last executing test programs: 6m41.435803574s ago: executing program 2 (id=1051): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) bpf$auto(0x1e, &(0x7f00000000c0)=@raw_tracepoint={0x1009, 0xffffffffffffffff, 0x0, 0x4}, 0x5) (async, rerun: 64) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040)) (async, rerun: 64) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000080)=0xfbc6) 6m40.899780282s ago: executing program 2 (id=1054): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x15, 0x5, 0x0) mincore$auto(0x1000, 0x8001, 0x0) setsockopt$auto(r0, 0x114, 0xa, 0x0, 0x4) 6m40.522371587s ago: executing program 2 (id=1057): r0 = openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000000), 0x40002, 0x0) write$auto(r0, &(0x7f0000002740)='-1,\'$*@[}\x00', 0x2) 6m40.10354113s ago: executing program 2 (id=1058): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @empty}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0xc00009}, 0x5, 0x20000000) write$auto(0x3, 0x0, 0xfffffdef) sendto$auto(0x3, 0x0, 0xfffffffffffffdeb, 0x11f, 0x0, 0x1c) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) 6m39.200905357s ago: executing program 2 (id=1062): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x7, 0x46, 0x0) fsopen$auto(0x0, 0x1) 6m38.589238301s ago: executing program 2 (id=1063): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x15, 0x3, 0x0) sendmsg$auto_ETHTOOL_MSG_PSE_GET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="2c82000296aac78c3aba925f1402eb5d0d56b9c32b87b58380db01ce47f7e614134a99a1f0927657410719f70c10ff6cd5dfae8f66d2858a7f2d4c957a17e37a492cc89c254cc9cf0786926c5992c00349ce14932c1ed8ea3f2afaf6dc0e4539ea78fecee7cfda2a01e66868d3b0710a641c94245100000000000000000000000000000095303d1275ba2c9cdab799e1446c53ee033a8d5b3299d305800e371f13bf659c1860ec48e9ae96b020d076fc749719886b82c9084da60ad68ec8d7b5dd5d0eae3ae0d173a32fb041f0682418af2ed8526c274a9a56e729ff9045af2c19e6d7b4d88e158a9d8265bbab88a5b561308cd20e13bad7843f040fe25e42aebfef45a8988d4c365181ce85adf2eefd7f52eea392b34291d735ac3af2a55ddee307fbb6d3a08111abb856e3c1295da9d851169e6e300ee0e3bac1c6d2511e003e59cecec9f3d581415ae896b52b8021be2005f32d7fc2038961e4244287d8b5d032940599457efe4f7302ae1f22060041fc814e510d479bd4dbdb56a599d5142b09cceab7b6fe649c170bbc90d3ecde375e03da03f7e9", @ANYRES16=0x0, @ANYBLOB="000425bd7000fedbdf2524000000040001801400018008000300010000000800040001000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x800) sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="d8010000", @ANYRES16=r0, @ANYBLOB="01002dbd7000fcdbdf25010000000c0002000500000000000000c5000700c1007cf7c27c120e3984130834a73f9221887ac28e443c4a1a7da8d2ddcf2890cce5822826764f3f410e53f43f300d2e04700395778e7935c99f6a38f6f3e56e7d8a18d15791b3b4f9378d743a8f0cbbe1c604a782030626ead26826f4790233f19c29fbaf1da77e1b84522d05ca0f4237b24aead87b47d41805fa9967d02ad2deba1895652b8d630c30213ed8f72c1066f1bb9fb1b242d08a55d32398d8d3c635008f2c61049c8abf600a98d1d2d0b0027aecaf27d20b6ff4129883e111e1c858000000dc00090069fccb38f57447a8af8c40a03b92af7adc0c48af4308483b99aa587ed8711b4a79a383c263698842365af6807d1be1800fd492770983a6df345fb472e9fa41b667af43bc36d7063b6b93ab7661925e8d71452acd95b788c31a32ae903b96b9ed9a5e3542c625105e8f21a5b41ff3d17f8704581f4b8b75ae741d0fba8cab2e187c93eeea89f6cf6ab7cc496e0bd9759cc0b408bbe0c6eae2aa29c2d97d48a55fc0ff937c90173d61cf652f97cb301e4d7e3bac0026732e22eadd3a6c5ffa4faed6855a86814c920a650a61936305d2713db1c92a238e265c080001007f0e00000c00", @ANYRES64=r1], 0x1d8}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000580)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x4090) r2 = socket(0x10, 0x3, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x4040000) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000000c0)={0x0, 0x59, &(0x7f0000000200)={0x0, 0xffffffffffffff13}, 0x1, 0x0, 0x0, 0x4004810}, 0x200400e1) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004) sendmmsg$auto(0x3, &(0x7f00000005c0)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x1}, 0x1, 0x0, 0xffffffffffffbfff, 0x9}, 0x7}, 0x3, 0x94a) mmap$auto(0x0, 0x2020009, 0x400000000000003, 0xeb1, r2, 0x8000) r3 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) adjtimex$auto(&(0x7f0000000000)={0x6, 0x0, 0xc, 0xb3, 0x0, 0x4, 0x40, 0x0, 0x5, 0xfffffffffffffff9, 0x6, {0x0, 0x1}, 0x401, 0x7, 0x0, 0x1, 0x0, 0xffffffffffffffcc, 0x3, 0x1, 0x1000, 0x5}) r4 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0) close_range$auto(0x2, 0x8, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000540), r3) io_uring_setup$auto(0x7, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r4, 0x4040ae77, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mbind$auto(0x0, 0x100000004, 0x4, 0x0, 0x20000000000006, 0x2) mmap$auto(0x4, 0x1, 0x4000000000df, 0x40ebe, 0x4, 0x300000000002) move_pages$auto(0x0, 0x40000000000006, 0x0, 0x0, 0x0, 0x2) 6m23.455995709s ago: executing program 32 (id=1063): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x15, 0x3, 0x0) sendmsg$auto_ETHTOOL_MSG_PSE_GET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="2c82000296aac78c3aba925f1402eb5d0d56b9c32b87b58380db01ce47f7e614134a99a1f0927657410719f70c10ff6cd5dfae8f66d2858a7f2d4c957a17e37a492cc89c254cc9cf0786926c5992c00349ce14932c1ed8ea3f2afaf6dc0e4539ea78fecee7cfda2a01e66868d3b0710a641c94245100000000000000000000000000000095303d1275ba2c9cdab799e1446c53ee033a8d5b3299d305800e371f13bf659c1860ec48e9ae96b020d076fc749719886b82c9084da60ad68ec8d7b5dd5d0eae3ae0d173a32fb041f0682418af2ed8526c274a9a56e729ff9045af2c19e6d7b4d88e158a9d8265bbab88a5b561308cd20e13bad7843f040fe25e42aebfef45a8988d4c365181ce85adf2eefd7f52eea392b34291d735ac3af2a55ddee307fbb6d3a08111abb856e3c1295da9d851169e6e300ee0e3bac1c6d2511e003e59cecec9f3d581415ae896b52b8021be2005f32d7fc2038961e4244287d8b5d032940599457efe4f7302ae1f22060041fc814e510d479bd4dbdb56a599d5142b09cceab7b6fe649c170bbc90d3ecde375e03da03f7e9", @ANYRES16=0x0, @ANYBLOB="000425bd7000fedbdf2524000000040001801400018008000300010000000800040001000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x800) sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="d8010000", @ANYRES16=r0, @ANYBLOB="01002dbd7000fcdbdf25010000000c0002000500000000000000c5000700c1007cf7c27c120e3984130834a73f9221887ac28e443c4a1a7da8d2ddcf2890cce5822826764f3f410e53f43f300d2e04700395778e7935c99f6a38f6f3e56e7d8a18d15791b3b4f9378d743a8f0cbbe1c604a782030626ead26826f4790233f19c29fbaf1da77e1b84522d05ca0f4237b24aead87b47d41805fa9967d02ad2deba1895652b8d630c30213ed8f72c1066f1bb9fb1b242d08a55d32398d8d3c635008f2c61049c8abf600a98d1d2d0b0027aecaf27d20b6ff4129883e111e1c858000000dc00090069fccb38f57447a8af8c40a03b92af7adc0c48af4308483b99aa587ed8711b4a79a383c263698842365af6807d1be1800fd492770983a6df345fb472e9fa41b667af43bc36d7063b6b93ab7661925e8d71452acd95b788c31a32ae903b96b9ed9a5e3542c625105e8f21a5b41ff3d17f8704581f4b8b75ae741d0fba8cab2e187c93eeea89f6cf6ab7cc496e0bd9759cc0b408bbe0c6eae2aa29c2d97d48a55fc0ff937c90173d61cf652f97cb301e4d7e3bac0026732e22eadd3a6c5ffa4faed6855a86814c920a650a61936305d2713db1c92a238e265c080001007f0e00000c00", @ANYRES64=r1], 0x1d8}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000580)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x4090) r2 = socket(0x10, 0x3, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x4040000) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000000c0)={0x0, 0x59, &(0x7f0000000200)={0x0, 0xffffffffffffff13}, 0x1, 0x0, 0x0, 0x4004810}, 0x200400e1) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004) sendmmsg$auto(0x3, &(0x7f00000005c0)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x1}, 0x1, 0x0, 0xffffffffffffbfff, 0x9}, 0x7}, 0x3, 0x94a) mmap$auto(0x0, 0x2020009, 0x400000000000003, 0xeb1, r2, 0x8000) r3 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) adjtimex$auto(&(0x7f0000000000)={0x6, 0x0, 0xc, 0xb3, 0x0, 0x4, 0x40, 0x0, 0x5, 0xfffffffffffffff9, 0x6, {0x0, 0x1}, 0x401, 0x7, 0x0, 0x1, 0x0, 0xffffffffffffffcc, 0x3, 0x1, 0x1000, 0x5}) r4 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0) close_range$auto(0x2, 0x8, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000540), r3) io_uring_setup$auto(0x7, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r4, 0x4040ae77, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mbind$auto(0x0, 0x100000004, 0x4, 0x0, 0x20000000000006, 0x2) mmap$auto(0x4, 0x1, 0x4000000000df, 0x40ebe, 0x4, 0x300000000002) move_pages$auto(0x0, 0x40000000000006, 0x0, 0x0, 0x0, 0x2) 3m51.971495866s ago: executing program 1 (id=1624): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x400, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_COMMAND(r0, 0xc008551c, &(0x7f0000000040)={0xd014, 0x8, [0x80000001, 0x9, 0x24000000, 0x600]}) r1 = getsockopt$auto(r0, 0x800, 0x877f, &(0x7f0000000080)='\x00', &(0x7f00000000c0)=0x400) r2 = waitid$auto(0xf, r1, &(0x7f0000000100)={@_si_pad}, 0x7fff, &(0x7f0000000180)={{0xffffffff, 0x4cf36e82}, {0x2, 0x1}, 0x52, 0x80000000, 0x9, 0xffffffffffffffff, 0x4, 0x80000000, 0x10, 0x7, 0x8, 0x6, 0x4, 0x3, 0x8, 0x5}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f0000000240)={{@inferred, 0x100, 0x9, 0xc4, "984b1f269f2b5c1ef40735eed40952046aff6f1aa1643cf033d03ed69f4b03ac5983452484b4f4c7406075f2", @inferred=r2}, 0x1, @enumerated=@item=[0x0, 0x7, 0x80, 0x80, 0x9, 0x7, 0x2, 0x6, 0x2, 0x40, 0xf76, 0x5, 0x4, 0x5, 0x4, 0xffff, 0x5, 0x3ff, 0x60, 0x40, 0x7fffffff, 0xc, 0x5, 0x385, 0x5e, 0x9, 0x4, 0x4, 0x5, 0x5, 0x7, 0x6, 0x1, 0xd, 0x1, 0x7, 0x5, 0x3, 0x3, 0x0, 0x9, 0x7d, 0x9, 0x42, 0x200000, 0x10001, 0x0, 0xe, 0x9, 0x400, 0x7, 0x3a24, 0x0, 0x4, 0x10000, 0x8, 0x7, 0x3, 0x10, 0x1, 0x3, 0x3, 0x1, 0x6, 0x5, 0x100, 0x7, 0x2, 0x2, 0xffffffff, 0x5, 0x3, 0x0, 0x6, 0x33e, 0x7ff, 0x3, 0x80, 0xb97, 0xd, 0x5, 0x6ed, 0x200, 0x5, 0x1, 0x3, 0xe, 0x3, 0x2, 0x81, 0x1, 0x9172, 0xf, 0x101, 0x4, 0x9c, 0x81, 0xffff, 0x3, 0x9, 0x7, 0x8, 0x4, 0xb, 0x7, 0xfffffa9e, 0x1, 0xc, 0x1, 0x100, 0x9, 0xfff, 0x2, 0x100, 0x5, 0x2, 0x4, 0x1, 0x1, 0x3, 0xf3d2, 0x2, 0x1, 0x400, 0xfffffffb, 0x3, 0x10, 0x6], "98db71e3cbb4d0c809ddff428a4056ecd695ab988d7b0a93a7169577ebae1b203925df26e44fa85244cc81407ffa0a0f24b82d1530b0911020d4112c6cf2d47276a1bf5cdb8c9e7976dc62cc0e0ca5eaeba416e78566838429a999d5bfa4922468726b75bb4c1368fef0cbad940710abcfac32dc801013beac215ffcd42c2d47"}) ioctl$auto_USB_RAW_IOCTL_EP0_STALL(r1, 0x550c, 0x0) r3 = syz_genetlink_get_family_id$auto_nfc(&(0x7f00000008c0), r1) sendmsg$auto_NFC_CMD_FW_DOWNLOAD(r1, &(0x7f0000000a00)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000900)={0x98, r3, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x3}, @NFC_ATTR_DEVICE_POWERED={0x5, 0xc, 0x8}, @NFC_ATTR_VENDOR_DATA={0x53, 0x1f, "d23f313344853e84748f9b8e12f155c93d668f347c4bde7999eb1586a4ff5fc101eeed11ed853f658871734b1aa16653a52057869cc87e9dd9d94b1b4547cb6df89dd1686b17edc3950244badf4b64"}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x400}, @NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0x7}, @NFC_ATTR_FIRMWARE_NAME={0x6, 0x14, '}}'}, @NFC_ATTR_DEVICE_NAME={0x5, 0x2, '\x00'}]}, 0x98}, 0x1, 0x0, 0x0, 0x2404c090}, 0x5) r4 = signalfd$auto(r0, &(0x7f0000000a40)={0x7}, 0x8) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r4, 0xc4c85512, 0x0) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001000), r4) sendmsg$auto_NL80211_CMD_DEL_PMK(r4, &(0x7f0000001100)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000010c0)={&(0x7f0000001040)={0x58, r5, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NL80211_ATTR_BSS_SELECT={0x3c, 0xe3, 0x0, 0x1, [@typed={0x8, 0xc2, 0x0, 0x0, @pid}, @nested={0x30, 0x65, 0x0, 0x1, [@typed={0x8, 0x12, 0x0, 0x0, @pid}, @nested={0x4, 0x104}, @nested={0x4, 0x126}, @generic="3ab2f61b7a4b283e820aab31f979e70a81db6caaf4d68522", @nested={0x4, 0x145}]}]}, @NL80211_ATTR_PMK={0x5, 0xfe, "cf"}]}, 0x58}}, 0x4040000) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f00000012c0)={{@raw=0x3, 0x1, 0x6d2e99e8, 0x6, "0582a820061b5c51a65a6dd72b0b15addbdf55cb4b0f2381f2673e3a1ebe21e1bf1b26f0db7b62b67bd764f9"}, 0x0, @integer64=@value_ptr=&(0x7f0000001280)=0x3, "528d458095d42b72adda0cac2d45bdaacfc82245992af763188bf00ab57d5d73b094925aa92857fd2f672f85343275f80841c6ca41e93023ab4510269ed959a79a789527276d90375018fc08050559d8936b8d72087a5689d4338da78b8b8bdcea8188ca43202fb78dacb3fea1258074885c899d75cd52751f9be959d90fa5c2"}) epoll_create$auto(0x4) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0x3, 0xffffffff80088a02, 0x1) 3m51.306590637s ago: executing program 1 (id=1631): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = io_uring_setup$auto(0x1, 0x0) (async) r1 = socket(0x11, 0x80003, 0x300) ioctl$NS_GET_PARENT(r0, 0xb702, 0x0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) madvise$auto(0x100000, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) open(&(0x7f0000000300)='./file0\x00', 0x7ffd, 0x12) (async) write$auto(0x3, 0x0, 0x100082) (async) clone$auto(0x7, 0x2000400000d, 0xfffffffffffffffc, 0x0, 0x3) (async, rerun: 32) madvise$auto(0x10002000000, 0x5, 0x0) (rerun: 32) io_uring_setup$auto(0x6, 0x0) (async) madvise$auto(0x0, 0x200007, 0x19) (async, rerun: 64) setsockopt$auto(r1, 0x107, 0x1, 0x0, 0x8004) (async, rerun: 64) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/nlmon0/proxy_delay\x00', 0x101000, 0x0) unshare$auto(0x40000080) (async, rerun: 32) timerfd_settime$auto(r2, 0x64f, &(0x7f0000000040)={{0x0, 0x27a85289}, {0x8, 0x8}}, &(0x7f0000000080)={{0x4, 0x1}, {0x5, 0x2}}) (async, rerun: 32) close_range$auto(0x2, 0x8, 0x0) 3m46.54468272s ago: executing program 1 (id=1660): semctl$auto(0x8, 0x2, 0x9, 0x5) r0 = openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x48101, 0x0) write$auto(r0, &(0x7f0000000040)='/sys/kernel/security/integrity/ima/policy\x00', 0xc6) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x7, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x3a) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x18}}, 0x84) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0x10, &(0x7f0000000000)={0x0, 0xd6c6}, 0x2, 0x0, 0xe, 0x4}, 0x3}, 0x200, 0xb07e) close_range$auto(0x2, 0x8, 0x0) lstat$auto(&(0x7f0000000140)='./file0\x00', &(0x7f0000000300)={0x4, 0x21a3, 0x2, 0xfffffffe, 0x0, 0xffffffffffffffff, 0x0, 0x7fff, 0x0, 0x455, 0x731, 0x1, 0x3, 0x7, 0x7, 0xc, 0x7}) r2 = socketpair$auto(0x8, 0x5, 0x3, 0x0) fstat$auto(r2, &(0x7f00000000c0)={0x80000000, 0x7, 0x4, 0x5, 0xee00, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x40, 0x8, 0x80000000000000, 0x92, 0x401, 0x7, 0xfff, 0x61a}) r4 = setfsgid$auto(0xee00) lstat$auto(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)={0x4fb, 0x4000000, 0x8, 0x7, r3, r4, 0x0, 0x6, 0x9, 0x8000000000000008, 0xb, 0x1f, 0x2, 0x8000000000000000, 0x5c, 0x1, 0x4}) keyctl$auto(0x7fffffff, 0xffffffffffffffff, r1, r4, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="f2000000", @ANYBLOB='O\x00', @ANYRES16], 0x1ac}, 0x1, 0x0, 0x0, 0x24040840}, 0x94) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) r6 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r6, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r6, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r6, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x30, 0xf1, 0xb0, @raw=0xfffff020}}) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/rpc/nfsd\x00', 0xe0d41, 0x0) 3m45.849328264s ago: executing program 1 (id=1664): open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) write$auto_ftrace_enable_fops_trace_events(0xffffffffffffffff, &(0x7f0000000000)="a3a5ef09b5b35e13fae05cbc144f87d25db57560747a31736099f3281707ee3727cf3a430c340438cf2bfc7622074b9cbd47d33a8fcc675f800755e14e21f777602953a87d9d7c2e49c932f1c5241418c259f5e2a1b2503cceab9a366163116b184ac8d1b86457b107f50c1c04046b61946a73c534101cb745306fc6af1c74a0f948cb1d73e2ac13580c7e32d54d85beec07ff2eb69c8d41a15984f1972e642b9b23b6c352632fb7b4c1b5feef4cd41f6952484f2055b21b907aa67292afa156dbcc05f7e43ab888bb5aefab91adddec67f53b894be7cde405bd7a81f8f6cee1360bcea5d4953e7b0bb9c8806ecef879dcc644e379fbc46c61b31442cc91b967248f93ff7d880fe329752c8bb0be92332475e4f68c16a6a16223ad74ddbcc179c23864bc078e5f6da6ab5069a129c08405ad1a796579347990390966d71548262002f495a6824c9aeeae072347691188122d5bdd4b176aa40fe16f6f69f5dffbf63cee5af8facd6f083d35c609173ad85431a24a04d800275057a42ae08f9946f02cc0fcff16db4f719477937bcd107cc88d951326d537efad9840ab2898691d21d6f5ba539cebd073a20e7101b11866edc69c364300d1af3f366af7cbea46921c542e9fdcdbe614a8c5bc635b1b9fd0ea8019192416e2818de6b5c829fcb1551ef3c3916e45f32dca9915be6caef6da2dba8c099d2dbe5f8099afd4e5e1aa355a1a0be46fe5e9a26d9ed0667759cd68ba2a2fff7844016cdda98ad718ed1267d56bc79041edb3f9cf377f16cdd8d812399281f458f6612f66ea5fff4152a388998f91c8784d098276ac9770ffb1245e1e3b0df4d8718733b1aba36eec1fa1b52d01361090a92b65846b9d84bef1c73cb06b9c63d4296e2e08fc654dcdf74e61a88f74ae7f0810d0534dcec6312c2c", 0x28f) mount$auto(0x0, &(0x7f0000001500)='./file0\x00', &(0x7f0000001540)='cifs\x00', 0x8002, &(0x7f00000001c0)) 3m43.079094546s ago: executing program 1 (id=1683): open(&(0x7f0000000100)='./file0\x00', 0x4201c2, 0x102) (async, rerun: 32) r0 = socket(0xa, 0x1, 0x1) (rerun: 32) bpf$auto(0x8000006, 0xffffffffffffffff, 0xfffffffd) (async) mmap$auto(0x0, 0x4, 0xdf, 0x19, r0, 0x8000) (async) socketpair$auto(0xfff, 0x5, 0x10, 0x0) (async) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto(0x1, 0x890c, 0x8) socket(0x15, 0x5, 0x0) (async) madvise$auto(0x1ffff000, 0x7, 0x100000000) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) socket(0xa, 0x2, 0x88) (async) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0) bpf$auto(0x0, 0x0, 0x6f4) (async) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x8001, 0x0) socket(0xa, 0x6, 0xfffffffb) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x109500, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) (async) ioctl$auto_I2C_SMBUS(0xffffffffffffffff, 0x720, 0x4) (async) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x8) (async) pselect6$auto(0xffffffff, &(0x7f00000000c0)={[0x2, 0xfff, 0x6, 0xbda3, 0x0, 0x9, 0x6, 0xc7, 0x5, 0x400, 0x7, 0x7f, 0x2, 0x7fffffff, 0x87d9, 0x6]}, 0x0, &(0x7f0000000380)={[0x8001, 0x400, 0x36d7, 0x39, 0x0, 0x7ff, 0x4e18, 0x7fffffff, 0x6, 0xe51d, 0x401, 0xffff, 0x95, 0x39d9eb, 0x8, 0x9]}, &(0x7f0000000280)={0xa}, 0x0) (async) flock$auto(0x6, 0x1) (async) keyctl$auto(0x8, 0xfffffffffffffffd, 0xffffffffffffffff, 0x5092, 0x2) (async) shmget$auto(0x8, 0x10563, 0x568d1af2) (async) madvise$auto(0x0, 0xffffffffffff0004, 0x19) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) (async) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async) openat$auto_proc_sessionid_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/sessionid\x00', 0x20000, 0x0) 3m40.623794205s ago: executing program 1 (id=1694): pipe$auto(&(0x7f0000000080)=0xe7da) readv$auto(0x3, &(0x7f0000000600)={0x0}, 0x1da) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) userfaultfd$auto(0x1) r1 = getpid() pidfd_open$auto(r1, 0x0) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0x80003, 0x300) ioctl$auto(0x3, 0x5411, 0x10000000000402) dup2$auto(0x0, 0x4) r2 = openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace_marker_raw\x00', 0x400001, 0x0) sendfile$auto(r0, r2, &(0x7f0000000040)=0x800, 0x1) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_LINK_RESET_STATS(r3, &(0x7f0000003e40)={0x0, 0x0, &(0x7f0000003e00)={&(0x7f0000000800)={0x20, r4, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@TIPC_NLA_LINK={0xc, 0x4, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@typed={0x4, 0xea}]}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x40040050) io_uring_setup$auto(0x10001, &(0x7f0000000400)={0x7, 0x3, 0x50, 0x6, 0x3, 0x0, 0xffffffffffffffff, [], {0xffffffff, 0x8, 0xfffffff8, 0x2, 0x9, 0x400006, 0x8000, 0x6, 0x7}, {0x7fffffff, 0x1, 0x2, 0x2, 0xaab9984, 0x4, 0x3, 0x8, 0x7}}) 3m25.238559322s ago: executing program 33 (id=1694): pipe$auto(&(0x7f0000000080)=0xe7da) readv$auto(0x3, &(0x7f0000000600)={0x0}, 0x1da) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) userfaultfd$auto(0x1) r1 = getpid() pidfd_open$auto(r1, 0x0) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0x80003, 0x300) ioctl$auto(0x3, 0x5411, 0x10000000000402) dup2$auto(0x0, 0x4) r2 = openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace_marker_raw\x00', 0x400001, 0x0) sendfile$auto(r0, r2, &(0x7f0000000040)=0x800, 0x1) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_LINK_RESET_STATS(r3, &(0x7f0000003e40)={0x0, 0x0, &(0x7f0000003e00)={&(0x7f0000000800)={0x20, r4, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@TIPC_NLA_LINK={0xc, 0x4, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@typed={0x4, 0xea}]}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x40040050) io_uring_setup$auto(0x10001, &(0x7f0000000400)={0x7, 0x3, 0x50, 0x6, 0x3, 0x0, 0xffffffffffffffff, [], {0xffffffff, 0x8, 0xfffffff8, 0x2, 0x9, 0x400006, 0x8000, 0x6, 0x7}, {0x7fffffff, 0x1, 0x2, 0x2, 0xaab9984, 0x4, 0x3, 0x8, 0x7}}) 11.685719241s ago: executing program 3 (id=2544): ioperm$auto(0x7, 0x6, 0xffffffffffff4064) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x20009, 0xe, 0xeb1, 0x403, 0x8000) clone$auto(0x21, 0x7, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) socket(0xa, 0x2, 0x88) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffff7ffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) setpriority$auto(0x4000000001, 0x100000001, 0x6) mmap$auto(0x2000000, 0x400008, 0xdf, 0x9b72, 0x100000000002, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) rseq$auto(&(0x7f0000000300)={0xe, 0xc01, 0x0, 0x6, 0xffffffff, 0x2}, 0x8004, 0x0, 0x6) madvise$auto(0x0, 0xffffffffffff0005, 0x19) setgroups$auto(0xe32, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) io_uring_setup$auto(0x6, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x106) syslog$auto(0x2, 0x0, 0xcf) 11.559754961s ago: executing program 0 (id=2545): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f00000034c0), 0x500, 0x0) (async) r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f00000034c0), 0x500, 0x0) ioctl$auto_IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x0, 0x0, 0x5) madvise$auto(0x0, 0x8000000000000000, 0x15) close_range$auto(0x2, 0x8, 0x0) r1 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) sync_file_range$auto(r1, 0xe, 0xe, 0x3) socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x401, 0xfffffffffffffffa, 0xdf, 0xeb8, 0x40000000000a5, 0x8000) (async) mmap$auto(0x401, 0xfffffffffffffffa, 0xdf, 0xeb8, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) prctl$auto(0x41, 0x1, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) (async) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) recvmmsg$auto(0x4, 0x0, 0x3, 0x2, 0x0) sendmsg$auto_NETDEV_CMD_NAPI_GET(r2, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000340)=ANY=[@ANYRES16=0x0, @ANYBLOB="01002dbd7000fba400000000f2ff0000021f4de56a4703000000d6f3110aa45aeb6b5e9bd8abc396aa49249256bdf3aa705dd10c661480cb20a3c8f0eca3d46ee322e8719e1239716cd1307d8553a60d7af3b758fd1e98676fd4359291"], 0x1c}}, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x24, r4, 0x1, 0x70bd27, 0x25dfdbf9, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x0) openat$auto_rfcomm_dlc_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x2682, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) (async) r8 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r7, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000001380)=ANY=[@ANYBLOB="18000000", @ANYRES16=r8, @ANYBLOB="01002ebd7000fcdbdf2504d4000004001000"], 0x18}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) (async) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r7, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000001380)=ANY=[@ANYBLOB="18000000", @ANYRES16=r8, @ANYBLOB="01002ebd7000fcdbdf2504d4000004001000"], 0x18}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) (async) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff) (async) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff) 8.09178282s ago: executing program 3 (id=2553): ioperm$auto(0x7, 0x6, 0x80) init_module$auto(&(0x7f0000000040)="c285a6974e0fa24876fdb4c1c361001600c47454a97ac1d353e826569685698b063de6fb8bb7456ec9fb0137a1781f01000000ed33734a434e1191f4017f3f760000000048cca93e1cc28ad8f36c814e211f17f37eeddf921949f64f26f6f525069ff09f2cc07e81d07fbdbe34c84fec772be5af0b2c94a40d94eb11e81b41dd07ec16ac3c767844", 0x75f8, 0x0) ioperm$auto(0x2, 0x3, 0x1) clone$auto(0x1ff, 0x3, 0x0, 0xfffffffffffffffd, 0xffffffff00000000) ioperm$auto(0x2, 0x8000, 0x2b325536) ioperm$auto(0xfffffffffffffffb, 0x8001, 0xfffffffb) ioperm$auto(0x3, 0x636a77f9, 0x8) 7.741171049s ago: executing program 3 (id=2555): io_setup$auto(0x7ffe, &(0x7f0000000000)) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x20000, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000080)=""/163, 0xa3) io_setup$auto(0x7ffe, &(0x7f0000000000)) 7.271813929s ago: executing program 0 (id=2557): r0 = socket(0x10, 0x2, 0x0) r1 = syz_genetlink_get_family_id$auto_nlbl_mgmt(&(0x7f0000000080), r0) sendmsg$auto_NLBL_MGMT_C_LISTDEF(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="9b16b877e560c87096fd1f304a000000", @ANYRES16=r1, @ANYBLOB="000226bd7000fbdbdf25060000000800030007000000080004000800000008000c0000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x8850) r2 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f00000000c0), 0x682a00, 0x0) close_range$auto(r2, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400000000000400, 0x9}, 0x9, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x15, 0x5, 0x0) socket(0x2, 0xa, 0x0) mmap$auto(0x0, 0x8, 0x3, 0x9b72, 0x2, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x19, 0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, 0x0, 0x48000) landlock_restrict_self$auto(r2, 0x0) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x2183, 0x0) 6.595244754s ago: executing program 3 (id=2559): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 64) madvise$auto(0x0, 0x8000000000000000, 0x15) (async, rerun: 64) r0 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r0) (async) bind$auto(0x3, 0x0, 0x6a) (async, rerun: 32) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async, rerun: 32) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) (async, rerun: 32) getdents64$auto(0x0, 0x0, 0x18) (async, rerun: 32) sendmsg$auto_ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYBLOB="010029bd701cfd3405"], 0x18}, 0x1, 0x0, 0x0, 0x800}, 0x20044840) close_range$auto(0x0, 0xfffffffffffff000, 0x2) setresgid$auto(0x0, 0x800000a0, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0x10eb1, 0xfffffffffffffffd, 0x8000) (async) io_uring_setup$auto(0x6, 0x0) (async, rerun: 64) bind$auto(0x3, 0x0, 0x68) (rerun: 64) connect$auto(0xffffffffffffffff, &(0x7f0000000000)=@rc={0x1f, @none, 0x7}, 0x55) r1 = openat$auto_binder_ctl_fops_binderfs(0xffffffffffffff9c, &(0x7f0000000000), 0x82c00, 0x0) ioctl$auto_BINDER_CTL_ADD(r1, 0xc1086201, 0x0) ioctl$auto_BINDER_CTL_ADD(r1, 0xc1086201, 0x0) (async) r2 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r2, @ANYBLOB="01"], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x401c1) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) (async) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x4000000) (async) close_range$auto(0x2, 0x8, 0x0) (async) r3 = socket(0x2, 0x80002, 0x73) (async) socket(0x29, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) (async, rerun: 64) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (rerun: 64) mmap$auto(0x0, 0x8, 0xe2, 0x400000000000010, r3, 0x8000) (async, rerun: 32) pipe2$auto(0x0, 0x80) (rerun: 32) setsockopt$auto(0x3, 0x1, 0xd, 0x0, 0x8) 5.553285769s ago: executing program 0 (id=2561): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x800800000008000) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1) bpf$auto(0x2, 0x0, 0xf) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x5e3, 0x40000009, 0x7d5) madvise$auto(0x6df, 0xffffffffffff0005, 0x17) close_range$auto(0x2, 0x8, 0x0) read$auto_wakeup_sources_stats_fops_wakeup(0xffffffffffffffff, &(0x7f0000000140)=""/75, 0x4b) socket(0x2, 0x2, 0x1) madvise$auto(0xfffffffffffffffe, 0xffffffffffff0001, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) brk$auto(0xf065) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x0) socket(0x1c, 0x3, 0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x191001, 0x0) madvise$auto(0x0, 0x2000000080000001, 0x3) prctl$auto(0x1000000003b, 0x40000007a, 0x4, 0x6, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x8) mmap$auto(0x0, 0x200003, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) socket$nl_generic(0x10, 0x3, 0x10) 4.127606704s ago: executing program 4 (id=2566): r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r0, 0x40043d04, 0x0) mmap$auto(0xd386, 0x8, 0xdf, 0x9b72, 0x2, 0x3656f715) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) write$auto(r1, &(0x7f0000000240)='\t\n@\\\'\x02\x00', 0x1) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) lsm_get_self_attr$auto(0x64, 0x0, &(0x7f0000002440)=0x1ff, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mknod$auto(&(0x7f0000000040)=':,\x00', 0xc9, 0xc8) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/security/tomoyo/profile\x00', 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r2, &(0x7f0000000540)="0a1b9a0100000062f6d4cd8c38741e504b2b6cac0600000000000000ee9571545a3b4d882ac766622396ec49886d1fb24c8ea5c25706000000000000001cadb848770dc8f745b20000000012b9f679dabd36bb657e69fd8b6d676e8da35491d02a021ba04a10516201f197fe2536136d56ba1f4ab40a", 0x76) mmap$auto(0x0, 0x4020006, 0x202, 0xeb1, 0x401, 0x8000) flistxattr$auto(0x1, 0x0, 0x9) 3.327132158s ago: executing program 5 (id=2567): r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/input/event2\x00', 0x2a482, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto_evdev_fops_evdev(r0, 0x40084503, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_MACSEC_CMD_ADD_RXSA(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x2cb8}, 0x1, 0x0, 0x0, 0x40}, 0x2404c084) close_range$auto(0x2, 0xa, 0x0) r1 = socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x88) connect$auto(0x3, &(0x7f00000018c0)=@generic={0x29, "ab06fdffff00fff500"}, 0x400) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0xa005) sendmmsg$auto(0x3, 0x0, 0x3, 0x4) setreuid$auto(0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r2 = getpid() sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)=ANY=[@ANYRESOCT=r1, @ANYRES16=0x0, @ANYRES8=r1], 0x50}, 0x1, 0x0, 0x0, 0x4048000}, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4000080}, 0x800) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000000780)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x1, 0x0) r3 = io_uring_setup$auto(0x9, &(0x7f00000007c0)={0x8000, 0x8, 0x1, 0x98e7, 0x68d8, 0xffffffff, r1, [0x118c133, 0x2, 0x3], {0x73c, 0x58, 0x80, 0x5, 0x8, 0x0, 0x4, 0x1000, 0xb1}, {0xa, 0x7, 0x6, 0xfffffffc, 0x6, 0x7, 0x3, 0x800, 0x2}}) socket(0xa, 0x3, 0xff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) clone3$auto(&(0x7f00000000c0)={0x101000, 0x5, 0x10001, 0x0, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x685b, 0x7, 0xb}, 0x20b03) fcntl$auto(0x3, 0xf, 0x5) process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0x401}, 0x1, &(0x7f0000000280)={&(0x7f00000005c0)="767f0ee81bd0f34c8bd3ff36c69d8b7bfd3ff262dc91cc3f09bf780395659aa334f53cfedc6cdcb8f68687794fd0bdce4fd03626dff076d0c91887488de83e63ef9581d96be360a98f259d383675df8071f41c3c0af6", 0xffffffff}, 0x6, 0x0) r4 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000200), 0xe0080, 0x0) futex$auto(&(0x7f0000000080)=0x2c156f47, 0x0, 0x2948, &(0x7f00000000c0)={0x100}, 0x0, 0x5) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x7, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x8, 0x9, 0x80003, 0x4, 0x200000000001, 0x384, 0x9, 0x8, 0x10006, 0x400007f, 0x0, 0x0, 0xe, 0x22000, 0x4, 0x0, 0x84, [0x3, 0x2, 0xffffffffffffffff, 0x2, 0x0, 0x402000, 0x0, 0xe, 0x1, 0x0, 0xffffdffffffffffd, 0xffffffffffffffff, 0x8, 0x0, 0x6, 0x0, 0x8, 0x20000, 0x8, 0x10000000000, 0xffffffffffffffff, 0x1, 0x2f, 0x0, 0x0, 0x1006, 0x400000000005b8, 0xffff, 0x0, 0x100, 0x0, 0x6, 0x2, 0x88e, 0x40, 0xfffffffffffffffc, 0x8, 0xa38, 0x4, 0x0, 0xfffffffffffffffc, 0x2, 0x8, 0x10000000007, 0xc566]}, 0x1fa, 0xd) ioctl$auto__ctl_fops_dm_ioctl(r3, 0x81, &(0x7f0000000380)="12c45fd7054bed139fb7f9fb1dca8fe1d88f65ee0d52edf6e31c48e8d983ae3431fa707225c2c38fe1a200b38759ba8e9187200e6d044ef46a534de751b1436f20ed7071b254509700aa726ea003a1b7b9ce2313756dc84bc472ed13a885176712c9cff968f74bd1d14ff734ad08e60cf7e7a7dd07d2b6ca9cb21ddaae68d2969afcf6c734f6ee1c63b1c93abf32264f9ec022b64c903276298739ee8ae7ac1fe14534ad54004f39ea1b99964702554c1494e1742baeae527cf3007d50fc92e924f73b6288e5d9fd071d2fba76b2fabd3faf5229f4c3168226346e3087026d3d2c8aed398d4988971e05ff0ab9f5f2328e7f51d5061584b44581a4c83e413718d3a82f87daf87d1d5a2c32fbaa58f095fbf34ccc603b632155c27289cb5598049a7c9160dfe8a01d5a1983408082941eb39db2a09c5a34dc876dffffa589687aa0cf6be7b5b084a8f753758332896ec3adad7a79b751908ee2b3d25131f44185a0ed8d20e9b6b8a1ed11402b02e544b67caf3177eda039e64aaf295eca7953c165fa73afca96d7750663711101c6e14e44817c6ad4b1474132dd441ca5c9d7776c871ffacbd96910496cad7010b9b526135e6c318400"/447) ioctl$auto__ctl_fops_dm_ioctl(0xffffffffffffffff, 0xfffffff7effffd05, &(0x7f00000001c0)) ioctl$auto_I2C_RDWR(r4, 0x707, 0x0) 2.709302275s ago: executing program 0 (id=2568): unshare$auto(0x40000080) (async) r0 = epoll_create$auto(0x2) (async) mmap$auto(0xaab3, 0x6, 0xdf, 0x80000010, 0x5, 0x8003) (async) gettid() stat$auto(0x0, 0x0) (async) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/framebuffer\x00', 0x0, 0x0) (async) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) (async) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) (async, rerun: 64) socketpair$auto(0x1, 0x2f2f, 0x3, 0x0) (async, rerun: 64) rt_sigprocmask$auto(0x0, 0x0, 0x0, 0x8) (async) syz_clone3(&(0x7f0000000200)={0x182000080, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0}, 0x58) (async) rt_sigtimedwait$auto(0x0, 0x0, 0x0, 0x8) (async) write$auto(0xca, 0x0, 0x10) (async) openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000040), 0x8a02, 0x0) (async, rerun: 32) r1 = socket(0x15, 0x5, 0x0) (rerun: 32) recvmmsg$auto(r1, &(0x7f00000001c0)={{0x0, 0x81, &(0x7f00000002c0)={0x0, 0x20000000006}, 0x9, &(0x7f0000000180), 0x758, 0x10001}, 0x7}, 0x1, 0x29e24fde, 0x0) (async, rerun: 32) mmap$auto(0x0, 0x400009, 0x3, 0x9b72, 0x2, 0x8000) (rerun: 32) r2 = io_uring_setup$auto(0x6, 0x0) (async) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/vivid.0/video4linux/vbi31/name\x00', 0x410000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000001dc0)=""/195, 0xc3) (async, rerun: 64) getpriority$auto(0x2, 0x0) (async, rerun: 64) poll$auto(&(0x7f0000000000)={0xffffffffffffffff, 0x8b8f, 0x3ff}, 0x7, 0x6) (async, rerun: 32) read$auto(0x3, 0x0, 0x80) (rerun: 32) close_range$auto(0x2, 0x8, 0x0) (async) openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/current_tracer\x00', 0x40482, 0x0) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0) (async, rerun: 32) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sg0\x00', 0x8000, 0x0) (rerun: 32) ioctl$auto(0x3, 0xc0481273, 0x38) (async) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000180), r2) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'erspan0\x00'}) 2.690309939s ago: executing program 4 (id=2569): mmap$auto(0x0, 0xb, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = open(&(0x7f0000000140)='./file0\x00', 0x40, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PRIVFLAGS_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r2, 0x301, 0x70bd2c, 0x25dfdbfc}, 0x14}}, 0x8000) r3 = fanotify_init$auto(0x5, 0x2) sysfs$auto(0x2, 0x4, 0x4) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/net\x00') unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0001, 0x15) getrandom$auto(0x0, 0x6000000, 0x3) setns(r4, 0x0) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/interrupts\x00', 0x10b402, 0x0) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000200), r3) sendmsg$auto_NL80211_CMD_START_NAN(r0, &(0x7f0000001540)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000001500)={&(0x7f0000000240)={0x1298, r6, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@NL80211_ATTR_STA_FLAGS={0x14e, 0x11, 0x0, 0x1, [@nested={0xc0, 0x7b, 0x0, 0x1, [@nested={0x4, 0x4d}, @typed={0xab, 0xd2, 0x0, 0x0, @str='/proc/NesH\x1fk\xdd\x00\x00\x00\x00\x88\x00\x00\x00\x00\x00:\x19\xf4\xe2\xb7:\x81\xf8\xedl\x9d\x9a\'\xf8D,\xc0x\x1d\xf5JE\xcd7\xc3^\xbc2\xc7\xbf\xe5\x7f\xb93 \xcd${!\x9a`\x96\x86\x96D|\xf0H\x8c\x05:\xae\xa6\x88x\t\x18\x8b\xec\xd7\xe80x0}) open_tree$auto(r0, &(0x7f00000000c0)='./file0/file0\x00', 0x8) sendmsg$auto_NL80211_CMD_SET_WIPHY(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={0xe0, r1, 0x800, 0x70bd26, 0x25dfdbfe, {0x2, 0x0, 0xfd}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r3}, @NL80211_ATTR_CNTDWN_OFFS_PRESP={0xc4, 0xbb, "52be7f8c06c5ca8d37c59dd9573e81fcdeea8250fd7f849a16fb79d8bf8003b4ee6e144e338065ac7951f8ce52823ca9837009aed6c6e2acfffd7610fd2df27eb76dbc73a621c4145e0494ba5e63d6e1207a678d097f6d657cc011a2cc78674c76db8a7ff08727e3c17b2bbaf202e53aa9d94ede1a864712df10ffaa8c1fe5e5dbfb77c56944f5b1e43919e38bf88129a0ffa1d5bbd4e683933bada609b66f4ae23449ad3a62b2c63878fd641e42b78e5d0e50cd2acbb455710f6f82e019e7ce"}]}, 0xe0}, 0x1, 0x0, 0x0, 0x4004081}, 0x20000084) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000040)={&(0x7f0000000180)={0x120, r1, 0x472ca17eb5f758b, 0x70bd25, 0x25dfdbfd, {}, [@NL80211_ATTR_MLO_TTLM_DLINK={0xdd, 0x148, "ce578ea9f21243c1fdad1bbe3ca1118dd959c55c0208ba92d2ddcf7b02ac859b730e78072496858e96b7b5b25118dfdd1c6d26597f8500e00423967007e4c4268d3bcafa09acad901bb326fa0027ca68ba0b2e6a156c342587eeb375f44ad8b43bd0be2be49d24ccae5c94719b0f4891bf3c00abd7d610996cc24b4f7ee56ce79bcba0733247d56c767f9c0a8d4c405df48b19f131b8988c8eebae3754cdc369ac7e662ee6a6fe3676bd94db22d6d232ff84ab51e94f83c35c086e7c29c5d3d358d6abc5df79da6ac63d998bd243a82102329a478d5d0b7c61"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "cc300a4d00e5b137c5655c663ba1654684f4a2af9f9e0995"}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x5}, @NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x3}]}, 0x120}, 0x1, 0x0, 0x0, 0x20004000}, 0x28000880) open(&(0x7f0000000140)='./file0\x00', 0x40, 0x0) fanotify_init$auto(0x5, 0x2) sysfs$auto(0x2, 0x4, 0x4) mincore$auto(0x1000, 0x8001, 0x0) r4 = io_uring_setup$auto(0x2, 0x0) io_uring_enter$auto(r4, 0x1, 0xcd00, 0x7, 0x0, 0xffffffffffffffff) 2.313040648s ago: executing program 3 (id=2571): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) madvise$auto(0x0, 0x8000000000000000, 0x15) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_SMC_PNETID_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="730bd139", @ANYRES16=r1, @ANYRES64=r0], 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x40814) openat$auto_vrr_range_fops_(0xffffffffffffff9c, &(0x7f0000000f80)='/sys/kernel/debug/dri/vkms/Writeback-1/vrr_range\x00', 0xa8441, 0x0) syz_genetlink_get_family_id$auto_hsr(0x0, 0xffffffffffffffff) r2 = openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) bpf$auto(0x303d, &(0x7f0000000380)=@token_create={0xb25, r2}, 0x4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioperm$auto(0x7, 0x6, 0x2) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) ustat$auto(0x2, 0x0) mmap$auto(0x0, 0x401, 0xdf, 0x9b72, 0x2, 0x8000) mincore$auto(0x0, 0x1, 0x0) write$auto_tracing_mark_raw_fops_trace(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000080), 0xffffffffffffffff) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x80011, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/lockd/nlm_end_grace\x00', 0x68280, 0x0) read$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f0000000280)=""/65, 0x41) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x9c200, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r4, 0x4c08, 0x0) 2.31181626s ago: executing program 5 (id=2572): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000000), r0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) clock_getres$auto(0xfffffffffffffffc, 0x0) 2.104537374s ago: executing program 4 (id=2573): socket(0x11, 0x80003, 0x8) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) ioctl$auto(0xffffffffffffffff, 0x80044940, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffff004, 0x2) socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, 0x0, 0xf) preadv$auto(0x40000000000003, 0x0, 0x6, 0x8, 0x5) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x8800, 0x0) r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fb\x00', 0xd00, 0x0) read$auto_proc_iter_file_ops_compat_inode(r0, &(0x7f0000000180)=""/249, 0xf9) close_range$auto(0x0, 0xfffffffffffff000, 0x2) 1.835808715s ago: executing program 0 (id=2574): set_mempolicy$auto(0x4005, &(0x7f0000000000)=0x1, 0x4) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x200, 0x1001, 0x0, 0xf, 0xffffffffffffffff, 0x1400000, 0x5}, 0x6f4) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) mmap$auto(0x0, 0xb, 0x6, 0xeb1, 0x3ff, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(0x3, 0x10000000084, 0x23, 0x0, 0x8) setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0xc) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x9, 0x0, 0x100, 0xee01, 0x0, 0x0, 0xffffffffffffff91, 0xfd3, 0x2, 0x8000, 0x4, 0x81, 0x8, 0x2, 0xfffffffffffffff8}) r1 = socket(0x10, 0x2, 0x0) umount2$auto(&(0x7f0000000100)='\x00', 0x9) io_uring_register$auto(r1, 0x0, &(0x7f0000000300)="5a09ef5ac97b1695ae78aea36f472d8e79f997572716a311a03b0141c0986d2810ae2b87a8a30d77d588c59f83c71e45ed6aa0ff5c1e7d0fab9ef7664a1b6d3a1d96ddc4ae8a6a3d1c6a5ec1317e411edc4a2a70dfa5722afa66a1c33cce8b45c2a3e4e0e2cee3850f7615fc0207b9ed0b74a549573eacc81c79ec1a38f1759d433a95ad3c2f0c2d6295b4b9114105591cca8b9ea9e454ee50f56f7c137ebf0b729c3e27469c7cb4799eb5efc8a733bca5fdea1d2c80c069932bcfaf43c27bc1c82d5601d6857018041d10771dfed15f81546a0535d030523a30f0d240db033aaac132e29e1d265375b3acb97265061e030c3c6cefff46", 0xfffffff3) sendmmsg$auto(r1, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000240), r1) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000440)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000400)={&(0x7f0000000280)={0x1c, r2, 0x10, 0x70bd28, 0x25dfdbff, {}, [@L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0xdc}]}, 0x1c}}, 0x5) 1.357223134s ago: executing program 4 (id=2575): mmap$auto(0xfffffffffffffffe, 0x400005, 0xfffffffffffffffe, 0x9b7e, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) (async) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) (async) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46) (async) io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) socket(0x1e, 0x4, 0x0) (async) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) (async) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) (async) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) write$auto(0x3, 0x0, 0xfdef) (async) write$auto(0x3, 0x0, 0xfdef) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x84) openat$auto_fops_init_pkru_pkeys(0xffffffffffffff9c, &(0x7f0000000000), 0x400a00, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) socket(0x2b, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6b) (async) bind$auto(0x3, 0x0, 0x6b) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000080)={0x0, 0xfff}, 0x4800000001, &(0x7f0000000040)={&(0x7f0000000000), 0x200000004}, 0x59, 0x0) 1.079029899s ago: executing program 5 (id=2576): openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/events/vmalloc/free_vmap_area_noflush/trigger\x00', 0x40, 0x0) io_uring_setup$auto(0x6, 0x0) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000080)='nfsd\x00', 0x3, 0x0) access$auto(&(0x7f0000000000)='}[,&*}\x00', 0x7) bind$auto(0xffffffffffffffff, &(0x7f0000000080)=@in={0x2, 0x4001, @loopback}, 0x6b) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) 1.0094332s ago: executing program 0 (id=2577): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x40, r1, 0x1b, 0x70bd26, 0x25dfdbfe, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x19, 0x0, 0x1, [@typed={0x8, 0x1, 0x0, 0x0, @fd=r0}]}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590822ad9"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0x4800) r2 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xde, 0x9b72, 0x41b8e9c, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto(0x3, 0x0, 0xfffffdef) ioctl$auto(0x3, 0x5605, 0xb551) r3 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000002500), 0xffffffffffffffff) r4 = fcntl$getown(r2, 0x9) lstat$auto(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x8000, 0x4, 0x4, 0x8b0, 0xffffffffffffffff, 0x0, 0x0, 0x5, 0x9, 0xff, 0x100020000000000, 0x6, 0x6, 0x9, 0xc8c7, 0x80000000, 0x2}) sendmsg$auto_OVS_FLOW_CMD_SET(r2, &(0x7f00000025c0)={0x0, 0x0, &(0x7f0000002580)={&(0x7f0000000640)={0x154c, r3, 0x1, 0x70bd28, 0x25dfdbff, {}, [@OVS_FLOW_ATTR_CLEAR={0x4}, @OVS_FLOW_ATTR_ACTIONS={0x1533, 0x2, 0x0, 0x1, [@nested={0xcb, 0xf3, 0x0, 0x1, [@generic="73ce01d9d138054a7080ed3154c36495cec4169e849574399deb676dd6d9920718e7b22f2644dae31a1f2f151fadf399f9db55df2267faf5c9ca38859fb0c2ee5b331fc7acdd7547eae3b006217ee33269361452c344c3c70b61f8142823645bb84e8b674847ada2b4f2a4cc09291a8052677309ffde64ff63561629a577baf24cb707e286300f654e3f71331bf1603dd309724010e95e94972050ff91469db5c17d6c2671283fd0a61d7f", @nested={0x4, 0xc1}, @typed={0x8, 0xc2, 0x0, 0x0, @pid=r4}, @typed={0x4, 0x136}, @nested={0x4, 0x40}, @typed={0x8, 0x75, 0x0, 0x0, @fd=r2}]}, @typed={0x8, 0xc8, 0x0, 0x0, @ipv4=@private=0xa010102}, @typed={0x8, 0xc1, 0x0, 0x0, @uid=r5}, @nested={0x12ff, 0x10e, 0x0, 0x1, [@generic="16c9ad6ff38724fe1b1569fdd9da87c2db0b43cf24f70fbf91ac1f81fe6fabb1387640791795411f7e294d64df445068c0ad8ac5f7a32f9d0fcb6faafb8c3c5ea5cd8a381c0d95564fc9b6b6556d08f6ff991e3257e26d85f59c730d874cd6c94ea00e5dcfc89a94f5f91c3c30e4942b7d88d8e2d16ef9db0a9b", @generic="545ab7fea61372cd8b7c2391fe74b19fa936497e0a32090d9b16250aca4659e87c831cbb0f144a0935bdbf4a6685baf301f7ecbb6ae6e65ca49dfb71e304d1e8ec75b718d18e518fc5508c5fd1", @nested={0x4, 0x11f}, @typed={0x14, 0x86, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @remote}}, @generic="e327a78792c8d06ba0577c6da1dc45ac47b5704fd7d034f00b5a147e74f205acde574dc86cd29c7ec3a338bdc0aa9eccd857590cfa4e6eb8818ab908a815e0108f51ea3483fd747d3a0784788d5647a18ea91d2ed0b8b1075b2d7aea48fca638e6effc63ff465e84328a9c7223bffcc783a9020c74eb7c2fa983809653a0a0e7fdb1e091bf16d937ffa3f5", @typed={0xc, 0x13e, 0x0, 0x0, @u64=0x7}, @generic="5a13419fa4026bb527ea73b8aae4c1aba42257940666b26eef803474ca06355ddf8311b825639dfbefe4cf2299b1d4b276a8801253709e323eb97da5745681d176d8fbcdf94f4221b7f7d74a198cce614751f792d949086724e90b4cddd91116532db00c56c53930e2cd303de2fc7fe1989a229d5fdc42d9fcb6e35c216c30c1ed42cf0415d44648a020626bd89d06882108fd6c204f3cd45ea58ec01c131353f73a2c2a75baaae31078ecc234677bb4709472e952cd14815929935bbc41f3e7600bf5f9f5cebe3c7ce92801b97257d146e6648cd306f0dd160f0cf32512c0703fd466c55d838acf4ff6bfffcd", @nested={0x1098, 0xbb, 0x0, 0x1, [@generic="20ec5708ebd012fb11687fb18c46aed3d8cd201bc00752d45fe60a166fd2690856efc33e37caa53b362277c94d8e502acbacb234", @nested={0xc, 0x122, 0x0, 0x1, [@typed={0x8, 0xc3, 0x0, 0x0, @ipv4=@remote}]}, @typed={0x8, 0xcb, 0x0, 0x0, @uid=r5}, @typed={0x8, 0x101, 0x0, 0x0, @uid=r5}, @generic, @nested={0x1034, 0x34, 0x0, 0x1, [@nested={0x4, 0x2d}, @nested={0x4, 0xf8}, @nested={0x4, 0x148}, @typed={0x8, 0xcb, 0x0, 0x0, @fd=r2}, @typed={0xc, 0x2a, 0x0, 0x0, @u64=0x9}, @nested={0x4, 0x80}, @typed={0x8, 0x3f, 0x0, 0x0, @uid=r5}, @nested={0x4, 0x89}, @generic="3a9fb253ceb864dd34afff46d5f559cfca738bfcf38338e1a16cfb76c929b329374a024ac130ffd9b261341ea1599cff69c9afedb85d86d36b0dada8fa30abb7eb86c9b30846ee0efc2793d69746a13202959ed8ecf8e00814e3a34090b142700a3d4403c17c35a8ad46f9a232e9f69e8b910a52d1e5732fb5ae8751cd61529b7beb9c55dc66e4fe30e473c627ba39a6b984730341c82f55d6c01deddb3e2cf5a56c12ca9ea57c693596e5484ff91e44229412ceb4eae2a8f619572602dc63f24a85027a3fed5987324ae2060f0f6f69b929d8b0fc2a9168cf93a4a664c5584fe73cf83a9958c60ce95a5e1258a742264434115e9967b35de9c51b069044a8ab40926a10d877b7b0adbff7cf3b557797992c0e846d709f806d0b7fb978ab8ec76299abc7b809fe65fc6c9de323db9d0058ca5cea5dcd41201349e2394d409a8b2f8dcba5267526c69c6a4292877ee8cb18582665038b01add721de1526723ecd6714964095868192c45eadad182988b844be98d738e2688db099160c9e4451764f18d7b925aab2944b75b5d9252c475db1eabd055d3355a83d67ae18025edcb16f0613c32e0c75e18961555796ba6e0b5d5769c3146e29df93acbc7c94834009c004f803bfce67aae670f4f3bdc4bcdbcb26cd96af123a6b90ea65f082975e74047f622995992a2edf867906c1073a21d9fa65d694cdff9765db6f0614de25f0324bcf38ec5cb439ffdc92ecf79990fd2891f1306a186226599e0c14bc9418b815258b06f5eede320fb735cb6ac9c1996f5bb174f6a110dcde80df3e8f8d2f4752510d3664d1503691aabc74bdb9f928255ad22ba6a8499510575cbd3c0f34236acaacf41d6768355dd767b30b80410941f3108ac3cd6723fec0d476d6cc53bf0347085a0837bb1aeee4b8b8663a43bb3ffe069017ac7e1ea1f91db009d0e432e37b9ec64b4c4152cfd03e465fa490df470ddfffbb0e1589c52ca2e508d82b7848a15a2a3f4a16d7268c4eef668b21cc9acb56cae832fe1d586ec1c1540f5f37c7677baafc94106a4f03b18dabbb3e18f97782a3f2c5ee01eefc735444edfde08debc4037c1136342d4b23be003322488444198323cf05aa53570295c95b8bdb832b0c311dc4a095703ca51c232bfdd2e2edd587308656aec5b35d9a90c219a9d668964bccbcaefa363c9337e6d2b4747c63b0a79d182f3afbadb04cb9666539ba8f6aaaa25e58f75508279812b4a6ce4f794f1a65bce8d641dd90df5e9a47a3a3ecbbc993c132648f9ca4f75173cdac8a5f3166284957cf63d01e05f800c673490ba32c063e731a89e48ba42ef29bfc8b09e0a1524df91973ade665b89d71f8f3dd4d75863da1dae773d9ba0e90917037e179920da8d7c6703d99ed33b80170e472857c759bc74a920d47e6ee9b6c1122846dd9dd523d4ed2fe1bb3ec876cae1f0c3bb1b067a7776343540a0fb3f95b37f6afd971a6f1cae0eac7b741403ce34c7d47d8518b79ec1a474ac0598537560150c1bc43582f3080d62c27b481a0015144176b215ab436343fb91fa2cbe4f2a33b3e2a18cb5413d5a543a8160bc2e6bf4b9c9c0351512f178e99a8e64a648ecbacc0d5c30584b296611ce42c2b6dbbf3da7f440843eff88d77a8faa92033b7ff5460b16ba49d10e56fda338581bb1ffd979596377980e9792045dbbff228ebce1c364ad450d38472e5a2c8b3631506c738fefe09ba8257f0da61f1e5f9a7b2ec04681142ee61a09abce9b087625094b7403c81c9c8c2c5ab28f5ff277774416fea039d29f3b96843b0be51b7d2cd508dc14bb9251ea50c1f10447a587c67b3bcff0cf7bfc5f06ca305295ce23b2c42fc9221ef23887d17572fd92e42620dd7afa348300b50a8d15adc099ecfb9bdfebe7dfbbd5054c27f333264d7e3f29a9a79d4e809300f5ca333a894fe0da0ab71dd683fbb3c4f00815ff96443db3954472bd9cec06c09fca5861a2362037125e7b9d7ddde99639bf4ee3b7e3f1029fd4fa9c962afcb5ff2b4abeb1239bdc3c90a1f95a02d6e199ed44d79a7c00639f53783ad3f33ae67b37c96296dff42252ce37b39c6d8a82d47288c9a7eb47d5a31647f175263baf191c43580bac08b2d9d4a9fa7cefbd27452f03c3fb33b24540edaf4e9a664cb21972696c92eeeffedeabe4c121609db9c0e424dcf54ec4352cf595a6d629d061f3718ba0576fd18c9755b9109749234609fd8df7dc038ed74ab632376252e97fa4fee54f01c0de744d3f1493520bdcbd29a3bdfa2c2f7393ccbe0832b57d8108ea2957d4ee6505f4fa0b9a6b4859970d887bfe787b2a4b206fbe3688d41b1612d19e16c27b0a584181da0c573b2204be5f517ecd0da7ce83ac826387a932136c9931ccb1b6332c0b12b4f94c034830a809526f4650bb404a1b56d455ec0b9f9c22d747a9021bdcbc820b5831f4a42850096cb0a30d15349a6b3f7903b0e8ade2cdfdd8aa87eaadfea16253eff5c5ba7a9e91e3bdd7a64e1bfe49c9f005939a07085375f167238bce0730b728a7fdedd4b0a1147dca5eee028d9b9da825ceb59af208128ef97085059599691586b6c58897727f31cf65bf7c07c625ffa1bb68196013a94c92d479a3d0963a460f7eff759c0fb174aef44845b8542dc4dd249b1853bdeeb9df37aca078c58a1cee57df7b59bc1a6c2c93ecdc6035cb8b3ab455e61452bc510e395dfde48f8758a7c6439df4470114655f20891efcc440da3bd70f4b74ff3f66eaa36a63986a43338e475f848c64e2ff246245a4ba4247dc965936623c8cf88641855af1393d58519fc09f9448c6dded3fdf720104c8e51dfb64b81a51ce62e93d5c56e8e6ccf6e19a8ed7920ce1908e78fd4dd3ac0eea0ae27ba995e950a4d163727abc90331402dc7533f45d2b007d67972b218f6b9b1bd2e4591c8a13ab4dbe8130c0c54f2a15b0418a0d8ac1ba6a3146382bdd9aee3bb265de94daca8addc8288940b1b0a2df5ed2bd4863d794805519ba818fd4d4bc4c2108f8057c44638ef326f1ad255f356aee6bfc888ad408a37cd9960e6c5036beb9c2ece56c61cbfe207422195662c46e0a6fe3925a88648d10a8b416c6e9ab9135f89ce99612e533c36dc83390264cb6f900b2f97f1b6eda7e60186bcb2fb0c4873188ec515357f5196c514f258a9163a3d1b260a4f822c161e50927b2017367b2922dbb0b31e84581614c1d5bf40712b9c419992ecc1ab7c0f8d95c7e663904f718195ebe97d3ba840ff2dce812224b9a850c053fb15011ad9dc180f62f2f9278980b3bf63d2c4a24292679b1603f4432fdb5dd2d10c08258ec6049d90002b3931f87e62559a5183ff79a8fbd80a3f63d04708888a2211bd416d31aa1b6367965eb00be653ec80c1310fb48a88cc29a20e1ba0c7346a3518170c29f454b1dfb05d0740f0774549db912630f23f3170c3751456c172bd78b7a384a5818f81e2c776a739ceeed6cde20e13efe5cc6589b06d1f84e5e35072d898bc1e6086d4ae7cf4cbe91a35e530b7ae7259278a977803fe0ed93488df734c189a21cca504ef759b8246eb1b33180cf4664908059c7b705a6e93ecf609118de906e005e263fee22054908c885a6be122491439fb1f480548b948e41bdbc45f028ca3514c4b88b71fcb198fdb602e57caec70ee947bee0221cd0d219e37d0bbc252def6ecf6ba40c5d5f7430165e1cd931d33d30ba9a818b352c6986b3c2925613939969c8632f9fc2fdd13d5a05a39680a7163ea492abad5a483bced2a65f27449066d3c46fb6f34d6bcdb7c1052492524601b95b0b6f75036b45c971b5aac5e4effded6fa57cdacc2c1ff6f4e3f014cae9fafaf856f0e9bfde4b217f327698b27113c3091289a40ee77492c1b40a548b28e7354dd83943cbc54975bc01dfd500f591f2bf6831532cc64a05048c27b8f393088f8ece49573d5a7ef726305229736d2b7a3bfb0dbf92907f41b4a4648696d3fe36aadd28fee4fec8242760251e2a905c7340768bb1dd67f5d199a2d5b25177efcfb6285c5d246d6691208774ca85d679005caf71825fc7ec140228fe6d083279d375e2257815e68e404ace1f15b28e51a379cf91a99493db015a6e46a258e08bab9c03fda4abc82d829d7bb3316811ad355e471b43b8963e78fb2cca785dce41c7131892a4b91a98ee88435e11029c1f01cc0eae7efcf9909f6e89f5925064ad8e8155e2815b54b4b22810b806e7d59bb13161bcebfa7e4389f97b559793fb199095a3437b5e1b5abb4623458b171a7e325338de19b7dadccdca49cae24810198519bb9f92a898ed65dc8ff65ff34bac00adbb35b3daca496c540461435861c9f1d2d701dfb7d0feb458d23df0487cdc6b7192ac65bd76a2267732db1c43cd18f5fac0b66c9f70a073d8de645f547e32400ead721481932f19d2a156bb2f1656d2d803a5287b9e975ca51af79ecb1890a01364042ab12eaf03f708d033a7061e0397fa141d3e12d588cd906e7f6c8df540641785fa5634c5e39572f861f866fae4f44e6928248ab011e606e8ff963d2d1132c724eff43d5abf3c952c8ff43fdcd9ac5d99e3ab66704451f0e01925f9ce75e1a0e5a57f2c821ec7cba748be0e044053dd1f1724264d262048a29a37fadeedf04ca680e72bd32bb06ab5a7c128d3c93dc2ade174fd945e83650fafc235fd793a86966bceb88fd249dc94b149ee46a4679ea4f58225fbb8aeda9d13b46c34d3046c7b00b72c73b0785336b9193fb21a43bad6783af6fc5e284707ec01d5cfc86e3c23d332e975b500008757f26cfdc10e5804bf6f009a455a24cada285a9092cdd5c347b8fad04bf109918e72c94f4b8d3c52e9298942d6741c170ad3f3896e8a13abf18533f47f3b9352bfe74c4dbb68b074ba67ccc5e67b0a3d7e387177479475d0c8f0009eb24ae463e1321010a2f3583f3ad6727d957d4baaef1e55d346993df72e777677dab298a33909a1a55a79ef45917d9cbf1f9a8b0d0f5a5b3362876f10c7ad62af4842fac0f05889c1f1f692f15f9b800a5b6f1e8bb833d02a9fc7ec41aadb058d02e878f760047fb48ecf1d07e1b0737aa7e301e38c96d5af7806248a9f73d5afe533f472311ede0cca8647e7c92c11e7b9d3cdde4dd38762054311c49e4317b4b697e339400c2b6ad983fdcecc6c104f5244f6507aa39e6d9b8c440bdf79b87cfe49bb68134bf24c7369cfa57b28a7af392e2ef9ea0b4f34c0de29a2006fcbafba095f286ad7ecf9742f30704b6225b7dd4d9ff2a72e299c5c58dac5065d86e69887c1c56c949f544f5b499e5c57876d33cd42733ef9d2b024070772f069858664ae4d8f51e53c596b30bd5b35415d0f357b21180fc6fee209720fe9abc63380448282ed0576454037b0f08745425d84854f3bfa673d859af4c91b82f58ce63f36e09b9e8ff810b9d6ed51cfed115b59ef03c8922d59d2e5a63fb4b2871e329232738a5a918a9b15f355153baec5c0fbd03dd69eaa2bfdbbfd072cc8cee4ff3d98248965af66a750afc7f0f3499be766482b97930b85f99495602a698d74fbf2992ed9b79a68ea42d53a21499df565611bd8e6cf1c8f70c550efd4d06c979c68279c54e81319bd69787bb491dd075c29c801114b3a40a7a557b04303b324d7eab7ddd4f7e5142bea9aa45d9a3406e7cc30cd529bedb7252212251e81474737d35e4d6ed0f5f8492e3d6069e0ac79ac6c0a80c55853557e9ae38eecaed06935cc4ac8cde0ff5c14aa5ac9f6ba41789c29fb4eb0011586fd8cd4ad81b98745e10fcf69a32d3c775e289"]}, @typed={0x8, 0x79, 0x0, 0x0, @u32=0x300}, @typed={0x6, 0xd7, 0x0, 0x0, @str='{\''}]}]}, @nested={0x18, 0x53, 0x0, 0x1, [@typed={0x14, 0x31, 0x0, 0x0, @ipv6=@remote}]}, @typed={0x8, 0x140, 0x0, 0x0, @ipv4=@rand_addr=0x64010100}, @generic="d34856ebf2e17b4617b93f2cff20dc9060d32e95669ccab8c5092c33d146a0ed0149fe6072aeb3fa9eed92e7f2ded658057bb24436dde6b80d63549fcda166fbe01dd48b5da7b53c68316fb5fb779991da5fdc51c4caead729e2cf2c0c52aa6a44a68e716df4831538e649d7f2c5bbd99b73c37a95d2af2be3d26a0e0cacbd1e6a7ed83e08784ab8d623a536f5dc115330a388b774c721368fc58c563a511cbea5e707c719c355e6a993b433350c71e8fe308429df27ff4747db3915c2f28110f6e85a249d3221e76100145b3a79a8fed0315040818f9722e27ce58ee40696bcf089bf66568e39e966d0aa6f1db1243f8603d1e594", @generic="d951ad144adacd0fe3f16ed21aa2e61b8fd7cfb932d6996d92ce373bbb157b2d1bca30e7ac11734c2e9212e8130b", @typed={0x8, 0xc3, 0x0, 0x0, @ipv4=@multicast2}, @nested={0x8, 0x71, 0x0, 0x1, [@nested={0x4, 0x46}]}]}]}, 0x154c}, 0x1, 0x0, 0x0, 0x4}, 0x20) 859.41309ms ago: executing program 5 (id=2578): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) prctl$auto(0x23, 0x9, 0x2008, 0x0, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.7/usb8/ep_00/interval\x00', 0x80000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001680)=""/59, 0x3b) prctl$auto(0x26, 0x1, 0x0, 0x0, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x20) chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) 235.847075ms ago: executing program 4 (id=2579): mmap$auto(0x1, 0x9, 0x72, 0x8b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x7, 0x4, 0x1, 0x7) pwrite64$auto(0xc8, &(0x7f0000000100)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\x89\v\xea\x1b\x95\xafQ\xbf\x19L\"\x01@\x00\x00\x00\x80\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\x8a\x15g\xe4\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xa0\x83/\xc0\xd8\x05f\xcf\x9e\xe5\xd7$7\t\"E\xc4\xe9W\xfa\x19\a\xfb\xba\xb2.$\'\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\t\xff\xff\x00\x00\x00K\xed%\x1f\x1f\xf4\xb8\xcd{\xd1\xf6\xe0\x8c\xdb\t\x0f3\xfa\x9e\x98\xacH|R\x16Ue\xcd\x15\xb3(\xae\xda\x19v\r\fKr\xf5\x1d\xf4\xc4\b\x99\xa6\x8a\xdb\x17\x89\x92E\x7f\xfbm\f\xc7\xa2x>\x06}:\xba\x00'/300, 0xfdf3, 0x6) mknod$auto(&(0x7f0000000040)=':,\x00', 0xc9, 0xcb) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) r0 = openat$auto_usbfs_devices_fops_usb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000, 0x0) write$auto(r0, &(0x7f00000000c0)='}#\\\'\\}-.\x00', 0x200) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) setuid$auto(0xe) 179.828411ms ago: executing program 3 (id=2580): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003040), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f0000003080)={0x30, r1, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8, 0x9, 0x1}, @ETHTOOL_A_CHANNELS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x6}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000004}, 0x20008800) mmap$auto(0x0, 0x2020009, 0x20003, 0xeb1, 0xfffffffffffffffa, 0x8000) semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0) ioctl$auto(0xc8, 0x401054d5, 0xe) 53.080046ms ago: executing program 5 (id=2581): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop12/queue/write_cache\x00', 0x0, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) acct$auto(&(0x7f0000000000)='/sys/devices/platform/i8042/serio1/resync_time\x00') ioprio_set$auto(0x1, 0x1, 0x80) mmap$auto(0x0, 0x20009, 0xf, 0xeb1, 0x401, 0x8000) acct$auto(&(0x7f0000000040)='$/\x00') close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x106) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x15) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x8, 0x8000000000000001, 0x800000000000eb1, 0xfffffffffffffffa, 0x2) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) ioctl$auto(r1, 0x5459, 0x6) sysfs$auto(0x2, 0x4, 0x4) mincore$auto(0x1000, 0x8001, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2b, 0x1, 0x1) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000180)='/proc/kpageflags\x00', 0x4802, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) r2 = io_uring_setup$auto(0xa, 0x0) io_uring_enter$auto(r0, 0x90, 0xcd00, 0x7, 0x0, 0xffffffffffffffff) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000080), r0) mincore$auto(0xffff, 0x7, &(0x7f0000000140)='/sys/devices/virtual/block/loop12/queue/write_cache\x00') openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x484000, 0x0) mmap$auto(0x1, 0x3, 0x3, 0x3fe, 0x3, 0xffffffffffffffff) read$auto_v4l2_fops_v4l2_dev(r2, &(0x7f00000000c0)=""/113, 0x71) 0s ago: executing program 4 (id=2582): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') r1 = socket(0x2b, 0x1, 0x1) epoll_ctl$auto(r0, 0x200, r1, &(0x7f0000000040)={0x2278, 0x6}) r2 = io_uring_setup$auto(0x6, 0x0) r3 = socket(0x10, 0x2, 0x0) r4 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000280), r3) r5 = openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000001b40)='/sys/kernel/debug/tracing/events/vmalloc/enable\x00', 0x20001, 0x0) r6 = setfsuid$auto(0xee00) fchown$auto(r5, r6, 0x0) sendmsg$auto_IPVS_CMD_GET_INFO(r2, &(0x7f0000000580)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000300)={0x204, r4, 0x4, 0x70bd26, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5595}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}, @IPVS_CMD_ATTR_DAEMON={0x20, 0x3, 0x0, 0x1, [@nested={0x14, 0x14a, 0x0, 0x1, [@typed={0x8, 0xfe, 0x0, 0x0, @u32=0x3}, @nested={0x4, 0x16}, @nested={0x4, 0x99}]}, @typed={0x8, 0x127, 0x0, 0x0, @uid=r6}]}, @IPVS_CMD_ATTR_SERVICE={0xb8, 0x1, 0x0, 0x1, [@nested={0xb3, 0x13b, 0x0, 0x1, [@generic="cd8ce3404252091e866d6e781c4c867830640f3c7bc35c35aa3449c6e5695fdbc0181e3b648df593ac51d67f960cf2785b376ea0c27f3646a708c0764be6482ac90e2a8cc779d9eb7eada87e7f220fa969fc8e4b800c35631d1ef429b370ba4a5ea039920664c167674d199faf598d2eef5fee6ef61416", @generic="f77872313175bce12011f9bab902ac4fb87911082753dfc150f69aa4cd2c9ef3c476be1d", @typed={0x11, 0xf7, 0x0, 0x0, @str='[)$@&*,(&*/$\x00'}]}]}, @IPVS_CMD_ATTR_DAEMON={0xf5, 0x3, 0x0, 0x1, [@generic="e484cb1ab7498c0a63e3743fd0d445af7589b8e53b7a05355d309d1c53f728e244f72d3c07f7f452eb027735cc624a84235df03f3bb5b5df5bf31e37d9264851d88ed6cf7938b93aedec1b129da70edc8f0232ccffd717da292b014c50326d3b771a5a0548dde2f10fa0b58a4198839d0baa72fa039a91b04d1083259bfe64e0e13a41c1be08fc7f97b72c2225987c5f21488c6dc4f2e92ba08f8431c89f154b9ed2991adc6404a177612e813d0ed0375cf0301fcab34014708932eba1c5b684d7dac52267", @typed={0x8, 0xa4, 0x0, 0x0, @u32=0x4}, @typed={0x14, 0x4, 0x0, 0x0, @ipv6=@loopback}, @typed={0xd, 0xbf, 0x0, 0x0, @str='/dev/dsp\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}]}, 0x204}, 0x1, 0x0, 0x0, 0x11}, 0x40) setfsuid$auto(r6) getsockopt$auto(0x4, 0x6, 0x11, 0xfffffffffffffffc, 0x0) kernel console output (not intermixed with test programs): 1a failed: -4 [ 182.207750][ T7119] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 182.353569][ T7119] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 183.516179][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout [ 183.749326][ T5848] Bluetooth: hci2: command 0x0c1a tx timeout [ 184.076758][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout [ 184.229314][ T5848] Bluetooth: hci0: command 0x0c1a tx timeout [ 185.589222][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout [ 185.829757][ T5848] Bluetooth: hci2: command 0x0c1a tx timeout [ 186.150652][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 186.309072][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 187.669394][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 187.910129][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout [ 188.229041][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 188.389298][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 194.304058][ T7106] Process accounting paused [ 194.777715][ T7292] netlink: 16 bytes leftover after parsing attributes in process `syz.0.326'. [ 195.092953][ T7297] sd 0:0:1:0: PR command failed: 1026 [ 195.098464][ T7297] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 195.139231][ T7297] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 195.270033][ T7300] netlink: 28 bytes leftover after parsing attributes in process `syz.3.329'. [ 195.599919][ T7304] netlink: 28 bytes leftover after parsing attributes in process `syz.2.330'. [ 195.741437][ T7304] veth1_macvtap: left promiscuous mode [ 195.987354][ T7312] netlink: 4 bytes leftover after parsing attributes in process `syz.1.333'. [ 197.781133][ T7335] netlink: 28 bytes leftover after parsing attributes in process `syz.3.339'. [ 197.991274][ T7335] hsr_slave_1 (unregistering): left promiscuous mode [ 198.943371][ T7350] netlink: 338 bytes leftover after parsing attributes in process `syz.3.344'. [ 198.975875][ T7350] batadv0: entered promiscuous mode [ 199.016222][ T7350] netlink: 326 bytes leftover after parsing attributes in process `syz.3.344'. [ 199.105867][ T7350] veth0_macvtap: left promiscuous mode [ 199.590794][ T7368] syz.1.351 (7368) used obsolete PPPIOCDETACH ioctl [ 202.154050][ T7447] futex_wake_op: syz.1.365 tries to shift op by 64; fix this program [ 203.494529][ T7469] netlink: 28 bytes leftover after parsing attributes in process `syz.3.369'. [ 205.804389][ T7514] Process accounting resumed [ 207.365585][ T7534] netlink: 28 bytes leftover after parsing attributes in process `syz.2.383'. [ 207.389439][ T7534] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 207.396956][ T7534] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 207.472569][ T7534] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 207.485849][ T7534] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 208.102101][ T7541] netlink: 334 bytes leftover after parsing attributes in process `syz.2.386'. [ 210.146742][ T7579] delete_channel: no stack [ 210.162768][ T7575] netlink: 28 bytes leftover after parsing attributes in process `syz.2.391'. [ 210.449946][ T7575] hsr_slave_1 (unregistering): left promiscuous mode [ 210.752960][ T7584] netlink: 334 bytes leftover after parsing attributes in process `syz.1.393'. [ 210.979813][ T7588] netlink: 146 bytes leftover after parsing attributes in process `syz.3.395'. [ 211.006037][ T7592] netlink: 2 bytes leftover after parsing attributes in process `syz.0.396'. [ 220.037887][ T7720] netlink: 'syz.3.421': attribute type 1 has an invalid length. [ 224.623503][ T7815] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(0.0.0), cmd(49) [ 225.958077][ T7844] netlink: 206 bytes leftover after parsing attributes in process `syz.0.448'. [ 227.442318][ T7871] netlink: 28 bytes leftover after parsing attributes in process `syz.1.457'. [ 227.848356][ T7880] netlink: 206 bytes leftover after parsing attributes in process `syz.1.459'. [ 230.591688][ T7925] netlink: 206 bytes leftover after parsing attributes in process `syz.0.471'. [ 232.506405][ T7949] netlink: 8 bytes leftover after parsing attributes in process `syz.2.476'. [ 232.679798][ T7966] netlink: 334 bytes leftover after parsing attributes in process `syz.0.482'. [ 232.883130][ T7971] netlink: 206 bytes leftover after parsing attributes in process `syz.3.483'. [ 234.639398][ T8009] netlink: 206 bytes leftover after parsing attributes in process `syz.3.495'. [ 234.910733][ T8013] FAULT_INJECTION: forcing a failure. [ 234.910733][ T8013] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 234.966341][ T8014] syz.1.497 (8014): attempted to duplicate a private mapping with mremap. This is not supported. [ 235.024143][ T8013] CPU: 0 UID: 0 PID: 8013 Comm: syz.0.496 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 235.034836][ T8013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 235.044970][ T8013] Call Trace: [ 235.048305][ T8013] [ 235.051283][ T8013] dump_stack_lvl+0x16c/0x1f0 [ 235.056053][ T8013] should_fail_ex+0x497/0x5b0 [ 235.060819][ T8013] _copy_from_user+0x2e/0xd0 [ 235.065489][ T8013] copy_msghdr_from_user+0x99/0x160 [ 235.070786][ T8013] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 235.076675][ T8013] ? __lock_acquire+0xcc5/0x3c40 [ 235.081696][ T8013] ___sys_sendmsg+0xff/0x1e0 [ 235.086377][ T8013] ? __pfx____sys_sendmsg+0x10/0x10 [ 235.091670][ T8013] ? trace_lock_acquire+0x14e/0x1f0 [ 235.096975][ T8013] __sys_sendmmsg+0x201/0x420 [ 235.101747][ T8013] ? __pfx___sys_sendmmsg+0x10/0x10 [ 235.107042][ T8013] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 235.113113][ T8013] ? fput+0x67/0x440 [ 235.117096][ T8013] ? ksys_write+0x1ba/0x250 [ 235.121676][ T8013] ? __pfx_ksys_write+0x10/0x10 [ 235.126611][ T8013] __x64_sys_sendmmsg+0x9c/0x100 [ 235.131640][ T8013] ? lockdep_hardirqs_on+0x7c/0x110 [ 235.136915][ T8013] do_syscall_64+0xcd/0x250 [ 235.141501][ T8013] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.147475][ T8013] RIP: 0033:0x7f5cbcd85d29 [ 235.151967][ T8013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 235.171653][ T8013] RSP: 002b:00007f5cbabf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 235.180216][ T8013] RAX: ffffffffffffffda RBX: 00007f5cbcf75fa0 RCX: 00007f5cbcd85d29 [ 235.188247][ T8013] RDX: 0000000000000007 RSI: 0000000020000200 RDI: 0000000000000005 [ 235.196292][ T8013] RBP: 00007f5cbabf6090 R08: 0000000000000000 R09: 0000000000000000 [ 235.204324][ T8013] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 235.212440][ T8013] R13: 0000000000000000 R14: 00007f5cbcf75fa0 R15: 00007ffc1534cf18 [ 235.220501][ T8013] [ 235.501881][ T8019] netlink: 206 bytes leftover after parsing attributes in process `syz.3.499'. [ 235.761022][ T8022] netlink: 350 bytes leftover after parsing attributes in process `syz.1.500'. [ 237.471047][ T8058] FAULT_INJECTION: forcing a failure. [ 237.471047][ T8058] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 237.652441][ T8058] CPU: 1 UID: 0 PID: 8058 Comm: syz.2.510 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 237.663127][ T8058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 237.673218][ T8058] Call Trace: [ 237.676519][ T8058] [ 237.679475][ T8058] dump_stack_lvl+0x16c/0x1f0 [ 237.684206][ T8058] should_fail_ex+0x497/0x5b0 [ 237.688932][ T8058] _copy_from_user+0x2e/0xd0 [ 237.693572][ T8058] ____sys_sendmsg+0x56e/0xb40 [ 237.698377][ T8058] ? __pfx_____sys_sendmsg+0x10/0x10 [ 237.703700][ T8058] ? __lock_acquire+0xcc5/0x3c40 [ 237.708705][ T8058] ___sys_sendmsg+0x135/0x1e0 [ 237.713440][ T8058] ? __pfx____sys_sendmsg+0x10/0x10 [ 237.718704][ T8058] ? trace_lock_acquire+0x14e/0x1f0 [ 237.723971][ T8058] __sys_sendmmsg+0x201/0x420 [ 237.728702][ T8058] ? __pfx___sys_sendmmsg+0x10/0x10 [ 237.733962][ T8058] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 237.740001][ T8058] ? fput+0x67/0x440 [ 237.743949][ T8058] ? ksys_write+0x1ba/0x250 [ 237.748578][ T8058] ? __pfx_ksys_write+0x10/0x10 [ 237.753474][ T8058] __x64_sys_sendmmsg+0x9c/0x100 [ 237.758458][ T8058] ? lockdep_hardirqs_on+0x7c/0x110 [ 237.763728][ T8058] do_syscall_64+0xcd/0x250 [ 237.768275][ T8058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.774233][ T8058] RIP: 0033:0x7f2da9385d29 [ 237.778676][ T8058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 237.798317][ T8058] RSP: 002b:00007f2daa0cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 237.806769][ T8058] RAX: ffffffffffffffda RBX: 00007f2da9575fa0 RCX: 00007f2da9385d29 [ 237.814772][ T8058] RDX: 0000000000000007 RSI: 0000000020000200 RDI: 0000000000000005 [ 237.822770][ T8058] RBP: 00007f2daa0cf090 R08: 0000000000000000 R09: 0000000000000000 [ 237.830792][ T8058] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 237.838793][ T8058] R13: 0000000000000000 R14: 00007f2da9575fa0 R15: 00007ffc0c8b36d8 [ 237.846814][ T8058] [ 240.178032][ T8110] netlink: 8 bytes leftover after parsing attributes in process `syz.0.524'. [ 240.589155][ T8113] netlink: 206 bytes leftover after parsing attributes in process `syz.3.525'. [ 241.237618][ T8118] netlink: 206 bytes leftover after parsing attributes in process `syz.2.523'. [ 246.320846][ T8177] netlink: 8 bytes leftover after parsing attributes in process `syz.1.534'. [ 246.414412][ T8179] netlink: 206 bytes leftover after parsing attributes in process `syz.0.538'. [ 246.990838][ T8188] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 251.392406][ T8228] FAULT_INJECTION: forcing a failure. [ 251.392406][ T8228] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 251.519699][ T8228] CPU: 0 UID: 0 PID: 8228 Comm: syz.3.550 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 251.530401][ T8228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 251.540513][ T8228] Call Trace: [ 251.543841][ T8228] [ 251.546854][ T8228] dump_stack_lvl+0x16c/0x1f0 [ 251.551603][ T8228] should_fail_ex+0x497/0x5b0 [ 251.556353][ T8228] _copy_from_iter+0x4a5/0x1400 [ 251.561301][ T8228] ? __pfx__copy_from_iter+0x10/0x10 [ 251.566670][ T8228] ? __virt_addr_valid+0x1a4/0x590 [ 251.571834][ T8228] ? __virt_addr_valid+0x5e/0x590 [ 251.576901][ T8228] ? __phys_addr_symbol+0x30/0x80 [ 251.581967][ T8228] ? __check_object_size+0x488/0x710 [ 251.587394][ T8228] netlink_sendmsg+0x813/0xd70 [ 251.592208][ T8228] ? __pfx_netlink_sendmsg+0x10/0x10 [ 251.597556][ T8228] ? __might_fault+0xe3/0x190 [ 251.602300][ T8228] ____sys_sendmsg+0x9ae/0xb40 [ 251.607107][ T8228] ? __pfx_____sys_sendmsg+0x10/0x10 [ 251.612455][ T8228] ? __lock_acquire+0xcc5/0x3c40 [ 251.617439][ T8228] ___sys_sendmsg+0x135/0x1e0 [ 251.622163][ T8228] ? __pfx____sys_sendmsg+0x10/0x10 [ 251.627505][ T8228] ? trace_lock_acquire+0x14e/0x1f0 [ 251.632784][ T8228] __sys_sendmmsg+0x201/0x420 [ 251.637517][ T8228] ? __pfx___sys_sendmmsg+0x10/0x10 [ 251.642808][ T8228] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 251.648842][ T8228] ? fput+0x67/0x440 [ 251.652797][ T8228] ? ksys_write+0x1ba/0x250 [ 251.657342][ T8228] ? __pfx_ksys_write+0x10/0x10 [ 251.662240][ T8228] __x64_sys_sendmmsg+0x9c/0x100 [ 251.667228][ T8228] ? lockdep_hardirqs_on+0x7c/0x110 [ 251.672474][ T8228] do_syscall_64+0xcd/0x250 [ 251.677032][ T8228] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.682970][ T8228] RIP: 0033:0x7f6fdef85d29 [ 251.687591][ T8228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 251.707237][ T8228] RSP: 002b:00007f6fdcdf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 251.715710][ T8228] RAX: ffffffffffffffda RBX: 00007f6fdf175fa0 RCX: 00007f6fdef85d29 [ 251.723714][ T8228] RDX: 0000000000000007 RSI: 0000000020000200 RDI: 0000000000000005 [ 251.731722][ T8228] RBP: 00007f6fdcdf6090 R08: 0000000000000000 R09: 0000000000000000 [ 251.739729][ T8228] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 251.747736][ T8228] R13: 0000000000000000 R14: 00007f6fdf175fa0 R15: 00007ffeda0331d8 [ 251.755878][ T8228] [ 251.766490][ T8232] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 252.442385][ T8237] netlink: 28 bytes leftover after parsing attributes in process `syz.3.552'. [ 254.101461][ T8257] Invalid ELF header magic: != ELF [ 255.530003][ T8257] netlink: 28 bytes leftover after parsing attributes in process `syz.0.558'. [ 255.644712][ T8257] geneve1: entered allmulticast mode [ 257.550134][ T8270] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 257.973754][ T8285] netlink: 'syz.0.566': attribute type 19 has an invalid length. [ 258.000190][ T8285] netlink: 'syz.0.566': attribute type 27 has an invalid length. [ 258.030934][ T8285] netlink: 'syz.0.566': attribute type 28 has an invalid length. [ 258.038757][ T8285] netlink: 'syz.0.566': attribute type 29 has an invalid length. [ 258.089528][ T8285] netlink: 38 bytes leftover after parsing attributes in process `syz.0.566'. [ 258.338053][ T8295] netlink: 206 bytes leftover after parsing attributes in process `syz.1.562'. [ 259.719188][ T8315] Process accounting resumed [ 259.724195][ T8315] kernel write not supported for file task/583/attr/current (pid: 8315 comm: syz.0.572) [ 261.486798][ T8339] netlink: 816 bytes leftover after parsing attributes in process `syz.2.575'. [ 261.559386][ T8339] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 262.754632][ T8358] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(0.0.0), cmd(2) [ 263.242175][ T8362] netlink: 206 bytes leftover after parsing attributes in process `syz.1.584'. [ 265.664331][ T8383] FAULT_INJECTION: forcing a failure. [ 265.664331][ T8383] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 265.707418][ T8383] CPU: 0 UID: 0 PID: 8383 Comm: syz.0.590 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 265.718093][ T8383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 265.728204][ T8383] Call Trace: [ 265.731534][ T8383] [ 265.734510][ T8383] dump_stack_lvl+0x16c/0x1f0 [ 265.739257][ T8383] should_fail_ex+0x497/0x5b0 [ 265.744003][ T8383] _copy_from_iter+0x29b/0x1400 [ 265.748916][ T8383] ? trace_lock_acquire+0x14e/0x1f0 [ 265.754224][ T8383] ? __alloc_skb+0x200/0x380 [ 265.758903][ T8383] ? __pfx__copy_from_iter+0x10/0x10 [ 265.764269][ T8383] ? __virt_addr_valid+0x1a4/0x590 [ 265.769475][ T8383] ? __virt_addr_valid+0x5e/0x590 [ 265.774572][ T8383] ? __phys_addr_symbol+0x30/0x80 [ 265.779667][ T8383] ? __check_object_size+0x488/0x710 [ 265.785124][ T8383] netlink_sendmsg+0x813/0xd70 [ 265.789973][ T8383] ? __pfx_netlink_sendmsg+0x10/0x10 [ 265.795339][ T8383] ____sys_sendmsg+0x9ae/0xb40 [ 265.800171][ T8383] ? copy_msghdr_from_user+0x10b/0x160 [ 265.805704][ T8383] ? __pfx_____sys_sendmsg+0x10/0x10 [ 265.811053][ T8383] ? __lock_acquire+0xcc5/0x3c40 [ 265.816054][ T8383] ? hlock_class+0x4e/0x130 [ 265.820624][ T8383] ? __lock_acquire+0x15a9/0x3c40 [ 265.825721][ T8383] ___sys_sendmsg+0x135/0x1e0 [ 265.830478][ T8383] ? __pfx____sys_sendmsg+0x10/0x10 [ 265.835749][ T8383] ? __pfx___lock_acquire+0x10/0x10 [ 265.841058][ T8383] ? __pfx___might_resched+0x10/0x10 [ 265.846414][ T8383] ? __might_fault+0xe3/0x190 [ 265.851177][ T8383] __sys_sendmmsg+0x201/0x420 [ 265.855931][ T8383] ? __pfx___sys_sendmmsg+0x10/0x10 [ 265.861216][ T8383] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 265.867280][ T8383] ? fput+0x67/0x440 [ 265.871259][ T8383] ? ksys_write+0x1ba/0x250 [ 265.875841][ T8383] ? __pfx_ksys_write+0x10/0x10 [ 265.880763][ T8383] __x64_sys_sendmmsg+0x9c/0x100 [ 265.885782][ T8383] ? lockdep_hardirqs_on+0x7c/0x110 [ 265.891054][ T8383] do_syscall_64+0xcd/0x250 [ 265.895625][ T8383] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.901590][ T8383] RIP: 0033:0x7f5cbcd85d29 [ 265.906054][ T8383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 265.925726][ T8383] RSP: 002b:00007f5cbabf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 265.934217][ T8383] RAX: ffffffffffffffda RBX: 00007f5cbcf75fa0 RCX: 00007f5cbcd85d29 [ 265.942283][ T8383] RDX: 0000000000000007 RSI: 0000000020000200 RDI: 0000000000000005 [ 265.950315][ T8383] RBP: 00007f5cbabf6090 R08: 0000000000000000 R09: 0000000000000000 [ 265.958343][ T8383] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000002 [ 265.966370][ T8383] R13: 0000000000000000 R14: 00007f5cbcf75fa0 R15: 00007ffc1534cf18 [ 265.974419][ T8383] [ 266.769101][ T8358] syz.2.583 (8358) used greatest stack depth: 19296 bytes left [ 267.646897][ T8380] netlink: 4 bytes leftover after parsing attributes in process `syz.3.589'. [ 271.781047][ T8453] binder: 8452:8453 ioctl 4018620d 9 returned -22 [ 273.385449][ T8469] Process accounting resumed [ 275.393674][ T8081] syz.2.514 (8081) used greatest stack depth: 19248 bytes left [ 281.221523][ T8606] Process accounting resumed [ 283.151329][ T8612] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 283.169282][ T8612] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 283.208761][ T8612] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 283.225971][ T8612] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 283.615248][ T7973] syz.2.476 (7973) used greatest stack depth: 18480 bytes left [ 285.107265][ T8651] sctp: [Deprecated]: syz.1.651 (pid 8651) Use of struct sctp_assoc_value in delayed_ack socket option. [ 285.107265][ T8651] Use struct sctp_sack_info instead [ 285.190086][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 285.197403][ T5848] Bluetooth: hci2: command 0x0c1a tx timeout [ 285.204583][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 285.269703][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 286.734227][ T7969] syz.2.476 (7969) used greatest stack depth: 18112 bytes left [ 288.172426][ T8701] netlink: 'syz.3.662': attribute type 2 has an invalid length. [ 288.223788][ T8701] netlink: 674 bytes leftover after parsing attributes in process `syz.3.662'. [ 288.943273][ T8723] netlink: 206 bytes leftover after parsing attributes in process `syz.0.667'. [ 289.646693][ T8738] Unable to find swap-space signature [ 290.691619][ T8746] Process accounting resumed [ 291.282579][ T8754] nbd: must specify at least one socket [ 291.622336][ T8765] netlink: 20 bytes leftover after parsing attributes in process `syz.3.675'. [ 291.998816][ T8771] bridge0: port 1(bond0) entered blocking state [ 292.029112][ T8771] bridge0: port 1(bond0) entered disabled state [ 292.035667][ T8771] bond0: entered allmulticast mode [ 292.071687][ T8771] bond_slave_0: entered allmulticast mode [ 292.109009][ T8771] bond_slave_1: entered allmulticast mode [ 292.116235][ T8771] bond0: entered promiscuous mode [ 292.167213][ T8771] bond_slave_0: entered promiscuous mode [ 292.200076][ T8771] bond_slave_1: entered promiscuous mode [ 292.225961][ T8771] bridge0: port 1(bond0) entered blocking state [ 292.232469][ T8771] bridge0: port 1(bond0) entered forwarding state [ 292.889492][ T8786] netlink: 334 bytes leftover after parsing attributes in process `syz.3.680'. [ 297.118705][ T8860] netlink: 32 bytes leftover after parsing attributes in process `syz.1.694'. [ 297.961728][ T8879] netlink: 32 bytes leftover after parsing attributes in process `syz.1.697'. [ 299.359354][ T8902] netlink: 330 bytes leftover after parsing attributes in process `syz.2.702'. [ 300.436712][ T8935] program syz.2.710 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 305.928139][ T9028] netlink: 206 bytes leftover after parsing attributes in process `syz.0.733'. [ 308.625722][ T29] audit: type=1800 audit(8277292055.430:6): pid=9064 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.740" name="lu_gp_id" dev="configfs" ino=22537 res=0 errno=0 [ 309.110220][ T9067] netlink: 338 bytes leftover after parsing attributes in process `syz.0.742'. [ 309.135285][ T9068] netlink: 338 bytes leftover after parsing attributes in process `syz.0.742'. [ 310.097530][ T9088] Invalid ELF header magic: != ELF [ 311.063027][ T9104] GUP no longer grows the stack in syz.1.751 (9104): 9000-401000 (8000) [ 311.072138][ T9104] CPU: 0 UID: 0 PID: 9104 Comm: syz.1.751 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 311.082807][ T9104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 311.092907][ T9104] Call Trace: [ 311.096219][ T9104] [ 311.099177][ T9104] dump_stack_lvl+0x16c/0x1f0 [ 311.103908][ T9104] gup_vma_lookup+0x1d2/0x220 [ 311.108641][ T9104] __get_user_pages+0x236/0x3b50 [ 311.113677][ T9104] ? hlock_class+0x4e/0x130 [ 311.118250][ T9104] ? __lock_acquire+0x15a9/0x3c40 [ 311.123326][ T9104] ? __pfx___get_user_pages+0x10/0x10 [ 311.128770][ T9104] __gup_longterm_locked+0x211/0x1870 [ 311.134242][ T9104] ? __pfx___lock_acquire+0x10/0x10 [ 311.139493][ T9104] ? __pfx___gup_longterm_locked+0x10/0x10 [ 311.145356][ T9104] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 311.151035][ T9104] ? rwsem_read_trylock+0x12d/0x250 [ 311.156281][ T9104] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 311.161875][ T9104] ? process_vm_rw_core.constprop.0+0x3ff/0x9c0 [ 311.168183][ T9104] pin_user_pages_remote+0xee/0x150 [ 311.173444][ T9104] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 311.179302][ T9104] ? down_read+0xc9/0x330 [ 311.183695][ T9104] process_vm_rw_core.constprop.0+0x42b/0x9c0 [ 311.189956][ T9104] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 311.196631][ T9104] process_vm_rw+0x301/0x360 [ 311.201325][ T9104] ? __pfx_process_vm_rw+0x10/0x10 [ 311.206496][ T9104] ? __pfx_futex_wake+0x10/0x10 [ 311.211396][ T9104] ? do_futex+0xdb/0x350 [ 311.215718][ T9104] ? __vm_munmap+0x18b/0x340 [ 311.220393][ T9104] ? xfd_validate_state+0x5d/0x180 [ 311.225552][ T9104] ? rcu_is_watching+0x12/0xc0 [ 311.230367][ T9104] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 311.236069][ T9104] ? do_syscall_64+0x91/0x250 [ 311.240794][ T9104] ? lockdep_hardirqs_on+0x7c/0x110 [ 311.246037][ T9104] do_syscall_64+0xcd/0x250 [ 311.250680][ T9104] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 311.256663][ T9104] RIP: 0033:0x7f0955f85d29 [ 311.261118][ T9104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 311.280783][ T9104] RSP: 002b:00007f0956cd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 311.289242][ T9104] RAX: ffffffffffffffda RBX: 00007f0956176160 RCX: 00007f0955f85d29 [ 311.297250][ T9104] RDX: 0000000000000004 RSI: 0000000020000040 RDI: 00000000000002ae [ 311.305272][ T9104] RBP: 00007f0956001b08 R08: 0000000000000006 R09: 0000000000000000 [ 311.313297][ T9104] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000 [ 311.321401][ T9104] R13: 0000000000000000 R14: 00007f0956176160 R15: 00007ffe0e1933a8 [ 311.329434][ T9104] [ 312.372940][ T9127] netlink: 4 bytes leftover after parsing attributes in process `syz.1.756'. [ 313.064429][ T9140] netlink: 206 bytes leftover after parsing attributes in process `syz.1.759'. [ 313.397783][ T9139] misc userio: No port type given on /dev/userio [ 314.375086][ T9167] svc: failed to register nfsdv3 RPC service (errno 111). [ 314.386482][ T9167] svc: failed to register nfsaclv3 RPC service (errno 111). [ 316.347356][ T9201] netlink: 326 bytes leftover after parsing attributes in process `syz.0.779'. [ 317.508596][ T9228] netlink: 28 bytes leftover after parsing attributes in process `syz.0.784'. [ 319.571471][ T9257] netlink: 8 bytes leftover after parsing attributes in process `syz.0.787'. [ 321.055400][ T9282] netlink: 232 bytes leftover after parsing attributes in process `syz.3.795'. [ 324.830230][ T9366] netlink: 16 bytes leftover after parsing attributes in process `syz.1.808'. [ 326.936698][ T9392] netlink: 334 bytes leftover after parsing attributes in process `syz.1.816'. [ 327.000864][ T9407] netlink: 28 bytes leftover after parsing attributes in process `syz.2.820'. [ 327.014842][ T9407] veth0_macvtap: left promiscuous mode [ 327.079332][ T9409] netlink: 334 bytes leftover after parsing attributes in process `syz.1.816'. [ 328.339352][ T9438] batman_adv: Routing algorithm '' is not supported [ 328.673459][ T9447] netlink: zone id is out of range [ 328.694894][ T9447] netlink: zone id is out of range [ 328.708672][ T9447] netlink: zone id is out of range [ 328.726620][ T9447] netlink: zone id is out of range [ 328.741047][ T9447] netlink: zone id is out of range [ 328.759839][ T9447] netlink: zone id is out of range [ 328.779255][ T9447] netlink: zone id is out of range [ 328.797097][ T9447] netlink: zone id is out of range [ 328.813661][ T9447] netlink: set zone limit has 4 unknown bytes [ 329.043551][ T9427] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 332.477482][ T9506] netlink: 52 bytes leftover after parsing attributes in process `syz.0.839'. [ 332.530471][ T9519] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 332.761101][ T9519] netlink: 164 bytes leftover after parsing attributes in process `syz.2.842'. [ 332.812677][ T9519] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 335.938598][ T9566] Unable to find swap-space signature [ 342.348408][ T9621] netlink: 4 bytes leftover after parsing attributes in process `syz.1.867'. [ 342.380059][ T9625] Process accounting resumed [ 343.176069][ T9652] netlink: 8 bytes leftover after parsing attributes in process `syz.3.873'. [ 347.208687][ T9694] netlink: 4 bytes leftover after parsing attributes in process `syz.2.882'. [ 347.756463][ T9706] netlink: 'syz.2.885': attribute type 1 has an invalid length. [ 349.739158][ T9743] [ 351.082645][ T9759] netlink: 146 bytes leftover after parsing attributes in process `syz.1.896'. [ 357.980087][ T9857] netlink: 342 bytes leftover after parsing attributes in process `syz.2.920'. [ 358.015450][ T9849] netlink: 4 bytes leftover after parsing attributes in process `syz.0.918'. [ 358.978140][ T9877] netlink: 28 bytes leftover after parsing attributes in process `syz.0.926'. [ 359.022437][ T9877] veth1_macvtap: left promiscuous mode [ 359.412561][ T9894] netlink: 350 bytes leftover after parsing attributes in process `syz.2.929'. [ 360.255188][ T9927] netlink: 'syz.1.940': attribute type 1 has an invalid length. [ 360.273607][ T9927] netlink: 306 bytes leftover after parsing attributes in process `syz.1.940'. [ 360.288686][ T9926] netlink: 28 bytes leftover after parsing attributes in process `syz.0.939'. [ 360.707954][ T9939] netlink: 36 bytes leftover after parsing attributes in process `syz.0.943'. [ 361.548640][ T9951] netlink: 'syz.3.945': attribute type 3 has an invalid length. [ 361.628984][ T9951] netlink: 332 bytes leftover after parsing attributes in process `syz.3.945'. [ 362.045244][ T9961] netlink: 'syz.2.949': attribute type 4 has an invalid length. [ 363.060325][ T9974] netlink: 4 bytes leftover after parsing attributes in process `syz.2.954'. [ 364.862557][T10006] netlink: 4 bytes leftover after parsing attributes in process `syz.1.958'. [ 364.924480][T10007] netlink: 4 bytes leftover after parsing attributes in process `syz.1.958'. [ 365.805531][T10017] netlink: 8 bytes leftover after parsing attributes in process `syz.1.963'. [ 370.219682][T10084] tty tty46: ldisc open failed (-12), clearing slot 45 [ 371.856474][T10117] netlink: zone id is out of range [ 371.875144][T10117] netlink: set zone limit has 8 unknown bytes [ 372.092993][T10125] netlink: 28 bytes leftover after parsing attributes in process `syz.1.990'. [ 372.147201][T10125] mac80211_hwsim hwsim5 wlan0: entered promiscuous mode [ 372.169137][T10125] mac80211_hwsim hwsim5 wlan0: entered allmulticast mode [ 373.668660][T10148] netlink: 28 bytes leftover after parsing attributes in process `syz.0.997'. [ 373.769182][T10149] netlink: 334 bytes leftover after parsing attributes in process `syz.0.997'. [ 373.837173][T10151] netlink: Unknown conntrack attr (0) [ 374.009948][T10151] nbd: socks must be embedded in a SOCK_ITEM attr [ 374.021058][T10151] block nbd0: shutting down sockets [ 374.669465][T10156] openvswitch: netlink: IP tunnel dst address not specified [ 375.438253][T10180] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1002'. [ 375.593560][T10182] lo: entered allmulticast mode [ 375.616761][T10182] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1004'. [ 376.620078][T10181] lo: left allmulticast mode [ 378.639421][T10233] < [ 378.846562][T10235] < [ 384.822888][T10297] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 389.792481][T10399] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1044'. [ 390.769774][T10417] program syz.3.1048 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 391.039664][T10417] sg_write: process 972 (syz.3.1048) changed security contexts after opening file descriptor, this is not allowed. [ 392.912539][T10445] erspan0: entered allmulticast mode [ 394.217618][T10466] FAULT_INJECTION: forcing a failure. [ 394.217618][T10466] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 394.245156][T10460] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1059'. [ 394.365748][T10466] CPU: 0 UID: 0 PID: 10466 Comm: syz.0.1061 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 394.376611][T10466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 394.386728][T10466] Call Trace: [ 394.390051][T10466] [ 394.393018][T10466] dump_stack_lvl+0x16c/0x1f0 [ 394.397789][T10466] should_fail_ex+0x497/0x5b0 [ 394.402545][T10466] _copy_from_user+0x2e/0xd0 [ 394.407219][T10466] kstrtouint_from_user+0xd7/0x1c0 [ 394.412393][T10466] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 394.418188][T10466] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 394.423884][T10466] proc_fail_nth_write+0x84/0x250 [ 394.428971][T10466] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 394.434665][T10466] ? ksys_write+0x12b/0x250 [ 394.439217][T10466] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 394.444898][T10466] vfs_write+0x24c/0x1150 [ 394.449266][T10466] ? __fget_files+0x1fc/0x3a0 [ 394.453985][T10466] ? __pfx___mutex_lock+0x10/0x10 [ 394.459054][T10466] ? __pfx_vfs_write+0x10/0x10 [ 394.463867][T10466] ? __fget_files+0x206/0x3a0 [ 394.468618][T10466] ksys_write+0x12b/0x250 [ 394.472990][T10466] ? __pfx_ksys_write+0x10/0x10 [ 394.477892][T10466] do_syscall_64+0xcd/0x250 [ 394.482441][T10466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 394.488379][T10466] RIP: 0033:0x7f5cbcd847df [ 394.492824][T10466] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 394.512470][T10466] RSP: 002b:00007f5cbabf6030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 394.520923][T10466] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f5cbcd847df [ 394.528941][T10466] RDX: 0000000000000001 RSI: 00007f5cbabf60a0 RDI: 0000000000000004 [ 394.536943][T10466] RBP: 00007f5cbabf6090 R08: 0000000000000000 R09: 0000000000000000 [ 394.544942][T10466] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 394.552942][T10466] R13: 0000000000000000 R14: 00007f5cbcf75fa0 R15: 00007ffc1534cf18 [ 394.560959][T10466] [ 396.995094][T10492] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1070'. [ 397.165738][T10492] : renamed from team0 (while UP) [ 412.105527][ T5848] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 412.118500][ T5848] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 412.127407][ T5848] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 412.430125][ T5848] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 412.439829][ T5848] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 412.447282][ T5848] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 413.205304][T10571] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1088'. [ 413.248481][T10563] chnl_net:caif_netlink_parms(): no params data found [ 413.566458][T10563] bridge0: port 1(bridge_slave_0) entered blocking state [ 413.584731][T10563] bridge0: port 1(bridge_slave_0) entered disabled state [ 413.603621][T10563] bridge_slave_0: entered allmulticast mode [ 413.631383][T10563] bridge_slave_0: entered promiscuous mode [ 413.669354][T10563] bridge0: port 2(bridge_slave_1) entered blocking state [ 413.689217][T10563] bridge0: port 2(bridge_slave_1) entered disabled state [ 413.717292][T10563] bridge_slave_1: entered allmulticast mode [ 413.735051][T10563] bridge_slave_1: entered promiscuous mode [ 413.845775][T10563] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 413.878742][T10563] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 414.032521][T10563] team0: Port device team_slave_0 added [ 414.068178][T10563] team0: Port device team_slave_1 added [ 414.185630][T10563] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 414.203822][T10563] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 414.273898][T10563] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 414.315326][T10563] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 414.335384][T10563] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 414.414363][T10563] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 414.469353][ T5838] Bluetooth: hci4: command tx timeout [ 414.551865][T10563] hsr_slave_0: entered promiscuous mode [ 414.574857][T10563] hsr_slave_1: entered promiscuous mode [ 414.611240][T10563] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 414.636377][T10563] Cannot create hsr debugfs directory [ 415.150640][T10563] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 415.187640][T10563] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 415.228556][T10563] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 415.254427][T10563] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 415.552786][T10563] 8021q: adding VLAN 0 to HW filter on device bond0 [ 415.603729][T10563] 8021q: adding VLAN 0 to HW filter on device team0 [ 415.643898][ T7554] bridge0: port 1(bridge_slave_0) entered blocking state [ 415.651156][ T7554] bridge0: port 1(bridge_slave_0) entered forwarding state [ 415.712084][ T7554] bridge0: port 2(bridge_slave_1) entered blocking state [ 415.720491][ T7554] bridge0: port 2(bridge_slave_1) entered forwarding state [ 416.534335][T10563] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 416.550342][ T5838] Bluetooth: hci4: command tx timeout [ 417.342700][T10600] lo: entered allmulticast mode [ 417.425342][T10599] lo: left allmulticast mode [ 417.581298][T10563] veth0_vlan: entered promiscuous mode [ 417.656398][T10563] veth1_vlan: entered promiscuous mode [ 417.792936][T10614] netlink: 'syz.1.1096': attribute type 2 has an invalid length. [ 417.820040][T10614] netlink: 674 bytes leftover after parsing attributes in process `syz.1.1096'. [ 417.872512][T10563] veth0_macvtap: entered promiscuous mode [ 417.927365][T10563] veth1_macvtap: entered promiscuous mode [ 418.025040][T10563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 418.136710][T10563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 418.195230][T10563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 418.273635][T10563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 418.338535][T10563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 418.365447][T10563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 418.391704][T10563] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 418.402467][T10563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 418.413041][T10563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 418.423371][T10563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 418.433904][T10563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 418.443856][T10563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 418.454494][T10563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 418.466278][T10563] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 418.629953][ T5838] Bluetooth: hci4: command tx timeout [ 418.824607][T10563] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 418.867997][T10563] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 418.917527][T10563] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 418.942676][T10563] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.266416][ T5020] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 420.329072][ T5020] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 420.471423][T10640] QAT: Stopping all acceleration devices. [ 420.502617][ T7571] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 420.518999][ T7571] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 420.710255][ T5838] Bluetooth: hci4: command tx timeout [ 426.572196][T10707] Invalid ELF header magic: != ELF [ 427.636723][T10726] Process accounting resumed [ 428.254399][T10730] random: crng reseeded on system resumption [ 428.672653][T10726] Process accounting resumed [ 429.433233][T10730] Process accounting resumed [ 429.437944][T10730] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10730 comm: syz.3.1123) [ 429.880035][T10745] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 10745 comm: syz.3.1128) [ 429.930392][T10745] Process accounting resumed [ 431.178105][T10751] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1131'. [ 432.945615][T10765] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 435.385412][T10805] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1143'. [ 438.913119][T10851] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1154'. [ 441.164901][T10885] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1158'. [ 441.640858][T10893] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1163'. [ 442.681533][T10910] FAULT_INJECTION: forcing a failure. [ 442.681533][T10910] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 442.761711][T10910] CPU: 1 UID: 0 PID: 10910 Comm: syz.3.1168 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 442.772586][T10910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 442.782618][T10908] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1167'. [ 442.782746][T10910] Call Trace: [ 442.794963][T10910] [ 442.797942][T10910] dump_stack_lvl+0x16c/0x1f0 [ 442.802701][T10910] should_fail_ex+0x497/0x5b0 [ 442.807464][T10910] _copy_from_user+0x2e/0xd0 [ 442.812140][T10910] split_huge_pages_write+0x21b/0x1f60 [ 442.817670][T10910] ? is_bpf_text_address+0x8a/0x1a0 [ 442.822955][T10910] ? __pfx_lock_release+0x10/0x10 [ 442.828050][T10910] ? trace_lock_acquire+0x14e/0x1f0 [ 442.833335][T10910] ? __pfx_split_huge_pages_write+0x10/0x10 [ 442.839312][T10910] ? __lock_acquire+0xcc5/0x3c40 [ 442.844336][T10910] ? hlock_class+0x4e/0x130 [ 442.848937][T10910] ? mark_lock+0xb5/0xc60 [ 442.853356][T10910] ? __pfx_mark_lock+0x10/0x10 [ 442.858260][T10910] ? __pfx___lock_acquire+0x10/0x10 [ 442.863529][T10910] ? __pfx___lock_acquire+0x10/0x10 [ 442.868795][T10910] ? __pfx_aa_file_perm+0x10/0x10 [ 442.873907][T10910] ? debugfs_file_get+0x21c/0x5c0 [ 442.879008][T10910] ? __pfx_debugfs_file_get+0x10/0x10 [ 442.884452][T10910] ? rcu_is_watching+0x12/0xc0 [ 442.889308][T10910] ? trace_lock_acquire+0x14e/0x1f0 [ 442.894590][T10910] full_proxy_write+0xfb/0x1b0 [ 442.899431][T10910] ? __pfx_full_proxy_write+0x10/0x10 [ 442.904876][T10910] vfs_write+0x24c/0x1150 [ 442.909289][T10910] ? __fget_files+0x1fc/0x3a0 [ 442.914037][T10910] ? __pfx___mutex_lock+0x10/0x10 [ 442.919139][T10910] ? __pfx_vfs_write+0x10/0x10 [ 442.923987][T10910] ? __fget_files+0x206/0x3a0 [ 442.928756][T10910] ksys_write+0x12b/0x250 [ 442.933158][T10910] ? __pfx_ksys_write+0x10/0x10 [ 442.938087][T10910] do_syscall_64+0xcd/0x250 [ 442.942668][T10910] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 442.948644][T10910] RIP: 0033:0x7f6fdef85d29 [ 442.953118][T10910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 442.972805][T10910] RSP: 002b:00007f6fdcdf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 442.981294][T10910] RAX: ffffffffffffffda RBX: 00007f6fdf175fa0 RCX: 00007f6fdef85d29 [ 442.989328][T10910] RDX: 0000000000000001 RSI: 0000000020000100 RDI: 0000000000000003 [ 442.997362][T10910] RBP: 00007f6fdcdf6090 R08: 0000000000000000 R09: 0000000000000000 [ 443.005400][T10910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 443.013440][T10910] R13: 0000000000000000 R14: 00007f6fdf175fa0 R15: 00007ffeda0331d8 [ 443.021495][T10910] [ 443.714465][T10913] netlink: 222 bytes leftover after parsing attributes in process `syz.4.1169'. [ 443.829128][T10913] netlink: 222 bytes leftover after parsing attributes in process `syz.4.1169'. [ 444.040821][T10913] netlink: 222 bytes leftover after parsing attributes in process `syz.4.1169'. [ 446.025907][T10958] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd31 [ 446.175862][T10958] netlink: 246 bytes leftover after parsing attributes in process `syz.3.1177'. [ 447.366148][T10974] bridge0: port 3(vlan1) entered blocking state [ 447.414197][T10974] bridge0: port 3(vlan1) entered disabled state [ 447.439142][T10974] vlan1: entered allmulticast mode [ 447.469039][T10974] veth0_vlan: entered allmulticast mode [ 447.487174][T10974] vlan1: entered promiscuous mode [ 447.522399][T10974] bridge0: port 3(vlan1) entered blocking state [ 447.530192][T10974] bridge0: port 3(vlan1) entered forwarding state [ 448.032125][T10983] : Can't lookup blockdev [ 448.044905][T10984] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(537396514.0.0), cmd(14) [ 449.819507][T11009] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1191'. [ 450.727022][T11024] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1195'. [ 451.279701][T11032] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1196'. [ 451.459852][T11034] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1197'. [ 451.788710][T11032] bridge0: entered promiscuous mode [ 456.863299][T11121] Process accounting resumed [ 456.895968][T11110] Process accounting resumed [ 457.085146][T11125] program syz.3.1216 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 459.928997][T11160] bcache: register_bcache() error : failed to open device [ 461.849688][T11175] openvswitch: netlink: Multiple metadata blocks provided [ 462.762935][T11187] nbd: socks must be embedded in a SOCK_ITEM attr [ 462.786694][T11187] block nbd0: shutting down sockets [ 463.374635][T11198] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1237'. [ 463.418244][T11198] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 465.129151][T11239] vivid-013: ================= START STATUS ================= [ 465.136876][T11239] vivid-013: Generate PTS: true [ 465.250720][T11239] vivid-013: Generate SCR: true [ 465.321920][T11239] tpg source WxH: 640x360 (Y'CbCr) [ 465.328489][T11239] tpg field: 1 [ 465.360146][T11239] tpg crop: 640x360@0x0 [ 465.383393][T11239] tpg compose: 640x360@0x0 [ 465.459007][T11239] tpg colorspace: 8 [ 465.511564][T11239] tpg transfer function: 0/0 [ 465.594616][T11239] tpg Y'CbCr encoding: 0/0 [ 465.602460][T11239] tpg quantization: 0/0 [ 465.611815][T11239] tpg RGB range: 0/2 [ 465.620460][T11239] vivid-013: ================== END STATUS ================== [ 467.622256][T11299] program syz.0.1260 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 469.098947][T11328] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1269'. [ 469.309587][T11336] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes. [ 470.058282][T11352] netlink: 'syz.0.1273': attribute type 11 has an invalid length. [ 474.441370][T11414] sp0: Synchronizing with TNC [ 476.853429][T11458] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1297'. [ 477.310076][T11458] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1297'. [ 479.587812][T11474] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 482.438916][T11529] sp0: Synchronizing with TNC [ 482.618628][T11537] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1314'. [ 486.910844][T11559] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 488.951123][T11578] program syz.4.1324 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 489.703566][T11591] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1328'. [ 490.659135][ T29] audit: type=1807 audit(8277292237.470:7): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 490.724240][ T29] audit: type=1802 audit(8277292237.530:8): pid=11604 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.4.1330" res=0 errno=0 [ 490.780893][T11610] ima: policy update failed [ 490.809115][ T29] audit: type=1802 audit(8277292237.620:9): pid=11610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.1330" res=0 errno=0 [ 491.420722][T11616] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1333'. [ 491.449486][T11618] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1333'. [ 492.613816][T11625] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1334'. [ 492.637068][T11632] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1334'. [ 492.756256][T11625] lo: entered promiscuous mode [ 492.787157][T11625] lo: entered allmulticast mode [ 495.018275][T11676] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1349'. [ 495.141727][T11678] netlink: Unknown conntrack attr (type=64, max=9) [ 495.546279][T11687] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ekx' e (errno 111). [ 544.806647][T12531] svc: failed to register nfsaclv3 RPC service (errno 111). [ 547.116738][T12591] sctp: [Deprecated]: syz.1.1568 (pid 12591) Use of struct sctp_assoc_value in delayed_ack socket option. [ 547.116738][T12591] Use struct sctp_sack_info instead [ 548.399775][T12620] program syz.3.1572 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 550.669046][T12648] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 552.341852][T12675] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1583'. [ 552.737326][T12682] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1583'. [ 553.352209][T12713] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1585'. [ 553.959477][T12720] netlink: 'syz.4.1587': attribute type 1 has an invalid length. [ 555.767809][T12757] svc: failed to register nfsdv3 RPC service (errno 111). [ 555.863154][T12757] svc: failed to register nfsaclv3 RPC service (errno 111). [ 557.260722][T12773] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1603'. [ 557.274189][T12773] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1603'. [ 557.365831][T12775] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1604'. [ 557.397156][T12775] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 558.514460][T12792] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1609'. [ 558.618368][T12796] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1609'. [ 560.130542][T12837] svc: failed to register nfsdv3 RPC service (errno 101). [ 560.158936][T12837] svc: failed to register nfsaclv3 RPC service (errno 101). [ 561.340160][T12859] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek [ 566.806387][T12997] dump_stack_lvl+0x16c/0x1f0 [ 566.811174][T12997] should_fail_ex+0x497/0x5b0 [ 566.815924][T12997] ? fs_reclaim_acquire+0xae/0x150 [ 566.821113][T12997] should_failslab+0xc2/0x120 [ 566.825876][T12997] __kmalloc_noprof+0xce/0x4f0 [ 566.830715][T12997] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 566.836420][T12997] ? tomoyo_realpath_from_path+0xbf/0x710 [ 566.842229][T12997] tomoyo_realpath_from_path+0xbf/0x710 [ 566.847851][T12997] ? tomoyo_path_number_perm+0x235/0x5b0 [ 566.853574][T12997] tomoyo_path_number_perm+0x248/0x5b0 [ 566.859121][T12997] ? tomoyo_path_number_perm+0x235/0x5b0 [ 566.864843][T12997] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 566.870941][T12997] ? __pfx_lock_release+0x10/0x10 [ 566.876028][T12997] ? trace_lock_acquire+0x14e/0x1f0 [ 566.881307][T12997] ? lock_acquire+0x2f/0xb0 [ 566.885864][T12997] ? __fget_files+0x40/0x3a0 [ 566.890524][T12997] ? __fget_files+0x206/0x3a0 [ 566.895261][T12997] security_file_ioctl+0x9b/0x240 [ 566.900328][T12997] __x64_sys_ioctl+0xb7/0x200 [ 566.905044][T12997] do_syscall_64+0xcd/0x250 [ 566.909596][T12997] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 566.915532][T12997] RIP: 0033:0x7f6fdef85d29 [ 566.919980][T12997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 566.939628][T12997] RSP: 002b:00007f6fdcdf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 566.948111][T12997] RAX: ffffffffffffffda RBX: 00007f6fdf175fa0 RCX: 00007f6fdef85d29 [ 566.956159][T12997] RDX: 0000000000000003 RSI: 00000000c0045103 RDI: 0000000000000003 [ 566.964196][T12997] RBP: 00007f6fdcdf6090 R08: 0000000000000000 R09: 0000000000000000 [ 566.972198][T12997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 566.980201][T12997] R13: 0000000000000000 R14: 00007f6fdf175fa0 R15: 00007ffeda0331d8 [ 566.988225][T12997] [ 567.027238][T12999] netlink: 222 bytes leftover after parsing attributes in process `syz.1.1660'. [ 567.043670][T12997] ERROR: Out of memory at tomoyo_realpath_from_path. [ 567.609472][T13012] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1665'. [ 567.629011][T13012] nbd: must specify a size in bytes for the device [ 567.902666][T13018] netlink: 'syz.0.1666': attribute type 15 has an invalid length. [ 567.943819][T13018] netlink: 'syz.0.1666': attribute type 16 has an invalid length. [ 567.976233][T13018] netlink: 'syz.0.1666': attribute type 4 has an invalid length. [ 568.022574][T13018] netlink: 'syz.0.1666': attribute type 29 has an invalid length. [ 568.045473][T13018] netlink: 38 bytes leftover after parsing attributes in process `syz.0.1666'. [ 568.732894][T13041] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1672'. [ 568.774226][T13041] netdevsim netdevsim4 netdevsim2: entered allmulticast mode [ 569.769115][T13037] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek [ 583.576136][T13305] dump_stack_lvl+0x16c/0x1f0 [ 583.580866][T13305] mtrr_del+0xd1/0x110 [ 583.584995][T13305] mtrr_ioctl+0x900/0xcd0 [ 583.589382][T13305] ? __pfx_mtrr_ioctl+0x10/0x10 [ 583.594295][T13305] ? __pfx_lock_release+0x10/0x10 [ 583.599370][T13305] ? __fget_files+0x206/0x3a0 [ 583.604092][T13305] ? __pfx_mtrr_ioctl+0x10/0x10 [ 583.609006][T13305] proc_reg_unlocked_ioctl+0x226/0x320 [ 583.614524][T13305] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 583.620550][T13305] __x64_sys_ioctl+0x190/0x200 [ 583.625355][T13305] do_syscall_64+0xcd/0x250 [ 583.629909][T13305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 583.635855][T13305] RIP: 0033:0x7f6fdef85d29 [ 583.640353][T13305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 583.660006][T13305] RSP: 002b:00007f6fdcdf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 583.668489][T13305] RAX: ffffffffffffffda RBX: 00007f6fdf175fa0 RCX: 00007f6fdef85d29 [ 583.676494][T13305] RDX: 0000000000000007 RSI: 0000000040104d04 RDI: 0000000000000003 [ 583.684501][T13305] RBP: 00007f6fdf001b08 R08: 0000000000000000 R09: 0000000000000000 [ 583.692503][T13305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 583.700507][T13305] R13: 0000000000000000 R14: 00007f6fdf175fa0 R15: 00007ffeda0331d8 [ 583.708532][T13305] [ 586.057174][T13337] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1737'. [ 586.459872][T13337] smc: removing net device syz_tun with user defined pnetid ETHTOOL [ 588.371968][T13362] size and base must be multiples of 4 kiB [ 588.377870][T13362] CPU: 0 UID: 0 PID: 13362 Comm: syz.0.1743 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 588.388705][T13362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 588.398814][T13362] Call Trace: [ 588.402142][T13362] [ 588.405122][T13362] dump_stack_lvl+0x16c/0x1f0 [ 588.409876][T13362] mtrr_del+0xd1/0x110 [ 588.414028][T13362] mtrr_ioctl+0x900/0xcd0 [ 588.418449][T13362] ? __pfx_mtrr_ioctl+0x10/0x10 [ 588.423383][T13362] ? __pfx_lock_release+0x10/0x10 [ 588.428495][T13362] ? __fget_files+0x206/0x3a0 [ 588.433234][T13362] ? __pfx_mtrr_ioctl+0x10/0x10 [ 588.438172][T13362] proc_reg_unlocked_ioctl+0x226/0x320 [ 588.443710][T13362] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 588.449769][T13362] __x64_sys_ioctl+0x190/0x200 [ 588.454587][T13362] do_syscall_64+0xcd/0x250 [ 588.459160][T13362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 588.465133][T13362] RIP: 0033:0x7f5cbcd85d29 [ 588.469606][T13362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 588.489283][T13362] RSP: 002b:00007f5cbabf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 588.497775][T13362] RAX: ffffffffffffffda RBX: 00007f5cbcf75fa0 RCX: 00007f5cbcd85d29 [ 588.505812][T13362] RDX: 0000000000000007 RSI: 0000000040104d04 RDI: 0000000000000003 [ 588.513844][T13362] RBP: 00007f5cbce01b08 R08: 0000000000000000 R09: 0000000000000000 [ 588.521870][T13362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 588.529904][T13362] R13: 0000000000000000 R14: 00007f5cbcf75fa0 R15: 00007ffc1534cf18 [ 588.537957][T13362] [ 588.541111][ C0] vkms_vblank_simulate: vblank timer overrun [ 589.324076][T13368] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 589.337792][T13368] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 589.350168][T13368] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 589.380059][T13368] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 589.394942][T13368] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 589.402836][T13368] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 589.961782][T13377] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 589.991893][T13377] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 590.431454][T13384] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 590.618658][T13367] chnl_net:caif_netlink_parms(): no params data found [ 591.509175][T13368] Bluetooth: hci1: command tx timeout [ 591.635735][T13367] bridge0: port 1(bridge_slave_0) entered blocking state [ 591.643196][T13367] bridge0: port 1(bridge_slave_0) entered disabled state [ 591.674352][T13367] bridge_slave_0: entered allmulticast mode [ 591.700336][T13367] bridge_slave_0: entered promiscuous mode [ 591.744798][T13367] bridge0: port 2(bridge_slave_1) entered blocking state [ 591.787558][T13367] bridge0: port 2(bridge_slave_1) entered disabled state [ 591.805241][T13367] bridge_slave_1: entered allmulticast mode [ 591.835161][T13367] bridge_slave_1: entered promiscuous mode [ 593.251657][T13379] tipc: Started in network mode [ 593.256612][T13379] tipc: Node identity ee00, cluster identity 4711 [ 593.318807][T13379] tipc: Node number set to 60928 [ 593.385970][T13367] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 593.411871][T13367] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 593.598962][T13368] Bluetooth: hci1: command tx timeout [ 593.951866][T13367] team0: Port device team_slave_0 added [ 594.009536][T13367] team0: Port device team_slave_1 added [ 594.240163][T13415] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1755'. [ 594.313162][T13367] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 594.326529][T13367] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 594.352476][ C0] vkms_vblank_simulate: vblank timer overrun [ 594.378464][T13367] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 594.645648][T12581] smc: removing net device syz_tun with user defined pnetid ETHTOOL [ 594.857935][T13367] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 594.875521][T13367] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 594.901507][ C0] vkms_vblank_simulate: vblank timer overrun [ 594.948815][T13367] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 595.442821][T13367] hsr_slave_0: entered promiscuous mode [ 595.485090][T13367] hsr_slave_1: entered promiscuous mode [ 595.495466][T13367] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 595.528872][T13367] Cannot create hsr debugfs directory [ 595.679018][T13368] Bluetooth: hci1: command tx timeout [ 596.520995][T13367] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 596.574232][T13367] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 596.605961][T13367] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 596.639154][T13367] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 596.730608][T13448] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 596.805730][T13367] 8021q: adding VLAN 0 to HW filter on device bond0 [ 596.825493][T13367] 8021q: adding VLAN 0 to HW filter on device team0 [ 596.861531][T11080] bridge0: port 1(bridge_slave_0) entered blocking state [ 596.868831][T11080] bridge0: port 1(bridge_slave_0) entered forwarding state [ 596.919361][ T3425] bridge0: port 2(bridge_slave_1) entered blocking state [ 596.926547][ T3425] bridge0: port 2(bridge_slave_1) entered forwarding state [ 597.438327][T13462] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 400008000010006 [ 597.525913][T13367] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 597.751090][T13368] Bluetooth: hci1: command tx timeout [ 598.192142][T13471] svc: failed to register nfsdv3 RPC service (errno 111). [ 598.237951][T13471] svc: failed to register nfsaclv3 RPC service (errno 111). [ 598.306116][T13367] veth0_vlan: entered promiscuous mode [ 598.371896][T13367] veth1_vlan: entered promiscuous mode [ 598.446886][T13367] veth0_macvtap: entered promiscuous mode [ 598.479659][T13367] veth1_macvtap: entered promiscuous mode [ 598.528673][T13367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 598.541815][T13367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 598.553334][T13367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 598.570031][T13367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 598.582663][T13367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 598.597823][T13367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 598.615722][T13367] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 598.647667][T13367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 598.666500][T13367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 598.686780][T13367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 598.711734][T13367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 598.725181][T13367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 598.736083][T13367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 598.747569][T13367] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 598.775128][T13367] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 598.795273][T13367] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 598.807299][T13367] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 598.819180][T13367] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 598.980186][ T7569] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 598.990331][T11081] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 598.998665][T11081] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 599.010916][ T7569] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 599.642503][T13492] kexec: Could not allocate control_code_buffer [ 601.290475][T13522] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1779'. [ 601.534066][T13523] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1779'. [ 601.769650][T13473] svc: failed to register nfsdv3 RPC service (errno 512). [ 601.777143][T13473] svc: failed to register nfsaclv3 RPC service (errno 512). [ 601.962226][T13532] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1782'. [ 601.972820][T13532] : renamed from hsr0 (while UP) [ 602.005876][T13532] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1782'. [ 608.061078][T13627] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+' [ 610.596322][T13656] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1815'. [ 610.628341][T13656] bridge_slave_1: left allmulticast mode [ 610.699042][T13656] bridge_slave_1: left promiscuous mode [ 610.741138][T13656] bridge0: port 2(bridge_slave_1) entered disabled state [ 610.760190][T13666] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+' [ 610.919909][T13656] bridge_slave_0: left allmulticast mode [ 610.925662][T13656] bridge_slave_0: left promiscuous mode [ 610.932822][T13656] bridge0: port 1(bridge_slave_0) entered disabled state [ 610.995062][T13668] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1820'. [ 611.005718][T13670] netlink: 'syz.3.1820': attribute type 1 has an invalid length. [ 611.032513][T13642] kexec: Could not allocate control_code_buffer [ 612.647394][T13715] nbd: must specify an index to disconnect [ 614.982274][T13773] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1841'. [ 615.373956][T13768] HfR: entered promiscuous mode [ 615.669440][T13781] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1843'. [ 615.720002][T13781] macvlan1: entered promiscuous mode [ 615.875372][ T29] audit: type=1806 audit(8277292362.690:12): xattr="." res=0 [ 616.197337][T13788] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1846'. [ 619.152716][T13843] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 619.233938][T13843] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 619.326536][T13843] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 619.393413][T13843] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 619.462171][T13843] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 619.469575][T13843] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 621.189046][T13368] Bluetooth: hci2: command 0x0c1a tx timeout [ 621.272548][T13368] Bluetooth: hci0: command 0x0c1a tx timeout [ 621.348981][T13368] Bluetooth: hci4: command 0x0c1a tx timeout [ 621.429549][T13368] Bluetooth: hci1: command 0x0c1a tx timeout [ 622.067057][T13898] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek= 4608 [ 637.515281][T14241] Invalid input. Must be >= 4608 [ 639.791712][T14266] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 642.887221][T14310] MTRR 1 not used [ 644.298612][T14334] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1968'. [ 644.709020][T14341] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1970'. [ 644.739116][T14341] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1970'. [ 644.748228][T14341] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1970'. [ 644.809017][T14341] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1970'. [ 644.849586][T14341] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1970'. [ 644.884651][T14341] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1970'. [ 644.908662][T14341] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1970'. [ 644.940602][T14341] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1970'. [ 644.967789][T14341] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1970'. [ 650.121740][T14382] netlink: 'syz.4.1979': attribute type 1 has an invalid length. [ 650.151018][T14383] __nla_validate_parse: 56 callbacks suppressed [ 650.151045][T14383] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1980'. [ 650.172000][T14382] [U]  [ 650.175302][T14382] [U] [ 650.178078][T14382] [U] [ 650.180842][T14382] [U] [ 650.189323][T14383] hsr_slave_0: left promiscuous mode [ 650.219304][T14382] [U] [ 650.222118][T14382] [U] [ 650.224884][T14382] [U] [ 650.227647][T14382] [U] [ 650.255947][T14381] [U] [ 650.555571][T14394] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek [ 674.753196][T14894] dump_stack_lvl+0x16c/0x1f0 [ 674.757945][T14894] should_fail_ex+0x497/0x5b0 [ 674.762700][T14894] _copy_from_user+0x2e/0xd0 [ 674.767373][T14894] memdup_user+0x71/0xd0 [ 674.771687][T14894] strndup_user+0x78/0xe0 [ 674.776088][T14894] __x64_sys_mount+0x138/0x320 [ 674.780929][T14894] ? __pfx___x64_sys_mount+0x10/0x10 [ 674.786303][T14894] do_syscall_64+0xcd/0x250 [ 674.790882][T14894] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 674.796852][T14894] RIP: 0033:0x7f6fdef85d29 [ 674.801382][T14894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 674.821057][T14894] RSP: 002b:00007f6fdcdf6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 674.829549][T14894] RAX: ffffffffffffffda RBX: 00007f6fdf175fa0 RCX: 00007f6fdef85d29 [ 674.837586][T14894] RDX: 0000000020001540 RSI: 0000000020001500 RDI: 0000000000000000 [ 674.845614][T14894] RBP: 00007f6fdcdf6090 R08: 00000000200001c0 R09: 0000000000000000 [ 674.853647][T14894] R10: 0000000000008002 R11: 0000000000000246 R12: 0000000000000001 [ 674.861677][T14894] R13: 0000000000000000 R14: 00007f6fdf175fa0 R15: 00007ffeda0331d8 [ 674.869732][T14894] [ 674.872950][ C1] vkms_vblank_simulate: vblank timer overrun [ 675.221377][T14906] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek [ 676.183871][T14931] dump_stack_lvl+0x16c/0x1f0 [ 676.188623][T14931] should_fail_ex+0x497/0x5b0 [ 676.193380][T14931] ? fs_reclaim_acquire+0xae/0x150 [ 676.198565][T14931] should_failslab+0xc2/0x120 [ 676.203319][T14931] __kmalloc_cache_noprof+0x68/0x420 [ 676.208703][T14931] ? _copy_from_user+0x59/0xd0 [ 676.213545][T14931] copy_mount_options+0x55/0x190 [ 676.218578][T14931] __x64_sys_mount+0x1ad/0x320 [ 676.223422][T14931] ? __pfx___x64_sys_mount+0x10/0x10 [ 676.228800][T14931] do_syscall_64+0xcd/0x250 [ 676.233385][T14931] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 676.239358][T14931] RIP: 0033:0x7f3e26785d29 [ 676.243827][T14931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 676.263578][T14931] RSP: 002b:00007f3e27559038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 676.272028][T14931] RAX: ffffffffffffffda RBX: 00007f3e26975fa0 RCX: 00007f3e26785d29 [ 676.280063][T14931] RDX: 0000000020001540 RSI: 0000000020001500 RDI: 0000000000000000 [ 676.288064][T14931] RBP: 00007f3e27559090 R08: 00000000200001c0 R09: 0000000000000000 [ 676.296065][T14931] R10: 0000000000008002 R11: 0000000000000246 R12: 0000000000000001 [ 676.304063][T14931] R13: 0000000000000000 R14: 00007f3e26975fa0 R15: 00007fff5abd4be8 [ 676.312088][T14931] [ 676.315268][ C1] vkms_vblank_simulate: vblank timer overrun [ 679.051483][T14983] netlink: 'syz.0.2130': attribute type 19 has an invalid length. [ 679.075303][T14983] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2130'. [ 679.767755][T14992] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 680.401265][T15007] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2135'. [ 680.511234][T15007] ip6tnl0: left promiscuous mode [ 685.537141][T15145] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek 1 [ 694.720216][ T5848] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 694.749254][ T5848] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 694.761578][ T5848] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 694.777851][ T5848] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 694.787115][ T5848] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 695.097727][T13066] smc: removing net device syz_tun with user defined pnetid ETHTOOL [ 695.383149][T15282] chnl_net:caif_netlink_parms(): no params data found [ 695.669098][T15282] bridge0: port 1(bridge_slave_0) entered blocking state [ 695.695721][T15282] bridge0: port 1(bridge_slave_0) entered disabled state [ 695.741573][T15282] bridge_slave_0: entered allmulticast mode [ 695.754534][T15282] bridge_slave_0: entered promiscuous mode [ 695.793445][T15282] bridge0: port 2(bridge_slave_1) entered blocking state [ 695.811467][T15282] bridge0: port 2(bridge_slave_1) entered disabled state [ 695.818884][T15282] bridge_slave_1: entered allmulticast mode [ 695.830405][T15283] ALSA: mixer_oss: invalid OSS volume '' [ 695.833168][T15282] bridge_slave_1: entered promiscuous mode [ 696.000961][ T29] audit: type=1800 audit(4294969422.527:15): pid=15309 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2202" name="dbroot" dev="configfs" ino=49215 res=0 errno=0 [ 696.184099][T15282] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 696.225683][T15282] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 696.420273][T15282] team0: Port device team_slave_0 added [ 696.430300][T15282] team0: Port device team_slave_1 added [ 696.473235][T15318] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2204'. [ 696.484690][T15282] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 696.518327][T15282] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 696.564770][T15282] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 696.601311][T15282] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 696.608738][T15282] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 696.636264][T15282] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 696.651723][T15318] netdevsim netdevsim5 netdevsim2: entered allmulticast mode [ 696.906442][T13368] Bluetooth: hci2: command tx timeout [ 697.060821][T15282] hsr_slave_0: entered promiscuous mode [ 697.171109][T15282] hsr_slave_1: entered promiscuous mode [ 697.185307][T15282] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 697.193090][T15282] Cannot create hsr debugfs directory [ 697.327772][T15326] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 697.347244][T15326] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 697.373952][T15326] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 697.386022][T15326] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 697.423287][T15326] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 697.447307][T15326] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 697.857010][T15282] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 698.234178][T15282] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 698.516444][T15282] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 698.730847][T15282] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 698.873074][T15354] netlink: 'syz.5.2215': attribute type 3 has an invalid length. [ 699.313681][T15282] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 699.344052][T13368] Bluetooth: hci4: command 0x0c1a tx timeout [ 699.344078][ T5848] Bluetooth: hci0: command 0x0c1a tx timeout [ 699.423344][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 699.429473][ T5848] Bluetooth: hci2: command 0x040f tx timeout [ 699.438849][T15282] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 699.497656][T15282] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 699.781844][T15366] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 699.864210][T15282] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 700.054180][ T29] audit: type=1800 audit(4294969426.608:16): pid=15373 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2220" name="version" dev="configfs" ino=49518 res=0 errno=0 [ 700.238414][T15282] 8021q: adding VLAN 0 to HW filter on device bond0 [ 700.256343][T15282] 8021q: adding VLAN 0 to HW filter on device team0 [ 700.309792][T11269] bridge0: port 1(bridge_slave_0) entered blocking state [ 700.317049][T11269] bridge0: port 1(bridge_slave_0) entered forwarding state [ 700.376422][ T7563] bridge0: port 2(bridge_slave_1) entered blocking state [ 700.383675][ T7563] bridge0: port 2(bridge_slave_1) entered forwarding state [ 701.034139][T15282] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 701.268529][T15282] veth0_vlan: entered promiscuous mode [ 701.297880][T15282] veth1_vlan: entered promiscuous mode [ 701.493414][ T5848] Bluetooth: hci2: command 0x040f tx timeout [ 701.804078][T15282] veth0_macvtap: entered promiscuous mode [ 701.822397][T15282] veth1_macvtap: entered promiscuous mode [ 701.875615][T15282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 701.886361][T15282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 701.899927][T15282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 701.910534][T15282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 701.921247][T15282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 701.932269][T15282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 701.942575][T15282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 701.953542][T15282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 701.965883][T15282] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 701.976494][T15282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 701.987207][T15282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 701.997232][T15282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 702.007813][T15282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 702.018188][T15282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 702.029157][T15282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 702.039209][T15282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 702.050282][T15282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 702.061734][T15282] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 702.073055][T15282] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 702.082276][T15282] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 702.091376][T15282] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 702.100469][T15282] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 702.904853][T15403] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2225'. [ 703.004629][T15403] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2225'. [ 703.474277][ T8808] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 703.498736][ T8808] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 703.567725][ T8808] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 703.592119][ T5848] Bluetooth: hci2: command 0x040f tx timeout [ 703.598698][ T8808] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 704.224445][T15431] Process accounting resumed [ 704.230125][T15431] ACPI: Can not change Invalid GPE/Fixed Event status [ 705.631117][ T5848] Bluetooth: hci2: command 0x040f tx timeout [ 705.802407][T15463] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 705.899854][T15463] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 705.930316][T15463] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 705.949928][T15463] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 707.433922][T15504] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2246'. [ 707.875031][ T5848] Bluetooth: hci0: command 0x0c1a tx timeout [ 707.949211][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout [ 707.955898][ T5838] Bluetooth: hci4: command 0x0c1a tx timeout [ 708.029174][ T5838] Bluetooth: hci2: command 0x040f tx timeout [ 709.789721][T15510] Invalid ELF header magic: != ELF [ 710.747151][T15556] nbd: illegal input index 50331648 [ 710.753255][T15554] FAULT_INJECTION: forcing a failure. [ 710.753255][T15554] name failslab, interval 1, probability 0, space 0, times 0 [ 710.769467][T15554] CPU: 0 UID: 0 PID: 15554 Comm: syz.4.2259 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 710.780317][T15554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 710.790429][T15554] Call Trace: [ 710.793759][T15554] [ 710.796739][T15554] dump_stack_lvl+0x16c/0x1f0 [ 710.801487][T15554] should_fail_ex+0x497/0x5b0 [ 710.806235][T15554] ? fs_reclaim_acquire+0xae/0x150 [ 710.811420][T15554] should_failslab+0xc2/0x120 [ 710.816176][T15554] __kmalloc_noprof+0xce/0x4f0 [ 710.821012][T15554] ? io_alloc_async_data+0x9d/0x150 [ 710.826280][T15554] ? __io_alloc_req_refill+0xeb/0x5b0 [ 710.831717][T15554] io_alloc_async_data+0x9d/0x150 [ 710.836809][T15554] io_prep_rw+0x30d/0xb70 [ 710.841209][T15554] io_prep_rwv+0xa8/0x360 [ 710.845600][T15554] ? __pfx_io_prep_rwv+0x10/0x10 [ 710.850611][T15554] io_submit_sqes+0x850/0x25f0 [ 710.855468][T15554] __do_sys_io_uring_enter+0xd43/0x1620 [ 710.861085][T15554] ? __fget_files+0x206/0x3a0 [ 710.865809][T15554] ? __pfx___do_sys_io_uring_enter+0x10/0x10 [ 710.871849][T15554] ? fput+0x67/0x440 [ 710.875802][T15554] ? ksys_write+0x1ba/0x250 [ 710.880394][T15554] ? __pfx_ksys_write+0x10/0x10 [ 710.885296][T15554] do_syscall_64+0xcd/0x250 [ 710.889936][T15554] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 710.895877][T15554] RIP: 0033:0x7f3e26785d29 [ 710.900327][T15554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 710.919972][T15554] RSP: 002b:00007f3e27559038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 710.928423][T15554] RAX: ffffffffffffffda RBX: 00007f3e26975fa0 RCX: 00007f3e26785d29 [ 710.936428][T15554] RDX: 000000000000cd00 RSI: 0000000000000001 RDI: 0000000000000005 [ 710.944427][T15554] RBP: 00007f3e27559090 R08: 0000000000000000 R09: ffffffffffffffff [ 710.952426][T15554] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001 [ 710.960427][T15554] R13: 0000000000000000 R14: 00007f3e26975fa0 R15: 00007fff5abd4be8 [ 710.968444][T15554] [ 713.804817][T15588] FAULT_INJECTION: forcing a failure. [ 713.804817][T15588] name failslab, interval 1, probability 0, space 0, times 0 [ 713.842599][T15588] CPU: 0 UID: 0 PID: 15588 Comm: syz.4.2269 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 713.853473][T15588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 713.863589][T15588] Call Trace: [ 713.866912][T15588] [ 713.869896][T15588] dump_stack_lvl+0x16c/0x1f0 [ 713.874650][T15588] should_fail_ex+0x497/0x5b0 [ 713.879421][T15588] should_failslab+0xc2/0x120 [ 713.884176][T15588] __kmalloc_cache_noprof+0x68/0x420 [ 713.889529][T15588] ? __pfx_fanotify_poll+0x10/0x10 [ 713.894733][T15588] io_arm_poll_handler+0x3e7/0xc60 [ 713.899932][T15588] ? __pfx_io_arm_poll_handler+0x10/0x10 [ 713.905669][T15588] io_queue_async+0xaa/0x420 [ 713.910335][T15588] io_submit_sqes+0x177a/0x25f0 [ 713.915282][T15588] __do_sys_io_uring_enter+0xd43/0x1620 [ 713.920916][T15588] ? __fget_files+0x206/0x3a0 [ 713.925663][T15588] ? __pfx___do_sys_io_uring_enter+0x10/0x10 [ 713.931735][T15588] ? fput+0x67/0x440 [ 713.935716][T15588] ? ksys_write+0x1ba/0x250 [ 713.940290][T15588] ? __pfx_ksys_write+0x10/0x10 [ 713.945218][T15588] do_syscall_64+0xcd/0x250 [ 713.949805][T15588] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 713.955772][T15588] RIP: 0033:0x7f3e26785d29 [ 713.960241][T15588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 713.979918][T15588] RSP: 002b:00007f3e27559038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 713.988403][T15588] RAX: ffffffffffffffda RBX: 00007f3e26975fa0 RCX: 00007f3e26785d29 [ 713.996440][T15588] RDX: 000000000000cd00 RSI: 0000000000000001 RDI: 0000000000000005 [ 714.004476][T15588] RBP: 00007f3e27559090 R08: 0000000000000000 R09: ffffffffffffffff [ 714.012508][T15588] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001 [ 714.020538][T15588] R13: 0000000000000000 R14: 00007f3e26975fa0 R15: 00007fff5abd4be8 [ 714.028589][T15588] [ 714.074791][T15592] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2270'. [ 714.142094][T15594] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2271'. [ 715.219982][T15615] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2275'. [ 715.256975][T15615] netdevsim netdevsim0 netdevsim2: entered allmulticast mode [ 715.687863][T15626] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek 1 [ 730.942550][ T5848] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 731.134830][ T5848] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 731.145627][ T5848] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 731.190172][ T5848] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 731.197641][ T5848] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 732.524059][T15970] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2340'. [ 732.547620][T15937] chnl_net:caif_netlink_parms(): no params data found [ 732.966539][T15937] bridge0: port 1(bridge_slave_0) entered blocking state [ 732.984075][T15937] bridge0: port 1(bridge_slave_0) entered disabled state [ 733.004693][T15937] bridge_slave_0: entered allmulticast mode [ 733.020144][T15937] bridge_slave_0: entered promiscuous mode [ 733.047197][T15937] bridge0: port 2(bridge_slave_1) entered blocking state [ 733.066937][T15937] bridge0: port 2(bridge_slave_1) entered disabled state [ 733.087360][T15937] bridge_slave_1: entered allmulticast mode [ 733.102527][T15937] bridge_slave_1: entered promiscuous mode [ 733.225037][T15964] kexec: Could not allocate control_code_buffer [ 733.248729][ T5848] Bluetooth: hci3: command tx timeout [ 733.424848][T15937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 733.578810][T15937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 733.816602][T15937] team0: Port device team_slave_0 added [ 733.840288][T15937] team0: Port device team_slave_1 added [ 733.850143][T15995] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek [ 747.584053][T16236] dump_stack_lvl+0x16c/0x1f0 [ 747.588811][T16236] should_fail_ex+0x497/0x5b0 [ 747.593561][T16236] ? fs_reclaim_acquire+0xae/0x150 [ 747.598749][T16236] should_failslab+0xc2/0x120 [ 747.603508][T16236] __kmalloc_noprof+0xce/0x4f0 [ 747.608348][T16236] ? io_alloc_async_data+0x9d/0x150 [ 747.613618][T16236] ? __io_alloc_req_refill+0xeb/0x5b0 [ 747.619064][T16236] io_alloc_async_data+0x9d/0x150 [ 747.624162][T16236] io_prep_rw+0x30d/0xb70 [ 747.628561][T16236] io_prep_rwv+0xa8/0x360 [ 747.632954][T16236] ? __pfx_io_prep_rwv+0x10/0x10 [ 747.637969][T16236] io_submit_sqes+0x850/0x25f0 [ 747.642824][T16236] __do_sys_io_uring_enter+0xd43/0x1620 [ 747.648455][T16236] ? __fget_files+0x206/0x3a0 [ 747.653204][T16236] ? __pfx___do_sys_io_uring_enter+0x10/0x10 [ 747.659277][T16236] ? fput+0x67/0x440 [ 747.663249][T16236] ? arch_syscall_is_vdso_sigreturn+0xb6/0x230 [ 747.669499][T16236] ? syscall_user_dispatch+0x77/0x140 [ 747.674960][T16236] do_syscall_64+0xcd/0x250 [ 747.679548][T16236] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 747.685522][T16236] RIP: 0033:0x7fa35b985d29 [ 747.689991][T16236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 747.709665][T16236] RSP: 002b:00007fa35c78f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 747.718158][T16236] RAX: ffffffffffffffda RBX: 00007fa35bb75fa0 RCX: 00007fa35b985d29 [ 747.726188][T16236] RDX: 000000000000cd00 RSI: 0000000000000001 RDI: 0000000000000007 [ 747.734218][T16236] RBP: 00007fa35c78f090 R08: 0000000000000000 R09: ffffffffffffffff [ 747.742254][T16236] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001 [ 747.750284][T16236] R13: 0000000000000000 R14: 00007fa35bb75fa0 R15: 00007ffe8b84e718 [ 747.758341][T16236] [ 748.181470][T16248] cifs: Unknown parameter 't`' [ 748.398859][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 749.183780][T16267] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2409'. [ 749.216531][T16267] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 749.242021][T16267] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 749.289378][T16267] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 749.315822][T16267] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 749.375280][T16279] cgroup: fork rejected by pids controller in /syz5 [ 750.887961][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 751.505071][T16353] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek 0b 90 90 58 83 05 c6 4f 7f 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 793.267286][ T5869] RSP: 0018:ffffc9000451f908 EFLAGS: 00010282 [ 793.267318][ T5869] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff815a1789 [ 793.267343][ T5869] RDX: ffff888076038000 RSI: ffffffff815a1796 RDI: 0000000000000001 [ 793.267368][ T5869] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 793.267392][ T5869] R10: 0000000000000000 R11: 0000000000000002 R12: ffffffff8bb17d00 [ 793.267417][ T5869] R13: ffffffff8b4f81a0 R14: ffffffff8a2ae530 R15: ffffc9000451fa18 [ 793.267443][ T5869] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 793.267479][ T5869] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 793.267506][ T5869] CR2: 00005555726aa588 CR3: 0000000040420000 CR4: 00000000003526f0 [ 793.267531][ T5869] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 793.267555][ T5869] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 793.267579][ T5869] Call Trace: [ 793.267591][ T5869] [ 793.267606][ T5869] ? __warn+0xea/0x3c0 [ 793.267657][ T5869] ? mark_lock+0xb5/0xc60 [ 793.267711][ T5869] ? debug_print_object+0x1a2/0x2b0 [ 793.267765][ T5869] ? report_bug+0x3c0/0x580 [ 793.267811][ T5869] ? handle_bug+0x54/0xa0 [ 793.267857][ T5869] ? exc_invalid_op+0x17/0x50 [ 793.267905][ T5869] ? asm_exc_invalid_op+0x1a/0x20 [ 793.267952][ T5869] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 793.268015][ T5869] ? __warn_printk+0x199/0x350 [ 793.268065][ T5869] ? __warn_printk+0x1a6/0x350 [ 793.268117][ T5869] ? debug_print_object+0x1a2/0x2b0 [ 793.268173][ T5869] ? debug_print_object+0x1a1/0x2b0 [ 793.268224][ T5869] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 793.268287][ T5869] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 793.268334][ T5869] debug_check_no_obj_freed+0x4b7/0x600 [ 793.268407][ T5869] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 793.268665][ T5869] ? kmem_cache_free+0x152/0x4c0 [ 793.268715][ T5869] ? kfree_skbmem+0x1a4/0x1f0 [ 793.268761][ T5869] kfree+0x2b3/0x4b0 [ 793.268799][ T5869] ? hci_release_dev+0x4d9/0x600 [ 793.268841][ T5869] hci_release_dev+0x4d9/0x600 [ 793.268879][ T5869] ? __pfx_hci_release_dev+0x10/0x10 [ 793.268916][ T5869] ? rcu_is_watching+0x12/0xc0 [ 793.268961][ T5869] ? kfree+0x274/0x4b0 [ 793.269007][ T5869] bt_host_release+0x6a/0xb0 [ 793.269050][ T5869] ? __pfx_bt_host_release+0x10/0x10 [ 793.269094][ T5869] device_release+0xa1/0x240 [ 793.269135][ T5869] kobject_put+0x1e4/0x5a0 [ 793.269185][ T5869] put_device+0x1f/0x30 [ 793.269223][ T5869] devcd_dev_release+0x122/0x170 [ 793.269277][ T5869] ? __pfx_devcd_dev_release+0x10/0x10 [ 793.269323][ T5869] device_release+0xa1/0x240 [ 793.269363][ T5869] kobject_put+0x1e4/0x5a0 [ 793.269414][ T5869] put_device+0x1f/0x30 [ 793.269450][ T5869] process_one_work+0x958/0x1b30 [ 793.269499][ T5869] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 793.269537][ T5869] ? __pfx_process_one_work+0x10/0x10 [ 793.269571][ T5869] ? rcu_is_watching+0x12/0xc0 [ 793.269626][ T5869] ? assign_work+0x1a0/0x250 [ 793.269686][ T5869] worker_thread+0x6c8/0xf00 [ 793.269738][ T5869] ? __pfx_worker_thread+0x10/0x10 [ 793.269774][ T5869] kthread+0x2c1/0x3a0 [ 793.269815][ T5869] ? _raw_spin_unlock_irq+0x23/0x50 [ 793.269853][ T5869] ? __pfx_kthread+0x10/0x10 [ 793.269899][ T5869] ret_from_fork+0x45/0x80 [ 793.269933][ T5869] ? __pfx_kthread+0x10/0x10 [ 793.269977][ T5869] ret_from_fork_asm+0x1a/0x30 [ 793.270047][ T5869] [ 793.270065][ T5869] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 793.270082][ T5869] CPU: 0 UID: 0 PID: 5869 Comm: kworker/0:3 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 793.270122][ T5869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 793.270143][ T5869] Workqueue: events devcd_del [ 793.270184][ T5869] Call Trace: [ 793.270194][ T5869] [ 793.270207][ T5869] dump_stack_lvl+0x3d/0x1f0 [ 793.270249][ T5869] panic+0x71d/0x800 [ 793.270303][ T5869] ? __pfx_panic+0x10/0x10 [ 793.270352][ T5869] ? show_trace_log_lvl+0x29d/0x3d0 [ 793.270397][ T5869] ? check_panic_on_warn+0x1f/0xb0 [ 793.270451][ T5869] ? debug_print_object+0x1a2/0x2b0 [ 793.270505][ T5869] check_panic_on_warn+0xab/0xb0 [ 793.270555][ T5869] __warn+0xf6/0x3c0 [ 793.270602][ T5869] ? mark_lock+0xb5/0xc60 [ 793.270652][ T5869] ? debug_print_object+0x1a2/0x2b0 [ 793.270707][ T5869] report_bug+0x3c0/0x580 [ 793.270750][ T5869] handle_bug+0x54/0xa0 [ 793.270795][ T5869] exc_invalid_op+0x17/0x50 [ 793.270843][ T5869] asm_exc_invalid_op+0x1a/0x20 [ 793.270886][ T5869] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 793.270962][ T5869] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 48 8b 14 dd e0 81 b1 8b 41 56 4c 89 e6 48 c7 c7 60 76 b1 8b e8 5f 4d bc fc 90 <0f> 0b 90 90 58 83 05 c6 4f 7f 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 793.270996][ T5869] RSP: 0018:ffffc9000451f908 EFLAGS: 00010282 [ 793.271024][ T5869] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff815a1789 [ 793.271047][ T5869] RDX: ffff888076038000 RSI: ffffffff815a1796 RDI: 0000000000000001 [ 793.271070][ T5869] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 793.271093][ T5869] R10: 0000000000000000 R11: 0000000000000002 R12: ffffffff8bb17d00 [ 793.271116][ T5869] R13: ffffffff8b4f81a0 R14: ffffffff8a2ae530 R15: ffffc9000451fa18 [ 793.271143][ T5869] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 793.271201][ T5869] ? __warn_printk+0x199/0x350 [ 793.271249][ T5869] ? __warn_printk+0x1a6/0x350 [ 793.271308][ T5869] ? debug_print_object+0x1a1/0x2b0 [ 793.271358][ T5869] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 793.271410][ T5869] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 793.271456][ T5869] debug_check_no_obj_freed+0x4b7/0x600 [ 793.271526][ T5869] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 793.271596][ T5869] ? kmem_cache_free+0x152/0x4c0 [ 793.271643][ T5869] ? kfree_skbmem+0x1a4/0x1f0 [ 793.271687][ T5869] kfree+0x2b3/0x4b0 [ 793.271726][ T5869] ? hci_release_dev+0x4d9/0x600 [ 793.271768][ T5869] hci_release_dev+0x4d9/0x600 [ 793.271805][ T5869] ? __pfx_hci_release_dev+0x10/0x10 [ 793.271841][ T5869] ? rcu_is_watching+0x12/0xc0 [ 793.271885][ T5869] ? kfree+0x274/0x4b0 [ 793.271930][ T5869] bt_host_release+0x6a/0xb0 [ 793.271972][ T5869] ? __pfx_bt_host_release+0x10/0x10 [ 793.272015][ T5869] device_release+0xa1/0x240 [ 793.272054][ T5869] kobject_put+0x1e4/0x5a0 [ 793.272102][ T5869] put_device+0x1f/0x30 [ 793.272138][ T5869] devcd_dev_release+0x122/0x170 [ 793.272182][ T5869] ? __pfx_devcd_dev_release+0x10/0x10 [ 793.272224][ T5869] device_release+0xa1/0x240 [ 793.272269][ T5869] kobject_put+0x1e4/0x5a0 [ 793.272318][ T5869] put_device+0x1f/0x30 [ 793.272354][ T5869] process_one_work+0x958/0x1b30 [ 793.272400][ T5869] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 793.272435][ T5869] ? __pfx_process_one_work+0x10/0x10 [ 793.272468][ T5869] ? rcu_is_watching+0x12/0xc0 [ 793.272522][ T5869] ? assign_work+0x1a0/0x250 [ 793.272579][ T5869] worker_thread+0x6c8/0xf00 [ 793.272629][ T5869] ? __pfx_worker_thread+0x10/0x10 [ 793.272664][ T5869] kthread+0x2c1/0x3a0 [ 793.272704][ T5869] ? _raw_spin_unlock_irq+0x23/0x50 [ 793.272740][ T5869] ? __pfx_kthread+0x10/0x10 [ 793.272784][ T5869] ret_from_fork+0x45/0x80 [ 793.272817][ T5869] ? __pfx_kthread+0x10/0x10 [ 793.272861][ T5869] ret_from_fork_asm+0x1a/0x30 [ 793.272930][ T5869] [ 793.273267][ T5869] Kernel Offset: disabled