last executing test programs: 31.289082283s ago: executing program 3 (id=1330): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setrlimit$auto(0x1000000007, 0x0) mmap$auto(0x0, 0x400008, 0x8, 0x9b72, 0x5, 0x8000) setrlimit$auto(0x1000000007, 0x0) eventfd$auto(0x6703) socket(0x11, 0x80003, 0x300) recvmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x9, &(0x7f0000000080)={0x0, 0x8}, 0x7, 0x0, 0x1, 0x4}, 0x6}, 0x10000, 0x0, 0x0) read$auto(0x2, &(0x7f0000000040)='\x00', 0x7) renameat$auto(0x6, 0x0, 0x2, 0x0) tgkill$auto(0x1, 0x1, 0xaeb) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ipvlan1\x00'}) mmap$auto(0x3ff, 0x400008, 0x0, 0x9b72, 0x5, 0x8000) clone$auto(0x81000005, 0x6, 0xfffffffffffffffd, 0xffffffffffffffff, 0x80000001) move_pages$auto(0x0, 0xd0, 0x0, &(0x7f0000001140), 0x0, 0x2) open(&(0x7f0000000000)='./file0\x00', 0xa61c2, 0x84) socket(0x2, 0x1, 0x1d27) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2a, 0x2, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0x5) sendfile$auto(0x6, 0x3, 0x0, 0xc01) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x3, 0x0, 0x0, 0x7ffffffe) mmap$auto(0x0, 0x20000000000004, 0x8fe, 0x4013, 0x402, 0x300000000000) clone$auto(0x7, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) dup2$auto(0x800000003, 0x3) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x208, 0xffffffffffff0000, 0x9b72, 0x2, 0x8000) clock_nanosleep$auto(0x7, 0x6, 0x0, 0xfffffffffffffffd) clone$auto(0x56, 0x6, 0x0, 0x0, 0xfffffffffffffffe) 29.761136698s ago: executing program 3 (id=1336): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8002, 0x0, 0x6) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) tkill$auto(0x1, 0x7) madvise$auto(0x0, 0x8001, 0x9) 28.514590068s ago: executing program 1 (id=1341): statmount$auto(0x0, &(0x7f0000000040)={0x1, 0x0, 0x36, 0x828, 0x9, 0x8000000000000000, 0x8, 0x7, 0x9, 0x5, 0x2, 0x9, 0x3, 0x8, 0x5, 0xf, 0x100, 0x80000000, 0x10001, 0x5, [0x9, 0x7f, 0x77, 0x1, 0x7fffffffffffffff, 0xe06, 0x400, 0x3, 0x80000000, 0x8, 0x4, 0xfffffffffffffff9, 0x10, 0x3, 0x35c4, 0x1, 0x6, 0x8, 0xea8, 0x8, 0xd9, 0x8, 0x5, 0x1, 0x200000000803, 0x7fffffffffffffff, 0x5, 0x5a2c, 0xa00, 0x8000000000000000, 0x2ab, 0x8, 0x7ff, 0x1, 0x1, 0x3, 0xffffffffffff0000, 0x6b, 0xfffffffffffffff9, 0x4, 0x2b7, 0x4, 0xf, 0xffffffffffffff26, 0x8, 0x7, 0x6, 0x7a, 0xdc]}, 0xe3c, 0x0) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) socket(0x11, 0x80003, 0x300) socket(0x11, 0x80003, 0x300) socket(0x11, 0x80003, 0x300) dup2$auto(0x0, 0x3) setresuid$auto(0x0, 0x8, 0x8000) setfsuid$auto(0x8000000000000000) r1 = syz_genetlink_get_family_id$auto_cifs(&(0x7f0000000240), r0) sendmsg$auto_CIFS_GENL_CMD_SWN_NOTIFY(r0, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x6024401}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x3c, r1, 0x4, 0x70bd28, 0x25dfdbfc, {}, [@CIFS_GENL_ATTR_SWN_NOTIFICATION_TYPE={0x8, 0xc, 0xcab}, @CIFS_GENL_ATTR_SWN_USER_NAME={0x6, 0x9, ']\n'}, @CIFS_GENL_ATTR_SWN_PASSWORD={0x6, 0xa, '&/'}, @CIFS_GENL_ATTR_SWN_PASSWORD={0x6, 0xa, '-&'}, @CIFS_GENL_ATTR_SWN_PASSWORD={0x7, 0xa, '$/-'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x14) setresuid$auto(0xffffffffffffffff, 0x8, 0x8000) 27.343780227s ago: executing program 1 (id=1346): madvise$auto(0x8, 0x62e, 0x10001) (async, rerun: 64) vmsplice$auto(0x2, &(0x7f00000000c0)={&(0x7f0000000000), 0x7ff}, 0x8000000000000001, 0x0) (async, rerun: 64) syz_genetlink_get_family_id$auto_IPVS(0x0, 0xffffffffffffffff) (async) close_range$auto(0x0, 0xfffffffffffff001, 0x2) (async) socket(0x1d, 0x800, 0x40) (async) socket(0x1e, 0x1, 0x0) (async) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/net\x00') (async, rerun: 32) close_range$auto(0x2, 0x8, 0x0) (rerun: 32) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00') socket(0xa, 0x2, 0x0) (async) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="00000000f5ffffffffffffff00"}, 0x55) (async, rerun: 64) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x800) (async, rerun: 64) mmap$auto(0xfff, 0x1, 0x10000, 0x14, 0x3, 0x800008002) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) ioperm$auto(0x7, 0x6, 0x2) copy_file_range$auto(0xfffffffffffffffd, 0xffffffffffffffff, 0x8000000004002, 0xfffffffffffffffe, 0x2, 0x2) socket(0xa, 0x3, 0x73) (async, rerun: 64) socket(0x15, 0x5, 0x0) (async, rerun: 64) recvmmsg$auto(0x3, &(0x7f0000001180)={{0x0, 0x5, &(0x7f0000000140)={0x0, 0x57d}, 0x4, 0x0, 0x3, 0x7}, 0x9160}, 0x3, 0x4d, 0x0) (async) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x400006, 0xdf, 0x809b72, 0x2, 0x8000) (async) fanotify_init$auto(0x100, 0x3) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) newfstatat$auto(0xa, 0x0, 0x0, 0x1000) (async, rerun: 64) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 64) prctl$auto(0x101000000003b, 0x1, 0xa, 0xf1b, 0x107) (async) arch_prctl$auto(0x1021, 0x3) getsockopt$auto(0x6, 0x84, 0x84, 0x0, &(0x7f00000000c0)=0x10000) 27.125764048s ago: executing program 1 (id=1348): socket(0xa, 0x801, 0x200) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) madvise$auto(0x0, 0x2000000080000001, 0x3) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000021}, 0x8004) setrlimit$auto(0x2, &(0x7f0000000080)={0x2, 0x6}) mprotect$auto(0x1ffff000, 0x8007, 0x6) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) shutdown$auto(0x200000003, 0x2) read$auto(0x3, 0x0, 0x7) 26.809175953s ago: executing program 3 (id=1350): socket(0xa, 0x3, 0xff) (async) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) (async) mprotect$auto(0x1ffff000, 0x810002, 0x6) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40040021}, 0x8011) (async) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) (async) write$auto(0x3, 0x0, 0xfdef) clone3$auto(&(0x7f0000000400)={0x100000000, 0x980, 0x4, 0x6, 0x2, 0x80000000, 0x1, 0x8, 0xe, 0x9, 0x3}, 0x40) 26.066856154s ago: executing program 1 (id=1353): socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socket(0xa, 0x800, 0x73) alarm$auto(0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) shutdown$auto(0x200000003, 0x2) unshare$auto(0x40000080) exit$auto(0x1) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x4, 0x8000) mmap$auto(0x0, 0x4000b, 0xdf, 0x9b72, 0x7, 0x28000) socket(0xa, 0x6, 0x3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x0, 0x2, 0x9b72, 0x4000400002, 0x810000009) prctl$auto(0x8000, 0xce, 0x4, 0x400, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) open(0x0, 0x4361c0, 0x10) mq_open$auto(&(0x7f0000000200)='#)-\\&[}\x00', 0xde8, 0xb, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x6, 0x0) syz_genetlink_get_family_id$auto_IPVS(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_GET_DEST(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0}, 0x1, 0x0, 0x0, 0x24008000}, 0x0) clock_gettime$auto(0x4, 0xfffffffffffffffe) mmap$auto(0x800, 0x8000, 0x0, 0x15, 0x2, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x8, 0x8000) nanosleep$auto(0x0, &(0x7f0000000040)={0x8000, 0x401}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x1d, 0x8000000002000001, 0x1, 0x3, 0x1) 21.655332206s ago: executing program 1 (id=1363): r0 = socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) write$auto(0x3, 0x0, 0x100082) socket(0xa, 0x801, 0x4) getcpu$auto(0xfffffffffffffffc, 0xffffffffffffffff, 0xfffffffffffffffd) rseq$auto(&(0x7f0000000100)={0x11, 0x401, 0x0, 0x6, 0x6, 0x2}, 0x7ffe, 0x0, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x40000a, 0xde, 0x809b72, 0x10000000006, 0x8000) io_setup$auto(0x9e, 0x0) epoll_create$auto(0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semctl$auto(0x1ff, 0x2, 0x13, 0x1) io_uring_setup$auto(0x6, 0x0) write$auto(0x3, 0x0, 0xff) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) prctl$auto(0x1000000001c, 0x5, 0x8, 0x9, 0x80001) setreuid$auto(0x15, 0x5) fcntl$auto(0x3, 0x400, 0x1) setuid$auto(0xe) open(&(0x7f0000000000)='./file0\x00', 0xe600, 0x20) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) sendmsg$auto_ETHTOOL_MSG_FEC_SET(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x10) close_range$auto(0x2, 0x8000, 0x0) preadv2$auto(0x278c, &(0x7f0000000040)={&(0x7f0000000000), 0x3ff}, 0xb, 0xed48, 0x6, 0x5) socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0xa, 0x2, 0x0) syz_genetlink_get_family_id$auto_802_15_4_MAC(&(0x7f0000000080), r0) 19.463184669s ago: executing program 1 (id=1367): socket(0x1d, 0x2, 0x2) connect$auto(0x3, &(0x7f0000000180)={0x21, @sockaddr_1_1}, 0x54) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7e50cec0a63a9cc10"}, 0x55) r0 = socket(0x10, 0x2, 0x4) socket(0x11, 0x80003, 0x300) sendfile$auto(0x1, 0x3, 0x0, 0xc01) fcntl$auto(0x0, 0x407, 0xc) splice$auto(0x4, 0x0, 0x2, 0x0, 0x1000, 0xf) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000000800)='./file0\x00', 0x2240, 0x154) sysfs$auto(0x2, 0x0, 0x0) fsopen$auto(0x0, 0x1) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) statmount$auto(0x0, &(0x7f0000000040)={0x0, 0x0, 0x38, 0xffffff01, 0x9, 0x9, 0x80000001, 0x7, 0x8, 0x5, 0x5, 0x9, 0x2, 0x8, 0x5, 0xf, 0xffffffffffffffff, 0x9, 0x10001, 0x5, [0x9, 0x7f, 0x77, 0x1, 0xa, 0xe06, 0x400, 0x3, 0x80000000, 0x8, 0x3, 0xfffffffffffffff9, 0x0, 0x3, 0x8, 0x1, 0x6, 0x8, 0xea8, 0x8, 0x5, 0x9a2, 0x5, 0x1, 0x2d47, 0xd, 0x5, 0x2, 0x800, 0x8000000000000000, 0x2ab, 0x8, 0x7ff, 0x1, 0x1, 0x3, 0xffffffffffff0000, 0x6b, 0xfffffffffffffff9, 0x4, 0x2ba, 0x10001, 0xf, 0xffffffffffffff26, 0x9, 0x7fffffff, 0x6, 0x7d, 0xdc]}, 0x800, 0x0) poll$auto(&(0x7f0000000080)={0x2, 0x0, 0x1a}, 0xff, 0x1) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001700), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_DEV_GET(r0, &(0x7f0000001840)={0x0, 0x0, &(0x7f0000001800)={&(0x7f00000017c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010025bd7000fe05002501000000"], 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x28044004) clone$auto(0x40083b42, 0x5c84, 0xfffffffffffffffe, 0x0, 0x100000000000f) 5.975648013s ago: executing program 0 (id=1378): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/time\x00') ppoll$auto(&(0x7f0000000140)={r0, 0xfffd, 0x2}, 0x1413b155, &(0x7f0000000040)={0x7f, 0x7}, &(0x7f0000000080)={0x5}, 0x0) connect$auto(r1, &(0x7f00000000c0)={0x5, @sa_data_min="e8ee893910115d876c3c9ccc6e90"}, 0x0) mmap$auto(0x40, 0x2020009, 0x3, 0x500000000000010, 0x7, 0x100) r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000180), r1) io_uring_setup$auto(0x61, &(0x7f00000001c0)={0xb1, 0x40, 0x5, 0x3, 0x2, 0x7, r1, [0x80a, 0x37e30ed8, 0x9], {0x7e8e, 0xfc7, 0x22, 0x81, 0x8, 0xfff, 0x5, 0x24, 0x2}, {0x8, 0x14d, 0x8, 0x8cf, 0x8, 0x3, 0x1c, 0x81, 0x2}}) sendmsg$auto_L2TP_CMD_SESSION_CREATE(r1, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r2, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@L2TP_ATTR_FD={0x8, 0x17, r3}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x7}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0x8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000851}, 0x10) socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) uname$auto(&(0x7f0000000340)={"062773e46122b4fc01ede17cd0e941f213cfcdf93166cde161c263a2ff44b32af89dcd2b4d06a8d6d60ad63c175083ca2335aa32a23d867f7ade1889617b80629f", "9fa2ac5359ce161cd4b6795bf84c72094d2ea4575e5c417ac107992d36da6fe7040c997933273346445a72c0f06d9e0c92a5c590c8ce4a4b57c2ec0fad0f7355fc", "bd120040cf0a3f3400cde06fdf038e91f7e9d7fa0a371c8132a7c6c24ad23afd5fbc7c80eb0d45762c77152c1052199a8a52add3e0af8ba312ea98fa34b217171c", "e23939038240e5a1aa8f94e2dc4481ddbe6604d6f2b5d52f29207d1c14a37db28e02f61fd3b2631d2ffcf61c2cd71b92243ee446dbab885dde2a32182d7a8630ef", "2050722fcd1963b19d9245600352e02daa499f0d4898261d3fc98d396f9cfb7c2db33d6b0376d05e7e0836f177151699ac109fe4132f10ce18e25edc010cc47e66", "559796b9d723a7b09c75b08f8daebb02a0c2a98ec985a3d0a11fab73ad8ac901ca75b82d0974f94883c8af14a1e8118456406e00d818f37a0fbb6b214c1a3e1f61"}) socket(0x2, 0x1, 0x106) getsockopt$auto(0x4, 0x6, 0x2b, 0xfffffffffffffffc, 0x0) mmap$auto(0xfd, 0x6, 0x7, 0x18, 0x4d9, 0x8000000000000000) 5.871700643s ago: executing program 3 (id=1351): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x2, 0x3fd6, 0x3, 0x7fffffffb000) mmap$auto(0x1fff, 0x8, 0x1000000003, 0x9b7f, 0x2, 0x8000) r0 = open$dir(&(0x7f0000000000)='./file0\x00', 0x101020, 0x64) close_range$auto(0xffffffffffffffff, r0, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x4e1f, 0x10000, 0x9e19, 0xfffffffffffffff7, 0x8b, 0x9) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) getsockopt$auto(0x6, 0x40000000084, 0x80, 0xfffffffffffffffe, 0x0) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) socket(0x24, 0x3, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r1 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/pid\x00') r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000080), r2) sendmsg$auto_GTP_CMD_GETPDP(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2c, r3, 0x401, 0x70bd26, 0x25dfdbfe, {}, [@GTPA_VERSION={0x8, 0x2, 0x38f}, @GTPA_LINK={0x8, 0x1, 0x7}, @GTPA_NET_NS_FD={0x8, 0x7, r1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x8014) setsockopt$auto(0x3, 0x0, 0x4, 0xfffffffffffffffc, 0x70) munmap$auto(0x0, 0x2000000c) munmap$auto(0x4, 0x0) 5.608490365s ago: executing program 0 (id=1380): r0 = socket(0xa, 0x801, 0x84) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0xffffffffffffffcd, 0x0, 0x1, 0x0, 0x0, 0x40000021}, 0x8004) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) select$auto(0xa, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x5, 0x3, 0x5, 0x2000000000000002, 0x9, 0x8, 0xff, 0xa, 0x4, 0xaab, 0x5, 0x4006]}, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) r1 = syz_genetlink_get_family_id$auto_NLBL_MGMT(&(0x7f0000000200), r0) sendmsg$auto_NLBL_MGMT_C_ADD(r0, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x5c, r1, 0x10, 0x70bd28, 0x25dfdbfc, {}, [@NLBL_MGMT_A_VERSION={0x8, 0x3, 0x5}, @NLBL_MGMT_A_VERSION={0x8}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x9}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x91c5}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x869b}, @NLBL_MGMT_A_DOMAIN={0x7, 0x1, '+\xe1\x00'}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0xd}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0xfff9}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x400c084}, 0x40008c5) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000002900), r2) sendmsg$auto_L2TP_CMD_SESSION_CREATE(r2, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000002980)={&(0x7f0000002940)={0x14, r3, 0x1d, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x0) sendmsg$auto_NL802154_CMD_NEW_SEC_DEV(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000000c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x44084) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) shutdown$auto(0x200000003, 0x2) remap_file_pages$auto(0x6, 0xb2c3, 0x0, 0xfffffffffffffff9, 0x3) sendmmsg$auto(0x3, &(0x7f0000000180)={{0x0, 0x80, &(0x7f0000000040)={0x0, 0x660b}, 0x4, 0x0, 0x1, 0xb33}, 0xed7138c}, 0x2, 0x9) 5.061156179s ago: executing program 0 (id=1382): mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) r0 = getpgid(0x0) sched_setscheduler$auto(r0, 0xfffffff2, &(0x7f0000000040)={0xfb8}) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) rseq$auto(&(0x7f0000000000)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x7ffe, 0x0, 0x6) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x9, 0xdf, 0xc78, 0x4, 0x10000) socket(0x2, 0x3, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, 0x0, 0x4) io_uring_setup$auto(0x6, 0x0) futex_waitv$auto(&(0x7f0000000000)={0x0, 0x7e4, 0x2}, 0x1, 0x0, 0x0, 0x623d) close_range$auto(0x2, 0x8, 0x5) socket(0x2, 0x1, 0x106) getsockopt$auto(0x6, 0x11c, 0x1, 0xfffffffffffffffe, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) seccomp$auto(0x2, 0x0, 0x0) lsetxattr$auto(0x0, 0x0, 0x0, 0xe6, 0x496) 4.981555499s ago: executing program 3 (id=1384): open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) open(&(0x7f0000000080)='./file0\x00', 0x22000, 0x50) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendfile$auto(0x6, 0x3, 0x0, 0x8000) exit$auto(0x5f97) mknod$auto(&(0x7f0000000000)='}[,&*}\x00', 0x1, 0x4) link$auto(&(0x7f00000000c0)='}[,&*}\x00\xa2\xbd\xac\x1b\xa6\xee+\xbb\xddh\xf9Bb\xee.\x06nt\xf6`\xa5\xfaJ\x01\xfb\xff87\x830^\x8c\xf8\xa7\xbcXs\x06w\x7f}g\xa1\xccBV\xb4\x84\x15\x97;eO\xebKV\xe8\x11\x1b&\x96f\x9b.\xb1J\x81\t\x98\x92\xc4\xfb\xf0]f\x18\x1b\xabCK<\xf0\xfcI\xc3*\x96\x8cHvh\x06L\xfdC\xc2\x01\xaf6dA\xd6\x8d7\n\xc7y\xbbV\x13\xb8\a\xe9\xba7w\xd5v\x1d\x95\xcer\xaap\xa0\x7f\x9f\x02\xc3]\xf4\xe89\x86S\xfb\xc1\x03OZ\'7\f\xcc>\xf8\xa9\xa8\xc8\x02\xc4\xc1\xe0\r\xd7\xc2(\x18w\xc9\x85\b\xd7\xef\xbbg\x96\xe5\xdc/\xa5V\x90#\v\xbd\xe8}\x1d\\}\x8f\x16w1\x00n\xd1\xa7\xd1s\x19d\xff)g', &(0x7f0000000080)='#\x00') unlink$auto(&(0x7f00000001c0)='}[,&*}\x00') mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) open(0x0, 0x220000, 0xe1d2b27bdc14aaac) unshare$auto(0x40000080) clone$auto(0x8001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) writev$auto(0x1, &(0x7f0000000100)={&(0x7f0000000140), 0x400000000000fdef}, 0x1) vmsplice$auto(0x3, &(0x7f0000000080)={0x0, 0x6}, 0x1, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) ustat$auto(0x6, 0xfffffffffffffffd) madvise$auto(0x0, 0x20200, 0x15) syz_genetlink_get_family_id$auto_802_15_4_MAC(&(0x7f00000000c0), 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00') timerfd_create$auto(0x7, 0x0) pidfd_open$auto(0x1, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) socket(0x2, 0x5, 0x0) fcntl$auto(0x0, 0x407, 0x100000) 2.467070254s ago: executing program 2 (id=1388): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x608a6b2163c0d36c, 0x6, 0x4}, 0x18) ppoll$auto(&(0x7f00000000c0)={r0, 0x88a}, 0x2ff, &(0x7f0000000100)={0x7fffffffffffffff, 0x8000000000000001}, &(0x7f0000000140)={0x166a}, 0x466b) socket(0xf, 0x3, 0x2) socket(0x2, 0xa, 0xe57a) r1 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/pid\x00') r2 = ioctl$NS_GET_PARENT(r1, 0xb701, 0x0) setns(r2, 0x0) socket(0x2b, 0x1, 0x1) setsockopt$auto(0x6, 0x8000000000000006, 0x25, 0x0, 0x7ffffc) 2.276250996s ago: executing program 2 (id=1389): r0 = socket(0xa, 0x6, 0x0) sendmsg$auto_NL80211_CMD_SET_FILS_AAD(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0xc011}, 0x480d1) keyctl$auto(0x8, 0xfffffffffffffffd, 0xffffffffffffffff, 0x5092, 0x2) setresuid$auto(0x2, 0x7, 0x8080) 2.115437231s ago: executing program 2 (id=1390): mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) (async) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x8, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') setreuid$auto(0x0, 0x20000000004) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x4, 0x6, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4000010}, 0x800) (async) sendmsg$auto_NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x4, 0x6, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4000010}, 0x800) sendmsg$auto_NLBL_CALIPSO_C_REMOVE(r0, &(0x7f0000000200)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, 0xfffffffffffffffe, 0x1, 0x0, 0x0, 0x4048001}, 0x0) ppoll$auto(&(0x7f0000000000)={r0, 0x2, 0xe06b}, 0x1, &(0x7f0000000140)={0x1000, 0x8}, &(0x7f0000000180)={0x3}, 0x6) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r1) r2 = syz_genetlink_get_family_id$auto_macsec(&(0x7f00000005c0), r0) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r1, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000600)={0x14, r2, 0x8ff972b65c311bf5, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x8090}, 0x4000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) (async) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) getdents$auto(0x0, 0x0, 0x100) (async) getdents$auto(0x0, 0x0, 0x100) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), r1) open(&(0x7f0000000080)='./cgroup\x00', 0x40001, 0x6) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_open_procfs$namespace(0xffffffffffffffff, 0x0) socket(0xa, 0x801, 0x84) (async) socket(0xa, 0x801, 0x84) socket(0xa, 0x2, 0x73) (async) socket(0xa, 0x2, 0x73) close_range$auto(0x2, 0x8000, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r3, 0x0, 0x0) ioperm$auto(0x10, 0x5, 0xd) 1.912899875s ago: executing program 2 (id=1391): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) sysfs$auto(0x2, 0x4, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00') socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) eventfd$auto(0x5f1) setresuid$auto(0x4006, 0xff, 0x6) setrlimit$auto(0x6, &(0x7f0000000140)={0x0, 0x6}) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) io_uring_setup$auto(0x2, &(0x7f0000000140)={0xa29, 0x4, 0x9876, 0x4, 0x80000001, 0x1, 0xd, [0x10000, 0xf, 0xc], {0x401, 0x4, 0x6d, 0x8, 0x6, 0x4, 0x10001, 0x947d, 0x51}, {0x4, 0x5, 0x4, 0x5f, 0xe, 0x4, 0xffff, 0x3, 0x1}}) setsockopt$auto(0x3, 0x10000000084, 0x1f, 0x0, 0x3ff) 1.654694623s ago: executing program 2 (id=1392): socket$auto(0x6, 0x1ff, 0x9) select$auto(0x1, &(0x7f0000000040)={[0x0, 0x3e5, 0x4b7, 0x2, 0x8, 0x9, 0x9e0a, 0xfffffffffffffffb, 0x4972, 0x31, 0xa, 0x10000, 0x6, 0x3, 0xa0d, 0x3ff]}, &(0x7f00000000c0)={[0xa, 0x9, 0xfffffffffffffffc, 0xf7f, 0x4, 0x4, 0xe, 0xf90b, 0x4db, 0xf45, 0x6, 0x2, 0x10001, 0x7, 0x6b, 0x8000000000000]}, &(0x7f0000000140)={[0x5, 0x7f, 0x4d0f, 0x1000, 0x81, 0x202, 0x5, 0x0, 0x6, 0x8, 0xdd, 0x79b, 0x80e4, 0x4, 0x4240, 0x7d]}, &(0x7f00000001c0)={0xa, 0x6}) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mmap$auto(0x0, 0x400008, 0x2, 0x9b72, 0xfffffffffffffff8, 0x8000) socket(0x28, 0x6, 0x3) select$auto(0x3, 0x0, &(0x7f0000000100)={[0xd, 0x200, 0x0, 0xc, 0x9, 0x3, 0x6, 0x101, 0x9, 0x7e, 0x4000000000000000, 0x7, 0x4, 0x5, 0x8, 0x6]}, 0x0, 0x0) fanotify_init$auto(0x5, 0x2) io_uring_setup$auto(0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c40400"}, 0x55) listen$auto(0x3, 0x83) mprotect$auto(0x1ffff002, 0x8000000000000001, 0x8) sendto$auto(0x3, 0x0, 0xf, 0x101, &(0x7f0000000140)={0x2, @sockaddr_1_1}, 0x1c) setfsuid$auto(0x2) setresuid$auto(0x0, 0x0, 0x4) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_MAC_ACL(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="3998a2b0f245d5e232e06c360000000bdd4723e58f0f5f12fc0f3ab7aa29ac35ebc9b2ae8c0d1f46bf4991f4", @ANYRES16=0x0, @ANYBLOB="efa02cbd7000fbdbdf255d000000"], 0x14}, 0x1, 0x0, 0x0, 0x20040081}, 0x8010) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) read$auto(0x3, 0x0, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00') close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) pidfd_open$auto(0x1, 0x0) ioctl$NS_GET_PARENT(r1, 0xff07, 0x0) socket(0x2, 0x5, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x83, 0x0, 0x8) 1.454918611s ago: executing program 0 (id=1393): mmap$auto(0x400000000, 0x20009, 0x10000000000e2, 0xeb2, 0x1, 0x8000) bpf$auto(0xd, &(0x7f0000000000)=@bpf_attr_11={0xf7fffffffffffffb, 0x9a, 0x80, 0x8, 0x7, 0x80000001, 0x6, 0x5}, 0x7) socket(0x18, 0x80000, 0xffffffff) select$auto(0x6d0c, 0x0, &(0x7f0000000100)={[0xd, 0x80000000000200, 0x800000000000008, 0xc, 0xc, 0x3, 0x3, 0x1, 0x9, 0x5e582972, 0x4000000000000000, 0x11, 0x92, 0x1fd, 0x8, 0x6]}, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) socket(0x2b, 0x5, 0x1) io_uring_register$auto(0xffffffffffffffff, 0xcbc, &(0x7f00000001c0)=[0x1, 0x7, 0xab, 0xe6], 0x5d59) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x17, &(0x7f0000000000), 0xffffffff) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) set_mempolicy_home_node$auto(0x600000, 0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x100, 0x2, 0x4, 0x4000000000001b, 0x33d, 0xcb) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0xa, 0x9) setreuid$auto(0x0, 0x20000000004) sendmsg$auto_NL80211_CMD_DEL_MPATH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000005304"], 0x14}, 0x1, 0x0, 0x0, 0x4040040}, 0x40010) setregid$auto(0x9, 0x7fffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x20000401, 0x4, 0x8000000000000000, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40808}, 0x4008000) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x2, 0x697b}, 0xed7138c}, 0x4, 0x0) setsockopt$auto(0x1, 0x1, 0x46, &(0x7f0000000040)='\xff', 0xbb) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000000), r1) mmap$auto(0xfffffffffffffb2a, 0x5, 0x101, 0x15, 0x2, 0x1) getpriority$auto(0x1, 0x1) 620.03159ms ago: executing program 2 (id=1394): open(&(0x7f0000000000)='./file0/file0\x00', 0x561342, 0x100) r0 = open(&(0x7f0000000080)='./file0\x00', 0x22000, 0x50) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendfile$auto(0x6, 0x3, 0x0, 0x8000) exit$auto(0x5f97) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x6ac, 0xffffffffffff0005, 0x19) open(0x0, 0x4242, 0xe1d2b27bdc14aabc) unshare$auto(0x40000080) clone$auto(0x8001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) writev$auto(0x1, &(0x7f0000000100)={&(0x7f0000000140), 0x400000000000fdef}, 0x1) vmsplice$auto(0x3, &(0x7f0000000080)={0x0, 0x6}, 0x9, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) ustat$auto(0x6, 0xfffffffffffffffd) madvise$auto(0x0, 0x1, 0x19) syz_genetlink_get_family_id$auto_802_15_4_MAC(&(0x7f00000000c0), 0xffffffffffffffff) socket(0x2, 0x5, 0x0) r1 = socket(0xa, 0x801, 0x84) bpf$auto(0x80, &(0x7f0000000180)=@bpf_attr_11={0x9, 0x7, 0x8, 0x7fffffff, 0x0, 0x5, 0x0, r0}, 0x2) select$auto(0xffffffff, 0x0, &(0x7f0000000100)={[0x8001, 0x203, 0x0, 0xc, 0xa, 0x3, 0x5, 0x6, 0x9, 0x5e58296f, 0xff, 0xa, 0x4, 0xaab, 0x5, 0x4006]}, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) sysinfo$auto(0x0) setsockopt$auto(0x3, 0x1, 0xd, 0x0, 0x8) close_range$auto(0x2, r1, 0xfffffffe) fcntl$auto(0x0, 0x407, 0x100000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) 569.03116ms ago: executing program 3 (id=1395): listmount$auto(&(0x7f0000000000)={0x2, 0x7, 0x5, 0x843, 0x3}, &(0x7f0000000040), 0x8, 0x7) socket(0xa, 0x1, 0x0) mmap$auto(0x0, 0x20007, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) r0 = getpgid(0x0) move_pages$auto(r0, 0xf54, 0x0, 0x0, 0x0, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b) connect$auto(0x3, 0x0, 0x54) 308.744443ms ago: executing program 0 (id=1396): r0 = socket(0xa, 0x2, 0x88) setsockopt$auto(r0, 0x9, 0x8, &(0x7f0000000000)=',]%*]@#\x00', 0x1) select$auto(0x6d0c, 0x0, &(0x7f0000000100)={[0x6, 0x200, 0x800000000000008, 0x5, 0x9, 0x5, 0xdc1, 0x1, 0x4000b, 0x5e582972, 0x4000000000000000, 0x14, 0x5, 0x8, 0x8, 0x6]}, 0x0, 0x0) madvise$auto(0x7a05eb43, 0x7ff, 0x7) (async) settimeofday$auto(&(0x7f0000000240)={0x8000000000000000, 0x4}, &(0x7f0000000280)={0x6e, 0x10001}) (async) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_MAC80211_HWSIM(&(0x7f0000000080), r1) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r3, 0x8, 0x70bd27, 0x25dfdbfc, {}, [@HWSIM_ATTR_FLAGS={0x8, 0x4, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x20000800) close_range$auto(0x2, 0x8, 0x0) (async) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) socket(0x2, 0x801, 0x6) (async) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) read$auto(0x3, 0x0, 0xf5bc) (async) io_uring_enter$auto(r1, 0xa84, 0x9, 0x7, 0x0, 0x4) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, 0x0, 0x40040c0) (async) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c457ffffffffffffff000300"}, 0x55) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) (async) sendmmsg$auto(0x3, 0x0, 0x7, 0x0) 0s ago: executing program 0 (id=1397): mmap$auto(0x0, 0x8, 0x3, 0x7fff, 0x2, 0x8000) (async) socket(0x2, 0x5, 0x0) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x71, 0x0, 0x8) kernel console output (not intermixed with test programs): active_file:0kB inactive_file:820kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:20kB local_pcp:12kB free_cma:0kB [ 155.995696][ T7090] lowmem_reserve[]: 0 0 0 0 0 [ 156.001499][ T7090] Node 1 Normal free:3928196kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:3240kB local_pcp:0kB free_cma:0kB [ 156.065577][ T7090] lowmem_reserve[]: 0 0 0 0 0 [ 156.070357][ T7090] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 156.115330][ T7090] Node 0 DMA32: 42*4kB (UE) 905*8kB (UM) 1990*16kB (UME) 1758*32kB (UME) 866*64kB (UME) 301*128kB (UME) 142*256kB (UME) 28*512kB (ME) 8*1024kB (UME) 2*2048kB (UM) 192*4096kB (UM) = 1038864kB [ 156.134492][ T7090] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 156.146353][ T7090] Node 1 Normal: 152*4kB (UME) 35*8kB (UME) 34*16kB (UME) 153*32kB (UME) 80*64kB (UME) 32*128kB (UE) 12*256kB (UME) 2*512kB (UM) 3*1024kB (UME) 5*2048kB (UME) 951*4096kB (UM) = 3928248kB [ 156.165099][ T7090] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 156.174785][ T7090] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 156.184164][ T7090] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 156.193824][ T7090] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 156.203554][ T7090] 104074 total pagecache pages [ 156.208856][ T7090] 0 pages in swap cache [ 156.213033][ T7090] Free swap = 124628kB [ 156.217493][ T7090] Total swap = 124996kB [ 156.221677][ T7090] 2097051 pages RAM [ 156.225587][ T7090] 0 pages HighMem/MovableOnly [ 156.230275][ T7090] 427373 pages reserved [ 156.234435][ T7090] 0 pages cma reserved [ 161.105364][ T7283] netlink: 4 bytes leftover after parsing attributes in process `syz.0.415'. [ 164.221979][ T6317] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.352572][ T7390] kernel read not supported for file /#E-\yċF B|ctpL#kZrV]Le- m,oOɧ (pid: 7390 comm: syz.1.443) [ 164.392553][ T6317] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.425847][ T29] audit: type=1800 audit(2147483653.322:2): pid=7390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.443" name=23452D5CF886C079018CC48BB4CA46A30B427C08A3A663917418DE704C23A8FD90F26B5AA17256B65D4C652D0C1A6DBE2CE66F4FC9A7 dev="mqueue" ino=16409 res=0 errno=0 [ 164.557939][ T6317] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.589477][ T5236] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 164.620494][ T5236] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 164.633522][ T5236] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 164.644304][ T5236] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 164.654147][ T5236] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 164.664076][ T5236] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 164.774414][ T6317] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 165.344012][ T7394] chnl_net:caif_netlink_parms(): no params data found [ 165.369000][ T6317] bridge_slave_1: left allmulticast mode [ 165.374704][ T6317] bridge_slave_1: left promiscuous mode [ 165.384977][ T6317] bridge0: port 2(bridge_slave_1) entered disabled state [ 165.435050][ T6317] bridge_slave_0: left allmulticast mode [ 165.475827][ T6317] bridge_slave_0: left promiscuous mode [ 165.481602][ T6317] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.294899][ T7439] netlink: 8 bytes leftover after parsing attributes in process `syz.3.450'. [ 166.609062][ T6317] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 166.641171][ T6317] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 166.669672][ T6317] bond0 (unregistering): Released all slaves [ 166.676336][ T5236] Bluetooth: hci3: command tx timeout [ 167.039929][ T7394] bridge0: port 1(bridge_slave_0) entered blocking state [ 167.060016][ T7394] bridge0: port 1(bridge_slave_0) entered disabled state [ 167.076113][ T7394] bridge_slave_0: entered allmulticast mode [ 167.093255][ T7394] bridge_slave_0: entered promiscuous mode [ 167.115790][ T7394] bridge0: port 2(bridge_slave_1) entered blocking state [ 167.140588][ T7394] bridge0: port 2(bridge_slave_1) entered disabled state [ 167.159243][ T7394] bridge_slave_1: entered allmulticast mode [ 167.173429][ T7394] bridge_slave_1: entered promiscuous mode [ 167.399792][ T7394] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 167.449162][ T7394] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 167.629976][ T6317] hsr_slave_0: left promiscuous mode [ 167.664764][ T6317] hsr_slave_1: left promiscuous mode [ 167.671536][ T6317] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 167.686052][ T6317] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 167.700088][ T6317] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 167.715508][ T6317] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 167.783847][ T6317] veth1_macvtap: left promiscuous mode [ 167.811986][ T6317] veth0_macvtap: left promiscuous mode [ 167.824445][ T6317] veth1_vlan: left promiscuous mode [ 167.844607][ T6317] veth0_vlan: left promiscuous mode [ 168.673292][ T6317] team0 (unregistering): Port device team_slave_1 removed [ 168.749606][ T6317] team0 (unregistering): Port device team_slave_0 removed [ 168.756050][ T5236] Bluetooth: hci3: command tx timeout [ 168.862158][ T29] audit: type=1326 audit(2147483657.755:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7529 comm="syz.2.469" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa57f37dff9 code=0x0 [ 169.274774][ T7394] team0: Port device team_slave_0 added [ 169.324463][ T7394] team0: Port device team_slave_1 added [ 169.406019][ T7394] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 169.413483][ T7394] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 169.452211][ T7394] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 169.522392][ T7394] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 169.571670][ T7394] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 169.633317][ T7394] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 169.875149][ T7394] hsr_slave_0: entered promiscuous mode [ 169.890157][ T7394] hsr_slave_1: entered promiscuous mode [ 169.910548][ T7394] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 169.924418][ T7394] Cannot create hsr debugfs directory [ 170.835586][ T5236] Bluetooth: hci3: command tx timeout [ 172.069601][ T7394] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 172.114339][ T7394] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 172.145431][ T7394] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 172.164252][ T7394] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 172.277131][ T7574] cgroup: fork rejected by pids controller in /syz1 [ 172.339377][ T7394] 8021q: adding VLAN 0 to HW filter on device bond0 [ 172.390394][ T7394] 8021q: adding VLAN 0 to HW filter on device team0 [ 172.425787][ T6318] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.432947][ T6318] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.502287][ T6318] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.509456][ T6318] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.926125][ T5236] Bluetooth: hci3: command tx timeout [ 173.041411][ T7394] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 173.082641][ T7394] veth0_vlan: entered promiscuous mode [ 173.100595][ T7394] veth1_vlan: entered promiscuous mode [ 173.155444][ T7394] veth0_macvtap: entered promiscuous mode [ 173.164767][ T7394] veth1_macvtap: entered promiscuous mode [ 173.207984][ T7394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 173.224332][ T7394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.243551][ T7394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 173.274950][ T7394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.304796][ T7394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 173.332877][ T7394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.369470][ T7394] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 173.389235][ T7394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 173.419464][ T7394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.446373][ T7394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 173.471088][ T7394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.511996][ T7394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 173.537095][ T7394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.562504][ T7394] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 173.653019][ T7394] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.685417][ T7394] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.694177][ T7394] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.735383][ T7394] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.050519][ T6322] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 174.075283][ T6322] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 174.091207][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 174.130290][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 177.265048][ T7809] netlink: 12 bytes leftover after parsing attributes in process `syz.2.498'. [ 177.378568][ T7811] netlink: 'syz.0.500': attribute type 11 has an invalid length. [ 179.475653][ T7866] syz.2.513 (7866) used greatest stack depth: 20400 bytes left [ 180.658482][ T7900] netlink: 8 bytes leftover after parsing attributes in process `syz.2.519'. [ 180.906709][ T7903] svc: failed to register nfsdv3 RPC service (errno 111). [ 180.971610][ T7903] svc: failed to register nfsaclv3 RPC service (errno 111). [ 181.255468][ T5229] Bluetooth: hci2: command 0x0406 tx timeout [ 181.261536][ T5229] Bluetooth: hci0: command 0x0406 tx timeout [ 181.498775][ T7909] svc: failed to register nfsdv3 RPC service (errno 111). [ 181.540265][ T7909] svc: failed to register nfsaclv3 RPC service (errno 512). [ 184.917496][ T8010] netlink: 'syz.3.546': attribute type 1 has an invalid length. [ 184.974085][ T8010] netlink: 48 bytes leftover after parsing attributes in process `syz.3.546'. [ 187.018646][ T6322] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.234910][ T53] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 187.244209][ T53] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 187.252332][ T53] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 187.260777][ T53] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 187.269045][ T53] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 187.276467][ T53] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 187.327051][ T6322] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.589712][ T6322] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.869921][ T6322] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 188.276224][ T6322] bridge_slave_1: left allmulticast mode [ 188.282001][ T6322] bridge_slave_1: left promiscuous mode [ 188.315466][ T6322] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.375915][ T6322] bridge_slave_0: left allmulticast mode [ 188.381886][ T6322] bridge_slave_0: left promiscuous mode [ 188.396582][ T6322] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.315352][ T53] Bluetooth: hci3: command tx timeout [ 189.590065][ T6322] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 189.613626][ T6322] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 189.641249][ T6322] bond0 (unregistering): Released all slaves [ 189.682292][ T8068] chnl_net:caif_netlink_parms(): no params data found [ 189.865440][ T29] audit: type=1326 audit(8277292036.180:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.3.569" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fab72f7dff9 code=0x0 [ 190.210901][ T8068] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.235819][ T8068] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.253261][ T8068] bridge_slave_0: entered allmulticast mode [ 190.264571][ T8068] bridge_slave_0: entered promiscuous mode [ 190.388975][ T8068] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.412018][ T8068] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.420103][ T8068] bridge_slave_1: entered allmulticast mode [ 190.432956][ T8068] bridge_slave_1: entered promiscuous mode [ 190.645615][ T6322] hsr_slave_0: left promiscuous mode [ 190.745369][ T6322] hsr_slave_1: left promiscuous mode [ 190.801793][ T6322] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 190.810449][ T6322] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 190.887552][ T6322] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 190.895008][ T6322] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 190.945926][ T8140] Process accounting resumed [ 191.018228][ T6322] veth1_macvtap: left promiscuous mode [ 191.024033][ T6322] veth0_macvtap: left promiscuous mode [ 191.045571][ T6322] veth1_vlan: left promiscuous mode [ 191.052507][ T6322] veth0_vlan: left promiscuous mode [ 191.395572][ T53] Bluetooth: hci3: command tx timeout [ 191.816886][ T6322] team0 (unregistering): Port device team_slave_1 removed [ 191.859720][ T6322] team0 (unregistering): Port device team_slave_0 removed [ 192.410819][ T8068] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 192.437243][ T8068] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 192.533746][ T8068] team0: Port device team_slave_0 added [ 192.544780][ T8068] team0: Port device team_slave_1 added [ 192.603862][ T8068] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 192.621664][ T8068] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 192.648211][ T8068] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 192.668032][ T8068] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 192.680439][ T8068] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 192.710205][ T8068] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 192.838282][ T8068] hsr_slave_0: entered promiscuous mode [ 192.845092][ T8068] hsr_slave_1: entered promiscuous mode [ 192.856242][ T8068] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 192.864293][ T8068] Cannot create hsr debugfs directory [ 193.180992][ T8150] syz.1.573 (8150): attempted to duplicate a private mapping with mremap. This is not supported. [ 193.475486][ T53] Bluetooth: hci3: command tx timeout [ 193.922049][ T8068] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 193.965678][ T8068] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 194.009167][ T8068] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 194.039435][ T8068] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 194.322493][ T8068] 8021q: adding VLAN 0 to HW filter on device bond0 [ 194.424228][ T8068] 8021q: adding VLAN 0 to HW filter on device team0 [ 194.491293][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.498480][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 194.518125][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.524467][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.566384][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.573518][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 195.195146][ T8068] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 195.321039][ T8068] veth0_vlan: entered promiscuous mode [ 195.380056][ T8068] veth1_vlan: entered promiscuous mode [ 195.462123][ T8068] veth0_macvtap: entered promiscuous mode [ 195.498003][ T8068] veth1_macvtap: entered promiscuous mode [ 195.555325][ T53] Bluetooth: hci3: command tx timeout [ 195.564891][ T8068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.608677][ T8068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.642446][ T8068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.675226][ T8068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.685093][ T8068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.725221][ T8068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.762166][ T8068] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 195.837214][ T8068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 195.865011][ T8068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.922626][ T8068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 195.949627][ T8068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.985314][ T8068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 196.006035][ T8068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.017198][ T8068] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 196.187802][ T8068] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.201800][ T8068] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.240689][ T8068] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.285257][ T8068] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.780789][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 196.800770][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 196.926892][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 196.961305][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 198.142505][ T29] audit: type=1326 audit(8277292044.460:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8275 comm="syz.0.591" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fef9a17dff9 code=0x0 [ 205.070291][ T8423] netlink: 4 bytes leftover after parsing attributes in process `syz.0.624'. [ 205.231435][ T8423] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 209.463740][ T8540] netlink: 'syz.3.651': attribute type 3 has an invalid length. [ 210.093921][ T29] audit: type=1326 audit(8277292056.410:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8548 comm="syz.2.653" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa57f37dff9 code=0x0 [ 214.272163][ T8592] delete_channel: no stack [ 214.979729][ T8665] netlink: 8 bytes leftover after parsing attributes in process `syz.0.681'. [ 217.475343][ T8704] svc: failed to register nfsdv3 RPC service (errno 111). [ 217.540919][ T8704] svc: failed to register nfsaclv3 RPC service (errno 111). [ 218.814350][ T5236] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 218.838620][ T5236] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 218.846814][ T5236] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 218.860341][ T5236] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 218.873499][ T5236] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 218.895102][ T5236] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 219.509737][ T8736] chnl_net:caif_netlink_parms(): no params data found [ 219.848525][ T8736] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.865246][ T8736] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.872503][ T8736] bridge_slave_0: entered allmulticast mode [ 219.887865][ T8736] bridge_slave_0: entered promiscuous mode [ 219.898407][ T8736] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.915345][ T8736] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.922594][ T8736] bridge_slave_1: entered allmulticast mode [ 219.952602][ T8736] bridge_slave_1: entered promiscuous mode [ 220.102402][ T8736] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 220.128222][ T8736] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 220.352816][ T8736] team0: Port device team_slave_0 added [ 220.388648][ T8736] team0: Port device team_slave_1 added [ 220.471666][ T8736] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 220.485330][ T8736] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 220.552388][ T8736] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 220.575655][ T8736] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 220.582635][ T8736] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 220.669534][ T8736] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 220.888882][ T8736] hsr_slave_0: entered promiscuous mode [ 220.936083][ T8736] hsr_slave_1: entered promiscuous mode [ 220.958670][ T8736] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 220.980414][ T8736] Cannot create hsr debugfs directory [ 220.995649][ T53] Bluetooth: hci0: command tx timeout [ 221.593981][ T8736] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.015880][ T8736] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.254219][ T8787] kexec: Could not allocate control_code_buffer [ 222.287873][ T8736] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.512226][ T8736] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.898150][ T8736] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 222.962858][ T8736] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 222.983605][ T8736] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 223.054976][ T8736] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 223.090221][ T53] Bluetooth: hci0: command tx timeout [ 223.166637][ T8736] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.183721][ T8736] 8021q: adding VLAN 0 to HW filter on device team0 [ 223.216825][ T8736] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 223.227455][ T8736] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 223.250651][ T6315] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.257832][ T6315] bridge0: port 1(bridge_slave_0) entered forwarding state [ 223.273273][ T8811] nbd: must specify at least one socket [ 223.362959][ T6315] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.370137][ T6315] bridge0: port 2(bridge_slave_1) entered forwarding state [ 223.709359][ T8736] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 223.924314][ T8736] veth0_vlan: entered promiscuous mode [ 223.965837][ T8736] veth1_vlan: entered promiscuous mode [ 224.044824][ T8736] veth0_macvtap: entered promiscuous mode [ 224.288731][ T8736] veth1_macvtap: entered promiscuous mode [ 224.305577][ T8736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 224.316118][ T8736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.326025][ T8736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 224.336663][ T8736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.346595][ T8736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 224.357252][ T8736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.367174][ T8736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 224.377838][ T8736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.389967][ T8736] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 224.400893][ T8736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 224.411612][ T8736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.421649][ T8736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 224.432165][ T8736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.442104][ T8736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 224.452632][ T8736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.462498][ T8736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 224.473026][ T8736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.484066][ T8736] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 224.554781][ T8852] netlink: 8 bytes leftover after parsing attributes in process `syz.1.727'. [ 224.566276][ T8736] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.575025][ T8736] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.583842][ T8736] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.592672][ T8736] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.774966][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 224.821851][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 224.890334][ T6322] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 224.904120][ T6322] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 224.938175][ T29] audit: type=1326 audit(8277292071.253:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8854 comm="syz.3.729" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fab72f7dff9 code=0x0 [ 225.155418][ T53] Bluetooth: hci0: command tx timeout [ 227.235666][ T53] Bluetooth: hci0: command tx timeout [ 230.560608][ T6317] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 230.746955][ T6317] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 230.922907][ T6317] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.099435][ T6317] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.165559][ T9017] netlink: 342 bytes leftover after parsing attributes in process `syz.2.768'. [ 231.255831][ T5236] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 231.266766][ T5236] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 231.277574][ T5236] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 231.287258][ T5236] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 231.295371][ T5236] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 231.302681][ T5236] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 231.572439][ T6317] bridge_slave_1: left allmulticast mode [ 231.578312][ T6317] bridge_slave_1: left promiscuous mode [ 231.584065][ T6317] bridge0: port 2(bridge_slave_1) entered disabled state [ 231.618298][ T6317] bridge_slave_0: left allmulticast mode [ 231.623994][ T6317] bridge_slave_0: left promiscuous mode [ 231.635492][ T6317] bridge0: port 1(bridge_slave_0) entered disabled state [ 232.313452][ T6317] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 232.337380][ T6317] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 232.359601][ T6317] bond0 (unregistering): Released all slaves [ 232.820828][ T9024] chnl_net:caif_netlink_parms(): no params data found [ 233.315328][ T53] Bluetooth: hci3: command tx timeout [ 233.324407][ T9024] bridge0: port 1(bridge_slave_0) entered blocking state [ 233.332021][ T9024] bridge0: port 1(bridge_slave_0) entered disabled state [ 233.339338][ T9024] bridge_slave_0: entered allmulticast mode [ 233.346498][ T9024] bridge_slave_0: entered promiscuous mode [ 233.400254][ T9024] bridge0: port 2(bridge_slave_1) entered blocking state [ 233.407778][ T9024] bridge0: port 2(bridge_slave_1) entered disabled state [ 233.416743][ T9024] bridge_slave_1: entered allmulticast mode [ 233.424189][ T9024] bridge_slave_1: entered promiscuous mode [ 233.645293][ T9096] svc: failed to register nfsdv3 RPC service (errno 111). [ 233.663777][ T9092] nbd: must specify at least one socket [ 233.723717][ T9096] svc: failed to register nfsaclv3 RPC service (errno 111). [ 233.793571][ T9024] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 233.949068][ T9024] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 234.107516][ T9024] team0: Port device team_slave_0 added [ 234.120727][ T6317] hsr_slave_0: left promiscuous mode [ 234.240091][ T6317] hsr_slave_1: left promiscuous mode [ 234.311480][ T6317] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 234.319361][ T6317] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 234.372104][ T6317] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 234.379907][ T6317] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 234.445105][ T6317] veth1_macvtap: left promiscuous mode [ 234.458408][ T6317] veth0_macvtap: left promiscuous mode [ 234.464051][ T6317] veth1_vlan: left promiscuous mode [ 234.469609][ T6317] veth0_vlan: left promiscuous mode [ 234.970024][ T9132] cgroup: fork rejected by pids controller in /syz3 [ 235.398619][ T53] Bluetooth: hci3: command tx timeout [ 237.475428][ T53] Bluetooth: hci3: command tx timeout [ 238.333244][ T6317] team0 (unregistering): Port device team_slave_1 removed [ 238.383724][ T6317] team0 (unregistering): Port device team_slave_0 removed [ 238.692787][ T9024] team0: Port device team_slave_1 added [ 238.809037][ T9024] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 238.842590][ T9024] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 238.900543][ T9024] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 238.921183][ T9024] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 238.965480][ T9024] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 239.062801][ T9024] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 239.191921][ T9024] hsr_slave_0: entered promiscuous mode [ 239.232579][ T9024] hsr_slave_1: entered promiscuous mode [ 239.239625][ T9024] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 239.248862][ T9024] Cannot create hsr debugfs directory [ 239.300794][ T9247] netlink: 28 bytes leftover after parsing attributes in process `syz.1.794'. [ 239.310972][ T9247] netlink: 28 bytes leftover after parsing attributes in process `syz.1.794'. [ 239.558855][ T53] Bluetooth: hci3: command tx timeout [ 239.676542][ T9247] syz.1.794 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 239.913152][ T6317] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.080618][ T6317] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.109345][ T5236] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 240.120989][ T5236] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 240.139981][ T5236] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 240.149160][ T5236] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 240.159200][ T5236] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 240.166769][ T5236] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 240.535386][ T6317] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.752370][ T6317] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.992961][ T9024] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 241.044946][ T9024] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 241.072069][ T9024] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 241.114597][ T9024] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 241.145368][ T6317] bridge_slave_1: left allmulticast mode [ 241.158010][ T6317] bridge_slave_1: left promiscuous mode [ 241.175416][ T6317] bridge0: port 2(bridge_slave_1) entered disabled state [ 241.192768][ T6317] bridge_slave_0: left allmulticast mode [ 241.210228][ T6317] bridge_slave_0: left promiscuous mode [ 241.231447][ T6317] bridge0: port 1(bridge_slave_0) entered disabled state [ 242.311858][ T5236] Bluetooth: hci2: command tx timeout [ 242.355720][ T6317] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 242.386106][ T6317] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 242.412499][ T9324] FAULT_INJECTION: forcing a failure. [ 242.412499][ T9324] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 242.428178][ T6317] bond0 (unregistering): Released all slaves [ 242.467898][ T9324] CPU: 0 UID: 0 PID: 9324 Comm: syz.1.808 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 242.478550][ T9324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 242.488638][ T9324] Call Trace: [ 242.491930][ T9324] [ 242.494887][ T9324] dump_stack_lvl+0x16c/0x1f0 [ 242.499616][ T9324] should_fail_ex+0x497/0x5b0 [ 242.504333][ T9324] _copy_from_user+0x30/0xf0 [ 242.508957][ T9324] copy_msghdr_from_user+0x99/0x160 [ 242.514186][ T9324] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 242.520033][ T9324] ? kfree+0x274/0x4b0 [ 242.524129][ T9324] ? __pfx___lock_acquire+0x10/0x10 [ 242.529370][ T9324] ___sys_recvmsg+0xdc/0x1a0 [ 242.533995][ T9324] ? __pfx____sys_recvmsg+0x10/0x10 [ 242.539230][ T9324] ? find_held_lock+0x2d/0x110 [ 242.544036][ T9324] ? lock_acquire+0x2f/0xb0 [ 242.548566][ T9324] ? __pfx___might_resched+0x10/0x10 [ 242.553872][ T9324] ? __might_fault+0xe3/0x190 [ 242.558574][ T9324] do_recvmmsg+0x2ba/0x750 [ 242.563030][ T9324] ? __pfx_do_recvmmsg+0x10/0x10 [ 242.568013][ T9324] ? vfs_write+0x14d/0x1140 [ 242.572548][ T9324] ? __mutex_unlock_slowpath+0x164/0x650 [ 242.578223][ T9324] ? __fget_files+0x244/0x3f0 [ 242.582933][ T9324] __x64_sys_recvmmsg+0x239/0x290 [ 242.588001][ T9324] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 242.593587][ T9324] do_syscall_64+0xcd/0x250 [ 242.598125][ T9324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.604055][ T9324] RIP: 0033:0x7f237f77dff9 [ 242.608499][ T9324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 242.628571][ T9324] RSP: 002b:00007f238053f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 242.637017][ T9324] RAX: ffffffffffffffda RBX: 00007f237f935f80 RCX: 00007f237f77dff9 [ 242.645016][ T9324] RDX: 0000000000010100 RSI: 0000000000000000 RDI: 0000000000000003 [ 242.653007][ T9324] RBP: 00007f238053f090 R08: 0000000000000000 R09: 0000000000000000 [ 242.661002][ T9324] R10: 0000000000010001 R11: 0000000000000246 R12: 0000000000000001 [ 242.669009][ T9324] R13: 0000000000000000 R14: 00007f237f935f80 R15: 00007fff5de5a978 [ 242.677119][ T9324] [ 242.878354][ T9272] chnl_net:caif_netlink_parms(): no params data found [ 243.632473][ T6317] hsr_slave_0: left promiscuous mode [ 243.696466][ T6317] hsr_slave_1: left promiscuous mode [ 243.747785][ T6317] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 243.758733][ T6317] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 243.791517][ T6317] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 243.812020][ T6317] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 243.892118][ T6317] veth1_macvtap: left promiscuous mode [ 243.902701][ T6317] veth0_macvtap: left promiscuous mode [ 243.920300][ T6317] veth1_vlan: left promiscuous mode [ 243.934561][ T6317] veth0_vlan: left promiscuous mode [ 244.359695][ T5236] Bluetooth: hci2: command tx timeout [ 244.871740][ T6317] team0 (unregistering): Port device team_slave_1 removed [ 244.967266][ T6317] team0 (unregistering): Port device team_slave_0 removed [ 245.737639][ T9272] bridge0: port 1(bridge_slave_0) entered blocking state [ 245.744917][ T9272] bridge0: port 1(bridge_slave_0) entered disabled state [ 245.765291][ T9272] bridge_slave_0: entered allmulticast mode [ 245.783418][ T9272] bridge_slave_0: entered promiscuous mode [ 245.797701][ T9272] bridge0: port 2(bridge_slave_1) entered blocking state [ 245.816641][ T9272] bridge0: port 2(bridge_slave_1) entered disabled state [ 245.823879][ T9272] bridge_slave_1: entered allmulticast mode [ 245.850276][ T9272] bridge_slave_1: entered promiscuous mode [ 245.983773][ T9272] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 246.003939][ T9272] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 246.151129][ T9272] team0: Port device team_slave_0 added [ 246.176154][ T9024] 8021q: adding VLAN 0 to HW filter on device bond0 [ 246.214915][ T9272] team0: Port device team_slave_1 added [ 246.311033][ T9272] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 246.328928][ T9272] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 246.384660][ T9272] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 246.432165][ T9024] 8021q: adding VLAN 0 to HW filter on device team0 [ 246.445822][ T53] Bluetooth: hci2: command tx timeout [ 246.450115][ T9272] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 246.465230][ T9272] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 246.509262][ T9272] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 246.577617][ T9272] hsr_slave_0: entered promiscuous mode [ 246.584165][ T9272] hsr_slave_1: entered promiscuous mode [ 246.610031][ T9272] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 246.625529][ T9272] Cannot create hsr debugfs directory [ 246.783230][ T6318] bridge0: port 1(bridge_slave_0) entered blocking state [ 246.790445][ T6318] bridge0: port 1(bridge_slave_0) entered forwarding state [ 246.853164][ T6322] bridge0: port 2(bridge_slave_1) entered blocking state [ 246.860382][ T6322] bridge0: port 2(bridge_slave_1) entered forwarding state [ 247.121095][ T9024] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 247.639575][ T9272] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 247.667412][ T9272] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 247.698847][ T9272] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 247.729060][ T9272] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 247.797298][ T53] Bluetooth: hci1: command 0x0406 tx timeout [ 247.811434][ T9024] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 247.952331][ T9024] veth0_vlan: entered promiscuous mode [ 248.026486][ T9024] veth1_vlan: entered promiscuous mode [ 248.087279][ T9272] 8021q: adding VLAN 0 to HW filter on device bond0 [ 248.164713][ T9272] 8021q: adding VLAN 0 to HW filter on device team0 [ 248.195082][ T9024] veth0_macvtap: entered promiscuous mode [ 248.238844][ T6322] bridge0: port 1(bridge_slave_0) entered blocking state [ 248.246031][ T6322] bridge0: port 1(bridge_slave_0) entered forwarding state [ 248.282696][ T9024] veth1_macvtap: entered promiscuous mode [ 248.333275][ T6314] bridge0: port 2(bridge_slave_1) entered blocking state [ 248.340457][ T6314] bridge0: port 2(bridge_slave_1) entered forwarding state [ 248.421108][ T9024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 248.462149][ T9024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.499228][ T9024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 248.521525][ T5236] Bluetooth: hci2: command tx timeout [ 248.544904][ T9024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.578999][ T9024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 248.617201][ T9024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.628877][ T9024] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 248.666710][ T9024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 248.683603][ T9024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.709760][ T9024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 248.733430][ T9024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.745646][ T9024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 248.771711][ T9024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.783998][ T9024] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 248.824087][ T9024] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 248.834957][ T9024] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 248.844311][ T9024] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 248.854897][ T9024] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.022668][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 249.053985][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 249.118829][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 249.143497][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 249.352367][ T9272] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 249.512647][ T9272] veth0_vlan: entered promiscuous mode [ 249.591462][ T9272] veth1_vlan: entered promiscuous mode [ 249.714294][ T9272] veth0_macvtap: entered promiscuous mode [ 249.762276][ T9272] veth1_macvtap: entered promiscuous mode [ 249.778663][ T9272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 249.789667][ T9272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.800009][ T9272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 249.811271][ T9272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.821994][ T9272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 249.832619][ T9272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.842580][ T9272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 249.853125][ T9272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.865129][ T9272] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 249.875743][ T9272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 249.886923][ T9272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.897102][ T9272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 249.907964][ T9272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.918211][ T9272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 249.928708][ T9272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.938595][ T9272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 249.949116][ T9272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.960380][ T9272] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 249.982622][ T9272] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.991704][ T9272] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.000499][ T9272] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.015279][ T9272] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.135649][ T6317] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 250.143540][ T6317] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 250.198018][ T6318] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 250.206140][ T6318] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 251.205848][ T9557] syz.1.836 (9557) used greatest stack depth: 20304 bytes left [ 252.574028][ T9623] netlink: 'syz.0.853': attribute type 2 has an invalid length. [ 256.026355][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.032727][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.123505][ T53] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 256.134775][ T53] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 256.142915][ T53] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 256.152498][ T53] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 256.160210][ T53] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 256.167692][ T53] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 256.419573][ T51] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 256.861998][ T51] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.048338][ T51] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.079671][ T9723] kexec: Could not allocate control_code_buffer [ 257.260294][ T51] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.341467][ T9728] chnl_net:caif_netlink_parms(): no params data found [ 257.623438][ T9728] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.645298][ T9728] bridge0: port 1(bridge_slave_0) entered disabled state [ 257.652893][ T9728] bridge_slave_0: entered allmulticast mode [ 257.681510][ T9728] bridge_slave_0: entered promiscuous mode [ 257.706060][ T9728] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.713174][ T9728] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.754214][ T9728] bridge_slave_1: entered allmulticast mode [ 257.776329][ T9728] bridge_slave_1: entered promiscuous mode [ 257.998873][ T9728] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 258.057484][ T9728] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 258.196253][ T51] bridge_slave_1: left allmulticast mode [ 258.208946][ T51] bridge_slave_1: left promiscuous mode [ 258.226582][ T51] bridge0: port 2(bridge_slave_1) entered disabled state [ 258.239121][ T51] bridge_slave_0: left allmulticast mode [ 258.244807][ T51] bridge_slave_0: left promiscuous mode [ 258.260885][ T51] bridge0: port 1(bridge_slave_0) entered disabled state [ 258.281044][ T5236] Bluetooth: hci3: command tx timeout [ 259.568735][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 259.605644][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 259.657491][ T51] bond0 (unregistering): Released all slaves [ 259.732662][ T9728] team0: Port device team_slave_0 added [ 259.814414][ T9728] team0: Port device team_slave_1 added [ 260.356471][ T5236] Bluetooth: hci3: command tx timeout [ 260.426656][ T9728] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 260.433683][ T9728] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 260.461159][ T9728] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 260.477953][ T9728] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 260.485007][ T9728] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 260.511227][ T9728] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 260.997092][ T9728] hsr_slave_0: entered promiscuous mode [ 261.045704][ T9728] hsr_slave_1: entered promiscuous mode [ 261.078149][ T9728] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 261.098577][ T9728] Cannot create hsr debugfs directory [ 261.635920][ T51] hsr_slave_0: left promiscuous mode [ 261.687517][ T51] hsr_slave_1: left promiscuous mode [ 261.835486][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 261.853201][ T51] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 262.006130][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 262.013578][ T51] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 262.121134][ T51] veth1_macvtap: left promiscuous mode [ 262.152973][ T51] veth0_macvtap: left promiscuous mode [ 262.175429][ T51] veth1_vlan: left promiscuous mode [ 262.205417][ T51] veth0_vlan: left promiscuous mode [ 262.445247][ T5236] Bluetooth: hci3: command tx timeout [ 263.678430][ T51] team0 (unregistering): Port device team_slave_1 removed [ 263.777692][ T51] team0 (unregistering): Port device team_slave_0 removed [ 264.515513][ T5236] Bluetooth: hci3: command tx timeout [ 265.693997][ T9728] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 265.734887][ T9728] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 265.795273][ T9728] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 265.831819][ T9728] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 266.048058][ T9728] 8021q: adding VLAN 0 to HW filter on device bond0 [ 266.087056][ T9728] 8021q: adding VLAN 0 to HW filter on device team0 [ 266.164455][ T6318] bridge0: port 1(bridge_slave_0) entered blocking state [ 266.171692][ T6318] bridge0: port 1(bridge_slave_0) entered forwarding state [ 266.235854][ T6318] bridge0: port 2(bridge_slave_1) entered blocking state [ 266.242989][ T6318] bridge0: port 2(bridge_slave_1) entered forwarding state [ 266.253663][ T9920] svc: failed to register nfsdv3 RPC service (errno 111). [ 266.301994][ T9923] nbd: must specify at least one socket [ 266.326630][ T9728] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 266.341041][ T9920] svc: failed to register nfsaclv3 RPC service (errno 111). [ 266.655489][ T9935] delete_channel: no stack [ 266.660360][ T9935] delete_channel: no stack [ 266.761371][ T9935] delete_channel: no stack [ 266.770359][ T9935] delete_channel: no stack [ 266.784915][ T9935] delete_channel: no stack [ 266.791584][ T9935] delete_channel: no stack [ 266.797252][ T9935] delete_channel: no stack [ 266.809453][ T9935] delete_channel: no stack [ 266.814488][ T9935] delete_channel: no stack [ 266.819327][ T9935] delete_channel: no stack [ 266.827636][ T9935] delete_channel: no stack [ 266.832514][ T9935] delete_channel: no stack [ 266.837514][ T9935] delete_channel: no stack [ 266.862821][ T9728] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 266.894850][ T9728] veth0_vlan: entered promiscuous mode [ 266.907448][ T9728] veth1_vlan: entered promiscuous mode [ 266.928662][ T9728] veth0_macvtap: entered promiscuous mode [ 266.938614][ T9728] veth1_macvtap: entered promiscuous mode [ 266.952969][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 266.963533][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.973509][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 266.984328][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.994486][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 267.005394][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.015623][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 267.026131][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.037308][ T9728] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 267.046959][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 267.057483][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.067359][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 267.078109][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.088460][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 267.099174][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.109349][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 267.120172][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.131357][ T9728] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 267.141487][ T9728] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.150295][ T9728] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.165255][ T9728] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.174336][ T9728] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.198268][ T9935] delete_channel: no stack [ 267.202888][ T9935] delete_channel: no stack [ 267.215451][ T9935] delete_channel: no stack [ 267.225456][ T9935] delete_channel: no stack [ 267.235364][ T9935] delete_channel: no stack [ 267.240025][ T9935] delete_channel: no stack [ 267.250187][ T9935] delete_channel: no stack [ 267.260316][ T9935] delete_channel: no stack [ 267.270426][ T9935] delete_channel: no stack [ 267.281248][ T9935] delete_channel: no stack [ 267.295352][ T9935] delete_channel: no stack [ 267.299922][ T9935] delete_channel: no stack [ 267.304485][ T9935] delete_channel: no stack [ 267.309672][ T9935] delete_channel: no stack [ 267.314210][ T9935] delete_channel: no stack [ 267.318920][ T9935] delete_channel: no stack [ 267.323555][ T9935] delete_channel: no stack [ 267.330152][ T9935] delete_channel: no stack [ 267.334796][ T9935] delete_channel: no stack [ 267.339372][ T9935] delete_channel: no stack [ 270.577268][ T6303] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 270.586525][ T2564] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 270.594350][ T2564] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 270.601724][ T6303] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 271.513090][ T9981] delete_channel: no stack [ 275.908813][T10084] delete_channel: no stack [ 276.715925][ T53] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 276.727162][ T53] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 276.735481][ T53] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 276.743364][ T53] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 276.752104][ T53] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 276.759705][ T53] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 277.269959][T10116] chnl_net:caif_netlink_parms(): no params data found [ 277.557910][T10116] bridge0: port 1(bridge_slave_0) entered blocking state [ 277.565043][T10116] bridge0: port 1(bridge_slave_0) entered disabled state [ 277.648389][T10116] bridge_slave_0: entered allmulticast mode [ 277.686528][T10116] bridge_slave_0: entered promiscuous mode [ 277.728708][T10116] bridge0: port 2(bridge_slave_1) entered blocking state [ 277.775576][T10116] bridge0: port 2(bridge_slave_1) entered disabled state [ 277.795504][T10116] bridge_slave_1: entered allmulticast mode [ 277.835906][T10116] bridge_slave_1: entered promiscuous mode [ 277.938431][T10116] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 278.005744][T10116] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 278.161172][T10116] team0: Port device team_slave_0 added [ 278.185143][T10116] team0: Port device team_slave_1 added [ 278.251551][T10116] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 278.273888][T10116] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 278.344533][T10116] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 278.387063][T10116] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 278.394041][T10116] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 278.475088][T10116] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 278.612583][T10116] hsr_slave_0: entered promiscuous mode [ 278.630675][T10116] hsr_slave_1: entered promiscuous mode [ 278.652541][T10116] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 278.674137][T10116] Cannot create hsr debugfs directory [ 278.835351][ T5236] Bluetooth: hci4: command tx timeout [ 280.189132][T10116] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.359577][T10116] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.874865][T10116] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.918696][ T5236] Bluetooth: hci4: command tx timeout [ 281.558584][T10116] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 281.910179][T10116] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 281.943739][T10116] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 281.995818][T10116] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 282.015108][T10116] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 282.290016][T10116] 8021q: adding VLAN 0 to HW filter on device bond0 [ 282.362517][T10116] 8021q: adding VLAN 0 to HW filter on device team0 [ 282.408105][ T6316] bridge0: port 1(bridge_slave_0) entered blocking state [ 282.415264][ T6316] bridge0: port 1(bridge_slave_0) entered forwarding state [ 282.441125][ T6316] bridge0: port 2(bridge_slave_1) entered blocking state [ 282.448297][ T6316] bridge0: port 2(bridge_slave_1) entered forwarding state [ 282.642666][T10116] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 282.655260][T10116] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 282.995985][ T5236] Bluetooth: hci4: command tx timeout [ 283.207242][T10116] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 283.284695][T10116] veth0_vlan: entered promiscuous mode [ 283.309691][T10116] veth1_vlan: entered promiscuous mode [ 283.373178][T10116] veth0_macvtap: entered promiscuous mode [ 283.394419][T10116] veth1_macvtap: entered promiscuous mode [ 283.448261][T10116] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 283.459686][T10116] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.471476][T10116] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 283.486265][T10116] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.497952][T10116] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 283.585255][T10116] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.605938][T10116] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 283.635692][T10116] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.664375][T10116] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 283.685712][T10116] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.723195][T10116] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 283.766872][T10116] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.787539][T10116] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.809803][T10116] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.820932][T10116] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.852335][T10116] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.874166][T10116] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.923314][T10116] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.975255][T10116] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.995973][T10116] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.017022][T10184] kexec: Could not allocate control_code_buffer [ 284.023370][T10116] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.056252][T10116] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 284.069279][T10116] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.100163][T10116] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.136204][T10116] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.144943][T10116] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.523001][ T6316] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 284.544222][ T6316] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 284.574671][ T6318] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 284.597907][ T6318] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 285.075338][ T5236] Bluetooth: hci4: command tx timeout [ 285.556740][T10243] kernel read not supported for file /#)-\&[} (pid: 10243 comm: syz.1.984) [ 285.575389][ T29] audit: type=1800 audit(8277292066.640:8): pid=10243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.984" name="#)-\&[}" dev="mqueue" ino=25309 res=0 errno=0 [ 286.762451][T10269] netlink: 4 bytes leftover after parsing attributes in process `syz.1.992'. [ 286.810192][T10272] netlink: 4 bytes leftover after parsing attributes in process `syz.1.992'. [ 286.879313][T10277] ptrace attach of "./syz-executor exec"[10116] was attempted by "./syz-executor exec"[10277] [ 287.975144][T10290] netlink: 8 bytes leftover after parsing attributes in process `syz.2.996'. [ 295.470491][ T6316] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.839962][ T6316] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.086390][ T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 296.095589][ T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 296.104132][ T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 296.112860][ T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 296.121427][ T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 296.135028][ T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 296.254577][ T6316] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.488288][ T6316] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.950117][T10458] chnl_net:caif_netlink_parms(): no params data found [ 297.284867][ T6316] bridge_slave_1: left allmulticast mode [ 297.291037][ T6316] bridge_slave_1: left promiscuous mode [ 297.296817][ T6316] bridge0: port 2(bridge_slave_1) entered disabled state [ 297.559036][ T6316] bridge_slave_0: left allmulticast mode [ 297.564728][ T6316] bridge_slave_0: left promiscuous mode [ 297.574555][ T6316] bridge0: port 1(bridge_slave_0) entered disabled state [ 298.201640][ T53] Bluetooth: hci0: command tx timeout [ 299.312315][ T6316] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 299.395770][ T6316] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 299.422305][ T6316] bond0 (unregistering): Released all slaves [ 299.944255][T10458] bridge0: port 1(bridge_slave_0) entered blocking state [ 299.965919][T10458] bridge0: port 1(bridge_slave_0) entered disabled state [ 299.973838][T10458] bridge_slave_0: entered allmulticast mode [ 299.996474][T10458] bridge_slave_0: entered promiscuous mode [ 300.275980][ T53] Bluetooth: hci0: command tx timeout [ 300.345946][T10458] bridge0: port 2(bridge_slave_1) entered blocking state [ 300.356173][T10458] bridge0: port 2(bridge_slave_1) entered disabled state [ 300.385773][T10458] bridge_slave_1: entered allmulticast mode [ 300.392900][T10458] bridge_slave_1: entered promiscuous mode [ 300.750161][T10458] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 300.798998][T10458] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 301.303804][ T6316] hsr_slave_0: left promiscuous mode [ 301.334335][ T6316] hsr_slave_1: left promiscuous mode [ 301.372850][ T6316] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 301.395929][ T6316] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 301.460547][ T6316] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 301.469855][ T6316] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 301.524304][ T6316] veth1_macvtap: left promiscuous mode [ 301.535307][ T6316] veth0_macvtap: left promiscuous mode [ 301.540938][ T6316] veth1_vlan: left promiscuous mode [ 301.572377][ T6316] veth0_vlan: left promiscuous mode [ 301.697798][T10579] openvswitch: netlink: Flow key attr not present in new flow. [ 302.360857][ T53] Bluetooth: hci0: command tx timeout [ 302.673978][T10597] svc: failed to register nfsdv3 RPC service (errno 111). [ 302.729869][T10597] svc: failed to register nfsaclv3 RPC service (errno 111). [ 302.799588][ T6316] team0 (unregistering): Port device team_slave_1 removed [ 302.899095][ T6316] team0 (unregistering): Port device team_slave_0 removed [ 304.119776][T10458] team0: Port device team_slave_0 added [ 304.185443][T10458] team0: Port device team_slave_1 added [ 304.357594][T10458] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 304.396674][T10458] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 304.441352][ T53] Bluetooth: hci0: command tx timeout [ 304.524601][T10458] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 304.568196][T10458] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 304.612050][T10458] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 304.725321][T10458] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 305.090034][T10458] hsr_slave_0: entered promiscuous mode [ 305.139934][T10458] hsr_slave_1: entered promiscuous mode [ 305.313118][T10648] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1077'. [ 305.843172][T10458] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 305.861448][T10458] Cannot create hsr debugfs directory [ 306.220467][T10658] svc: failed to register nfsdv3 RPC service (errno 111). [ 306.355629][T10658] svc: failed to register nfsaclv3 RPC service (errno 111). [ 308.741580][T10458] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 308.772017][T10458] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 308.800155][T10458] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 308.826658][T10458] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 309.040135][T10458] 8021q: adding VLAN 0 to HW filter on device bond0 [ 309.107658][T10458] 8021q: adding VLAN 0 to HW filter on device team0 [ 309.119820][ T2564] bridge0: port 1(bridge_slave_0) entered blocking state [ 309.127004][ T2564] bridge0: port 1(bridge_slave_0) entered forwarding state [ 309.169423][ T2564] bridge0: port 2(bridge_slave_1) entered blocking state [ 309.176607][ T2564] bridge0: port 2(bridge_slave_1) entered forwarding state [ 309.422891][T10458] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 309.525703][T10458] veth0_vlan: entered promiscuous mode [ 309.548568][T10458] veth1_vlan: entered promiscuous mode [ 309.607145][T10458] veth0_macvtap: entered promiscuous mode [ 309.639416][T10458] veth1_macvtap: entered promiscuous mode [ 309.919962][T10458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 309.962270][T10458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.992608][T10458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 310.026789][T10458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.062374][T10458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 310.095308][T10458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.143894][T10458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 310.175292][T10458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.205313][T10458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 310.255247][T10458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.303757][T10458] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 310.317470][T10458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.365231][T10458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.375083][T10458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.425443][T10458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.445743][T10458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.470288][T10458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.500207][T10458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.545239][T10458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.555090][T10458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.595214][T10458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.637512][T10458] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 310.744074][T10458] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.788670][T10458] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.835654][T10458] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.844407][T10458] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 311.330118][T10773] netlink: 'syz.3.1090': attribute type 11 has an invalid length. [ 311.347451][ T6316] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 311.377157][ T6316] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 311.387386][T10773] netlink: 'syz.3.1090': attribute type 11 has an invalid length. [ 311.392917][T10779] nfsd: Unknown parameter 'IPVS' [ 311.405615][T10780] nfsd: Unknown parameter 'IPVS' [ 311.563423][T10763] netlink: 'syz.3.1090': attribute type 11 has an invalid length. [ 311.579702][T10763] netlink: 'syz.3.1090': attribute type 11 has an invalid length. [ 311.739373][ T6309] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 311.748243][ T6309] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 312.748660][T10816] svc: failed to register nfsdv3 RPC service (errno 111). [ 312.812915][T10816] svc: failed to register nfsaclv3 RPC service (errno 512). [ 316.119922][T10890] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1110'. [ 317.410470][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.420226][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.580941][T10945] svc: failed to register nfsdv3 RPC service (errno 111). [ 318.619081][T10945] svc: failed to register nfsaclv3 RPC service (errno 111). [ 321.211675][ T51] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 321.995914][ T51] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 322.457731][ T51] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 322.615633][ T51] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 324.869708][ T5236] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 324.885690][ T5236] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 324.894467][ T5236] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 324.902331][ T5236] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 324.911072][ T5236] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 324.919571][ T5236] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 325.563400][ T51] bridge_slave_1: left allmulticast mode [ 325.570366][ T51] bridge_slave_1: left promiscuous mode [ 325.576881][ T51] bridge0: port 2(bridge_slave_1) entered disabled state [ 325.976976][ T51] bridge_slave_0: left allmulticast mode [ 326.003061][ T51] bridge_slave_0: left promiscuous mode [ 326.026903][ T51] bridge0: port 1(bridge_slave_0) entered disabled state [ 326.460834][T11057] delete_channel: no stack [ 326.595839][T11063] FAULT_INJECTION: forcing a failure. [ 326.595839][T11063] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 326.727131][T11063] CPU: 1 UID: 0 PID: 11063 Comm: syz.0.1148 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 326.737946][T11063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 326.748013][T11063] Call Trace: [ 326.751303][T11063] [ 326.754244][T11063] dump_stack_lvl+0x16c/0x1f0 [ 326.758954][T11063] should_fail_ex+0x497/0x5b0 [ 326.763660][T11063] _copy_to_user+0x30/0xc0 [ 326.768100][T11063] simple_read_from_buffer+0xd0/0x160 [ 326.773508][T11063] proc_fail_nth_read+0x198/0x270 [ 326.778558][T11063] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 326.784136][T11063] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 326.789703][T11063] vfs_read+0x1ce/0xbd0 [ 326.793906][T11063] ? __fget_files+0x23a/0x3f0 [ 326.798605][T11063] ? fdget_pos+0x24c/0x360 [ 326.803037][T11063] ? __pfx_lock_release+0x10/0x10 [ 326.808089][T11063] ? trace_lock_acquire+0x14a/0x1d0 [ 326.813317][T11063] ? __pfx_vfs_read+0x10/0x10 [ 326.818012][T11063] ? __pfx___mutex_lock+0x10/0x10 [ 326.823071][T11063] ? __fget_files+0x244/0x3f0 [ 326.827777][T11063] ksys_read+0x12f/0x260 [ 326.832039][T11063] ? __pfx_ksys_read+0x10/0x10 [ 326.836829][T11063] do_syscall_64+0xcd/0x250 [ 326.841367][T11063] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 326.847285][T11063] RIP: 0033:0x7f4addd7ca3c [ 326.851715][T11063] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 326.871342][T11063] RSP: 002b:00007f4add7ff030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 326.879776][T11063] RAX: ffffffffffffffda RBX: 00007f4addf35f80 RCX: 00007f4addd7ca3c [ 326.887762][T11063] RDX: 000000000000000f RSI: 00007f4add7ff0a0 RDI: 0000000000000004 [ 326.895750][T11063] RBP: 00007f4add7ff090 R08: 0000000000000000 R09: 0000000000000000 [ 326.903736][T11063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 326.911724][T11063] R13: 0000000000000000 R14: 00007f4addf35f80 R15: 00007ffd73181748 [ 326.919728][T11063] [ 327.401576][ T5236] Bluetooth: hci4: command tx timeout [ 327.742286][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 327.768168][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 327.791580][ T51] bond0 (unregistering): Released all slaves [ 328.190431][T11089] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1153'. [ 328.346034][T11090] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1153'. [ 328.382053][T11091] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1153'. [ 329.103741][T11101] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1153'. [ 329.149749][T11040] chnl_net:caif_netlink_parms(): no params data found [ 329.473538][ T5236] Bluetooth: hci4: command tx timeout [ 330.844775][T11040] bridge0: port 1(bridge_slave_0) entered blocking state [ 330.883585][T11040] bridge0: port 1(bridge_slave_0) entered disabled state [ 330.904016][T11040] bridge_slave_0: entered allmulticast mode [ 330.914821][T11040] bridge_slave_0: entered promiscuous mode [ 330.938258][T11040] bridge0: port 2(bridge_slave_1) entered blocking state [ 330.951153][T11040] bridge0: port 2(bridge_slave_1) entered disabled state [ 330.959012][T11040] bridge_slave_1: entered allmulticast mode [ 330.970290][T11040] bridge_slave_1: entered promiscuous mode [ 330.998864][ T51] hsr_slave_0: left promiscuous mode [ 331.062042][ T51] hsr_slave_1: left promiscuous mode [ 331.120152][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 331.154153][ T51] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 331.192646][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 331.202350][ T51] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 331.236509][ T51] veth1_macvtap: left promiscuous mode [ 331.242193][ T51] veth0_macvtap: left promiscuous mode [ 331.253557][ T51] veth1_vlan: left promiscuous mode [ 331.269382][ T51] veth0_vlan: left promiscuous mode [ 331.553516][ T5236] Bluetooth: hci4: command tx timeout [ 332.237490][T11155] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1163'. [ 333.210657][ T51] team0 (unregistering): Port device team_slave_1 removed [ 333.281878][T11178] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1168'. [ 333.546125][ T51] team0 (unregistering): Port device team_slave_0 removed [ 333.635188][ T5236] Bluetooth: hci4: command tx timeout [ 335.325971][T11040] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 335.404520][T11040] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 335.590046][T11040] team0: Port device team_slave_0 added [ 335.634196][T11040] team0: Port device team_slave_1 added [ 335.741638][T11040] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 335.769743][T11040] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 335.858063][T11040] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 335.894862][T11040] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 335.923268][T11040] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 335.973777][T11040] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 336.065216][T11040] hsr_slave_0: entered promiscuous mode [ 336.091801][T11040] hsr_slave_1: entered promiscuous mode [ 336.112962][T11040] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 336.140682][T11040] Cannot create hsr debugfs directory [ 338.417576][T11040] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 338.464545][T11040] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 338.504085][T11040] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 338.561116][T11040] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 338.865289][T11040] 8021q: adding VLAN 0 to HW filter on device bond0 [ 338.971938][T11040] 8021q: adding VLAN 0 to HW filter on device team0 [ 339.057424][ T6316] bridge0: port 1(bridge_slave_0) entered blocking state [ 339.064601][ T6316] bridge0: port 1(bridge_slave_0) entered forwarding state [ 339.124853][ T6316] bridge0: port 2(bridge_slave_1) entered blocking state [ 339.131969][ T6316] bridge0: port 2(bridge_slave_1) entered forwarding state [ 339.290805][T11040] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 339.489698][T11273] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1183'. [ 340.607313][T11040] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 340.910721][T11040] veth0_vlan: entered promiscuous mode [ 341.170229][T11040] veth1_vlan: entered promiscuous mode [ 341.457263][T11040] veth0_macvtap: entered promiscuous mode [ 341.524956][T11040] veth1_macvtap: entered promiscuous mode [ 341.629661][T11040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 341.683356][T11040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.748469][T11040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 341.812736][T11040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.881508][T11040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 341.932645][T11040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.981405][T11040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 342.011287][T11040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.041635][T11040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 342.069760][T11040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.094961][T11040] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 342.139152][T11040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 342.198712][T11040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.218769][T11040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 342.229518][T11040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.239647][T11040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 342.250282][T11040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.260205][T11040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 342.270828][T11040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.281086][T11040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 342.291588][T11040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.302973][T11040] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 342.313623][T11040] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 342.322355][T11040] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 342.331200][T11040] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 342.340174][T11040] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.539892][ T6318] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 343.584940][ T6318] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 343.783947][ T5316] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 343.826311][ T5316] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 345.255022][T11402] syz.1.1199(11402): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 345.573600][T11415] svc: failed to register nfsdv3 RPC service (errno 111). [ 345.589859][T11402] Process accounting resumed [ 345.611065][T11415] svc: failed to register nfsaclv3 RPC service (errno 111). [ 346.935850][T11463] netlink: 412 bytes leftover after parsing attributes in process `syz.0.1212'. [ 348.882228][T11520] nbd: must specify at least one socket [ 348.884150][T11518] svc: failed to register nfsdv3 RPC service (errno 111). [ 348.944142][T11518] svc: failed to register nfsaclv3 RPC service (errno 111). [ 351.445229][T11557] netlink: zone id is out of range [ 351.450670][T11557] netlink: zone id is out of range [ 351.574392][T11557] netlink: zone id is out of range [ 351.579557][T11557] netlink: zone id is out of range [ 351.762355][T11557] netlink: zone id is out of range [ 351.813437][T11557] netlink: zone id is out of range [ 351.833385][T11557] netlink: zone id is out of range [ 351.838536][T11557] netlink: del zone limit has 8 unknown bytes [ 353.242907][ T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 353.263076][ T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 353.275963][ T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 353.292211][ T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 353.302228][ T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 353.318164][ T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 354.476790][ T6316] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.050274][ T6316] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.393644][ T5236] Bluetooth: hci0: command tx timeout [ 355.622617][ T6316] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.770611][ T6316] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 356.102235][T11590] chnl_net:caif_netlink_parms(): no params data found [ 356.214482][T11630] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 356.484449][T11630] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 357.473775][ T5236] Bluetooth: hci0: command tx timeout [ 357.585934][T11590] bridge0: port 1(bridge_slave_0) entered blocking state [ 357.604023][T11590] bridge0: port 1(bridge_slave_0) entered disabled state [ 357.613927][T11590] bridge_slave_0: entered allmulticast mode [ 357.622667][T11590] bridge_slave_0: entered promiscuous mode [ 357.644293][T11647] delete_channel: no stack [ 357.772179][T11590] bridge0: port 2(bridge_slave_1) entered blocking state [ 357.791331][T11590] bridge0: port 2(bridge_slave_1) entered disabled state [ 357.811861][T11590] bridge_slave_1: entered allmulticast mode [ 357.836148][T11590] bridge_slave_1: entered promiscuous mode [ 358.003698][ T6316] bridge_slave_1: left allmulticast mode [ 358.015754][ T6316] bridge_slave_1: left promiscuous mode [ 358.045547][ T6316] bridge0: port 2(bridge_slave_1) entered disabled state [ 358.154240][ T6316] bridge_slave_0: left allmulticast mode [ 358.159940][ T6316] bridge_slave_0: left promiscuous mode [ 358.192922][ T6316] bridge0: port 1(bridge_slave_0) entered disabled state [ 359.553842][ T5236] Bluetooth: hci0: command tx timeout [ 360.900776][ T6316] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 360.934559][ T6316] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 360.995419][ T6316] bond0 (unregistering): Released all slaves [ 361.405123][T11590] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 361.633611][ T5236] Bluetooth: hci0: command tx timeout [ 362.435991][T11590] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 362.599481][T11590] team0: Port device team_slave_0 added [ 362.639320][T11590] team0: Port device team_slave_1 added [ 362.776005][T11590] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 362.806412][T11590] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 362.901798][T11689] futex_wake_op: syz.1.1264 tries to shift op by 64; fix this program [ 362.920556][T11590] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 362.982817][T11590] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 363.023723][T11590] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 363.140461][T11590] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 363.516661][T11590] hsr_slave_0: entered promiscuous mode [ 363.551827][T11590] hsr_slave_1: entered promiscuous mode [ 363.583793][T11590] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 363.591386][T11590] Cannot create hsr debugfs directory [ 364.950904][T11590] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 364.995725][T11590] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 365.027655][T11590] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 365.066695][T11590] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 365.301132][T11590] 8021q: adding VLAN 0 to HW filter on device bond0 [ 365.364279][T11590] 8021q: adding VLAN 0 to HW filter on device team0 [ 365.555448][ T53] Bluetooth: hci2: command 0x0406 tx timeout [ 366.173858][ T6312] bridge0: port 1(bridge_slave_0) entered blocking state [ 366.181005][ T6312] bridge0: port 1(bridge_slave_0) entered forwarding state [ 366.226278][ T53] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 366.244674][ T53] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 366.248774][ T6312] bridge0: port 2(bridge_slave_1) entered blocking state [ 366.258793][ T6312] bridge0: port 2(bridge_slave_1) entered forwarding state [ 366.267560][ T53] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 366.283598][ T53] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 366.301378][ T53] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 366.310613][ T53] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 367.151076][T11590] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 367.210869][T11590] veth0_vlan: entered promiscuous mode [ 367.222664][T11590] veth1_vlan: entered promiscuous mode [ 367.251399][T11590] veth0_macvtap: entered promiscuous mode [ 367.260406][T11590] veth1_macvtap: entered promiscuous mode [ 367.380721][ T6316] hsr_slave_0: left promiscuous mode [ 367.392251][ T6316] hsr_slave_1: left promiscuous mode [ 367.412573][ T6316] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 367.422158][ T6316] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 367.451407][ T6316] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 367.468238][ T6316] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 367.502857][ T6316] veth1_macvtap: left promiscuous mode [ 367.516953][ T6316] veth0_macvtap: left promiscuous mode [ 367.523104][ T6316] veth1_vlan: left promiscuous mode [ 367.534081][ T6316] veth0_vlan: left promiscuous mode [ 368.354286][ T53] Bluetooth: hci5: command tx timeout [ 368.678474][ T6316] team0 (unregistering): Port device team_slave_1 removed [ 368.752339][ T6316] team0 (unregistering): Port device team_slave_0 removed [ 370.336625][T11590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 370.367658][T11590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.402274][T11590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 370.421543][T11590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.443450][ T53] Bluetooth: hci5: command tx timeout [ 370.472603][T11590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 370.502884][T11590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.537380][T11590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 370.565664][T11590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.596010][T11590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 370.621557][T11590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.640196][T11590] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 370.762407][T11590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 370.821775][T11590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.853430][T11590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 370.933469][T11590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.963527][T11590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 370.981963][T11590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.013602][T11590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 371.033412][T11590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.063374][T11590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 371.087211][T11590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.132261][T11590] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 371.207328][T11590] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.263789][T11590] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.288837][T11737] GUP no longer grows the stack in syz.0.1273 (11737): f000-10000 (1000) [ 371.318945][T11590] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.342655][T11737] CPU: 1 UID: 0 PID: 11737 Comm: syz.0.1273 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 371.353474][T11737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 371.363551][T11737] Call Trace: [ 371.366845][T11737] [ 371.369797][T11737] dump_stack_lvl+0x16c/0x1f0 [ 371.374512][T11737] gup_vma_lookup+0x1d2/0x220 [ 371.379227][T11737] __get_user_pages+0x26c/0x3b90 [ 371.384194][T11737] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 371.389766][T11737] ? __gup_longterm_locked+0x126/0x1b30 [ 371.395363][T11737] ? __pfx___get_user_pages+0x10/0x10 [ 371.400777][T11737] ? down_read_killable+0xcc/0x380 [ 371.405921][T11737] ? __pfx_down_read_killable+0x10/0x10 [ 371.411495][T11737] ? find_held_lock+0x2d/0x110 [ 371.416289][T11737] ? __pfx_mark_lock+0x10/0x10 [ 371.421096][T11737] __gup_longterm_locked+0x22e/0x1b30 [ 371.426527][T11737] ? __pfx_lock_release+0x10/0x10 [ 371.431589][T11737] ? __pfx___gup_longterm_locked+0x10/0x10 [ 371.437432][T11737] ? mark_held_locks+0x9f/0xe0 [ 371.442238][T11737] gup_fast_fallback+0x180b/0x2690 [ 371.447406][T11737] ? __pfx_gup_fast_fallback+0x10/0x10 [ 371.452903][T11737] ? __pfx___lock_acquire+0x10/0x10 [ 371.458132][T11737] ? hlock_class+0x4e/0x130 [ 371.462661][T11737] ? __lock_acquire+0xbdd/0x3ce0 [ 371.467632][T11737] get_user_pages_fast+0xa8/0x100 [ 371.472687][T11737] ? __pfx_get_user_pages_fast+0x10/0x10 [ 371.478352][T11737] ? iov_iter_advance+0x1e3/0x6c0 [ 371.483404][T11737] __iov_iter_get_pages_alloc+0x8e5/0x2220 [ 371.489240][T11737] ? rcu_is_watching+0x12/0xc0 [ 371.494032][T11737] ? trace_contention_end+0xea/0x140 [ 371.499348][T11737] ? __pfx___iov_iter_get_pages_alloc+0x10/0x10 [ 371.505611][T11737] ? copy_iovec_from_user+0x12d/0x170 [ 371.511013][T11737] ? pipe_lock+0x64/0x80 [ 371.515284][T11737] ? __pfx___mutex_lock+0x10/0x10 [ 371.520348][T11737] iov_iter_get_pages2+0xa4/0x100 [ 371.525393][T11737] ? __pfx_iov_iter_get_pages2+0x10/0x10 [ 371.531070][T11737] ? wait_for_space+0x224/0x2d0 [ 371.535952][T11737] ? add_to_pipe+0x1c0/0x3c0 [ 371.540572][T11737] __do_sys_vmsplice+0x7c3/0xef0 [ 371.545557][T11737] ? __pfx___do_sys_vmsplice+0x10/0x10 [ 371.551060][T11737] ? __pfx_futex_wait+0x10/0x10 [ 371.556040][T11737] ? __pfx___mm_populate+0x10/0x10 [ 371.561227][T11737] ? rcu_is_watching+0x12/0xc0 [ 371.566026][T11737] ? do_syscall_64+0xcd/0x250 [ 371.570729][T11737] do_syscall_64+0xcd/0x250 [ 371.575268][T11737] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 371.581189][T11737] RIP: 0033:0x7f4addd7dff9 [ 371.585626][T11737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 371.605258][T11737] RSP: 002b:00007f4add7ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 371.613693][T11737] RAX: ffffffffffffffda RBX: 00007f4addf35f80 RCX: 00007f4addd7dff9 [ 371.621682][T11737] RDX: 0000000000000006 RSI: 0000000020000000 RDI: 0000000000000001 [ 371.629671][T11737] RBP: 00007f4adddf0296 R08: 0000000000000000 R09: 0000000000000000 [ 371.637662][T11737] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000 [ 371.645652][T11737] R13: 0000000000000000 R14: 00007f4addf35f80 R15: 00007ffd73181748 [ 371.653660][T11737] [ 371.673436][T11590] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.524014][ T53] Bluetooth: hci5: command tx timeout [ 372.717625][ T6302] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 372.726197][ T6303] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 372.729236][T11709] chnl_net:caif_netlink_parms(): no params data found [ 372.743616][ T6303] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 372.761802][ T6302] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 373.517962][T11709] bridge0: port 1(bridge_slave_0) entered blocking state [ 373.553815][T11709] bridge0: port 1(bridge_slave_0) entered disabled state [ 373.582385][T11709] bridge_slave_0: entered allmulticast mode [ 373.602055][T11709] bridge_slave_0: entered promiscuous mode [ 373.635177][T11709] bridge0: port 2(bridge_slave_1) entered blocking state [ 373.660325][T11709] bridge0: port 2(bridge_slave_1) entered disabled state [ 373.683581][T11709] bridge_slave_1: entered allmulticast mode [ 373.723820][T11709] bridge_slave_1: entered promiscuous mode [ 373.927279][ T6316] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.011836][T11709] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 374.066340][T11709] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 374.118613][T11799] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1283'. [ 374.265612][ T6316] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.358842][T11709] team0: Port device team_slave_0 added [ 374.396165][T11709] team0: Port device team_slave_1 added [ 374.487412][ T6316] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.594253][ T53] Bluetooth: hci5: command tx timeout [ 374.661864][ T6316] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.687241][T11709] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 374.712870][T11709] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 374.767587][T11815] nbd: must specify at least one socket [ 374.783610][T11811] svc: failed to register nfsdv3 RPC service (errno 111). [ 374.795614][T11811] svc: failed to register nfsaclv3 RPC service (errno 111). [ 374.814200][T11709] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 374.869447][T11709] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 374.906544][T11709] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 374.938215][T11709] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 375.255637][T11709] hsr_slave_0: entered promiscuous mode [ 375.325751][T11709] hsr_slave_1: entered promiscuous mode [ 375.381100][T11709] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 375.399122][T11709] Cannot create hsr debugfs directory [ 375.711205][ T6316] bridge_slave_1: left allmulticast mode [ 375.739380][ T6316] bridge_slave_1: left promiscuous mode [ 375.774378][ T6316] bridge0: port 2(bridge_slave_1) entered disabled state [ 375.834227][ T6316] bridge_slave_0: left allmulticast mode [ 375.839921][ T6316] bridge_slave_0: left promiscuous mode [ 375.876957][ T6316] bridge0: port 1(bridge_slave_0) entered disabled state [ 377.773815][ T6316] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 377.811670][ T6316] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 377.846915][ T6316] bond0 (unregistering): Released all slaves [ 378.410443][ T6316] hsr_slave_0: left promiscuous mode [ 378.433100][ T6316] hsr_slave_1: left promiscuous mode [ 378.457186][ T6316] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 378.481870][ T6316] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 378.508891][ T6316] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 378.535599][ T6316] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 378.588640][ T6316] veth1_macvtap: left promiscuous mode [ 378.602202][ T6316] veth0_macvtap: left promiscuous mode [ 378.611344][ T6316] veth1_vlan: left promiscuous mode [ 378.625108][ T6316] veth0_vlan: left promiscuous mode [ 378.843833][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.853057][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 380.141681][ T6316] team0 (unregistering): Port device team_slave_1 removed [ 380.238925][ T6316] team0 (unregistering): Port device team_slave_0 removed [ 380.256060][T11895] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1299'. [ 380.899946][T11904] can: request_module (can-proto-5) failed. [ 380.915054][ T5236] Bluetooth: hci3: command 0x0406 tx timeout [ 381.954930][T11931] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1305'. [ 382.010622][T11928] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1305'. [ 383.183569][T11709] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 383.205553][T11709] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 383.249411][T11709] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 383.286163][T11709] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 383.602466][T11970] Invalid ELF header magic: != ELF [ 383.618858][T11709] 8021q: adding VLAN 0 to HW filter on device bond0 [ 383.680843][T11709] 8021q: adding VLAN 0 to HW filter on device team0 [ 383.722895][ T5316] bridge0: port 1(bridge_slave_0) entered blocking state [ 383.730077][ T5316] bridge0: port 1(bridge_slave_0) entered forwarding state [ 383.774755][ T6316] bridge0: port 2(bridge_slave_1) entered blocking state [ 383.781946][ T6316] bridge0: port 2(bridge_slave_1) entered forwarding state [ 384.331773][T11709] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 384.442021][T11709] veth0_vlan: entered promiscuous mode [ 384.479211][T11709] veth1_vlan: entered promiscuous mode [ 384.584370][T11709] veth0_macvtap: entered promiscuous mode [ 384.608816][T11709] veth1_macvtap: entered promiscuous mode [ 384.683390][T11709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 384.713233][T11709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.733492][T11709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 384.744478][T11709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.754476][T11709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 384.765611][T11709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.776713][T11709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 384.787270][T11709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.797328][T11709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 384.808004][T11709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.819235][T11709] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 384.829471][T11709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 384.840220][T11709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.850102][T11709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 384.861088][T11709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.871552][T11709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 384.882218][T11709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.892472][T11709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 384.903423][T11709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.913265][T11709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 384.924283][T11709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.936058][T11709] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 384.995993][T11709] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.013652][T11709] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.033058][T11709] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.053080][T11709] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.461470][ T5316] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 385.520811][ T5316] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 385.553632][ T6305] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 385.590878][ T6305] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 389.410592][T12145] delete_channel: no stack [ 390.209514][T11972] Process accounting resumed [ 392.411815][ T6310] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 392.638429][ T6310] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 392.916204][ T6310] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 393.309069][ T5236] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 393.318009][ T5236] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 393.326464][ T5236] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 393.335790][ T5236] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 393.344441][ T5236] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 393.351732][ T5236] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 393.600301][ T6310] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 394.377584][ T6310] bridge_slave_1: left allmulticast mode [ 394.383281][ T6310] bridge_slave_1: left promiscuous mode [ 394.444318][ T6310] bridge0: port 2(bridge_slave_1) entered disabled state [ 394.857945][ T6310] bridge_slave_0: left allmulticast mode [ 394.903393][ T6310] bridge_slave_0: left promiscuous mode [ 394.909182][ T6310] bridge0: port 1(bridge_slave_0) entered disabled state [ 395.114523][T12263] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1357'. [ 395.266769][T12253] svc: failed to register nfsdv3 RPC service (errno 111). [ 395.310432][T12253] svc: failed to register nfsaclv3 RPC service (errno 111). [ 395.393923][ T5236] Bluetooth: hci4: command tx timeout [ 396.581641][ T6310] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 396.621773][ T6310] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 396.642373][ T6310] bond0 (unregistering): Released all slaves [ 396.986890][T12221] chnl_net:caif_netlink_parms(): no params data found [ 397.473697][ T5236] Bluetooth: hci4: command tx timeout [ 399.126964][T12221] bridge0: port 1(bridge_slave_0) entered blocking state [ 399.163572][T12221] bridge0: port 1(bridge_slave_0) entered disabled state [ 399.202024][T12221] bridge_slave_0: entered allmulticast mode [ 399.223221][T12221] bridge_slave_0: entered promiscuous mode [ 399.334956][ T6310] hsr_slave_0: left promiscuous mode [ 399.358003][ T6310] hsr_slave_1: left promiscuous mode [ 399.371362][ T6310] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 399.393512][ T6310] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 399.421050][ T6310] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 399.444124][ T6310] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 399.496859][ T6310] veth1_macvtap: left promiscuous mode [ 399.502437][ T6310] veth0_macvtap: left promiscuous mode [ 399.528736][ T6310] veth1_vlan: left promiscuous mode [ 399.548956][ T6310] veth0_vlan: left promiscuous mode [ 399.554595][ T5236] Bluetooth: hci4: command tx timeout [ 400.420182][T12340] netlink: 'syz.0.1368': attribute type 11 has an invalid length. [ 401.353104][ T6310] team0 (unregistering): Port device team_slave_1 removed [ 401.473099][ T6310] team0 (unregistering): Port device team_slave_0 removed [ 401.633504][ T5236] Bluetooth: hci4: command tx timeout [ 402.675702][T12221] bridge0: port 2(bridge_slave_1) entered blocking state [ 402.704164][T12221] bridge0: port 2(bridge_slave_1) entered disabled state [ 402.711632][T12221] bridge_slave_1: entered allmulticast mode [ 402.745605][T12221] bridge_slave_1: entered promiscuous mode [ 402.933061][T12221] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 402.953009][T12221] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 403.343654][T12221] team0: Port device team_slave_0 added [ 403.433769][T12221] team0: Port device team_slave_1 added [ 404.069024][T12221] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 404.083150][T12221] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 404.159763][T12221] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 404.195719][T12221] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 404.202695][T12221] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 404.302083][T12221] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 404.667088][T12221] hsr_slave_0: entered promiscuous mode [ 404.721750][T12221] hsr_slave_1: entered promiscuous mode [ 404.747018][T12221] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 404.799451][T12221] Cannot create hsr debugfs directory [ 406.815921][T12221] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 406.843129][T12221] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 406.894590][T12221] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 406.931594][T12221] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 407.226493][T12221] 8021q: adding VLAN 0 to HW filter on device bond0 [ 407.306636][T12221] 8021q: adding VLAN 0 to HW filter on device team0 [ 407.354829][ T6316] bridge0: port 1(bridge_slave_0) entered blocking state [ 407.362000][ T6316] bridge0: port 1(bridge_slave_0) entered forwarding state [ 407.413128][ T6316] bridge0: port 2(bridge_slave_1) entered blocking state [ 407.420281][ T6316] bridge0: port 2(bridge_slave_1) entered forwarding state [ 408.142202][T12221] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 408.320621][T12221] veth0_vlan: entered promiscuous mode [ 408.370169][T12221] veth1_vlan: entered promiscuous mode [ 408.485522][T12221] veth0_macvtap: entered promiscuous mode [ 408.552948][T12221] veth1_macvtap: entered promiscuous mode [ 408.656398][T12221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.703354][T12221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.759415][T12221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.813526][T12221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.860349][T12221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.909787][T12221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.951984][T12221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.992540][T12221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 409.073881][T12221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 409.130906][T12221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 409.152547][T12221] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 409.195004][T12221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 409.229722][T12221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 409.261218][T12390] can: request_module (can-proto-4) failed. [ 409.292667][T12221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 409.347936][T12221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 409.368140][T12221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 409.388917][T12221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 409.443427][T12221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 409.494112][T12221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 409.523433][T12221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 409.563503][T12221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 409.627723][T12221] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 409.665999][T12221] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.675341][T12221] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.685111][T12221] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.694089][T12221] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 410.124941][ T5316] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 410.132801][ T5316] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 411.045636][ T53] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 411.063483][ T53] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 411.080224][ T53] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 411.089087][ T53] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 411.096861][ T53] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 411.104713][ T53] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 411.407339][T12400] chnl_net:caif_netlink_parms(): no params data found [ 412.982264][ T6305] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 413.001855][ T6305] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 413.266784][T12400] bridge0: port 1(bridge_slave_0) entered blocking state [ 413.283559][T12400] bridge0: port 1(bridge_slave_0) entered disabled state [ 413.291188][T12400] bridge_slave_0: entered allmulticast mode [ 413.314585][T12400] bridge_slave_0: entered promiscuous mode [ 413.394985][ T5236] Bluetooth: hci5: command tx timeout [ 413.437392][ T5316] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 413.505660][T12400] bridge0: port 2(bridge_slave_1) entered blocking state [ 413.533750][T12400] bridge0: port 2(bridge_slave_1) entered disabled state [ 413.541005][T12400] bridge_slave_1: entered allmulticast mode [ 413.578122][T12400] bridge_slave_1: entered promiscuous mode [ 413.692464][ T5316] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 413.874738][ T5316] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 413.936319][T12400] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 414.005010][T12400] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 414.202119][ T5316] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.255065][T12400] team0: Port device team_slave_0 added [ 414.285773][T12400] team0: Port device team_slave_1 added [ 414.367260][T12400] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 414.385871][T12400] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 414.461269][T12400] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 414.500947][T12400] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 414.513407][T12400] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 414.587515][T12400] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 414.787224][T12400] hsr_slave_0: entered promiscuous mode [ 414.817554][T12400] hsr_slave_1: entered promiscuous mode [ 414.873658][T12400] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 414.902987][T12400] Cannot create hsr debugfs directory [ 415.232209][ T5316] bridge_slave_1: left allmulticast mode [ 415.239396][ T5316] bridge_slave_1: left promiscuous mode [ 415.263526][ T5316] bridge0: port 2(bridge_slave_1) entered disabled state [ 415.346424][ T5316] bridge_slave_0: left allmulticast mode [ 415.352112][ T5316] bridge_slave_0: left promiscuous mode [ 415.382625][ T5316] bridge0: port 1(bridge_slave_0) entered disabled state [ 415.474908][ T5236] Bluetooth: hci5: command tx timeout [ 416.671639][ T5316] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 416.822855][ T5316] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 416.868321][ T5316] bond0 (unregistering): Released all slaves [ 417.563958][ T5236] Bluetooth: hci5: command tx timeout [ 418.123502][ T5316] hsr_slave_0: left promiscuous mode [ 418.140649][ T5316] hsr_slave_1: left promiscuous mode [ 418.156776][ T5316] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 418.175999][ T5316] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 418.194183][ T5316] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 418.209537][ T5316] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 418.266424][ T5316] veth1_macvtap: left promiscuous mode [ 418.292341][ T5316] veth0_macvtap: left promiscuous mode [ 418.299243][ T5316] veth1_vlan: left promiscuous mode [ 418.316520][ T5316] veth0_vlan: left promiscuous mode [ 419.153867][ T30] INFO: task syz.3.923:9924 blocked for more than 143 seconds. [ 419.162114][ T30] Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 419.201702][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 419.263590][ T30] task:syz.3.923 state:D stack:25360 pid:9924 tgid:9921 ppid:9272 flags:0x00004006 [ 419.303564][ T30] Call Trace: [ 419.319186][ T30] [ 419.335724][ T30] __schedule+0xef5/0x5750 [ 419.355641][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 419.370638][ T30] ? find_held_lock+0x2d/0x110 [ 419.386901][ T30] ? __pfx___schedule+0x10/0x10 [ 419.401519][ T30] ? schedule+0x298/0x350 [ 419.416849][ T30] ? __pfx_lock_release+0x10/0x10 [ 419.430227][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 419.441909][ T30] ? lock_acquire+0x2f/0xb0 [ 419.458005][ T30] ? schedule+0x1fd/0x350 [ 419.471815][ T30] schedule+0xe7/0x350 [ 419.485632][ T30] schedule_timeout+0x258/0x2a0 [ 419.511446][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 419.518196][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 419.550899][ T30] __wait_for_common+0x3e1/0x600 [ 419.561215][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 419.595751][ T30] ? __pfx___wait_for_common+0x10/0x10 [ 419.601286][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 419.633394][ T30] wait_for_completion_state+0x1c/0x40 [ 419.638924][ T30] do_coredump+0x82f/0x4160 [ 419.641991][ T5236] Bluetooth: hci5: command tx timeout [ 419.666428][ T30] ? hlock_class+0x4e/0x130 [ 419.671004][ T30] ? stack_depot_save_flags+0x28/0x900 [ 419.739967][ T30] ? __pfx_do_coredump+0x10/0x10 [ 419.764855][ T30] ? kmem_cache_free+0x152/0x4b0 [ 419.769857][ T30] ? syscall_exit_to_user_mode+0x150/0x2a0 [ 419.793526][ T30] ? do_syscall_64+0xda/0x250 [ 419.798278][ T30] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 419.838897][ T30] get_signal+0x237c/0x26d0 [ 419.863403][ T30] ? __pfx_get_signal+0x10/0x10 [ 419.874784][ T30] ? rcu_is_watching+0x12/0xc0 [ 419.879606][ T30] ? fpu__clear_user_states+0xf8/0x1e0 [ 419.913386][ T30] ? __local_bh_enable_ip+0xa4/0x120 [ 419.918826][ T30] arch_do_signal_or_restart+0x90/0x7e0 [ 419.937779][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 419.956968][ T30] ? ksys_mmap_pgoff+0x85/0x5c0 [ 419.961882][ T30] ? rcu_is_watching+0x12/0xc0 [ 419.984860][ T30] syscall_exit_to_user_mode+0x150/0x2a0 [ 419.990565][ T30] do_syscall_64+0xda/0x250 [ 420.003430][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 420.009383][ T30] RIP: 0033:0x7fd982a403c0 [ 420.029494][ T30] RSP: 002b:00007fd98393ab38 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 420.057677][ T30] RAX: 0000000000000000 RBX: 00007fd982d35f88 RCX: 00007fd982b7dff9 [ 420.069108][ T30] RDX: 00007fd98393ab40 RSI: 00007fd98393ac70 RDI: 000000000000000b [ 420.077259][ T30] RBP: 00007fd982d35f80 R08: 0000000000000000 R09: 0000000000000000 [ 420.085386][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd982d35f8c [ 420.094923][ T30] R13: 0000000000000000 R14: 00007ffc3a646cb0 R15: 00007ffc3a646d98 [ 420.103695][ T30] [ 420.114039][ T30] [ 420.114039][ T30] Showing all locks held in the system: [ 420.144789][ T30] 1 lock held by ksoftirqd/1/24: [ 420.149793][ T30] 1 lock held by khungtaskd/30: [ 420.170550][ T30] #0: ffffffff8ddb7800 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x7f/0x390 [ 420.193029][ T30] 2 locks held by getty/4985: [ 420.202916][ T30] #0: ffff888032d7a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 420.243121][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfba/0x1480 [ 420.271474][ T30] 3 locks held by kworker/1:5/5286: [ 420.293478][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1212/0x1b30 [ 420.333456][ T30] #1: ffffc90004027d80 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30 [ 420.350872][ T30] #2: ffffffff8ddc30f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock+0x282/0x3b0 [ 420.373458][ T30] 5 locks held by kworker/u8:7/5316: [ 420.378795][ T30] #0: ffff88801baed948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1212/0x1b30 [ 420.398003][ T30] #1: ffffc90002f0fd80 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30 [ 420.411962][ T30] #2: ffffffff8faadad0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xbb/0xb40 [ 420.423429][ T30] #3: ffffffff8fac36e8 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0x8f/0x9b0 [ 420.446987][ T30] #4: ffffffff8ddc30f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock+0x1a4/0x3b0 [ 420.462248][ T30] 3 locks held by kworker/u8:12/6305: [ 420.472264][ T30] #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1212/0x1b30 [ 420.492108][ T30] #1: ffffc90004cbfd80 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30 [ 420.511610][ T30] #2: ffffffff8fac36e8 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0x51/0xc0 [ 420.521140][ T30] 1 lock held by syz.3.923/9926: [ 420.535335][ T30] 3 locks held by syz.0.1203/11416: [ 420.540566][ T30] #0: ffff88805cb1cd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x26/0x90 [ 420.560223][ T30] #1: ffff88805cb1c078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x2ef/0x11d0 [ 420.571997][ T30] #2: ffffffff8fd29308 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xc4/0x260 [ 420.583634][ T30] 7 locks held by syz-executor/12400: [ 420.589024][ T30] #0: ffff88802e32e420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12f/0x260 [ 420.598557][ T30] #1: ffff88802f825488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x27b/0x500 [ 420.608659][ T30] #2: ffff888143bffb48 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500 [ 420.627269][ T30] #3: ffffffff8f0698c8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xd2/0x4b0 [ 420.641871][ T30] #4: ffff88802fd5a0e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xa4/0x610 [ 420.652691][ T30] #5: ffff88807fea3250 (&devlink->lock_key#6){+.+.}-{3:3}, at: nsim_drv_remove+0x4a/0x1d0 [ 420.664345][ T30] #6: ffffffff8fac36e8 (rtnl_mutex){+.+.}-{3:3}, at: unregister_netdevice_notifier_net+0x1c/0xf0 [ 420.685889][ T30] 2 locks held by syz.2.1394/12536: [ 420.691125][ T30] #0: ffffffff8faadad0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x292/0x6b0 [ 420.709122][ T30] #1: ffffffff8fac36e8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x1b/0x70 [ 420.721456][ T30] 1 lock held by syz.3.1395/12543: [ 420.731831][ T30] #0: ffffffff8fac36e8 (rtnl_mutex){+.+.}-{3:3}, at: do_ipv6_setsockopt+0x1f4d/0x4800 [ 420.748740][ T30] 1 lock held by syz.3.1395/12547: [ 420.756633][ T30] #0: ffffffff8fac36e8 (rtnl_mutex){+.+.}-{3:3}, at: do_ipv6_setsockopt+0x1f4d/0x4800 [ 420.774730][ T30] [ 420.779790][ T30] ============================================= [ 420.779790][ T30] [ 420.789582][ T30] NMI backtrace for cpu 0 [ 420.793937][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 420.804475][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 420.814549][ T30] Call Trace: [ 420.817840][ T30] [ 420.820785][ T30] dump_stack_lvl+0x116/0x1f0 [ 420.825495][ T30] nmi_cpu_backtrace+0x27b/0x390 [ 420.830458][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 420.836479][ T30] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 420.842489][ T30] watchdog+0xf0c/0x1240 [ 420.846753][ T30] ? __pfx_watchdog+0x10/0x10 [ 420.851441][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 420.856652][ T30] ? __kthread_parkme+0x148/0x220 [ 420.861682][ T30] ? __pfx_watchdog+0x10/0x10 [ 420.866365][ T30] kthread+0x2c1/0x3a0 [ 420.870434][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 420.875637][ T30] ? __pfx_kthread+0x10/0x10 [ 420.880247][ T30] ret_from_fork+0x45/0x80 [ 420.884661][ T30] ? __pfx_kthread+0x10/0x10 [ 420.889261][ T30] ret_from_fork_asm+0x1a/0x30 [ 420.894130][ T30] [ 420.897718][ T30] Sending NMI from CPU 0 to CPUs 1: [ 420.903208][ C1] NMI backtrace for cpu 1 [ 420.903220][ C1] CPU: 1 UID: 0 PID: 2564 Comm: kworker/u8:6 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 420.903245][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 420.903258][ C1] Workqueue: events_unbound cfg80211_wiphy_work [ 420.903282][ C1] RIP: 0010:__sanitizer_cov_trace_switch+0x3b/0x90 [ 420.903317][ C1] Code: 53 48 8b 46 08 48 83 f8 20 74 6b 77 48 48 83 f8 08 74 5b 48 83 f8 10 75 2f 41 bd 03 00 00 00 4c 8b 75 00 31 db 4d 85 f6 74 1e <48> 8b 74 dd 10 4c 89 e2 4c 89 ef 48 83 c3 01 48 8b 4c 24 28 e8 8c [ 420.903334][ C1] RSP: 0018:ffffc90009b47668 EFLAGS: 00000212 [ 420.903351][ C1] RAX: 0000000000000000 RBX: 0000000000000006 RCX: ffffffff8a90a061 [ 420.903365][ C1] RDX: ffff88802db78000 RSI: 000000000000002a RDI: 0000000000000001 [ 420.903378][ C1] RBP: ffffffff8c9dfc00 R08: 0000000000000001 R09: 000000000000002a [ 420.903391][ C1] R10: 0000000000000000 R11: 000000000000004f R12: 0000000000000000 [ 420.903404][ C1] R13: 0000000000000001 R14: 0000000000000020 R15: ffff88801e75f375 [ 420.903417][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 420.903438][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 420.903453][ C1] CR2: 000055706718a131 CR3: 000000000db7c000 CR4: 00000000003526f0 [ 420.903466][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 420.903484][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 420.903498][ C1] Call Trace: [ 420.903503][ C1] [ 420.903511][ C1] ? nmi_cpu_backtrace+0x1d8/0x390 [ 420.903535][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 420.903563][ C1] ? nmi_handle+0x1a9/0x5c0 [ 420.903585][ C1] ? __sanitizer_cov_trace_switch+0x3b/0x90 [ 420.903612][ C1] ? default_do_nmi+0x6a/0x160 [ 420.903632][ C1] ? exc_nmi+0x170/0x1e0 [ 420.903650][ C1] ? end_repeat_nmi+0xf/0x53 [ 420.903678][ C1] ? _ieee802_11_parse_elems_full+0x271/0x4300 [ 420.903701][ C1] ? __sanitizer_cov_trace_switch+0x3b/0x90 [ 420.903728][ C1] ? __sanitizer_cov_trace_switch+0x3b/0x90 [ 420.903756][ C1] ? __sanitizer_cov_trace_switch+0x3b/0x90 [ 420.903784][ C1] [ 420.903790][ C1] [ 420.903798][ C1] _ieee802_11_parse_elems_full+0x271/0x4300 [ 420.903825][ C1] ? __pfx__ieee802_11_parse_elems_full+0x10/0x10 [ 420.903849][ C1] ? trace_kmalloc+0x2d/0xe0 [ 420.903876][ C1] ? __kmalloc_noprof+0x207/0x410 [ 420.903900][ C1] ? cfg80211_find_elem_match+0x156/0x190 [ 420.903927][ C1] ieee802_11_parse_elems_full+0x8bc/0x1630 [ 420.903953][ C1] ? __pfx_mark_lock+0x10/0x10 [ 420.903979][ C1] ? __pfx_mark_lock+0x10/0x10 [ 420.904003][ C1] ? debug_object_activate+0x34d/0x540 [ 420.904025][ C1] ? __pfx_lock_release+0x10/0x10 [ 420.904052][ C1] ? __pfx_ieee802_11_parse_elems_full+0x10/0x10 [ 420.904074][ C1] ? hlock_class+0x4e/0x130 [ 420.904096][ C1] ? __lock_acquire+0x163e/0x3ce0 [ 420.904122][ C1] ? __pfx_mark_lock+0x10/0x10 [ 420.904149][ C1] ? hlock_class+0x4e/0x130 [ 420.904169][ C1] ? __lock_acquire+0x163e/0x3ce0 [ 420.904198][ C1] ieee80211_ibss_rx_queued_mgmt+0xc54/0x3030 [ 420.904221][ C1] ? hlock_class+0x4e/0x130 [ 420.904242][ C1] ? mark_lock+0xb5/0xc60 [ 420.904267][ C1] ? __pfx___lock_acquire+0x10/0x10 [ 420.904293][ C1] ? __pfx___lock_acquire+0x10/0x10 [ 420.904321][ C1] ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10 [ 420.904343][ C1] ? lock_acquire.part.0+0x11b/0x380 [ 420.904369][ C1] ? find_held_lock+0x2d/0x110 [ 420.904390][ C1] ? find_held_lock+0x2d/0x110 [ 420.904413][ C1] ? kcov_remote_start+0x370/0x6e0 [ 420.904441][ C1] ? mark_held_locks+0x9f/0xe0 [ 420.904467][ C1] ? kcov_remote_start+0x3cf/0x6e0 [ 420.904501][ C1] ieee80211_iface_work+0xc0b/0xf00 [ 420.904525][ C1] cfg80211_wiphy_work+0x3d9/0x550 [ 420.904547][ C1] process_one_work+0x958/0x1b30 [ 420.904578][ C1] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 420.904604][ C1] ? __pfx_process_one_work+0x10/0x10 [ 420.904634][ C1] ? assign_work+0x1a0/0x250 [ 420.904661][ C1] worker_thread+0x6c8/0xf00 [ 420.904690][ C1] ? __kthread_parkme+0x148/0x220 [ 420.904713][ C1] ? __pfx_worker_thread+0x10/0x10 [ 420.904739][ C1] kthread+0x2c1/0x3a0 [ 420.904759][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 420.904781][ C1] ? __pfx_kthread+0x10/0x10 [ 420.904802][ C1] ret_from_fork+0x45/0x80 [ 420.904820][ C1] ? __pfx_kthread+0x10/0x10 [ 420.904841][ C1] ret_from_fork_asm+0x1a/0x30 [ 420.904873][ C1] [ 421.031148][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 421.031166][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 421.031195][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 421.031209][ T30] Call Trace: [ 421.031223][ T30] [ 421.031232][ T30] dump_stack_lvl+0x3d/0x1f0 [ 421.031269][ T30] panic+0x71d/0x800 [ 421.031301][ T30] ? __pfx_panic+0x10/0x10 [ 421.031330][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 421.031359][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 421.031393][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 421.031419][ T30] ? watchdog+0xd76/0x1240 [ 421.031449][ T30] ? watchdog+0xd69/0x1240 [ 421.031483][ T30] watchdog+0xd87/0x1240 [ 421.031519][ T30] ? __pfx_watchdog+0x10/0x10 [ 421.031548][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 421.031578][ T30] ? __kthread_parkme+0x148/0x220 [ 421.031607][ T30] ? __pfx_watchdog+0x10/0x10 [ 421.031638][ T30] kthread+0x2c1/0x3a0 [ 421.031662][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 421.031688][ T30] ? __pfx_kthread+0x10/0x10 [ 421.031715][ T30] ret_from_fork+0x45/0x80 [ 421.031737][ T30] ? __pfx_kthread+0x10/0x10 [ 421.457414][ T30] ret_from_fork_asm+0x1a/0x30 [ 421.462210][ T30] [ 421.465481][ T30] Kernel Offset: disabled [ 421.469799][ T30] Rebooting in 86400 seconds..