added [ 515.537746][T11497] netlink: 28 bytes leftover after parsing attributes in process `syz.3.781'. [ 515.660250][T11459] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 515.685330][T11459] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 515.735245][T11459] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 515.797467][T11459] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 515.804486][T11459] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 515.834166][T11459] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 516.301342][T11459] hsr_slave_0: entered promiscuous mode [ 516.344574][T11459] hsr_slave_1: entered promiscuous mode [ 516.364542][T11459] debugfs: 'hsr0' already exists in 'hsr' [ 516.365128][ T5865] Bluetooth: hci0: command 0x0c1a tx timeout [ 516.398262][T11459] Cannot create hsr debugfs directory [ 516.606321][ T5865] Bluetooth: hci2: command 0x0c1a tx timeout [ 516.684971][ T5865] Bluetooth: hci3: command 0x0c1a tx timeout [ 516.844986][ T5865] Bluetooth: hci1: command tx timeout [ 517.124090][T11459] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 517.353655][T11459] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 517.513417][T11459] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 517.672489][T11459] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 518.599554][T11525] random: crng reseeded on system resumption [ 518.758207][T11528] : Can't lookup blockdev [ 518.924744][ T5865] Bluetooth: hci1: command tx timeout [ 520.479271][T11536] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 520.815638][T11543] ubi0: attaching mtd0 [ 520.894275][T11543] ubi0: scanning is finished [ 520.902876][T11543] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 521.027746][ T5865] Bluetooth: hci1: command tx timeout [ 521.212173][T11543] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 522.831474][T11561] usbip-vudc usbip-vudc.0: gadget not bound [ 522.943528][T11565] usbip-vudc usbip-vudc.0: gadget not bound [ 523.053863][T11569] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 524.213075][T11580] : Can't lookup blockdev [ 526.730604][ T9] Process accounting resumed [ 532.730573][T11623] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 532.889760][T11623] svc: failed to register nfsdv3 RPC service (errno 111). [ 532.922479][ T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 532.938862][ T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 532.956221][ T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 532.957271][T11623] svc: failed to register nfsaclv3 RPC service (errno 111). [ 532.973796][ T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 532.986809][ T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 533.532889][T11628] chnl_net:caif_netlink_parms(): no params data found [ 533.786078][T11628] bridge0: port 1(bridge_slave_0) entered blocking state [ 533.793328][T11628] bridge0: port 1(bridge_slave_0) entered disabled state [ 533.800694][T11628] bridge_slave_0: entered allmulticast mode [ 533.809664][T11628] bridge_slave_0: entered promiscuous mode [ 533.819351][T11628] bridge0: port 2(bridge_slave_1) entered blocking state [ 533.826726][T11628] bridge0: port 2(bridge_slave_1) entered disabled state [ 533.836611][T11628] bridge_slave_1: entered allmulticast mode [ 533.844130][T11628] bridge_slave_1: entered promiscuous mode [ 533.887889][T11628] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 533.900542][T11628] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 533.942615][T11628] team0: Port device team_slave_0 added [ 533.951186][T11628] team0: Port device team_slave_1 added [ 533.989949][T11628] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 533.998614][T11628] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 534.025207][T11628] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 534.040132][T11628] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 534.047346][T11628] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 534.073708][T11628] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 534.131084][T11628] hsr_slave_0: entered promiscuous mode [ 534.138407][T11628] hsr_slave_1: entered promiscuous mode [ 534.144572][T11628] debugfs: 'hsr0' already exists in 'hsr' [ 534.151033][T11628] Cannot create hsr debugfs directory [ 535.004998][ T51] Bluetooth: hci4: command tx timeout [ 537.084814][ T51] Bluetooth: hci4: command tx timeout [ 539.165619][ T51] Bluetooth: hci4: command tx timeout [ 541.244925][ T51] Bluetooth: hci4: command tx timeout [ 571.702087][ T5865] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 571.720756][ T5865] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 571.732713][ T5865] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 571.742724][ T5865] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 571.750930][ T5865] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 571.959837][T11639] chnl_net:caif_netlink_parms(): no params data found [ 572.052527][T11639] bridge0: port 1(bridge_slave_0) entered blocking state [ 572.060015][T11639] bridge0: port 1(bridge_slave_0) entered disabled state [ 572.067947][T11639] bridge_slave_0: entered allmulticast mode [ 572.075882][T11639] bridge_slave_0: entered promiscuous mode [ 572.085294][T11639] bridge0: port 2(bridge_slave_1) entered blocking state [ 572.092434][T11639] bridge0: port 2(bridge_slave_1) entered disabled state [ 572.100222][T11639] bridge_slave_1: entered allmulticast mode [ 572.108945][T11639] bridge_slave_1: entered promiscuous mode [ 572.150925][T11639] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 572.163796][T11639] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 572.206847][T11639] team0: Port device team_slave_0 added [ 572.215521][T11639] team0: Port device team_slave_1 added [ 572.251168][T11639] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 572.259623][T11639] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 572.285838][T11639] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 572.299534][T11639] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 572.306648][T11639] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 572.335690][T11639] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 572.393533][T11639] hsr_slave_0: entered promiscuous mode [ 572.400267][T11639] hsr_slave_1: entered promiscuous mode [ 572.407284][T11639] debugfs: 'hsr0' already exists in 'hsr' [ 572.413076][T11639] Cannot create hsr debugfs directory [ 573.329156][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 573.335632][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 573.804920][ T5865] Bluetooth: hci5: command tx timeout [ 575.895122][ T5865] Bluetooth: hci5: command tx timeout [ 577.965085][ T5865] Bluetooth: hci5: command tx timeout [ 580.045080][ T5865] Bluetooth: hci5: command tx timeout [ 592.732013][ T51] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 592.745031][ T51] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 592.755077][ T51] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 592.764328][ T51] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 592.773882][ T51] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 592.988793][T11655] chnl_net:caif_netlink_parms(): no params data found [ 593.086110][T11655] bridge0: port 1(bridge_slave_0) entered blocking state [ 593.094511][T11655] bridge0: port 1(bridge_slave_0) entered disabled state [ 593.102612][T11655] bridge_slave_0: entered allmulticast mode [ 593.110654][T11655] bridge_slave_0: entered promiscuous mode [ 593.120047][T11655] bridge0: port 2(bridge_slave_1) entered blocking state [ 593.127380][T11655] bridge0: port 2(bridge_slave_1) entered disabled state [ 593.135785][T11655] bridge_slave_1: entered allmulticast mode [ 593.143827][T11655] bridge_slave_1: entered promiscuous mode [ 593.186802][T11655] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 593.199345][T11655] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 593.244182][T11655] team0: Port device team_slave_0 added [ 593.255801][T11655] team0: Port device team_slave_1 added [ 593.292095][T11655] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 593.299498][T11655] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 593.326444][T11655] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 593.338908][T11655] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 593.346022][T11655] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 593.372701][T11655] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 593.433092][T11655] hsr_slave_0: entered promiscuous mode [ 593.440204][T11655] hsr_slave_1: entered promiscuous mode [ 593.447182][T11655] debugfs: 'hsr0' already exists in 'hsr' [ 593.452948][T11655] Cannot create hsr debugfs directory [ 594.844799][ T5865] Bluetooth: hci6: command tx timeout [ 596.924788][ T5865] Bluetooth: hci6: command tx timeout [ 599.004892][ T5865] Bluetooth: hci6: command tx timeout [ 601.084859][ T5865] Bluetooth: hci6: command tx timeout [ 631.789400][ T51] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 631.803847][ T51] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 631.812734][ T51] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 631.823096][ T51] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 631.833992][ T51] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 632.053789][T11665] chnl_net:caif_netlink_parms(): no params data found [ 632.153869][T11665] bridge0: port 1(bridge_slave_0) entered blocking state [ 632.161209][T11665] bridge0: port 1(bridge_slave_0) entered disabled state [ 632.168875][T11665] bridge_slave_0: entered allmulticast mode [ 632.177663][T11665] bridge_slave_0: entered promiscuous mode [ 632.186076][T11665] bridge0: port 2(bridge_slave_1) entered blocking state [ 632.193348][T11665] bridge0: port 2(bridge_slave_1) entered disabled state [ 632.201560][T11665] bridge_slave_1: entered allmulticast mode [ 632.209419][T11665] bridge_slave_1: entered promiscuous mode [ 632.251269][T11665] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 632.265420][T11665] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 632.306463][T11665] team0: Port device team_slave_0 added [ 632.314894][T11665] team0: Port device team_slave_1 added [ 632.354014][T11665] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 632.361148][T11665] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 632.387673][T11665] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 632.401813][T11665] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 632.409082][T11665] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 632.435813][T11665] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 632.492806][T11665] hsr_slave_0: entered promiscuous mode [ 632.500259][T11665] hsr_slave_1: entered promiscuous mode [ 632.507451][T11665] debugfs: 'hsr0' already exists in 'hsr' [ 632.513261][T11665] Cannot create hsr debugfs directory [ 633.885084][ T5865] Bluetooth: hci7: command tx timeout [ 634.778425][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 634.785309][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 635.964834][ T51] Bluetooth: hci7: command tx timeout [ 636.844703][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 638.044870][ T5865] Bluetooth: hci7: command tx timeout [ 640.125024][ T5865] Bluetooth: hci7: command tx timeout [ 653.322749][ T51] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 653.336728][ T51] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 653.345291][ T51] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 653.354295][ T51] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 653.362369][ T51] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 653.588341][T11683] chnl_net:caif_netlink_parms(): no params data found [ 653.693779][T11683] bridge0: port 1(bridge_slave_0) entered blocking state [ 653.701314][T11683] bridge0: port 1(bridge_slave_0) entered disabled state [ 653.708714][T11683] bridge_slave_0: entered allmulticast mode [ 653.717063][T11683] bridge_slave_0: entered promiscuous mode [ 653.727293][T11683] bridge0: port 2(bridge_slave_1) entered blocking state [ 653.734483][T11683] bridge0: port 2(bridge_slave_1) entered disabled state [ 653.744785][T11683] bridge_slave_1: entered allmulticast mode [ 653.752264][T11683] bridge_slave_1: entered promiscuous mode [ 653.792861][T11683] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 653.806793][T11683] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 653.852316][T11683] team0: Port device team_slave_0 added [ 653.862240][T11683] team0: Port device team_slave_1 added [ 653.900889][T11683] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 653.908120][T11683] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 653.934771][T11683] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 653.950130][T11683] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 653.957267][T11683] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 653.983904][T11683] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 654.044460][T11683] hsr_slave_0: entered promiscuous mode [ 654.053149][T11683] hsr_slave_1: entered promiscuous mode [ 654.060123][T11683] debugfs: 'hsr0' already exists in 'hsr' [ 654.066357][T11683] Cannot create hsr debugfs directory [ 655.404790][ T51] Bluetooth: hci8: command tx timeout [ 657.324880][ T51] Bluetooth: hci4: command 0x0406 tx timeout [ 657.484732][ T5865] Bluetooth: hci8: command tx timeout [ 659.564829][ T5865] Bluetooth: hci8: command tx timeout [ 661.644903][ T5865] Bluetooth: hci8: command tx timeout [ 673.165174][ T31] INFO: task syz-executor:11459 blocked for more than 143 seconds. [ 673.173165][ T31] Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 [ 673.180720][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 673.189539][ T31] task:syz-executor state:D stack:24536 pid:11459 tgid:11459 ppid:1 task_flags:0x480140 flags:0x00004006 [ 673.203201][ T31] Call Trace: [ 673.206616][ T31] [ 673.209589][ T31] __schedule+0x1190/0x5de0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 673.214181][ T31] ? __pfx___schedule+0x10/0x10 [ 673.220077][ T31] ? find_held_lock+0x2b/0x80 [ 673.225137][ T31] ? schedule+0x2d7/0x3a0 [ 673.229552][ T31] schedule+0xe7/0x3a0 [ 673.233702][ T31] schedule_timeout+0x257/0x290 [ 673.247669][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 673.253148][ T31] ? mark_held_locks+0x49/0x80 [ 673.263964][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 673.272839][ T31] __wait_for_common+0x2fc/0x4e0 [ 673.283599][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 673.291624][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 673.332679][ T31] remove_one+0x312/0x420 [ 673.354667][ T31] ? find_next_child+0x18f/0x280 [ 673.359739][ T31] __simple_recursive_removal+0x15b/0x610 [ 673.394607][ T31] ? __pfx_remove_one+0x10/0x10 [ 673.424081][ T31] debugfs_remove+0x5d/0x80 [ 673.435165][ T31] nsim_dev_health_exit+0x3b/0xe0 [ 673.440298][ T31] nsim_dev_reload_destroy+0x144/0x4d0 [ 673.483554][ T31] nsim_drv_remove+0x52/0x1d0 [ 673.492286][ T31] ? __pfx_nsim_bus_remove+0x10/0x10 [ 673.505066][ T31] device_remove+0xc8/0x170 [ 673.509704][ T31] device_release_driver_internal+0x44b/0x620 [ 673.525008][ T31] bus_remove_device+0x22f/0x420 [ 673.530054][ T31] device_del+0x396/0x9f0 [ 673.534438][ T31] ? __pfx_device_del+0x10/0x10 [ 673.544671][ T31] device_unregister+0x1d/0xc0 [ 673.549528][ T31] del_device_store+0x355/0x4a0 [ 673.554439][ T31] ? __pfx_del_device_store+0x10/0x10 [ 673.571678][ T31] ? find_held_lock+0x2b/0x80 [ 673.576695][ T31] ? sysfs_file_kobj+0xe4/0x290 [ 673.581608][ T31] ? __pfx_del_device_store+0x10/0x10 [ 673.597516][ T31] bus_attr_store+0x71/0xb0 [ 673.602126][ T31] ? __pfx_bus_attr_store+0x10/0x10 [ 673.614654][ T31] sysfs_kf_write+0xef/0x150 [ 673.619348][ T31] kernfs_fop_write_iter+0x351/0x510 [ 673.634190][ T31] ? __pfx_sysfs_kf_write+0x10/0x10 [ 673.639769][ T31] vfs_write+0x6c7/0x1150 [ 673.644169][ T31] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 673.661196][ T31] ? __pfx_vfs_write+0x10/0x10 [ 673.668154][ T31] ? __pfx_do_sys_openat2+0x10/0x10 [ 673.674074][ T31] ? find_held_lock+0x2b/0x80 [ 673.684759][ T31] ksys_write+0x12a/0x250 [ 673.689182][ T31] ? __pfx_ksys_write+0x10/0x10 [ 673.694215][ T31] do_syscall_64+0xcd/0x490 [ 673.708847][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 673.723456][ T31] RIP: 0033:0x7fbedef8d61f [ 673.731490][ T31] RSP: 002b:00007ffcf565c350 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 673.749601][ T31] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fbedef8d61f [ 673.760481][ T31] RDX: 0000000000000001 RSI: 00007ffcf565c3a0 RDI: 0000000000000005 [ 673.774780][ T31] RBP: 00007fbedf013085 R08: 0000000000000000 R09: 00007ffcf565c1a7 [ 673.782841][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 673.799945][ T31] R13: 00007ffcf565c3a0 R14: 00007fbedfce4620 R15: 0000000000000003 [ 673.822307][ T31] [ 673.825610][ T31] INFO: task syz.0.785:11512 blocked for more than 144 seconds. [ 673.833297][ T31] Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 [ 673.876354][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 673.904620][ T31] task:syz.0.785 state:D stack:26536 pid:11512 tgid:11511 ppid:5863 task_flags:0x400140 flags:0x00004004 [ 673.929947][ T31] Call Trace: [ 673.933331][ T31] [ 673.938983][ T31] __schedule+0x1190/0x5de0 [ 673.943605][ T31] ? __pfx___schedule+0x10/0x10 [ 673.950121][ T31] ? find_held_lock+0x2b/0x80 [ 673.955274][ T31] ? schedule+0x2d7/0x3a0 [ 673.959688][ T31] ? devlink_health_report+0x3ba/0x9c0 [ 673.965716][ T31] schedule+0xe7/0x3a0 [ 673.969885][ T31] schedule_preempt_disabled+0x13/0x30 [ 673.975890][ T31] __mutex_lock+0x82a/0x10b0 [ 673.980551][ T31] ? devlink_health_report+0x3ba/0x9c0 [ 673.987073][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 673.992202][ T31] ? devlink_health_report+0x3ba/0x9c0 [ 673.998211][ T31] devlink_health_report+0x3ba/0x9c0 [ 674.003560][ T31] ? __pfx_devlink_health_report+0x10/0x10 [ 674.009855][ T31] ? _copy_from_user+0x59/0xd0 [ 674.026117][ T31] nsim_dev_health_break_write+0x166/0x210 [ 674.032108][ T31] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 674.049324][ T31] full_proxy_write+0x12e/0x1a0 [ 674.054291][ T31] ? __pfx_full_proxy_write+0x10/0x10 [ 674.064724][ T31] vfs_write+0x29d/0x1150 [ 674.069247][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 674.074344][ T31] ? __pfx_vfs_write+0x10/0x10 [ 674.088493][ T31] ? __fget_files+0x20e/0x3c0 [ 674.093358][ T31] ksys_write+0x12a/0x250 [ 674.099033][ T31] ? __pfx_ksys_write+0x10/0x10 [ 674.103977][ T31] do_syscall_64+0xcd/0x490 [ 674.109268][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 674.115551][ T31] RIP: 0033:0x7ff72cf8eb69 [ 674.121290][ T31] RSP: 002b:00007ff72dd46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 674.129872][ T31] RAX: ffffffffffffffda RBX: 00007ff72d1b5fa0 RCX: 00007ff72cf8eb69 [ 674.139030][ T31] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000008 [ 674.147792][ T31] RBP: 00007ff72d011df1 R08: 0000000000000000 R09: 0000000000000000 [ 674.156112][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 674.164229][ T31] R13: 0000000000000000 R14: 00007ff72d1b5fa0 R15: 00007ffd67e77438 [ 674.172372][ T31] [ 674.179353][ T31] [ 674.179353][ T31] Showing all locks held in the system: [ 674.199263][ T31] 3 locks held by kworker/0:1/10: [ 674.204440][ T31] 1 lock held by khungtaskd/31: [ 674.218075][ T31] #0: ffffffff8e5c0fa0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 674.230217][ T31] 4 locks held by kworker/u8:2/36: [ 674.235843][ T31] #0: ffff88801c6fe948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 674.246676][ T31] #1: ffffc90000ac7d10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 674.266232][ T31] #2: ffffffff90367a70 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x890 [ 674.275884][ T31] #3: ffff88807bd6d0e8 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x12c/0x2b0 [ 674.286107][ T31] 3 locks held by kworker/u8:4/59: [ 674.291250][ T31] #0: ffff88801b889148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 674.302666][ T31] #1: ffffc9000210fd10 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 674.313202][ T31] #2: ffffffff9037dcc8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0x51/0xc0 [ 674.323110][ T31] 3 locks held by kworker/0:2/983: [ 674.328368][ T31] #0: ffff88801b880d48 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 674.339134][ T31] #1: ffff8880b8424088 (per_cpu_ptr(&psi_seq, cpu)){-.-.}-{0:0}, at: __schedule+0x1861/0x5de0 [ 674.350208][ T31] #2: ffff88804e6c2240 (&data->fib_lock){+.+.}-{4:4}, at: nsim_fib_event_work+0x1bb/0x2e80 [ 674.360511][ T31] 2 locks held by syz-executor/5868: [ 674.365981][ T31] #0: ffffffff9037dcc8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230 [ 674.375127][ T31] #1: ffffffff8e5cc538 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x284/0x3c0 [ 674.385306][ T31] 1 lock held by syz-executor/5869: [ 674.390568][ T31] #0: ffffffff9037dcc8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230 [ 674.399768][ T31] 2 locks held by getty/7766: [ 674.404487][ T31] #0: ffff8880318b40a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 674.414430][ T31] #1: ffffc900032342f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 674.425194][ T31] 7 locks held by syz-executor/11459: [ 674.430617][ T31] #0: ffff888024830428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 674.439726][ T31] #1: ffff88805dbdd888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 674.456341][ T31] #2: ffff88802847d968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 674.466565][ T31] #3: ffffffff8f8ee388 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 674.476994][ T31] #4: ffff88807bd6d0e8 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xa4/0x620 [ 674.487712][ T31] #5: ffff88807bd6e250 (&devlink->lock_key#2){+.+.}-{4:4}, at: nsim_drv_remove+0x4a/0x1d0 [ 674.497890][ T31] #6: ffff88805f820660 (&sb->s_type->i_mutex_key#3/2){+.+.}-{4:4}, at: __simple_recursive_removal+0x354/0x610 [ 674.509843][ T31] 3 locks held by syz.0.785/11512: [ 674.515060][ T31] #0: ffff88802a4e7438 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 674.524204][ T31] #1: ffff88801faa2428 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 674.534060][ T31] #2: ffff88807bd6e250 (&devlink->lock_key#2){+.+.}-{4:4}, at: devlink_health_report+0x3ba/0x9c0 [ 674.544905][ T31] 4 locks held by syz-executor/11628: [ 674.550307][ T31] #0: ffff888024830428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 674.559409][ T31] #1: ffff8880600b3488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 674.569300][ T31] #2: ffff88802847d968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 674.579468][ T31] #3: ffffffff8f8ee388 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 674.589904][ T31] 4 locks held by syz-executor/11639: [ 674.595468][ T31] #0: ffff888024830428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 674.604605][ T31] #1: ffff88805f1e7888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 674.614441][ T31] #2: ffff88802847d968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 674.624809][ T31] #3: ffffffff8f8ee388 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 674.635721][ T31] 4 locks held by syz-executor/11655: [ 674.641146][ T31] #0: ffff888024830428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 674.650365][ T31] #1: ffff88805bed8088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 674.660366][ T31] #2: ffff88802847d968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 674.670586][ T31] #3: ffffffff8f8ee388 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 674.681054][ T31] 4 locks held by syz-executor/11665: [ 674.686956][ T31] #0: ffff888024830428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 674.696297][ T31] #1: ffff88805d21e488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 674.706237][ T31] #2: ffff88802847d968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 674.716399][ T31] #3: ffffffff8f8ee388 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 674.726878][ T31] 4 locks held by syz-executor/11683: [ 674.732736][ T31] #0: ffff888024830428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 674.741873][ T31] #1: ffff88806bcb5c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 674.751781][ T31] #2: ffff88802847d968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 674.761952][ T31] #3: ffffffff8f8ee388 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 674.772598][ T31] [ 674.784896][ T31] ============================================= [ 674.784896][ T31] [ 674.797860][ T31] NMI backtrace for cpu 0 [ 674.797885][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 674.797924][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 674.797942][ T31] Call Trace: [ 674.797952][ T31] [ 674.797964][ T31] dump_stack_lvl+0x116/0x1f0 [ 674.798019][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 674.798056][ T31] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 674.798103][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 674.798153][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 674.798197][ T31] watchdog+0xf0e/0x1260 [ 674.798251][ T31] ? __pfx_watchdog+0x10/0x10 [ 674.798295][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 674.798345][ T31] ? __kthread_parkme+0x19e/0x250 [ 674.798393][ T31] ? __pfx_watchdog+0x10/0x10 [ 674.798438][ T31] kthread+0x3c2/0x780 [ 674.798485][ T31] ? __pfx_kthread+0x10/0x10 [ 674.798534][ T31] ? rcu_is_watching+0x12/0xc0 [ 674.798566][ T31] ? __pfx_kthread+0x10/0x10 [ 674.798615][ T31] ret_from_fork+0x5d4/0x6f0 [ 674.798663][ T31] ? __pfx_kthread+0x10/0x10 [ 674.798710][ T31] ret_from_fork_asm+0x1a/0x30 [ 674.798768][ T31] [ 674.798779][ T31] Sending NMI from CPU 0 to CPUs 1: [ 674.924924][ C1] NMI backtrace for cpu 1 [ 674.924945][ C1] CPU: 1 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 674.924979][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 674.924997][ C1] Workqueue: events_unbound nsim_dev_trap_report_work [ 674.925031][ C1] RIP: 0010:unwind_get_return_address+0x74/0xa0 [ 674.925062][ C1] Code: 80 3c 02 00 75 36 48 8b 7b 48 e8 c7 6d 19 00 85 c0 74 cf 48 b8 00 00 00 00 00 fc ff df 48 89 ea 48 c1 ea 03 80 3c 02 00 75 1c <48> 8b 43 48 5b 5d e9 01 de 26 0a e8 3c a4 b5 00 eb a0 48 89 ef e8 [ 674.925088][ C1] RSP: 0018:ffffc90000117690 EFLAGS: 00000246 [ 674.925107][ C1] RAX: dffffc0000000000 RBX: ffffc900001176a8 RCX: ffffc900001175fc [ 674.925124][ C1] RDX: 1ffff92000022ede RSI: ffffffff8de1faa2 RDI: ffffffff8215c151 [ 674.925142][ C1] RBP: ffffc900001176f0 R08: 0000000000000001 R09: 0000000000000000 [ 674.925158][ C1] R10: 0000000000000004 R11: 0000000000012019 R12: ffffffff81a672b0 [ 674.925174][ C1] R13: ffffc90000117768 R14: 0000000000000000 R15: ffff88801e295a00 [ 674.925191][ C1] FS: 0000000000000000(0000) GS:ffff8881247d6000(0000) knlGS:0000000000000000 [ 674.925215][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 674.925232][ C1] CR2: 0000560385738000 CR3: 000000000e380000 CR4: 00000000003526f0 [ 674.925249][ C1] Call Trace: [ 674.925256][ C1] [ 674.925266][ C1] arch_stack_walk+0xa6/0x100 [ 674.925298][ C1] ? __kmalloc_node_track_caller_noprof+0x221/0x510 [ 674.925337][ C1] stack_trace_save+0x8e/0xc0 [ 674.925367][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 674.925396][ C1] ? stack_trace_save+0x8e/0xc0 [ 674.925424][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 674.925452][ C1] ? stack_depot_save_flags+0x28/0xa40 [ 674.925481][ C1] kasan_save_stack+0x33/0x60 [ 674.925509][ C1] ? kasan_save_stack+0x33/0x60 [ 674.925537][ C1] ? kasan_save_track+0x14/0x30 [ 674.925564][ C1] ? __kasan_kmalloc+0xaa/0xb0 [ 674.925631][ C1] kasan_save_track+0x14/0x30 [ 674.925660][ C1] __kasan_kmalloc+0xaa/0xb0 [ 674.925689][ C1] __kmalloc_node_track_caller_noprof+0x221/0x510 [ 674.925724][ C1] ? __alloc_skb+0x166/0x380 [ 674.925760][ C1] ? trace_kmem_cache_alloc+0x28/0xc0 [ 674.925801][ C1] kmalloc_reserve+0xef/0x2c0 [ 674.925831][ C1] __alloc_skb+0x166/0x380 [ 674.925866][ C1] ? __pfx___alloc_skb+0x10/0x10 [ 674.925901][ C1] ? do_raw_spin_lock+0x12c/0x2b0 [ 674.925941][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 674.925987][ C1] nsim_dev_trap_report_work+0x2b1/0xcf0 [ 674.926025][ C1] process_one_work+0x9cf/0x1b70 [ 674.926075][ C1] ? __pfx_process_one_work+0x10/0x10 [ 674.926122][ C1] ? assign_work+0x1a0/0x250 [ 674.926161][ C1] worker_thread+0x6c8/0xf10 [ 674.926210][ C1] ? __pfx_worker_thread+0x10/0x10 [ 674.926251][ C1] kthread+0x3c2/0x780 [ 674.926288][ C1] ? __pfx_kthread+0x10/0x10 [ 674.926327][ C1] ? rcu_is_watching+0x12/0xc0 [ 674.926352][ C1] ? __pfx_kthread+0x10/0x10 [ 674.926391][ C1] ret_from_fork+0x5d4/0x6f0 [ 674.926430][ C1] ? __pfx_kthread+0x10/0x10 [ 674.926467][ C1] ret_from_fork_asm+0x1a/0x30 [ 674.926508][ C1] [ 674.926993][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 675.240103][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 675.251591][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 675.261680][ T31] Call Trace: [ 675.264982][ T31] [ 675.267931][ T31] dump_stack_lvl+0x3d/0x1f0 [ 675.272567][ T31] vpanic+0x6a3/0x780 [ 675.276587][ T31] ? __pfx_vpanic+0x10/0x10 [ 675.281306][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 675.287332][ T31] panic+0xca/0xd0 [ 675.291091][ T31] ? __pfx_panic+0x10/0x10 [ 675.295639][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 675.301051][ T31] ? nmi_trigger_cpumask_backtrace+0x1b1/0x300 [ 675.307238][ T31] ? watchdog+0xd78/0x1260 [ 675.311699][ T31] ? watchdog+0xd6b/0x1260 [ 675.316154][ T31] watchdog+0xd89/0x1260 [ 675.320438][ T31] ? __pfx_watchdog+0x10/0x10 [ 675.325226][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 675.330483][ T31] ? __kthread_parkme+0x19e/0x250 [ 675.335541][ T31] ? __pfx_watchdog+0x10/0x10 [ 675.340281][ T31] kthread+0x3c2/0x780 [ 675.344537][ T31] ? __pfx_kthread+0x10/0x10 [ 675.349190][ T31] ? rcu_is_watching+0x12/0xc0 [ 675.354007][ T31] ? __pfx_kthread+0x10/0x10 [ 675.358645][ T31] ret_from_fork+0x5d4/0x6f0 [ 675.363287][ T31] ? __pfx_kthread+0x10/0x10 [ 675.367933][ T31] ret_from_fork_asm+0x1a/0x30 [ 675.372764][ T31] [ 675.376165][ T31] Kernel Offset: disabled [ 675.380540][ T31] Rebooting in 86400 seconds..