last executing test programs: 9m49.570489588s ago: executing program 32 (id=507): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x40000002c55, 0x0) writev$auto(0x1, &(0x7f0000000100)={&(0x7f0000000140), 0x400000040000fdef}, 0x1) faccessat2$auto(0x1, &(0x7f0000000000)='\x00', 0x2, 0x1000) select$auto(0x3, 0x0, &(0x7f0000000100)={[0x9, 0x6, 0x3, 0x8, 0x9, 0x3, 0x6, 0x2, 0x9, 0x5e582970, 0x6de, 0x9, 0x3, 0x201, 0x0, 0x6]}, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getrandom$auto(0x0, 0xe06, 0x3) madvise$auto(0x0, 0x3, 0x15) madvise$auto(0x0, 0x10001, 0x9) ioperm$auto(0x8, 0x9, 0x2) sched_setaffinity$auto(0x0, 0x5, &(0x7f00000013c0)=0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x0) open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x23) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) sendfile$auto(0x2, 0x6, &(0x7f0000000100)=0xffffffffffffffd0, 0xeb9) fcntl$auto(0x300000000000000, 0x402, 0x9) 8m6.979782919s ago: executing program 33 (id=1075): fcntl$auto(0x3, 0x400, 0x1) connect$auto(0x3, &(0x7f0000000040)={0xb, @sockaddr_1_1={"c3e77ddb2f013cfd753ad83bffb36f0f5f7ff2d28ea73b393b57b2ef18eaa6533eaceb3beed79ffca4a31a5ee5c387eefc42a278995c8ccfd58a79d091dc0ccbf88b895b19ff290a8c9b41952c413163dbf23a2e8fe175f4334ac0f27a7367de9f880f9801da19d2792f98e44a9287366474fb28fb90a12be63d5c512ae3cdb40370d30b7772a99621af28ccfae5d3629c6d2e2f78ac033c1ce0b09ec0c5362684d21757efcf9f8db85a24d805b94d6c"}}, 0x55) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 5m54.530926643s ago: executing program 34 (id=1817): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0xffff) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0xffff) move_pages$auto(0x1, 0x100000004, 0x0, 0x0, 0x0, 0x2) (async) move_pages$auto(0x1, 0x100000004, 0x0, 0x0, 0x0, 0x2) shmget$auto(0xffffffffffffffff, 0xb0d, 0xa7db6ba) execve$auto(&(0x7f0000000040)=':,\x00', &(0x7f00000000c0)=&(0x7f0000000080)='$+[-+\x98%(,\x00', &(0x7f0000000200)=&(0x7f00000001c0)=':,\x00') madvise$auto(0x0, 0x7fffffffffffffff, 0xe) (async) madvise$auto(0x0, 0x7fffffffffffffff, 0xe) socket(0xa, 0x3, 0x6) socket(0x1e, 0x80805, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0xa, 0x3, 0xff) select$auto(0xfffffffd, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x100000, 0xc, 0x9, 0x3, 0x1, 0x2800000000000002, 0x9, 0x5e582971, 0x1ff, 0x2c, 0x4, 0x1, 0x74, 0xb]}, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140)={0x7, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x9fe) select$auto(0x7, 0x0, &(0x7f0000000100)={[0x9, 0x5, 0x0, 0xfffffffffffffff6, 0x7, 0xfffffffffffdffff, 0xdffffffffffffff8, 0x2, 0x0, 0x10000005e58296f, 0x1e, 0x7, 0x3, 0x200, 0x1, 0x9]}, 0x0, 0x0) (async) select$auto(0x7, 0x0, &(0x7f0000000100)={[0x9, 0x5, 0x0, 0xfffffffffffffff6, 0x7, 0xfffffffffffdffff, 0xdffffffffffffff8, 0x2, 0x0, 0x10000005e58296f, 0x1e, 0x7, 0x3, 0x200, 0x1, 0x9]}, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xff00) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xff00) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff) (async) syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff) syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) r0 = open(0x0, 0x109001, 0x121) read$auto(r0, &(0x7f0000000040)=':,\x00', 0xff) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9) (async) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) 4m55.750154402s ago: executing program 2 (id=2214): r0 = socket(0x10, 0x2, 0x9) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0xa, 0x6, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) epoll_create$auto(0x4) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0x3, 0xffffffff80088a02, 0x1) sync_file_range$auto(0x3, 0x9, 0x40010001, 0x4) memfd_secret$auto(0x5) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000004fd30a2d7c8593651531d32073640e187d9b5fd5d32f03df4ca5df17a6eacbe20e23b20c9c1c7501625f80bafd388209000000f05921f46fe8c9867184032faece57e3aa8d6d66da8647024442988d23a7f7c9dee65b5ddaf5e9619a259aaca28085967b", @ANYRES16=0x0, @ANYBLOB="040028bd7000fbdbdf2503000000d3de1490515f507c9b3059017c76c57826e5967feaae7db21a5ab0e8de7f6c13834a288d765f4e569953c04bd21603d41c2257cf27108bc321c454d984c0ba5ce50f9433d18fd1002194fa937b6f9c73cb47f23b0f28b8d907e5b62975998f8de235886451139f018abac18c328d445dd69ad9d11d4b963725ab4fe69db0dc3471605fb0f29a2a50e828781d65a0e632d5e861763d1f9557db8ded4078bb279b17f7c706c43708d539f9d310d89b766f99db22aa", @ANYRES16, @ANYRES32=r1], 0x14}, 0x1, 0x0, 0x0, 0x80c0}, 0x4000000) 4m55.577524521s ago: executing program 2 (id=2215): r0 = socket(0x10, 0x2, 0x9) sendmsg$auto_NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)={0x14, 0x0, 0x10, 0x70bd26, 0x25dfdbfb, {0x1d, 0x0, 0x9e}}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4000000) 4m55.41470382s ago: executing program 2 (id=2216): mlockall$auto(0xf) socket(0x2, 0x1, 0x0) setsockopt$auto(0x3, 0x0, 0x19, 0xffffffffffffffff, 0x0) statmount$auto(0x0, &(0x7f0000000040)={0x1, 0x0, 0x36, 0x828, 0x9, 0x8000000000000000, 0x9f, 0x7, 0x6, 0x5, 0x2, 0x9, 0x3, 0x8, 0xffffffffffffffff, 0x200000000000f, 0x100, 0x1, 0x10001, 0x2cf8, [0x9, 0x7f, 0x40, 0x1, 0x7fffffffffffffff, 0x48c000000000, 0x600, 0x3, 0x80000000, 0x6, 0x3961, 0xfffffffffffffff9, 0x10, 0x3, 0x35c4, 0x0, 0x6, 0x0, 0xea8, 0xc, 0xd9, 0x48, 0x5, 0x1, 0x200000000803, 0x7fffffffffffffff, 0x15, 0x110, 0xb, 0x8000000000000000, 0x2ab, 0x8, 0x800, 0x1, 0x1, 0x4003, 0xffffffffffff0000, 0x6b, 0xfffffffffffffff9, 0x204, 0x2b7, 0x4, 0xf, 0xe, 0xb, 0x7, 0x6, 0x7a, 0xdf]}, 0xe3c, 0x0) futex$auto(0x0, 0x81, 0x8, 0x0, 0x0, 0xfffffe01) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) 4m55.235926763s ago: executing program 2 (id=2217): r0 = socket$nl_generic(0x10, 0x3, 0x10) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x5, 0x0) semctl$auto(0x1ff, 0x2, 0x13, 0x1) io_uring_setup$auto(0x40005, &(0x7f0000000000)={0x6, 0x1, 0x400, 0x7, 0x1005, 0x6, 0x7, [0x4, 0x2e9, 0x8], {0x0, 0x1, 0x8, 0x7, 0x5, 0x5, 0x1, 0xfffffffc, 0x7}, {0x4, 0xfff, 0xffff7ffe, 0x2, 0x8, 0x200, 0x3, 0x0, 0x3}}) setsockopt$auto(0x400000000000003, 0x29, 0x30, 0x0, 0x20000) r2 = syz_genetlink_get_family_id$auto_IPVS(&(0x7f0000002100), 0xffffffffffffffff) r3 = syz_genetlink_get_family_id$auto_batadv(&(0x7f00000000c0), r1) sendmsg$auto_BATADV_CMD_GET_HARDIF(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x54, r3, 0x4, 0x70bd2a, 0x25dfdbfc, {}, [@BATADV_ATTR_MCAST_FLAGS={0x8, 0x26, 0xe}, @BATADV_ATTR_MESH_IFNAME={0x4}, @BATADV_ATTR_TT_FLAGS={0x8, 0x15, 0x5}, @BATADV_ATTR_TT_TTVN={0x5, 0x11, 0xff}, @BATADV_ATTR_HARD_ADDRESS={0xa, 0x8, "a56664a622f9"}, @BATADV_ATTR_TT_VID={0x6, 0x14, 0x2}, @BATADV_ATTR_LAST_SEEN_MSECS={0x8, 0x17, 0x8db}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x4040) sendmsg$auto_IPVS_CMD_GET_DEST(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000580)={0x14, r2, 0x969d6b4393590ecc, 0x70bd2b, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x24004090}, 0x0) 4m55.022395365s ago: executing program 6 (id=2218): r0 = socket(0x10, 0x2, 0x9) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, {0x7bd}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80c0}, 0x4000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ila(&(0x7f00000022c0), r1) sendmsg$auto_ILA_CMD_DEL(r1, &(0x7f0000002380)={0x0, 0x0, &(0x7f0000002340)={0x0}, 0x1, 0x0, 0x0, 0xc811}, 0x20000000) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth0_virt_wifi\x00', 0x0}) sendmsg$auto_ILA_CMD_GET(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, r2, 0x8, 0x70bd2c, 0x25dfdbfb, {}, [@ILA_ATTR_IFINDEX={0x8, 0x4, r3}, @ILA_ATTR_LOCATOR_MATCH={0xc, 0x3, 0x5e94}, @ILA_ATTR_CSUM_MODE={0x5, 0x7, 0xf8}, @ILA_ATTR_LOCATOR={0xc, 0x1, 0x9}]}, 0x3c}, 0x1, 0x0, 0x0, 0x28040814}, 0x40004) 4m54.693849737s ago: executing program 2 (id=2219): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) capget$auto(0x0, &(0x7f0000000100)={0x3, 0x400, 0x1ff}) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/pid_for_children\x00') mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) open(0x0, 0x22240, 0x155) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) futex_wait$auto(0x0, 0x0, 0x7f, 0x2, 0x0, 0x1) futex$auto(0x0, 0x3, 0x8243, 0x0, 0x0, 0x4) connect$auto(0x3, 0x0, 0x55) r1 = syz_genetlink_get_family_id$auto_MAC80211_HWSIM(&(0x7f0000000040), r0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000140)={0x60, r1, 0x8a00f4e9954364ed, 0x70bd29, 0x25dfdbfd, {}, [@HWSIM_ATTR_RADIO_NAME={0x49, 0x11, '\xfd\xff\xff\xff\xff\xff\xff\xff-\x9c\xe4\xbe\x9e6y\x93\xd5\xbc\x9f\xa6\xf7\f\x01k\a\x86\xc1a\x12;\xab\xd7+\x99\xe71\x9b)p\x06\x02;/X\xfc+\x8b@\x90\xfc\x00\x00\x00\f\x11\xe7\xd3:\x00'/69}]}, 0x60}, 0x1, 0x0, 0x0, 0x84}, 0x24000054) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bpf$auto(0x5, &(0x7f0000000100)=@task_fd_query={0x2, 0x2, 0x4, 0x0, 0x85, 0x7, 0x9, 0x6, 0x8001}, 0x101) getcwd$auto(0x0, 0xffffffffffffffff) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) clone$auto(0x8001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) socket(0x2, 0x3, 0xa) read$auto(0x3, 0x0, 0x7) socket$nl_generic(0x10, 0x3, 0x10) clock_gettime$auto(0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) setxattr$auto(0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x1000000000, 0x0, 0x92, 0x16, 0x411e470b, 0x7) 4m54.608035274s ago: executing program 6 (id=2220): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000000240)={0x0, 0xfd, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r1, 0x1, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x0) 4m52.802222946s ago: executing program 2 (id=2221): io_submit$auto(0xfffffffffffffff7, 0xfffffffffffffffb, &(0x7f00000001c0)=&(0x7f0000000180)={0x3, 0x4, 0x9, 0xfaf1, 0x0, 0x3, 0x9, 0x800, 0xd9a, 0x0, 0x40, 0xffffffffffffffff}) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f0000000880)={0x4fc, r1, 0x8, 0x70bd29, 0x25dfdbfc, {}, [@NL80211_ATTR_FREQ_FIXED={0x4}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_SPLIT_WIPHY_DUMP={0x4}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, 0x24a}, @NL80211_ATTR_FILS_ERP_REALM={0xe4, 0xfa, "67689da3da37764ddb6cf8b82d587f3c92fbaccbd557d143f6a68184ce7a71e3eaed171d92b2d756a8736030f1bb204216e9df83f2b3ff488b18dc68625b2d618e218746d50d2a8eb6f91943e231136b681cbe1cee3685eedda50104466b4ca1a050611ea7c90de643e89df1fdb8ac9d9e4cd972bf90a063ac01e8396bf49ec39016e9487e63af3f7ebc862be9b54242d3f62677aa26e3e0dad3d41d9b590b0355229a53244b0c43219d3d6a5dd6be9b202e0ea3d927c477bda276a813215e236fc6a86512ea32612c3ef1ee9c4f9ce699f45d57f652a887180ec6873b42455a"}, @NL80211_ATTR_BEACON_HEAD={0x3dd, 0xe, "08e48a5490752cb5790aa231727bdea6cc86a232e37ef63efaf1dcb0a7478288c102535a9b71531d3f506378b1e097f5094ad4007fd933cbff00809a37c1b2b87f8e4e29ba597e9deb23e7ef524380c26ff68f426a856f21d199dc6b63b31cc0c1f2c5f3fa318280d2ee3905d6ea194077ecce2e23eeabb32b446df2c5bc27604fac43b88f5d33261477e20309c6b856861d2c5403d719a6e010851911f30394f9a2d9015041bcc1d71e102a7ae16dd79875f3ff621b3937edf8f87ecada263a0561b34be27847f4c56eb807998ee35ce600045d4af13a21ad0a111cdba4a28ee51e318a0712e152ea0bb84e626d609d185ed94640f634d0a57fe897ed747ca12deb784d5ffe6262d64165055abf450ba91c53063324b3c9f34a73a43182829630667f8f39201ec953522e308a13fb1f12daf80c5af41e2a126846b4a6ba5ac70dacd5cc595e3589bea377def96adda739529e4cbc5ecd84a1a888d962815cf7da6694e59871934d5183014408068e53370ecd31ebb35fdaff0f8135b2a2bf7111bbe275b0a8bc25250f2e5a0ae24eda37a554b718bf4eef46578dcce28cb96b56cea844306b3a74d3419fa6a057c910be8759d21a9323eed443872de897d0a35c865398016661a4838f9948dfe981ef47eba59be9d476ffa0630c04e00c4d73fc49ac0545835c2fc0719a28062423053e249ded1133fb97952ddfaf74da178781f939ac1b5d918edba9d50a314099c8ae700d158bc95b382071629313fd996cd021d9f67ddb37d52717b93a4c96946cc99292bd8127bd6d6639ec228ee20a4dc79af307d3e130616f6d677b761e02254f1f0bce2bcec96b442d99e41d4567e58bc4a72fc1e913478f43d9fa554027287e7c9878648fb08d3e2d34a98c8b8f4f568a6869a33fd09e2b638732154997c8bbe6bb624ee374bc26a6aa661cbc9ace6885cf0f10975d3a122e46e00f624f2961e61113caa08c0b0eb0ad025abd188a02847b54049c13f6dd0d495d1702d7488f2bb57786ac1a8de9f0825e050749d19c8ba434f81cfa8a77836615cb9962d491289eafdd5f293d40458aab1c09b81ca81725ed2ecef4d3b5a6575a91e2b1affc75f99bc854947f87d4279fe4577a9e2a61bbef8ed2be21a6d879fc21f6597f6dd47f23e7b8fde5df383495deee25798bfa1c99d0627aa8791f884e8fee7f22aca0e034fd08b2d6e1570455f0f2c02f10c76d6bcc8e30a0adaa33f3a463511101dfcbda5475b2079103e80a7cd7d6588efd0cd198825803e06d5ebfbc87aaa12a4f97c35dc169e20671172eec7010a47590b215c0836d325f9d84a3d1f963d42007d28b6dde1cffe29a07a8616b59298ff5cbaa855eeedd8f10f5b609e8105099d0b5670763771305"}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0xc}, @NL80211_ATTR_PBSS={0x4}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}]}, 0x4fc}, 0x1, 0x0, 0x0, 0x10000041}, 0x40000) r2 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r2) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2, 0x1, 0x0) socket(0x1e, 0x1, 0x0) socket(0x10, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) socket(0x2, 0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000a00), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_ADD_RXSA(r3, &(0x7f0000001c80)={0x0, 0x0, &(0x7f0000001c40)={&(0x7f0000001cc0)={0x24, r4, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@MACSEC_ATTR_SA_CONFIG={0xe, 0x3, "265169b344442a9873a9"}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000804}, 0x8880) symlink$auto(&(0x7f0000000100)='//^\x00', &(0x7f0000000140)='}:\x00') acct$auto(&(0x7f0000000500)='}:\x00') mkdir$auto(0x0, 0x1) mkdir$auto(&(0x7f0000000040)='MAC80211_HWSIM\x00', 0x1) r5 = syz_genetlink_get_family_id$auto_MAC80211_HWSIM(&(0x7f0000000640), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r6, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x60, r5, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@HWSIM_ATTR_REG_STRICT_REG={0x4}, @HWSIM_ATTR_ADDR_RECEIVER={0x19, 0x1, "59ca93e9ec0a0a335797010099a4fee023a134f7be"}, @HWSIM_ATTR_USE_CHANCTX={0x4}, @HWSIM_ATTR_RADIO_NAME={0x5, 0x11, '.'}, @HWSIM_ATTR_ADDR_TRANSMITTER={0x1f, 0x2, "a310e2f4d070ee770d2d53225b7f8f2050f235c2e28617594a305e"}]}, 0x60}, 0x1, 0x0, 0x0, 0x20005811}, 0x4048040) rmdir$auto(&(0x7f0000000340)='MAC80211_HWSIM\x00') socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000001080), 0xffffffffffffffff) 4m48.500849377s ago: executing program 5 (id=2222): unshare$auto(0x40000080) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000002f80), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_NEWPDP(r0, &(0x7f0000003080)={0x0, 0x0, &(0x7f0000003040)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="05002bbd7000fddbdf06000000000800010001040000080002000100000008000800060000000800090001040000"], 0x34}, 0x1, 0x0, 0x0, 0x4c000}, 0x80) 4m48.397963643s ago: executing program 5 (id=2223): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) mlockall$auto(0x7) madvise$auto(0x0, 0x20499d, 0x9) socket(0x11, 0x80003, 0x300) io_submit$auto(0x6, 0x7f, &(0x7f0000000040)=&(0x7f0000000000)={0x6fffffffffffff, 0xb, 0x10001, 0x3, 0x2, 0x3b, 0xfffffffffffffc00, 0x9, 0xfff, 0x0, 0x6}) writev$auto(0xc8, &(0x7f00000028c0)={&(0x7f0000000000), 0xfdef}, 0x9) mlock$auto(0x8000000000000001, 0xffff) 4m48.32162264s ago: executing program 5 (id=2224): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0x14) r0 = socket$nl_generic(0x10, 0x3, 0x10) pidfd_open$auto(0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x6, 0x15, 0x1000, 0x100000001, 0xc, 0x9, 0x0, 0xfffffffffffffffe, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x80000001]}, 0x0, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r1 = socket(0xa, 0x5, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000021}, 0x8004) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) io_uring_setup$auto(0x1, 0x0) r2 = syz_genetlink_get_family_id$auto_802_15_4_MAC(&(0x7f0000000040), r0) sendmsg$auto_IEEE802154_LLSEC_GETPARAMS(r1, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0x90, r2, 0x400, 0x70bd29, 0x25dfdbfb, {}, [@IEEE802154_ATTR_CHANNEL={0x5}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0x8000}, @IEEE802154_ATTR_DEST_PAN_ID={0x6, 0x10, 0x1}, @IEEE802154_ATTR_SCAN_TYPE={0x5, 0x13, 0x4}, @IEEE802154_ATTR_ED_LIST={0x1f, 0x16, "f3f4729dfa4e75fa72f45d76057ecc431aad1c794a07919fe0d62e"}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "84a07fe4c2f5fadf754ba6aa49a7cc5c"}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x1}, @IEEE802154_ATTR_SRC_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "4241a9a4bc29accb27499d32eff92819"}]}, 0x90}, 0x1, 0x0, 0x0, 0x8881}, 0x80) connect$auto(0x3, &(0x7f0000000180)={0xa, @sockaddr_1_1={"79187eae67fbcc"}}, 0x55) setsockopt$auto(0x3, 0x10000000084, 0x11, 0x0, 0x8) 4m48.227854168s ago: executing program 5 (id=2225): mlockall$auto(0xf) socket(0x2, 0x1, 0x0) setsockopt$auto(0x3, 0x0, 0x19, 0xffffffffffffffff, 0x0) statmount$auto(0x0, &(0x7f0000000040)={0x1, 0x0, 0x36, 0x828, 0x9, 0x8000000000000000, 0x9f, 0x7, 0x6, 0x5, 0x2, 0x9, 0x3, 0x8, 0xffffffffffffffff, 0x200000000000f, 0x100, 0x1, 0x10001, 0x2cf8, [0x9, 0x7f, 0x40, 0x1, 0x7fffffffffffffff, 0x48c000000000, 0x600, 0x3, 0x80000000, 0x6, 0x3961, 0xfffffffffffffff9, 0x10, 0x3, 0x35c4, 0x0, 0x6, 0x0, 0xea8, 0xc, 0xd9, 0x48, 0x5, 0x1, 0x200000000803, 0x7fffffffffffffff, 0x15, 0x110, 0xb, 0x8000000000000000, 0x2ab, 0x8, 0x800, 0x1, 0x1, 0x4003, 0xffffffffffff0000, 0x6b, 0xfffffffffffffff9, 0x204, 0x2b7, 0x4, 0xf, 0xe, 0xb, 0x7, 0x6, 0x7a, 0xdf]}, 0xe3c, 0x0) futex$auto(0x0, 0x81, 0x8, 0x0, 0x0, 0xfffffe01) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) 4m48.172671082s ago: executing program 5 (id=2226): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_NEW_KEY(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001500)={0x1c, r1, 0x413, 0x70bd2b, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4804}, 0x80) (fail_nth: 2) 4m47.815898152s ago: executing program 5 (id=2227): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000000240)={0x0, 0xfe, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r1, 0x1, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x0) 4m38.604464479s ago: executing program 35 (id=2213): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000003a80)={0x0, 0x0, &(0x7f0000003a40)={&(0x7f00000038c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="f7ff8fa11b6e000000001f"], 0x14}, 0x1, 0x0, 0x0, 0xecac9eb1bdd4400c}, 0x0) semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0) r4 = socket(0x23, 0x80805, 0x0) epoll_create$auto(0x4) epoll_pwait$auto(0x3, 0x0, 0x3, 0x3, &(0x7f0000002040)={0xc9fb}, 0x8) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003ec, 0x14) poll$auto(&(0x7f0000000000)={r4, 0x1, 0x8}, 0x5, 0x400) setsockopt$auto(r5, 0x113, 0x3, 0x0, 0x79ad226b) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) process_mrelease$auto(0xfffe00000000, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_TIPCv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_NET_SET(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x14, r7, 0x1, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x8005}, 0x4004000) shmat$auto(0xffffffff, &(0x7f0000000080)='\x00', 0x9) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010029bd7000ffdbdf25060000007ab7c11307dcdaacd2ad0948a2fa00d70f07c777eb0868a1a36b34d02e4d37f5a0b90a7d70079fc37b7b6360e29c745929f6c8766b43a4356abfa0984d4fa6971f37b8f2b20556c2"], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x0) 4m37.704648581s ago: executing program 36 (id=2220): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000000240)={0x0, 0xfd, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r1, 0x1, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x0) 4m36.189250525s ago: executing program 37 (id=2221): io_submit$auto(0xfffffffffffffff7, 0xfffffffffffffffb, &(0x7f00000001c0)=&(0x7f0000000180)={0x3, 0x4, 0x9, 0xfaf1, 0x0, 0x3, 0x9, 0x800, 0xd9a, 0x0, 0x40, 0xffffffffffffffff}) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f0000000880)={0x4fc, r1, 0x8, 0x70bd29, 0x25dfdbfc, {}, [@NL80211_ATTR_FREQ_FIXED={0x4}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_SPLIT_WIPHY_DUMP={0x4}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, 0x24a}, @NL80211_ATTR_FILS_ERP_REALM={0xe4, 0xfa, "67689da3da37764ddb6cf8b82d587f3c92fbaccbd557d143f6a68184ce7a71e3eaed171d92b2d756a8736030f1bb204216e9df83f2b3ff488b18dc68625b2d618e218746d50d2a8eb6f91943e231136b681cbe1cee3685eedda50104466b4ca1a050611ea7c90de643e89df1fdb8ac9d9e4cd972bf90a063ac01e8396bf49ec39016e9487e63af3f7ebc862be9b54242d3f62677aa26e3e0dad3d41d9b590b0355229a53244b0c43219d3d6a5dd6be9b202e0ea3d927c477bda276a813215e236fc6a86512ea32612c3ef1ee9c4f9ce699f45d57f652a887180ec6873b42455a"}, @NL80211_ATTR_BEACON_HEAD={0x3dd, 0xe, "08e48a5490752cb5790aa231727bdea6cc86a232e37ef63efaf1dcb0a7478288c102535a9b71531d3f506378b1e097f5094ad4007fd933cbff00809a37c1b2b87f8e4e29ba597e9deb23e7ef524380c26ff68f426a856f21d199dc6b63b31cc0c1f2c5f3fa318280d2ee3905d6ea194077ecce2e23eeabb32b446df2c5bc27604fac43b88f5d33261477e20309c6b856861d2c5403d719a6e010851911f30394f9a2d9015041bcc1d71e102a7ae16dd79875f3ff621b3937edf8f87ecada263a0561b34be27847f4c56eb807998ee35ce600045d4af13a21ad0a111cdba4a28ee51e318a0712e152ea0bb84e626d609d185ed94640f634d0a57fe897ed747ca12deb784d5ffe6262d64165055abf450ba91c53063324b3c9f34a73a43182829630667f8f39201ec953522e308a13fb1f12daf80c5af41e2a126846b4a6ba5ac70dacd5cc595e3589bea377def96adda739529e4cbc5ecd84a1a888d962815cf7da6694e59871934d5183014408068e53370ecd31ebb35fdaff0f8135b2a2bf7111bbe275b0a8bc25250f2e5a0ae24eda37a554b718bf4eef46578dcce28cb96b56cea844306b3a74d3419fa6a057c910be8759d21a9323eed443872de897d0a35c865398016661a4838f9948dfe981ef47eba59be9d476ffa0630c04e00c4d73fc49ac0545835c2fc0719a28062423053e249ded1133fb97952ddfaf74da178781f939ac1b5d918edba9d50a314099c8ae700d158bc95b382071629313fd996cd021d9f67ddb37d52717b93a4c96946cc99292bd8127bd6d6639ec228ee20a4dc79af307d3e130616f6d677b761e02254f1f0bce2bcec96b442d99e41d4567e58bc4a72fc1e913478f43d9fa554027287e7c9878648fb08d3e2d34a98c8b8f4f568a6869a33fd09e2b638732154997c8bbe6bb624ee374bc26a6aa661cbc9ace6885cf0f10975d3a122e46e00f624f2961e61113caa08c0b0eb0ad025abd188a02847b54049c13f6dd0d495d1702d7488f2bb57786ac1a8de9f0825e050749d19c8ba434f81cfa8a77836615cb9962d491289eafdd5f293d40458aab1c09b81ca81725ed2ecef4d3b5a6575a91e2b1affc75f99bc854947f87d4279fe4577a9e2a61bbef8ed2be21a6d879fc21f6597f6dd47f23e7b8fde5df383495deee25798bfa1c99d0627aa8791f884e8fee7f22aca0e034fd08b2d6e1570455f0f2c02f10c76d6bcc8e30a0adaa33f3a463511101dfcbda5475b2079103e80a7cd7d6588efd0cd198825803e06d5ebfbc87aaa12a4f97c35dc169e20671172eec7010a47590b215c0836d325f9d84a3d1f963d42007d28b6dde1cffe29a07a8616b59298ff5cbaa855eeedd8f10f5b609e8105099d0b5670763771305"}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0xc}, @NL80211_ATTR_PBSS={0x4}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}]}, 0x4fc}, 0x1, 0x0, 0x0, 0x10000041}, 0x40000) r2 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r2) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2, 0x1, 0x0) socket(0x1e, 0x1, 0x0) socket(0x10, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) socket(0x2, 0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000a00), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_ADD_RXSA(r3, &(0x7f0000001c80)={0x0, 0x0, &(0x7f0000001c40)={&(0x7f0000001cc0)={0x24, r4, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@MACSEC_ATTR_SA_CONFIG={0xe, 0x3, "265169b344442a9873a9"}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000804}, 0x8880) symlink$auto(&(0x7f0000000100)='//^\x00', &(0x7f0000000140)='}:\x00') acct$auto(&(0x7f0000000500)='}:\x00') mkdir$auto(0x0, 0x1) mkdir$auto(&(0x7f0000000040)='MAC80211_HWSIM\x00', 0x1) r5 = syz_genetlink_get_family_id$auto_MAC80211_HWSIM(&(0x7f0000000640), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r6, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x60, r5, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@HWSIM_ATTR_REG_STRICT_REG={0x4}, @HWSIM_ATTR_ADDR_RECEIVER={0x19, 0x1, "59ca93e9ec0a0a335797010099a4fee023a134f7be"}, @HWSIM_ATTR_USE_CHANCTX={0x4}, @HWSIM_ATTR_RADIO_NAME={0x5, 0x11, '.'}, @HWSIM_ATTR_ADDR_TRANSMITTER={0x1f, 0x2, "a310e2f4d070ee770d2d53225b7f8f2050f235c2e28617594a305e"}]}, 0x60}, 0x1, 0x0, 0x0, 0x20005811}, 0x4048040) rmdir$auto(&(0x7f0000000340)='MAC80211_HWSIM\x00') socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000001080), 0xffffffffffffffff) 4m31.388068781s ago: executing program 38 (id=2227): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000000240)={0x0, 0xfe, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r1, 0x1, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x0) 2m38.259993782s ago: executing program 1 (id=2840): mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) getsockopt$auto(0x6, 0x40000000084, 0x13, 0xfffffffffffffffe, 0x0) init_module$auto(0x0, 0x4, 0x0) 2m38.079406613s ago: executing program 1 (id=2842): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) fstat$auto(0x2, 0x0) socket(0x2, 0x3, 0xa) r0 = socket(0x2, 0x801, 0xf821) sendmsg$auto_NL80211_CMD_START_AP(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0x0, 0x40910}, 0x20000000) shutdown$auto(0x200000003, 0x2) alarm$auto(0x8) alarm$auto(0x9) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(0x5, 0x104000000000010e, 0x5, 0x0, 0x16) fcntl$auto(r1, 0x9, 0x6) 2m37.88055799s ago: executing program 1 (id=2845): set_mempolicy$auto(0x2005, &(0x7f0000000080)=0x87e, 0x4) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000002c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) madvise$auto(0x0, 0x8, 0x7) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000b40)={0x24, r1, 0x101, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x60048400}, 0x800) sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000340)={0xec, r1, 0x100, 0x70bd2a, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x7f}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0xba}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY_CAPS={0xbd, 0x18, "5c2652279f303b92b49c52dec5b40cac8558efde24174ad4122edcbb2ae297f329506bbe282b35b1169299fee115b07ff813c191540e7be6e4277391f7e84a9a477550cda1f23cf44fd6f5f8f2d5ea1758225a278729e5c3ff053124e34e1b4c9a59b082f3fbeb30ae78cd2dd9b301d00c90520b39f6a03138753f544426f1b69a4f6655a92b65b1b31f12e4ff4cb415833990b418c95763b1cf4acb3f46a50ccf2e2379d93fb5dbdd03762704a9134b58cd26e2313be9d1af"}]}, 0xec}, 0x1, 0x0, 0x0, 0x8101}, 0x20000000) r3 = syz_genetlink_get_family_id$auto_netdev(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x20, r3, 0x1, 0x70bd26, 0x25dfdbff, {}, [@NETDEV_A_PAGE_POOL_ID={0x4, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x0) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0x8, 0xb, 0x2e, 0x0, 0x3}, 0x6f4) socket(0x2, 0x800, 0xb) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x80000001, 0x4}, 0x77, 0x0, 0x0, 0x62bd) mlockall$auto(0x7) rseq$auto(&(0x7f00000001c0)={0x5, 0x6943, 0xc, 0xd, 0xd, 0x8fc7, "2659ab42588551135a337e72961d7f5d1cd9578f083eb6e883abc89e3e2b67efe93ecb6b2d0f01e2e2688be79e863a1e03620b7d6c1b9fca7b91fc4227afa1b62d1a4115e69498add66d7ac36e020b2a90f280c8d58011cf76c90897beb57e339e10f83ed0dd64e405926649adc8eab13a7f8896061462938061c88c21c7c9d4026fadb347f9ce7da999e865e315011cefb5c70fbfa61912b1ccc35d9e0c74b45e5e015e86c39f0e03afab6a8e39008fe111fc83df0bdc46fbdd95c3302cf659"}, 0x9, 0x0, 0x3) madvise$auto(0xffffffffffffffff, 0x2000040080000004, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) socket(0x23, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) pipe$auto(0x0) vmsplice$auto(0x4, &(0x7f0000000040)={0x0, 0x2}, 0x2, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8000, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) r4 = open(&(0x7f00000000c0)='./file0\x00', 0x81, 0xe0) io_uring_setup$auto(0x40005, &(0x7f0000000000)={0x4, 0x4, 0x400, 0x7, 0x1005, 0x7, r4, [0x200, 0x2e9, 0x8], {0x0, 0x1, 0x5, 0x7, 0x5, 0x5, 0x1, 0xfffffffc, 0x104}, {0x0, 0x1000fff, 0x2, 0x2, 0xbb7, 0x7, 0x3, 0x0, 0x3}}) clone$auto(0x200, 0xff, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x100000000) set_mempolicy$auto(0x7fff, &(0x7f0000000000)=0x6b, 0x0) 2m36.677508619s ago: executing program 1 (id=2853): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_NEW_KEY(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001500)={0x1c, r1, 0x413, 0x70bd2b, 0x25dfdbfb, {0xb, 0x0, 0xf000}, [@NL80211_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4804}, 0x80) 2m36.347271514s ago: executing program 1 (id=2854): ioperm$auto(0x7, 0x6, 0x2) socket(0x1e, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x15, 0x5, 0x0) socket(0xa, 0x2, 0x3a) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) getsockopt$auto(0x6, 0x40000000029, 0x1d, 0xfffffffffffffffe, 0x0) r0 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), 0xffffffffffffffff) socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x4, 0xdf, 0x80000000000eb1, 0x3, 0x0) connect$auto(0x3, &(0x7f00000000c0)={0x8, @sockaddr_1_1}, 0x55) mmap$auto(0x0, 0xd, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) pipe$auto(0x0) writev$auto(0x5, 0x0, 0x201) socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) readv$auto(0x4, &(0x7f0000000100)={0x0, 0x1000}, 0x8) write$auto(0xc8, 0x0, 0x40f6) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_SET(r1, &(0x7f0000002180)={0x0, 0x0, &(0x7f0000002140)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010027bd7000fbdbdf29d25338d25d44692200000008020a0004000000040008002db741eb86d435e233d2e3660cb4d7986d4bfb6caf915115cbc036f4c0031a316ab652c1c5d4dd69431184b74594d21bf7fcd2faec65708e52"], 0x20}, 0x1, 0x0, 0x0, 0x4481}, 0x5800) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_IPVS(&(0x7f0000001180), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_ZERO(r2, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000011c0)={0x18, r3, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_SERVICE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x40000004}, 0x4800) init_module$auto(0x0, 0x4, 0x0) 2m35.610971399s ago: executing program 1 (id=2858): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2, 0x2, 0x88) bpf$auto(0x8000000000000020, 0xffffffffffffffff, 0x0) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x20008000) close_range$auto(r0, r1, 0xdc) bind$auto(0x3, &(0x7f0000000080)={0x2, @sockaddr_1_1}, 0x6b) mmap$auto(0x0, 0x1000000000200004, 0x4000000000e4, 0x40eb2, 0xd, 0x300000000000) recvfrom$auto(r1, 0x0, 0x9b, 0x0, 0x0, 0x0) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) clone$auto(0x100, 0x7, &(0x7f0000000040)=0x5, &(0x7f0000000100)=0x400, 0x1) socket(0x2b, 0x1, 0x1) getsockopt$auto(0x4, 0x200000000, 0x1, 0xfffffffffffffffc, 0x0) pipe$auto(0x0) rseq$auto(&(0x7f0000000240)={0x9, 0x6, 0x1, 0x6, 0xffffffff, 0x2, "bcb10fc373c0a0c3966414c9e81a686da16206169f133438f9287ce3363f7a03e9e137fb55f82ba51b43a31c47709bbaa20d17f2478e2fa3b7aca4bcb095607fe7094489857ce17840c638df53c37e9d8807e9eae10e2f6a2a676124042d193f67a3423e0312742585cb2a40e34f4b9b8d0bc2362098e1907b29bf16791052546f101397ac86e5260d280839e4445075b1fe9ef576d1acb912758103a816857de6bbdf65d6d1b18158d18f6f6213bd41f807bc1522dc56adef3435b15e3b7323be6058281b2c137509eb0b0d27b3a55fc7ec49f0f762e7da1b360dfe3b4cbf01075dc3b62645e482a44da13b1c9242"}, 0x7fff, 0x0, 0x6) mmap$auto(0x6, 0x8, 0xdf, 0x9b72, 0x2, 0x4) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) truncate$auto(0x0, 0xa) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0x15, 0x5, 0x0) socket(0x10, 0x4, 0x0) socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto(0x3, 0x89e2, 0x91) 2m19.164699113s ago: executing program 39 (id=2858): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2, 0x2, 0x88) bpf$auto(0x8000000000000020, 0xffffffffffffffff, 0x0) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x20008000) close_range$auto(r0, r1, 0xdc) bind$auto(0x3, &(0x7f0000000080)={0x2, @sockaddr_1_1}, 0x6b) mmap$auto(0x0, 0x1000000000200004, 0x4000000000e4, 0x40eb2, 0xd, 0x300000000000) recvfrom$auto(r1, 0x0, 0x9b, 0x0, 0x0, 0x0) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) clone$auto(0x100, 0x7, &(0x7f0000000040)=0x5, &(0x7f0000000100)=0x400, 0x1) socket(0x2b, 0x1, 0x1) getsockopt$auto(0x4, 0x200000000, 0x1, 0xfffffffffffffffc, 0x0) pipe$auto(0x0) rseq$auto(&(0x7f0000000240)={0x9, 0x6, 0x1, 0x6, 0xffffffff, 0x2, "bcb10fc373c0a0c3966414c9e81a686da16206169f133438f9287ce3363f7a03e9e137fb55f82ba51b43a31c47709bbaa20d17f2478e2fa3b7aca4bcb095607fe7094489857ce17840c638df53c37e9d8807e9eae10e2f6a2a676124042d193f67a3423e0312742585cb2a40e34f4b9b8d0bc2362098e1907b29bf16791052546f101397ac86e5260d280839e4445075b1fe9ef576d1acb912758103a816857de6bbdf65d6d1b18158d18f6f6213bd41f807bc1522dc56adef3435b15e3b7323be6058281b2c137509eb0b0d27b3a55fc7ec49f0f762e7da1b360dfe3b4cbf01075dc3b62645e482a44da13b1c9242"}, 0x7fff, 0x0, 0x6) mmap$auto(0x6, 0x8, 0xdf, 0x9b72, 0x2, 0x4) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) truncate$auto(0x0, 0xa) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0x15, 0x5, 0x0) socket(0x10, 0x4, 0x0) socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto(0x3, 0x89e2, 0x91) 2m19.145312234s ago: executing program 7 (id=2945): poll$auto(&(0x7f0000000080)={0x2, 0x0, 0x1a}, 0xff, 0x1) setsockopt$auto(r0, 0x3, 0xddf, &(0x7f0000000480)='-,{(\xec\x00\x95\xbe\b\xdc\xb7SN\xaf^\x12\xd0\xcd\x1a+U\x80\x8d\\X\xe0!\xdd\xb70\xc7\xdd\xd8=\xf7,\xbb\f}\xd7\t?\x86\xb8>\x18\xf2\xaf\x85{aX\v\x1d\xfb\x18w\xbb\x81\xc5\x00\xf3\x16\x0e?\x89\x14g\vB\xfb\x8d~h\xcaV\xd6\xe3\xb0:\x93~S\xe9}ug\x16\xbc\xa6\x80\x89\xfe\x9b\xb5\xb3OY/\xc2\x9c?\x17\x83\x96?\x04^\xa9\xd7\xcd\xfa\x05\x16\xa2O\x1a\x05<\x8eI\xd0\xae\xfe\x84\xdf\xa2+\xa3&S\xf3\\@gI\xe9\a\xd2/\x127c\xf2S\xfa\xf0C\x11*fx\xcd\x11\xdeQ\xb1\x9b\xbe\xe5b\x10w?\xc9\xc3\x00\x14\xd1Yf\xb1n\xbf\xd7\x0e^$\xe76d?\x87\x06\xcb\xd3\xba\xac\x13\x997rL\xcd\xd7I\xc6n\x05b\xd7\xe1/\xe0\xfa\x87\xbdnC\x93\x97/\x1d\x13\xe0x\xcb\x04', 0x1c8) execve$auto(0x0, 0x0, 0x0) symlink$auto(0x0, 0x0) socket(0x1, 0x1, 0x1) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) pidfd_open$auto(0x0, 0x2) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto(0x3, 0x89e0, 0x91) setsockopt$auto(0x3, 0x114, 0xfffffffffffff22d, 0xffffffffffffffff, 0x3) execve$auto(&(0x7f00000002c0)=':,\x00', &(0x7f0000000400)=0x0, 0x0) execve$auto(&(0x7f00000000c0)=':,\x00', &(0x7f0000000240)=&(0x7f0000000200)='ns/time_for_childrent', &(0x7f0000000440)=0x0) 2m18.42397437s ago: executing program 7 (id=2949): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'erspan0\x00', 0x0}) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r1, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f00000015c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000008000000000000", @ANYRES32=r3, @ANYBLOB="080001"], 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x810) 2m17.335243099s ago: executing program 7 (id=2953): r0 = socket(0x10, 0x2, 0x9) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, {0x7bd}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80c0}, 0x4000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ila(&(0x7f00000022c0), r1) sendmsg$auto_ILA_CMD_DEL(r1, &(0x7f0000002380)={0x0, 0x0, &(0x7f0000002340)={&(0x7f0000002300)={0x14, r2, 0x1, 0x70bd27, 0x25dfdbfe, {0x2, 0x0, 0xfc}}, 0x14}, 0x1, 0x0, 0x0, 0xc811}, 0x20000000) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth0_virt_wifi\x00', 0x0}) sendmsg$auto_ILA_CMD_GET(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x34, r2, 0x8, 0x70bd2c, 0x25dfdbfb, {}, [@ILA_ATTR_IFINDEX={0x8, 0x4, r3}, @ILA_ATTR_LOCATOR_MATCH={0xc, 0x3, 0x5e94}, @ILA_ATTR_LOCATOR={0xc, 0x1, 0x9}]}, 0x34}, 0x1, 0x0, 0x0, 0x28040814}, 0x40004) 2m16.815526475s ago: executing program 7 (id=2954): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000680), r0) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110b27bd7000ffdbdf250900000008000300b400"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x1000) rseq$auto(0x0, 0x7ffe, 0x0, 0x6) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x98a, 0x4, 0x6, 0x17, 0x4, 0x10000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000021}, 0x8004) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) mmap$auto(0x0, 0x20006, 0x10000000000df, 0xeb2, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) r2 = socket(0x22, 0x6, 0x2adff) setsockopt$auto(0x3, 0x10000000084, 0x7c, 0x0, 0x8) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x3) madvise$auto(0x0, 0xffffffffffff0001, 0x15) symlink$auto(&(0x7f0000000040)='-\xb1)]\'*\x00', &(0x7f0000000080)='}^!-\\\x00') madvise$auto(0x0, 0xffffffffffff0001, 0x15) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_IPVS(&(0x7f0000000100), r2) sendmsg$auto_IPVS_CMD_GET_SERVICE(r2, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000300)={0x180, r4, 0x100, 0x70bd26, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DAEMON={0xda, 0x3, "3b98da42842168b876bcc04a6138129090ad36e179c9f11ae9ef8fe37d784075d659ad03fbb839f9e55489b2c1368a1fe0850fd3f0418f1c481d6d224daeaf975cdfbb569060cb6600389cf7c18e0350b3379d98c9a592c6097a4e979ee92d0ebaf5cb44316e2e85147fb88243e865c35a61215c97e783222a529967beb875049092381537f7cef09d4e848137c88a32b468bd911bf718aac9f596adee8487792d617b45576ab8bbb0dc3f753a2287dcaf71ba4bc5dd8fa494e9103ad1223bcf3195b86dc89678d03344eb15f1fc859111ccc2853ed6"}, @IPVS_CMD_ATTR_DEST={0x7d, 0x2, "2ff65dc4bbb72a125521d1c36a526f9632eefd5d78b0842a8c43dc99ca2f4614bb9566e9bcd8810dae65e58c607d1c7652034b9623f53eddc5c13008cf9b80efb7d9a63ae8f66e879b6eb57bab4cd43eacd45661296e17fa8472ad4dbd7b87548da5fa61c95d69e610e5edba36ec62ab1ee3e62bd3b18c2b55"}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8001}]}, 0x180}, 0x1, 0x0, 0x0, 0x4081}, 0x1) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9) recvmmsg$auto(0x4, &(0x7f0000000200)={{0x0, 0x4, &(0x7f0000000140)={0x0, 0x4da}, 0x4, 0x0, 0x8, 0x800}, 0x1000}, 0xffffffff, 0x0, 0x0) syz_genetlink_get_family_id$auto_NLBL_UNLBL(0x0, r3) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getegid() 2m13.038151958s ago: executing program 7 (id=2962): socket(0x2, 0x2, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000000)={0x2, @sockaddr_1_1}, 0x55) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) 2m11.945855204s ago: executing program 7 (id=2964): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), r0) mmap$auto(0x8000000000000000, 0x7, 0xfeee, 0x15, 0x5, 0x4) sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semctl$auto(0x8, 0x401, 0x1, 0x8) getrandom$auto(0x0, 0x6000000, 0x3) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x4) mprotect$auto(0x0, 0x5, 0x7) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r2, 0x0, 0x40) rename$auto(&(0x7f0000000000)=')!\'\\\x00', 0x0) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, 0x0, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) syz_open_procfs$namespace(0xffffffffffffffff, 0x0) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) execve$auto(&(0x7f0000000040)=':,\x00', 0x0, &(0x7f0000000200)=&(0x7f00000001c0)=':,\x00') syz_genetlink_get_family_id$auto_IOAM6(&(0x7f0000000400), r0) msgrcv$auto(0x1, &(0x7f0000000140)={0x4, 0x3}, 0x0, 0x6, 0x7) r3 = syz_genetlink_get_family_id$auto_MAC80211_HWSIM(&(0x7f0000000640), r0) sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x20, r3, 0x100, 0x70bd28, 0x25dfdbff, {}, [@HWSIM_ATTR_COOKIE={0xc, 0x8, 0x8}]}, 0x20}}, 0x40000) 1m55.288198863s ago: executing program 40 (id=2964): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), r0) mmap$auto(0x8000000000000000, 0x7, 0xfeee, 0x15, 0x5, 0x4) sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semctl$auto(0x8, 0x401, 0x1, 0x8) getrandom$auto(0x0, 0x6000000, 0x3) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x4) mprotect$auto(0x0, 0x5, 0x7) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r2, 0x0, 0x40) rename$auto(&(0x7f0000000000)=')!\'\\\x00', 0x0) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, 0x0, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) syz_open_procfs$namespace(0xffffffffffffffff, 0x0) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) execve$auto(&(0x7f0000000040)=':,\x00', 0x0, &(0x7f0000000200)=&(0x7f00000001c0)=':,\x00') syz_genetlink_get_family_id$auto_IOAM6(&(0x7f0000000400), r0) msgrcv$auto(0x1, &(0x7f0000000140)={0x4, 0x3}, 0x0, 0x6, 0x7) r3 = syz_genetlink_get_family_id$auto_MAC80211_HWSIM(&(0x7f0000000640), r0) sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x20, r3, 0x100, 0x70bd28, 0x25dfdbff, {}, [@HWSIM_ATTR_COOKIE={0xc, 0x8, 0x8}]}, 0x20}}, 0x40000) 1m6.448680952s ago: executing program 8 (id=3104): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) (async) mmap$auto(0x80b, 0xb53, 0x9e, 0x15, 0x1, 0x8001) write$auto(0x4, 0x0, 0x100082) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) mlock2$auto(0x1, 0x6, 0x43) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) (async) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfd, 0x0, 0xfffffffffffffffd) 1m6.015785372s ago: executing program 8 (id=3108): delete_module$auto(&(0x7f0000000000)='+#.\x00', 0x0) (async) delete_module$auto(&(0x7f0000000040)='+#.\x00', 0x5) (async) delete_module$auto(&(0x7f0000000080)='+#.\x00', 0x4a8) delete_module$auto(&(0x7f00000000c0)='])+@*/&,\x00', 0x1ff) (async) delete_module$auto(&(0x7f0000000100)='%\x00', 0x5) (async) delete_module$auto(&(0x7f0000000140)='%\x00', 0x4) delete_module$auto(&(0x7f0000000180)='+#.\x00', 0xe) (async) delete_module$auto(&(0x7f00000001c0)='])+@*/&,\x00', 0xde81) delete_module$auto(&(0x7f0000000200)='\x00', 0x3ff) delete_module$auto(&(0x7f0000000240)='}!\'\x00', 0x8) delete_module$auto(&(0x7f0000000280)='])+@*/&,\x00', 0x2) (async) delete_module$auto(&(0x7f00000002c0)='}!\'\x00', 0xffffff5a) (async) delete_module$auto(&(0x7f0000000300)='\x00', 0x3) delete_module$auto(&(0x7f0000000340)='%\x00', 0x6) delete_module$auto(&(0x7f0000000380)='\x00', 0x1) (async) delete_module$auto(&(0x7f00000003c0)='}!\'\x00', 0x1) (async) delete_module$auto(&(0x7f0000000400)='%\x00', 0xc) delete_module$auto(&(0x7f0000000440)='[\x00', 0x10001) (async) delete_module$auto(&(0x7f0000000480)='])+@*/&,\x00', 0x560) (async) delete_module$auto(&(0x7f00000004c0)='}!\'\x00', 0x3) delete_module$auto(&(0x7f0000000500)='%\x00', 0x8) delete_module$auto(&(0x7f0000000540)='[\x00', 0x9) (async) delete_module$auto(&(0x7f0000000580)='%\x00', 0xfffffff7) (async) delete_module$auto(&(0x7f00000005c0)='[\x00', 0x4) (async) delete_module$auto(&(0x7f0000000600)='],!^$\'*#%*', 0x7f) (async) delete_module$auto(&(0x7f0000000640)='\x00', 0xf5) (async) delete_module$auto(&(0x7f0000000680)='.*-&)[--+j&$,-A\x00', 0xd3f) delete_module$auto(&(0x7f00000006c0)='])+@*/&,\x00', 0x8) delete_module$auto(&(0x7f0000000700)='],!^$\'*#%*', 0x71) (async) delete_module$auto(&(0x7f0000000740)='\x00', 0xa6) 1m5.882978947s ago: executing program 8 (id=3109): poll$auto(&(0x7f0000000080)={0x2, 0x0, 0x1a}, 0xff, 0x1) setsockopt$auto(r0, 0x5, 0xddf, &(0x7f0000000480)='-,{(\xec\x00\x95\xbe\b\xdc\xb7SN\xaf^\x12\xd0\xcd\x1a+U\x80\x8d\\X\xe0!\xdd\xb70\xc7\xdd\xd8=\xf7,\xbb\f}\xd7\t?\x86\xb8>\x18\xf2\xaf\x85{aX\v\x1d\xfb\x18w\xbb\x81\xc5\x00\xf3\x16\x0e?\x89\x14g\vB\xfb\x8d~h\xcaV\xd6\xe3\xb0:\x93~S\xe9}ug\x16\xbc\xa6\x80\x89\xfe\x9b\xb5\xb3OY/\xc2\x9c?\x17\x83\x96?\x04^\xa9\xd7\xcd\xfa\x05\x16\xa2O\x1a\x05<\x8eI\xd0\xae\xfe\x84\xdf\xa2+\xa3&S\xf3\\@gI\xe9\a\xd2/\x127c\xf2S\xfa\xf0C\x11*fx\xcd\x11\xdeQ\xb1\x9b\xbe\xe5b\x10w?\xc9\xc3\x00\x14\xd1Yf\xb1n\xbf\xd7\x0e^$\xe76d?\x87\x06\xcb\xd3\xba\xac\x13\x997rL\xcd\xd7I\xc6n\x05b\xd7\xe1/\xe0\xfa\x87\xbdnC\x93\x97/\x1d\x13\xe0x\xcb\x04', 0x1c8) execve$auto(0x0, 0x0, 0x0) symlink$auto(0x0, 0x0) socket(0x1, 0x1, 0x1) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) pidfd_open$auto(0x0, 0x2) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) getresgid$auto(&(0x7f0000000100)=0xc00, &(0x7f0000000140)=0x10, &(0x7f00000001c0)=0x200) dup3$auto(r0, r0, 0x8) ioctl$auto(0x3, 0x89e0, 0x91) lgetxattr$auto(&(0x7f0000000300)='-,{(\xec\x00\x95\xbe\b\xdc\xb7SN\xaf^\x12\xd0\xcd\x1a+U\x80\x8d\\X\xe0!\xdd\xb70\xc7\xdd\xd8=\xf7,\xbb\f}\xd7\t?\x86\xb8>\x18\xf2\xaf\x85{aX\v\x1d\xfb\x18w\xbb\x81\xc5\x00\xf3\x16\x0e?\x89\x14g\vB\xfb\x8d~h\xcaV\xd6\xe3\xb0:\x93~S\xe9}ug\x16\xbc\xa6\x80\x89\xfe\x9b\xb5\xb3OY/\xc2\x9c?\x17\x83\x96?\x04^\xa9\xd7\xcd\xfa\x05\x16\xa2O\x1a\x05<\x8eI\xd0\xae\xfe\x84\xdf\xa2+\xa3&S\xf3\\@gI\xe9\a\xd2/\x127c\xf2S\xfa\xf0C\x11*fx\xcd\x11\xdeQ\xb1\x9b\xbe\xe5b\x10w?\xc9\xc3\x00\x14\xd1Yf\xb1n\xbf\xd7\x0e^$\xe76d?\x87\x06\xcb\xd3\xba\xac\x13\x997rL\xcd\xd7I\xc6n\x05b\xd7\xe1/\xe0\xfa\x87\xbdnC\x93\x97/\x1d\x13\xe0x\xcb\x04', &(0x7f0000000580)='-,{(\xec\x00\x95\xbe\b\xdc\xb7SN\xaf^\x12\xd0\xcd\x1a+U\x80\x8d\\X\xe0!\xdd\xb70\xc7\xdd\xd8=\xf7,\xbb\f}\xd7\t?\x86\xb8>\x18\xf2\xaf\x85{aX\v\x1d\xfb\x18w\xbb\x81\xc5\x00\xf3\x16\x0e?\x89\x14g\vB\xfb\x8d~h\xcaV\xd6\xe3\xb0:\x93~S\xe9}ug\x16\xbc\xa6\x80\x89\xfe\x9b\xb5\xb3OY/\xc2\x9c?\x17\x83\x96?\x04^\xa9\xd7\xcd\xfa\x05\x16\xa2O\x1a\x05<\x8eI\xd0\xae\xfe\x84\xdf\xa2+\xa3&S\xf3\\@gI\xe9\a\xd2/\x127c\xf2S\xfa\xf0C\x11*fx\xcd\x11\xdeQ\xb1\x9b\xbe\xe5b\x10w?\xc9\xc3\x00\x14\xd1Yf\xb1n\xbf\xd7\x0e^$\xe76d?\x87\x06\xcb\xd3\xba\xac\x13\x997rL\xcd\xd7I\xc6n\x05b\xd7\xe1/\xe0\xfa\x87\xbdnC\x93\x97/\x1d\x13\xe0x\xcb\x04', &(0x7f0000000040)=[0xa29, 0xfffffffffffffffb, 0x5, 0x2748, 0x99b7, 0xffffffff, 0x3, 0xc], 0x4) setsockopt$auto(0x3, 0x114, 0xfffffffffffff22d, 0xffffffffffffffff, 0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00') close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) pidfd_open$auto(0x1, 0x0) ioctl$NS_GET_PARENT(r1, 0xff04, 0x0) socket(0x10, 0x3, 0x6) open(&(0x7f0000000040)='./file0\x00', 0x121342, 0x67) bpf$auto(0x1c, &(0x7f0000000000)=@link_update={0xa, @new_map_fd=0x29d, 0x7, @old_map_fd=0x3ff}, 0xa3) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x18, 0x5, 0x2) bind$auto(0x7, &(0x7f0000000000)={0x1d, @sockaddr_1_1}, 0x3e) 1m5.421377006s ago: executing program 8 (id=3113): socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0xa, 0x1, 0x0) socket(0x2, 0x1, 0x106) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000002d40), r0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000002dc0)={&(0x7f0000000000)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x20008000}, 0x200000c0) socket(0xa, 0x3, 0xff) setsockopt$auto(0x3, 0x0, 0x80000001, 0x0, 0x25) mmap$auto(0x0, 0x2, 0xdf, 0xeb1, 0xffffffff, 0x8000) mmap$auto(0x0, 0x3, 0xe0, 0x9b72, 0x2, 0x10000) mmap$auto(0xfff, 0x2020009, 0x106, 0xb35, 0xf21, 0x1000007) fcntl$auto(0x0, 0x402, 0x80000000) close_range$auto(0x0, 0xfffffffffffff040, 0x4000000000002) r2 = socket(0xa, 0x801, 0x106) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="5c00005069804c00", @ANYRES16=0x0, @ANYRESDEC=0x0], 0x5c}, 0x1, 0x0, 0x0, 0x80}, 0x44891) connect$auto(r1, &(0x7f0000000040)={0x2, @sa_data_min="78c8e1482ce9a809fc36b8e1655f"}, 0x5) clone$auto(0x2020003b46, 0x2, 0x0, 0x0, 0x8000000000000001) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(r2, &(0x7f0000000280)={{0x0, 0xe, &(0x7f00000000c0)={&(0x7f0000000080), 0xe}, 0x657, 0x0, 0xffffffffffffffff, 0xd}, 0x3}, 0x752, 0x8) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0x0) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x91, 0x0, 0x8) r3 = socket(0x22, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x80044944, 0x0) socket(0x2c, 0x800, 0x3) 1m5.123501511s ago: executing program 8 (id=3115): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x2, 0x88) poll$auto(&(0x7f0000000d40)={0x3, 0x1, 0x5}, 0x5, 0x400) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) connect$auto(0x3, &(0x7f0000000000)={0x2, @sa_data_min="0800e00000000000c1728d2af766"}, 0x55) write$auto(0x3, 0x0, 0x81) timerfd_create$auto(0x9, 0x0) semctl$auto(0x1ff, 0x2, 0x13, 0x4) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) socket(0x2b, 0x1, 0x1) socket(0x1d, 0x2, 0x2) r1 = socket(0x2, 0x1, 0x106) sendmsg$auto_OVS_DP_CMD_SET(r1, 0x0, 0x20040810) setsockopt$auto(0x3, 0x6, 0x3, 0x0, 0xa) r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x34, r2, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HSR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000800}, 0x80) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) ioperm$auto(0x7, 0x6, 0x2) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) socket$nl_generic(0x10, 0x3, 0x10) signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) signalfd$auto(0x4, 0x0, 0x8) select$auto(0x7, &(0x7f0000000100)={[0x8001, 0xa, 0x400, 0x9b, 0x4, 0xfff, 0x9c, 0x8aa1, 0x2, 0x1, 0x9, 0x7fffffffffffffff, 0x100, 0x6, 0x9f, 0x8]}, &(0x7f0000000180)={[0x8001, 0x6, 0x2, 0x3d, 0xfe3, 0x2, 0x56f, 0x1, 0x3, 0x4f, 0xd, 0x5, 0x8000000000000000, 0x8, 0xf, 0x5]}, &(0x7f0000000200)={[0x9, 0x3, 0x9, 0xfffffffffffff8c3, 0x7fffffffffffffff, 0x3, 0x9, 0x0, 0x0, 0x2, 0x8, 0x3, 0x2842, 0x3, 0x2, 0xfffffffffffffff9]}, &(0x7f0000000280)={0x0, 0x5}) r3 = socket$nl_generic(0x10, 0x3, 0x10) getsockname$auto(r3, &(0x7f0000000000)={0x8, @sockaddr_1_1={"c2c39688b9ccee464808e5d91563c54fbfab6236930a42306c80854042ac1f518d3a58b6b70567bcedc1a967d6dd87aca7fce97f0bb4f79ab9ab763720e379305418dabd3ba567f641412f55b050cf6bb5552a05a4664d245b841d8778c3541bed8e4aae375fda0fca48c5e2eab37c5419ba8d161c4550fc103358c4a59afb6fc1779beb711c6cc7a345e90a14f36dbdf53e711117d4bdc17f2ab3df98e90a6d55063187d14d243e42"}}, &(0x7f00000000c0)=0x9) ioctl$auto(0x3, 0x40085400, 0x5) 1m3.781508692s ago: executing program 8 (id=3124): socket(0x2, 0x2, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000000)={0x2, @sockaddr_1_1}, 0x55) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xfeff) connect$auto(0x3, 0x0, 0x55) 1m3.337733599s ago: executing program 41 (id=3124): socket(0x2, 0x2, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000000)={0x2, @sockaddr_1_1}, 0x55) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xfeff) connect$auto(0x3, 0x0, 0x55) 35.629250812s ago: executing program 4 (id=3171): bpf$auto(0x0, 0x0, 0xa3) io_setup$auto(0x10000, &(0x7f0000000040)) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x18, 0x3, 0x80000) select$auto(0x3, 0x0, 0x0, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000180)={0x2, @sa_data_min="9231f86ed63133d91a80c310b1db"}, 0x55) connect$auto(0x3, 0xfffffffffffffffe, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0xa, 0x3, 0x6) madvise$auto(0x0, 0x2000040080000004, 0xe) syz_genetlink_get_family_id$auto_IPVS(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0x53, 0x9) sendmmsg$auto(0x3, &(0x7f0000000040)={{0x0, 0x2, &(0x7f0000000080)={0x0, 0x1}, 0x10a, 0x0, 0x0, 0x3ff}, 0xed7138c}, 0x200, 0x0) ioctl$auto(r0, 0x80000541b, 0x38) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x1ffff000, 0x5510, 0x8) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) madvise$auto(0x0, 0xffffffffffff0005, 0x19) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) open_by_handle_at$auto(0xffffff9c, 0xffffffffffffffff, 0x9658) madvise$auto(0x0, 0xffffffffffff0008, 0x19) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) 31.239722041s ago: executing program 4 (id=3190): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000001500), 0xffffffffffffffff) sendmsg$auto_TCP_METRICS_CMD_DEL(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001540)={0x1c, r1, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @loopback}]}, 0x1c}, 0x1, 0x0, 0xffffff9e, 0x8000}, 0x4000000) 31.011856155s ago: executing program 4 (id=3192): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000003a80)={0x0, 0x0, &(0x7f0000003a40)={&(0x7f00000038c0)=ANY=[@ANYBLOB="1400f000", @ANYRES16=r1, @ANYBLOB="f7ff8fa11b6e000000001f"], 0x14}, 0x1, 0x0, 0x0, 0xecac9eb1bdd4400c}, 0x0) 30.761244214s ago: executing program 4 (id=3193): ioperm$auto(0x7, 0x6, 0x2) set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7e, 0x4) socketpair$auto(0x3, 0x5, 0x7, 0x0) iopl$auto(0x2) rt_sigqueueinfo$auto(0x9, 0x8, 0x0) r0 = socket(0x10, 0x2, 0x0) socket(0x2, 0x5, 0x0) connect$auto(0x3, &(0x7f0000000280)={0xa, @sockaddr_1_1}, 0x55) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001780), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PSE_GET(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYRESDEC=r1], 0x1c}, 0x1, 0x0, 0x0, 0x40880}, 0x0) bpf$auto(0x0, &(0x7f0000000000)=@bpf_attr_7={@start_id=0x2, 0x3, 0x6}, 0xd) futex_wait$auto(0x0, 0x0, 0x7f, 0x2, 0x0, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(0x1, 0x1, 0x41, &(0x7f0000000000)='\x00', 0xbb) get_mempolicy$auto(0x0, 0x0, 0x400, 0x0, 0x1) 30.55798844s ago: executing program 4 (id=3194): socket$nl_generic(0x10, 0x3, 0x10) socket(0x15, 0x5, 0x0) bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_3={0x8, 0x9067, 0x18c, 0x4, 0x2, 0x8, 0x4, 0x57b8, 0xfffffff8, "63acf0e05b2d33ebc15774e816ef77cf", 0x0, 0x543, 0x4, 0x207, 0x3, 0x4, 0x4, 0x2, 0xe, 0xa, @attach_btf_obj_fd=0x3, 0x166, 0x7fb, 0x80000200006, 0xa, 0x48000000, 0xa7c2}, 0x102) bind$auto(0x3, &(0x7f0000000040)={0xa, @sa_data_min="001000000000fe8000"}, 0x69) tkill$auto(0x80000000000001, 0x7) keyctl$auto(0x16, 0x800, 0x5069, 0x1, 0x7f) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x15, 0x5, 0x0) (async) bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_3={0x8, 0x9067, 0x18c, 0x4, 0x2, 0x8, 0x4, 0x57b8, 0xfffffff8, "63acf0e05b2d33ebc15774e816ef77cf", 0x0, 0x543, 0x4, 0x207, 0x3, 0x4, 0x4, 0x2, 0xe, 0xa, @attach_btf_obj_fd=0x3, 0x166, 0x7fb, 0x80000200006, 0xa, 0x48000000, 0xa7c2}, 0x102) (async) bind$auto(0x3, &(0x7f0000000040)={0xa, @sa_data_min="001000000000fe8000"}, 0x69) (async) tkill$auto(0x80000000000001, 0x7) (async) keyctl$auto(0x16, 0x800, 0x5069, 0x1, 0x7f) (async) 29.671862381s ago: executing program 4 (id=3196): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x1d, 0x3, 0x1) setsockopt$auto(0x3, 0x4, 0x7, 0xffffffffffffffff, 0x3) madvise$auto(0x0, 0xffffffffffff0005, 0x19) write$auto(0x3, 0x0, 0xfdef) 29.083944171s ago: executing program 42 (id=3196): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x1d, 0x3, 0x1) setsockopt$auto(0x3, 0x4, 0x7, 0xffffffffffffffff, 0x3) madvise$auto(0x0, 0xffffffffffff0005, 0x19) write$auto(0x3, 0x0, 0xfdef) 22.887586196s ago: executing program 9 (id=3208): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000000)={0x2, @sockaddr_1_1}, 0x55) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) connect$auto(0x3, 0x0, 0x55) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x6, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) (fail_nth: 10) sync_file_range$auto(0x3, 0x9, 0x40010001, 0x4) 21.816306878s ago: executing program 9 (id=3213): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x20006, 0x10000000000df, 0xeb2, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(0x3, 0x89e2, 0x91) socket(0xa, 0x2, 0x88) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) sendto$auto(0x8, 0x0, 0x95, 0x5, 0x0, 0x9) ioperm$auto(0x3, 0x5, 0x149) sysfs$auto(0x8, 0xd, 0x6) sysfs$auto(0x1, 0x0, 0x6) mmap$auto(0x0, 0x8, 0xdf, 0x29b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) getsockopt$auto(0x6, 0x40000000029, 0x2, 0xfffffffffffffffe, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x8, 0xb9c, 0x41fa, 0x80004, 0xa) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unlink$auto(0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_IEEE802154_LLSEC_ADD_DEVKEY(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000800)={0x14, 0x0, 0x4, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4008004}, 0x4) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000940), r0) r1 = syz_genetlink_get_family_id$auto_NLBL_UNLBL(&(0x7f0000000e00), r0) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000400), 0xffffffffffffffff) getrlimit$auto(0xd, &(0x7f0000000000)={0x3, 0x10}) sendmsg$auto_BATADV_CMD_GET_DAT_CACHE(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000fec96a19aa64db21e6ae3e73fe272ee60563a36190cc9cc22c09ffa96f6a3e324ee76ee3717bcdfc9cb47591ec69e2288a5db9f992ab48e6294f1343d24f4dc5ab736eaf6c8201886337b269e32645f06347b1775e66b05a334f05ef0f80483467ed12ccc5c3fb030000b4d7010898d40d01f693df492a0f66bc3e50c041119f6749b3709be82da05f44a511953a31f3acf30dc93dcb1f4cb925ea22d0a652e1618e0dbc62fabab07982edf1f176c40e", @ANYRES16=r3, @ANYBLOB="57e72dbd7000ffdbdf250d000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x10) membarrier$auto(0x4, 0x8000000000000000, 0x0) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000e80)={&(0x7f0000000e40)={0x28, r1, 0x101, 0x70bd26, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, {@u6_addr16=[0xa0, 0x4, 0xfff9, 0xe, 0x313, 0x0, 0x6, 0x5]}}]}, 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000) 19.4370021s ago: executing program 9 (id=3219): mmap$auto(0x0, 0x400008, 0x7, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) setresuid$auto(0x8, 0x0, 0x4) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x6) getsockopt$auto(0x6, 0x29, 0x4b, 0x0, 0x0) setpriority$auto(0x2, 0x8, 0x8) clone$auto(0x200009, 0x7fffffffffffffff, 0xfffffffffffffffc, 0x0, 0x7) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x20200, 0x15) 17.340891204s ago: executing program 9 (id=3227): io_submit$auto(0xfffffffffffffff7, 0xfffffffffffffffb, &(0x7f00000001c0)=&(0x7f0000000180)={0x3, 0x4, 0x9, 0xfaf1, 0x0, 0x3, 0x9, 0x800, 0xd9a, 0x0, 0x40, 0xffffffffffffffff}) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f0000000880)={0x50c, r1, 0x8, 0x70bd29, 0x25dfdbfc, {}, [@NL80211_ATTR_FREQ_FIXED={0x4}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_SPLIT_WIPHY_DUMP={0x4}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, 0x24a}, @NL80211_ATTR_FILS_ERP_REALM={0xf2, 0xfa, "67689da3da37764ddb6cf8b82d587f3c92fbaccbd557d143f6a68184ce7a71e3eaed171d92b2d756a8736030f1bb204216e9df83f2b3ff488b18dc68625b2d618e218746d50d2a8eb6f91943e231136b681cbe1cee3685eedda50104466b4ca1a050611ea7c90de643e89df1fdb8ac9d9e4cd972bf90a063ac01e8396bf49ec39016e9487e63af3f7ebc862be9b54242d3f62677aa26e3e0dad3d41d9b590b0355229a53244b0c43219d3d6a5dd6be9b202e0ea3d927c477bda276a813215e236fc6a86512ea32612c3ef1ee9c4f9ce699f45d57f652a887180ec6873b42455aff35c17747cb87125ef85f746b36"}, @NL80211_ATTR_BEACON_HEAD={0x3dd, 0xe, "08e48a5490752cb5790aa231727bdea6cc86a232e37ef63efaf1dcb0a7478288c102535a9b71531d3f506378b1e097f5094ad4007fd933cbff00809a37c1b2b87f8e4e29ba597e9deb23e7ef524380c26ff68f426a856f21d199dc6b63b31cc0c1f2c5f3fa318280d2ee3905d6ea194077ecce2e23eeabb32b446df2c5bc27604fac43b88f5d33261477e20309c6b856861d2c5403d719a6e010851911f30394f9a2d9015041bcc1d71e102a7ae16dd79875f3ff621b3937edf8f87ecada263a0561b34be27847f4c56eb807998ee35ce600045d4af13a21ad0a111cdba4a28ee51e318a0712e152ea0bb84e626d609d185ed94640f634d0a57fe897ed747ca12deb784d5ffe6262d64165055abf450ba91c53063324b3c9f34a73a43182829630667f8f39201ec953522e308a13fb1f12daf80c5af41e2a126846b4a6ba5ac70dacd5cc595e3589bea377def96adda739529e4cbc5ecd84a1a888d962815cf7da6694e59871934d5183014408068e53370ecd31ebb35fdaff0f8135b2a2bf7111bbe275b0a8bc25250f2e5a0ae24eda37a554b718bf4eef46578dcce28cb96b56cea844306b3a74d3419fa6a057c910be8759d21a9323eed443872de897d0a35c865398016661a4838f9948dfe981ef47eba59be9d476ffa0630c04e00c4d73fc49ac0545835c2fc0719a28062423053e249ded1133fb97952ddfaf74da178781f939ac1b5d918edba9d50a314099c8ae700d158bc95b382071629313fd996cd021d9f67ddb37d52717b93a4c96946cc99292bd8127bd6d6639ec228ee20a4dc79af307d3e130616f6d677b761e02254f1f0bce2bcec96b442d99e41d4567e58bc4a72fc1e913478f43d9fa554027287e7c9878648fb08d3e2d34a98c8b8f4f568a6869a33fd09e2b638732154997c8bbe6bb624ee374bc26a6aa661cbc9ace6885cf0f10975d3a122e46e00f624f2961e61113caa08c0b0eb0ad025abd188a02847b54049c13f6dd0d495d1702d7488f2bb57786ac1a8de9f0825e050749d19c8ba434f81cfa8a77836615cb9962d491289eafdd5f293d40458aab1c09b81ca81725ed2ecef4d3b5a6575a91e2b1affc75f99bc854947f87d4279fe4577a9e2a61bbef8ed2be21a6d879fc21f6597f6dd47f23e7b8fde5df383495deee25798bfa1c99d0627aa8791f884e8fee7f22aca0e034fd08b2d6e1570455f0f2c02f10c76d6bcc8e30a0adaa33f3a463511101dfcbda5475b2079103e80a7cd7d6588efd0cd198825803e06d5ebfbc87aaa12a4f97c35dc169e20671172eec7010a47590b215c0836d325f9d84a3d1f963d42007d28b6dde1cffe29a07a8616b59298ff5cbaa855eeedd8f10f5b609e8105099d0b5670763771305"}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0xc}, @NL80211_ATTR_PBSS={0x4}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}]}, 0x50c}, 0x1, 0x0, 0x0, 0x10000041}, 0x40000) r2 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r2) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2, 0x1, 0x0) socket(0x1e, 0x1, 0x0) socket(0x10, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) socket(0x2, 0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000a00), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_ADD_RXSA(r3, &(0x7f0000001c80)={0x0, 0x0, &(0x7f0000001c40)={&(0x7f0000001cc0)={0x24, r4, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@MACSEC_ATTR_SA_CONFIG={0xe, 0x3, "265169b344442a9873a9"}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000804}, 0x8880) symlink$auto(&(0x7f0000000100)='//^\x00', &(0x7f0000000140)='}:\x00') acct$auto(&(0x7f0000000500)='}:\x00') mkdir$auto(0x0, 0x1) mkdir$auto(&(0x7f0000000040)='MAC80211_HWSIM\x00', 0x1) r5 = syz_genetlink_get_family_id$auto_MAC80211_HWSIM(&(0x7f0000000640), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r6, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x60, r5, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@HWSIM_ATTR_REG_STRICT_REG={0x4}, @HWSIM_ATTR_ADDR_RECEIVER={0x19, 0x1, "59ca93e9ec0a0a335797010099a4fee023a134f7be"}, @HWSIM_ATTR_USE_CHANCTX={0x4}, @HWSIM_ATTR_RADIO_NAME={0x5, 0x11, '.'}, @HWSIM_ATTR_ADDR_TRANSMITTER={0x1f, 0x2, "a310e2f4d070ee770d2d53225b7f8f2050f235c2e28617594a305e"}]}, 0x60}, 0x1, 0x0, 0x0, 0x20005811}, 0x4048040) rmdir$auto(&(0x7f0000000340)='MAC80211_HWSIM\x00') socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000001080), 0xffffffffffffffff) 16.091836025s ago: executing program 9 (id=3232): mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x100000001, 0x8000) io_submit$auto(0x7fff, 0x6, &(0x7f0000000040)=&(0x7f0000000000)={0x7fffffff, 0x4e30, 0x2, 0xf15d, 0x6, 0x4, 0x8001, 0x4558, 0x1ff, 0x0, 0x80, 0xffffffffffffffff}) close_range$auto(r0, 0xfffffffffffff000, 0x4000000000002) memfd_create$auto(0x0, 0x12) fcntl$auto(0xff80000000000000, 0x409, 0x3f) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) socket(0x5, 0x6, 0x9) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8002, 0x0, 0x6) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) mmap$auto(0x7, 0x6, 0x7, 0x91, 0x81, 0x5) tkill$auto(0x1, 0x7) mmap$auto(0x0, 0x25, 0x7fffffff, 0x8012, 0x0, 0x8000) 14.495631908s ago: executing program 0 (id=3236): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) memfd_secret$auto(0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) ftruncate$auto(0x3, 0x700) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) setrlimit$auto(0x2, &(0x7f0000000080)={0x0, 0x6}) mprotect$auto(0x20000000, 0xeb, 0x6) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2c, 0x80003, 0x0) bind$auto(0x4, &(0x7f0000000700)={0x11, @sockaddr_1_1}, 0x3e) signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) signalfd$auto(0x4, 0x0, 0x8) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003000), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000003080)={&(0x7f0000003040)={0x14, r2, 0x1, 0x70bd27, 0x25dfdbff}, 0x14}}, 0x2040000) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) r4 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r4) sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(r1, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f00000001c0)={0x10a8, r3, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@NL802154_ATTR_COORDINATOR={0x7d, 0x1e, "6fe07868d653532588438401302257adfae3c02f37b2a0f7fb4b2ad3dcdbbcdf3b92bd126981ee13c0d5bbd75006c091b4459add8ecd8da27905a21572321b3ba2a91a575e05998e17223e724f2a41efd2ef0297cf4933649f0c564a8ec2d0e7b9fd52f3bc19244be12414f0b35090a85e354ddeb50ff90ed0"}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r4}, @NL802154_ATTR_PEER={0x1004, 0x28, "b9b41ef5ead4c2caaef870d5d729e636c81f5c2bbc7294a242858be937b1ff58bd147ebb97ba8e75487c35a87a5868340dc1a10bebc387eaba56212dc8ab227e38c8e25943e2f492df6a4cbe8f6d7b96411cb54faff1bf3ec6851f0173f3d593a9dcf138daa9c74b8d6e517c63e9e01bb511db1ad0eeccb8fcba7c297a6ac115f3564372e398d049f9b0684cbb6b439a0d38018fbb8b2348aacb2225d73137f1a6eec959707496917cb2f00b818bba324f230f7dde568f6ba092121060757a3c82418c9a16875c03886897ed5b104d12b934ea56004b1c5e94ae388cf5639bb39db3090adb696b38996363a5fa82fe330b4d261bd885af2af899d3c03d477324102d9ff68584db48cd2053d26338d613529517d0a4b69566a8646b76673a61a7f7ba4b07f1320aa9db09d7dac71774638187710f62134d1e425a9c285b417e2083a3012c0fcc5c232f5f08961970463b44149b83a075542ab974525414897c66767536e79811026b83777c9bedeff1b209eca9d1fa3fc3e3d21af0de51ea31b7982b8f953729d5b877398f999de7fa890a3880c06322e1e940be526a630b017f6776cdbac3f9fe33fa5f357586684971d39ba885692d72f6ff36a85798552ea79247000ffb03dc6ae41c4d62d764c7a3c0e9035d063897bca71712de820c599944a1f1c350fff9e0cf679e163f8f26180a31b4c5b49d6c4ef176b454f74ac8589b1ba6866eb48a6f0fd6461c3f7ab158e118c4bc87fd9775ffa40714181a2e7fba96e9246c2aca5d66469645702af5b2eeae926f7fd246358c3da1966c4e0b58ff0288780f7912042feb54f55831610b02e5c588f4e9fb9e4f1a4d49f60ea700f0630a8658623f022229492a7efbbf4485d3a1f35a2cb444f00e61b34cec48afc688a7418c88b40c5f07c36b37ba1f3e7839377b58bf138f0e98665845c0653251ed91c3a257b5c0538c7ce2d7dea1439b1cc57dac8238c5b81a61a9685bfbf24ec4d4822e3179ff6550b20c417871e3b96d61d1fec7bcd9256146c7cc987abafa045be6f5d681916c0f63cd4ac5a667d24630ac4e7447a4acf28c75477781cd07d38a25394a2ee801e28235dfb27d177baa9984ddfe202a0122e6a792bab6349a6db2da44e3011fde96926225652de8b4a5ece97089885e0b9fd28ca90bdd9265f7b96ed8eb0bdf98efe29b196b8216a5261e61febfa40a9e03ac923ccc557239a1db4a0ccf31c9bfa3edb081cc21f9960733ae3ceec8e8668e9fb064dfa3b6fed1da932564d68f4ec8e828cbc050c93737970a54daa7f766fb2f1eacb6daa3e27a664647b5e243ee172f80c98bfcaa47ec713239f6816e34a6e1916b534517b9d1045d8fafeebb3c35b54e995a0d05dff796cec1f2154b19552f03f67230090f480398fad37f3312b5fae4afc62285f27ac4be09d6c0c24fbf79c6d84c450ddda001f4a64da74203e26712de91e85468af58f452ac412e1ea9391a8b0e590f5e7bb99488ba6904474e84be0c595d771d9dcbb813dba0a837f175146e7eff718aa5693de8696a57c5aab5121bcf24e8c41abd6d0c4539fc564d43dae5e1c31d314bad8c16892eb3e0e51feb0cee24368afe5e6248a445306ec7b806cab04cdc8f7f2ca0d8064b2f2efdd310db5991916591405a656b9a62cdef5f5477d6194fcbc0b0a68466ded7e3bbf188500dc1dc88a7025b2f4254325e3c60258e708cec0d5173c99478f9a3987dd1608d2b98cbeb5ac55e8a43f3dfc99de9023be109d48d8638225776fe7553dcc066bd16b1a94346c35b580e628ecb790d3fa414f97372843e6715be97144ecca251a47a8fe02aa21dad76de12605c648cd06ed98336183d328725ccaba67ed0b57a93fcf1127cbf4db85b44938e658d1651578614587c7984c08f946c0db89abfbfda15e5d1b7bb52b7b1300d16495120fd899c9d2bbb4f3ff7b83b2e3aded983238c62f93ec8cad08a8b36b330d5c78cb2a6c322bea33dd8a2464ac424c70029dd6cf79901827b689c2a616457ce01897c1bb9ecf7891e001945704b3352b08a79bff9edbe76e921ae6628717dda904d2e54a580fa7e63f20f2b610c13d54bece2f2af6922f34100afb75d605f32372e354030e2979cc6edeac360d342a7b2c6b4c38bab410c24918cfcfe6e657182fb6c1c98b99323a98d0b103b5251a5fbf9d6cba0bf4160e3b6775d972dcbba305e0ea5ea9248b22e00ad5c649a4f9511b3252a7cde632dae0bf47a3a18c5fcaed4acedc305005b7f58488bdb78a6435f71c518790b07d340378d975056bccd3260980b1f23c371b9aff904597211f8b164fe8e71f106db144391a3fa694de418f30e31e57157ba825f5844f43afb7f5a85980c043b405b6ff6ec7de6f2fb153c15985c6b6924a7ebb8510694b82a018413a44c40a1b011468c0d5e7f6da280968a705a82171f0a2376373794dc5162fa7b5a1c79db0af9dcc63bb370927ada8d51b7923f8cf8a120e1d8b5038c8f5c05480a8fd2c14829dd2053565dc3a13107073d8adcdb7701bccb15f3dbd55220620a4b7ade75423b2505bc4d646eb08d06208746578dcc92d3ad4bf0563bc5498c91eb393eb57da2778d8bf0504364ed7e14ef0734506bea66d1626a79af6ba1bc1592c29e6c49471fdbb056ee6a431f519f16da11ec7e8b11a84d4c2f64a5886f8305129b004d658f6626d717bace768581d3d812a809430d9c695e4ea1e81e9992870b23f8ee17073abb9dd883a08896abdc1e205cb7b9df2f8581eaf3ab95d4fcefad423c21dff9a36a8114ab027c22819c41e96c5cff503e45488dba4b7b03ba16d253c1dfe9dbad026eebc5b119eead211d3f387f48d17e0c857895597b046bbdaf2c400f740abc0c391a5a5b91e58263c37bc94b672af666c3a1901651bc80c737779b5161226b313d6459b0e26e905ff0fad9f3a52d35301e5a7844fb7ae81337af79800e928265a951b66dfd78c1d11b1cd551438f6250ebc492eb16b332d77ab2765c907bf3ce61d8de20ee9d29322a7c3190f2d42aececa93f103f19276ab69a524d62428805e479fa1fd6e77d29efa5e3b37c663cc38b71674fe02aaaac4fb775d6b84e0116a376149d96f245804b1024546e6f50c596157fc700fa5bc3552a272ff8f16dc7d5d8a7c0ddf66c080fd005aeda8ff2a8c4f425a4b3e021100e32ef477043e2e140b1da9f636f12ebfc44ab7b614934f2f7a8e6440c9f87b925588094ee3ebefcf37873aa95909cc7281850e8fa2c5cc2a0f2445ce0a58acfa4642bdb92f33755e6314411acdb2cdb4a4e96a674d75aa2c519b6bbab5dc8add9cc05d2cf6c68e8a1b0d453d24d317b52c3a81ba0ef6b386936e01373458251a3dd64ff2e64e2b8adaf65c3f31ef0bdb3552a77185b90e6aa372bff83f8e9a4119fbe6db6f79178505a59cd1660a06ec24367e5200f8d785c1f3f44ab67d2b767a422862b09f12c13ced554cef519b2e09f235f3c8ab16c8f53e1b559ab84081eb75a6b744920a6b301599f189f1036d542a8b341a03fbaf63a7e303061fc7fa3101e6a3d41b5cac07ec39c2934b4f922b73c32550dac4130e199f838f6f61d0ff533c2839b04d1cb7a496fdab77ba6da821039741ec43fe6e723097f92804a09653930e19e97ddd64cf5c07f6242cbb810c02b2bd0397fe2a17cbf1566f1ff2e0c2e808122dac88e8bcbcfaa587fe6ed114c4ea44e79ed61360950573d0ae1a793d21c265dfca553c39172f8f5a945cc6d29cb2924caa65a3ec5b67f73e628344fa78b9a848cce4b03e80d6e1358d99feb93649aeb28afd3c99e5547fe73d71e3cc47577a37537ca138d3cbc6d39eed33df666168d5addf1a6baec0801cc936556fcb3da2f5813456e74cf5383deaf8450484d409f350c50f21198b8400ac7d1288f0af5c9a62434f1595417ad8beb2487c39bd17904413c27cea4c6d4e003b0988df481572350b7447f30ea7e76412e3449a131d3619ae64a414969367ad1d001b2082be1e69a178ea80000eb9a901b0e1413bfd4465bd2fcf0a8a1a07251fea858316e0eb17930bc40e02e2752ed44da8890c9b514d17175cfd76e3112a53f6da53a8d634a6d65d4e09fe0f40433f9f87bcd4982209c979820721783c44daaf848bbbf607ab0d79e4f7191ac4e3076caf51c62f42652e801be936b36c131a6a4bd63d003d4c95fa71c71a27979c59bc7576565e2dcde6dab2600813fbedccc383c24caf946088c566aad0bf9be80e98fce150e6b15034a706ef7c83c27ef4f42bdfe44d1188667a9bf27f859afcc0b380db01a83420243733604bce965f290460defa5c2a6180f127c9c99df86c1a3d3f7c97e33c4b3a399fad9dc6f8794f988a0beeb517a159c3fe95ae87a6d501479b5f3a86a9cdcd495bed862fc6a3da039795155759f06da959819dd559995083bdbad3f1a4fe15bcab478d7254562e2779c0b2ccd87e04cbae5aa8fead7ec274fa7195951a2315489de6031613e0e9932285d6be160f6e98d599fd4594f7d5d6b24748bf8df5c51545e65d882ab7d3ca44b773e3dbcb5ddb4d169ecea1daf43f2f362b14af135ff69f874aead5a21596ee37ec361882fa2ff1d1ef52b858b49f503654994a0a046520cea21f121f2cf911a68999b3a6106327ddc0b2116c6dae2a758ea6d81eb5005ff07266b31cd08d0ad84548fba0c16d1aff371f5d8383086ad247dff9f97bfcaff849d6573eb189f87d2f9d746092118694d5cba1e0be542d5e05d215ecb07add8a29af2413e78a384abbd4e8ed0ce2dead585ede88fc564d54acb59b6db2ea8395eeebe594a2d952f5d05626a0726dafa9ff74d6773962c19cddf8d686d2a8e034fe00abca7eed957d3fb3fecbabffc89df4bccf1591cad46e832b23c32f3d935fa4047aa4d26b59d92833d72101992348d8d2a70ef57c434142c530e2e2bac8c409afe905c1ce82d80c5fbb7570ae009d868b3e15319d43c2d00e3fd20c7c37135a2ba782f8392b1c3c5c345773f96c49e96702298bdc4ad7d5cc0ed2362c5c6e813cd53bc6b9845775bbe36e1936d77a1809f31cc9460351267306e28b73cd1313230d2a4716dab771dc3072cee29770a7e5be65c7be6b4953e0fda917a8f10318a83a96e4ea2401ab276a8c574c7d5d0fb49bf4c7785549f2fff51d2430432a6bfeae078d5d3537a0c7172c6eeaa45d33e747ffc1e255fae90ca150ea020b3d60e7ee261fc36eb051f5aa204ad14e8ecc94e5ad021a3cd003e971bc04f7dd4ecdbb60a929396ff9b5ed1b917c78cf31250d9dcb3880263dcadd31fcedace0b0cb2d28c5366f4d061e2b4335be910571b2b71eab8abc40186d2682c0be0e9403b3aa7c17b864231a80e60dae6ad2062458ff138d69ba8063dbca52097cc9dfb9c2142ed5f3c093cebba1975cad7342eb2d3307c96af5efbf6c14df3364a8be1254fdbc08a3b78def973ef5f1027d55bc65cb8bb1c9a75d2f40cbd644e7efb1399fb9f4eb5ed954f4e317970e1c4f76c1b53a0498450f5fa2a873361f8cb73cffb3c2c17c81c240aa82fe90c67a3f3f7a49b972310ff82f7d079ac093191ed2fe239b160989ca6f85886d7d33727096e10912d8ac7a3d21749267d25aab285b682df0a8dd274a64e8a4ecc67eaee39535ad9c345cff768e0caf515ade8bf01ebe1d0a9240a48b85f693e18da45a8d56d02591a46238080c1b0ee4b215ee9ec5f3825e719d8920397fdc5be22ec076ac88c072c01de28cc2a635a4b93cdc0e21ba28d3a3f5f8c383a897a2eb53929012b88c792314524711e68"}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0xc}]}, 0x10a8}, 0x1, 0x0, 0x0, 0x8}, 0x40000c4) socket(0x2a, 0x1, 0x2) connect$auto(0x3, &(0x7f0000000180)={0x2a, @sockaddr_1_1}, 0x54) write$auto(0x3, 0x0, 0x9) 14.231116722s ago: executing program 0 (id=3237): mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x9) mmap$auto(0x0, 0x2020009, 0xe, 0xeb1, 0x5, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) getresgid$auto(&(0x7f0000000000)=0x2, 0x0, 0x0) 13.963178503s ago: executing program 9 (id=3238): flistxattr$auto(0x2, 0xfffffffffffffffd, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_SMC_PNETID(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_SMC_PNETID_FLUSH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001780)={0x14, r2, 0x101, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0xf000, 0x4000800}, 0x20008000) io_uring_setup$auto(0xfff, &(0x7f0000000100)={0x9, 0xfffffffa, 0xe49, 0x20b, 0x7, 0x800, r0, [0x81, 0x2, 0x80000000], {0x3ff, 0x3f800, 0xff, 0xffffffff, 0x2, 0x10000, 0xad95, 0x5, 0x8}, {0x3, 0x2, 0x8, 0x200, 0x3, 0x4, 0x4f5c, 0x80000001, 0x135}}) r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_GET_SEC_KEY(r3, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000003c0)={&(0x7f0000000280)={0x134, r4, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0xe}, @NL802154_ATTR_CCA_OPT={0x8}, @NL802154_ATTR_WPAN_PHY_NAME={0x5, 0x2, '\x00'}, @NL802154_ATTR_WPAN_PHY_NAME={0xf, 0x2, 'SMC_PNETID\x00'}, @NL802154_ATTR_SEC_KEY={0xe9, 0x30, "1684dbfd6527f514a9f6436196b726764c79c74d04a8e3b1bd402102c4940bb0b4982db1a0802e7725ec7bf8db8b9eb33c6ae1c63838132efa77aca3fed971689fdc16ac0a00b6197a94c8f08ea15701ba4c9dbc808497ba03162d40e0e4365c6cc09b2d6a9bebe7e5367f56c8b80d038199c8da3205e523411c0c459d0e0e3c348ab84b77b79d14dbb0e86a8d431622b53ec5f8ca4e1294d1d9bee3fbfb2df6d04e78aabdb04eeb76a5193076c6eef05e2495b253869e44296833086072f63209149b7cdbfc494eec595b991af6618a574a0aa97cc04b6c174573d7dd018065d1bb929a7c"}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0xbd}]}, 0x134}, 0x1, 0x0, 0x0, 0x8000}, 0x800) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) socket(0xa, 0x801, 0x84) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000021}, 0x8004) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) capget$auto(0x0, 0xfffffffffffffffe) setsockopt$auto(0x3, 0x10000000084, 0x1e, 0x0, 0x8) close_range$auto(0x2, 0x8000, 0x0) sendmsg$auto_SMC_PNETID_GET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, r2, 0x400, 0x70bd25, 0x25dfdbfd, {}, [@SMC_PNETID_NAME={0x5, 0x1, '\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x40812}, 0x4) write$auto(0x3, 0x0, 0x10001) 13.507944522s ago: executing program 43 (id=3238): flistxattr$auto(0x2, 0xfffffffffffffffd, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_SMC_PNETID(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_SMC_PNETID_FLUSH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001780)={0x14, r2, 0x101, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0xf000, 0x4000800}, 0x20008000) io_uring_setup$auto(0xfff, &(0x7f0000000100)={0x9, 0xfffffffa, 0xe49, 0x20b, 0x7, 0x800, r0, [0x81, 0x2, 0x80000000], {0x3ff, 0x3f800, 0xff, 0xffffffff, 0x2, 0x10000, 0xad95, 0x5, 0x8}, {0x3, 0x2, 0x8, 0x200, 0x3, 0x4, 0x4f5c, 0x80000001, 0x135}}) r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_GET_SEC_KEY(r3, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000003c0)={&(0x7f0000000280)={0x134, r4, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0xe}, @NL802154_ATTR_CCA_OPT={0x8}, @NL802154_ATTR_WPAN_PHY_NAME={0x5, 0x2, '\x00'}, @NL802154_ATTR_WPAN_PHY_NAME={0xf, 0x2, 'SMC_PNETID\x00'}, @NL802154_ATTR_SEC_KEY={0xe9, 0x30, "1684dbfd6527f514a9f6436196b726764c79c74d04a8e3b1bd402102c4940bb0b4982db1a0802e7725ec7bf8db8b9eb33c6ae1c63838132efa77aca3fed971689fdc16ac0a00b6197a94c8f08ea15701ba4c9dbc808497ba03162d40e0e4365c6cc09b2d6a9bebe7e5367f56c8b80d038199c8da3205e523411c0c459d0e0e3c348ab84b77b79d14dbb0e86a8d431622b53ec5f8ca4e1294d1d9bee3fbfb2df6d04e78aabdb04eeb76a5193076c6eef05e2495b253869e44296833086072f63209149b7cdbfc494eec595b991af6618a574a0aa97cc04b6c174573d7dd018065d1bb929a7c"}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0xbd}]}, 0x134}, 0x1, 0x0, 0x0, 0x8000}, 0x800) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) socket(0xa, 0x801, 0x84) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000021}, 0x8004) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) capget$auto(0x0, 0xfffffffffffffffe) setsockopt$auto(0x3, 0x10000000084, 0x1e, 0x0, 0x8) close_range$auto(0x2, 0x8000, 0x0) sendmsg$auto_SMC_PNETID_GET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, r2, 0x400, 0x70bd25, 0x25dfdbfd, {}, [@SMC_PNETID_NAME={0x5, 0x1, '\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x40812}, 0x4) write$auto(0x3, 0x0, 0x10001) 13.365549884s ago: executing program 0 (id=3240): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000001500), 0xffffffffffffffff) sendmsg$auto_TCP_METRICS_CMD_DEL(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001540)={0x1c, r1, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @loopback}]}, 0x1c}, 0x1, 0x0, 0x300000000000000, 0x8000}, 0x4000000) 13.07435488s ago: executing program 0 (id=3242): mlockall$auto(0x7) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) fcntl$auto(0xff80000000000000, 0x406, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r0 = socket(0x10, 0x2, 0x4) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001700), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000200), 0xffffffffffffffff) socket(0x15, 0x5, 0x0) ioctl$auto(0x3, 0x40049409, 0xfffffffffffff4e0) r4 = syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000240), r2) sendmsg$auto_THERMAL_GENL_CMD_CDEV_GET(r0, &(0x7f00000005c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000280)={&(0x7f0000000340)={0x270, r4, 0x400, 0x70bd29, 0x25dfdbfe, {}, [@THERMAL_GENL_ATTR_TZ_CDEV_WEIGHT={0x8, 0xb, 0x8}, @THERMAL_GENL_ATTR_CPU_CAPABILITY_EFFICIENCY={0x8, 0x17, 0x5}, @THERMAL_GENL_ATTR_TZ_TRIP={0xfb, 0x4, "16bc6614c541b5c8f4ef9a83ecad8c1f5df1efbcde44b7a5401010fc1ee8fd1bf4a7afd35cf5f33edb193cc555a7e600f27b0008c160974c9ff6d345e8912b9d1ff4a86e9b947b74bffcd789834cdd19eb81669beeb9c3ab038a1e58748e74c4e5d1b4e2b7dc44c6367291b05bf7eb49e2d9f2a75976dc54ce73486eb037094e426145f91d40a76856c69185774f3584d8a26f81d7e5f237267473c4dc7285c01a83a3ea93429f4ccc89e149b4aaa7b73f2b3733c7a836382ad300fe1e54e018b86068335e3884a91447303679ebde9831b314a7996e8b649bd86b811e5ebaa3160bb6ad963e53e09fc5da949354ab0b83ce3f4b8b2442"}, @THERMAL_GENL_ATTR_CDEV={0xbb, 0xe, "96682c141cb07b325ce529b76a39b3227181c74fad260c82401b95c8930f7950900f0814a0876991c2a76ce74213f64f34468d324291b25efc8c318d5f9a853a945832bf5ea12a600819578d31487c095077d1bd7759ef9775d62b0790b7a7480a8df529b81a4c765e7f28b001c524e26acc36be40b667612f2e80d9b3938f67ec5d13b05861ae7a8f4ce1077a5cfb63485322c6e473d64e849a1916b587547e584775504419d5bb15e1d891b3d1434a9f86149b42ff2b"}, @THERMAL_GENL_ATTR_TZ_GOV_NAME={0x6, 0xd, '+-'}, @THERMAL_GENL_ATTR_CPU_CAPABILITY_EFFICIENCY={0x8, 0x17, 0x800}, @THERMAL_GENL_ATTR_CDEV={0x84, 0xe, "acbfb80e07089afaf0895d061c2b724995fc62f6bdf1aaec8bf65b23dfd3103ffe9f6e296fa710b22bd958aedadb8043d4e5001930baf8d004c34e4c15f384a990844d2eb0d64af5ad0ae7af64d8f5795f8a892f2c16293fbbf589d1561435040628eadbd7c66ef639a13a2798c73d46a264da905322f14074f3acd403ea57df"}]}, 0x270}, 0x1, 0x0, 0x0, 0x20015}, 0x0) sendmsg$auto_NBD_CMD_STATUS(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x14, r3, 0x1, 0x70bd2b, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x40) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) sendmsg$auto_NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000600)={&(0x7f0000000080)=ANY=[@ANYBLOB="03000000", @ANYRES16=r5, @ANYBLOB="00032cbd7000fbdbdf25660000001000b000148eda277c876b4c986c9eed080001000200000034005b00c2522768524f7e1268f35e4fdaa9cf1650dc422cd0a33f94b164494e4e24821f87ef1df0a1c175569be894b87bd969bc0400cf00"], 0x64}, 0x1, 0x0, 0x0, 0x4}, 0x4000000) sendmsg$auto_NETDEV_CMD_DEV_GET(r0, &(0x7f0000001840)={0x0, 0x0, &(0x7f0000001800)={&(0x7f00000017c0)=ANY=[@ANYBLOB="1400ebff", @ANYRES16=r1, @ANYBLOB="010025bd7000fedbdf2501000000"], 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x28044004) fanotify_init$auto(0x5, 0x2) unshare$auto(0x200) r6 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') setns(r6, 0x0) umount2$auto(&(0x7f0000000200)='.\x00', 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x801, 0x106) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000021}, 0x8004) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) socket$nl_generic(0x10, 0x3, 0x10) syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/time_for_children\x00') 12.467263143s ago: executing program 0 (id=3244): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) socket(0xa, 0x2, 0x88) select$auto(0x3, 0x0, &(0x7f0000000100)={[0x9, 0x200, 0x0, 0x9, 0x9, 0x3, 0x6, 0x2, 0x9, 0x5e58296f, 0x4000000000000000, 0x9, 0x3, 0x200, 0x8, 0x6]}, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000040)={{0x0, 0x2, &(0x7f0000000080)={0x0, 0x1}, 0x10a, 0x0, 0x0, 0x3ff}, 0xed7138c}, 0x200, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x3}, 0xed7138c}, 0x7, 0x3f00) 10.045353727s ago: executing program 0 (id=3246): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x80000001, 0x8) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0xffffffffffffffff, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x23, 0x80805, 0x0) memfd_secret$auto(0x0) socket(0x2b, 0x1, 0x1) r0 = socket(0xa, 0x2, 0x3a) select$auto(0xfffffffd, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x9, 0x3, 0x1, 0x2800000000000002, 0x9, 0x5e582971, 0xff, 0x2c, 0x4, 0xffff, 0x74, 0xb]}, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) setsockopt$auto(r0, 0x29, 0x43, &(0x7f0000000040)='!\x00', 0x1ff) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000f80), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_WG_CMD_SET_DEVICE(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001000)={&(0x7f00000000c0)={0x24, r2, 0x1, 0x30bd26, 0x25dfdbfd, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r4}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r4}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x20040012) getsockopt$auto(0x6, 0x84, 0x7f, 0x0, &(0x7f0000000000)=0x9a) madvise$auto(0x2, 0x0, 0x2) socket(0xa, 0x2, 0x88) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x1, 0x8, 0x3, 0x1b9400000000010, 0x6, 0x3) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 7.943162666s ago: executing program 3 (id=3249): socket(0x15, 0xa, 0x347) bind$auto(0x3, &(0x7f0000002000)={0x10, @sockaddr_1_1}, 0xf) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0xa, 0x3, 0x3a) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) ioctl$auto(r0, 0x2000890c, 0xa293) 7.737205111s ago: executing program 3 (id=3250): unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) ioctl$auto(0xc8, 0x400454da, 0x5c8b) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) open(&(0x7f0000000080)='./file1\x00', 0x343441, 0xe1d2b27bdc14abba) open(&(0x7f0000000000)='./file1\x00', 0x10677d, 0x37e5c9853cd1b999) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) mq_open$auto(&(0x7f0000000000)='.\xf1e4\xdf\x16\x95kxE\xd9x\x15\xb0\xf6V\x93\xb4E\x06\xc5}l', 0x28, 0x9, 0x0) mq_notify$auto(0x7, 0x0) socket(0x6, 0xa, 0xb) socket(0x1, 0x1, 0x1) ioctl$auto(0x8, 0x8, 0xfffffffffffffffa) msync$auto(0x1ffff000, 0x80100000000005, 0x400000004) ioctl$auto(0xc8, 0x400454d1, 0x5c8d) socket$nl_generic(0x10, 0x3, 0x10) bind$auto(0x3, &(0x7f0000000140)={0x1, @sa_data_min="af7af2952a203b6cdd8c8f51372e"}, 0xd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fchown$auto(0x5, 0x8, 0x3) socket(0x11, 0x3, 0x2) connect$auto(0x3, &(0x7f0000000140)={0x2, @sa_data_min="09ae0300"}, 0x55) sendto$auto(0x3, 0x0, 0xf, 0x101, &(0x7f0000000140)={0x2, @sockaddr_1_1}, 0x1c) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000c40), r0) 4.855438164s ago: executing program 6 (id=3197): r0 = socket(0x2, 0x2, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000000)={0x2, @sockaddr_1_1}, 0x55) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x400, 0x70bd28, 0x25dfdbfd, {}, [@ETHTOOL_A_TSINFO_HEADER={0x7, 0x1, "bb7efa"}, @ETHTOOL_A_TSINFO_HEADER={0x7, 0x1, "a45318"}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x1) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) connect$auto(0x3, 0x0, 0x55) 4.466117096s ago: executing program 6 (id=3251): mprotect$auto(0x1ffff000, 0x3, 0xd) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x21, 0x2, 0x2) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) sendmsg$auto_NL80211_CMD_GET_SCAN(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0x44, r1, 0x20, 0x70bd25, 0x25dfdbfb, {}, [@NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x6}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}, @NL80211_ATTR_NAN_MASTER_PREF={0x5}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0x7f}, @NL80211_ATTR_SCHED_SCAN_MULTI={0x4}, @NL80211_ATTR_OBSS_COLOR_BITMAP={0xc, 0x12e, 0x7}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x4001) syz_open_procfs$namespace(0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_batadv(&(0x7f00000008c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'ip6tnl0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_HARDIF(r2, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000040)={0x1c, r3, 0x13ebbac2338983f3, 0x70b927, 0x25dfdbfe, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4008000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) kill$auto(0xffffffff, 0x9) 4.127730838s ago: executing program 6 (id=3252): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) setdomainname$auto(0x0, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x3, 0x9, 0x9, 0x14, 0x5, 0x2) madvise$auto(0x0, 0xffffffffffff0005, 0x19) clone$auto(0x200009, 0x7fffffffffffffff, 0xfffffffffffffffc, 0x0, 0x7) open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x200, 0x2010000000000) mknod$auto(&(0x7f0000000040)='}[,&*}\x00\bt\\{\xb3\x9a\xe6\xfc\xf0\xf4\xc3n\x84\xff(\x7f\f\x1e\xe9\xd7\"n\x17\xb7\x90|+\xb8\xbe\x8fP\xb1>\xf5\xfd\xe1\x86\xd7\xa8uk~6w\x85(]\xbe\xc7\x046a\xe7\xfdm\x86bltj\xf9\x7f4\xb4k\xbfC\x8c\xd2\xb3\x1a\xe1\x98', 0x2, 0x4) madvise$auto(0x0, 0xffffffffffff0001, 0x14) getresuid$auto(&(0x7f0000000080)=0x7, &(0x7f00000000c0)=0x8000, 0xfffffffffffffffc) madvise$auto(0x1ffff000, 0x620d, 0x8) r0 = open(0x0, 0x242, 0xe1d2b27bdc14aabc) fanotify_mark$auto(0x400000000000, 0x101, 0xdd, r0, 0x0) r1 = socket(0xa, 0x1, 0x0) prctl$auto(0x2, 0x8, 0x7, 0x5, 0xc) ppoll$auto(&(0x7f0000000000)={0xffffffffffffffff, 0x40, 0x4}, 0x4, 0x0, 0x0, 0x8) close_range$auto(r1, r2, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x20200, 0x15) 2.81658212s ago: executing program 3 (id=3253): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000000)={0x2, @sockaddr_1_1}, 0x55) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = syz_clone(0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0) syz_open_procfs$namespace(r0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) connect$auto(0x3, 0x0, 0x55) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x6, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) socket(0x11, 0x3, 0x2) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) connect$auto(0x3, &(0x7f0000000140)={0x2, @sa_data_min="09ae0300"}, 0x55) futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x8) sendto$auto(0x3, 0x0, 0x18, 0x101, &(0x7f0000000140)={0x2, @sockaddr_1_1}, 0x1c) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) sync_file_range$auto(0x3, 0x9, 0x40010001, 0x4) 2.600090022s ago: executing program 3 (id=3254): io_uring_setup$auto(0x9, &(0x7f0000000140)={0x8001, 0x3fffc0, 0x10001, 0x3, 0x0, 0x4, 0xffffffffffffffff, [0x4, 0x966, 0xfffff8a2], {0x0, 0x1, 0x7, 0x5, 0x6786c16b, 0x3, 0x5, 0x8, 0x1}, {0x9, 0x2, 0x0, 0x80000001, 0x0, 0xfdfffff7, 0x5, 0x100, 0x40}}) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_DEL_INTERFACE(r0, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)=ANY=[@ANYBLOB="30010000", @ANYRES16=r1, @ANYBLOB="10002cbd7000ffdbdf25080000002100fe0085685a139da4916976e56d4f53c318cce07b3b77b23f28f9f376d06344000000040046000800dc00afec000008000b01140000008000d70089cd1dfdae08a6c8d6468a802e5cd970ca197ea6fcfe25a93c186fe7125869e88847bbd6a191fe065db86360a676b8621798d265136c4986ed5f1e56664c7b9db1d01086b29837b662c153f6283f4d7b80004e717c55bcb8f7357cde1cd6e70b27acc4eadee47f510af923004ecaa1b0c42849a2da0abdce99e878c3050053000300000053000600a44683eac746b10f8da765b3c7ff7c8b6816eb4a9b36cd0004a99f84bfce6674f1916d1a5e3bc25fe8333c5a61b001d28fc27acb0124563f4b684cc9700b0b41590005002f010100"/298], 0x130}, 0x1, 0x0, 0x0, 0x40}, 0x40001) socket(0xa, 0x801, 0x84) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) mmap$auto(0x8, 0x9, 0x20000000000d9, 0x10, 0x4, 0x8001) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) rt_sigsuspend$auto(0x0, 0x8) madvise$auto(0x0, 0xffffffffffff0001, 0x15) fstatfs$auto(0x3, 0x0) r2 = socket(0x2, 0x2, 0x88) write$auto(r2, &(0x7f0000000400)='nl80211\x00', 0x7) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x26000010) connect$auto(r2, &(0x7f0000000000)={0x2, @sa_data_min="5f295b8ffa37cf9d8294093fea12"}, 0x55) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0xa, 0x2, 0x88) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) connect$auto(0xffffffffffffffff, &(0x7f0000000480)={0x2, @sockaddr_1_1={"fd035b42f660eaf596052069a20de84333587a043e28306ea1edef83dbe0b3f7a44af549d1b4b7c48f3760682295c547571342e4f69273cdeae51ebc8b4a5c27a80d26f91cb283f07ea1"}}, 0x55) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x3, 0x697b}, 0xed7138c}, 0x9a6, 0xff00) 1.628571867s ago: executing program 6 (id=3255): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0xf, 0x7, 0x80000000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') socket(0x2, 0x3, 0x1) statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0) ioctl$auto(0x1, 0x890c, 0x8) mincore$auto(0x1000, 0x8001, 0x0) fcntl$auto(0x8000000000000001, 0x26, 0x8) stat$auto(&(0x7f0000000000)='..\x00\x00', 0x0) fcntl$auto(0x8000000000000001, 0x26, 0x8) fcntl$auto(0x8000000000000001, 0x26, 0x2) 1.496000068s ago: executing program 3 (id=3256): madvise$auto(0x0, 0x2000040080000004, 0xe) munmap$auto(0x1000000, 0x2000000c) madvise$auto(0x0, 0xffffffffffff0001, 0x9) mlockall$auto(0x3) fcntl$auto(0x9, 0x9, 0x947) mlockall$auto(0x7) mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x21, 0x2, 0xa) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1, 0x1, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x100) socket(0x5, 0x6, 0xf) r0 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x4}, 0xa3) socket$nl_generic(0x10, 0x3, 0x10) 0s ago: executing program 3 (id=3257): mmap$auto(0x0, 0x2, 0xdf, 0xeb1, 0xffffffff, 0x8000) fchmod$auto(0x1, 0x7fff) fchown$auto(0x0, 0xb7, 0xa) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x840000000002, 0x3, 0xff) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, 0x0, 0xc040810) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) madvise$auto(0x0, 0xffffffffffff0004, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) clone$auto(0x5, 0x5, 0xfffffffffffffffc, 0xfffffffffffffffc, 0x10) mmap$auto(0x0, 0x2020009, 0x10000000000000a, 0xeb1, 0xfffffffffffffffa, 0x8000) connect$auto(0x3, &(0x7f0000000080)={0x2, @sockaddr_1_1}, 0x55) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7113}, 0x8) kernel console output (not intermixed with test programs): 1 48 [ 538.426434][T15970] RSP: 002b:00007f4a4d23a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000106 [ 538.434884][T15970] RAX: ffffffffffffffda RBX: 00007f4a4c535f80 RCX: 00007f4a4c37e719 [ 538.442886][T15970] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 538.450890][T15970] RBP: 00007f4a4d23a090 R08: 0000000000000000 R09: 0000000000000000 [ 538.458891][T15970] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000001 [ 538.466876][T15970] R13: 0000000000000000 R14: 00007f4a4c535f80 R15: 00007fff63f64408 [ 538.474864][T15970] [ 540.717586][T16077] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2556'. [ 541.093330][T16091] netlink: 'syz.8.2560': attribute type 11 has an invalid length. [ 541.117811][T16091] netlink: 'syz.8.2560': attribute type 11 has an invalid length. [ 541.443935][T16100] netlink: 'syz.7.2562': attribute type 11 has an invalid length. [ 541.500103][T16100] netlink: 'syz.7.2562': attribute type 11 has an invalid length. [ 541.881823][T16116] FAULT_INJECTION: forcing a failure. [ 541.881823][T16116] name failslab, interval 1, probability 0, space 0, times 0 [ 541.918210][T16116] CPU: 1 UID: 0 PID: 16116 Comm: syz.7.2566 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 541.929037][T16116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 541.939121][T16116] Call Trace: [ 541.942505][T16116] [ 541.945456][T16116] dump_stack_lvl+0x16c/0x1f0 [ 541.950167][T16116] should_fail_ex+0x497/0x5b0 [ 541.954875][T16116] ? fs_reclaim_acquire+0xae/0x150 [ 541.960025][T16116] should_failslab+0xc2/0x120 [ 541.964752][T16116] kmem_cache_alloc_node_noprof+0x71/0x310 [ 541.970602][T16116] ? __alloc_skb+0x2b3/0x380 [ 541.975241][T16116] __alloc_skb+0x2b3/0x380 [ 541.979714][T16116] ? __pfx___alloc_skb+0x10/0x10 [ 541.984721][T16116] netlink_alloc_large_skb+0x69/0x130 [ 541.990141][T16116] netlink_sendmsg+0x689/0xd70 [ 541.994956][T16116] ? __pfx_netlink_sendmsg+0x10/0x10 [ 542.000299][T16116] ____sys_sendmsg+0x9ae/0xb40 [ 542.005109][T16116] ? copy_msghdr_from_user+0x10b/0x160 [ 542.010602][T16116] ? __pfx_____sys_sendmsg+0x10/0x10 [ 542.015940][T16116] ? __pfx___lock_acquire+0x10/0x10 [ 542.021199][T16116] ___sys_sendmsg+0x135/0x1e0 [ 542.025916][T16116] ? __pfx____sys_sendmsg+0x10/0x10 [ 542.031167][T16116] ? lock_acquire+0x2f/0xb0 [ 542.035721][T16116] ? __fget_files+0x40/0x3f0 [ 542.040364][T16116] ? fdget+0x176/0x210 [ 542.044468][T16116] __sys_sendmsg+0x117/0x1f0 [ 542.049115][T16116] ? __pfx___sys_sendmsg+0x10/0x10 [ 542.054255][T16116] ? __fget_files+0x244/0x3f0 [ 542.058981][T16116] do_syscall_64+0xcd/0x250 [ 542.063513][T16116] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 542.069444][T16116] RIP: 0033:0x7f7ea097e719 [ 542.073883][T16116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 542.093526][T16116] RSP: 002b:00007f7ea1729038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 542.101979][T16116] RAX: ffffffffffffffda RBX: 00007f7ea0b35f80 RCX: 00007f7ea097e719 [ 542.109983][T16116] RDX: 0000000020000000 RSI: 0000000020002380 RDI: 0000000000000004 [ 542.117980][T16116] RBP: 00007f7ea1729090 R08: 0000000000000000 R09: 0000000000000000 [ 542.125980][T16116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 542.133979][T16116] R13: 0000000000000000 R14: 00007f7ea0b35f80 R15: 00007ffcbef1f3e8 [ 542.141996][T16116] [ 542.545471][T16139] netlink: 'syz.7.2572': attribute type 11 has an invalid length. [ 542.570293][T16139] netlink: 'syz.7.2572': attribute type 11 has an invalid length. [ 545.184884][T16216] FAULT_INJECTION: forcing a failure. [ 545.184884][T16216] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 545.208010][T16216] CPU: 1 UID: 0 PID: 16216 Comm: syz.1.2587 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 545.218837][T16216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 545.228912][T16216] Call Trace: [ 545.232198][T16216] [ 545.235136][T16216] dump_stack_lvl+0x16c/0x1f0 [ 545.239827][T16216] should_fail_ex+0x497/0x5b0 [ 545.244510][T16216] strncpy_from_user+0x3b/0x2c0 [ 545.249376][T16216] getname_flags.part.0+0x8f/0x550 [ 545.254507][T16216] getname+0x8d/0xe0 [ 545.258406][T16216] __x64_sys_execve+0x72/0xb0 [ 545.263087][T16216] do_syscall_64+0xcd/0x250 [ 545.267595][T16216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 545.273499][T16216] RIP: 0033:0x7f93d5f7e719 [ 545.277918][T16216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 545.297528][T16216] RSP: 002b:00007f93d59ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 545.305949][T16216] RAX: ffffffffffffffda RBX: 00007f93d6135f80 RCX: 00007f93d5f7e719 [ 545.313930][T16216] RDX: 0000000020000440 RSI: 0000000020000240 RDI: 00000000200000c0 [ 545.321899][T16216] RBP: 00007f93d59ff090 R08: 0000000000000000 R09: 0000000000000000 [ 545.329875][T16216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 545.337847][T16216] R13: 0000000000000000 R14: 00007f93d6135f80 R15: 00007ffcc68601b8 [ 545.345833][T16216] [ 546.162409][T16254] FAULT_INJECTION: forcing a failure. [ 546.162409][T16254] name failslab, interval 1, probability 0, space 0, times 0 [ 546.191376][T16254] CPU: 0 UID: 8 PID: 16254 Comm: syz.9.2595 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 546.202386][T16254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 546.212471][T16254] Call Trace: [ 546.215774][T16254] [ 546.218736][T16254] dump_stack_lvl+0x16c/0x1f0 [ 546.223453][T16254] should_fail_ex+0x497/0x5b0 [ 546.228166][T16254] ? fs_reclaim_acquire+0xae/0x150 [ 546.233318][T16254] should_failslab+0xc2/0x120 [ 546.238041][T16254] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 546.243452][T16254] ? getname_flags.part.0+0x4c/0x550 [ 546.244613][T16259] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2594'. [ 546.248764][T16254] getname_flags.part.0+0x4c/0x550 [ 546.248806][T16254] getname_flags+0x93/0xf0 [ 546.267183][T16254] user_path_at+0x24/0x60 [ 546.271550][T16254] __x64_sys_mount+0x1fc/0x320 [ 546.276349][T16254] ? __pfx___x64_sys_mount+0x10/0x10 [ 546.281684][T16254] do_syscall_64+0xcd/0x250 [ 546.286223][T16254] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 546.292161][T16254] RIP: 0033:0x7f4a4c37e719 [ 546.296605][T16254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 546.316253][T16254] RSP: 002b:00007f4a4d23a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 546.324702][T16254] RAX: ffffffffffffffda RBX: 00007f4a4c535f80 RCX: 00007f4a4c37e719 [ 546.332687][T16254] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000000 [ 546.340664][T16254] RBP: 00007f4a4d23a090 R08: 0000000000000000 R09: 0000000000000000 [ 546.348651][T16254] R10: 000000000000007f R11: 0000000000000246 R12: 0000000000000001 [ 546.356629][T16254] R13: 0000000000000000 R14: 00007f4a4c535f80 R15: 00007fff63f64408 [ 546.364621][T16254] [ 547.049266][T16277] FAULT_INJECTION: forcing a failure. [ 547.049266][T16277] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 547.173127][T16277] CPU: 1 UID: 0 PID: 16277 Comm: syz.8.2600 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 547.183951][T16277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 547.194123][T16277] Call Trace: [ 547.197425][T16277] [ 547.200378][T16277] dump_stack_lvl+0x16c/0x1f0 [ 547.205097][T16277] should_fail_ex+0x497/0x5b0 [ 547.209813][T16277] strncpy_from_user+0x3b/0x2c0 [ 547.214795][T16277] getname_flags.part.0+0x8f/0x550 [ 547.219950][T16277] getname_flags+0x93/0xf0 [ 547.224410][T16277] vfs_fstatat+0x86/0x160 [ 547.228784][T16277] __do_sys_newfstatat+0xa2/0x130 [ 547.233841][T16277] ? __pfx___do_sys_newfstatat+0x10/0x10 [ 547.239508][T16277] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 547.245546][T16277] ? ksys_write+0x1ad/0x260 [ 547.250084][T16277] ? __pfx_ksys_write+0x10/0x10 [ 547.254974][T16277] do_syscall_64+0xcd/0x250 [ 547.259510][T16277] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 547.265440][T16277] RIP: 0033:0x7fc66257e719 [ 547.269882][T16277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 547.289521][T16277] RSP: 002b:00007fc6633a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000106 [ 547.297972][T16277] RAX: ffffffffffffffda RBX: 00007fc662735f80 RCX: 00007fc66257e719 [ 547.305973][T16277] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 547.313974][T16277] RBP: 00007fc6633a2090 R08: 0000000000000000 R09: 0000000000000000 [ 547.321974][T16277] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000001 [ 547.329971][T16277] R13: 0000000000000000 R14: 00007fc662735f80 R15: 00007ffc2a39cc58 [ 547.337985][T16277] [ 548.295621][T16300] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2606'. [ 548.339012][T16307] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2607'. [ 549.318413][T16332] netlink: 'syz.1.2614': attribute type 21 has an invalid length. [ 549.347595][T16332] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2614'. [ 551.200393][T16400] netlink: 'syz.9.2624': attribute type 11 has an invalid length. [ 551.232275][T16400] netlink: 'syz.9.2624': attribute type 11 has an invalid length. [ 553.115454][T16464] FAULT_INJECTION: forcing a failure. [ 553.115454][T16464] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 553.179991][T16464] CPU: 1 UID: 0 PID: 16464 Comm: syz.7.2637 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 553.190822][T16464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 553.200916][T16464] Call Trace: [ 553.204220][T16464] [ 553.207179][T16464] dump_stack_lvl+0x16c/0x1f0 [ 553.211890][T16464] should_fail_ex+0x497/0x5b0 [ 553.216600][T16464] _copy_from_iter+0x29b/0x1400 [ 553.221493][T16464] ? __pfx__copy_from_iter+0x10/0x10 [ 553.226814][T16464] ? __virt_addr_valid+0x1a4/0x590 [ 553.231971][T16464] ? __virt_addr_valid+0x5e/0x590 [ 553.237042][T16464] ? __phys_addr_symbol+0x30/0x80 [ 553.242098][T16464] ? __check_object_size+0x488/0x710 [ 553.247423][T16464] netlink_sendmsg+0x813/0xd70 [ 553.252226][T16464] ? __pfx_netlink_sendmsg+0x10/0x10 [ 553.257554][T16464] ____sys_sendmsg+0x9ae/0xb40 [ 553.262351][T16464] ? copy_msghdr_from_user+0x10b/0x160 [ 553.267841][T16464] ? __pfx_____sys_sendmsg+0x10/0x10 [ 553.273171][T16464] ? __pfx___lock_acquire+0x10/0x10 [ 553.278416][T16464] ___sys_sendmsg+0x135/0x1e0 [ 553.283126][T16464] ? __pfx____sys_sendmsg+0x10/0x10 [ 553.288371][T16464] ? lock_acquire+0x2f/0xb0 [ 553.292913][T16464] ? __fget_files+0x40/0x3f0 [ 553.297545][T16464] ? fdget+0x176/0x210 [ 553.301648][T16464] __sys_sendmsg+0x117/0x1f0 [ 553.306273][T16464] ? __pfx___sys_sendmsg+0x10/0x10 [ 553.311425][T16464] ? __fget_files+0x244/0x3f0 [ 553.316156][T16464] do_syscall_64+0xcd/0x250 [ 553.320690][T16464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 553.326624][T16464] RIP: 0033:0x7f7ea097e719 [ 553.331070][T16464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 553.350713][T16464] RSP: 002b:00007f7ea1729038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 553.359166][T16464] RAX: ffffffffffffffda RBX: 00007f7ea0b35f80 RCX: 00007f7ea097e719 [ 553.367170][T16464] RDX: 000000000400c000 RSI: 0000000020000140 RDI: 0000000000000004 [ 553.375168][T16464] RBP: 00007f7ea1729090 R08: 0000000000000000 R09: 0000000000000000 [ 553.383170][T16464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 553.391168][T16464] R13: 0000000000000000 R14: 00007f7ea0b35f80 R15: 00007ffcbef1f3e8 [ 553.399184][T16464] [ 553.967747][T16476] netlink: 'syz.9.2639': attribute type 11 has an invalid length. [ 554.024404][T16476] netlink: 'syz.9.2639': attribute type 11 has an invalid length. [ 555.032366][T16505] FAULT_INJECTION: forcing a failure. [ 555.032366][T16505] name failslab, interval 1, probability 0, space 0, times 0 [ 555.068255][T16505] CPU: 1 UID: 0 PID: 16505 Comm: syz.8.2648 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 555.079082][T16505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 555.089169][T16505] Call Trace: [ 555.092475][T16505] [ 555.095443][T16505] dump_stack_lvl+0x16c/0x1f0 [ 555.100330][T16505] should_fail_ex+0x497/0x5b0 [ 555.105043][T16505] ? fs_reclaim_acquire+0xae/0x150 [ 555.110198][T16505] should_failslab+0xc2/0x120 [ 555.114916][T16505] __kmalloc_noprof+0xcb/0x410 [ 555.119721][T16505] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 555.125436][T16505] tomoyo_realpath_from_path+0xbf/0x710 [ 555.131023][T16505] ? tomoyo_path_perm+0x25f/0x480 [ 555.136100][T16505] tomoyo_path_perm+0x273/0x480 [ 555.140992][T16505] ? tomoyo_path_perm+0x25f/0x480 [ 555.146060][T16505] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 555.151487][T16505] ? filename_lookup+0x3ea/0x5b0 [ 555.156500][T16505] security_inode_getattr+0x116/0x290 [ 555.161926][T16505] vfs_getattr+0x36/0xb0 [ 555.166208][T16505] vfs_statx_path+0x36/0x390 [ 555.170839][T16505] vfs_statx+0x145/0x1e0 [ 555.175120][T16505] ? __pfx_vfs_statx+0x10/0x10 [ 555.179927][T16505] ? getname_flags.part.0+0x1c5/0x550 [ 555.185347][T16505] vfs_fstatat+0x9f/0x160 [ 555.189730][T16505] __do_sys_newfstatat+0xa2/0x130 [ 555.194791][T16505] ? __pfx___do_sys_newfstatat+0x10/0x10 [ 555.200455][T16505] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 555.206510][T16505] ? ksys_write+0x1ad/0x260 [ 555.211051][T16505] ? __pfx_ksys_write+0x10/0x10 [ 555.215946][T16505] do_syscall_64+0xcd/0x250 [ 555.220482][T16505] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 555.226433][T16505] RIP: 0033:0x7fc66257e719 [ 555.230879][T16505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 555.250530][T16505] RSP: 002b:00007fc6633a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000106 [ 555.259071][T16505] RAX: ffffffffffffffda RBX: 00007fc662735f80 RCX: 00007fc66257e719 [ 555.267078][T16505] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 555.275172][T16505] RBP: 00007fc6633a2090 R08: 0000000000000000 R09: 0000000000000000 [ 555.283182][T16505] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000001 [ 555.291184][T16505] R13: 0000000000000000 R14: 00007fc662735f80 R15: 00007ffc2a39cc58 [ 555.299207][T16505] [ 555.379059][T16505] ERROR: Out of memory at tomoyo_realpath_from_path. [ 555.763669][T16521] netlink: 'syz.8.2651': attribute type 4 has an invalid length. [ 556.785108][T16533] netlink: 'syz.9.2654': attribute type 11 has an invalid length. [ 556.846763][T16533] netlink: 'syz.9.2654': attribute type 11 has an invalid length. [ 557.945832][T16560] FAULT_INJECTION: forcing a failure. [ 557.945832][T16560] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 558.009771][T16560] CPU: 0 UID: 0 PID: 16560 Comm: syz.8.2663 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 558.020598][T16560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 558.030690][T16560] Call Trace: [ 558.033996][T16560] [ 558.036951][T16560] dump_stack_lvl+0x16c/0x1f0 [ 558.041663][T16560] should_fail_ex+0x497/0x5b0 [ 558.046377][T16560] _copy_from_iter+0x29b/0x1400 [ 558.051272][T16560] ? __pfx__copy_from_iter+0x10/0x10 [ 558.056594][T16560] ? __virt_addr_valid+0x1a4/0x590 [ 558.061746][T16560] ? __virt_addr_valid+0x5e/0x590 [ 558.066809][T16560] ? __phys_addr_symbol+0x30/0x80 [ 558.071862][T16560] ? __check_object_size+0x488/0x710 [ 558.077189][T16560] netlink_sendmsg+0x813/0xd70 [ 558.081995][T16560] ? __pfx_netlink_sendmsg+0x10/0x10 [ 558.087331][T16560] ____sys_sendmsg+0x9ae/0xb40 [ 558.092136][T16560] ? copy_msghdr_from_user+0x10b/0x160 [ 558.097643][T16560] ? __pfx_____sys_sendmsg+0x10/0x10 [ 558.102976][T16560] ? __pfx___lock_acquire+0x10/0x10 [ 558.108224][T16560] ___sys_sendmsg+0x135/0x1e0 [ 558.112948][T16560] ? __pfx____sys_sendmsg+0x10/0x10 [ 558.118197][T16560] ? lock_acquire+0x2f/0xb0 [ 558.122737][T16560] ? __fget_files+0x40/0x3f0 [ 558.127368][T16560] ? fdget+0x176/0x210 [ 558.131469][T16560] __sys_sendmsg+0x117/0x1f0 [ 558.136090][T16560] ? __pfx___sys_sendmsg+0x10/0x10 [ 558.141229][T16560] ? __fget_files+0x244/0x3f0 [ 558.145956][T16560] do_syscall_64+0xcd/0x250 [ 558.150506][T16560] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 558.156441][T16560] RIP: 0033:0x7fc66257e719 [ 558.160887][T16560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 558.180525][T16560] RSP: 002b:00007fc6633a2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 558.188951][T16560] RAX: ffffffffffffffda RBX: 00007fc662735f80 RCX: 00007fc66257e719 [ 558.196930][T16560] RDX: 0000000020000000 RSI: 0000000020002380 RDI: 0000000000000004 [ 558.204904][T16560] RBP: 00007fc6633a2090 R08: 0000000000000000 R09: 0000000000000000 [ 558.212879][T16560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 558.220858][T16560] R13: 0000000000000000 R14: 00007fc662735f80 R15: 00007ffc2a39cc58 [ 558.228845][T16560] [ 559.579825][T16596] netlink: 'syz.9.2667': attribute type 11 has an invalid length. [ 559.713641][T16596] netlink: 'syz.9.2667': attribute type 11 has an invalid length. [ 561.079085][T16641] FAULT_INJECTION: forcing a failure. [ 561.079085][T16641] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 561.162623][T16641] CPU: 1 UID: 0 PID: 16641 Comm: syz.8.2676 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 561.173447][T16641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 561.183537][T16641] Call Trace: [ 561.186843][T16641] [ 561.189805][T16641] dump_stack_lvl+0x16c/0x1f0 [ 561.194520][T16641] should_fail_ex+0x497/0x5b0 [ 561.199235][T16641] _copy_from_iter+0x29b/0x1400 [ 561.204129][T16641] ? __pfx__copy_from_iter+0x10/0x10 [ 561.209446][T16641] ? __virt_addr_valid+0x1a4/0x590 [ 561.214599][T16641] ? __virt_addr_valid+0x5e/0x590 [ 561.219661][T16641] ? __phys_addr_symbol+0x30/0x80 [ 561.224719][T16641] ? __check_object_size+0x488/0x710 [ 561.230056][T16641] netlink_sendmsg+0x813/0xd70 [ 561.234864][T16641] ? __pfx_netlink_sendmsg+0x10/0x10 [ 561.240199][T16641] ____sys_sendmsg+0x9ae/0xb40 [ 561.245009][T16641] ? copy_msghdr_from_user+0x10b/0x160 [ 561.250500][T16641] ? __pfx_____sys_sendmsg+0x10/0x10 [ 561.255832][T16641] ? __pfx___lock_acquire+0x10/0x10 [ 561.261077][T16641] ___sys_sendmsg+0x135/0x1e0 [ 561.265780][T16641] ? __pfx____sys_sendmsg+0x10/0x10 [ 561.271000][T16641] ? lock_acquire+0x2f/0xb0 [ 561.275518][T16641] ? __fget_files+0x40/0x3f0 [ 561.280120][T16641] ? fdget+0x176/0x210 [ 561.284194][T16641] __sys_sendmsg+0x117/0x1f0 [ 561.288792][T16641] ? __pfx___sys_sendmsg+0x10/0x10 [ 561.293908][T16641] ? __fget_files+0x244/0x3f0 [ 561.298605][T16641] do_syscall_64+0xcd/0x250 [ 561.303111][T16641] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 561.309016][T16641] RIP: 0033:0x7fc66257e719 [ 561.313433][T16641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 561.333043][T16641] RSP: 002b:00007fc6633a2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 561.341464][T16641] RAX: ffffffffffffffda RBX: 00007fc662735f80 RCX: 00007fc66257e719 [ 561.349434][T16641] RDX: 0000000004048000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 561.357411][T16641] RBP: 00007fc6633a2090 R08: 0000000000000000 R09: 0000000000000000 [ 561.365381][T16641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 561.373354][T16641] R13: 0000000000000000 R14: 00007fc662735f80 R15: 00007ffc2a39cc58 [ 561.381337][T16641] [ 563.127419][T16693] netlink: 'syz.7.2682': attribute type 11 has an invalid length. [ 563.161677][T16693] netlink: 'syz.7.2682': attribute type 11 has an invalid length. [ 564.582976][T16738] netlink: 'syz.7.2694': attribute type 11 has an invalid length. [ 564.634197][T16738] netlink: 'syz.7.2694': attribute type 11 has an invalid length. [ 565.977230][T16790] FAULT_INJECTION: forcing a failure. [ 565.977230][T16790] name failslab, interval 1, probability 0, space 0, times 0 [ 566.066713][T16790] CPU: 0 UID: 0 PID: 16790 Comm: syz.1.2701 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 566.077539][T16790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 566.087710][T16790] Call Trace: [ 566.091011][T16790] [ 566.093957][T16790] dump_stack_lvl+0x16c/0x1f0 [ 566.098669][T16790] should_fail_ex+0x497/0x5b0 [ 566.103378][T16790] ? fs_reclaim_acquire+0xae/0x150 [ 566.108524][T16790] should_failslab+0xc2/0x120 [ 566.113245][T16790] __kmalloc_noprof+0xcb/0x410 [ 566.118077][T16790] ? __pfx___lock_acquire+0x10/0x10 [ 566.123326][T16790] iovec_from_user.part.0+0xf3/0x130 [ 566.128648][T16790] __import_iovec+0xd6/0x6d0 [ 566.133262][T16790] ? hlock_class+0x4e/0x130 [ 566.137784][T16790] import_iovec+0x108/0x140 [ 566.142297][T16790] vfs_writev+0x198/0xdd0 [ 566.146631][T16790] ? ksys_write+0x12f/0x260 [ 566.151143][T16790] ? __pfx_vfs_writev+0x10/0x10 [ 566.155993][T16790] ? find_held_lock+0x2d/0x110 [ 566.160767][T16790] ? __pfx_lock_release+0x10/0x10 [ 566.165799][T16790] ? trace_lock_acquire+0x14a/0x1d0 [ 566.171010][T16790] ? __fget_files+0x244/0x3f0 [ 566.175695][T16790] ? do_writev+0x289/0x370 [ 566.180111][T16790] do_writev+0x289/0x370 [ 566.184355][T16790] ? __pfx_do_writev+0x10/0x10 [ 566.189125][T16790] ? __pfx_native_tss_update_io_bitmap+0x10/0x10 [ 566.195462][T16790] ? ksys_write+0x1ad/0x260 [ 566.199967][T16790] ? __pfx_ksys_write+0x10/0x10 [ 566.204823][T16790] __x64_sys_pwritev2+0x11f/0x160 [ 566.209857][T16790] do_syscall_64+0xcd/0x250 [ 566.214366][T16790] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 566.220270][T16790] RIP: 0033:0x7f93d5f7e719 [ 566.224692][T16790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 566.244301][T16790] RSP: 002b:00007f93d59ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148 [ 566.252719][T16790] RAX: ffffffffffffffda RBX: 00007f93d6135f80 RCX: 00007f93d5f7e719 [ 566.260694][T16790] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 0000000000000003 [ 566.268662][T16790] RBP: 00007f93d59ff090 R08: 0000000000000002 R09: 000000000000000c [ 566.276634][T16790] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 566.284604][T16790] R13: 0000000000000000 R14: 00007f93d6135f80 R15: 00007ffcc68601b8 [ 566.292590][T16790] [ 568.121478][T16845] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2713'. [ 568.626938][T16862] FAULT_INJECTION: forcing a failure. [ 568.626938][T16862] name failslab, interval 1, probability 0, space 0, times 0 [ 568.722807][T16874] net_ratelimit: 8 callbacks suppressed [ 568.722826][T16874] openvswitch: netlink: Flow key attribute not present in set flow. [ 568.746440][T16862] CPU: 1 UID: 0 PID: 16862 Comm: syz.1.2715 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 568.757259][T16862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 568.767335][T16862] Call Trace: [ 568.770636][T16862] [ 568.773580][T16862] dump_stack_lvl+0x16c/0x1f0 [ 568.778292][T16862] should_fail_ex+0x497/0x5b0 [ 568.782997][T16862] should_failslab+0xc2/0x120 [ 568.787692][T16862] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 568.793087][T16862] ? skb_clone+0x190/0x3f0 [ 568.797623][T16862] skb_clone+0x190/0x3f0 [ 568.801880][T16862] netlink_deliver_tap+0xb26/0xcf0 [ 568.807010][T16862] netlink_unicast+0x5e1/0x7f0 [ 568.811803][T16862] ? __pfx_netlink_unicast+0x10/0x10 [ 568.817119][T16862] ? __phys_addr_symbol+0x30/0x80 [ 568.822154][T16862] ? __check_object_size+0x488/0x710 [ 568.827453][T16862] netlink_sendmsg+0x8b8/0xd70 [ 568.832230][T16862] ? __pfx_netlink_sendmsg+0x10/0x10 [ 568.837530][T16862] ____sys_sendmsg+0x9ae/0xb40 [ 568.842303][T16862] ? copy_msghdr_from_user+0x10b/0x160 [ 568.847766][T16862] ? __pfx_____sys_sendmsg+0x10/0x10 [ 568.853064][T16862] ? __pfx___lock_acquire+0x10/0x10 [ 568.858284][T16862] ___sys_sendmsg+0x135/0x1e0 [ 568.862964][T16862] ? __pfx____sys_sendmsg+0x10/0x10 [ 568.868175][T16862] ? lock_acquire+0x2f/0xb0 [ 568.872690][T16862] ? __fget_files+0x40/0x3f0 [ 568.877291][T16862] ? fdget+0x176/0x210 [ 568.881363][T16862] __sys_sendmsg+0x117/0x1f0 [ 568.885957][T16862] ? __pfx___sys_sendmsg+0x10/0x10 [ 568.891072][T16862] ? __fget_files+0x244/0x3f0 [ 568.895771][T16862] do_syscall_64+0xcd/0x250 [ 568.900277][T16862] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 568.906180][T16862] RIP: 0033:0x7f93d5f7e719 [ 568.910596][T16862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 568.930208][T16862] RSP: 002b:00007f93d59ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 568.938626][T16862] RAX: ffffffffffffffda RBX: 00007f93d6135f80 RCX: 00007f93d5f7e719 [ 568.946600][T16862] RDX: 0000000020000000 RSI: 0000000020002380 RDI: 0000000000000004 [ 568.954571][T16862] RBP: 00007f93d59ff090 R08: 0000000000000000 R09: 0000000000000000 [ 568.962539][T16862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 568.970524][T16862] R13: 0000000000000000 R14: 00007f93d6135f80 R15: 00007ffcc68601b8 [ 568.978523][T16862] [ 570.738728][T16920] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2724'. [ 572.811676][T16985] FAULT_INJECTION: forcing a failure. [ 572.811676][T16985] name failslab, interval 1, probability 0, space 0, times 0 [ 572.844649][T16985] CPU: 1 UID: 0 PID: 16985 Comm: syz.8.2738 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 572.855475][T16985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 572.865558][T16985] Call Trace: [ 572.868859][T16985] [ 572.871813][T16985] dump_stack_lvl+0x16c/0x1f0 [ 572.876528][T16985] should_fail_ex+0x497/0x5b0 [ 572.881244][T16985] should_failslab+0xc2/0x120 [ 572.885959][T16985] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 572.891374][T16985] ? skb_clone+0x190/0x3f0 [ 572.895825][T16985] skb_clone+0x190/0x3f0 [ 572.900098][T16985] netlink_deliver_tap+0xb26/0xcf0 [ 572.905250][T16985] netlink_unicast+0x5e1/0x7f0 [ 572.910061][T16985] ? __pfx_netlink_unicast+0x10/0x10 [ 572.915386][T16985] ? __phys_addr_symbol+0x30/0x80 [ 572.920441][T16985] ? __check_object_size+0x488/0x710 [ 572.925764][T16985] netlink_sendmsg+0x8b8/0xd70 [ 572.930570][T16985] ? __pfx_netlink_sendmsg+0x10/0x10 [ 572.935908][T16985] ____sys_sendmsg+0x9ae/0xb40 [ 572.940711][T16985] ? copy_msghdr_from_user+0x10b/0x160 [ 572.946201][T16985] ? __pfx_____sys_sendmsg+0x10/0x10 [ 572.951532][T16985] ? __pfx___lock_acquire+0x10/0x10 [ 572.956777][T16985] ___sys_sendmsg+0x135/0x1e0 [ 572.961491][T16985] ? __pfx____sys_sendmsg+0x10/0x10 [ 572.966742][T16985] ? lock_acquire+0x2f/0xb0 [ 572.971286][T16985] ? __fget_files+0x40/0x3f0 [ 572.975924][T16985] ? fdget+0x176/0x210 [ 572.980026][T16985] __sys_sendmsg+0x117/0x1f0 [ 572.984655][T16985] ? __pfx___sys_sendmsg+0x10/0x10 [ 572.989801][T16985] ? __fget_files+0x244/0x3f0 [ 572.994533][T16985] do_syscall_64+0xcd/0x250 [ 572.999067][T16985] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 573.004997][T16985] RIP: 0033:0x7fc66257e719 [ 573.009435][T16985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 573.029083][T16985] RSP: 002b:00007fc6633a2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 573.037536][T16985] RAX: ffffffffffffffda RBX: 00007fc662735f80 RCX: 00007fc66257e719 [ 573.045542][T16985] RDX: 0000000004048000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 573.053548][T16985] RBP: 00007fc6633a2090 R08: 0000000000000000 R09: 0000000000000000 [ 573.061554][T16985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 573.069557][T16985] R13: 0000000000000000 R14: 00007fc662735f80 R15: 00007ffc2a39cc58 [ 573.077584][T16985] [ 573.371214][T16987] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2736'. [ 574.650902][T17046] FAULT_INJECTION: forcing a failure. [ 574.650902][T17046] name failslab, interval 1, probability 0, space 0, times 0 [ 574.716370][T17046] CPU: 0 UID: 0 PID: 17046 Comm: syz.8.2747 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 574.727199][T17046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 574.737281][T17046] Call Trace: [ 574.740584][T17046] [ 574.743541][T17046] dump_stack_lvl+0x16c/0x1f0 [ 574.748253][T17046] should_fail_ex+0x497/0x5b0 [ 574.752962][T17046] ? fs_reclaim_acquire+0xae/0x150 [ 574.758116][T17046] should_failslab+0xc2/0x120 [ 574.762841][T17046] kmem_cache_alloc_node_noprof+0x71/0x310 [ 574.768687][T17046] ? __alloc_skb+0x2b3/0x380 [ 574.773318][T17046] __alloc_skb+0x2b3/0x380 [ 574.777774][T17046] ? __pfx___alloc_skb+0x10/0x10 [ 574.782758][T17046] ? __mutex_trylock_common+0xea/0x250 [ 574.788261][T17046] netlink_dump+0x6af/0xcc0 [ 574.792805][T17046] ? trace_contention_end+0xea/0x140 [ 574.798140][T17046] ? __pfx_netlink_dump+0x10/0x10 [ 574.803199][T17046] ? __mutex_lock+0x1a6/0x9c0 [ 574.807918][T17046] ? find_held_lock+0x2d/0x110 [ 574.812736][T17046] ? lock_acquire+0x2f/0xb0 [ 574.817278][T17046] ? netlink_lookup+0x3d/0x270 [ 574.822086][T17046] __netlink_dump_start+0x6d9/0x980 [ 574.827330][T17046] netlink_diag_handler_dump+0x1b2/0x250 [ 574.832993][T17046] ? __pfx_netlink_diag_handler_dump+0x10/0x10 [ 574.839155][T17046] ? trace_lock_acquire+0x14a/0x1d0 [ 574.844368][T17046] ? __pfx_netlink_diag_dump+0x10/0x10 [ 574.849844][T17046] ? __pfx_netlink_diag_dump_done+0x10/0x10 [ 574.855755][T17046] sock_diag_rcv_msg+0x437/0x790 [ 574.860708][T17046] netlink_rcv_skb+0x165/0x410 [ 574.865483][T17046] ? __pfx_sock_diag_rcv_msg+0x10/0x10 [ 574.870955][T17046] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 574.876270][T17046] ? netlink_deliver_tap+0x1ae/0xcf0 [ 574.881577][T17046] netlink_unicast+0x53c/0x7f0 [ 574.886355][T17046] ? __pfx_netlink_unicast+0x10/0x10 [ 574.891655][T17046] ? __phys_addr_symbol+0x30/0x80 [ 574.896688][T17046] ? __check_object_size+0x488/0x710 [ 574.901987][T17046] netlink_sendmsg+0x8b8/0xd70 [ 574.906764][T17046] ? __pfx_netlink_sendmsg+0x10/0x10 [ 574.912070][T17046] ____sys_sendmsg+0x9ae/0xb40 [ 574.916844][T17046] ? copy_msghdr_from_user+0x10b/0x160 [ 574.922311][T17046] ? __pfx_____sys_sendmsg+0x10/0x10 [ 574.927618][T17046] ? __pfx___lock_acquire+0x10/0x10 [ 574.932834][T17046] ___sys_sendmsg+0x135/0x1e0 [ 574.937517][T17046] ? __pfx____sys_sendmsg+0x10/0x10 [ 574.942734][T17046] ? lock_acquire+0x2f/0xb0 [ 574.947251][T17046] ? __fget_files+0x40/0x3f0 [ 574.951856][T17046] ? fdget+0x176/0x210 [ 574.955944][T17046] __sys_sendmsg+0x117/0x1f0 [ 574.960543][T17046] ? __pfx___sys_sendmsg+0x10/0x10 [ 574.965657][T17046] ? __fget_files+0x244/0x3f0 [ 574.970362][T17046] do_syscall_64+0xcd/0x250 [ 574.974881][T17046] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 574.980786][T17046] RIP: 0033:0x7fc66257e719 [ 574.985241][T17046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 575.004874][T17046] RSP: 002b:00007fc6633a2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 575.013300][T17046] RAX: ffffffffffffffda RBX: 00007fc662735f80 RCX: 00007fc66257e719 [ 575.021279][T17046] RDX: 000000000400c000 RSI: 0000000020000140 RDI: 0000000000000004 [ 575.029251][T17046] RBP: 00007fc6633a2090 R08: 0000000000000000 R09: 0000000000000000 [ 575.037229][T17046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 575.045206][T17046] R13: 0000000000000000 R14: 00007fc662735f80 R15: 00007ffc2a39cc58 [ 575.053225][T17046] [ 575.438802][ T29] audit: type=1326 audit(8277292124.012:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17057 comm="syz.8.2752" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc66257e719 code=0x0 [ 575.941586][T17078] FAULT_INJECTION: forcing a failure. [ 575.941586][T17078] name failslab, interval 1, probability 0, space 0, times 0 [ 575.976555][T17078] CPU: 1 UID: 8 PID: 17078 Comm: syz.1.2756 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 575.987383][T17078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 575.997473][T17078] Call Trace: [ 576.000781][T17078] [ 576.003743][T17078] dump_stack_lvl+0x16c/0x1f0 [ 576.008462][T17078] should_fail_ex+0x497/0x5b0 [ 576.013177][T17078] ? fs_reclaim_acquire+0xae/0x150 [ 576.018338][T17078] should_failslab+0xc2/0x120 [ 576.023065][T17078] __kmalloc_noprof+0xcb/0x410 [ 576.027866][T17078] ? __kmalloc_noprof+0x207/0x410 [ 576.032943][T17078] tomoyo_realpath_from_path+0xbf/0x710 [ 576.038533][T17078] ? tomoyo_fill_path_info+0x233/0x420 [ 576.044043][T17078] tomoyo_mount_acl+0x1af/0x880 [ 576.048944][T17078] ? hlock_class+0x4e/0x130 [ 576.053488][T17078] ? __lock_acquire+0x163e/0x3ce0 [ 576.058569][T17078] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 576.063997][T17078] ? __pfx___lock_acquire+0x10/0x10 [ 576.069249][T17078] ? stack_trace_save+0x95/0xd0 [ 576.074144][T17078] ? __pfx_lock_release+0x10/0x10 [ 576.079235][T17078] ? trace_lock_acquire+0x14a/0x1d0 [ 576.084478][T17078] ? tomoyo_mount_permission+0x146/0x410 [ 576.090164][T17078] ? lock_acquire+0x2f/0xb0 [ 576.094713][T17078] ? tomoyo_mount_permission+0x146/0x410 [ 576.100397][T17078] tomoyo_mount_permission+0x16b/0x410 [ 576.105901][T17078] ? tomoyo_mount_permission+0x146/0x410 [ 576.111583][T17078] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 576.117632][T17078] ? get_current_fs_domain+0x188/0x1f0 [ 576.123142][T17078] security_sb_mount+0x9b/0x260 [ 576.128048][T17078] path_mount+0x129/0x1f10 [ 576.132508][T17078] ? kmem_cache_free+0x152/0x4b0 [ 576.137491][T17078] ? __pfx_path_mount+0x10/0x10 [ 576.142385][T17078] ? putname+0x12e/0x170 [ 576.146671][T17078] __x64_sys_mount+0x294/0x320 [ 576.151467][T17078] ? __pfx___x64_sys_mount+0x10/0x10 [ 576.156803][T17078] do_syscall_64+0xcd/0x250 [ 576.161364][T17078] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 576.167310][T17078] RIP: 0033:0x7f93d5f7e719 [ 576.171759][T17078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 576.191409][T17078] RSP: 002b:00007f93d59ff038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 576.199867][T17078] RAX: ffffffffffffffda RBX: 00007f93d6135f80 RCX: 00007f93d5f7e719 [ 576.207869][T17078] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000000 [ 576.215877][T17078] RBP: 00007f93d59ff090 R08: 0000000000000000 R09: 0000000000000000 [ 576.223885][T17078] R10: 000000000000007f R11: 0000000000000246 R12: 0000000000000001 [ 576.231894][T17078] R13: 0000000000000000 R14: 00007f93d6135f80 R15: 00007ffcc68601b8 [ 576.239921][T17078] [ 576.369002][T17078] ERROR: Out of memory at tomoyo_realpath_from_path. [ 578.432255][T17124] netlink: 'syz.7.2767': attribute type 11 has an invalid length. [ 578.475001][T17124] netlink: 'syz.7.2767': attribute type 11 has an invalid length. [ 578.840665][T17138] FAULT_INJECTION: forcing a failure. [ 578.840665][T17138] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 578.901246][T17138] CPU: 0 UID: 0 PID: 17138 Comm: syz.7.2768 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 578.912070][T17138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 578.922153][T17138] Call Trace: [ 578.925462][T17138] [ 578.928416][T17138] dump_stack_lvl+0x16c/0x1f0 [ 578.933122][T17138] should_fail_ex+0x497/0x5b0 [ 578.937833][T17138] _copy_to_user+0x32/0xd0 [ 578.942291][T17138] cp_new_stat+0x469/0x5a0 [ 578.946751][T17138] ? __pfx_cp_new_stat+0x10/0x10 [ 578.951816][T17138] ? kasan_quarantine_put+0x10a/0x240 [ 578.957251][T17138] ? putname+0x12e/0x170 [ 578.961530][T17138] ? vfs_fstatat+0xae/0x160 [ 578.966074][T17138] __do_sys_newfstatat+0x11a/0x130 [ 578.971225][T17138] ? __pfx___do_sys_newfstatat+0x10/0x10 [ 578.976882][T17138] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 578.982899][T17138] ? ksys_write+0x1ad/0x260 [ 578.987421][T17138] ? __pfx_ksys_write+0x10/0x10 [ 578.992286][T17138] do_syscall_64+0xcd/0x250 [ 578.996798][T17138] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 579.002708][T17138] RIP: 0033:0x7f7ea097e719 [ 579.007125][T17138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 579.026751][T17138] RSP: 002b:00007f7ea1729038 EFLAGS: 00000246 ORIG_RAX: 0000000000000106 [ 579.035174][T17138] RAX: ffffffffffffffda RBX: 00007f7ea0b35f80 RCX: 00007f7ea097e719 [ 579.043145][T17138] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 579.051124][T17138] RBP: 00007f7ea1729090 R08: 0000000000000000 R09: 0000000000000000 [ 579.059100][T17138] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000001 [ 579.067071][T17138] R13: 0000000000000000 R14: 00007f7ea0b35f80 R15: 00007ffcbef1f3e8 [ 579.075057][T17138] [ 580.292535][T17168] GUP no longer grows the stack in syz.7.2773 (17168): 14000-41000 (4000) [ 580.341168][T17168] CPU: 1 UID: 0 PID: 17168 Comm: syz.7.2773 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 580.351995][T17168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 580.362079][T17168] Call Trace: [ 580.365387][T17168] [ 580.368349][T17168] dump_stack_lvl+0x16c/0x1f0 [ 580.373059][T17168] gup_vma_lookup+0x1d2/0x220 [ 580.377783][T17168] __get_user_pages+0x236/0x3b50 [ 580.382767][T17168] ? schedule+0x298/0x350 [ 580.387136][T17168] ? __pfx_lock_release+0x10/0x10 [ 580.392207][T17168] ? __pfx___get_user_pages+0x10/0x10 [ 580.397622][T17168] ? schedule+0x1fd/0x350 [ 580.402006][T17168] __gup_longterm_locked+0x22e/0x1b30 [ 580.407436][T17168] ? __pfx_rwsem_down_read_slowpath+0x10/0x10 [ 580.413535][T17168] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 580.419209][T17168] ? __pfx___gup_longterm_locked+0x10/0x10 [ 580.425054][T17168] ? rwsem_read_trylock+0x6d/0x250 [ 580.430211][T17168] pin_user_pages_remote+0xee/0x150 [ 580.435466][T17168] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 580.441311][T17168] ? down_read+0xc9/0x330 [ 580.445681][T17168] process_vm_rw_core.constprop.0+0x439/0x9f0 [ 580.451800][T17168] ? futex_wait_queue+0x101/0x1f0 [ 580.456869][T17168] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 580.463527][T17168] process_vm_rw+0x301/0x360 [ 580.468163][T17168] ? __pfx_process_vm_rw+0x10/0x10 [ 580.473365][T17168] ? xfd_validate_state+0x5d/0x180 [ 580.478527][T17168] ? rcu_is_watching+0x12/0xc0 [ 580.483353][T17168] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 580.489040][T17168] ? do_syscall_64+0x91/0x250 [ 580.493749][T17168] ? lockdep_hardirqs_on+0x7c/0x110 [ 580.498989][T17168] do_syscall_64+0xcd/0x250 [ 580.503524][T17168] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 580.509465][T17168] RIP: 0033:0x7f7ea097e719 [ 580.513904][T17168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 580.533544][T17168] RSP: 002b:00007f7ea16e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 580.542000][T17168] RAX: ffffffffffffffda RBX: 00007f7ea0b36130 RCX: 00007f7ea097e719 [ 580.550009][T17168] RDX: 0000000000000004 RSI: 0000000020000040 RDI: 00000000000001ff [ 580.558016][T17168] RBP: 00007f7ea09f132e R08: 0000000000000006 R09: 0000000000000000 [ 580.566021][T17168] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000 [ 580.574107][T17168] R13: 0000000000000000 R14: 00007f7ea0b36130 R15: 00007ffcbef1f3e8 [ 580.582127][T17168] [ 581.090941][T17192] FAULT_INJECTION: forcing a failure. [ 581.090941][T17192] name failslab, interval 1, probability 0, space 0, times 0 [ 581.149056][T17192] CPU: 1 UID: 0 PID: 17192 Comm: syz.7.2776 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 581.159885][T17192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 581.169976][T17192] Call Trace: [ 581.173282][T17192] [ 581.176240][T17192] dump_stack_lvl+0x16c/0x1f0 [ 581.180955][T17192] should_fail_ex+0x497/0x5b0 [ 581.185669][T17192] ? fs_reclaim_acquire+0xae/0x150 [ 581.190822][T17192] should_failslab+0xc2/0x120 [ 581.195544][T17192] __kmalloc_noprof+0xcb/0x410 [ 581.200356][T17192] ? lockdep_hardirqs_on+0x7c/0x110 [ 581.205612][T17192] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 581.212780][T17192] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 581.218297][T17192] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 581.225027][T17192] ? bpf_lsm_capable+0x9/0x10 [ 581.229745][T17192] ? security_capable+0x7e/0x260 [ 581.234725][T17192] genl_rcv_msg+0x565/0x800 [ 581.239277][T17192] ? __pfx_genl_rcv_msg+0x10/0x10 [ 581.244341][T17192] ? __pfx_ila_xlat_nl_cmd_del_mapping+0x10/0x10 [ 581.250721][T17192] netlink_rcv_skb+0x165/0x410 [ 581.255524][T17192] ? __pfx_genl_rcv_msg+0x10/0x10 [ 581.260612][T17192] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 581.265947][T17192] ? down_read+0xc9/0x330 [ 581.270310][T17192] ? __pfx_down_read+0x10/0x10 [ 581.275107][T17192] ? netlink_deliver_tap+0x1ae/0xcf0 [ 581.280433][T17192] genl_rcv+0x28/0x40 [ 581.284450][T17192] netlink_unicast+0x53c/0x7f0 [ 581.289253][T17192] ? __pfx_netlink_unicast+0x10/0x10 [ 581.294579][T17192] ? __phys_addr_symbol+0x30/0x80 [ 581.299640][T17192] ? __check_object_size+0x488/0x710 [ 581.304967][T17192] netlink_sendmsg+0x8b8/0xd70 [ 581.309773][T17192] ? __pfx_netlink_sendmsg+0x10/0x10 [ 581.315110][T17192] ____sys_sendmsg+0x9ae/0xb40 [ 581.319910][T17192] ? copy_msghdr_from_user+0x10b/0x160 [ 581.325414][T17192] ? __pfx_____sys_sendmsg+0x10/0x10 [ 581.330747][T17192] ? __pfx___lock_acquire+0x10/0x10 [ 581.335991][T17192] ___sys_sendmsg+0x135/0x1e0 [ 581.340701][T17192] ? __pfx____sys_sendmsg+0x10/0x10 [ 581.345950][T17192] ? lock_acquire+0x2f/0xb0 [ 581.350501][T17192] ? __fget_files+0x40/0x3f0 [ 581.355146][T17192] ? fdget+0x176/0x210 [ 581.359334][T17192] __sys_sendmsg+0x117/0x1f0 [ 581.363962][T17192] ? __pfx___sys_sendmsg+0x10/0x10 [ 581.369108][T17192] ? __fget_files+0x244/0x3f0 [ 581.373842][T17192] do_syscall_64+0xcd/0x250 [ 581.378381][T17192] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 581.384311][T17192] RIP: 0033:0x7f7ea097e719 [ 581.388747][T17192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 581.408389][T17192] RSP: 002b:00007f7ea1729038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 581.416845][T17192] RAX: ffffffffffffffda RBX: 00007f7ea0b35f80 RCX: 00007f7ea097e719 [ 581.424857][T17192] RDX: 0000000020000000 RSI: 0000000020002380 RDI: 0000000000000004 [ 581.432866][T17192] RBP: 00007f7ea1729090 R08: 0000000000000000 R09: 0000000000000000 [ 581.440873][T17192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 581.448878][T17192] R13: 0000000000000000 R14: 00007f7ea0b35f80 R15: 00007ffcbef1f3e8 [ 581.456903][T17192] [ 582.635985][T17249] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2783'. [ 582.859702][T17256] FAULT_INJECTION: forcing a failure. [ 582.859702][T17256] name failslab, interval 1, probability 0, space 0, times 0 [ 582.882417][T17256] CPU: 1 UID: 0 PID: 17256 Comm: syz.8.2786 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 582.893242][T17256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 582.903321][T17256] Call Trace: [ 582.906623][T17256] [ 582.909661][T17256] dump_stack_lvl+0x16c/0x1f0 [ 582.914376][T17256] should_fail_ex+0x497/0x5b0 [ 582.919519][T17256] ? fs_reclaim_acquire+0xae/0x150 [ 582.924671][T17256] should_failslab+0xc2/0x120 [ 582.929386][T17256] kmem_cache_alloc_node_noprof+0x71/0x310 [ 582.935235][T17256] ? __alloc_skb+0x2b3/0x380 [ 582.939881][T17256] __alloc_skb+0x2b3/0x380 [ 582.944343][T17256] ? __pfx___alloc_skb+0x10/0x10 [ 582.949338][T17256] netlink_ack+0x164/0xb20 [ 582.953793][T17256] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 582.959750][T17256] netlink_rcv_skb+0x327/0x410 [ 582.964555][T17256] ? __pfx_sock_diag_rcv_msg+0x10/0x10 [ 582.970055][T17256] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 582.975396][T17256] ? netlink_deliver_tap+0x1ae/0xcf0 [ 582.980716][T17256] netlink_unicast+0x53c/0x7f0 [ 582.985520][T17256] ? __pfx_netlink_unicast+0x10/0x10 [ 582.990840][T17256] ? __phys_addr_symbol+0x30/0x80 [ 582.995891][T17256] ? __check_object_size+0x488/0x710 [ 583.001224][T17256] netlink_sendmsg+0x8b8/0xd70 [ 583.006032][T17256] ? __pfx_netlink_sendmsg+0x10/0x10 [ 583.011367][T17256] ____sys_sendmsg+0x9ae/0xb40 [ 583.016168][T17256] ? copy_msghdr_from_user+0x10b/0x160 [ 583.021661][T17256] ? __pfx_____sys_sendmsg+0x10/0x10 [ 583.026991][T17256] ? __pfx___lock_acquire+0x10/0x10 [ 583.032232][T17256] ___sys_sendmsg+0x135/0x1e0 [ 583.036942][T17256] ? __pfx____sys_sendmsg+0x10/0x10 [ 583.042188][T17256] ? lock_acquire+0x2f/0xb0 [ 583.046727][T17256] ? __fget_files+0x40/0x3f0 [ 583.051389][T17256] ? fdget+0x176/0x210 [ 583.055496][T17256] __sys_sendmsg+0x117/0x1f0 [ 583.060209][T17256] ? __pfx___sys_sendmsg+0x10/0x10 [ 583.065348][T17256] ? __fget_files+0x244/0x3f0 [ 583.070077][T17256] do_syscall_64+0xcd/0x250 [ 583.074614][T17256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 583.080537][T17256] RIP: 0033:0x7fc66257e719 [ 583.084979][T17256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 583.104625][T17256] RSP: 002b:00007fc6633a2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 583.113079][T17256] RAX: ffffffffffffffda RBX: 00007fc662735f80 RCX: 00007fc66257e719 [ 583.121100][T17256] RDX: 0000000004048000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 583.129119][T17256] RBP: 00007fc6633a2090 R08: 0000000000000000 R09: 0000000000000000 [ 583.137162][T17256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 583.145167][T17256] R13: 0000000000000000 R14: 00007fc662735f80 R15: 00007ffc2a39cc58 [ 583.153190][T17256] [ 583.452470][T17267] netlink: 'syz.1.2789': attribute type 11 has an invalid length. [ 583.471417][T17267] netlink: 'syz.1.2789': attribute type 11 has an invalid length. [ 585.594110][T17314] netlink: 'syz.1.2800': attribute type 11 has an invalid length. [ 585.620364][T17314] netlink: 'syz.1.2800': attribute type 11 has an invalid length. [ 586.631800][T17328] svc: failed to register nfsdv3 RPC service (errno 111). [ 586.689671][T17328] svc: failed to register nfsaclv3 RPC service (errno 111). [ 587.140572][T17359] sctp: [Deprecated]: syz.8.2809 (pid 17359) Use of struct sctp_assoc_value in delayed_ack socket option. [ 587.140572][T17359] Use struct sctp_sack_info instead [ 587.239708][T17359] sctp: [Deprecated]: syz.8.2809 (pid 17359) Use of struct sctp_assoc_value in delayed_ack socket option. [ 587.239708][T17359] Use struct sctp_sack_info instead [ 587.302582][T17359] sctp: [Deprecated]: syz.8.2809 (pid 17359) Use of struct sctp_assoc_value in delayed_ack socket option. [ 587.302582][T17359] Use struct sctp_sack_info instead [ 587.366200][T17359] sctp: [Deprecated]: syz.8.2809 (pid 17359) Use of struct sctp_assoc_value in delayed_ack socket option. [ 587.366200][T17359] Use struct sctp_sack_info instead [ 587.429741][T17359] sctp: [Deprecated]: syz.8.2809 (pid 17359) Use of struct sctp_assoc_value in delayed_ack socket option. [ 587.429741][T17359] Use struct sctp_sack_info instead [ 587.483356][T17359] sctp: [Deprecated]: syz.8.2809 (pid 17359) Use of struct sctp_assoc_value in delayed_ack socket option. [ 587.483356][T17359] Use struct sctp_sack_info instead [ 587.529649][T17359] sctp: [Deprecated]: syz.8.2809 (pid 17359) Use of struct sctp_assoc_value in delayed_ack socket option. [ 587.529649][T17359] Use struct sctp_sack_info instead [ 587.583615][T17359] sctp: [Deprecated]: syz.8.2809 (pid 17359) Use of struct sctp_assoc_value in delayed_ack socket option. [ 587.583615][T17359] Use struct sctp_sack_info instead [ 587.663188][T17359] sctp: [Deprecated]: syz.8.2809 (pid 17359) Use of struct sctp_assoc_value in delayed_ack socket option. [ 587.663188][T17359] Use struct sctp_sack_info instead [ 587.684554][T17374] netlink: 'syz.1.2812': attribute type 11 has an invalid length. [ 587.693004][T17374] netlink: 'syz.1.2812': attribute type 11 has an invalid length. [ 587.714625][T17359] sctp: [Deprecated]: syz.8.2809 (pid 17359) Use of struct sctp_assoc_value in delayed_ack socket option. [ 587.714625][T17359] Use struct sctp_sack_info instead [ 588.028356][T17385] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2816'. [ 588.415520][T17402] FAULT_INJECTION: forcing a failure. [ 588.415520][T17402] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 588.521581][T17402] CPU: 0 UID: 0 PID: 17402 Comm: syz.9.2820 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 588.532407][T17402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 588.542489][T17402] Call Trace: [ 588.545792][T17402] [ 588.548757][T17402] dump_stack_lvl+0x16c/0x1f0 [ 588.553480][T17402] should_fail_ex+0x497/0x5b0 [ 588.558190][T17402] _copy_to_user+0x32/0xd0 [ 588.562644][T17402] simple_read_from_buffer+0xd0/0x160 [ 588.568067][T17402] proc_fail_nth_read+0x198/0x270 [ 588.573132][T17402] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 588.578808][T17402] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 588.584395][T17402] vfs_read+0x1df/0xbe0 [ 588.588591][T17402] ? __fget_files+0x23a/0x3f0 [ 588.593290][T17402] ? fdget_pos+0x24c/0x360 [ 588.597739][T17402] ? __pfx_lock_release+0x10/0x10 [ 588.602800][T17402] ? trace_lock_acquire+0x14a/0x1d0 [ 588.608031][T17402] ? __pfx_vfs_read+0x10/0x10 [ 588.612739][T17402] ? __pfx___mutex_lock+0x10/0x10 [ 588.617809][T17402] ? __fget_files+0x244/0x3f0 [ 588.622525][T17402] ksys_read+0x12f/0x260 [ 588.626798][T17402] ? __pfx_ksys_read+0x10/0x10 [ 588.631603][T17402] do_syscall_64+0xcd/0x250 [ 588.636136][T17402] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 588.642072][T17402] RIP: 0033:0x7f4a4c37d15c [ 588.646511][T17402] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 588.666149][T17402] RSP: 002b:00007f4a4d23a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 588.674601][T17402] RAX: ffffffffffffffda RBX: 00007f4a4c535f80 RCX: 00007f4a4c37d15c [ 588.682604][T17402] RDX: 000000000000000f RSI: 00007f4a4d23a0a0 RDI: 0000000000000005 [ 588.690609][T17402] RBP: 00007f4a4d23a090 R08: 0000000000000000 R09: 0000000000000000 [ 588.698611][T17402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 588.706614][T17402] R13: 0000000000000000 R14: 00007f4a4c535f80 R15: 00007fff63f64408 [ 588.714641][T17402] [ 588.778744][T17410] netlink: 'syz.1.2823': attribute type 11 has an invalid length. [ 588.827674][T17410] netlink: 'syz.1.2823': attribute type 11 has an invalid length. [ 589.291271][T17425] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2825'. [ 590.634002][T17478] netlink: 'syz.1.2834': attribute type 11 has an invalid length. [ 590.670316][T17478] netlink: 'syz.1.2834': attribute type 11 has an invalid length. [ 591.445921][T17506] FAULT_INJECTION: forcing a failure. [ 591.445921][T17506] name failslab, interval 1, probability 0, space 0, times 0 [ 591.523501][T17506] CPU: 0 UID: 0 PID: 17506 Comm: syz.7.2841 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 591.534326][T17506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 591.544417][T17506] Call Trace: [ 591.547712][T17506] [ 591.550662][T17506] dump_stack_lvl+0x16c/0x1f0 [ 591.555195][T17509] netlink: zone id is out of range [ 591.555349][T17506] should_fail_ex+0x497/0x5b0 [ 591.560447][T17509] netlink: zone id is out of range [ 591.565104][T17506] ? fs_reclaim_acquire+0xae/0x150 [ 591.565140][T17506] should_failslab+0xc2/0x120 [ 591.565171][T17506] __kmalloc_cache_noprof+0x6b/0x310 [ 591.565206][T17506] ? __netlink_diag_dump+0x5b2/0x7a0 [ 591.565234][T17506] __netlink_diag_dump+0x5b2/0x7a0 [ 591.565265][T17506] netlink_diag_dump+0xd9/0x240 [ 591.565292][T17506] netlink_dump+0x552/0xcc0 [ 591.565324][T17506] ? __pfx_netlink_dump+0x10/0x10 [ 591.565350][T17506] ? __mutex_lock+0x1a6/0x9c0 [ 591.565385][T17506] ? find_held_lock+0x2d/0x110 [ 591.565428][T17506] ? lock_acquire+0x2f/0xb0 [ 591.565459][T17506] ? netlink_lookup+0x3d/0x270 [ 591.591903][T17509] netlink: zone id is out of range [ 591.595988][T17506] __netlink_dump_start+0x6d9/0x980 [ 591.639430][T17506] netlink_diag_handler_dump+0x1b2/0x250 [ 591.645109][T17506] ? __pfx_netlink_diag_handler_dump+0x10/0x10 [ 591.651305][T17506] ? trace_lock_acquire+0x14a/0x1d0 [ 591.655462][T17509] netlink: zone id is out of range [ 591.656518][T17506] ? __pfx_netlink_diag_dump+0x10/0x10 [ 591.661615][T17509] netlink: zone id is out of range [ 591.661627][T17509] netlink: zone id is out of range [ 591.667051][T17506] ? __pfx_netlink_diag_dump_done+0x10/0x10 [ 591.667089][T17506] sock_diag_rcv_msg+0x437/0x790 [ 591.667124][T17506] netlink_rcv_skb+0x165/0x410 [ 591.667158][T17506] ? __pfx_sock_diag_rcv_msg+0x10/0x10 [ 591.698646][T17506] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 591.703986][T17506] ? netlink_deliver_tap+0x1ae/0xcf0 [ 591.706675][T17515] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2843'. [ 591.709323][T17506] netlink_unicast+0x53c/0x7f0 [ 591.709365][T17506] ? __pfx_netlink_unicast+0x10/0x10 [ 591.709401][T17506] ? __phys_addr_symbol+0x30/0x80 [ 591.709429][T17506] ? __check_object_size+0x488/0x710 [ 591.709464][T17506] netlink_sendmsg+0x8b8/0xd70 [ 591.709500][T17506] ? __pfx_netlink_sendmsg+0x10/0x10 [ 591.709544][T17506] ____sys_sendmsg+0x9ae/0xb40 [ 591.709576][T17506] ? copy_msghdr_from_user+0x10b/0x160 [ 591.709603][T17506] ? __pfx_____sys_sendmsg+0x10/0x10 [ 591.709641][T17506] ? __pfx___lock_acquire+0x10/0x10 [ 591.769990][T17506] ___sys_sendmsg+0x135/0x1e0 [ 591.774793][T17506] ? __pfx____sys_sendmsg+0x10/0x10 [ 591.780047][T17506] ? lock_acquire+0x2f/0xb0 [ 591.784595][T17506] ? __fget_files+0x40/0x3f0 [ 591.789235][T17506] ? fdget+0x176/0x210 [ 591.793340][T17506] __sys_sendmsg+0x117/0x1f0 [ 591.793902][T17509] netlink: zone id is out of range [ 591.797944][T17506] ? __pfx___sys_sendmsg+0x10/0x10 [ 591.808177][T17506] ? __fget_files+0x244/0x3f0 [ 591.812913][T17506] do_syscall_64+0xcd/0x250 [ 591.817441][T17506] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 591.823372][T17506] RIP: 0033:0x7f7ea097e719 [ 591.827820][T17506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 591.847464][T17506] RSP: 002b:00007f7ea1729038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 591.855918][T17506] RAX: ffffffffffffffda RBX: 00007f7ea0b35f80 RCX: 00007f7ea097e719 [ 591.863924][T17506] RDX: 000000000400c000 RSI: 0000000020000140 RDI: 0000000000000004 [ 591.871935][T17506] RBP: 00007f7ea1729090 R08: 0000000000000000 R09: 0000000000000000 [ 591.879936][T17506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 591.887940][T17506] R13: 0000000000000000 R14: 00007f7ea0b35f80 R15: 00007ffcbef1f3e8 [ 591.893163][T17509] netlink: zone id is out of range [ 591.895934][T17506] [ 592.020758][T17509] netlink: zone id is out of range [ 592.053922][T17509] netlink: set zone limit has 4 unknown bytes [ 594.987724][T17620] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2863'. [ 596.020264][T17656] FAULT_INJECTION: forcing a failure. [ 596.020264][T17656] name failslab, interval 1, probability 0, space 0, times 0 [ 596.080445][T17656] CPU: 0 UID: 0 PID: 17656 Comm: syz.8.2871 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 596.091278][T17656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 596.101368][T17656] Call Trace: [ 596.104691][T17656] [ 596.107645][T17656] dump_stack_lvl+0x16c/0x1f0 [ 596.112362][T17656] should_fail_ex+0x497/0x5b0 [ 596.117075][T17656] should_failslab+0xc2/0x120 [ 596.121795][T17656] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 596.127207][T17656] ? skb_clone+0x190/0x3f0 [ 596.131751][T17656] skb_clone+0x190/0x3f0 [ 596.136032][T17656] netlink_deliver_tap+0xb26/0xcf0 [ 596.141188][T17656] netlink_unicast+0x6b4/0x7f0 [ 596.145998][T17656] ? __pfx_netlink_unicast+0x10/0x10 [ 596.151314][T17656] netlink_ack+0x6a5/0xb20 [ 596.155750][T17656] netlink_rcv_skb+0x327/0x410 [ 596.160527][T17656] ? __pfx_sock_diag_rcv_msg+0x10/0x10 [ 596.166003][T17656] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 596.171323][T17656] ? netlink_deliver_tap+0x1ae/0xcf0 [ 596.176623][T17656] netlink_unicast+0x53c/0x7f0 [ 596.181415][T17656] ? __pfx_netlink_unicast+0x10/0x10 [ 596.186709][T17656] ? __phys_addr_symbol+0x30/0x80 [ 596.191743][T17656] ? __check_object_size+0x488/0x710 [ 596.197044][T17656] netlink_sendmsg+0x8b8/0xd70 [ 596.201821][T17656] ? __pfx_netlink_sendmsg+0x10/0x10 [ 596.207125][T17656] ____sys_sendmsg+0x9ae/0xb40 [ 596.211899][T17656] ? copy_msghdr_from_user+0x10b/0x160 [ 596.217364][T17656] ? __pfx_____sys_sendmsg+0x10/0x10 [ 596.222667][T17656] ? __pfx___lock_acquire+0x10/0x10 [ 596.227973][T17656] ___sys_sendmsg+0x135/0x1e0 [ 596.232661][T17656] ? __pfx____sys_sendmsg+0x10/0x10 [ 596.237876][T17656] ? lock_acquire+0x2f/0xb0 [ 596.242387][T17656] ? __fget_files+0x40/0x3f0 [ 596.246990][T17656] ? fdget+0x176/0x210 [ 596.251066][T17656] __sys_sendmsg+0x117/0x1f0 [ 596.255667][T17656] ? __pfx___sys_sendmsg+0x10/0x10 [ 596.260783][T17656] ? __fget_files+0x244/0x3f0 [ 596.265485][T17656] do_syscall_64+0xcd/0x250 [ 596.269999][T17656] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 596.275904][T17656] RIP: 0033:0x7fc66257e719 [ 596.280322][T17656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 596.300025][T17656] RSP: 002b:00007fc6633a2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 596.308448][T17656] RAX: ffffffffffffffda RBX: 00007fc662735f80 RCX: 00007fc66257e719 [ 596.316424][T17656] RDX: 0000000004048000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 596.324398][T17656] RBP: 00007fc6633a2090 R08: 0000000000000000 R09: 0000000000000000 [ 596.332371][T17656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 596.340339][T17656] R13: 0000000000000000 R14: 00007fc662735f80 R15: 00007ffc2a39cc58 [ 596.348325][T17656] [ 598.763888][T17734] netlink: 'syz.9.2890': attribute type 11 has an invalid length. [ 598.785532][T17734] netlink: 'syz.9.2890': attribute type 11 has an invalid length. [ 599.522035][T17755] netlink: 'syz.9.2895': attribute type 11 has an invalid length. [ 599.530560][T17755] netlink: 'syz.9.2895': attribute type 11 has an invalid length. [ 600.749409][T17802] netlink: 'syz.9.2902': attribute type 11 has an invalid length. [ 600.780382][T17802] netlink: 'syz.9.2902': attribute type 11 has an invalid length. [ 601.494113][T17821] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 602.442557][T17850] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2910'. [ 602.483523][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 602.489871][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 604.654558][T17911] FAULT_INJECTION: forcing a failure. [ 604.654558][T17911] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 604.694979][T17911] CPU: 0 UID: 0 PID: 17911 Comm: syz.8.2920 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 604.705801][T17911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 604.715881][T17911] Call Trace: [ 604.719178][T17911] [ 604.722129][T17911] dump_stack_lvl+0x16c/0x1f0 [ 604.726845][T17911] should_fail_ex+0x497/0x5b0 [ 604.731564][T17911] _copy_to_user+0x32/0xd0 [ 604.736014][T17911] simple_read_from_buffer+0xd0/0x160 [ 604.741772][T17911] proc_fail_nth_read+0x198/0x270 [ 604.746833][T17911] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 604.752425][T17911] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 604.758011][T17911] vfs_read+0x1df/0xbe0 [ 604.762202][T17911] ? __fget_files+0x23a/0x3f0 [ 604.766913][T17911] ? fdget_pos+0x24c/0x360 [ 604.771351][T17911] ? __pfx_lock_release+0x10/0x10 [ 604.776391][T17911] ? trace_lock_acquire+0x14a/0x1d0 [ 604.781600][T17911] ? __pfx_vfs_read+0x10/0x10 [ 604.786281][T17911] ? __pfx___mutex_lock+0x10/0x10 [ 604.791328][T17911] ? __fget_files+0x244/0x3f0 [ 604.796020][T17911] ksys_read+0x12f/0x260 [ 604.800268][T17911] ? __pfx_ksys_read+0x10/0x10 [ 604.805042][T17911] do_syscall_64+0xcd/0x250 [ 604.809552][T17911] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 604.815460][T17911] RIP: 0033:0x7fc66257d15c [ 604.819885][T17911] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 604.839496][T17911] RSP: 002b:00007fc6633a2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 604.847912][T17911] RAX: ffffffffffffffda RBX: 00007fc662735f80 RCX: 00007fc66257d15c [ 604.855884][T17911] RDX: 000000000000000f RSI: 00007fc6633a20a0 RDI: 0000000000000004 [ 604.863858][T17911] RBP: 00007fc6633a2090 R08: 0000000000000000 R09: 0000000000000000 [ 604.872009][T17911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 604.879980][T17911] R13: 0000000000000000 R14: 00007fc662735f80 R15: 00007ffc2a39cc58 [ 604.887983][T17911] [ 604.992105][T17854] Bluetooth: hci2: command 0x0406 tx timeout [ 605.177157][T17918] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2921'. [ 607.057561][T17944] netlink: 'syz.8.2928': attribute type 11 has an invalid length. [ 607.090876][T17944] netlink: 'syz.8.2928': attribute type 11 has an invalid length. [ 609.563653][T17992] netlink: 'syz.9.2938': attribute type 11 has an invalid length. [ 609.595074][T17992] netlink: 'syz.9.2938': attribute type 11 has an invalid length. [ 610.413099][T17960] Bluetooth: hci5: command 0x0406 tx timeout [ 610.419516][T17960] Bluetooth: hci6: command 0x0406 tx timeout [ 611.376738][T18026] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 611.387532][T18026] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 611.395542][T18026] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 611.403465][T18026] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 611.411174][T18026] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 611.419267][T18026] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 612.008066][T18041] chnl_net:caif_netlink_parms(): no params data found [ 612.877273][T18041] bridge0: port 1(bridge_slave_0) entered blocking state [ 612.884688][T18041] bridge0: port 1(bridge_slave_0) entered disabled state [ 612.899453][T18041] bridge_slave_0: entered allmulticast mode [ 612.907032][T18041] bridge_slave_0: entered promiscuous mode [ 612.927923][T18041] bridge0: port 2(bridge_slave_1) entered blocking state [ 612.936319][T18041] bridge0: port 2(bridge_slave_1) entered disabled state [ 612.943966][T18041] bridge_slave_1: entered allmulticast mode [ 612.951119][T18041] bridge_slave_1: entered promiscuous mode [ 612.978717][T18041] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 612.990816][T18041] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 613.232170][T18041] team0: Port device team_slave_0 added [ 613.258403][T18041] team0: Port device team_slave_1 added [ 613.381697][T18041] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 613.430550][T18041] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 613.576485][T18041] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 613.624441][T18041] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 613.737183][T17854] Bluetooth: hci0: command tx timeout [ 613.887905][T18041] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 614.001466][T18041] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 615.596577][T18041] hsr_slave_0: entered promiscuous mode [ 615.652657][T18041] hsr_slave_1: entered promiscuous mode [ 615.899605][T17854] Bluetooth: hci7: command 0x0406 tx timeout [ 615.987019][T18026] Bluetooth: hci0: command tx timeout [ 616.687985][T18122] FAULT_INJECTION: forcing a failure. [ 616.687985][T18122] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 616.777773][T18122] CPU: 1 UID: 0 PID: 18122 Comm: syz.8.2963 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 616.788595][T18122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 616.798672][T18122] Call Trace: [ 616.801968][T18122] [ 616.804916][T18122] dump_stack_lvl+0x16c/0x1f0 [ 616.809619][T18122] should_fail_ex+0x497/0x5b0 [ 616.814316][T18122] _copy_from_user+0x2e/0xd0 [ 616.818935][T18122] __do_sys_landlock_create_ruleset+0x1a2/0x410 [ 616.825202][T18122] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 616.831987][T18122] ? ksys_write+0x1ad/0x260 [ 616.836523][T18122] do_syscall_64+0xcd/0x250 [ 616.841052][T18122] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 616.846975][T18122] RIP: 0033:0x7fc66257e719 [ 616.851406][T18122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 616.871034][T18122] RSP: 002b:00007fc6633a2038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 616.879466][T18122] RAX: ffffffffffffffda RBX: 00007fc662735f80 RCX: 00007fc66257e719 [ 616.887452][T18122] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 00000000200007c0 [ 616.895440][T18122] RBP: 00007fc6633a2090 R08: 0000000000000000 R09: 0000000000000000 [ 616.903453][T18122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 616.911446][T18122] R13: 0000000000000000 R14: 00007fc662735f80 R15: 00007ffc2a39cc58 [ 616.919450][T18122] [ 618.069371][T18129] syz.8.2965(18129): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 618.257110][T18026] Bluetooth: hci0: command tx timeout [ 619.627221][T18041] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 619.709562][T18041] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 619.750571][T18041] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 619.796554][T18041] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 620.143322][T18041] 8021q: adding VLAN 0 to HW filter on device bond0 [ 620.209781][T18041] 8021q: adding VLAN 0 to HW filter on device team0 [ 620.303685][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 620.310855][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 620.363533][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 620.370790][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 620.555776][T18026] Bluetooth: hci0: command tx timeout [ 620.594915][T18041] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 620.605842][T18041] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 621.264563][T18041] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 622.017924][T18041] veth0_vlan: entered promiscuous mode [ 622.069210][T18041] veth1_vlan: entered promiscuous mode [ 622.188853][T18041] veth0_macvtap: entered promiscuous mode [ 622.227959][T18041] veth1_macvtap: entered promiscuous mode [ 622.284326][T18041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 622.338873][T18041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 622.378879][T18041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 622.419384][T18041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 622.444027][T18041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 622.454505][T18041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 622.512364][T18041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 622.542133][T18041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 622.568083][T18041] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 622.588164][T18041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 622.607510][T18041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 622.617370][T18041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 622.651179][T18041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 622.661036][T18041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 622.694788][T18041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 622.704659][T18041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 622.738404][T18041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 622.760981][T18041] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 622.784736][T18041] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 622.802004][T18041] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 622.814754][T18041] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 622.823489][T18041] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 623.434462][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 623.458601][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 623.615298][ T77] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 623.671416][ T77] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 625.909140][T18253] netlink: 229 bytes leftover after parsing attributes in process `syz.4.2979'. [ 630.298680][T18312] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2988'. [ 635.247827][T17854] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 635.258495][T17854] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 635.267732][T17854] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 635.284234][T17854] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 635.292005][T17854] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 635.299402][T17854] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 636.236039][T18344] chnl_net:caif_netlink_parms(): no params data found [ 637.454230][T18344] bridge0: port 1(bridge_slave_0) entered blocking state [ 637.485439][T18344] bridge0: port 1(bridge_slave_0) entered disabled state [ 637.492700][T18344] bridge_slave_0: entered allmulticast mode [ 637.581185][T18344] bridge_slave_0: entered promiscuous mode [ 637.641747][T17854] Bluetooth: hci1: command tx timeout [ 637.664210][T18344] bridge0: port 2(bridge_slave_1) entered blocking state [ 637.703647][T18344] bridge0: port 2(bridge_slave_1) entered disabled state [ 637.710896][T18344] bridge_slave_1: entered allmulticast mode [ 637.748293][T18344] bridge_slave_1: entered promiscuous mode [ 638.438417][T18344] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 638.579032][T18344] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 639.890294][T18344] team0: Port device team_slave_0 added [ 639.910852][T17854] Bluetooth: hci1: command tx timeout [ 640.530985][T18344] team0: Port device team_slave_1 added [ 640.857522][T18344] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 640.864511][T18344] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 641.412100][T18344] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 641.443343][T18344] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 641.485521][T18344] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 641.652220][T18344] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 642.164922][T17854] Bluetooth: hci1: command tx timeout [ 643.500352][T18344] hsr_slave_0: entered promiscuous mode [ 643.795358][T18344] hsr_slave_1: entered promiscuous mode [ 643.881457][T18344] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 643.909864][T18344] Cannot create hsr debugfs directory [ 644.433782][T17854] Bluetooth: hci1: command tx timeout [ 648.546405][T18479] netlink: 121 bytes leftover after parsing attributes in process `syz.8.3008'. [ 653.637039][T18528] netlink: 'syz.4.3016': attribute type 11 has an invalid length. [ 653.683250][T18528] netlink: 'syz.4.3016': attribute type 11 has an invalid length. [ 653.711731][ T77] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 654.240015][ T77] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 655.136027][ T77] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 655.583663][ T77] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 655.817659][T18344] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 655.838895][T18344] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 655.908413][T18344] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 655.965475][T18344] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 656.293035][ T77] bridge_slave_1: left allmulticast mode [ 656.298735][ T77] bridge_slave_1: left promiscuous mode [ 656.338251][ T77] bridge0: port 2(bridge_slave_1) entered disabled state [ 656.361263][ T77] bridge_slave_0: left allmulticast mode [ 656.395110][ T77] bridge_slave_0: left promiscuous mode [ 656.417012][ T77] bridge0: port 1(bridge_slave_0) entered disabled state [ 657.593152][T18579] netlink: 'syz.8.3024': attribute type 11 has an invalid length. [ 657.632571][T18579] netlink: 'syz.8.3024': attribute type 11 has an invalid length. [ 658.441839][T18563] kexec: Could not allocate control_code_buffer [ 658.582478][ T77] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 658.613828][ T77] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 658.653407][ T77] bond0 (unregistering): Released all slaves [ 658.793546][ T77] HSR: left promiscuous mode [ 658.848958][T18344] 8021q: adding VLAN 0 to HW filter on device bond0 [ 658.906046][T18344] 8021q: adding VLAN 0 to HW filter on device team0 [ 659.067437][T18344] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 659.087988][T18344] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 659.575284][T18344] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 659.708516][T18344] veth0_vlan: entered promiscuous mode [ 659.750661][T18344] veth1_vlan: entered promiscuous mode [ 659.833874][T18344] veth0_macvtap: entered promiscuous mode [ 659.854339][T18344] veth1_macvtap: entered promiscuous mode [ 659.919720][T18344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 659.943495][T18344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 659.961234][T18344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 659.987218][T18344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.025422][T18344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 660.063003][T18344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.093390][T18344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 660.124167][T18344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.161652][T18344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 660.198438][T18344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.235418][T18344] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 660.282561][T18344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 660.312420][T18344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.347925][T18344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 660.390064][T18344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.422984][T18344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 660.543952][T18344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.553901][T18344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 660.588583][T18344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.618515][T18344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 660.651981][T18344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.687188][T18344] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 660.714483][T18344] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 660.745458][T18344] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 660.780081][T18344] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 660.805709][T18344] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 661.072793][T14718] bridge0: port 1(bridge_slave_0) entered blocking state [ 661.079979][T14718] bridge0: port 1(bridge_slave_0) entered forwarding state [ 661.088849][T14718] bridge0: port 2(bridge_slave_1) entered blocking state [ 661.095998][T14718] bridge0: port 2(bridge_slave_1) entered forwarding state [ 661.654078][T13143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 661.689115][T13143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 664.837186][T13143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 664.903167][T13143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 666.845081][T18624] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3033'. [ 667.278727][T18629] svc: failed to register nfsdv3 RPC service (errno 512). [ 667.346595][T18629] svc: failed to register nfsaclv3 RPC service (errno 512). [ 668.466798][T18661] netlink: 20 bytes leftover after parsing attributes in process `syz.9.3038'. [ 669.499780][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 669.506103][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 671.276879][ T77] hsr_slave_0: left promiscuous mode [ 671.351677][ T77] hsr_slave_1: left promiscuous mode [ 671.407796][ T77] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 671.465643][ T77] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 671.541466][ T77] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 671.590212][ T77] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 671.742667][ T77] veth1_macvtap: left promiscuous mode [ 671.770276][ T77] veth0_macvtap: left promiscuous mode [ 671.798269][ T77] veth1_vlan: left promiscuous mode [ 671.824856][ T77] veth0_vlan: left promiscuous mode [ 673.124093][ T77] team0 (unregistering): Port device team_slave_1 removed [ 673.195320][ T77] team0 (unregistering): Port device team_slave_0 removed [ 675.501035][T18748] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3061'. [ 682.519870][T18921] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3098'. [ 685.763791][T14728] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 685.955574][T14728] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 686.134510][T14728] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 686.336517][T14728] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 686.990411][T18026] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 686.999448][T18026] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 687.009039][T18026] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 687.017491][T18026] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 687.026589][T18026] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 687.034063][T18026] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 687.637749][T14728] bridge_slave_1: left allmulticast mode [ 687.643809][T14728] bridge_slave_1: left promiscuous mode [ 687.687597][T14728] bridge0: port 2(bridge_slave_1) entered disabled state [ 687.804065][T14728] bridge_slave_0: left allmulticast mode [ 687.809770][T14728] bridge_slave_0: left promiscuous mode [ 687.872582][T14728] bridge0: port 1(bridge_slave_0) entered disabled state [ 689.289909][T18026] Bluetooth: hci2: command tx timeout [ 691.545842][T14728] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 691.555001][T18026] Bluetooth: hci2: command tx timeout [ 691.622928][T14728] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 691.662461][T14728] bond0 (unregistering): Released all slaves [ 691.882889][T14728] HSR: left promiscuous mode [ 692.515874][T19034] chnl_net:caif_netlink_parms(): no params data found [ 693.820807][T18026] Bluetooth: hci2: command tx timeout [ 694.006420][T19034] bridge0: port 1(bridge_slave_0) entered blocking state [ 694.048940][T19034] bridge0: port 1(bridge_slave_0) entered disabled state [ 694.091913][T19034] bridge_slave_0: entered allmulticast mode [ 694.134082][T19034] bridge_slave_0: entered promiscuous mode [ 694.298269][T19034] bridge0: port 2(bridge_slave_1) entered blocking state [ 694.316678][T19116] FAULT_INJECTION: forcing a failure. [ 694.316678][T19116] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 694.364225][T19034] bridge0: port 2(bridge_slave_1) entered disabled state [ 694.400620][T19034] bridge_slave_1: entered allmulticast mode [ 694.449464][T19034] bridge_slave_1: entered promiscuous mode [ 694.467410][T19116] CPU: 0 UID: 0 PID: 19116 Comm: syz.4.3138 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 694.478218][T19116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 694.488288][T19116] Call Trace: [ 694.491576][T19116] [ 694.494605][T19116] dump_stack_lvl+0x16c/0x1f0 [ 694.499320][T19116] should_fail_ex+0x497/0x5b0 [ 694.504015][T19116] ? fs_reclaim_acquire+0xae/0x150 [ 694.509152][T19116] should_fail_alloc_page+0xe7/0x130 [ 694.514468][T19116] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 694.520656][T19116] ? __pfx_lock_release+0x10/0x10 [ 694.525709][T19116] __alloc_pages_noprof+0x190/0x25a0 [ 694.531021][T19116] ? hlock_class+0x4e/0x130 [ 694.535550][T19116] ? mark_lock+0xb5/0xc60 [ 694.539902][T19116] ? page_ext_put+0x48/0xd0 [ 694.544431][T19116] ? __pfx_mark_lock+0x10/0x10 [ 694.549249][T19116] ? hlock_class+0x4e/0x130 [ 694.553775][T19116] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 694.559537][T19116] ? hlock_class+0x4e/0x130 [ 694.564057][T19116] ? __lock_acquire+0xbdd/0x3ce0 [ 694.569020][T19116] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 694.574941][T19116] ? policy_nodemask+0xea/0x4e0 [ 694.579821][T19116] alloc_pages_mpol_noprof+0x2c9/0x610 [ 694.585312][T19116] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 694.591317][T19116] ? trace_lock_acquire+0x14a/0x1d0 [ 694.596561][T19116] pte_alloc_one+0x20/0x360 [ 694.601084][T19116] do_pte_missing+0x1ae0/0x3e50 [ 694.605982][T19116] __handle_mm_fault+0x100a/0x2a10 [ 694.611123][T19116] ? __pfx_mt_find+0x10/0x10 [ 694.615728][T19116] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 694.621388][T19116] ? __pfx___handle_mm_fault+0x10/0x10 [ 694.626887][T19116] ? find_vma+0xc0/0x140 [ 694.631148][T19116] ? __pfx_find_vma+0x10/0x10 [ 694.635850][T19116] handle_mm_fault+0x3fa/0xaa0 [ 694.640657][T19116] do_user_addr_fault+0x7a3/0x13f0 [ 694.645806][T19116] exc_page_fault+0x5c/0xc0 [ 694.650341][T19116] asm_exc_page_fault+0x26/0x30 [ 694.655221][T19116] RIP: 0010:copy_iovec_from_user+0x84/0x170 [ 694.661140][T19116] Code: e8 c1 77 05 fd 4d 85 ff 0f 85 c6 00 00 00 e8 03 76 05 fd 0f 01 cb 0f ae e8 49 bf 00 00 00 00 00 fc ff df e8 ee 75 05 fd 31 db <48> 8b 45 08 31 ff 89 de 49 89 c6 e8 1c 78 05 fd 85 db 0f 85 b1 00 [ 694.680766][T19116] RSP: 0018:ffffc9000e2a78d8 EFLAGS: 00050246 [ 694.686857][T19116] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff84872f9f [ 694.694841][T19116] RDX: ffff88801ef99e00 RSI: ffffffff84872fc2 RDI: 0000000000000006 [ 694.702827][T19116] RBP: 0000000000000000 R08: 0000000000000006 R09: 0000000000000000 [ 694.710813][T19116] R10: 0000000000001060 R11: 0000000000000000 R12: ffff888086e68000 [ 694.718801][T19116] R13: 0000000000000106 R14: 00007fffffffefff R15: dffffc0000000000 [ 694.726796][T19116] ? copy_iovec_from_user+0x5f/0x170 [ 694.732103][T19116] ? copy_iovec_from_user+0x82/0x170 [ 694.737411][T19116] ? copy_iovec_from_user+0x82/0x170 [ 694.742718][T19116] iovec_from_user.part.0+0x65/0x130 [ 694.748029][T19116] __import_iovec+0xd6/0x6d0 [ 694.752655][T19116] import_iovec+0x108/0x140 [ 694.757182][T19116] copy_msghdr_from_user+0xfa/0x160 [ 694.762397][T19116] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 694.768236][T19116] ? __pfx___lock_acquire+0x10/0x10 [ 694.773470][T19116] ___sys_sendmsg+0xff/0x1e0 [ 694.778099][T19116] ? __pfx____sys_sendmsg+0x10/0x10 [ 694.783355][T19116] ? lock_acquire+0x2f/0xb0 [ 694.787897][T19116] ? __fget_files+0x40/0x3f0 [ 694.792527][T19116] ? fdget+0x176/0x210 [ 694.796624][T19116] __sys_sendmmsg+0x1a1/0x450 [ 694.801343][T19116] ? __pfx___sys_sendmmsg+0x10/0x10 [ 694.806564][T19116] ? vfs_write+0x306/0x1150 [ 694.811101][T19116] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 694.817125][T19116] ? fput+0x30/0x390 [ 694.821051][T19116] ? ksys_write+0x1ad/0x260 [ 694.825570][T19116] ? __pfx_ksys_write+0x10/0x10 [ 694.830444][T19116] __x64_sys_sendmmsg+0x9c/0x100 [ 694.835401][T19116] ? lockdep_hardirqs_on+0x7c/0x110 [ 694.840625][T19116] do_syscall_64+0xcd/0x250 [ 694.845173][T19116] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 694.851527][T19116] RIP: 0033:0x7fda8837e719 [ 694.855964][T19116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 694.875681][T19116] RSP: 002b:00007fda8923c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 694.884121][T19116] RAX: ffffffffffffffda RBX: 00007fda88535f80 RCX: 00007fda8837e719 [ 694.892108][T19116] RDX: 0000000000000007 RSI: 0000000020000000 RDI: 0000000000000003 [ 694.900093][T19116] RBP: 00007fda8923c090 R08: 0000000000000000 R09: 0000000000000000 [ 694.908090][T19116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 694.916086][T19116] R13: 0000000000000000 R14: 00007fda88535f80 R15: 00007ffd2e4851b8 [ 694.924097][T19116] [ 695.828010][T19034] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 696.060801][T19034] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 696.090456][T18026] Bluetooth: hci2: command tx timeout [ 696.444325][T19034] team0: Port device team_slave_0 added [ 696.639204][T19034] team0: Port device team_slave_1 added [ 696.950780][T14728] hsr_slave_0: left promiscuous mode [ 697.079406][T14728] hsr_slave_1: left promiscuous mode [ 697.221160][T14728] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 697.256277][T14728] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 697.324424][T14728] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 697.331887][T14728] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 697.548897][T14728] veth1_macvtap: left promiscuous mode [ 697.616026][T14728] veth0_macvtap: left promiscuous mode [ 697.636646][T14728] veth1_vlan: left promiscuous mode [ 697.670684][T14728] veth0_vlan: left promiscuous mode [ 697.747497][T19153] netlink: 'syz.3.3142': attribute type 11 has an invalid length. [ 697.755370][T19153] netlink: 'syz.3.3142': attribute type 11 has an invalid length. [ 700.334906][T14728] team0 (unregistering): Port device team_slave_1 removed [ 700.570047][T14728] team0 (unregistering): Port device team_slave_0 removed [ 701.853018][T19034] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 701.891262][T19034] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 701.968410][T19034] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 702.000517][T19034] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 702.007506][T19034] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 702.080332][T19034] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 702.854850][T19034] hsr_slave_0: entered promiscuous mode [ 702.891608][T19034] hsr_slave_1: entered promiscuous mode [ 703.129069][T19034] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 703.145516][T19034] Cannot create hsr debugfs directory [ 705.986390][T19034] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 706.301665][T19034] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 706.326933][T19193] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 706.379793][T19193] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 706.433720][T19034] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 706.462462][T19034] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 707.285993][T19034] 8021q: adding VLAN 0 to HW filter on device bond0 [ 707.335426][T19034] 8021q: adding VLAN 0 to HW filter on device team0 [ 707.378049][T13143] bridge0: port 1(bridge_slave_0) entered blocking state [ 707.385250][T13143] bridge0: port 1(bridge_slave_0) entered forwarding state [ 707.452591][ T2994] bridge0: port 2(bridge_slave_1) entered blocking state [ 707.459754][ T2994] bridge0: port 2(bridge_slave_1) entered forwarding state [ 708.458550][T19034] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 709.538860][T19034] veth0_vlan: entered promiscuous mode [ 709.560396][T19034] veth1_vlan: entered promiscuous mode [ 709.618256][T19034] veth0_macvtap: entered promiscuous mode [ 709.627371][T19034] veth1_macvtap: entered promiscuous mode [ 709.642319][T19034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 709.652860][T19034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 709.662860][T19034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 709.673436][T19034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 709.683351][T19034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 709.693880][T19034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 709.703781][T19034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 709.714275][T19034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 709.725509][T19034] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 709.737065][T19034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 709.747618][T19034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 709.757596][T19034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 709.768104][T19034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 709.777999][T19034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 709.789200][T19034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 709.799086][T19034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 709.809686][T19034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 709.821000][T19034] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 709.841985][T19034] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 709.850722][T19034] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 709.863537][T19034] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 709.883468][T19034] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 710.731802][ T77] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 710.814394][ T77] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 710.943259][ T2994] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 710.951123][ T2994] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 713.738222][T19351] netlink: 'syz.9.3170': attribute type 11 has an invalid length. [ 713.804179][T19351] netlink: 'syz.9.3170': attribute type 11 has an invalid length. [ 714.007495][T19350] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3168'. [ 721.218394][T17854] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 721.228444][T17854] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 721.237689][T17854] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 721.247058][T17854] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 721.254911][T17854] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 721.413246][T17854] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 722.200768][T14718] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 722.351673][T14718] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 722.816490][T14718] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 722.911417][T19531] netlink: 'syz.3.3199': attribute type 11 has an invalid length. [ 723.072320][T19531] netlink: 'syz.3.3199': attribute type 11 has an invalid length. [ 723.256438][T14718] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 723.547845][T19536] netlink: 'syz.9.3198': attribute type 11 has an invalid length. [ 723.581362][T19536] netlink: 'syz.9.3198': attribute type 11 has an invalid length. [ 723.671507][T17854] Bluetooth: hci0: command tx timeout [ 723.972307][T19546] FAULT_INJECTION: forcing a failure. [ 723.972307][T19546] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 724.040304][T19546] CPU: 1 UID: 0 PID: 19546 Comm: syz.3.3200 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 724.051121][T19546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 724.061210][T19546] Call Trace: [ 724.064509][T19546] [ 724.067457][T19546] dump_stack_lvl+0x16c/0x1f0 [ 724.072177][T19546] should_fail_ex+0x497/0x5b0 [ 724.076886][T19546] ? fs_reclaim_acquire+0xae/0x150 [ 724.082035][T19546] should_fail_alloc_page+0xe7/0x130 [ 724.087454][T19546] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 724.093647][T19546] ? __pfx_mark_lock+0x10/0x10 [ 724.098453][T19546] __alloc_pages_noprof+0x190/0x25a0 [ 724.103780][T19546] ? __pfx_mark_lock+0x10/0x10 [ 724.108578][T19546] ? lock_acquire.part.0+0x11b/0x380 [ 724.113902][T19546] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 724.119666][T19546] ? hlock_class+0x4e/0x130 [ 724.124196][T19546] ? __lock_acquire+0xbdd/0x3ce0 [ 724.129184][T19546] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 724.135122][T19546] ? policy_nodemask+0xea/0x4e0 [ 724.140016][T19546] alloc_pages_mpol_noprof+0x2c9/0x610 [ 724.145523][T19546] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 724.151553][T19546] ? find_held_lock+0x2d/0x110 [ 724.156355][T19546] folio_alloc_mpol_noprof+0x36/0xd0 [ 724.161696][T19546] shmem_alloc_folio+0x135/0x160 [ 724.166664][T19546] shmem_alloc_and_add_folio+0x48b/0xc00 [ 724.172337][T19546] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 724.178613][T19546] ? shmem_allowable_huge_orders+0xcd/0x3f0 [ 724.184539][T19546] shmem_get_folio_gfp+0x689/0x1530 [ 724.189776][T19546] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 724.195438][T19546] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 724.200836][T19546] ? __pfx___might_resched+0x10/0x10 [ 724.206151][T19546] shmem_fallocate+0x7c0/0xfb0 [ 724.210960][T19546] ? __pfx_shmem_fallocate+0x10/0x10 [ 724.216275][T19546] ? __pfx___lock_acquire+0x10/0x10 [ 724.221518][T19546] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 724.227179][T19546] ? rcu_is_watching+0x12/0xc0 [ 724.231966][T19546] ? trace_lock_acquire+0x14a/0x1d0 [ 724.237186][T19546] ? __x64_sys_fallocate+0xd9/0x150 [ 724.242412][T19546] ? __pfx_shmem_fallocate+0x10/0x10 [ 724.247728][T19546] vfs_fallocate+0x459/0xf90 [ 724.252350][T19546] __x64_sys_fallocate+0xd9/0x150 [ 724.257405][T19546] do_syscall_64+0xcd/0x250 [ 724.261932][T19546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 724.267850][T19546] RIP: 0033:0x7f94ebd7e719 [ 724.272283][T19546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 724.292003][T19546] RSP: 002b:00007f94eb7ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 724.300444][T19546] RAX: ffffffffffffffda RBX: 00007f94ebf36058 RCX: 00007f94ebd7e719 [ 724.308433][T19546] RDX: 000000000000000d RSI: 0000000000000000 RDI: 8000000000000003 [ 724.316419][T19546] RBP: 00007f94eb7ff090 R08: 0000000000000000 R09: 0000000000000000 [ 724.324406][T19546] R10: 00000000000cbd5d R11: 0000000000000246 R12: 0000000000000001 [ 724.332393][T19546] R13: 0000000000000000 R14: 00007f94ebf36058 R15: 00007ffede6e8df8 [ 724.340399][T19546] [ 724.523176][T14718] bridge_slave_1: left allmulticast mode [ 724.528863][T14718] bridge_slave_1: left promiscuous mode [ 724.535413][T14718] bridge0: port 2(bridge_slave_1) entered disabled state [ 724.545153][T14718] bridge_slave_0: left allmulticast mode [ 724.550824][T14718] bridge_slave_0: left promiscuous mode [ 724.794124][T14718] bridge0: port 1(bridge_slave_0) entered disabled state [ 725.938730][T17854] Bluetooth: hci0: command tx timeout [ 726.008436][T14718] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 726.031287][T14718] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 726.043862][T14718] bond0 (unregistering): Released all slaves [ 726.381406][T19523] chnl_net:caif_netlink_parms(): no params data found [ 726.961815][T19587] FAULT_INJECTION: forcing a failure. [ 726.961815][T19587] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 726.994911][T19523] bridge0: port 1(bridge_slave_0) entered blocking state [ 727.005383][T19523] bridge0: port 1(bridge_slave_0) entered disabled state [ 727.013490][T19587] CPU: 1 UID: 0 PID: 19587 Comm: syz.9.3208 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 727.024285][T19587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 727.034373][T19587] Call Trace: [ 727.037663][T19587] [ 727.040614][T19587] dump_stack_lvl+0x16c/0x1f0 [ 727.045318][T19587] should_fail_ex+0x497/0x5b0 [ 727.050019][T19587] ? fs_reclaim_acquire+0xae/0x150 [ 727.055162][T19587] should_fail_alloc_page+0xe7/0x130 [ 727.060485][T19587] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 727.066667][T19587] ? __pfx_mark_lock+0x10/0x10 [ 727.071460][T19587] __alloc_pages_noprof+0x190/0x25a0 [ 727.076782][T19587] ? __pfx_mark_lock+0x10/0x10 [ 727.081576][T19587] ? lock_acquire.part.0+0x11b/0x380 [ 727.086903][T19587] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 727.092663][T19587] ? hlock_class+0x4e/0x130 [ 727.097197][T19587] ? __lock_acquire+0xbdd/0x3ce0 [ 727.102182][T19587] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 727.108123][T19587] ? policy_nodemask+0xea/0x4e0 [ 727.113009][T19587] alloc_pages_mpol_noprof+0x2c9/0x610 [ 727.118521][T19587] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 727.124554][T19587] ? find_held_lock+0x2d/0x110 [ 727.129452][T19587] folio_alloc_mpol_noprof+0x36/0xd0 [ 727.134781][T19587] shmem_alloc_folio+0x135/0x160 [ 727.139748][T19587] shmem_alloc_and_add_folio+0x48b/0xc00 [ 727.145425][T19587] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 727.151621][T19587] ? shmem_allowable_huge_orders+0xcd/0x3f0 [ 727.157548][T19587] shmem_get_folio_gfp+0x689/0x1530 [ 727.162782][T19587] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 727.168439][T19587] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 727.173838][T19587] ? __pfx___might_resched+0x10/0x10 [ 727.179151][T19587] shmem_fallocate+0x7c0/0xfb0 [ 727.183959][T19587] ? __pfx_shmem_fallocate+0x10/0x10 [ 727.189292][T19587] ? __pfx___lock_acquire+0x10/0x10 [ 727.194551][T19587] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 727.200216][T19587] ? rcu_is_watching+0x12/0xc0 [ 727.205003][T19587] ? trace_lock_acquire+0x14a/0x1d0 [ 727.210241][T19587] ? __x64_sys_fallocate+0xd9/0x150 [ 727.215472][T19587] ? __pfx_shmem_fallocate+0x10/0x10 [ 727.220783][T19587] vfs_fallocate+0x459/0xf90 [ 727.225403][T19587] __x64_sys_fallocate+0xd9/0x150 [ 727.230457][T19587] do_syscall_64+0xcd/0x250 [ 727.234981][T19587] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 727.240908][T19587] RIP: 0033:0x7f4a4c37e719 [ 727.245340][T19587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 727.264981][T19587] RSP: 002b:00007f4a4d23a038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 727.273430][T19587] RAX: ffffffffffffffda RBX: 00007f4a4c535f80 RCX: 00007f4a4c37e719 [ 727.281422][T19587] RDX: 000000000000000d RSI: 0000000000000000 RDI: 8000000000000003 [ 727.289418][T19587] RBP: 00007f4a4d23a090 R08: 0000000000000000 R09: 0000000000000000 [ 727.297405][T19587] R10: 00000000000cbd5d R11: 0000000000000246 R12: 0000000000000002 [ 727.305393][T19587] R13: 0000000000000000 R14: 00007f4a4c535f80 R15: 00007fff63f64408 [ 727.313403][T19587] [ 727.335136][T19523] bridge_slave_0: entered allmulticast mode [ 727.342219][T19523] bridge_slave_0: entered promiscuous mode [ 727.392525][T19523] bridge0: port 2(bridge_slave_1) entered blocking state [ 727.399654][T19523] bridge0: port 2(bridge_slave_1) entered disabled state [ 727.435682][T19523] bridge_slave_1: entered allmulticast mode [ 727.442840][T19523] bridge_slave_1: entered promiscuous mode [ 727.718386][T19605] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3215'. [ 727.734008][T19523] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 727.769216][T19523] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 727.802918][T19607] netlink: 'syz.0.3214': attribute type 11 has an invalid length. [ 727.824535][T19607] netlink: 'syz.0.3214': attribute type 11 has an invalid length. [ 728.015179][T19523] team0: Port device team_slave_0 added [ 728.036971][T19523] team0: Port device team_slave_1 added [ 728.114699][T14718] hsr_slave_0: left promiscuous mode [ 728.142241][T14718] hsr_slave_1: left promiscuous mode [ 728.157488][T14718] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 728.165874][T14718] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 728.191820][T14718] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 728.205815][T14718] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 728.218427][T17854] Bluetooth: hci0: command tx timeout [ 728.249620][T14718] veth1_macvtap: left promiscuous mode [ 728.266085][T14718] veth0_macvtap: left promiscuous mode [ 728.272552][T14718] veth1_vlan: left promiscuous mode [ 728.278175][T14718] veth0_vlan: left promiscuous mode [ 729.145159][T14718] team0 (unregistering): Port device team_slave_1 removed [ 729.205077][T14718] team0 (unregistering): Port device team_slave_0 removed [ 730.084436][T19523] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 730.091956][T19523] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 730.223512][T19523] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 730.279989][T19523] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 730.286984][T19523] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 730.408184][T19523] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 730.444009][T19644] FAULT_INJECTION: forcing a failure. [ 730.444009][T19644] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 730.471083][T17854] Bluetooth: hci0: command tx timeout [ 730.512472][T19644] CPU: 0 UID: 0 PID: 19644 Comm: syz.3.3221 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 730.523333][T19644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 730.533426][T19644] Call Trace: [ 730.536725][T19644] [ 730.539658][T19644] dump_stack_lvl+0x16c/0x1f0 [ 730.544373][T19644] should_fail_ex+0x497/0x5b0 [ 730.549095][T19644] ? fs_reclaim_acquire+0xae/0x150 [ 730.554254][T19644] should_fail_alloc_page+0xe7/0x130 [ 730.559586][T19644] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 730.565785][T19644] ? __pfx_mark_lock+0x10/0x10 [ 730.570593][T19644] __alloc_pages_noprof+0x190/0x25a0 [ 730.575919][T19644] ? __pfx_mark_lock+0x10/0x10 [ 730.580707][T19644] ? lock_acquire.part.0+0x11b/0x380 [ 730.586012][T19644] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 730.591758][T19644] ? hlock_class+0x4e/0x130 [ 730.596271][T19644] ? __lock_acquire+0xbdd/0x3ce0 [ 730.601231][T19644] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 730.607144][T19644] ? policy_nodemask+0xea/0x4e0 [ 730.612014][T19644] alloc_pages_mpol_noprof+0x2c9/0x610 [ 730.617503][T19644] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 730.623522][T19644] ? find_held_lock+0x2d/0x110 [ 730.628308][T19644] folio_alloc_mpol_noprof+0x36/0xd0 [ 730.633621][T19644] shmem_alloc_folio+0x135/0x160 [ 730.638571][T19644] shmem_alloc_and_add_folio+0x48b/0xc00 [ 730.644217][T19644] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 730.650390][T19644] ? shmem_allowable_huge_orders+0xcd/0x3f0 [ 730.656299][T19644] shmem_get_folio_gfp+0x689/0x1530 [ 730.661521][T19644] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 730.667169][T19644] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 730.672550][T19644] ? __pfx___might_resched+0x10/0x10 [ 730.677847][T19644] shmem_fallocate+0x7c0/0xfb0 [ 730.682632][T19644] ? __pfx_shmem_fallocate+0x10/0x10 [ 730.687932][T19644] ? __pfx___lock_acquire+0x10/0x10 [ 730.693156][T19644] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 730.698811][T19644] ? rcu_is_watching+0x12/0xc0 [ 730.703584][T19644] ? trace_lock_acquire+0x14a/0x1d0 [ 730.708792][T19644] ? __x64_sys_fallocate+0xd9/0x150 [ 730.714089][T19644] ? __pfx_shmem_fallocate+0x10/0x10 [ 730.719390][T19644] vfs_fallocate+0x459/0xf90 [ 730.723992][T19644] __x64_sys_fallocate+0xd9/0x150 [ 730.729030][T19644] do_syscall_64+0xcd/0x250 [ 730.733541][T19644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 730.739450][T19644] RIP: 0033:0x7f94ebd7e719 [ 730.743886][T19644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 730.763518][T19644] RSP: 002b:00007f94eca8f038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 730.771944][T19644] RAX: ffffffffffffffda RBX: 00007f94ebf35f80 RCX: 00007f94ebd7e719 [ 730.779917][T19644] RDX: 000000000000000d RSI: 0000000000000000 RDI: 8000000000000003 [ 730.787893][T19644] RBP: 00007f94eca8f090 R08: 0000000000000000 R09: 0000000000000000 [ 730.795868][T19644] R10: 00000000000cbd5d R11: 0000000000000246 R12: 0000000000000002 [ 730.803846][T19644] R13: 0000000000000000 R14: 00007f94ebf35f80 R15: 00007ffede6e8df8 [ 730.811837][T19644] [ 731.351972][T19523] hsr_slave_0: entered promiscuous mode [ 731.381592][T19523] hsr_slave_1: entered promiscuous mode [ 732.339034][T19686] netlink: 'syz.9.3227': attribute type 11 has an invalid length. [ 732.385256][T19686] netlink: 'syz.9.3227': attribute type 11 has an invalid length. [ 733.771963][T19523] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 733.942050][T19523] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 734.024406][T19523] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 734.247629][T19523] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 734.683016][T19523] 8021q: adding VLAN 0 to HW filter on device bond0 [ 734.758770][T19523] 8021q: adding VLAN 0 to HW filter on device team0 [ 734.788757][T14718] bridge0: port 1(bridge_slave_0) entered blocking state [ 734.795940][T14718] bridge0: port 1(bridge_slave_0) entered forwarding state [ 734.961321][T19737] mmap: syz.0.3236 (19737): VmData 37396480 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 735.044372][T14712] bridge0: port 2(bridge_slave_1) entered blocking state [ 735.051562][T14712] bridge0: port 2(bridge_slave_1) entered forwarding state [ 735.378453][T14718] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 735.556134][T14718] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 735.864347][T14718] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 736.131160][T14718] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 736.250467][T19523] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 736.499174][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 736.505525][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 736.575629][T18026] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 736.675597][T18026] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 736.710882][T19780] FAULT_INJECTION: forcing a failure. [ 736.710882][T19780] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 736.758200][T14718] bridge_slave_1: left allmulticast mode [ 736.763897][T14718] bridge_slave_1: left promiscuous mode [ 736.776108][T18026] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 736.785236][T18026] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 736.794131][T18026] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 736.801673][T18026] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 736.812155][T14718] bridge0: port 2(bridge_slave_1) entered disabled state [ 736.839288][T14718] bridge_slave_0: left allmulticast mode [ 736.861746][T14718] bridge_slave_0: left promiscuous mode [ 736.941619][T14718] bridge0: port 1(bridge_slave_0) entered disabled state [ 737.013535][T19780] CPU: 0 UID: 0 PID: 19780 Comm: syz.3.3243 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 737.024369][T19780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 737.034455][T19780] Call Trace: [ 737.037745][T19780] [ 737.040692][T19780] dump_stack_lvl+0x16c/0x1f0 [ 737.045404][T19780] should_fail_ex+0x497/0x5b0 [ 737.050101][T19780] ? fs_reclaim_acquire+0xae/0x150 [ 737.055238][T19780] should_fail_alloc_page+0xe7/0x130 [ 737.060564][T19780] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 737.066743][T19780] ? __pfx_mark_lock+0x10/0x10 [ 737.071545][T19780] __alloc_pages_noprof+0x190/0x25a0 [ 737.076866][T19780] ? __pfx_mark_lock+0x10/0x10 [ 737.081659][T19780] ? lock_acquire.part.0+0x11b/0x380 [ 737.086978][T19780] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 737.092745][T19780] ? hlock_class+0x4e/0x130 [ 737.097274][T19780] ? __lock_acquire+0xbdd/0x3ce0 [ 737.102245][T19780] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 737.108172][T19780] ? policy_nodemask+0xea/0x4e0 [ 737.113058][T19780] alloc_pages_mpol_noprof+0x2c9/0x610 [ 737.118556][T19780] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 737.124570][T19780] ? find_held_lock+0x2d/0x110 [ 737.129363][T19780] folio_alloc_mpol_noprof+0x36/0xd0 [ 737.134684][T19780] shmem_alloc_folio+0x135/0x160 [ 737.142266][T19780] shmem_alloc_and_add_folio+0x48b/0xc00 [ 737.147953][T19780] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 737.154142][T19780] ? shmem_allowable_huge_orders+0xcd/0x3f0 [ 737.160083][T19780] shmem_get_folio_gfp+0x689/0x1530 [ 737.165414][T19780] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 737.171078][T19780] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 737.176477][T19780] ? __pfx___might_resched+0x10/0x10 [ 737.181791][T19780] shmem_fallocate+0x7c0/0xfb0 [ 737.186608][T19780] ? __pfx_shmem_fallocate+0x10/0x10 [ 737.191924][T19780] ? __pfx___lock_acquire+0x10/0x10 [ 737.197175][T19780] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 737.202851][T19780] ? rcu_is_watching+0x12/0xc0 [ 737.207645][T19780] ? trace_lock_acquire+0x14a/0x1d0 [ 737.212868][T19780] ? __x64_sys_fallocate+0xd9/0x150 [ 737.218124][T19780] ? __pfx_shmem_fallocate+0x10/0x10 [ 737.223524][T19780] vfs_fallocate+0x459/0xf90 [ 737.228146][T19780] __x64_sys_fallocate+0xd9/0x150 [ 737.233199][T19780] do_syscall_64+0xcd/0x250 [ 737.237725][T19780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 737.243645][T19780] RIP: 0033:0x7f94ebd7e719 [ 737.248077][T19780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 737.267705][T19780] RSP: 002b:00007f94eca8f038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 737.276139][T19780] RAX: ffffffffffffffda RBX: 00007f94ebf35f80 RCX: 00007f94ebd7e719 [ 737.284127][T19780] RDX: 000000000000000d RSI: 0000000000000000 RDI: 8000000000000003 [ 737.292112][T19780] RBP: 00007f94eca8f090 R08: 0000000000000000 R09: 0000000000000000 [ 737.300099][T19780] R10: 00000000000cbd5d R11: 0000000000000246 R12: 0000000000000002 [ 737.308084][T19780] R13: 0000000000000000 R14: 00007f94ebf35f80 R15: 00007ffede6e8df8 [ 737.316096][T19780] [ 738.992659][T14718] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 739.013954][T14718] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 739.044407][T14718] bond0 (unregistering): Released all slaves [ 739.106376][T17854] Bluetooth: hci3: command tx timeout [ 739.963516][T19523] veth0_vlan: entered promiscuous mode [ 740.014147][T19523] veth1_vlan: entered promiscuous mode [ 740.318408][T19523] veth0_macvtap: entered promiscuous mode [ 740.328180][T19523] veth1_macvtap: entered promiscuous mode [ 740.647135][T19523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 740.681243][T19523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 740.692214][T18026] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 740.702282][T18026] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 740.710337][T18026] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 740.718851][T18026] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 740.727808][T18026] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 740.736213][T18026] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 740.820253][T19523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 740.836790][T19523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 740.846637][T19523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 740.888065][T19523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 740.899571][T19523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 740.913290][T19523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 740.931344][T19523] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 741.117061][T19523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 741.202882][T19523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 741.239884][T19523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 741.261777][T19523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 741.316698][T19523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 741.327169][T19523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 741.369068][T19523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 741.416745][T17854] Bluetooth: hci3: command tx timeout [ 741.422299][T19523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 741.443730][T19523] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 741.727183][T19779] chnl_net:caif_netlink_parms(): no params data found [ 741.760930][T19523] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 741.794456][T19523] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 741.818286][T19523] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 741.827041][T19523] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 742.478435][T19779] bridge0: port 1(bridge_slave_0) entered blocking state [ 742.486337][T19779] bridge0: port 1(bridge_slave_0) entered disabled state [ 742.493603][T19779] bridge_slave_0: entered allmulticast mode [ 742.501800][T19779] bridge_slave_0: entered promiscuous mode [ 742.511227][T19779] bridge0: port 2(bridge_slave_1) entered blocking state [ 742.586624][T19779] bridge0: port 2(bridge_slave_1) entered disabled state [ 742.600693][T19779] bridge_slave_1: entered allmulticast mode [ 742.639941][T19779] bridge_slave_1: entered promiscuous mode [ 743.030426][T17854] Bluetooth: hci2: command tx timeout [ 743.288376][T19779] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 743.348122][T19779] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 743.580259][T14724] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 743.641627][T17854] Bluetooth: hci3: command tx timeout [ 743.656163][T14724] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 743.666263][T19779] team0: Port device team_slave_0 added [ 743.692475][T19779] team0: Port device team_slave_1 added [ 743.974883][T19821] chnl_net:caif_netlink_parms(): no params data found [ 744.020795][T19779] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 744.043233][T19779] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 744.093376][T19779] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 744.150826][T19779] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 744.183188][T19779] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 744.276662][T19779] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 744.320857][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 744.365963][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 744.644185][T19779] hsr_slave_0: entered promiscuous mode [ 744.677788][T19779] hsr_slave_1: entered promiscuous mode [ 744.745677][T19779] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 744.794506][T19779] Cannot create hsr debugfs directory [ 744.970919][T19821] bridge0: port 1(bridge_slave_0) entered blocking state [ 745.003290][T19821] bridge0: port 1(bridge_slave_0) entered disabled state [ 745.010576][T19821] bridge_slave_0: entered allmulticast mode [ 745.065720][T19821] bridge_slave_0: entered promiscuous mode [ 745.200273][T19821] bridge0: port 2(bridge_slave_1) entered blocking state [ 745.254783][T19821] bridge0: port 2(bridge_slave_1) entered disabled state [ 745.262043][T19821] bridge_slave_1: entered allmulticast mode [ 745.297678][T17854] Bluetooth: hci2: command tx timeout [ 745.353737][T19821] bridge_slave_1: entered promiscuous mode [ 745.520732][T19821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 745.693678][T19821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 745.837942][T19821] team0: Port device team_slave_0 added [ 745.913976][T17854] Bluetooth: hci3: command tx timeout [ 745.955473][T19821] team0: Port device team_slave_1 added [ 746.197492][T19821] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 746.225223][T19821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 746.350722][T19821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 746.430357][T19821] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 746.486621][T19821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 746.562360][T19821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 747.305145][T14718] hsr_slave_0: left promiscuous mode [ 747.318313][T14718] hsr_slave_1: left promiscuous mode [ 747.340796][T14718] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 747.359745][T14718] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 747.403577][T14718] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 747.433898][T14718] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 747.501779][T14718] veth1_macvtap: left promiscuous mode [ 747.507372][T14718] veth0_macvtap: left promiscuous mode [ 747.522258][T14718] veth1_vlan: left promiscuous mode [ 747.527603][T14718] veth0_vlan: left promiscuous mode [ 747.566060][T17854] Bluetooth: hci2: command tx timeout [ 749.699898][T14718] team0 (unregistering): Port device team_slave_1 removed [ 749.840874][T17854] Bluetooth: hci2: command tx timeout [ 749.862439][T14718] team0 (unregistering): Port device team_slave_0 removed [ 751.176212][ T30] INFO: task syz.1.2858:17595 blocked for more than 143 seconds. [ 751.183984][ T30] Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 751.202950][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 751.214023][ T30] task:syz.1.2858 state:D stack:27488 pid:17595 tgid:17590 ppid:14497 flags:0x00004006 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 751.543711][ T30] Call Trace: [ 751.562551][ T30] [ 751.565559][ T30] __schedule+0xe55/0x5730 [ 751.581881][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 751.587150][ T30] ? find_held_lock+0x2d/0x110 [ 751.600099][ T30] ? __pfx___schedule+0x10/0x10 [ 751.605469][ T30] ? schedule+0x298/0x350 [ 751.611440][ T30] ? __pfx_lock_release+0x10/0x10 [ 751.622789][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 751.628037][ T30] ? lock_acquire+0x2f/0xb0 [ 751.632569][ T30] ? schedule+0x1fd/0x350 [ 751.662890][ T30] schedule+0xe7/0x350 [ 751.677457][ T30] schedule_timeout+0x258/0x2a0 [ 751.682371][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 751.687793][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 751.721369][ T30] __wait_for_common+0x3e1/0x600 [ 751.726377][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 751.761603][ T30] ? __pfx___wait_for_common+0x10/0x10 [ 751.775693][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 751.781146][ T30] wait_for_completion_state+0x1c/0x40 [ 751.817689][ T30] do_coredump+0x82f/0x4160 [ 751.822694][ T30] ? hlock_class+0x4e/0x130 [ 751.827242][ T30] ? stack_depot_save_flags+0x28/0x900 [ 751.871144][ T30] ? __pfx_do_coredump+0x10/0x10 [ 751.876218][ T30] ? kmem_cache_free+0x152/0x4b0 [ 751.881193][ T30] ? syscall_exit_to_user_mode+0x150/0x2a0 [ 751.925642][ T30] ? do_syscall_64+0xda/0x250 [ 751.932054][ T30] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 751.938229][ T30] get_signal+0x237c/0x26d0 [ 751.970970][ T30] ? __pfx_force_sigsegv+0x10/0x10 [ 751.991201][ T30] ? __pfx_get_signal+0x10/0x10 [ 752.004712][ T30] arch_do_signal_or_restart+0x90/0x7e0 [ 752.010344][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 752.034813][ T30] ? rcu_is_watching+0x12/0xc0 [ 752.049424][ T30] syscall_exit_to_user_mode+0x150/0x2a0 [ 752.056864][ T30] do_syscall_64+0xda/0x250 [ 752.068897][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 752.076563][ T30] RIP: 0033:0x7f93d5e403c0 [ 752.090472][ T30] RSP: 002b:00007f93d59bca78 EFLAGS: 00000246 ORIG_RAX: 000000000000014e [ 752.100515][ T30] RAX: 0000000000000000 RBX: 00007f93d6136130 RCX: 00007f93d5f7e719 [ 752.113782][ T30] RDX: 00007f93d59bca80 RSI: 00007f93d59bcbb0 RDI: 000000000000000b [ 752.121805][ T30] RBP: 00007f93d5ff132e R08: 0000000000000000 R09: 0000000000000000 [ 752.138050][ T30] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 752.146069][ T30] R13: 0000000000000000 R14: 00007f93d6136130 R15: 00007ffcc68601b8 [ 752.163297][ T30] [ 752.181381][ T30] [ 752.181381][ T30] Showing all locks held in the system: [ 752.189151][ T30] 1 lock held by khungtaskd/30: [ 752.255421][ T30] #0: ffffffff8ddb7800 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x7f/0x390 [ 752.265372][ T30] 3 locks held by kworker/u8:3/52: [ 752.320028][ T30] #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1212/0x1b30 [ 752.376916][ T30] #1: ffffc90000bd7d80 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30 [ 752.408016][ T30] #2: ffffffff8fac4da8 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0x51/0xc0 [ 752.417203][ T30] 1 lock held by dhcpcd/5509: [ 752.470938][ T30] #0: ffffffff8fac4da8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 752.492413][ T30] 2 locks held by getty/5595: [ 752.503400][ T30] #0: ffff8880355e10a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 752.548426][ T30] #1: ffffc90002efe2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfba/0x1480 [ 752.573713][ T30] 2 locks held by kworker/1:4/5878: [ 752.578965][ T30] 4 locks held by kworker/u8:18/14718: [ 752.594263][ T30] #0: ffff88801baed948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1212/0x1b30 [ 752.614840][ T30] #1: ffffc9000c1a7d80 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30 [ 752.625536][ T30] #2: ffffffff8faaf110 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xbb/0xb40 [ 752.644727][ T30] #3: ffffffff8fac4da8 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0x8f/0x9b0 [ 752.655350][ T30] 1 lock held by syz.1.2858/17591: [ 752.669056][ T30] 3 locks held by syz.3.3183/19444: [ 752.674949][ T30] #0: ffff88808803cd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x26/0x90 [ 752.698169][ T30] #1: ffff88808803c078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x34c/0x1260 [ 752.713076][ T30] #2: ffffffff8fd2a8c8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xc4/0x260 [ 752.733797][ T30] 7 locks held by syz-executor/19779: [ 752.739410][ T30] #0: ffff8880359e2420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12f/0x260 [ 752.757474][ T30] #1: ffff88807f99a888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x27b/0x500 [ 752.767693][ T30] #2: ffff888028254008 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500 [ 752.787044][ T30] #3: ffffffff8f06ac28 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xd2/0x4b0 [ 752.797698][ T30] #4: ffff8880640580e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xa4/0x610 [ 752.822756][ T30] #5: ffff888064059250 (&devlink->lock_key){+.+.}-{3:3}, at: nsim_drv_remove+0x4a/0x1d0 [ 752.832694][ T30] #6: ffffffff8fac4da8 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x6f/0x6b0 [ 752.851543][ T30] 1 lock held by syz-executor/19821: [ 752.858460][ T30] #0: ffffffff8fac4da8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 752.875844][ T30] 3 locks held by syz.6.3252/19904: [ 752.882847][ T30] #0: ffff888084858d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x26/0x90 [ 752.901367][ T30] #1: ffff888084858078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x34c/0x1260 [ 752.917609][ T30] #2: ffffffff8ddc30f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock+0x1a4/0x3b0 [ 752.930507][ T30] 1 lock held by syz.6.3255/19919: [ 752.949996][ T30] #0: ffffffff8fac4da8 (rtnl_mutex){+.+.}-{3:3}, at: ip_rt_ioctl+0xfd/0x15c0 [ 753.030333][ T30] [ 753.032711][ T30] ============================================= [ 753.032711][ T30] [ 753.102589][ T30] NMI backtrace for cpu 0 [ 753.106965][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 753.117483][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 753.127552][ T30] Call Trace: [ 753.130850][ T30] [ 753.133794][ T30] dump_stack_lvl+0x116/0x1f0 [ 753.138498][ T30] nmi_cpu_backtrace+0x27b/0x390 [ 753.143462][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 753.149477][ T30] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 753.155487][ T30] watchdog+0xf0c/0x1240 [ 753.159763][ T30] ? __pfx_watchdog+0x10/0x10 [ 753.164468][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 753.169693][ T30] ? __kthread_parkme+0x148/0x220 [ 753.174748][ T30] ? __pfx_watchdog+0x10/0x10 [ 753.179458][ T30] kthread+0x2c1/0x3a0 [ 753.183576][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 753.188811][ T30] ? __pfx_kthread+0x10/0x10 [ 753.193434][ T30] ret_from_fork+0x45/0x80 [ 753.197877][ T30] ? __pfx_kthread+0x10/0x10 [ 753.202498][ T30] ret_from_fork_asm+0x1a/0x30 [ 753.207317][ T30] [ 753.211377][ T30] Sending NMI from CPU 0 to CPUs 1: [ 753.217036][ C1] NMI backtrace for cpu 1 [ 753.217049][ C1] CPU: 1 UID: 0 PID: 17591 Comm: syz.1.2858 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 753.217075][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 753.217086][ C1] RIP: 0010:sha256_transform_rorx+0x319/0x1120 [ 753.217114][ C1] Code: 44 01 fa 01 f2 48 8d 35 d5 c7 37 0c c5 55 fe 0c 3e c5 7d 7f 4c 3c 20 89 d6 c4 63 7b f0 e8 19 c4 63 7b f0 f0 0b 44 03 44 3c 20 <44> 09 d6 c4 e3 5d 0f c7 04 41 89 df c4 63 7b f0 e2 0d 45 31 f5 41 [ 753.217135][ C1] RSP: 0018:ffffc9000be5f200 EFLAGS: 00000212 [ 753.217152][ C1] RAX: 000000004cc330ef RBX: 00000000136ab07a RCX: 00000000057c3e02 [ 753.217166][ C1] RDX: 000000009926777b RSI: 000000009926777b RDI: 0000000000000080 [ 753.217180][ C1] RBP: ffffc9000be5f420 R08: 00000000527c5446 R09: 000000002e2c5678 [ 753.217195][ C1] R10: 000000008754dfd7 R11: 0000000080facb79 R12: 0000000000284278 [ 753.217209][ C1] R13: 00000000619877a6 R14: 000000001de99866 R15: 0000000078513225 [ 753.217223][ C1] FS: 00007f93d59ff6c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 753.217245][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 753.217260][ C1] CR2: 0000001b2e51cff8 CR3: 000000006ba74000 CR4: 00000000003526f0 [ 753.217274][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 753.217287][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 753.217301][ C1] Call Trace: [ 753.217307][ C1] [ 753.217315][ C1] ? nmi_cpu_backtrace+0x1d8/0x390 [ 753.217343][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 753.217372][ C1] ? nmi_handle+0x1a9/0x5c0 [ 753.217394][ C1] ? sha256_transform_rorx+0x319/0x1120 [ 753.217416][ C1] ? default_do_nmi+0x6a/0x160 [ 753.217440][ C1] ? exc_nmi+0x170/0x1e0 [ 753.217462][ C1] ? end_repeat_nmi+0xf/0x53 [ 753.217496][ C1] ? sha256_transform_rorx+0x319/0x1120 [ 753.217518][ C1] ? sha256_transform_rorx+0x319/0x1120 [ 753.217541][ C1] ? sha256_transform_rorx+0x319/0x1120 [ 753.217563][ C1] [ 753.217570][ C1] [ 753.217584][ C1] ? __kernel_read+0x683/0xb50 [ 753.217607][ C1] ? __pfx___kernel_read+0x10/0x10 [ 753.217635][ C1] ? kernel_fpu_begin_mask+0x168/0x270 [ 753.217660][ C1] ? __pfx_kernel_fpu_begin_mask+0x10/0x10 [ 753.217687][ C1] ? integrity_kernel_read+0x7f/0xb0 [ 753.217719][ C1] _sha256_update+0x17e/0x220 [ 753.217740][ C1] ? __pfx_sha256_transform_rorx+0x10/0x10 [ 753.217763][ C1] ima_calc_file_hash_tfm+0x302/0x3e0 [ 753.217788][ C1] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 753.217843][ C1] ? hlock_class+0x4e/0x130 [ 753.217867][ C1] ? ima_alloc_tfm+0x21d/0x2d0 [ 753.217888][ C1] ? generic_fillattr+0x663/0x8c0 [ 753.217914][ C1] ima_calc_file_hash+0x1ba/0x490 [ 753.217940][ C1] ima_collect_measurement+0x8a7/0xa10 [ 753.217964][ C1] ? process_measurement+0x70a/0x2370 [ 753.217989][ C1] ? __pfx_ima_collect_measurement+0x10/0x10 [ 753.218014][ C1] ? lock_acquire.part.0+0x11b/0x380 [ 753.218049][ C1] ? rcu_is_watching+0x12/0xc0 [ 753.218071][ C1] ? trace_contention_end+0xea/0x140 [ 753.218100][ C1] ? is_bad_inode+0xd/0x40 [ 753.218127][ C1] ? xattr_resolve_name+0x27b/0x3f0 [ 753.218157][ C1] ? vfs_getxattr_alloc+0xf1/0x340 [ 753.218188][ C1] ? ima_get_hash_algo+0x27d/0x410 [ 753.218208][ C1] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 753.218231][ C1] ? process_measurement+0x1271/0x2370 [ 753.218252][ C1] process_measurement+0x1271/0x2370 [ 753.218279][ C1] ? __pfx_process_measurement+0x10/0x10 [ 753.218300][ C1] ? kasan_save_track+0x14/0x30 [ 753.218327][ C1] ? find_held_lock+0x2d/0x110 [ 753.218351][ C1] ? aa_file_perm+0x4c6/0xfe0 [ 753.218371][ C1] ? __pfx_lock_release+0x10/0x10 [ 753.218397][ C1] ? trace_lock_acquire+0x14a/0x1d0 [ 753.218430][ C1] ? __pfx_aa_file_perm+0x10/0x10 [ 753.218452][ C1] ? lockdep_init_map_type+0x16d/0x7d0 [ 753.218483][ C1] ima_file_mmap+0x1b1/0x1d0 [ 753.218504][ C1] ? __pfx_ima_file_mmap+0x10/0x10 [ 753.218529][ C1] security_mmap_file+0x8bd/0x990 [ 753.218550][ C1] vm_mmap_pgoff+0xdb/0x360 [ 753.218580][ C1] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 753.218607][ C1] ? hugetlbfs_get_inode+0x32d/0x530 [ 753.218640][ C1] ksys_mmap_pgoff+0x1c8/0x5c0 [ 753.218667][ C1] __x64_sys_mmap+0x125/0x190 [ 753.218689][ C1] do_syscall_64+0xcd/0x250 [ 753.218710][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 753.218738][ C1] RIP: 0033:0x7f93d5f7e719 [ 753.218755][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 753.218775][ C1] RSP: 002b:00007f93d59ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 753.218794][ C1] RAX: ffffffffffffffda RBX: 00007f93d6135f80 RCX: 00007f93d5f7e719 [ 753.218809][ C1] RDX: 00004000000000e4 RSI: 1000000000200004 RDI: 0000000000000000 [ 753.218828][ C1] RBP: 00007f93d5ff132e R08: 000000000000000d R09: 0000300000000000 [ 753.218842][ C1] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 753.218855][ C1] R13: 0000000000000000 R14: 00007f93d6135f80 R15: 00007ffcc68601b8 [ 753.218876][ C1] [ 753.804257][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 753.811159][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 [ 753.821679][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 753.831747][ T30] Call Trace: [ 753.835039][ T30] [ 753.837992][ T30] dump_stack_lvl+0x3d/0x1f0 [ 753.842614][ T30] panic+0x71d/0x800 [ 753.846537][ T30] ? __pfx_panic+0x10/0x10 [ 753.850982][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 753.856549][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 753.862553][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 753.867943][ T30] ? watchdog+0xd76/0x1240 [ 753.872388][ T30] ? watchdog+0xd69/0x1240 [ 753.876836][ T30] watchdog+0xd87/0x1240 [ 753.881109][ T30] ? __pfx_watchdog+0x10/0x10 [ 753.885808][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 753.891037][ T30] ? __kthread_parkme+0x148/0x220 [ 753.896084][ T30] ? __pfx_watchdog+0x10/0x10 [ 753.900791][ T30] kthread+0x2c1/0x3a0 [ 753.904902][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 753.910143][ T30] ? __pfx_kthread+0x10/0x10 [ 753.914769][ T30] ret_from_fork+0x45/0x80 [ 753.919205][ T30] ? __pfx_kthread+0x10/0x10 [ 753.923815][ T30] ret_from_fork_asm+0x1a/0x30 [ 753.928624][ T30] [ 753.931931][ T30] Kernel Offset: disabled [ 753.936258][ T30] Rebooting in 86400 seconds..