last executing test programs: 8m53.192111417s ago: executing program 1 (id=370): r0 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0) ioctl$auto_USB_RAW_IOCTL_EP_DISABLE(r0, 0x40045506, 0x0) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) ioctl$auto_IOCTL_VMCI_CTX_SET_CPT_STATE(r1, 0x7b2, 0x0) 8m53.048061573s ago: executing program 1 (id=371): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x1, 0x6) socket(0x11, 0x80003, 0x300) socket(0x10, 0x2, 0x0) socket(0x2, 0x3, 0x2) socket(0x2, 0x3, 0x104) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x102, 0x0) socketpair$auto(0x3, 0x5, 0x7, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x40440, 0x40) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) open(&(0x7f0000000080)='./file0\x00', 0x8e67f, 0x20) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) pread64$auto(0x0, 0x0, 0x1, 0x100000000000f) close_range$auto(0x2, 0x8, 0x0) socket(0x1a, 0x1, 0x0) socket(0xa, 0x801, 0x84) connect$auto(0x3, 0x0, 0x55) listen$auto(0x3, 0x81) accept$auto(0x3, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/usb-serial/drivers/edgeport_4/new_id\x00', 0x480a43, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) acct$auto(&(0x7f0000000040)='\x00') acct$auto(0x0) 8m52.152064484s ago: executing program 1 (id=376): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'geneve0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="7d472d00fcdbdf2509000000080003000000", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x8}, 0x4000044) r2 = socket(0xa, 0x5, 0x84) sendto$auto(r2, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe800000003f00"}, 0x1c) 8m51.171971926s ago: executing program 1 (id=379): r0 = socket(0x10, 0x2, 0x0) pipe$auto(&(0x7f0000000140)=r0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) pipe2$auto(0x0, 0x800) r1 = open(0x0, 0x261c2, 0x84) close_range$auto(0x2, 0x8000, 0x0) r2 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x4, 0x1ff, r2, @relative_id=0xd77c, 0xe5fd}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r1, 0x0, 0x3}, 0xc) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bpf$auto(0x1, &(0x7f0000000080)=@bpf_attr_3={0x5, 0x0, 0x702955be, 0x5c, 0x4, 0x9, 0x80, 0xe4, 0xfffff800, "0566c8ee7c78a925488276d7697a12bd", 0x0, 0x2, 0xffffffffffffffff, 0x7, 0x9, 0x4, 0x7, 0x10001, 0x0, 0x8001, @attach_prog_fd, 0x7e, 0x4, 0x1, 0x5, 0x3}, 0x5) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv6/fib_multipath_hash_policy\x00', 0x200, 0x0) read$auto_proc_sys_file_operations_proc_sysctl(r5, 0x0, 0x0) fgetxattr$auto(r0, &(0x7f0000000040)='.%/\x00', &(0x7f0000000280)="2d59d75a613d2a8c6c00cbdf8496eaa0e3f766d4b3d1e2da873577b7a035ab94642042fcc3cf8d3f12a24116808bc0d39fa628e8c5eb5ef17274fc75e308c81685559173ac63db7bea9a4507d1", 0xe1) write$auto(r5, &(0x7f0000000080)='^]%(^-@@\xbb\\\'\x00', 0x164) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYRESHEX=r5, @ANYBLOB='l\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) r6 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x41a800, 0x0) mmap$auto(0x0, 0x8, 0xa, 0x12, r0, 0x9) r7 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/stat/rt_cache\x00', 0x60200, 0x0) read$auto_proc_iter_file_ops_compat_inode(r7, &(0x7f00000004c0)=""/4096, 0x1000) read$auto_proc_iter_file_ops_compat_inode(r7, &(0x7f00000003c0)=""/229, 0xe5) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/workqueue/cpumask_isolated\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r8, &(0x7f0000000380)=""/4094, 0xffe) ioctl$auto_IOCTL_VMCI_CTX_SET_CPT_STATE(r6, 0x7b2, 0x0) 8m50.74098007s ago: executing program 1 (id=383): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = open(0x0, 0x22240, 0x55) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r1, 0x401c5820, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) shutdown$auto(0x200000003, 0x2) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) statx$auto(r0, 0x0, 0x1003, 0x4005, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 8m50.400148181s ago: executing program 1 (id=389): r0 = socket(0x10, 0x2, 0x0) r1 = socket(0x1e, 0x800, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x200}, @HSR_A_IF2_AGE={0x8, 0x4, 0x5}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_IFINDEX={0x8}, @HSR_A_IFINDEX={0x8}, @HSR_A_IF1_AGE={0x8, 0x3, 0x400400}]}, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x9c0a7fc06f585e63) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="1100"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) setsockopt$auto(r1, 0x97, 0x9cc, &(0x7f0000000040)='\x00', 0x5) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/suid_dumpable\x00', 0x8200, 0x0) read$auto(0x3, 0x0, 0x80) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180), 0x2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0xb, 0x4008) 8m34.907240076s ago: executing program 32 (id=389): r0 = socket(0x10, 0x2, 0x0) r1 = socket(0x1e, 0x800, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x200}, @HSR_A_IF2_AGE={0x8, 0x4, 0x5}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_IFINDEX={0x8}, @HSR_A_IFINDEX={0x8}, @HSR_A_IF1_AGE={0x8, 0x3, 0x400400}]}, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x9c0a7fc06f585e63) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="1100"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) setsockopt$auto(r1, 0x97, 0x9cc, &(0x7f0000000040)='\x00', 0x5) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/suid_dumpable\x00', 0x8200, 0x0) read$auto(0x3, 0x0, 0x80) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180), 0x2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0xb, 0x4008) 1m7.162598954s ago: executing program 0 (id=4112): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'geneve0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="7d472d00fcdbdf2509000000080003000000", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x8}, 0x4000044) r2 = socket(0xa, 0x5, 0x84) sendto$auto(r2, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe800000000000ff"}, 0x1c) 1m6.133710226s ago: executing program 0 (id=4118): r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) setrlimit$auto(0xb, 0x0) r1 = getpid() mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mincore$auto(0x1000, 0x8001, 0x0) r2 = gettid() rt_tgsigqueueinfo$auto(r1, r2, 0x21, 0x0) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) sync_file_range$auto(r0, 0x0, 0x1, 0x7) sendfile$auto(0x1, 0x0, 0x0, 0xc01) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r3 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cpu/1/msr\x00', 0x2081, 0x0) ioctl$auto_X86_IOC_WRMSR_REGS(r3, 0xc02063a1, 0x0) mmap$auto(0x10000000, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) 1m5.12759008s ago: executing program 0 (id=4126): mbind$auto(0xfffffffffffff000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x22240, 0x0) fcntl$auto(0x3, 0x400, 0x1) fcntl$auto(r1, 0xa, 0x80000000001) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) read$auto_proc_iter_file_ops_compat_inode(r1, &(0x7f0000000040)=""/67, 0x43) close_range$auto(0x2, 0x8000, 0x0) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) madvise$auto(0x0, 0x5, 0x15) read$auto_proc_pid_maps_operations_internal(r0, &(0x7f00000010c0)=""/4096, 0x1000) madvise$auto(0x4a5, 0x9, 0x2) 1m4.92811604s ago: executing program 0 (id=4128): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x64, r1, 0x1, 0x70bd27, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x80}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @ipv4={'\x00', '\xff\xff', @remote}}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @broadcast}}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e21}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x2400c014) r2 = socket(0x2, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) socket(0x840000000002, 0x3, 0xff) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) io_uring_setup$auto(0x6, 0x0) r3 = openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/cmdline\x00', 0x2000, 0x0) read$auto_proc_pid_cmdline_ops_base(r3, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r4 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x501, 0x0) ioctl$auto_FUSE_DEV_IOC_CLONE(r4, 0x8004e500, 0x0) mmap$auto(0x0, 0x9, 0x2, 0x8000000008011, 0x4, 0x0) connect$auto(r2, &(0x7f0000000180)=@in={0x2, 0x0, @private=0xa010100}, 0x15) write$auto(0x3, 0x0, 0x5b6) 1m4.71673887s ago: executing program 0 (id=4129): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) getpid() fcntl$getown(r0, 0x9) capget$auto(&(0x7f00000002c0)={0x10001}, 0x0) r1 = getpid() process_vm_readv$auto(r1, 0x0, 0x1, 0x0, 0x6, 0x0) r2 = getpid() pidfd_open$auto(r2, 0x0) syz_clone3(0x0, 0x0) open(0x0, 0x22240, 0x155) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) io_uring_enter$auto(0xffffffffffffffff, 0x100, 0xffff230a, 0x9, 0x0, 0x7fff) mmap$auto(0x100000000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) madvise$auto(0x0, 0x2003f0, 0x4) tkill$auto(0x1, 0x7) creat$auto(0x0, 0x4) swapon$auto(0x0, 0x3) 1m2.034509225s ago: executing program 0 (id=4144): r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/maps\x00', 0x82, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001100)='/sys/devices/system/cpu/cpu1/cache/index0/coherency_line_size\x00', 0xa100, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001100)='/sys/devices/system/cpu/cpu1/cache/index0/coherency_line_size\x00', 0xa100, 0x0) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/028/001\x00', 0xa901, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_IPVS_CMD_GET_SERVICE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="040026bd7000fcdbdf2501000000"], 0x14}, 0x1, 0x0, 0x0, 0x4004080}, 0x10) recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0) ioctl$auto(r1, 0xc0105500, r1) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty47\x00', 0x161240, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x400, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000003440)='/sys/devices/virtual/net/rose12/statistics/collisions\x00', 0x22100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000003480)=""/247, 0xf7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0x10, 0x2, 0x0) (async) socket(0x10, 0x2, 0x0) connect$auto(0x3, &(0x7f0000000000)=@nl, 0x55) (async) connect$auto(0x3, &(0x7f0000000000)=@nl, 0x55) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200007, 0x19) open(0x0, 0x1a1043, 0x2a) syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$auto_TIOCSWINSZ2(r3, 0x5414, 0x0) (async) ioctl$auto_TIOCSWINSZ2(r3, 0x5414, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x1, 0xfb5f, 0x48000000000, &(0x7f0000000180)=0xfc00000000000000, 0x630, 0x80000001) ioctl$auto_PROCMAP_QUERY(r0, 0xc0686611, &(0x7f0000000080)={0x101, 0x34, 0x7fff, 0x5, 0x80000000009, 0x1, 0x800, 0x101, 0x5, 0x7f93, 0xfffffffe, 0x7ffffffd, 0x7ff, 0x7, 0x9}) (async) ioctl$auto_PROCMAP_QUERY(r0, 0xc0686611, &(0x7f0000000080)={0x101, 0x34, 0x7fff, 0x5, 0x80000000009, 0x1, 0x800, 0x101, 0x5, 0x7f93, 0xfffffffe, 0x7ffffffd, 0x7ff, 0x7, 0x9}) 1m1.737868181s ago: executing program 33 (id=4144): r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/maps\x00', 0x82, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001100)='/sys/devices/system/cpu/cpu1/cache/index0/coherency_line_size\x00', 0xa100, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001100)='/sys/devices/system/cpu/cpu1/cache/index0/coherency_line_size\x00', 0xa100, 0x0) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/028/001\x00', 0xa901, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_IPVS_CMD_GET_SERVICE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="040026bd7000fcdbdf2501000000"], 0x14}, 0x1, 0x0, 0x0, 0x4004080}, 0x10) recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0) ioctl$auto(r1, 0xc0105500, r1) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty47\x00', 0x161240, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x400, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000003440)='/sys/devices/virtual/net/rose12/statistics/collisions\x00', 0x22100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000003480)=""/247, 0xf7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0x10, 0x2, 0x0) (async) socket(0x10, 0x2, 0x0) connect$auto(0x3, &(0x7f0000000000)=@nl, 0x55) (async) connect$auto(0x3, &(0x7f0000000000)=@nl, 0x55) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200007, 0x19) open(0x0, 0x1a1043, 0x2a) syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$auto_TIOCSWINSZ2(r3, 0x5414, 0x0) (async) ioctl$auto_TIOCSWINSZ2(r3, 0x5414, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x1, 0xfb5f, 0x48000000000, &(0x7f0000000180)=0xfc00000000000000, 0x630, 0x80000001) ioctl$auto_PROCMAP_QUERY(r0, 0xc0686611, &(0x7f0000000080)={0x101, 0x34, 0x7fff, 0x5, 0x80000000009, 0x1, 0x800, 0x101, 0x5, 0x7f93, 0xfffffffe, 0x7ffffffd, 0x7ff, 0x7, 0x9}) (async) ioctl$auto_PROCMAP_QUERY(r0, 0xc0686611, &(0x7f0000000080)={0x101, 0x34, 0x7fff, 0x5, 0x80000000009, 0x1, 0x800, 0x101, 0x5, 0x7f93, 0xfffffffe, 0x7ffffffd, 0x7ff, 0x7, 0x9}) 9.317852453s ago: executing program 3 (id=4413): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) pipe$auto(0x0) open(0x0, 0x2a4c0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) setreuid$auto(0xffffffffffffffff, 0x8) ioctl$auto(0x3, 0x2284, 0x38) socket$nl_generic(0x10, 0x3, 0x10) open(0x0, 0x149443, 0x0) socket(0x1e, 0x5, 0x0) socket(0x10, 0x2, 0xc) pipe$auto(0x0) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) r0 = socket(0xa, 0x5, 0x0) getsockopt$auto(r0, 0x84, 0xb, 0x0, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/rxrpc/stats\x00', 0xaa102, 0x0) write$auto(r1, 0x0, 0x1) r2 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/block/loop13/rqos/wbt/inflight\x00', 0x400183, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r2, &(0x7f0000000080)=""/4096, 0x1000) 7.153003316s ago: executing program 3 (id=4424): mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x8002, 0x0) read$auto(r0, 0x0, 0x80) (async, rerun: 64) socket(0x2, 0x2, 0x1) (async, rerun: 64) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x9) (async) io_uring_setup$auto(0x6, 0x0) (async) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0x5}, 0x5, 0x80000000) (async) clock_adjtime$auto(0x1, &(0x7f0000000000)={0x7, 0x8, 0x4, 0x8, 0x7fffffbf, 0xffffffc0, 0x6, 0x5, 0x3, 0x0, 0xb9, {}, 0x1000, 0x2, 0xb, 0x5, 0x2000006, 0x101, 0x7fff, 0x3}) (async) close_range$auto(0x2, 0x8000, 0x0) (async) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0x48045, 0x0) write$auto(r1, 0x0, 0x6) (async) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) (async) ioctl$auto(0x3, 0x541b, 0x7f) (async) r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event2\x00', 0x20001, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r5, 0x301, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4000) (async) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)={0x74, r5, 0x200, 0x70bd29, 0x25dfdbfc, {}, [@NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0x5866}, @NL80211_ATTR_COLOR_CHANGE_ELEMS={0x58, 0x131, 0x0, 0x1, [@NL80211_ATTR_HE_6GHZ_CAPABILITY={0x4a, 0x125, "16649d5e6e3a87e32e503c3dfaa09eb2b832b728dd081526dca881e1333e8ecdb019d0c2a34f86ebfb53362b454764090a54d11295bb5f276248c11a8f39209ecb933a12580f"}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x400}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x10}, 0x51) (async) ioctl$auto_evdev_fops_evdev(r2, 0xffffffff80004526, 0x0) (async) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) 6.005633648s ago: executing program 3 (id=4430): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x7, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r0, 0x4020aea5, 0x0) socket(0x2c, 0x3, 0x0) socket(0x2c, 0x80003, 0x0) close_range$auto(0x2, 0x8000, 0x0) sched_setparam$auto(0x0, &(0x7f0000000000)={0x2}) 5.674930096s ago: executing program 4 (id=4432): r0 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r0, 0x10f, 0x85, 0x0, 0x0) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0x17, r0, 0x8000) (async) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000040), r0) sendmsg$auto_NFSD_CMD_POOL_MODE_GET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r1, 0x10, 0x70bd27, 0x25dfdbfb, {}, ["", "", "", "", "", "", ""]}, 0x14}}, 0xd51ecf421fcacda3) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) clock_gettime$auto(0x3, 0x0) 5.261496695s ago: executing program 3 (id=4435): r0 = open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0xe3, 0x5, "abcc17b6890f7e9523f8c7845f5b3972c2b19fea7f18fce7d9d76fe53ce365b5c0bea04c08b10744588360cd2feec5c79453283e65c88b4c258ed2c63e6375a3e16647d23b89dc4bee6ca471ac24a4e74b614e5f6a04f081e4a10d2f834228f200cbfe208d696ff0bdc7b4eacdd3536fba2774cf794a3a5c2416d0bd0837540dfa1595bd40319f1d2c9306d0221eb401fa5dc78b817eaddbd02c9ef9af8c8c3283e26bee799866cd5dfa9b777b9538fea1d15a0a56b05de57817322959065d7460ba3f362148f4a307a7b54666960b1fbe8f11e6ba7fe370ebf321af54780803e1a733"}, 0x800) r1 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_SET_SHORT_ADDR(r0, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r1, 0x20, 0x70bd29, 0x25dfdbfe, {}, [@NL802154_ATTR_SCAN_TYPE={0x5}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0xd339}]}, 0x24}, 0x1, 0x0, 0x0, 0x8010}, 0x40080) mmap$auto(0x7ff, 0x8, 0x0, 0x19, r0, 0x6) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'veth0_macvtap\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'macvtap0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'veth0_macvtap\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'veth0_vlan\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'nicvf0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'veth1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r2, &(0x7f0000000740)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000700)={&(0x7f0000000440)={0x2a4, r3, 0x300, 0x70bd27, 0x25dfdbff, {}, [@ETHTOOL_A_TUNNEL_INFO_HEADER={0x88, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}]}, @ETHTOOL_A_TUNNEL_INFO_HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}]}, @ETHTOOL_A_TUNNEL_INFO_HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}, @ETHTOOL_A_TUNNEL_INFO_HEADER={0x4}, @ETHTOOL_A_TUNNEL_INFO_HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}]}, @ETHTOOL_A_TUNNEL_INFO_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xff}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xff}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_TUNNEL_INFO_HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x40}]}, @ETHTOOL_A_TUNNEL_INFO_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}]}, @ETHTOOL_A_TUNNEL_INFO_HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}]}]}, 0x2a4}, 0x1, 0x0, 0x0, 0x4c011}, 0x40) r10 = geteuid() r11 = openat$auto_nsim_dev_hwstats_l3_disable_fops_hwstats(0xffffffffffffff9c, &(0x7f00000007c0)='/sys/kernel/debug/netdevsim/netdevsim7/hwstats/l3/disable_ifindex\x00', 0x1c1080, 0x0) sendmsg$auto_TIPC_NL_NET_SET(r0, &(0x7f0000001140)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000001100)={&(0x7f0000000840)={0x8a8, 0x0, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@TIPC_NLA_NODE={0x3e, 0x6, 0x0, 0x1, [@generic="08a1c152d80677c2d57a8b5427fa6c90c03f3debf4e0073e92d27e79f84943b740a73765cb380d2c8388d632d70a0ecc42e33462afa551855bf1"]}, @TIPC_NLA_NET={0x4d5, 0x7, 0x0, 0x1, [@generic="dec21212256b08d2324c6179d6778c81be8fc98c8689145764d6d205fbed938a3f7647ce21e71be4674a7aa36aa43939f2fefc111202573d351548dba738d50cb986bfedb9d6d15ca2f877efb2cb64a057f9dc345cc810ff05cb9835e3bdcf5f3a7c3cd69dbf060fb91614f5e087de678accb3ca837f2b6a8b8eed4dcfbda534ac29799f580e5b1deff32d3e94bcc3ed93", @typed={0x8, 0xe3, 0x0, 0x0, @uid=r10}, @typed={0x8, 0x16, 0x0, 0x0, @uid}, @generic="b319e8e4c8fd7aac800aa1a55966adcbd1e7c2e2fc79376839efbbf0ad5364746efd4503a1d6e88cab05c0f93a5ab5478207c8f8f7fb8c96dadcf8704fa0d9f805b43c67a39c72b0d3a3133c169a2a9013b824a600c648efa0b4631efcf9bdb65fb36bf8254cfb6657e02969586fb281c2786986c661dee9db96d91e2029a9c65de47277faa9634b4e3d34a20d34b6ccaaea5702d3a2712d80adadeea72ab7b662c34d2fbcef668a26ff27a340fda3e08a6a6de11e9e8444dfb30d97fcf434d0", @nested={0x2c2, 0xfb, 0x0, 0x1, [@nested={0x4, 0x146}, @nested={0x4, 0x50}, @generic="12d6e070d64758ba706cf15853929de995c8be5632e447228b6135b93337c623b850d866236dfa0ab959672fc7dfc26c0c60608413d80c95faab841f3b840933e2ead98d09d34488f6bebcf006a5a346fafd4e2c92106b191cf14c962121cebac271c9bf0bff2c1719bac13f5fdaa95583e061446ed44d45b85c7d681a2fe77c7a519d179a20f3df3c37a8ab40bbaa8af8ca745fa024e0a9ffa7174cfb86960a4f3810c1e5a5a561035e0b760235f8d3ecec21f651974efb9f1378dfbc10c20aa5d5be8ef983257b28e9467fef49d64414533c5c", @generic="36ca3c1927588b55fc0306cfbf831db1d136e733cd", @generic="2b911e37c081bbbb9a870d7e09374aeff669b2fb9e5ab18a4492282b9878d76e50d417a178a6ba04271aabe92e2ef151a4f84eded34b136c2689162de984b6b7f28e44dfc6b4f22aa03f6683e1cf20ed1d8afc548ec3a794d0828e86a73e54de0d81afeeb57c40e8754ade0c22a2c64787e20be93449aaf45b74ed7e6e5be94a88d2e481529e41bef6d2da6dda2844a2a7cf30616ce6132eb3f2842d652afd2c60b4e28b8dd28ace4643b1a5a6f1445c807385757a20995f3b5f47291e15f37e9297e512edb955f4453afb63c0b36ad994", @typed={0x33, 0x28, 0x0, 0x0, @binary="27300463108953947673f217801e38df49faebe76f233f7bab1d85945385e94bfe9291df52b7daece26698a23ddb7a"}, @generic="7b8edd6c75f424c8ef5054b76961391d92689632a94c4958b4fc488aefe5a8935db75e3da1a049fb01cbfb36539c0f0ff0283d2e92e0e30f605a5ab2d9b9590aa01406eaf349796d7e9789b013faf42dfd21b168534ca29964023ed2024d7f28f0e4611fc5fcd4fb59e13c375fb43fafdc4fa0611c1991cc80bcaaa7b1a6210d02d8ab4ba5bf984c78503a0934baebb0af082fb47444f2a9295f76a369e934300f4a8d7094611613c404ffa1ac4c948a577ec1b2088b8bb2", @typed={0x8, 0xde, 0x0, 0x0, @fd=r11}, @typed={0x8, 0x11b, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x26}}]}, @nested={0x9a, 0xee, 0x0, 0x1, [@generic, @generic="27e9a1efebaec70b3d03413a8672484d38f8a568b0d3be0d", @typed={0x48, 0x33, 0x0, 0x0, @binary="c26826252c2d71c5819e43c87938bceca8b1f3ba699cb680c53de5228fdff10c12f7f8fdb2b091b445488e285f988b849cbf4cc76caf0413f58b1593e75deaea96af1c50"}, @nested={0x4, 0x13c}, @typed={0x4, 0x12f, 0x0, 0x0, @binary}, @generic="73ad2f86b75696ea942b685d139b47b871ff97ea388bded31bd955a8083bac5dbd771cd9c32bb7e51ee1bdc742b1"]}, @nested={0x10, 0xba, 0x0, 0x1, [@nested={0x4, 0x38}, @typed={0x5, 0x21, 0x0, 0x0, @str='\x00'}]}]}, @TIPC_NLA_BEARER={0x36e, 0x1, 0x0, 0x1, [@generic="14c842c70ac5eb7308c23e8d4b946e657e7e9c622b396efb887bcd1315e5ec632ffbe5a1a29e9a571faded96b9808702d9671d00833e3c9e4625b227cd3e422874dd4bbc2c47972af937d88aad9857de9a1743ae90fe60e73eb361a8df2c235c1140fef03b69113c77b36e31a9e7fed95e9554ee6c2f428da66884510613792cc1bb9077f46449437ff4207b7c522de2c69d0c5c8be373171cbcf36d1a875b46277a0f7b02c7113b1e07755ff60ce55ac053913ee712b148c34d8573fe28a231abba780568d0148ee616cd82a62aec14b00a1ab53ec5", @generic="6c61e6b82613ddfe3fc0d1a26d9bda70d58322706a0dc484108d7fffa2d2105cc05a428d442b702a73dcab242d79f3a1914fb8ec0dbe414b58bbebf0693b8eddf2f76e9c9621defae094af27303910a8d410576a94a79e6cba86981dcf4a77a25f919bd7bde12d1fc64e8a0f823a7861e083728442e525560d331e2372ea2f6b5a23b816878903ef2ffc3a6be6dfeb71f448d310cde0fea853a73d436869aa3690db58d398d3ada169d3572fa7b6b5d5f4a07cf66fc44deacffeb1dff72d7cb7f818653de479520ef30ed1dd2a263c915578e015cb7b16afc4308f4140ac34cafef98272ee05e2", @typed={0x8, 0x60, 0x0, 0x0, @fd=r2}, @nested={0x40, 0xdd, 0x0, 0x1, [@nested={0x4, 0xb8}, @typed={0x35, 0xeb, 0x0, 0x0, @binary="e3c0aceea37e3fbde7a7380640c0db67ca9b988172b39644d6968c663cc41e6dded4fc9d6fc25d1536030095ccf73958f3"}]}, @typed={0xa, 0xdd, 0x0, 0x0, @str='veth0\x00'}, @typed={0xc, 0x131, 0x0, 0x0, @u64=0x8000000000000000}, @generic="7a65b0d7eafd1bfc4394717f722bcaf8f011dc691e87011119f9ed98d43ee30ee6f3f2a9e76f4c84ec08818b922874dae267673e075eb9fc310ff98ef54adbddbf8958232794d85b9aac14be6a56966b45fcdb881b6ebb3997382a368b2bf8762127b48f83c5fd95c2146a52a29fcf3e1164eff2fe570c38288c57aeb46cf8527c24e73930a2", @generic="6378605f5275c6bc47422dacdf1d89e936252ed3b3f14337659d96c07d0a46380cdae3106de554e20ffdc82e43b93e06d369b2f94184f8e2570db520d274b0f559d503f27d5787de50b4c1381c968006a858e8c7c5e54b92e7ab9979df82e0ac1a87d41c7043813237c5d180725f3438cda38ca0cb8daaa5b22fd73cd895d29180ae279e390f9296d6250a1a7741476c6d074e2b965844eb92a22b220a95c0536452a984c5a81f9dc3e6e91883056e63e7e8163bb959adea8a3c779671f2609b9dca7f26121925"]}, @TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@typed={0x8, 0x129, 0x0, 0x0, @ipv4=@loopback}]}]}, 0x8a8}, 0x1, 0x0, 0x0, 0x24008814}, 0x0) r12 = syz_genetlink_get_family_id$auto_gtp(&(0x7f00000011c0), r0) sendmsg$auto_GTP_CMD_NEWPDP(r2, &(0x7f0000001280)={&(0x7f0000001180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001240)={&(0x7f0000001200)={0x1c, r12, 0x10, 0x70bd2c, 0x25dfdbfe, {}, [@GTPA_LINK={0x8, 0x1, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc8091}, 0x80) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r0, &(0x7f0000001400)={&(0x7f00000012c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000013c0)={&(0x7f0000001300)={0x88, r3, 0x10, 0x70bd26, 0x25dfdbfb, {}, [@ETHTOOL_A_MODULE_EEPROM_I2C_ADDRESS={0x5, 0x6, 0xea}, @ETHTOOL_A_MODULE_EEPROM_BANK={0x5, 0x5, 0x5}, @ETHTOOL_A_MODULE_EEPROM_HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x40}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xc}]}, @ETHTOOL_A_MODULE_EEPROM_HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5a5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4000000}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}]}, @ETHTOOL_A_MODULE_EEPROM_PAGE={0x5, 0x4, 0x9}]}, 0x88}, 0x1, 0x0, 0x0, 0x4800}, 0x40008d0) write$auto_nsim_dev_hwstats_l3_disable_fops_hwstats(r11, &(0x7f0000001440)="7cf99224980399a289832da871806764cdb47d37c0ac654d063b8dfe5514e686a9a20487dd0b63290dbe3d693fa3b5586be9d1c3400fd2d7cb6604f031929fec295bd96ed6f866dfd7bb521d46bfd02731bca23adf8b8e4525ce80561dbe9b94ddb3b769872a0625c2c4fcafebad94d4600e7952e63dc4f72a49ae2c41855103bb07f65019c4e0e8f46b1ca02f3edfde13836e16a377ba57dec4f32a4d3715e27d382ecf6fad5e5a3efc7a306ab010544a282168025747657be7585d5b84ec32067bbb042decf50ae045575a47bd824fec4c028121782f788fe9add2f3530857d2", 0xe1) sysfs$auto(0x400, 0x80000001, 0x55e) openat$auto_bm_entry_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000001540)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2000, 0x0) r13 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000001580), r13) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001600)={'sit0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000001640)={'veth1_to_team\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001680)={'bridge_slave_1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f00000018c0)={&(0x7f00000015c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001880)={&(0x7f00000016c0)={0x1bc, r3, 0x20, 0x70bd29, 0x25dfdbff, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7fff}]}, @ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3ff}]}, @ETHTOOL_A_LINKINFO_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @ETHTOOL_A_LINKINFO_HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7196}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r15}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}]}, @ETHTOOL_A_LINKINFO_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}, @ETHTOOL_A_LINKINFO_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r16}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}, @ETHTOOL_A_LINKINFO_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xe}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4c6}]}, @ETHTOOL_A_LINKINFO_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}]}]}, 0x1bc}, 0x1, 0x0, 0x0, 0x4000}, 0xc0) r17 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SEG6_CMD_SETHMAC(r17, &(0x7f0000001a80)={&(0x7f0000001900)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000001a40)={&(0x7f0000001940)={0xfc, 0x0, 0x400, 0x70bd27, 0x25dfdbfb, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xff}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1000}, @SEG6_ATTR_SECRET={0xce, 0x4, "2931be0adc81a1858a280916ccacf88d7b665a40ef59b94eeae01ce15c1a2589748c40e4d46a6c9ef144fcd78f253c6695ed5c570547695e1e1fc0d906d14c27ea8893778a912a19c62bc9d9cc1374460801197144839c918722ec8f15a88655e2742a7ad25243021b2782f4cf9d81524fa60b08aa96575f99628354554d16b4aeea33f9f993d477884bed60149695a1a77b4b972482b2d57e6e45e6dee3157def569674391cdf93d3f2bca091dc71e74253b327d20eab1a28807cbc35ebc641922964244c28f41b5bf7"}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x40}]}, 0xfc}, 0x1, 0x0, 0x0, 0xc004}, 0x20000000) 4.909248306s ago: executing program 2 (id=4437): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'geneve0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="7d472d00fcdbdf2509000000080003000000", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x8}, 0x4000044) r2 = socket(0xa, 0x5, 0x84) sendto$auto(r2, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) 4.505540901s ago: executing program 3 (id=4438): r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x22000, 0x0) socket(0x11, 0x80003, 0x300) r3 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000003640)='/proc/self/numa_maps\x00', 0x40080, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r4 = socket(0x11, 0xa, 0x1000) ioctl$auto(r4, 0x2, 0x2) read$auto_proc_pid_numa_maps_operations_internal(r3, &(0x7f0000000000)=""/110, 0x6e) sendto$auto(r2, 0x0, 0x13, 0x100007, &(0x7f0000000440)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x0, 0x4}}, 0x20) recvmsg$auto(r1, &(0x7f00000007c0)={&(0x7f00000006c0), 0x200, &(0x7f0000000740)={&(0x7f0000000700), 0xf}, 0x400, 0x0, 0xe, 0x466d}, 0x6) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000840)={0x14, r0, 0x1, 0x70bd2c, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4008890}, 0x4000000) 3.522654814s ago: executing program 3 (id=4439): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) r0 = socket(0xa, 0x3, 0x5) fcntl$auto(0x3, 0x4, 0xa553) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0xc88, 0x0, 0x0, &(0x7f0000000140), 0x8, 0x80000000}, 0x5}, 0x3b8b, 0x800) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) write$auto(0x3, 0x0, 0x800) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r1) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000000)={0x44, r2, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@HWSIM_ATTR_RADIO_NAME={0x2d, 0x11, '/P\x13jE\f\xf9r\xf5\xa3\xd2\x84y\xf9*\x9b\"\x1c\xa4l-\x19\xfd\xa4\xf4y\x02\xc2\x96\xfa\x84L\x12\xcd\x83\xf7\x12\xd3\xc4\x1e]'}]}, 0x44}, 0x1, 0x0, 0x0, 0x4008040}, 0x4000800) socket(0xa, 0x3, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(r1, &(0x7f0000000280)={{&(0x7f0000000100)="55a5ffcbcc7b42e1ce10f4a40fa6105874c1c69a71dca17d18b2a87a64a07373b5c88c430d3708ffbc7e5e5e2d6adcd808e113a76bbb9078f7ffecb98dfd8b374a6a5098ad610f189b6769832268e7097fdf416bdc15415f3dad660e35d1dfd93b1386eb822d0b3803418964277d6bc233667a52b8ffd9287ef5b2f405195a613cc12956d8769d0b9206842cf2c34322bd5d6b9f0b266782972ed32fe985dae9f362e2893e3210150b614a819fcd4f0ee9cf513e", 0x7f, &(0x7f0000000240)={&(0x7f00000001c0)="1b316a3c92c4a2b8378d23e8fcf8d66b48dd80ad0253b838a10867e56d569893a9da3646488683302fc94b42ca4492fd612f365ade82d20f6dc27d3890141c87aa89d9abdaa05a59e0375a91db3a18d9e1f29079deaf8f01ccb9384521ba18420527dd63d29f97a2ed0fa7be473eb395abf81950a158f4b2f27a36", 0x8000000000000000}, 0x8000, &(0x7f0000000300)="417f5de09d4abf274d8d69d613f57fefc969456c516c393f3e099d5eaebb1e08449d1995998b0b5f6e27698cb9023d82cf062317197871c7648cd13f9ad1feb7df1b814fd04f3495fb98e568dd8db5dd6dbc8395499c3b8c5473026963258766cb", 0x4, 0x6}, 0x6}, 0x78f, 0x7fffffff) r3 = socket(0xa, 0x2, 0x0) socket(0x2, 0x6, 0x0) epoll_create$auto(0x4) r4 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x1, r4, 0x0) epoll_ctl$auto(0x5, 0x3, r3, 0x0) io_uring_setup$auto(0x2, 0x0) socket(0x11, 0x2, 0x4) openat$auto_tracing_fops_trace(0xffffffffffffff9c, 0x0, 0x642, 0x0) openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, 0x0, 0x1, 0x0) pipe$auto(0x0) connect$auto(0x3, 0x0, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) write$auto(0x3, 0x0, 0xfffffdef) 3.521986549s ago: executing program 2 (id=4447): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'geneve0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="7d472d00fcdbdf2509000000080003000000", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x8}, 0x4000044) r2 = socket(0xa, 0x5, 0x84) sendto$auto(r2, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) 3.144087635s ago: executing program 4 (id=4440): syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket(0x15, 0x5, 0x0) ioctl$auto(0x3, 0xc020660b, 0xfffffffffffff4e0) r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/pagetypeinfo\x00', 0x42102, 0x0) read$auto_proc_iter_file_ops_compat_inode(r0, &(0x7f00000007c0)=""/153, 0x99) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000004140), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000040)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) sendmsg$auto_NL802154_CMD_DEL_SEC_LEVEL(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r2, 0x10, 0x70bd2c, 0x25dfdbfd, {}, [@NL802154_ATTR_SUPPORTED_CHANNEL={0x8, 0x16, 0x9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) bpf$auto(0x0, 0x0, 0xa2) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) prctl$auto(0x35, 0x0, 0x4, 0x0, 0x0) mmap$auto(0x0, 0x8, 0x4000000000db, 0x44eb1, 0x4000000000000006, 0x300000000000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) 2.322009785s ago: executing program 2 (id=4441): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf51, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) (async) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) fsopen$auto(0x0, 0x3) (async) fsopen$auto(0x0, 0x3) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000080)='nfsd\x00', 0x3, 0x0) access$auto(&(0x7f0000000000)='}[,&*}\x00', 0x7) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x9, 0x40000006e, 0x8b72, 0xffffffffffffffff, 0x9) (async) mmap$auto(0x0, 0x9, 0x40000006e, 0x8b72, 0xffffffffffffffff, 0x9) madvise$auto(0x0, 0xffffffffffff0001, 0x15) clone$auto(0x80000000, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x8000000000009) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) socket(0xa, 0x801, 0x106) listen$auto(0x3, 0x83) (async) listen$auto(0x3, 0x83) setsockopt$auto(0x3, 0x1, 0x1, 0x0, 0x9) (async) setsockopt$auto(0x3, 0x1, 0x1, 0x0, 0x9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8947, &(0x7f0000000000)={'bond0\x00'}) mmap$auto(0x3, 0x10000, 0x7, 0xdd, 0x737, 0x6) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) (async) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) socket(0x25, 0x1, 0x3) (async) socket(0x25, 0x1, 0x3) write$auto(0x3, 0x0, 0x0) openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/filter\x00', 0x2, 0x0) (async) r1 = openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/filter\x00', 0x2, 0x0) write$auto(r1, 0x0, 0xfd) (async) write$auto(r1, 0x0, 0xfd) r2 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0) read$auto_mISDN_fops_timerdev(r2, &(0x7f0000000040)=""/210, 0xd2) ioctl$auto_IMADDTIMER(r2, 0x80044940, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 2.132520617s ago: executing program 4 (id=4442): ioperm$auto(0x7, 0x6, 0x2) keyctl$auto(0x7, 0xffffffffffffffff, 0x0, 0x8, 0x74) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x8044) socket(0x1e, 0x5, 0x0) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x1, 0x8000000000008000) getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) pidfd_open$auto(0x1, 0x0) socket(0x2a, 0x2, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x7, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) r0 = socket(0x10, 0x2, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x28, r2, 0x1b, 0x74bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_ACTIONS={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x9, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@nested={0x4, 0x33}]}]}]}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r3 = socket(0xa, 0x801, 0x84) listen$auto(r3, 0x3) open(&(0x7f00000001c0)='./cgroup\x00', 0x0, 0x6f) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) rt_sigaction$auto(0x11, &(0x7f0000000100)={0x0, 0x2000004, 0x0, {0x7}}, 0x0, 0x8) 1.967450638s ago: executing program 5 (id=4443): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x5c, r1, 0x1, 0x70bd2d, 0x25dfdbf9, {0x1, 0x0, 0x3f00}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x58}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x8}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_IP6_SADDR={0x14}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @local}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='^\x00', @ANYRES32, @ANYRES32, @ANYRES64, @ANYRES32], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) recvmmsg$auto(r2, &(0x7f0000000180)={{0x0, 0x10001, &(0x7f0000000080)={&(0x7f0000000040), 0x200}, 0x4, 0x0, 0x8, 0x7}, 0x7}, 0x5, 0x66a6, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) ppoll$auto(0x0, 0x7f, 0x0, &(0x7f00000001c0)={0x3}, 0x8) mount$auto(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='nfs\x00', 0x1, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x0, 0x401, 0x7}, 0x9, 0x0) openat$auto_rfcomm_dlc_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0) mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) pipe2$auto(0x0, 0x80) fcntl$auto(0x0, 0x407, 0x100000) landlock_restrict_self$auto(r3, 0x0) r4 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000100), r3) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) io_uring_setup$auto(0x800, 0x0) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto(r5, 0x5393, 0x5) sendmsg$auto_IOAM6_CMD_DUMP_NAMESPACES(r3, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r4, 0x400, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x41) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x10a) 1.835362579s ago: executing program 4 (id=4444): r0 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) ioctl$auto_USB_RAW_IOCTL_EP0_READ(r0, 0xc0085504, &(0x7f00000002c0)={0x7ff, 0x1, 0x0, "489f22b8d68bae262b4f0fc227148ee4c2c7c71e6d127ce11fff5f9b72f6c0d79ea27b4a604d65ebd589388a82902ee36bdd98b7f70df6686e41caf9e42af0b8085ad37a3fa7f33d3c5e6597b98c5b8ef69c35136de070ea2fd149e0504fd4301f2ea7e5c47fa6007ceb89b3eb65c178dd0229ee186e1193bd3c2a587a1c2a343f78dac64c6bb24ab04bb9387f1e10a7b59b03ca6f629a8dcb70a2a8145e5b5f86bb758f5fc96ad86326ee3f9a1c6c8c849fc6d181e8fd4fd0347c93211e8f99c839eddc618e10df9a2f687aedf27bb53fbe2b32c154a5e71c13058ffa131c2f037c8352c8"}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x25, 0x1, 0x3) setsockopt$auto(0x4, 0x2000000000000116, 0x80, 0xfffffffffffffffd, 0x9) r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) semctl$auto(0x80001ff, 0x804, 0x13, 0x4) keyctl$auto(0x1, 0x7, 0x100, 0x8, 0x4) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000fbdbdf250f00000008000300", @ANYRES32=r4, @ANYBLOB='\b\x00.'], 0x24}, 0x1, 0x0, 0x0, 0xc050}, 0x140000e4) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000640), 0xffffffffffffffff) ioctl$auto(0xc8, 0x400454ca, 0x5c8d) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) mmap$auto(0x9, 0x10000, 0xb5, 0x111, 0xe33, 0x1) io_uring_setup$auto(0x6, 0x0) clock_nanosleep$auto(0x2, 0xffd, 0x0, 0x0) setreuid$auto(0x40000000003, 0xdf36) brk$auto(0x7b5900000000) setsockopt$auto(0xffffffffffffffff, 0x29, 0x21, 0x0, 0x1ff) mmap$auto(0x4, 0x8001, 0x9, 0x8011, 0x6, 0x4) ioctl$auto(0xc8, 0x800454df, 0x5c8d) 1.789402951s ago: executing program 5 (id=4445): r0 = wait4$auto(0xffffffffffffffff, &(0x7f0000000000)=0x5b00, 0x5, &(0x7f00000000c0)={{0x1, 0x2}, {0x0, 0x7}, 0x2, 0x7, 0xffff, 0x1, 0x100, 0x3, 0x4, 0x9ad6, 0x4, 0x491, 0xffffffff, 0xeec7, 0xffffffffffffff7f, 0x5}) capset$auto(&(0x7f0000000180)={0x4, r0}, &(0x7f00000001c0)={0x3, 0x5, 0x2}) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000040)={"a2e88999", 0x7fff, 0x0, 0x2, 0x9, 0x10000, "7207661b123ebfab150d5b41ec06a2", "daa98e20", '\x00@\x00', "310f5514", ["f1448f541c30b99a96561625", "229d96ef5eac0e1bdb7b7eda", "105d6dc99314e86c9f351da7", "77ea06a4b734ff1c8eb66fe0"]}) 1.609850604s ago: executing program 5 (id=4446): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp1\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)=0x10000) r1 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x0) socket(0x2, 0x6, 0x0) sysfs$auto(0x2, 0x0, 0x0) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x1, r4, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) epoll_ctl$auto(0x5, 0x3, r4, 0x0) epoll_wait$auto(0x5, 0x0, 0x2, 0xfffffffd) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) syz_genetlink_get_family_id$auto_ovs_meter(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x2000b, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_TIPC_NL_NET_GET(r2, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000400)={0x14, r3, 0x492a92567041df2f, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x20000000) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'veth1_to_bond\x00'}) r6 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000040), r5) sendmsg$auto_NFC_CMD_DEV_UP(r5, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r6, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@NFC_ATTR_DEVICE_POWERED={0x5, 0xc, 0x3}, @NFC_ATTR_DEVICE_NAME={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$auto_NFC_CMD_START_POLL(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r6, 0x10, 0x70bd25, 0x25dfdbfd, {}, [@NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0x2}, @NFC_ATTR_DEVICE_POWERED={0x5, 0xc, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0xc804}, 0x4000804) write$auto_tomoyo_self_operations_securityfs_if(r1, 0x0, 0x0) read$auto_snd_pcm_oss_f_reg_pcm_oss(r0, &(0x7f0000000000)=""/108, 0x6c) mmap$auto(0x0, 0x400008, 0xdf, 0x9b76, 0x200000000004, 0x8000) open(0x0, 0x201c2, 0x10e) 1.335757689s ago: executing program 5 (id=4448): close_range$auto(0x2, 0x8000, 0x0) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x82a00, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0xa, 0x3, 0x100) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000340), 0x8200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) (async) socket(0x800000018, 0x800, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) eventfd$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x25, 0x4, 0x3) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0xa, 0x3, 0x6) socket(0xa, 0x2, 0x88) socket(0x11, 0x80003, 0x300) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) (async) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') r0 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r0, @ANYBLOB='\n'], 0x18}, 0x1, 0x0, 0x0, 0x64048001}, 0x80) (async) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x4000000) (async) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/sctp/eps\x00', 0x121000, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000e80)=""/215, 0xd7) 1.276064094s ago: executing program 2 (id=4449): mmap$auto(0x9, 0x3, 0x4000000000df, 0x11, 0xfffffffffffffffd, 0x40000008000) ioperm$auto(0x6, 0x6, 0xfffffffd) setrlimit$auto(0x1000000007, 0x0) epoll_create1$auto(0x8000000000000000) 1.094731293s ago: executing program 5 (id=4450): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'geneve0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="7d472d00fcdbdf2509000000080003000000", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x8}, 0x4000044) r2 = socket(0xa, 0x5, 0x84) sendto$auto(r2, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) 1.094470677s ago: executing program 2 (id=4451): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'geneve0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="7d472d00fcdbdf2509000000080003000000", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x8}, 0x4000044) r2 = socket(0xa, 0x5, 0x84) sendto$auto(r2, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) 824.595652ms ago: executing program 4 (id=4452): mmap$auto(0x3, 0x401, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x10000, 0x7, 0xc) futex$auto(0x0, 0x7, 0x9, 0x0, 0x0, 0x80000001) 595.910172ms ago: executing program 4 (id=4453): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x2, 0x4, 0x3, 0x2, 0x8, 0xc, 0xe3, 0x400000000a, 0x3}, 0x6f4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.6/usb7/power/wakeup_active_count\x00') prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80, 0x0) read$auto_proc_iter_file_ops_compat_inode(r0, &(0x7f0000000040)=""/142, 0x8e) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4) mmap$auto(0xc, 0x200006, 0x1, 0x11, 0x602, 0x4) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x0, 0x5, 0x4, 0x5, 0xa) madvise$auto(0x30, 0x80000006, 0x4) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000500)={0x8, 0x1001, 0x1ff, 0x7, 0x42, 0x4909b6f8, 0x1ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x7, 0x100000a, 0x4, 0xb4, 0x8000000000000000, 0x4, 0x10001, 0x80, 0x100000100000000, 0x0, 0x7, 0x2100, 0x200, 0x0, 0x83, [0x0, 0x0, 0x0, 0x500ffffffffffe, 0xd993, 0x3, 0x8000000000000000, 0x3ff, 0x70624ce7, 0x7, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x6, 0x400, 0x6, 0x0, 0xffffffffffffbffd, 0xfffffffffffffffd, 0x1, 0x0, 0x2, 0x4, 0x7fffffffffffffff, 0xd32a, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x0, 0xfffffffffffffffe, 0x6, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0x2, 0x9, 0xa38, 0x0, 0x7, 0xfffffffffffffffa, 0x5, 0x4000000000, 0x7], "33a1927d3ae00d"}, 0x8, 0x40d) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc4}, 0x2, &(0x7f0000000440)="c9439cb2398bd8d2ccdfa3f08ae9ea73fcdb5854e0da427b5df5538e62361efaf226ddc9628943e2ffffffffffffffffda91a6fb6c2ca8863f34dc57b34200db85e76c39313ae309e23b1500d4b17f844a57260db6596a45aeff30c3c79a0000000031214833723a5d04ee27cdd2683e6d5ea7bb6eafa8", 0x2000004, 0xa505}, 0x800}, 0x4, 0x10003) madvise$auto(0x0, 0xffffffffffff0005, 0x19) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4) mmap$auto(0x0, 0x200003, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) mmap$auto(0x200000, 0x200006, 0x1, 0x40eb1, 0x602, 0xb00000000000) mmap$auto(0x0, 0x40000a, 0xdf, 0x12, 0xa, 0x8000) 389.435µs ago: executing program 5 (id=4454): ioperm$auto(0x7, 0x6, 0x2) keyctl$auto(0x7, 0xffffffffffffffff, 0x0, 0x8, 0x74) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x8044) socket(0x1e, 0x5, 0x0) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x1, 0x8000000000008000) getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) pidfd_open$auto(0x1, 0x0) socket(0x2a, 0x2, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x7, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) r0 = socket(0x10, 0x2, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x28, r2, 0x1b, 0x74bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_ACTIONS={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x9, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@nested={0x4, 0x33}]}]}]}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r3 = socket(0xa, 0x801, 0x84) listen$auto(r3, 0x3) open(&(0x7f00000001c0)='./cgroup\x00', 0x0, 0x6f) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) rt_sigaction$auto(0x11, &(0x7f0000000100)={0x0, 0x2000004, 0x0, {0x7}}, 0x0, 0x8) 0s ago: executing program 2 (id=4455): mmap$auto(0x0, 0x400005, 0xfffffffffffffffb, 0x9b72, 0x2, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x8002, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) clone$auto(0x20003b42, 0x8400, 0x0, 0x0, 0xfffffffffffffff9) r0 = openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f0000000080), 0x41180, 0x0) read$auto(r0, 0x0, 0x58b22256) write$auto(0x3, 0x0, 0xfdef) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x2000c041) r1 = socket(0x2a, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0), 0x55) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) fcntl$auto(0xffffffffffffffff, 0x401, 0x5) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x40) write$auto(0x3, 0x0, 0xfffffdef) setsockopt$auto(0xffffffffffffffff, 0x4, 0x8001, 0x0, 0x2) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xde, 0x9b72, 0x2, 0x6) sysfs$auto(0x2, 0x10000000000002d, 0x0) syz_genetlink_get_family_id$auto_ovs_datapath(0x0, r1) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) gettid() connect$auto(0xffffffffffffffff, 0x0, 0x55) mmap$auto(0x0, 0x5, 0x3, 0x16, 0x3, 0x8000) sendfile$auto(0x6, 0xffffffffffffffff, 0x0, 0x8000) unshare$auto(0x40000080) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) madvise$auto(0x0, 0x20200, 0x15) kernel console output (not intermixed with test programs): o find a fallback [ 274.039742][ T41] block nbd2: shutting down sockets [ 274.046077][ T5820] ldm_validate_partition_table(): Disk read failed. [ 274.053098][ T5820] Dev nbd2: unable to read RDB block 0 [ 274.059321][ T5820] nbd2: unable to read partition table [ 274.068715][ T5820] ldm_validate_partition_table(): Disk read failed. [ 274.076066][ T5820] Dev nbd2: unable to read RDB block 0 [ 274.082076][ T5820] nbd2: unable to read partition table [ 274.220624][T10078] kexec: Could not allocate control_code_buffer [ 274.483937][T10091] overlayfs: "check_copy_up" module option is obsolete [ 275.196999][T10110] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1076'. [ 275.777821][T10114] overlayfs: "check_copy_up" module option is obsolete [ 277.009484][T10142] overlayfs: "check_copy_up" module option is obsolete [ 277.472525][T10135] overlayfs: "check_copy_up" module option is obsolete [ 277.609994][T10153] can0: slcan on pty48. [ 277.725946][T10153] can0 (unregistered): slcan off pty48. [ 277.908375][T10066] overlayfs: "check_copy_up" module option is obsolete [ 277.949209][T10160] nbd: must specify at least one socket [ 278.058510][T10147] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1083'. [ 278.120390][T10147] netdevsim netdevsim0 netdevsim2: entered allmulticast mode [ 278.139327][T10157] overlayfs: "check_copy_up" module option is obsolete [ 278.560356][ T5837] Bluetooth: hci2: command 0x0406 tx timeout [ 278.936990][T10155] overlayfs: "check_copy_up" module option is obsolete [ 279.086920][T10184] random: crng reseeded on system resumption [ 280.320922][T10187] overlayfs: "check_copy_up" module option is obsolete [ 281.583311][T10229] overlayfs: "check_copy_up" module option is obsolete [ 281.686380][T10261] random: crng reseeded on system resumption [ 282.747822][T10262] overlayfs: "check_copy_up" module option is obsolete [ 283.404203][T10079] overlayfs: "check_copy_up" module option is obsolete [ 284.404294][T10289] Process accounting resumed [ 284.950465][T10305] overlayfs: "check_copy_up" module option is obsolete [ 285.181472][T10325] overlayfs: "check_copy_up" module option is obsolete [ 285.681710][T10330] overlayfs: "check_copy_up" module option is obsolete [ 286.045294][T10337] overlayfs: "check_copy_up" module option is obsolete [ 287.146090][T10357] random: crng reseeded on system resumption [ 287.173198][T10358] overlayfs: "check_copy_up" module option is obsolete [ 287.439232][T10347] overlayfs: "check_copy_up" module option is obsolete [ 287.529173][T10367] overlayfs: "check_copy_up" module option is obsolete [ 287.833899][T10363] overlayfs: "check_copy_up" module option is obsolete [ 288.132354][T10377] overlayfs: "check_copy_up" module option is obsolete [ 288.150344][T10380] netlink: 'syz.0.1133': attribute type 11 has an invalid length. [ 288.823399][T10388] overlayfs: "check_copy_up" module option is obsolete [ 289.278717][T10405] overlayfs: "check_copy_up" module option is obsolete [ 289.589248][T10415] overlayfs: "check_copy_up" module option is obsolete [ 289.756917][T10419] netlink: 322 bytes leftover after parsing attributes in process `syz.3.1146'. [ 289.775055][T10419] bond0: left allmulticast mode [ 289.779972][T10419] bond_slave_0: left allmulticast mode [ 289.828197][T10419] bond_slave_1: left allmulticast mode [ 289.917939][T10419] overlayfs: "check_copy_up" module option is obsolete [ 292.063677][T10470] netlink: 322 bytes leftover after parsing attributes in process `syz.0.1159'. [ 292.112074][T10470] bond0: entered promiscuous mode [ 292.134650][T10470] bond_slave_0: entered promiscuous mode [ 292.140488][T10470] bond_slave_1: entered promiscuous mode [ 292.221959][T10399] overlayfs: "check_copy_up" module option is obsolete [ 292.598753][T10483] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 292.644886][T10483] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 293.046443][T10433] overlayfs: "check_copy_up" module option is obsolete [ 293.231422][T10499] overlayfs: "check_copy_up" module option is obsolete [ 293.463287][T10509] netlink: 'syz.4.1168': attribute type 11 has an invalid length. [ 293.822543][T10521] netlink: 322 bytes leftover after parsing attributes in process `syz.2.1173'. [ 293.864377][T10521] bond0: entered promiscuous mode [ 293.869609][T10521] bond_slave_0: entered promiscuous mode [ 293.875652][T10521] bond_slave_1: entered promiscuous mode [ 294.083030][T10512] overlayfs: "check_copy_up" module option is obsolete [ 294.281213][T10538] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1177'. [ 294.340762][T10537] overlayfs: "check_copy_up" module option is obsolete [ 294.409881][T10543] overlayfs: "check_copy_up" module option is obsolete [ 294.605189][T10547] netlink: 'syz.3.1179': attribute type 11 has an invalid length. [ 294.652213][T10547] overlayfs: "check_copy_up" module option is obsolete [ 295.000912][T10555] overlayfs: "check_copy_up" module option is obsolete [ 295.278012][ T29] audit: type=1804 audit(10682.872:15): pid=10563 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1182" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/inject" dev="tracefs" ino=19680823 res=1 errno=0 [ 295.975188][T10560] Process accounting paused [ 298.360289][T10642] kAFS: Invalid Command on /proc/fs/afs/cells file [ 299.115999][T10663] binder: 10662:10663 ioctl 541b 10000000000402 returned -22 [ 299.144767][T10664] binder: 10662:10664 ioctl 541b 10000000000402 returned -22 [ 299.182697][T10664] binder_alloc: binder_alloc_mmap_handler: 10662 20ff9000-20ffd000 already mapped failed -16 [ 299.223437][T10669] Process accounting resumed [ 299.373683][ T29] audit: type=1800 audit(10686.962:16): pid=10673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1216" name="lu_gp_id" dev="configfs" ino=26111 res=0 errno=0 [ 299.404414][T10674] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1215'. [ 299.582912][T10674] team0: Port device team_slave_0 removed [ 300.153643][T10683] blk_print_req_error: 58 callbacks suppressed [ 300.153663][T10683] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 300.184718][T10683] buffer_io_error: 56 callbacks suppressed [ 300.184737][T10683] Buffer I/O error on dev nbd1, logical block 0, async page read [ 300.216420][T10683] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 300.253602][T10683] Buffer I/O error on dev nbd1, logical block 0, async page read [ 300.305138][T10683] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 300.314232][T10683] Buffer I/O error on dev nbd1, logical block 0, async page read [ 300.332797][T10683] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 300.352997][T10683] Buffer I/O error on dev nbd1, logical block 0, async page read [ 300.373628][T10683] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 300.393745][T10683] Buffer I/O error on dev nbd1, logical block 0, async page read [ 300.404013][T10683] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 300.424105][T10683] Buffer I/O error on dev nbd1, logical block 0, async page read [ 300.442003][T10683] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 300.504604][T10683] Buffer I/O error on dev nbd1, logical block 0, async page read [ 300.543807][T10683] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 300.590102][T10683] Buffer I/O error on dev nbd1, logical block 0, async page read [ 300.600296][T10683] ldm_validate_partition_table(): Disk read failed. [ 300.629486][T10683] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 300.662743][T10683] Buffer I/O error on dev nbd1, logical block 0, async page read [ 300.686255][T10683] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 300.714603][T10683] Buffer I/O error on dev nbd1, logical block 0, async page read [ 300.723018][T10683] Dev nbd1: unable to read RDB block 0 [ 300.766217][T10683] nbd1: unable to read partition table [ 301.347466][T10711] netlink: 74 bytes leftover after parsing attributes in process `syz.2.1227'. [ 302.017997][T10732] scsi_strcpy_devinfo: vendor string ';/&c' is too long [ 303.191286][T10763] program syz.3.1241 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 304.341307][T10792] random: crng reseeded on system resumption [ 305.418123][ T29] audit: type=1800 audit(10693.002:17): pid=10819 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1254" name="discovery_nqn" dev="configfs" ino=26392 res=0 errno=0 [ 306.743355][T10854] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1262'. [ 307.074410][T10864] random: crng reseeded on system resumption [ 307.157344][T10854] team0: Port device team_slave_0 removed [ 307.793986][T10874] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1266'. [ 309.883601][T10911] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1276'. [ 310.499887][T10929] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1281'. [ 311.686685][T10963] random: crng reseeded on system resumption [ 313.771997][T11016] random: crng reseeded on system resumption [ 316.262451][T11072] binder: 11071:11072 ioctl c0306201 9 returned -14 [ 317.418765][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.425323][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.000794][T11107] ptrace attach of "./syz-executor exec"[5829] was attempted by ""[11107] [ 318.015059][T11107] netlink: 4368 bytes leftover after parsing attributes in process `syz.3.1331'. [ 318.311277][T11113] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1333'. [ 318.996672][T11113] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 319.076201][T11113] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 319.256179][T11113] bond0 (unregistering): Released all slaves [ 320.184085][T11139] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1340'. [ 321.038310][T11158] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1346'. [ 321.500028][T11158] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 321.533549][T11158] bond_slave_0: left promiscuous mode [ 321.561243][T11158] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 321.577573][T11158] bond_slave_1: left promiscuous mode [ 321.603906][T11158] bond0 (unregistering): Released all slaves [ 322.867399][T11179] ima: policy update failed [ 322.883480][ T29] audit: type=1802 audit(12758.507:18): pid=11179 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.1351" res=0 errno=0 [ 324.089146][T11201] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1357'. [ 324.530383][T11201] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 324.557821][T11201] bond_slave_0: left promiscuous mode [ 324.579270][T11201] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 324.607796][T11201] bond_slave_1: left promiscuous mode [ 324.627580][T11201] bond0 (unregistering): Released all slaves [ 324.756486][T11219] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1362'. [ 324.780504][T11219] bridge_slave_1: left allmulticast mode [ 324.795776][T11219] bridge_slave_1: left promiscuous mode [ 324.816240][T11219] bridge0: port 2(bridge_slave_1) entered disabled state [ 324.862891][T11219] bridge_slave_0: left allmulticast mode [ 324.883103][T11219] bridge_slave_0: left promiscuous mode [ 324.899132][T11219] bridge0: port 1(bridge_slave_0) entered disabled state [ 324.917714][T11229] random: crng reseeded on system resumption [ 326.115497][T11242] Process accounting resumed [ 326.121185][T11242] overlayfs: "check_copy_up" module option is obsolete [ 326.300959][T11254] overlayfs: "check_copy_up" module option is obsolete [ 326.518620][T11260] overlayfs: "check_copy_up" module option is obsolete [ 327.471891][T11281] random: crng reseeded on system resumption [ 327.535155][T11272] overlayfs: "check_copy_up" module option is obsolete [ 327.715891][T11284] overlayfs: "check_copy_up" module option is obsolete [ 327.880485][T11290] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1381'. [ 327.920466][T11290] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 328.007499][T11290] overlayfs: "check_copy_up" module option is obsolete [ 328.190282][T11292] nfsd: Unknown parameter 'IPVS' [ 328.340472][T11292] overlayfs: "check_copy_up" module option is obsolete [ 328.939420][T11302] overlayfs: "check_copy_up" module option is obsolete [ 329.407445][T11314] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1389'. [ 329.421885][T11314] nbd: must specify at least one socket [ 329.442252][T11296] overlayfs: "check_copy_up" module option is obsolete [ 329.823382][T11326] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1393'. [ 329.942070][T11318] overlayfs: "check_copy_up" module option is obsolete [ 330.022329][T11339] random: crng reseeded on system resumption [ 330.540955][T11350] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1398'. [ 330.646998][T11357] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1400'. [ 331.113702][T11338] overlayfs: "check_copy_up" module option is obsolete [ 331.266334][T11381] overlayfs: "check_copy_up" module option is obsolete [ 331.632592][T11386] overlayfs: "check_copy_up" module option is obsolete [ 332.807004][T11414] overlayfs: "check_copy_up" module option is obsolete [ 332.951945][T11409] overlayfs: "check_copy_up" module option is obsolete [ 333.230335][T11419] overlayfs: "check_copy_up" module option is obsolete [ 333.562225][T11421] overlayfs: "check_copy_up" module option is obsolete [ 333.662693][T11428] writing to auto_msgmni has no effect [ 333.692629][T11424] overlayfs: "check_copy_up" module option is obsolete [ 334.006894][T11434] overlayfs: "check_copy_up" module option is obsolete [ 334.099309][T11441] random: crng reseeded on system resumption [ 334.875306][T11456] random: crng reseeded on system resumption [ 335.035342][T11441] overlayfs: "check_copy_up" module option is obsolete [ 336.055939][T11463] overlayfs: "check_copy_up" module option is obsolete [ 336.448002][T11488] overlayfs: "check_copy_up" module option is obsolete [ 336.742550][T11491] overlayfs: "check_copy_up" module option is obsolete [ 337.097704][T11497] overlayfs: "check_copy_up" module option is obsolete [ 337.230879][T11508] overlayfs: "check_copy_up" module option is obsolete [ 337.506319][T11520] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1442'. [ 337.673237][T11513] overlayfs: "check_copy_up" module option is obsolete [ 338.142140][T11526] overlayfs: "check_copy_up" module option is obsolete [ 338.282839][T11539] overlayfs: "check_copy_up" module option is obsolete [ 339.362490][T11542] overlayfs: "check_copy_up" module option is obsolete [ 339.517150][T11569] random: crng reseeded on system resumption [ 339.560343][T11567] overlayfs: "check_copy_up" module option is obsolete [ 339.899569][T11571] sctp: [Deprecated]: syz.0.1459 (pid 11571) Use of struct sctp_assoc_value in delayed_ack socket option. [ 339.899569][T11571] Use struct sctp_sack_info instead [ 339.978355][T11574] overlayfs: "check_copy_up" module option is obsolete [ 340.019110][T11577] openvswitch: netlink: Tunnel attr 8192 out of range max 16 [ 340.620652][T11580] overlayfs: "check_copy_up" module option is obsolete [ 340.887054][T11597] overlayfs: "check_copy_up" module option is obsolete [ 340.999764][T11607] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1464'. [ 341.149655][T11607] overlayfs: "check_copy_up" module option is obsolete [ 341.505941][T11619] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1467'. [ 341.617999][T11617] overlayfs: "check_copy_up" module option is obsolete [ 342.230677][T11615] overlayfs: "check_copy_up" module option is obsolete [ 342.409170][T11632] overlayfs: "check_copy_up" module option is obsolete [ 342.805505][T11637] overlayfs: "check_copy_up" module option is obsolete [ 343.144611][T11646] overlayfs: "check_copy_up" module option is obsolete [ 344.642820][T11681] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1484'. [ 345.113122][T11691] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1488'. [ 345.277847][T11698] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1489'. [ 345.529325][T11658] overlayfs: "check_copy_up" module option is obsolete [ 345.923655][T11711] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1493'. [ 345.959692][T11708] overlayfs: "check_copy_up" module option is obsolete [ 346.349514][T11720] Invalid ELF header magic: != ELF [ 346.880761][T11721] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1495'. [ 346.919694][T11721] geneve1: entered allmulticast mode [ 352.890978][T11833] netlink: 252 bytes leftover after parsing attributes in process `syz.4.1526'. [ 353.054192][T11832] Invalid ELF header magic: != ELF [ 355.098423][ T29] audit: type=1326 audit(12808.890:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11825 comm="syz.2.1523" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe7f6f85d29 code=0x0 [ 356.179553][T11870] Invalid ELF header magic: != ELF [ 357.913764][T11904] erspan0: entered allmulticast mode [ 358.085639][T11911] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1545'. [ 359.332517][T11947] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 359.342595][T11947] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 361.103094][T11978] HfR: entered promiscuous mode [ 361.757830][T11992] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1565'. [ 362.559789][T12025] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1572'. [ 365.307175][T12088] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1584'. [ 366.218348][T12112] Invalid ELF header magic: != ELF [ 366.402991][T12117] syz.3.1594 (12117) used obsolete PPPIOCDETACH ioctl [ 367.389548][T12129] Process accounting resumed [ 367.420407][T12129] bridge0: port 3(team0) entered blocking state [ 367.435649][T12129] bridge0: port 3(team0) entered disabled state [ 367.442384][T12129] team0: entered allmulticast mode [ 367.451060][T12129] team_slave_0: entered allmulticast mode [ 367.470483][T12129] team0: entered promiscuous mode [ 367.480271][T12129] team_slave_0: entered promiscuous mode [ 368.069515][T12152] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1602'. [ 369.075344][T12163] mkiss: ax0: crc mode is auto. [ 370.061156][T12193] bridge0: port 3(team0) entered blocking state [ 370.067953][T12193] bridge0: port 3(team0) entered disabled state [ 370.075850][T12193] team0: entered allmulticast mode [ 370.084515][T12193] team0: entered promiscuous mode [ 371.410569][T12220] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1617'. [ 375.934556][T12309] Process accounting resumed [ 376.244826][T12321] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1636'. [ 376.295212][T12321] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1636'. [ 376.355871][T12321] veth0_macvtap: left promiscuous mode [ 377.143892][T12338] netlink: 'syz.3.1640': attribute type 1 has an invalid length. [ 377.203643][T12338] netlink: 'syz.3.1640': attribute type 1 has an invalid length. [ 377.439150][T12345] misc userio: Invalid payload size [ 378.539408][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.545850][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 388.256677][ T5828] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 391.032735][T12584] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1696'. [ 391.113874][T12584] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1696'. [ 391.653601][T12575] kexec: Could not allocate control_code_buffer [ 391.818078][ T29] audit: type=1326 audit(12845.821:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12596 comm="syz.0.1700" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3485f85d29 code=0x0 [ 392.169232][T12615] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1703'. [ 392.193433][T12615] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1703'. [ 392.781897][T12631] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1707'. [ 393.048486][T12640] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1709'. [ 394.055791][T12648] delete_channel: no stack [ 394.897162][T12677] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1717'. [ 394.914157][T12677] team0: left allmulticast mode [ 394.919236][T12677] team_slave_0: left allmulticast mode [ 394.926738][T12677] team0: left promiscuous mode [ 394.936350][T12677] team_slave_0: left promiscuous mode [ 394.943596][T12677] bridge0: port 3(team0) entered disabled state [ 394.954375][T12677] bridge_slave_1: left allmulticast mode [ 394.961515][T12677] bridge_slave_1: left promiscuous mode [ 394.967473][T12677] bridge0: port 2(bridge_slave_1) entered disabled state [ 394.978314][T12677] bridge_slave_0: left allmulticast mode [ 394.984219][T12677] bridge_slave_0: left promiscuous mode [ 394.990243][T12677] bridge0: port 1(bridge_slave_0) entered disabled state [ 396.574430][T12722] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1732'. [ 399.141202][T12805] netlink: 504 bytes leftover after parsing attributes in process `syz.4.1751'. [ 400.657405][T12818] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1754'. [ 403.117839][T12891] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1774'. [ 403.168946][T12894] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 403.869636][T12917] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 403.913655][T12917] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 404.641196][T12920] Invalid ELF header magic: != ELF [ 404.874517][T12929] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1780'. [ 404.909864][T12929] openvswitch: HfR: Dropping previously announced user features [ 404.961079][T12929] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1780'. [ 405.340060][T12937] netlink: 346 bytes leftover after parsing attributes in process `syz.2.1783'. [ 407.100673][T12956] [U] [ 407.103434][T12956] [U] [ 407.106165][T12956] [U] [ 407.108895][T12956] [U] [ 407.144739][T12956] [U] [ 407.147492][T12956] [U] [ 407.150223][T12956] [U] [ 407.152945][T12956] [U] [ 407.168290][T12956] [U] [ 407.171305][T12956] [U] [ 407.174023][T12956] [U] [ 407.176745][T12956] [U] [ 407.197466][T12956] [U] [ 407.200313][T12956] [U] [ 407.203034][T12956] [U] [ 407.205743][T12956] [U] [ 407.228113][T12956] [U] [ 407.230884][T12956] [U] [ 407.233607][T12956] [U] [ 407.236338][T12956] [U] [ 407.324178][T12956] [U] [ 407.326940][T12956] [U] [ 407.329675][T12956] [U] [ 407.332397][T12956] [U] [ 407.353185][T12956] [U] [ 407.355949][T12956] [U] [ 407.358669][T12956] [U] [ 407.361373][T12956] [U] [ 407.374691][T12956] [U] [ 407.377473][T12956] [U] [ 407.380193][T12956] [U] [ 407.383179][T12956] [U] [ 407.406677][T12956] [U] [ 407.409454][T12956] [U] [ 407.412178][T12956] [U] [ 407.414898][T12956] [U] [ 407.441540][T12956] [U] [ 407.444291][T12956] [U] [ 407.447016][T12956] [U] [ 407.449734][T12956] [U] [ 407.457090][T12956] [U] [ 411.073779][T13039] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 414.365154][T13111] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 414.382426][T13111] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 415.267232][T13121] Invalid ELF header magic: != ELF [ 417.816020][T13171] tipc: Started in network mode [ 417.833218][T13171] tipc: Node identity ffffffff, cluster identity 4711 [ 417.858781][T13171] tipc: Node number set to 4294967295 [ 418.259918][T13185] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1848'. [ 419.295774][T13205] < [ 421.155191][T13254] < [ 422.864211][ T29] audit: type=1800 audit(12877.022:21): pid=13288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1873" name="discovery_nqn" dev="configfs" ino=37163 res=0 errno=0 [ 422.930068][ T29] audit: type=1800 audit(12877.082:22): pid=13289 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1873" name="dbroot" dev="configfs" ino=37164 res=0 errno=0 [ 423.336256][T13292] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1878'. [ 423.422132][T13292] geneve0: entered allmulticast mode [ 425.480247][T13330] Invalid ELF header magic: != ELF [ 427.340607][T13380] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1901'. [ 428.039298][T13393] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1905'. [ 428.079075][T13395] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1905'. [ 431.231536][T13455] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1922'. [ 433.118279][T13508] MTRR 1 not used [ 433.678235][T13527] netlink: 122 bytes leftover after parsing attributes in process `syz.3.1942'. [ 435.831620][T13583] FAULT_INJECTION: forcing a failure. [ 435.831620][T13583] name failslab, interval 1, probability 0, space 0, times 0 [ 435.859882][T13583] CPU: 0 UID: 0 PID: 13583 Comm: syz.2.1956 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 435.870796][T13583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 435.880892][T13583] Call Trace: [ 435.884208][T13583] [ 435.887168][T13583] dump_stack_lvl+0x16c/0x1f0 [ 435.891890][T13583] should_fail_ex+0x497/0x5b0 [ 435.896614][T13583] ? fs_reclaim_acquire+0xae/0x150 [ 435.901760][T13583] should_failslab+0xc2/0x120 [ 435.906482][T13583] __kmalloc_cache_noprof+0x68/0x420 [ 435.911807][T13583] ? rcu_is_watching+0x12/0xc0 [ 435.916613][T13583] dev_seq_start+0x90/0x230 [ 435.921148][T13583] ? __pfx_dev_seq_start+0x10/0x10 [ 435.926280][T13583] traverse.part.0.constprop.0+0xac/0x640 [ 435.932006][T13583] ? __lock_acquire+0xcc5/0x3c40 [ 435.936962][T13583] seq_read_iter+0x934/0x12b0 [ 435.941668][T13583] proc_reg_read_iter+0x21d/0x310 [ 435.946718][T13583] vfs_read+0x87f/0xbe0 [ 435.950885][T13583] ? __pfx_vfs_read+0x10/0x10 [ 435.955581][T13583] ? lock_acquire+0x2f/0xb0 [ 435.960089][T13583] ? __fget_files+0x40/0x3a0 [ 435.964705][T13583] __x64_sys_pread64+0x1f6/0x250 [ 435.969653][T13583] ? __pfx___x64_sys_pread64+0x10/0x10 [ 435.975133][T13583] do_syscall_64+0xcd/0x250 [ 435.979651][T13583] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 435.985561][T13583] RIP: 0033:0x7fe7f6f85d29 [ 435.989980][T13583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 436.009604][T13583] RSP: 002b:00007fe7f7e51038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 436.018044][T13583] RAX: ffffffffffffffda RBX: 00007fe7f7175fa0 RCX: 00007fe7f6f85d29 [ 436.026040][T13583] RDX: 0000000000000006 RSI: 0000000020000040 RDI: 0000000000000003 [ 436.034021][T13583] RBP: 00007fe7f7e51090 R08: 0000000000000000 R09: 0000000000000000 [ 436.042280][T13583] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 436.050256][T13583] R13: 0000000000000000 R14: 00007fe7f7175fa0 R15: 00007ffd6a061428 [ 436.058770][T13583] [ 436.520594][T13595] Process accounting resumed [ 436.534288][T13578] delete_channel: no stack [ 438.155578][T13636] FAULT_INJECTION: forcing a failure. [ 438.155578][T13636] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 438.201188][T13636] CPU: 0 UID: 0 PID: 13636 Comm: syz.2.1970 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 438.212045][T13636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 438.222137][T13636] Call Trace: [ 438.225454][T13636] [ 438.228430][T13636] dump_stack_lvl+0x16c/0x1f0 [ 438.233199][T13636] should_fail_ex+0x497/0x5b0 [ 438.237927][T13636] _copy_from_user+0x2e/0xd0 [ 438.242559][T13636] uhid_char_write+0x1af/0x1100 [ 438.247444][T13636] ? rw_verify_area+0xd0/0x700 [ 438.252249][T13636] ? __pfx_uhid_char_write+0x10/0x10 [ 438.257573][T13636] vfs_writev+0x6da/0xdd0 [ 438.261937][T13636] ? find_held_lock+0x2d/0x110 [ 438.266743][T13636] ? __pfx_vfs_writev+0x10/0x10 [ 438.271620][T13636] ? find_held_lock+0x2d/0x110 [ 438.276427][T13636] ? __pfx_lock_release+0x10/0x10 [ 438.281489][T13636] ? trace_lock_acquire+0x14e/0x1f0 [ 438.286727][T13636] ? __fget_files+0x206/0x3a0 [ 438.291414][T13636] ? do_writev+0x297/0x340 [ 438.295827][T13636] do_writev+0x297/0x340 [ 438.300070][T13636] ? __pfx_do_writev+0x10/0x10 [ 438.304843][T13636] do_syscall_64+0xcd/0x250 [ 438.309882][T13636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 438.315790][T13636] RIP: 0033:0x7fe7f6f85d29 [ 438.320216][T13636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 438.339828][T13636] RSP: 002b:00007fe7f7e51038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 438.348258][T13636] RAX: ffffffffffffffda RBX: 00007fe7f7175fa0 RCX: 00007fe7f6f85d29 [ 438.356241][T13636] RDX: 0000000000000006 RSI: 0000000020000200 RDI: 0000000000000003 [ 438.364219][T13636] RBP: 00007fe7f7e51090 R08: 0000000000000000 R09: 0000000000000000 [ 438.372197][T13636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 438.380287][T13636] R13: 0000000000000000 R14: 00007fe7f7175fa0 R15: 00007ffd6a061428 [ 438.388376][T13636] [ 439.145858][T13673] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1982'. [ 439.297575][T13681] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1982'. [ 439.679241][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.686942][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.837373][T13721] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1995'. [ 441.557487][T13735] Invalid ELF header magic: != ELF [ 444.389866][T13803] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2014'. [ 446.990628][T13848] erspan0: entered allmulticast mode [ 448.168116][T13869] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2033'. [ 450.055409][T13912] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2042'. [ 450.447415][T13912] team0: Port device team_slave_0 removed [ 452.211175][T13947] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 452.227943][T13947] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 452.253505][T13947] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 452.279944][T13947] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 452.316883][T13947] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 453.598153][ T5828] Bluetooth: hci0: command 0x0419 tx timeout [ 454.227598][ T5828] Bluetooth: hci1: command 0x0419 tx timeout [ 454.303494][ T5828] Bluetooth: hci2: command 0x0406 tx timeout [ 454.309593][ T5828] Bluetooth: hci3: command 0x0419 tx timeout [ 454.675813][T14010] Invalid ELF header magic: != ELF [ 456.373780][T14008] Bluetooth: hci2: command 0x0406 tx timeout [ 457.125488][T14038] erspan0: entered allmulticast mode [ 458.687242][T14086] RDS: rds_bind could not find a transport for 86a4:131b:e300:1000::, load rds_tcp or rds_rdma? [ 458.819899][T14083] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2087'. [ 464.908015][T14184] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2112'. [ 465.000577][T14200] FAULT_INJECTION: forcing a failure. [ 465.000577][T14200] name failslab, interval 1, probability 0, space 0, times 0 [ 465.046797][T14200] CPU: 1 UID: 0 PID: 14200 Comm: syz.2.2117 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 465.057613][T14200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 465.067673][T14200] Call Trace: [ 465.070951][T14200] [ 465.073885][T14200] dump_stack_lvl+0x16c/0x1f0 [ 465.078590][T14200] should_fail_ex+0x497/0x5b0 [ 465.083298][T14200] ? fs_reclaim_acquire+0xae/0x150 [ 465.088423][T14200] should_failslab+0xc2/0x120 [ 465.093116][T14200] __kmalloc_noprof+0xce/0x4f0 [ 465.097891][T14200] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 465.103533][T14200] ? tomoyo_realpath_from_path+0xbf/0x710 [ 465.109274][T14200] tomoyo_realpath_from_path+0xbf/0x710 [ 465.114847][T14200] ? tomoyo_path_number_perm+0x235/0x5b0 [ 465.120521][T14200] tomoyo_path_number_perm+0x248/0x5b0 [ 465.126018][T14200] ? tomoyo_path_number_perm+0x235/0x5b0 [ 465.131672][T14200] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 465.137689][T14200] ? __pfx_lock_release+0x10/0x10 [ 465.142720][T14200] ? trace_lock_acquire+0x14e/0x1f0 [ 465.147936][T14200] ? lock_acquire+0x2f/0xb0 [ 465.152446][T14200] ? __fget_files+0x40/0x3a0 [ 465.157049][T14200] ? __fget_files+0x206/0x3a0 [ 465.161736][T14200] security_file_ioctl+0x9b/0x240 [ 465.166767][T14200] __x64_sys_ioctl+0xb7/0x200 [ 465.171451][T14200] do_syscall_64+0xcd/0x250 [ 465.175965][T14200] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 465.181891][T14200] RIP: 0033:0x7fe7f6f85d29 [ 465.186322][T14200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 465.205947][T14200] RSP: 002b:00007fe7f7e51038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 465.214379][T14200] RAX: ffffffffffffffda RBX: 00007fe7f7175fa0 RCX: 00007fe7f6f85d29 [ 465.222353][T14200] RDX: 0000000000000005 RSI: 00000000c0104d03 RDI: 0000000000000003 [ 465.230327][T14200] RBP: 00007fe7f7e51090 R08: 0000000000000000 R09: 0000000000000000 [ 465.238302][T14200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 465.246285][T14200] R13: 0000000000000000 R14: 00007fe7f7175fa0 R15: 00007ffd6a061428 [ 465.254280][T14200] [ 465.282043][T14200] ERROR: Out of memory at tomoyo_realpath_from_path. [ 465.930106][T14218] erspan0: entered allmulticast mode [ 466.697376][T14189] Process accounting paused [ 466.864832][T14236] FAULT_INJECTION: forcing a failure. [ 466.864832][T14236] name failslab, interval 1, probability 0, space 0, times 0 [ 466.879571][T14236] CPU: 1 UID: 0 PID: 14236 Comm: syz.4.2126 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 466.890387][T14236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 466.900470][T14236] Call Trace: [ 466.903768][T14236] [ 466.906720][T14236] dump_stack_lvl+0x16c/0x1f0 [ 466.911434][T14236] should_fail_ex+0x497/0x5b0 [ 466.916143][T14236] ? fs_reclaim_acquire+0xae/0x150 [ 466.921297][T14236] should_failslab+0xc2/0x120 [ 466.926020][T14236] __kmalloc_noprof+0xce/0x4f0 [ 466.930826][T14236] ? tomoyo_encode2+0x100/0x3e0 [ 466.935717][T14236] tomoyo_encode2+0x100/0x3e0 [ 466.940431][T14236] tomoyo_realpath_from_path+0x1a7/0x710 [ 466.946105][T14236] ? tomoyo_path_number_perm+0x235/0x5b0 [ 466.951783][T14236] tomoyo_path_number_perm+0x248/0x5b0 [ 466.957291][T14236] ? tomoyo_path_number_perm+0x235/0x5b0 [ 466.962968][T14236] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 466.969023][T14236] ? __pfx_lock_release+0x10/0x10 [ 466.974155][T14236] ? trace_lock_acquire+0x14e/0x1f0 [ 466.979401][T14236] ? lock_acquire+0x2f/0xb0 [ 466.983931][T14236] ? __fget_files+0x40/0x3a0 [ 466.988561][T14236] ? __fget_files+0x206/0x3a0 [ 466.993313][T14236] security_file_ioctl+0x9b/0x240 [ 466.998386][T14236] __x64_sys_ioctl+0xb7/0x200 [ 467.003097][T14236] do_syscall_64+0xcd/0x250 [ 467.007641][T14236] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 467.013576][T14236] RIP: 0033:0x7f4c17f85d29 [ 467.018015][T14236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 467.037660][T14236] RSP: 002b:00007f4c18e39038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 467.046118][T14236] RAX: ffffffffffffffda RBX: 00007f4c18175fa0 RCX: 00007f4c17f85d29 [ 467.054118][T14236] RDX: 0000000000000005 RSI: 00000000c0104d03 RDI: 0000000000000003 [ 467.062117][T14236] RBP: 00007f4c18e39090 R08: 0000000000000000 R09: 0000000000000000 [ 467.070121][T14236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 467.078119][T14236] R13: 0000000000000000 R14: 00007f4c18175fa0 R15: 00007ffc8426eeb8 [ 467.086128][T14236] [ 467.112762][T14236] ERROR: Out of memory at tomoyo_realpath_from_path. [ 467.370687][T14238] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2127'. [ 467.464508][T14247] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2127'. [ 467.685316][T14240] program syz.4.2128 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 468.314689][T14256] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2133'. [ 468.762468][T14271] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2136'. [ 469.270205][T14277] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2139'. [ 469.321564][T14281] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2139'. [ 470.899236][T14316] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2149'. [ 471.284152][T14327] FAULT_INJECTION: forcing a failure. [ 471.284152][T14327] name failslab, interval 1, probability 0, space 0, times 0 [ 471.311070][T14327] CPU: 0 UID: 0 PID: 14327 Comm: syz.4.2151 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 471.322162][T14327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 471.332264][T14327] Call Trace: [ 471.335577][T14327] [ 471.338533][T14327] dump_stack_lvl+0x16c/0x1f0 [ 471.343253][T14327] should_fail_ex+0x497/0x5b0 [ 471.347988][T14327] ? fs_reclaim_acquire+0xae/0x150 [ 471.353141][T14327] should_failslab+0xc2/0x120 [ 471.357866][T14327] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 471.363290][T14327] ? ptlock_alloc+0x1f/0x70 [ 471.367838][T14327] ptlock_alloc+0x1f/0x70 [ 471.372185][T14327] pte_alloc_one+0x74/0x390 [ 471.376701][T14327] do_pte_missing+0x1ae7/0x3e00 [ 471.381572][T14327] __handle_mm_fault+0x103c/0x2a40 [ 471.386703][T14327] ? __pfx___handle_mm_fault+0x10/0x10 [ 471.392171][T14327] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 471.397821][T14327] ? find_vma+0xc0/0x140 [ 471.402067][T14327] ? __pfx_find_vma+0x10/0x10 [ 471.406751][T14327] handle_mm_fault+0x3fa/0xaa0 [ 471.411535][T14327] do_user_addr_fault+0x7a3/0x13f0 [ 471.416663][T14327] exc_page_fault+0x5c/0xc0 [ 471.421177][T14327] asm_exc_page_fault+0x26/0x30 [ 471.426036][T14327] RIP: 0010:__get_user_4+0x1a/0x30 [ 471.431151][T14327] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 ba 00 f0 ff ff ff 7f 00 00 48 39 c2 48 19 d2 48 09 d0 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 [ 471.450763][T14327] RSP: 0018:ffffc900109afd68 EFLAGS: 00050206 [ 471.456836][T14327] RAX: 0000000000000005 RBX: 00000000c0104d03 RCX: ffffc900109afcd0 [ 471.464810][T14327] RDX: 0000000000000000 RSI: ffffffff81436b46 RDI: ffffffff8bb16ec0 [ 471.472783][T14327] RBP: 0000000000000005 R08: 0000000000000000 R09: fffffbfff2039c42 [ 471.480756][T14327] R10: ffffffff901ce217 R11: 0000000000000000 R12: 1ffff92002135fb0 [ 471.488728][T14327] R13: ffff88805fef7880 R14: 0000000000000005 R15: 00000000c0104d03 [ 471.496712][T14327] ? mtrr_ioctl+0x546/0xcd0 [ 471.501234][T14327] mtrr_ioctl+0x54e/0xcd0 [ 471.505579][T14327] ? __pfx_mtrr_ioctl+0x10/0x10 [ 471.510446][T14327] ? __pfx_lock_release+0x10/0x10 [ 471.515489][T14327] ? __fget_files+0x206/0x3a0 [ 471.520174][T14327] ? __pfx_mtrr_ioctl+0x10/0x10 [ 471.525039][T14327] proc_reg_unlocked_ioctl+0x226/0x320 [ 471.530503][T14327] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 471.536491][T14327] __x64_sys_ioctl+0x190/0x200 [ 471.541258][T14327] do_syscall_64+0xcd/0x250 [ 471.545772][T14327] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 471.551673][T14327] RIP: 0033:0x7f4c17f85d29 [ 471.556093][T14327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 471.575710][T14327] RSP: 002b:00007f4c18e39038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 471.584131][T14327] RAX: ffffffffffffffda RBX: 00007f4c18175fa0 RCX: 00007f4c17f85d29 [ 471.592103][T14327] RDX: 0000000000000005 RSI: 00000000c0104d03 RDI: 0000000000000003 [ 471.600076][T14327] RBP: 00007f4c18e39090 R08: 0000000000000000 R09: 0000000000000000 [ 471.608049][T14327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 471.616028][T14327] R13: 0000000000000000 R14: 00007f4c18175fa0 R15: 00007ffc8426eeb8 [ 471.624020][T14327] [ 472.264879][T14354] netlink: 146 bytes leftover after parsing attributes in process `syz.3.2158'. [ 473.265718][T14374] FAULT_INJECTION: forcing a failure. [ 473.265718][T14374] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 473.290141][T14369] Invalid ELF header magic: != ELF [ 473.337129][T14374] CPU: 0 UID: 0 PID: 14374 Comm: syz.2.2162 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 473.347954][T14374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 473.354328][T14371] Invalid ELF header magic: != ELF [ 473.358018][T14374] Call Trace: [ 473.366558][T14374] [ 473.369516][T14374] dump_stack_lvl+0x16c/0x1f0 [ 473.374234][T14374] should_fail_ex+0x497/0x5b0 [ 473.378954][T14374] ? fs_reclaim_acquire+0xae/0x150 [ 473.384106][T14374] should_fail_alloc_page+0xe7/0x130 [ 473.389431][T14374] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 473.395635][T14374] __alloc_pages_noprof+0x190/0x25b0 [ 473.400969][T14374] ? __pfx_mark_lock+0x10/0x10 [ 473.405781][T14374] ? __pfx___lock_acquire+0x10/0x10 [ 473.411018][T14374] ? mark_lock+0xb5/0xc60 [ 473.415387][T14374] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 473.421161][T14374] ? hlock_class+0x4e/0x130 [ 473.425703][T14374] ? __lock_acquire+0xcc5/0x3c40 [ 473.430691][T14374] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 473.436624][T14374] ? policy_nodemask+0xea/0x4e0 [ 473.441522][T14374] alloc_pages_mpol_noprof+0x2c9/0x610 [ 473.447033][T14374] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 473.453062][T14374] ? find_held_lock+0x2d/0x110 [ 473.457873][T14374] folio_alloc_mpol_noprof+0x36/0xd0 [ 473.463200][T14374] shmem_alloc_folio+0x135/0x160 [ 473.468177][T14374] shmem_alloc_and_add_folio+0x48b/0xc00 [ 473.473845][T14374] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 473.479775][T14374] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 473.485958][T14374] ? shmem_huge_global_enabled+0x176/0x250 [ 473.491809][T14374] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 473.497745][T14374] shmem_get_folio_gfp+0x689/0x1530 [ 473.502984][T14374] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 473.508665][T14374] ? filemap_map_pages+0xf92/0x16b0 [ 473.513905][T14374] shmem_fault+0x200/0xae0 [ 473.518358][T14374] ? __pfx_shmem_fault+0x10/0x10 [ 473.523335][T14374] ? do_pte_missing+0xdd7/0x3e00 [ 473.528311][T14374] ? __pfx_lock_release+0x10/0x10 [ 473.533376][T14374] __do_fault+0x10a/0x490 [ 473.537738][T14374] do_pte_missing+0xebd/0x3e00 [ 473.542551][T14374] __handle_mm_fault+0x103c/0x2a40 [ 473.547719][T14374] ? __pfx___handle_mm_fault+0x10/0x10 [ 473.553212][T14374] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 473.558896][T14374] ? find_vma+0xc0/0x140 [ 473.563170][T14374] ? __pfx_find_vma+0x10/0x10 [ 473.567884][T14374] handle_mm_fault+0x3fa/0xaa0 [ 473.572691][T14374] do_user_addr_fault+0x7a3/0x13f0 [ 473.577838][T14374] exc_page_fault+0x5c/0xc0 [ 473.582369][T14374] asm_exc_page_fault+0x26/0x30 [ 473.587252][T14374] RIP: 0010:__get_user_4+0x1a/0x30 [ 473.592399][T14374] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 ba 00 f0 ff ff ff 7f 00 00 48 39 c2 48 19 d2 48 09 d0 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 [ 473.612035][T14374] RSP: 0018:ffffc9001095fd68 EFLAGS: 00050206 [ 473.618111][T14374] RAX: 0000000000000005 RBX: 00000000c0104d03 RCX: ffffc9001095fcd0 [ 473.626085][T14374] RDX: 0000000000000000 RSI: ffffffff81436b46 RDI: ffffffff8bb16ec0 [ 473.634059][T14374] RBP: 0000000000000005 R08: 0000000000000000 R09: fffffbfff2039c42 [ 473.642032][T14374] R10: ffffffff901ce217 R11: 0000000000000000 R12: 1ffff9200212bfb0 [ 473.650009][T14374] R13: ffff88803357ee00 R14: 0000000000000005 R15: 00000000c0104d03 [ 473.658011][T14374] ? mtrr_ioctl+0x546/0xcd0 [ 473.662538][T14374] mtrr_ioctl+0x54e/0xcd0 [ 473.666889][T14374] ? __pfx_mtrr_ioctl+0x10/0x10 [ 473.671756][T14374] ? __pfx_lock_release+0x10/0x10 [ 473.676794][T14374] ? __fget_files+0x206/0x3a0 [ 473.681478][T14374] ? __pfx_mtrr_ioctl+0x10/0x10 [ 473.686342][T14374] proc_reg_unlocked_ioctl+0x226/0x320 [ 473.691812][T14374] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 473.697809][T14374] __x64_sys_ioctl+0x190/0x200 [ 473.702585][T14374] do_syscall_64+0xcd/0x250 [ 473.707100][T14374] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 473.713003][T14374] RIP: 0033:0x7fe7f6f85d29 [ 473.717423][T14374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 473.737034][T14374] RSP: 002b:00007fe7f7e51038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 473.745453][T14374] RAX: ffffffffffffffda RBX: 00007fe7f7175fa0 RCX: 00007fe7f6f85d29 [ 473.753432][T14374] RDX: 0000000000000005 RSI: 00000000c0104d03 RDI: 0000000000000003 [ 473.761410][T14374] RBP: 00007fe7f7e51090 R08: 0000000000000000 R09: 0000000000000000 [ 473.769384][T14374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 473.777355][T14374] R13: 0000000000000000 R14: 00007fe7f7175fa0 R15: 00007ffd6a061428 [ 473.785350][T14374] [ 476.361105][ T8889] smc: removing net device syz_tun with user defined pnetid ETHTOOL [ 476.416481][ T5837] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 476.431932][ T5837] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 476.442338][ T5837] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 476.489044][ T5837] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 476.557667][ T5837] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 476.577188][ T5837] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 476.873472][T14435] chnl_net:caif_netlink_parms(): no params data found [ 476.987703][T14435] bridge0: port 1(bridge_slave_0) entered blocking state [ 476.995768][T14435] bridge0: port 1(bridge_slave_0) entered disabled state [ 477.003100][T14435] bridge_slave_0: entered allmulticast mode [ 477.011024][T14435] bridge_slave_0: entered promiscuous mode [ 477.021520][T14435] bridge0: port 2(bridge_slave_1) entered blocking state [ 477.028806][T14435] bridge0: port 2(bridge_slave_1) entered disabled state [ 477.036234][T14435] bridge_slave_1: entered allmulticast mode [ 477.043298][T14435] bridge_slave_1: entered promiscuous mode [ 477.102357][T14435] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 477.130703][T14435] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 477.183080][T14435] team0: Port device team_slave_0 added [ 477.191753][T14435] team0: Port device team_slave_1 added [ 477.217427][T14435] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 477.227320][T14435] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 477.253485][T14435] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 477.266721][T14435] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 477.274274][T14435] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 477.300317][T14435] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 477.336685][T14435] hsr_slave_0: entered promiscuous mode [ 477.343116][T14435] hsr_slave_1: entered promiscuous mode [ 477.349150][T14435] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 477.358278][T14435] Cannot create hsr debugfs directory [ 477.466014][T14435] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 477.557055][T14435] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 477.709843][T14435] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 477.848083][T14435] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 478.029907][T14435] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 478.069385][T14435] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 478.101174][T14435] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 478.119951][T14435] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 478.271529][T14435] 8021q: adding VLAN 0 to HW filter on device bond0 [ 478.298806][T14435] 8021q: adding VLAN 0 to HW filter on device team0 [ 478.327748][T12258] bridge0: port 1(bridge_slave_0) entered blocking state [ 478.334895][T12258] bridge0: port 1(bridge_slave_0) entered forwarding state [ 478.362149][ T3480] bridge0: port 2(bridge_slave_1) entered blocking state [ 478.369364][ T3480] bridge0: port 2(bridge_slave_1) entered forwarding state [ 478.656347][ T5837] Bluetooth: hci1: command tx timeout [ 478.663922][T14435] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 478.784330][T14435] veth0_vlan: entered promiscuous mode [ 478.804894][T14435] veth1_vlan: entered promiscuous mode [ 478.846472][T14435] veth0_macvtap: entered promiscuous mode [ 478.855574][T14435] veth1_macvtap: entered promiscuous mode [ 478.890326][T14435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 478.924427][T14435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.946422][T14435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 478.964190][T14435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.994564][T14435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 479.012826][T14435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 479.030708][T14435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 479.042866][T14435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 479.068308][T14435] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 479.084617][T14435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 479.099853][T14435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 479.111607][T14435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 479.128889][T14435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 479.139685][T14435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 479.156381][T14435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 479.169053][T14435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 479.202341][T14435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 479.218544][T14435] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 479.278335][T14435] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 479.310155][T14435] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 479.326420][T14435] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 479.352308][T14435] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 479.536053][T12262] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 479.550412][T12258] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 479.562146][T12258] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 479.611139][T12262] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 479.778803][T14524] netlink: ct family unspecified [ 480.725319][ T5837] Bluetooth: hci1: command tx timeout [ 480.850245][T14557] binder: 14556:14557 ioctl c00c6211 9 returned -14 [ 481.739797][T14585] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2214'. [ 482.797870][ T5837] Bluetooth: hci1: command tx timeout [ 484.867890][ T5837] Bluetooth: hci1: command tx timeout [ 485.389897][T14650] netlink: del zone limit has 8 unknown bytes [ 485.411158][T14650] openvswitch: netlink: Key type 113 is out of range max 32 [ 486.297448][T14670] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2232'. [ 492.996348][T14767] netlink: 'syz.3.2256': attribute type 4 has an invalid length. [ 493.036302][T14767] netlink: 314 bytes leftover after parsing attributes in process `syz.3.2256'. [ 496.818653][T14809] Process accounting resumed [ 496.921465][T14819] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2265'. [ 497.657545][T14833] Invalid ELF header magic: != ELF [ 500.783133][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 500.789641][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.169672][T14940] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2291'. [ 503.553019][T14969] HfR: entered promiscuous mode [ 503.579242][T14969] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2299'. [ 503.589797][T14969] HfR: left promiscuous mode [ 506.677233][T15039] HfR: entered promiscuous mode [ 506.729976][T15039] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2314'. [ 506.749436][T15039] HfR: left promiscuous mode [ 510.106636][T15106] openvswitch: netlink: Message has 264 unknown bytes. [ 510.867027][T15121] HfR: entered promiscuous mode [ 510.938293][T15121] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2333'. [ 510.947381][T15121] HfR: left promiscuous mode [ 512.422031][T15156] netlink: 10440 bytes leftover after parsing attributes in process `syz.3.2343'. [ 515.317107][T15231] binder: 15230:15231 ioctl c00c620f 800000000000003 returned -14 [ 516.706355][T15276] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2371'. [ 517.357512][T15289] syz.0.2373 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 517.775117][T15294] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2376'. [ 517.808321][T15294] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2376'. [ 518.071052][T15300] mkiss: ax0: crc mode is auto. [ 518.076381][T15303] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2375'. [ 518.151704][T15296] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2375'. [ 518.990507][T15324] netlink: 130 bytes leftover after parsing attributes in process `syz.2.2383'. [ 519.019134][T15324] lo: entered allmulticast mode [ 519.040574][T15322] lo: left allmulticast mode [ 519.338362][T15336] tipc: Started in network mode [ 519.343379][T15336] tipc: Node identity ee00, cluster identity 4711 [ 519.391058][T15336] tipc: Node number set to 60928 [ 521.406446][T15379] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2397'. [ 521.436227][T15379] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2397'. [ 521.703087][T15384] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 521.709209][T15384] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 521.751772][T15384] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 521.758125][T15384] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 521.817020][T15384] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 521.907175][T15384] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 523.703599][T14930] Bluetooth: hci3: command 0x0419 tx timeout [ 523.709776][T14930] Bluetooth: hci0: command 0x0419 tx timeout [ 523.793726][T15430] Bluetooth: hci1: command 0x0c1a tx timeout [ 523.802372][T14913] Bluetooth: hci2: command 0x0406 tx timeout [ 524.319335][T14913] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 524.451098][T14913] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 524.541183][T14913] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 524.553008][T14913] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 524.573061][T14913] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 524.592730][T14913] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 525.110221][T15445] chnl_net:caif_netlink_parms(): no params data found [ 525.274012][T15445] bridge0: port 1(bridge_slave_0) entered blocking state [ 525.281146][T15445] bridge0: port 1(bridge_slave_0) entered disabled state [ 525.295448][T15445] bridge_slave_0: entered allmulticast mode [ 525.302470][T15445] bridge_slave_0: entered promiscuous mode [ 525.310308][T15445] bridge0: port 2(bridge_slave_1) entered blocking state [ 525.317539][T15445] bridge0: port 2(bridge_slave_1) entered disabled state [ 525.325195][T15445] bridge_slave_1: entered allmulticast mode [ 525.332207][T15445] bridge_slave_1: entered promiscuous mode [ 525.391258][T15445] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 525.424974][T15445] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 525.481424][T15445] team0: Port device team_slave_0 added [ 525.495686][T15445] team0: Port device team_slave_1 added [ 525.544106][T15445] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 525.552275][T15445] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 525.621530][T15445] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 525.655732][T15445] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 525.668114][T15445] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 525.725277][T15445] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 525.850575][T15430] Bluetooth: hci1: command 0x0c1a tx timeout [ 525.948801][T15445] hsr_slave_0: entered promiscuous mode [ 525.969534][T15445] hsr_slave_1: entered promiscuous mode [ 525.985833][T15445] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 526.007187][T15445] Cannot create hsr debugfs directory [ 526.460479][T15445] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 526.694847][T15445] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 526.726122][T15430] Bluetooth: hci4: command tx timeout [ 526.824564][T15445] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 526.993146][T15445] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 527.320197][T15445] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 527.365318][T15445] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 527.417012][T15445] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 527.507803][T15445] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 527.724212][T15445] 8021q: adding VLAN 0 to HW filter on device bond0 [ 527.772948][T15445] 8021q: adding VLAN 0 to HW filter on device team0 [ 527.813960][T14980] bridge0: port 1(bridge_slave_0) entered blocking state [ 527.821188][T14980] bridge0: port 1(bridge_slave_0) entered forwarding state [ 527.836947][T14980] bridge0: port 2(bridge_slave_1) entered blocking state [ 527.844162][T14980] bridge0: port 2(bridge_slave_1) entered forwarding state [ 527.919878][T15430] Bluetooth: hci1: command 0x0c1a tx timeout [ 527.942838][T15445] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 528.298914][T15445] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 528.415340][T15445] veth0_vlan: entered promiscuous mode [ 528.451254][T15445] veth1_vlan: entered promiscuous mode [ 528.538829][T15445] veth0_macvtap: entered promiscuous mode [ 528.567986][T15445] veth1_macvtap: entered promiscuous mode [ 528.604468][T15445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 528.654913][T15445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.675539][T15445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 528.694634][T15445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.704931][T15445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 528.731159][T15445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.743487][T15445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 528.770083][T15445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.795980][T15430] Bluetooth: hci4: command tx timeout [ 528.803428][T15445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 528.831060][T15445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.847698][T15445] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 528.901416][T15445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 528.924523][T15445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.954276][T15445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 528.985891][T15445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 529.012891][T15445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 529.062779][T15445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 529.088401][T15445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 529.113860][T15445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 529.141922][T15445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 529.152757][T15445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 529.181894][T15445] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 529.226111][T15445] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 529.249099][T15445] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 529.262911][T15445] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 529.290430][T15445] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 529.490082][T15253] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 529.525990][T15253] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 529.608605][T15253] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 529.640857][T15253] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 530.715893][T15567] Invalid ELF header magic: != ELF [ 530.871500][T15430] Bluetooth: hci4: command tx timeout [ 531.446955][T15577] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2443'. [ 531.559523][T15577] hsr_slave_1 (unregistering): left promiscuous mode [ 532.027418][T15592] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2444'. [ 532.938517][T15430] Bluetooth: hci4: command tx timeout [ 543.494310][T14913] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 543.517190][T14913] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 543.532401][T14913] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 543.547886][T14913] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 543.584014][T14913] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 543.604300][T14913] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 543.935699][T16070] chnl_net:caif_netlink_parms(): no params data found [ 544.068319][T16070] bridge0: port 1(bridge_slave_0) entered blocking state [ 544.101204][T16070] bridge0: port 1(bridge_slave_0) entered disabled state [ 544.108588][T16070] bridge_slave_0: entered allmulticast mode [ 544.115662][T16070] bridge_slave_0: entered promiscuous mode [ 544.124069][T16070] bridge0: port 2(bridge_slave_1) entered blocking state [ 544.131242][T16070] bridge0: port 2(bridge_slave_1) entered disabled state [ 544.138519][T16070] bridge_slave_1: entered allmulticast mode [ 544.146606][T16070] bridge_slave_1: entered promiscuous mode [ 544.247698][T16070] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 544.275780][T16070] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 544.400893][T16070] team0: Port device team_slave_0 added [ 544.426543][T16070] team0: Port device team_slave_1 added [ 544.495183][T16070] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 544.502500][T16070] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 544.539093][T16070] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 544.563176][T16070] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 544.570159][T16070] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 544.617436][T16070] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 544.735421][T16070] hsr_slave_0: entered promiscuous mode [ 544.751305][T16070] hsr_slave_1: entered promiscuous mode [ 544.759952][T16070] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 544.776949][T16070] Cannot create hsr debugfs directory [ 545.078989][T16070] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 545.175600][T16070] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 545.291468][T16070] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 545.436412][T16070] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 545.660821][T16070] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 545.668082][T14913] Bluetooth: hci3: command tx timeout [ 545.676770][T16070] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 545.693160][T16070] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 545.726261][T16070] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 545.956810][T16070] 8021q: adding VLAN 0 to HW filter on device bond0 [ 545.989689][T16070] 8021q: adding VLAN 0 to HW filter on device team0 [ 546.018447][T14915] bridge0: port 1(bridge_slave_0) entered blocking state [ 546.025617][T14915] bridge0: port 1(bridge_slave_0) entered forwarding state [ 546.072693][T14980] bridge0: port 2(bridge_slave_1) entered blocking state [ 546.079870][T14980] bridge0: port 2(bridge_slave_1) entered forwarding state [ 546.544726][T16070] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 546.614657][T16070] veth0_vlan: entered promiscuous mode [ 546.654066][T16070] veth1_vlan: entered promiscuous mode [ 546.723582][T16070] veth0_macvtap: entered promiscuous mode [ 546.739216][T16070] veth1_macvtap: entered promiscuous mode [ 546.754232][T16070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 546.764957][T16070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 546.774860][T16070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 546.785512][T16070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 546.795653][T16070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 546.806427][T16070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 546.816873][T16070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 546.827827][T16070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 546.837738][T16070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 546.848337][T16070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 546.858556][T16070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 546.869122][T16070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 546.881380][T16070] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 546.917164][T16070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 546.937970][T16070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 546.958999][T16070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 546.989533][T16070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 547.007066][T16070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 547.037184][T16070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 547.057228][T16070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 547.089974][T16070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 547.116771][T16070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 547.137201][T16070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 547.147142][T16070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 547.157821][T16070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 547.170857][T16070] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 547.228499][T16070] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 547.237369][T16070] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 547.254022][T16070] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 547.304913][T16070] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 547.506051][T15262] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 547.536158][T15262] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 547.605501][T14915] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 547.631683][T14915] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 547.740234][T14913] Bluetooth: hci3: command tx timeout [ 548.161893][T15430] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 548.184572][T15430] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 548.205064][T15430] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 548.228868][T15430] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 548.250573][T15430] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 548.258061][T15430] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 548.749499][T16430] chnl_net:caif_netlink_parms(): no params data found [ 548.921684][T16430] bridge0: port 1(bridge_slave_0) entered blocking state [ 548.928903][T16430] bridge0: port 1(bridge_slave_0) entered disabled state [ 548.957943][T16430] bridge_slave_0: entered allmulticast mode [ 548.969705][T16430] bridge_slave_0: entered promiscuous mode [ 549.007690][T16430] bridge0: port 2(bridge_slave_1) entered blocking state [ 549.032912][T16430] bridge0: port 2(bridge_slave_1) entered disabled state [ 549.048815][T16430] bridge_slave_1: entered allmulticast mode [ 549.057096][T16430] bridge_slave_1: entered promiscuous mode [ 549.145924][T16430] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 549.158756][T16430] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 549.297741][T16430] team0: Port device team_slave_0 added [ 549.316305][T16430] team0: Port device team_slave_1 added [ 549.447420][T16430] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 549.487495][T16430] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 549.533861][T16430] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 549.703722][T16430] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 549.724688][T16430] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 549.772389][T16430] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 549.806214][T15430] Bluetooth: hci3: command tx timeout [ 549.869072][T16430] hsr_slave_0: entered promiscuous mode [ 549.882329][T16430] hsr_slave_1: entered promiscuous mode [ 549.902094][T16430] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 549.930040][T16430] Cannot create hsr debugfs directory [ 550.232273][T16430] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 550.284068][T15430] Bluetooth: hci0: command tx timeout [ 550.410111][T16430] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 550.523931][T16430] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 550.606555][T16430] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 550.858422][T16430] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 550.897881][T16430] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 550.922409][T16430] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 550.948627][T16430] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 551.112489][T16430] 8021q: adding VLAN 0 to HW filter on device bond0 [ 551.128692][T16430] 8021q: adding VLAN 0 to HW filter on device team0 [ 551.165340][T16430] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 551.175836][T16430] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 551.200292][T15262] bridge0: port 1(bridge_slave_0) entered blocking state [ 551.207429][T15262] bridge0: port 1(bridge_slave_0) entered forwarding state [ 551.216664][T15262] bridge0: port 2(bridge_slave_1) entered blocking state [ 551.223856][T15262] bridge0: port 2(bridge_slave_1) entered forwarding state [ 551.600715][T16430] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 551.876324][T15430] Bluetooth: hci3: command tx timeout [ 552.085816][T16430] veth0_vlan: entered promiscuous mode [ 552.121167][T16430] veth1_vlan: entered promiscuous mode [ 552.320862][T16430] veth0_macvtap: entered promiscuous mode [ 552.354049][T15430] Bluetooth: hci0: command tx timeout [ 552.366058][T16430] veth1_macvtap: entered promiscuous mode [ 552.450682][T16430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 552.480600][T16430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 552.507848][T16430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 552.551447][T16430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 552.579039][T16430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 552.612899][T16430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 552.633361][T16430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 552.654079][T16430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 552.666158][T16430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 552.688457][T16430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 552.714526][T16430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 552.736932][T16430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 552.759951][T16430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 552.773788][T16430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 552.794667][T16430] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 552.870806][T16430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 552.895251][T16430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 552.908957][T16430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 552.939639][T16430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 552.961369][T16430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 552.979357][T16430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 552.999333][T16430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 553.019143][T16430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 553.046940][T16430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 553.073074][T16430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 553.092920][T16430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 553.119803][T16430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 553.141554][T16430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 553.163095][T16430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 553.180313][T16430] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 553.221355][T16430] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 553.244486][T16430] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 553.254056][T16430] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 553.273585][T16430] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 553.450172][T15253] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 553.486812][T15253] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 553.539635][T15261] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 553.576293][T15261] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 554.422071][T15430] Bluetooth: hci0: command tx timeout [ 555.738298][T16919] sp0: Synchronizing with TNC [ 556.166883][T16939] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 556.493960][T15430] Bluetooth: hci0: command tx timeout [ 558.857943][T17120] program syz.4.3489 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 560.229994][T17207] nbd: must specify at least one socket [ 561.923923][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 561.930306][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.023499][T17363] binder: 17346:17363 ioctl c0105512 1 returned -22 [ 562.030372][T17363] binder: 17346:17363 ioctl c0105512 1 returned -22 [ 564.579993][T17538] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3773'. [ 565.551741][T14913] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 565.596358][T14980] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 565.622978][T14913] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 565.646677][T14913] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 565.685411][T14913] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 565.718257][T14913] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 565.727685][T14913] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 566.147853][T14980] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 566.306717][T14980] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 566.356356][T17593] chnl_net:caif_netlink_parms(): no params data found [ 566.491494][T14980] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 566.671547][T17593] bridge0: port 1(bridge_slave_0) entered blocking state [ 566.688275][T17593] bridge0: port 1(bridge_slave_0) entered disabled state [ 566.700491][T17593] bridge_slave_0: entered allmulticast mode [ 566.715994][T17593] bridge_slave_0: entered promiscuous mode [ 566.737440][T17593] bridge0: port 2(bridge_slave_1) entered blocking state [ 566.756960][T17593] bridge0: port 2(bridge_slave_1) entered disabled state [ 566.774051][T17593] bridge_slave_1: entered allmulticast mode [ 566.788385][T17593] bridge_slave_1: entered promiscuous mode [ 566.879355][T17593] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 566.940759][T17593] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 566.992173][T14980] bridge_slave_1: left allmulticast mode [ 566.999720][T14980] bridge_slave_1: left promiscuous mode [ 567.006588][T14980] bridge0: port 2(bridge_slave_1) entered disabled state [ 567.046364][T14980] bridge_slave_0: left allmulticast mode [ 567.052099][T14980] bridge_slave_0: left promiscuous mode [ 567.060651][T14980] bridge0: port 1(bridge_slave_0) entered disabled state [ 567.873130][T14913] Bluetooth: hci1: command tx timeout [ 568.224524][T14980] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 568.256268][T14980] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 568.294027][T14980] bond0 (unregistering): Released all slaves [ 568.407149][T17593] team0: Port device team_slave_0 added [ 568.440693][T17593] team0: Port device team_slave_1 added [ 568.764309][T17593] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 568.786388][T17593] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 568.817683][T17593] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 568.846839][T17593] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 568.856571][T17593] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 568.934517][T17593] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 569.143212][T17593] hsr_slave_0: entered promiscuous mode [ 569.176179][T17593] hsr_slave_1: entered promiscuous mode [ 569.197955][T17593] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 569.214899][T17593] Cannot create hsr debugfs directory [ 569.324462][T17746] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3893'. [ 569.400823][T14980] hsr_slave_0: left promiscuous mode [ 569.429540][T14980] hsr_slave_1: left promiscuous mode [ 569.466984][T14980] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 569.483704][T14980] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 569.505616][T14980] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 569.522328][T14980] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 569.593086][T14980] veth1_macvtap: left promiscuous mode [ 569.599973][T14980] veth0_macvtap: left promiscuous mode [ 569.610700][T14980] veth1_vlan: left promiscuous mode [ 569.626799][T14980] veth0_vlan: left promiscuous mode [ 569.941237][T14913] Bluetooth: hci1: command tx timeout [ 571.005436][T14980] team0 (unregistering): Port device team_slave_1 removed [ 571.122091][T14980] team0 (unregistering): Port device team_slave_0 removed [ 572.038086][T14913] Bluetooth: hci1: command tx timeout [ 573.800819][T17593] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 573.825886][T17593] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 573.845928][T17593] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 573.873129][T17593] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 574.065190][T17593] 8021q: adding VLAN 0 to HW filter on device bond0 [ 574.083740][T14913] Bluetooth: hci1: command tx timeout [ 574.190759][T17593] 8021q: adding VLAN 0 to HW filter on device team0 [ 574.252838][T17847] netlink: 252 bytes leftover after parsing attributes in process `syz.4.3935'. [ 574.277175][T15253] bridge0: port 1(bridge_slave_0) entered blocking state [ 574.284473][T15253] bridge0: port 1(bridge_slave_0) entered forwarding state [ 574.412444][T15262] bridge0: port 2(bridge_slave_1) entered blocking state [ 574.419618][T15262] bridge0: port 2(bridge_slave_1) entered forwarding state [ 575.003087][T17593] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 575.299918][T17593] veth0_vlan: entered promiscuous mode [ 575.415948][T17593] veth1_vlan: entered promiscuous mode [ 575.535944][T17593] veth0_macvtap: entered promiscuous mode [ 575.574075][T17593] veth1_macvtap: entered promiscuous mode [ 575.637956][T17593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 575.678924][T17593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 575.703499][T17593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 575.718561][T17593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 575.736091][T17593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 575.760979][T17593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 575.781784][T17593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 575.804807][T17593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 575.827302][T17593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 575.849592][T17593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 575.876799][T17593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 575.918838][T17593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 575.945306][T17593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 575.957982][T17593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 575.990782][T17593] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 576.045571][T17593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.092041][T17593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.123704][T17593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.158819][T17593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.188526][T17593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.234942][T17593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.268299][T17593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.302731][T17593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.340166][T17593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.373274][T17593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.407940][T17593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.437227][T17593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.467199][T17593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.520224][T17593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.543919][T17593] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 576.590175][T17593] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.612508][T17593] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.631294][T17593] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.660633][T17593] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.858526][T14912] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 576.885474][T14912] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 576.947243][T14980] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 576.972577][T14980] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 577.045640][T17981] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3991'. [ 577.800713][T15430] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 577.814258][T15430] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 577.834616][T15430] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 577.855855][T15430] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 577.870417][T15430] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 577.877790][T15430] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 577.963759][T17996] binder: 17990:17996 ioctl 40046210 800000000000003 returned -14 [ 578.196463][T14980] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 578.464559][T14980] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 578.607669][T18007] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3999'. [ 578.933515][T14980] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 579.114538][T14980] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 579.224018][T17999] chnl_net:caif_netlink_parms(): no params data found [ 579.516361][T17999] bridge0: port 1(bridge_slave_0) entered blocking state [ 579.532704][T17999] bridge0: port 1(bridge_slave_0) entered disabled state [ 579.549798][T17999] bridge_slave_0: entered allmulticast mode [ 579.558515][T17999] bridge_slave_0: entered promiscuous mode [ 579.582535][T17999] bridge0: port 2(bridge_slave_1) entered blocking state [ 579.605818][T17999] bridge0: port 2(bridge_slave_1) entered disabled state [ 579.618006][T17999] bridge_slave_1: entered allmulticast mode [ 579.635827][T17999] bridge_slave_1: entered promiscuous mode [ 579.784607][T17999] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 579.814498][T14980] bridge_slave_1: left allmulticast mode [ 579.836526][T14980] bridge_slave_1: left promiscuous mode [ 579.857302][T14980] bridge0: port 2(bridge_slave_1) entered disabled state [ 579.916629][T14980] bridge_slave_0: left allmulticast mode [ 579.969370][T15430] Bluetooth: hci2: command tx timeout [ 579.976016][T14980] bridge_slave_0: left promiscuous mode [ 579.983440][T14980] bridge0: port 1(bridge_slave_0) entered disabled state [ 580.037551][T18030] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 580.128762][T18030] CIFS mount error: No usable UNC path provided in device string! [ 580.128762][T18030] [ 580.163345][T18030] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 580.766794][T18053] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4008'. [ 581.370686][T14980] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 581.401329][T14980] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 581.426491][T14980] bond0 (unregistering): Released all slaves [ 581.469820][T17999] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 581.719478][T17999] team0: Port device team_slave_0 added [ 581.763024][T17999] team0: Port device team_slave_1 added [ 581.984578][T17999] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 581.985145][T18077] program syz.3.4013 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 581.998369][T17999] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 582.039055][T14913] Bluetooth: hci2: command tx timeout [ 582.084592][T17999] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 582.214103][T18081] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 582.246306][T18081] CPU: 0 UID: 0 PID: 18081 Comm: syz.4.4015 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 582.257135][T18081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 582.267218][T18081] Call Trace: [ 582.270522][T18081] [ 582.273475][T18081] dump_stack_lvl+0x16c/0x1f0 [ 582.278192][T18081] sysfs_warn_dup+0x7f/0xa0 [ 582.282737][T18081] sysfs_do_create_link_sd+0x124/0x140 [ 582.288252][T18081] sysfs_create_link+0x61/0xc0 [ 582.293070][T18081] device_add+0x62e/0x1a70 [ 582.297518][T18081] ? __pfx_device_add+0x10/0x10 [ 582.302397][T18081] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 582.308334][T18081] ? ieee80211_set_bitrate_flags+0x249/0x6a0 [ 582.314359][T18081] wiphy_register+0x1c7a/0x2860 [ 582.319247][T18081] ? netdev_run_todo+0x837/0x12d0 [ 582.324316][T18081] ? __pfx_wiphy_register+0x10/0x10 [ 582.329574][T18081] ieee80211_register_hw+0x2951/0x3fa0 [ 582.335089][T18081] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 582.341365][T18081] ? net_generic+0xea/0x2a0 [ 582.345914][T18081] ? lockdep_init_map_type+0x16d/0x7d0 [ 582.351408][T18081] ? rcu_is_watching+0x12/0xc0 [ 582.356216][T18081] ? trace_hrtimer_init+0x1a6/0x230 [ 582.361451][T18081] ? __hrtimer_init+0x106/0x2c0 [ 582.366343][T18081] mac80211_hwsim_new_radio+0x2c47/0x56c0 [ 582.372130][T18081] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 582.378243][T18081] ? hwsim_new_radio_nl+0x9ff/0x12b0 [ 582.383580][T18081] hwsim_new_radio_nl+0xb42/0x12b0 [ 582.388735][T18081] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 582.394337][T18081] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 582.401749][T18081] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 582.409167][T18081] genl_family_rcv_msg_doit+0x202/0x2f0 [ 582.414750][T18081] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 582.420847][T18081] ? genl_get_cmd+0x195/0x580 [ 582.425544][T18081] ? bpf_lsm_capable+0x9/0x10 [ 582.430235][T18081] ? security_capable+0x7e/0x260 [ 582.435192][T18081] ? ns_capable+0xd7/0x110 [ 582.439619][T18081] genl_rcv_msg+0x565/0x800 [ 582.444137][T18081] ? __pfx_genl_rcv_msg+0x10/0x10 [ 582.449173][T18081] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 582.454746][T18081] netlink_rcv_skb+0x165/0x410 [ 582.459522][T18081] ? __pfx_genl_rcv_msg+0x10/0x10 [ 582.464555][T18081] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 582.469857][T18081] ? down_read+0xc9/0x330 [ 582.474195][T18081] ? __pfx_down_read+0x10/0x10 [ 582.478969][T18081] ? netlink_deliver_tap+0x1ae/0xca0 [ 582.484266][T18081] genl_rcv+0x28/0x40 [ 582.488255][T18081] netlink_unicast+0x53c/0x7f0 [ 582.493034][T18081] ? __pfx_netlink_unicast+0x10/0x10 [ 582.498326][T18081] ? __phys_addr_symbol+0x30/0x80 [ 582.503361][T18081] ? __check_object_size+0x488/0x710 [ 582.508662][T18081] netlink_sendmsg+0x8b8/0xd70 [ 582.513432][T18081] ? __pfx_netlink_sendmsg+0x10/0x10 [ 582.518736][T18081] ____sys_sendmsg+0x9ae/0xb40 [ 582.523504][T18081] ? copy_msghdr_from_user+0x10b/0x160 [ 582.528975][T18081] ? __pfx_____sys_sendmsg+0x10/0x10 [ 582.534285][T18081] ___sys_sendmsg+0x135/0x1e0 [ 582.538976][T18081] ? __pfx____sys_sendmsg+0x10/0x10 [ 582.544200][T18081] ? __pfx_lock_release+0x10/0x10 [ 582.549225][T18081] ? trace_lock_acquire+0x14e/0x1f0 [ 582.554449][T18081] ? __fget_files+0x206/0x3a0 [ 582.559145][T18081] __sys_sendmsg+0x16e/0x220 [ 582.563752][T18081] ? __pfx___sys_sendmsg+0x10/0x10 [ 582.568873][T18081] ? __x64_sys_futex+0x1e1/0x4c0 [ 582.573843][T18081] do_syscall_64+0xcd/0x250 [ 582.578358][T18081] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 582.584259][T18081] RIP: 0033:0x7f82bc185d29 [ 582.588676][T18081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 582.608289][T18081] RSP: 002b:00007f82bcfb3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 582.616708][T18081] RAX: ffffffffffffffda RBX: 00007f82bc375fa0 RCX: 00007f82bc185d29 [ 582.624681][T18081] RDX: 0000000004000800 RSI: 0000000020000e00 RDI: 0000000000000003 [ 582.632654][T18081] RBP: 00007f82bc201aa8 R08: 0000000000000000 R09: 0000000000000000 [ 582.640625][T18081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 582.648598][T18081] R13: 0000000000000000 R14: 00007f82bc375fa0 R15: 00007fffa1e16ca8 [ 582.656591][T18081] [ 582.751885][T17999] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 582.764602][T17999] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 582.794375][T17999] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 583.315265][T17999] hsr_slave_0: entered promiscuous mode [ 583.395938][T17999] hsr_slave_1: entered promiscuous mode [ 583.470263][T17999] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 583.480615][T17999] Cannot create hsr debugfs directory [ 584.068343][T14980] hsr_slave_0: left promiscuous mode [ 584.088918][T14980] hsr_slave_1: left promiscuous mode [ 584.107573][T14913] Bluetooth: hci2: command tx timeout [ 584.163518][T14980] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 584.217016][T14980] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 584.250054][T14980] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 584.270900][T14980] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 584.366173][T14980] veth1_macvtap: left promiscuous mode [ 584.371759][T14980] veth0_macvtap: left promiscuous mode [ 584.391535][T14980] veth1_vlan: left promiscuous mode [ 584.397107][T14980] veth0_vlan: left promiscuous mode [ 585.660006][T14980] team0 (unregistering): Port device team_slave_1 removed [ 585.776478][T14980] team0 (unregistering): Port device team_slave_0 removed [ 586.182468][T14913] Bluetooth: hci2: command tx timeout [ 586.558852][T18137] binder: 18136:18137 ioctl c0105512 1 returned -22 [ 587.573118][T17999] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 587.593281][T17999] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 587.605359][T17999] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 587.643093][T17999] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 587.929653][T17999] 8021q: adding VLAN 0 to HW filter on device bond0 [ 587.990448][T17999] 8021q: adding VLAN 0 to HW filter on device team0 [ 588.044223][T18190] netlink: 4064 bytes leftover after parsing attributes in process `syz.0.4031'. [ 588.079234][T15261] bridge0: port 1(bridge_slave_0) entered blocking state [ 588.086350][T15261] bridge0: port 1(bridge_slave_0) entered forwarding state [ 588.138561][T15261] bridge0: port 2(bridge_slave_1) entered blocking state [ 588.145705][T15261] bridge0: port 2(bridge_slave_1) entered forwarding state [ 588.327616][T18198] MTRR 1 not used [ 588.357434][T18198] misc userio: No port type given on /dev/userio [ 588.687176][T17999] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 588.800392][T17999] veth0_vlan: entered promiscuous mode [ 588.848829][T17999] veth1_vlan: entered promiscuous mode [ 588.929760][T17999] veth0_macvtap: entered promiscuous mode [ 588.934241][T18213] ima: policy update failed [ 588.955024][T17999] veth1_macvtap: entered promiscuous mode [ 588.983476][ T29] audit: type=1802 audit(4294980344.998:23): pid=18213 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.4035" res=0 errno=0 [ 589.011068][T17999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 589.083100][T17999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 589.137379][T17999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 589.171049][T17999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 589.200363][T17999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 589.230683][T17999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 589.262821][T17999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 589.296834][T17999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 589.340470][T17999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 589.362981][T17999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 589.400072][T17999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 589.439769][T17999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 589.479595][T17999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 589.509384][T17999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 589.536960][T17999] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 589.584083][T17999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 589.618749][T17999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 589.640023][T17999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 589.657035][T17999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 589.691813][T17999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 589.728169][T17999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 589.757284][T17999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 589.788686][T17999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 589.807942][T17999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 589.823130][T17999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 589.841329][T17999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 589.858931][T17999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 589.877445][T17999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 589.895361][T17999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 589.918838][T17999] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 589.983645][T17999] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 590.018896][T17999] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 590.048273][T17999] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 590.066412][T17999] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 590.281070][T15253] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 590.301144][T15253] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 590.382576][T14980] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 590.409014][T14980] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 590.985103][T18277] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4045'. [ 591.169170][T18277] team0: Port device team_slave_0 removed [ 591.759613][T18291] Process accounting resumed [ 593.461854][T18339] Process accounting resumed [ 594.858228][T18374] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4069'. [ 595.206213][T18380] netlink: 'syz.0.4071': attribute type 1 has an invalid length. [ 595.272077][T18380] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 596.428507][T18400] netlink: 'syz.4.4077': attribute type 12 has an invalid length. [ 596.436589][T18400] netlink: 252 bytes leftover after parsing attributes in process `syz.4.4077'. [ 596.447822][T18398] netlink: 'syz.4.4077': attribute type 12 has an invalid length. [ 596.463083][T18398] netlink: 252 bytes leftover after parsing attributes in process `syz.4.4077'. [ 596.482583][T18400] netlink: 'syz.4.4077': attribute type 12 has an invalid length. [ 596.490689][T18400] netlink: 252 bytes leftover after parsing attributes in process `syz.4.4077'. [ 596.725233][T18420] netlink: 'syz.0.4081': attribute type 1 has an invalid length. [ 597.656329][T18441] Invalid ELF header magic: != ELF [ 598.458418][T18468] netlink: 334 bytes leftover after parsing attributes in process `syz.4.4091'. [ 598.891029][T18478] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4092'. [ 598.900283][T18478] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 598.970571][T18459] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4089'. [ 600.480409][T18539] netlink: 'syz.0.4105': attribute type 10 has an invalid length. [ 600.529131][T18537] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 600.754871][T18550] openvswitch: netlink: Message has 388 unknown bytes. [ 600.924634][T18553] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4108'. [ 601.427129][T18569] nbd: must specify at least one socket [ 601.623110][T18576] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4114'. [ 601.660281][T18576] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 602.219381][T18587] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4117'. [ 603.788612][T18636] netlink: 'syz.3.4130': attribute type 2 has an invalid length. [ 604.564085][T18652] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4135'. [ 604.732608][T18660] erspan0: entered allmulticast mode [ 605.367720][T18659] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 605.378610][T18659] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 605.414643][T18659] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 605.431300][T18659] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 605.446310][T18659] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 605.468334][T18659] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 605.493023][T18659] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 605.499615][T18659] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 605.514719][T18659] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 606.704855][T18697] nbd: illegal input index -33554433 [ 606.789633][T14913] Bluetooth: hci0: command 0x0c1a tx timeout [ 607.144256][T18003] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 607.158223][T18003] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 607.166569][T18003] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 607.175975][T18003] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 607.183795][T18003] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 607.198548][T18003] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 607.432395][T18003] Bluetooth: hci1: command 0x0c1a tx timeout [ 607.506134][T18003] Bluetooth: hci2: command 0x0c1a tx timeout [ 607.533086][T18709] erspan0: entered allmulticast mode [ 607.912426][T18703] chnl_net:caif_netlink_parms(): no params data found [ 608.030861][T18703] bridge0: port 1(bridge_slave_0) entered blocking state [ 608.048535][T18703] bridge0: port 1(bridge_slave_0) entered disabled state [ 608.063371][T18703] bridge_slave_0: entered allmulticast mode [ 608.088482][T18703] bridge_slave_0: entered promiscuous mode [ 608.122661][T18703] bridge0: port 2(bridge_slave_1) entered blocking state [ 608.132730][T18703] bridge0: port 2(bridge_slave_1) entered disabled state [ 608.164085][T18703] bridge_slave_1: entered allmulticast mode [ 608.171341][T18703] bridge_slave_1: entered promiscuous mode [ 608.249943][T18703] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 608.270362][T18703] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 608.448712][T18703] team0: Port device team_slave_0 added [ 608.486288][T18703] team0: Port device team_slave_1 added [ 608.678914][T18703] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 608.693989][T18703] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 608.720001][ C1] vkms_vblank_simulate: vblank timer overrun [ 608.769253][T18703] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 608.820745][T18703] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 608.827727][T18703] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 608.853656][ C1] vkms_vblank_simulate: vblank timer overrun [ 608.858982][T18003] Bluetooth: hci0: command 0x0c1a tx timeout [ 608.928472][T18703] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 609.219062][T18703] hsr_slave_0: entered promiscuous mode [ 609.257249][T18003] Bluetooth: hci3: command tx timeout [ 609.265285][T18703] hsr_slave_1: entered promiscuous mode [ 609.272334][T18703] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 609.280283][T18703] Cannot create hsr debugfs directory [ 609.503376][T18003] Bluetooth: hci1: command 0x0c1a tx timeout [ 609.575402][T18003] Bluetooth: hci2: command 0x0c1a tx timeout [ 609.731035][T18703] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 609.755847][T18703] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 609.773741][T18703] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 609.787161][T18703] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 609.936317][T18703] 8021q: adding VLAN 0 to HW filter on device bond0 [ 609.990615][T18703] 8021q: adding VLAN 0 to HW filter on device team0 [ 610.028144][T18416] bridge0: port 1(bridge_slave_0) entered blocking state [ 610.035340][T18416] bridge0: port 1(bridge_slave_0) entered forwarding state [ 610.079135][T15258] bridge0: port 2(bridge_slave_1) entered blocking state [ 610.086332][T15258] bridge0: port 2(bridge_slave_1) entered forwarding state [ 610.513931][T18703] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 610.929569][T18003] Bluetooth: hci0: command 0x0c1a tx timeout [ 611.036841][T18703] veth0_vlan: entered promiscuous mode [ 611.095080][T18703] veth1_vlan: entered promiscuous mode [ 611.179043][T18703] veth0_macvtap: entered promiscuous mode [ 611.204247][T18703] veth1_macvtap: entered promiscuous mode [ 611.256885][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 611.290612][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.312016][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 611.326264][T18003] Bluetooth: hci3: command tx timeout [ 611.340417][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.363396][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 611.396914][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.437448][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 611.462880][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.505073][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 611.516652][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.545408][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 611.566211][T18003] Bluetooth: hci1: command 0x0c1a tx timeout [ 611.584446][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.624318][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 611.650655][T18003] Bluetooth: hci2: command 0x0c1a tx timeout [ 611.662914][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.703308][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 611.743822][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.785126][T18703] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 611.825629][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 611.864371][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.886571][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 611.905077][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.931014][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 611.951106][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.973615][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 612.002576][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.031095][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 612.052348][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.062683][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 612.081933][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.093455][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 612.112091][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.131826][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 612.151630][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.173260][T18703] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 612.199193][T18703] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 612.239504][T18703] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 612.270890][T18703] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 612.302623][T18703] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 612.485391][T15253] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 612.513682][T15253] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 612.563391][T18416] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 612.571415][T18416] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 612.921753][T18830] svc: failed to register nfsdv3 RPC service (errno 111). [ 612.962442][T18830] svc: failed to register nfsaclv3 RPC service (errno 111). [ 613.144976][T18834] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4175'. [ 613.178428][T18003] Bluetooth: hci2: ISO packet for unknown connection handle 0 [ 613.195126][T18834] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4175'. [ 613.213302][T18829] svc: failed to register nfsdv3 RPC service (errno 111). [ 613.230311][T18829] svc: failed to register nfsaclv3 RPC service (errno 111). [ 613.395339][T18003] Bluetooth: hci3: command tx timeout [ 613.876519][T18836] syz.2.4176 (18836) used greatest stack depth: 19584 bytes left [ 614.063878][T18872] Invalid ELF header magic: != ELF [ 614.192063][T18881] netlink: 266 bytes leftover after parsing attributes in process `syz.2.4183'. [ 614.234685][T18881] IPv6: NLM_F_CREATE should be specified when creating new route [ 615.285515][T18897] netlink: 342 bytes leftover after parsing attributes in process `syz.4.4186'. [ 615.479906][T18003] Bluetooth: hci3: command tx timeout [ 615.639946][T18908] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4187'. [ 616.393601][T18931] Invalid ELF header magic: != ELF [ 616.631517][T18943] openvswitch: netlink: Duplicate key (type 15). [ 617.401752][T18969] netlink: 85 bytes leftover after parsing attributes in process `syz.2.4200'. [ 617.440521][T18965] Invalid input. Must be >= 4608 [ 617.905346][T18974] zswap: compressor not available [ 618.078345][T19002] netlink: 252 bytes leftover after parsing attributes in process `syz.4.4204'. [ 619.246615][ T29] audit: type=1807 audit(4294967325.497:24): UNKNOWN=$%=Hw#_>j res=0 [ 619.274782][ T29] audit: type=1802 audit(4294967325.507:25): pid=19033 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.3.4214" res=0 errno=0 [ 619.331175][T19032] ima: policy update failed [ 619.336722][T19042] can: request_module (can-proto-5) failed. [ 619.343503][ T29] audit: type=1802 audit(4294967325.597:26): pid=19032 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.4214" res=0 errno=0 [ 621.733830][T19113] syz.3.4231 (19113): attempted to duplicate a private mapping with mremap. This is not supported. [ 622.099307][T19120] netlink: 'syz.3.4233': attribute type 46 has an invalid length. [ 622.511627][T19122] binder: 19121:19122 ioctl fe 9 returned -22 [ 622.741852][T19136] binder: 19121:19136 ioctl fe 9 returned -22 [ 623.028741][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 623.035685][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.706683][ T29] audit: type=1800 audit(4294967332.001:27): pid=19202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.4254" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 628.921971][T19274] openvswitch: netlink: Key type 146 is out of range max 32 [ 629.340978][T19280] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4269'. [ 629.401599][T19280] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4269'. [ 629.442159][T19280] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4269'. [ 629.473667][T19280] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4269'. [ 629.995299][T19280] netlink: 98 bytes leftover after parsing attributes in process `syz.2.4269'. [ 632.141630][T19343] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4281'. [ 636.352110][T19372] binder: BINDER_SET_CONTEXT_MGR already set [ 636.375591][T19372] binder: 19371:19372 ioctl 4018620d 9 returned -16 [ 636.998796][T19384] cifs: Unknown parameter 'SL'˗3`ڦ7?t~2+~+LTt_?Ɖ* -c#t+' [ 637.037760][T19386] kafs: addr_prefs: Invalid Command [ 637.211362][T19399] bridge0: port 3(veth1_to_hsr) entered blocking state [ 637.239048][T19399] bridge0: port 3(veth1_to_hsr) entered disabled state [ 637.257301][T19399] veth1_to_hsr: entered allmulticast mode [ 637.319004][T19399] veth1_to_hsr: entered promiscuous mode [ 637.369580][T19399] bridge0: port 3(veth1_to_hsr) entered blocking state [ 637.376666][T19399] bridge0: port 3(veth1_to_hsr) entered forwarding state [ 643.638512][T19524] Process accounting resumed [ 643.899348][T19530] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4326'. [ 645.800202][T19568] smc: net device syz_tun erased user defined pnetid ETHTOOL [ 646.109244][T19582] netlink: zone id is out of range [ 646.118938][T19582] netlink: zone id is out of range [ 646.124144][T19582] netlink: zone id is out of range [ 646.174674][T19582] netlink: zone id is out of range [ 646.179830][T19582] netlink: zone id is out of range [ 646.201191][T19582] netlink: zone id is out of range [ 646.228493][T19582] netlink: zone id is out of range [ 646.233655][T19582] netlink: zone id is out of range [ 646.271715][T19582] netlink: zone id is out of range [ 646.284139][T19582] netlink: zone id is out of range [ 646.479209][T19595] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4345'. [ 649.447232][T19672] Process accounting resumed [ 649.670432][T19683] netlink: 'syz.4.4361': attribute type 4 has an invalid length. [ 650.050580][T19697] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4362'. [ 653.713795][ T29] audit: type=1804 audit(4294967360.156:28): pid=19771 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.4378" name="/newroot/sys/kernel/tracing/error_log" dev="tracefs" ino=181 res=1 errno=0 [ 654.871448][T19801] erspan0: entered allmulticast mode [ 656.292004][ T29] audit: type=1800 audit(4294967362.740:29): pid=19835 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4393" name="features" dev="configfs" ino=70237 res=0 errno=0 [ 658.203357][T19888] debugfs: Directory '!PjE r҄y*"l-y–L̓]' with parent 'ieee80211' already present! [ 660.112988][T19920] Invalid ELF header magic: != ELF [ 661.307904][T19945] zero sized request [ 661.929247][T19951] debugfs: Directory '!PjE r҄y*"l-y–L̓]' with parent 'ieee80211' already present! [ 662.595323][T19972] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4431'. [ 662.798235][T19981] netlink: 'syz.2.4433': attribute type 9 has an invalid length. [ 663.555805][T19992] Invalid ELF header magic: != ELF [ 665.386557][T20009] debugfs: Directory '!PjE r҄y*"l-y–L̓]' with parent 'ieee80211' already present! [ 666.315385][T20019] netlink: 'syz.4.4442': attribute type 9 has an invalid length. [ 666.540078][T20025] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4444'. [ 666.654155][T20031] netlink: 'syz.4.4444': attribute type 46 has an invalid length. [ 667.092602][T20037] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4448'. [ 667.820475][T20053] Invalid ELF header magic: != ELF [ 668.442581][T20056] ------------[ cut here ]------------ [ 668.448532][T20056] WARNING: CPU: 1 PID: 20056 at mm/page_alloc.c:4727 __alloc_pages_noprof+0xeff/0x25b0 [ 668.458838][T20056] Modules linked in: [ 668.462780][T20056] CPU: 1 UID: 0 PID: 20056 Comm: syz.2.4455 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 668.473747][T20056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 668.483977][T20056] RIP: 0010:__alloc_pages_noprof+0xeff/0x25b0 [ 668.490301][T20056] Code: 24 2c 00 00 00 00 89 cd 0f 84 8b f9 ff ff 8b 34 24 48 89 da 8b 7c 24 08 e8 0e b3 fe ff e9 69 f9 ff ff c6 05 e3 70 16 0e 01 90 <0f> 0b 90 31 db e9 9f f3 ff ff 89 14 24 e8 9f a3 0c 00 8b 14 24 e9 [ 668.510063][T20056] RSP: 0018:ffffc900059b7958 EFLAGS: 00010246 [ 668.516180][T20056] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 668.524388][T20056] RDX: 0000000000000000 RSI: 0000000000000013 RDI: 0000000000040cc0 [ 668.532724][T20056] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 668.541091][T20056] R10: 0000000080000000 R11: 0000000000000001 R12: 0000000000000013 [ 668.549531][T20056] R13: 0000000000040cc0 R14: 1ffff92000b36f3f R15: 00000000ffffffff [ 668.557547][T20056] FS: 00007fc2ee6636c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 668.566697][T20056] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 668.573581][T20056] CR2: 000000110c67b07a CR3: 0000000029c1e000 CR4: 00000000003526f0 [ 668.581698][T20056] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 668.589912][T20056] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 668.598032][T20056] Call Trace: [ 668.601346][T20056] [ 668.604307][T20056] ? __warn+0xea/0x3c0 [ 668.608507][T20056] ? __alloc_pages_noprof+0xeff/0x25b0 [ 668.614026][T20056] ? report_bug+0x3c0/0x580 [ 668.618690][T20056] ? handle_bug+0x54/0xa0 [ 668.623073][T20056] ? exc_invalid_op+0x17/0x50 [ 668.628291][T20056] ? asm_exc_invalid_op+0x1a/0x20 [ 668.633919][T20056] ? __alloc_pages_noprof+0xeff/0x25b0 [ 668.639674][T20056] ? hlock_class+0x4e/0x130 [ 668.644231][T20056] ? mark_lock+0xb5/0xc60 [ 668.648713][T20056] ? __pfx_mark_lock+0x10/0x10 [ 668.653529][T20056] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 668.659358][T20056] ? trace_lock_acquire+0x14e/0x1f0 [ 668.664614][T20056] ? hlock_class+0x4e/0x130 [ 668.669219][T20056] ? __lock_acquire+0x15a9/0x3c40 [ 668.674307][T20056] ___kmalloc_large_node+0x84/0x1b0 [ 668.679600][T20056] __kmalloc_large_node_noprof+0x1c/0x70 [ 668.685395][T20056] __kmalloc_node_track_caller_noprof.cold+0x5/0x5f [ 668.692093][T20056] ? bitmap_parse_user+0x24/0x90 [ 668.697093][T20056] memdup_user_nul+0x2b/0x110 [ 668.701898][T20056] bitmap_parse_user+0x24/0x90 [ 668.706720][T20056] tracing_cpumask_write+0xfc/0x1a0 [ 668.712162][T20056] ? __pfx_tracing_cpumask_write+0x10/0x10 [ 668.718081][T20056] ? ksys_write+0x12b/0x250 [ 668.722642][T20056] ? __pfx_tracing_cpumask_write+0x10/0x10 [ 668.728555][T20056] vfs_write+0x24c/0x1150 [ 668.733196][T20056] ? __fget_files+0x1fc/0x3a0 [ 668.738274][T20056] ? __pfx___mutex_lock+0x10/0x10 [ 668.743358][T20056] ? __pfx_vfs_write+0x10/0x10 [ 668.748221][T20056] ? __fget_files+0x206/0x3a0 [ 668.752950][T20056] ksys_write+0x12b/0x250 [ 668.757367][T20056] ? __pfx_ksys_write+0x10/0x10 [ 668.762270][T20056] do_syscall_64+0xcd/0x250 [ 668.766824][T20056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 668.772911][T20056] RIP: 0033:0x7fc2ed785d29 [ 668.777436][T20056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 668.797272][T20056] RSP: 002b:00007fc2ee663038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 668.805731][T20056] RAX: ffffffffffffffda RBX: 00007fc2ed975fa0 RCX: 00007fc2ed785d29 [ 668.813782][T20056] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 668.821853][T20056] RBP: 00007fc2ed801aa8 R08: 0000000000000000 R09: 0000000000000000 [ 668.829930][T20056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 668.838246][T20056] R13: 0000000000000000 R14: 00007fc2ed975fa0 R15: 00007ffca11c8418 [ 668.846269][T20056] [ 668.849650][T20056] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 668.857384][T20056] CPU: 1 UID: 0 PID: 20056 Comm: syz.2.4455 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 668.868172][T20056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 668.878255][T20056] Call Trace: [ 668.881536][T20056] [ 668.884473][T20056] dump_stack_lvl+0x3d/0x1f0 [ 668.889080][T20056] panic+0x71d/0x800 [ 668.892991][T20056] ? __pfx_panic+0x10/0x10 [ 668.897426][T20056] ? show_trace_log_lvl+0x29d/0x3d0 [ 668.902643][T20056] ? __alloc_pages_noprof+0xeff/0x25b0 [ 668.908201][T20056] check_panic_on_warn+0xab/0xb0 [ 668.913155][T20056] __warn+0xf6/0x3c0 [ 668.917066][T20056] ? __alloc_pages_noprof+0xeff/0x25b0 [ 668.922537][T20056] report_bug+0x3c0/0x580 [ 668.926883][T20056] handle_bug+0x54/0xa0 [ 668.931049][T20056] exc_invalid_op+0x17/0x50 [ 668.935562][T20056] asm_exc_invalid_op+0x1a/0x20 [ 668.940443][T20056] RIP: 0010:__alloc_pages_noprof+0xeff/0x25b0 [ 668.946523][T20056] Code: 24 2c 00 00 00 00 89 cd 0f 84 8b f9 ff ff 8b 34 24 48 89 da 8b 7c 24 08 e8 0e b3 fe ff e9 69 f9 ff ff c6 05 e3 70 16 0e 01 90 <0f> 0b 90 31 db e9 9f f3 ff ff 89 14 24 e8 9f a3 0c 00 8b 14 24 e9 [ 668.966575][T20056] RSP: 0018:ffffc900059b7958 EFLAGS: 00010246 [ 668.972655][T20056] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 668.980632][T20056] RDX: 0000000000000000 RSI: 0000000000000013 RDI: 0000000000040cc0 [ 668.988608][T20056] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 668.996588][T20056] R10: 0000000080000000 R11: 0000000000000001 R12: 0000000000000013 [ 669.004562][T20056] R13: 0000000000040cc0 R14: 1ffff92000b36f3f R15: 00000000ffffffff [ 669.012560][T20056] ? hlock_class+0x4e/0x130 [ 669.017083][T20056] ? mark_lock+0xb5/0xc60 [ 669.021430][T20056] ? __pfx_mark_lock+0x10/0x10 [ 669.026212][T20056] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 669.031954][T20056] ? trace_lock_acquire+0x14e/0x1f0 [ 669.037169][T20056] ? hlock_class+0x4e/0x130 [ 669.041680][T20056] ? __lock_acquire+0x15a9/0x3c40 [ 669.046727][T20056] ___kmalloc_large_node+0x84/0x1b0 [ 669.051943][T20056] __kmalloc_large_node_noprof+0x1c/0x70 [ 669.057593][T20056] __kmalloc_node_track_caller_noprof.cold+0x5/0x5f [ 669.064208][T20056] ? bitmap_parse_user+0x24/0x90 [ 669.069174][T20056] memdup_user_nul+0x2b/0x110 [ 669.073863][T20056] bitmap_parse_user+0x24/0x90 [ 669.078651][T20056] tracing_cpumask_write+0xfc/0x1a0 [ 669.083865][T20056] ? __pfx_tracing_cpumask_write+0x10/0x10 [ 669.089682][T20056] ? ksys_write+0x12b/0x250 [ 669.094199][T20056] ? __pfx_tracing_cpumask_write+0x10/0x10 [ 669.100019][T20056] vfs_write+0x24c/0x1150 [ 669.104358][T20056] ? __fget_files+0x1fc/0x3a0 [ 669.109043][T20056] ? __pfx___mutex_lock+0x10/0x10 [ 669.114077][T20056] ? __pfx_vfs_write+0x10/0x10 [ 669.118858][T20056] ? __fget_files+0x206/0x3a0 [ 669.123551][T20056] ksys_write+0x12b/0x250 [ 669.127897][T20056] ? __pfx_ksys_write+0x10/0x10 [ 669.132785][T20056] do_syscall_64+0xcd/0x250 [ 669.137325][T20056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 669.143241][T20056] RIP: 0033:0x7fc2ed785d29 [ 669.147673][T20056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 669.167639][T20056] RSP: 002b:00007fc2ee663038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 669.176236][T20056] RAX: ffffffffffffffda RBX: 00007fc2ed975fa0 RCX: 00007fc2ed785d29 [ 669.184213][T20056] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 669.192193][T20056] RBP: 00007fc2ed801aa8 R08: 0000000000000000 R09: 0000000000000000 [ 669.200166][T20056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 669.208141][T20056] R13: 0000000000000000 R14: 00007fc2ed975fa0 R15: 00007ffca11c8418 [ 669.216127][T20056] [ 669.219437][T20056] Kernel Offset: disabled [ 669.223832][T20056] Rebooting in 86400 seconds..