last executing test programs: 2m53.016118241s ago: executing program 3 (id=2098): mmap$auto(0x0, 0x7f, 0x1, 0xeb1, 0x401, 0x8000) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="010026bd703900dbdf25598c000008000300", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x40010) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0) 2m52.955564346s ago: executing program 3 (id=2099): close_range$auto(0x2, 0xfffffffffffff000, 0x2) io_cancel$auto(0x5, &(0x7f0000000040)={0x7, 0x2, 0x5, 0x1, 0x2, 0xffffffffffffffff, 0xfffffffffffffffa, 0x0, 0x4, 0x0, 0x8}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000034c0), 0xffffffffffffffff) close_range$auto(0x2, 0x8000, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000003700)={0x0, 0x0, &(0x7f00000036c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002bbd7000fb005f005cb6235b23000000045056d5cb"], 0x28}, 0x1, 0x0, 0x0, 0x4880}, 0x0) 2m52.883130505s ago: executing program 3 (id=2100): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x2f2d00, 0x0) r0 = socket(0x10, 0x2, 0x4) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'dummy0\x00'}) r1 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x10a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setrlimit$auto(0x1000000007, 0x0) open_by_handle_at$auto(r1, &(0x7f0000000040)={0x8, 0x2, "0600000000000000"}, 0x2) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00'], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) write$auto(r0, 0x0, 0x2fe) r2 = openat$auto_hsr_node_table_fops_(0xffffffffffffff9c, 0x0, 0x2000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) madvise$auto(0x0, 0xf663, 0x15) pipe2$auto(0x0, 0x80) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x3, 0x2) r3 = socket(0x21, 0x2, 0xa) getsockopt$auto(0x6, 0x110, 0x6, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0xc, 0x1000009c0f, 0x44eb2, 0x10006, 0x300000000000) write$auto(0x3, 0x0, 0xfffffdef) close_range$auto(r3, r2, 0x4a6) lremovexattr$auto(0x0, &(0x7f00000000c0)='/dev/ram7\x00') 2m51.541189153s ago: executing program 3 (id=2102): socket$nl_generic(0x10, 0x3, 0x10) fanotify_init$auto(0x65, 0x2) pipe$auto(&(0x7f0000000080)) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) write$auto(0x6, 0x0, 0x100000001) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) 2m50.562886329s ago: executing program 3 (id=2108): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) rseq$auto(&(0x7f0000000300)={0x0, 0x9, 0x0, 0x4, 0xffffffff, 0xfffffffe}, 0x8000, 0x0, 0x3) shmdt$auto(0x0) madvise$auto(0x0, 0x3, 0x15) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) 2m49.957209053s ago: executing program 3 (id=2112): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r0 = socket(0x11, 0x800000003, 0x0) socket(0x3, 0x2, 0x88) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) syncfs$auto(r0) 2m49.61789094s ago: executing program 32 (id=2112): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r0 = socket(0x11, 0x800000003, 0x0) socket(0x3, 0x2, 0x88) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) syncfs$auto(r0) 2.648386571s ago: executing program 2 (id=2874): mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) umount2$auto(&(0x7f0000000040)='.\x00', 0x4) mount$auto(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\x83\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)\x1f\xbby\xe5\xc4w\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0Z>\xe1=\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x00'/192, 0x4, 0x0) 2.57256849s ago: executing program 4 (id=2875): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x6, 0x0) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x6b) connect$auto(0x3, &(0x7f00000000c0), 0x55) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, 0x0, 0x2000c041) r1 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000080), 0x6b) connect$auto(r0, &(0x7f00000000c0), 0x55) sendto$auto(r1, 0x0, 0xb, 0x5, &(0x7f0000000240), 0xc8e) socket(0x15, 0x5, 0x0) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, 0x0, 0x40) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x8040) 2.479033538s ago: executing program 2 (id=2876): r0 = openat$auto_fops_u16_(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/netdevsim/netdevsim4/psample/out_tc\x00', 0x40000, 0x0) read$auto_fops_u16_(r0, &(0x7f0000000ac0)=""/4096, 0x1000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 2.369774329s ago: executing program 4 (id=2878): openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x80800, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) sendfile$auto(0x6, 0x3, 0x0, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x19) munmap$auto(0x20001000, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x21, 0x2, 0x2) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0xfffffffffffffffe, 0x8, 0x8003, 0xeb3, 0xfffffffffffffff9, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) timer_create$auto(0x3, 0x0, &(0x7f0000000140)=0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) timer_settime$auto(0x0, 0xffff8000, &(0x7f00000000c0)={{0xf, 0x10007}, {0x0, 0x800}}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x3, 0xa) lsm_list_modules$auto(0x0, &(0x7f0000000100)=0xbefc, 0x0) ioctl$auto(0x1, 0x89a0, 0x8) read$auto(0x3, 0x0, 0x400000) 2.304056921s ago: executing program 2 (id=2879): kcmp$auto(0x1, 0x5, 0x0, 0x0, 0x10001) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) read$auto_aoe_fops_aoechr(0xffffffffffffffff, 0x0, 0x0) 2.130337713s ago: executing program 2 (id=2880): openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x80800, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) sendfile$auto(0x6, 0x3, 0x0, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x19) munmap$auto(0x20001000, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x21, 0x2, 0x2) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0xfffffffffffffffe, 0x8, 0x8003, 0xeb3, 0xfffffffffffffff9, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) timer_create$auto(0x3, 0x0, &(0x7f0000000140)=0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) timer_settime$auto(0x0, 0xffff8000, &(0x7f00000000c0)={{0xf, 0x10007}, {0x0, 0x800}}, 0x0) socket(0x2, 0x3, 0xa) read$auto(0x3, 0x0, 0x400000) 1.779060042s ago: executing program 0 (id=2883): openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs1\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) 1.621494696s ago: executing program 0 (id=2884): openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer1\x00', 0x40080, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto(0x3, 0x8004551e, 0x38) 1.476812503s ago: executing program 1 (id=2885): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty60\x00', 0x101002, 0x0) bpf$auto(0x3, &(0x7f0000000140)=@raw_tracepoint={0x7, 0xffffffffffffffff, 0x0, 0xf}, 0x1) write$auto(r0, &(0x7f00000000c0)='/dev/qrtr-tun\x00', 0x127) 1.318963422s ago: executing program 4 (id=2886): socket(0xa, 0x2, 0x3a) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/dfscache\x00', 0x40080, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000280)=""/65, 0x41) 1.307584197s ago: executing program 1 (id=2887): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capset$auto(0x0, 0x0) capget$auto(0x0, &(0x7f0000000180)={0x100ea69, 0xb, 0x1}) 1.213163021s ago: executing program 4 (id=2888): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), r0) sendmsg$auto_MACSEC_CMD_UPD_RXSC(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x14, r1, 0x1, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x5}, 0x2000c080) 1.117811744s ago: executing program 1 (id=2889): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mincore$auto(0x1000, 0x8001, 0x0) fcntl$auto(0x8000000000000001, 0x26, 0x8) mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x401, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) mprotect$auto(0x0, 0x4, 0x4) r0 = socket(0x1d, 0x2, 0x7) getsockopt$auto(r0, 0x6b, 0x3, 0xfffffffffffffffe, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00', @ANYBLOB="00211459a600fbdbdf2502000000080003"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103) open(&(0x7f0000000000)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00', 0x8000, 0x50) open(&(0x7f0000000280)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00', 0x20102, 0x100) mmap$auto(0x87f1, 0x8, 0x10000000000000a, 0xeb1, 0x4, 0x8001) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x9, 0x20f, 0x38fcf92d, 0x10, 0x19a, 0x9) fcntl$auto(0x8000000000000001, 0x26, 0x8) mmap$auto(0xdc3, 0x7fffffffffffffff, 0xe3, 0x9b72, 0x56d, 0x28000) mincore$auto(0x1000, 0x8001, 0x0) 1.103920879s ago: executing program 2 (id=2890): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x500, 0x0) ioctl$auto_TUNSETSNDBUF(r0, 0x400454d4, 0x0) 1.091730744s ago: executing program 0 (id=2891): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x6, 0x0) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x6b) connect$auto(0x3, &(0x7f00000000c0), 0x55) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, 0x0, 0x2000c041) r1 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000080), 0x6b) connect$auto(r0, &(0x7f00000000c0), 0x55) sendto$auto(r1, 0x0, 0xb, 0x5, &(0x7f0000000240), 0xc8e) socket(0x15, 0x5, 0x0) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, 0x0, 0x40) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x8040) 1.083765717s ago: executing program 4 (id=2892): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) setpriority$auto(0x4000000001, 0x100000001, 0x6) madvise$auto(0x0, 0xffffffffffff0005, 0x19) setgroups$auto(0xe32, 0x0) madvise$auto(0x0, 0x53, 0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) pselect6$auto(0x101, &(0x7f0000000080)={[0x6, 0x7, 0xffffffffffffffff, 0x3, 0x1, 0x6, 0x9, 0x7, 0x1, 0x4, 0x9, 0x4, 0x4, 0x7, 0xcb2a, 0x9]}, &(0x7f0000000100)={[0xffff, 0x3, 0xfffffffffffff31a, 0x7, 0x590, 0x8, 0x1d4, 0x4, 0x6, 0x7, 0x5, 0x7, 0x80, 0x8, 0x0, 0x1]}, &(0x7f0000000180)={[0xa9, 0x4, 0x4, 0x1, 0x3, 0x6, 0xcbd0, 0x200000001, 0x1f, 0xfffffffffffffffd, 0x7ff, 0x8000000000000001, 0x4, 0x7f, 0x91, 0x7]}, &(0x7f0000000000)={0x899, 0x5}, &(0x7f0000000200)) r0 = socket(0x15, 0x6, 0x80) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000380), 0xffffffffffffffff) setregid$auto(0x5, 0x6) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket$nl_generic(0x10, 0x3, 0x10) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) process_mrelease$auto(0x4, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000440)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000) mremap$auto(0x1fc000, 0xfee0, 0x3fd6, 0x7, 0xfffff000) ppoll$auto(&(0x7f0000000280)={0xffffffffffffffff, 0x6, 0x9}, 0x9, 0x0, &(0x7f0000000300)={0x7ff}, 0x8) r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) move_pages$auto(r2, 0x1002, 0x0, 0x0, 0x0, 0x2) memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00T\x00'/40, 0x9) fallocate$auto(0x3, 0x0, 0xe, 0x8ec8) finit_module$auto(0x3, 0xfffffffffffffffe, 0x2) sendmsg$auto_NL802154_CMD_SET_CHANNEL(r1, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20040800}, 0x40850) 909.240477ms ago: executing program 1 (id=2893): mmap$auto(0x6, 0x200, 0x7, 0x10, 0x7, 0x5) r0 = openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_marker\x00', 0x1, 0x0) write$auto(0x3, 0x0, 0xfdef) write$auto(r0, &(0x7f0000000040)='/sys/kernel/debug/tracing/trace_marker\x00', 0x7) 741.659527ms ago: executing program 1 (id=2894): munmap$auto(0x20001000, 0x2000000c) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000480)='/dev/sequencer\x00', 0x1, 0x0) write$auto_seq_oss_f_ops_seq_oss(r0, &(0x7f0000000640)="445cc19989fb9c017005441c9085b524b7c0cc9b1a9f4edddfe162b01f9fe8f5adae095ec393ca717c2e4c6a64d1d08a304bb9528310c110129f6c575f67b4582a5f62b8e838fc6962c99765e6f49df32fe5fe58b9a26a37ef5d9c5f4789c742ab66cb019c4301e062dfeb918dbdb211b041bbeb9917bb2bb6c1bc1698a8d82139d84da0968c422c55239a2ed6bde3ec686e5fb78e80ee4c0045438d4f7fce23399079ece10b7e9e60185e97a0676ea0dbb2c14613f246f3089a1d9bbfd3dcc242b13e8ec303971c06b8e20f6f22820a23f0c642d9669ff73d85bf1c393f8d2f3a6755b5f222ee91f7f39c7eda4deaeeab296687a36914ac53eb6af38743eb03339bd94f3d9669adf2058b18648dc7306351ad5aada08450f3278cc2035282941542a4f2d70c1758b45a53fa2e016f57dd89629b5d2b7f5929c73da5f436ba0efec93deb7ccca0795176bb80d2afaea3bddec1d935a7c0fd9f41a3e180d19544b84b76d195ca07c9f88f0ffdf7e7831c01094133518941b5344c6b0771f9bda9af9ea4a571eba33acc91a32fd1240e06f5fc28f8b648b0d51d6efc66dbaaeed0bf3bc186093eaa6d060ef2001c298812c598be6cae0ca8ef5d4141224828f698daae1ffabfad67167dd5b5c3c91a496890ad9b3af588de8b8b58c220464c9695e815223e6800449615315539f5b9c670361fff443114a49c738e42709de97dd192d3360cd0227023c9676339b7d10fe70c2509f13a011dcc19bd447478499e1727ca5457f8b69fd7193dd3a93ee1df99e541713e00d4c85aa04b79b2b7505a09d5e6867440c152cb2b4eb9f56618ca7dbeef37e8c95b5fbe2b3bcc521c75a5f3007e784ad4d2a93102e35e346635f54c0484e69171e4a8e7ab5a3f2e9cdfdc30ca0a6805c61bfabee481b7cfd94284eef568f028b533fbb5d938e90396867c396558b51031b3b2139fb4d3e35b789d1db5bd937b2973769acaa26e3a89e46b3479919a5aafb0ed0ace49d2cedffb3aa7d9959ab9127ad81dd839eb4d6ca23c8341de4d32c638b433af268799dd2a39fe0347cdb0bf574d44db58bea5b8c3dc0000b00ce150afb205b4d226e3d70c8a598354194afe161678bde702230c939451994bb3cdf4d11d2485fbcdb497fb53c208ee0c2ebd97addd5cd85a0de9cb101a003bf66461ef66c04d3cc954ffa23f06333c6d29dd546ea6b696414139521cfe19983f757e330852c3b75330dfe3a50944add826eb59229c588fa56187e9c90b8fa877be9d893d5c41fe546d300c37baba2da5c531467424852226ab06935182b833546df456ad4d2b95b9bbb3452939182631eab8f1b05154439653b4f0bc56692c8f2845313d6e29daa066210c006c3ebbc5ebe3f16521573a5043c89da5ea457d3b0ba4b5b5a5af7c68bd727ba9317f69d6047a770ed2a1ab8c6243cbfaf83ac5ced6ef6ac55353ce58dbce40d6a299bf1cbaeef89e1046f5f46f0ccda46408a34fd8f7662d934d72abcc3d56fc24ff3485a955d25da87c471b14012d903bd72a2d752e012ec20eb2114fc6af3c473a007f2878068cd94e90ad673e7d73d2d969493d4c4d77370d19cff81248392923238a79769cff210f082bcc797efbcdd39904d1dc8a303cd92c39e4426782af4c00e7789265e3dda8bbb10bbe8b160da040a1e6878411a0723f178dc4d1111071ef1b1dc85314d888f7e7d531583929b8907006bd6123b334b277fc89aa3cc1da50bd010ded19e8c868093d46fd3dcb77a6c18c06deaf4aa20e0929864c8c9a5236a5f13fa06a8ede987fff43eeb40e89347907b72c8aad87758fe7dbe1e9b0b6cd41f84a650490f6c208e1bf3a754f333319cb6adb036d5918c4d46a47747dfaa25d6153d08406cc39c0176f79d93d024d664be10a060cce03e0f83f3a2c9483a5dbeccc7b46091bcd58ca13a2b03df746e2d0d72b0b40ac75738473c8d6f727f2b4485462c5351f0f3cdc8ca69ad274d7f07f4a93c0841cddbcc3c7cc4004bbdfc7c26989688d15333922b0528183eb43654868f825311a7110b0adfe91494a0e6a7f3af52ac737b38051dfe0cf2aa9b0659a50d1a6d88fdc28c7b9d7617ed791b65c5fe0fd7c43da13ffe653b5cc6a520e5b8b4a4a5be71cd6394a7db8f7f91d6cf2d27b02356cc9ba10bdd7ce44cda6a39a47ecee9623975432456d28cc35bb1f31f9687edff11dc943d8973752dd46f6872987d32d6a972829eec0a7b30bf81efdbdd0fd5aa7aa5c8c710f31bafb36ae02160875338235f6329318ab58a6d951e1c3efdca8b85b6624c43933665a517bcb5691cf9ad774a8260aea4449fc1401d0c8763b5235a0e47f52182dde9b76cbabae82f513a8cadc793288cb9907fa804552a73c3dcc38f2bdf15808182ee855f6c3974c773f278300d2ed9abb836b6bdd4ff4d274c1c7d94e2e21d06ab3934cb6ccb22d37e107ac939a190af34d3329db364ff2b6e0bba8a145b5a43418db6392e7901cd7a87cbf5666680302cc52cba1c06e28f216982895c4608b58389b03f377e31b747584567ee1cee74034e9c36bee5cc5778e0b6d858a7e96e15da6c1dc931d1bb291691952ee155912a29a47037543709c9673d46e272b8c1e5acc8425dc6c1aa069b1d4e3d9feaa83f0a127eda3819753cc023439214727358d20e1090d4d9d631d47434105adeae9349c49c6305a21c65ce05667617f3a787c16e06baccce4946bfa744ec6c7952780f8d71e7c3288c24c69e14bf30cc6cee66d46624f58b40a41ad3031f81eed8bbd0ad421720aa0674498f197a2822a9102653b43095a357ee9344c4c160418f75d67dba01892e84c471de3393a34ec7fca3eb2746ff7d40f939d7f706e86b95f14df9dcc1c4f1e310be29f6fa9e8ebee45329b3399e6a042642648d69356a9d567a21a3ee9a1ab5328f5d5355fb1f991f09983133c94345553b6d3275cebfc6e73130221bc90995e8da56800a5a3e1c464b1f6d24dbf9e57b96cac1fecdf23853cc7bf57a0dea2866923c191baa843782a933b6fda9117bbeb213579a74a145cf0ac52da718c2d8e80e78b1bd93c00c72f2b23734d04878c5d84094428083345709b149d3ca9268b3ec886e65ef781915d2ffaee26f1660bf7439c74649e646da7384e09522b016c65a7d1f46a2b8548dc39d52bb341a578dcecbefb81e7cc27a5033504b944ad6b1fceb49e6444e3b36e28138a230ea59016249716c205cef3794a83041bab34a147855a70c8779ee84769d6616368c65e588ee2715c43a46e59b110ea286c5a610a3d7577f764c05c69b358e6f116d98d5ad4886f4e69a447c41a75ba632f4a1411fc5818dd00201449d6a6e9b1d96842db4cfccf68a8a6ae162f52b64176b2b4efe202717f77385b2040ba363bbc53170abfa1a360a2e87761eeff29cba008a5c659a7c0f73d2b7102b189e5f88d3fbff89a397930324fa262772e99b6bea11dff32f3306fb4268d11f5c0f00a564a8f3d13ab60e4087b7232851d9d6fbd45330e2b7dbebc8bd3f28d89425c", 0x9c4) 686.813942ms ago: executing program 0 (id=2895): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x1, 0x3, 0x1, 0x2016, 0x200, 0xfffffffffffffffd) bpf$auto(0x20, 0x0, 0x7) r0 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r0, 0x29, 0x11, 0x0, 0x1ff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket(0x26, 0x80805, 0x0) mkdir$auto(&(0x7f0000000180)='!,@\x00', 0x7f) unlink$auto(&(0x7f0000000500)='!,@\x00') syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/ipc\x00') mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) sendmsg$auto_ILA_CMD_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8d1}, 0x4000050) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) execve$auto(&(0x7f0000000040)=':,\x00', 0x0, &(0x7f0000000200)=&(0x7f00000001c0)=':,\x00') socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00', @ANYRES16=0x0], 0x28}, 0x1, 0x0, 0x0, 0x4c894}, 0x4) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYBLOB='^\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bind$auto(0x7, 0x0, 0x3e) mmap$auto(0x5, 0x100000000, 0x7ff, 0x10, 0xff, 0x3) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x4, 0x990) semctl$auto(0x1ff, 0x2, 0x13, 0x1) setsockopt$auto(0x3, 0x2, 0x11, 0x0, 0x6) 627.769743ms ago: executing program 2 (id=2896): openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x80800, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) sendfile$auto(0x6, 0x3, 0x0, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x19) munmap$auto(0x20001000, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x21, 0x2, 0x2) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0xfffffffffffffffe, 0x8, 0x8003, 0xeb3, 0xfffffffffffffff9, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) timer_create$auto(0x3, 0x0, &(0x7f0000000140)=0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) timer_settime$auto(0x0, 0xffff8000, &(0x7f00000000c0)={{0xf, 0x10007}, {0x0, 0x800}}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x3, 0xa) lsm_list_modules$auto(0x0, &(0x7f0000000100)=0xbefc, 0x0) ioctl$auto(0x1, 0x89a0, 0x8) read$auto(0x3, 0x0, 0x400000) 558.06686ms ago: executing program 1 (id=2897): openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x80800, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) sendfile$auto(0x6, 0x3, 0x0, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) socket(0x21, 0x2, 0x2) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) 293.25718ms ago: executing program 0 (id=2898): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) pipe$auto(0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x4040, 0x0) read$auto(r0, 0x0, 0x80000001) 119.213895ms ago: executing program 0 (id=2899): openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x80800, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) sendfile$auto(0x6, 0x3, 0x0, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x19) munmap$auto(0x20001000, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x21, 0x2, 0x2) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0xfffffffffffffffe, 0x8, 0x8003, 0xeb3, 0xfffffffffffffff9, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) timer_create$auto(0x3, 0x0, &(0x7f0000000140)=0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x3, 0xa) read$auto(0x3, 0x0, 0x400000) 0s ago: executing program 4 (id=2900): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) statx$auto(0x2, 0x0, 0x1000, 0xbdfa, 0x0) r0 = socket(0x2b, 0x1, 0x1) setsockopt$auto(r0, 0x29, 0x1b, 0x0, 0x201) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.152' (ED25519) to the list of known hosts. syzkaller login: [ 65.259018][ T5822] cgroup: Unknown subsys name 'net' [ 65.396699][ T5822] cgroup: Unknown subsys name 'cpuset' [ 65.405535][ T5822] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 66.786234][ T5822] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 68.510655][ T5843] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 68.519263][ T5843] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 68.533568][ T5843] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 68.547275][ T5844] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 68.554500][ T5845] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 68.555541][ T5847] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 68.563612][ T5845] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 68.571063][ T5844] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 68.577895][ T5845] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 68.584811][ T5844] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 68.591979][ T5845] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 68.598172][ T5844] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 68.604668][ T5845] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 68.612247][ T5844] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 68.621672][ T5845] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 68.626231][ T5844] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 68.633812][ T5845] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 68.640089][ T5844] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 68.665171][ T5844] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 68.672337][ T55] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 68.680544][ T5844] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 68.688410][ T5844] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 68.698022][ T55] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 68.707888][ T55] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 69.016413][ T5832] chnl_net:caif_netlink_parms(): no params data found [ 69.058072][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 69.160582][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 69.187731][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 69.211784][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.219104][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.229527][ T5832] bridge_slave_0: entered allmulticast mode [ 69.236953][ T5832] bridge_slave_0: entered promiscuous mode [ 69.250836][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.258160][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.265477][ T5832] bridge_slave_1: entered allmulticast mode [ 69.272014][ T5832] bridge_slave_1: entered promiscuous mode [ 69.295580][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.302728][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.310272][ T5834] bridge_slave_0: entered allmulticast mode [ 69.317041][ T5834] bridge_slave_0: entered promiscuous mode [ 69.350474][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.358283][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.365671][ T5834] bridge_slave_1: entered allmulticast mode [ 69.372352][ T5834] bridge_slave_1: entered promiscuous mode [ 69.419882][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.453736][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.476568][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.509400][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.518799][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.528655][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.536305][ T5833] bridge_slave_0: entered allmulticast mode [ 69.543308][ T5833] bridge_slave_0: entered promiscuous mode [ 69.550661][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.558578][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.566397][ T5833] bridge_slave_1: entered allmulticast mode [ 69.573426][ T5833] bridge_slave_1: entered promiscuous mode [ 69.591724][ T5832] team0: Port device team_slave_0 added [ 69.627777][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.635316][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.642487][ T5831] bridge_slave_0: entered allmulticast mode [ 69.649463][ T5831] bridge_slave_0: entered promiscuous mode [ 69.658671][ T5832] team0: Port device team_slave_1 added [ 69.667709][ T5834] team0: Port device team_slave_0 added [ 69.676043][ T5834] team0: Port device team_slave_1 added [ 69.683359][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.698962][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.706220][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.713810][ T5831] bridge_slave_1: entered allmulticast mode [ 69.720515][ T5831] bridge_slave_1: entered promiscuous mode [ 69.744243][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.776578][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.783948][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.811846][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.833914][ T5833] team0: Port device team_slave_0 added [ 69.840296][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.847514][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.873722][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.892330][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.899391][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.925546][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.942902][ T5833] team0: Port device team_slave_1 added [ 69.949039][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.956203][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.982418][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.000228][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.012148][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.063954][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.070932][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.097572][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.112654][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.119790][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.152604][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.168146][ T5831] team0: Port device team_slave_0 added [ 70.194874][ T5831] team0: Port device team_slave_1 added [ 70.219861][ T5834] hsr_slave_0: entered promiscuous mode [ 70.227384][ T5834] hsr_slave_1: entered promiscuous mode [ 70.246353][ T5832] hsr_slave_0: entered promiscuous mode [ 70.253488][ T5832] hsr_slave_1: entered promiscuous mode [ 70.259566][ T5832] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.267733][ T5832] Cannot create hsr debugfs directory [ 70.317072][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.324593][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.351183][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.364057][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.371051][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.397667][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.413317][ T5833] hsr_slave_0: entered promiscuous mode [ 70.419554][ T5833] hsr_slave_1: entered promiscuous mode [ 70.426203][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.433901][ T5833] Cannot create hsr debugfs directory [ 70.551957][ T5831] hsr_slave_0: entered promiscuous mode [ 70.558670][ T5831] hsr_slave_1: entered promiscuous mode [ 70.565606][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.573766][ T5831] Cannot create hsr debugfs directory [ 70.683902][ T55] Bluetooth: hci2: command tx timeout [ 70.683903][ T5844] Bluetooth: hci0: command tx timeout [ 70.756008][ T5832] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 70.765538][ T5844] Bluetooth: hci3: command tx timeout [ 70.765545][ T55] Bluetooth: hci1: command tx timeout [ 70.779096][ T5832] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 70.800649][ T5832] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 70.810698][ T5832] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 70.875107][ T5834] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 70.897826][ T5834] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 70.921917][ T5834] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 70.938582][ T5834] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 70.956681][ T5833] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 70.970208][ T5833] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 70.980282][ T5833] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 71.004314][ T5833] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 71.076907][ T5831] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 71.087350][ T5831] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 71.110505][ T5831] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 71.131277][ T5831] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 71.192136][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.231711][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.261491][ T67] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.268787][ T67] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.284037][ T67] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.291106][ T67] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.308261][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.334043][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.358848][ T67] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.365968][ T67] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.380882][ T67] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.388045][ T67] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.411310][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.468733][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.515529][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.522603][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.538995][ T1080] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.546340][ T1080] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.558385][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.600926][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.640845][ T1080] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.648034][ T1080] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.701428][ T5833] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 71.730020][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.737053][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.754674][ T1080] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.761807][ T1080] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.848787][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.945379][ T5832] veth0_vlan: entered promiscuous mode [ 71.985240][ T5832] veth1_vlan: entered promiscuous mode [ 72.014613][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.080795][ T5832] veth0_macvtap: entered promiscuous mode [ 72.108056][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.148111][ T5832] veth1_macvtap: entered promiscuous mode [ 72.159187][ T5834] veth0_vlan: entered promiscuous mode [ 72.170880][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.201575][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.218588][ T5834] veth1_vlan: entered promiscuous mode [ 72.241789][ T5833] veth0_vlan: entered promiscuous mode [ 72.250032][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.273572][ T5832] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.282484][ T5832] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.292552][ T5832] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.302462][ T5832] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.328771][ T5833] veth1_vlan: entered promiscuous mode [ 72.379280][ T5834] veth0_macvtap: entered promiscuous mode [ 72.391884][ T5831] veth0_vlan: entered promiscuous mode [ 72.414354][ T5834] veth1_macvtap: entered promiscuous mode [ 72.445234][ T5831] veth1_vlan: entered promiscuous mode [ 72.466321][ T5833] veth0_macvtap: entered promiscuous mode [ 72.491829][ T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.493417][ T5833] veth1_macvtap: entered promiscuous mode [ 72.514199][ T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.553730][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.564564][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.576537][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.591589][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.602644][ T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.604675][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.615855][ T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.620884][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.638737][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.650629][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.665659][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.677250][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.689336][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.698911][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.711970][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.723249][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.734439][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.745169][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.763383][ T5844] Bluetooth: hci0: command tx timeout [ 72.772967][ T5844] Bluetooth: hci2: command tx timeout [ 72.780450][ T5833] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.791623][ T5833] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.801226][ T5833] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.811881][ T5833] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.824953][ T5834] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.834629][ T5834] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.843986][ T5844] Bluetooth: hci3: command tx timeout [ 72.849731][ T5834] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.859416][ T5844] Bluetooth: hci1: command tx timeout [ 72.865656][ T5834] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.885374][ T5831] veth0_macvtap: entered promiscuous mode [ 72.900009][ T5832] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 72.937335][ T5831] veth1_macvtap: entered promiscuous mode [ 72.954599][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.982944][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.996131][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.017877][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.027874][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.038419][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.050249][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.077250][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.091826][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.102201][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.115083][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.125392][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.136012][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.149445][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.179960][ T5899] &SR: entered promiscuous mode [ 73.199674][ T5831] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.209550][ T5831] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.219317][ T5831] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.228210][ T5831] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.261850][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.274391][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.379083][ T3445] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.387799][ T3445] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.396396][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.412459][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.480420][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.513247][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.560324][ T1303] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.579705][ T1303] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.630487][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.654025][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.680161][ T5908] Zero length message leads to an empty skb [ 73.865120][ T5908] process 'syz.2.3' launched ':,' with NULL argv: empty string added [ 74.171530][ T5921] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7'. [ 74.844665][ T5844] Bluetooth: hci2: command tx timeout [ 74.847227][ T55] Bluetooth: hci0: command tx timeout [ 74.933356][ T55] Bluetooth: hci1: command tx timeout [ 74.938818][ T55] Bluetooth: hci3: command tx timeout [ 75.049728][ T5939] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 75.303566][ T5948] netlink: 'syz.1.16': attribute type 1 has an invalid length. [ 75.322359][ T5948] nbd: error processing sock list [ 76.936085][ T55] Bluetooth: hci0: command tx timeout [ 76.936132][ T5844] Bluetooth: hci2: command tx timeout [ 77.003860][ T5844] Bluetooth: hci3: command tx timeout [ 77.003877][ T55] Bluetooth: hci1: command tx timeout [ 78.779636][ T6010] netlink: 28 bytes leftover after parsing attributes in process `syz.3.31'. [ 78.807828][ T6010] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode [ 79.134698][ T6013] tipc: Started in network mode [ 79.147674][ T6013] tipc: Node identity ffffffff, cluster identity 4711 [ 79.191536][ T6013] tipc: Node number set to 4294967295 [ 82.024697][ T6051] netlink: 330 bytes leftover after parsing attributes in process `syz.1.45'. [ 82.033930][ T6051] : renamed from wg0 (while UP) [ 82.821266][ T6062] netlink: 4 bytes leftover after parsing attributes in process `syz.1.47'. [ 84.006265][ T6082] sctp: [Deprecated]: syz.0.53 (pid 6082) Use of struct sctp_assoc_value in delayed_ack socket option. [ 84.006265][ T6082] Use struct sctp_sack_info instead [ 84.153089][ T6082] netlink: 28 bytes leftover after parsing attributes in process `syz.0.53'. [ 84.248387][ T6082] netdevsim netdevsim0 netdevsim2: entered allmulticast mode [ 84.604636][ T6088] ubi0: attaching mtd0 [ 84.614371][ T6088] ubi0: scanning is finished [ 84.619032][ T6088] ubi0: empty MTD device detected [ 84.821113][ T6088] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 84.837900][ T6088] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 84.891215][ T6088] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 84.952905][ T6088] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 85.002902][ T6088] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 85.009870][ T6088] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 85.018073][ T6088] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1739977882 [ 85.028255][ T6088] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 85.052884][ T6090] ubi0: background thread "ubi_bgt0d" started, PID 6090 [ 85.552840][ T6100] can0: slcan on ptm0. [ 85.654199][ T6098] can0 (unregistered): slcan off ptm0. [ 87.098585][ T8] cfg80211: failed to load regulatory.db [ 88.704790][ T6120] Invalid ELF header magic: != ELF [ 89.162104][ T6181] netlink: 28 bytes leftover after parsing attributes in process `syz.1.75'. [ 89.183404][ T6181] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 89.250010][ T6182] netlink: 'syz.1.75': attribute type 46 has an invalid length. [ 89.308857][ T6181] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 90.860060][ T6205] aoe: invalid device specification v [ 91.086775][ T6213] netlink: 4 bytes leftover after parsing attributes in process `syz.2.84'. [ 91.330735][ T6218] netlink: 28 bytes leftover after parsing attributes in process `syz.2.85'. [ 92.173764][ T6235] netlink: 'syz.0.91': attribute type 46 has an invalid length. [ 92.531721][ T6251] netlink: 28 bytes leftover after parsing attributes in process `syz.2.98'. [ 93.703150][ T6278] netlink: 338 bytes leftover after parsing attributes in process `syz.0.106'. [ 93.805568][ T6278] Process accounting resumed [ 93.821527][ T6278] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 6278 comm: syz.0.106) [ 93.840057][ T6280] netlink: 4 bytes leftover after parsing attributes in process `syz.2.107'. [ 94.843266][ T6289] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 6289 comm: syz.0.109) [ 95.021768][ T6313] netlink: 4 bytes leftover after parsing attributes in process `syz.0.117'. [ 95.122923][ T6313] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 6313 comm: syz.0.117) [ 95.278678][ T6318] tipc: Started in network mode [ 95.302926][ T6318] tipc: Node identity ee00, cluster identity 4711 [ 95.336650][ T6318] tipc: Node number set to 60928 [ 95.487814][ T6317] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 6317 comm: syz.0.119) [ 95.727022][ T6326] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 6326 comm: syz.0.122) [ 96.262428][ T6332] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 6332 comm: syz.0.124) [ 96.589550][ T6344] netlink: 28 bytes leftover after parsing attributes in process `syz.3.127'. [ 97.314457][ T6339] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 6339 comm: syz.0.126) [ 97.672116][ T6356] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 6356 comm: syz.0.131) [ 97.921116][ T6363] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 6363 comm: syz.0.134) [ 98.155264][ T6369] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 6369 comm: syz.0.136) [ 98.344439][ T6331] Invalid ELF header magic: != ELF [ 98.649503][ T6371] netlink: 28 bytes leftover after parsing attributes in process `syz.0.137'. [ 98.663172][ T6371] bridge_slave_1: left allmulticast mode [ 98.668967][ T6371] bridge_slave_1: left promiscuous mode [ 98.695823][ T6371] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.734875][ T6371] bridge_slave_0: left allmulticast mode [ 98.740947][ T6371] bridge_slave_0: left promiscuous mode [ 98.747508][ T6371] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.835099][ T6375] netlink: 'syz.1.138': attribute type 46 has an invalid length. [ 99.126129][ T6370] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 6370 comm: syz.0.137) [ 100.269515][ T6412] syz.2.151 uses obsolete (PF_INET,SOCK_PACKET) [ 100.702576][ T6386] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 6386 comm: syz.0.144) [ 101.377205][ T6428] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 6428 comm: syz.0.155) [ 101.604050][ T6435] netlink: 28 bytes leftover after parsing attributes in process `syz.0.158'. [ 101.643054][ T6435] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode [ 101.650077][ T6435] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode [ 102.154083][ T6445] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 102.237714][ T6434] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 6434 comm: syz.0.158) [ 103.369949][ T6462] netlink: 28 bytes leftover after parsing attributes in process `syz.1.166'. [ 103.448169][ T6453] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 6453 comm: syz.0.161) [ 103.571542][ T6462] mac80211_hwsim hwsim7 wlan0: entered allmulticast mode [ 103.643309][ T6469] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 104.651925][ T6482] netlink: 36 bytes leftover after parsing attributes in process `syz.0.171'. [ 106.195420][ T6512] netlink: 8 bytes leftover after parsing attributes in process `syz.0.180'. [ 110.027770][ T6583] capability: warning: `syz.3.198' uses 32-bit capabilities (legacy support in use) [ 113.789391][ T6628] netlink: 8 bytes leftover after parsing attributes in process `syz.1.209'. [ 115.409023][ T6653] netlink: 28 bytes leftover after parsing attributes in process `syz.1.214'. [ 115.775442][ T6653] team0: Port device team_slave_0 removed [ 117.829753][ T6677] netlink: 28 bytes leftover after parsing attributes in process `syz.1.221'. [ 118.230379][ T6677] team0: Port device team_slave_1 removed [ 118.278213][ T6682] netlink: 4 bytes leftover after parsing attributes in process `syz.0.223'. [ 118.313816][ T6682] netlink: 4 bytes leftover after parsing attributes in process `syz.0.223'. [ 120.277510][ T6702] netlink: 36 bytes leftover after parsing attributes in process `syz.0.229'. [ 121.367673][ T6717] netlink: 342 bytes leftover after parsing attributes in process `syz.2.233'. [ 121.392651][ T6717] netlink: 342 bytes leftover after parsing attributes in process `syz.2.233'. [ 121.413186][ T6717] netlink: 342 bytes leftover after parsing attributes in process `syz.2.233'. [ 121.422485][ T6717] netlink: 342 bytes leftover after parsing attributes in process `syz.2.233'. [ 121.427178][ T6719] netlink: 'syz.0.240': attribute type 15 has an invalid length. [ 121.454421][ T6719] netlink: 252 bytes leftover after parsing attributes in process `syz.0.240'. [ 121.464435][ T6722] netlink: 146 bytes leftover after parsing attributes in process `syz.2.233'. [ 121.498504][ T6719] netlink: 'syz.0.240': attribute type 15 has an invalid length. [ 121.523069][ T6719] netlink: 252 bytes leftover after parsing attributes in process `syz.0.240'. [ 121.946095][ T6724] could not allocate digest TFM handle [ 124.888700][ T6792] netlink: 28 bytes leftover after parsing attributes in process `syz.3.253'. [ 127.579276][ T6825] netlink: 36 bytes leftover after parsing attributes in process `syz.1.261'. [ 128.284005][ T6865] netlink: 4 bytes leftover after parsing attributes in process `syz.2.277'. [ 128.331901][ T6865] netlink: 4 bytes leftover after parsing attributes in process `syz.2.277'. [ 132.988873][ T6922] netlink: 28 bytes leftover after parsing attributes in process `syz.1.295'. [ 133.042962][ T6922] bridge_slave_1: left allmulticast mode [ 133.048671][ T6922] bridge_slave_1: left promiscuous mode [ 133.063210][ T6922] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.169464][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.176414][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.254530][ T6922] bridge_slave_0: left allmulticast mode [ 133.260250][ T6922] bridge_slave_0: left promiscuous mode [ 133.300958][ T6922] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.400332][ T7045] netlink: 28 bytes leftover after parsing attributes in process `syz.0.330'. [ 146.536239][ T7057] Invalid ELF header magic: != ELF [ 151.261598][ T7183] kfence: disabled [ 153.065832][ T7215] netlink: 338 bytes leftover after parsing attributes in process `syz.2.375'. [ 153.231072][ T7215] Process accounting resumed [ 153.252596][ T7215] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 7215 comm: syz.2.375) [ 154.581825][ T7149] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 7149 comm: syz.2.360) [ 154.644505][ T7223] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 7223 comm: syz.2.380) [ 155.195736][ T7245] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 7245 comm: syz.2.389) [ 155.554059][ T7260] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 7260 comm: syz.2.393) [ 157.147878][ T7271] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 7271 comm: syz.2.398) [ 157.758694][ T7273] Invalid ELF header magic: != ELF [ 158.006505][ T7306] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 7306 comm: syz.2.406) [ 158.271359][ T7314] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 7314 comm: syz.2.408) [ 158.374327][ T7316] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 158.419829][ T7316] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 158.646408][ T7321] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 7321 comm: syz.2.410) [ 159.176205][ T29] audit: type=1804 audit(4294967300.270:2): pid=7335 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.414" name="#)-\&[}" dev="mqueue" ino=13388 res=1 errno=0 [ 159.196962][ T7335] kernel read not supported for file /#)-\&[} (pid: 7335 comm: syz.0.414) [ 159.227974][ T29] audit: type=1800 audit(4294967300.310:3): pid=7335 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.414" name="#)-\&[}" dev="mqueue" ino=13388 res=0 errno=0 [ 159.287137][ T7327] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 7327 comm: syz.2.413) [ 159.362020][ T7338] Invalid ELF header magic: != ELF [ 159.427984][ T29] audit: type=1804 audit(4294967300.520:4): pid=7333 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.414" name="#)-\&[}" dev="mqueue" ino=13388 res=1 errno=0 [ 159.458558][ T29] audit: type=1804 audit(4294967300.520:5): pid=7333 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.414" name="#)-\&[}" dev="mqueue" ino=13388 res=1 errno=0 [ 160.301419][ T7343] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 7343 comm: syz.2.415) [ 161.349779][ T7356] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 7356 comm: syz.2.419) [ 161.641478][ T7381] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 7381 comm: syz.2.428) [ 162.977391][ T7317] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 7317 comm: syz.2.408) [ 164.531197][ T7404] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 7404 comm: syz.2.435) [ 165.048500][ T7426] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 7426 comm: syz.2.443) [ 165.361570][ T7433] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 7433 comm: syz.2.445) [ 165.551033][ T7443] kernel write not supported for file netdevsim/netdevsim0/psample/latency_max (pid: 7443 comm: syz.2.446) [ 165.674835][ T7449] netlink: 28 bytes leftover after parsing attributes in process `syz.1.447'. [ 171.998791][ T7597] mmap: syz.2.493 (7597) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 173.635060][ T29] audit: type=1800 audit(4294967314.730:6): pid=7629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.502" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 176.300686][ T7706] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 176.379320][ T7706] CIFS mount error: No usable UNC path provided in device string! [ 176.379320][ T7706] [ 176.409557][ T7706] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 179.226490][ T7751] netlink: 28 bytes leftover after parsing attributes in process `syz.3.539'. [ 179.277084][ T7758] netlink: 28 bytes leftover after parsing attributes in process `syz.1.544'. [ 179.345638][ T7758] hsr_slave_0: left promiscuous mode [ 179.358513][ T7758] hsr_slave_1: left promiscuous mode [ 179.703966][ T7763] netlink: 330 bytes leftover after parsing attributes in process `syz.1.545'. [ 181.255043][ T7784] netlink: 28 bytes leftover after parsing attributes in process `syz.1.552'. [ 182.148934][ T7804] netlink: 4 bytes leftover after parsing attributes in process `syz.3.557'. [ 184.691456][ T7841] netlink: 28 bytes leftover after parsing attributes in process `syz.2.564'. [ 184.842595][ T7848] netlink: 330 bytes leftover after parsing attributes in process `syz.0.569'. [ 187.104212][ T7918] netlink: 28 bytes leftover after parsing attributes in process `syz.2.589'. [ 187.119134][ T7918] hsr_slave_0: left promiscuous mode [ 187.128373][ T7918] hsr_slave_1: left promiscuous mode [ 189.800205][ T7987] Process accounting resumed [ 191.360531][ T8010] netlink: 28 bytes leftover after parsing attributes in process `syz.1.617'. [ 191.565934][ T5847] Bluetooth: hci2: command 0x0406 tx timeout [ 191.572046][ T5847] Bluetooth: hci3: command 0x0406 tx timeout [ 191.579032][ T5837] Bluetooth: hci1: command 0x0406 tx timeout [ 191.585299][ T5837] Bluetooth: hci0: command 0x0406 tx timeout [ 193.480290][ T8062] netlink: 4 bytes leftover after parsing attributes in process `syz.2.631'. [ 193.860830][ T8070] netlink: 252 bytes leftover after parsing attributes in process `syz.2.634'. [ 194.628469][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.635005][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.505409][ T8092] netlink: 4 bytes leftover after parsing attributes in process `syz.3.637'. [ 196.063794][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 197.116366][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 197.221174][ T8132] syz.1.648 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 197.362971][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 197.530143][ T8124] netlink: 28 bytes leftover after parsing attributes in process `syz.3.646'. [ 197.999955][ T8148] netlink: 4 bytes leftover after parsing attributes in process `syz.3.653'. [ 198.831636][ T8169] Process accounting resumed [ 199.253707][ T8176] bridge0: port 3(team0) entered blocking state [ 199.265825][ T8176] bridge0: port 3(team0) entered disabled state [ 199.273960][ T8176] team0: entered allmulticast mode [ 199.279116][ T8176] team_slave_0: entered allmulticast mode [ 199.295437][ T8176] team_slave_1: entered allmulticast mode [ 199.332377][ T8176] team0: entered promiscuous mode [ 199.352998][ T8176] team_slave_0: entered promiscuous mode [ 199.359405][ T8176] team_slave_1: entered promiscuous mode [ 199.366353][ T8176] bridge0: port 3(team0) entered blocking state [ 199.372789][ T8176] bridge0: port 3(team0) entered forwarding state [ 199.933326][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 199.942209][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 199.944152][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 200.193556][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 200.423867][ T8207] netlink: 28 bytes leftover after parsing attributes in process `syz.1.671'. [ 200.535527][ T8207] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 201.617444][ T8216] GUP no longer grows the stack in syz.1.675 (8216): 14000-401000 (4000) [ 201.646594][ T8216] CPU: 0 UID: 0 PID: 8216 Comm: syz.1.675 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 201.657261][ T8216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 201.667363][ T8216] Call Trace: [ 201.670671][ T8216] [ 201.673632][ T8216] dump_stack_lvl+0x16c/0x1f0 [ 201.678370][ T8216] gup_vma_lookup+0x1d2/0x220 [ 201.683096][ T8216] __get_user_pages+0x236/0x3b50 [ 201.688114][ T8216] ? hlock_class+0x4e/0x130 [ 201.692660][ T8216] ? __lock_acquire+0x15a9/0x3c40 [ 201.697751][ T8216] ? __pfx___get_user_pages+0x10/0x10 [ 201.703184][ T8216] __gup_longterm_locked+0x211/0x1870 [ 201.708609][ T8216] ? __pfx___lock_acquire+0x10/0x10 [ 201.714236][ T8216] ? __pfx___gup_longterm_locked+0x10/0x10 [ 201.720096][ T8216] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 201.725775][ T8216] ? rwsem_read_trylock+0x12d/0x250 [ 201.731017][ T8216] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 201.736685][ T8216] ? process_vm_rw_core.constprop.0+0x3ff/0x9c0 [ 201.743156][ T8216] pin_user_pages_remote+0xee/0x150 [ 201.749050][ T8216] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 201.754910][ T8216] ? down_read+0xc9/0x330 [ 201.759326][ T8216] process_vm_rw_core.constprop.0+0x42b/0x9c0 [ 201.765558][ T8216] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 201.772257][ T8216] process_vm_rw+0x301/0x360 [ 201.776916][ T8216] ? __pfx_process_vm_rw+0x10/0x10 [ 201.782097][ T8216] ? __pfx_futex_wake+0x10/0x10 [ 201.786991][ T8216] ? up_write+0x1b2/0x520 [ 201.791394][ T8216] ? __pfx___do_sys_mremap+0x10/0x10 [ 201.796762][ T8216] ? xfd_validate_state+0x5d/0x180 [ 201.801949][ T8216] ? arch_syscall_is_vdso_sigreturn+0xb6/0x230 [ 201.808200][ T8216] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 201.813888][ T8216] ? syscall_trace_enter+0x5e/0x260 [ 201.819137][ T8216] do_syscall_64+0xcd/0x250 [ 201.823703][ T8216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 201.829644][ T8216] RIP: 0033:0x7f4d0fb85d19 [ 201.834113][ T8216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 201.853765][ T8216] RSP: 002b:00007f4d1092c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 201.862225][ T8216] RAX: ffffffffffffffda RBX: 00007f4d0fd75fa0 RCX: 00007f4d0fb85d19 [ 201.870234][ T8216] RDX: 0000000000000004 RSI: 0000000020000040 RDI: 0000000000000207 [ 201.878256][ T8216] RBP: 00007f4d0fc01a20 R08: 0000000000000006 R09: 0000000000000000 [ 201.886300][ T8216] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000 [ 201.894307][ T8216] R13: 0000000000000000 R14: 00007f4d0fd75fa0 R15: 00007ffc47b226f8 [ 201.902412][ T8216] [ 203.428478][ T8250] netlink: 28 bytes leftover after parsing attributes in process `syz.3.684'. [ 204.794223][ T8262] netlink: 4 bytes leftover after parsing attributes in process `syz.0.689'. [ 204.957465][ T8264] netlink: 28 bytes leftover after parsing attributes in process `syz.3.690'. [ 205.153323][ T8264] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 205.809764][ T8278] netlink: 4 bytes leftover after parsing attributes in process `syz.2.694'. [ 206.589285][ T8295] openvswitch: netlink: Key type 261 is out of range max 32 [ 207.142170][ T8302] netlink: 'syz.2.702': attribute type 46 has an invalid length. [ 207.596354][ T8311] netlink: 28 bytes leftover after parsing attributes in process `syz.1.705'. [ 207.656331][ T8317] Process accounting resumed [ 208.911441][ T8338] Process accounting resumed [ 209.638431][ T8351] netlink: 12 bytes leftover after parsing attributes in process `syz.1.718'. [ 213.403123][ T8428] could not allocate digest TFM handle [ 213.875290][ T8426] ======================================================= [ 213.875290][ T8426] WARNING: The mand mount option has been deprecated and [ 213.875290][ T8426] and is ignored by this kernel. Remove the mand [ 213.875290][ T8426] option from the mount to silence this warning. [ 213.875290][ T8426] ======================================================= [ 216.041639][ T8475] netlink: 28 bytes leftover after parsing attributes in process `syz.3.752'. [ 216.104444][ T8475] team0: left allmulticast mode [ 216.109542][ T8475] team_slave_0: left allmulticast mode [ 216.138103][ T8475] team_slave_1: left allmulticast mode [ 216.143904][ T8475] team0: left promiscuous mode [ 216.152866][ T8475] team_slave_0: left promiscuous mode [ 216.159027][ T8475] team_slave_1: left promiscuous mode [ 216.173114][ T8475] bridge0: port 3(team0) entered disabled state [ 216.195378][ T8475] bridge_slave_1: left allmulticast mode [ 216.201075][ T8475] bridge_slave_1: left promiscuous mode [ 216.207630][ T8475] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.237825][ T8475] bridge_slave_0: left allmulticast mode [ 216.261379][ T8475] bridge_slave_0: left promiscuous mode [ 216.272050][ T8475] bridge0: port 1(bridge_slave_0) entered disabled state [ 220.273207][ T29] audit: type=1800 audit(4294967361.370:7): pid=8544 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.770" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 223.286500][ T8583] netlink: 28 bytes leftover after parsing attributes in process `syz.0.782'. [ 224.369096][ T8609] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek 1 [ 491.912314][ T55] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 491.921762][ T55] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 491.932970][ T55] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 491.941058][ T55] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 491.948667][ T55] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 492.438833][ T3445] tipc: Left network mode [ 493.454754][T14255] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2123'. [ 493.530668][T14205] chnl_net:caif_netlink_parms(): no params data found [ 493.979685][T14205] bridge0: port 1(bridge_slave_0) entered blocking state [ 493.987097][T14205] bridge0: port 1(bridge_slave_0) entered disabled state [ 494.002876][T14205] bridge_slave_0: entered allmulticast mode [ 494.020187][T14205] bridge_slave_0: entered promiscuous mode [ 494.042755][ T55] Bluetooth: hci3: command tx timeout [ 494.543861][T14205] bridge0: port 2(bridge_slave_1) entered blocking state [ 494.551151][T14205] bridge0: port 2(bridge_slave_1) entered disabled state [ 494.573924][T14205] bridge_slave_1: entered allmulticast mode [ 494.590221][T14205] bridge_slave_1: entered promiscuous mode [ 494.775532][T14205] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 494.894848][T14205] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 495.069486][T14205] team0: Port device team_slave_0 added [ 495.107723][T14205] team0: Port device team_slave_1 added [ 495.251406][ T3445] veth1_macvtap: left promiscuous mode [ 495.273139][ T3445] veth1_vlan: left promiscuous mode [ 495.278745][ T3445] veth0_vlan: left promiscuous mode [ 496.123395][ T55] Bluetooth: hci3: command tx timeout [ 496.316777][ T3445] team0 (unregistering): Port device team_slave_1 removed [ 496.416069][ T3445] team0 (unregistering): Port device team_slave_0 removed [ 497.473438][T14367] sctp: [Deprecated]: syz.1.2144 (pid 14367) Use of int in max_burst socket option. [ 497.473438][T14367] Use struct sctp_assoc_value instead [ 497.550179][T14205] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 497.587906][T14205] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 497.653951][T14205] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 497.733514][T14205] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 497.740535][T14205] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 497.842322][T14205] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 497.972011][T14205] hsr_slave_0: entered promiscuous mode [ 498.000875][T14205] hsr_slave_1: entered promiscuous mode [ 498.202917][ T55] Bluetooth: hci3: command tx timeout [ 498.539243][T14205] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 498.656570][T14205] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 498.749125][T14205] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 498.854200][T14205] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 499.126243][T14205] 8021q: adding VLAN 0 to HW filter on device bond0 [ 499.532011][T14205] 8021q: adding VLAN 0 to HW filter on device team0 [ 499.550532][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 499.557708][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 499.597844][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 499.605972][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 500.010326][T14205] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 500.280913][T14205] veth0_vlan: entered promiscuous mode [ 500.288427][ T55] Bluetooth: hci3: command tx timeout [ 500.301902][T14205] veth1_vlan: entered promiscuous mode [ 500.336210][T14205] veth0_macvtap: entered promiscuous mode [ 500.346638][T14205] veth1_macvtap: entered promiscuous mode [ 500.368026][T14205] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 500.388710][T14205] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 500.402275][T14205] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 500.412875][T14205] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 500.421615][T14205] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 500.461946][T14205] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 500.642255][ T3445] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 500.674749][ T3445] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 500.709999][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 500.721654][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 501.997288][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 502.003733][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.457909][T14493] netlink: 'syz.1.2159': attribute type 16 has an invalid length. [ 502.465946][T14493] netlink: 326 bytes leftover after parsing attributes in process `syz.1.2159'. [ 502.513412][T14493] veth1_macvtap: left promiscuous mode [ 503.823479][T14557] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2169'. [ 505.152380][T14598] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2179'. [ 505.499301][T14611] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2183'. [ 506.031337][T14623] netlink: 'syz.2.2186': attribute type 20 has an invalid length. [ 506.040984][T14623] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2186'. [ 506.050344][T14623] IPv6: NLM_F_CREATE should be specified when creating new route [ 506.306656][T14632] netlink: 326 bytes leftover after parsing attributes in process `syz.2.2188'. [ 509.057905][T14707] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2206'. [ 511.985044][T14775] netlink: 326 bytes leftover after parsing attributes in process `syz.2.2220'. [ 513.383041][T14795] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2227'. [ 513.561486][T14799] netlink: 326 bytes leftover after parsing attributes in process `syz.1.2228'. [ 514.757037][T14830] HfR: entered promiscuous mode [ 514.804048][T14830] openvswitch: HfR: Dropping previously announced user features [ 514.841662][T14830] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2232'. [ 515.663919][T14860] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2235'. [ 522.303397][T15067] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2272'. [ 522.971878][T15080] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2277'. [ 523.005803][T15080] vcan0: entered promiscuous mode [ 523.184791][T15089] netlink: 334 bytes leftover after parsing attributes in process `syz.4.2278'. [ 525.830787][T15163] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2297'. [ 525.842789][T15163] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2297'. [ 525.854845][T15163] netlink: 170 bytes leftover after parsing attributes in process `syz.2.2297'. [ 526.731217][T15192] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2305'. [ 526.753644][T15195] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2306'. [ 526.779434][T15192] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2305'. [ 526.794185][T15195] netlink: 274 bytes leftover after parsing attributes in process `syz.2.2306'. [ 527.637562][T15219] tipc: Started in network mode [ 527.648256][T15219] tipc: Node identity ffffffff, cluster identity 4711 [ 527.658359][T15219] tipc: Node number set to 4294967295 [ 529.108428][T15248] __nla_validate_parse: 1 callbacks suppressed [ 529.108449][T15248] netlink: 158 bytes leftover after parsing attributes in process `syz.2.2321'. [ 534.012729][T15341] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2345'. [ 534.257898][T15350] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2348'. [ 534.312076][T15350] net veth1_virt_wifi : renamed from virt_wifi0 (while UP) [ 536.934170][T15412] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2365'. [ 539.750306][T15480] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2383'. [ 542.582375][T15545] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2398'. [ 546.504829][T15625] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2417'. [ 546.535013][T15625] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2417'. [ 546.547753][T15625] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2417'. [ 546.558829][T15625] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2417'. [ 546.579854][T15625] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2417'. [ 546.605154][T15627] netlink: 130 bytes leftover after parsing attributes in process `syz.4.2417'. [ 551.256543][T15712] netlink: 22 bytes leftover after parsing attributes in process `syz.2.2438'. [ 551.562265][T15723] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2440'. [ 556.190818][T15821] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2464'. [ 556.207878][T15821] netlink: 158 bytes leftover after parsing attributes in process `syz.1.2464'. [ 557.442455][T15839] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2468'. [ 557.483933][T15841] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2477'. [ 557.541651][T15836] could not allocate digest TFM handle [ 558.528310][T15866] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2475'. [ 558.558492][T15866] geneve1: entered allmulticast mode [ 559.129961][T15894] lo: entered allmulticast mode [ 559.137504][T15894] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2485'. [ 559.388027][T15893] lo: left allmulticast mode [ 561.313323][T15938] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2494'. [ 561.953158][T15938] bond0: (slave bond_slave_1): Releasing backup interface [ 562.287989][T15956] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2498'. [ 563.245095][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.251810][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 565.955723][T16005] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2509'. [ 568.023554][T16043] Invalid ELF header magic: != ELF [ 568.047415][T16042] delete_channel: no stack [ 568.238563][T16050] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2522'. [ 568.431619][T16053] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2520'. [ 568.793871][T16050] syz.1.2522 (16050) used greatest stack depth: 20848 bytes left [ 569.975720][T16090] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2527'. [ 575.378820][T16188] bridge0: port 3(team0) entered blocking state [ 575.413377][T16188] bridge0: port 3(team0) entered disabled state [ 575.438389][T16188] team0: entered allmulticast mode [ 575.470330][T16188] team_slave_0: entered allmulticast mode [ 575.506374][T16188] team_slave_1: entered allmulticast mode [ 575.537819][T16188] team0: entered promiscuous mode [ 575.557418][T16188] team_slave_0: entered promiscuous mode [ 575.575132][T16188] team_slave_1: entered promiscuous mode [ 575.601890][T16188] bridge0: port 3(team0) entered blocking state [ 575.608377][T16188] bridge0: port 3(team0) entered forwarding state [ 578.494966][T16258] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2565'. [ 579.879129][T16293] netlink: 'syz.0.2575': attribute type 1 has an invalid length. [ 579.913446][T16293] nbd: error processing sock list [ 582.473295][T16366] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2583'. [ 583.860497][T16387] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2589'. [ 584.267047][T16409] nbd: must specify at least one socket [ 585.139315][T16427] netlink: 326 bytes leftover after parsing attributes in process `syz.1.2598'. [ 585.197590][T16427] netlink: 326 bytes leftover after parsing attributes in process `syz.1.2598'. [ 588.172389][T16436] syz.4.2600: vmalloc error: size 3411968, failed to allocated page array size 6664, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 588.206239][T16436] CPU: 1 UID: 0 PID: 16436 Comm: syz.4.2600 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 588.217420][T16436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 588.227517][T16436] Call Trace: [ 588.230827][T16436] [ 588.233789][T16436] dump_stack_lvl+0x16c/0x1f0 [ 588.238511][T16436] warn_alloc+0x24d/0x3a0 [ 588.242887][T16436] ? __pfx_warn_alloc+0x10/0x10 [ 588.247791][T16436] ? __get_vm_area_node+0x1b0/0x2f0 [ 588.253027][T16436] ? __get_vm_area_node+0x1dc/0x2f0 [ 588.258297][T16436] __vmalloc_node_range_noprof+0x1105/0x1530 [ 588.264507][T16436] ? ip_set_sockfn_get+0x185/0xc50 [ 588.269662][T16436] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 588.276038][T16436] ? __get_vm_area_node+0x1b0/0x2f0 [ 588.281275][T16436] ? __get_vm_area_node+0x1dc/0x2f0 [ 588.286515][T16436] __vmalloc_node_range_noprof+0xd85/0x1530 [ 588.292447][T16436] ? ip_set_sockfn_get+0x185/0xc50 [ 588.297598][T16436] ? __pfx___lock_acquire+0x10/0x10 [ 588.302852][T16436] ? ip_set_sockfn_get+0x185/0xc50 [ 588.308004][T16436] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 588.314381][T16436] ? apparmor_capable+0x114/0x1d0 [ 588.319452][T16436] ? ip_set_sockfn_get+0x185/0xc50 [ 588.324597][T16436] vmalloc_noprof+0x6b/0x90 [ 588.329150][T16436] ? ip_set_sockfn_get+0x185/0xc50 [ 588.334303][T16436] ip_set_sockfn_get+0x185/0xc50 [ 588.339280][T16436] ? __pfx_lock_release+0x10/0x10 [ 588.344353][T16436] ? __pfx_ip_set_sockfn_get+0x10/0x10 [ 588.349854][T16436] ? nf_sockopt_find.constprop.0+0x221/0x290 [ 588.355893][T16436] nf_getsockopt+0x79/0xe0 [ 588.360444][T16436] ip_getsockopt+0x18e/0x1e0 [ 588.365077][T16436] ? __pfx_ip_getsockopt+0x10/0x10 [ 588.370309][T16436] ? __schedule+0xe60/0x5ad0 [ 588.374935][T16436] ipv6_getsockopt+0x230/0x280 [ 588.379732][T16436] ? __pfx_ipv6_getsockopt+0x10/0x10 [ 588.385066][T16436] ? __pfx_mark_lock+0x10/0x10 [ 588.389876][T16436] sctp_getsockopt+0x1d2/0x7ae0 [ 588.394772][T16436] ? hlock_class+0x4e/0x130 [ 588.399314][T16436] ? mark_lock+0xb5/0xc60 [ 588.403682][T16436] ? aa_label_sk_perm+0x19d/0x5a0 [ 588.408755][T16436] ? __pfx_sctp_getsockopt+0x10/0x10 [ 588.414080][T16436] ? __lock_acquire+0x15a9/0x3c40 [ 588.419178][T16436] ? __pfx___lock_acquire+0x10/0x10 [ 588.424460][T16436] ? find_held_lock+0x2d/0x110 [ 588.429280][T16436] ? __might_fault+0x13b/0x190 [ 588.434088][T16436] ? __pfx_lock_release+0x10/0x10 [ 588.439246][T16436] ? trace_lock_acquire+0x14e/0x1f0 [ 588.444487][T16436] ? lock_acquire+0x2f/0xb0 [ 588.449023][T16436] ? __might_fault+0xe3/0x190 [ 588.453741][T16436] ? __might_fault+0xe3/0x190 [ 588.458457][T16436] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 588.464400][T16436] ? do_sock_getsockopt+0x3fe/0x870 [ 588.469630][T16436] do_sock_getsockopt+0x3fe/0x870 [ 588.474692][T16436] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 588.480270][T16436] ? lock_acquire+0x2f/0xb0 [ 588.484810][T16436] ? __fget_files+0x40/0x3a0 [ 588.489445][T16436] ? __fget_files+0x206/0x3a0 [ 588.494245][T16436] __sys_getsockopt+0x12f/0x260 [ 588.499149][T16436] __x64_sys_getsockopt+0xbd/0x160 [ 588.504393][T16436] ? do_syscall_64+0x91/0x250 [ 588.509112][T16436] ? lockdep_hardirqs_on+0x7c/0x110 [ 588.514361][T16436] do_syscall_64+0xcd/0x250 [ 588.518910][T16436] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 588.524848][T16436] RIP: 0033:0x7f1158f85d19 [ 588.529300][T16436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 588.548946][T16436] RSP: 002b:00007f1159d41038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 588.557408][T16436] RAX: ffffffffffffffda RBX: 00007f1159175fa0 RCX: 00007f1158f85d19 [ 588.565418][T16436] RDX: 0000000000000053 RSI: 0000000000000000 RDI: 0000000000000007 [ 588.573424][T16436] RBP: 00007f1159001a20 R08: 0000000020000040 R09: 0000000000000000 [ 588.581439][T16436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 588.589458][T16436] R13: 0000000000000000 R14: 00007f1159175fa0 R15: 00007ffdb70a7e08 [ 588.597486][T16436] [ 588.652665][T16436] Mem-Info: [ 588.655846][T16436] active_anon:34838 inactive_anon:149 isolated_anon:0 [ 588.655846][T16436] active_file:11306 inactive_file:47589 isolated_file:0 [ 588.655846][T16436] unevictable:768 dirty:814 writeback:0 [ 588.655846][T16436] slab_reclaimable:11588 slab_unreclaimable:99674 [ 588.655846][T16436] mapped:32615 shmem:22850 pagetables:1008 [ 588.655846][T16436] sec_pagetables:0 bounce:0 [ 588.655846][T16436] kernel_misc_reclaimable:0 [ 588.655846][T16436] free:1238280 free_pcp:9784 free_cma:0 [ 588.742588][T16436] Node 0 active_anon:139352kB inactive_anon:596kB active_file:45224kB inactive_file:190284kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:116560kB dirty:1752kB writeback:1500kB shmem:92064kB shmem_thp:6144kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10764kB pagetables:4032kB sec_pagetables:0kB all_unreclaimable? no [ 588.802681][T16436] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 588.862585][T16436] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 588.890159][T16436] lowmem_reserve[]: 0 2465 2466 0 0 [ 588.930629][T16436] Node 0 DMA32 free:1064060kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:140796kB inactive_anon:596kB active_file:45224kB inactive_file:189452kB unevictable:1536kB writepending:1752kB present:3129332kB managed:2551344kB mlocked:0kB bounce:0kB free_pcp:4468kB local_pcp:3792kB free_cma:0kB [ 588.974602][T16436] lowmem_reserve[]: 0 0 0 0 0 [ 588.979409][T16436] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:832kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB [ 589.042627][T16436] lowmem_reserve[]: 0 0 0 0 0 [ 589.047433][T16436] Node 1 Normal free:3872012kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:35416kB local_pcp:25128kB free_cma:0kB [ 589.112602][T16436] lowmem_reserve[]: 0 0 0 0 0 [ 589.124094][T16436] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 589.152575][T16436] Node 0 DMA32: 1380*4kB (ME) 1190*8kB (UME) 1189*16kB (ME) 1000*32kB (UME) 424*64kB (UME) 325*128kB (UM) 236*256kB (UME) 135*512kB (UME) 63*1024kB (UM) 3*2048kB (ME) 176*4096kB (M) = 1055888kB [ 589.195814][T16436] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 589.222828][T16436] Node 1 Normal: 65*4kB (UME) 5*8kB (ME) 4*16kB (UME) 171*32kB (UM) 87*64kB (UME) 27*128kB (UME) 31*256kB (UME) 30*512kB (UM) 20*1024kB (UME) 4*2048kB (UME) 929*4096kB (M) = 3872012kB [ 589.265934][T16436] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 589.285557][T16436] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 589.307310][T16436] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 589.353790][T16436] Node 1 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 589.392721][T16436] 81073 total pagecache pages [ 589.402995][T16436] 756 pages in swap cache [ 589.414086][T16436] Free swap = 116392kB [ 589.429954][T16436] Total swap = 124996kB [ 589.452625][T16436] 2097051 pages RAM [ 589.456574][T16436] 0 pages HighMem/MovableOnly [ 589.473031][T16436] 427365 pages reserved [ 589.497641][T16436] 0 pages cma reserved [ 589.648011][T16481] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2610'. [ 590.035996][T16487] RDS: rds_bind could not find a transport for ::ffff:172.30.0.3, load rds_tcp or rds_rdma? [ 592.377444][T16541] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 595.903784][T16592] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 595.913490][T16592] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 596.043372][T16597] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2636'. [ 596.137959][T16597] bond0: (slave bond_slave_0): Releasing backup interface [ 598.156591][T16630] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2642'. [ 598.167384][T16630] : renamed from wg0 (while UP) [ 598.430112][T16634] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2643'. [ 601.333663][T16676] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2652'. [ 602.722433][ T55] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 603.032792][T16708] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2654'. [ 603.972197][T16730] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 603.997341][T16730] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 604.739226][T16754] Invalid ELF header magic: != ELF [ 605.192621][T16760] netlink: 'syz.0.2666': attribute type 1 has an invalid length. [ 605.220480][T16760] nbd: error processing sock list [ 606.304364][T16772] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2669'. [ 608.584070][T16822] netlink: 'syz.4.2679': attribute type 1 has an invalid length. [ 608.602342][T16822] nbd: error processing sock list [ 613.602045][T16901] Process accounting resumed [ 613.628183][T16901] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2691'. [ 614.693792][T16921] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2694'. [ 614.704241][T16921] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 614.711853][T16921] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 614.739030][T16921] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 614.748161][T16921] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 615.315444][T16928] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2695'. [ 615.452886][T16935] netlink: 'syz.1.2696': attribute type 1 has an invalid length. [ 615.462068][T16935] nbd: error processing sock list [ 616.522626][T16914] Bluetooth: hci3: command 0x0406 tx timeout [ 617.119588][T16968] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 617.152656][T16968] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 618.005335][T16988] Invalid ELF header magic: != ELF [ 619.445949][T17015] kernel read not supported for file /#)-\&[} (pid: 17015 comm: syz.2.2711) [ 619.504254][ T29] audit: type=1800 audit(199003.796:13): pid=17015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2711" name="#)-\&[}" dev="mqueue" ino=27332 res=0 errno=0 [ 624.689681][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.704017][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 626.649841][T17107] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2726'. [ 626.791364][T17081] warn_alloc: 1 callbacks suppressed [ 626.791378][T17081] syz.1.2722: vmalloc error: size 3411968, failed to allocated page array size 6664, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 626.842657][T17081] CPU: 0 UID: 0 PID: 17081 Comm: syz.1.2722 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 626.853481][T17081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 626.863537][T17081] Call Trace: [ 626.866811][T17081] [ 626.869742][T17081] dump_stack_lvl+0x16c/0x1f0 [ 626.874422][T17081] warn_alloc+0x24d/0x3a0 [ 626.878766][T17081] ? __pfx_warn_alloc+0x10/0x10 [ 626.883632][T17081] ? __get_vm_area_node+0x1b0/0x2f0 [ 626.888848][T17081] ? __get_vm_area_node+0x1dc/0x2f0 [ 626.894055][T17081] __vmalloc_node_range_noprof+0x1105/0x1530 [ 626.900045][T17081] ? ip_set_sockfn_get+0x185/0xc50 [ 626.905176][T17081] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 626.911521][T17081] ? __get_vm_area_node+0x1b0/0x2f0 [ 626.916729][T17081] ? __get_vm_area_node+0x1dc/0x2f0 [ 626.921956][T17081] __vmalloc_node_range_noprof+0xd85/0x1530 [ 626.927864][T17081] ? ip_set_sockfn_get+0x185/0xc50 [ 626.932975][T17081] ? __pfx___lock_acquire+0x10/0x10 [ 626.938182][T17081] ? ip_set_sockfn_get+0x185/0xc50 [ 626.943311][T17081] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 626.949674][T17081] ? apparmor_capable+0x114/0x1d0 [ 626.954719][T17081] ? ip_set_sockfn_get+0x185/0xc50 [ 626.959841][T17081] vmalloc_noprof+0x6b/0x90 [ 626.964354][T17081] ? ip_set_sockfn_get+0x185/0xc50 [ 626.969550][T17081] ip_set_sockfn_get+0x185/0xc50 [ 626.974525][T17081] ? __pfx_lock_release+0x10/0x10 [ 626.979553][T17081] ? __pfx_ip_set_sockfn_get+0x10/0x10 [ 626.985010][T17081] ? nf_sockopt_find.constprop.0+0x221/0x290 [ 626.990996][T17081] nf_getsockopt+0x79/0xe0 [ 626.995420][T17081] ip_getsockopt+0x18e/0x1e0 [ 627.000009][T17081] ? __pfx_ip_getsockopt+0x10/0x10 [ 627.005114][T17081] ? __schedule+0xe60/0x5ad0 [ 627.009700][T17081] ? __pfx___lock_acquire+0x10/0x10 [ 627.014909][T17081] ipv6_getsockopt+0x230/0x280 [ 627.019687][T17081] ? __pfx_ipv6_getsockopt+0x10/0x10 [ 627.024969][T17081] ? __pfx_mark_lock+0x10/0x10 [ 627.029747][T17081] sctp_getsockopt+0x1d2/0x7ae0 [ 627.034605][T17081] ? hlock_class+0x4e/0x130 [ 627.039111][T17081] ? mark_lock+0xb5/0xc60 [ 627.043459][T17081] ? aa_label_sk_perm+0x19d/0x5a0 [ 627.048513][T17081] ? __pfx_sctp_getsockopt+0x10/0x10 [ 627.053799][T17081] ? __lock_acquire+0x15a9/0x3c40 [ 627.058857][T17081] ? __pfx___lock_acquire+0x10/0x10 [ 627.064087][T17081] ? find_held_lock+0x2d/0x110 [ 627.068856][T17081] ? __might_fault+0x13b/0x190 [ 627.073642][T17081] ? __pfx_lock_release+0x10/0x10 [ 627.078674][T17081] ? trace_lock_acquire+0x14e/0x1f0 [ 627.083893][T17081] ? lock_acquire+0x2f/0xb0 [ 627.088385][T17081] ? __might_fault+0xe3/0x190 [ 627.093080][T17081] ? __might_fault+0xe3/0x190 [ 627.097791][T17081] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 627.104068][T17081] ? do_sock_getsockopt+0x3fe/0x870 [ 627.109263][T17081] do_sock_getsockopt+0x3fe/0x870 [ 627.114282][T17081] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 627.119831][T17081] ? lock_acquire+0x2f/0xb0 [ 627.124326][T17081] ? __fget_files+0x40/0x3a0 [ 627.128926][T17081] ? __fget_files+0x206/0x3a0 [ 627.133627][T17081] __sys_getsockopt+0x12f/0x260 [ 627.138484][T17081] __x64_sys_getsockopt+0xbd/0x160 [ 627.143592][T17081] ? do_syscall_64+0x91/0x250 [ 627.148264][T17081] ? lockdep_hardirqs_on+0x7c/0x110 [ 627.153458][T17081] do_syscall_64+0xcd/0x250 [ 627.158131][T17081] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 627.164286][T17081] RIP: 0033:0x7f4d0fb85d19 [ 627.168692][T17081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 627.188323][T17081] RSP: 002b:00007f4d1092c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 627.196740][T17081] RAX: ffffffffffffffda RBX: 00007f4d0fd75fa0 RCX: 00007f4d0fb85d19 [ 627.204708][T17081] RDX: 0000000000000053 RSI: 0000000000000000 RDI: 0000000000000007 [ 627.212685][T17081] RBP: 00007f4d0fc01a20 R08: 0000000020000040 R09: 0000000000000000 [ 627.220662][T17081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 627.228624][T17081] R13: 0000000000000000 R14: 00007f4d0fd75fa0 R15: 00007ffc47b226f8 [ 627.236602][T17081] [ 627.642616][T17081] Mem-Info: [ 627.645781][T17081] active_anon:27437 inactive_anon:165 isolated_anon:0 [ 627.645781][T17081] active_file:6698 inactive_file:44183 isolated_file:0 [ 627.645781][T17081] unevictable:768 dirty:767 writeback:0 [ 627.645781][T17081] slab_reclaimable:11566 slab_unreclaimable:99336 [ 627.645781][T17081] mapped:29845 shmem:14580 pagetables:913 [ 627.645781][T17081] sec_pagetables:0 bounce:0 [ 627.645781][T17081] kernel_misc_reclaimable:0 [ 627.645781][T17081] free:1255159 free_pcp:8967 free_cma:0 [ 627.741818][T17081] Node 0 active_anon:114148kB inactive_anon:660kB active_file:26792kB inactive_file:176660kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:119380kB dirty:3064kB writeback:0kB shmem:61184kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10552kB pagetables:3652kB sec_pagetables:0kB all_unreclaimable? no [ 627.802617][T17081] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 627.862693][T17081] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 627.921131][T17081] lowmem_reserve[]: 0 2465 2466 0 0 [ 627.926531][T17081] Node 0 DMA32 free:1111532kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:120108kB inactive_anon:660kB active_file:32892kB inactive_file:175828kB unevictable:1536kB writepending:3064kB present:3129332kB managed:2551344kB mlocked:0kB bounce:0kB free_pcp:6064kB local_pcp:5656kB free_cma:0kB [ 627.992616][T17081] lowmem_reserve[]: 0 0 0 0 0 [ 628.002610][T17081] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:832kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 628.052605][T17081] lowmem_reserve[]: 0 0 0 0 0 [ 628.062639][T17081] Node 1 Normal free:3874252kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:32700kB local_pcp:17940kB free_cma:0kB [ 628.122636][T17081] lowmem_reserve[]: 0 0 0 0 0 [ 628.132645][T17081] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 628.156078][T17081] Node 0 DMA32: 4*4kB (ME) 15*8kB (ME) 27*16kB (ME) 521*32kB (ME) 953*64kB (UME) 508*128kB (UM) 242*256kB (UME) 138*512kB (ME) 70*1024kB (M) 6*2048kB (ME) 177*4096kB (M) = 1084824kB [ 628.194735][T17081] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 628.222610][T17081] Node 1 Normal: 178*4kB (UME) 96*8kB (UME) 64*16kB (UME) 185*32kB (UM) 102*64kB (UME) 55*128kB (UME) 44*256kB (UME) 34*512kB (UM) 22*1024kB (UME) 6*2048kB (UME) 925*4096kB (M) = 3874280kB [ 628.261837][T17081] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 628.281669][T17081] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 628.301271][T17081] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 628.321100][T17081] Node 1 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 628.332633][T17081] 77223 total pagecache pages [ 628.342602][T17081] 736 pages in swap cache [ 628.350803][T17081] Free swap = 112472kB [ 628.362590][T17081] Total swap = 124996kB [ 628.372637][T17081] 2097051 pages RAM [ 628.376537][T17081] 0 pages HighMem/MovableOnly [ 628.391385][T17081] 427365 pages reserved [ 628.395711][T17081] 0 pages cma reserved [ 629.897573][T17121] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2727'. [ 629.922631][T17121] : renamed from wg0 (while UP) [ 630.723110][T17135] Invalid ELF header magic: != ELF [ 631.268179][T17129] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 631.329923][T17129] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 648.990546][ T29] audit: type=1806 audit(199033.276:14): xattr=64AF5FAE38EDF00630123DD93BFC4D79D8083D87EC3620E2D1879D279126BA76CC1E7582EFA402B3574781753B43094D4EA357B3D6D9F41BEC140770425F0CE10D524AB5D98642AA5134B07F res=-22 [ 651.633369][T17465] ptrace attach of "./syz-executor exec"[5832] was attempted by "./syz-executor exec"[17465] [ 657.196571][T17607] HfR: entered promiscuous mode [ 660.954613][T17720] [ 660.956980][T17720] ====================================================== [ 660.964009][T17720] WARNING: possible circular locking dependency detected [ 660.971127][T17720] 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 Not tainted [ 660.978250][T17720] ------------------------------------------------------ [ 660.985286][T17720] syz.4.2900/17720 is trying to acquire lock: [ 660.991375][T17720] ffffffff8fabe008 (rtnl_mutex){+.+.}-{4:4}, at: do_ipv6_setsockopt+0x1f4d/0x4660 [ 661.000645][T17720] [ 661.000645][T17720] but task is already holding lock: [ 661.008026][T17720] ffff88802f5466a8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x101/0xc00 [ 661.018175][T17720] [ 661.018175][T17720] which lock already depends on the new lock. [ 661.018175][T17720] [ 661.028588][T17720] [ 661.028588][T17720] the existing dependency chain (in reverse order) is: [ 661.037613][T17720] [ 661.037613][T17720] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 661.046249][T17720] __mutex_lock+0x19b/0xa60 [ 661.051305][T17720] smc_switch_to_fallback+0x2d/0xa00 [ 661.057156][T17720] smc_sendmsg+0x13d/0x520 [ 661.062125][T17720] ____sys_sendmsg+0x9ae/0xb40 [ 661.067455][T17720] ___sys_sendmsg+0x135/0x1e0 [ 661.073053][T17720] __sys_sendmsg+0x16e/0x220 [ 661.078205][T17720] do_syscall_64+0xcd/0x250 [ 661.083262][T17720] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 661.089731][T17720] [ 661.089731][T17720] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}: [ 661.097419][T17720] lock_sock_nested+0x3a/0xf0 [ 661.102676][T17720] sockopt_lock_sock+0x54/0x70 [ 661.107963][T17720] do_ip_getsockopt+0x115c/0x2bf0 [ 661.113511][T17720] ip_getsockopt+0x9c/0x1e0 [ 661.118554][T17720] raw_getsockopt+0x4d/0x1e0 [ 661.123660][T17720] do_sock_getsockopt+0x3fe/0x870 [ 661.129231][T17720] __sys_getsockopt+0x12f/0x260 [ 661.134633][T17720] __x64_sys_getsockopt+0xbd/0x160 [ 661.140298][T17720] do_syscall_64+0xcd/0x250 [ 661.145354][T17720] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 661.151804][T17720] [ 661.151804][T17720] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 661.159050][T17720] __lock_acquire+0x249e/0x3c40 [ 661.164454][T17720] lock_acquire.part.0+0x11b/0x380 [ 661.170107][T17720] __mutex_lock+0x19b/0xa60 [ 661.175125][T17720] do_ipv6_setsockopt+0x1f4d/0x4660 [ 661.180849][T17720] ipv6_setsockopt+0xcb/0x170 [ 661.186043][T17720] tcp_setsockopt+0xa4/0x100 [ 661.191150][T17720] smc_setsockopt+0x1b4/0xc00 [ 661.196353][T17720] do_sock_setsockopt+0x222/0x480 [ 661.201912][T17720] __sys_setsockopt+0x1a0/0x230 [ 661.207312][T17720] __x64_sys_setsockopt+0xbd/0x160 [ 661.212975][T17720] do_syscall_64+0xcd/0x250 [ 661.218029][T17720] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 661.224553][T17720] [ 661.224553][T17720] other info that might help us debug this: [ 661.224553][T17720] [ 661.234770][T17720] Chain exists of: [ 661.234770][T17720] rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock [ 661.234770][T17720] [ 661.248320][T17720] Possible unsafe locking scenario: [ 661.248320][T17720] [ 661.255762][T17720] CPU0 CPU1 [ 661.261126][T17720] ---- ---- [ 661.266522][T17720] lock(&smc->clcsock_release_lock); [ 661.271927][T17720] lock(sk_lock-AF_INET); [ 661.278948][T17720] lock(&smc->clcsock_release_lock); [ 661.286838][T17720] lock(rtnl_mutex); [ 661.290812][T17720] [ 661.290812][T17720] *** DEADLOCK *** [ 661.290812][T17720] [ 661.298957][T17720] 1 lock held by syz.4.2900/17720: [ 661.304054][T17720] #0: ffff88802f5466a8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x101/0xc00 [ 661.314583][T17720] [ 661.314583][T17720] stack backtrace: [ 661.320465][T17720] CPU: 1 UID: 0 PID: 17720 Comm: syz.4.2900 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 661.331302][T17720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 661.341362][T17720] Call Trace: [ 661.344633][T17720] [ 661.347560][T17720] dump_stack_lvl+0x116/0x1f0 [ 661.352240][T17720] print_circular_bug+0x41c/0x610 [ 661.357274][T17720] check_noncircular+0x31a/0x400 [ 661.362211][T17720] ? __pfx_check_noncircular+0x10/0x10 [ 661.367678][T17720] ? hlock_class+0x4e/0x130 [ 661.372179][T17720] ? hlock_class+0x4e/0x130 [ 661.376676][T17720] ? lockdep_lock+0xc6/0x200 [ 661.381258][T17720] ? __pfx_lockdep_lock+0x10/0x10 [ 661.386295][T17720] ? __pfx_mark_lock+0x10/0x10 [ 661.391174][T17720] __lock_acquire+0x249e/0x3c40 [ 661.396043][T17720] ? __pfx___lock_acquire+0x10/0x10 [ 661.401247][T17720] ? __lock_acquire+0x15a9/0x3c40 [ 661.406273][T17720] lock_acquire.part.0+0x11b/0x380 [ 661.411388][T17720] ? do_ipv6_setsockopt+0x1f4d/0x4660 [ 661.416764][T17720] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 661.422582][T17720] ? rcu_is_watching+0x12/0xc0 [ 661.427344][T17720] ? trace_lock_acquire+0x14e/0x1f0 [ 661.432544][T17720] ? do_ipv6_setsockopt+0x1f4d/0x4660 [ 661.438006][T17720] ? lock_acquire+0x2f/0xb0 [ 661.442505][T17720] ? do_ipv6_setsockopt+0x1f4d/0x4660 [ 661.447906][T17720] __mutex_lock+0x19b/0xa60 [ 661.452407][T17720] ? do_ipv6_setsockopt+0x1f4d/0x4660 [ 661.457784][T17720] ? __pfx_mark_lock+0x10/0x10 [ 661.462558][T17720] ? do_ipv6_setsockopt+0x1f4d/0x4660 [ 661.467931][T17720] ? __pfx___mutex_lock+0x10/0x10 [ 661.472951][T17720] ? __pfx_register_lock_class+0x10/0x10 [ 661.478592][T17720] ? finish_task_switch.isra.0+0x217/0xcc0 [ 661.484410][T17720] ? __switch_to+0x749/0x1190 [ 661.489091][T17720] ? hlock_class+0x4e/0x130 [ 661.493601][T17720] ? do_ipv6_setsockopt+0x1f4d/0x4660 [ 661.498976][T17720] ? rtnl_lock+0x9/0x20 [ 661.503140][T17720] do_ipv6_setsockopt+0x1f4d/0x4660 [ 661.508359][T17720] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 661.513905][T17720] ? lock_acquire.part.0+0x11b/0x380 [ 661.519212][T17720] ? __mutex_trylock_common+0xea/0x250 [ 661.524685][T17720] ? __pfx___mutex_trylock_common+0x10/0x10 [ 661.530674][T17720] ? smc_setsockopt+0x101/0xc00 [ 661.535580][T17720] ? rcu_is_watching+0x12/0xc0 [ 661.540345][T17720] ? trace_contention_end+0xee/0x140 [ 661.545656][T17720] ? __mutex_lock+0x1cc/0xa60 [ 661.550343][T17720] ? __pfx___futex_wait+0x10/0x10 [ 661.555368][T17720] ? smc_setsockopt+0x101/0xc00 [ 661.560238][T17720] ? __pfx___mutex_lock+0x10/0x10 [ 661.565282][T17720] ? ipv6_setsockopt+0xcb/0x170 [ 661.570220][T17720] ipv6_setsockopt+0xcb/0x170 [ 661.574897][T17720] tcp_setsockopt+0xa4/0x100 [ 661.579485][T17720] smc_setsockopt+0x1b4/0xc00 [ 661.584165][T17720] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 661.590075][T17720] ? __pfx_smc_setsockopt+0x10/0x10 [ 661.595278][T17720] ? __pfx_smc_setsockopt+0x10/0x10 [ 661.600506][T17720] do_sock_setsockopt+0x222/0x480 [ 661.605577][T17720] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 661.611124][T17720] ? lock_acquire+0x2f/0xb0 [ 661.615622][T17720] __sys_setsockopt+0x1a0/0x230 [ 661.620560][T17720] __x64_sys_setsockopt+0xbd/0x160 [ 661.625673][T17720] ? do_syscall_64+0x91/0x250 [ 661.630373][T17720] ? lockdep_hardirqs_on+0x7c/0x110 [ 661.635589][T17720] do_syscall_64+0xcd/0x250 [ 661.640117][T17720] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 661.646028][T17720] RIP: 0033:0x7f1158f85d19 [ 661.650446][T17720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 661.670053][T17720] RSP: 002b:00007f1159d41038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 661.678485][T17720] RAX: ffffffffffffffda RBX: 00007f1159175fa0 RCX: 00007f1158f85d19 [ 661.686451][T17720] RDX: 000000000000001b RSI: 0000000000000029 RDI: 0000000000000003 [ 661.694413][T17720] RBP: 00007f1159001a20 R08: 0000000000000201 R09: 0000000000000000 [ 661.702386][T17720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 661.710361][T17720] R13: 0000000000000000 R14: 00007f1159175fa0 R15: 00007ffdb70a7e08 [ 661.718331][T17720]