last executing test programs: 4.933832725s ago: executing program 1 (id=1090): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto(0x4000000000000c8, 0x800454d3, 0x3) r0 = socket(0x29, 0x2, 0x0) getsockopt$auto(r0, 0x119, 0x6, 0x0, 0x0) socket(0xa, 0x3, 0x100) socket(0x25, 0x1, 0x0) select$auto(0x6d0c, 0x0, &(0x7f0000000100)={[0x0, 0x1fb, 0x800000000000008, 0x8000c, 0x9, 0xffffffffff7ffff9, 0x2, 0x1, 0x400040009, 0x5e582972, 0x8, 0x14, 0x93, 0xffffffffffffff17, 0x8, 0x8]}, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x51) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c457ffffffffffffff000300"}, 0x55) sysfs$auto(0x2, 0x9, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0xa, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 4.681386884s ago: executing program 1 (id=1091): mmap$auto(0x0, 0x400008, 0xdf, 0x8011, 0x2, 0x8000) socket(0x27, 0x2, 0x82084) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) clone$auto(0xd2d2, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) clone$auto(0x8001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_fd=0x5, 0x7f, 0x9c, 0x7b2, 0x1, @relative_id=0x4, 0x80}, 0x96) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x7}, 0xc) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00') close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(0x1, 0x9, 0x1000) pidfd_open$auto(0x1, 0x0) ioctl$NS_GET_PARENT(r0, 0xff02, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_macvtap\x00', 0x0}) sendmsg$auto_ILA_CMD_DEL(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x44, r2, 0x1, 0x70bd21, 0x25dfdbfb, {}, [@ILA_ATTR_LOCATOR_MATCH={0xc}, @ILA_ATTR_IFINDEX={0x8}, @ILA_ATTR_IFINDEX={0x8, 0x4, r3}, @ILA_ATTR_CSUM_MODE={0x5, 0x7, 0x3}, @ILA_ATTR_LOCATOR={0xc, 0x1, 0x1ff}]}, 0x44}, 0x1, 0x0, 0x0, 0x4004004}, 0x10) socket(0xa, 0x5, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x13, 0x0, 0x4) 4.587501206s ago: executing program 2 (id=1093): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getsockopt$auto(0x6, 0x40000000084, 0x1e, 0xfffffffffffffffe, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00') mmap$auto(0x77015235, 0xfffffffffffffff7, 0x6, 0x15, 0x8000000000000000, 0x4) socket(0x11, 0x2, 0xbb) syz_clone(0x2040011, 0x0, 0x0, 0x0, 0x0, 0x0) wait4$auto(0x0, 0x0, 0x0, 0x0) socket(0x2a, 0x2, 0x0) socket(0x1d, 0x2, 0x6) getsockname$auto(0x3, &(0x7f0000000400)={0x80, @sockaddr_1_1}, &(0x7f0000000240)=0x1) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x1) mmap$auto(0x2, 0x2, 0xffffffffffffffff, 0x1ff, 0x2, 0x4) 4.375320736s ago: executing program 0 (id=1094): r0 = socket(0x10, 0x3, 0x6) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="fc000000", @ANYRES16=r1, @ANYBLOB="01002dbd7000fedbdf2505000000e6000400110008002e00", @ANYRES16, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4100f7b4a8132d759892f424887b55fbcf38553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43341a1e670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014100045800c00c50003000000000000001800368014006c800800150002020000050018005d0000000000d0cb580b273180"], 0xfc}, 0x1, 0x0, 0x0, 0x400d0}, 0x50) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) lseek$auto(0x0, 0x2000010000000a, 0x4) ioperm$auto(0x0, 0x9, 0x149) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_MAC80211_HWSIM(&(0x7f0000000640), r2) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000000)={0x18, r3, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@HWSIM_ATTR_DESTROY_RADIO_ON_CLOSE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20000904}, 0x48000) 3.747650536s ago: executing program 0 (id=1095): r0 = socket(0xa, 0x3, 0x2f) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r1, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f00000000c0)=ANY=[@ANYRESOCT=r1, @ANYRES16, @ANYBLOB="0bff100000009cff10fe07"], 0x14}, 0x1, 0x0, 0x0, 0x841}, 0x810) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) select$auto(0x7, 0x0, &(0x7f0000000100)={[0x9, 0x5, 0x0, 0xfffffffffffffff6, 0x7, 0xfffffffffffdffff, 0xdffffffffffffff8, 0x2, 0x0, 0x10000005e58296f, 0x1e, 0x7, 0x3, 0x200, 0x1, 0x9]}, 0x0, 0x0) read$auto(r1, &(0x7f0000000280)='\xf5\xf2t\x12\xb1\xb6)\xe1\xed=$\xeem\xdb \x825H\xbeE\x92\x99\x8d\x82\f\x13tt\xbe<\x14\xa4\x9aU2\xf4\x9f\xa1\xd0-\x8cM\x0f\xd9j\x8e\x99\xa0\xd5o\\(\xf5\xa2\xbb\xa5\xc8\xb2\x8a\xde\xc1\x81Ae+\xda\xb37}\xfef%\xa1\xefI\xf8b>\x97Y\x11\x9b&BB\xc2\x92\xec\f\xc6S\x94\xa7\xafFf;\xe2\xabm\xb3\xb2\x11\x89\xe8k\xdfE\xa4\x80\xc2d+\x13&\x9d\x8a2\xc1\xba\x7fi\x9d\xbd\x846\x11\x9a', 0x95ab) r2 = socket(0x10, 0x2, 0x4) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x10001, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) close_range$auto(0x0, 0xfffffffffffff001, 0x2) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="7201000061556b3ffec024cbbc4501677fe05775308e4f8b0abe98f8414646d7170749af3988049f4189359f74994227b75a54b9173b16f9da648d979bdad02e2fb965c49e61ede267c80087aa79beafe767fcb936362283c3280bce04d8bc89465375a4a8973eb8beddd941cf98243b8ea898df38a62b041334b071b09c74893510645ac0085dfd3a8d31a5302285070ef759d7da50c9000f1def13974fdcb7a0d933706157559f51e6783dd622888963123a5370cf7f4b8d8321c8425398c7b004acaf8faee2602d6ca3389b036e4725c19d59fa05980cbf3c401b04f71378e802c21007d53458e2a2780cb621b886a26407171a94fdc47e70ee1734ce516a3e08aaf9fc74cae0000000000000008a3402da9e100343500f3d82121af841da6acb3fda5e6d20f90f9405b0d5db784d98bc9250704db21f1da74f2a87e79681c361150b059ccf8dd47bb2993462298e2c143f460b7d7b9a6135aa60b23d90be58262703d8abb542fc3dafb2375671a1586d9101a7bcc85e0c6ae152dffb38e1fb5cd3e3", @ANYBLOB='9'], 0x1ac}, 0x1, 0x0, 0x0, 0x48804}, 0x40000) select$auto(0xfffffffd, 0x0, &(0x7f0000000100)={[0x9, 0x1, 0x7, 0xe, 0x9, 0x0, 0x8000000000000001, 0x2800000000000002, 0x9, 0xde582971, 0xff, 0x9, 0x4, 0x80000000ffff, 0x8, 0xb]}, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYRESDEC], 0x14}, 0x1, 0x0, 0x0, 0x200408d5}, 0x8800) madvise$auto(0x0, 0x7ffffffffffffffc, 0xa) r4 = socket(0x15, 0x5, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(&(0x7f0000000080)) close$auto(r0) dup2$auto(0xffffffffffffffff, r3) clone$auto(0x200021, 0xcf4, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x1) splice$auto(0x4, 0x0, r4, 0x0, 0x80, 0x9) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) openat2$dir(0xffffffffffffff9c, &(0x7f0000000400)='}[,&*}\x00', &(0x7f0000000500)={0x4400, 0x0, 0x35}, 0x18) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000004}, 0x2004c094) 3.592539395s ago: executing program 1 (id=1096): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) socket(0xa, 0x2, 0x88) newfstatat$auto(0xffffffffffffff9c, 0x0, &(0x7f00000000c0)={0xfffffffffffffe01, 0x2, 0x0, 0x3dc3, 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x5, 0x7, 0xffffffffffffffff, 0x8, 0xcab, 0x6, 0x0, 0x4, 0x7}, 0x1000) select$auto(0x3, 0x0, &(0x7f0000000100)={[0x9, 0x200, 0x0, 0x9, 0x9, 0x3, 0x6, 0x2, 0x9, 0x5e58296f, 0x4000000000000000, 0x9, 0x3, 0x200, 0x8, 0x6]}, 0x0, 0x0) close_range$auto(0x0, 0xe903, 0x2) socket(0x1e, 0x4, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r2, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000b00)=ANY=[@ANYBLOB="14000000287f89"], 0x14}, 0x1, 0x0, 0x0, 0x2000c041}, 0x10) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000e00), r2) r3 = syz_genetlink_get_family_id$auto_NCSI(&(0x7f0000001000), r2) sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000002180)={0x0, 0x0, &(0x7f0000002140)={&(0x7f00000020c0)={0x28, 0x0, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x7}]}, 0x28}, 0x1, 0x0, 0x0, 0x5d24b81a0ff58eee}, 0x0) sendmsg$auto_NL80211_CMD_SET_BSS(r0, &(0x7f00000008c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000880)={&(0x7f00000003c0)={0x4a0, 0x0, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NL80211_ATTR_MBSSID_ELEMS={0x489, 0x133, 0x0, 0x1, [@typed={0x9, 0xca2, 0x0, 0x0, @str='NCSI\x00'}, @generic="809254dff562600c4166f81d1c4d32d907bc968c324baf0e254c57b09ec0ed15031fba83dd16f3dcc88b9e5b0fd52ff68daef56b41244205e7ae54e008751b0d9964", @nested={0x15, 0xc0, 0x0, 0x1, [@nested={0x4, 0x1c}, @nested={0x4, 0xd6}, @generic="b59f3c3a31", @typed={0x4, 0xcb}]}, @nested={0x1c6, 0x53, 0x0, 0x1, [@typed={0x14, 0xc5, 0x0, 0x0, @ipv6=@empty}, @generic="e9d1176ef01320ddf48de1b31d203e7f28533275e97317cdd4c9ecf13da5417f3b2e4f74f339ce95e83823a1aa11fcc54534bc9d2fe87e96b74614e005136632892bcd331bc99efca795103455ad74ec293190e4da38ae79bda2f4895299835a755782bc4495dcffbcba768f04569cab2509ee40507813d81cb4c3adff5b907eae3e01897ed3a3bed44c08ad71137ff9eb910f1b76f4719c239e08a0865a4bb07797fc76b8468e226a8aaead30d92bf8eda813bb52e42d65a9ebab26398fdf305f0d5a08321a15c5912524f6bf172ec08ef5316a3f0f4539a7bff4bb5e2a", @typed={0x14, 0xa7, 0x0, 0x0, @ipv6=@private2}, @typed={0x8, 0x7c, 0x0, 0x0, @fd=r2}, @typed={0x8, 0x23, 0x0, 0x0, @fd}, @nested={0x4, 0xf5}, @typed={0xc, 0x106, 0x0, 0x0, @u64=0x6b}, @generic="95bd25dbb8747baf1ee1f639b0550e72f219b7fed64bedfa348a97889ea8c80fc31427af1a48e2b215f3f7cde6de3e7a530adfe837cc179759e2120ee93b9047e0bec4cae044a2debe6ac71ebdc7b9104e676ef58350c9033b580e8d0027adf7fecaa1889a9b2196572b765564f41c8228b157416f25530ce6a5cf2a2c2448586242d2d15106bbe1b32fda640e4c918c", @typed={0x8, 0x82, 0x0, 0x0, @ipv4=@rand_addr=0x64010101}, @nested={0x4, 0x149}]}, @nested={0xae, 0x92, 0x0, 0x1, [@typed={0x8, 0x7d, 0x0, 0x0, @ipv4=@broadcast}, @generic="5515c8eac017f6bb990b718daf284d493e330ee31bb1bce3bb09c599c5e75441134ea0a49f5b7819a385ad5e50548cfdef4dd63178b76072ee0ea257945c3a030a51c553ad7d86facb1c37b0a9fe92d52f07453e479693c4c9fb9b9022b6d1ba800634600e24a3193a164dd20d7f480ec06be285d38a88608d5c24f649273dbd4abc63f9333c6a105d4e3bbaf9607aaf5cfabc837487", @typed={0x8, 0x3b, 0x0, 0x0, @fd}, @nested={0x4, 0x143}]}, @nested={0xd2, 0x7b, 0x0, 0x1, [@nested={0x4, 0x126}, @generic="4c818cad7f9ff24ba05ee547028b9b62aa646a6ac6788699a884717f54e700ebab3a8a154cef2fc7617fa31f9ffa53a65f30d976d4862253d34f32c8178ba47527624e11e5cf985267f2da4edf7e6529d3f699896f8f61f394409bfa20eeea9647f2a507284026c8b188367e3f88248ee8684dc495b503403cef2c0685c48d", @generic="530e197f858aa2c79f6f408938c9e5314082be3d27228bb6b37795392ca467dc21d512c428f640f2df939adfa9f554443ce7c9314d", @generic="8aef8374008f5dd867abb86118f7aac93f20", @nested={0x4, 0x11d}]}, @generic="6e7f4cbfe2b9e9be83ac93d6a430f880ad4ec08e514b1fcfbd8b232e84c1d2a603818bab8ace3a7af5477186a5e6fc7cbdbac2d47b726b3b3f704d90a980ae6356bbd40dc1adc600a7b7e4259271c4475d3d15e0dcc68d63e1371d4564feec60299c11ad4db29a24e40bae569a5f276d2e87832e1feecd7829000a74c539e2596e01a93117567590c9da66088f92e4a67e2b5d12c0b9013c658ab33d6d7c21580b19dbfcd0d5889a97bab56806dea2400018d8d55b9172e4d43fba964db6191e62c8a6ce72057f6c7dd74727ab088d7a85b794"]}]}, 0x4a0}, 0x1, 0x0, 0x0, 0x20044000}, 0x4) sendmsg$auto_NCSI_CMD_CLEAR_INTERFACE(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x14, r3, 0x721, 0x70bd2e, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4040110}, 0x44000) sendmsg$auto_NCSI_CMD_SET_PACKAGE_MASK(r0, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r3, 0x8, 0x70bd2c, 0x25dfdbfe, {}, [@NCSI_ATTR_CHANNEL_MASK={0x8, 0x8, 0xfffffff8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x40) socket(0x2, 0x3, 0x7f) socket(0x23, 0x5, 0x0) mq_open$auto(0x0, 0x3ff, 0x7, &(0x7f0000000140)={0x7, 0x2f05, 0xa509, 0x4}) writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000340), 0x7111}, 0x8) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) connect$auto(0x3, &(0x7f0000000000)={0x2, @sa_data_min="0800e00000000000c1728d2af766"}, 0x55) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mlock$auto(0x4, 0x0) mlock$auto(0x7c89, 0x47fff) mlock2$auto(0x1, 0x8001, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x24004141) sendmmsg$auto(0x3, &(0x7f0000000040)={{0x0, 0x2, &(0x7f0000000080)={0x0, 0x1}, 0x10a, 0x0, 0x0, 0x3ff}, 0xed7138c}, 0x200, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="1100000012"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x3}, 0xed7138c}, 0x7, 0x0) 3.468893443s ago: executing program 3 (id=1097): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x40000000003, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x8000, &(0x7f0000000180)={0x6, 0x8000, 0x108, 0x7fff, 0x2, 0xfffe, 0xffffffffffffffff, [], {0x6, 0x3, 0x10001, 0x6, 0x9, 0x2d9, 0x0, 0x7ff, 0x10000800000000}, {0x5, 0x60b, 0x101000, 0x2, 0x80000001, 0x1, 0xff, 0x6, 0xe0000000000000}}) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0x18, 0x5, 0x2) bind$auto(0x3, &(0x7f0000000000)={0x3, @sa_data_min="9a57e35842c235d5c6067aeb6da8"}, 0x6b) close_range$auto(0x2, 0x8, 0x0) lstat$auto(&(0x7f0000000080)='./cgroup\x00', 0x0) 3.368394191s ago: executing program 2 (id=1098): mknod$auto(&(0x7f0000000140)='}[,&*}\x00\xa7i\x1cD\x873\xc5P\xc7\xc0>\xb0\xe9\x14\xf3V\f\x163\x06\xa5\xd6\xa8\x06\xc7\x96\xbcD\x99\a\xaa\xe0me\xa3\xf6\xbb\x94\xa14=\x02\xd1\xcfh\x9bVu\xd3\xb6Y\xd2\x00'/73, 0x1, 0x8) unshare$auto(0x20000) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') mmap$auto(0x0, 0x4000a, 0xdb, 0x9b72, 0x7, 0x28000) r1 = socket(0xa, 0x3, 0xff) connect$auto(0x3, &(0x7f0000000040)={0xa, @sockaddr_1_1={"a93a0b63c441ff"}}, 0x55) sendmsg$auto_IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x5d}, 0x1, 0x0, 0x0, 0x4000}, 0x4045880) acct$auto(&(0x7f0000000080)='}[,&*}\x00') futex_wait$auto(0xfffffffffffffffd, 0x1fc00000, 0x2, 0x6, 0xfffffffffffffffc, 0x3) setns(r0, 0x0) 3.085812067s ago: executing program 1 (id=1099): setreuid$auto(0x4, 0x0) keyctl$auto(0x12, 0x0, 0x0, 0x1, 0xa0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x1b, 0x0) fsopen$auto(0x0, 0x1) setrlimit$auto(0x101, &(0x7f0000000000)={0x9, 0x7ff}) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x10001, 0x0) r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000080)={0x2, 0x20, 0x1}, 0x18) r1 = geteuid() stat$auto(&(0x7f0000000180)='}[,&*}\x00', &(0x7f00000001c0)={0x4, 0x0, 0xd4df, 0x101, 0xffffffffffffffff, 0x0, 0x0, 0xc, 0x5, 0x0, 0xd5, 0x10001, 0x773800000000, 0x378, 0xf, 0x7fffffffffffffff, 0x3}) statx$auto(r0, &(0x7f00000000c0)='}[,&*}\x00', 0x5, 0xfffffffe, &(0x7f0000000280)={0x7, 0x4, 0x100000001, 0x1, r1, r2, 0x1, 0x4, 0x7, 0x5, 0x9, 0x100000000, {0x0, 0x7fffffff}, {0x2, 0x50}, {0x926e}, {0x6, 0x8}, 0x1, 0x3ff, 0x27, 0x6, 0x9, 0x4, 0x9, 0x0, 0x3ff, 0x3fa7, 0x1, 0xe73a, [0xa62, 0x1, 0x3, 0x2, 0x2, 0x5, 0x5, 0x8d3, 0xa]}) mount$auto(0x0, &(0x7f0000000100), 0x0, 0x100000, 0x0) clone$auto(0x80000646a8daf, 0x6, 0x0, 0x0, 0x9) 2.905307028s ago: executing program 2 (id=1100): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r0 = socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x0, &(0x7f0000000040)={0xa5, 0x4, 0x4, 0x8, 0x5, 0x9, 0xffffffffffffffff, [0x83, 0x7, 0x6], {0x9, 0x2, 0x1, 0x0, 0x3, 0x9, 0x2, 0x9, 0x9}, {0x101, 0x5, 0x9, 0x0, 0x6, 0x9, 0x3, 0x6, 0x7}}) mprotect$auto(0x1ffff000, 0x8020, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000)=0xfdb, 0x0) bind$auto(r1, &(0x7f0000000100)={0x3b, @sa_data_min="d4943ff75f82139b473d89beb0a4"}, 0x65c) r2 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_STATUS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="0b3a50970623", @ANYRES16=r2, @ANYBLOB="01002bbd7000fedbdf250500000008000100a3000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x40) fanotify_init$auto(0x5, 0x2000000000002) mlock$auto(0xf9, 0x0) r3 = open(&(0x7f00009e1000)='./file0\x00', 0xc162, 0x0) ftruncate$auto(r3, 0x80) socket(0x10, 0x2, 0xc) socket(0x2, 0x1, 0x0) socket(0xa, 0x5, 0x0) shutdown$auto(0x200000003, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x3, 0x5, 0x7, 0x0) setsockopt$auto(0x3, 0x0, 0xf, 0x0, 0xb) sendmmsg$auto(0x3, &(0x7f0000000040)={{0x0, 0x2, &(0x7f0000000080)={0x0, 0x1}, 0x10a, 0x0, 0x0, 0x3ff}, 0xed7138c}, 0x200, 0x0) mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) r4 = socket(0x15, 0x5, 0x0) getsockopt$auto(r4, 0x114, 0x271b, 0xfffffffffffffffc, 0x0) bind$auto(0x3, &(0x7f0000000040)={0xa, @sa_data_min="001000"}, 0x69) connect$auto(0x3, &(0x7f0000000140)={0x2, @sa_data_min="6a2f7ff43519eb7100"}, 0x55) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) fanotify_mark$auto(0x0, 0x1, 0x9, r3, 0x0) chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) 2.740082263s ago: executing program 3 (id=1101): sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0x80000) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x2, 0x0) r1 = socket(0x2b, 0x1, 0x1) r2 = socket(0x1, 0x6, 0x0) socket(0xa, 0x2, 0x0) getsockopt$auto(0x6, 0x40000000029, 0x50, 0xfffffffffffffffe, 0x0) pidfd_open$auto(r0, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) unlinkat$auto(0xa6f0, &(0x7f00000003c0)='$:\x00', 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) statmount$auto(&(0x7f0000000000)={0x5, 0x5, 0x3, 0xeb4, 0x8000000000000000}, &(0x7f0000000040)={0x101, 0x2, 0xa16, 0xffff, 0x1, 0x9, 0x3, 0x9, 0x9b3, 0x3f, 0xfffffff2, 0x4, 0x2, 0x2, 0x800, 0x6, 0x28, 0x3ea, 0x6, 0x5, [0x3, 0x5, 0x10000, 0xe0000000000000, 0x1, 0x6, 0x38, 0x1, 0x9, 0x0, 0x7, 0x7fff, 0x222d, 0x9, 0x2, 0x2, 0x2, 0x5, 0x86c8, 0x2, 0x18ab, 0x2, 0x2, 0xffffffffffffffff, 0xe62e, 0x4, 0xcee4, 0x1, 0x7, 0x8, 0x8, 0x5, 0x6090, 0x81, 0x3, 0x1, 0x800, 0x8000, 0xb, 0x6, 0x2, 0xa, 0x62, 0x2, 0x5, 0x4, 0x80000001, 0x3, 0xffffffffffffffff], "d6aad992696a4beb1dd7c9337a3be82d3918622aabc0d3ebc8481fe9a06ca5ef610ba3cb43faedfeff27d62fb1b91989a5d3a9af97a686485bcba3dede231f4696605a2d4bb1d622c769397fc94722717edb7904195714a3fbf1a5d59718147cf634e6f762f70cea6d2f300abcb12b238b9973235d1a5730501799041f51744be32b4c71c6c6f08914e4d4e668dd2db9b6098e78cda7dbda29ec1f40a96fc9126e7e9fc4746bf12e0bc0d20580721da70cabe4f51aabf0e50f024c683a989bed846e21fcd07679e6e526b9775937dc5202833563a6ba7f23f14ddf4ee51d8d1784ad7a7f570c076c4defbb955220aab319643b25dedd7e90"}, 0x516, 0x5) r3 = syz_genetlink_get_family_id$auto_MAC802154_HWSIM(&(0x7f0000000380), r1) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_RADIO(r2, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB="ac000000afb3b36660e3e0307f4207d6d260cb069034e522faea819251f85ca3ace0b1c170805ebe2693ccb2f2ad7618cfd8ac232b2f7433c5ed3ac8a9af38eabe1ee26f407fdc11ce422d79df6f27edf5527c8f636c410bdc6b4e19882142d8eab309adb68649996cb81e5ab718cceb1f93403c4bab3aa8f3349541068dc02ad269ae59edac9b50078f54688b56eaa7c4c6d165a956d63c1f448a18b244581d3571345217be64", @ANYRES16=r3, @ANYBLOB="000827bd7000fbdbdf2503000000850003800a0079002c5c5b7b5d000000240121808e71ce590f81098d739ae32c04a2ffaaa0cfa5bbd89c4f695247198fc102fb3afc9fd422f67c5ee0bdc1040e8fdb21e8f242dcc4173f66db2291b3fbf16a0bf54ce650a5ec0ac4c762383faa20b00151f58de72aaba903a917e672ed2c2c34c538888895ab88c6cd6154bb3535e57b13fe000000080001000200000008000100e1000000"], 0xac}, 0x1, 0x0, 0x0, 0x814}, 0x44) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) io_uring_enter$auto(0x3, 0x5, 0xffffffff, 0x3, 0x0, 0x2) 2.675805622s ago: executing program 0 (id=1102): r0 = socket(0xa, 0x1, 0x84) statmount$auto(0x0, &(0x7f00000002c0)={0x0, 0x0, 0x36, 0x824, 0x3, 0x28, 0x9f, 0x7, 0x9, 0x8380, 0x5, 0x9, 0x4, 0x0, 0xfffffffffffffff9, 0x7, 0x20000000000100, 0x1, 0x10001, 0xfffffffffffffdfe, [0x9, 0x7f, 0x9, 0x1, 0x7, 0x3, 0x0, 0x3, 0x7ffffffe, 0x8, 0x3, 0xfffffffffffffff9, 0x7, 0x3, 0x35c2, 0x3, 0x5, 0x0, 0xea6, 0x9, 0xb7, 0xc, 0x9, 0x2, 0x8000000003, 0xff, 0x1a, 0x11, 0xfffffffffffffffe, 0x7ffffffffffffffd, 0x2ab, 0x8, 0x800, 0x1, 0x400000000000001, 0x4003, 0xfffffffffffffff9, 0x6f, 0xfffffffffffffff9, 0x4, 0x2b7, 0x4, 0xf, 0xffffffffffffff23, 0x9, 0x4, 0x6, 0x2000000007a, 0xdc]}, 0xe3c, 0x0) mmap$auto(0x0, 0x8, 0xe1, 0x209b72, 0x7fffffff7f, 0x8000) socket(0x21, 0x2, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x0, 0x2, 0x4) connect$auto(0x5, 0x0, 0x9) sendmsg$auto_HSR_C_GET_NODE_STATUS(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYRES64=0x0, @ANYRES64=r2], 0x38}, 0x1, 0x0, 0x0, 0x20040000}, 0x44851) sendmmsg$auto(0xffffffffffffffff, 0x0, 0xffffff02, 0x800) socket(0x11, 0x80003, 0x300) sendmsg$auto_NL80211_CMD_SET_MAC_ACL(0xffffffffffffffff, 0x0, 0x48090) socket(0xa, 0x2, 0x73) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x6, 0x6, 0xe8) io_uring_setup$auto(0x6, 0x0) r3 = socket(0x5, 0x80000, 0x8003) syz_genetlink_get_family_id$auto_MAC80211_HWSIM(&(0x7f0000000040), r0) setsockopt$auto(r3, 0x110, 0x4, 0x0, 0x4) futex$auto(0x0, 0x6, 0x6, 0x0, 0x0, 0x9) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto(r3, 0x801454e3, 0x9f4) write$auto(0xc8, 0x0, 0x40f6) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) semctl$auto(0x1ff, 0x2, 0x13, 0x1) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) semctl$auto(0x7, 0x2, 0x13, 0xb) r4 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(r4, 0xf, 0x6) socket(0x2, 0x5, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x18, 0x0, 0x8) 2.387165957s ago: executing program 2 (id=1103): r0 = open(&(0x7f0000000000)='./file0\x00', 0x40440, 0x40) kcmp$auto(0x1, 0x1, 0x40400000000000, 0x4, 0x92) setresgid$auto(0x9, 0x8, 0x400) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mq_open$auto(&(0x7f0000000200)='.)-\\&[}\x00', 0xde8, 0xb, 0x0) socket(0x29, 0x5, 0x0) semctl$auto(0x1ff, 0x2, 0x13, 0x4) read$auto(0x3, 0x0, 0xf34) read$auto(0x3, 0x0, 0x7) ioperm$auto(0x7, 0x6, 0x2) mmap$auto(0x0, 0x20009, 0xe1, 0xeb1, 0x40000000000a5, 0x8000) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r1 = open$dir(&(0x7f0000000000)='./file0\x00', 0x42, 0x20) newfstatat$auto(r0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x9, 0x1, 0x2, 0x100, 0xee00, 0xee00, 0x0, 0xc, 0x0, 0x9, 0x9, 0x1450, 0x9, 0x7a8, 0x0, 0x2, 0xffffffff}, 0x1505) chown$auto(&(0x7f0000000040)='./file0\x00', 0xee01, r2) timer_create$auto(0xb, 0x0, 0x0) socket(0x10, 0x2, 0x4) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) open_tree$auto(r1, 0x0, 0x1001) prctl$auto(0x1000000001c, 0x5, 0x8, 0x9, 0x80001) setreuid$auto(0x8c4a, 0x5) open(&(0x7f0000000000)='./file0\x00', 0x40900, 0x38) socket(0x9, 0x6, 0x6) 2.258464669s ago: executing program 1 (id=1104): memfd_create$auto(&(0x7f0000000200)='^[/\x00', 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) ftruncate$auto(0x3, 0x700) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x2, 0x8000) sendmmsg$auto(0x8, &(0x7f0000000080)={{0x0, 0xffff, &(0x7f0000000040)={0x0, 0x5}, 0x5, 0x0, 0x24, 0xfffffffb}, 0x4}, 0x6, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x2, 0x80002, 0x73) bind$auto(0x3, &(0x7f0000000440)={0x2}, 0x6b) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x200, 0x0, 0x106, 0x0, 0x28, 0x697b}, 0xed7138c}, 0x9a6, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) lsm_get_self_attr$auto(0x3bce, &(0x7f0000000180)={0x2, 0xde6b, 0x5}, &(0x7f00000001c0)=0xd2, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0x34000) 2.243225002s ago: executing program 0 (id=1105): socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) shutdown$auto(0x200000003, 0x2) mount$auto(&(0x7f0000000040), 0x0, 0x0, 0x8, 0x0) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x2000c041) bind$auto(0x3, &(0x7f0000000080)={0x2, @sockaddr_1_1}, 0x6b) mount$auto(0x0, 0x0, 0x0, 0xdad, 0x0) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x1ffffffffffe, 0x4, 0x3, 0x13, 0x401, 0x8000) mlock$auto(0xffd, 0x2) mlock$auto(0x81, 0xffff) unshare$auto(0x40000080) shutdown$auto(0x200000003, 0x2) socket(0xa, 0x3, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) fsopen$auto(0x0, 0x1) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) mbind$auto(0xfffffffffffffffc, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) close_range$auto(0x0, 0xfffffffffffff000, 0x0) 1.871065944s ago: executing program 2 (id=1106): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x2, 0x0) select$auto(0x3, 0x0, &(0x7f0000000100)={[0xd, 0x200, 0x0, 0xc, 0x8, 0x3, 0x6, 0x2, 0x9, 0x5e582970, 0x4000000000000000, 0x2, 0x4, 0x5, 0x8, 0x6]}, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) connect$auto(0x3, &(0x7f00000018c0)={0x2, @sa_data_min="915bac14140ba3df94bb303b2f9d"}, 0x55) write$auto(0x3, 0x0, 0xfdef) socket(0x29, 0x5, 0x0) read$auto(0x4, 0x0, 0x80) shmctl$auto(0x9, 0xe, 0x0) select$auto(0x6d0c, 0x0, &(0x7f0000000100)={[0x0, 0x1ff, 0x800000000000008, 0xc, 0x9, 0xfffffffffffffff9, 0x6, 0x1, 0x400040009, 0x5e582972, 0x4000000000000000, 0x14, 0x93, 0xffffffffffffff17, 0x8, 0x8]}, 0x0, 0x0) socketpair$auto(0x6, 0x5, 0x7, 0x0) select$auto(0x3, 0x0, &(0x7f0000000100)={[0x9, 0x200, 0x0, 0x9, 0x9, 0x3, 0x6, 0x2, 0x9, 0x5e58296f, 0x1, 0x9, 0x3, 0x200, 0x6, 0xf]}, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000040)={{0x0, 0x2, 0x0, 0x10a, 0x0, 0x0, 0x3ff}, 0xed7138c}, 0x200, 0x0) setrlimit$auto(0x1000000007, 0x0) socket(0x1d, 0x2, 0x7) 1.601909831s ago: executing program 3 (id=1107): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x1, 0x22, &(0x7f00000000c0)='ns/user\x00', 0xfccd) (async) mprotect$auto(0x1ffff000, 0x8000000001000001, 0xd) (async) io_cancel$auto(0x2, &(0x7f0000000000)={0x10, 0x7, 0x9, 0x5, 0x4, 0xffffffffffffffff, 0x1ff, 0xffffffffffffffee, 0x6, 0x0, 0xffffffff, 0xffffffffffffffff}, &(0x7f0000000040)={0xfffffffffffffffe, 0x816f, 0x3, 0x8}) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000080)=[0x8b, 0x0, 0x10001, 0x7f, 0x4, 0x8, 0x6, 0x100], 0x3, &(0x7f0000000140)={&(0x7f0000000100)=[0x8, 0x8000], 0x9}, 0x8, &(0x7f0000000180)=[0x7, 0x3ff, 0x9, 0x4, 0x9, 0x6, 0x2, 0x4], 0x7ff, 0xfffffffc}, 0x8}, 0xff, 0x8c) r1 = socket(0x2, 0x1, 0x0) getsockopt$auto(r1, 0x0, 0x61, 0x0, &(0x7f00000000c0)=0x28) 1.528535309s ago: executing program 0 (id=1108): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) unshare$auto(0x40000080) writev$auto(0x1, 0x0, 0x1) madvise$auto(0x0, 0x20200, 0x15) socket(0x2, 0x5, 0x0) madvise$auto(0x1, 0x79, 0x8) socket(0x2, 0x3, 0xa) lsm_list_modules$auto(0x0, 0x0, 0x0) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) waitid$auto(0x0, 0x5c5, &(0x7f0000000040)={@siginfo_0_0={0x7, 0x91d9, 0x8001, @_timer={r0, 0x1, @sival_ptr=0x0, 0x1}}}, 0x4, &(0x7f00000000c0)={{0x4, 0x2}, {0x0, 0x80000002}, 0x6, 0x80000001, 0x4feb, 0xffffffffffff0001, 0x0, 0x3, 0x2, 0x0, 0x38, 0xba, 0x9, 0x3, 0x4, 0xffffffff7fffffff}) 1.379997503s ago: executing program 3 (id=1109): socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x8, 0x4000000000df, 0xeb1, 0x1ff, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x75, 0x0, 0x8) close_range$auto(0x0, 0x1, 0x0) fanotify_init$auto(0x8000000000000000, 0x1) socket(0x26, 0x80805, 0x0) syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/time\x00') syz_open_procfs$namespace(0x0, &(0x7f00000022c0)='ns/time_for_children\x00') fanotify_mark$auto(0x400000000000, 0x101, 0x9, 0x4, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1b0026bd7000fddbdf250300000004000800100003800c00178008000500", @ANYRES32=0x0, @ANYBLOB="12000100898771f1c19f1779048590828847000004000280040008"], 0x4c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) socket(0xa, 0x801, 0x84) (async) mmap$auto(0x0, 0x8, 0x4000000000df, 0xeb1, 0x1ff, 0x8000) (async) setsockopt$auto(0x3, 0x10000000084, 0x75, 0x0, 0x8) (async) close_range$auto(0x0, 0x1, 0x0) (async) fanotify_init$auto(0x8000000000000000, 0x1) (async) socket(0x26, 0x80805, 0x0) (async) syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/time\x00') (async) syz_open_procfs$namespace(0x0, &(0x7f00000022c0)='ns/time_for_children\x00') (async) fanotify_mark$auto(0x400000000000, 0x101, 0x9, 0x4, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) (async) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1b0026bd7000fddbdf250300000004000800100003800c00178008000500", @ANYRES32=0x0, @ANYBLOB="12000100898771f1c19f1779048590828847000004000280040008"], 0x4c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) (async) 971.508125ms ago: executing program 3 (id=1110): io_cancel$auto(0x8, 0xfffffffffffffffd, 0xfffffffffffffffc) (async) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) (async) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async, rerun: 64) ioctl$auto(0x4000000000000c8, 0x800454d3, 0x3) (async, rerun: 64) r0 = socket(0x29, 0x2, 0x0) getsockopt$auto(r0, 0x119, 0x6, 0x0, 0x0) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = syz_genetlink_get_family_id$auto_TASKSTATS(&(0x7f0000000040), 0xffffffffffffffff) tgkill$auto(0x0, 0x7, 0x80) (async) sendmsg$auto_CGROUPSTATS_CMD_GET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r2, 0x1, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0xc0) (async) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) open(0x0, 0x22240, 0x155) socket(0x840000000002, 0x3, 0x100) (async) setsockopt$auto(0x3, 0x1, 0x6, 0x0, 0x9) keyctl$auto(0x8, 0x5, 0x6, 0x6, 0x7) (async, rerun: 32) bpf$auto(0xd, &(0x7f0000000040)=@bpf_attr_0={0x4, 0xfffffffe, 0xa5, 0xffff, 0x10000, 0xffffffffffffffff, 0x7, "bf1dd692a292aa4bec5864f2a233bce3", 0x0, 0xffffffffffffffff, 0x10000, 0x7, 0x6, 0x2, 0xffffffffffffffff, 0xffffffffffffffff}, 0x7) (rerun: 32) connect$auto(0x3, &(0x7f0000000040)={0x2, @sockaddr_1_1={"d9ef7f"}}, 0x55) (async, rerun: 32) process_vm_readv$auto(0x0, &(0x7f0000000040)={0x0, 0x5}, 0x1, &(0x7f0000000100)={0x0, 0x1002}, 0x9, 0x2) (async, rerun: 32) r4 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000140), r3) sendmsg$auto_NFC_CMD_VENDOR(r3, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, r4, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_IM_PROTOCOLS={0x8, 0xd, 0xfffffffc}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x80000000}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000004}, 0xa39c9cd52be1c3e7) clone$auto(0x801fd, 0x3, 0x0, 0x0, 0x15) 940.000315ms ago: executing program 1 (id=1111): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) madvise$auto(0x8000000000, 0xb, 0x15) r0 = socket(0x29, 0x5, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001740), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_IPVS(&(0x7f0000001180), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_ZERO(r3, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000011c0)=ANY=[@ANYBLOB="181590ca", @ANYRES16=r4, @ANYBLOB="010025bd7000fddbdf251000000004000180"], 0x18}, 0x1, 0x0, 0x0, 0x40000004}, 0x4800) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) setresuid$auto(0x0, 0x0, 0x0) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) fsopen$auto(&(0x7f0000000000)='nlctrl\x00', 0x3) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) r5 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff) readv$auto(0x0, &(0x7f0000000080)={&(0x7f0000000040)=[0x5, 0x7], 0x6}, 0x7ff) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000001100)={0x14, r5, 0x301, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0xc040810) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) read$auto(0x4, 0x0, 0xfdef) sendmsg$auto_ETHTOOL_MSG_STATS_GET(r1, &(0x7f0000002100)={0x0, 0x0, &(0x7f00000020c0)={&(0x7f0000001800)={0x18, r2, 0x0, 0x70bd29, 0x25dfdbff, {}, [@ETHTOOL_A_STATS_GROUPS={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x2000}, 0x0) write$auto(0x3, 0x0, 0xfffffdef) sendmmsg$auto(r0, 0x0, 0x9a6, 0x3ec0) fcntl$auto(0x3, 0x4, 0xa553) 760.116669ms ago: executing program 2 (id=1112): open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) open(&(0x7f0000000080)='./file0\x00', 0x22000, 0x50) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x80000001, 0x4}, 0x77, 0x0, 0x0, 0x62bd) mlockall$auto(0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) io_uring_setup$auto(0x40005, &(0x7f0000000000)={0x4, 0x1, 0x400, 0x7, 0x1005, 0x7, 0x7, [0x200, 0x2e9, 0x8], {0x0, 0xffffffff, 0x5, 0x7, 0x7090, 0x5, 0x1, 0xfffffffc, 0x4}, {0x0, 0x1000fff, 0xffff7fff, 0x2, 0xa, 0x7, 0x3, 0x0, 0x3}}) clone$auto(0x200, 0xff, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x100000000) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) epoll_create$auto(0x8) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) fcntl$auto(0x0, 0x407, 0x100000) 715.57239ms ago: executing program 0 (id=1113): r0 = socket(0xa, 0x801, 0x84) sendmsg$auto_NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYRESDEC=0x0], 0x80}, 0x1, 0x0, 0x0, 0x80}, 0x4c045) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) r1 = socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x1, 0x9}, 0x7}, 0x3, 0x80) listen$auto(0x3, 0x81) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x19, 0xfffffffffffffffa, 0x80000008000) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="01002dba7ec203dbb4385fbd7000"], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x6, 0x0, 0x10000, 0xb1e, 0xe, 0x8) getpid() socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000000100)='.\x00', 0x5d5481, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) rt_sigtimedwait$auto(0x0, 0x0, 0x0, 0x8) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) 0s ago: executing program 3 (id=1114): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) syz_open_procfs$namespace(0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) clock_settime$auto(0x0, &(0x7f0000000000)={0x100000000, 0xfffffffffffffff9}) socket(0xa, 0x3, 0x73) socket(0xa, 0x801, 0x84) clone$auto(0x20003b46, 0x1, 0x0, 0x0, 0x20000000020002) getsockopt$auto(0x6, 0x84, 0x7b, 0x0, &(0x7f00000000c0)=0x10000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket(0x26, 0x80805, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/ipc\x00') open(&(0x7f0000000040)='./cgroup\x00', 0x745240, 0x40) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2c, 0x3, 0x0) bind$auto(0x7, &(0x7f0000000000)={0x2c, @sockaddr_1_1}, 0x3e) madvise$auto(0x0, 0x20200, 0x15) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.107' (ED25519) to the list of known hosts. [ 84.096087][ T5837] cgroup: Unknown subsys name 'net' [ 84.239985][ T5837] cgroup: Unknown subsys name 'cpuset' [ 84.248746][ T5837] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 85.989510][ T5837] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 87.981904][ T5859] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 87.991359][ T5859] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 87.999554][ T5859] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 88.004122][ T5857] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 88.016625][ T5859] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 88.024360][ T5859] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 88.032128][ T5859] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 88.047063][ T5857] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 88.052067][ T5862] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 88.055456][ T5857] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 88.067317][ T5863] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 88.069833][ T5857] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 88.077998][ T5862] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 88.083422][ T5857] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 88.092111][ T5862] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 88.097150][ T5857] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.105044][ T5862] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 88.112131][ T5857] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.119152][ T5862] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 88.125424][ T5857] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.132172][ T5862] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 88.148991][ T5857] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.171327][ T5857] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 88.185691][ T5857] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.511731][ T5849] chnl_net:caif_netlink_parms(): no params data found [ 88.594096][ T5848] chnl_net:caif_netlink_parms(): no params data found [ 88.689575][ T5846] chnl_net:caif_netlink_parms(): no params data found [ 88.773206][ T5849] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.781715][ T5849] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.789780][ T5849] bridge_slave_0: entered allmulticast mode [ 88.797565][ T5849] bridge_slave_0: entered promiscuous mode [ 88.806626][ T5849] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.813749][ T5849] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.821177][ T5849] bridge_slave_1: entered allmulticast mode [ 88.829057][ T5849] bridge_slave_1: entered promiscuous mode [ 88.851394][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.858853][ T5848] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.870576][ T5848] bridge_slave_0: entered allmulticast mode [ 88.877872][ T5848] bridge_slave_0: entered promiscuous mode [ 88.919711][ T5848] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.926991][ T5848] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.934162][ T5848] bridge_slave_1: entered allmulticast mode [ 88.942254][ T5848] bridge_slave_1: entered promiscuous mode [ 88.957530][ T5847] chnl_net:caif_netlink_parms(): no params data found [ 88.969779][ T5849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.982807][ T5849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.061572][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.075091][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.084423][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.091695][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.099072][ T5846] bridge_slave_0: entered allmulticast mode [ 89.106569][ T5846] bridge_slave_0: entered promiscuous mode [ 89.130334][ T5849] team0: Port device team_slave_0 added [ 89.138491][ T5849] team0: Port device team_slave_1 added [ 89.151487][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.158808][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.166392][ T5846] bridge_slave_1: entered allmulticast mode [ 89.173426][ T5846] bridge_slave_1: entered promiscuous mode [ 89.239566][ T5848] team0: Port device team_slave_0 added [ 89.247898][ T5848] team0: Port device team_slave_1 added [ 89.256415][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.290696][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.297872][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.324564][ T5849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.346585][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.356018][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.363227][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.371072][ T5847] bridge_slave_0: entered allmulticast mode [ 89.378230][ T5847] bridge_slave_0: entered promiscuous mode [ 89.387037][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.394165][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.401492][ T5847] bridge_slave_1: entered allmulticast mode [ 89.408660][ T5847] bridge_slave_1: entered promiscuous mode [ 89.415732][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.422717][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.448767][ T5849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.523964][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.531105][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.557413][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.571475][ T5846] team0: Port device team_slave_0 added [ 89.580347][ T5846] team0: Port device team_slave_1 added [ 89.589352][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.601204][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.611778][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.619045][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.645985][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.726807][ T5849] hsr_slave_0: entered promiscuous mode [ 89.733172][ T5849] hsr_slave_1: entered promiscuous mode [ 89.743702][ T5847] team0: Port device team_slave_0 added [ 89.753318][ T5847] team0: Port device team_slave_1 added [ 89.759867][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.767112][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.793818][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.806689][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.813679][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.839678][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.917313][ T5848] hsr_slave_0: entered promiscuous mode [ 89.923888][ T5848] hsr_slave_1: entered promiscuous mode [ 89.930403][ T5848] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.938374][ T5848] Cannot create hsr debugfs directory [ 89.944451][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.953682][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.980023][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.019283][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.026503][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.052964][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.087287][ T5846] hsr_slave_0: entered promiscuous mode [ 90.094797][ T5846] hsr_slave_1: entered promiscuous mode [ 90.101264][ T5846] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.109011][ T5846] Cannot create hsr debugfs directory [ 90.116313][ T5855] Bluetooth: hci2: command tx timeout [ 90.178907][ T5847] hsr_slave_0: entered promiscuous mode [ 90.186043][ T5855] Bluetooth: hci3: command tx timeout [ 90.186052][ T5857] Bluetooth: hci1: command tx timeout [ 90.192422][ T5847] hsr_slave_1: entered promiscuous mode [ 90.203189][ T5847] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.211282][ T5847] Cannot create hsr debugfs directory [ 90.266427][ T5857] Bluetooth: hci0: command tx timeout [ 90.491287][ T5849] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 90.505998][ T5849] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 90.517140][ T5849] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 90.541286][ T5849] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 90.584527][ T5848] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 90.619459][ T5848] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 90.633493][ T5848] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 90.648402][ T5848] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 90.692503][ T5847] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 90.707905][ T5847] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 90.718340][ T5847] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 90.735600][ T5847] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 90.840461][ T5846] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 90.851869][ T5846] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 90.866516][ T5846] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 90.882644][ T5846] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 90.949670][ T5849] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.014931][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.034393][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.048851][ T5849] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.087323][ T5848] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.112343][ T1316] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.119769][ T1316] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.130774][ T1316] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.137973][ T1316] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.152868][ T5847] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.164132][ T1316] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.171374][ T1316] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.198139][ T1316] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.205345][ T1316] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.220739][ T1316] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.227876][ T1316] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.238253][ T1316] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.245491][ T1316] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.340283][ T5848] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 91.352088][ T5848] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 91.413275][ T5849] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 91.427352][ T5849] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 91.511422][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.578836][ T5846] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.610026][ T1325] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.617314][ T1325] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.667219][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.674414][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.797540][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.883138][ T5849] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.896933][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.977428][ T5848] veth0_vlan: entered promiscuous mode [ 92.057468][ T5848] veth1_vlan: entered promiscuous mode [ 92.071577][ T5847] veth0_vlan: entered promiscuous mode [ 92.103863][ T5849] veth0_vlan: entered promiscuous mode [ 92.119742][ T5847] veth1_vlan: entered promiscuous mode [ 92.141722][ T5849] veth1_vlan: entered promiscuous mode [ 92.176011][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.187958][ T5848] veth0_macvtap: entered promiscuous mode [ 92.194729][ T5857] Bluetooth: hci2: command tx timeout [ 92.218234][ T5848] veth1_macvtap: entered promiscuous mode [ 92.258534][ T5847] veth0_macvtap: entered promiscuous mode [ 92.265864][ T5857] Bluetooth: hci1: command tx timeout [ 92.269443][ T5855] Bluetooth: hci3: command tx timeout [ 92.306801][ T5849] veth0_macvtap: entered promiscuous mode [ 92.336484][ T5847] veth1_macvtap: entered promiscuous mode [ 92.346596][ T5855] Bluetooth: hci0: command tx timeout [ 92.367959][ T5849] veth1_macvtap: entered promiscuous mode [ 92.393005][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.418565][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.444778][ T5847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.458037][ T5847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.470227][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.495016][ T5846] veth0_vlan: entered promiscuous mode [ 92.506669][ T5848] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.523261][ T5848] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.532835][ T5848] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.545719][ T5848] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.561491][ T5849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.578813][ T5849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.591280][ T5849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.602407][ T5849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.615187][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.627400][ T5847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.640412][ T5847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.652412][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.676630][ T5849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.687983][ T5849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.700724][ T5849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.711577][ T5849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.723569][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.752814][ T5846] veth1_vlan: entered promiscuous mode [ 92.761581][ T5847] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.772161][ T5847] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.781354][ T5847] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.790481][ T5847] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.829291][ T5849] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.839761][ T5849] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.849357][ T5849] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.859475][ T5849] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.963517][ T5846] veth0_macvtap: entered promiscuous mode [ 93.009089][ T5846] veth1_macvtap: entered promiscuous mode [ 93.091105][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.103824][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.120324][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.122093][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.131550][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.150187][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.161101][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.172049][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.183670][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.213190][ T1325] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.222546][ T1325] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.257160][ T1316] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.265034][ T1316] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.288763][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.302706][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.314571][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.326038][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.335946][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.346683][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.358960][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.369635][ T5846] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.378516][ T5846] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.388460][ T5846] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.397613][ T5846] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.434514][ T1325] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.451446][ T1325] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.490668][ T82] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.499898][ T82] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.558744][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.582406][ T5848] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 93.602162][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.712208][ T1325] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.767491][ T1325] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.823487][ T1316] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.848605][ T1316] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.265831][ T5855] Bluetooth: hci2: command tx timeout [ 94.345520][ T5855] Bluetooth: hci3: command tx timeout [ 94.346359][ T5857] Bluetooth: hci1: command tx timeout [ 94.427235][ T5857] Bluetooth: hci0: command tx timeout [ 95.983749][ T5944] Invalid ELF header magic: != ELF [ 96.289194][ T8] cfg80211: failed to load regulatory.db [ 96.345473][ T5857] Bluetooth: hci2: command tx timeout [ 96.426303][ T5857] Bluetooth: hci3: command tx timeout [ 96.426342][ T5855] Bluetooth: hci1: command tx timeout [ 96.507358][ T5855] Bluetooth: hci0: command tx timeout [ 97.609145][ T5954] mmap: syz.2.11 (5954): VmData 20619264 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 99.404028][ T5988] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 100.023113][ T5980] sctp: failed to load transform for md5: -2 [ 100.696344][ T6016] netlink: 'syz.2.24': attribute type 1 has an invalid length. [ 100.713446][ T6016] netlink: 48 bytes leftover after parsing attributes in process `syz.2.24'. [ 102.189030][ T6046] netlink: 28 bytes leftover after parsing attributes in process `syz.0.29'. [ 103.175210][ T6063] capability: warning: `syz.3.35' uses 32-bit capabilities (legacy support in use) [ 103.199571][ T6066] Zero length message leads to an empty skb [ 103.226977][ T6065] netlink: 4 bytes leftover after parsing attributes in process `syz.2.33'. [ 103.757314][ T6076] netlink: Conntrack attr has 4 unknown bytes [ 108.943617][ T6162] netlink: 4 bytes leftover after parsing attributes in process `syz.3.53'. [ 113.498932][ T6227] process 'syz.1.73' launched ':,' with NULL argv: empty string added [ 113.912452][ T6235] netlink: 4 bytes leftover after parsing attributes in process `syz.2.76'. [ 116.325306][ T6278] netlink: 178 bytes leftover after parsing attributes in process `syz.3.87'. [ 119.203448][ T6324] netlink: 172 bytes leftover after parsing attributes in process `syz.1.97'. [ 119.245694][ T6324] netlink: 172 bytes leftover after parsing attributes in process `syz.1.97'. [ 119.915845][ T6345] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 120.186077][ T6342] netlink: 'syz.2.100': attribute type 11 has an invalid length. [ 120.264077][ T6340] mmap: syz.1.102 (6340) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 121.979216][ T5855] Bluetooth: hci1: unexpected event 0x10 length: 15 > 1 [ 121.980278][ T5855] Bluetooth: hci1: hardware error 0x00 [ 124.110221][ T5855] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 128.048840][ T6500] netlink: 54 bytes leftover after parsing attributes in process `syz.2.144'. [ 131.581339][ T6572] syz.1.159 uses obsolete (PF_INET,SOCK_PACKET) [ 132.349745][ T6586] netlink: 342 bytes leftover after parsing attributes in process `syz.3.163'. [ 135.564627][ T6623] netlink: 4 bytes leftover after parsing attributes in process `syz.1.171'. [ 136.186536][ T6640] netlink: 172 bytes leftover after parsing attributes in process `syz.0.177'. [ 136.718286][ T6660] netlink: 4 bytes leftover after parsing attributes in process `syz.2.179'. [ 137.523359][ T6672] netlink: 93 bytes leftover after parsing attributes in process `syz.0.184'. [ 138.277817][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.284477][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.665772][ T6693] netlink: 12 bytes leftover after parsing attributes in process `syz.3.188'. [ 139.801780][ T6711] netlink: 4 bytes leftover after parsing attributes in process `syz.0.193'. [ 141.434084][ T6745] netlink: 28 bytes leftover after parsing attributes in process `syz.3.198'. [ 145.826158][ T6809] netlink: 28 bytes leftover after parsing attributes in process `syz.2.213'. [ 145.835955][ T6809] lo: entered promiscuous mode [ 145.848670][ T6809] lo: entered allmulticast mode [ 147.183854][ T6831] netlink: 50 bytes leftover after parsing attributes in process `syz.1.218'. [ 152.828687][ T6944] netlink: 4 bytes leftover after parsing attributes in process `syz.3.244'. [ 153.540306][ T6924] delete_channel: no stack [ 155.386288][ T6986] netlink: 4 bytes leftover after parsing attributes in process `syz.1.253'. [ 155.461827][ T6985] netlink: 4 bytes leftover after parsing attributes in process `syz.2.254'. [ 155.466038][ T6988] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 155.542685][ T6988] CIFS mount error: No usable UNC path provided in device string! [ 155.542685][ T6988] [ 155.565987][ T6986] veth0_macvtap: left promiscuous mode [ 155.595705][ T6988] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 155.606044][ T6986] macvtap0: entered promiscuous mode [ 155.656090][ T6986] macvtap0: entered allmulticast mode [ 157.183169][ T7019] netlink: 'syz.3.261': attribute type 3 has an invalid length. [ 160.662619][ T7053] netlink: 4 bytes leftover after parsing attributes in process `syz.2.270'. [ 162.506852][ T7062] netlink: 18 bytes leftover after parsing attributes in process `syz.2.272'. [ 168.409220][ T7104] svc: failed to register nfsdv3 RPC service (errno 111). [ 168.472154][ T7104] svc: failed to register nfsaclv3 RPC service (errno 111). [ 171.149084][ T7141] openvswitch: netlink: nsh attribute has 14 unknown bytes. [ 172.800601][ T7161] netlink: 16 bytes leftover after parsing attributes in process `syz.3.298'. [ 172.898769][ T7161] kernel read not supported for file /#)-\&[} (pid: 7161 comm: syz.3.298) [ 172.965287][ T29] audit: type=1800 audit(8277292070.670:2): pid=7161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.298" name="#)-\&[}" dev="mqueue" ino=12620 res=0 errno=0 [ 180.010355][ T7238] delete_channel: no stack [ 185.395660][ T7306] netlink: 20 bytes leftover after parsing attributes in process `syz.3.329'. [ 187.361280][ T7344] HSR: entered promiscuous mode [ 194.805886][ T7460] netlink: 30 bytes leftover after parsing attributes in process `syz.3.369'. [ 194.845477][ T5855] Bluetooth: hci3: unexpected event 0x18 length: 43 > 23 [ 197.658082][ T7524] netlink: 4 bytes leftover after parsing attributes in process `syz.3.382'. [ 198.552982][ T7539] ======================================================= [ 198.552982][ T7539] WARNING: The mand mount option has been deprecated and [ 198.552982][ T7539] and is ignored by this kernel. Remove the mand [ 198.552982][ T7539] option from the mount to silence this warning. [ 198.552982][ T7539] ======================================================= [ 199.247772][ T7547] sctp: [Deprecated]: syz.2.387 (pid 7547) Use of int in max_burst socket option. [ 199.247772][ T7547] Use struct sctp_assoc_value instead [ 199.716605][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.722980][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.147847][ T7558] netlink: 334 bytes leftover after parsing attributes in process `syz.3.391'. [ 206.128696][ T6791] syz.1.200 (6791) used greatest stack depth: 18656 bytes left [ 207.495356][ T6793] syz.1.200 (6793) used greatest stack depth: 18160 bytes left [ 208.005452][ T7648] netlink: 8 bytes leftover after parsing attributes in process `syz.3.411'. [ 210.359766][ T7691] svc: failed to register nfsdv3 RPC service (errno 111). [ 210.368496][ T7691] svc: failed to register nfsaclv3 RPC service (errno 111). [ 210.881001][ T7699] netlink: 4 bytes leftover after parsing attributes in process `syz.0.423'. [ 210.917336][ T7699] netlink: 4 bytes leftover after parsing attributes in process `syz.0.423'. [ 212.045315][ T5158] Bluetooth: hci3: command 0x0406 tx timeout [ 212.051465][ T5158] Bluetooth: hci0: command 0x0406 tx timeout [ 212.052881][ T55] Bluetooth: hci2: command 0x0406 tx timeout [ 212.375362][ T7727] netlink: 222 bytes leftover after parsing attributes in process `syz.2.429'. [ 215.555440][ T7755] netlink: 4 bytes leftover after parsing attributes in process `syz.1.438'. [ 217.608885][ T7786] netlink: 'syz.0.440': attribute type 1 has an invalid length. [ 222.054785][ T7833] netlink: 50 bytes leftover after parsing attributes in process `syz.2.454'. [ 222.096003][ T7848] netlink: 50 bytes leftover after parsing attributes in process `syz.0.459'. [ 222.152744][ T7848] netlink: 50 bytes leftover after parsing attributes in process `syz.0.459'. [ 223.590956][ T7885] netlink: 36 bytes leftover after parsing attributes in process `syz.1.467'. [ 223.842547][ T7895] netlink: 'syz.1.470': attribute type 28 has an invalid length. [ 223.861126][ T7895] netlink: 'syz.1.470': attribute type 29 has an invalid length. [ 223.887759][ T7895] netlink: 'syz.1.470': attribute type 30 has an invalid length. [ 223.911247][ T7895] netlink: 'syz.1.470': attribute type 31 has an invalid length. [ 223.930796][ T7895] netlink: 'syz.1.470': attribute type 32 has an invalid length. [ 223.951433][ T7895] netlink: 'syz.1.470': attribute type 33 has an invalid length. [ 223.970269][ T7895] netlink: 'syz.1.470': attribute type 35 has an invalid length. [ 223.990868][ T7899] netlink: zone id is out of range [ 223.997264][ T7895] netlink: 'syz.1.470': attribute type 37 has an invalid length. [ 224.007393][ T7899] netlink: zone id is out of range [ 224.012568][ T7899] netlink: zone id is out of range [ 224.024081][ T7895] netlink: 'syz.1.470': attribute type 39 has an invalid length. [ 224.032567][ T7899] netlink: get zone limit has 4 unknown bytes [ 224.047866][ T7895] netlink: 'syz.1.470': attribute type 40 has an invalid length. [ 224.066173][ T7895] netlink: 18 bytes leftover after parsing attributes in process `syz.1.470'. [ 224.110460][ T7900] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma? [ 225.207398][ T7906] netlink: 342 bytes leftover after parsing attributes in process `syz.2.472'. [ 228.088235][ T7980] netlink: 108 bytes leftover after parsing attributes in process `syz.2.491'. [ 229.191749][ T8015] netlink: 8 bytes leftover after parsing attributes in process `syz.2.496'. [ 230.552764][ T8038] Invalid ELF header magic: != ELF [ 231.847555][ T8068] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 231.915767][ T8068] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 232.999052][ T8076] Invalid ELF header magic: != ELF [ 234.248195][ T8109] validate_nla: 1 callbacks suppressed [ 234.248222][ T8109] netlink: 'syz.3.518': attribute type 46 has an invalid length. [ 235.213461][ T8121] netlink: 330 bytes leftover after parsing attributes in process `syz.0.522'. [ 235.245985][ T8121] netlink: 330 bytes leftover after parsing attributes in process `syz.0.522'. [ 235.322284][ T8121] netlink: 330 bytes leftover after parsing attributes in process `syz.0.522'. [ 235.424207][ T8125] netlink: 28 bytes leftover after parsing attributes in process `syz.2.521'. [ 237.796734][ T8173] netlink: 'syz.3.535': attribute type 3 has an invalid length. [ 239.218031][ T8205] netlink: 28 bytes leftover after parsing attributes in process `syz.1.543'. [ 244.916666][ T8300] netlink: Conntrack attr has 16 unknown bytes [ 245.850572][ T8292] netlink: 28 bytes leftover after parsing attributes in process `syz.2.563'. [ 247.749324][ T8292] team0 (unregistering): Port device team_slave_0 removed [ 247.967280][ T8292] team0 (unregistering): Port device team_slave_1 removed [ 250.143001][ T8362] netlink: 20 bytes leftover after parsing attributes in process `syz.2.580'. [ 252.976120][ T8394] netlink: Conntrack attr type has unexpected length (type=0, length=107, expected=0) [ 256.982699][ T8449] netlink: 28 bytes leftover after parsing attributes in process `syz.0.604'. [ 257.318949][ T8460] Invalid ELF header magic: != ELF [ 258.765006][ T8506] netlink: 4 bytes leftover after parsing attributes in process `syz.0.615'. [ 260.630907][ T8537] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 261.147857][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.154484][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 262.339433][ T8555] hugetlbfs: syz.0.626 (8555): Using mlock ulimits for SHM_HUGETLB is obsolete [ 264.195613][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 267.005342][ T29] audit: type=1326 audit(4294967333.950:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8694 comm="syz.3.657" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0f3477e819 code=0x0 [ 267.481004][ T8699] tc_dump_action: action bad kind [ 268.335598][ T8710] netlink: 12 bytes leftover after parsing attributes in process `syz.1.663'. [ 268.344600][ T8710] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 269.809890][ T8722] Malformed UNC in devname [ 269.809890][ T8722] [ 269.830292][ T8722] CIFS: VFS: Malformed UNC in devname [ 270.563464][ T8736] netlink: 8 bytes leftover after parsing attributes in process `syz.0.671'. [ 277.639814][ T8865] netlink: 28 bytes leftover after parsing attributes in process `syz.2.699'. [ 278.406216][ T8878] netlink: 334 bytes leftover after parsing attributes in process `syz.1.701'. [ 279.143069][ T8897] netlink: 350 bytes leftover after parsing attributes in process `syz.0.705'. [ 279.183695][ T8896] netlink: 350 bytes leftover after parsing attributes in process `syz.0.705'. [ 279.760986][ T8909] netlink: 178 bytes leftover after parsing attributes in process `syz.2.708'. [ 283.682740][ T8972] netlink: 4 bytes leftover after parsing attributes in process `syz.0.721'. [ 286.707469][ T9024] netlink: 8 bytes leftover after parsing attributes in process `syz.2.733'. [ 286.842531][ T9028] bridge0: port 3(veth1) entered blocking state [ 286.887933][ T9028] bridge0: port 3(veth1) entered disabled state [ 286.939204][ T9028] veth1: entered allmulticast mode [ 286.982042][ T9028] veth1: entered promiscuous mode [ 287.017914][ T9028] bridge0: port 3(veth1) entered blocking state [ 287.024589][ T9028] bridge0: port 3(veth1) entered forwarding state [ 290.445771][ T9080] netlink: 16 bytes leftover after parsing attributes in process `syz.0.747'. [ 292.021964][ T9110] netlink: 28 bytes leftover after parsing attributes in process `syz.3.754'. [ 292.107841][ T9108] svc: failed to register nfsdv3 RPC service (errno 111). [ 292.194945][ T9108] svc: failed to register nfsaclv3 RPC service (errno 111). [ 293.375971][ T9124] bridge0: port 4(macsec0) entered blocking state [ 293.382535][ T9124] bridge0: port 4(macsec0) entered disabled state [ 293.455541][ T9124] macsec0: entered allmulticast mode [ 293.461247][ T9124] veth1_macvtap: entered allmulticast mode [ 293.477158][ T9124] macsec0: entered promiscuous mode [ 293.483127][ T9124] bridge0: port 4(macsec0) entered blocking state [ 293.489785][ T9124] bridge0: port 4(macsec0) entered forwarding state [ 294.077040][ T9130] netlink: 325 bytes leftover after parsing attributes in process `syz.0.759'. [ 297.647149][ T9186] netlink: 28 bytes leftover after parsing attributes in process `syz.0.772'. [ 297.689887][ T9186] lo: entered promiscuous mode [ 297.705617][ T9186] lo: entered allmulticast mode [ 297.792712][ T9190] netlink: 342 bytes leftover after parsing attributes in process `syz.3.771'. [ 298.514554][ T9190] netlink: 342 bytes leftover after parsing attributes in process `syz.3.771'. [ 298.652055][ T9203] netlink: 334 bytes leftover after parsing attributes in process `syz.2.775'. [ 300.881809][ T9240] netlink: 12 bytes leftover after parsing attributes in process `syz.2.788'. [ 303.156284][ T9287] HfR: entered promiscuous mode [ 303.210355][ T9287] netlink: 12 bytes leftover after parsing attributes in process `syz.3.798'. [ 303.257915][ T9287] HfR: left promiscuous mode [ 304.373559][ T9302] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 305.648572][ T9317] netlink: 54 bytes leftover after parsing attributes in process `syz.3.805'. [ 306.921230][ T9330] netlink: 'syz.1.806': attribute type 10 has an invalid length. [ 306.995373][ T9330] netlink: 326 bytes leftover after parsing attributes in process `syz.1.806'. [ 307.326884][ T9353] netlink: 334 bytes leftover after parsing attributes in process `syz.3.813'. [ 307.405370][ T9353] netlink: 334 bytes leftover after parsing attributes in process `syz.3.813'. [ 308.675988][ T9385] netlink: 5657 bytes leftover after parsing attributes in process `syz.1.820'. [ 310.412803][ T9428] netlink: 4 bytes leftover after parsing attributes in process `syz.3.828'. [ 310.886145][ T9428] netlink: 330 bytes leftover after parsing attributes in process `syz.3.828'. [ 313.174727][ T9469] netlink: 4 bytes leftover after parsing attributes in process `syz.1.838'. [ 315.017658][ T9499] syz.1.844(9499): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 320.366883][ T5855] Bluetooth: hci3: unexpected event for opcode 0x0400 [ 322.026276][ T9589] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 322.268503][ T9588] netlink: 4 bytes leftover after parsing attributes in process `syz.2.865'. [ 322.284626][ T9592] netlink: 4 bytes leftover after parsing attributes in process `syz.1.866'. [ 322.589444][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.596162][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 324.427153][ T5855] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 324.435987][ T5855] Bluetooth: hci3: Injecting HCI hardware error event [ 324.444704][ T5855] Bluetooth: hci3: hardware error 0x00 [ 324.484546][ T9629] netlink: 32 bytes leftover after parsing attributes in process `syz.0.873'. [ 325.213366][ T9638] openvswitch: netlink: Key type 261 is out of range max 32 [ 326.140365][ T9650] raw_sendmsg: syz.3.880 forgot to set AF_INET. Fix it! [ 326.667950][ T5855] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 329.952167][ T9720] netlink: 28 bytes leftover after parsing attributes in process `syz.3.896'. [ 331.394683][ T9737] netlink: 334 bytes leftover after parsing attributes in process `syz.3.900'. [ 331.589335][ T9733] netlink: 334 bytes leftover after parsing attributes in process `syz.3.900'. [ 332.371371][ T9747] sctp: [Deprecated]: syz.1.902 (pid 9747) Use of int in maxseg socket option. [ 332.371371][ T9747] Use struct sctp_assoc_value instead [ 334.107733][ T9764] netlink: 342 bytes leftover after parsing attributes in process `syz.3.907'. [ 345.371323][ T9938] netlink: 28 bytes leftover after parsing attributes in process `syz.1.950'. [ 347.442304][ T9998] netlink: 4 bytes leftover after parsing attributes in process `syz.2.969'. [ 347.481330][ T9999] netlink: 4 bytes leftover after parsing attributes in process `syz.2.969'. [ 347.506085][ T9998] netlink: 28 bytes leftover after parsing attributes in process `syz.2.969'. [ 348.150810][T10020] netlink: 'syz.1.975': attribute type 11 has an invalid length. [ 349.174745][T10032] netlink: 28 bytes leftover after parsing attributes in process `syz.3.980'. [ 349.213723][T10032] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 349.244008][T10032] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 349.306519][T10032] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 349.352455][T10032] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 351.426944][T10081] netlink: 'syz.3.990': attribute type 1 has an invalid length. [ 351.601762][T10085] ptrace attach of "./syz-executor exec"[5848] was attempted by "./syz-executor exec"[10085] [ 354.076129][T10151] bridge0: port 5(batadv0) entered blocking state [ 354.102029][T10151] bridge0: port 5(batadv0) entered disabled state [ 354.152456][T10151] batadv0: entered allmulticast mode [ 354.176920][T10151] batadv0: entered promiscuous mode [ 354.217406][T10151] bridge0: port 5(batadv0) entered blocking state [ 354.224012][T10151] bridge0: port 5(batadv0) entered forwarding state [ 354.250501][ T7991] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 354.260328][ T7991] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 355.922174][T10194] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1016'. [ 358.061006][T10225] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1024'. [ 358.371270][T10224] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1024'. [ 358.396134][T10224] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1024'. [ 358.447487][T10224] bridge_slave_1: left allmulticast mode [ 358.491288][T10224] bridge_slave_1: left promiscuous mode [ 358.515490][T10224] bridge0: port 2(bridge_slave_1) entered disabled state [ 358.717048][T10224] bridge_slave_0: left allmulticast mode [ 358.722786][T10224] bridge_slave_0: left promiscuous mode [ 358.785374][T10224] bridge0: port 1(bridge_slave_0) entered disabled state [ 359.388450][T10247] Invalid ELF header magic: != ELF [ 360.876780][T10272] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 363.904731][T10360] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1058'. [ 366.007412][T10409] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1067'. [ 366.212473][T10412] delete_channel: no stack [ 366.991092][T10427] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1072'. [ 367.037405][T10427] HSR: entered promiscuous mode [ 367.756533][T10443] ptrace attach of "./syz-executor exec"[5846] was attempted by "./syz-executor exec"[10443] [ 382.302511][T10538] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1094'. [ 383.477269][T10554] Process accounting resumed [ 384.030928][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 384.037574][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 385.261001][T10592] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1109'. [ 385.367568][T10592] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1109'. [ 445.469558][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.476082][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.917971][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.924302][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 534.425430][ T30] INFO: task syz-executor:5837 blocked for more than 143 seconds. [ 534.433511][ T30] Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0 [ 534.441323][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 534.451355][ T30] task:syz-executor state:D stack:23568 pid:5837 tgid:5837 ppid:5835 flags:0x00000002 [ 534.461761][ T30] Call Trace: [ 534.465237][ T30] [ 534.468321][ T30] __schedule+0xe5a/0x5ae0 [ 534.472823][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 534.478533][ T30] ? hlock_class+0x4e/0x130 [ 534.483377][ T30] ? mark_lock+0xb5/0xc60 [ 534.488007][ T30] ? __pfx___schedule+0x10/0x10 [ 534.493035][ T30] ? schedule+0x298/0x350 [ 534.497651][ T30] ? __pfx_lock_release+0x10/0x10 [ 534.502763][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 534.509165][ T30] ? lock_acquire+0x2f/0xb0 [ 534.513838][ T30] ? schedule+0x1fd/0x350 [ 534.518499][ T30] schedule+0xe7/0x350 [ 534.522656][ T30] io_schedule+0xbf/0x130 [ 534.527512][ T30] bit_wait_io+0x15/0xe0 [ 534.531852][ T30] __wait_on_bit+0x62/0x180 [ 534.536532][ T30] ? __pfx_bit_wait_io+0x10/0x10 [ 534.541563][ T30] out_of_line_wait_on_bit+0xda/0x110 [ 534.548141][ T30] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 534.554532][ T30] ? __pfx_wake_bit_function+0x10/0x10 [ 534.560152][ T30] do_get_write_access+0x933/0x1270 [ 534.565609][ T30] jbd2_journal_get_write_access+0x1d6/0x280 [ 534.571694][ T30] __ext4_journal_get_write_access+0x6a/0x390 [ 534.577954][ T30] ext4_reserve_inode_write+0x13b/0x270 [ 534.583619][ T30] __ext4_mark_inode_dirty+0x1a6/0x890 [ 534.589368][ T30] ? ext4_dirty_inode+0xd9/0x130 [ 534.594485][ T30] ? rcu_is_watching+0x12/0xc0 [ 534.599446][ T30] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 534.605693][ T30] ? rcu_is_watching+0x12/0xc0 [ 534.610751][ T30] ? trace_jbd2_handle_start+0x1b4/0x240 [ 534.616565][ T30] ? jbd2__journal_start+0xf6/0x6a0 [ 534.621839][ T30] ? __ext4_journal_start_sb+0x358/0x660 [ 534.627794][ T30] ? __ext4_journal_start_sb+0x206/0x660 [ 534.633548][ T30] ? ext4_dirty_inode+0xa1/0x130 [ 534.638656][ T30] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 534.644092][ T30] ext4_dirty_inode+0xd9/0x130 [ 534.649996][ T30] ? rcu_is_watching+0x12/0xc0 [ 534.655211][ T30] __mark_inode_dirty+0x1f6/0xe60 [ 534.660363][ T30] generic_update_time+0xcf/0xf0 [ 534.665660][ T30] file_update_time+0x17d/0x1c0 [ 534.670643][ T30] ext4_page_mkwrite+0x368/0x1760 [ 534.675904][ T30] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 534.681461][ T30] ? lock_acquire+0x2f/0xb0 [ 534.686267][ T30] ? __pte_offset_map+0x42/0x540 [ 534.691330][ T30] do_page_mkwrite+0x177/0x380 [ 534.696239][ T30] do_pte_missing+0x29e/0x3e70 [ 534.701064][ T30] ? lock_vma_under_rcu+0x13e/0x980 [ 534.706498][ T30] __handle_mm_fault+0x100a/0x2a10 [ 534.711689][ T30] ? __pfx_lock_release+0x10/0x10 [ 534.717201][ T30] ? lock_vma_under_rcu+0x13e/0x980 [ 534.722473][ T30] ? __pfx___handle_mm_fault+0x10/0x10 [ 534.728176][ T30] handle_mm_fault+0x3fa/0xaa0 [ 534.733013][ T30] do_user_addr_fault+0x60d/0x13f0 [ 534.738430][ T30] exc_page_fault+0x5c/0xc0 [ 534.743046][ T30] asm_exc_page_fault+0x26/0x30 [ 534.748099][ T30] RIP: 0033:0x7f1071a678fc [ 534.753530][ T30] RSP: 002b:00007ffd5ea1b330 EFLAGS: 00010202 [ 534.760058][ T30] RAX: 00007f106fcf0000 RBX: 000055558c1ae490 RCX: 0000000000000003 [ 534.768197][ T30] RDX: 1ffffffff13d8ad3 RSI: 000055558c19fdb8 RDI: 0000000000000008 [ 534.776335][ T30] RBP: 00007ffd5ea1b830 R08: 000055558c19fdb8 R09: 000000000000315a [ 534.784365][ T30] R10: 00007f1071a00000 R11: 0000000000000246 R12: 00007ffd5ea1b680 [ 534.792554][ T30] R13: 0000000000000004 R14: 00007ffd5ea1b3a0 R15: 00007ffd5ea1b470 [ 534.800765][ T30] [ 534.803865][ T30] INFO: task syz.2.1112:10609 blocked for more than 143 seconds. [ 534.811877][ T30] Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0 [ 534.819439][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 534.828482][ T30] task:syz.2.1112 state:D stack:27344 pid:10609 tgid:10609 ppid:5849 flags:0x00000004 [ 534.838899][ T30] Call Trace: [ 534.842220][ T30] [ 534.845477][ T30] __schedule+0xe5a/0x5ae0 [ 534.849979][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 534.856176][ T30] ? hlock_class+0x4e/0x130 [ 534.860968][ T30] ? mark_lock+0xb5/0xc60 [ 534.865585][ T30] ? __pfx___schedule+0x10/0x10 [ 534.870524][ T30] ? schedule+0x298/0x350 [ 534.874895][ T30] ? __pfx_lock_release+0x10/0x10 [ 534.880075][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 534.885495][ T30] ? lock_acquire+0x2f/0xb0 [ 534.890031][ T30] ? schedule+0x1fd/0x350 [ 534.894400][ T30] schedule+0xe7/0x350 [ 534.898616][ T30] io_schedule+0xbf/0x130 [ 534.903043][ T30] bit_wait_io+0x15/0xe0 [ 534.907717][ T30] __wait_on_bit+0x62/0x180 [ 534.912302][ T30] ? __pfx_bit_wait_io+0x10/0x10 [ 534.917479][ T30] out_of_line_wait_on_bit+0xda/0x110 [ 534.923288][ T30] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 534.929495][ T30] ? __pfx_wake_bit_function+0x10/0x10 [ 534.935609][ T30] do_get_write_access+0x933/0x1270 [ 534.940991][ T30] jbd2_journal_get_write_access+0x1d6/0x280 [ 534.947671][ T30] __ext4_journal_get_write_access+0x6a/0x390 [ 534.953822][ T30] ext4_reserve_inode_write+0x13b/0x270 [ 534.959979][ T30] __ext4_mark_inode_dirty+0x1a6/0x890 [ 534.965784][ T30] ? ext4_dirty_inode+0xd9/0x130 [ 534.970821][ T30] ? rcu_is_watching+0x12/0xc0 [ 534.976554][ T30] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 534.982651][ T30] ? rcu_is_watching+0x12/0xc0 [ 534.987810][ T30] ? trace_jbd2_handle_start+0x1b4/0x240 [ 534.993716][ T30] ? jbd2__journal_start+0xf6/0x6a0 [ 534.999120][ T30] ? __ext4_journal_start_sb+0x358/0x660 [ 535.004913][ T30] ? __ext4_journal_start_sb+0x206/0x660 [ 535.010645][ T30] ? ext4_dirty_inode+0xa1/0x130 [ 535.015788][ T30] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 535.021235][ T30] ext4_dirty_inode+0xd9/0x130 [ 535.026351][ T30] ? rcu_is_watching+0x12/0xc0 [ 535.031188][ T30] __mark_inode_dirty+0x1f6/0xe60 [ 535.036597][ T30] generic_update_time+0xcf/0xf0 [ 535.041613][ T30] file_update_time+0x17d/0x1c0 [ 535.046833][ T30] ext4_page_mkwrite+0x368/0x1760 [ 535.051986][ T30] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 535.058039][ T30] ? lock_acquire+0x2f/0xb0 [ 535.062620][ T30] ? __pte_offset_map+0x42/0x540 [ 535.067917][ T30] do_page_mkwrite+0x177/0x380 [ 535.072780][ T30] do_pte_missing+0x29e/0x3e70 [ 535.079067][ T30] ? lock_vma_under_rcu+0x13e/0x980 [ 535.084518][ T30] __handle_mm_fault+0x100a/0x2a10 [ 535.089768][ T30] ? __pfx_lock_release+0x10/0x10 [ 535.094870][ T30] ? lock_vma_under_rcu+0x13e/0x980 [ 535.100271][ T30] ? __pfx___handle_mm_fault+0x10/0x10 [ 535.105937][ T30] handle_mm_fault+0x3fa/0xaa0 [ 535.110777][ T30] do_user_addr_fault+0x60d/0x13f0 [ 535.116354][ T30] exc_page_fault+0x5c/0xc0 [ 535.120952][ T30] asm_exc_page_fault+0x26/0x30 [ 535.125927][ T30] RIP: 0033:0x7f4347c5cd8a [ 535.130393][ T30] RSP: 002b:00007ffef302eaf0 EFLAGS: 00010202 [ 535.136800][ T30] RAX: 0000001b3141f000 RBX: 00007f4348a65720 RCX: 0000001b3141eff8 [ 535.144871][ T30] RDX: 0000001b31020210 RSI: 0000000000000008 RDI: 00007f4348a65720 [ 535.152943][ T30] RBP: ffffffff843d33bf R08: 00007f4347f36038 R09: 00007f4347f22000 [ 535.161368][ T30] R10: 00007f43473ff008 R11: 0000000000000000 R12: 0000000000000000 [ 535.169499][ T30] R13: 0000000000000201 R14: ffffffff843d346d R15: 000000000000028e [ 535.177701][ T30] ? tomoyo_encode2+0x5d/0x3e0 [ 535.182548][ T30] ? tomoyo_get_local_path+0x71f/0x760 [ 535.188210][ T30] [ 535.191364][ T30] INFO: task syz.1.1111:10610 blocked for more than 144 seconds. [ 535.199348][ T30] Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0 [ 535.206752][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 535.215482][ T30] task:syz.1.1111 state:D stack:28384 pid:10610 tgid:10610 ppid:5846 flags:0x00000004 [ 535.226064][ T30] Call Trace: [ 535.229398][ T30] [ 535.232371][ T30] __schedule+0xe5a/0x5ae0 [ 535.237383][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 535.242678][ T30] ? hlock_class+0x4e/0x130 [ 535.247571][ T30] ? mark_lock+0xb5/0xc60 [ 535.251993][ T30] ? __pfx___schedule+0x10/0x10 [ 535.256950][ T30] ? schedule+0x298/0x350 [ 535.261348][ T30] ? __pfx_lock_release+0x10/0x10 [ 535.266696][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 535.271980][ T30] ? lock_acquire+0x2f/0xb0 [ 535.276784][ T30] ? schedule+0x1fd/0x350 [ 535.281209][ T30] schedule+0xe7/0x350 [ 535.285409][ T30] io_schedule+0xbf/0x130 [ 535.289832][ T30] bit_wait_io+0x15/0xe0 [ 535.294145][ T30] __wait_on_bit+0x62/0x180 [ 535.298828][ T30] ? __pfx_bit_wait_io+0x10/0x10 [ 535.303948][ T30] out_of_line_wait_on_bit+0xda/0x110 [ 535.309712][ T30] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 535.315889][ T30] ? __pfx_wake_bit_function+0x10/0x10 [ 535.321441][ T30] do_get_write_access+0x933/0x1270 [ 535.326769][ T30] jbd2_journal_get_write_access+0x1d6/0x280 [ 535.332844][ T30] __ext4_journal_get_write_access+0x6a/0x390 [ 535.339031][ T30] ext4_reserve_inode_write+0x13b/0x270 [ 535.344643][ T30] __ext4_mark_inode_dirty+0x1a6/0x890 [ 535.350215][ T30] ? ext4_dirty_inode+0xd9/0x130 [ 535.355251][ T30] ? rcu_is_watching+0x12/0xc0 [ 535.360047][ T30] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 535.366341][ T30] ? rcu_is_watching+0x12/0xc0 [ 535.371183][ T30] ? trace_jbd2_handle_start+0x1b4/0x240 [ 535.376929][ T30] ? jbd2__journal_start+0xf6/0x6a0 [ 535.382182][ T30] ? __ext4_journal_start_sb+0x358/0x660 [ 535.388019][ T30] ? __ext4_journal_start_sb+0x206/0x660 [ 535.393720][ T30] ? ext4_dirty_inode+0xa1/0x130 [ 535.398783][ T30] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 535.404233][ T30] ext4_dirty_inode+0xd9/0x130 [ 535.409393][ T30] ? rcu_is_watching+0x12/0xc0 [ 535.414238][ T30] __mark_inode_dirty+0x1f6/0xe60 [ 535.419490][ T30] generic_update_time+0xcf/0xf0 [ 535.424522][ T30] file_update_time+0x17d/0x1c0 [ 535.429974][ T30] ext4_page_mkwrite+0x368/0x1760 [ 535.435755][ T30] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 535.441302][ T30] ? pte_alloc_one+0x2a3/0x390 [ 535.446239][ T30] do_page_mkwrite+0x177/0x380 [ 535.451084][ T30] do_pte_missing+0x29e/0x3e70 [ 535.456007][ T30] ? do_raw_spin_unlock+0x172/0x230 [ 535.461262][ T30] ? __pmd_alloc+0x380/0x860 [ 535.465964][ T30] __handle_mm_fault+0x100a/0x2a10 [ 535.471585][ T30] ? __pfx_lock_release+0x10/0x10 [ 535.476908][ T30] ? lock_vma_under_rcu+0x13e/0x980 [ 535.482176][ T30] ? __pfx___handle_mm_fault+0x10/0x10 [ 535.487927][ T30] handle_mm_fault+0x3fa/0xaa0 [ 535.492800][ T30] do_user_addr_fault+0x60d/0x13f0 [ 535.498084][ T30] exc_page_fault+0x5c/0xc0 [ 535.502658][ T30] asm_exc_page_fault+0x26/0x30 [ 535.507894][ T30] RIP: 0033:0x7f5efde51c11 [ 535.512360][ T30] RSP: 002b:00007fff10fd9590 EFLAGS: 00010246 [ 535.518539][ T30] RAX: 00000000005ffdf0 RBX: 0000000000000000 RCX: 0000000000000000 [ 535.526687][ T30] RDX: 0000001b30f20000 RSI: 0000000000600000 RDI: 00007f5efe072290 [ 535.534902][ T30] RBP: 00007fff10fd97ec R08: 0000000000000004 R09: 0000000000040000 [ 535.543045][ T30] R10: 0000000000000011 R11: 0000000000000293 R12: 0000000000000032 [ 535.551471][ T30] R13: 000000000005e0e4 R14: 000000000005de10 R15: 00007fff10fd9840 [ 535.559942][ T30] [ 535.563041][ T30] INFO: task syz.0.1113:10612 blocked for more than 144 seconds. [ 535.572077][ T30] Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0 [ 535.579800][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 535.588638][ T30] task:syz.0.1113 state:D stack:28384 pid:10612 tgid:10612 ppid:5848 flags:0x00000004 [ 535.598983][ T30] Call Trace: [ 535.602296][ T30] [ 535.605422][ T30] __schedule+0xe5a/0x5ae0 [ 535.609932][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 535.615365][ T30] ? hlock_class+0x4e/0x130 [ 535.619947][ T30] ? mark_lock+0xb5/0xc60 [ 535.624359][ T30] ? __pfx___schedule+0x10/0x10 [ 535.629533][ T30] ? schedule+0x298/0x350 [ 535.634168][ T30] ? __pfx_lock_release+0x10/0x10 [ 535.639355][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 535.644617][ T30] ? lock_acquire+0x2f/0xb0 [ 535.649333][ T30] ? schedule+0x1fd/0x350 [ 535.653742][ T30] schedule+0xe7/0x350 [ 535.657988][ T30] io_schedule+0xbf/0x130 [ 535.662393][ T30] bit_wait_io+0x15/0xe0 [ 535.666873][ T30] __wait_on_bit+0x62/0x180 [ 535.672535][ T30] ? __pfx_bit_wait_io+0x10/0x10 [ 535.677927][ T30] out_of_line_wait_on_bit+0xda/0x110 [ 535.683381][ T30] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 535.689612][ T30] ? __pfx_wake_bit_function+0x10/0x10 [ 535.695232][ T30] do_get_write_access+0x933/0x1270 [ 535.700630][ T30] jbd2_journal_get_write_access+0x1d6/0x280 [ 535.707094][ T30] __ext4_journal_get_write_access+0x6a/0x390 [ 535.713691][ T30] ext4_reserve_inode_write+0x13b/0x270 [ 535.719561][ T30] __ext4_mark_inode_dirty+0x1a6/0x890 [ 535.725384][ T30] ? ext4_dirty_inode+0xd9/0x130 [ 535.730419][ T30] ? rcu_is_watching+0x12/0xc0 [ 535.735489][ T30] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 535.741766][ T30] ? rcu_is_watching+0x12/0xc0 [ 535.746876][ T30] ? trace_jbd2_handle_start+0x1b4/0x240 [ 535.752624][ T30] ? jbd2__journal_start+0xf6/0x6a0 [ 535.757998][ T30] ? __ext4_journal_start_sb+0x358/0x660 [ 535.763704][ T30] ? __ext4_journal_start_sb+0x206/0x660 [ 535.769575][ T30] ? ext4_dirty_inode+0xa1/0x130 [ 535.775493][ T30] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 535.781159][ T30] ext4_dirty_inode+0xd9/0x130 [ 535.786252][ T30] ? rcu_is_watching+0x12/0xc0 [ 535.791097][ T30] __mark_inode_dirty+0x1f6/0xe60 [ 535.796287][ T30] generic_update_time+0xcf/0xf0 [ 535.801287][ T30] file_update_time+0x17d/0x1c0 [ 535.806441][ T30] ext4_page_mkwrite+0x368/0x1760 [ 535.811561][ T30] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 535.817178][ T30] ? pte_alloc_one+0x2a3/0x390 [ 535.822001][ T30] do_page_mkwrite+0x177/0x380 [ 535.827025][ T30] do_pte_missing+0x29e/0x3e70 [ 535.831860][ T30] ? do_raw_spin_unlock+0x172/0x230 [ 535.837212][ T30] ? __pmd_alloc+0x380/0x860 [ 535.842162][ T30] __handle_mm_fault+0x100a/0x2a10 [ 535.847745][ T30] ? __pfx_lock_release+0x10/0x10 [ 535.852860][ T30] ? lock_vma_under_rcu+0x13e/0x980 [ 535.858178][ T30] ? __pfx___handle_mm_fault+0x10/0x10 [ 535.863726][ T30] handle_mm_fault+0x3fa/0xaa0 [ 535.868713][ T30] do_user_addr_fault+0x60d/0x13f0 [ 535.873914][ T30] exc_page_fault+0x5c/0xc0 [ 535.879486][ T30] asm_exc_page_fault+0x26/0x30 [ 535.884586][ T30] RIP: 0033:0x7fc678851c11 [ 535.889205][ T30] RSP: 002b:00007ffcfcca1a40 EFLAGS: 00010246 [ 535.895413][ T30] RAX: 00000000003ffdf0 RBX: 0000000000000000 RCX: 0000000000000000 [ 535.903430][ T30] RDX: 0000001b30e20000 RSI: 0000000000400000 RDI: 00007fc678a72290 [ 535.911620][ T30] RBP: 00007ffcfcca1c9c R08: 0000000000000004 R09: 0000000000040000 [ 535.919869][ T30] R10: 0000000000000011 R11: 0000000000000293 R12: 0000000000000032 [ 535.928029][ T30] R13: 000000000005e286 R14: 000000000005e037 R15: 00007ffcfcca1cf0 [ 535.936159][ T30] [ 535.939201][ T30] INFO: task syz.3.1114:10613 blocked for more than 144 seconds. [ 535.947356][ T30] Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0 [ 535.954686][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 535.963660][ T30] task:syz.3.1114 state:D stack:27944 pid:10613 tgid:10613 ppid:5847 flags:0x00000004 [ 535.974158][ T30] Call Trace: [ 535.977565][ T30] [ 535.981391][ T30] __schedule+0xe5a/0x5ae0 [ 535.986339][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 535.991616][ T30] ? hlock_class+0x4e/0x130 [ 535.996237][ T30] ? mark_lock+0xb5/0xc60 [ 536.000642][ T30] ? __pfx___schedule+0x10/0x10 [ 536.005702][ T30] ? schedule+0x298/0x350 [ 536.010104][ T30] ? __pfx_lock_release+0x10/0x10 [ 536.015431][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 536.020694][ T30] ? lock_acquire+0x2f/0xb0 [ 536.025398][ T30] ? schedule+0x1fd/0x350 [ 536.029808][ T30] schedule+0xe7/0x350 [ 536.033911][ T30] io_schedule+0xbf/0x130 [ 536.038355][ T30] bit_wait_io+0x15/0xe0 [ 536.042665][ T30] __wait_on_bit+0x62/0x180 [ 536.047685][ T30] ? __pfx_bit_wait_io+0x10/0x10 [ 536.052710][ T30] out_of_line_wait_on_bit+0xda/0x110 [ 536.058209][ T30] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 536.064262][ T30] ? __pfx_wake_bit_function+0x10/0x10 [ 536.070117][ T30] do_get_write_access+0x933/0x1270 [ 536.075487][ T30] jbd2_journal_get_write_access+0x1d6/0x280 [ 536.082458][ T30] __ext4_journal_get_write_access+0x6a/0x390 [ 536.089079][ T30] ext4_reserve_inode_write+0x13b/0x270 [ 536.094726][ T30] __ext4_mark_inode_dirty+0x1a6/0x890 [ 536.100361][ T30] ? ext4_dirty_inode+0xd9/0x130 [ 536.105513][ T30] ? rcu_is_watching+0x12/0xc0 [ 536.110353][ T30] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 536.116467][ T30] ? rcu_is_watching+0x12/0xc0 [ 536.121309][ T30] ? trace_jbd2_handle_start+0x1b4/0x240 [ 536.127165][ T30] ? jbd2__journal_start+0xf6/0x6a0 [ 536.132443][ T30] ? __ext4_journal_start_sb+0x358/0x660 [ 536.138212][ T30] ? __ext4_journal_start_sb+0x206/0x660 [ 536.143933][ T30] ? ext4_dirty_inode+0xa1/0x130 [ 536.149380][ T30] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 536.154835][ T30] ext4_dirty_inode+0xd9/0x130 [ 536.159841][ T30] ? rcu_is_watching+0x12/0xc0 [ 536.165862][ T30] __mark_inode_dirty+0x1f6/0xe60 [ 536.170986][ T30] generic_update_time+0xcf/0xf0 [ 536.176049][ T30] file_update_time+0x17d/0x1c0 [ 536.180965][ T30] ext4_page_mkwrite+0x368/0x1760 [ 536.186487][ T30] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 536.192032][ T30] ? pte_alloc_one+0x2a3/0x390 [ 536.196992][ T30] do_page_mkwrite+0x177/0x380 [ 536.201838][ T30] do_pte_missing+0x29e/0x3e70 [ 536.206762][ T30] ? do_raw_spin_unlock+0x172/0x230 [ 536.212026][ T30] ? __pmd_alloc+0x380/0x860 [ 536.216768][ T30] __handle_mm_fault+0x100a/0x2a10 [ 536.221966][ T30] ? __pfx_lock_release+0x10/0x10 [ 536.228400][ T30] ? lock_vma_under_rcu+0x13e/0x980 [ 536.233769][ T30] ? __pfx___handle_mm_fault+0x10/0x10 [ 536.239541][ T30] handle_mm_fault+0x3fa/0xaa0 [ 536.244397][ T30] do_user_addr_fault+0x60d/0x13f0 [ 536.250180][ T30] exc_page_fault+0x5c/0xc0 [ 536.254797][ T30] asm_exc_page_fault+0x26/0x30 [ 536.259922][ T30] RIP: 0033:0x7f0f34651c11 [ 536.264476][ T30] RSP: 002b:00007fff6eb7c410 EFLAGS: 00010246 [ 536.271016][ T30] RAX: 00000000005ffdf0 RBX: 0000000000000000 RCX: 0000000000000000 [ 536.279625][ T30] RDX: 0000001b31120000 RSI: 0000000000600000 RDI: 00007f0f34872290 [ 536.288921][ T30] RBP: 00007fff6eb7c66c R08: 0000000000000004 R09: 0000000000040000 [ 536.297387][ T30] R10: 0000000000000011 R11: 0000000000000293 R12: 0000000000000032 [ 536.305589][ T30] R13: 000000000005e2ff R14: 000000000005e247 R15: 00007fff6eb7c6c0 [ 536.313619][ T30] [ 536.316821][ T30] [ 536.316821][ T30] Showing all locks held in the system: [ 536.324579][ T30] 1 lock held by khungtaskd/30: [ 536.329645][ T30] #0: ffffffff8ddba840 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x7f/0x390 [ 536.339778][ T30] 2 locks held by getty/5608: [ 536.344500][ T30] #0: ffff8880310230a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 536.354942][ T30] #1: ffffc90002fc62f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xfba/0x1480 [ 536.365744][ T30] 3 locks held by syz-executor/5837: [ 536.371183][ T30] #0: ffff88801da86ec8 (&vma->vm_lock->lock){++++}-{4:4}, at: lock_vma_under_rcu+0x13e/0x980 [ 536.381613][ T30] #1: ffff88814eb98518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x177/0x380 [ 536.392141][ T30] #2: ffff88814eb9c958 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0xf6c/0x1430 [ 536.402386][ T30] 6 locks held by kworker/u8:14/7991: [ 536.407986][ T30] #0: ffff8880206c6148 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x1212/0x1b30 [ 536.419272][ T30] #1: ffffc900101e7d80 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30 [ 536.431492][ T30] #2: ffff88814eb980e0 (&type->s_umount_key#32){++++}-{4:4}, at: super_trylock_shared+0x1e/0xf0 [ 536.442294][ T30] #3: ffff88814eb9ab98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: do_writepages+0x1b3/0x820 [ 536.453095][ T30] #4: ffff88814eb9c958 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0xf6c/0x1430 [ 536.462913][ T30] #5: ffff88807ef5dbb0 (&ei->i_data_sem){++++}-{4:4}, at: ext4_map_blocks+0x352/0x1370 [ 536.472930][ T30] 3 locks held by syz.2.1112/10609: [ 536.478273][ T30] #0: ffff8880331a52f8 (&vma->vm_lock->lock){++++}-{4:4}, at: lock_vma_under_rcu+0x13e/0x980 [ 536.488817][ T30] #1: ffff88814eb98518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x177/0x380 [ 536.499683][ T30] #2: ffff88814eb9c958 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0xf6c/0x1430 [ 536.509872][ T30] 3 locks held by syz.1.1111/10610: [ 536.515200][ T30] #0: ffff88802be2a4a8 (&vma->vm_lock->lock){++++}-{4:4}, at: lock_vma_under_rcu+0x13e/0x980 [ 536.525686][ T30] #1: ffff88814eb98518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x177/0x380 [ 536.535336][ T30] #2: ffff88814eb9c958 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0xf6c/0x1430 [ 536.545027][ T30] 3 locks held by syz.0.1113/10612: [ 536.550425][ T30] #0: ffff888034c674a8 (&vma->vm_lock->lock){++++}-{4:4}, at: lock_vma_under_rcu+0x13e/0x980 [ 536.561147][ T30] #1: ffff88814eb98518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x177/0x380 [ 536.570933][ T30] #2: ffff88814eb9c958 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0xf6c/0x1430 [ 536.580695][ T30] 3 locks held by syz.3.1114/10613: [ 536.586538][ T30] #0: ffff888020b9b730 (&vma->vm_lock->lock){++++}-{4:4}, at: lock_vma_under_rcu+0x13e/0x980 [ 536.597584][ T30] #1: ffff88814eb98518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x177/0x380 [ 536.607377][ T30] #2: ffff88814eb9c958 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0xf6c/0x1430 [ 536.618235][ T30] [ 536.620594][ T30] ============================================= [ 536.620594][ T30] [ 536.629527][ T30] NMI backtrace for cpu 0 [ 536.633904][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0 [ 536.644183][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 536.654256][ T30] Call Trace: [ 536.657559][ T30] [ 536.660523][ T30] dump_stack_lvl+0x116/0x1f0 [ 536.665252][ T30] nmi_cpu_backtrace+0x27b/0x390 [ 536.670263][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 536.676295][ T30] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 536.682338][ T30] watchdog+0xf0c/0x1240 [ 536.686611][ T30] ? __pfx_watchdog+0x10/0x10 [ 536.691306][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 536.696561][ T30] ? __kthread_parkme+0x148/0x220 [ 536.701662][ T30] ? __pfx_watchdog+0x10/0x10 [ 536.706402][ T30] kthread+0x2c1/0x3a0 [ 536.710492][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 536.715737][ T30] ? __pfx_kthread+0x10/0x10 [ 536.720376][ T30] ret_from_fork+0x45/0x80 [ 536.724896][ T30] ? __pfx_kthread+0x10/0x10 [ 536.729527][ T30] ret_from_fork_asm+0x1a/0x30 [ 536.734419][ T30] [ 536.737834][ T30] Sending NMI from CPU 0 to CPUs 1: [ 536.743276][ C1] NMI backtrace for cpu 1 [ 536.743292][ C1] CPU: 1 UID: 0 PID: 7984 Comm: kworker/u8:8 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0 [ 536.743323][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 536.743339][ C1] Workqueue: bat_events batadv_nc_worker [ 536.743375][ C1] RIP: 0010:hlock_class+0xb/0x130 [ 536.743411][ C1] Code: e8 4a 63 86 00 e9 95 fe ff ff 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 b8 00 00 00 00 00 fc ff df 53 <48> 89 fb 48 83 c7 20 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 08 [ 536.743436][ C1] RSP: 0018:ffffc9000c567950 EFLAGS: 00000086 [ 536.743456][ C1] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff816996be [ 536.743473][ C1] RDX: 1ffffffff2d4025e RSI: 0000000000000008 RDI: ffff88807e294730 [ 536.743490][ C1] RBP: ffffffff96a012b0 R08: 0000000000000000 R09: fffffbfff2d34bb5 [ 536.743507][ C1] R10: ffffffff969a5daf R11: 0000000000000002 R12: ffffed100fc528db [ 536.743524][ C1] R13: ffff88807e293c00 R14: 0000000000000005 R15: ffff88807e294730 [ 536.743541][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 536.743567][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 536.743585][ C1] CR2: 000055f11edaf680 CR3: 000000000db7e000 CR4: 00000000003526f0 [ 536.743602][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 536.743618][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 536.743639][ C1] Call Trace: [ 536.743646][ C1] [ 536.743655][ C1] ? nmi_cpu_backtrace+0x1d8/0x390 [ 536.743693][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 536.743736][ C1] ? nmi_handle+0x1a9/0x5c0 [ 536.743763][ C1] ? hlock_class+0xb/0x130 [ 536.743795][ C1] ? default_do_nmi+0x6a/0x160 [ 536.743829][ C1] ? exc_nmi+0x170/0x1e0 [ 536.743860][ C1] ? end_repeat_nmi+0xf/0x53 [ 536.743891][ C1] ? hlock_class+0x4e/0x130 [ 536.743923][ C1] ? hlock_class+0xb/0x130 [ 536.743959][ C1] ? hlock_class+0xb/0x130 [ 536.743992][ C1] ? hlock_class+0xb/0x130 [ 536.744023][ C1] [ 536.744030][ C1] [ 536.744038][ C1] __lock_acquire+0xcc5/0x3c40 [ 536.744084][ C1] ? __pfx___lock_acquire+0x10/0x10 [ 536.744124][ C1] ? __pfx_register_lock_class+0x10/0x10 [ 536.744148][ C1] ? lockdep_hardirqs_on+0x7c/0x110 [ 536.744189][ C1] ? finish_task_switch.isra.0+0x217/0xcc0 [ 536.744218][ C1] lock_acquire.part.0+0x11b/0x380 [ 536.744258][ C1] ? batadv_nc_worker+0x164/0x1060 [ 536.744292][ C1] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 536.744334][ C1] ? rcu_is_watching+0x12/0xc0 [ 536.744365][ C1] ? trace_lock_acquire+0x14a/0x1d0 [ 536.744397][ C1] ? batadv_nc_worker+0x164/0x1060 [ 536.744431][ C1] ? lock_acquire+0x2f/0xb0 [ 536.744452][ C1] ? batadv_nc_worker+0x164/0x1060 [ 536.744486][ C1] batadv_nc_worker+0x16a/0x1060 [ 536.744518][ C1] ? batadv_nc_worker+0x164/0x1060 [ 536.744555][ C1] ? __pfx_batadv_nc_worker+0x10/0x10 [ 536.744588][ C1] ? rcu_is_watching+0x12/0xc0 [ 536.744618][ C1] ? trace_lock_acquire+0x14a/0x1d0 [ 536.744650][ C1] ? preempt_schedule_common+0x44/0xc0 [ 536.744689][ C1] ? process_one_work+0x8bb/0x1b30 [ 536.744733][ C1] ? lock_acquire+0x2f/0xb0 [ 536.744754][ C1] ? process_one_work+0x8bb/0x1b30 [ 536.744795][ C1] process_one_work+0x958/0x1b30 [ 536.744840][ C1] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 536.744882][ C1] ? __pfx_process_one_work+0x10/0x10 [ 536.744926][ C1] ? assign_work+0x1a0/0x250 [ 536.744973][ C1] worker_thread+0x6c8/0xf00 [ 536.745002][ C1] ? __pfx_worker_thread+0x10/0x10 [ 536.745049][ C1] kthread+0x2c1/0x3a0 [ 536.745081][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 536.745119][ C1] ? __pfx_kthread+0x10/0x10 [ 536.745149][ C1] ret_from_fork+0x45/0x80 [ 536.745173][ C1] ? __pfx_kthread+0x10/0x10 [ 536.745203][ C1] ret_from_fork_asm+0x1a/0x30 [ 536.745248][ C1] [ 536.746021][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 536.746040][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0 [ 536.746080][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 536.746101][ T30] Call Trace: [ 536.746111][ T30] [ 536.746124][ T30] dump_stack_lvl+0x3d/0x1f0 [ 536.746164][ T30] panic+0x71d/0x800 [ 536.746212][ T30] ? __pfx_panic+0x10/0x10 [ 536.746260][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 536.746301][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 536.746356][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 536.746395][ T30] ? watchdog+0xd76/0x1240 [ 536.746430][ T30] ? watchdog+0xd69/0x1240 [ 536.746470][ T30] watchdog+0xd87/0x1240 [ 536.746511][ T30] ? __pfx_watchdog+0x10/0x10 [ 536.746546][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 536.746604][ T30] ? __kthread_parkme+0x148/0x220 [ 536.746650][ T30] ? __pfx_watchdog+0x10/0x10 [ 536.746684][ T30] kthread+0x2c1/0x3a0 [ 536.746731][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 536.746782][ T30] ? __pfx_kthread+0x10/0x10 [ 536.746827][ T30] ret_from_fork+0x45/0x80 [ 536.746859][ T30] ? __pfx_kthread+0x10/0x10 [ 536.746902][ T30] ret_from_fork_asm+0x1a/0x30 [ 536.746970][ T30] [ 537.247912][ T30] Kernel Offset: disabled [ 537.252261][ T30] Rebooting in 86400 seconds..