last executing test programs: 6.754270032s ago: executing program 3 (id=1579): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r0 = socket(0x15, 0x5, 0x0) bind$auto(r0, 0x0, 0x64) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x80800, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0xffffffffffffffef, 0x5, 0x1000000000000003, 0x8011, 0x3, 0x0) sendfile$auto(0x6, 0x3, 0x0, 0x8000) unshare$auto(0x40000080) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x19) munmap$auto(0x20001000, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0xfffffffffffffffe, 0x8, 0x8003, 0xeb3, 0xfffffffffffffff9, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) timer_create$auto(0x3, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) timer_settime$auto(0x0, 0xffff8000, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0xdf6, 0x2, 0xf) socket(0x2, 0x800, 0x800) lsm_list_modules$auto(0x0, 0x0, 0x0) ioctl$auto(0x1, 0x89a0, 0x8) read$auto(0x3, 0x0, 0x400000) socket(0xa, 0x3, 0x6) 5.255235928s ago: executing program 0 (id=1587): mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f00000000c0)='nfsd\x00', 0xa07, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r0, 0x0, 0xffffffff) fchmodat2$auto(r0, &(0x7f0000000080)='}[,&*}\x00', 0x11ce, 0x3) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x401) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) ioctl$auto(r1, 0xc0105512, 0x1) faccessat$auto(r0, &(0x7f0000000140)='}[,&*}\x00', 0x5) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/midi2\x00', 0x103341, 0x0) write$auto(r2, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) write$auto(0x3, 0x0, 0xfffffdef) ppoll$auto(&(0x7f0000000080)={0xffffffffffffffff, 0x11b, 0x7ff}, 0xc, &(0x7f00000000c0)={0x3, 0x7f}, 0x0, 0x8) socket(0x22, 0x3, 0x0) write$auto(0x3, 0x0, 0xfdef) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000580)='/dev/audio\x00', 0x101202, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000040)=0x4) 5.128695433s ago: executing program 2 (id=1588): openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/dynamic_events\x00', 0x103, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/fs/o2cb/logmask/NOTICE\x00', 0x0, 0x0) (async) r0 = socket(0x2b, 0x1, 0x1) setsockopt$auto(r0, 0x29, 0xb, 0x0, 0x2) (async) open(0x0, 0x22240, 0x154) bpf$auto(0x0, 0x0, 0xa3) mmap$auto(0x0, 0x20009, 0x6, 0xeb1, 0x7f, 0x8000) (async) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x0) (async) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/io\x00', 0x101080, 0x0) (async) socket(0x2, 0x80002, 0x73) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa801, 0x0) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async) ioctl$auto(0x3, 0x8038550a, 0x1) (async) r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x0, 0x0) ioctl$auto(r1, 0x64c6, 0x1e2) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8000, 0x0) 4.993951833s ago: executing program 0 (id=1589): r0 = openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/cmdline\x00', 0x2000, 0x0) read$auto_proc_pid_cmdline_ops_base(r0, 0x0, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/sctp/plpmtud_probe_interval\x00', 0x220602, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg1\x00', 0x20601, 0x0) write$auto_sg_fops_sg(r1, 0x0, 0x62) 4.849506606s ago: executing program 0 (id=1590): openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.6/usb7/power/wakeup_active_count\x00') madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x5, 0x0) io_uring_setup$auto(0x1, 0x0) open(0x0, 0x161342, 0x100) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0x100) socket(0x10, 0x3, 0x6) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ptmx\x00', 0x189000, 0x0) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, 0x0, 0xc83, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, 0x0, 0x2, 0x0) socket(0x2, 0x1, 0x0) socket(0x1d, 0x2, 0x2) socket(0xa, 0x5, 0x0) socket(0x10, 0x3, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0) madvise$auto(0x0, 0x8000000000000000, 0x15) r1 = openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x4937729b00a90a49, 0x0) ioctl$auto_TUNGETIFF(r1, 0x800454d2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x6, 0x1f, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x80003, 0x4, 0x400200000000001, 0xb4, 0x9, 0x8, 0x10007, 0x80, 0x7, 0x0, 0xa, 0x21fff, 0x200, 0x0, 0x83, [0x2, 0x0, 0x0, 0x2, 0x0, 0x2000, 0x0, 0xe, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x8, 0x0, 0x6, 0x0, 0xfffffffffffbfffd, 0x2000000000000004, 0x10000000000001, 0x10000000000, 0xffffffffffffffff, 0x4, 0xfffffffffffffe00, 0x0, 0x0, 0x5, 0x400000000005b8, 0xffff, 0x0, 0x0, 0x0, 0x6, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x7, 0xa38, 0xffffffffffffffff, 0x3, 0xfffffffffffffffc, 0x2, 0x1, 0x7, 0xc567]}, 0x1fe, 0xd) r2 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r2, 0xfffffffffffffd11, &(0x7f00000001c0)) madvise$auto(0x0, 0x2000000080000001, 0x3) 4.602860682s ago: executing program 2 (id=1591): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r0 = socket(0x15, 0x5, 0x0) bind$auto(r0, 0x0, 0x64) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x80800, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0xffffffffffffffef, 0x5, 0x1000000000000003, 0x8011, 0x3, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x19) munmap$auto(0x20001000, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0xfffffffffffffffe, 0x8, 0x8003, 0xeb3, 0xfffffffffffffff9, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) timer_create$auto(0x3, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) timer_settime$auto(0x0, 0xffff8000, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0xdf6, 0x2, 0xf) socket(0x2, 0x800, 0x800) lsm_list_modules$auto(0x0, 0x0, 0x0) ioctl$auto(0x1, 0x89a0, 0x8) read$auto(0x3, 0x0, 0x400000) socket(0xa, 0x3, 0x6) 3.082401579s ago: executing program 3 (id=1595): openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim3/trap_flow_action_cookie\x00', 0x2202, 0x0) mprotect$auto(0x201ffff000, 0x2000000000000001, 0x2) r0 = openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0xc0a82, 0x0) write$auto(r0, &(0x7f00000000c0)='\x00', 0x3) 2.87983394s ago: executing program 3 (id=1597): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0x26, 0x80805, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000001}, 0x40080) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x3, 0x2010000000000) sysfs$auto(0x2, 0x1e, 0x0) fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x3, &(0x7f0000000000)='+\x00\xc04\x95\x96XD\x11T\x11\xa2w\xd55\xea|-&\v\xa9\xc5\xb1\xc6\n\xb0{\xe8', &(0x7f0000000040), 0x3) mmap$auto(0x820, 0x4, 0x5, 0x9b72, 0x2, 0x8004) ftruncate$auto(0x1ff, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) sendmsg$auto_NBD_CMD_CONNECT(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="01002dbd5300f8dbdf25010000"], 0x14}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) unshare$auto(0x40000080) getrandom$auto(0x0, 0x6000000, 0x3) socket$nl_generic(0x10, 0x3, 0x10) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) 2.673829956s ago: executing program 1 (id=1598): mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f00000000c0)='nfsd\x00', 0xa07, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r0, 0x0, 0xffffffff) fchmodat2$auto(r0, &(0x7f0000000080)='}[,&*}\x00', 0x11ce, 0x3) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x401) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) ioctl$auto(r1, 0xc0105512, 0x1) faccessat$auto(r0, &(0x7f0000000140)='}[,&*}\x00', 0x5) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/midi2\x00', 0x103341, 0x0) write$auto(r2, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) write$auto(0x3, 0x0, 0xfffffdef) ppoll$auto(&(0x7f0000000080)={0xffffffffffffffff, 0x11b, 0x7ff}, 0xc, &(0x7f00000000c0)={0x3, 0x7f}, 0x0, 0x8) socket(0x22, 0x3, 0x0) write$auto(0x3, 0x0, 0xfdef) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000580)='/dev/audio\x00', 0x101202, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000040)=0x4) 2.500924437s ago: executing program 2 (id=1599): r0 = socket$nl_generic(0x10, 0x3, 0x10) poll$auto(&(0x7f0000000e00)={r0, 0x101, 0x8}, 0x5, 0xfff) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) write$auto(0xca, 0x0, 0x10) mount$auto(&(0x7f0000000040)='macvlan0\x00', &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfs\x00\x00X\xca\xd8\xce\xc1\xfc\x9f\x9f?o;\xf7\xdf\x9f\x11\xc5\xea\xd9', 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socket(0x2, 0x5, 0x0) connect$auto(0x3, &(0x7f0000000280), 0x55) getpeername$auto(0x3, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r1, 0x0, 0xc000) 2.443735329s ago: executing program 1 (id=1600): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/bus/input/handlers\x00', 0x40100, 0x0) read$auto_proc_pagemap_operations_internal(r0, &(0x7f0000001540)=""/209, 0xd1) socket(0x10, 0x2, 0x0) getrandom$auto(&(0x7f00000000c0)='\x13\x03\x00\x04\x00\x95U\x912\x19\x85\xe7\xcc\xaf\x8cdk\xad\x15\xcc\x85\xceT\t\x9f\xa2\x12\xb1\xc3\x15\x9d@r}\xd1\x9dU\xcb\x13\\', 0x401, 0x3) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x3c, 0x65f, 0x1ffde, 0x7, 0x3, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x6, 0x10003, 0x80, 0x4, 0x0, 0x7, 0x2000, 0x203, 0x0, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x2000, 0x0, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0, 0x1, 0x3, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x200000000001, 0x0, 0xffffffffefffffff, 0x200000000000004, 0x0, 0x0, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x0, 0x4, 0x6, 0xffffffffffffffff, 0x890, 0x8000000000008, 0xfffffffffffffffc, 0x1000, 0xa37, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x4000000000, 0x6]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000140)='ns/uts\x00') sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0xb3a}, 0x7, 0x4008) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/clear_refs\x00', 0x14400, 0x0) 2.175111817s ago: executing program 2 (id=1601): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000004c0)={0x14, 0x0, 0x4, 0x70bd29, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x20040004) poll$auto(&(0x7f0000000e00)={r0, 0x101, 0x8}, 0x5, 0xfff) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000001100), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000001540), r1) sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r2, &(0x7f0000001f00)={0x0, 0x0, &(0x7f0000001ec0)={&(0x7f0000001580)={0x14, r3, 0x1, 0x70bd2c, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0xc0}, 0x8000) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x400040, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) seccomp$auto(0x7d5d, 0x8, 0xfffffffffffffffc) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f00000049c0), 0xffffffffffffffff) sendmsg$auto_SMC_PNETID_FLUSH(r7, &(0x7f0000004a80)={0x0, 0x0, &(0x7f0000004a40)={&(0x7f0000004a00)={0x14, r8, 0x1, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_DEL_STATION(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001b00)={&(0x7f0000000200)={0x1c, r4, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008012}, 0x40) 2.142170591s ago: executing program 1 (id=1602): setrlimit$auto(0x1000000007, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000009c0), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000a00)={'wlan1\x00', 0x0}) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) mmap$auto(0x0, 0xc, 0xdb, 0x89b76, 0xffffffffffffffff, 0x800) ioctl$auto(r3, 0x400c4d00, 0x9) ioctl$auto(0x3, 0x400c4d05, 0x5) sendmsg$auto_ETHTOOL_MSG_RINGS_GET(r0, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000a40)={0x20, r1, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@ETHTOOL_A_RINGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x8004805}, 0x20004884) 2.091004809s ago: executing program 0 (id=1603): mmap$auto(0x0, 0x1000, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8000, 0x0) r0 = socket(0xa, 0x6, 0xffffffff) sysfs$auto(0x2, 0x100000000000037, 0x0) fsopen$auto(0x0, 0x1) r1 = socket(0x23, 0x80805, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_4={0x17, 0x1, 0xa9, r1}, 0x6f4) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) sendmsg$auto_NL80211_CMD_FLUSH_PMKSA(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000080)={&(0x7f0000000280)={0x1ac, r2, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@NL80211_ATTR_S1G_CAPABILITY_MASK={0xc4, 0x129, "dfed6390b1b1409e4d615b6612f69e8bfcfd579a971c9daef8734e90c290154757d843b83761b860dcbb5bfee1f21712457034b3be11fbc40f8bf4540634bda68283fdc181860d336834d2b021d911c02608f9ad3fd4c654b83536ae2b32f05c5affc588f63c7dfc1470b63f1d34c35cae4cb150773ee39d23014d8ed992ac89a8b36853ed11817b902b2ae6750b1341c975264041f9d33ccfce79995de7a070df4bba2cd237ee06920ee29f82636f4cbc125e94e42440a367f8eccdc2e78db3"}, @NL80211_ATTR_TID_CONFIG={0xcc, 0x11d, 0x0, 0x1, [{0x8, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x8}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xa210}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x2}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xf1}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x7}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xffffffff}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x6}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x1}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x4}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x6}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0xa}]}]}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0xf}]}, 0x1ac}}, 0x20004080) bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x7}, 0xc) socket(0xa, 0x2, 0x3a) ioctl$auto(0x20000000000003, 0x8936, 0x2) mmap$auto(0x0, 0x1000, 0xdf, 0x9b72, 0x2, 0x8000) (async) unshare$auto(0x40000080) (async) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) (async) close_range$auto(0x2, 0x8000, 0x0) (async) socket(0xa, 0x6, 0xffffffff) (async) sysfs$auto(0x2, 0x100000000000037, 0x0) (async) fsopen$auto(0x0, 0x1) (async) socket(0x23, 0x80805, 0x0) (async) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_4={0x17, 0x1, 0xa9, r1}, 0x6f4) (async) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) (async) sendmsg$auto_NL80211_CMD_FLUSH_PMKSA(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000080)={&(0x7f0000000280)={0x1ac, r2, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@NL80211_ATTR_S1G_CAPABILITY_MASK={0xc4, 0x129, "dfed6390b1b1409e4d615b6612f69e8bfcfd579a971c9daef8734e90c290154757d843b83761b860dcbb5bfee1f21712457034b3be11fbc40f8bf4540634bda68283fdc181860d336834d2b021d911c02608f9ad3fd4c654b83536ae2b32f05c5affc588f63c7dfc1470b63f1d34c35cae4cb150773ee39d23014d8ed992ac89a8b36853ed11817b902b2ae6750b1341c975264041f9d33ccfce79995de7a070df4bba2cd237ee06920ee29f82636f4cbc125e94e42440a367f8eccdc2e78db3"}, @NL80211_ATTR_TID_CONFIG={0xcc, 0x11d, 0x0, 0x1, [{0x8, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x8}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xa210}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x2}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xf1}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x7}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xffffffff}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x6}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x1}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x4}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x6}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0xa}]}]}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0xf}]}, 0x1ac}}, 0x20004080) (async) bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x7}, 0xc) (async) socket(0xa, 0x2, 0x3a) (async) ioctl$auto(0x20000000000003, 0x8936, 0x2) (async) 1.951584926s ago: executing program 1 (id=1604): mknod$auto(&(0x7f0000000000)='./file0\x00', 0x5, 0x8f0) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000200), r0) sendmsg$auto_IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000240)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="010027bd7000fddb80000600000000000000"], 0x18}, 0x1, 0x0, 0x0, 0x20000001}, 0x40080) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001040)='/proc/thread-self/net/rxrpc/peers\x00', 0x100, 0x0) read$auto(0x3, 0x0, 0xf34) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0) socket(0x2c, 0x3, 0x0) sendmsg$auto_NL80211_CMD_ABORT_SCAN(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x18, r2, 0x308, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_FREQ_FIXED={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000004}, 0xc800) 1.82966306s ago: executing program 3 (id=1605): socket(0x2, 0x2, 0x88) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @rand_addr=0xfffffffe}, 0x55) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) mmap$auto(0x100000001, 0xfffffffffffffffc, 0xa5f, 0x4009b7f, 0x2, 0x400) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) setresuid$auto(0x0, 0x1, 0x0) mlockall$auto(0x7) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = setfsuid$auto(0xee01) sendmsg$auto_NL80211_CMD_REMOVE_LINK_STA(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={&(0x7f0000001000)={0x1d64, r1, 0x10, 0x70bd29, 0x25dfdbfb, {}, [@NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x400}, @NL80211_ATTR_PROBE_RESP={0x20b, 0x91, "a67e60c0eef422ec059de0717831bc9235a714f089b4add192ff440792eb51ff49314c1d776564852c290af96afc5af769df6b1c7b0d07cd5ea81ac47d0bf2609da5173f4bff6f5f230b7272880eea926da9c7dd56d70baaaef79054d5027c73cc90f5441d6c50646368ea3b628b64e4bec145ce9f4b4311ddbc4e8b0a861908404d8e39cf4fa5b34d562a184c7752c52a5f49c8a0b4e2bb2c826adb5150a24786a71d85b41d971cc22164801f905c488a396ec26c1a1678e2fbea42a233f2dfc23525bdf2695bf6c0b955e69719b48a2cc32003b8dacb66c59f542c92d734ff668ff01148e82ff2ef4c8401114f85571f1cb729614b6c4c338beaed51eb3ed51010f7120209e5e46fd41a1e620b250d98109f62776db0058da73b1ac059e537510cdaf176d4480494d272923f32d3f4798c2d340b643cf6ea5045b3216488e3068df453d36be54a4c3ad10b8d70e02991ec684433e072b6ce5825532af6ff31121db77e7e157497363ca588bbc7911cac647232142ff23e7bced8c16213216b3ff47f6c0d90701d309b920c6b2198521792665e9d573b223e0caea119f40941bc2756712d22bc843acbdbbd9209bf7c7f07871d885fb83843ddb835bcdaf58db9e0a2882c4d8841fa314b6e9f8adcb484234ccf57a19e15c9335a3a3c60e3aa1f460e0e19014db2465ea4653eb02800e88cb895804989cf551defe99e3c74c20736e044ed089a"}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_FILS_DISCOVERY={0x1c, 0x126, 0x0, 0x1, [@NL80211_FILS_DISCOVERY_ATTR_INT_MIN={0x8, 0x1, 0x3}, @NL80211_FILS_DISCOVERY_ATTR_INT_MIN={0x8, 0x1, 0x5}, @NL80211_FILS_DISCOVERY_ATTR_INT_MAX={0x8, 0x2, 0x5}]}, @NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0x2}, @NL80211_ATTR_REG_ALPHA2={0x1004, 0x21, "7e68ebb49a1d14d83d7b55637a3f1fa29b40c95d460b37396e56ab702632c0df6f323c11086904f3cdcd7f38e78d1983593e3eebbe1f1c908302a3a1547d53afc5c50f9afc99dd64679ddc72540a66247685350a8a9f08d523f6594065caa16b1694c8610a828bf9bbc0d104c1a84308218dd93d7c0c26a65ee69f9bbd2be7170be3ef8c454bf8fdb3b1397e847d022f105bf0be342ce33ac4e0363d1c90fa1248ed9d6990b06cb65dda31b84208b2adf48ddce124fda4348343336d2b73fb93c746fb57d6b4b3bf5d11e3499dfbd0c1f353bc304f9e5fae28d27e6d1e906f7d483ea85b9dd8c42c9a8f39d80f0780937a259b7ee80df01b67613535a7b70ca689d4f09c4812f3e2ab3461f911716f36ce48b1ed7bd7d0797ae623fa883acc6619f3ac4cbd38733bc7c126db6cf24cb0304a059306154649726137c0ee1196256c92f162eb6eb33432b5d0ab8938c184938fdeb7a466416d7bf4df921e525848b89260e2d88177e8bc2c942a4ea8418718e0c97f5dc7486876d0ddeb1b7bcebd73384c483058e993710e423d1b0938e905ce1253a940a0aeef9a191933acfe777fa9d2b890c91ba5dff34c2375d5a4af96a63249c73a00be3fa9b3c69f93f14ea2823aee9df52b2d0e889d5d33331fb78a1d7c0570fc9f41cc3d664be7e910c8c0e94ebfe580b4dccb523d85dfc1a895430a38dd2f83b6f531b570376ff610ba3a95c0e96cb42d503bed884c5019ded7c9623191393797f2ae9d8e9c41facab90d560e49a0f1caebfd0549c1b6c6b1f5eeb8a8c140eace88bce46f76fab16e30e6ffb4c92a65d1ff65f7dcb8b9797584812f94c854720db14083be9f61254e3fed7e4379d4b93f7fe8d15859d23df5f38982efa6ed10bbe63f689cbb5d0e88b0b954f1d2e961bb1635f608c47935fe28fcb1230a684de86d9515b096bb6fb9feaf14680eec87a4074ccb0c6d2499d075fcb5b35d57999e3f9c3833b1ed1641ba435f083dcc5333bb7e11ae756ee29c13dc7bc0b7fac39b8a14ae245a881a4b2a9b79aac15068f952f306bcebc8ea182124b1a783ecc9ba79bd01905915d9d3f183e074c98e9c3a13cf626db34022a305481776e4e710e9b0936f5bb3bf4bada51ec5ba0845ecf7f40491e62c9812bbbe0cc9865ee7009ff2bd7b7367522643fa339713469a04176918f5bd7e7d7a45e955827d9dd61a8138609b2c8370c520fe5971ccdcdb4855b8e5a17dd011d05b1d889f6bbf50a533b9660ccce0949ea30fe735ceaddf604b83a7654308adaabeb8fbbfe8f8e72fab2e786db7f6d50f5a6bbbee140f791b811b2365c03acf7cf34c8d8dcb0c752ef420fc2c5e2ac07ce189085c978cdfcf815a6b306381592e9d599b0cdf650415bbaa8c5cfccaf03da00f4b29c4f00fe4570d9856ec4064c10351f9adcc5301f117e8ec0c1fef97c76198caf769384c076e9a6c0924052fba886a97b62a3c038e5b79bc83290d4632704687820514d9123ef83931cc8ee7df0337c39aca2a04e42ec3326adcce15a9db7ca75b896cdf9cdc6a45fa005228fabb86056b7443ca50fa491e882d2c748d35807e156ce951036bbc26e9e87d9d4e9ce9618b020514723a0356743dbfcadb89697396e80cb01a9130bfafce82a7459392c790f70e98ade9086717db3eba1cdaa5b8af88135eb82e1125542570704b94db9a4fb6688287cdc19fe10521601ebce1cbd107a0c5b5aeddf155863068b56f6a0bf803849c9ab5c0c307ebc190e2df57ad8ddfc8c7c02bf0a1942076ffee669cc16f342c3ef852ec2249eca7af1dbfb26561bcb9daa5f964b3f97a4488683d5d4e7e55c1d1ea460ad3a0bb121b7074ccc9a0f3f78f374ada8b6bf998efe3454dc1473a00d7759d52a65d8b54a8330a9eb06d5b1b93fd3621caee56a5b82eca002d4fde75359915996cd554162bfcec3f67793503df0463c9ab8c3c6d4e18927d97f5fa53fa3ab4fe2b819ca8c84bf4bbaf1b9347f20b673f953ca0d6d2869a9633faf5d00c500d4eab321720a8ea40c729dad79112af1601fd249559b8ff063028354c5f2edff18fad52d895359049ee4d662c92b0d840b3631db116f2bc3b448037905746f86e14eabd361acf0bc457a0daa5e2e5e81e5d260610996b4f9bdb169685c6f772eea35e588bf6855959218ad57eae48bf147552e284bb23a3694c40316e32e7cfc5f69012243ac06af245b9e50a34905345b13b37211541b8c910d9a905f80c4ae2d6368735e9d58ff2907686384ae52e8235a8929df016ac84034c7dc05c0daae5232deaddee6c19c795f797872b7da33482a391da83d0b46783f592b538913b7e204dd599839fbf5e1a009d09d3663833ee2ff80f8487cb82b7557a46982b20cf9aa9710ab67fad0241f2bd66d46ce9bb5249ac84401b647145329e1ea1e10cf8358a2a510ae7ed7f8545951f9e62999c177895d075e4d27aaa79506b4104ebdb9627a1dc7cf27c25aedb69434172d7292dc4b840dd60629d8ce797e83d90cef085740144cab646f5538b9fa9e47f268414f883c8fc421a35f471413e01351581b3575804e4dadf84341e48d234e796adb74b16428cf030d5fe3dbc6aa6cf461409b927f8b2f7200f779eb871ccb8383b836b57fe34d83c2cb4ffabb37642371ba47f953a4d0dd55fe96408369b02060e991ca82e6656a97715134d595916c3ae07225fa3f6f345803123e989446fdb15098b476d8966e50d20613a9de149038bd94bbb4db8b891693324b196d995624199880016c2e44aae3090d1329b6e828327279dc3b03c07a4d9be68a1fda544d6a4c2c698a022796b177a40e81ad91797c899153d98c0d88d2ac60d985d4c6c2a70d2c877ae028c1258a8d03950918026d560dbd8e8c8a029c766be29fbeda6d0eeaa095bfdcabd761e89d8fed8c370b63166d019fe8d8b08835a9ed3eed975c8e4d1096ff6a01524056caf9f182d56ab977581311297b58875d8e29f4f8feda33a0fc9c1630292fc260e247f693fa7db99dbf74d838d325eb7897e59fb3657ad6e8603515ef07622a01bd23b1e6ac8fd9fac40e3efd048ee31fb1e81e9ac5c75ea3e4474e4aebd565ada29e2958f51b24b91c0304319597584a799848310cb39346ce9ab63643c94b6b0e40da3837b856f8366ee83dcabdfa5c718fcb03fa20426b902219364a48b996b73a03238246424795b4a375f81936bb483144f530c05c7c0a999c564438fe3a40ca5c47e1c06d4e2dd7ef65c05ce05150ea4a63a4dd27081e41cf34d39e55c6584600a08e6dc5a18fb1342eb4a42bcb3a97661715f882ec63645fdd1073681d3c6dfd8d9b50cf086ad856272c5c3ff6eaff112f056836f4fb55f917435416f0dc1202f1e7f73173c549378aaf7e687c5b708fe90c3bbd31da4f38f9dc326d0f8c77f8e11b70b05c78be72b3d75ab40e8ed0622b4177f48b6eecdd31fa6462cee65c55130c1652e1136f66c05be34f4124bf59acdcbd41da28ff4097f460d742f5a10c7ba2c6fb8c9a637b838c426f8bee68010aa9214a217b2cc442c53c1f3f220711273eea926865df814d9e5d5af83f5b8100e4e2def6be7e5b11d6ca2f5a552655d52dee651830d615156ce77b4943ae53a27bfb58ed4f8a062400a355fd648aa1229bd74fa0e449559fbf113a4c40682064fde8b9e21b19b36bc5661bdfc9bc350780927224404cf06d65e31fd8e6c242c440425dfb9fd5b88ee851e6ccfa7008392172be44b289d27319efca82e36bc0ed6ee6d1d2197515e3520156f5fc38fcb6f46f422a437a3801ba646806fcbb65904da9cdc0e36818740627a17f0880533785faff4cae7006489a81b1f0e8db5543ed3fb74f7d39af8ff01e4421891b53442a965b014f013823bddfd97f38856461e689af6bc1a04282f5b6441cbf904ead8a732c0e3faa19d8d1b85bc11740a1e6ee8d8e86afa42a7d22f3fafd8658a4862c099beb09c2afe0a92f0498f29d575288c13523b2f70c68eeb842799a2dd69b6ad2e39f5c37b7d0e20b0fd77d3f8eab52de42efd2fd8fafd868b7f186539bb2ab40205fa6be9fbb750c1164110eb175c7ed0e7cbdeca334a6641d6093330a2484ad807bc37f4b88dbd8a337a734e3ad06587adc9671ceb6117fb612d8f41c4f4b348861935d93da878dcc818d625012bf875bb58e934748852271a474fa3900e11cb23899498f44d0461e8c7e19af68afccefea92a787599cb1828e02fbdd3d4b2eb37c88b4b44f0e589a9fa209045f8fd7d83550880b14561aef55f731767fe296d6281a445429ddb9c4c2ed11cb80258efe8afb0cec143d4477321d6c53adfd317ea1e61674765062452fbcd00581336de3c4ea4a5a945180720a49ff190a19745dcf972e7a98ab5e4430e19b288fcca4f46ebc208a8d0cf14a21ee9e66cd85e546a8bf644b2dfd2350e74d075480958a46eecdf1c06685a456768a66d3ef642d054f52d302102c11ad510ef6e5862fed9ad005d9a35c2c31d617c258677f7455f95f25ec017dc74bbc067af9591a380516a37b56b95930a36d864dc269e0a531ab9c028f00bd3ba4fb6866b7be89434f08420e51c87796b703090c8642d0db5e01a274751a9149573465e9d3e94c241cf0cce1ae981640654e86d8aec008bec1f21baf8899c578ce21dc115cc1c429a067b98032b86a418f38cd434059518b14cbacfb01558695ff35600d72b040edb480ebdb95a66494a493ce4b102420279e7f32c6127e08742affaa8fae50ff93c8d01f6fd9a1704eef6af3c13048b2f2e8b33418c6095c4558c251729075555b147be65cd9d16e11f820d74ff19d708a316540a16de279859a3d4913e1b95ca09950b8365f4be0c86e8b378ee5824059037cf717cdaa95672c19535750f3ba5dc735dc5ca58bd9d67f3d325a16bbf45a6854bd621b023e5552077e950f3831cdb3be6978a5c3a71149059e9b70dc4326d3cacbb159daa45049feaa4df0234929462a9814332b3c00ff7a0d5a06133470bc8e941a85792fa41cf6dbe938b17f801a7780bef6d11ee7ea6296c65a6db2d0dbd8f1031f7798a0601bb6d6e2b8f92e7b0f6e44826af238187d386bdabffb6f912119a09fe4a4bd2f4435d75f6fa4080fc3dfbad126d4236370f6dc062e339669e0fa53c4038f3a03b258159cc06e31f163be40f4ea46a0cc9aefcdd64e7296c9c6520cc15031d05727edb75582d0ee7df64f9b0c0233f9f79477482cfbd2d0fe58e7e6b0e7e73f1c9f7cd2a7755ef54d723917925ab796a15df7e1be1e79af946fe53097c3890d37668a39be97517ea14712bf327187d2bbc891e568ee9c6ec2f3013c7ab5efb8ceaa148580f70c30c1b3d0a564a606e62661b102a56fa79f22a5408425a0f277ccf5e506b3105b39875009ead3eeb9c301a334ae431956b13ba68a0fbfa40cc3e342c95e84d3b0f1d91de752cb971e4fa369183d29c38457301d73d36f23a4496c8e670c4516d418606e12c838a6351a0bb62ce497582e75fa2b736854969f92453f9253adca47e3fe23712d1c2e550e62c0f5a87eee4b830dae6ecf967b7035d62c98527e272c2717b5a1f7a335f4e6642572fddb85aa6f6db0cc621914865ef9a22425a92c8f9bb11dc8c1982136d6aa1060ad1b6a6837b8818aff10fe90105902d0986703799e1b8acccf0205e5813e0eb67bc73f2182e3f1f87091abf7221004ec839ec58f35bf8b2950786b7e4e4406290a17d1401fadb8cb9e4ffa0d32ff79b911f66fbd6ed4fef1f6100f8761b4ff5ffbb2b77ab38e34b214fd02440bda703"}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x3}, @NL80211_ATTR_BEACON_TAIL={0x5fe, 0xf, "dcdb80f63f2626e29dd209acce8f835def63c1db86a7f1ac563856cd7854aeca9e84e78935d9270e40322ce706977b4338740cc7db4ef982e99879b41f6786c843bdbd0a8b4bab10fb79155dcec64b5f0f185e8136f82fd2b15d0cb75f2db07f36b0038677ea8405ad4939cd6b7bcb1fb1c00f7d8c0c754ba58ad8c41ba12e191ac020bfb34ffeaf41d4705e66fd48bd56f4b8931c01135d1b1ffd55eb6bf44ba7b18f260e0a690eaec3fbbc7934b03af6b6e1f8aea706116db218664bf1b99e0e79fa85fffb76f84d5f03807d7627b81bf20d18ab6a9735fe9d07aaf8f9fe51cded3e20d656b353d0bb48cf212cbeee5027eb01d48c51ff1dba3b147b61a83595c0788ff4ab3386c506c675c8d8a0fa26c71a55064f1e38e4a6b7ed1ca3aaa1bffa89ce7396465324c4e95c5b208fc98af86a1eda42b31884157b307cd90a0d836a470141687b2e8d4ed46f9f6fad39e9a745a011183fffe4665f60aa089756ed80f887132260730592cfc285b75303aa2db0359994a10383c3bdd104a72154db78512b2af17fa760d47d163fea7aef7b2ee28cffa7ce6bbdd2448e8f01905529778d0baaaf6871fa725a2093f81996649bbbd0e23561da3cd17f7ff7450f6eccff755d78b62e2399cc6b51aa29a9ee5ae96f883fdf9eff259ae8447bafc29657a5cec29dceb6678da03b1c732c54388e2ed0e83f1c65c16cd209fa167fd1242c0150ebea6045e68066430a69995191d3d1353a972b8b7873cda041b33e5060155faf4ec77e5c52e497def79587d97e2b55a41d61c3af28d08d1f76c61ddddf808c66677ec8178524a5a09053b05d7b01bb40d77d9ecc3688b6e42125ad448915699d85c637fadcd1ed132def2d6686baae5b7e2e04cfb6ac5c6048173481f18891b6e50ec0a2e236afabc4687feb59c8e8402c792373693fda899c7ec5b2bdad39396dd7abb8c9e5d2301354da619f6d87f9c303d9821acf0629ba4d43775046682232ba673a0e24759eebfbc265c02edb7c016aed02d4ae729086f2d842c4af7ba822d73d8fdfd396f84e42c36d188b0f38ebc4b02bd2868af527876877fbe91e54def2a92b1484688f822fc7b9c7da0ef9ff92f072b29899cd8ffc23375f0ace5734360d24d8d7774e1eb7dbf76c5223785ab95fb35af0ec41d7f194d9a76b69757a74141780e3185d41a2850b2e076c8d3bf3d0c8343f60b91cf2fbe5f23c7a4b3582b124913c4e2badfac6a86b502fbfa4d4e56fde8389db2fd19ace2581437dcf157558f47a96b8bb68a6fd0be9f3b09128c1d926f8b1df279d738d6ec410e98194f55101b71449290c2bff9b64f3d94a8516aa9d304432da1cec304f20650f0ce6634d88ac9fc9af71a147227df69dbbc75c6abdd2e147a2931c1640397f07a6f2e99463a92b89d0716cc7bef29107a7caa5a94cb217258850d2199690181ae39b2c222544e1aa891fa1fedc97a5ee3713538468e504e786c83e3586c74f6b71b5c1140c7f04ea77b8a51291487a569614d40c4a72c0bbc9ce7a714e1221e515296fc641fb2c08b50345cc68d53c51b597d9d68452ec1373c173a9382f5758789c38b6499b836b23b5438cb8c471b5e2600d2a975fdd90dfeb4b26becb007e872231385476628171b7aa19fa7b2661df92c49d28819a0c7ed846857e97505a2f5a3f47fecc994133d7faee8f2a05e7671f602bdab89b366ed651b514050278a08280f27c8b437122088273ebfe7ce43e11b51afae40de7e0e3f393cfb434dcab7c6a3fa06d7da6af227e76de287aac80ca6652d43d32c80796242a75f72bffdf52836e8e1fe22b7a62b272861e8adb1dbd1d46f12c6e9bf8cd97f14445b9d8a99e4e61a8de83f0e3492dff64624451d65fb895c27e0f8add4ffa69c20df19d2dd4a3b4e0e06b0efe8d3b92fc5d4a0da9c655414ccbf054901d7b41b686291b435ec2ee5bece26f423a7b3b84462856ea690eea4fe268126747eca297871ba6ebef85e6020eadfc47bae3b779e1435b37e6d68b2840b839720591518563f0a1d5f3aa448140dedcaf04e4748ceb258b4dff2374875e86b5342ebcec2a09753a691943f26829e44831357ebc0543c5a64d85f25f7606667342bdd6a8f52f7b4bf9b469aa94919cc94f86e1ff7cc264c5046d569037524d"}, @NL80211_ATTR_WOWLAN_TRIGGERS={0x4ff, 0x75, 0x0, 0x1, [@generic="fb41751c680ae9865bd43295c08e68d07685", @typed={0x8, 0x3a, 0x0, 0x0, @uid=r2}, @generic="14ba6e3be3759f05080c3489252683ff5f6e39e369ea43c0f41b3eed07e0fc4a17b95c54159967d37df067f806f45fd1a6d12214782ea8d6e97a862d767a73321b58d85c75612f96e22bd360d4693781700102d4b29a0bac7e1b6953cde0cb0d5a7eeb11ddb1bbc0fccf59c2ca76cac12b31c99ac75884a6ac178655486e3cb8d2f927c1b4a538afca2e976e54529d23ad1ca3e4439e2785b5", @nested={0x446, 0x4e, 0x0, 0x1, [@nested={0x4, 0x42}, @typed={0xc1, 0x67, 0x0, 0x0, @binary="46d5d887d72bedd6d0231b905addbe52922b2f9e1aa1950c6096cd1d942044b5545dd093807c3e113e173fd5791ba2a1f720a620f53225e8a9c591e170f905e879ace24475c5cada7eff0fd06ca8789a058a0078d501002ce46ea2188ff20945a979b12fd54802753e97b390eab5aa13c95871b50f7620748db08853f4eceb420b104a23805711442df0acf096ecc51cdba7f5c96f470b23609d92341eff7df88a095651b7b26580d464462588fac341409979deaa30c6771c8cddae0b"}, @typed={0xab, 0xcd, 0x0, 0x0, @binary="711fd9e8f9e377a9d98cb7f9887f51ddf803fb9d261b7add968c195e3262cc3a2d073670044e781d31f1581a52fccc42aa47205d45eaff42007d1733d51ecb61f9329f0ae6868e11fadcbc3f5b3413bd664e8703d3d20a0c4d1f860a994bbc586a9343b83cb3e385c7ae392b3b478d7a3f925f940a2005ef512bb1e2eded8a382ff6eb645e80125586329c72cfad7b5aca2012222f9626c9c85ce200a9a7d3681cfd489a7cfbc6"}, @generic="2ca9afd15fd2121db2dfcd8a410be103f680ffd9eae90be0dd62076be6ea12d7191e43b216f76b106c9c12d6095bc5929c8107d32408892c142e7cd4b712d4bab8cd316949eedf802ea159daf5477fd371a17616df034fdcd5b6b9309aaad7773c0743504708546f275af11d0ba810d1e5f4b20c8fe5267186efe41517fc1a6106146746da8551d9581b59e83e4cd70664da7efd6a44f0b607b4760dc2a849fd6fe524e6a0dfb7913ccffc4eb2afb566", @nested={0x4, 0x110}, @generic="ad7d8e5a80f049afc9477d8df1d26faedcd706e516b6d53ae650d9c823cd86ed6af3af9601aeb3313a3f07ea8074016d95eb3ed5388973a44e5f35416b5e69429676a9688861b29df74c8f46d3b1093607f00223ca7301c933c4d3d5ffb02ab5a695d8f1f8ded263b7c321d7cd35c06912e7ea8bec2ab1fdf510e47114d735403435b410fadd69b103de4403c5d62c506b6d48b7e7135cb837f1e4b0cffb69d52f5c", @nested={0x4, 0x68}, @generic="232c9d2f1564e3fb64f0c939292f08ad631913b18988702fc8d7a7967b98d07fa82b9d610a1bc6eb5336c689afb56863e313e6045ce021a07bd87e7a1316d0d812175643c088d89a09e5a88906ab3835b8fae2bcf1b43fd1151fbde8c2d0ff0579b8bc61b7604efe4165af7f4959bcaba819b02d36141b24e693da463b015b0c3655a809a1b89ab8c94901c63db365a2a9a8a424c08d4677586b8260f268038e53cf2ffbcc1aef50dbd257f50cdc447e946a41b529080be938b32400b09317a231cd07e7e44331e3", @generic="0a6aa890178d41b5acfe4de1941bdaadcef6d7dfe7089dd10e4277e6adca35b7fbbdc6dc7d151d1a17b9267a6a16be6ff2dbdc6dcbb05b9e804c0d02edc22e641cfa54b6f1e667dfb4278174509876c7d294efc1a52f6bec37b913b5845e45ac5ea94f52894cd995e650e99cf48dac11bcd12e89da055a29c508abbcf65635091825eb8d0ce055679e4b15f7fff5fb03b431167d1d2a6a0771a21825c5c1f935d4e5dd31051ae1fe", @nested={0x4, 0xab}]}]}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5}]}, 0x1d64}, 0x1, 0x0, 0x0, 0x8800}, 0x20000000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_fd=0x5, 0x7f, 0x9c, 0x7b2, 0x1, @relative_id=0x4, 0x80}, 0x96) bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x7}, 0xc) 1.678797422s ago: executing program 2 (id=1606): openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim3/trap_flow_action_cookie\x00', 0x2202, 0x0) mprotect$auto(0x201ffff000, 0x2000000000000001, 0x2) r0 = openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0xc0a82, 0x0) write$auto(r0, &(0x7f00000000c0)='\x00', 0x3) 1.470898196s ago: executing program 0 (id=1607): r0 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = open(0x0, 0x22240, 0x155) r2 = socket(0x2, 0x80802, 0x0) setsockopt$auto(r2, 0x11, 0x67, 0x0, 0x8) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000140), 0x55) r3 = gettid() r4 = syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x4206, r4, 0x0, 0x5) kcmp$auto(r3, r4, 0xe, r1, r2) socket(0x10, 0x2, 0x0) socket(0x10, 0x2, 0x4) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x405, 0x8000) getrandom$auto(0x0, 0xe06, 0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) socket(0xa, 0x3, 0x3a) mmap$auto(0x1a, 0xffffffffffffffff, 0x4, 0x17, 0xda, 0xf) ioctl$auto(0x1, 0x8983, 0x8) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendmsg$auto_BATADV_CMD_GET_HARDIF(r0, 0x0, 0x4008000) io_uring_setup$auto(0x8000, &(0x7f0000000140)={0x3, 0x8, 0x3, 0x0, 0x4, 0x101, 0xffffffffffffffff, [0xd5, 0x9], {0xffffff80, 0x9, 0x10, 0xb831, 0x40003, 0xdbb, 0x3, 0xee9, 0x81}, {0x7ffd, 0x6, 0x8, 0x1, 0x8, 0x0, 0x4, 0x6, 0x3}}) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x7f, 0x8000) close_range$auto(0x2, 0x8, 0x0) 1.469856997s ago: executing program 1 (id=1608): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r0 = socket(0x15, 0x5, 0x0) bind$auto(r0, 0x0, 0x64) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x80800, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0xffffffffffffffef, 0x5, 0x1000000000000003, 0x8011, 0x3, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x19) munmap$auto(0x20001000, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0xfffffffffffffffe, 0x8, 0x8003, 0xeb3, 0xfffffffffffffff9, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) timer_create$auto(0x3, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) timer_settime$auto(0x0, 0xffff8000, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0xdf6, 0x2, 0xf) socket(0x2, 0x800, 0x800) lsm_list_modules$auto(0x0, 0x0, 0x0) ioctl$auto(0x1, 0x89a0, 0x8) read$auto(0x3, 0x0, 0x400000) socket(0xa, 0x3, 0x6) 1.333109462s ago: executing program 2 (id=1609): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/fs/ocfs2/active_cluster_plugin\x00', 0x22100, 0x0) r1 = socket(0x28, 0x4, 0x0) sendmsg$auto_NL80211_CMD_UPDATE_FT_IES(0xffffffffffffffff, 0x0, 0x4000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x6000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) r2 = socket(0x10, 0x2, 0x0) sysfs$auto(0x7, 0x931c, 0x1000000000000000) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES16=r3], 0x1ac}}, 0x40000) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/247, 0xf7) sysfs$auto(0xab, 0x800, 0xf2c) 1.184879355s ago: executing program 0 (id=1610): clone$auto(0x21, 0x6, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) ppoll$auto(0x0, 0x9, 0x0, 0x0, 0x8) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) write$auto(0x0, &(0x7f00000000c0)='vlan1\x00', 0x10001) 332.858411ms ago: executing program 3 (id=1611): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/vrf/strict_mode\x00', 0x80202, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x9, 0x3ff57697, 0x9b72, 0x2, 0x8000000000008000) socket(0xa, 0x801, 0x106) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @private=0xa010100}, 0x51) pipe2$auto(0x0, 0x80) setsockopt$auto(0x3, 0x82, 0x9, 0x0, 0x19) setsockopt$auto(0x3, 0x6, 0x4, 0x0, 0x8) sendfile$auto(0x1, 0x3, 0x0, 0x6) write$auto(0x3, 0x0, 0xfdef) socket$nl_generic(0x10, 0x3, 0x10) 109.241432ms ago: executing program 1 (id=1612): socket(0x10, 0x2, 0x0) r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000080), 0x785303, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto(0x3, 0x4020565b, 0x38) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x2, 0x15) close_range$auto(0x2, 0x8000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c914700", @ANYRES64=r0, @ANYBLOB="e4ff24c6e2c500bb559f968100000800", @ANYRES32=r4], 0x1c}, 0x1, 0x0, 0x0, 0x20000084}, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) sendmsg$auto_NET_SHAPER_CMD_CAP_GET(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x4000) io_uring_setup$auto(0x6, 0x0) timerfd_create$auto(0x0, 0x0) eventfd$auto(0xfffffffb) sysfs$auto(0x2, 0x4, 0x4) mincore$auto(0x1000, 0x8001, 0x0) io_uring_setup$auto(0x2, 0x0) io_uring_enter$auto(r1, 0xcca2, 0xcd00, 0x7, 0x0, 0xffffffffffffffff) 0s ago: executing program 3 (id=1613): r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) keyctl$auto(0x1d, 0x725fffffffb, 0x69c9, 0x2, 0x6) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x900, 0x0) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5) mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000) ioctl$auto(0x3, 0x4008af03, 0x0) close_range$auto(r0, 0x8, 0x0) openat$auto_fops_bool_file(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/failslab/ignore-gfp-wait\x00', 0x101382, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/batman_adv/parameters/routing_algo\x00', 0x8182, 0x0) write$auto(r2, 0x0, 0xffc) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.158' (ED25519) to the list of known hosts. syzkaller login: [ 66.719666][ T5818] cgroup: Unknown subsys name 'net' [ 66.901294][ T5818] cgroup: Unknown subsys name 'cpuset' [ 66.909728][ T5818] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 68.290333][ T5818] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 70.169088][ T5835] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 70.184356][ T5831] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 70.192248][ T5831] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 70.212992][ T5836] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 70.221165][ T5836] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 70.222882][ T5840] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 70.229260][ T5836] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 70.244301][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 70.245272][ T5836] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 70.253199][ T5844] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 70.260383][ T5836] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 70.274074][ T5836] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 70.281641][ T5840] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 70.289380][ T5836] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 70.289624][ T5840] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 70.297154][ T5836] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 70.311830][ T5836] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 70.319277][ T5840] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 70.332829][ T5843] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 70.345507][ T5843] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 70.354405][ T5843] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 70.355919][ T5845] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 70.374410][ T5840] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 70.385827][ T5840] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 70.719696][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 70.769441][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 70.824252][ T5827] chnl_net:caif_netlink_parms(): no params data found [ 70.896339][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.903767][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.911482][ T5834] bridge_slave_0: entered allmulticast mode [ 70.918468][ T5834] bridge_slave_0: entered promiscuous mode [ 70.933876][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 70.971605][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.979117][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.986278][ T5834] bridge_slave_1: entered allmulticast mode [ 70.993398][ T5834] bridge_slave_1: entered promiscuous mode [ 71.019807][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.026962][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.034280][ T5838] bridge_slave_0: entered allmulticast mode [ 71.041481][ T5838] bridge_slave_0: entered promiscuous mode [ 71.071907][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.079354][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.086577][ T5838] bridge_slave_1: entered allmulticast mode [ 71.094634][ T5838] bridge_slave_1: entered promiscuous mode [ 71.103679][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.145804][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.176792][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.184282][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.191543][ T5827] bridge_slave_0: entered allmulticast mode [ 71.198727][ T5827] bridge_slave_0: entered promiscuous mode [ 71.224670][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.232081][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.239545][ T5827] bridge_slave_1: entered allmulticast mode [ 71.246096][ T5827] bridge_slave_1: entered promiscuous mode [ 71.254751][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.269566][ T5834] team0: Port device team_slave_0 added [ 71.279196][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.296530][ T5834] team0: Port device team_slave_1 added [ 71.340182][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.347683][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.354834][ T5828] bridge_slave_0: entered allmulticast mode [ 71.362069][ T5828] bridge_slave_0: entered promiscuous mode [ 71.377275][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.394065][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.401388][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.411347][ T5828] bridge_slave_1: entered allmulticast mode [ 71.418322][ T5828] bridge_slave_1: entered promiscuous mode [ 71.428950][ T5838] team0: Port device team_slave_0 added [ 71.436597][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.454595][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.464444][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.490866][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.503586][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.510663][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.536628][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.557829][ T5838] team0: Port device team_slave_1 added [ 71.604100][ T5827] team0: Port device team_slave_0 added [ 71.612547][ T5827] team0: Port device team_slave_1 added [ 71.623629][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.634229][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.641488][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.667853][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.680399][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.687456][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.713651][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.735841][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.772079][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.778880][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.808631][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.815592][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.842384][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.856105][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.867347][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.893807][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.923002][ T5828] team0: Port device team_slave_0 added [ 71.934851][ T5828] team0: Port device team_slave_1 added [ 71.944216][ T5834] hsr_slave_0: entered promiscuous mode [ 71.953062][ T5834] hsr_slave_1: entered promiscuous mode [ 72.002054][ T5838] hsr_slave_0: entered promiscuous mode [ 72.010157][ T5838] hsr_slave_1: entered promiscuous mode [ 72.016219][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.025007][ T5838] Cannot create hsr debugfs directory [ 72.031323][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.039952][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.067840][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.080661][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.087861][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.114098][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.143578][ T5827] hsr_slave_0: entered promiscuous mode [ 72.150161][ T5827] hsr_slave_1: entered promiscuous mode [ 72.156098][ T5827] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.163844][ T5827] Cannot create hsr debugfs directory [ 72.270348][ T5828] hsr_slave_0: entered promiscuous mode [ 72.276514][ T5828] hsr_slave_1: entered promiscuous mode [ 72.283091][ T5828] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.290919][ T5828] Cannot create hsr debugfs directory [ 72.408386][ T5840] Bluetooth: hci3: command tx timeout [ 72.408388][ T5831] Bluetooth: hci2: command tx timeout [ 72.408786][ T5831] Bluetooth: hci1: command tx timeout [ 72.414188][ T5840] Bluetooth: hci0: command tx timeout [ 72.504079][ T5834] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 72.525547][ T5834] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 72.534979][ T5834] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 72.556751][ T5834] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 72.601488][ T5838] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 72.613048][ T5838] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 72.635161][ T5838] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 72.652405][ T5838] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 72.694510][ T5827] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 72.723485][ T5827] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 72.750889][ T5827] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 72.774601][ T5827] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 72.783661][ T5828] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 72.793590][ T5828] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 72.803271][ T5828] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 72.817118][ T5828] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 72.924087][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.984818][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.009148][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.020418][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.041221][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.048495][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.064103][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.071249][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.103471][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.122803][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.149904][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.157051][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.165956][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.173142][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.209750][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.217367][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.227171][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.234286][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.262139][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.310868][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.334764][ T5828] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 73.374691][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.381908][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.407260][ T5838] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 73.431316][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.438522][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.529846][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.656759][ T5834] veth0_vlan: entered promiscuous mode [ 73.689574][ T5834] veth1_vlan: entered promiscuous mode [ 73.731558][ T5834] veth0_macvtap: entered promiscuous mode [ 73.770362][ T5834] veth1_macvtap: entered promiscuous mode [ 73.786648][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.848898][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.861862][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.871029][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.900177][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.918318][ T5838] veth0_vlan: entered promiscuous mode [ 73.926458][ T5834] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.936011][ T5834] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.952446][ T5834] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.961387][ T5834] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.002987][ T5838] veth1_vlan: entered promiscuous mode [ 74.055730][ T5827] veth0_vlan: entered promiscuous mode [ 74.112562][ T5828] veth0_vlan: entered promiscuous mode [ 74.119901][ T5827] veth1_vlan: entered promiscuous mode [ 74.133519][ T1128] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.145081][ T1128] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.193732][ T5828] veth1_vlan: entered promiscuous mode [ 74.206643][ T5838] veth0_macvtap: entered promiscuous mode [ 74.232638][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.242815][ T5838] veth1_macvtap: entered promiscuous mode [ 74.243059][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.259667][ T5827] veth0_macvtap: entered promiscuous mode [ 74.277141][ T5828] veth0_macvtap: entered promiscuous mode [ 74.290556][ T5827] veth1_macvtap: entered promiscuous mode [ 74.311992][ T5828] veth1_macvtap: entered promiscuous mode [ 74.330596][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.348776][ T5834] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 74.354279][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.377045][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.394522][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.405517][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.416712][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.430347][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.441448][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.464298][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.475496][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.490769][ T5840] Bluetooth: hci1: command tx timeout [ 74.491424][ T5145] Bluetooth: hci2: command tx timeout [ 74.496185][ T5840] Bluetooth: hci0: command tx timeout [ 74.501925][ T5831] Bluetooth: hci3: command tx timeout [ 74.524787][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.543573][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.569237][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.579734][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.590534][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.602255][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.621204][ T5838] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.630835][ T5838] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.639684][ T5838] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.648843][ T5838] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.661217][ T5827] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.671630][ T5827] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.680450][ T5827] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.689438][ T5827] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.701296][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.712720][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.724015][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.735018][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.745272][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.756192][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.768951][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.834475][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.861398][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.873710][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.890762][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.902294][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.916429][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.928605][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.991854][ T5828] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.001522][ T5828] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.015058][ T5828] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.029278][ T5828] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.140394][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.161856][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.208022][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.215930][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.305504][ T1024] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.320691][ T1024] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.333148][ T1128] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.360890][ T1128] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.386972][ T1024] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.410621][ T1024] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.486055][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.534662][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.828091][ T5911] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 76.027026][ T5918] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 76.059036][ T5916] Process accounting resumed [ 76.464427][ T5928] process 'syz.1.11' launched ':,' with NULL argv: empty string added [ 76.568209][ T5831] Bluetooth: hci0: command tx timeout [ 76.568645][ T5840] Bluetooth: hci3: command tx timeout [ 76.574500][ T5145] Bluetooth: hci2: command tx timeout [ 76.579073][ T5840] Bluetooth: hci1: command tx timeout [ 76.711316][ T5145] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 76.767956][ T5933] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12'. [ 76.777204][ T5933] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 77.086796][ T5145] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 77.118957][ T5939] netlink: 16 bytes leftover after parsing attributes in process `syz.2.14'. [ 77.155745][ T5939] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 78.165674][ T5945] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 78.647452][ T5145] Bluetooth: hci2: command tx timeout [ 78.652915][ T5145] Bluetooth: hci1: command tx timeout [ 78.658521][ T5831] Bluetooth: hci0: command tx timeout [ 78.663953][ T5831] Bluetooth: hci3: command tx timeout [ 79.485561][ T5972] netlink: 206 bytes leftover after parsing attributes in process `syz.1.21'. [ 79.964782][ T5978] netlink: 146 bytes leftover after parsing attributes in process `syz.2.24'. [ 79.999770][ T5978] Zero length message leads to an empty skb [ 81.323546][ T5145] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 82.098405][ T5145] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 82.998998][ T6029] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 83.203298][ T6033] Process accounting resumed [ 84.441612][ T6051] mmap: syz.3.45 (6051) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. syzkaller syzkaller login: [ 85.376497][ T5145] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 85.384121][ T6064] netlink: 4 bytes leftover after parsing attributes in process `syz.0.47'. [ 85.497494][ T6064] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 85.580832][ T5145] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 86.690860][ T5145] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 87.125071][ T5145] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 87.157408][ T47] cfg80211: failed to load regulatory.db [ 87.662964][ T5145] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 88.416126][ T5145] Bluetooth: hci2: ISO packet for unknown connection handle 0 [ 89.346427][ T5145] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 89.383804][ T6128] netlink: 4 bytes leftover after parsing attributes in process `syz.2.61'. [ 89.476665][ T6128] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 90.260969][ T5145] Bluetooth: hci2: ISO packet for unknown connection handle 0 [ 91.174546][ T5145] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 95.800271][ T5145] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 96.708372][ T6242] netlink: 206 bytes leftover after parsing attributes in process `syz.2.90'. [ 98.506591][ T6261] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 99.840968][ T6289] netlink: 16 bytes leftover after parsing attributes in process `syz.0.103'. [ 99.856863][ T6289] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 99.865929][ T5145] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 99.902774][ T5145] Bluetooth: hci2: ISO packet for unknown connection handle 0 [ 100.295575][ T6294] Process accounting resumed [ 100.965080][ T6313] netlink: 206 bytes leftover after parsing attributes in process `syz.3.111'. [ 101.711722][ T6307] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 102.621897][ T6339] Process accounting resumed [ 104.780641][ T6372] netlink: 8 bytes leftover after parsing attributes in process `syz.0.138'. [ 105.011374][ T5145] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 106.371803][ T6394] kexec: Could not allocate control_code_buffer [ 107.073731][ T6419] sg_read: process 124 (syz.3.145) changed security contexts after opening file descriptor, this is not allowed. [ 107.562470][ T6437] netlink: 4 bytes leftover after parsing attributes in process `syz.1.148'. [ 107.583011][ T6437] netlink: 342 bytes leftover after parsing attributes in process `syz.1.148'. [ 107.995912][ T6449] netlink: 8 bytes leftover after parsing attributes in process `syz.2.152'. [ 108.434127][ T6458] FAULT_INJECTION: forcing a failure. [ 108.434127][ T6458] name failslab, interval 1, probability 0, space 0, times 1 [ 108.474437][ T6458] CPU: 1 UID: 0 PID: 6458 Comm: syz.1.155 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 108.485111][ T6458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 108.495199][ T6458] Call Trace: [ 108.498506][ T6458] [ 108.501461][ T6458] dump_stack_lvl+0x16c/0x1f0 [ 108.506171][ T6458] should_fail_ex+0x497/0x5b0 [ 108.510882][ T6458] ? fs_reclaim_acquire+0xae/0x150 [ 108.516077][ T6458] should_failslab+0xc2/0x120 [ 108.520797][ T6458] __kmalloc_noprof+0xce/0x4f0 [ 108.525591][ T6458] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 108.531248][ T6458] ? tomoyo_realpath_from_path+0xbf/0x710 [ 108.537008][ T6458] tomoyo_realpath_from_path+0xbf/0x710 [ 108.542594][ T6458] ? tomoyo_path_number_perm+0x235/0x5b0 [ 108.548370][ T6458] tomoyo_path_number_perm+0x248/0x5b0 [ 108.553872][ T6458] ? tomoyo_path_number_perm+0x235/0x5b0 [ 108.559550][ T6458] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 108.565578][ T6458] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 108.571288][ T6458] ? fd_install+0x242/0x750 [ 108.575845][ T6458] security_file_ioctl+0x9b/0x240 [ 108.580908][ T6458] __x64_sys_ioctl+0xb7/0x200 [ 108.585625][ T6458] do_syscall_64+0xcd/0x250 [ 108.590178][ T6458] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.596114][ T6458] RIP: 0033:0x7f4100f85d29 [ 108.600558][ T6458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 108.620216][ T6458] RSP: 002b:00007f4101dfd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 108.628676][ T6458] RAX: ffffffffffffffda RBX: 00007f4101175fa0 RCX: 00007f4100f85d29 [ 108.636690][ T6458] RDX: 0000000000000000 RSI: 00000000000089f0 RDI: 0000000000000003 [ 108.644701][ T6458] RBP: 00007f4101dfd090 R08: 0000000000000000 R09: 0000000000000000 [ 108.652712][ T6458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 108.660717][ T6458] R13: 0000000000000000 R14: 00007f4101175fa0 R15: 00007ffffc6587c8 [ 108.668742][ T6458] [ 108.723322][ T6463] netlink: 8 bytes leftover after parsing attributes in process `syz.3.157'. [ 108.757341][ T6458] ERROR: Out of memory at tomoyo_realpath_from_path. [ 108.768650][ T6463] netlink: 342 bytes leftover after parsing attributes in process `syz.3.157'. [ 108.864676][ T5831] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 109.044160][ T6478] device-mapper: ioctl: Invalid data size in the ioctl structure: 0 [ 109.518499][ T6500] netlink: 4 bytes leftover after parsing attributes in process `syz.3.165'. [ 111.061805][ T6544] netlink: 28 bytes leftover after parsing attributes in process `syz.2.173'. [ 111.967232][ T6534] kexec: Could not allocate control_code_buffer [ 111.990830][ T6544] syz.2.173 (6544) used greatest stack depth: 21200 bytes left [ 112.059447][ T6550] FAULT_INJECTION: forcing a failure. [ 112.059447][ T6550] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 112.073129][ T6550] CPU: 1 UID: 0 PID: 6550 Comm: syz.1.174 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 112.083772][ T6550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 112.093858][ T6550] Call Trace: [ 112.097162][ T6550] [ 112.100121][ T6550] dump_stack_lvl+0x16c/0x1f0 [ 112.104837][ T6550] should_fail_ex+0x497/0x5b0 [ 112.109556][ T6550] _copy_to_user+0x32/0xd0 [ 112.114012][ T6550] simple_read_from_buffer+0xd0/0x160 [ 112.119436][ T6550] proc_fail_nth_read+0x198/0x270 [ 112.124505][ T6550] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 112.130100][ T6550] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 112.135692][ T6550] vfs_read+0x1df/0xbe0 [ 112.139885][ T6550] ? __fget_files+0x1fc/0x3a0 [ 112.144598][ T6550] ? __pfx___mutex_lock+0x10/0x10 [ 112.149657][ T6550] ? __pfx_vfs_read+0x10/0x10 [ 112.154373][ T6550] ? __fget_files+0x206/0x3a0 [ 112.159098][ T6550] ksys_read+0x12b/0x250 [ 112.163384][ T6550] ? __pfx_ksys_read+0x10/0x10 [ 112.168193][ T6550] do_syscall_64+0xcd/0x250 [ 112.172762][ T6550] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.178690][ T6550] RIP: 0033:0x7f4100f8473c [ 112.183155][ T6550] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 112.202802][ T6550] RSP: 002b:00007f4101dfd030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 112.211263][ T6550] RAX: ffffffffffffffda RBX: 00007f4101175fa0 RCX: 00007f4100f8473c [ 112.219269][ T6550] RDX: 000000000000000f RSI: 00007f4101dfd0a0 RDI: 0000000000000004 [ 112.227272][ T6550] RBP: 00007f4101dfd090 R08: 0000000000000000 R09: 0000000000000000 [ 112.235273][ T6550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 112.243272][ T6550] R13: 0000000000000000 R14: 00007f4101175fa0 R15: 00007ffffc6587c8 [ 112.251288][ T6550] [ 112.257580][ T6546] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 112.263750][ T6546] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 112.285659][ T6546] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 112.318789][ T6546] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 112.327538][ T6546] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 112.364908][ T6546] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 112.380936][ T6546] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 112.397585][ T6546] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 112.409692][ T6546] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 112.453605][ T6546] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 112.460068][ T6546] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 112.602287][ T6546] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 113.680471][ T6576] netlink: 8 bytes leftover after parsing attributes in process `syz.0.183'. [ 113.780595][ T6576] netlink: 342 bytes leftover after parsing attributes in process `syz.0.183'. [ 113.817013][ T6583] netlink: 28 bytes leftover after parsing attributes in process `syz.1.185'. [ 113.843425][ T6583] veth1_macvtap: entered allmulticast mode [ 114.337595][ T5831] Bluetooth: hci0: command 0x0c1a tx timeout [ 114.343704][ T5831] Bluetooth: hci1: command 0x0c1a tx timeout [ 114.375319][ T6585] netlink: 4 bytes leftover after parsing attributes in process `syz.3.187'. [ 114.407453][ T5831] Bluetooth: hci2: command 0x0c1a tx timeout [ 114.447553][ T6585] netlink: 342 bytes leftover after parsing attributes in process `syz.3.187'. [ 114.487409][ T5831] Bluetooth: hci3: command 0x0c1a tx timeout [ 115.258661][ T6626] netlink: 8 bytes leftover after parsing attributes in process `syz.1.197'. [ 115.274378][ T6626] netlink: 342 bytes leftover after parsing attributes in process `syz.1.197'. [ 116.307132][ T6642] netlink: 4 bytes leftover after parsing attributes in process `syz.2.201'. [ 116.394219][ T6646] netlink: 342 bytes leftover after parsing attributes in process `syz.2.201'. [ 116.417508][ T5831] Bluetooth: hci1: command 0x0c1a tx timeout [ 116.423589][ T5831] Bluetooth: hci0: command 0x0c1a tx timeout [ 116.487833][ T5145] Bluetooth: hci2: command 0x0c1a tx timeout [ 116.663173][ T5831] Bluetooth: hci3: command 0x0c1a tx timeout [ 118.487626][ T5831] Bluetooth: hci0: command 0x0c1a tx timeout [ 118.494137][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 118.519220][ T6670] kexec: Could not allocate control_code_buffer [ 118.568721][ T5831] Bluetooth: hci2: command 0x0c1a tx timeout [ 118.727520][ T5831] Bluetooth: hci3: command 0x0c1a tx timeout [ 120.278763][ T6744] netlink: 28 bytes leftover after parsing attributes in process `syz.3.233'. [ 120.556296][ T6758] FAULT_INJECTION: forcing a failure. [ 120.556296][ T6758] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 120.580667][ T6758] CPU: 1 UID: 0 PID: 6758 Comm: syz.1.237 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 120.591331][ T6758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 120.601431][ T6758] Call Trace: [ 120.604730][ T6758] [ 120.607685][ T6758] dump_stack_lvl+0x16c/0x1f0 [ 120.612413][ T6758] should_fail_ex+0x497/0x5b0 [ 120.617128][ T6758] _copy_to_user+0x32/0xd0 [ 120.621589][ T6758] simple_read_from_buffer+0xd0/0x160 [ 120.627101][ T6758] proc_fail_nth_read+0x198/0x270 [ 120.632179][ T6758] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 120.637775][ T6758] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 120.643364][ T6758] vfs_read+0x1df/0xbe0 [ 120.647557][ T6758] ? __fget_files+0x1fc/0x3a0 [ 120.652265][ T6758] ? __pfx___mutex_lock+0x10/0x10 [ 120.657324][ T6758] ? __pfx_vfs_read+0x10/0x10 [ 120.662025][ T6758] ? __fget_files+0x206/0x3a0 [ 120.666717][ T6758] ksys_read+0x12b/0x250 [ 120.670965][ T6758] ? __pfx_ksys_read+0x10/0x10 [ 120.675739][ T6758] do_syscall_64+0xcd/0x250 [ 120.680253][ T6758] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.686151][ T6758] RIP: 0033:0x7f4100f8473c [ 120.690576][ T6758] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 120.710186][ T6758] RSP: 002b:00007f4101dfd030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 120.718608][ T6758] RAX: ffffffffffffffda RBX: 00007f4101175fa0 RCX: 00007f4100f8473c [ 120.726583][ T6758] RDX: 000000000000000f RSI: 00007f4101dfd0a0 RDI: 0000000000000005 [ 120.734561][ T6758] RBP: 00007f4101dfd090 R08: 0000000000000000 R09: 0000000000000000 [ 120.742568][ T6758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 120.750541][ T6758] R13: 0000000000000000 R14: 00007f4101175fa0 R15: 00007ffffc6587c8 [ 120.758531][ T6758] [ 121.048524][ T6765] FAULT_INJECTION: forcing a failure. [ 121.048524][ T6765] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 121.071948][ T6765] CPU: 1 UID: 0 PID: 6765 Comm: syz.1.249 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 121.082689][ T6765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 121.092854][ T6765] Call Trace: [ 121.096136][ T6765] [ 121.099076][ T6765] dump_stack_lvl+0x16c/0x1f0 [ 121.103762][ T6765] should_fail_ex+0x497/0x5b0 [ 121.108448][ T6765] _copy_from_user+0x2e/0xd0 [ 121.113054][ T6765] copy_msghdr_from_user+0x99/0x160 [ 121.118262][ T6765] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 121.124084][ T6765] ___sys_sendmsg+0xff/0x1e0 [ 121.128684][ T6765] ? __pfx____sys_sendmsg+0x10/0x10 [ 121.133901][ T6765] ? __pfx_lock_release+0x10/0x10 [ 121.138925][ T6765] ? trace_lock_acquire+0x14e/0x1f0 [ 121.144140][ T6765] ? __fget_files+0x206/0x3a0 [ 121.148833][ T6765] __sys_sendmsg+0x16e/0x220 [ 121.153434][ T6765] ? __pfx___sys_sendmsg+0x10/0x10 [ 121.158577][ T6765] do_syscall_64+0xcd/0x250 [ 121.163087][ T6765] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.168987][ T6765] RIP: 0033:0x7f4100f85d29 [ 121.173405][ T6765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.193012][ T6765] RSP: 002b:00007f4101dfd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 121.201431][ T6765] RAX: ffffffffffffffda RBX: 00007f4101175fa0 RCX: 00007f4100f85d29 [ 121.209408][ T6765] RDX: 000000000400c004 RSI: 0000000020000140 RDI: 0000000000000003 [ 121.217381][ T6765] RBP: 00007f4101dfd090 R08: 0000000000000000 R09: 0000000000000000 [ 121.225353][ T6765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 121.233325][ T6765] R13: 0000000000000000 R14: 00007f4101175fa0 R15: 00007ffffc6587c8 [ 121.241306][ T6765] [ 121.308996][ T6753] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 121.315115][ T6753] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 121.323960][ T6753] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 121.330378][ T6753] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 122.472603][ T6810] random: crng reseeded on system resumption [ 123.135371][ T5831] Bluetooth: hci1: command 0x0c1a tx timeout [ 123.368736][ T5831] Bluetooth: hci3: command 0x0c1a tx timeout [ 123.375033][ T5145] Bluetooth: hci2: command 0x0c1a tx timeout [ 123.381244][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 123.728686][ T6853] block nbd0: not configured, cannot reconfigure [ 124.478802][ T6883] netlink: zone id is out of range [ 124.525618][ T6883] netlink: set zone limit has 8 unknown bytes [ 127.347132][ T6982] erspan0: entered allmulticast mode [ 132.731650][ T7083] netlink: zone id is out of range [ 132.765745][ T7083] netlink: set zone limit has 8 unknown bytes [ 133.210729][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.217206][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.864878][ T7103] netlink: 4 bytes leftover after parsing attributes in process `syz.3.342'. [ 136.912947][ T7184] random: crng reseeded on system resumption [ 138.754686][ T7210] erspan0: entered allmulticast mode [ 140.096891][ T7222] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 140.121003][ T7222] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 140.889577][ T7234] Process accounting resumed [ 141.257761][ T7249] netlink: 354 bytes leftover after parsing attributes in process `syz.2.390'. [ 142.032893][ T7266] CIFS: VFS: Invalid SecurityFlags: [ 142.334988][ T7262] netlink: 338 bytes leftover after parsing attributes in process `syz.2.395'. [ 142.378614][ T7262] netlink: 338 bytes leftover after parsing attributes in process `syz.2.395'. [ 142.920333][ T7270] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 142.939097][ T7270] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 143.069420][ T7292] netlink: 354 bytes leftover after parsing attributes in process `syz.1.401'. [ 143.082692][ T7289] sp0: Synchronizing with TNC [ 145.805267][ T7335] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 145.838870][ T7335] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 147.584607][ T7380] ptrace attach of "./syz-executor exec"[5828] was attempted by "0LZe9-*E 16\x0b]%$#=\x09enO~YH%Y>Bc8wwig\x0b~m F>\x1b\x09\x09\x1b^\x5c/k}\x09l>Iz+l\x09RCZWUaF.dd\x0b}4J3\x0b!G\x0bs|<CJDԛXʏ[U?^}*i40cG\x5c[cn*-\x07Z z2~HlgJ\x1be$[[=${5t2wgHPDbPQ#b_${/;~KFe3|]g/[\x5c\x0cETTkޫI[qE*{-.%x\x07}!N@Cm{e̖VWwӡ\x5c\x07'f? E͔tVtpW{m޼MHBb,<Q@w8nsR`,W0RjCw^L5(yƲϰyZN<]S$\x1bЏ h}ij8|eF<\x09K]j _^s*y|BQ[K׀֜2ld֡p\x22>#:׉Z-_yw%G* [ 147.866237][ T7395] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 400008000010006 [ 148.202316][ T7403] FAULT_INJECTION: forcing a failure. [ 148.202316][ T7403] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 148.257351][ T7403] CPU: 1 UID: 0 PID: 7403 Comm: syz.2.442 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 148.268005][ T7403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 148.278269][ T7403] Call Trace: [ 148.281573][ T7403] [ 148.284525][ T7403] dump_stack_lvl+0x16c/0x1f0 [ 148.289250][ T7403] should_fail_ex+0x497/0x5b0 [ 148.293976][ T7403] _copy_to_user+0x32/0xd0 [ 148.298443][ T7403] simple_read_from_buffer+0xd0/0x160 [ 148.303881][ T7403] proc_fail_nth_read+0x198/0x270 [ 148.308961][ T7403] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 148.314558][ T7403] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 148.320149][ T7403] vfs_read+0x1df/0xbe0 [ 148.324337][ T7403] ? __fget_files+0x1fc/0x3a0 [ 148.329061][ T7403] ? __pfx___mutex_lock+0x10/0x10 [ 148.334117][ T7403] ? __pfx_vfs_read+0x10/0x10 [ 148.338829][ T7403] ? __fget_files+0x206/0x3a0 [ 148.343549][ T7403] ksys_read+0x12b/0x250 [ 148.347823][ T7403] ? __pfx_ksys_read+0x10/0x10 [ 148.352611][ T7403] do_syscall_64+0xcd/0x250 [ 148.357140][ T7403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.363049][ T7403] RIP: 0033:0x7f93c618473c [ 148.367471][ T7403] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 148.387233][ T7403] RSP: 002b:00007f93c707e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 148.395662][ T7403] RAX: ffffffffffffffda RBX: 00007f93c6375fa0 RCX: 00007f93c618473c [ 148.403678][ T7403] RDX: 000000000000000f RSI: 00007f93c707e0a0 RDI: 0000000000000004 [ 148.411654][ T7403] RBP: 00007f93c707e090 R08: 0000000000000000 R09: 0000000000000000 [ 148.419627][ T7403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 148.427608][ T7403] R13: 0000000000000000 R14: 00007f93c6375fa0 R15: 00007ffd1df112f8 [ 148.435599][ T7403] [ 149.944523][ T7448] netlink: 12 bytes leftover after parsing attributes in process `syz.3.460'. [ 151.442833][ T7477] netlink: 4 bytes leftover after parsing attributes in process `syz.2.471'. [ 151.536071][ T7477] netlink: 8 bytes leftover after parsing attributes in process `syz.2.471'. [ 152.442714][ T7479] netlink: 12 bytes leftover after parsing attributes in process `syz.2.472'. [ 153.003764][ T7502] netlink: 4 bytes leftover after parsing attributes in process `syz.3.482'. [ 153.051764][ T7502] netlink: 8 bytes leftover after parsing attributes in process `syz.3.482'. [ 153.942550][ T7528] Process accounting resumed [ 153.977479][ T7528] FAULT_INJECTION: forcing a failure. [ 153.977479][ T7528] name failslab, interval 1, probability 0, space 0, times 0 [ 154.008337][ T7528] CPU: 0 UID: 0 PID: 7528 Comm: syz.0.491 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 154.019049][ T7528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 154.029234][ T7528] Call Trace: [ 154.032539][ T7528] [ 154.035495][ T7528] dump_stack_lvl+0x16c/0x1f0 [ 154.040225][ T7528] should_fail_ex+0x497/0x5b0 [ 154.044941][ T7528] ? fs_reclaim_acquire+0xae/0x150 [ 154.050092][ T7528] should_failslab+0xc2/0x120 [ 154.054811][ T7528] __kmalloc_noprof+0xce/0x4f0 [ 154.059619][ T7528] ? kernfs_fop_write_iter+0x223/0x500 [ 154.065128][ T7528] kernfs_fop_write_iter+0x223/0x500 [ 154.070465][ T7528] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 154.076320][ T7528] __kernel_write_iter+0x318/0xa80 [ 154.081486][ T7528] ? __pfx___kernel_write_iter+0x10/0x10 [ 154.087180][ T7528] __kernel_write+0xf6/0x140 [ 154.091812][ T7528] ? __pfx___kernel_write+0x10/0x10 [ 154.097048][ T7528] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 154.102721][ T7528] ? rcu_is_watching+0x12/0xc0 [ 154.107535][ T7528] ? acct_pin_kill+0x2d/0x100 [ 154.112257][ T7528] ? lock_acquire+0x2f/0xb0 [ 154.116797][ T7528] ? acct_pin_kill+0x2d/0x100 [ 154.121512][ T7528] do_acct_process+0xcb0/0x14a0 [ 154.126395][ T7528] ? __pfx_do_acct_process+0x10/0x10 [ 154.131704][ T7528] ? do_raw_spin_lock+0x12d/0x2c0 [ 154.136765][ T7528] acct_pin_kill+0x2d/0x100 [ 154.141328][ T7528] pin_kill+0x194/0x7c0 [ 154.145508][ T7528] ? __pfx_pin_kill+0x10/0x10 [ 154.150200][ T7528] ? rcu_is_watching+0x12/0xc0 [ 154.154977][ T7528] ? __pfx_autoremove_wake_function+0x10/0x10 [ 154.161061][ T7528] ? __x64_sys_acct+0xfe/0x220 [ 154.165829][ T7528] ? lock_acquire+0x2f/0xb0 [ 154.170334][ T7528] ? __x64_sys_acct+0xfe/0x220 [ 154.175108][ T7528] __x64_sys_acct+0x15b/0x220 [ 154.179801][ T7528] ? lockdep_hardirqs_on+0x7c/0x110 [ 154.185008][ T7528] do_syscall_64+0xcd/0x250 [ 154.189524][ T7528] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.195426][ T7528] RIP: 0033:0x7f5332d85d29 [ 154.199845][ T7528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.219479][ T7528] RSP: 002b:00007f5333bca038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 154.227906][ T7528] RAX: ffffffffffffffda RBX: 00007f5332f75fa0 RCX: 00007f5332d85d29 [ 154.235896][ T7528] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 154.243875][ T7528] RBP: 00007f5333bca090 R08: 0000000000000000 R09: 0000000000000000 [ 154.251851][ T7528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 154.259823][ T7528] R13: 0000000000000000 R14: 00007f5332f75fa0 R15: 00007fff15cf59b8 [ 154.267814][ T7528] [ 154.270932][ C0] vkms_vblank_simulate: vblank timer overrun [ 154.616852][ T7541] netlink: 4 bytes leftover after parsing attributes in process `syz.0.493'. [ 154.664115][ T7541] netlink: 8 bytes leftover after parsing attributes in process `syz.0.493'. [ 155.363974][ T7558] netlink: 12 bytes leftover after parsing attributes in process `syz.0.501'. [ 155.797626][ T7570] netlink: 326 bytes leftover after parsing attributes in process `syz.3.506'. [ 156.254237][ T7608] FAULT_INJECTION: forcing a failure. [ 156.254237][ T7608] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 156.302075][ T7585] netlink: 146 bytes leftover after parsing attributes in process `syz.3.511'. [ 156.324285][ T7608] CPU: 1 UID: 0 PID: 7608 Comm: syz.1.512 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 156.335010][ T7608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 156.345097][ T7608] Call Trace: [ 156.348405][ T7608] [ 156.351354][ T7608] dump_stack_lvl+0x16c/0x1f0 [ 156.356068][ T7608] should_fail_ex+0x497/0x5b0 [ 156.360787][ T7608] _copy_to_user+0x32/0xd0 [ 156.365239][ T7608] simple_read_from_buffer+0xd0/0x160 [ 156.370658][ T7608] tracing_stats_read+0x4a3/0x710 [ 156.375734][ T7608] ? __pfx_tracing_stats_read+0x10/0x10 [ 156.381314][ T7608] vfs_readv+0x6bf/0x890 [ 156.385582][ T7608] ? fdget_pos+0x267/0x390 [ 156.390040][ T7608] ? __pfx_vfs_readv+0x10/0x10 [ 156.394831][ T7608] ? __mutex_lock+0x1cc/0xa60 [ 156.399532][ T7608] ? find_held_lock+0x2d/0x110 [ 156.404331][ T7608] ? __pfx___mutex_lock+0x10/0x10 [ 156.409392][ T7608] ? trace_lock_acquire+0x14e/0x1f0 [ 156.414639][ T7608] ? __fget_files+0x206/0x3a0 [ 156.419374][ T7608] ? do_readv+0x133/0x340 [ 156.423732][ T7608] do_readv+0x133/0x340 [ 156.427914][ T7608] ? __pfx_do_readv+0x10/0x10 [ 156.432631][ T7608] do_syscall_64+0xcd/0x250 [ 156.437191][ T7608] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.443120][ T7608] RIP: 0033:0x7f4100f85d29 [ 156.447570][ T7608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 156.467220][ T7608] RSP: 002b:00007f4101dfd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 156.476195][ T7608] RAX: ffffffffffffffda RBX: 00007f4101175fa0 RCX: 00007f4100f85d29 [ 156.484197][ T7608] RDX: 0000000000000001 RSI: 0000000020000a80 RDI: 0000000000000003 [ 156.492204][ T7608] RBP: 00007f4101dfd090 R08: 0000000000000000 R09: 0000000000000000 [ 156.500202][ T7608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 156.508236][ T7608] R13: 0000000000000000 R14: 00007f4101175fa0 R15: 00007ffffc6587c8 [ 156.516263][ T7608] [ 156.623399][ T7615] FAULT_INJECTION: forcing a failure. [ 156.623399][ T7615] name failslab, interval 1, probability 0, space 0, times 0 [ 156.712018][ T7615] CPU: 1 UID: 0 PID: 7615 Comm: syz.0.516 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 156.722675][ T7615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 156.732739][ T7615] Call Trace: [ 156.736016][ T7615] [ 156.739036][ T7615] dump_stack_lvl+0x16c/0x1f0 [ 156.743722][ T7615] should_fail_ex+0x497/0x5b0 [ 156.748406][ T7615] ? fs_reclaim_acquire+0xae/0x150 [ 156.753525][ T7615] should_failslab+0xc2/0x120 [ 156.758210][ T7615] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 156.764031][ T7615] ? copy_process+0x49c/0x6f20 [ 156.768802][ T7615] ? _raw_spin_unlock_irq+0x23/0x50 [ 156.774007][ T7615] copy_process+0x49c/0x6f20 [ 156.778608][ T7615] ? __might_fault+0x13b/0x190 [ 156.783384][ T7615] ? __pfx_lock_release+0x10/0x10 [ 156.788408][ T7615] ? trace_lock_acquire+0x14e/0x1f0 [ 156.793618][ T7615] ? __pfx_copy_process+0x10/0x10 [ 156.798648][ T7615] ? __might_fault+0xe3/0x190 [ 156.803343][ T7615] ? _copy_from_user+0x59/0xd0 [ 156.808135][ T7615] kernel_clone+0xfd/0x960 [ 156.812561][ T7615] ? __pfx_kernel_clone+0x10/0x10 [ 156.817599][ T7615] ? vfs_write+0x306/0x1150 [ 156.822116][ T7615] __do_sys_clone3+0x1f9/0x270 [ 156.826885][ T7615] ? __pfx___do_sys_clone3+0x10/0x10 [ 156.832205][ T7615] do_syscall_64+0xcd/0x250 [ 156.836809][ T7615] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.842709][ T7615] RIP: 0033:0x7f5332d85d29 [ 156.847126][ T7615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 156.866738][ T7615] RSP: 002b:00007f5333bc9f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 156.875157][ T7615] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f5332d85d29 [ 156.883221][ T7615] RDX: 00007f5333bc9f20 RSI: 0000000000000058 RDI: 00007f5333bc9f20 [ 156.891200][ T7615] RBP: 00007f5333bca090 R08: 0000000000000000 R09: 0000000000000058 [ 156.899190][ T7615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 156.907165][ T7615] R13: 0000000000000000 R14: 00007f5332f75fa0 R15: 00007fff15cf59b8 [ 156.915152][ T7615] [ 158.163967][ T5831] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 158.381952][ T7639] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 158.404793][ T7639] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 158.458156][ T7639] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 158.509445][ T7639] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 158.891860][ T7653] netlink: 16 bytes leftover after parsing attributes in process `syz.3.527'. [ 159.848226][ T5831] Bluetooth: hci1: command 0x0c1a tx timeout [ 160.407927][ T5831] Bluetooth: hci0: command 0x0c1a tx timeout [ 160.487586][ T5831] Bluetooth: hci2: command 0x0c1a tx timeout [ 160.567905][ T5831] Bluetooth: hci3: command 0x0c1a tx timeout [ 160.857814][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 161.087552][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 161.197614][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 161.207637][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 161.217638][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 161.588807][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 161.597509][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 161.691101][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 162.407885][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 163.162570][ T7733] HfR: entered promiscuous mode [ 164.263127][ T7769] cifs: Unknown parameter '' [ 164.901438][ T7789] FAULT_INJECTION: forcing a failure. [ 164.901438][ T7789] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 164.945281][ T7789] CPU: 0 UID: 0 PID: 7789 Comm: syz.2.569 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 164.955939][ T7789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 164.966030][ T7789] Call Trace: [ 164.969336][ T7789] [ 164.972293][ T7789] dump_stack_lvl+0x16c/0x1f0 [ 164.977011][ T7789] should_fail_ex+0x497/0x5b0 [ 164.981743][ T7789] _copy_from_user+0x2e/0xd0 [ 164.986379][ T7789] do_ip_getsockopt+0x314/0x2bf0 [ 164.991355][ T7789] ? __pfx_do_ip_getsockopt+0x10/0x10 [ 164.996769][ T7789] ? __pfx_mark_lock+0x10/0x10 [ 165.001574][ T7789] ? hlock_class+0x4e/0x130 [ 165.006113][ T7789] ? mark_lock+0xb5/0xc60 [ 165.010487][ T7789] ? hlock_class+0x4e/0x130 [ 165.015122][ T7789] ? hlock_class+0x4e/0x130 [ 165.019664][ T7789] ? mark_lock+0xb5/0xc60 [ 165.024031][ T7789] ? hlock_class+0x4e/0x130 [ 165.028572][ T7789] ? hlock_class+0x4e/0x130 [ 165.033113][ T7789] ? mark_lock+0xb5/0xc60 [ 165.037484][ T7789] ? __pfx_mark_lock+0x10/0x10 [ 165.042300][ T7789] ? __pfx_mark_lock+0x10/0x10 [ 165.047111][ T7789] ? __pfx___lock_acquire+0x10/0x10 [ 165.052351][ T7789] ? hlock_class+0x4e/0x130 [ 165.056981][ T7789] ? __pfx___lock_acquire+0x10/0x10 [ 165.062229][ T7789] ip_getsockopt+0x9c/0x1e0 [ 165.066778][ T7789] ? __pfx_ip_getsockopt+0x10/0x10 [ 165.071923][ T7789] ? __lock_acquire+0x15a9/0x3c40 [ 165.077003][ T7789] ipv6_getsockopt+0x230/0x280 [ 165.081807][ T7789] ? __pfx_ipv6_getsockopt+0x10/0x10 [ 165.087133][ T7789] ? __pfx_mark_lock+0x10/0x10 [ 165.091947][ T7789] sctp_getsockopt+0x1d2/0x7ae0 [ 165.096844][ T7789] ? hlock_class+0x4e/0x130 [ 165.101379][ T7789] ? mark_lock+0xb5/0xc60 [ 165.105738][ T7789] ? aa_label_sk_perm+0x19d/0x5a0 [ 165.110804][ T7789] ? __pfx_sctp_getsockopt+0x10/0x10 [ 165.116127][ T7789] ? __lock_acquire+0x15a9/0x3c40 [ 165.121204][ T7789] ? __pfx___lock_acquire+0x10/0x10 [ 165.126460][ T7789] ? find_held_lock+0x2d/0x110 [ 165.131351][ T7789] ? __might_fault+0x13b/0x190 [ 165.136175][ T7789] ? __pfx_lock_release+0x10/0x10 [ 165.141232][ T7789] ? trace_lock_acquire+0x14e/0x1f0 [ 165.146476][ T7789] ? lock_acquire+0x2f/0xb0 [ 165.151009][ T7789] ? __might_fault+0xe3/0x190 [ 165.155723][ T7789] ? __might_fault+0xe3/0x190 [ 165.160441][ T7789] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 165.166369][ T7789] ? do_sock_getsockopt+0x3fe/0x870 [ 165.171597][ T7789] do_sock_getsockopt+0x3fe/0x870 [ 165.176660][ T7789] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 165.182246][ T7789] ? lock_acquire+0x2f/0xb0 [ 165.186958][ T7789] ? __fget_files+0x40/0x3a0 [ 165.191586][ T7789] ? __fget_files+0x206/0x3a0 [ 165.196314][ T7789] __sys_getsockopt+0x12f/0x260 [ 165.201209][ T7789] __x64_sys_getsockopt+0xbd/0x160 [ 165.206360][ T7789] ? do_syscall_64+0x91/0x250 [ 165.211122][ T7789] ? lockdep_hardirqs_on+0x7c/0x110 [ 165.216369][ T7789] do_syscall_64+0xcd/0x250 [ 165.220921][ T7789] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.226859][ T7789] RIP: 0033:0x7f93c6185d29 [ 165.231308][ T7789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 165.250957][ T7789] RSP: 002b:00007f93c707e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 165.259414][ T7789] RAX: ffffffffffffffda RBX: 00007f93c6375fa0 RCX: 00007f93c6185d29 [ 165.267425][ T7789] RDX: 0000000000000483 RSI: 0000000000000000 RDI: 0000000000000003 [ 165.275433][ T7789] RBP: 00007f93c707e090 R08: 0000000020000040 R09: 0000000000000000 [ 165.283452][ T7789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 165.291479][ T7789] R13: 0000000000000000 R14: 00007f93c6375fa0 R15: 00007ffd1df112f8 [ 165.299511][ T7789] [ 165.314578][ T7790] erspan0: entered allmulticast mode [ 167.345606][ T7821] could not allocate digest TFM handle [ 167.538760][ T7819] could not allocate digest TFM handle [ 168.438479][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 168.997492][ T7836] syz.3.580 uses obsolete (PF_INET,SOCK_PACKET) [ 170.740365][ T7905] [U] [ 170.743348][ T7905] [U] [ 170.746076][ T7905] [U] [ 170.748803][ T7905] [U] [ 170.787530][ T7905] [U] [ 170.790303][ T7905] [U] [ 170.793026][ T7905] [U] [ 170.795745][ T7905] [U] [ 170.827635][ T7905] [U] [ 170.830404][ T7905] [U] [ 170.833136][ T7905] [U] [ 170.835863][ T7905] [U] [ 170.868768][ T7906] [U] [ 172.021481][ T7921] sp0: Synchronizing with TNC [ 175.568644][ T7965] netlink: 4 bytes leftover after parsing attributes in process `syz.1.616'. [ 175.608236][ T7965] netlink: 4 bytes leftover after parsing attributes in process `syz.1.616'. [ 175.696488][ T7957] netlink: 330 bytes leftover after parsing attributes in process `syz.0.612'. [ 177.216943][ T7992] netlink: 24 bytes leftover after parsing attributes in process `syz.0.626'. [ 179.197125][ T8034] netlink: 24 bytes leftover after parsing attributes in process `syz.0.636'. [ 180.601439][ T8050] tipc: Started in network mode [ 180.606665][ T8050] tipc: Node identity ffffffff, cluster identity 4711 [ 180.619666][ T8050] tipc: Node number set to 4294967295 [ 182.506617][ T8080] netlink: 24 bytes leftover after parsing attributes in process `syz.0.646'. [ 183.773031][ T8113] netlink: 4 bytes leftover after parsing attributes in process `syz.1.662'. [ 184.124947][ T8126] netlink: 'syz.2.666': attribute type 72 has an invalid length. [ 184.167469][ T8126] netlink: 16 bytes leftover after parsing attributes in process `syz.2.666'. [ 184.351209][ T8133] nvme_fcloop: unknown parameter or missing value '/' [ 184.602731][ T8142] netlink: 4 bytes leftover after parsing attributes in process `syz.0.679'. [ 184.781039][ T8152] FAULT_INJECTION: forcing a failure. [ 184.781039][ T8152] name failslab, interval 1, probability 0, space 0, times 0 [ 184.802938][ T8152] CPU: 0 UID: 0 PID: 8152 Comm: syz.3.674 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 184.813596][ T8152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 184.823692][ T8152] Call Trace: [ 184.826999][ T8152] [ 184.829986][ T8152] dump_stack_lvl+0x16c/0x1f0 [ 184.834722][ T8152] should_fail_ex+0x497/0x5b0 [ 184.839440][ T8152] ? fs_reclaim_acquire+0xae/0x150 [ 184.844594][ T8152] should_failslab+0xc2/0x120 [ 184.849321][ T8152] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 184.854736][ T8152] ? getname_flags.part.0+0x4c/0x550 [ 184.860073][ T8152] getname_flags.part.0+0x4c/0x550 [ 184.865224][ T8152] ? do_user_addr_fault+0xdc7/0x13f0 [ 184.870632][ T8152] getname+0x8d/0xe0 [ 184.874565][ T8152] do_sys_openat2+0x104/0x1e0 [ 184.879374][ T8152] ? __pfx_do_sys_openat2+0x10/0x10 [ 184.884618][ T8152] ? do_user_addr_fault+0xe50/0x13f0 [ 184.889933][ T8152] ? __pfx_lock_release+0x10/0x10 [ 184.894990][ T8152] __x64_sys_openat+0x175/0x210 [ 184.899880][ T8152] ? __pfx___x64_sys_openat+0x10/0x10 [ 184.905304][ T8152] ? do_user_addr_fault+0x83d/0x13f0 [ 184.910630][ T8152] do_syscall_64+0xcd/0x250 [ 184.915180][ T8152] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.921113][ T8152] RIP: 0033:0x7f2481984690 [ 184.925558][ T8152] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 184.945207][ T8152] RSP: 002b:00007f2482794f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 184.953672][ T8152] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f2481984690 [ 184.961684][ T8152] RDX: 0000000000000002 RSI: 00007f2482794fa0 RDI: 00000000ffffff9c [ 184.969695][ T8152] RBP: 00007f2482794fa0 R08: 0000000000000000 R09: 00007f2482794cd7 [ 184.977700][ T8152] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 184.985706][ T8152] R13: 0000000000000000 R14: 00007f2481b75fa0 R15: 00007fff8d0b0d08 [ 184.993730][ T8152] [ 185.045130][ T8145] netlink: 330 bytes leftover after parsing attributes in process `syz.2.671'. [ 185.499444][ T8167] netlink: 'syz.0.678': attribute type 72 has an invalid length. [ 185.531292][ T8167] netlink: 16 bytes leftover after parsing attributes in process `syz.0.678'. [ 186.825960][ T8199] netlink: 16 bytes leftover after parsing attributes in process `syz.2.690'. [ 187.096315][ T8206] netlink: 16 bytes leftover after parsing attributes in process `syz.0.699'. [ 188.229902][ T8227] Invalid ELF header magic: != ELF [ 188.589979][ T8234] netlink: 28 bytes leftover after parsing attributes in process `syz.2.700'. [ 191.769631][ T8286] netlink: 122 bytes leftover after parsing attributes in process `syz.1.716'. [ 191.876360][ T8285] ima: policy update failed [ 191.887596][ T29] audit: type=1802 audit(1734680258.943:2): pid=8285 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.716" res=0 errno=0 [ 194.443901][ T8338] vivid-008: ================= START STATUS ================= [ 194.482650][ T8338] vivid-008: RDS Tx I/O Mode: Controls [ 194.526793][ T8338] vivid-008: RDS Program ID: 32904 [ 194.569647][ T8338] vivid-008: RDS Program Type: 3 [ 194.587413][ T8338] vivid-008: RDS PS Name: VIVID-TX [ 194.597703][ T8338] vivid-008: RDS Radio Text: This is a VIVID default Radio Text template text, change at will [ 194.633303][ T8338] vivid-008: RDS Stereo: true [ 194.644082][ T8338] vivid-008: RDS Artificial Head: false [ 194.662141][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.669562][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.692324][ T8338] vivid-008: RDS Compressed: false [ 194.702710][ T8338] vivid-008: RDS Dynamic PTY: false [ 194.718429][ T8338] vivid-008: RDS Traffic Announcement: false [ 194.740876][ T8338] vivid-008: RDS Traffic Program: true [ 194.756819][ T8338] vivid-008: RDS Music: true [ 194.767007][ T8338] vivid-008: ================== END STATUS ================== [ 196.232568][ T8353] bridge0: port 3(syz_tun) entered blocking state [ 196.278379][ T8353] bridge0: port 3(syz_tun) entered disabled state [ 196.285027][ T8353] syz_tun: entered allmulticast mode [ 196.348697][ T8353] syz_tun: entered promiscuous mode [ 196.382793][ T8353] bridge0: port 3(syz_tun) entered blocking state [ 196.389774][ T8353] bridge0: port 3(syz_tun) entered forwarding state [ 198.437978][ T8406] nvme_fcloop: unknown parameter or missing value '/' [ 200.093870][ T8423] Invalid ELF header magic: != ELF [ 201.383056][ T8439] ubi13: attaching mtd0 [ 201.407777][ T8439] ubi13 error: ubi_attach_mtd_dev: bad VID header (13) or data offsets (77) [ 204.327484][ T8478] Invalid ELF header magic: != ELF [ 204.417816][ T8481] openvswitch: netlink: IP tunnel attribute has 5 unknown bytes. [ 210.791735][ T8591] zero sized request [ 212.226339][ T8608] Process accounting resumed [ 213.276012][ T8618] Process accounting resumed [ 214.704404][ T8636] could not allocate digest TFM handle [ 214.840103][ T8639] could not allocate digest TFM handle [ 217.568400][ T8680] could not allocate digest TFM handle [ 217.821396][ T8678] could not allocate digest TFM handle [ 219.050038][ T8698] Process accounting resumed [ 219.504642][ T8707] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26) [ 219.918902][ T8719] Format for unlinking a device is "netnsfd:ifidx" (int uint). [ 220.226062][ T8706] ima: policy update failed [ 220.230803][ T29] audit: type=1802 audit(1734680287.293:3): pid=8706 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.841" res=0 errno=0 [ 225.000538][ T8786] vivid-004: kernel_thread() failed [ 225.932955][ T8801] kexec: Could not allocate control_code_buffer [ 233.487423][ T29] audit: type=1806 audit(1734680300.523:4): xattr="" res=-22 [ 238.729953][ T9059] netlink: 4 bytes leftover after parsing attributes in process `syz.1.932'. [ 239.267854][ T9078] kAFS: bad VL server IP address [ 243.235753][ T9117] kAFS: bad VL server IP address [ 246.117354][ T9124] syz.1.952 (9124) used greatest stack depth: 19904 bytes left [ 247.100690][ T23] process 5834 (syz-executor) no longer affine to cpu1 [ 247.101352][ T23] process 9037 (syz.1.930) no longer affine to cpu1 [ 247.101822][ T23] process 9004 (syz.1.921) no longer affine to cpu1 [ 247.102527][ T23] process 9000 (syz.1.921) no longer affine to cpu1 [ 247.104267][ T23] process 9082 (syz.1.941) no longer affine to cpu1 [ 247.207884][ T975] smpboot: CPU 1 is now offline [ 247.358904][ T975] process 9128 (syz.1.953) no longer affine to cpu1 [ 247.793509][ T9142] Process accounting resumed [ 249.223821][ T9170] ttyS ttyS2: ldisc open failed (-12), clearing slot 2 [ 256.089014][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.095323][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 258.680407][ T9312] workqueue: max_active 101917900 requested for scsi_tmf_0 is out of range, clamping between 1 and 2048 [ 263.089751][ T9355] netlink: 146 bytes leftover after parsing attributes in process `syz.0.1019'. [ 263.869247][ T9357] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1020'. [ 266.658258][ T9403] can: request_module (can-proto-5) failed. [ 266.970488][ T9406] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1032'. [ 267.151199][ T9406] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 268.300816][ T9406] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 270.820342][ T9422] openvswitch: netlink: IP tunnel TTL not specified. [ 274.573769][ T9453] ======================================================= [ 274.573769][ T9453] WARNING: The mand mount option has been deprecated and [ 274.573769][ T9453] and is ignored by this kernel. Remove the mand [ 274.573769][ T9453] option from the mount to silence this warning. [ 274.573769][ T9453] ======================================================= [ 275.736247][ T9004] syz.1.921 (9004) used greatest stack depth: 18384 bytes left [ 277.975759][ T9476] Process accounting paused [ 282.493948][ T9543] ovs_: entered promiscuous mode [ 286.443378][ T9037] syz.1.930 (9037) used greatest stack depth: 17584 bytes left [ 289.736942][ T5831] Bluetooth: hci3: Malformed Event: 0x02 [ 290.212860][ T9650] netlink: 4707 bytes leftover after parsing attributes in process `syz.0.1101'. [ 291.939169][ T9678] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1111'. [ 292.008497][ T9678] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 292.044753][ T9678] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 292.206532][ T9678] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 292.226195][ T9678] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 293.017930][ T9697] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1114'. [ 294.388624][ T9721] FAULT_INJECTION: forcing a failure. [ 294.388624][ T9721] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 294.580601][ T9721] CPU: 0 UID: 0 PID: 9721 Comm: syz.1.1120 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 294.591319][ T9721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 294.601363][ T9721] Call Trace: [ 294.604646][ T9721] [ 294.607740][ T9721] dump_stack_lvl+0x16c/0x1f0 [ 294.612563][ T9721] should_fail_ex+0x497/0x5b0 [ 294.617249][ T9721] _copy_from_user+0x2e/0xd0 [ 294.621840][ T9721] copy_clone_args_from_user+0x156/0x780 [ 294.627480][ T9721] ? ksys_write+0x12b/0x250 [ 294.631997][ T9721] ? __pfx_copy_clone_args_from_user+0x10/0x10 [ 294.638154][ T9721] ? proc_fail_nth_write+0xa0/0x250 [ 294.643356][ T9721] ? vfs_write+0x306/0x1150 [ 294.647855][ T9721] __do_sys_clone3+0xac/0x270 [ 294.652527][ T9721] ? __pfx___do_sys_clone3+0x10/0x10 [ 294.657825][ T9721] ? __pfx_vfs_write+0x10/0x10 [ 294.662632][ T9721] ? __pfx_lock_release+0x10/0x10 [ 294.667690][ T9721] do_syscall_64+0xcd/0x250 [ 294.672198][ T9721] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 294.678094][ T9721] RIP: 0033:0x7f4100f85d29 [ 294.682499][ T9721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 294.702116][ T9721] RSP: 002b:00007f4101dfcf08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 294.710534][ T9721] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f4100f85d29 [ 294.718583][ T9721] RDX: 00007f4101dfcf20 RSI: 0000000000000058 RDI: 00007f4101dfcf20 [ 294.726551][ T9721] RBP: 00007f4101dfd090 R08: 0000000000000000 R09: 0000000000000058 [ 294.734547][ T9721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 294.742618][ T9721] R13: 0000000000000000 R14: 00007f4101175fa0 R15: 00007ffffc6587c8 [ 294.750615][ T9721] [ 294.957738][ T9729] Process accounting resumed [ 295.011307][ T9731] syz.2.1122 (9731): drop_caches: 0 [ 296.188537][ T9751] RDS: rds_bind could not find a transport for ::ffff:172.30.1.1, load rds_tcp or rds_rdma? [ 296.431808][ T29] audit: type=1326 audit(1734680363.493:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9752 comm="syz.3.1129" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2481985d29 code=0x0 [ 296.680850][ T9735] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1124'. [ 296.909153][ T9735] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 296.962783][ T9735] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 297.231698][ T9735] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 297.323582][ T9735] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 300.194688][ T9851] device-mapper: ioctl: name not supplied when creating device [ 301.149627][ T9880] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 303.023613][ T9914] FAULT_INJECTION: forcing a failure. [ 303.023613][ T9914] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 303.087375][ T9914] CPU: 0 UID: 0 PID: 9914 Comm: syz.2.1164 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 303.098076][ T9914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 303.108132][ T9914] Call Trace: [ 303.111406][ T9914] [ 303.114328][ T9914] dump_stack_lvl+0x16c/0x1f0 [ 303.119004][ T9914] should_fail_ex+0x497/0x5b0 [ 303.123682][ T9914] _copy_to_iter+0x29b/0x1400 [ 303.128716][ T9914] ? pipe_read+0x8b7/0x13f0 [ 303.133399][ T9914] ? find_held_lock+0x2d/0x110 [ 303.138152][ T9914] ? __pfx__copy_to_iter+0x10/0x10 [ 303.143253][ T9914] ? __pfx___mutex_lock+0x10/0x10 [ 303.148280][ T9914] copy_page_to_iter+0xf1/0x180 [ 303.153127][ T9914] pipe_read+0x53d/0x13f0 [ 303.157472][ T9914] ? __pfx_pipe_read+0x10/0x10 [ 303.162258][ T9914] ? __pfx_autoremove_wake_function+0x10/0x10 [ 303.168319][ T9914] ? bpf_lsm_file_permission+0x9/0x10 [ 303.173689][ T9914] ? security_file_permission+0x71/0x210 [ 303.179318][ T9914] vfs_read+0xa4c/0xbe0 [ 303.183469][ T9914] ? __pfx_vfs_read+0x10/0x10 [ 303.188138][ T9914] ? __fget_files+0x40/0x3a0 [ 303.192730][ T9914] ksys_read+0x207/0x250 [ 303.196961][ T9914] ? __pfx_ksys_read+0x10/0x10 [ 303.201738][ T9914] do_syscall_64+0xcd/0x250 [ 303.206236][ T9914] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.212122][ T9914] RIP: 0033:0x7f93c6185d29 [ 303.216527][ T9914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 303.236126][ T9914] RSP: 002b:00007f93c707e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 303.244528][ T9914] RAX: ffffffffffffffda RBX: 00007f93c6375fa0 RCX: 00007f93c6185d29 [ 303.252491][ T9914] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000003 [ 303.260453][ T9914] RBP: 00007f93c707e090 R08: 0000000000000000 R09: 0000000000000000 [ 303.268409][ T9914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 303.276368][ T9914] R13: 0000000000000000 R14: 00007f93c6375fa0 R15: 00007ffd1df112f8 [ 303.284359][ T9914] [ 303.287472][ C0] vkms_vblank_simulate: vblank timer overrun [ 305.374574][ T9961] netlink: 319 bytes leftover after parsing attributes in process `syz.0.1175'. [ 308.289686][T10039] FAULT_INJECTION: forcing a failure. [ 308.289686][T10039] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 308.448506][T10039] CPU: 0 UID: 0 PID: 10039 Comm: syz.0.1190 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 308.459321][T10039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 308.469370][T10039] Call Trace: [ 308.472642][T10039] [ 308.475565][T10039] dump_stack_lvl+0x16c/0x1f0 [ 308.480238][T10039] should_fail_ex+0x497/0x5b0 [ 308.484941][T10039] _copy_from_user+0x2e/0xd0 [ 308.489529][T10039] copy_msghdr_from_user+0x99/0x160 [ 308.494727][T10039] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 308.500527][T10039] ? __lock_acquire+0xcc5/0x3c40 [ 308.505476][T10039] ___sys_sendmsg+0xff/0x1e0 [ 308.510151][T10039] ? __pfx____sys_sendmsg+0x10/0x10 [ 308.515350][T10039] ? trace_lock_acquire+0x14e/0x1f0 [ 308.520554][T10039] __sys_sendmmsg+0x201/0x420 [ 308.525230][T10039] ? __pfx___sys_sendmmsg+0x10/0x10 [ 308.530429][T10039] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 308.536431][T10039] ? fput+0x67/0x440 [ 308.540345][T10039] ? ksys_write+0x1ba/0x250 [ 308.544845][T10039] ? __pfx_ksys_write+0x10/0x10 [ 308.549707][T10039] __x64_sys_sendmmsg+0x9c/0x100 [ 308.554641][T10039] ? lockdep_hardirqs_on+0x7c/0x110 [ 308.559843][T10039] do_syscall_64+0xcd/0x250 [ 308.564428][T10039] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.570408][T10039] RIP: 0033:0x7f5332d85d29 [ 308.574821][T10039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 308.594442][T10039] RSP: 002b:00007f5333ba9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 308.602882][T10039] RAX: ffffffffffffffda RBX: 00007f5332f76080 RCX: 00007f5332d85d29 [ 308.610843][T10039] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000003 [ 308.618891][T10039] RBP: 00007f5333ba9090 R08: 0000000000000000 R09: 0000000000000000 [ 308.626847][T10039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 308.634805][T10039] R13: 0000000000000001 R14: 00007f5332f76080 R15: 00007fff15cf59b8 [ 308.642775][T10039] [ 308.645834][ C0] vkms_vblank_simulate: vblank timer overrun [ 316.849475][T10172] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1213'. [ 317.534237][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.543251][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.672815][T10281] program syz.0.1244 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 324.017102][T10295] ICMPv6: process `syz.0.1246' is using deprecated sysctl (syscall) net.ipv6.neigh.virt_wifi0.retrans_time - use net.ipv6.neigh.virt_wifi0.retrans_time_ms instead [ 325.994358][T10166] Process accounting resumed [ 326.716992][T10345] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1257'. [ 326.773671][T10345] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1257'. [ 327.317854][T10365] bcache: register_bcache() error : failed to open device [ 327.887745][T10372] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1263'. [ 328.672747][T10391] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 400008000010006 [ 330.614192][T10413] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 330.658057][T10413] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 330.664083][T10413] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 330.708774][T10413] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 331.065197][T10431] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 331.878301][T10461] bridge0: port 3(batadv0) entered blocking state [ 331.885672][T10461] bridge0: port 3(batadv0) entered disabled state [ 331.939262][T10461] batadv0: entered allmulticast mode [ 331.969186][T10461] batadv0: entered promiscuous mode [ 331.974750][T10461] bridge0: port 3(batadv0) entered blocking state [ 331.982185][T10461] bridge0: port 3(batadv0) entered forwarding state [ 332.079402][T10468] syz.1.1292 (10468): attempted to duplicate a private mapping with mremap. This is not supported. [ 332.233248][ T7605] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 332.242810][ T7605] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 332.647606][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 332.701592][T10485] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1298'. [ 332.730492][ T5145] Bluetooth: hci3: command 0x0c1a tx timeout [ 332.736520][ T5145] Bluetooth: hci2: command 0x0c1a tx timeout [ 332.742912][ T5831] Bluetooth: hci0: command 0x0c1a tx timeout [ 332.866997][T10487] netlink: 'syz.0.1301': attribute type 1 has an invalid length. [ 332.911931][T10487] netlink: 'syz.0.1301': attribute type 1 has an invalid length. [ 333.020447][T10493] bcache: register_bcache() error : failed to open device [ 334.311902][T10517] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1311'. [ 334.622272][T10520] aoe: can't write to that file. [ 334.888182][T10527] aoe: can't write to that file. [ 334.893148][T10527] aoe: can't write to that file. [ 336.785080][T10549] bcache: register_bcache() error : failed to open device [ 337.212900][T10546] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 337.508790][T10556] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1323'. [ 337.735006][T10559] bridge0: port 3(hsr0) entered blocking state [ 337.793582][T10559] bridge0: port 3(hsr0) entered disabled state [ 337.876800][T10559] hsr0: entered allmulticast mode [ 337.969263][T10559] hsr_slave_0: entered allmulticast mode [ 338.057767][T10559] hsr_slave_1: entered allmulticast mode [ 338.149076][T10559] hsr0: entered promiscuous mode [ 338.212843][T10559] bridge0: port 3(hsr0) entered blocking state [ 338.219121][T10559] bridge0: port 3(hsr0) entered forwarding state [ 338.411732][T10575] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 338.463084][T10575] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 338.535023][T10575] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 338.600198][T10575] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 338.986490][T10584] FAULT_INJECTION: forcing a failure. [ 338.986490][T10584] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 339.055505][T10584] CPU: 0 UID: 0 PID: 10584 Comm: syz.2.1332 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 339.066296][T10584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 339.076350][T10584] Call Trace: [ 339.079636][T10584] [ 339.082555][T10584] dump_stack_lvl+0x16c/0x1f0 [ 339.087250][T10584] should_fail_ex+0x497/0x5b0 [ 339.091940][T10584] _copy_from_user+0x2e/0xd0 [ 339.096529][T10584] copy_msghdr_from_user+0x99/0x160 [ 339.101748][T10584] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 339.107611][T10584] ___sys_sendmsg+0xff/0x1e0 [ 339.112269][T10584] ? __pfx____sys_sendmsg+0x10/0x10 [ 339.117520][T10584] ? __pfx_lock_release+0x10/0x10 [ 339.122560][T10584] ? trace_lock_acquire+0x14e/0x1f0 [ 339.127767][T10584] ? __fget_files+0x206/0x3a0 [ 339.132442][T10584] __sys_sendmsg+0x16e/0x220 [ 339.137047][T10584] ? __pfx___sys_sendmsg+0x10/0x10 [ 339.142181][T10584] do_syscall_64+0xcd/0x250 [ 339.146694][T10584] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.152615][T10584] RIP: 0033:0x7f93c6185d29 [ 339.157023][T10584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 339.176622][T10584] RSP: 002b:00007f93c707e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 339.185031][T10584] RAX: ffffffffffffffda RBX: 00007f93c6375fa0 RCX: 00007f93c6185d29 [ 339.193007][T10584] RDX: 0000000000000080 RSI: 0000000020007500 RDI: 0000000000000004 [ 339.200964][T10584] RBP: 00007f93c707e090 R08: 0000000000000000 R09: 0000000000000000 [ 339.208933][T10584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 339.216897][T10584] R13: 0000000000000000 R14: 00007f93c6375fa0 R15: 00007ffd1df112f8 [ 339.224870][T10584] [ 339.788167][T10600] QAT: Stopping all acceleration devices. [ 340.353608][T10615] bridge0: port 3(hsr0) entered blocking state [ 340.399604][T10615] bridge0: port 3(hsr0) entered disabled state [ 340.428286][T10615] hsr0: entered allmulticast mode [ 340.445786][T10615] hsr_slave_0: entered allmulticast mode [ 340.468530][T10615] hsr_slave_1: entered allmulticast mode [ 340.489005][ T5145] Bluetooth: hci0: command 0x0c1a tx timeout [ 340.495143][ T5831] Bluetooth: hci1: command 0x0c1a tx timeout [ 340.542227][T10615] hsr0: entered promiscuous mode [ 340.567389][ T5145] Bluetooth: hci2: command 0x0c1a tx timeout [ 340.620137][T10615] bridge0: port 3(hsr0) entered blocking state [ 340.626406][T10615] bridge0: port 3(hsr0) entered forwarding state [ 340.648651][ T5145] Bluetooth: hci3: command 0x0c1a tx timeout [ 341.157296][T10625] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 341.209059][T10625] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 341.229878][T10625] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 341.262009][T10625] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 341.863058][T10656] QAT: Stopping all acceleration devices. [ 342.248727][T10662] FAULT_INJECTION: forcing a failure. [ 342.248727][T10662] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 342.319029][T10662] CPU: 0 UID: 0 PID: 10662 Comm: syz.0.1349 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 342.329819][T10662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 342.339871][T10662] Call Trace: [ 342.343145][T10662] [ 342.346090][T10662] dump_stack_lvl+0x16c/0x1f0 [ 342.350765][T10662] should_fail_ex+0x497/0x5b0 [ 342.355447][T10662] _copy_to_user+0x32/0xd0 [ 342.359857][T10662] simple_read_from_buffer+0xd0/0x160 [ 342.365225][T10662] proc_fail_nth_read+0x198/0x270 [ 342.370245][T10662] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 342.375788][T10662] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 342.381325][T10662] vfs_read+0x1df/0xbe0 [ 342.385474][T10662] ? __fget_files+0x1fc/0x3a0 [ 342.390160][T10662] ? __pfx___mutex_lock+0x10/0x10 [ 342.395176][T10662] ? __pfx_vfs_read+0x10/0x10 [ 342.399856][T10662] ? __fget_files+0x206/0x3a0 [ 342.404532][T10662] ksys_read+0x12b/0x250 [ 342.408763][T10662] ? __pfx_ksys_read+0x10/0x10 [ 342.413523][T10662] do_syscall_64+0xcd/0x250 [ 342.418043][T10662] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.423946][T10662] RIP: 0033:0x7f5332d8473c [ 342.428358][T10662] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 342.447985][T10662] RSP: 002b:00007f5333bca030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 342.456405][T10662] RAX: ffffffffffffffda RBX: 00007f5332f75fa0 RCX: 00007f5332d8473c [ 342.464363][T10662] RDX: 000000000000000f RSI: 00007f5333bca0a0 RDI: 0000000000000004 [ 342.472330][T10662] RBP: 00007f5333bca090 R08: 0000000000000000 R09: 0000000000000000 [ 342.480308][T10662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 342.488304][T10662] R13: 0000000000000000 R14: 00007f5332f75fa0 R15: 00007fff15cf59b8 [ 342.496282][T10662] [ 342.807291][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 343.207411][ T5145] Bluetooth: hci0: command 0x0c1a tx timeout [ 343.287403][ T5831] Bluetooth: hci2: command 0x0c1a tx timeout [ 343.293474][ T5145] Bluetooth: hci3: command 0x0c1a tx timeout [ 343.795152][T10682] bridge0: port 4(hsr0) entered blocking state [ 343.817433][T10682] bridge0: port 4(hsr0) entered disabled state [ 343.837870][T10682] hsr0: entered allmulticast mode [ 343.858892][T10682] hsr_slave_0: entered allmulticast mode [ 343.896947][T10682] hsr_slave_1: entered allmulticast mode [ 343.948238][T10682] hsr0: entered promiscuous mode [ 343.971492][T10682] bridge0: port 4(hsr0) entered blocking state [ 343.977792][T10682] bridge0: port 4(hsr0) entered forwarding state [ 344.090050][T10670] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 344.097612][T10670] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 344.110344][T10670] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 344.126383][T10670] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 345.259177][T10707] netlink: 178 bytes leftover after parsing attributes in process `syz.3.1362'. [ 345.692702][T10716] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1363'. [ 346.088111][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 346.168124][ T5145] Bluetooth: hci3: command 0x0c1a tx timeout [ 346.174161][ T5145] Bluetooth: hci2: command 0x0c1a tx timeout [ 346.180234][ T5831] Bluetooth: hci0: command 0x0c1a tx timeout [ 346.994175][T10750] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1371'. [ 347.051292][T10750] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1371'. [ 347.113832][T10750] netlink: 134 bytes leftover after parsing attributes in process `syz.2.1371'. [ 347.575531][T10768] capability: warning: `syz.2.1376' uses 32-bit capabilities (legacy support in use) [ 348.039608][T10784] Process accounting resumed [ 348.125272][T10786] QAT: Stopping all acceleration devices. [ 348.294055][T10793] netlink: 314 bytes leftover after parsing attributes in process `syz.2.1382'. [ 349.104214][T10804] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1384'. [ 349.181967][T10809] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1384'. [ 349.325709][T10804] netlink: 134 bytes leftover after parsing attributes in process `syz.1.1384'. [ 349.694658][T10816] cifs: Unknown parameter 'no+ 1`rsFn)aHāh`9kA}1\D@.ZCg^' [ 352.330351][T10858] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1397'. [ 352.372725][T10858] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1397'. [ 352.438572][T10858] netlink: 134 bytes leftover after parsing attributes in process `syz.3.1397'. [ 355.251565][T10892] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1408'. [ 355.278379][T10894] binder: 10888:10894 ioctl 40044900 800000000000003 returned -22 [ 355.352077][T10896] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1408'. [ 355.515952][T10892] netlink: 134 bytes leftover after parsing attributes in process `syz.0.1408'. [ 357.961853][T10942] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1422'. [ 358.868950][T10942] team0: Port device team_slave_0 removed [ 359.910415][ T29] audit: type=1800 audit(1734681458.980:6): pid=10970 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1428" name="features" dev="configfs" ino=29436 res=0 errno=0 [ 360.026000][ T29] audit: type=1800 audit(1734681459.020:7): pid=10971 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1428" name="dbroot" dev="configfs" ino=29437 res=0 errno=0 [ 361.098884][T10986] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 366.597598][T11055] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1450'. [ 366.744543][T11059] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1450'. [ 372.887825][T11119] Process accounting resumed [ 378.819967][T11189] Process accounting resumed [ 378.975000][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.985987][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 380.405272][T11227] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1493'. [ 381.636644][T11242] vhci_hcd: not connected 4 [ 381.848260][T11247] syz.0.1501(11247): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 381.975248][T11237] Process accounting resumed [ 382.129390][T11244] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1500'. [ 382.715759][T11261] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1504'. [ 383.272461][T11255] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 383.308645][T11255] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 383.381089][T11255] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 383.467438][T11255] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 385.287329][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 385.367336][ T5145] Bluetooth: hci0: command 0x0c1a tx timeout [ 385.447327][ T5145] Bluetooth: hci2: command 0x0c1a tx timeout [ 385.530205][ T5145] Bluetooth: hci3: command 0x0c1a tx timeout [ 387.529710][T11321] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 387.558792][T11321] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 387.639541][T11321] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 387.670433][T11321] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 388.347452][T11327] netlink: 'syz.2.1521': attribute type 2 has an invalid length. [ 388.379324][T11327] netlink: 674 bytes leftover after parsing attributes in process `syz.2.1521'. [ 388.924949][T11334] openvswitch: netlink: Invalid MD length 0 for MD type 0 [ 389.133140][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 389.607354][ T5145] Bluetooth: hci2: command 0x0c1a tx timeout [ 389.613469][ T5145] Bluetooth: hci0: command 0x0c1a tx timeout [ 389.687303][ T5145] Bluetooth: hci3: command 0x0c1a tx timeout [ 390.923743][T11354] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1529'. [ 391.103139][T11354] hsr0: left allmulticast mode [ 391.218976][T11354] hsr_slave_0: left allmulticast mode [ 391.292719][T11354] hsr_slave_1: left allmulticast mode [ 391.422380][T11354] hsr0: left promiscuous mode [ 391.471017][T11354] bridge0: port 4(hsr0) entered disabled state [ 391.722288][T11364] Invalid ELF header magic: != ELF [ 391.729420][T11354] batadv0: left allmulticast mode [ 391.734449][T11354] batadv0: left promiscuous mode [ 391.798675][T11354] bridge0: port 3(batadv0) entered disabled state [ 392.079977][T11354] bridge_slave_1: left allmulticast mode [ 392.085639][T11354] bridge_slave_1: left promiscuous mode [ 392.161173][T11354] bridge0: port 2(bridge_slave_1) entered disabled state [ 392.454922][T11354] bridge_slave_0: left allmulticast mode [ 392.478290][T11354] bridge_slave_0: left promiscuous mode [ 392.539342][T11354] bridge0: port 1(bridge_slave_0) entered disabled state [ 394.283496][T11396] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1538'. [ 394.720717][T11384] ptrace attach of "./syz-executor exec"[5834] was attempted by "./syz-executor exec"[11384] [ 394.743803][T11403] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1540'. [ 394.775653][T11404] ptrace attach of "./syz-executor exec"[5834] was attempted by "./syz-executor exec"[11404] [ 396.014737][T11424] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1546'. [ 396.196811][T11424] bridge0: port 1(bridge_slave_0) entered disabled state [ 396.217794][T11427] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1547'. [ 396.549220][T11424] bridge_slave_0 (unregistering): left allmulticast mode [ 396.578709][T11433] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 396.619564][T11424] bridge_slave_0 (unregistering): left promiscuous mode [ 396.673516][T11424] bridge0: port 1(bridge_slave_0) entered disabled state [ 397.237669][T11439] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 397.452404][T11439] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 397.821067][T11451] raw_sendmsg: syz.0.1552 forgot to set AF_INET. Fix it! [ 398.041948][T11455] netlink: 'syz.2.1557': attribute type 1 has an invalid length. [ 398.877979][T11473] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1561'. [ 400.230870][T11491] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1566'. [ 402.048650][T11528] Invalid ELF header magic: != ELF [ 402.491628][T11533] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1577'. [ 407.241433][T11587] Invalid ELF header magic: != ELF [ 408.711104][T11607] batman_adv: Routing algorithm '' is not supported [ 409.189485][T11614] nbd: must specify at least one socket [ 410.280543][T11639] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1604'. [ 412.302720][T11678] ------------[ cut here ]------------ [ 412.308761][T11678] WARNING: CPU: 0 PID: 11678 at io_uring/io_uring.h:140 io_lockdep_assert_cq_locked+0x1e9/0x320 [ 412.319428][T11678] Modules linked in: [ 412.323325][T11678] CPU: 0 UID: 0 PID: 11678 Comm: syz.1.1612 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 412.334228][T11678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 412.344415][T11678] RIP: 0010:io_lockdep_assert_cq_locked+0x1e9/0x320 [ 412.351110][T11678] Code: 44 89 e6 e8 a9 a7 0c fd 45 85 e4 0f 84 13 ff ff ff e8 5b a5 0c fd e8 f6 4f d5 fc 48 85 c0 0f 85 00 ff ff ff e8 48 a5 0c fd 90 <0f> 0b 90 e9 f2 fe ff ff e8 3a a5 0c fd 31 ff 89 ee e8 71 a7 0c fd [ 412.371295][T11678] RSP: 0018:ffffc900046cf820 EFLAGS: 00010293 [ 412.377895][T11678] RAX: 0000000000000000 RBX: 0000000000000002 RCX: ffffffff8161f9fa [ 412.385887][T11678] RDX: ffff888025c29e00 RSI: ffffffff848ca9a8 RDI: 0000000000000005 [ 412.394052][T11678] RBP: ffff888025c29e00 R08: 0000000000000005 R09: 0000000000000000 [ 412.402093][T11678] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001 [ 412.410262][T11678] R13: 0000000000000000 R14: ffff88803412a138 R15: ffff888033f61078 [ 412.418313][T11678] FS: 00007f4101ddc6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 412.427491][T11678] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 412.434077][T11678] CR2: 000000110c675256 CR3: 000000005dd7a000 CR4: 00000000003526f0 [ 412.442087][T11678] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 412.450102][T11678] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 412.458138][T11678] Call Trace: [ 412.461438][T11678] [ 412.464372][T11678] ? __warn+0xea/0x3c0 [ 412.468956][T11678] ? io_lockdep_assert_cq_locked+0x1e9/0x320 [ 412.474977][T11678] ? report_bug+0x3c0/0x580 [ 412.479899][T11678] ? handle_bug+0x54/0xa0 [ 412.484232][T11678] ? exc_invalid_op+0x17/0x50 [ 412.489019][T11678] ? asm_exc_invalid_op+0x1a/0x20 [ 412.494058][T11678] ? current_work+0x6a/0xe0 [ 412.498590][T11678] ? io_lockdep_assert_cq_locked+0x1e8/0x320 [ 412.504576][T11678] ? io_lockdep_assert_cq_locked+0x1e9/0x320 [ 412.510609][T11678] __io_submit_flush_completions+0x131/0x1fd0 [ 412.516680][T11678] __io_run_local_work+0x13d/0x560 [ 412.521817][T11678] ? __pfx___io_run_local_work+0x10/0x10 [ 412.527492][T11678] ? xas_find+0x2fd/0x870 [ 412.531819][T11678] io_uring_try_cancel_requests+0x89a/0xd50 [ 412.537759][T11678] ? xa_find_after+0x2ce/0x480 [ 412.542520][T11678] ? __pfx_io_uring_try_cancel_requests+0x10/0x10 [ 412.548977][T11678] ? __percpu_counter_sum+0x1ee/0x270 [ 412.554346][T11678] io_uring_cancel_generic+0x651/0x8e0 [ 412.559844][T11678] ? __pfx_io_uring_cancel_generic+0x10/0x10 [ 412.565912][T11678] ? do_exit+0x313/0x2d70 [ 412.570314][T11678] ? __pfx_lock_release+0x10/0x10 [ 412.575758][T11678] ? __pfx_autoremove_wake_function+0x10/0x10 [ 412.582200][T11678] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 412.587649][T11678] do_exit+0x541/0x2d70 [ 412.591802][T11678] ? get_signal+0x8f7/0x2610 [ 412.596385][T11678] ? __pfx_do_exit+0x10/0x10 [ 412.601012][T11678] ? do_raw_spin_lock+0x12d/0x2c0 [ 412.606030][T11678] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 412.611435][T11678] do_group_exit+0xd3/0x2a0 [ 412.615937][T11678] get_signal+0x2576/0x2610 [ 412.620464][T11678] ? __pfx_get_signal+0x10/0x10 [ 412.625318][T11678] ? __pfx_do_futex+0x10/0x10 [ 412.630043][T11678] arch_do_signal_or_restart+0x90/0x7e0 [ 412.635591][T11678] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 412.641780][T11678] ? rcu_is_watching+0x12/0xc0 [ 412.646543][T11678] syscall_exit_to_user_mode+0x150/0x2a0 [ 412.652380][T11678] do_syscall_64+0xda/0x250 [ 412.656881][T11678] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 412.662799][T11678] RIP: 0033:0x7f4100f85d29 [ 412.667280][T11678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 412.687425][T11678] RSP: 002b:00007f4101ddc0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 412.695834][T11678] RAX: fffffffffffffe00 RBX: 00007f4101176088 RCX: 00007f4100f85d29 [ 412.704238][T11678] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4101176088 [ 412.712323][T11678] RBP: 00007f4101176080 R08: 0000000000000000 R09: 0000000000000000 [ 412.720358][T11678] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f410117608c [ 412.728467][T11678] R13: 0000000000000000 R14: 00007ffffc6586e0 R15: 00007ffffc6587c8 [ 412.736452][T11678] [ 412.739505][T11678] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 412.746777][T11678] CPU: 0 UID: 0 PID: 11678 Comm: syz.1.1612 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 412.757518][T11678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 412.767557][T11678] Call Trace: [ 412.770822][T11678] [ 412.773761][T11678] dump_stack_lvl+0x3d/0x1f0 [ 412.778348][T11678] panic+0x71d/0x800 [ 412.782233][T11678] ? __pfx_panic+0x10/0x10 [ 412.786639][T11678] ? show_trace_log_lvl+0x29d/0x3d0 [ 412.791826][T11678] ? check_panic_on_warn+0x1f/0xb0 [ 412.796931][T11678] ? io_lockdep_assert_cq_locked+0x1e9/0x320 [ 412.802904][T11678] check_panic_on_warn+0xab/0xb0 [ 412.807835][T11678] __warn+0xf6/0x3c0 [ 412.811741][T11678] ? io_lockdep_assert_cq_locked+0x1e9/0x320 [ 412.817713][T11678] report_bug+0x3c0/0x580 [ 412.822047][T11678] handle_bug+0x54/0xa0 [ 412.826193][T11678] exc_invalid_op+0x17/0x50 [ 412.830691][T11678] asm_exc_invalid_op+0x1a/0x20 [ 412.835531][T11678] RIP: 0010:io_lockdep_assert_cq_locked+0x1e9/0x320 [ 412.842114][T11678] Code: 44 89 e6 e8 a9 a7 0c fd 45 85 e4 0f 84 13 ff ff ff e8 5b a5 0c fd e8 f6 4f d5 fc 48 85 c0 0f 85 00 ff ff ff e8 48 a5 0c fd 90 <0f> 0b 90 e9 f2 fe ff ff e8 3a a5 0c fd 31 ff 89 ee e8 71 a7 0c fd [ 412.861706][T11678] RSP: 0018:ffffc900046cf820 EFLAGS: 00010293 [ 412.867761][T11678] RAX: 0000000000000000 RBX: 0000000000000002 RCX: ffffffff8161f9fa [ 412.875717][T11678] RDX: ffff888025c29e00 RSI: ffffffff848ca9a8 RDI: 0000000000000005 [ 412.883679][T11678] RBP: ffff888025c29e00 R08: 0000000000000005 R09: 0000000000000000 [ 412.891636][T11678] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001 [ 412.899598][T11678] R13: 0000000000000000 R14: ffff88803412a138 R15: ffff888033f61078 [ 412.907569][T11678] ? current_work+0x6a/0xe0 [ 412.912090][T11678] ? io_lockdep_assert_cq_locked+0x1e8/0x320 [ 412.918071][T11678] __io_submit_flush_completions+0x131/0x1fd0 [ 412.924131][T11678] __io_run_local_work+0x13d/0x560 [ 412.929234][T11678] ? __pfx___io_run_local_work+0x10/0x10 [ 412.934857][T11678] ? xas_find+0x2fd/0x870 [ 412.939179][T11678] io_uring_try_cancel_requests+0x89a/0xd50 [ 412.945079][T11678] ? xa_find_after+0x2ce/0x480 [ 412.949834][T11678] ? __pfx_io_uring_try_cancel_requests+0x10/0x10 [ 412.956243][T11678] ? __percpu_counter_sum+0x1ee/0x270 [ 412.961603][T11678] io_uring_cancel_generic+0x651/0x8e0 [ 412.967066][T11678] ? __pfx_io_uring_cancel_generic+0x10/0x10 [ 412.973055][T11678] ? do_exit+0x313/0x2d70 [ 412.977375][T11678] ? __pfx_lock_release+0x10/0x10 [ 412.982384][T11678] ? __pfx_autoremove_wake_function+0x10/0x10 [ 412.988448][T11678] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 412.993815][T11678] do_exit+0x541/0x2d70 [ 412.997967][T11678] ? get_signal+0x8f7/0x2610 [ 413.002562][T11678] ? __pfx_do_exit+0x10/0x10 [ 413.007149][T11678] ? do_raw_spin_lock+0x12d/0x2c0 [ 413.012162][T11678] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 413.017527][T11678] do_group_exit+0xd3/0x2a0 [ 413.022021][T11678] get_signal+0x2576/0x2610 [ 413.026520][T11678] ? __pfx_get_signal+0x10/0x10 [ 413.031359][T11678] ? __pfx_do_futex+0x10/0x10 [ 413.036045][T11678] arch_do_signal_or_restart+0x90/0x7e0 [ 413.041585][T11678] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 413.047753][T11678] ? rcu_is_watching+0x12/0xc0 [ 413.052512][T11678] syscall_exit_to_user_mode+0x150/0x2a0 [ 413.058142][T11678] do_syscall_64+0xda/0x250 [ 413.062651][T11678] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 413.068533][T11678] RIP: 0033:0x7f4100f85d29 [ 413.072946][T11678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 413.092543][T11678] RSP: 002b:00007f4101ddc0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 413.100945][T11678] RAX: fffffffffffffe00 RBX: 00007f4101176088 RCX: 00007f4100f85d29 [ 413.108900][T11678] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4101176088 [ 413.116868][T11678] RBP: 00007f4101176080 R08: 0000000000000000 R09: 0000000000000000 [ 413.124835][T11678] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f410117608c [ 413.132804][T11678] R13: 0000000000000000 R14: 00007ffffc6586e0 R15: 00007ffffc6587c8 [ 413.140770][T11678] [ 413.143830][T11678] Kernel Offset: disabled [ 413.148218][T11678] Rebooting in 86400 seconds..