last executing test programs: 6m54.208186562s ago: executing program 1 (id=379): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x0, 0x40, 0x0, 0x10001) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) fsconfig$auto(0x8, 0x1, 0xfffffffffffffffe, 0xfffffffffffffffe, 0x0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r0, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) epoll_ctl$auto(r1, 0x9, r1, &(0x7f0000000280)={0x200, 0x1}) keyctl$auto(0x17, 0x72510000000, 0x69ca, 0xffffffffffffffff, 0x8000000000000008) r2 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), r1) sendmsg$auto_NL802154_CMD_DISASSOCIATE(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x140, r2, 0x100, 0x70bd27, 0x25dfdbff, {}, [@NL802154_ATTR_SCAN_PREAMBLE_CODES={0xeb, 0x22, "2093948923e2889de12c0ebb07266251ff572814f94be63b4061d94c90a5c6758393a3392b226eb9535610a68754f7a0b9c98a6bfd56abbe81749edc2a60e2a8200cb97a87e8f1e2d75fd8f58210d943f0ba0ecd752614f38034e7988f835250ffb640db8923d002d62d3693cffaa4b70192fcb375e71a6af862bf2e4deabbf539900159cf4620ebddae80295c2c3eaa456d5be3cf92789b4d353d85f1e898be1b270844839eda4fceefe807e7aeceb980def21da4e90f15fec1dff816435884d74bfd3b3503edb10f548ae4a188fcc865efc554abc00c54ab5ad92524aa6890bdaa92cf526268"}, @NL802154_ATTR_SEC_DEVKEY={0xf, 0x2f, "ad3b7b10209193283a60c0"}, @NL802154_ATTR_WPAN_PHY_CAPS={0x2e, 0x18, "d0c3aeaf478e64d7d193136fe56b772335a048666dbbbddc7e00a4fa48cd7f101e915007fbe154969c15"}]}, 0x140}, 0x1, 0x0, 0x0, 0x40}, 0x40800) read$auto(r1, &(0x7f00000002c0)='nl802154\x00', 0xf66a) 6m52.909021342s ago: executing program 1 (id=387): socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0xb, 0x6, 0xeb1, 0x3ff, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) mkdir$auto(&(0x7f00000001c0)='}[,&*}\x00', 0xc001) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) io_uring_setup$auto(0x6, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x8, &(0x7f0000000180), 0x7f) setsockopt$auto(0x3, 0x84, 0x17, 0x0, 0x27) close_range$auto(0x2, 0x8000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_MAC80211_HWSIM(&(0x7f0000000080), r0) sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)={0x3c, r1, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@HWSIM_ATTR_ADDR_TRANSMITTER={0xa, 0x2, "cacd2dff1107"}, @HWSIM_ATTR_COOKIE={0xc, 0x8, 0x6}, @HWSIM_ATTR_FLAGS={0x8, 0x4, 0xf58c}, @HWSIM_ATTR_SIGNAL={0x8, 0x6, 0x800}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x0) ioperm$auto(0x90d5, 0x8, 0x6) rt_sigqueueinfo$auto(0x9, 0x8, 0x0) r2 = socket(0x1, 0x800, 0x61e) recvfrom$auto(r2, &(0x7f0000000000)=[0x7, 0xfffffffff5a40af3, 0x5], 0x10001, 0xa527, &(0x7f0000000040)={0x401, @sa_data_min="d9e2f81c5d2dcde8c5580ce211e5"}, &(0x7f0000000080)=0x7) 6m52.268730196s ago: executing program 1 (id=391): kcmp$auto(0x1, 0xffffffff, 0x7, 0x5, 0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioperm$auto(0xc5, 0x4, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000f00), 0xffffffffffffffff) mmap$auto(0x3, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x20008000) socket(0x2, 0x2, 0x88) bind$auto(0x3, &(0x7f0000000080)={0x2, @sockaddr_1_1}, 0x68) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sysfs$auto(0x2, 0x3, 0x0) setsockopt$auto(0x3, 0x1, 0x3f, 0x0, 0x9) madvise$auto(0x0, 0x7ffffffffffffffc, 0xc) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) sendmsg$auto_OVS_FLOW_CMD_NEW(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="39ab10d9be55927e24170c9bd812030100f69389bceca4", @ANYRES16=r1, @ANYBLOB="010028bd7000fedbdf250100000008000a0008000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4008801}, 0x8010) sethostname$auto(&(0x7f0000000140)='\x00', 0x1) socket(0x2, 0x2, 0x1) socket(0x25, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x4, 0x5, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x40, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x80080001]}, 0x0, 0x0) timer_create$auto(0xb, 0x0, 0x0) timer_settime$auto(0x0, 0x3, &(0x7f0000000180)={{0x2000008, 0x10003}, {0x9, 0xfffffffd}}, 0x0) socket(0x21, 0x2, 0x2) setsockopt$auto(0x5, 0x1000000110, 0x4, 0xffffffffffffffff, 0x4000004) socket(0xa, 0x2, 0x0) select$auto(0x6d0c, 0x0, &(0x7f0000000100)={[0xd, 0x200, 0x800000000000008, 0xfffffffffffffffd, 0x7f, 0x3, 0x6, 0x1, 0x40009, 0x5e582972, 0x4000000000000000, 0x14, 0x93, 0x8, 0x8, 0x6]}, 0x0, 0x0) 6m51.244138438s ago: executing program 1 (id=394): r0 = socket(0x9, 0x801, 0x84) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) socket$nl_generic(0x10, 0x3, 0x10) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) mbind$auto(0xfffffffffffffffc, 0x8, 0x6, &(0x7f0000000280)=0xff, 0xf8, 0x2) mlockall$auto(0x7) madvise$auto(0x0, 0x7, 0xfffffffa) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffe) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x40, 0x800, 0xfffffffffffffffd, 0xf0b, 0x2) setsockopt$auto(r0, 0x10000000084, 0x8, 0x0, 0x6) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x2800010000000028, 0x80000000000005, 0x5, 0xbb, 0x80000000) sysinfo$auto(0x0) preadv$auto(0x9, &(0x7f0000000180)={&(0x7f0000000140), 0x81}, 0x2, 0x1c48, 0xe69f) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_IPVS(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_GET_SERVICE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r2, 0xf6c56d6cdcf2e8fd, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20040010}, 0x40000) seccomp$auto(0x1, 0x8, 0x0) pwritev2$auto(0x2, 0xfffffffffffffffc, 0x2, 0xffffffffffffffff, 0x80000000, 0x6) getresuid$auto(&(0x7f00000011c0)=0x7, 0x0, 0x0) close_range$auto(0x6, 0xb0, 0x6) mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) preadv$auto(0x2000000000000c8, 0x0, 0x81, 0x7ebf, 0x0) setrlimit$auto(0x9, &(0x7f0000000000)={0x5, 0x1ff}) 6m49.653923122s ago: executing program 1 (id=399): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a8, 0x8000) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8002, 0x0, 0x6) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) mmap$auto(0x3, 0x0, 0x4, 0x12, 0x0, 0x0) tkill$auto(0x1, 0x7) r0 = socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) stat$auto(&(0x7f0000000000)='..\x00\x00', 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/net\x00') io_uring_setup$auto(0x6, 0x0) timerfd_create$auto(0x9, 0x0) timerfd_settime$auto(0x2, 0x1, 0x0, 0xfffffffffffffffc) setsockopt$auto(r0, 0x29, 0x16, 0x0, 0x1) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) timer_create$auto(0x2, 0x0, 0x0) timer_create$auto(0x9, 0x0, &(0x7f0000000000)=0x3) timer_delete$auto(0x1) sendmsg$auto_NL80211_CMD_GET_MPATH(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r1, 0x800, 0x70bd25, 0x25dfdbfd, {}, [@NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x3}]}, 0x1c}}, 0x4044000) 6m46.96748831s ago: executing program 1 (id=409): r0 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4a1c9000001001c090575d800"}, 0x55) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'pimreg\x00', 0x0}) sendmsg$auto_NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f00000002c0)={0x114, 0x0, 0x8, 0x70bd25, 0x25dfdbff, {}, [@NL80211_ATTR_CONTROL_PORT_NO_PREAUTH={0x4}, @NL80211_ATTR_STA_FLAGS2={0x1d, 0x43, "14cf9c20c186b95cf671b9dd6f00e0fdd5e1f25b91f025cda7"}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, "2700cc0b29fc925d7aad83901b84268d380215d5b93d1206b40c"}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x400}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r1}, @NL80211_ATTR_STA_VLAN={0x8, 0x14, 0x4}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x81, 0xcd, "bef7cb297fa8dcb85492b5f5a9db5e087ffbcf7980f5d06a1308c7c1f728404de5c89b99b6e279a4e24ec3c4602c2ecf6109a912e08a8d5ecd9be0b99957fead27b9643a62407c55098c8a4f5b54454b1f050ab68ccd14bc69b9583e5ff6b0bd0e566709801158c957f085780a00a11f5817facd0f6200000000000000"}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x8}, @NL80211_ATTR_MESH_ID={0x16, 0x18, "dda6e144219999ff46efbc82add2cb8f9669"}]}, 0x114}, 0x1, 0x0, 0x0, 0x20000000}, 0x4) close_range$auto(0x0, 0xffffeffe, 0x2) pipe$auto(0x0) pipe$auto(0x0) tee$auto(0x2000000000000, 0x3, 0x3ff, 0x9) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0x8) shutdown$auto(0x200000003, 0x2) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0x8) 6m46.507824299s ago: executing program 32 (id=409): r0 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4a1c9000001001c090575d800"}, 0x55) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'pimreg\x00', 0x0}) sendmsg$auto_NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f00000002c0)={0x114, 0x0, 0x8, 0x70bd25, 0x25dfdbff, {}, [@NL80211_ATTR_CONTROL_PORT_NO_PREAUTH={0x4}, @NL80211_ATTR_STA_FLAGS2={0x1d, 0x43, "14cf9c20c186b95cf671b9dd6f00e0fdd5e1f25b91f025cda7"}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, "2700cc0b29fc925d7aad83901b84268d380215d5b93d1206b40c"}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x400}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r1}, @NL80211_ATTR_STA_VLAN={0x8, 0x14, 0x4}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x81, 0xcd, "bef7cb297fa8dcb85492b5f5a9db5e087ffbcf7980f5d06a1308c7c1f728404de5c89b99b6e279a4e24ec3c4602c2ecf6109a912e08a8d5ecd9be0b99957fead27b9643a62407c55098c8a4f5b54454b1f050ab68ccd14bc69b9583e5ff6b0bd0e566709801158c957f085780a00a11f5817facd0f6200000000000000"}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x8}, @NL80211_ATTR_MESH_ID={0x16, 0x18, "dda6e144219999ff46efbc82add2cb8f9669"}]}, 0x114}, 0x1, 0x0, 0x0, 0x20000000}, 0x4) close_range$auto(0x0, 0xffffeffe, 0x2) pipe$auto(0x0) pipe$auto(0x0) tee$auto(0x2000000000000, 0x3, 0x3ff, 0x9) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0x8) shutdown$auto(0x200000003, 0x2) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0x8) 4m22.950740189s ago: executing program 2 (id=1022): r0 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0xb, 0x6, 0xeb1, 0x3ff, 0x8000) setresuid$auto(0xffffffffffffffff, 0x8, 0x8000) socket(0x2, 0x2, 0x1) r1 = gettid() mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fallocate$auto(r0, 0x4, 0xb407, 0x1) mmap$auto(0x0, 0x4, 0x3, 0xef1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x3b, 0x0) fsopen$auto(0x0, 0x1) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) kill$auto(r1, 0x11) 4m22.674170701s ago: executing program 2 (id=1023): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_RSS_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="01032bbd6000ffdbdf252d"], 0x14}, 0x1, 0x0, 0x0, 0x7}, 0x4010) 4m22.433169278s ago: executing program 2 (id=1025): r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x1d, 0x2, 0x2) socket$nl_generic(0x10, 0x3, 0x10) pidfd_open$auto(0x1, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL802154_CMD_DEL_SEC_DEV(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x2c, 0x0, 0x300, 0x70bd29, 0x25dfdbfc, {}, [@NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x5}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0xd}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x48000}, 0x1) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3800c00e", @ANYRES16=r1, @ANYRES64], 0x38}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) 4m22.016812258s ago: executing program 2 (id=1028): mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x10001, 0x8000) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00') sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c00"], 0x1ac}, 0x1, 0x0, 0x0, 0x4044000}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0xfffffffe, 0x9}, 0x7}, 0x3, 0x0) 4m21.692664898s ago: executing program 2 (id=1030): unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) ioctl$auto(0xc8, 0x400454d9, 0x5c8d) mlockall$auto(0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x1, 0x1, 0x1) mlockall$auto(0x4) socket(0x2c, 0x80003, 0x0) ioctl$auto(0xc9, 0x100000002, 0x4000000005c8d) msync$auto(0x8000000000000000, 0x7, 0x7) r0 = socket$nl_generic(0x10, 0x3, 0x10) memfd_create$auto(&(0x7f0000000000)='!\x00', 0x16) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0x2cbd5d) r1 = syz_genetlink_get_family_id$auto_MAC80211_HWSIM(&(0x7f0000000640), r0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000680)={0x18, r1, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@HWSIM_ATTR_DESTROY_RADIO_ON_CLOSE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x40000}, 0x48000) writev$auto(0x5, &(0x7f0000000540)={&(0x7f0000000500)=[0x3d88], 0x1}, 0x7) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x48000) pipe2$auto(0x0, 0x80) close_range$auto(0x0, 0xfffffffffffff000, 0x0) fanotify_init$auto(0x5, 0x2) socket$nl_generic(0x10, 0x3, 0x10) pidfd_open$auto(0x1, 0x0) pidfd_send_signal$auto(0x2, 0x7, 0x0, 0x1) r2 = gettid() mmap$auto(0x7, 0x7ff, 0x4, 0x1b, 0x75, 0x1) tkill$auto(r2, 0x7) syz_genetlink_get_family_id$auto_TASKSTATS(&(0x7f0000000040), 0xffffffffffffffff) 4m17.322085929s ago: executing program 2 (id=1042): r0 = socket(0xa, 0x2, 0x73) bind$auto(0x3, &(0x7f0000000040)={0xa, @sa_data_min="001000"}, 0x69) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) select$auto(0x6d0c, 0x0, &(0x7f0000000100)={[0x0, 0x1ff, 0x800000000000008, 0xc, 0x9, 0xfffffffffffffff9, 0x6, 0x1, 0x400040009, 0x5e582972, 0x4000000000000000, 0x14, 0x93, 0xffffffffffffff17, 0x8, 0x8]}, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c40900448dc7fe8000"}, 0x55) swapon$auto(&(0x7f00000000c0)='nb\x98\x05r\x1d5\xf1\xf2\xc9h\x00'/22, 0x401) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000080), r0) sendmmsg$auto(r0, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x5, 0x0, 0x2}, 0xfffffffc}, 0x20a, 0xfffffff9) 4m17.159942882s ago: executing program 33 (id=1042): r0 = socket(0xa, 0x2, 0x73) bind$auto(0x3, &(0x7f0000000040)={0xa, @sa_data_min="001000"}, 0x69) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) select$auto(0x6d0c, 0x0, &(0x7f0000000100)={[0x0, 0x1ff, 0x800000000000008, 0xc, 0x9, 0xfffffffffffffff9, 0x6, 0x1, 0x400040009, 0x5e582972, 0x4000000000000000, 0x14, 0x93, 0xffffffffffffff17, 0x8, 0x8]}, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c40900448dc7fe8000"}, 0x55) swapon$auto(&(0x7f00000000c0)='nb\x98\x05r\x1d5\xf1\xf2\xc9h\x00'/22, 0x401) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000080), r0) sendmmsg$auto(r0, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x5, 0x0, 0x2}, 0xfffffffc}, 0x20a, 0xfffffff9) 2m28.863189606s ago: executing program 4 (id=1464): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x88d0}, 0x2000c041) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000080)={0x2, @sockaddr_1_1}, 0x6b) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) mmap$auto(0xfffffffffffffffc, 0x20006, 0x5, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0x81) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x2, 0x0, 0x9, 0x30, 0x8cae, 0x7fffffffffffffff) futex_waitv$auto(&(0x7f0000000000)={0x4, 0x5d98, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) io_uring_setup$auto(0x40005, &(0x7f0000000000)={0x6, 0x68a, 0x400, 0x7, 0x201005, 0x6, 0x7, [0x4, 0x802e9, 0x8], {0x0, 0x1, 0x8, 0x7, 0x2, 0x5, 0x1000001, 0xfffffffc, 0x7}, {0x4, 0xffe, 0xfffffffb, 0x6, 0x9, 0x6, 0x3, 0x0, 0x101}}) syz_genetlink_get_family_id$auto_nl80211(0x0, r0) fsetxattr$auto(0x1, &(0x7f0000000000)='%\x175\xc0\x8d\xbb\x04\xb3\x97\xd8\xf4\xf6', 0x0, 0x0, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x5, 0x0) setsockopt$auto(0x4, 0x86, 0x85, 0xfffffffffffffffe, 0xffffffff) sendmsg$auto_NL80211_CMD_VENDOR(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48004}, 0x0) shutdown$auto(0x200000003, 0x2) 2m28.495022468s ago: executing program 4 (id=1469): sendmsg$auto_GTP_CMD_ECHOREQ(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x24, 0x0, 0x203, 0x70bd25, 0x25dfdbff, {}, [@GTPA_PEER_ADDRESS={0x8, 0x4, 0x2}, @GTPA_LINK={0x8, 0x1, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010029bd7020fddbdf250700000008000300", @ANYRES32], 0x24}, 0x1, 0x0, 0x0, 0x20040010}, 0x20000084) 2m28.241367778s ago: executing program 4 (id=1472): mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x10001, 0x8000) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00') sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c00"], 0x1ac}, 0x1, 0x0, 0x0, 0x4044000}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x68) 2m28.041943905s ago: executing program 4 (id=1474): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x2, 0x3, 0xa) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x801, 0x100) socket(0x11, 0x3, 0x2) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) stat$auto(&(0x7f0000000000)='..\x00\x00', 0x0) getsockopt$auto(0x6, 0x107, 0x12, 0x0, 0x0) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) socketpair$auto(0x3, 0x5, 0x7, 0x0) setsockopt$auto(0x3, 0x0, 0x13, 0x0, 0x9) mincore$auto(0x7, 0x6, &(0x7f0000000000)='!\x00') sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) socket(0x2, 0x3, 0xa) (async) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x2, 0x801, 0x100) (async) socket(0x11, 0x3, 0x2) (async) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) (async) stat$auto(&(0x7f0000000000)='..\x00\x00', 0x0) (async) getsockopt$auto(0x6, 0x107, 0x12, 0x0, 0x0) (async) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) (async) socketpair$auto(0x3, 0x5, 0x7, 0x0) (async) setsockopt$auto(0x3, 0x0, 0x13, 0x0, 0x9) (async) mincore$auto(0x7, 0x6, &(0x7f0000000000)='!\x00') (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) (async) 2m27.620070088s ago: executing program 4 (id=1477): mmap$auto(0x0, 0x400008, 0xee4061a, 0x9b72, 0x2, 0x10000004) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x20008000) r1 = socket(0x2, 0x2, 0x88) bind$auto(0x3, &(0x7f0000000080)={0x2, @sockaddr_1_1}, 0x68) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x400000, 0x3) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), r1) sysfs$auto(0x2, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_SMC_PNETID(&(0x7f0000000fc0), r2) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000580), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_STOP_AP(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="29012cbd70f70000002517db000008000300", @ANYRES32=r7], 0x1c}, 0x1, 0x0, 0x0, 0x4004050}, 0x14) sendmsg$auto_NL80211_CMD_SET_MAC_ACL(r0, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x54, r5, 0x800, 0x70bd2d, 0x25dfdbff, {}, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_4ADDR={0x0, 0x53, 0x7}, @NL80211_ATTR_TIMED_OUT={0x4}, @NL80211_ATTR_SPLIT_WIPHY_DUMP={0x4}, @NL80211_ATTR_STA_PLINK_ACTION={0x5, 0x19, 0x2}, @NL80211_ATTR_AP_SETTINGS_FLAGS={0x8, 0x135, 0x5}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x4}, @NL80211_ATTR_WDEV={0xc, 0x99, 0x405}]}, 0x2a}, 0x1, 0x0, 0x0, 0x20000050}, 0x8004) sendmsg$auto_SMC_PNETID_GET(r2, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000001000)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="050325bd7000fddbdf4000000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000044}, 0x28008000) setsockopt$auto(0x3, 0x1, 0x3f, 0x0, 0x9) madvise$auto(0x0, 0x7ffffffffffffffc, 0xc) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) alarm$auto(0x8) seccomp$auto(0x1, 0x10000a, 0xfffffffffffffffc) futex_waitv$auto(&(0x7f0000000000)={0x7, 0x5, 0x0, 0x8}, 0x7, 0x0, &(0x7f0000000040)={0x8000000000000001, 0x7ff800}, 0x1) r8 = syz_clone(0x4000, &(0x7f0000000200)="9a052420433fe46c330798ea9b295324caa5c1d832c9a28f107986b9620922f6f74519169395748d0f5bb2ffb9ce8e5ae012caba47bbc449049cc1a990957a7b104d32045582c37c1198955b35193e3929768b16668879f351d264ff37611a72e43054e70ae8d4351bfaa06ac31a6d9817c5357e478fb5ee09aecc33eb202dc1df19b62147ff08a420f9c8b26f8410e11a6204415ada5d8bda20f08c5edd87700e56a26a3fe580689723257fde9368ce4cd9e7f6f4e8a8d86c4108d9721451c08a6e289fa0d986b05db2058def3e13d99cbbab2263cdd87ba8cabee59e6da6e65c1e23", 0xe3, &(0x7f0000000300), &(0x7f0000000340), &(0x7f0000000380)="64f22677194cba7011a1e85d25e2e199c5") syz_open_procfs$namespace(r8, &(0x7f00000003c0)='ns/time_for_children\x00') 2m26.664989742s ago: executing program 4 (id=1485): r0 = socket(0xb, 0x80000, 0x33) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000021}, 0x8004) connect$auto(r0, &(0x7f0000000180)={0xc72, @sockaddr_1_1={"c65d15c1866521d67a40fe4c6b971b45f087b9d0b61359f043b92632958463fd1a15a965f6cdac8d27a44f4a6653f7512bcdaff61a617ea5b061a9fb144d5870a6126f38e8df746955cd07ae2b6df3fe1369b80035f294a9e7ebf6b8f247c7250af4922d9515357ac51fec2bae170d1de3137118cc67d451d7ea04cd39440921b208f544ae7ce8c4988cd8017d90eb38eb6c53aca38ca6ccd84deae1d1fc20b39535ba772c3e51bbfb99b51c32dc288f8607b10e84a70a501007bbe9fe89de9a11f3084548ede4ea74fd4c06a5295433e637ae0000000000000000"}}, 0x55) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) lsm_list_modules$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x15, &(0x7f0000000100)={{0x0, 0x8001, 0x0, 0x7f, 0x0, 0x8000, 0x2}, 0xf}, 0x4, 0x0) r1 = socket(0x2b, 0x6, 0x6) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) memfd_create$auto(0x0, 0xe) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010028bd7000fedbdf250200000008000500402525000800030009000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x40) sendmmsg$auto(r1, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x102, 0x0, 0x6, 0x3}, 0xed71390}, 0x4, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x106) sysfs$auto(0x2, 0x6, 0x0) getsockopt$auto(0x4, 0x6, 0x1f, 0xfffffffffffffffc, 0x0) mmap$auto(0x0, 0x2000000000000004, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) rename$auto(&(0x7f0000000040)='/\\\x00', &(0x7f0000000100)='@$#-[)\x00') munmap$auto(0x20000000fffffffd, 0x2000000b) 2m11.467345859s ago: executing program 34 (id=1485): r0 = socket(0xb, 0x80000, 0x33) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000021}, 0x8004) connect$auto(r0, &(0x7f0000000180)={0xc72, @sockaddr_1_1={"c65d15c1866521d67a40fe4c6b971b45f087b9d0b61359f043b92632958463fd1a15a965f6cdac8d27a44f4a6653f7512bcdaff61a617ea5b061a9fb144d5870a6126f38e8df746955cd07ae2b6df3fe1369b80035f294a9e7ebf6b8f247c7250af4922d9515357ac51fec2bae170d1de3137118cc67d451d7ea04cd39440921b208f544ae7ce8c4988cd8017d90eb38eb6c53aca38ca6ccd84deae1d1fc20b39535ba772c3e51bbfb99b51c32dc288f8607b10e84a70a501007bbe9fe89de9a11f3084548ede4ea74fd4c06a5295433e637ae0000000000000000"}}, 0x55) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) lsm_list_modules$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x15, &(0x7f0000000100)={{0x0, 0x8001, 0x0, 0x7f, 0x0, 0x8000, 0x2}, 0xf}, 0x4, 0x0) r1 = socket(0x2b, 0x6, 0x6) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) memfd_create$auto(0x0, 0xe) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010028bd7000fedbdf250200000008000500402525000800030009000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x40) sendmmsg$auto(r1, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x102, 0x0, 0x6, 0x3}, 0xed71390}, 0x4, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x106) sysfs$auto(0x2, 0x6, 0x0) getsockopt$auto(0x4, 0x6, 0x1f, 0xfffffffffffffffc, 0x0) mmap$auto(0x0, 0x2000000000000004, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) rename$auto(&(0x7f0000000040)='/\\\x00', &(0x7f0000000100)='@$#-[)\x00') munmap$auto(0x20000000fffffffd, 0x2000000b) 1m30.564042112s ago: executing program 5 (id=1648): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_RSS_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14009eff", @ANYRES16=r1, @ANYBLOB="01032bbd6000ffdbdf252d"], 0x14}, 0x1, 0x0, 0x0, 0x7}, 0x4010) 1m29.236313226s ago: executing program 5 (id=1654): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x5, 0x9, 0x5, 0x10004) open_by_handle_at$auto(0x4, 0xffffffffffffffff, 0x9658) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = socket(0x10, 0x2, 0x4) sendfile$auto(0x1, 0x3, 0x0, 0xc01) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001700), 0xffffffffffffffff) r2 = syz_genetlink_get_family_id$auto_MAC80211_HWSIM(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000340)={0x1c, r2, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@HWSIM_ATTR_CHANNELS={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(r0, &(0x7f0000001840)={0x0, 0x0, &(0x7f0000001800)={&(0x7f00000017c0)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x28044004) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) shmat$auto(0x0, 0x0, 0x0) clone$auto(0x40083b42, 0x5c84, 0xfffffffffffffffe, 0x0, 0x100000000000f) mount$auto(0x0, 0x0, 0x0, 0x9, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x200, 0x2010000000000) socket(0x26, 0x80805, 0x0) open(&(0x7f0000000000)='./file1\x00', 0x1652c2, 0xe1d2b27bdc14aa98) memfd_create$auto(0x0, 0x7) fanotify_mark$auto(0x0, 0x1, 0x4, 0x3, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) mlockall$auto(0x7) madvise$auto(0x0, 0x80000001, 0x8) socket$nl_generic(0x10, 0x3, 0x10) 1m25.472155141s ago: executing program 5 (id=1661): r0 = socket(0xa, 0x801, 0x84) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0xffffffffffffffcd, 0x0, 0x1, 0x0, 0x0, 0x40000021}, 0x8004) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) select$auto(0xa, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x5, 0x3, 0x5, 0x2000000000000002, 0x9, 0x8, 0xff, 0xa, 0x4, 0xaab, 0x5, 0x4006]}, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r2, @new_prog_fd=0x4, 0x4, @old_prog_fd=r1}, 0xa3) r3 = syz_genetlink_get_family_id$auto_802_15_4_MAC(&(0x7f0000000080), r0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x11, 0xa, 0x300) write$auto(0xc8, 0x0, 0x40f6) sendmsg$auto_IEEE802154_LIST_PHY(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x1c, r3, 0x8, 0x70bd2c, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEST_PAN_ID={0x6, 0x10, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x4048010) shutdown$auto(0x200000003, 0x2) getpeername$auto(0x3, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000180)={{0x0, 0x80, &(0x7f0000000040)={0x0, 0x660b}, 0x4, 0x0, 0x1, 0xb33}, 0xed7138c}, 0x2, 0x9) setsockopt$auto(0x3, 0x1, 0xd, 0x0, 0x8) close_range$auto(0x2, 0x8000, 0x0) 1m24.152018436s ago: executing program 5 (id=1664): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mq_open$auto(&(0x7f0000000000)='.\xf1e4\xdf\x16\x95kxE\xd9x\x15\xb0\xf6V\x93\xb4E\x06\xc5}l', 0x400056a, 0x9, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000000)=@enable_stats={0x1b}, 0xa3) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mount_setattr$auto(0x5, 0x0, 0x0, &(0x7f0000000640)={0x10000c, 0x9, 0x0, 0xc}, 0x283) preadv2$auto(0x10, 0xffffffffffffffff, 0x2, 0xfffffffffffeffff, 0x7, 0x4) 1m20.983952039s ago: executing program 5 (id=1669): socket(0x2, 0x3, 0xa) socket(0x2, 0x5, 0x0) setsockopt$auto(0x4, 0x84, 0xc, &(0x7f0000000200)='\xf3\xc6uy\x90:\xf2\xb3}\xfb\xa9n\xbf\f\x8a\x16\x1a#\x866}\t\xcb-K\x962\xf4,;\xe4\"=\t#\xe9B\x1dq[\xe6\xf6\xd1\xf9\xdd\xfe\x1e\xc8\xa1\xea\xf9\x93\f\x95\x14\t\t\x01\x13Z0O@\xb6~8\x0ej\xf1\x8dH\x9ddK6\\|\x12\x82L\x84\x9d\x14\xd0\xa9{\xb1\xb4\xc5\xe0\xaf\x15RT\x98\xd9\x10D\xa1Y\x80\x1fe\xc1. \x9d\x84\x8b\x9a\x9a`q\x00\x8c8c:%\x97\x15\x80-\r\x94\xcb\xda\xa2\x1d\\;f\xcds\xa7q]?\'\xf5\x9eA\x841f\x1e\xce\xc0\x1d{tEc\xa3\fp\x1b\xd2\'\xcd1\x8d\x87\xf1\x02\xc4Q\x8e\xab\xf9L\xbf\xa4_\x85\xf1\xb6\xe0\xca\x9e3\x9b\xf7\n\xe7\xdf\x12\xef_ \x9dC\x1f\xb8k\xfbu\x8f\xd9\xaa>\xe3\xda\x1f\'\x00'/219, 0x800e) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_TIPCv2(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_SOCK_GET(r1, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f0000001700)={0x14, r2, 0x301, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x87}, 0x10000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = socket(0x2, 0x801, 0x100) epoll_create$auto(0x4) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x6, 0xffffffffffff0001, 0x2014) sendmmsg$auto(r3, 0x0, 0x0, 0x48) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysinfo$auto(0x0) seccomp$auto(0x1, 0x8, 0x0) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) sendmsg$auto_TIPC_NL_LINK_GET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10400}, 0xc, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="9c110000", @ANYRES16=r2, @ANYBLOB="00012abd7000ffdbdf2508000000d2000800cf5b8608db687c75cba46f66eb02050eddf210cce83f133dd5f25101229722d98d0bd2658af2eed31d637f814c2ceb6db9623fde632546f3ca6a60bef848eaa6514feda50ca09628887f4d5fa7173df5077de828ea9f5bbd8bbecd7d8027865a1840be555d264cdafe65ff19f53d620ef236d64b346531203061d332d6dad7548b069d6d902c625bc55cd29f2d625e8668cdb98d4c3521eb0fcc0f58f1ccf3f34030172ee234b4bc952fededfdb40845db2b8860a81b90486469c3841705f3e46a0eff1145477bdf3fe45c7a5cbf0000041000006d165c9e5c3daa4de7b30d66d09d67f6871aed262757ea79132f45bca43999b66353fef5fb5605c2292651a5f2ba5560d36aa55d4df55a7d0a91e6f1742d3f8d15f0fd61e5eb7231bd9198edc446120b924e4fb3ea365abe50671249887240c7cfd9340f6825bd4b0619012d5271c9e1247e30a7d25bb6f19b9e1991e6d06da2d7279b4b1274ba77e0c53d3f4cd0b886b30ed2289b52469cc9a355202dc902994369934d3f00bac6524e43a6a27b6a0841f99e504971263819096c0e7e12323df72fd11c32a3b4606b34e1493cfd3e730e4cc5df4172d5baa0f73515ddbf6c45ba3f32177cc9d7f31624bc7d7ca0fd35fb5be2ff82cc24c93899182ad246c0b7a1f20069df06c5e91fe7258b99d70497030d990e60083d624cf77aca0a395e8b32a394c2606c32c67e56a9a6c65db1427d78ed042fa7989788f4bd4d219b360306d2e23ee472e151871c15d511bce8f3d288446b621646f56c09b70682a93c0c5cfa9e3949ee7ee5b9bb76d62ee5543519ef1b58fb5a98e590c4a71a4e0843aa70c9a6dc876d7fd1ba166de9ec6cd8490b549d67f081daa57ae5d41b315c9ca1c5c64ba71bed546933eb7de32b002f8d8c323cb1b0be8107f23dbbfd08e259cd2e88ec68baa92f1f8003b0bd5d6bb73fde8d585a9c7f025b77a92ae8c6252529136a0a519e0ff056e127514d569b14c96b071a317c7be2cd317833afb452ec329a2c7c126056fffba30feda33070b351e3034dc6c6b1a6f24b7d6e8d58526451cd24f9a8da70602f2f40eabafb216740bfe7602af24d5a2f7a869b84d24ebe5a5d0dc1516ef32baf9d7bd8275c21ac7c4b81b1212240ed3e11a911f13d744f550a2e27a0a80d642da97a7087a3ea9fc3264a21c69134679214ff781a10c89cb78817e517ae011dc10ce26a9ad4a46816151527f4d1e1eb8a62a007e1162cfaee3a08b5825363b3983612d2986144672eef157936dd76aba4d0453506556cc7fe66c041a5d76d0a8820f46b0e6ed2c47e4c5e2fbfc4709bcabe9995968ecb0e8e6679d96ace56f7e221b5e976b97facd838e593a5a3e5abb9f936477f1758355832ff5459313742351b751fd52a1e5b2e2b397cc584878e1804101d6cb563aeab80b51f80697a1111272dc6ab8a97c6739d93043a1baf2a01266556c77a6766227ff2ffdcf3c941705436031725d083b9b6400d441d92bc6348b5a5ab6e1dd84e6e4beb9028e82a0c253634aac9420c5263a33d87a8e670b02423457ac10175d267bb0d8132c3fae5e8bea63e77c20a1a30751c15be4798a5b6c92f8c350ba76ee8f8540b66b33372a67775199efe1fcd767e7418989a591fa2ed1855419d50c4298d4ec3245c5b6560461c64ebaaa1e0ee82183d006f529b4dc80eba16b27d3447f23bb62c434155e12b838103661519e204e1caeba9fb71c8f5d01bd25520719f838dae93f74edfa57619737f47e6c18a6fb00418b33e3573d77227b784eb89b618a2376eb3a60e1cb4cd7bd86ca28c39d80fbc006cd689ba51158dd1b0c0d9dea7e4a3490b050b2877b3ac638f31d22a9a237b58d69672e988e5b76a12021de632536e9a1d8d60733659d61b226ebb52bc11b241ceda768a94c48cfc2e93d9775c4c17f709159ff10fdd409b294235b9c7e5ffcf8df3756b8443798c351c6828f2c68a08eaf636218ef08cade288f2ef9919764c53f1451bb769b38ded5329fc9d1f1d25fdc802991275bb3fe161770e4b53e0f88bee6f64d8602d2d88612af7d499c73e1d315e7db862e35e7ec8924a6ee60c9817cda4f6e80d99adfd554f229886352d9f4131849b8e315f3a840f8618b96b243e9c1f25db7d6fe047464c82cc158771233b5e29dee5e1fa7b0338e8e6d766a80a7e64a8b14a5c47e6fb09061342dd12f84ff73ea3c8ce0d7d89f8bf714d8889f4c5ff4270f7ca0598e764d17ef454b39b0cb1e7095d10d6c5402d5663f8d7f52835927090a20f3acacdee70723c7b2d53df02a3513f4e24c3a1316c7b9667c7210a3b0547d657a8024cc227b9a4d9c810fe48ac6f9c68490fefd3a93536e41cc54e3fecc73a5ea98530f63ddb2a425e7760177b506132f69940b6cd3924c80396adec25de8c36bdb5b3c8321bcc86a3f271d72d0a16d8ef38a2929f13e9570ed7c3e727ad4497ef06edb18a9e7a4dbfcb8a741b6c01ab97cdcacbce96b01fcf86bee41f9cf0cfcfaffeae9cd5dcdec77fa3fc654240681a822834ce9a0916f6c4bf89273898fb9377b04b2a239c03aaea605f902b324ec35c00dd0ee7dd2e870d6917ed0fbe9a242dee287c4c20e07fd7d46b765ce37612eb5a72d481830c07f1d07f885a301595c24ff745f99a678a9c3751463e0c7a7bdd5607c77f2e3de703dd9a54b9df10fee49d7fd9511fe072cd2d33b3b8f33ae6d9d5765c4a34fcb05f82e8d09227067a4c2dd505fca3d001aa26c175469e5681174182b34f8d6c1039edebab3fdd5e608973b81319511bd118369efc031f2860ffea6d8f181b9b149768dd5c7083a30e0ca0ca84669df242050de5761839f17a77f8dd4ba414c7a0b111a52b841f8f99ebf7c668edb3d61c978958f6945830b131270df9f0b5d46ab6ef08d5c66f6df17bac1f086862473328233c41891bf77a5c0afaba112f351b788e56479dc5e04b18ab2275951d0bcdc93feeb37b411ed5a93c754036b7451f1bf7f946f3ccc3be5837dc3eea09f4304250fa5e6e3b2b9099fa37dd1c5f43710901e002919a536176e75c1a0a5d403537fb1c3e1c88ec8d88dd5cf127d9a8d537cc70a3aa83f9d2ce3ea6f4509ee897bc1169f12ea2fdccbb798339fdd399f9373c96521755d8204e06b1f4f0cbbabfef3b903ceb8e012102bbe033aa81193cdb543be6d35bc72bacc2112634f1e4ac12e0144cf8d9cdb2fddf4900bb4bbab89044faacb077e277aa6e36b875e6733e00c88cf58db61629d9a2c4008cb5b66cca84ae3783cb15e564f95a28c67659c7db8e1d13ec9e5fa5930e4b33f2c0711ef70f4aea85210bfd670e9599345eef01a5eca9c249485cad16e37ab826b5ec918cad5e8aa34b11cdd358d94b1d147fc5c3185c3b865ce645e68c0677480000b9efcc7732f669cfa341e4255a7a200a2dd168910c35df5daf6154f544f738e44e9e4fe82bfdb7ac1a7cb05aa911085980a9a243cc862195e42d401228775da5d9683b9ac3224338bf1cb2bf7cd3655e35308983d45e92d1b57655cd31232db2be9d8a90491cfb8de6bf819431538af3e66a0e08f3da0d42a100221e5c5b30a2432efab0a674ff5419dfd3e546a38b4d65de52b9404a06f8fab82d218646e1f6ac2beb73ccd3eb179f9c91b5de51a887cfa26980b156ab2b15d0d1897244628af12fb8ea8e978fac6b465e93b2d1e402762cdc856323769b82f6445939aefbffa0124b182ee2d9e248a5dd4b676cfdd2831ae5a4f3e3d4fc42f5e051ca01f17e35b4cbed22abf44d62f206956fd98f3428dc2c0d004eede32cae3b9e368aaf3c82bc28b02fd1152b755b84ca8a6156277477a3e936994adfee1c097ffd326c8ee829629908ff4dd4d2ba538fdcdc17d66736118b156fb2f3479dd370d88f6362eab9b9c8acd2098915c31b73bb0bfb602bb3dab2b277d3df10dfa7176ffa43c85e5598ebde4972cc1093630ce31a3c8584a274a5d195232647016a22115100a1e6e8bc285e5bd40d195b7cc5605f6ae56224de50530c1ed6d7d7e1f7bd64280e9dd14405e3686441a94b8f5e4efd8c9c93ba268935da06ee46f02cfccf20213a00699e41a5e5f802bbea69ddd81d226a9c08c91c27bef8b9603b4f0918405bb95ac4d2ded9c10a99e1713d3a872f4aae2b382716932259eb4a3a43d5d39579b0e26f65ebfa782ec34158d53df1404e94935beb17a6ae7de960ae303e0da5e01bea8cd4df70927f90c67a2381c7fd32257db5a1959071cff115b6dfae09fde644a8d0c81dc1f5cc61559c9217671073b10139a2e4c5647f2306c51ec485c4647c0acef6a739d40cb70d51f2d08fcca01c3099ef5c0e218132e8c253e0e0487872b50d2549046366d99c9ccf9c453e04bf3e717806455ae8bacc9befae19ea53504f712cd12a604ebfd7faf63d53ee066b3c9882ea79e3bd7e217d31d602da4af17ae67467d33bd201a67312b242b017cd66ecdc6b1491fc989f4da0472e80a4f20d06887a73d3ea0e8a32c5c24d7acb4ce912af6176686d76df3f04ef0c6c32c1db08bd8a3a0abddce18e947c83cf951ac22e8793ced35a77681fa43da9ee12d1af78ffdefa7aaac0de4100fa3fff2416d0b679f78a64e0e282cd10925b57315a02a9c2a2e47e55fb9f51551638b83a6900d080f7efd72142bcd9661d796a17213e8e3b0551e1f1d57af9b6ae25dbebd8f3adb82d4083b4fad416d0ef08fb5a89469333f85b5bf653ec3c522fbcf71fe0a8c7993bb8b656ae76700da72ba8a0ee78f73925d84ee4fe7ee80fabb9144b7e042924de48fd405f9e7e11653896b665c1d5836033ebb0cd12848914f03f5fcf94ef8b46fcf7621902119524044352feb622143bc6e89f16f41c1300a698650716eb56dc8791aac2e66b2a82277688691e2d1793c9daaa17c16f9e52ed9808c67c0291f36441f803cd0e8b639da4099584616f2d78c7d61661d2fc7c5bcc58aeda7895269df3340bfb2e4b193b9bb97edaa39553b894fec153c00797c2a5065d9229c055c43d69a036e22629abb2691cd866bb7a6f1d9a639b9116575dc7feab7c2aa5e1b4cfca5184ab37c45405f7d665c88c28c0c0147a75f79798ec3421d83ee829c36a2b4c0b0acbeb5c2da33cc7b170e45a308517ac4b088774b79f5aa1271bdcff8a5771eac39cad946f1d91554dfbd05db355b54db0904fa032d9b3e7feb0319182b51e99906565695d68b115ddba388faa63d0ffb6d1addb620802906f2e285a96afa36cb2e3ca2cebfae9b57943bc803dd55081bcdca97d702ee1c501a01891768659cb94f245a12c388a83acf169652f36429e77dfc1ce14b4726f8160cd83be755f7563021a2afd00be65b562f309f98702be3dc0f0989307e7a2918a040bbb250ade0057b01303f467e16550b3fa5f82194b2fcb5fa9f841cd2c4b60fa8a4ec99403823fcec0466f99ae237c08a05c5f8fa89285a677c4781cc88cdfbf168da0a29748868af2f01e8f2382008a0d41bf26eb5c60e12415670d3d983267d43252c8d485b12601decfc0993063212de07b2dece37a4bd2705bf68402052811e167508964817f519c8d62fa7b32a98ced79090ad6e29422607c4959dc77f5f1460112466fc378d88303f67b88a85401a87aad2254c18f84413778eede9d21057e7d34ef00cd42e2132793a39a85014b7d26546b501d0735e08b071e723837665c915045af0c03c51166b22892969c936c5e8c53917703c1c36308d5500c3f7a9aa34ae82a6743170e1c7006d0a81dcee6663dcc4e9faa9dac0cbae3e3f743173c5786e659ba2ffc4e02d6518eba8d735124dff6d67ebc298c9e1e7326b9a2a694906a8bd7dd9ee1127df7f66b223277ab8c61f6584f1e4c98f67c224c42564f4bab5f5dce83898dd67e84e6a354acd7f1cdb563659c0983c8dd7a3dc3d644d5fcaaccb1971b3e9fd867315c4c8f2ee9d1f5e1c681fc1a6c86bd65a0e2a4f513b73a8413d5c13ec2c69d44facac0d126775dad5d4ff6383077dea51e9664a8de59196571be0155ffa2d28cc6e9affad55b34cbe57f4f6e74bbc70e9254cb1784019bc0e4d0b58765af000500c8e1ca2d9006165ce866cd14f72157bbf0324310ca3e375ba3efbbad1881180d8d7c50eb2506c5d4e5b346f0e271a6e83a93544031d1bf9340d7d6378f67d44c5c734e7ef6fdc61a8843b1c07258b25b3e4be8b19943f9f0a8ba2a4b04d4d619c29c2e974ea84bc77632e9fa2088806f2dee9db66a624e0863224000d7e272ff3db6d265f68e292d2c82cea4aacf469edefba186d037a3345c50f3618b9eb9cc76a0358c535f373d92021800"/4502], 0x119c}, 0x1, 0x0, 0x0, 0x4040085}, 0x60000001) madvise$auto(0x0, 0x2000040080000004, 0xe) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffe, @_sigpoll={0x52, 0x7}}}) 1m13.43367108s ago: executing program 5 (id=1683): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000) getsockopt$auto(0x4, 0x6, 0x8, 0xfffffffffffffffc, 0x0) r1 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000040), 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) pidfd_open$auto(0x1, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') socket(0x10, 0x2, 0x0) sendmsg$auto_TCP_METRICS_CMD_DEL(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x1c, r1, 0x1, 0x70bd2d, 0x25dfdbff, {0x2, 0x0, 0x700}, [@TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @multicast1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44004}, 0x24000800) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') (async) socket(0x2b, 0x1, 0x1) (async) mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000) (async) getsockopt$auto(0x4, 0x6, 0x8, 0xfffffffffffffffc, 0x0) (async) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000040), 0xffffffffffffffff) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) pidfd_open$auto(0x1, 0x0) (async) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') (async) socket(0x10, 0x2, 0x0) (async) sendmsg$auto_TCP_METRICS_CMD_DEL(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x1c, r1, 0x1, 0x70bd2d, 0x25dfdbff, {0x2, 0x0, 0x700}, [@TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @multicast1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44004}, 0x24000800) (async) 1m12.679758312s ago: executing program 35 (id=1683): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000) getsockopt$auto(0x4, 0x6, 0x8, 0xfffffffffffffffc, 0x0) r1 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000040), 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) pidfd_open$auto(0x1, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') socket(0x10, 0x2, 0x0) sendmsg$auto_TCP_METRICS_CMD_DEL(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x1c, r1, 0x1, 0x70bd2d, 0x25dfdbff, {0x2, 0x0, 0x700}, [@TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @multicast1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44004}, 0x24000800) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') (async) socket(0x2b, 0x1, 0x1) (async) mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000) (async) getsockopt$auto(0x4, 0x6, 0x8, 0xfffffffffffffffc, 0x0) (async) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000040), 0xffffffffffffffff) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) pidfd_open$auto(0x1, 0x0) (async) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') (async) socket(0x10, 0x2, 0x0) (async) sendmsg$auto_TCP_METRICS_CMD_DEL(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x1c, r1, 0x1, 0x70bd2d, 0x25dfdbff, {0x2, 0x0, 0x700}, [@TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @multicast1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44004}, 0x24000800) (async) 16.012250431s ago: executing program 6 (id=1791): arch_prctl$auto(0x2003, 0xfffffffffffffffe) mkdirat$auto(0x9, &(0x7f0000000000)='/:{[*!\x84\'@/\x00', 0x8) 15.337501264s ago: executing program 6 (id=1794): r0 = socket(0xa, 0x3, 0x73) utimes$auto(&(0x7f00000000c0)='..\x00\x00\xff\xbc\x8b\xe4\x9dAHq#\xf5\xe4\x81\xf8v\xbd=-\xc7\xda\xdd,\x15V-\xb4]\xee\xce\xe6\x92i\xcb\xf4\xda\xd7f\x8dN\xa6\x14\xe6\r\xb5D2\xd96;\xad\f\xb3\x0f\xd3\x14\'`$,\x97Tv\x8d\x9c\xf0\xa3^\xd8\xc87\n\x00\xfe\x95\xf4\xcd\x92y>\xc4FI', &(0x7f0000000000)={0x8, 0x5}) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x8000003, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) landlock_restrict_self$auto(0xffffffffffffffff, 0x9) madvise$auto(0x0, 0xffffffffffff0008, 0x19) mmap$auto(0x6, 0x5, 0xd, 0xfc, 0x401, 0x0) connect$auto(r0, &(0x7f0000000040)={0x1, @sa_data_min="38853f05994718345e6b10e66c94"}, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) mmap$auto(0x0, 0x400008, 0xe0, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) r1 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x12b) mmap$auto(0x0, 0x200, 0x1000000004, 0x9b72, 0x2, 0x8000) bpf$auto(0x10, 0x0, 0x9) madvise$auto(0x0, 0x8d1, 0x11) madvise$auto(0x0, 0xffffffffffff0001, 0x15) syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000000), r0) io_uring_setup$auto(0x6, 0x0) futimesat$auto(r1, &(0x7f0000000080)='#\x00', &(0x7f0000000140)={0x7, 0x2}) setsockopt$auto(0x400000000000003, 0x29, 0x7, 0x0, 0x1) 10.172864286s ago: executing program 6 (id=1804): sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x2, 0x1) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') open(&(0x7f0000000800)='./file1\x00', 0x22240, 0x155) r0 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x83, 0x0, 0x8) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) mmap$auto(0x0, 0xcc, 0x4000000000df, 0xeb1, 0x401, 0x8000) semctl$auto(0x1ff, 0x2, 0x13, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x2) userfaultfd$auto(0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0008, 0x19) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) madvise$auto(0x2, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) io_uring_register$auto(0x7ff, 0x520ca8b4, 0x0, 0x4) rseq$auto(&(0x7f0000000000)={0xfffffffe, 0x80000001, 0xffffffffffffdffa, 0xff, 0x9, 0xfffffe01, "7e21cffe392acebfd536b244bf5b09290d502e7df73bf193b773cb"}, 0x208, 0x8, 0x5) rseq$auto(&(0x7f0000000080)={0x0, 0x800, 0x0, 0x0, 0xb, 0x2000, "39a99fe6a22f1871739e92edbab88108e9f1efe4b37b6102caad017dd5c5b58843e5ab1c9ea457bebd92ecaaa698fe447249d4ee4a38cb2dba5f4dac06d2d4"}, 0x6, 0x80000000, 0x7b) sendmsg$auto_IPVS_CMD_DEL_DEST(r0, 0x0, 0x40) read$auto(0x3, 0x0, 0x7) msync$auto(0x1ffff000, 0x1080100000000007, 0x400000004) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) read$auto(0x3, 0x0, 0x7) futex$auto(0x0, 0x8, 0x8243, 0x0, 0x0, 0x4) setsockopt$auto(0x3, 0x0, 0xd, 0x0, 0x28) 9.44583601s ago: executing program 0 (id=1806): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_RSS_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="01032bbd6000ffdbdf252d"], 0x14}, 0x1, 0x0, 0x0, 0x7}, 0x4010) 8.627855903s ago: executing program 0 (id=1808): socket$nl_generic(0x10, 0x3, 0x10) socket(0x20, 0x1, 0x200) ioperm$auto(0x8, 0xfe, 0x2) gettimeofday$auto(0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0xa, 0x801, 0x84) socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x2000c041) bind$auto(0x3, &(0x7f0000000080)={0x2, @sockaddr_1_1}, 0x6b) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x8004) read$auto(r0, 0x0, 0x1) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) write$auto(0x3, 0x0, 0xfffffdef) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x3ec0) connect$auto(0x3, 0x0, 0x55) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x23, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_TIPCv2(&(0x7f0000000bc0), 0xffffffffffffffff) ppoll$auto(0x0, 0x6, 0x0, &(0x7f00000001c0)={0xbf}, 0x5) connect$auto(0x3, &(0x7f0000000100)={0xf6bb, @sockaddr_1_1}, 0x55) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x3, 0xdf, 0x13, 0x4, 0x8004) 7.23333675s ago: executing program 3 (id=1811): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x2000, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) setuid$auto(0xe) ioperm$auto(0x3b, 0xf99b, 0x6) madvise$auto(0x0, 0x3, 0x15) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x3, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x62bd, 0xeb1, 0x3ff, 0x8000) connect$auto(0x4, 0x0, 0x10) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) r0 = socket(0x2c, 0x3, 0x73) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) connect$auto(0x3, 0x0, 0x55) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x200004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) mlockall$auto(0x7) mprotect$auto(0x0, 0x8000000000000001, 0x6) clone3$auto(0x0, 0x40) getrandom$auto(0x0, 0x6000000, 0x3) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) setuid$auto(0xe) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000140), 0xffffffffffffffff) bpf$auto(0x5, &(0x7f0000003c80)=@bpf_attr_7={@map_id=0x8, 0x81, 0xf}, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x4) fallocate$auto(r0, 0x20000005, 0x100000000000004, 0xe) mlockall$auto(0x7) 7.157480548s ago: executing program 7 (id=1812): statmount$auto(0x0, &(0x7f0000000040)={0x1, 0x0, 0x3a, 0x828, 0x9, 0x8000000000000000, 0x9f, 0x7, 0x6, 0x5, 0x2, 0x9, 0x3, 0x8, 0xffffffffffffffff, 0x200000000000f, 0x100, 0x1, 0x10001, 0x2cf8, [0x9, 0x7f, 0x40, 0x1, 0x7fffffffffffffff, 0x48c000000000, 0x600, 0x3, 0x80000000, 0x6, 0x3961, 0xfffffffffffffff9, 0x10, 0x3, 0x35c4, 0x0, 0x6, 0x0, 0x1, 0xc, 0xd9, 0x48, 0x5, 0x1, 0x200000000803, 0x7fffffffffffffff, 0x15, 0x110, 0xb, 0x8000000000000000, 0x2ab, 0x8, 0x800, 0x0, 0x1, 0x4003, 0xffffffffffff0000, 0x6b, 0xfffffffffffffff9, 0x204, 0x2b7, 0x4, 0xf, 0xe, 0xb, 0x7, 0x6, 0x7a, 0xdf]}, 0xe3c, 0x0) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c0000001200"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) 7.072912692s ago: executing program 7 (id=1813): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff) sendmsg$auto_TCP_METRICS_CMD_GET(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000b00)={0x14, r1, 0x89c1beb01534ff9b, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0xf000}, 0x8998) 6.781384557s ago: executing program 0 (id=1814): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) r0 = socket(0x18, 0x80e, 0xec) r1 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)='ns/uts\x00') r2 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/ipc\x00') r3 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/ipc\x00') setns(r3, 0x0) clone$auto(0x4cd5897d, 0x521, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0) setns(r2, 0x0) splice$auto(r0, &(0x7f0000000000)=0x4, r1, &(0x7f00000000c0)=0xcffb, 0x6, 0xfffffffc) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/uts\x00') mmap$auto(0xffffffffffffffff, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x8, 0xc0d, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) rseq$auto(0x0, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) prctl$auto(0x1000000003b, 0x1, 0x4, 0x40000000003, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) set_mempolicy$auto(0x4, 0x0, 0x919) get_mempolicy$auto(0xfffffffffffffffe, 0xfffffffffffffffd, 0x2, 0x0, 0x1) madvise$auto(0x0, 0xffffffffffff0001, 0x15) io_uring_setup$auto(0x40005, &(0x7f0000000000)={0x6, 0x68a, 0x400, 0x7, 0x201005, 0x6, 0x7, [0x4, 0x802e9, 0x8], {0x0, 0x1, 0x8, 0x7, 0xfffffffe, 0x5, 0x1000001, 0xfffffffc, 0x7}, {0x4, 0xffe, 0xfffffffb, 0x6, 0x9, 0x6, 0x3, 0x0, 0x101}}) madvise$auto(0x0, 0x3e, 0x15) io_uring_setup$auto(0x6, 0x0) fanotify_init$auto(0x2, 0xb) 6.720746157s ago: executing program 7 (id=1815): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) ioperm$auto(0x7, 0x6, 0x2) syslog$auto(0x9, &(0x7f0000000000)='\x00', 0x9) mincore$auto(0x1000, 0x8001, 0x0) 6.375354395s ago: executing program 3 (id=1816): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) semctl$auto(0x1ff, 0x2, 0x10000000013, 0x0) prctl$auto(0xf, 0x2, 0x80000001, 0x403, 0x3ff) rseq$auto(&(0x7f0000000000)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x7ffe, 0x0, 0x6) mmap$auto(0x0, 0x402000b, 0xdf, 0x10000000000eb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x12004) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x8000000000000, 0xffffffffffff0001, 0x15) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) open(&(0x7f0000000080)='./file0\x00', 0x22000, 0x50) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendfile$auto(0x6, 0x3, 0x0, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) getrlimit$auto(0x1, &(0x7f0000000040)={0x9, 0x452}) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) mknod$auto(&(0x7f0000000b00)='X))\x00', 0x63c1, 0x7ff) bpf$auto(0x8000000000000020, 0xffffffffffffffff, 0x0) creat$auto(&(0x7f0000000040)='X))\x00', 0x5) ioctl$auto(0x3, 0x4c03, 0x38) madvise$auto(0x0, 0xffffffffffff0001, 0x15) setns(0xffffffffffffffff, 0x0) unshare$auto(0x40000080) clone$auto(0x10001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x8) writev$auto(0x1, &(0x7f0000000100)={&(0x7f0000000140), 0x400000000000fdef}, 0x1) vmsplice$auto(0x3, 0x0, 0x9, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x20200, 0x15) 6.326660291s ago: executing program 7 (id=1817): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x5, 0x4, 0x8, 0x8011, 0x3d, 0x100000000000002) socket(0x21, 0x2, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) get_robust_list$auto(0x100000000, 0xfffffffffffffffc, 0xfffffffffffffffc) getsockopt$auto(0x4, 0x200000000, 0x1, 0xfffffffffffffffc, 0x0) r0 = socket(0x5, 0xa, 0x6) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004180), r1) sendmsg$auto_OVS_VPORT_CMD_DEL(r1, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f00000041c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010028bd7000fbdbdf2502000000080001000400000008000800", @ANYRES32=0x0, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x40800}, 0x80) sendmsg$auto_OVS_VPORT_CMD_GET(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000240)={&(0x7f00000000c0)={0x17c, r2, 0x2, 0x70bd27, 0x25dfdbfe, {}, [@OVS_VPORT_ATTR_STATS={0x44, 0x6, {0x0, 0x9, 0x0, 0x2, 0x7ff, 0x1, 0x3, 0x7}}, @OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0x4}, @OVS_VPORT_ATTR_NAME={0xe, 0x3, 'ns/cgroup\x00'}, @OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0x9}, @OVS_VPORT_ATTR_UPCALL_PID={0xd1, 0x5, "c2854c84a56e769b31c4c35937bbf4420ccf4e18358f5588529a48f0203e0bc20784046c90608f6308f5263c71dafcf5ce27818d4dbe69e35e093ada76e5525f8eade4009ed1d6233c1e3ff657b294a38785deb5f6292738090b9922787e1c91cab9efa320e9cb31681be9450f39e3ff34d7402c6428e4d4e7f57d0e57e9f054045734b2e52aff5a04a3e3cc29f32cfdbf60e92aff7da1430a8bdbd87111fc1fa06147d4630d6f20a38a5a4a792563f303633ddfed263843e985fd9a3b432f22b9f3d888f62194331ecb231b27"}, @OVS_VPORT_ATTR_NAME={0xe, 0x3, 'ns/cgroup\x00'}, @OVS_VPORT_ATTR_NETNSID={0x8, 0x9, 0x2}, @OVS_VPORT_ATTR_NAME={0xe, 0x3, 'ns/cgroup\x00'}, @OVS_VPORT_ATTR_PORT_NO={0x8, 0x1, 0xfff}]}, 0x17c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40040) timerfd_create$auto(0xee, 0x0) sendfile$auto(0x7c34, 0x5, &(0x7f0000000040)=0x7f, 0xe) setsockopt$auto(0x3, 0x1000000110, 0x5, 0xffffffffffffffff, 0x4) madvise$auto(0x0, 0xffffffffffff0005, 0x19) ioperm$auto(0x7, 0x6, 0x2) mincore$auto(0x1000, 0x8001, 0x0) 5.67412307s ago: executing program 6 (id=1818): ioperm$auto(0x90d5, 0xc, 0x2) socket(0x21, 0x2, 0x2) setsockopt$auto(0x3, 0x1000000110, 0x2, 0xffffffffffffffff, 0x1) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) mmap$auto(0x0, 0x1000000000, 0xf601, 0x80000010, 0x2, 0x7ffe) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_TASKSTATS(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TASKSTATS_CMD_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x24, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@TASKSTATS_CMD_ATTR_REGISTER_CPUMASK={0xd, 0x3, 'N-N]N/--\xa2'}]}, 0x24}, 0x1, 0x0, 0x0, 0x8001}, 0x1020) r2 = open(&(0x7f0000000000)='./file0\x00', 0xaf44529eb48ad963, 0x17c) shmctl$auto(0x9, 0xe, &(0x7f0000000080)={{0xc, 0x7, 0xffffffff, 0x2, 0x2, 0x7, 0x4de}, 0x8, 0x2, 0x8, 0xffff, 0x2, 0x2, 0xfff9, 0x0, 0x0, 0x0}) ioctl$sock_SIOCGIFINDEX(r2, 0x801c581f, 0x0) statmount$auto(0x0, &(0x7f0000000040)={0x1, 0x0, 0x36, 0x828, 0x9, 0x8000000000000000, 0x8, 0x7, 0x9, 0x5, 0x2, 0x9, 0x3, 0x8, 0x5, 0xf, 0x100, 0x80000000, 0x10001, 0x5, [0x9, 0x7f, 0x77, 0x1, 0x7fffffffffffffff, 0xe06, 0x400, 0x3, 0x80000000, 0x8, 0x3961, 0xfffffffffffffff9, 0x10, 0x3, 0x35c4, 0x1, 0x6, 0x8, 0xea8, 0x8, 0xd9, 0x8, 0x5, 0x1, 0x200000000803, 0x7fffffffffffffff, 0x5, 0x10, 0xa00, 0x8000000000000000, 0x2ab, 0x8, 0x7ff, 0x1, 0x1, 0x3, 0xffffffffffff0000, 0x6b, 0xfffffffffffffff9, 0x4, 0x2b7, 0x4, 0xf, 0xffffffffffffff26, 0x8, 0x7, 0x6, 0x7a, 0xdc]}, 0xe3c, 0x0) r3 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c00000014f0"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) get_mempolicy$auto(0x0, 0x0, 0x3, 0x1ff, 0x3) rt_sigqueueinfo$auto(0x9, 0x8, 0x0) 5.665367782s ago: executing program 7 (id=1819): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 64) r0 = socket(0xa, 0x3, 0x6) (rerun: 64) close_range$auto(0x0, r0, 0xfffffffe) (async) r1 = getpgid(0xffffffffffffffff) syz_open_procfs$namespace(r1, &(0x7f0000000040)='ns/uts\x00') (async) socket(0x10, 0x3, 0x3e) (async) msync$auto(0x9, 0x8, 0x1) (async) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x4) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) (async) stat$auto(&(0x7f0000000000)='..\x00\x00', 0x0) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x2) lseek$auto(0x0, 0x0, 0x3) (async) mmap$auto(0x0, 0xd, 0xde, 0x100000eb1, 0x40000000000a1, 0x8000) (async) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) (async, rerun: 64) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) (rerun: 64) io_uring_setup$auto(0x3ff, 0x0) io_uring_register$auto(0x2, 0xf, 0x0, 0x20) ioctl$auto(0x1, 0x890c, 0x6) (async) mlockall$auto(0x27) (async) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x48000) 4.285735262s ago: executing program 3 (id=1820): mmap$auto(0x0, 0x9, 0x3ff57697, 0x9b72, 0x2, 0x8000000000008000) r0 = socket(0xa, 0x801, 0x106) mmap$auto(0x4, 0x0, 0x5, 0xff71, 0x4bf0fae7, 0x7) select$auto(0x3, 0x0, &(0x7f0000000100)={[0xd, 0x4, 0x0, 0x100000001, 0x9, 0x3, 0x46, 0x2, 0xd, 0x5e58296f, 0x3fffffffffffffff, 0x1000000000000007, 0x4, 0x9, 0x8, 0x1]}, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r1 = socket(0x1e, 0x4, 0x0) socket(0xa, 0x3, 0xff) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_gtp(&(0x7f00000000c0), r0) sendmsg$auto_GTP_CMD_DELPDP(r2, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r3, 0xe0b, 0x70bd29, 0x25dfdbfc, {}, [@GTPA_LINK={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20001015}, 0x20008800) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x8200, 0x1001, 0x8, 0x1000000f, 0x66b, 0x0, 0x5}, 0x6f4) socket(0x11, 0x3, 0x2) sendmmsg$auto(0x8, &(0x7f00000002c0)={{&(0x7f0000000280)=[0x10000, 0x86, 0x9ba, 0x6, 0x7727, 0x4, 0x5, 0x50000000000000], 0x10001, &(0x7f0000000040)={0x0, 0x5}, 0x9, &(0x7f0000000300), 0x24, 0xfffffffb}, 0x5}, 0x6, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r1, 0x10f, 0x4, 0x0, 0x14) r4 = socket(0x1e, 0x1, 0x0) setsockopt$auto(r4, 0x10f, 0x7fff, 0xfffffffffffffffe, 0x16) connect$auto(0x4, 0x0, 0x10) prctl$auto(0x40001000000001d, 0x0, 0x2, 0x9, 0x1) pipe2$auto(0x0, 0x80) setsockopt$auto(0x3, 0x1, 0x9, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) 3.5667126s ago: executing program 3 (id=1821): socket(0x25, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) setresuid$auto(0x8, 0x6, 0x1) 2.769172584s ago: executing program 0 (id=1822): r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x1d, 0x2, 0x2) socket$nl_generic(0x10, 0x3, 0x10) pidfd_open$auto(0x1, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL802154_CMD_DEL_SEC_DEV(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x2c, 0x0, 0x300, 0x70bd29, 0x25dfdbfc, {}, [@NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x5}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0xd}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x48000}, 0x1) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYRES64], 0x38}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) 2.448143568s ago: executing program 7 (id=1823): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) (async) socket(0x2, 0x3, 0xa) (async) setsockopt$auto(0x3, 0x0, 0x30, 0x0, 0x10001) (async) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/user\x00') mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async, rerun: 64) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (rerun: 64) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mlock$auto(0x7, 0x5) (async, rerun: 64) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) (rerun: 64) 2.089662284s ago: executing program 0 (id=1824): r0 = socket$nl_generic(0x10, 0x3, 0x10) openat2$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x400, 0x0, 0x31}, 0x18) (async) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000002500), 0xffffffffffffffff) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000021}, 0x8004) (async) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) (async) connect$auto(0x3, &(0x7f00000018c0)={0x2, @sa_data_min="915ba9fec23ea3df94bb303b2f9d"}, 0x55) (async) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x18, 0x0, 0x8) (async) sendmsg$auto_OVS_FLOW_CMD_SET(r0, &(0x7f00000025c0)={0x0, 0x0, &(0x7f0000002580)={&(0x7f0000000000)={0x1c, r1, 0x1, 0x70bd28, 0x25cfdbfe, {}, [@OVS_FLOW_ATTR_CLEAR={0x4}, @OVS_FLOW_ATTR_KEY={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x0) 1.529860413s ago: executing program 6 (id=1825): r0 = socket(0x10, 0x3, 0x6) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)={0x50, r1, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x2}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x3}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x2}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x4}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x70}]}, 0x50}, 0x1, 0x0, 0x0, 0x4048000}, 0x4000700) 1.37617199s ago: executing program 0 (id=1826): mmap$auto(0x0, 0x400008, 0x62f2d57000000000, 0x9b72, 0x2, 0x1008000) unshare$auto(0x40000080) timer_create$auto(0x0, &(0x7f00000001c0)={@sival_int=0x4, 0xd19, 0x1, @_tid}, &(0x7f0000000040)=0x200) select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x4, 0x5, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x40, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x80080001]}, 0x0, 0x0) timer_settime$auto(0x0, 0xffff8000, &(0x7f00000000c0)={{0xf, 0x10007}, {0x9}}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) ioctl$auto(0xc8, 0x400454d9, 0x5c8d) socket(0x29, 0x80003, 0x101) socket$nl_generic(0x10, 0x3, 0x10) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0x2cbd5d) r0 = socket(0x11, 0x80003, 0x300) poll$auto(0x0, 0x2, 0xc) setsockopt$auto(r0, 0x107, 0xc, 0x0, 0x4) 1.136212162s ago: executing program 3 (id=1827): socket(0x2b, 0x1, 0x1) setsockopt$auto(0x3, 0x29, 0x11, 0xffffffffffffffff, 0x3) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) pipe$auto(&(0x7f0000001000)=0x1) socket(0x2, 0x1, 0x0) socket(0x1, 0x0, 0x0) socket(0x25, 0x6, 0x84) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mount_setattr$auto(0x5, 0x0, 0x0, &(0x7f0000000640)={0x10000c, 0x9, 0x0, 0xc}, 0x283) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0xa, 0x2, 0x88) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0x0) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=0x4, 0x4, @old_prog_fd=r1}, 0xa3) ioctl$auto(0x20000000000003, 0x8943, 0x2) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto(0x6, 0x40000000084, 0x1e, 0xfffffffffffffffe, 0x0) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x1) sendmsg$auto_NL80211_CMD_NEW_MPATH(r0, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="891a14d1a9d9e4b805c062a82f367f6b8891c476a88f8c14c22e3d5967aa117f00edde6ee1f0a4fd2910033782068a4e7705cb26fbf916fcbbd284357d85bfc18acb39325e533d2b2e07198d56b247", @ANYRES16=r2, @ANYBLOB="00022dbd7000fbdbdf251700000008005d007393ffff500138011c70ca8d8b31e7317a3658dca3cda6840276ee578689fc1c4c5da98c8d0149e8f58912d97fa1be17a41bdac81cfe24c61aedf6b22f0c4a6585836948285e0f1c064308c047cb382c7c45550aac91ed19b1e827249d13dc0e20d16b509ea63ab6823658a0fe1ffbbbb2786f0c66516a38f145ca2de9bcdfcb137ba5bbcab9c67f52a2863858f246de852cc56982516a695fc9e9e43db8853be4598a5f52d08c05a718ba2c25ba371ba4c739aa8d2de1c885043d364dde4da00f9e1e2fdbf4dd036446aaaf8292848571f802971bdc6d7c443b3a98254bcd52d5a79e2f658aef15be38508de4f54794e56741d35b334e4cde5cb812f038d587d536b08ac68f17b8762792f98e869fa9b231f8b820cd004641ff106750ff9d57c0a9287c65d6cf4a5898efed39b215bff5a59ccb94ce77724254c076fbbdbc3274681c9da7565b2bd33798a1a6ccc82d58a13e5206003600ff0f000008001f017f0000000400b8000400670006008100ed0600000500d60002000000"], 0x194}, 0x1, 0x0, 0x0, 0x40}, 0x20000800) 721.099173ms ago: executing program 6 (id=1828): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) select$auto(0x80, &(0x7f0000000040)={[0xffff, 0x31, 0x1ff, 0x100, 0x2, 0x80000001, 0x200, 0x9, 0xd0, 0x4, 0xe, 0x8000000000000001, 0x8, 0x7fff, 0x2000000, 0x9]}, 0x0, 0x0, 0x0) (async) select$auto(0x80, &(0x7f0000000040)={[0xffff, 0x31, 0x1ff, 0x100, 0x2, 0x80000001, 0x200, 0x9, 0xd0, 0x4, 0xe, 0x8000000000000001, 0x8, 0x7fff, 0x2000000, 0x9]}, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x14, &(0x7f0000000040)=[0x8, 0x5], 0x3) syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/mnt\x00') (async) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/mnt\x00') getsockopt$auto(r0, 0x0, 0xfffffff8, &(0x7f0000000140)='{\x00', &(0x7f0000000280)=0x4) madvise$auto(0x5, 0xa8, 0x7) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_MAC80211_HWSIM(&(0x7f0000000080), r1) (async) r2 = syz_genetlink_get_family_id$auto_MAC80211_HWSIM(&(0x7f0000000080), r1) open(&(0x7f0000000000)='./file0\x00', 0x40000, 0x9) (async) r3 = open(&(0x7f0000000000)='./file0\x00', 0x40000, 0x9) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r1) sendmsg$auto_ETHTOOL_MSG_WOL_GET(r3, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="004a6da1b000080000ecbf97f6d0f7086c2963ca8c98cc06a5b0fd7c6090f5ab180a06dd2d0300000000000000aaad2c88d95c5cd8185d553f82bac7680848f9a7a2e9f871abde011a6c7d546ffa784da2d500000072c4bcae5df2093d5d4045fa7d3cef80db56a40a44030000000000000033102db34aa35dcf4ad7b6427a0938615b8f5e8d68e21b9883c77116f80de4562e38701120b01fe557380f08764a5413e8c214dac08838695c5a45a7b7ae791a9eb5c5edc2e7fd", @ANYRES16=r4, @ANYBLOB="10002cbd7000fbdbdf2509000000070001000cc2d20007000100889747000700010020a3460007000100b3810d000700010061f97100"], 0x3c}, 0x1, 0x0, 0x0, 0x91}, 0x8010) sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000009c876a564dca17417d6364000000000000000015ed772c08ceb757230563d61ad3caf4fb84ad4f06376f0db3a617da61b7", @ANYRES16=r2, @ANYBLOB="010026bd7000fbdbdf25030000000a000200cacd2dff110700000c0008000600000000000000080004008cf500000800060000080000"], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 0s ago: executing program 3 (id=1829): r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0xa, 0x2, 0x0) (async) setsockopt$auto(0x3, 0x100000000, 0x5, 0xffffffffffffffff, 0x0) syz_open_procfs$namespace(0x0, 0x0) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x1d, 0x2, 0x2) (async, rerun: 64) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 64) madvise$auto(0x0, 0xffffffffffff0008, 0x19) (async, rerun: 64) prctl$auto(0x23, 0x8, 0x2008, 0x0, 0x0) (async, rerun: 64) process_vm_writev$auto(0x1, &(0x7f0000002980)={0x0, 0x4}, 0x3, &(0x7f0000002a40)={0x0, 0x7}, 0x4, 0x0) (async) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000c40), 0xffffffffffffffff) (async) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) (async) pidfd_open$auto(0x1, 0x0) (async) socket(0x10, 0x2, 0x0) (async) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) (async) r2 = socket(0xa, 0x2, 0x88) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async, rerun: 64) socket(0x2a, 0x2, 0x6) (async, rerun: 64) connect$auto(0x3, &(0x7f0000000180)={0x2a, @sockaddr_1_1}, 0x54) (async) setrlimit$auto(0x1000000007, 0x0) (async) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r2, @new_prog_fd=0x4, 0x4, @old_map_fd=0x3ff}, 0xa3) (async, rerun: 64) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYRES64], 0x38}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) (async, rerun: 64) read$auto(0x3, 0x0, 0x5c0) (async, rerun: 64) read$auto(0x3, 0x0, 0x10) (rerun: 64) futex$auto(&(0x7f0000000100)=0x971a, 0x3d7, 0xdef, &(0x7f0000000140)={0x8, 0x400}, &(0x7f0000000180)=0x5, 0x7) kernel console output (not intermixed with test programs): s out of range [ 119.695753][ T6325] netlink: zone id is out of range [ 123.185791][ T6368] Invalid ELF header magic: != ELF [ 125.111384][ T6405] netlink: 12 bytes leftover after parsing attributes in process `syz.0.142'. [ 125.546567][ T6418] Invalid ELF header magic: != ELF [ 127.244112][ T6463] Invalid ELF header magic: != ELF [ 127.817446][ T6483] netlink: 4 bytes leftover after parsing attributes in process `syz.1.168'. [ 128.526544][ T6496] Invalid ELF header magic: != ELF [ 129.470273][ T6523] syz.3.180(6523): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 129.872652][ T6528] FAULT_INJECTION: forcing a failure. [ 129.872652][ T6528] name failslab, interval 1, probability 0, space 0, times 1 [ 129.966611][ T6528] CPU: 1 UID: 0 PID: 6528 Comm: syz.0.181 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0 [ 129.977286][ T6528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 129.987363][ T6528] Call Trace: [ 129.990657][ T6528] [ 129.993608][ T6528] dump_stack_lvl+0x16c/0x1f0 [ 129.998329][ T6528] should_fail_ex+0x497/0x5b0 [ 130.003030][ T6528] ? fs_reclaim_acquire+0xae/0x150 [ 130.008173][ T6528] should_failslab+0xc2/0x120 [ 130.012911][ T6528] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 130.018320][ T6528] ? security_file_alloc+0x34/0x2b0 [ 130.023554][ T6528] security_file_alloc+0x34/0x2b0 [ 130.028643][ T6528] init_file+0x93/0x230 [ 130.032848][ T6528] alloc_empty_file+0x91/0x1e0 [ 130.037662][ T6528] alloc_file_pseudo+0x13d/0x200 [ 130.042640][ T6528] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 130.048228][ T6528] ? lockdep_annotate_inode_mutex_key+0x4b/0x200 [ 130.054767][ T6528] ? hugetlbfs_get_inode+0x32d/0x530 [ 130.060097][ T6528] hugetlb_file_setup+0x4cd/0x620 [ 130.065149][ T6528] ksys_mmap_pgoff+0x189/0x5c0 [ 130.069964][ T6528] __x64_sys_mmap+0x125/0x190 [ 130.074673][ T6528] do_syscall_64+0xcd/0x250 [ 130.079204][ T6528] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.085139][ T6528] RIP: 0033:0x7f0f3177e719 [ 130.089602][ T6528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.109246][ T6528] RSP: 002b:00007f0f3258c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 130.117694][ T6528] RAX: ffffffffffffffda RBX: 00007f0f31936130 RCX: 00007f0f3177e719 [ 130.125693][ T6528] RDX: 00004000000000df RSI: 0000000000001004 RDI: 0000000000000000 [ 130.133690][ T6528] RBP: 00007f0f3258c090 R08: 0000000000000402 R09: 0000300000000000 [ 130.141688][ T6528] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000001 [ 130.149681][ T6528] R13: 0000000000000000 R14: 00007f0f31936130 R15: 00007ffe2d7d6e88 [ 130.157690][ T6528] [ 131.164681][ T6551] Invalid ELF header magic: != ELF [ 133.306107][ T6599] FAULT_INJECTION: forcing a failure. [ 133.306107][ T6599] name failslab, interval 1, probability 0, space 0, times 0 [ 133.345585][ T6599] CPU: 0 UID: 0 PID: 6599 Comm: syz.2.202 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0 [ 133.356272][ T6599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 133.366396][ T6599] Call Trace: [ 133.369725][ T6599] [ 133.372704][ T6599] dump_stack_lvl+0x16c/0x1f0 [ 133.377554][ T6599] should_fail_ex+0x497/0x5b0 [ 133.382343][ T6599] ? fs_reclaim_acquire+0xae/0x150 [ 133.387539][ T6599] should_failslab+0xc2/0x120 [ 133.392299][ T6599] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 133.397750][ T6599] ? ima_inode_get+0x120/0x580 [ 133.402590][ T6599] ima_inode_get+0x120/0x580 [ 133.407258][ T6599] process_measurement+0x70a/0x2370 [ 133.412537][ T6599] ? __pfx___lock_acquire+0x10/0x10 [ 133.417835][ T6599] ? __pfx_process_measurement+0x10/0x10 [ 133.423544][ T6599] ? kasan_save_track+0x14/0x30 [ 133.428486][ T6599] ? find_held_lock+0x2d/0x110 [ 133.433331][ T6599] ? aa_file_perm+0x4c6/0xfe0 [ 133.438075][ T6599] ? __pfx_lock_release+0x10/0x10 [ 133.443192][ T6599] ? trace_lock_acquire+0x14a/0x1d0 [ 133.448504][ T6599] ? __pfx_aa_file_perm+0x10/0x10 [ 133.453601][ T6599] ? lockdep_init_map_type+0x16d/0x7d0 [ 133.459161][ T6599] ima_file_mmap+0x1b1/0x1d0 [ 133.463831][ T6599] ? __pfx_ima_file_mmap+0x10/0x10 [ 133.469029][ T6599] security_mmap_file+0x8bd/0x990 [ 133.474142][ T6599] vm_mmap_pgoff+0xdb/0x360 [ 133.478748][ T6599] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 133.483954][ T6599] ? hugetlbfs_get_inode+0x32d/0x530 [ 133.489346][ T6599] ksys_mmap_pgoff+0x1c8/0x5c0 [ 133.494216][ T6599] __x64_sys_mmap+0x125/0x190 [ 133.498962][ T6599] do_syscall_64+0xcd/0x250 [ 133.503544][ T6599] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.509511][ T6599] RIP: 0033:0x7f085877e719 [ 133.513978][ T6599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.533645][ T6599] RSP: 002b:00007f0859650038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 133.542117][ T6599] RAX: ffffffffffffffda RBX: 00007f0858935f80 RCX: 00007f085877e719 [ 133.550146][ T6599] RDX: 00004000000000df RSI: 0000000000001004 RDI: 0000000000000000 [ 133.558200][ T6599] RBP: 00007f0859650090 R08: 0000000000000402 R09: 0000300000000000 [ 133.566222][ T6599] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000001 [ 133.574280][ T6599] R13: 0000000000000000 R14: 00007f0858935f80 R15: 00007ffe45a2c498 [ 133.582318][ T6599] [ 134.223802][ T6618] HSR: entered promiscuous mode [ 134.555667][ T6618] delete_channel: no stack [ 135.255770][ T6643] Zero length message leads to an empty skb [ 137.902195][ T6695] net_ratelimit: 10 callbacks suppressed [ 137.902220][ T6695] openvswitch: netlink: Message has 4 unknown bytes. [ 138.120487][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.132574][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.761639][ T6707] syz.3.234 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 139.756232][ T6739] Invalid ELF header magic: != ELF [ 141.392551][ T6775] delete_channel: no stack [ 142.360139][ T6801] Invalid ELF header magic: != ELF [ 145.039516][ T6884] Invalid ELF header magic: != ELF [ 147.058219][ T6933] netlink: 388 bytes leftover after parsing attributes in process `syz.0.303'. [ 151.105622][ T7007] netlink: 400 bytes leftover after parsing attributes in process `syz.3.331'. [ 152.338947][ T7029] netlink: 2 bytes leftover after parsing attributes in process `syz.3.340'. [ 152.809802][ T7036] raw_sendmsg: syz.2.341 forgot to set AF_INET. Fix it! [ 156.027064][ T7086] Invalid ELF header magic: != ELF [ 156.041985][ T7082] GUP no longer grows the stack in syz.0.353 (7082): 14000-401000 (4000) [ 156.085188][ T7082] CPU: 1 UID: 4096 PID: 7082 Comm: syz.0.353 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0 [ 156.096140][ T7082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 156.106256][ T7082] Call Trace: [ 156.109587][ T7082] [ 156.112574][ T7082] dump_stack_lvl+0x16c/0x1f0 [ 156.117324][ T7082] gup_vma_lookup+0x1d2/0x220 [ 156.122089][ T7082] __get_user_pages+0x236/0x3b50 [ 156.127129][ T7082] ? __pfx___get_user_pages+0x10/0x10 [ 156.132581][ T7082] ? down_read_killable+0xcc/0x380 [ 156.137776][ T7082] ? __pfx_down_read_killable+0x10/0x10 [ 156.143395][ T7082] ? find_held_lock+0x2d/0x110 [ 156.148244][ T7082] __gup_longterm_locked+0x639/0x1b90 [ 156.153715][ T7082] ? __pfx___gup_longterm_locked+0x10/0x10 [ 156.159612][ T7082] ? const_folio_flags.constprop.0+0x56/0x150 [ 156.165763][ T7082] ? sanity_check_pinned_pages+0x385/0x11c0 [ 156.171751][ T7082] gup_fast_fallback+0x1802/0x2690 [ 156.176976][ T7082] ? __pfx_gup_fast_fallback+0x10/0x10 [ 156.182539][ T7082] pin_user_pages_fast+0xa8/0x100 [ 156.187640][ T7082] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 156.193323][ T7082] ? __kvmalloc_node_noprof+0x6f/0x1a0 [ 156.198840][ T7082] io_pin_pages+0xae/0x190 [ 156.203307][ T7082] __io_uaddr_map+0x129/0x260 [ 156.208033][ T7082] ? __pfx___io_uaddr_map+0x10/0x10 [ 156.213314][ T7082] ? security_capable+0x250/0x260 [ 156.218477][ T7082] io_uring_setup+0x201b/0x3750 [ 156.223475][ T7082] ? __pfx_io_uring_setup+0x10/0x10 [ 156.228740][ T7082] ? rcu_is_watching+0x12/0xc0 [ 156.233568][ T7082] __x64_sys_io_uring_setup+0x98/0x140 [ 156.239091][ T7082] do_syscall_64+0xcd/0x250 [ 156.243635][ T7082] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.249578][ T7082] RIP: 0033:0x7f0f3177e719 [ 156.254023][ T7082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 156.273666][ T7082] RSP: 002b:00007f0f325ce038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 156.282121][ T7082] RAX: ffffffffffffffda RBX: 00007f0f31935f80 RCX: 00007f0f3177e719 [ 156.290141][ T7082] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000040005 [ 156.298229][ T7082] RBP: 00007f0f317f139e R08: 0000000000000000 R09: 0000000000000000 [ 156.306265][ T7082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 156.314264][ T7082] R13: 0000000000000000 R14: 00007f0f31935f80 R15: 00007ffe2d7d6e88 [ 156.322543][ T7082] [ 158.168427][ T7128] HfR: entered promiscuous mode [ 160.031560][ T7159] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 160.175441][ T7159] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 160.812293][ T7178] Invalid ELF header magic: != ELF [ 161.995848][ T7203] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 165.371964][ T7235] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 165.560886][ T7235] svc: failed to register nfsdv3 RPC service (errno 111). [ 165.601150][ T7235] svc: failed to register nfsaclv3 RPC service (errno 111). [ 166.002195][ T2939] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.328598][ T2939] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.699840][ T2939] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.887764][ T2939] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.455802][ T2939] bridge_slave_1: left allmulticast mode [ 167.462030][ T2939] bridge_slave_1: left promiscuous mode [ 167.515768][ T2939] bridge0: port 2(bridge_slave_1) entered disabled state [ 167.517111][ T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 167.532413][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 167.541699][ T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 167.553953][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 167.563385][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 167.564181][ T2939] bridge_slave_0: left allmulticast mode [ 167.571016][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 167.624766][ T2939] bridge_slave_0: left promiscuous mode [ 167.692904][ T2939] bridge0: port 1(bridge_slave_0) entered disabled state [ 169.175162][ T2939] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 169.202360][ T2939] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 169.230058][ T2939] bond0 (unregistering): Released all slaves [ 169.343722][ T2939] HfR: left promiscuous mode [ 169.639596][ T54] Bluetooth: hci1: command tx timeout [ 170.323727][ T2939] hsr_slave_0: left promiscuous mode [ 170.357442][ T2939] hsr_slave_1: left promiscuous mode [ 170.525085][ T2939] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 170.533720][ T2939] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 170.593853][ T2939] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 170.601440][ T2939] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 170.772141][ T2939] veth1_macvtap: left promiscuous mode [ 170.778189][ T2939] veth0_macvtap: left promiscuous mode [ 170.783860][ T2939] veth1_vlan: left promiscuous mode [ 170.789549][ T2939] veth0_vlan: left promiscuous mode [ 171.715352][ T54] Bluetooth: hci1: command tx timeout [ 171.902787][ T2939] team0 (unregistering): Port device team_slave_1 removed [ 172.094381][ T2939] team0 (unregistering): Port device team_slave_0 removed [ 173.442196][ T7266] chnl_net:caif_netlink_parms(): no params data found [ 173.796255][ T54] Bluetooth: hci1: command tx timeout [ 173.908083][ T7266] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.965542][ T7266] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.972822][ T7266] bridge_slave_0: entered allmulticast mode [ 174.002857][ T7266] bridge_slave_0: entered promiscuous mode [ 174.018147][ T7266] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.045206][ T7266] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.071602][ T7266] bridge_slave_1: entered allmulticast mode [ 174.086686][ T7266] bridge_slave_1: entered promiscuous mode [ 174.470794][ T7266] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 174.501586][ T7266] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 174.694646][ T7266] team0: Port device team_slave_0 added [ 174.717909][ T7266] team0: Port device team_slave_1 added [ 174.842424][ T7266] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 174.859210][ T7266] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 174.914935][ T7266] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 175.028371][ T7266] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 175.064080][ T7266] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 175.112955][ T7266] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 175.478375][ T7266] hsr_slave_0: entered promiscuous mode [ 175.506610][ T7266] hsr_slave_1: entered promiscuous mode [ 175.876415][ T54] Bluetooth: hci1: command tx timeout [ 176.073500][ T7266] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 176.131747][ T7266] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 176.164502][ T7266] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 176.244230][ T7266] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 176.521653][ T7266] 8021q: adding VLAN 0 to HW filter on device bond0 [ 176.611373][ T7266] 8021q: adding VLAN 0 to HW filter on device team0 [ 176.656856][ T29] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.664033][ T29] bridge0: port 1(bridge_slave_0) entered forwarding state [ 176.707124][ T29] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.714260][ T29] bridge0: port 2(bridge_slave_1) entered forwarding state [ 176.848926][ T7266] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 177.388936][ T7266] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 178.061886][ T7266] veth0_vlan: entered promiscuous mode [ 178.119431][ T7266] veth1_vlan: entered promiscuous mode [ 178.205803][ T7266] veth0_macvtap: entered promiscuous mode [ 178.228300][ T7266] veth1_macvtap: entered promiscuous mode [ 178.247995][ T7485] netlink: 40 bytes leftover after parsing attributes in process `syz.2.443'. [ 178.280424][ T7266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 178.310836][ T7266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.340789][ T7266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 178.361649][ T7266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.392218][ T7266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 178.415324][ T7266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.472020][ T7266] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 178.529234][ T7485] HSR: entered promiscuous mode [ 178.594701][ T7266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 178.635305][ T7266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.676564][ T7266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 178.705713][ T7266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.741477][ T7266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 178.765332][ T7266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.796863][ T7266] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 178.852514][ T7266] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.891071][ T7266] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.912543][ T7266] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.942112][ T7266] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.985493][ T7502] netlink: 342 bytes leftover after parsing attributes in process `syz.2.446'. [ 179.348072][ T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 179.387624][ T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 179.463166][ T2939] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 179.485815][ T2939] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 181.918726][ T7564] Invalid ELF header magic: != ELF [ 182.669204][ T7577] Invalid ELF header magic: != ELF [ 183.882068][ T7605] svc: failed to register nfsdv3 RPC service (errno 111). [ 183.913852][ T7605] svc: failed to register nfsaclv3 RPC service (errno 111). [ 184.587426][ T7624] netlink: 12 bytes leftover after parsing attributes in process `syz.3.464'. [ 184.872268][ T7624] : entered promiscuous mode [ 189.875595][ T7716] Process accounting resumed [ 196.702030][ T5850] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 196.711337][ T5850] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 196.721426][ T5850] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 196.736357][ T5850] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 196.754569][ T5850] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 196.769154][ T5850] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 197.022235][ T29] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.357067][ T29] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.801901][ T29] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.236233][ T29] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.316621][ T7853] chnl_net:caif_netlink_parms(): no params data found [ 198.796973][ T7853] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.830976][ T7853] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.835577][ T54] Bluetooth: hci2: command tx timeout [ 198.845469][ T7853] bridge_slave_0: entered allmulticast mode [ 198.876327][ T7853] bridge_slave_0: entered promiscuous mode [ 198.969917][ T7853] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.995591][ T7853] bridge0: port 2(bridge_slave_1) entered disabled state [ 199.004514][ T7853] bridge_slave_1: entered allmulticast mode [ 199.036534][ T7853] bridge_slave_1: entered promiscuous mode [ 199.312528][ T7853] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 199.368827][ T7853] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 199.569322][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.575794][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.817092][ T29] bridge_slave_1: left allmulticast mode [ 199.822867][ T29] bridge_slave_1: left promiscuous mode [ 199.855493][ T29] bridge0: port 2(bridge_slave_1) entered disabled state [ 199.942080][ T29] bridge_slave_0: left allmulticast mode [ 199.949388][ T29] bridge_slave_0: left promiscuous mode [ 199.955172][ T29] bridge0: port 1(bridge_slave_0) entered disabled state [ 200.915806][ T54] Bluetooth: hci2: command tx timeout [ 202.699659][ T29] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 202.706387][ T7954] netlink: 8 bytes leftover after parsing attributes in process `syz.2.534'. [ 202.736574][ T7954] nbd: must specify a device to reconfigure [ 202.876019][ T29] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 202.977728][ T29] bond0 (unregistering): Released all slaves [ 202.996019][ T54] Bluetooth: hci2: command tx timeout [ 203.121752][ T7853] team0: Port device team_slave_0 added [ 203.153965][ T7853] team0: Port device team_slave_1 added [ 203.342773][ T7953] HfR: entered promiscuous mode [ 203.394424][ T29] HSR: left promiscuous mode [ 203.725976][ T7853] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 203.733281][ T7853] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.815393][ T7853] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 203.847606][ T7853] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 203.854611][ T7853] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.937478][ T7853] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 204.632849][ T7853] hsr_slave_0: entered promiscuous mode [ 204.785724][ T7853] hsr_slave_1: entered promiscuous mode [ 204.857285][ T7853] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 204.866450][ T7853] Cannot create hsr debugfs directory [ 205.075459][ T54] Bluetooth: hci2: command tx timeout [ 205.374101][ T7996] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma? [ 207.003165][ T29] hsr_slave_0: left promiscuous mode [ 207.055724][ T29] hsr_slave_1: left promiscuous mode [ 207.124457][ T29] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 207.144220][ T29] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 207.168805][ T29] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 207.189449][ T29] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 207.276361][ T29] veth1_macvtap: left promiscuous mode [ 207.282010][ T29] veth0_macvtap: left promiscuous mode [ 207.301614][ T29] veth1_vlan: left promiscuous mode [ 207.315595][ T29] veth0_vlan: left promiscuous mode [ 208.330335][ T29] team0 (unregistering): Port device team_slave_1 removed [ 208.479567][ T29] team0 (unregistering): Port device team_slave_0 removed [ 210.443829][ T8090] netlink: 8 bytes leftover after parsing attributes in process `syz.3.564'. [ 210.606287][ T8101] delete_channel: no stack [ 210.891032][ T7853] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 210.921599][ T7853] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 210.968855][ T7853] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 211.032779][ T7853] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 211.154560][ T8116] HfR: entered promiscuous mode [ 211.184650][ T8116] netlink: 12 bytes leftover after parsing attributes in process `syz.4.569'. [ 211.215155][ T8116] HfR: left promiscuous mode [ 211.266997][ T7853] 8021q: adding VLAN 0 to HW filter on device bond0 [ 211.323502][ T7853] 8021q: adding VLAN 0 to HW filter on device team0 [ 211.389958][ T67] bridge0: port 1(bridge_slave_0) entered blocking state [ 211.397225][ T67] bridge0: port 1(bridge_slave_0) entered forwarding state [ 211.409830][ T67] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.417060][ T67] bridge0: port 2(bridge_slave_1) entered forwarding state [ 211.878996][ T5156] Bluetooth: hci0: command 0x0406 tx timeout [ 211.879009][ T5856] Bluetooth: hci3: command 0x0406 tx timeout [ 211.970106][ T7853] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 212.207087][ T7853] veth0_vlan: entered promiscuous mode [ 212.260570][ T7853] veth1_vlan: entered promiscuous mode [ 212.368890][ T7853] veth0_macvtap: entered promiscuous mode [ 212.391001][ T7853] veth1_macvtap: entered promiscuous mode [ 212.437178][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.453730][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.475040][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.499990][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.532727][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.554298][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.566652][ T7853] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 212.608328][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.639672][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.665451][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.694426][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.715797][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.752066][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.778181][ T7853] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 212.817619][ T7853] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.846759][ T7853] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.867273][ T7853] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.885423][ T7853] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.102382][ T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 213.143107][ T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 213.193229][ T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 213.216823][ T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 213.454963][ T8169] FAULT_INJECTION: forcing a failure. [ 213.454963][ T8169] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 213.482235][ T8169] CPU: 1 UID: 0 PID: 8169 Comm: syz.0.519 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0 [ 213.492917][ T8169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 213.503035][ T8169] Call Trace: [ 213.506362][ T8169] [ 213.509343][ T8169] dump_stack_lvl+0x16c/0x1f0 [ 213.514095][ T8169] should_fail_ex+0x497/0x5b0 [ 213.518852][ T8169] _copy_to_user+0x32/0xd0 [ 213.523339][ T8169] simple_read_from_buffer+0xd0/0x160 [ 213.528806][ T8169] proc_fail_nth_read+0x198/0x270 [ 213.533909][ T8169] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 213.539538][ T8169] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 213.545162][ T8169] vfs_read+0x1df/0xbe0 [ 213.549390][ T8169] ? __fget_files+0x23a/0x3f0 [ 213.554130][ T8169] ? fdget_pos+0x24c/0x360 [ 213.558606][ T8169] ? __pfx_lock_release+0x10/0x10 [ 213.563695][ T8169] ? trace_lock_acquire+0x14a/0x1d0 [ 213.568936][ T8169] ? __pfx_vfs_read+0x10/0x10 [ 213.573646][ T8169] ? __pfx___mutex_lock+0x10/0x10 [ 213.578716][ T8169] ? __fget_files+0x244/0x3f0 [ 213.583436][ T8169] ksys_read+0x12f/0x260 [ 213.587713][ T8169] ? __pfx_ksys_read+0x10/0x10 [ 213.592511][ T8169] ? syscall_user_dispatch+0x77/0x140 [ 213.597944][ T8169] do_syscall_64+0xcd/0x250 [ 213.602483][ T8169] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.608420][ T8169] RIP: 0033:0x7fe2c0d7d15c [ 213.612881][ T8169] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 213.632532][ T8169] RSP: 002b:00007fe2c1bd8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 213.640987][ T8169] RAX: ffffffffffffffda RBX: 00007fe2c0f35f80 RCX: 00007fe2c0d7d15c [ 213.648991][ T8169] RDX: 000000000000000f RSI: 00007fe2c1bd80a0 RDI: 0000000000000003 [ 213.656996][ T8169] RBP: 00007fe2c1bd8090 R08: 0000000000000000 R09: 0000000000000000 [ 213.664999][ T8169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 213.672999][ T8169] R13: 0000000000000000 R14: 00007fe2c0f35f80 R15: 00007ffe0d936378 [ 213.681022][ T8169] [ 217.525775][ T8248] netlink: 28 bytes leftover after parsing attributes in process `syz.0.602'. [ 217.536317][ T8247] netlink: 24 bytes leftover after parsing attributes in process `syz.3.603'. [ 217.783433][ T8247] ptrace attach of "./syz-executor exec"[5851] was attempted by ""[8247] [ 220.996010][ T8326] netlink: 306 bytes leftover after parsing attributes in process `syz.2.624'. [ 221.107239][ T8320] netlink: 64 bytes leftover after parsing attributes in process `syz.3.621'. [ 222.538339][ T8353] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 225.244013][ T8385] netlink: 342 bytes leftover after parsing attributes in process `syz.2.642'. [ 234.187216][ T8516] Process accounting resumed [ 242.353456][ T8613] FAULT_INJECTION: forcing a failure. [ 242.353456][ T8613] name failslab, interval 1, probability 0, space 0, times 0 [ 242.422154][ T8613] CPU: 1 UID: 0 PID: 8613 Comm: syz.4.705 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0 [ 242.432847][ T8613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 242.442962][ T8613] Call Trace: [ 242.446285][ T8613] [ 242.449260][ T8613] dump_stack_lvl+0x16c/0x1f0 [ 242.454018][ T8613] should_fail_ex+0x497/0x5b0 [ 242.458768][ T8613] ? fs_reclaim_acquire+0xae/0x150 [ 242.463951][ T8613] should_failslab+0xc2/0x120 [ 242.468707][ T8613] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 242.474149][ T8613] ? __thp_vma_allowable_orders+0x1ca/0xb30 [ 242.480214][ T8613] ? __pmd_alloc+0xc3/0x860 [ 242.484816][ T8613] __pmd_alloc+0xc3/0x860 [ 242.489305][ T8613] __handle_mm_fault+0x942/0x2a10 [ 242.494413][ T8613] ? __pfx_mt_find+0x10/0x10 [ 242.499070][ T8613] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 242.504778][ T8613] ? __pfx___handle_mm_fault+0x10/0x10 [ 242.510329][ T8613] ? find_vma+0xc0/0x140 [ 242.514637][ T8613] ? __pfx_find_vma+0x10/0x10 [ 242.519383][ T8613] handle_mm_fault+0x3fa/0xaa0 [ 242.524237][ T8613] do_user_addr_fault+0x7a3/0x13f0 [ 242.529452][ T8613] exc_page_fault+0x5c/0xc0 [ 242.534025][ T8613] asm_exc_page_fault+0x26/0x30 [ 242.538944][ T8613] RIP: 0010:rep_movs_alternative+0x13/0x70 [ 242.544802][ T8613] Code: cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 83 f9 40 73 40 83 f9 08 73 21 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f [ 242.564638][ T8613] RSP: 0018:ffffc90010127bc0 EFLAGS: 00050202 [ 242.570765][ T8613] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000002 [ 242.578767][ T8613] RDX: ffffed100ffe408c RSI: 0000000000000000 RDI: ffff88807ff20460 [ 242.586763][ T8613] RBP: 0000000000000002 R08: 0000000000000001 R09: ffffed100ffe408c [ 242.594760][ T8613] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000 [ 242.602770][ T8613] R13: ffff88807ff20460 R14: 0000000000000000 R15: 0000000000000002 [ 242.610792][ T8613] _copy_from_user+0x9a/0xd0 [ 242.615438][ T8613] sctp_setsockopt+0x422/0xb880 [ 242.620335][ T8613] ? __pfx_sctp_setsockopt+0x10/0x10 [ 242.625667][ T8613] ? __pfx_aa_sk_perm+0x10/0x10 [ 242.630568][ T8613] ? sock_common_setsockopt+0x2e/0xf0 [ 242.635981][ T8613] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 242.641917][ T8613] do_sock_setsockopt+0x222/0x480 [ 242.646982][ T8613] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 242.652583][ T8613] ? fdget+0x176/0x210 [ 242.656696][ T8613] __sys_setsockopt+0x1a4/0x270 [ 242.661578][ T8613] ? __pfx___sys_setsockopt+0x10/0x10 [ 242.666979][ T8613] ? fput+0x30/0x390 [ 242.670946][ T8613] ? ksys_write+0x1ad/0x260 [ 242.675490][ T8613] ? __pfx_ksys_write+0x10/0x10 [ 242.680381][ T8613] __x64_sys_setsockopt+0xbd/0x160 [ 242.685524][ T8613] ? do_syscall_64+0x91/0x250 [ 242.690229][ T8613] ? lockdep_hardirqs_on+0x7c/0x110 [ 242.695476][ T8613] do_syscall_64+0xcd/0x250 [ 242.700034][ T8613] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.705978][ T8613] RIP: 0033:0x7f4fb497e719 [ 242.710421][ T8613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 242.730146][ T8613] RSP: 002b:00007f4fb5789038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 242.738594][ T8613] RAX: ffffffffffffffda RBX: 00007f4fb4b35f80 RCX: 00007f4fb497e719 [ 242.746600][ T8613] RDX: 0000000000000018 RSI: 0000000000000084 RDI: 0000000000000003 [ 242.754618][ T8613] RBP: 00007f4fb5789090 R08: 0000000000000002 R09: 0000000000000000 [ 242.762616][ T8613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 242.770616][ T8613] R13: 0000000000000000 R14: 00007f4fb4b35f80 R15: 00007ffd493e4418 [ 242.778630][ T8613] [ 244.251968][ T8647] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 244.964372][ T8656] FAULT_INJECTION: forcing a failure. [ 244.964372][ T8656] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 245.078073][ T8656] CPU: 0 UID: 0 PID: 8656 Comm: syz.0.716 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0 [ 245.088940][ T8656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 245.099045][ T8656] Call Trace: [ 245.102360][ T8656] [ 245.105342][ T8656] dump_stack_lvl+0x16c/0x1f0 [ 245.110081][ T8656] should_fail_ex+0x497/0x5b0 [ 245.114817][ T8656] ? fs_reclaim_acquire+0xae/0x150 [ 245.120000][ T8656] should_fail_alloc_page+0xe7/0x130 [ 245.125392][ T8656] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 245.131617][ T8656] ? hlock_class+0x4e/0x130 [ 245.136189][ T8656] __alloc_pages_noprof+0x190/0x25a0 [ 245.141640][ T8656] ? stack_trace_save+0x95/0xd0 [ 245.146559][ T8656] ? __pfx_stack_trace_save+0x10/0x10 [ 245.151995][ T8656] ? stack_depot_save_flags+0x28/0x900 [ 245.157516][ T8656] ? rcu_is_watching+0x12/0xc0 [ 245.162347][ T8656] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 245.168152][ T8656] ? hlock_class+0x4e/0x130 [ 245.172743][ T8656] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 245.178714][ T8656] ? policy_nodemask+0xea/0x4e0 [ 245.183676][ T8656] alloc_pages_mpol_noprof+0x2c9/0x610 [ 245.189222][ T8656] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 245.195318][ T8656] ? find_held_lock+0x2d/0x110 [ 245.200167][ T8656] ? __pmd_alloc+0x37b/0x860 [ 245.204844][ T8656] pte_alloc_one+0x20/0x390 [ 245.209409][ T8656] do_pte_missing+0x1afd/0x3e70 [ 245.214343][ T8656] ? do_raw_spin_unlock+0x172/0x230 [ 245.219604][ T8656] ? __pmd_alloc+0x380/0x860 [ 245.224265][ T8656] __handle_mm_fault+0x100a/0x2a10 [ 245.229467][ T8656] ? __pfx_mt_find+0x10/0x10 [ 245.234115][ T8656] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 245.239823][ T8656] ? __pfx___handle_mm_fault+0x10/0x10 [ 245.245373][ T8656] ? find_vma+0xc0/0x140 [ 245.249768][ T8656] ? __pfx_find_vma+0x10/0x10 [ 245.254513][ T8656] handle_mm_fault+0x3fa/0xaa0 [ 245.259358][ T8656] do_user_addr_fault+0x7a3/0x13f0 [ 245.264558][ T8656] exc_page_fault+0x5c/0xc0 [ 245.269134][ T8656] asm_exc_page_fault+0x26/0x30 [ 245.274059][ T8656] RIP: 0010:rep_movs_alternative+0x13/0x70 [ 245.279938][ T8656] Code: cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 83 f9 40 73 40 83 f9 08 73 21 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f [ 245.299610][ T8656] RSP: 0018:ffffc900163ffbc0 EFLAGS: 00050202 [ 245.305742][ T8656] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000002 [ 245.313764][ T8656] RDX: ffffed100498e304 RSI: 0000000000000000 RDI: ffff888024c71820 [ 245.321791][ T8656] RBP: 0000000000000002 R08: 0000000000000001 R09: ffffed100498e304 [ 245.329822][ T8656] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000 [ 245.337843][ T8656] R13: ffff888024c71820 R14: 0000000000000000 R15: 0000000000000002 [ 245.345891][ T8656] _copy_from_user+0x9a/0xd0 [ 245.350551][ T8656] sctp_setsockopt+0x422/0xb880 [ 245.355518][ T8656] ? __pfx_sctp_setsockopt+0x10/0x10 [ 245.360903][ T8656] ? __pfx_aa_sk_perm+0x10/0x10 [ 245.365859][ T8656] ? sock_common_setsockopt+0x2e/0xf0 [ 245.371329][ T8656] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 245.377404][ T8656] do_sock_setsockopt+0x222/0x480 [ 245.382511][ T8656] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 245.388159][ T8656] ? fdget+0x176/0x210 [ 245.392326][ T8656] __sys_setsockopt+0x1a4/0x270 [ 245.397258][ T8656] ? __pfx___sys_setsockopt+0x10/0x10 [ 245.402702][ T8656] ? fput+0x30/0x390 [ 245.406696][ T8656] ? ksys_write+0x1ad/0x260 [ 245.411281][ T8656] ? __pfx_ksys_write+0x10/0x10 [ 245.416215][ T8656] __x64_sys_setsockopt+0xbd/0x160 [ 245.421476][ T8656] ? do_syscall_64+0x91/0x250 [ 245.426217][ T8656] ? lockdep_hardirqs_on+0x7c/0x110 [ 245.431498][ T8656] do_syscall_64+0xcd/0x250 [ 245.436065][ T8656] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.442038][ T8656] RIP: 0033:0x7fe2c0d7e719 [ 245.446512][ T8656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 245.466312][ T8656] RSP: 002b:00007fe2c1bd8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 245.474799][ T8656] RAX: ffffffffffffffda RBX: 00007fe2c0f35f80 RCX: 00007fe2c0d7e719 [ 245.482860][ T8656] RDX: 0000000000000018 RSI: 0000000000000084 RDI: 0000000000000003 [ 245.490897][ T8656] RBP: 00007fe2c1bd8090 R08: 0000000000000002 R09: 0000000000000000 [ 245.498935][ T8656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 245.506970][ T8656] R13: 0000000000000000 R14: 00007fe2c0f35f80 R15: 00007ffe0d936378 [ 245.515026][ T8656] [ 247.774396][ T8676] kexec: Could not allocate control_code_buffer [ 253.608666][ T8771] nbd: must specify an index to disconnect [ 256.867360][ T8806] delete_channel: no stack [ 257.568746][ T8815] netlink: 28 bytes leftover after parsing attributes in process `syz.4.755'. [ 257.658601][ T8816] kernel read not supported for file /#)-\&[} (pid: 8816 comm: syz.0.756) [ 257.667678][ T30] audit: type=1804 audit(68636.210:2): pid=8816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.756" name="#)-\&[}" dev="mqueue" ino=18767 res=1 errno=0 [ 257.725512][ T30] audit: type=1800 audit(68636.290:3): pid=8816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.756" name="#)-\&[}" dev="mqueue" ino=18767 res=0 errno=0 [ 261.006147][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.012537][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 264.444434][ T8925] netlink: 172 bytes leftover after parsing attributes in process `syz.0.787'. [ 265.637790][ T8943] FAULT_INJECTION: forcing a failure. [ 265.637790][ T8943] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 265.665476][ T8943] CPU: 0 UID: 0 PID: 8943 Comm: syz.4.794 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0 [ 265.676161][ T8943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 265.686338][ T8943] Call Trace: [ 265.689666][ T8943] [ 265.692619][ T8943] dump_stack_lvl+0x16c/0x1f0 [ 265.697338][ T8943] should_fail_ex+0x497/0x5b0 [ 265.702054][ T8943] _copy_from_user+0x2e/0xd0 [ 265.706693][ T8943] copy_msghdr_from_user+0x99/0x160 [ 265.711936][ T8943] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 265.717785][ T8943] ? __pfx___lock_acquire+0x10/0x10 [ 265.723045][ T8943] ___sys_sendmsg+0xff/0x1e0 [ 265.727673][ T8943] ? __pfx____sys_sendmsg+0x10/0x10 [ 265.732919][ T8943] ? lock_acquire+0x2f/0xb0 [ 265.737465][ T8943] ? __fget_files+0x40/0x3f0 [ 265.742099][ T8943] ? fdget+0x176/0x210 [ 265.746206][ T8943] __sys_sendmsg+0x117/0x1f0 [ 265.750828][ T8943] ? __pfx___sys_sendmsg+0x10/0x10 [ 265.755969][ T8943] ? __fget_files+0x244/0x3f0 [ 265.760704][ T8943] do_syscall_64+0xcd/0x250 [ 265.765250][ T8943] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.771199][ T8943] RIP: 0033:0x7f4fb497e719 [ 265.775644][ T8943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 265.795291][ T8943] RSP: 002b:00007f4fb5789038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 265.803780][ T8943] RAX: ffffffffffffffda RBX: 00007f4fb4b35f80 RCX: 00007f4fb497e719 [ 265.811808][ T8943] RDX: 0000000004000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 265.819891][ T8943] RBP: 00007f4fb5789090 R08: 0000000000000000 R09: 0000000000000000 [ 265.827908][ T8943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 265.835942][ T8943] R13: 0000000000000000 R14: 00007f4fb4b35f80 R15: 00007ffd493e4418 [ 265.843953][ T8943] [ 268.251725][ T9000] FAULT_INJECTION: forcing a failure. [ 268.251725][ T9000] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 268.306914][ T9000] CPU: 1 UID: 0 PID: 9000 Comm: syz.4.810 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0 [ 268.317607][ T9000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 268.327721][ T9000] Call Trace: [ 268.331061][ T9000] [ 268.334110][ T9000] dump_stack_lvl+0x16c/0x1f0 [ 268.338877][ T9000] should_fail_ex+0x497/0x5b0 [ 268.343624][ T9000] _copy_to_user+0x32/0xd0 [ 268.348114][ T9000] simple_read_from_buffer+0xd0/0x160 [ 268.354094][ T9000] proc_fail_nth_read+0x198/0x270 [ 268.359211][ T9000] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 268.364853][ T9000] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 268.370504][ T9000] vfs_read+0x1df/0xbe0 [ 268.374736][ T9000] ? __fget_files+0x23a/0x3f0 [ 268.379575][ T9000] ? fdget_pos+0x24c/0x360 [ 268.384071][ T9000] ? __pfx_lock_release+0x10/0x10 [ 268.389185][ T9000] ? trace_lock_acquire+0x14a/0x1d0 [ 268.394469][ T9000] ? __pfx_vfs_read+0x10/0x10 [ 268.399230][ T9000] ? __pfx___mutex_lock+0x10/0x10 [ 268.404343][ T9000] ? __fget_files+0x244/0x3f0 [ 268.409121][ T9000] ksys_read+0x12f/0x260 [ 268.413438][ T9000] ? __pfx_ksys_read+0x10/0x10 [ 268.418295][ T9000] do_syscall_64+0xcd/0x250 [ 268.422918][ T9000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.428906][ T9000] RIP: 0033:0x7f4fb497d15c [ 268.433384][ T9000] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 268.453075][ T9000] RSP: 002b:00007f4fb5789030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 268.461576][ T9000] RAX: ffffffffffffffda RBX: 00007f4fb4b35f80 RCX: 00007f4fb497d15c [ 268.469620][ T9000] RDX: 000000000000000f RSI: 00007f4fb57890a0 RDI: 000000000000001a [ 268.477731][ T9000] RBP: 00007f4fb5789090 R08: 0000000000000000 R09: 0000000000000000 [ 268.485760][ T9000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 268.493783][ T9000] R13: 0000000000000000 R14: 00007f4fb4b35f80 R15: 00007ffd493e4418 [ 268.501833][ T9000] [ 270.817852][ T9038] svc: failed to register nfsdv3 RPC service (errno 111). [ 270.826988][ T9038] svc: failed to register nfsaclv3 RPC service (errno 111). [ 271.951310][ T9069] Invalid ELF header magic: != ELF [ 273.243249][ T9090] FAULT_INJECTION: forcing a failure. [ 273.243249][ T9090] name failslab, interval 1, probability 0, space 0, times 0 [ 273.324600][ T9090] CPU: 1 UID: 0 PID: 9090 Comm: syz.0.837 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0 [ 273.335285][ T9090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 273.345402][ T9090] Call Trace: [ 273.348770][ T9090] [ 273.351761][ T9090] dump_stack_lvl+0x16c/0x1f0 [ 273.356505][ T9090] should_fail_ex+0x497/0x5b0 [ 273.361243][ T9090] should_failslab+0xc2/0x120 [ 273.366006][ T9090] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 273.371450][ T9090] ? skb_clone+0x190/0x3f0 [ 273.375935][ T9090] skb_clone+0x190/0x3f0 [ 273.380256][ T9090] netlink_deliver_tap+0xb26/0xcf0 [ 273.385541][ T9090] netlink_unicast+0x5e1/0x7f0 [ 273.390391][ T9090] ? __pfx_netlink_unicast+0x10/0x10 [ 273.395764][ T9090] ? __phys_addr_symbol+0x30/0x80 [ 273.400859][ T9090] ? __check_object_size+0x488/0x710 [ 273.406207][ T9090] netlink_sendmsg+0x8b8/0xd70 [ 273.411044][ T9090] ? __pfx_netlink_sendmsg+0x10/0x10 [ 273.416450][ T9090] ____sys_sendmsg+0x9ae/0xb40 [ 273.421302][ T9090] ? copy_msghdr_from_user+0x10b/0x160 [ 273.426823][ T9090] ? __pfx_____sys_sendmsg+0x10/0x10 [ 273.432259][ T9090] ? __pfx___lock_acquire+0x10/0x10 [ 273.437544][ T9090] ___sys_sendmsg+0x135/0x1e0 [ 273.442724][ T9090] ? __pfx____sys_sendmsg+0x10/0x10 [ 273.448038][ T9090] ? lock_acquire+0x2f/0xb0 [ 273.452696][ T9090] ? __fget_files+0x40/0x3f0 [ 273.457380][ T9090] ? fdget+0x176/0x210 [ 273.461520][ T9090] __sys_sendmsg+0x117/0x1f0 [ 273.466175][ T9090] ? __pfx___sys_sendmsg+0x10/0x10 [ 273.471523][ T9090] ? __fget_files+0x244/0x3f0 [ 273.476288][ T9090] do_syscall_64+0xcd/0x250 [ 273.480853][ T9090] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.486824][ T9090] RIP: 0033:0x7fe2c0d7e719 [ 273.491292][ T9090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.510969][ T9090] RSP: 002b:00007fe2c1bd8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 273.519447][ T9090] RAX: ffffffffffffffda RBX: 00007fe2c0f35f80 RCX: 00007fe2c0d7e719 [ 273.527519][ T9090] RDX: 0000000004000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 273.535549][ T9090] RBP: 00007fe2c1bd8090 R08: 0000000000000000 R09: 0000000000000000 [ 273.543591][ T9090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 273.551628][ T9090] R13: 0000000000000000 R14: 00007fe2c0f35f80 R15: 00007ffe0d936378 [ 273.559676][ T9090] [ 273.696721][ T9087] netlink: 272 bytes leftover after parsing attributes in process `syz.4.836'. [ 273.715321][ T9087] openvswitch: netlink: ufid size 88 bytes exceeds the range (1, 16) [ 273.723465][ T9087] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 274.136466][ T9104] netlink: 20 bytes leftover after parsing attributes in process `syz.2.841'. [ 277.055845][ T9162] sctp: [Deprecated]: syz.0.858 (pid 9162) Use of int in max_burst socket option deprecated. [ 277.055845][ T9162] Use struct sctp_assoc_value instead [ 277.367826][ T9168] cifs: Unknown parameter 'n' [ 277.905373][ T9182] svc: failed to register nfsdv3 RPC service (errno 111). [ 277.929092][ T9182] svc: failed to register nfsaclv3 RPC service (errno 111). [ 287.776737][ T9407] netlink: 4 bytes leftover after parsing attributes in process `syz.4.918'. [ 288.166285][ T2999] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.441157][ T2999] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.693367][ T2999] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.751346][ T5850] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 288.761629][ T5850] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 288.769848][ T5850] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 288.778289][ T5850] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 288.787318][ T5850] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 288.794956][ T5850] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 289.195101][ T2999] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.244267][ T9434] netlink: 4 bytes leftover after parsing attributes in process `syz.3.931'. [ 289.254050][ T9434] macvtap0: entered promiscuous mode [ 289.266464][ T9434] macvtap0: entered allmulticast mode [ 289.281077][ T9434] veth0_macvtap: entered allmulticast mode [ 289.569365][ T9448] netlink: 8 bytes leftover after parsing attributes in process `syz.3.933'. [ 289.736052][ T2999] bridge_slave_1: left allmulticast mode [ 289.741803][ T2999] bridge_slave_1: left promiscuous mode [ 289.784092][ T2999] bridge0: port 2(bridge_slave_1) entered disabled state [ 289.815129][ T2999] bridge_slave_0: left allmulticast mode [ 289.821558][ T2999] bridge_slave_0: left promiscuous mode [ 289.855574][ T2999] bridge0: port 1(bridge_slave_0) entered disabled state [ 289.863277][ T9461] netlink: 208 bytes leftover after parsing attributes in process `syz.3.935'. [ 290.282979][ T9469] svc: failed to register nfsdv3 RPC service (errno 111). [ 290.313067][ T9469] svc: failed to register nfsaclv3 RPC service (errno 111). [ 290.854384][ T5850] Bluetooth: hci2: command tx timeout [ 290.973255][ T2999] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 291.017342][ T2999] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 291.041323][ T2999] bond0 (unregistering): Released all slaves [ 291.370954][ T9428] chnl_net:caif_netlink_parms(): no params data found [ 292.060790][ T2999] hsr_slave_0: left promiscuous mode [ 292.185435][ T2999] hsr_slave_1: left promiscuous mode [ 292.221161][ T2999] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 292.230532][ T2999] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 292.239430][ T2999] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 292.286942][ T2999] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 292.329232][ T2999] veth1_macvtap: left promiscuous mode [ 292.334956][ T2999] veth0_macvtap: left promiscuous mode [ 292.347513][ T2999] veth1_vlan: left promiscuous mode [ 292.352899][ T2999] veth0_vlan: left promiscuous mode [ 292.917620][ T5850] Bluetooth: hci2: command tx timeout [ 292.994927][ T2999] team0 (unregistering): Port device team_slave_1 removed [ 293.036463][ T2999] team0 (unregistering): Port device team_slave_0 removed [ 293.498618][ T9534] netlink: 2 bytes leftover after parsing attributes in process `syz.2.951'. [ 293.544666][ T9428] bridge0: port 1(bridge_slave_0) entered blocking state [ 293.567873][ T9428] bridge0: port 1(bridge_slave_0) entered disabled state [ 293.579212][ T9428] bridge_slave_0: entered allmulticast mode [ 293.587286][ T9428] bridge_slave_0: entered promiscuous mode [ 293.596368][ T9428] bridge0: port 2(bridge_slave_1) entered blocking state [ 293.603681][ T9428] bridge0: port 2(bridge_slave_1) entered disabled state [ 293.635152][ T9428] bridge_slave_1: entered allmulticast mode [ 293.643371][ T9428] bridge_slave_1: entered promiscuous mode [ 293.784721][ T9428] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 293.805255][ T5850] Bluetooth: hci1: command 0x0406 tx timeout [ 293.849087][ T9428] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 294.043104][ T9428] team0: Port device team_slave_0 added [ 294.079087][ T9428] team0: Port device team_slave_1 added [ 294.335923][ T9428] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 294.342938][ T9428] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 294.396455][ T5850] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 294.432914][ T5850] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 294.484107][ T9428] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 294.510175][ T9428] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 294.565336][ T9428] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 294.626304][ T5850] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 294.634943][ T5850] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 294.643114][ T5850] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 294.650870][ T5850] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 294.665718][ T9428] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 294.919847][ T9428] hsr_slave_0: entered promiscuous mode [ 294.946382][ T9428] hsr_slave_1: entered promiscuous mode [ 294.963936][ T9428] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 294.995568][ T9428] Cannot create hsr debugfs directory [ 295.001422][ T5850] Bluetooth: hci2: command tx timeout [ 295.262013][ T2999] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.399972][ T2999] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.577032][ T2999] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.657348][ T9552] chnl_net:caif_netlink_parms(): no params data found [ 295.721885][ T2999] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.126162][ T9552] bridge0: port 1(bridge_slave_0) entered blocking state [ 296.143768][ T9552] bridge0: port 1(bridge_slave_0) entered disabled state [ 296.164921][ T9552] bridge_slave_0: entered allmulticast mode [ 296.196669][ T9552] bridge_slave_0: entered promiscuous mode [ 296.219035][ T9552] bridge0: port 2(bridge_slave_1) entered blocking state [ 296.235625][ T9552] bridge0: port 2(bridge_slave_1) entered disabled state [ 296.242959][ T9552] bridge_slave_1: entered allmulticast mode [ 296.276867][ T9552] bridge_slave_1: entered promiscuous mode [ 296.756136][ T5850] Bluetooth: hci3: command tx timeout [ 296.863207][ T9552] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 296.890961][ T2999] bridge_slave_1: left allmulticast mode [ 296.898211][ T2999] bridge_slave_1: left promiscuous mode [ 296.904528][ T2999] bridge0: port 2(bridge_slave_1) entered disabled state [ 296.918204][ T2999] bridge_slave_0: left allmulticast mode [ 296.925149][ T2999] bridge_slave_0: left promiscuous mode [ 296.937270][ T2999] bridge0: port 1(bridge_slave_0) entered disabled state [ 297.075540][ T5850] Bluetooth: hci2: command tx timeout [ 297.539571][ T2999] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 297.552533][ T2999] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 297.568929][ T2999] bond0 (unregistering): Released all slaves [ 297.645003][ T9552] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 297.790030][ T2999] : left promiscuous mode [ 297.943869][ T9552] team0: Port device team_slave_0 added [ 298.000579][ T9552] team0: Port device team_slave_1 added [ 298.088358][ T9631] netlink: 8 bytes leftover after parsing attributes in process `syz.4.971'. [ 298.307560][ T9552] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 298.314596][ T9552] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 298.351235][ T9552] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 298.419687][ T9552] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 298.437661][ T9552] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 298.505326][ T9552] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 298.735578][ T2999] hsr_slave_0: left promiscuous mode [ 298.744004][ T2999] hsr_slave_1: left promiscuous mode [ 298.766056][ T2999] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 298.776835][ T2999] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 298.795158][ T2999] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 298.802730][ T2999] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 298.836151][ T5850] Bluetooth: hci3: command tx timeout [ 298.837611][ T2999] veth1_macvtap: left promiscuous mode [ 298.857624][ T2999] veth0_macvtap: left allmulticast mode [ 298.863709][ T2999] veth0_macvtap: left promiscuous mode [ 298.879825][ T2999] veth1_vlan: left promiscuous mode [ 298.889873][ T2999] veth0_vlan: left promiscuous mode [ 299.599341][ T2999] team0 (unregistering): Port device team_slave_1 removed [ 299.646522][ T2999] team0 (unregistering): Port device team_slave_0 removed [ 300.072289][ T9428] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 300.143546][ T9428] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 300.176170][ T9552] hsr_slave_0: entered promiscuous mode [ 300.215520][ T9552] hsr_slave_1: entered promiscuous mode [ 300.225104][ T9552] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 300.239898][ T9552] Cannot create hsr debugfs directory [ 300.276320][ T9428] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 300.288231][ T9428] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 300.916746][ T5850] Bluetooth: hci3: command tx timeout [ 300.988467][ T9674] svc: failed to register nfsdv3 RPC service (errno 111). [ 301.052102][ T9674] svc: failed to register nfsaclv3 RPC service (errno 111). [ 301.180663][ T9428] 8021q: adding VLAN 0 to HW filter on device bond0 [ 301.367251][ T9685] netlink: 256 bytes leftover after parsing attributes in process `syz.2.979'. [ 301.468913][ T9428] 8021q: adding VLAN 0 to HW filter on device team0 [ 301.536174][ T2999] bridge0: port 1(bridge_slave_0) entered blocking state [ 301.543451][ T2999] bridge0: port 1(bridge_slave_0) entered forwarding state [ 301.578396][ T29] bridge0: port 2(bridge_slave_1) entered blocking state [ 301.585632][ T29] bridge0: port 2(bridge_slave_1) entered forwarding state [ 301.788567][ T9552] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 301.872675][ T9552] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 301.933317][ T9552] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 301.972930][ T9552] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 302.333432][ T9428] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 302.430923][ T9552] 8021q: adding VLAN 0 to HW filter on device bond0 [ 302.546943][ T9552] 8021q: adding VLAN 0 to HW filter on device team0 [ 302.594400][ T67] bridge0: port 1(bridge_slave_0) entered blocking state [ 302.601619][ T67] bridge0: port 1(bridge_slave_0) entered forwarding state [ 302.675057][ T67] bridge0: port 2(bridge_slave_1) entered blocking state [ 302.682309][ T67] bridge0: port 2(bridge_slave_1) entered forwarding state [ 302.771068][ T9428] veth0_vlan: entered promiscuous mode [ 302.853859][ T9428] veth1_vlan: entered promiscuous mode [ 302.883719][ T9428] veth0_macvtap: entered promiscuous mode [ 302.895594][ T9428] veth1_macvtap: entered promiscuous mode [ 302.914831][ T9428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 302.925634][ T9428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.935952][ T9428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 302.946919][ T9428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.960127][ T9428] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 302.971255][ T9428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 302.981929][ T9428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.992036][ T9428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 303.002883][ T5850] Bluetooth: hci3: command tx timeout [ 303.008441][ T9428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 303.019771][ T9428] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 303.031224][ T9428] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.040112][ T9428] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.048991][ T9428] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.057865][ T9428] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.495008][ T29] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 303.514795][ T29] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 303.606604][ T2999] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 303.615162][ T2999] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 303.740405][ T9552] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 304.119368][ T9552] veth0_vlan: entered promiscuous mode [ 304.330679][ T9552] veth1_vlan: entered promiscuous mode [ 304.483204][ T9552] veth0_macvtap: entered promiscuous mode [ 304.533841][ T9552] veth1_macvtap: entered promiscuous mode [ 304.645740][ T9552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 304.663402][ T9552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 304.682131][ T9552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 304.704273][ T9552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 304.725652][ T9552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 304.746992][ T9552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 304.758759][ T9552] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 304.770100][ T9552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 304.780700][ T9552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 304.790907][ T9552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 304.801814][ T9552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 304.811867][ T9552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 304.822547][ T9552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 304.837071][ T9552] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 304.848091][ T9552] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.856983][ T9552] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.865811][ T9552] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.874585][ T9552] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 305.097196][ T2939] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 305.135307][ T2939] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 305.258933][ T9789] netlink: 'syz.4.997': attribute type 1 has an invalid length. [ 305.266707][ T9789] netlink: 48 bytes leftover after parsing attributes in process `syz.4.997'. [ 305.267094][ T3538] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 305.301812][ T3538] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 306.351536][ T9816] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1002'. [ 306.552988][ T9828] HSR: entered promiscuous mode [ 315.729281][ T52] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 316.769664][ T52] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 316.986128][T10025] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1044'. [ 317.382012][ T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 317.392441][ T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 317.406933][ T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 317.416112][ T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 317.424206][ T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 317.456400][ T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 317.566199][ T52] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 317.640344][T10029] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1047'. [ 317.917834][ T52] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 318.666692][ T52] bridge_slave_1: left allmulticast mode [ 318.672435][ T52] bridge_slave_1: left promiscuous mode [ 318.724750][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 318.850064][ T52] bridge_slave_0: left allmulticast mode [ 318.858830][ T52] bridge_slave_0: left promiscuous mode [ 318.864671][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 319.556455][ T54] Bluetooth: hci0: command tx timeout [ 321.346142][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 321.382894][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 321.426759][ T52] bond0 (unregistering): Released all slaves [ 321.635394][ T54] Bluetooth: hci0: command tx timeout [ 321.895305][T10027] chnl_net:caif_netlink_parms(): no params data found [ 321.916376][ T52] HSR: left promiscuous mode [ 322.156373][ T52] HfR: left promiscuous mode [ 322.438242][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.444678][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.785801][T10027] bridge0: port 1(bridge_slave_0) entered blocking state [ 322.794064][T10027] bridge0: port 1(bridge_slave_0) entered disabled state [ 322.815832][T10027] bridge_slave_0: entered allmulticast mode [ 322.852736][T10027] bridge_slave_0: entered promiscuous mode [ 323.448606][T10027] bridge0: port 2(bridge_slave_1) entered blocking state [ 323.467822][ T5850] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 323.485728][ T5850] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 323.493017][T10027] bridge0: port 2(bridge_slave_1) entered disabled state [ 323.504358][ T5850] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 323.522045][ T5850] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 323.530196][ T5850] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 323.533084][T10027] bridge_slave_1: entered allmulticast mode [ 323.544121][ T5850] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 323.606654][T10027] bridge_slave_1: entered promiscuous mode [ 323.719164][ T5850] Bluetooth: hci0: command tx timeout [ 324.069280][T10027] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 324.094889][T10027] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 324.612346][ T52] hsr_slave_0: left promiscuous mode [ 324.624661][ T52] hsr_slave_1: left promiscuous mode [ 324.706783][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 324.714287][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 324.766199][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 324.773712][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 324.876725][ T52] veth1_macvtap: left promiscuous mode [ 324.885303][ T52] veth0_macvtap: left promiscuous mode [ 324.890987][ T52] veth1_vlan: left promiscuous mode [ 324.915477][ T52] veth0_vlan: left promiscuous mode [ 325.635667][ T5850] Bluetooth: hci2: command tx timeout [ 325.795310][ T5850] Bluetooth: hci0: command tx timeout [ 326.150964][ T52] team0 (unregistering): Port device team_slave_1 removed [ 326.237570][ T52] team0 (unregistering): Port device team_slave_0 removed [ 327.023314][T10027] team0: Port device team_slave_0 added [ 327.108786][T10027] team0: Port device team_slave_1 added [ 327.192798][T10027] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 327.201137][T10027] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 327.245461][T10027] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 327.347844][T10027] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 327.354901][T10027] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 327.424936][T10027] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 327.722461][ T5850] Bluetooth: hci2: command tx timeout [ 327.736806][T10027] hsr_slave_0: entered promiscuous mode [ 327.794340][T10027] hsr_slave_1: entered promiscuous mode [ 327.869479][T10027] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 327.877540][T10027] Cannot create hsr debugfs directory [ 328.085412][T10114] chnl_net:caif_netlink_parms(): no params data found [ 328.477878][T10114] bridge0: port 1(bridge_slave_0) entered blocking state [ 328.485096][T10114] bridge0: port 1(bridge_slave_0) entered disabled state [ 328.496325][T10114] bridge_slave_0: entered allmulticast mode [ 328.504737][T10114] bridge_slave_0: entered promiscuous mode [ 328.527056][T10114] bridge0: port 2(bridge_slave_1) entered blocking state [ 328.535384][T10114] bridge0: port 2(bridge_slave_1) entered disabled state [ 328.542684][T10114] bridge_slave_1: entered allmulticast mode [ 328.568981][T10114] bridge_slave_1: entered promiscuous mode [ 328.687749][ T52] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 328.915021][ T52] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 328.948724][T10114] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 328.977550][T10114] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 329.005499][T10027] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 329.117675][ T52] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.170720][T10186] sctp: [Deprecated]: syz.3.1068 (pid 10186) Use of int in max_burst socket option deprecated. [ 329.170720][T10186] Use struct sctp_assoc_value instead [ 329.216496][T10027] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 329.341673][ T52] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.367453][T10114] team0: Port device team_slave_0 added [ 329.384818][T10114] team0: Port device team_slave_1 added [ 329.407443][T10027] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 329.420946][T10027] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 329.465881][T10114] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 329.473479][T10114] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 329.501246][T10114] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 329.578537][T10114] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 329.601961][T10114] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 329.629745][T10114] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 329.805392][ T5850] Bluetooth: hci2: command tx timeout [ 329.832004][T10114] hsr_slave_0: entered promiscuous mode [ 329.850223][T10114] hsr_slave_1: entered promiscuous mode [ 329.905477][T10114] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 329.924169][T10114] Cannot create hsr debugfs directory [ 330.082433][ T52] bridge_slave_1: left allmulticast mode [ 330.088947][ T52] bridge_slave_1: left promiscuous mode [ 330.094796][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 330.134726][ T52] bridge_slave_0: left allmulticast mode [ 330.145367][ T52] bridge_slave_0: left promiscuous mode [ 330.151181][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 330.849089][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 330.860936][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 330.875989][ T52] bond0 (unregistering): Released all slaves [ 331.491080][ T52] hsr_slave_0: left promiscuous mode [ 331.505677][ T52] hsr_slave_1: left promiscuous mode [ 331.573860][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 331.585390][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 331.606465][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 331.634303][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 331.703531][ T52] veth1_macvtap: left promiscuous mode [ 331.728349][ T52] veth0_macvtap: left promiscuous mode [ 331.734042][ T52] veth1_vlan: left promiscuous mode [ 331.750821][ T52] veth0_vlan: left promiscuous mode [ 331.875656][ T5850] Bluetooth: hci2: command tx timeout [ 333.076816][ T52] team0 (unregistering): Port device team_slave_1 removed [ 333.224903][ T52] team0 (unregistering): Port device team_slave_0 removed [ 334.263919][T10027] 8021q: adding VLAN 0 to HW filter on device bond0 [ 334.335040][T10027] 8021q: adding VLAN 0 to HW filter on device team0 [ 334.356421][ T3538] bridge0: port 1(bridge_slave_0) entered blocking state [ 334.363577][ T3538] bridge0: port 1(bridge_slave_0) entered forwarding state [ 334.387109][ T3538] bridge0: port 2(bridge_slave_1) entered blocking state [ 334.394302][ T3538] bridge0: port 2(bridge_slave_1) entered forwarding state [ 334.457560][T10027] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 334.645497][T10027] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 335.097623][T10114] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 335.141261][T10114] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 335.242258][T10114] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 335.278492][T10114] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 335.358857][T10027] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 335.573252][T10272] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.861886][T10272] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.981728][T10114] 8021q: adding VLAN 0 to HW filter on device bond0 [ 336.052331][T10272] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 336.117825][T10027] veth0_vlan: entered promiscuous mode [ 336.163139][T10272] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 336.210565][T10114] 8021q: adding VLAN 0 to HW filter on device team0 [ 336.228783][T10027] veth1_vlan: entered promiscuous mode [ 336.250164][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 336.257379][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 336.318145][ T2999] bridge0: port 2(bridge_slave_1) entered blocking state [ 336.325378][ T2999] bridge0: port 2(bridge_slave_1) entered forwarding state [ 336.418646][ T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 336.435912][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 336.444980][ T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 336.454788][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 336.463974][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 336.471566][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 336.659063][T10027] veth0_macvtap: entered promiscuous mode [ 336.671612][T10272] bridge_slave_1: left allmulticast mode [ 336.681681][T10272] bridge_slave_1: left promiscuous mode [ 336.692330][T10272] bridge0: port 2(bridge_slave_1) entered disabled state [ 336.705067][T10272] bridge_slave_0: left allmulticast mode [ 336.734990][T10272] bridge_slave_0: left promiscuous mode [ 336.750420][T10272] bridge0: port 1(bridge_slave_0) entered disabled state [ 337.470426][T10272] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 337.510322][T10272] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 337.523186][T10272] bond0 (unregistering): Released all slaves [ 337.559084][T10027] veth1_macvtap: entered promiscuous mode [ 337.613371][T10272] HSR: left promiscuous mode [ 337.755556][T10027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 337.778462][T10027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.789494][T10027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 337.815318][T10027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.866719][T10027] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 337.918343][T10027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.975282][T10027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 338.015275][T10027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 338.035318][T10027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 338.056669][T10027] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 338.276934][T10027] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 338.304249][T10027] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 338.337460][T10027] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 338.375286][T10027] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 338.536000][ T5850] Bluetooth: hci1: command tx timeout [ 338.681142][T10114] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 338.791878][T10272] hsr_slave_0: left promiscuous mode [ 338.804717][T10272] hsr_slave_1: left promiscuous mode [ 338.834754][T10272] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 338.865360][T10272] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 338.887049][T10272] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 338.894570][T10272] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 338.971747][T10272] veth1_macvtap: left promiscuous mode [ 338.985437][T10272] veth0_macvtap: left promiscuous mode [ 338.991137][T10272] veth1_vlan: left promiscuous mode [ 339.002141][T10272] veth0_vlan: left promiscuous mode [ 340.030105][T10272] team0 (unregistering): Port device team_slave_1 removed [ 340.116387][T10272] team0 (unregistering): Port device team_slave_0 removed [ 340.601731][ T5850] Bluetooth: hci1: command tx timeout [ 341.254192][ T29] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 341.266471][ T29] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 341.413827][T10271] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 341.474088][T10114] veth0_vlan: entered promiscuous mode [ 341.487129][T10271] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 341.554957][T10114] veth1_vlan: entered promiscuous mode [ 341.709314][T10299] chnl_net:caif_netlink_parms(): no params data found [ 341.743696][T10114] veth0_macvtap: entered promiscuous mode [ 341.802043][T10114] veth1_macvtap: entered promiscuous mode [ 342.261386][T10114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 342.283134][T10114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.305696][T10114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 342.325483][T10114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.337810][T10114] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 342.358442][T10374] netlink: 326 bytes leftover after parsing attributes in process `syz.5.1043'. [ 342.396061][T10299] bridge0: port 1(bridge_slave_0) entered blocking state [ 342.418436][T10299] bridge0: port 1(bridge_slave_0) entered disabled state [ 342.437382][T10299] bridge_slave_0: entered allmulticast mode [ 342.445015][T10299] bridge_slave_0: entered promiscuous mode [ 342.506934][T10299] bridge0: port 2(bridge_slave_1) entered blocking state [ 342.527205][T10299] bridge0: port 2(bridge_slave_1) entered disabled state [ 342.548154][T10299] bridge_slave_1: entered allmulticast mode [ 342.565888][T10299] bridge_slave_1: entered promiscuous mode [ 342.597600][T10114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 342.609707][T10114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.623175][T10114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 342.641238][T10114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.661410][T10114] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 342.675434][ T5850] Bluetooth: hci1: command tx timeout [ 342.748434][T10299] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 342.759918][T10379] svc: failed to register nfsdv3 RPC service (errno 111). [ 342.788661][T10114] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 342.801699][T10379] svc: failed to register nfsaclv3 RPC service (errno 111). [ 342.815311][T10114] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 342.846657][T10114] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 342.873657][T10114] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 342.907758][T10299] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 343.068402][T10299] team0: Port device team_slave_0 added [ 343.080405][T10299] team0: Port device team_slave_1 added [ 343.132919][T10299] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 343.155980][T10299] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 343.209008][T10299] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 343.247929][T10299] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 343.254977][T10299] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 343.317710][T10299] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 343.530001][T10299] hsr_slave_0: entered promiscuous mode [ 343.572205][T10299] hsr_slave_1: entered promiscuous mode [ 343.715821][ T2999] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 343.744431][ T2999] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 344.020268][ T975] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 344.053166][ T975] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 344.092569][T10408] FAULT_INJECTION: forcing a failure. [ 344.092569][T10408] name failslab, interval 1, probability 0, space 0, times 0 [ 344.164232][T10408] CPU: 0 UID: 0 PID: 10408 Comm: syz.5.1106 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0 [ 344.175094][T10408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 344.185200][T10408] Call Trace: [ 344.188518][T10408] [ 344.191486][T10408] dump_stack_lvl+0x16c/0x1f0 [ 344.196227][T10408] should_fail_ex+0x497/0x5b0 [ 344.200961][T10408] ? fs_reclaim_acquire+0xae/0x150 [ 344.206144][T10408] should_failslab+0xc2/0x120 [ 344.210891][T10408] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 344.216332][T10408] ? ptlock_alloc+0x1f/0x70 [ 344.220922][T10408] ptlock_alloc+0x1f/0x70 [ 344.225321][T10408] pte_alloc_one+0x74/0x390 [ 344.229885][T10408] do_pte_missing+0x1afd/0x3e70 [ 344.234812][T10408] ? do_raw_spin_unlock+0x172/0x230 [ 344.240077][T10408] ? __pmd_alloc+0x380/0x860 [ 344.244742][T10408] __handle_mm_fault+0x100a/0x2a10 [ 344.249938][T10408] ? __pfx_mt_find+0x10/0x10 [ 344.254589][T10408] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 344.260297][T10408] ? __pfx___handle_mm_fault+0x10/0x10 [ 344.265862][T10408] ? find_vma+0xc0/0x140 [ 344.270165][T10408] ? __pfx_find_vma+0x10/0x10 [ 344.274906][T10408] handle_mm_fault+0x3fa/0xaa0 [ 344.279754][T10408] do_user_addr_fault+0x7a3/0x13f0 [ 344.284956][T10408] exc_page_fault+0x5c/0xc0 [ 344.289540][T10408] asm_exc_page_fault+0x26/0x30 [ 344.294473][T10408] RIP: 0010:rep_movs_alternative+0x30/0x70 [ 344.300355][T10408] Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 [ 344.320039][T10408] RSP: 0018:ffffc90003abfe58 EFLAGS: 00050246 [ 344.326177][T10408] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000008 [ 344.334208][T10408] RDX: fffff52000757fd7 RSI: 0000000000000000 RDI: ffffc90003abfeb0 [ 344.342245][T10408] RBP: 0000000000000008 R08: 0000000000000001 R09: fffff52000757fd6 [ 344.350280][T10408] R10: ffffc90003abfeb7 R11: 0000000000000000 R12: 0000000000000000 [ 344.358309][T10408] R13: ffffc90003abfeb0 R14: 0000000000000008 R15: 0000000000000000 [ 344.366363][T10408] _copy_from_user+0x9a/0xd0 [ 344.371024][T10408] __x64_sys_signalfd4+0x126/0x1d0 [ 344.376219][T10408] ? ksys_write+0x1ad/0x260 [ 344.380785][T10408] ? __pfx___x64_sys_signalfd4+0x10/0x10 [ 344.386505][T10408] do_syscall_64+0xcd/0x250 [ 344.391065][T10408] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.397039][T10408] RIP: 0033:0x7fc85e57e719 [ 344.401514][T10408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 344.421186][T10408] RSP: 002b:00007fc85f3a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000121 [ 344.429659][T10408] RAX: ffffffffffffffda RBX: 00007fc85e735f80 RCX: 00007fc85e57e719 [ 344.437683][T10408] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 00000000ffffffff [ 344.445703][T10408] RBP: 00007fc85f3a4090 R08: 0000000000000000 R09: 0000000000000000 [ 344.453758][T10408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 344.461779][T10408] R13: 0000000000000000 R14: 00007fc85e735f80 R15: 00007ffd04571208 [ 344.469825][T10408] [ 344.771537][ T5850] Bluetooth: hci1: command tx timeout [ 345.417629][T10299] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 345.486518][T10299] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 345.560793][T10299] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 345.608541][T10299] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 345.930654][T10299] 8021q: adding VLAN 0 to HW filter on device bond0 [ 345.998775][T10299] 8021q: adding VLAN 0 to HW filter on device team0 [ 346.048890][ T29] bridge0: port 1(bridge_slave_0) entered blocking state [ 346.056169][ T29] bridge0: port 1(bridge_slave_0) entered forwarding state [ 346.102995][ T29] bridge0: port 2(bridge_slave_1) entered blocking state [ 346.110276][ T29] bridge0: port 2(bridge_slave_1) entered forwarding state [ 346.974481][T10299] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 347.201788][T10478] FAULT_INJECTION: forcing a failure. [ 347.201788][T10478] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 347.221114][T10478] CPU: 1 UID: 0 PID: 10478 Comm: syz.3.1116 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0 [ 347.231983][T10478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 347.242097][T10478] Call Trace: [ 347.245422][T10478] [ 347.248402][T10478] dump_stack_lvl+0x16c/0x1f0 [ 347.253179][T10478] should_fail_ex+0x497/0x5b0 [ 347.257920][T10478] ? fs_reclaim_acquire+0xae/0x150 [ 347.263106][T10478] should_fail_alloc_page+0xe7/0x130 [ 347.268470][T10478] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 347.274715][T10478] __alloc_pages_noprof+0x190/0x25a0 [ 347.280095][T10478] ? __pfx_mark_lock+0x10/0x10 [ 347.284942][T10478] ? __pfx___lock_acquire+0x10/0x10 [ 347.290229][T10478] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 347.296047][T10478] ? hlock_class+0x4e/0x130 [ 347.300622][T10478] ? __lock_acquire+0xbdd/0x3ce0 [ 347.305651][T10478] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 347.311628][T10478] ? policy_nodemask+0xea/0x4e0 [ 347.316561][T10478] alloc_pages_mpol_noprof+0x2c9/0x610 [ 347.322120][T10478] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 347.328195][T10478] ? find_held_lock+0x2d/0x110 [ 347.333036][T10478] folio_alloc_mpol_noprof+0x36/0xd0 [ 347.338410][T10478] shmem_alloc_folio+0x135/0x160 [ 347.343412][T10478] shmem_alloc_and_add_folio+0x48b/0xc00 [ 347.349121][T10478] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 347.355360][T10478] ? shmem_allowable_huge_orders+0xcd/0x3f0 [ 347.361332][T10478] shmem_get_folio_gfp+0x689/0x1530 [ 347.366608][T10478] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 347.372314][T10478] ? filemap_map_pages+0xf93/0x16a0 [ 347.377597][T10478] shmem_fault+0x200/0xae0 [ 347.382085][T10478] ? __pfx_shmem_fault+0x10/0x10 [ 347.387097][T10478] ? do_pte_missing+0xddf/0x3e70 [ 347.392113][T10478] ? __pfx_lock_release+0x10/0x10 [ 347.397225][T10478] __do_fault+0x10a/0x490 [ 347.401618][T10478] do_pte_missing+0xec5/0x3e70 [ 347.406463][T10478] ? do_raw_spin_unlock+0x172/0x230 [ 347.411749][T10478] ? __pmd_alloc+0x380/0x860 [ 347.416433][T10478] __handle_mm_fault+0x100a/0x2a10 [ 347.421638][T10478] ? __pfx_mt_find+0x10/0x10 [ 347.426297][T10478] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 347.432015][T10478] ? __pfx___handle_mm_fault+0x10/0x10 [ 347.437573][T10478] ? find_vma+0xc0/0x140 [ 347.441883][T10478] ? __pfx_find_vma+0x10/0x10 [ 347.446625][T10478] handle_mm_fault+0x3fa/0xaa0 [ 347.451472][T10478] do_user_addr_fault+0x7a3/0x13f0 [ 347.456686][T10478] exc_page_fault+0x5c/0xc0 [ 347.461280][T10478] asm_exc_page_fault+0x26/0x30 [ 347.466211][T10478] RIP: 0010:rep_movs_alternative+0x30/0x70 [ 347.472093][T10478] Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 [ 347.491866][T10478] RSP: 0018:ffffc900035efe58 EFLAGS: 00050246 [ 347.498017][T10478] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000008 [ 347.506064][T10478] RDX: fffff520006bdfd7 RSI: 0000000000000000 RDI: ffffc900035efeb0 [ 347.514129][T10478] RBP: 0000000000000008 R08: 0000000000000001 R09: fffff520006bdfd6 [ 347.522174][T10478] R10: ffffc900035efeb7 R11: 0000000000000000 R12: 0000000000000000 [ 347.530313][T10478] R13: ffffc900035efeb0 R14: 0000000000000008 R15: 0000000000000000 [ 347.538377][T10478] _copy_from_user+0x9a/0xd0 [ 347.543058][T10478] __x64_sys_signalfd4+0x126/0x1d0 [ 347.548270][T10478] ? ksys_write+0x1ad/0x260 [ 347.552851][T10478] ? __pfx___x64_sys_signalfd4+0x10/0x10 [ 347.558595][T10478] do_syscall_64+0xcd/0x250 [ 347.563181][T10478] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 347.569170][T10478] RIP: 0033:0x7f590e17e719 [ 347.573650][T10478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 347.593349][T10478] RSP: 002b:00007f590eecd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000121 [ 347.601850][T10478] RAX: ffffffffffffffda RBX: 00007f590e335f80 RCX: 00007f590e17e719 [ 347.609895][T10478] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 00000000ffffffff [ 347.617935][T10478] RBP: 00007f590eecd090 R08: 0000000000000000 R09: 0000000000000000 [ 347.625972][T10478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 347.634192][T10478] R13: 0000000000000000 R14: 00007f590e335f80 R15: 00007ffc36cd08a8 [ 347.642257][T10478] [ 348.899792][T10299] veth0_vlan: entered promiscuous mode [ 348.914350][T10299] veth1_vlan: entered promiscuous mode [ 348.983258][T10299] veth0_macvtap: entered promiscuous mode [ 349.013217][T10299] veth1_macvtap: entered promiscuous mode [ 349.138155][T10299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 349.183139][T10299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.254954][T10299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 349.290582][T10299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.318103][T10299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 349.390754][T10299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.455469][T10299] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 349.518630][T10299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 349.615594][T10299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.709296][T10299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 349.765080][T10299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.837774][T10299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 349.853353][ T30] audit: type=1326 audit(8277292098.849:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.3.1121" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f590e17e719 code=0x0 [ 349.887619][T10299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.914465][T10299] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 349.981250][T10299] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.010939][T10299] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.039928][T10299] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.085304][T10299] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.253812][T10269] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 350.296615][T10269] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 350.372252][ T975] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 350.389987][ T975] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 351.246272][T10546] nbd: must specify at least one socket [ 352.384150][T10574] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1138'. [ 353.674065][T10611] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1147'. [ 355.071816][T10642] )zV: entered promiscuous mode [ 364.573983][T10830] FAULT_INJECTION: forcing a failure. [ 364.573983][T10830] name failslab, interval 1, probability 0, space 0, times 0 [ 364.775393][T10830] CPU: 1 UID: 0 PID: 10830 Comm: syz.0.1192 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0 [ 364.786233][T10830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 364.796320][T10830] Call Trace: [ 364.799618][T10830] [ 364.802569][T10830] dump_stack_lvl+0x16c/0x1f0 [ 364.807280][T10830] should_fail_ex+0x497/0x5b0 [ 364.811989][T10830] ? fs_reclaim_acquire+0xae/0x150 [ 364.817143][T10830] should_failslab+0xc2/0x120 [ 364.821872][T10830] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 364.827303][T10830] ? security_file_alloc+0x34/0x2b0 [ 364.832538][T10830] security_file_alloc+0x34/0x2b0 [ 364.837593][T10830] init_file+0x93/0x230 [ 364.841788][T10830] alloc_empty_file+0x91/0x1e0 [ 364.846615][T10830] alloc_file_pseudo+0x13d/0x200 [ 364.851593][T10830] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 364.857100][T10830] ? do_raw_spin_lock+0x12d/0x2c0 [ 364.862159][T10830] __anon_inode_getfile+0x136/0x3c0 [ 364.867426][T10830] ? __pfx___anon_inode_getfile+0x10/0x10 [ 364.873185][T10830] ? alloc_fd+0x2d7/0x6c0 [ 364.877557][T10830] do_signalfd4+0x2f5/0x450 [ 364.882105][T10830] __x64_sys_signalfd4+0x14c/0x1d0 [ 364.887262][T10830] ? ksys_write+0x1ad/0x260 [ 364.891800][T10830] ? __pfx___x64_sys_signalfd4+0x10/0x10 [ 364.897485][T10830] do_syscall_64+0xcd/0x250 [ 364.902025][T10830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 364.907995][T10830] RIP: 0033:0x7f539b97e719 [ 364.912433][T10830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 364.932077][T10830] RSP: 002b:00007f5399df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000121 [ 364.940525][T10830] RAX: ffffffffffffffda RBX: 00007f539bb35f80 RCX: 00007f539b97e719 [ 364.948526][T10830] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 00000000ffffffff [ 364.956617][T10830] RBP: 00007f5399df6090 R08: 0000000000000000 R09: 0000000000000000 [ 364.964620][T10830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 364.972612][T10830] R13: 0000000000000000 R14: 00007f539bb35f80 R15: 00007ffc15bdad08 [ 364.980622][T10830] [ 377.364757][T11032] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 381.252049][T11104] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1251'. [ 383.878384][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.884851][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 390.559051][T11236] unsupported nlmsg_type 40 [ 398.386221][T11353] Process accounting resumed [ 398.515915][T11353] Process accounting resumed [ 398.554622][T11354] Process accounting resumed [ 398.580604][T11353] Process accounting resumed [ 398.717036][T11353] Process accounting resumed [ 400.715960][T11383] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1332'. [ 401.315381][T11390] netlink: 330 bytes leftover after parsing attributes in process `syz.5.1335'. [ 403.920834][T11427] netlink: 330 bytes leftover after parsing attributes in process `syz.5.1346'. [ 404.539716][T11437] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1350'. [ 407.171539][T11476] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1358'. [ 408.775528][T11504] netlink: 330 bytes leftover after parsing attributes in process `syz.5.1366'. [ 410.411933][T11524] ptrace attach of "./syz-executor exec"[10299] was attempted by "./syz-executor exec"[11524] [ 411.535653][T11569] FAULT_INJECTION: forcing a failure. [ 411.535653][T11569] name failslab, interval 1, probability 0, space 0, times 0 [ 411.584843][T11569] CPU: 1 UID: 0 PID: 11569 Comm: syz.0.1384 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0 [ 411.595718][T11569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 411.605834][T11569] Call Trace: [ 411.609155][T11569] [ 411.612147][T11569] dump_stack_lvl+0x16c/0x1f0 [ 411.616900][T11569] should_fail_ex+0x497/0x5b0 [ 411.621648][T11569] ? fs_reclaim_acquire+0xae/0x150 [ 411.626842][T11569] should_failslab+0xc2/0x120 [ 411.631601][T11569] __kmalloc_cache_noprof+0x6b/0x310 [ 411.636963][T11569] ? allocate_file_region_entries+0x1a3/0x620 [ 411.643111][T11569] allocate_file_region_entries+0x1a3/0x620 [ 411.649092][T11569] ? __pfx_allocate_file_region_entries+0x10/0x10 [ 411.655601][T11569] region_chg+0x85/0x140 [ 411.659952][T11569] __vma_reservation_common+0x43d/0x740 [ 411.665666][T11569] ? __pfx___vma_reservation_common+0x10/0x10 [ 411.671819][T11569] alloc_hugetlb_folio+0x23c/0x14d0 [ 411.677089][T11569] ? __pfx_alloc_hugetlb_folio+0x10/0x10 [ 411.682780][T11569] ? __pfx_down_read+0x10/0x10 [ 411.687610][T11569] ? __filemap_get_folio+0x2a5/0xaf0 [ 411.692973][T11569] ? huge_pte_alloc+0x22e/0x3a0 [ 411.697898][T11569] hugetlb_fault+0x1e36/0x2fa0 [ 411.702740][T11569] ? __pfx_hugetlb_fault+0x10/0x10 [ 411.707945][T11569] handle_mm_fault+0x930/0xaa0 [ 411.712787][T11569] do_user_addr_fault+0x60d/0x13f0 [ 411.717986][T11569] exc_page_fault+0x5c/0xc0 [ 411.722568][T11569] asm_exc_page_fault+0x26/0x30 [ 411.727492][T11569] RIP: 0033:0x7f539b963f41 [ 411.731954][T11569] Code: 00 0f 1f 84 00 00 00 00 00 48 85 f6 74 37 49 89 f0 89 f8 48 89 fa c5 f9 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 5f 02 00 00 fd 74 0f c5 fd d7 c1 48 83 fe 20 76 11 85 c0 74 6d f3 0f bc c0 [ 411.751715][T11569] RSP: 002b:00007f5399df4f58 EFLAGS: 00010283 [ 411.757847][T11569] RAX: 0000000000000000 RBX: 00007f5399df5024 RCX: 0000000000000000 [ 411.765870][T11569] RDX: 0000000000000000 RSI: 000000000000000f RDI: 0000000000000000 [ 411.773889][T11569] RBP: 0000000000000003 R08: 000000000000000f R09: 0000000000000000 [ 411.781913][T11569] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 411.789961][T11569] R13: 00007f5399df4fc0 R14: 00007f539bb35f80 R15: 0000000000000000 [ 411.798011][T11569] [ 411.846096][T11569] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 418.215353][T11705] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1414'. [ 420.155277][T11734] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1424'. [ 420.209420][T11735] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1424'. [ 421.796660][ T54] Bluetooth: hci3: command 0x0406 tx timeout [ 422.318327][T11766] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1431'. [ 423.114092][T11801] mmap: syz.3.1443 (11801): VmData 37597184 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data. [ 424.174893][T11831] ptrace attach of "./syz-executor exec"[10299] was attempted by ""[11831] [ 425.602027][T11877] netlink: 350 bytes leftover after parsing attributes in process `syz.4.1472'. [ 425.689988][T11880] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1473'. [ 425.964013][T11892] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1475'. [ 426.143463][T11895] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1476'. [ 428.051070][T11931] netlink: 'syz.0.1488': attribute type 11 has an invalid length. [ 428.065269][T11931] netlink: 'syz.0.1488': attribute type 11 has an invalid length. [ 429.550696][ T30] audit: type=1800 audit(562.932:5): pid=11933 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1489" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 431.097237][T11979] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1501'. [ 431.856636][T11987] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1505'. [ 437.175427][T12037] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1519'. [ 442.283000][ T54] Bluetooth: hci0: command 0x0406 tx timeout [ 442.827912][ T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 442.838354][ T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 442.855390][ T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 442.866106][ T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 442.874615][ T54] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 442.877230][T12123] netlink: 350 bytes leftover after parsing attributes in process `syz.5.1543'. [ 442.890982][ T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 443.608840][T12120] chnl_net:caif_netlink_parms(): no params data found [ 444.114712][T12136] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1545'. [ 444.545473][T12120] bridge0: port 1(bridge_slave_0) entered blocking state [ 444.570220][T12120] bridge0: port 1(bridge_slave_0) entered disabled state [ 444.615368][T12120] bridge_slave_0: entered allmulticast mode [ 444.646795][T12120] bridge_slave_0: entered promiscuous mode [ 444.715382][T12120] bridge0: port 2(bridge_slave_1) entered blocking state [ 444.731928][T12120] bridge0: port 2(bridge_slave_1) entered disabled state [ 444.765501][T12120] bridge_slave_1: entered allmulticast mode [ 444.799332][T12120] bridge_slave_1: entered promiscuous mode [ 444.916270][ T54] Bluetooth: hci4: command tx timeout [ 445.322481][T12120] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 445.337579][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.343953][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.426058][T12120] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 445.971470][T12120] team0: Port device team_slave_0 added [ 446.285574][T12120] team0: Port device team_slave_1 added [ 446.368121][T12158] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1553'. [ 446.617222][T12120] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 446.665209][T12120] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 446.795296][T12120] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 446.880601][T12120] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 446.922143][T12120] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 447.005252][ T5850] Bluetooth: hci4: command tx timeout [ 447.076311][T12120] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 447.396631][ T5850] Bluetooth: hci2: command 0x0406 tx timeout [ 447.450858][T12120] hsr_slave_0: entered promiscuous mode [ 447.564308][T12120] hsr_slave_1: entered promiscuous mode [ 447.804129][T12120] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 447.859849][T12120] Cannot create hsr debugfs directory [ 449.071206][T12120] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 449.078472][ T54] Bluetooth: hci4: command tx timeout [ 449.173844][T12120] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 449.236785][T12120] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 449.287178][T12120] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 449.864980][T12120] 8021q: adding VLAN 0 to HW filter on device bond0 [ 450.003616][T12120] 8021q: adding VLAN 0 to HW filter on device team0 [ 450.156689][ T975] bridge0: port 1(bridge_slave_0) entered blocking state [ 450.163841][ T975] bridge0: port 1(bridge_slave_0) entered forwarding state [ 450.228767][ T975] bridge0: port 2(bridge_slave_1) entered blocking state [ 450.235960][ T975] bridge0: port 2(bridge_slave_1) entered forwarding state [ 450.555465][T12166] svc: failed to register nfsdv3 RPC service (errno 111). [ 450.599730][T12166] svc: failed to register nfsaclv3 RPC service (errno 111). [ 451.155587][ T54] Bluetooth: hci4: command tx timeout [ 451.552350][T12120] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 452.900896][T12120] veth0_vlan: entered promiscuous mode [ 452.921583][T12120] veth1_vlan: entered promiscuous mode [ 452.988132][T12120] veth0_macvtap: entered promiscuous mode [ 453.043653][T12120] veth1_macvtap: entered promiscuous mode [ 453.145591][T12120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 453.172568][T12120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 453.215553][T12120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 453.262613][T12120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 453.295855][T12120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 453.343266][T12120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 453.373769][T12120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 453.423807][T12120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 453.476383][T12120] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 453.524967][T12120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 453.558658][T12120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 453.602545][T12120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 453.635418][T12120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 453.675709][T12120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 453.729201][T12120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 453.758010][T12120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 453.803668][T12120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 453.845048][T12120] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 453.892768][T12120] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 453.947323][T12120] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 453.980187][T12120] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 454.027902][T12120] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 454.923640][T10271] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 454.985300][T10271] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 455.039008][T10271] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 455.085254][T10271] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 456.685677][T12224] ptrace attach of "./syz-executor exec"[10027] was attempted by "./syz-executor exec"[12224] [ 457.314867][T12228] ptrace attach of "./syz-executor exec"[10027] was attempted by "./syz-executor exec"[12228] [ 460.901062][T12260] svc: failed to register nfsdv3 RPC service (errno 111). [ 460.954030][T12260] svc: failed to register nfsaclv3 RPC service (errno 111). [ 461.304785][T12273] netlink: 350 bytes leftover after parsing attributes in process `syz.6.1581'. [ 462.803942][ T5850] Bluetooth: hci1: command 0x0406 tx timeout [ 466.576606][T12328] netlink: 350 bytes leftover after parsing attributes in process `syz.5.1596'. [ 466.947897][T12332] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1597'. [ 475.265610][T12410] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1621'. [ 475.866309][T12413] netlink: 135 bytes leftover after parsing attributes in process `syz.5.1620'. [ 475.934317][T12420] FAULT_INJECTION: forcing a failure. [ 475.934317][T12420] name failslab, interval 1, probability 0, space 0, times 0 [ 475.982499][T12420] CPU: 1 UID: 0 PID: 12420 Comm: syz.3.1624 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0 [ 475.993396][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 476.003518][T12420] Call Trace: [ 476.006849][T12420] [ 476.009830][T12420] dump_stack_lvl+0x16c/0x1f0 [ 476.014591][T12420] should_fail_ex+0x497/0x5b0 [ 476.019351][T12420] ? fs_reclaim_acquire+0xae/0x150 [ 476.024547][T12420] should_failslab+0xc2/0x120 [ 476.029360][T12420] kmem_cache_alloc_node_noprof+0x71/0x310 [ 476.035255][T12420] ? __alloc_skb+0x2b3/0x380 [ 476.039940][T12420] __alloc_skb+0x2b3/0x380 [ 476.044429][T12420] ? __pfx___alloc_skb+0x10/0x10 [ 476.049438][T12420] ? lock_acquire+0x2f/0xb0 [ 476.054034][T12420] netlink_alloc_large_skb+0x69/0x130 [ 476.059486][T12420] netlink_sendmsg+0x689/0xd70 [ 476.064360][T12420] ? __pfx_netlink_sendmsg+0x10/0x10 [ 476.069746][T12420] ____sys_sendmsg+0x9ae/0xb40 [ 476.074584][T12420] ? copy_msghdr_from_user+0x10b/0x160 [ 476.080118][T12420] ? __pfx_____sys_sendmsg+0x10/0x10 [ 476.085499][T12420] ? __pfx___lock_acquire+0x10/0x10 [ 476.090792][T12420] ___sys_sendmsg+0x135/0x1e0 [ 476.095543][T12420] ? __pfx____sys_sendmsg+0x10/0x10 [ 476.100861][T12420] ? lock_acquire+0x2f/0xb0 [ 476.105466][T12420] ? __fget_files+0x40/0x3f0 [ 476.110150][T12420] ? fdget+0x176/0x210 [ 476.114305][T12420] __sys_sendmsg+0x117/0x1f0 [ 476.118984][T12420] ? __pfx___sys_sendmsg+0x10/0x10 [ 476.124175][T12420] ? __fget_files+0x244/0x3f0 [ 476.128952][T12420] do_syscall_64+0xcd/0x250 [ 476.133533][T12420] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 476.139524][T12420] RIP: 0033:0x7f590e17e719 [ 476.144004][T12420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 476.163686][T12420] RSP: 002b:00007f590eecd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 476.172258][T12420] RAX: ffffffffffffffda RBX: 00007f590e335f80 RCX: 00007f590e17e719 [ 476.180304][T12420] RDX: 0000000000008998 RSI: 0000000020000c00 RDI: 0000000000000003 [ 476.188359][T12420] RBP: 00007f590eecd090 R08: 0000000000000000 R09: 0000000000000000 [ 476.196398][T12420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 476.204442][T12420] R13: 0000000000000000 R14: 00007f590e335f80 R15: 00007ffc36cd08a8 [ 476.212522][T12420] [ 477.194865][T12433] netlink: 64 bytes leftover after parsing attributes in process `syz.5.1629'. [ 480.227856][T12474] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1637'. [ 480.358355][T12474] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 481.727104][T12479] sctp: [Deprecated]: syz.3.1643 (pid 12479) Use of struct sctp_assoc_value in delayed_ack socket option. [ 481.727104][T12479] Use struct sctp_sack_info instead [ 484.581916][T12517] HSR: entered promiscuous mode [ 487.612278][T12542] netlink: 'syz.0.1660': attribute type 2 has an invalid length. [ 497.176706][T10267] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 497.357863][T10267] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 497.589513][T10267] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 497.868787][T10267] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 498.727479][T10267] bridge_slave_1: left allmulticast mode [ 498.733216][T10267] bridge_slave_1: left promiscuous mode [ 498.786001][T10267] bridge0: port 2(bridge_slave_1) entered disabled state [ 499.301866][T10267] bridge_slave_0: left allmulticast mode [ 499.331636][T10267] bridge_slave_0: left promiscuous mode [ 499.362232][T10267] bridge0: port 1(bridge_slave_0) entered disabled state [ 502.134171][ T5850] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 502.143457][ T5850] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 502.152046][ T5850] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 502.161727][ T5850] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 502.169726][ T5850] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 502.177165][ T5850] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 504.435277][ T5850] Bluetooth: hci0: command tx timeout [ 504.851238][T10267] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 504.881614][T10267] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 504.914233][T10267] bond0 (unregistering): Released all slaves [ 506.147576][T12671] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1694'. [ 506.515533][ T5850] Bluetooth: hci0: command tx timeout [ 506.775817][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.782195][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 508.134565][T12641] chnl_net:caif_netlink_parms(): no params data found [ 508.423593][T10267] hsr_slave_0: left promiscuous mode [ 508.595308][ T5850] Bluetooth: hci0: command tx timeout [ 509.688981][T10267] hsr_slave_1: left promiscuous mode [ 509.740143][T10267] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 509.763697][T10267] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 509.866284][T10267] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 509.904616][T10267] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 510.100742][T10267] veth1_macvtap: left promiscuous mode [ 510.145310][T10267] veth0_macvtap: left promiscuous mode [ 510.169602][T10267] veth1_vlan: left promiscuous mode [ 510.190082][T10267] veth0_vlan: left promiscuous mode [ 510.678245][ T5850] Bluetooth: hci0: command tx timeout [ 514.294207][T10267] team0 (unregistering): Port device team_slave_1 removed [ 514.487396][T10267] team0 (unregistering): Port device team_slave_0 removed [ 519.391942][T12641] bridge0: port 1(bridge_slave_0) entered blocking state [ 519.445410][T12641] bridge0: port 1(bridge_slave_0) entered disabled state [ 519.452726][T12641] bridge_slave_0: entered allmulticast mode [ 519.484892][T12641] bridge_slave_0: entered promiscuous mode [ 519.665378][T12641] bridge0: port 2(bridge_slave_1) entered blocking state [ 519.672532][T12641] bridge0: port 2(bridge_slave_1) entered disabled state [ 519.711581][T12641] bridge_slave_1: entered allmulticast mode [ 519.749761][T12641] bridge_slave_1: entered promiscuous mode [ 520.303754][T12641] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 520.347226][T12641] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 520.574867][T12641] team0: Port device team_slave_0 added [ 520.607707][T12641] team0: Port device team_slave_1 added [ 520.834380][T12641] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 520.854858][T12641] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 520.945204][T12641] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 520.993484][T12641] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 521.035386][T12641] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 521.167507][T12641] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 521.441061][T12641] hsr_slave_0: entered promiscuous mode [ 521.464371][T12641] hsr_slave_1: entered promiscuous mode [ 521.493727][T12641] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 521.525829][T12641] Cannot create hsr debugfs directory [ 524.423974][T12641] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 524.493096][T12641] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 524.616800][T12641] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 524.853504][T12641] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 525.204728][T12641] 8021q: adding VLAN 0 to HW filter on device bond0 [ 525.314409][T12641] 8021q: adding VLAN 0 to HW filter on device team0 [ 525.432747][ T2999] bridge0: port 1(bridge_slave_0) entered blocking state [ 525.440044][ T2999] bridge0: port 1(bridge_slave_0) entered forwarding state [ 525.495792][ T2999] bridge0: port 2(bridge_slave_1) entered blocking state [ 525.503007][ T2999] bridge0: port 2(bridge_slave_1) entered forwarding state [ 527.441606][T12641] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 528.617221][T12641] veth0_vlan: entered promiscuous mode [ 528.631325][T12641] veth1_vlan: entered promiscuous mode [ 528.758356][T12641] veth0_macvtap: entered promiscuous mode [ 528.770406][T12641] veth1_macvtap: entered promiscuous mode [ 528.822640][T12641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 528.845350][T12641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.855403][T12641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 528.866700][T12641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.885176][T12641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 528.913279][T12641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.931543][T12641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 528.943775][T12641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.963215][T12641] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 529.010526][T12641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 529.045147][T12641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 529.055028][T12641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 529.112804][T12641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 529.145217][T12641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 529.185485][T12641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 529.205132][T12641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 529.247972][T12641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 529.299420][T12641] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 529.428214][T12641] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 529.451885][T12641] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 529.488584][T12641] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 529.518028][T12641] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 530.034352][ T2205] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 530.049120][ T2205] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 530.496463][T10272] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 530.521669][T10272] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 538.554325][T13004] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1742'. [ 541.617298][T13039] svc: failed to register nfsdv3 RPC service (errno 111). [ 541.694495][T13039] svc: failed to register nfsaclv3 RPC service (errno 111). [ 546.092066][T13081] netlink: 330 bytes leftover after parsing attributes in process `syz.7.1758'. [ 547.236201][T13098] netlink: 3 bytes leftover after parsing attributes in process `syz.7.1761'. [ 551.388566][T13144] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1773'. [ 556.506932][T13249] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 556.560310][T13249] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 558.887284][T13285] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1795'. [ 559.789582][T13300] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1796'. [ 563.996883][T13331] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma? [ 566.520674][ T5850] Bluetooth: hci4: command 0x0406 tx timeout [ 568.235629][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.242242][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 571.984364][T13411] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 573.957734][ T31] INFO: task syz.4.1485:11923 blocked for more than 143 seconds. [ 573.996832][ T31] Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 574.004536][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 574.116302][ T31] task:syz.4.1485 state:D stack:26816 pid:11923 tgid:11921 ppid:10299 flags:0x00004004 [ 574.187071][ T31] Call Trace: [ 574.207333][ T31] [ 574.210349][ T31] __schedule+0xe55/0x5740 [ 574.214857][ T31] ? __pfx___lock_acquire+0x10/0x10 [ 574.305344][ T31] ? find_held_lock+0x2d/0x110 [ 574.338427][ T31] ? __pfx___schedule+0x10/0x10 [ 574.343382][ T31] ? schedule+0x298/0x350 [ 574.412043][ T31] ? __pfx_lock_release+0x10/0x10 [ 574.454075][ T31] ? trace_lock_acquire+0x14a/0x1d0 [ 574.495176][ T31] ? lock_acquire+0x2f/0xb0 [ 574.515978][ T31] ? schedule+0x1fd/0x350 [ 574.520429][ T31] schedule+0xe7/0x350 [ 574.573147][ T31] schedule_timeout+0x258/0x2a0 [ 574.582044][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 574.625211][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 574.655194][ T31] __wait_for_common+0x3e1/0x600 [ 574.677454][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 574.712942][T13436] ptrace attach of "./syz-executor exec"[9552] was attempted by "./syz-executor exec"[13436] [ 574.735378][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 574.740944][ T31] ? preempt_schedule_thunk+0x1a/0x30 [ 574.815243][ T31] wait_for_completion_state+0x1c/0x40 [ 574.854770][ T31] do_coredump+0x82f/0x4160 [ 574.875185][ T31] ? hlock_class+0x4e/0x130 [ 574.879783][ T31] ? stack_depot_save_flags+0x28/0x900 [ 574.955311][ T31] ? __pfx_do_coredump+0x10/0x10 [ 574.960346][ T31] ? kmem_cache_free+0x152/0x4b0 [ 575.002558][ T31] ? syscall_exit_to_user_mode+0x150/0x2a0 [ 575.055312][ T31] ? do_syscall_64+0xda/0x250 [ 575.060167][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 575.185189][ T31] get_signal+0x237c/0x26d0 [ 575.189796][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 575.245870][ T31] ? __pfx_get_signal+0x10/0x10 [ 575.250841][ T31] ? force_sig_info_to_task+0x3a0/0x660 [ 575.295013][ T31] arch_do_signal_or_restart+0x90/0x7e0 [ 575.300869][ T31] ? __pfx_force_exit_sig+0x10/0x10 [ 575.335229][ T31] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 575.341511][ T31] syscall_exit_to_user_mode+0x150/0x2a0 [ 575.422509][ T31] do_syscall_64+0xda/0x250 [ 575.445182][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 575.451856][ T31] RIP: 0033:0x7f5dc557e719 [ 575.505469][ T31] RSP: 002b:00007f5dc6403038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 575.575151][ T31] RAX: ffffffffffffffda RBX: 00007f5dc5736058 RCX: 00007f5dc557e719 [ 575.583323][ T31] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000020000040 [ 575.662075][ T31] RBP: 00007f5dc55f139e R08: 0000000000000000 R09: 0000000000000000 [ 575.705385][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 575.713442][ T31] R13: 0000000000000000 R14: 00007f5dc5736058 R15: 00007ffcdbf47ea8 [ 575.775177][ T31] [ 575.815388][ T31] [ 575.815388][ T31] Showing all locks held in the system: [ 575.860465][ T31] 2 locks held by kworker/u8:2/29: [ 575.869340][ T31] #0: ffff8880b873ee98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130 [ 575.952067][ T31] #1: ffff8880b8728a48 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x2c1/0x8e0 [ 576.012080][ T31] 1 lock held by khungtaskd/31: [ 576.045263][ T31] #0: ffffffff8ddb7800 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x7f/0x390 [ 576.105153][ T31] 2 locks held by kworker/u8:10/2999: [ 576.110594][ T31] #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1212/0x1b30 [ 576.182825][ T31] #1: ffffc9000bc7fd80 (connector_reaper_work){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30 [ 576.247328][ T31] 2 locks held by getty/5599: [ 576.252073][ T31] #0: ffff8880314350a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 576.345302][ T31] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfba/0x1480 [ 576.399658][ T31] 2 locks held by kworker/u8:13/10271: [ 576.465159][ T31] 2 locks held by syz.3.1206/10914: [ 576.470429][ T31] 1 lock held by syz.4.1485/11922: [ 576.528514][ T31] 1 lock held by syz.0.1752/13060: [ 576.533700][ T31] 3 locks held by syz.0.1826/13417: [ 576.585420][ T31] #0: ffffffff8faaf690 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x292/0x6b0 [ 576.594960][ T31] #1: ffffffff8fac5328 (rtnl_mutex){+.+.}-{3:3}, at: setup_net+0x40b/0x860 [ 576.731069][ T31] #2: ffffffff8ddc30f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock+0x1a4/0x3b0 [ 576.775231][ T31] 2 locks held by syz.3.1829/13436: [ 576.805232][ T31] #0: ffff88807c872008 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: __sock_release+0x86/0x270 [ 576.855148][ T31] #1: ffff88801ad59258 (sk_lock-AF_CAN){+.+.}-{0:0}, at: bcm_release+0x200/0x8d0 [ 576.910656][ T31] [ 576.913062][ T31] ============================================= [ 576.913062][ T31] [ 576.960695][ T31] NMI backtrace for cpu 1 [ 576.965085][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0 [ 576.975649][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 576.985746][ T31] Call Trace: [ 576.989058][ T31] [ 576.992022][ T31] dump_stack_lvl+0x116/0x1f0 [ 576.996760][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 577.001755][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 577.007794][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 577.013834][ T31] watchdog+0xf0c/0x1240 [ 577.018140][ T31] ? __pfx_watchdog+0x10/0x10 [ 577.022880][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 577.028135][ T31] ? __kthread_parkme+0x148/0x220 [ 577.033204][ T31] ? __pfx_watchdog+0x10/0x10 [ 577.037935][ T31] kthread+0x2c1/0x3a0 [ 577.042050][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 577.047308][ T31] ? __pfx_kthread+0x10/0x10 [ 577.051950][ T31] ret_from_fork+0x45/0x80 [ 577.056404][ T31] ? __pfx_kthread+0x10/0x10 [ 577.061041][ T31] ret_from_fork_asm+0x1a/0x30 [ 577.065877][ T31] [ 577.069956][ T31] Sending NMI from CPU 1 to CPUs 0: [ 577.076054][ C0] NMI backtrace for cpu 0 [ 577.076068][ C0] CPU: 0 UID: 0 PID: 11922 Comm: syz.4.1485 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0 [ 577.076099][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 577.076114][ C0] RIP: 0010:sha256_transform_rorx+0x4bf/0x1120 [ 577.076147][ C0] Code: f3 89 de c4 43 7b f0 e9 19 c4 43 7b f0 f1 0b 03 44 3c 2c 44 09 c6 c5 a5 72 d2 0a 45 89 d7 c4 63 7b f0 e3 0d 45 31 f5 45 31 df e5 73 d2 13 c4 43 7b f0 f1 06 45 21 cf 01 c2 21 ce c5 ed 73 d2 [ 577.076172][ C0] RSP: 0018:ffffc900131df200 EFLAGS: 00000286 [ 577.076193][ C0] RAX: 00000000f17f7c70 RBX: 0000000069dd3130 RCX: 00000000bde58029 [ 577.076210][ C0] RDX: 00000000606a06b4 RSI: 0000000069dff539 RDI: 0000000000000080 [ 577.076227][ C0] RBP: ffffc900131df420 R08: 0000000061cbc539 R09: 00000000a5eda0d7 [ 577.076243][ C0] R10: 000000009267eb52 R11: 00000000218f9938 R12: 0000000089834ee9 [ 577.076260][ C0] R13: 00000000ec24d666 R14: 000000001af4bdb4 R15: 00000000b3e8726a [ 577.076277][ C0] FS: 00007f5dc64246c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 577.076303][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 577.076321][ C0] CR2: 000055557a46c588 CR3: 0000000033ffa000 CR4: 00000000003526f0 [ 577.076338][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 577.076354][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 577.076370][ C0] Call Trace: [ 577.076377][ C0] [ 577.076385][ C0] ? nmi_cpu_backtrace+0x1d8/0x390 [ 577.076423][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 577.076462][ C0] ? nmi_handle+0x1a9/0x5c0 [ 577.076489][ C0] ? sha256_transform_rorx+0x4bf/0x1120 [ 577.076516][ C0] ? default_do_nmi+0x6a/0x160 [ 577.076548][ C0] ? exc_nmi+0x170/0x1e0 [ 577.076578][ C0] ? end_repeat_nmi+0xf/0x53 [ 577.076605][ C0] ? sha256_transform_rorx+0x4bf/0x1120 [ 577.076633][ C0] ? sha256_transform_rorx+0x4bf/0x1120 [ 577.076661][ C0] ? sha256_transform_rorx+0x4bf/0x1120 [ 577.076688][ C0] [ 577.076696][ C0] [ 577.076726][ C0] ? integrity_kernel_read+0x7f/0xb0 [ 577.076774][ C0] _sha256_update+0x17e/0x220 [ 577.076801][ C0] ? __pfx_sha256_transform_rorx+0x10/0x10 [ 577.076828][ C0] ? crypto_shash_update+0x6/0xa0 [ 577.076863][ C0] ima_calc_file_hash_tfm+0x302/0x3e0 [ 577.076896][ C0] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 577.076944][ C0] ? hlock_class+0x4e/0x130 [ 577.076974][ C0] ? ima_alloc_tfm+0x21d/0x2d0 [ 577.077002][ C0] ? generic_fillattr+0x663/0x8c0 [ 577.077037][ C0] ima_calc_file_hash+0x1ba/0x490 [ 577.077071][ C0] ima_collect_measurement+0x8a7/0xa10 [ 577.077104][ C0] ? process_measurement+0x70a/0x2370 [ 577.077156][ C0] ? __pfx_ima_collect_measurement+0x10/0x10 [ 577.077191][ C0] ? lock_acquire.part.0+0x11b/0x380 [ 577.077238][ C0] ? rcu_is_watching+0x12/0xc0 [ 577.077266][ C0] ? trace_contention_end+0xea/0x140 [ 577.077306][ C0] ? is_bad_inode+0xd/0x40 [ 577.077345][ C0] ? xattr_resolve_name+0x27b/0x3f0 [ 577.077387][ C0] ? vfs_getxattr_alloc+0xf1/0x340 [ 577.077414][ C0] ? ima_get_hash_algo+0x27d/0x410 [ 577.077441][ C0] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 577.077472][ C0] ? process_measurement+0x1271/0x2370 [ 577.077501][ C0] process_measurement+0x1271/0x2370 [ 577.077536][ C0] ? __pfx_process_measurement+0x10/0x10 [ 577.077565][ C0] ? kasan_save_track+0x14/0x30 [ 577.077601][ C0] ? find_held_lock+0x2d/0x110 [ 577.077632][ C0] ? aa_file_perm+0x4c6/0xfe0 [ 577.077659][ C0] ? __pfx_lock_release+0x10/0x10 [ 577.077695][ C0] ? trace_lock_acquire+0x14a/0x1d0 [ 577.077737][ C0] ? __pfx_aa_file_perm+0x10/0x10 [ 577.077766][ C0] ? lockdep_init_map_type+0x16d/0x7d0 [ 577.077815][ C0] ima_file_mmap+0x1b1/0x1d0 [ 577.077843][ C0] ? __pfx_ima_file_mmap+0x10/0x10 [ 577.077877][ C0] security_mmap_file+0x8bd/0x990 [ 577.077905][ C0] vm_mmap_pgoff+0xdb/0x360 [ 577.077945][ C0] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 577.077983][ C0] ? hugetlbfs_get_inode+0x32d/0x530 [ 577.078029][ C0] ksys_mmap_pgoff+0x1c8/0x5c0 [ 577.078064][ C0] __x64_sys_mmap+0x125/0x190 [ 577.078092][ C0] do_syscall_64+0xcd/0x250 [ 577.078118][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 577.078158][ C0] RIP: 0033:0x7f5dc557e719 [ 577.078178][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 577.078203][ C0] RSP: 002b:00007f5dc6424038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 577.078226][ C0] RAX: ffffffffffffffda RBX: 00007f5dc5735f80 RCX: 00007f5dc557e719 [ 577.078245][ C0] RDX: 00004000000000df RSI: 2000000000000004 RDI: 0000000000000000 [ 577.078262][ C0] RBP: 00007f5dc55f139e R08: 0000000000000004 R09: 0000300000000000 [ 577.078279][ C0] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 577.078295][ C0] R13: 0000000000000000 R14: 00007f5dc5735f80 R15: 00007ffcdbf47ea8 [ 577.078320][ C0] [ 577.781942][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 577.788914][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0 [ 577.799481][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 577.809581][ T31] Call Trace: [ 577.812894][ T31] [ 577.815858][ T31] dump_stack_lvl+0x3d/0x1f0 [ 577.820501][ T31] panic+0x71d/0x800 [ 577.824484][ T31] ? __pfx_panic+0x10/0x10 [ 577.828959][ T31] ? preempt_schedule_thunk+0x1a/0x30 [ 577.834477][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 577.840524][ T31] ? preempt_schedule_thunk+0x1a/0x30 [ 577.845942][ T31] ? watchdog+0xd76/0x1240 [ 577.850423][ T31] ? watchdog+0xd69/0x1240 [ 577.854909][ T31] watchdog+0xd87/0x1240 [ 577.859228][ T31] ? __pfx_watchdog+0x10/0x10 [ 577.863960][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 577.869233][ T31] ? __kthread_parkme+0x148/0x220 [ 577.874327][ T31] ? __pfx_watchdog+0x10/0x10 [ 577.879066][ T31] kthread+0x2c1/0x3a0 [ 577.883184][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 577.888443][ T31] ? __pfx_kthread+0x10/0x10 [ 577.893071][ T31] ret_from_fork+0x45/0x80 [ 577.897513][ T31] ? __pfx_kthread+0x10/0x10 [ 577.902135][ T31] ret_from_fork_asm+0x1a/0x30 [ 577.906953][ T31] [ 577.910335][ T31] Kernel Offset: disabled [ 577.914675][ T31] Rebooting in 86400 seconds..