last executing test programs: 10m46.040797805s ago: executing program 3 (id=154): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x3fd, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) ioctl$auto(r0, 0xc0045103, 0x3) 10m45.613085225s ago: executing program 3 (id=157): r0 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/cpu/vulnerabilities/meltdown\x00', 0x40400, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000040), r0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000001bc0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10c20080}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40090}, 0x40010) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000b00)=""/4077, 0xffd0) sendmsg$auto_MACSEC_CMD_DEL_RXSC(0xffffffffffffffff, 0x0, 0x80) ppoll$auto(&(0x7f0000000080)={0xffffffffffffffff, 0x11b, 0xf}, 0xc, 0x0, 0x0, 0x8) prctl$auto(0x3e, 0x1, 0x0, 0xfffffffffffffffd, 0x0) mmap$auto(0x40000000000, 0x4020009, 0xdc, 0xeb1, 0x402, 0x8000) close_range$auto(0x0, 0xfffffffffffff001, 0x2) lstat$auto(0x0, &(0x7f0000001b00)={0x2, 0x5, 0x9, 0x63, 0x0, 0x0, 0x0, 0x0, 0x7, 0x800000000000007, 0x40000402, 0xa, 0x9, 0xffffffff80000000, 0x9, 0x7, 0x3}) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x89fc, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) r4 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/meminfo\x00', 0x0, 0x0) r5 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000001c40), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001cc0)={'dvmrp1\x00', 0x0}) sendmsg$auto_NCSI_CMD_SET_PACKAGE_MASK(r3, &(0x7f0000003f00)={&(0x7f0000001c00)={0x10, 0x0, 0x0, 0x208110}, 0xc, &(0x7f0000003ec0)={&(0x7f0000003f40)=ANY=[@ANYBLOB="6c1f0000", @ANYRES16=r5, @ANYBLOB="00032bbd7000fcdbdf2505000000080008000000000008000100", @ANYRES32=0x0, @ANYRES32=r2, @ANYRES32=r6, @ANYRES8=r2, @ANYRES16=r4, @ANYBLOB="3d52bfd76cb81a69d685ade19180f192e0b69870a76f2efb01f6c7bbebbb7b2c9c77b5263894eeb4aeca0ae2c9b54d5113bd8d6dd9a7e05958f757e2768ddfd205041fe84c74146648698d6db4c8ae52d92f8b9d37a5c92b6714da01137f38bd2867f224a5c80719f36978e6bde8fcf3c8a9eb0e9cf0c8174ceed3d6b38f61afa095623a7a91a35228269369b16e8ce6c857afd709ecea37ab9bbf58937b2c7093f3b418aad4d0676e26d5af5f001a32c608000300e10e0000"], 0x1f6c}, 0x1, 0x0, 0x0, 0x440c0}, 0x4000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) ppoll$auto(&(0x7f00000000c0)={r4, 0xf81, 0x27f}, 0x3, 0x0, 0x0, 0x8) r8 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/wlan1/forwarding\x00', 0x202, 0x0) socket(0x2, 0x6, 0x0) listen$auto(0x3, 0x400000) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) sendfile$auto(r8, r7, 0x0, 0x401) read$auto_ctl_device_fops_user(0xffffffffffffffff, &(0x7f0000001d00)=""/4096, 0x1000) read$auto_snd_ctl_f_ops_control(r0, &(0x7f0000000100)=""/4096, 0x1000) 10m45.055737678s ago: executing program 3 (id=165): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x3fd, 0x8000) syz_clone3(&(0x7f0000001200)={0x200c0000, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) ioctl$auto(r0, 0xc0045103, 0x3) 10m44.523350677s ago: executing program 3 (id=171): r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi15\x00', 0x802, 0x0) ppoll$auto(&(0x7f0000000040)={r0, 0x5, 0xf}, 0x4, 0x0, 0x0, 0x8) flock$auto(r0, 0x7) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/swradio4\x00', 0x4080, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x83f2, 0x8000, 0x7) 10m44.303173294s ago: executing program 3 (id=172): r0 = socket(0x25, 0x4, 0x4) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) close_range$auto(0x2, 0xfffffffffffff000, 0x2) io_cancel$auto(0x5, &(0x7f0000000040)={0x7, 0x2, 0x5, 0x1, 0x2, 0xffffffffffffffff, 0xfffffffffffffffa, 0x0, 0x4, 0x0, 0x8}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8000, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000003700)={0x0, 0x0, &(0x7f00000036c0)={0x0, 0x28}, 0x1, 0x0, 0x0, 0x4880}, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) ioctl$auto(0x3, 0x40084d02, 0xb2e8) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x9, &(0x7f00000001c0)=@test={r0, 0x10000, 0x7, 0x1000, 0x101, 0x0, 0x0, 0xfff, 0x10000, 0x8, 0x7fc00000000, 0x4, 0x4, 0x2}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/kernel/perf_event_max_contexts_per_stack\x00', 0x82, 0x0) read$auto(0x3, 0x0, 0x80) write$auto(0x3, 0x0, 0xfdf2) 10m43.918362261s ago: executing program 3 (id=173): statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x1ff, 0x7, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x80003, 0x4, 0x200000000001, 0xb4, 0x9, 0x8, 0x10006, 0x4000080, 0x0, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84, [0x3, 0x2, 0x0, 0x2, 0x0, 0x2000, 0x0, 0xe, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x8, 0x0, 0x6, 0x0, 0xfffffffffffbfffd, 0x2000000000000004, 0x10000000000001, 0x10000000000, 0xffffffffffffffff, 0x4, 0xfffffffffffffe00, 0x0, 0x0, 0x1005, 0x400000000005b8, 0xffff, 0x0, 0x100, 0x0, 0x6, 0x2, 0x88e, 0x40, 0xfffffffffffffffc, 0x8, 0xa38, 0x0, 0x3, 0xfffffffffffffffc, 0x2, 0x8, 0x7, 0xc567]}, 0x1fe, 0xd) (async) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x1ff, 0x7, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x80003, 0x4, 0x200000000001, 0xb4, 0x9, 0x8, 0x10006, 0x4000080, 0x0, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84, [0x3, 0x2, 0x0, 0x2, 0x0, 0x2000, 0x0, 0xe, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x8, 0x0, 0x6, 0x0, 0xfffffffffffbfffd, 0x2000000000000004, 0x10000000000001, 0x10000000000, 0xffffffffffffffff, 0x4, 0xfffffffffffffe00, 0x0, 0x0, 0x1005, 0x400000000005b8, 0xffff, 0x0, 0x100, 0x0, 0x6, 0x2, 0x88e, 0x40, 0xfffffffffffffffc, 0x8, 0xa38, 0x0, 0x3, 0xfffffffffffffffc, 0x2, 0x8, 0x7, 0xc567]}, 0x1fe, 0xd) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) (async) r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r0, 0xfffffffffffffd08, &(0x7f00000001c0)) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) (async) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) mmap$auto(0x4, 0x80000001, 0xc000000000de, 0x40eb2, 0x402, 0x300000000000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00') r4 = socket(0x10, 0x2, 0x0) socket(0x2, 0x801, 0x106) (async) socket(0x2, 0x801, 0x106) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) (async) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) open(0x0, 0x22240, 0x154) (async) r5 = open(0x0, 0x22240, 0x154) syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff) getpid() sendmsg$auto_NL80211_CMD_SET_SAR_SPECS(r5, 0x0, 0x4) connect$auto(0x3, &(0x7f0000000140), 0x55) io_uring_setup$auto(0x6, 0x0) (async) io_uring_setup$auto(0x6, 0x0) writev$auto(0x7fffffff, &(0x7f00000005c0)={&(0x7f0000000500)="6dadb6461b61649e8950986716ab4eb1e90c19a9480fb3158fe987e6ce188173a621952b7943b56c3db93deb49c99778d628456585e9eb3679173515cf75a707c324f2d2701a873820db0c68c1e39d327c120799cd711c6ba1c8da8a806c9045a2e559e0a15d874e75e5eb22757c10d5e188e46f8b2a38cd4783ac6f389d9b5fcae588aa73ae8fb9685acf25f646b7ce1ab6d7d6fab33541ec7bfa1525fe85d01ead904d162a08387699628a", 0x2}, 0x9) pipe2$auto(&(0x7f0000000380)=r1, 0xffffffff) (async) pipe2$auto(&(0x7f0000000380)=r1, 0xffffffff) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000400), r5) (async) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000400), r5) sendmsg$auto_NL80211_CMD_GET_STATION(r6, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x18, r7, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@NL80211_ATTR_TWT_RESPONDER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000}, 0x20044004) setsockopt$auto(0x3, 0x1, 0x24, 0x0, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r8 = syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NLBL_UNLABEL_C_STATICLIST(r4, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000180)={&(0x7f0000000600)={0xbc, r8, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x2b}}, @NLBL_UNLABEL_A_SECCTX={0x96, 0x7, "f625973328bd3d3f5eeba8a9db30f6e9427fbf005265f1835cd522084dc34dc54b5442d107dc197a9f258ebcfc2c0b55a14825102fcfea5a596a8343596c7e2273c302493f8ee75a195990a775f3928f8af53b40ed84add4f9becb43e9d92d26418654d5dda020df42f255a770522d97db041354b327346817474dff352bdfcb5a4925719a2ac17584654ca29f98f6c4f136"}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @empty}]}, 0xbc}}, 0x81) (async) sendmsg$auto_NLBL_UNLABEL_C_STATICLIST(r4, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000180)={&(0x7f0000000600)={0xbc, r8, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x2b}}, @NLBL_UNLABEL_A_SECCTX={0x96, 0x7, "f625973328bd3d3f5eeba8a9db30f6e9427fbf005265f1835cd522084dc34dc54b5442d107dc197a9f258ebcfc2c0b55a14825102fcfea5a596a8343596c7e2273c302493f8ee75a195990a775f3928f8af53b40ed84add4f9becb43e9d92d26418654d5dda020df42f255a770522d97db041354b327346817474dff352bdfcb5a4925719a2ac17584654ca29f98f6c4f136"}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @empty}]}, 0xbc}}, 0x81) getdents64$auto(r3, 0x0, 0x6000d) ioctl$auto(r2, 0x400c4d01, 0x2) 10m28.666562146s ago: executing program 32 (id=173): statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x1ff, 0x7, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x80003, 0x4, 0x200000000001, 0xb4, 0x9, 0x8, 0x10006, 0x4000080, 0x0, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84, [0x3, 0x2, 0x0, 0x2, 0x0, 0x2000, 0x0, 0xe, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x8, 0x0, 0x6, 0x0, 0xfffffffffffbfffd, 0x2000000000000004, 0x10000000000001, 0x10000000000, 0xffffffffffffffff, 0x4, 0xfffffffffffffe00, 0x0, 0x0, 0x1005, 0x400000000005b8, 0xffff, 0x0, 0x100, 0x0, 0x6, 0x2, 0x88e, 0x40, 0xfffffffffffffffc, 0x8, 0xa38, 0x0, 0x3, 0xfffffffffffffffc, 0x2, 0x8, 0x7, 0xc567]}, 0x1fe, 0xd) (async) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x1ff, 0x7, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x80003, 0x4, 0x200000000001, 0xb4, 0x9, 0x8, 0x10006, 0x4000080, 0x0, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84, [0x3, 0x2, 0x0, 0x2, 0x0, 0x2000, 0x0, 0xe, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x8, 0x0, 0x6, 0x0, 0xfffffffffffbfffd, 0x2000000000000004, 0x10000000000001, 0x10000000000, 0xffffffffffffffff, 0x4, 0xfffffffffffffe00, 0x0, 0x0, 0x1005, 0x400000000005b8, 0xffff, 0x0, 0x100, 0x0, 0x6, 0x2, 0x88e, 0x40, 0xfffffffffffffffc, 0x8, 0xa38, 0x0, 0x3, 0xfffffffffffffffc, 0x2, 0x8, 0x7, 0xc567]}, 0x1fe, 0xd) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) (async) r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r0, 0xfffffffffffffd08, &(0x7f00000001c0)) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) (async) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) mmap$auto(0x4, 0x80000001, 0xc000000000de, 0x40eb2, 0x402, 0x300000000000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00') r4 = socket(0x10, 0x2, 0x0) socket(0x2, 0x801, 0x106) (async) socket(0x2, 0x801, 0x106) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) (async) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) open(0x0, 0x22240, 0x154) (async) r5 = open(0x0, 0x22240, 0x154) syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff) getpid() sendmsg$auto_NL80211_CMD_SET_SAR_SPECS(r5, 0x0, 0x4) connect$auto(0x3, &(0x7f0000000140), 0x55) io_uring_setup$auto(0x6, 0x0) (async) io_uring_setup$auto(0x6, 0x0) writev$auto(0x7fffffff, &(0x7f00000005c0)={&(0x7f0000000500)="6dadb6461b61649e8950986716ab4eb1e90c19a9480fb3158fe987e6ce188173a621952b7943b56c3db93deb49c99778d628456585e9eb3679173515cf75a707c324f2d2701a873820db0c68c1e39d327c120799cd711c6ba1c8da8a806c9045a2e559e0a15d874e75e5eb22757c10d5e188e46f8b2a38cd4783ac6f389d9b5fcae588aa73ae8fb9685acf25f646b7ce1ab6d7d6fab33541ec7bfa1525fe85d01ead904d162a08387699628a", 0x2}, 0x9) pipe2$auto(&(0x7f0000000380)=r1, 0xffffffff) (async) pipe2$auto(&(0x7f0000000380)=r1, 0xffffffff) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000400), r5) (async) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000400), r5) sendmsg$auto_NL80211_CMD_GET_STATION(r6, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x18, r7, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@NL80211_ATTR_TWT_RESPONDER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000}, 0x20044004) setsockopt$auto(0x3, 0x1, 0x24, 0x0, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r8 = syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NLBL_UNLABEL_C_STATICLIST(r4, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000180)={&(0x7f0000000600)={0xbc, r8, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x2b}}, @NLBL_UNLABEL_A_SECCTX={0x96, 0x7, "f625973328bd3d3f5eeba8a9db30f6e9427fbf005265f1835cd522084dc34dc54b5442d107dc197a9f258ebcfc2c0b55a14825102fcfea5a596a8343596c7e2273c302493f8ee75a195990a775f3928f8af53b40ed84add4f9becb43e9d92d26418654d5dda020df42f255a770522d97db041354b327346817474dff352bdfcb5a4925719a2ac17584654ca29f98f6c4f136"}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @empty}]}, 0xbc}}, 0x81) (async) sendmsg$auto_NLBL_UNLABEL_C_STATICLIST(r4, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000180)={&(0x7f0000000600)={0xbc, r8, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x2b}}, @NLBL_UNLABEL_A_SECCTX={0x96, 0x7, "f625973328bd3d3f5eeba8a9db30f6e9427fbf005265f1835cd522084dc34dc54b5442d107dc197a9f258ebcfc2c0b55a14825102fcfea5a596a8343596c7e2273c302493f8ee75a195990a775f3928f8af53b40ed84add4f9becb43e9d92d26418654d5dda020df42f255a770522d97db041354b327346817474dff352bdfcb5a4925719a2ac17584654ca29f98f6c4f136"}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @empty}]}, 0xbc}}, 0x81) getdents64$auto(r3, 0x0, 0x6000d) ioctl$auto(r2, 0x400c4d01, 0x2) 7m38.583836727s ago: executing program 2 (id=1016): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x23, 0x80803, 0xeba) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) shutdown$auto(0x200000003, 0x2) read$auto(0x3, 0x0, 0x80) setuid$auto(0x800000000008) socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4001, @loopback}, 0x6b) r0 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)={0x44, r0, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@ETHTOOL_A_FEATURES_WANTED={0x18, 0x3, 0x0, 0x1, [@nested={0x14, 0x3, 0x0, 0x1, [@nested={0x10, 0xb0, 0x0, 0x1, [@typed={0xc, 0x82, 0x0, 0x0, @str='ethtool\x00'}]}]}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x24004840}, 0x4000000) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) shutdown$auto(0x200000003, 0x2) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xc01) r1 = socket(0x2, 0x1, 0x0) listen$auto(0x3, 0x81) setsockopt$auto(r1, 0x6, 0x13, 0x0, 0x3d) 7m37.390990308s ago: executing program 2 (id=1022): r0 = socket(0x25, 0x4, 0x4) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) close_range$auto(0x2, 0xfffffffffffff000, 0x2) io_cancel$auto(0x5, &(0x7f0000000040)={0x7, 0x2, 0x5, 0x1, 0x2, 0xffffffffffffffff, 0xfffffffffffffffa, 0x0, 0x4, 0x0, 0x8}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8000, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000003700)={0x0, 0x0, &(0x7f00000036c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fb005f005cb6235b23000000045056d5cb"], 0x28}, 0x1, 0x0, 0x0, 0x4880}, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) ioctl$auto(0x3, 0x40084d02, 0xb2e8) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x9, &(0x7f00000001c0)=@test={r0, 0x10000, 0x7, 0x1000, 0x101, 0x0, 0x0, 0xfff, 0x10000, 0x8, 0x7fc00000000, 0x4, 0x4, 0x2}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c0001"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/kernel/perf_event_max_contexts_per_stack\x00', 0x82, 0x0) read$auto(0x3, 0x0, 0x80) write$auto(0x3, 0x0, 0xfdf2) 7m37.218432508s ago: executing program 2 (id=1025): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/mtd/mtd0/flags\x00', 0x1c9440, 0x0) msgrcv$auto(0x0, 0x0, 0xffc, 0x1, 0xb1) msgctl$auto(0x0, 0x0, 0x0) keyctl$auto(0xb88, 0xfffffffffffffffe, 0xf3e9, 0x7, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000003480)=""/247, 0xf7) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000001640), r1) close_range$auto(0x2, 0xa, 0x0) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/tracing/tracing_cpumask\x00', 0x800, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0) shutdown$auto(0x200000003, 0x2) read$auto(r2, &(0x7f0000000180)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x7) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000140), 0x382, 0x0) write$auto(0x3, 0x0, 0xfdef) 7m35.985445882s ago: executing program 2 (id=1029): open(&(0x7f0000001bc0)='./file0\x00', 0x4140, 0x0) mount$auto(0x0, 0x0, &(0x7f0000001540)='cifs\x00', 0x8002, &(0x7f00000001c0)) 7m35.722497782s ago: executing program 2 (id=1031): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x800, 0x10, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32, @ANYBLOB="08000200", @ANYRES32=0x0, @ANYBLOB="e00013"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000001900), 0xffffffffffffffff) fcntl$auto(0x0, 0x407, 0xffffffff80000000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 7m34.79376016s ago: executing program 2 (id=1036): mprotect$auto(0x1ffff000, 0x4000000, 0x4) ioperm$auto(0xc5, 0x3, 0xc115) syz_clone3(&(0x7f0000001200)={0x200c0000, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x58) 7m34.413089711s ago: executing program 33 (id=1036): mprotect$auto(0x1ffff000, 0x4000000, 0x4) ioperm$auto(0xc5, 0x3, 0xc115) syz_clone3(&(0x7f0000001200)={0x200c0000, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x58) 7m9.718986965s ago: executing program 1 (id=1118): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x3, 0x6) mmap$auto(0x0, 0xa96, 0xdf, 0x1000000eb1, 0x401, 0x8000) io_uring_setup$auto(0x4, 0x0) r2 = openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) read$auto_dvb_dvr_fops_dmxdev(r2, &(0x7f0000000080)=""/207, 0xcf) close_range$auto(r1, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/node/node0/meminfo\x00', 0x800, 0x0) r3 = openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000340), 0x2000, 0x0) read$auto_dvb_dvr_fops_dmxdev(r3, &(0x7f0000000380)=""/4096, 0x1000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/clients\x00', 0x280, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000001380), r4) r5 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/keycreate\x00', 0x109001, 0x0) write$auto_proc_pid_attr_operations_base(r5, 0x0, 0x0) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vhci_hcd.5/usb19/19-0:1.0/usb19-port2/disable\x00', 0x40000, 0x0) sendto$auto(r2, &(0x7f0000000200)="871ff64f91e5ab0cb669128294406c128943c5ffe256df225d718cb56945304a0293c231c6c449971eef962abfc02a6c5eb97b39c7a3461355366748c0eb92d6386e3e2afe503b40e0dd185c7e6e778826b10d152e1234043c0f6bfd99250a3f2d568c8bfc970d958dea47d9595549c0698ce005f00f3e8777bd6f97c9e29e2178b5", 0x2, 0x9, &(0x7f00000002c0)=@nfc={0x27, 0x0, 0xffffffffffffffff, 0x4}, 0x7fffffff) sendmsg$auto_ETHTOOL_MSG_RSS_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c0095ec207bad310000", @ANYRES16=r6, @ANYBLOB="08002bbc7000fedbdf252600000008000700ffffff7f"], 0x1c}, 0x1, 0x0, 0x0, 0x8086}, 0x4010) 7m8.56859464s ago: executing program 1 (id=1121): ioperm$auto(0x7, 0xfffb, 0xd9) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x20840, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) writev$auto(0x2, 0xfffffffffffffffe, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x101202, 0x0) write$auto(r0, 0x0, 0xffff) ioperm$auto(0x7, 0x6, 0x2) r1 = socket(0xa, 0x801, 0x84) sendmsg$auto_GTP_CMD_NEWPDP(r1, 0x0, 0x4000804) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000c40), r2) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x0, 0xffffffffffffffff, 0x801, 0x10008, 0x400, 0x1000049, 0xffffffffffffffff, 0xe975, 0x3}, 0x6f3) ioctl$auto_def_blk_fops_fs(0xffffffffffffffff, 0x125f, 0x0) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 7m8.291028186s ago: executing program 1 (id=1123): unshare$auto(0xb0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x8, &(0x7f0000000040)={0x5, 0x49, 0x2, 0xb, 0x9, 0xffffffff, 0xffffffffffffffff, [0x4, 0x2], {0xe4, 0x7, 0x9, 0x200, 0x6, 0x8, 0x8, 0x3, 0x5}, {0x9, 0x131, 0x39b1d926, 0x3, 0x7, 0x2, 0x4, 0x1, 0x5}}) syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000000), r0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) sendmsg$auto_IEEE802154_LLSEC_LIST_KEY(0xffffffffffffffff, 0x0, 0x24000000) socket(0x11, 0x800, 0x303) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) clock_gettime$auto(0x1, 0x0) unshare$auto(0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0x800, 0x10000c5, 0x0, 0x40eb2, 0x402, 0x300000000000) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB="88000000", @ANYRES16=r1, @ANYBLOB="010029b1d46a6bdbdf25160000000500040006000000050003000400000028000180080003008d05000008000100", @ANYRES32=0x0, @ANYBLOB="1400020070696d367265670000000000000000003400018008000300ffffffff14000200766574683100000000000000000000001400020076657468305f746f5f7465616d000000050004000b000000"], 0x88}, 0x1, 0x0, 0x0, 0x10}, 0x4040000) setresgid$auto(0x9, 0x8, 0x400) ioperm$auto(0xc5, 0x4, 0x2) sethostname$auto(&(0x7f0000000140)='\x00', 0x1) r2 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x10a) unshare$auto(0x80) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0xfffffffd) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_netdev(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="000126bd704cc44c62caaa62c9772506aa78a5e4296aa1b3e18b8ecc4edb02634931e544e7e34f9f0659a58c43d4491aa0d77ab7a532ce019112000000000000000746c73e9c219507ec6a1a11573a7f3d23ac4cf59a86002c0b98214108567b6cca1b299f48efceaf482ef1ffa46711ff295a51f3fe5500000000"], 0x14}, 0x1, 0x0, 0x0, 0x8810}, 0x0) unshare$auto(0x80) open_by_handle_at$auto(r2, &(0x7f0000000040)={0x4, 0x2, "06000000"}, 0x2) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/consoles\x00', 0x0, 0x0) read$auto_proc_iter_file_ops_compat_inode(r5, &(0x7f0000000180)=""/250, 0xfa) 7m7.199644744s ago: executing program 1 (id=1125): open(&(0x7f0000001bc0)='./file0\x00', 0x4140, 0x0) mount$auto(0x0, &(0x7f0000001500)='./file0\x00', &(0x7f0000001540)='cifs\x00', 0x8002, &(0x7f00000001c0)) 7m6.901213965s ago: executing program 1 (id=1127): open(&(0x7f0000001bc0)='./file0\x00', 0x4140, 0x0) mount$auto(0x0, &(0x7f0000001500)='./file0\x00', &(0x7f0000001540)='cifs\x00', 0x8002, &(0x7f00000001c0)) (fail_nth: 3) 7m6.365157436s ago: executing program 1 (id=1130): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0x8000000000f54, 0x0, 0x0, 0x0, 0x8000000000000000) (async) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x48001, 0x0) (async) write$auto(0x3, 0x0, 0xfffffdef) 6m50.417636216s ago: executing program 34 (id=1130): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0x8000000000f54, 0x0, 0x0, 0x0, 0x8000000000000000) (async) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x48001, 0x0) (async) write$auto(0x3, 0x0, 0xfffffdef) 3m54.169162698s ago: executing program 6 (id=1925): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/netstat\x00', 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000540), r1) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_DELETE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)={0x1c, r2, 0x9, 0x70bd27, 0x25dfdbfb, {}, [@NET_SHAPER_A_IFINDEX={0x8, 0x8, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44000}, 0xc050) pread64$auto(r0, 0x0, 0x8, 0x8000) 3m53.802708493s ago: executing program 6 (id=1927): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x642, 0x0) ioctl$auto(r0, 0x0, 0x90b3) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) madvise$auto(0x0, 0x80000001, 0x8) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x1, 0x9, 0x17, 0x6b5f7c73, 0x9) mseal$auto(0x101, 0x2, 0x1) write$auto(0x3, 0x0, 0xfffffdf3) close_range$auto(0x2, r0, 0x0) madvise$auto(0x8, 0x2, 0xe) 3m53.137231552s ago: executing program 6 (id=1930): ioperm$auto(0x7, 0xfffb, 0xd9) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x20840, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) writev$auto(0x2, 0xfffffffffffffffe, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x101202, 0x0) write$auto(r0, 0x0, 0xffff) ioperm$auto(0x7, 0x6, 0x2) r1 = socket(0xa, 0x801, 0x84) sendmsg$auto_GTP_CMD_NEWPDP(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4000804) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000c40), r2) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x0, 0xffffffffffffffff, 0x801, 0x10008, 0x400, 0x1000049, 0xffffffffffffffff, 0xe975, 0x3}, 0x6f3) ioctl$auto_def_blk_fops_fs(0xffffffffffffffff, 0x125f, 0x0) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3m52.992457526s ago: executing program 6 (id=1931): mmap$auto(0x0, 0x20000a, 0xffffffffffffffff, 0x40eb1, 0x602, 0x300000000000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x1a9382, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) write$auto(0x3, 0x0, 0xfffffdef) write$auto(r0, 0x0, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x0) read$auto(r1, 0x0, 0x1) r2 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) openat$auto_fops_atomic_t_(0xffffffffffffff9c, 0x0, 0x240, 0x0) write$auto_proc_clear_refs_operations_internal(r2, 0x0, 0xffffff4b) io_uring_setup$auto(0x0, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) r3 = gettid() mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r4 = socket(0xa, 0x801, 0x84) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x80800, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/reboot/cpu\x00', 0x4, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) acct$auto(&(0x7f0000000000)='/sys/devices/platform/i8042/serio1/resync_time\x00') acct$auto(0x0) read$auto(0x3, 0x0, 0x400000) r5 = syz_genetlink_get_family_id$auto_cifs(&(0x7f0000000080), r4) sendmsg$auto_CIFS_GENL_CMD_SWN_NOTIFY(r4, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r5, 0x20, 0x70bd2b, 0x25dfdbfb, {}, [@CIFS_GENL_ATTR_SWN_IP_NOTIFY={0x4}, @CIFS_GENL_ATTR_SWN_KRB_AUTH={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x14) r6 = getpgrp(r3) syz_open_procfs$namespace(r6, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) 3m52.750337016s ago: executing program 6 (id=1933): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x401, 0x7, 0x3, 0xc85e, 0xe4b, 0x8) (async) socket(0x1e, 0x805, 0x0) (async) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) timerfd_create$auto(0x9, 0x0) semctl$auto(0x1ff, 0x2, 0x13, 0x4) (async) ioctl$auto(0x3, 0x40085400, 0x5) (async) ioprio_set$auto(0x2, 0x800000000, 0x8) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0xfff5}, 0x5, 0xffffffffffffffff, 0x7, 0x2e) (async) ioctl$auto(0x3, 0x40045132, 0x4) (async) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async) io_uring_setup$auto(0x1, 0x0) (async) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) clone$auto(0xd2d4, 0x101, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd) (async) fsopen$auto(&(0x7f00000001c0)='nfsd\x00', 0x1) (async) tkill$auto(0x1, 0x7) (async) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x40, 0x0) 3m51.913099038s ago: executing program 6 (id=1939): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x4, 0x80000000, 0x5, 0x7f, 0x1, 0xffffffff) write$auto(0x3, 0x0, 0xffd8) socket(0xa, 0x6, 0x0) r0 = openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x38020, 0x0) read$auto_ftrace_avail_fops_trace_events(r0, &(0x7f0000001200)=""/4096, 0x1000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x2, 0xffffffff80000000, 0x180000000, 0x111, 0x4, 0x1) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) mmap$auto(0x7f, 0x7, 0x2, 0x18, 0x6e, 0x3) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f0, 0x8) read$auto(0x3, 0x0, 0x80) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8010000, &(0x7f00000002c0)={0x0, 0xa}, 0x1, 0x0, 0xe, 0xfffffff7}, 0x9}, 0x10001, 0x800) 3m51.456562892s ago: executing program 35 (id=1939): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x4, 0x80000000, 0x5, 0x7f, 0x1, 0xffffffff) write$auto(0x3, 0x0, 0xffd8) socket(0xa, 0x6, 0x0) r0 = openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x38020, 0x0) read$auto_ftrace_avail_fops_trace_events(r0, &(0x7f0000001200)=""/4096, 0x1000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x2, 0xffffffff80000000, 0x180000000, 0x111, 0x4, 0x1) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) mmap$auto(0x7f, 0x7, 0x2, 0x18, 0x6e, 0x3) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f0, 0x8) read$auto(0x3, 0x0, 0x80) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8010000, &(0x7f00000002c0)={0x0, 0xa}, 0x1, 0x0, 0xe, 0xfffffff7}, 0x9}, 0x10001, 0x800) 14.406105519s ago: executing program 0 (id=2785): mmap$auto(0x7, 0x7, 0x41, 0x12, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="3ae90f7c", @ANYRES16=0x0, @ANYBLOB="01002bbd7000ffdbdf2502"], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090) (async) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="3ae90f7c", @ANYRES16=0x0, @ANYBLOB="01002bbd7000ffdbdf2502"], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) write$auto(0x3, 0x0, 0xfffffdef) socket(0xa, 0x801, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) msync$auto(0x0, 0x5, 0x6) mmap$auto(0x4de4, 0x3, 0xdf, 0x8000009b72, 0x2, 0x8000) (async) mmap$auto(0x4de4, 0x3, 0xdf, 0x8000009b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="cac400804813d9c61002113a81e99d072757190b300b9299a196595cebaeb328a63069a133def1790b49baaef0e99295b443f0c19a734f013c54c7d5d9e98955a656eaa9d134d79830a44c25d7dc514303ba24d78f60995570", @ANYRES16=r3, @ANYBLOB="000026bd7020f8dbdf2501000000"], 0x14}, 0x1, 0x0, 0x0, 0x4040811}, 0x880) r4 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) (async) r6 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="1b0026bd7000fddbdf2503000000040008001c00038008000600", @ANYRES32=r5, @ANYBLOB="0f000d006f76735f7061636b6574000012000100898771f1c19f177904859082c9693560040002"], 0x4c}, 0x1, 0x0, 0x0, 0x20048807}, 0xc800) (async) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="1b0026bd7000fddbdf2503000000040008001c00038008000600", @ANYRES32=r5, @ANYBLOB="0f000d006f76735f7061636b6574000012000100898771f1c19f177904859082c9693560040002"], 0x4c}, 0x1, 0x0, 0x0, 0x20048807}, 0xc800) socket$nl_generic(0x10, 0x3, 0x10) (async) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_DEL(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) socket(0x18, 0x5, 0x0) (async) r8 = socket(0x18, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x80047437, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r8, 0x80047437, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) (async) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) fcntl$auto(0xffffffffffffffff, 0x401, 0x5) 12.939726442s ago: executing program 4 (id=2793): mmap$auto(0x2, 0xfffffffffffffff8, 0x1000, 0x11, 0xffffffffffffffdd, 0x7) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/user/max_fanotify_groups\x00', 0x200, 0x0) 12.732968461s ago: executing program 4 (id=2794): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x2, 0xd, 0xdc, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2c, 0x3, 0x6) socket(0x2b, 0x1, 0x1) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) io_setup$auto(0x7ffe, &(0x7f0000000000)) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x1e, 0x4, 0x0) r1 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x14) ioctl$auto(r0, 0x2, 0x4) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4, 0x4000000020df, 0x40eb2, 0x402, 0x300000000000) capset$auto(0x0, 0x0) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x6, 0x5, 0x2c, 0x2c, 0x0, 0x2}) io_setup$auto(0x7ffe, &(0x7f0000000000)) socket(0x15, 0xa, 0x300) pwrite64$auto(0xc8, &(0x7f0000000200)='\vX\xb5n\x91p\xe6\x9e\xf9\x12\x94\xd1\x1a\v\x0ey\x1eRN8\x99\x86\xdde\x00\x00\x00\x00\x00\x00\x00\x02\xba\xae\xb8-\x14\xe4\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\x00\x00\x9f\x1e\xf6\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9\xc5\x93\x1dD\x811\xb9_\xdd*j\xfd\xeb\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;\x9e\x83\x120\x81\x11\x9a?g`sFh\x00\x00\xda,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xdex\xd8\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xcb\xf8\x05\x8e\x01\xd6\x1b\xa3\tmb\x86\\l\xbb\xd6X\xf9O\x8fC\b\x96\xd7\a\xf6\xe7\x89\xf0e\x92\xe5\xd7\xe9\x98\x1f\x98\x89\x83\x9a\x0f\xb96\x98Gkuz\xb6,j\x15\xec\xb4\xe1\xb9o}\xbe', 0xfdf3, 0x2) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x3, 0x1) io_uring_setup$auto(0x7, 0x0) bind$auto(0xffffffffffffffff, 0x0, 0x2) io_uring_setup$auto(0x6, 0x0) 11.043355318s ago: executing program 4 (id=2797): msgctl$auto(0x0, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/netstat\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0x8, 0x8000) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="8b05c1492387618cc9c9adb219065020fe4411ce22063374bee65e0e01fd943ecd76aed361f05cad03ab45cce55739ef22bb6001fb88378c79fc22b27e3b699c5607eedfc0e24a71abf888f23b863ea2bc89e3121a05db7e75f9bcef61b89cbb5d7ee538d364567d8346a1aff2a402cee09ccd75f7d1dcdd9f55adf0d10dfecbd2fdbac1f9fecca0eb7702d2b995a31bd9af44ff4ff0fbb91ea1f257cae9638a46d0aed29c8075773ec1e98b5a11e44b8bf3078300", @ANYBLOB="dfa46ee2816959e2f27cc4368d498bfe55eb2d67d25774867f31e3000091edce0cf39f9e53b2363944d5454eb4144ee126dd3c7c544ccf5f656fe363620e8199dd24006d68d72257ebcf284edbc4d3122ce5e6db8ca426c81d563c33bbe5a089a2065f7bf79f79026fefe6186fbc0ddf81c209bfa285e398b033402cf5ffc7b24b7b23c5eeee4056d416251a0cd7b21685e0cd1997cfbb8f5ca69b0b6d8ebdc5f460c199bf8a1c", @ANYRESDEC=r0, @ANYRESOCT=r1], 0x34}, 0x1, 0x0, 0x0, 0x20000881}, 0x8000) 10.780936971s ago: executing program 0 (id=2798): ioperm$auto(0x7, 0xfffb, 0xd9) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x20840, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) writev$auto(0x2, 0xfffffffffffffffe, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x101202, 0x0) write$auto(r0, 0x0, 0xffff) ioperm$auto(0x7, 0x6, 0x2) r1 = socket(0xa, 0x801, 0x84) sendmsg$auto_GTP_CMD_NEWPDP(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4000804) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000c40), r2) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x0, 0xffffffffffffffff, 0x801, 0x10008, 0x400, 0x1000049, 0xffffffffffffffff, 0xe975, 0x3}, 0x6f3) ioctl$auto_def_blk_fops_fs(0xffffffffffffffff, 0x125f, 0x0) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x3000000) 9.894836279s ago: executing program 0 (id=2800): clone$auto(0x6, 0x1, 0xfffffffffffffffe, 0x0, 0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) clone$auto(0x5, 0x7f, &(0x7f0000000080)=0x9, &(0x7f00000000c0)=0x4, 0x5) mmap$auto(0x7, 0x0, 0xfffffffffffffffe, 0x300000000000094, 0x9, 0x2) r0 = socket(0x8, 0x80003, 0x12a) sendfile$auto(r0, r0, &(0x7f0000000000), 0x64) openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) ioperm$auto(0x2, 0x31c, 0x4) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0xa, 0x2, 0x3a) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x1f, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x80003, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x4, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84, [0x3, 0x2, 0x0, 0x2, 0x0, 0x2000, 0x0, 0xe, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x4000, 0x0, 0x6, 0x0, 0xfffffffffffbfffd, 0x4, 0x1, 0x10000000000, 0xffffffffffffffff, 0x4, 0xfffffffffffffe00, 0x0, 0x0, 0x0, 0x400000000005b8, 0xffff, 0x0, 0x0, 0x0, 0x6, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x0, 0x3, 0xfffffffffffffff9, 0x2, 0x1, 0x4, 0xc567]}, 0x1fe, 0xd) r3 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r3, 0xfffffffffffffd31, &(0x7f00000001c0)) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) getsockopt$auto(0x6, 0x0, 0x60, 0xfffffffffffffffe, 0x0) r4 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f00000003c0), r2) sendmsg$auto_SMC_NETLINK_DISABLE_SEID(r1, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x64, r4, 0x200, 0x70bd2c, 0x25dfdbfc, {}, "dbb34b9d6a5e75cab2031b419d56176fa109dbd9739931a20b9c21c313aed7e3cba437c7fa0a221f67068a8d0a4d348dfae71e83779c8f0d00751f3029c95b5c9329b8a3fe6fcee6f752718c83fdeb"}, 0x64}, 0x1, 0x0, 0x0, 0x80c4}, 0x10) getresgid$auto(&(0x7f0000000a00)=0x3, &(0x7f0000000a40)=0x2, &(0x7f0000000a80)=0x7ff) setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x4) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/arp_tables_targets\x00', 0x1, 0x0) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace\x00', 0x80001, 0x0) 9.522521867s ago: executing program 4 (id=2801): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) timer_create$auto(0x0, 0x0, 0x0) r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_S_MODE(r0, 0x40046109, &(0x7f0000002c40)=0xf0) pipe$auto(0x0) writev$auto(0x8000000000000001, 0x0, 0x7b) close_range$auto(0x2, 0x8, 0x0) 8.891997691s ago: executing program 4 (id=2803): r0 = getuid() shmctl$auto(0x5, 0xa, &(0x7f0000000140)={{0x7fffffff, r0, 0xee01, 0x9, 0x5, 0x1010000, 0x8}, 0x7, 0x7fffffff, 0xfffffffffffff973, 0x5, 0x5, 0xf, 0x8, 0x0, &(0x7f0000000000)="27472e2e9d36a18c2b845c748f4fc1ca54ba1147d2f2bb17f8a7c7ff6052ca1142cdf2bf0df785d5ceb5eb15c73de3624bf7558db8a6511f0ec0d66996548064daf67dc0736ec59dc624c6734edc4fe9025df9db2266806a32bf775053e3211de37e0c06c7a75091", &(0x7f0000000080)="c469f8bc95475f0c054a7e3de2e27a3325802801f55ce61676fb377463be0be9dccb3ffaab03cc3c2e9cf25844f47152f4a032278ae065eb896e6d54f9b70d3f56d129d5a40b5d03db97f7177c5f4cd4b0c89cd104db3eddab4040db9cf7332eb2f6aa5c127a116512cd1906482035c164013274e64bf6fa86222e2391710c3c4626261d08eaf0f4d79cdce1a4ec69cce0dc8784baef0b69ed147aedda7a5a99d5be4b83772689f40023"}) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_hsr(&(0x7f00000001c0), r1) (async) r2 = open(&(0x7f0000000200)='./file0\x00', 0x80800, 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), r1) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, r3, 0x300, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x10) (async) recvmmsg$auto(r1, &(0x7f00000005c0)={{&(0x7f0000000380)="52b2c58d34e9068fbba320f9dfc241148ccd141305025bca39cee2e634176cba1f", 0x2, &(0x7f0000000480)={&(0x7f00000003c0)="f97eb9f849b74ea6c4422c9e0b44205f1493efc491cc49c1e4cc99f714c163a65ff8b28d061184790a5071744207119c1c19abf84e216a2b9c388eefaebe493968054bd57af43db23440637d65531873c9b4765bae77b069a5f57cdf77f456c72453a301fe5b1b105b40a703685fbc31846767adcd718416d4a1667a98432163b2d044764fca3122cdf8a3edecf0bce90f972e3428c22774030903", 0x100000000}, 0x93e7, &(0x7f00000004c0)="2bbae23febb725909b823585e6e2f2ab6724ca13aee565bbc5a3fd452f41dced3e366e6917c100c1d70c91e210342030d52b4aa8fdbc27e5491b959e13263452d1af2a552ff1fc48c8c49e0d68ef7a9470341a428921c50752fbeac625b450a18bcadf06606277768e91165aac0ec16980edbf538594bbf0b9edb35f38e0040e5ad3cc4c832b37ac3909dec1a7a742c9b936796390bd4cd2832e8756b50ba5e2e965cb888f3a2e217a8651418ecc387afac49fec23925147608ab68d14e535577b6f28847a1afeff13786c8022295aad4b89957e95859adc9418687f9df7d0890b094f5da9d9f7627f39ba26f96ad485", 0x7, 0x8}, 0x9c}, 0x7, 0x0, &(0x7f0000000600)={0x6, 0x3ff}) (async) r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000680), r1) capset$auto(&(0x7f00000006c0)={0x7, 0xffffffffffffffff}, &(0x7f0000000700)={0xf, 0x9, 0x4}) (async) capset$auto(&(0x7f0000000740)={0x5, 0x0}, &(0x7f0000000780)={0x6, 0xbebbfd2, 0x5}) sendmsg$auto_NL802154_CMD_NEW_SEC_LEVEL(r1, &(0x7f00000031c0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000003180)={&(0x7f00000007c0)={0x299c, r4, 0x8, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_SCAN_DONE_REASON={0x5, 0x25, 0xb0}, @NL802154_ATTR_SCAN_DURATION={0x5, 0x24, 0x7}, @NL802154_ATTR_WPAN_PHY_CAPS={0x10, 0x18, 0x0, 0x1, [@nested={0xc, 0x34, 0x0, 0x1, [@typed={0x8, 0xdf, 0x0, 0x0, @u32=0x3}]}]}, @NL802154_ATTR_SEC_LEVEL={0xc, 0x2d, 0x0, 0x1, [@typed={0x8, 0xfd, 0x0, 0x0, @pid=0xffffffffffffffff}]}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0xd5}, @NL802154_ATTR_SEC_DEVICE={0x15fc, 0x2e, 0x0, 0x1, [@nested={0xa0, 0xb6, 0x0, 0x1, [@generic="d8c82d1584ba6a43bf1a23b3801256e214a94b9b59aedc4a18de15887c2ca8041198f277d0949e9cb55c25b198417ee8feff4404b82ce67e475443b862f5ae7156bdecef675ce739d8aa4c243e4047cd2b9f817387def7fce5d43e9115c8d5a122c2f6fe7f50aa96c11167d464ff04c338bce3966c0e973b", @typed={0xc, 0x10c, 0x0, 0x0, @u64=0x2}, @typed={0x14, 0x27, 0x0, 0x0, @ipv6=@loopback}, @nested={0x4, 0xea}]}, @typed={0x8, 0x9e, 0x0, 0x0, @u32=0xa3e4}, @generic="cf9283ba369bc934eb9960877a5beec872e499c8feaf44a2fd25c7f3bb9a093dfa7fa04ecfc2182579548c5a18e59d3f3fbf6169c5d4be8c5bff9b4f4f1d7a3fc6f9680b7d445f290473294fa690eb174b61277ebfc10aee23d9244624eb317e6ea8483b0310d0c708837b5ebd371de42b98b3b4d9e10ef0599a1f135e57d32e", @nested={0x14, 0xd7, 0x0, 0x1, [@typed={0x8, 0xf5, 0x0, 0x0, @fd=r2}, @typed={0x8, 0xf2, 0x0, 0x0, @pid=r5}]}, @typed={0xf0, 0xa0, 0x0, 0x0, @binary="6420f44a3fad1a33bdebab8ac3d2a7c60f2dc02b1b02b7d670149fd256a727cf908b69ff18c62a6fc3696532eebc3af83fffb19685b8bb882da27a512799c8e85dcf6d726a03c4d49fccd7fc38e051e16c0aaab369b7858a7328b6511ec899c5926bbd23938810213a6858dcf606d95ede1b743e31b4eac948af0047080099b8f0149effb6d0dc1f81f765ea24183db3639592c23893eb112e2e49904cd221ad549714bfadc72ea59b2f56cb5983db4375062c6048533f65fb54ff157e4715e4d7e41c2509eef125bd833526e397fc222c17820d719b50a37d864435074e518195d6e55419da810c0714adc5"}, @nested={0x11b8, 0x21, 0x0, 0x1, [@typed={0x8, 0x2e, 0x0, 0x0, @str='HSR\x00'}, @generic="4198deffb80c0211a2613b186a4c9ba744caa286a9a6e65724f595cc3ec5add4ef644a6918b88ea4f58a6dc251820e062f77fc6d209530d8cf7447f81b6cfd", @generic="492eb9731ff2885b2b74cf2f4e67a59f2b2d912d58cef45d06849de9f181181d09429d5c8cd99cbd4c814181d16bca685e84c186a9f162d5abdafbe9d563a9377ba2f7c90c9c89dd9daffa73da4548ea20842d55383203e4628450b86565ba886175ea12606cb500d9936c5389a4377fa5e8d4c2a13ddd12a9a5a77d43d925a4a5a66a5e6045fe62dbe614dd15ffe2c95a1214156bcb7453861d41635927f9e4016d25337c1a498abe3527cadba726280b1c49e114fb770c52daff61ed19b552bc449ef1d55a2c29ab91f1d4d102fae16fbffe31a372c831e8e3704c79310002ff14f2b7009e0339be7ee7cd09c7fcc96240896f488bfff567069ef2be", @generic="0f9fb2a2cad091564a5c946b46390be5ddaae5a6d840e6d39ad98e02ec3a123063fdd5573c858e1f79083c735a0520eb73b06a6ded17429cd612abb0443ad0fc561bbfbac6a8a2f85b6395831777defa5e146be026dc09fc47a074cf13a71c452301d60ec242ddb74d1a0adb", @typed={0x4, 0x13}, @generic="1375acc232a1bdb11c445e8f71c5f3d96caca63f224e75e4fd18acc2335e0c64ccee7250c778015e378c1a09529188718a30d38ed387142f08378564cc660afdf2828ff78c561b27d754a51a655c4218cbd0045983c8b976523399831792543821c406bc205dbbf4d5a3843414caff75360a4e66744dd68458529900f4d41d74c13f1594ce7770cad8dd429dbf97b23e0827ee9739dc6364f94f772e1caa88d1e9e596b6e7b77aa122eb05262aa93104b5b70da4bbaf617b24ecb7ceea484a6a6a548c69f912e2a2b05f2795bab774b2cd6a76b0f092951ce9f176d093983775272918888ad2af37357116d0c236b9474772b42e2fdcb7a0e33cea04fc5d44aa244f44879c884189765ad5e375f9595a5b9837326b2403925df63f4864d46e2a550fa4704cbed85282ad13209d79a7f685511bc888fa7ce5c0bcddd36eb74c10d2ff1ae5ef3f3d15099ca4d9ed709e89a2db565199ca342dd17dfc225d3e81e6be713b62bac9c71c523847779816751e9233d81c28ecd20f7bf3e5e78d3bc3e377a32f81e38e9660428d7964db9bfb4680de88f7a9c9ee7d1cb2dca38ad84d04fb4dc6df6c94098c108a404bff1fa46941a9e3c75a597fac8a065c519f5ca93304c9aac4a55ab39a3aa3d484d7b14413cdabddfbb18411d709b6fe19534a4be1c16d1c187bc023ec674586e117cca31c52d20ebe60cab983d20e0019bcfc49e9aa45480c6ab56bd61aec785e5e017e301ed5b9b274b4cbde5f89068628b0ca55b17758f1f914c6fbeec18cc360dcb369896a7a849728c8d49a2321e2344495ec1a8627298bcbd73333dac7b8fffbd359b7fd0fca8abb6916a96b403267e06eb2ff4f9d89f2567c5172300c6de85118ee9365b15db12faec534fffb7bd6a47b420c0583a095294a099b95fc377916ad4d144a310309f7bd9f98c8f146cae598edc80fd6154ec4f1c6d1c1cc4200cdf118d5ffa749a8250a5bbfa90d58de5457c62d48660424164e544f0e3a701c9fd1df3e52301e127bdf0becd4a3c859f5260653e340ac72224fe9b54c54bdb105895408af0556f5de241d3bde74a38b9f9e8d01e889f675db6bdc6ed8342ac2ee01fea0b8ea04bbcb3090c3d1ba62a7a86ce984aa3eb2c457567c3d871fc03e9c6398c0282748848f31b0ed64911f5c9751da93a2f304564660fe46b0f3e319ed8bdd5fcfb45606426cbb6f1edec31644a6f8a8fc84ab52cc45e0717f4fb62cc03aca4a368109adf6e9d947b1797042577c6efd37d5fd1c8a813072482098f47d9b009328cd0b9a110e0ac578696aefc5267f4d2e302142460cc63c3ca1dfb7696e3bc81f6170df83f2c243cee42a8081b3af8a106261136f425d930721a66f5373eaf905658ef0f725ca4735f6c8ace08248826dd413aca9db219966387e63543ba6e5dcdaea76619f6b9c92f0df96fe0a84a2ce8f71eafe6b35a87c2a73c23008e036e4b0e34ff488f5e2cb2ad4866c2205c84a7d8f5f6e656b3397569113ebbc399562a6ef37d52f60333ba1720b8a7d2505dc41a208a87b98f67346a8ec00b3a3ada16054ce10c9320c46c9b0e063d63623a8db1e0c721986a7e87c3dc59475c5cd62aff85f1eaaa46977067767f616ec41a2287a1d74f2d79ad375da4cf5c005d877bb6c25e55f1b54932a54dc8a6ab587bb5158d7724542e58c316866c31ede7d5df8bbdcac5db6327d6f09bf251b6d8a65a854c65cd465f34f3bcc7c997047153b6d1491c134765c8e82f74aea9580ef7ca5fab73a00c05f446d6fde592e9793b471de0a6a4874ea8bad0364fc4204b6bcf228af6728702c68d4f0ac8717df8349183797f5592bdeb5d408c81af635289ce9d5f99e49d8041d3c4673584b6058f9698f0b3e7a5240d75fb08739f2101cd50f191186bee4ad87f8527895de86d50a3336812dc5b7776a16d2478a8db58c3697d62f39ec380a41718c9ee26277ee0eac96ea3d03dc57614a23e6317ef9700b15734fb69ae82c88384413cb8ed61469eaac0a4f24df3c2bf2d1719ed053a8cb7b12b385e3a5cc477744416867ca843b12589b432db560c44f47ad0dbbc7db01084b87218cce3581349bc9faf065a40c6f564ab0351b166cc07e23f8076d7fea388a9e13f1a6bf7d277774e5eb29a8bd88400cc645c639c8ae5c3505d97cc5c4d5b324173185b08b6a646cd3370a24182cd2aba12a6b3f119355726037a2efe5ab2ba7d953ed32005b435c3b04f03b8d2bd9cc1f68910dfae5e826f6a1cece2d0c1538e75f13b97856c305c3e0d8ecf7bf857ab0f25a769d678e5183198054647c1e34ec626d33a1ded9034f6ac4993d1ae7cbb82fcf043515f8f8c1e72bc26b9e0b0550a83774adf35e0fa36b135c16fb4d487f17ce24cdfb44ce91f094b3550cf35485e71b5382d3dfd125417df5082049227cb8f0eb96f857a7189e8b725f5a1ecbb4c9d49ddc0115dc22d289298af9686a32c6f5463bf89b92e0e63108cc878dca3d88cfef8c460d73e4fedfe43b565d6ffd2f463aead10401df9b72e4fa1660b251082a536a31152054e356d9be7fb25f82cd640320942a8a8741c270cd6df32e7f071ebb7add10eee2a84cdd5dfa3cecdb50b07bb5f7a62ef2bcf46de187e214cddfc8d57a69c342548d34833f0b1780815b499e667bbabf47c79794de1f6eeda3211fc34a8d141669629dca6c9c14138d17412308aaa7f3fa85936083121486149033ec407b8950442140242bfba9497fa3e80ed35e7a9802b387e86b300dd40763c4561d2074d9ad17c59fe68c8d201a3c5f8569551b695edaceb48ddf50830eb5c3315d2397390a8f8d991ef6455bcf912036e800e8465a1c42953ffd491e051bf37e7e7f0c6720b7fb9af37991dcef1cc4fbe25db8ab4438a6ab604d09e352a2fb8db12e136c68a920aef652b1a3df0768eea3b2df22dc1bbf57e10a07d4ec5102e537bc5e247aede5cedf23b8a4639b1d8b7cf90108f54f273615e7984fde820f2da32c6c8c191b64b1f52194a85994189184d79fc91bd053f859f3302eb1060cd509cae88df651ebb0c1b0cb10180e6030579fff744d0b5183759843ed677a4a417f4c07e3f8eac0208c5ddf33eea69d2dd128a27ff213f06d31413390a9925c616596633d79daa07fa8f1abbec662da61bdac72f7f32d6c2a1b04c079828770006442586bd423740bce75aa08b2ddb9f847551b58213551f93729fb95040605ce2946108bb16d7959908c46c935d33fc17ac34e9e57b46a51a7e6ce17c40a6f47cfc12edeedc22eafcca96f869c428e928609d62b0af31b8009151e666cb4a445f0b88f02f4654549514974399be2973eded34e3e0bacf5b2556deef52c328aaad28a6de507d534628d7356957f24bdf9ffa72d4b278c005ec755d3e5b184e783c399f7f3ac72aa11780b52b2fc15092c6933546fceb8c2b91db4de4b1736cadb0d678de21c9ae8af7db1841e3e17f6ff38257bf99fec57a1a86e71ad13b77b1897956bf60c27962f7949c1b4ebf331c3dd1f56aa05116f7e9e17df4edfe52625eed2c2dc5990f7d9c62f184e91c3ab79ab0b3652f06783f81ee2fbbf99e6caf974d0a6607a625a7df4e1737a38ec15d92ca4df123f3956e5899d614e2cf9295ce1ee9dfbb61d5351dd3407e8532390d99cea2a8db9bc76bb8e1c2d7e3c5f74ecb51d43e0bb988d3a764e70edf78dea8c46d9fee91e37fa84479b6879558e6016beeb3a6ff50647e92be649dd11f02d6c078a35b11ead8194af9757a9387ab26e28121396f5483bf7b178f9b3ec1a738a35a2bbd40e6bca8b1b7fe03f03fffb41e9c857cf5cb487a2dcd65942e635c246d50f70833143d1fe96150162a14d449a2ca5b29515039d4dc23c17cb412c4800ef365e87c75f20f022a97873bbf7c83a8dc5ac4cfcf1c1302f6a28f75d40157ec4ee4610e7ab136d71091d7fc9db052ac6b2ee2e3cb0881055fe16e96537139b22165098736ad08bbe27711c0d944e7a7090e159eddfb8ffd6345b27b1065ae70854e5902922476f569dae8a70c423f41bf455ffb02ec744313824df5cf558bc41d17565160d91c46372e374f4fd5c14d35664b05797918b118e649d4c944fdad90c8991235f58eed0fafd0de78137fc2d366923734c5c4d3e1f1ef3ecc70d3877fe3e1e8a11c8440cd0de6668915f6442c5a4b03a54b51cd590b97b219a3dd9143706637b5266dc0fcacb857571df94d142f5775866a65f72edab80875e47434159f1d921156264a39622c85028af0b99e7290bf9727198fc755b7488c524326de2347b05beaadfe50eb5402e271c23e552d063aad05a901ff6285b97c0db3e5041ac8d1a9452317ec7ab29a0e14fab318d0d5cc00a9a49d47fdc5d0f3f572b99c63ae66a5d5e5717b5833b0dd72b49b9ca303f2021fc0e9f6fec3f4e1b3ecfff524646663426e6272cf8bdc626eecc8de831f0c7708a85a5d7ec1c6109d689b8b369a4eaae7c1b2972dc919776f031c8770840af77b13522d7e25130775ad4e758c422dfea08eb696b9e5a5360b3c255badefab6174b3e937cbed6f3531ea63d41aec3e835d9fcb73d090e0a81b1fcc54ea6fb6ac23c92c359a8dd75a2dee71f06f31324d9fa55f6c996e3fb39cd6f5655f0e6225c0c14dd9c4a0fe2c3b3e5ae55bb3877c4fd8d18dcb45f7384060dfac5b2912f8c6186b53e509b76f06ef13255d602a77ccff1a62059caa8db5a07e302d6c291b8e2156d9693ed55e9e13ee29014d5bce0fbbcf34cf29855d879e5f0461236d72c8e8ec140ade07c2355f03700db18ea338e6d18bcefb61b53460482ed8083f6ef447be53e165df4dac211e2dd80a55a97fc48ad17f3fab1af844619990c5783a3ae5350859a8d98f25ef886ae073162f6e707d3d1625216546c76c83d587550a72e39248d4bfb50ab1df594cb1ff50748dcafb076f1b2d35067f2fca2f2065b7ac0eb8a1bdb56a25a5c8b094ee0ca5bc2b00c8cc167905fad9f0c1e882a67608126387515bd82ab0972446e95747af7eaa119e4bc03b3a04227f6aa5306f58d2de0d31dd158d5fab15e1a4501292de49669715181c4c60d56853f3327cc2e684ddb41de51a1e028f01f9c61d4dcf7d7f31c85ac905fe31605f57b260c9c0e472e78f7324ec17b5d7a0be7c825c218f5820b749c7680dc0798463b43086485e945c4ad6340178676f69197452f7a9b174920c3439067b73e4485f49eef3a40b0f4e1d1c88a74033909db1e0c548077b4e1fac509d3c0a765c43b17c3b6ed27525f058677bf11b06e54246bc80e83beaa778d56661c4b11213f78aaddc5bbe76592cd81869d9353bcaad91fa56646dcb5d895e95e67ad73cc928c2502118e8f420df7d3e46e139707b9818764e2ab0951686c90a4146f10e35ecbc7ff4c8f2a9242293496a292f606bee865375916ef2a6629971127e06357abae2369ecfc93ef20282ccaf95e3a69eb3ea446273bf10863a3d10b75359d1af65f76f251bafe54e407fa22f69f41a6c9eaa3d1e14414d245bb90d4e7ae35ff648805ad7ab6f1a45708c1b3ed12f7cc768a7990190a0b01b8376acebc0bc061d1fe759a1bf10c54f95e8d59d67ebda020826785b3c4f721abb1d41dbb22cadbb3efcb651f8a58a3426fbc06b6b33ccabab473189ecfd85be0cc1d4266752c03b458a65849927aadeef273947c7a40ebe4505a885e6b167f61db7b997998440240f0f3b9b2bdca7f632be56ef8f445652b8b12d30942f1862915caa446c129ec73304ac4bd57fcb180a2911def0fbfbc005360931f4297726ef1"]}, @nested={0x212, 0x68, 0x0, 0x1, [@generic="eb52b4b3ed7d83bdb436b77249b65855a02db4ed3189bee708f75c2c708f9b732f9c19e7c8f7e0a68c3acd0b66ccb2e9f6feecb625a93f84cebf95f6d7d7d241b218d9622dbda8e65e7fcd06d6a89b870dc85a4377b31f4d52b6bea15d487359ddfa16bb709d34b081", @typed={0xc, 0xd1, 0x0, 0x0, @u64=0x4}, @generic="2599a2e423df368044e69b", @generic="3780daafb60c338692bbd511f6f87c7c24b81e1f8d305e59ecec23954c9ed6d3e5aac3ceb23603", @generic="8471d9ee4ac29f1b0b6132a3050e7cd14dde5ffc473a2972ac7a2935b82fa05a09a1424ec9c13094518bb08c8ab5f72f7e11dff959477b01733fd708ad690031fe34ab31264f06a72940f078773edb1110218d564c4e06154afed5b01b60604a1649d939c801d9f9654d73122301c9917769905c3ed87ae104e0bf402d57d8db3f72543a1a9a915ff5122a948e491cb0fe6d34f7ee0dc702396b4a2a00439014549481e8ba036998bbb03a9354a1b11c0b8bf6fce5dc4f50", @generic="058bf00db72a10f760b1057668ae076ba201bdfa605eac396c8ab8359450e12a77cbd21436e5cdec4832a719dcd8e37169fa467e5f325f8b86118688267156895ced691a4dbd220be6b9c7df39a4225c0c0c82b9d4d907d85ea20fb9c0c7bd35505e28d858853ca9c41bd292cdb41c372feb6c6b6a15be145bec989a8b751ea8f2f2ffe2fbe4d7b73843ebc129f066b26c8427a9ec154f8f338f9165860905bc89f10f82dd52011446080919867976"]}]}, @NL802154_ATTR_SEC_KEY={0x1358, 0x30, 0x0, 0x1, [@typed={0x8, 0xd, 0x0, 0x0, @pid=r6}, @typed={0xf8, 0x69, 0x0, 0x0, @binary="32715cbf38e96428c4dd5f992502e8236d7578c27f721796ce83d1b44465de02c67eb75f5eacf421c8abfd7f2f1d412f44628a774669ba8da4887afb94649af31fda42a1eaa03db4e1ad65cbb1e81d2ce459f9e1036b6c45cc8b9dcbcf2b82555dcd90dfaa232c7ac5c6167b6a74b04c7f631adf5a6aa1593095a91d3f20f49aec53536d7c6b286ab67e27417c0bb690d71050b9ab024e064cdeec059130758d0b299584f8a39cb568b8e02d5dee3ed9f52ead71e73ca9c2976ee1d0bcb1fd5c80327cc500a3ab9d73486aaf66b8ef256f739f44ead307a2cd5014a9c7e4a20c9b9498476a39af1e46316e16c987c4f83761045b"}, @typed={0x8f, 0xc3, 0x0, 0x0, @binary="2764c92fc23b3b5f78c8dc97a2c414f50b6ac20cabfb88298e6fd702b55e26fbe7567ca23eb344eda65e1026989ff99c57ddac718940826ae55bfbec6314303c0b64c3e29194bbd0349dce8f164c55f78872fe512433925692ca7057a7e5030834aad0dfb271f836d942c8dbc68b345ad3363fe715c62e37bf277428a3e13a05b5f86bc085e16d2b44cb8e"}, @nested={0x1b9, 0xb, 0x0, 0x1, [@generic="de59a00792c8175f36c20f345f3c70672ca9289c162f55eb6239a654afa937228cb934364de0e8afef742e1d8d08ea70c7660c65", @nested={0x4, 0xe6}, @generic="13dcbd0aff146293c5f9a2af4bf8807f1ce5f85cbe89ae1ca53446f01d836558ba538a9ce70e600047517396d547c19af10da9a4adde401306e44c053d3e7df350061ee96a8d3d24c3546c54457480b60977bdd013b823141ce381043c3aa3f980fa56ce5bab935d5e5d661a4979aa40a0357fbc3b524f018fab39", @generic="59db0a7fc65348abe8b64cf86fb62bef733fcb527880f72943f6483f7b078e862dbac852b2113294ebdb378eda343f56926ad2259d8f2c3ed57b1285f6a63f60f28520870185a619cb8ea2b6d016008f42bd33762211413a2d7c7a2bc70e32fbd5aaf174fce6", @typed={0x4, 0xd6}, @typed={0x98, 0xfa, 0x0, 0x0, @binary="8e07860100626d81807c9c0aa289153120308b230ceaed0ec3aa17b19a12d78eb5dc29f50d280e8de1b62d4ad20eec261e7b72a332b082370ece4a09c2dfbf546791f8bff6723f256aad81ebb1792db7b4a4f66d18bf79bd2d556144c690a581fe0c5922c3a50c56187df1d2326314f01a05c167f1b75b5b2aa068f2c072545cdbcf24afdf2b5ce3856b158a3dee24027219091e"}]}, @nested={0x1008, 0x141, 0x0, 0x1, [@generic="cffd9a68f63b36e6da17b41fcdb465aa90bea41d2c5ea27336302bbaa79a0f3102530fd06936e3ba9375cf763fda17107483f83eff20f9499b87583727c03cabcce121ec9e74b0050ad60ec161de4b483225b2222302053497c2c69a0f1f87823c6f4fcebf3ca20169227833ef2842679dacd16a712d52bef48bc0371deb234a23d0d2df76ed0a790338dd783f25621471c7880adcf40a3179e053b1bf841b5f71ab3cecd711ad4f87bb74f66ed924853f564be55483bb59e03722200a49d6c978d28fe8263d6940f0797e8b7608bb02cbdfc69a970679533273805e7cbb7c5442698aa1af43330929a39d6915bd89d009c2c67f1c6e89f36140f00d59240ee9f5be53791a38abcacc540ee4af4824974d8820ae85d9bd3a2215baae9fc70b34063b52017c89c5bcbdafda6b5bdd19cb6d55a3105f15707a3cfaceab81bfa16b591f6bae8af890af748bfa98027939bda2f6241735def0b7939103c88ab3915d7ac7108e5ab2dc3a74ee55306d35bd17af7b44cae145334841c915fe54772ac70eb6785f0d28fe69bf83cd7e6b930e358c5efd4f59a1b518abfe0d876ab42149df7e245cd9526358cf700f38348cc81eeebb8a0b6294af41dd8e4275f7d046a605bbf25688de99ec7911c2452cf436e48d23e941823914f7f5cda374999f1649e3820c116da6f39f71ade623912c3eb36211b494638e038870bb9c5d5f87fcaf3ab743b230969b40a806375d26199ecc174b209740abdd2dc8d9ad31a754547aafcb7af3e1e8eead5528d722a05722665ea6a445c2efdd21988cd3894b8739fd51d86b2d4d4d3972ec5604ec9b824ad282ae764fed01806f3da230ccffc9b409ba3c5f1a536bc4cbce48b0d17df05e211c1fe53cecfc26126a9fa8fccb7c67bf6bbe4bad01c400c6bd104055d96b889e4b06f47880067199f018bbf43fa83fda16ad4a9cc309a7c0eeb9c06e66b6fc546e92a1485ede87fb1b960b1f58bc0f048e3d894a480596186456c2319d3938e353d6266483da9d8d773a48df31503f5ab460025f2e8db3182fd346e299fcb488106c8de90577d76d80c55ea6a7ac8bb05f9efd8ba611de8b43e4b20b36840d3c05869d9835ebef7c77ca2641a6fce3179ea63446d5a9eccea6476524396356205a756611fa5a3b2021d68653de1cab65d0e9485489f6f907c435f6e946d55743bf1757879cd6419bb3dd635e11a96b4091d528918899cb4cc34c87df1423600291dbeae4f410a6e6e089f650988824645c6e2061c6b2b9e3c2440b04d9e548d4150ecfaac3713e3cc18cbbc2147ad7e2beb7b57f7110b6e624ebb0be6e7865e1d13bc57f7ab4c13a51f2824b22f714771c7f21fbfa3a19fbe970c7785515d3bf80d2076b8f7b4dd7e27a5516a9c700479acc36348d81445d1045b8b4734085cbb8b2af5c01e4a55f173c5bb097bb45940635c8663b69d0a7de8ffd933370cb796be9aa60205553bc19855aa9dc7d2b13f8f8dc2576ced8698d39105336dde0703a88e7b680eaa0e29b49bbfec450ac3aa26786d3b8eef9adcd07f9187f1ccf0e76847dace28c7e69c261935671438491fb03ca881e3717eaa1eb3a8a78af76828bb16d683d65c69425717d2e33699d10cd0bcecbcce2bdfb0eb7ac96a7bbee830b00b3e351a3d3517096ce578b13e29aac803c1df8fce42b93c57956445f4d59903406a380f180f48954b7af882281201e305618ea3e7f908302c3ff3b8018309601bc0ef8214d839a926d92f5bcd53f7ecb80083090420be722d02e8232664b4d8f45b63bff1a3575cc39f85cb21a9c79034f7366a8a49419d7abc1679310b426a87e2645c264ec3ee9ae554f437559b7f533f365b66eb813dbb7f8e214617ee91e5d6000145b4fa3d61942a3763895d03de816443302d0b5e22c55fa78d8bda62f508c4b905b7a722caea1c50bcc2ead740f23bdc117c14e746ccada7e808a17989bff740db48eb4c82de1865bc61529bff8421129336ddc8b96b7918a89f885341dc8250703ded1950a8ab25320be6c53553cd94aaa9887667f152ce257a2b20407d8f33a979708f7248a00b09fde2fb8c68e3c4c3e43401134ccd3e82413fc08144a2990255f1a79525c8760e4759eb76382c0b1040fc7a69646773d90ea4e4d76437a6fcd0497a3e5e5a959142402030fb6c7f1e63f20268aa771c293ecd73e82ca2727e3f6879b22cdb87b0b2c3448a478615ebe4d5d0562046b2302f52cbf60c36fb38e503268f261bfe35bfc4a2053eae144716c945c8b8c822942f0487f99e9fbe993190d1192c4113f0cdff26e958cf51c383a0a70bfe1129085381758d53079117e3147a91e484706927883f4be12ce4c7741c8c51b63be67cc019d1176792db20bcfb797895a073ec42c5f0c08d5b61fb5d0e6cbad8aa782629742eaff38c957b46df91abcf159b17452a57c8d25100b24398343819c3a77332a909d2103f402e164b5be3f683571f8f21ecbd4e12de68c3317c610fa1876e3f076519ab526930275a596fd21595ad83d6a8a6a6f3f5e9a60ca11fa2944f6b3a55909a690a848e66f93d8d612caf3e3b11c2d576d08a6b866f84b9b5e4dd1aba12ef0569c99aee159dfca9857c0416280c0acc79053b2bf767303977493262ea98c8fd78ee9fc79e739ce54e83e9dc5bbf397f3ff929f7eacf1b9d2fa5821f433887095da4f59097624b9c50e2587ea3c2d4b4b3be6e7c9910dfea1005da9847b96e054be272a9b1a18e107bfdaf7fd9c3e8528baac2f83c1b1e4ed83d3e0fb6b5baf985365129a27fd956d729574b00f0c520ebdf9e11903e266e49770d93b8ceb417b0133c499d901b02407f7018c5cea88e0322d286fbdef4c76d1f2bf697e273b94fae931c55ec82151c24e39355043cb8e73ffd12c8adc25ab2a04b0fc8a4272625ea9d7f6a358ee9cfbdae3d5e35e2098e2dce68c2780c8a4a9fbef06e0ba317880fe2e05d2df4aa723be32474a599273164d9ebda9ff75110f95502bb0ce37ef42ff20b6571958e840cea84a31ad9b469f80cf3b9a0dc376c5aad2899dfa76611a277595054714868b75634e287b2ce9f6380da7667b86bd3131277c16fb8d0ebbee7437fcfaff5f61e3b9a6cf9ce9ca360299963077a36e8ae81ce7451cd76f23a43f4991d244a8fec3e0c0eedaf13c8d709d4da498bc777f031aacc867e18287ce781260ac00af2c9e0251be80a9544a4daa06629e1c13e36fc3022a6e60010de539f8265578a67e10b7ebc88b2f104a1a9e01ac2a76abf945b0d0773a430357cbb43e26a5991604db7803a207cf987369ce1079e6d98ad6730d0e65807f238ce5be4a41e5c030da1bf4e224ab8f12a6678a611c99ef45c099a222bd9cf34799aa5014633ffd976b6a6d8d963b39a62fa09a81816814822c37814da43b532ceee7663fcf72e4d641b88e84a5cb52e36ac0dfdb8d50e372d45d21057c19d2c983a51a66863114dd7d7294a83dc3c31e616eaeebabff9273f2871263325f7378b4327c80d0ffcb8bad27aed7dbdc0fd701c322ec3a4aa53f001fb813485e6fcc8ce77914715d5ecb9c07ee57d913b31c696f97091f5e4d010cd6237ee79ed5677b74e9c51e43a6dcedda6c6041b0971bae3c69faa90a42fc7a5e0b2247782382765db4c6fe4197e9416ef5c0dcca4801fd38e4b7218c893186dd1704eee483d1cc3703a711290be182d8ff6af8ee60b251b5557b3a8d5c92239a8473095f3f89fbd72de92a3eebb293f9cef266892a67476bd7daf088eb289b1b66f7d0099e985006963dd96f04105c100c65abc4d33608d5738dc097178ed130be6f3fd743d3e199c6b2bad8f8063106a46b5e0e8ce8162263c366fc422372cd9e457774b3051d8225050404e7d2419bd24410cea612f8846e178e9375913680b14cd2523e29ff765927334ed030b4646de08f754866059a8edf8ff71a8ffcc483055267216f0bdea794041ebeafe4c67cf31ad1690b6a140b1a3cc2b130c50ac2b17d1920babfee85facceeb340c05a1ff9fd38b5b1f214aa585ebbb917ec5b1abe28be4dd0cf754b4464213bb6cf882fd5859838cd1e763d65462e3dee5046db2ad859f06d978aad7cd0b234daa2da864dfe38708aa499d9d913a1eae4f843c9462caa8c8132fbaafd7f899ef003141f09fe9fa211011e171024b2fadb83691e72e52ae8601cc61fb47381c8f2a9c612e21acfe9ea3b6cfae34baa1db8a0d3296207525626936736c6036494ad8de05b3580b01ae2a6b804a66d19861409c3e8767f63fa94f95ec43e8a726ab649c50557172436a9eadf52e77817c1a48ed669eaf9613ecc0b1f001511a3d59802906cc1c8168583ddb9c952939692b136f729af528e491e3ee795db19074e5f5873e29e8e8df1217ee1dac044712db460786e67586c0441996c281cb6bc86551edbb2f4d1dbdab73f677f6aa3b222488cf20617745b00b441083c5ca9ec0a2bc8bda61cdb6f749fa90085578712afaf38aefdcdc521bbe6e85860d81bab8a2b52ed03a61175ab89ba16b3cb8909ba24cd1a190eee81716e4905c628392f947cb383d3176045dc391571425a42cf13eb8c2d391b425a58e4c268552521365db0b16fc590eb32b99d926a42264eee8c30c9f4d72b3f1e486be93df6dd167229e3251628943a529a03696cec84d5a1003be70834442e5bf81842b0910dbf701df2ab3241c7f9864a55ee6ee3671254c74865a0d5e3357b1ba30602bece567b69d44c083b397df9a142a3acff236f8f9884df09c0b4f0cdb7f098d7090e0f14a2e218ce59fedda1d309db284bb813d14c8319a2e0055cf34be596e6fc83896261070f09e521e8de666bc94c22781f5b1ccf358b6e2435fb2a348e2ffb52453a536f0958a7fa067ad3aefa92b1be93d4c377876dac2b645e457bff055b17edc5bf8aadfdf09fa6264f8fe5866b0c57761de5c38fadac7050b374c4c2ed120c76a9b6c6127a3754b2e4fc7e9b4269c70c1b56f47bb5f23a77b3eb983c67c1b0ecde9045e9fed6cbe1304a89014d1a90104dad4d43880ebf23b2b6ca892160069e93a902f9eb4f13184533843d93dcb7dd29bdc5d594491a4faddebd2434e6cba6015528c1d65694505ec25c0aa82be8dd907298357fba9d788e9aa167ea8996d946e24ae460d7d92776a1cfeabe8225d0b931b881b853601c6dde29dc3d5d5be9694e138663a81be176289e5f388f1a1c1397fe38b838af32fca4525e273c806dba75431729fdb1261da81668ef3fc473eeb4e878c000670bbc6c1a22ae687b1a2ae1523a627d073f1684e37e70ffca100e4c7cb41464faa6db909821e314f961a1e6a269ab891ce5ef5d7549197425bc26e264c4df40591099cc55de745e1451386e44f722c768e5016e024c07f1cb6a11acaa5ef7ec583c4f7950502a8649248d0130215be8549c5cc8280ce363301a8920d73b152da96cfc089bda63b513158edb2c8b65807bd3ec3f49ff4b83d557d7cb4a00ed1575ddbb47ff52e8be9e12c0b589c0c9b90d387bf7078decc02b96142deb7e288f33d23fb95260f77ef343c26563fa49b2daab715b4d0c4350b12331cfefe96a982437857d2b5c2e8e0b83f060a03a72363150749f51518296cc19f2997e03cc1aca6817b57f1f77fe536756068241769da13a15979466dac239c79d4384323fbe715224ac6adf01f9622b171e5562d5fd426111a4ddbb9902701631d771108de18446197e8c709c5faf792c2f3a0cbee5bb2cbe935f069d0732d8c9bfdcf0238726ad6100735e63f4b78bf5bfa99bfe9d13", @nested={0x4, 0x26}]}]}]}, 0x299c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000) (async) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000003240)={'xfrm0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_RSS_GET(r2, &(0x7f0000003300)={&(0x7f0000003200)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000032c0)={&(0x7f0000003280)={0x30, 0x0, 0x4, 0x70bd27, 0x25dfdbfd, {}, [@ETHTOOL_A_RSS_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000800}, 0x800) (async) mprotect$auto(0x7fffffffffffffff, 0x3a2c00000000, 0x6) (async) read$auto_msft_opcode_fops_(r2, &(0x7f0000003340)=""/13, 0xd) (async) capget$auto(&(0x7f0000003380)={0x3, r6}, &(0x7f00000033c0)={0x8, 0x2108, 0x119a8000}) (async) r8 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000003400)='/sys/kernel/debug/ieee80211/phy9/aql_enable\x00', 0x505500, 0x0) (async) madvise$auto(0x8, 0xffffffffffff8001, 0x3) (async) sendmsg$auto_NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000003500)={&(0x7f0000003440)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000034c0)={&(0x7f0000003480)={0x2c, r3, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@NL80211_ATTR_DISABLE_EHT={0x4}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0xd}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_DISABLE_HE={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x20008000) r9 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000003580), r2) sendmsg$auto_NL80211_CMD_GET_MESH_CONFIG(r2, &(0x7f0000003b40)={&(0x7f0000003540)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000003b00)={&(0x7f00000035c0)={0x520, r9, 0x100, 0x70bd29, 0x25dfdbff, {}, [@NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_HT_CAPABILITY={0x5e, 0x1f, "dd71059b3480ff922665a61f3a327a9f06d66350c943ccd6a4df57b6859bc43362c40a78bbb6d8a71e576f4f5e7b03c728a4b0571f98ad60060f2d4090d1a8e0bfa03e4e39fcdf7ceae89d2380ddc0591ce42dd349bb43595593"}, @NL80211_ATTR_S1G_CAPABILITY_MASK={0x71, 0x129, "1476bfbc481deb30cba7f1f7070339bed930f841d3f84ef9390dbac6f71f6f3045b978a09c01d094e6fa112135785a175b410a2d794948d7c27b1e33f2f4d01da7ad7fcefb20332b365b122c715668f8dd39126ac6a7e404121f247fe1845e7f316b5011923f70eff6734484ef"}, @NL80211_ATTR_HE_CAPABILITY={0x2b, 0x10d, "3037d35a03e91345a0e86112e839499019e8b6c1376f391c92e65cc6ef9c68bd88e316877d44f1"}, @NL80211_ATTR_IE={0x406, 0x2a, "adf44d35eff70c5aebe93ec61928d33702cbdb3269818b08ed7aa8519e15958f6b8345daf28cc1bbe694919d0bd72f9e42e95361f71ab005f8adf1fc4a115f372cececf652bc7a44830003c77d4bf6706a2529949dc7f7adf440929cf3361c333b3b6ecfeb825fba971a170a566af889655bcb87258d1ffa8e6da668d6d7eceed9f34ef9e9c69313c3c8351041ccea61b3b70ec7c70cc72a79f480637d21efcdb5c82e718d360f27d2020249d7706a5467bb35e5d25c8fbcc6b6b7b60369b5124d24fd93225e5fd17a3cbc3a01581ce1e5caba79c46a8cb945c8277b2ff8dde065df40602c1a787b7e86185686be00d8679d8a3c0ef0494ec29faab0f345a606eea6c1ff8cba081ee24bddd50d00ab112d4c6c0d6cdebfdf89b7ee062de7a7979180a7900e0d4b843c5d0cce7aca6515d9cb5d46221c44b55eda92984c90181759e95861d978150c4c906987dddc835b40fddb5b787d27e18f3b2279215bbdfb0b9ea62927c32c9ecc2f730d3bfa0c8084057f3ba59062b7701cb6db3eb82f03012011a42e44e58e4aece9aa2ffe7b9d45f88bfc5aefd5c053549addf0016d28b0ecb4ed43b2f5644efad140bc9a051ca1ff8371cbe3ca2547c2e943b6ece62a10afd921169d0380b3ceb9f074dd9aad54211c4b8c5c6b1997725c2b6a4712958181cb8a0daa649dda7a4082938b39e70ede298837ef9697ae717be9732e6b80a663bebe67444b5b7b33f512a9d17fb871b54ea6049fda2d9ec3d03c543e6cfb22c08bddfc63520363788064837bd2dba3c1b77aea12f75fcadd456ee16204aea5f2b414075a8b7ed2f1c1ee5f3b2c80d4e1cc6ee957bd064ed1d88039c0f6304f8e32ca5284d812cace023ba1f592bfc7e6d10faab3cb191875811122d1897804c9df71c8674b494c02bac2b36e5771ed558209bedf4add3c3be933bb8e36a78a32efddb8d43359c1571b1728e672d74eda8151b43b5feaa5e196c577d9ce415710ce6ff32a9d62405fcd3fadaf764c85dc37ffaf369892ee5a368fc761cc73a0a21a0511206f2fe2cd829ef855a8c54c8f489397d4d5de925bddbea38358efb03c50b7bf47166899b1bb535ade82d33bdc49901af701121232eaf97b5fe3ccdc6e487005647154695afed194712051c5dd394f47891c97cb8bf4af5c605c37bbe421e495638e75e5e333cc2ce23b6b4c302ec20451a94d1d7ca2b53405421b2796e15929f1759f522ca7e581e5d1247dbc9b9fa9126361cab9d52f23488c23406f77e01df63708762443fbdb88e66243620f028d0c1caa24de9b0653cb85b05a45b75b82d3eb966ea5c3c70f3fea76a5658d675be0b5c395e3d03d72e5e27e76f403a815e1da2c1918eed2bf83595246d64b74ff56e20e7ff63b0bf8ddb2786d9780654494c5e27fd705658e42fe126c2c9e74f4e7e0c2837caa739f657e59b200"}]}, 0x520}, 0x1, 0x0, 0x0, 0x48010}, 0x4) madvise$auto(0x3, 0x946, 0x2) sendmsg$auto_NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000003c40)={&(0x7f0000003b80)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000003c00)={&(0x7f0000003bc0)={0x24, r3, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x10}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0) capget$auto(&(0x7f0000003c80)={0x5f0a, r5}, &(0x7f0000003cc0)={0x1, 0x8, 0x1}) (async) madvise$auto(0x0, 0xbc, 0x8) openat$auto_stats_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000003d00), 0x1a0c1, 0x0) (async) sendfile$auto(r8, r2, &(0x7f0000003d40)=0x5, 0x3) (async) r10 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000003dc0), r2) sendmsg$auto_NFC_CMD_ENABLE_SE(0xffffffffffffffff, &(0x7f0000003f80)={&(0x7f0000003d80)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000003f40)={&(0x7f0000003e00)={0x124, r10, 0x100, 0x70bd27, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_NAME={0xa, 0x2, 'xfrm0\x00'}, @NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0xf8}, @NFC_ATTR_FIRMWARE_NAME={0xd, 0x14, 'nl802154\x00'}, @NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0x6}, @NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0x7}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x29}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_SE_APDU={0xc2, 0x19, "199b098d0963bf576b0c0bab6a80992119e6414a6a58886f61f4fc6d443fa6d01d59e1221f93e052cef97ab9072ddf1306dd7fc5818a3be51889c0079a4c83bc83b97b680667a86c3d9a02ff849b73f07480de9228df2d650f2ca8e2582aedf5a076d9f25096bd3967c743babf28e519dc2822a493e87117e59605988aab3fc02b28d51ff8f5c30dab400cb90000a9e5854a23123024e0a7e12f1bffde3b8fedd2c26537ffecd685eadd06b83d90b4c136dc6712a2d290f6f341e997cd7a"}, @NFC_ATTR_VENDOR_SUBCMD={0x8, 0x1e, 0x7}]}, 0x124}, 0x1, 0x0, 0x0, 0x50}, 0x4800) 8.176943732s ago: executing program 4 (id=2806): mmap$auto(0x400000000000, 0x200006, 0xffffffffffffe1bc, 0x40eb1, 0x1, 0xfffffffffffffffd) r0 = socket(0x10, 0x2, 0x0) ioctl$auto(0xc8, 0x400454d1, 0x5c8d) close_range$auto(r0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) r1 = open(&(0x7f00009e1000)='./file0\x00', 0xc162, 0x0) ftruncate$auto(r1, 0x80) socket(0x10, 0x2, 0xc) socket(0x2, 0x1, 0x0) ioctl$auto(0xc8, 0x400454ce, 0x5c8d) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0) chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) epoll_create$auto(0x4) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x0, 0x0) io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x405, 0x8, 0x10001, 0x6fb3, 0x8a, 0xfffffff7, 0xffffffffffffffff, [0x100, 0x9, 0x7f], {0x2, 0x7, 0x3034, 0xe, 0xf, 0x5, 0x5, 0xfffffff9, 0xf08a2b6}, {0x4000, 0xfc, 0x9, 0x0, 0x0, 0xb89, 0xd5, 0x837, 0x8}}) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x800) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) bpf$auto(0x12, &(0x7f0000000040)=@link_detach, 0x26) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080), 0xfbf}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getsockopt$auto(r0, 0x7b35, 0xffffffff, &(0x7f00000000c0)='/pr\xaf\x1d\\\x18oc/thread-self/clear_refs\x003\xab\xf8\xd8\x94\xad\xd9^q+\xe6\xdb\"\xcd\xe1\'\x8d\t!\x81\xd5\xaf!\xca^\x15\x10\xa3\x97\xf9\x1a\x1c\xd3\x17\x86\xa9\x8d\xf4\x18\x9a\xac#\xdbe\xc4\xfb\xa05\xfb\x1ba\x193\x8c\xbc\x1b\x0f\x93\x05\x9f\xce\ft>z4y\x82\x83\x84\xbd\xea\xdb0x0}, &(0x7f0000000380)={0x8, 0x401, 0xe}) move_pages$auto(r2, 0x4, &(0x7f0000000480)=&(0x7f00000003c0)="ecb764c3cdc146b32843b3e84a5b484060845b4f3f1e434c23cf133cd797f5fad5f7c6cb27bfaa070315ed0e1973758b659d5e62b5fbe5c57dab63ef57b5655acac75d47ec0866f22f8ff6c8aa20f1c75168926c5ae13964a3bfb842adad22ae98ff0089518979eec0465bd9f3eb1ab6592a4cb30403ecfb33ee724b41b48fdeaedaa2c002", &(0x7f00000004c0)=0x4, &(0x7f0000000500)=0x8, 0x10001) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) socket(0x11, 0x80003, 0x300) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 1.339603755s ago: executing program 7 (id=2822): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0x2, 0x1, 0x106) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x1, 0x68, 0x0, 0x4000000}, 0x0) madvise$auto(0xfffffffffffffffe, 0xffffffffffff0005, 0x19) openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/ns/cgroup\x00', 0x620002, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) madvise$auto(0x0, 0xffffffffffff0001, 0x15) fstatfs$auto(0x3, 0xfffffffffffffffd) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) inotify_add_watch$auto(0x4, 0x0, 0x9) recvmsg$auto(0x4, 0x0, 0x1) select$auto(0x62e, 0x0, 0x0, &(0x7f0000000300)={[0xffffffffffffffff, 0x2, 0x100000001, 0x6, 0x3d0, 0x5, 0xde30, 0x400, 0x2, 0xffff, 0x4, 0x1, 0xa0b, 0x5, 0x200, 0xf]}, 0x0) 629.764431ms ago: executing program 5 (id=2823): r0 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x902, 0x0) r1 = openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0) poll$auto(&(0x7f00000001c0)={r1, 0x4, 0xff78}, 0x40, 0x3) write$auto_dfs_global_fops_debug(r2, 0x0, 0x0) ioctl$auto(r0, 0x80000000, 0x1e00000000000000) 338.8627ms ago: executing program 5 (id=2824): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/mmap_min_addr\x00', 0x121302, 0x0) read$auto(r0, &(0x7f0000000000)='\x00', 0x2) r1 = socket(0x1e, 0x1, 0x0) setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x14) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) lstat$auto(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x5, 0x631b, 0x9569, 0x9, 0x0, 0xee00, 0x0, 0xff, 0x0, 0x10000, 0xe, 0x40, 0x3, 0x9, 0x4, 0x5, 0x7fffffffffffffff}) fstat$auto(r0, &(0x7f00000002c0)={0xfffffffffffffffc, 0x6, 0xda, 0x1000, r3, 0xee00, 0x0, 0x1, 0x0, 0x7fffffffffffffff, 0x3, 0xfffffffffffffffc, 0xfffffffffffffff8, 0x9, 0x2, 0x2, 0x6}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/block/nullb0/hctx1/state\x00', 0x800, 0x0) r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000640)='/dev/sequencer\x00', 0x202580, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x40440, 0x40) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000002740), 0x40200, 0x0) newfstatat$auto(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x5e9c, 0x400000000000, 0x7, 0x6, 0xee00, 0xffffffffffffffff, 0x0, 0x6, 0x2, 0xfe3, 0x1, 0x800, 0x7e, 0x800, 0x5, 0x101, 0xb288}, 0x0) openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy0/netdev:wlan0/active_links\x00', 0x2080, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) recvmmsg$auto(r1, &(0x7f0000001500)={{&(0x7f0000000580)="f1b2ef6e9f2287fd001739ed603ecf0ed4a5fc4b5e5504b5d38b9822db76a6a68a4d4f395b984a920d645c077339f698ce5579ff497d8ff4cc2d46b5af37a85df5a1d545618f175a00000000000100011a1147ec2bff04279b300202c5508d509c46553d6ba05f4cf550ef6535007295d75c103451c3d6d76a1864dcf9f8d3acdf3d6cf28387f3615618485ec6d4f29a30710613ea5181c1b7b6b7929b8b286427ed8b07a51501dff87f6bf84ea797aa7dd68f4a177400", 0x7ff, &(0x7f0000000440)={&(0x7f0000002780)="d6ca37540666d74a8bd3455669ca29b76dd9e0e77568d600716cd98229a203492852ddbd156a374a7998e8f55e9489210678d959dae867554d7ef0758c0596b6b46e73a50081bbeafa14593b7e501efbb82fcc2f30f4693c0b48fb345b0928e06d4b4836781ca899a8742cf7727b5f5da5bd8d5947023576238dd51c635189b56f650f0cc4ff09e4bceb1c99635d1a1f7e502e5bee7dd61f9870ef89faae0a0ac7047d8d185d8a31145ec508da2b0cd81e01521db227d02e10e3f99fb45358786270ddc8702a8e29ac579a2e737e03f7c9a65c59b212ae3a69c330ad84e0800e803828b84b41b53ec83363c543c5457ac900b9ecdb78ed145f336d70493b0185d87bb01034d6b9de559638ebb4af6e4a50fdeb77d8ac968ca37e5150a9c9cbdbd2a7166e246896dd436c434f5d5a7f7b5d0bd1c81f767a945f1237254fe0da9ebefc8c1c73a394e80310e3fb0c87f9cdd1525746041cfb8189a96c333cb19a885f46835a11b26fb06986bcfc1e49c3230eb09c70eddd443c193ff577de22b35ed3d41e2d1dc514720662a20186e18979d7912800beb36ea90744e91cb09c4b7a5d4d5e0200eac935749d25c31593d0e6816daa07da6897e5ca5ef0d36d3633803491d13778c3edae2c245433964c21aef261ba5a5765f6bb706207d1d6d074a5cd0e08ec700d03a3ce2a7410e169fb92566c6327bc72dde640cbf8b45394628bd0076c594c286d0103c5686de3de135e960dcc74e60c40d143328f31be618fabb74380726b3a02aed40144254344fa3ce2e59267efe51f4d94d607cf78c1826d0665b1e7c9ff6ff9ff5861dfbcf95db12d0814001d70d976dca97077ba31f7d09809a65daddb668755ceffd5fe65690861402ef9c3e7b2e01c4208e59f2192ec75eb6db1da2427bed50234530c6843bad6ac2df916851a61f1f6d72e071c973de74b372881799e69bd617f686ccf9703a92a7d8ef66a27d47e6fd181cc3d733e31caa4222483023f5af656634ecd94d83dc1eb1839ae3a113b0141b88420029113016d7e5a6149b2a78cfb6a2ff1f0f2f5fb6af669472c9c13bdb36ebeec74c396d3f97c8546a3f14405d3d2df5f6c808d22241e811c567ee4fd641dc13c5776cf74d53d9e7535ed29dd6002afc2585852149d33851a746b7105afc906c4537a750a9edda9a523e880f89c4b95bd3c4b6ec0518d5fb614ce2c6dc8aa1bbe7f352cde1848d6d64f2e0d15942427287c48cd83807f0943670905a61fa89fc9413bb078ae526159c4f64d609266401f9df0f847b38d2854b986d10d278333e60601b663c9a19caa6d1e71d4f2e3b500ea698f3f923b447dfb27122995bb1a0758f74a2d858e41661a915a3a6cefca8f6081eece3a910069c01c7f4f6d3485022c67ac5cee09de4e204173de03c7990e99d9233b012b32c90a51f790a8ac067a6b4e3f53fd6be1327ca1393980c9018fd2f53140dbd4e51d2c6d5035d8410913dfa0125f599ce26fcb82a33930fa6ae3ea4ad789cf2da29431a54f30af37d3236726675b000d4188bd4396e51590320256a9e7d9315a4f868b64b379acf0dff7490c53da1a9eb5cdb8189395dbac892e1c1643f953ff5517a892619c465386b6d4338b4ef6ecb90cf13c0b4acc63ed9906232142e09e3881a759cc552f0a28c38ca355a92f7d8d974eb8df32ece37d9197340aca63e71275214ac7e24cad15add18272369d3f17ab0550f612ff9321830fb93878264876f34637d4631f0b115d7bd66d5c7f14b62727951eb3a2799dc8bc0214da55048ef9af12384a0c0be4304b81255b6483a5d032c7b277f9157b9e7e1578bde2f4d50906fa100abb4d0675ce04bfd5630058e75c8663a698270f9deb1d61fd78934a1c800784e4f2b51b6c75fd4b4407298eec47d8314a9adf28c3155c21d15269546e25d1014a54d47ca6c5ec7de156b7a0f378cf69874c8c4f4b78d62f77f99bba0c4c9d15f8b29ce8e1a5eb8a1837f1748a04d170c19ef516de0e274728827b062e786241ba13d32740137c2dbf1f89435c69285168a0c4c7640ffa64a7368f34a1667a26a897a2b5d66f420278910411204cdd07a2fdc7c41323133abd62a32e5f5c0673d591f59f06f3b5a6827fb40af616ba9e5d62bfc032e6cb88a23be9939866c9602aae4e731e21eaa8686faef9a34637d65fa4ca7265de7bf1aefc1721e62b2ec20cce9adbc0b797a801a0f844f10200131cd396c942fe4b235aef9a61357dfa86dc67f7bdd2f96663691904dcd5d1db1d293b05987a4f0656e16b5df3e588ab8bc3b44598394d703af2993d3e69daf7a159941155b01f3c339cd10f5e0b821356634f9cf72d59b53bd4cc61c80542c8559f2feb8a368814db0a868fefd645f31c7fd32b7c745946d986a630530120f971187d0575824736c304c3720e48574b45d57ee9fa565f1a6f10cec01da1fe5880bc117162d57e45ec5decb9fa1001546636be130abe6623685265f405caa5b08d29aac581eefddf6fb373bbc055c379a8376486e102128403094994b6e9c871f123b652a31d4d9e7840b6288d2b8f29b467f7d8d53dc9c58e67cf46df0333d8446fdd510c115df7af5406f1ef56f0db54962c8dce416946c216a1276ec454880ce3583e6419520e1c8b91ae228f784a79e6e63e1972d0549550917d963ef2938fbc0e366bf49dd0150b2560f0b662ef723fd8a98a129214123da3cb2069c6cf1acb31545bcc91590e233152c56f9d6ad8f38b4d4d88ae1c5ff88a8d13d3c8fa0e89f5d176c17c83d5c5cd7e629e9cff22352eda2647d4b18b31299573599c2bc8ec9b6b67dcac17bb63899e29a5ee8ba8cc35e7a0d9cf1a00f8a989cef3c39d3d48dbaa9d23f55898f3563765c6689ac66b38d10caa7078e59e2bd6fd7b6896a1e84be1b3a1229cc75f7372e61e898d395632b1b74a54dcd21aa6314e350896cbb12ebbecf9510483f00afda53c0aa6aed5657d57ffc704792e0911e805118f39b756ecbfb50df2e8fd0035bfd58eb5b2bb31cc5c8504fa768c398a5168c64eaa1db158a4f7eec2039167b264c16db49f5e56e9f6238b46d2b6036a5238e9750b46d6a1ec885eb56e02d705009d644cac81c2ef265532f5c327270d28964bbb9413f823c89d8f05fdcb567e739c7f54bdc3ce8e0ac431b6766e030ce83c953d59b647848a4684084e5c4188a0f66cf38e17889298c092e8eb88c451a36c6d442bd8b7c01e29eeab248687996014e6e01d1073571ff669cede3e23aa3986c0dab34470ae5454e0347da9103a1e54c6ae6c1fd2463713bb92ad961f9114e4770a494ac794873590403abfd4a1424f8a6fcd8ac53979531cba56e8e50fc84bec97cf589be66b55de37b8edeac967ab7fbac69e3e37efd23a10fc3292b61e88467fd8690dd5eaaa247d3a2db4c7b6e1927bb6a1f687966dbd7d29d2d747b5979ab1247daf63fb541a3a9ad9a8f3c143143e0c38d3a4e356cf20cc102946c95525702f05bf270979634f8054d64a9da0e1c4a27a51119698f124558e48ecbd65300f11ccf93a82a89547c29bcff4c24b2b087d3260d1971d5a9645f12861f166c586bec06be45e2919a00b1dda89c141d74637b6260548cc464da3af149b6d290ef56912e2ea189b793e94acbd8548d585e210e21f97f528066c66a63e8493bb7f8e9a088b3922e42a76f536354936027020d67f32686e564f9038e348a39405edc7b8a834625c6eabb5adad204ad631a891dbcec5d6e3c3e844cf4221a2127ff1d8126f02706fa478d5a8157fd60b1bc5203e87f697e15f02fdbf775e2de45de280e872406d34d07d83bf3e488789fa0763c3599369a4eb90d5d3d24df66224935af048b81ecd45e91b580bd82c61d21cac0d74dadbbadf28b364ee8be153d2f509855af4b6bd41adae2a19d06d68b6f05d0eef67fec505212cacc0374e53d44c5af5d3c9991cf629ff56b2720881b09239911eddc7332b03200cfd6b5930daeea2d8d24318fa2e8737ec7dccb938a1ecae4a52efad97b9a5c2de13df985766a9de7a3055c9a72fdf7affae0ea6229a23fab4cc15feba88d9b6a4469bf98e3f50925c027417bf7ca8b77be50ad82b005359c63d8af3d15759d0960b99f773b57efd710f4b6ee61ee23c0b7dae417458b70494a41c989001b85d4db25fc99e9fa3fab07fc1b56b83a152872f45e9f21dd6359da2c929524499c870560da12270665c42fb1181546d523b788d99eb34991466940144eab083647162d8e3423936bcc6d08aae078f81950946e0a42dd7db6963c60283c78d05f64448dc3d4d1dcbb14477498a41a6b9c66440eacd6f22f8b7a32a16a0d9c263c07f25c7e277c7a9b90b9ce19f319e7dc8a301d09fe5aa41708693fd27d261e7ebed67fc8f98b37223954391148b7c8b7cf0eee79111f829fec738117646f209214540866dcf1206f94d1454d833d9434a1a8dea7e522093881cd8aaa5242b5aead1c5714f1dba1519efd305d137b056a02f56791c7c170baba703de76f2ad6bb19ebc9917b6ccae7a9b2f0a9a53cdd937bbcd6e88defc070efa4a41b8a5fe0e18a63f4fe7ed1e557a45e1524f76499d1acaae245915ccca01412a07d1f4443cb2217d992fab6b257226d59672b48f28590c86e2aeef5efe57fb4ec7229067927e5581a40d898ab95b51d5066fb7980b89b6839063c748242e759d0bb22e2c36b299378ee03094b652a8ece2346d1fac7f198afef3444ae456c67f77bc5911c6302c928cb1f3b89f4bf5e188b3e5130e9516073869f74ea3d03184ab8fda909eb828b12536e4e54584f39b01aa923d1b0877f8b38eef7fa4408b6cf11c0c5edc635618f843ae2c0e3560ef1cc3a052b392d64f922a87bea7c46342c3b268f056187f42351173e2c1e926d858a71d218ce6b14dcb403a51efa82f68450954dca690db016867161d4c996bfcbf587722a7c5948c4a2812ee72ae40826c4620cea36eb1d6471ccdcb4ac873517676b8132779bd9f2cdaa404222a06caf22e02b54785a6bee6ac4d8f01f9077b0f7d8d1408e40684c68e00a760eff9f39f2fc1fb31d3f90c90328637ae817070af8c069b7e722a27d17a14c9a81ce7aa30cce4f1831de1f16e402d7b07aa26512e7f4cdba7cf760c37b989ce210312f8644f41ea0a53ddf2458686c200e8487a0fec36935703f9137e9559dd9de9ae0a3bda6df6fe9b2e3edb2a569838b0dd6c0c23ba8926806527b7ddedf09d95c95d16ef24872ea1fad3df2addfae23d08f5564e2ef46c460666d3460a9ce08822374e9f992742d22637bb9b52414b3dbd844178e39826c11dc580bb87aaa5697215a2e384d20c798b05db67e3280761824554a4f7776fd2c42af2c433d977f2cb51c8682423c4c63657b7e2a6527fbe59116546fcdced02521547c4a8549dfb444933b47c9c2caf23566bb4ac5621a6d14b4316795f16fb811e66a6fe5138f0ac7841a4d1434ea0cfc4567de63a3ccff27d1ce55b0c4a8fa4c4a05d9f2cd202f9ee74bfe6df5afc501b1ac044432a73d918671ce84c73c0d66e550cceabf17586532d3d186c45f13a87f3af2a0f3045d5903ea8fa197517262c311f753aefff305429653481ba5312f1d8ab968d3c93765111fc03331c54a8323cd67881ca14c2b38531dfcdac95f82c9db82b5021d42323e1e1ddb530bacad9c6aa1af781d6aaaea04dd6c0fc7dd916092ee796df06588ed942363865e3c91d3063268bed6aa345f8bc944d90ee14fa3c66a7f4c29dca24f9e58ab10976130197f23496fbae279e1bb922a36cc804bb7c5ee2f4ee09f85fbd250fa57798241911f2e8d876b9e8de553fab3db69e18e53f9b40a3c54596814c1a77658086e9baeb3f8cf7a4e452e66dd206c63e71449796ff9fcbc172663612a8a9ce9bcc94aa094a974130d5fc25d6aa2ccdd4d3024c3950a453dac6effc87621c05ece05adf4272c640c3d02e144fc25563234674ace6f904a16f4b8f6bfa19c3661146d58e16b6c63aa5891d517bfbd65f40a1dc9a61435924adab31053de20000000000", 0x9}, 0xd, &(0x7f0000000540)="0562293e9164e41ccdc8d1c93a1d956434724919ab4222eef9b788b64c05781595f09835d5cc3931", 0x8080000000000000, 0xade}, 0x3ff}, 0x96, 0x80000001, &(0x7f0000000500)={0xf33, 0x4}) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000002700)={&(0x7f0000001580)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000026c0)={&(0x7f00000015c0)={0x10e0, 0x0, 0x200, 0x70bd2b, 0x25dfdbfb, {}, [@MAC802154_HWSIM_ATTR_RADIO_EDGE={0x10cb, 0x2, 0x0, 0x1, [@typed={0x8, 0xea, 0x0, 0x0, @fd=r0}, @generic="7969128fd19fbbc536d0a5a877c2f696c939cfde5efe4fd7dc515ef8a5041d4353a75f43b6d15bd7fd4061a491f4f71f852ba8646f7efdc974d95fb6a8480e5d09c8f560fa9426b101949755e8404602887ce4d518c4930dcd8330aece9ce9337fd4b8336916fe5249658a8e84770408885d601f9ae6267de29cedc618d662a6a98087a77de288dc54ee92f3c48d6d0dea3be5fd0b8b121d7bbff263f7fe454d01c7be54ff2ba9fb88a5e506954f18418a9c6924b1bde89e009ee7b7eccb5671894b046faa8ec2882f15a18b330e9f2c7c6ed8da27d9b1782738ce346e89e842b5a11f950cebb82fe40cdc1ba9f30c8a6d7ede04c61fba559bd8a14c7a0aefa4a52b6a66f3f8899f59cd5d699bfa876e8aeeef66bc0eb8270a270b2d9b26ec06c60e0e5f1d07f8684cf4778b29c579573253d8b36d1c06dc915153537d3d8a855b18a2fa756b8131e6c88191f27fc18f281d8aa8e52b73f45d978cc4f3a06c97245ca008b7f9a1483d874e0a7479b7e0b5567e67d3b6edbf4ec73fa198b35f9ae78eb6eff8dc1c5ee2c5650bf77bfced931423cd9f3a77d66c43038c2f2a3461d0870509f6f016c426f2d3f4fae933dc48b0ef5d6fb94d4c6850aaa183f4320d2f93946dc65c930b00c1da55356a6d7576eb7442010f73de56f7e76bc56881e84527b1fbc82190ab343378ead3690bf1a7f83b04412c865cc1d65b678b97e0adb048fde770c8f3a919fc58b8f7967194d7c892e2af1c10a3bfc79bc50b773d059becd42546f1e84f067a3f1730a49fbf33defe15bc3fa1759fa4fd0cf88860f63d48a53887e35de22dc2b19cffdfb74216a9a47d9bc8518eb8e10e6f49b6193af93bac5b48a0f0a9c4033f0386e93735d0f33bff0706d07e999c80f40f91bd0b88149a34382f8eebffaf6bd1968fd3e4c690f2256df6a59038427c0e5405d906b589741e61c6eb796a0398ebcc762dbcdeb55d1ece89fee34757a0a290e41db3b001e358746e0b97b2f3df2f1888fcba6b8fb32e53edda76a8ee88f22c981017f5fe93f12589ebc7cde8ebabf832766b242a24bc87db3e0c6a27966fe919b70cb9654c3b2fea270e02a6ddf1b6a4d86b4a1a6caea45966f44700b345834d07fbe0dc373c7171a540b86152ced3aaa4ba7374c7fcfef8691087d4afaea018e6546152730b00756f86827cbfa7000512cd751c4d6b574139f8bace0f2ca6ee845c6d801097762568ab5c154baa69d025a429e9a1696a00c8fbd1cf31db2a73effd44df525806ff6e1d721127a9b989e9f05e61c808513f0c1f3c5302e80e21142efd688b6890ef278c59bad36f8d1595012340325a4ad4ba4810f6c88b8c390d51197ebe141770d23b6b9661141c48c4d20a2e68b60f612d595ef19577e27723e448217fab0b704bbd3c0dfa7f6e2885a42c19cb332b9c60570ad0741ad52d9446f329341aad9d9f64fe3e1c91581cf500bca8c2bcf47d37905fac4760e5e9b107ffdf87320a386467b62256e9aff1c37ee7541e394be450fc389fcc17375493eae125708f1d8fa39e44ffbe8218ab098d4d9d56b53786d1305ddde34b3ee0b3c3157203be334beb52f5138706c218835b25ff62c0b387c82872f7da5621a7d6c091fd0ee85a5350ce7611e7617fc93223dc43f40e98a8750ec26f1e20321a7f273803994febae2139e2edf001c7c6632bd8a1e62631e27edf6e67291d25a64f8e3ccf9c7afa3b7e7f4c50fa4e75c36fde44557dc51ae8ee6cd8eb8a70a6d9534de7a463a1e69d4c2d08cac22b07b55be9743b46eda1b10184ffb91b4e85472e3a2ea1382cf91615ca5ba3bb419102ea72fc504702a4ac81e7bc9ee1ac7575cfa5019f00362aff14e9843edb60e9e1a31c97b20edb1fe5af0c553e158281c009b97c7a4644c237ac1de4234ac54aadc0b71406e2f76b5b9b0ec6db6fa79bcfb7c3f399d8859f5f95d3d73acf9af0164bfedd8220a8179a3f3353a8580a54ca1464385d3cd33259c78089c5c6ae01c5614a3558fa0ce0c463d7a326c08779661e9375504ff584072ff88b82171e2645e7f443866ff09125a7db08f21996f04b23d1abe9385d4c9a8edbf4b91193ee4a4a7877de39067bc336504f7d2b24c265c1b3be96ad84c58906607d009544f990cab1aeafacb4e0f2bd89800bb3d04c1ce4585200a4d7dcc83d5a3ed328a9631a49527b60fb8200b45f25c1232f487b9f5303f1ba645f7276e8ec7d1db3fdf53a48d9d46a561098575973db19b6bed70cc5ec3e175d194b6ba2ec1a4fbe83ab066535d347ad71e0238eb7ed593e20f2def4b3e1492190940bc09a4ce26cc7c491cf746bb655cd03d7f0f4801f9bb483a21e4bdd64b42be07c01f555a99207fc1848fbb8579688b88255ff2055dcfe0394af436fa5e8179c8362a7d762a8d83383f46b31cc05877c55388dd66ecd55ffd908fd664644a23b7c779cef8ff9dcaf74a749d00da9ece414c200d2cf0f333ac40bdb7686c69459cb92ad6136deabeef4889ef7b3a5462d3b98c8d09c20c75e79b703b547ff9863022ca076700d7b97b047bdf93927d5b95aa7abc267f04d50b3a9862217daf6bd7f34ac75bc72a50bea7e98586f807f4860e3c0d7088e5ad748882f7e380b3cade584623e9d45bd7433f63a278404ffcb4defa2a5369e43cbda4193d60b73a788f5edea5ba99acf23dd51f103294cc53c15f37c392d8fe23d9437d1136ced80cc18c175335b7f849526bfb6fdec3fd410908856346b2c13c805d1c475ff9b59bf659f3a236a1b27abc34bc449529c537238922882460a44a8eb46e7050951a5e6112910c8a509be6c4bd7e57f86ee5c3c7bb0ca45479a4ea6c3d8dfa60de1dc45ab944bc6997e10f99c0e41347193a658bda335d322be58110d88feee46a9294e5d33234ae7bb460c466dfa89253890bd0bdd34929007fdc7ba82f2a63296737047359c65d4fadf989b2c21645b1d55b9f4cf8329a1e0340acd9e3c2e06f445084ec160c06d4d88eaa1fa36de2bedec2f6a6e056df16e92d9588b483acc5be1c708a72e75cde0025d142cbcf3d18e745be81bae0d8bf1156e76e143ac6888bf3c25027199ec2b841d856d0b3b6a7c86d7268b9c8fe91a57915b12fdce5a068b3fb37ca3a6f2eed71a2d3ba40c23707b7c4d1c8d93618b0e06a0772d0e6ae3315f32d2de0aef0eced6785fb29e5bd7547cd706a93063598c608b96b54934b1cfd83e710674d84f9666eebf91363d959a5e9babb4a1a29782a5a8df7ee61c882f2abb647a987cfbf1dc0679b9caf3cd257f86ea0a91183dba201544d340cec7740d35a7ccc38c6cb6726f035200501e7a873248086c740735a3a477a3a72bef77204ba231b9084ccf29936b95f0d44c2180a01791fde135ab01a1a4b07eddc450ee5c0be5767b6d05432016858261a2153b6fb46a95661b30b6069b4ed3cdc74cf39094916a8030fd00ed0f3ab22ce7d1201fe5da79284602cda5b5ec4346a72a6c5c88ca39d4a78e8a87953a81d25ad1d82f5521d94536bab25cc011b080caf9716a3778362e30aeeb58917b565a30204753af0c0c99d14c620d49731e8cdba46c3e4c3a05b0e8efb31f4293a28808c25f6194a671a0ec179c38b33490d19754fffdd5ce1fbcca4346f06d28d08370fb67bce4e7c1a2c1a3dc23ee7ec31b99b437a897b2af9bd6a906f7fac3592f2a04efbdffed145ddb137a4b4eaa60e22c64261c7d0ea2ea8500d1b2e6ab143ad24835c381765377615edcb19159db99fe9a7fb4c46279b82741f26e9c2ed5b66e815bcc909e767d7934bfc512bdb718d4125c710b193e9045b4cbe22800aaf1238141c313be324bb43bcb9e293e40a672f020e180a647c7b131a3c7dc94173033d795da61f6bca76781e716cfd007ddb321da805dcbefba4794cedf19b3e33ef426e18d18450328449f25cc9b3de3df196d4549c448f9371eeed1d01884dd9b12b3caf8dadb231f077a4ac61d10eea8144775db043b9960780644d8ddc058014d13a21c8b682fabcad0e4bd1d7b93b3b5cf2e3a9befd6cf71971c3cd58cda9a70168b3d51c716092737359cad43f80bfe024261c374c563f4420139dd85e7f57c8b00d1d11fb13a6c2aa9b030ccc79d6afc039a3e19f24e693e64556b5b4da8bf7d2169be567ab67347573642ddfc9d2a7cb70399542ae234eba3c318130dd6935c44a57a788e46c5e8594286cf2b9a6944cce3f4cdc77f1bddce36331a128dc8f39138727e877c72b2d348785a72db812233a0c0d87129adaaa1fd9b5231a9f3ef918eeaf3310aeafd9b6a2eec81ab8be8b6761e83c53326448c34064d6acbb0398d2a243e713f39eb9387bd5ccb84c57e0f52c314b0cbad9201e0019fe3487aec77cafdde81cf1a2a6305ea8e4022fbbe7dda94c1976059b628753874d6c4d4fc22dd47a788a71cd4a465aff418b53edd54d8775778fff8db5777304fcc00cd5d63d7073514b17b917ab56e6d577e4a7c89d5a0f1dc7b7db21b16d901503798d2b9e88100bcb4f2456152d42f77e75df625b91c6ef151607a3f51fa9c0c26a21a3ab7f1adb205f5af36f26d78f53a3aba78c2b31c621446979a3fee9b0afee29e084e59484529def78f60900fb4102847a8559aec36afbe64216f764e11e05ddceec43e3655ea5d6d70b4ba536b06bb50619da8288476beb6e0c36ad8dea42dccacca3551cf7a6ff1e2b67247f4ddbcd11b0dd16b052271ddb36f1bd58dfe5c5a5971497fbb174c94a8d1b0087c976a546cd495ec98c863e9097cb8cdcd3549dd4b961f98eadb007e82c3b31c53ef321946e72640dfa796eda5bde98d902b6809d62eb39b76807943a274881ff8e14843396713a0958db8bf695876c66fa592ec99143ed09ca64c627039926db50507c60d54d757d02d4c0e8237dfaecae8fde8347781337719889517ed95f2a70b28e57bfe2bb611a748f7e91378556e72c63a8c49e16557cf3ff047cb0cb53875fbe63846674c97ae67434dfabbdeb8748e4ab066ab14a2aaf7159b634c72eb3b5c15e0881969198ad6003088c7c829ff6200f5db15376f4a5f18f96793967247e8f9b0a198fcd1ea573e2816d185d5bcd04d098e8b59e878d544262bca8db00f208ffb1a49bba869c2ee914423e2b17087fbe357c8c7f683c6fe5337693a79581eff546a1ae5cc101f8db289111ee80329bf446a25978019922a75621ab51256a9785c9942646724127b23a3136b6872cdbf0e3646946fafb71bc453e6b6e96b6410c62ed6d530f55d75d7a8ad683189012aa454fc60ffec02f074312cf86409c652c1accef93270f4e00d473d62f275688cbd823340688c38c2ad5781d0d4b8ee4f102c3abde1d5825a0721cc5cedd047b4ceb946230189f4c996212a33c6156ab303cdd49c6503243767950059998e5697ccd136cb6f0e390df39e00bc0364b9dac2a9f8774bb5e1fa57e7029d9455e6f1480ae9dd25b0e2e69eb9258695fd0378a3a37ac208a7ddf6b39c7adb6e0eec0f5339509fa505d632a24c978ee86dc0e8988c804c3db539a7c2be1048dfa624caca89bbe9603b02024325d005fba4d544cc15d52abaf1f746999038a8b36eb103e9a518fe7cb3b9ba4cd4ac9002d2c63a94a422de5dd398c1987d21b3ec3248b0a6e6c6c0b13174df398bc5015863a24711ca94dc0796d9a7ae5dbfbc23cc129c8174484579acb49654956635433bb8a2f3d123c8cd214ca11b231ef17566a487634ffdd7642d37f294998e8162f5975409a61116514d98760076d0f41cc4fe9f2b84004cb5ee993b24fc87a8", @nested={0x1c, 0x3f, 0x0, 0x1, [@nested={0x4, 0x45}, @typed={0x14, 0xfe, 0x0, 0x0, @ipv6=@mcast1}]}, @generic="af56808c8df32fe15a98defa2448b4df4fb71d6dffbd785a000f6517cb23cc986da269297b0607ba6a14c18d4a6db5c4adc3ef969dcd32", @generic="8390c8a0d46b62858dd4b7792b1915aaa5c2ccf2ded2586ebea38f351d71641ee9b7d4feac1d3360c0683ea14bfe70b65d0089ceaa925c6b186124d2ecf901b79a0c0a329c1ac0cc92d1d0be26684aa9ae048122", @typed={0x4, 0x79}, @typed={0x8, 0x143, 0x0, 0x0, @ipv4=@private=0xfffffff8}, @typed={0xa, 0x73, 0x0, 0x0, @str='}@,/:\x00'}]}]}, 0x10e0}, 0x1, 0x0, 0x0, 0x50}, 0x4000) setresuid$auto(0x0, 0x8, 0x8000) prctl$auto(0x3a, 0x2b7, 0x8, 0x10003, 0x10001) sendmsg$auto_NL80211_CMD_NEW_STATION(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r2, 0x200, 0x70bd25, 0x25dfdbfd, {}, [@NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x4e22}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44090}, 0x4) pipe$auto(&(0x7f0000000380)=r4) faccessat2$auto(0xf, 0xfffffffffffffffe, 0x3, 0x1fc) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socket(0x10, 0x2, 0x0) statmount$auto(0x0, 0x0, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) mmap$auto(0xffffffffffffffff, 0x2020009, 0x3, 0xffffffffffffffff, 0xfffffffffffffffa, 0x8000) 53.751173ms ago: executing program 7 (id=2825): mmap$auto(0x400000000000, 0x200006, 0xffffffffffffe1bc, 0x40eb1, 0x1, 0xfffffffffffffffd) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080), 0xfbf}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = open(0x0, 0x4242, 0xe1d2b27bdc14aabc) utimensat$auto(r1, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)={0x3, 0x2}, 0x5) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) r2 = open(&(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = socket(0x11, 0x80003, 0x300) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_GETFMTS(r4, 0x8004500b, 0x0) setsockopt$auto(r3, 0x107, 0x12, 0x0, 0x4) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) read$auto(r2, 0x0, 0x1) r5 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) write$auto_proc_clear_refs_operations_internal(r5, 0x0, 0xffffff4b) 0s ago: executing program 5 (id=2826): mmap$auto(0x0, 0x20009, 0x4000000000db, 0xebd, 0x3, 0xfffffffffffffffc) io_uring_setup$auto(0x6, 0x0) socket(0x2b, 0x1, 0x1) listen$auto(0x3, 0x81) sendfile$auto(0x1, 0x3, 0x0, 0xc01) lsm_set_self_attr$auto(0x1, 0x0, 0x80, 0x0) r0 = openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/gid_map\x00', 0x200003, 0x0) setsockopt$auto(r0, 0x80, 0x0, &(0x7f00000003c0)='\x00', 0x2bd) socket(0xa, 0x2, 0x3a) syz_clone(0xa10000, 0x0, 0x0, 0x0, 0x0, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x5, 0x7, 0x47, 0x32b, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x3, 0x2, 0x4, 0xb4, 0x9, 0x2, 0xfffe, 0x80, 0x7, 0x0, 0x7, 0x0, 0x200, 0x0, 0xc00000, [0x5, 0x0, 0x0, 0x50100000000000, 0x0, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x5, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x400000000005b8, 0x0, 0x0, 0x0, 0x4000000000, 0x6, 0xffffffffffffffff, 0x0, 0x1e, 0xfffffffffffffffc, 0x3, 0xa38, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x0, 0x0, 0x0, 0x3]}, 0x1fe, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0x2, 0x6, 0x0) open(0x0, 0xc162, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x541641, 0x0) acct$auto(&(0x7f0000000040)='\x00') acct$auto(0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) sendmsg$auto_NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x4c090) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) clock_gettime$auto(0x0, &(0x7f0000000000)={0x6, 0x10001}) kernel console output (not intermixed with test programs): hci0: Opcode 0x0406 failed: -4 [ 272.206097][ T9256] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 272.234012][ T9256] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 272.268414][ T9256] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 272.294023][ T9256] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 272.340912][ T9256] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 272.354093][ T9256] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 273.504091][ T5841] Bluetooth: hci0: command 0x0406 tx timeout [ 274.239492][ T5841] Bluetooth: hci1: command 0x0406 tx timeout [ 274.362687][ T5841] Bluetooth: hci2: command 0x0406 tx timeout [ 274.394173][ T5841] Bluetooth: hci4: command 0x0406 tx timeout [ 275.365458][ T9302] netlink: 'syz.4.818': attribute type 17 has an invalid length. [ 275.373310][ T9302] netlink: 326 bytes leftover after parsing attributes in process `syz.4.818'. [ 275.573173][ T9305] FAULT_INJECTION: forcing a failure. [ 275.573173][ T9305] name failslab, interval 1, probability 0, space 0, times 0 [ 275.594279][ T5841] Bluetooth: hci0: command 0x0406 tx timeout [ 275.633955][ T9305] CPU: 1 UID: 0 PID: 9305 Comm: syz.1.820 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 275.644730][ T9305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 275.654833][ T9305] Call Trace: [ 275.658159][ T9305] [ 275.661139][ T9305] dump_stack_lvl+0x16c/0x1f0 [ 275.665882][ T9305] should_fail_ex+0x497/0x5b0 [ 275.670625][ T9305] ? fs_reclaim_acquire+0xae/0x150 [ 275.675795][ T9305] should_failslab+0xc2/0x120 [ 275.680548][ T9305] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 275.686045][ T9305] ? get_random_u64+0x57e/0x7d0 [ 275.691053][ T9305] ? prepare_creds+0x2e/0x750 [ 275.695814][ T9305] prepare_creds+0x2e/0x750 [ 275.700395][ T9305] ? __pfx_get_random_u64+0x10/0x10 [ 275.705660][ T9305] copy_creds+0xa7/0xa50 [ 275.709990][ T9305] copy_process+0xeff/0x6f20 [ 275.714648][ T9305] ? __might_fault+0x13b/0x190 [ 275.719488][ T9305] ? __pfx_lock_release+0x10/0x10 [ 275.724568][ T9305] ? trace_lock_acquire+0x14e/0x1f0 [ 275.729845][ T9305] ? __pfx_copy_process+0x10/0x10 [ 275.734942][ T9305] ? __might_fault+0xe3/0x190 [ 275.739704][ T9305] ? _copy_from_user+0x59/0xd0 [ 275.744556][ T9305] kernel_clone+0xfd/0x960 [ 275.749048][ T9305] ? __pfx_kernel_clone+0x10/0x10 [ 275.754162][ T9305] __do_sys_clone3+0x1f9/0x270 [ 275.759004][ T9305] ? __pfx___do_sys_clone3+0x10/0x10 [ 275.764411][ T9305] ? __pfx_lock_release+0x10/0x10 [ 275.769504][ T9305] ? __pfx_native_tss_update_io_bitmap+0x10/0x10 [ 275.775896][ T9305] ? do_user_addr_fault+0x83d/0x13f0 [ 275.781251][ T9305] do_syscall_64+0xcd/0x250 [ 275.785826][ T9305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.791788][ T9305] RIP: 0033:0x7fbc8fd85d19 [ 275.796263][ T9305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 275.815932][ T9305] RSP: 002b:00007fbc8dbf5f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 275.824408][ T9305] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007fbc8fd85d19 [ 275.832439][ T9305] RDX: 00007fbc8dbf5f20 RSI: 0000000000000058 RDI: 00007fbc8dbf5f20 [ 275.840459][ T9305] RBP: 00007fbc8dbf6090 R08: 0000000000000000 R09: 0000000000000058 [ 275.848476][ T9305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 275.856498][ T9305] R13: 0000000000000000 R14: 00007fbc8ff75fa0 R15: 00007ffee12c4c68 [ 275.864538][ T9305] [ 275.867611][ C1] vkms_vblank_simulate: vblank timer overrun [ 276.230115][ T9309] netlink: 28 bytes leftover after parsing attributes in process `syz.0.830'. [ 276.264762][ T9309] netlink: 28 bytes leftover after parsing attributes in process `syz.0.830'. [ 276.301226][ T9309] netlink: 4 bytes leftover after parsing attributes in process `syz.0.830'. [ 276.310226][ T5841] Bluetooth: hci1: command 0x0406 tx timeout [ 276.387821][ T5841] Bluetooth: hci2: command 0x0406 tx timeout [ 276.463967][ T5841] Bluetooth: hci4: command 0x0406 tx timeout [ 277.387928][ T9332] netlink: 28 bytes leftover after parsing attributes in process `syz.0.836'. [ 277.424478][ T9332] netlink: 28 bytes leftover after parsing attributes in process `syz.0.836'. [ 277.459333][ T9332] netlink: 4 bytes leftover after parsing attributes in process `syz.0.836'. [ 277.721543][ T9338] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 277.731286][ T9338] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 278.524514][ T9352] FAULT_INJECTION: forcing a failure. [ 278.524514][ T9352] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 278.583047][ T9352] CPU: 1 UID: 0 PID: 9352 Comm: syz.1.833 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 278.593743][ T9352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 278.603851][ T9352] Call Trace: [ 278.607179][ T9352] [ 278.610156][ T9352] dump_stack_lvl+0x16c/0x1f0 [ 278.614902][ T9352] should_fail_ex+0x497/0x5b0 [ 278.619645][ T9352] ? fs_reclaim_acquire+0xae/0x150 [ 278.624823][ T9352] should_fail_alloc_page+0xe7/0x130 [ 278.630188][ T9352] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 278.636414][ T9352] __alloc_pages_noprof+0x190/0x25b0 [ 278.641783][ T9352] ? hlock_class+0x4e/0x130 [ 278.646438][ T9352] ? mark_lock+0xb5/0xc60 [ 278.650848][ T9352] ? hlock_class+0x4e/0x130 [ 278.655418][ T9352] ? mark_lock+0xb5/0xc60 [ 278.659823][ T9352] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 278.665607][ T9352] ? __pfx_lock_release+0x10/0x10 [ 278.670688][ T9352] ? trace_lock_acquire+0x14e/0x1f0 [ 278.675972][ T9352] ? bpf_ksym_find+0x124/0x1c0 [ 278.680802][ T9352] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 278.687021][ T9352] ? is_bpf_text_address+0x94/0x1a0 [ 278.692268][ T9352] ? kernel_text_address+0x8d/0x100 [ 278.697514][ T9352] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 278.703440][ T9352] ? policy_nodemask+0xea/0x4e0 [ 278.708347][ T9352] alloc_pages_mpol_noprof+0x2c9/0x610 [ 278.713884][ T9352] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 278.719933][ T9352] ? __pfx___lock_acquire+0x10/0x10 [ 278.725182][ T9352] ? __pfx_stack_trace_save+0x10/0x10 [ 278.730591][ T9352] ? stack_depot_save_flags+0x28/0x9e0 [ 278.736100][ T9352] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 278.742383][ T9352] get_free_pages_noprof+0xc/0x40 [ 278.747437][ T9352] kasan_populate_vmalloc_pte+0x2d/0x160 [ 278.753108][ T9352] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 278.759407][ T9352] __apply_to_page_range+0x5fd/0xd30 [ 278.764772][ T9352] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 278.771058][ T9352] ? __pfx___apply_to_page_range+0x10/0x10 [ 278.776909][ T9352] ? insert_vmap_area+0x2ef/0x4d0 [ 278.781986][ T9352] alloc_vmap_area+0x93e/0x2a70 [ 278.786893][ T9352] ? __pfx_alloc_vmap_area+0x10/0x10 [ 278.792226][ T9352] __get_vm_area_node+0x19e/0x2f0 [ 278.797292][ T9352] __vmalloc_node_range_noprof+0x26a/0x1530 [ 278.803223][ T9352] ? kernel_clone+0xfd/0x960 [ 278.807873][ T9352] ? mod_objcg_state+0x4c4/0x8d0 [ 278.812882][ T9352] ? lockdep_hardirqs_on+0x7c/0x110 [ 278.818127][ T9352] ? kernel_clone+0xfd/0x960 [ 278.822765][ T9352] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 278.829628][ T9352] ? rcu_is_watching+0x12/0xc0 [ 278.834439][ T9352] ? trace_kmem_cache_alloc+0x2d/0xd0 [ 278.839854][ T9352] ? kmem_cache_alloc_node_noprof+0x219/0x3b0 [ 278.845968][ T9352] ? copy_process+0x49c/0x6f20 [ 278.850772][ T9352] ? kernel_clone+0xfd/0x960 [ 278.855400][ T9352] copy_process+0x29b3/0x6f20 [ 278.860114][ T9352] ? kernel_clone+0xfd/0x960 [ 278.864741][ T9352] ? __might_fault+0x13b/0x190 [ 278.869554][ T9352] ? __pfx_lock_release+0x10/0x10 [ 278.874610][ T9352] ? trace_lock_acquire+0x14e/0x1f0 [ 278.879856][ T9352] ? __pfx_copy_process+0x10/0x10 [ 278.884926][ T9352] ? __might_fault+0xe3/0x190 [ 278.889658][ T9352] ? _copy_from_user+0x59/0xd0 [ 278.894470][ T9352] kernel_clone+0xfd/0x960 [ 278.898946][ T9352] ? __pfx_kernel_clone+0x10/0x10 [ 278.904027][ T9352] __do_sys_clone3+0x1f9/0x270 [ 278.908830][ T9352] ? __pfx___do_sys_clone3+0x10/0x10 [ 278.914162][ T9352] ? __pfx_lock_release+0x10/0x10 [ 278.919224][ T9352] ? __pfx_native_tss_update_io_bitmap+0x10/0x10 [ 278.925594][ T9352] ? do_user_addr_fault+0x83d/0x13f0 [ 278.930936][ T9352] do_syscall_64+0xcd/0x250 [ 278.935480][ T9352] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.941409][ T9352] RIP: 0033:0x7fbc8fd85d19 [ 278.945847][ T9352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 278.965488][ T9352] RSP: 002b:00007fbc8dbf5f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 278.973941][ T9352] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007fbc8fd85d19 [ 278.982381][ T9352] RDX: 00007fbc8dbf5f20 RSI: 0000000000000058 RDI: 00007fbc8dbf5f20 [ 278.990466][ T9352] RBP: 00007fbc8dbf6090 R08: 0000000000000000 R09: 0000000000000058 [ 278.998487][ T9352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 279.006482][ T9352] R13: 0000000000000000 R14: 00007fbc8ff75fa0 R15: 00007ffee12c4c68 [ 279.014514][ T9352] [ 279.017692][ C1] vkms_vblank_simulate: vblank timer overrun [ 279.148655][ T9352] syz.1.833: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 279.264101][ T9352] CPU: 0 UID: 0 PID: 9352 Comm: syz.1.833 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 279.274780][ T9352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 279.284875][ T9352] Call Trace: [ 279.288177][ T9352] [ 279.291135][ T9352] dump_stack_lvl+0x16c/0x1f0 [ 279.295866][ T9352] warn_alloc+0x24d/0x3a0 [ 279.300243][ T9352] ? __pfx_warn_alloc+0x10/0x10 [ 279.305138][ T9352] ? kfree+0x14f/0x4b0 [ 279.309247][ T9352] ? __get_vm_area_node+0x1dc/0x2f0 [ 279.314484][ T9352] __vmalloc_node_range_noprof+0xd27/0x1530 [ 279.320430][ T9352] ? mod_objcg_state+0x4c4/0x8d0 [ 279.325417][ T9352] ? lockdep_hardirqs_on+0x7c/0x110 [ 279.330665][ T9352] ? kernel_clone+0xfd/0x960 [ 279.335296][ T9352] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 279.341663][ T9352] ? rcu_is_watching+0x12/0xc0 [ 279.346467][ T9352] ? trace_kmem_cache_alloc+0x2d/0xd0 [ 279.351888][ T9352] ? kmem_cache_alloc_node_noprof+0x219/0x3b0 [ 279.358004][ T9352] ? copy_process+0x49c/0x6f20 [ 279.362807][ T9352] ? kernel_clone+0xfd/0x960 [ 279.367439][ T9352] copy_process+0x29b3/0x6f20 [ 279.372160][ T9352] ? kernel_clone+0xfd/0x960 [ 279.376797][ T9352] ? __might_fault+0x13b/0x190 [ 279.381614][ T9352] ? __pfx_lock_release+0x10/0x10 [ 279.386679][ T9352] ? trace_lock_acquire+0x14e/0x1f0 [ 279.391930][ T9352] ? __pfx_copy_process+0x10/0x10 [ 279.396990][ T9352] ? __might_fault+0xe3/0x190 [ 279.401716][ T9352] ? _copy_from_user+0x59/0xd0 [ 279.406588][ T9352] kernel_clone+0xfd/0x960 [ 279.411051][ T9352] ? __pfx_kernel_clone+0x10/0x10 [ 279.416127][ T9352] __do_sys_clone3+0x1f9/0x270 [ 279.420928][ T9352] ? __pfx___do_sys_clone3+0x10/0x10 [ 279.426261][ T9352] ? __pfx_lock_release+0x10/0x10 [ 279.431327][ T9352] ? __pfx_native_tss_update_io_bitmap+0x10/0x10 [ 279.437686][ T9352] ? do_user_addr_fault+0x83d/0x13f0 [ 279.443006][ T9352] do_syscall_64+0xcd/0x250 [ 279.447551][ T9352] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 279.453480][ T9352] RIP: 0033:0x7fbc8fd85d19 [ 279.457920][ T9352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 279.477561][ T9352] RSP: 002b:00007fbc8dbf5f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 279.486013][ T9352] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007fbc8fd85d19 [ 279.494028][ T9352] RDX: 00007fbc8dbf5f20 RSI: 0000000000000058 RDI: 00007fbc8dbf5f20 [ 279.502025][ T9352] RBP: 00007fbc8dbf6090 R08: 0000000000000000 R09: 0000000000000058 [ 279.510021][ T9352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 279.518019][ T9352] R13: 0000000000000000 R14: 00007fbc8ff75fa0 R15: 00007ffee12c4c68 [ 279.526031][ T9352] [ 279.620800][ T9352] Mem-Info: [ 279.627665][ T9352] active_anon:47226 inactive_anon:1 isolated_anon:0 [ 279.627665][ T9352] active_file:13983 inactive_file:43048 isolated_file:0 [ 279.627665][ T9352] unevictable:768 dirty:816 writeback:1 [ 279.627665][ T9352] slab_reclaimable:11417 slab_unreclaimable:96194 [ 279.627665][ T9352] mapped:34830 shmem:37003 pagetables:932 [ 279.627665][ T9352] sec_pagetables:0 bounce:0 [ 279.627665][ T9352] kernel_misc_reclaimable:0 [ 279.627665][ T9352] free:1293431 free_pcp:1979 free_cma:0 [ 279.730836][ T9352] Node 0 active_anon:186704kB inactive_anon:4kB active_file:55932kB inactive_file:172120kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:140520kB dirty:3260kB writeback:4kB shmem:148576kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11568kB pagetables:3628kB sec_pagetables:0kB all_unreclaimable? no [ 279.766163][ T9352] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 279.923110][ T9352] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 280.153633][ T9352] lowmem_reserve[]: 0 2465 2466 0 0 [ 280.163773][ T9352] Node 0 DMA32 free:1247944kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:196396kB inactive_anon:4kB active_file:55932kB inactive_file:171212kB unevictable:1536kB writepending:3196kB present:3129332kB managed:2551332kB mlocked:0kB bounce:0kB free_pcp:2380kB local_pcp:1432kB free_cma:0kB [ 280.194943][ C1] vkms_vblank_simulate: vblank timer overrun [ 280.728057][ T9352] lowmem_reserve[]: 0 0 0 0 0 [ 280.732893][ T9352] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:820kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 280.760061][ T9352] lowmem_reserve[]: 0 0 0 0 0 [ 280.833886][ T9352] Node 1 Normal free:3908052kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 280.973949][ T9352] lowmem_reserve[]: 0 0 0 0 0 [ 280.978821][ T9352] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 281.070282][ T9352] Node 0 DMA32: 3*4kB (UE) 174*8kB (UM) 127*16kB (U) 48*32kB (UE) 608*64kB (UME) 239*128kB (UME) 151*256kB (UME) 57*512kB (UME) 22*1024kB (UM) 11*2048kB (UME) 253*4096kB (UM) = 1223660kB [ 281.193884][ T9352] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 281.264131][ T9352] Node 1 Normal: 235*4kB (UME) 61*8kB (UME) 40*16kB (UME) 212*32kB (UME) 95*64kB (UME) 19*128kB (UME) 12*256kB (UM) 13*512kB (UM) 4*1024kB (UME) 5*2048kB (UE) 944*4096kB (M) = 3908052kB [ 281.357106][ T9352] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 281.394093][ T9352] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 281.484216][ T9352] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 281.554947][ T9352] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 281.594028][ T9352] 102898 total pagecache pages [ 281.609154][ T9352] 1 pages in swap cache [ 281.624066][ T9352] Free swap = 124484kB [ 281.639401][ T9352] Total swap = 124996kB [ 281.659190][ T9352] 2097051 pages RAM [ 281.673419][ T9352] 0 pages HighMem/MovableOnly [ 281.688648][ T9352] 427368 pages reserved [ 281.699336][ T9352] 0 pages cma reserved [ 281.954319][ T9389] netlink: 28 bytes leftover after parsing attributes in process `syz.0.846'. [ 282.026981][ T9392] netlink: 28 bytes leftover after parsing attributes in process `syz.0.846'. [ 282.080296][ T9394] netlink: 4 bytes leftover after parsing attributes in process `syz.0.846'. [ 282.730482][ T9411] netlink: 334 bytes leftover after parsing attributes in process `syz.1.850'. [ 284.859035][ T9451] netlink: 4 bytes leftover after parsing attributes in process `syz.2.858'. [ 285.057212][ T9456] netlink: 28 bytes leftover after parsing attributes in process `syz.2.858'. [ 285.122205][ T9458] cifs: Unknown parameter 'T.ŸÜÛæ¨Å¼c[ŸÐê€$âæµÈ)ü±UóÑnEó-Ê™¾l®öÚ-ºŒ -¾_€™¯Ôåáª5Z äoåé¢mžÐfwYÍhº*/ÿxDlÝ©Š×ígÕkÇAí³ùÏ7ÍØØ9’ôXöa/fê_ÿAR£ˆ™‘ÈxM ‚v¬—pÿ±$^;ôØq‡3±«£n졵-6©+e„k„¾ñÇ<°kœcÔ)n.üeMÍ÷Na¨t®ÐSMÎÆ1,' [ 285.271533][ T9461] kafs: addr_prefs: Invalid Command [ 285.330397][ T9460] netlink: 334 bytes leftover after parsing attributes in process `syz.4.861'. [ 287.177831][ T9495] netlink: 4 bytes leftover after parsing attributes in process `syz.4.874'. [ 287.191229][ T9496] netlink: 334 bytes leftover after parsing attributes in process `syz.2.873'. [ 287.335281][ T9499] netlink: 28 bytes leftover after parsing attributes in process `syz.4.874'. syzkaller syzkaller login: [ 291.490103][ T9570] cifs: Unknown parameter 'T.ŸÜÛæ¨Å¼c[ŸÐê€$âæµÈ)ü±UóÑnEó-Ê™¾l®öÚ-ºŒ -¾_€™¯Ôåáª5Z äoåé¢mžÐfwYÍhº*/ÿxDlÝ©Š×ígÕkÇAí³ùÏ7ÍØØ9’ôXöa/fê_ÿAR£ˆ™‘ÈxM ‚v¬—pÿ±$^;ôØq‡3±«£n졵-6©+e„k„¾ñÇ<°kœcÔ)n.üeMÍ÷Na¨t®ÐSMÎÆ1,' [ 291.737948][ T9570] kafs: addr_prefs: Invalid Command [ 293.796517][ T9613] cifs: Unknown parameter 'T.ŸÜÛæ¨Å¼c[ŸÐê€$âæµÈ)ü±UóÑnEó-Ê™¾l®öÚ-ºŒ -¾_€™¯Ôåáª5Z äoåé¢mžÐfwYÍhº*/ÿxDlÝ©Š×ígÕkÇAí³ùÏ7ÍØØ9’ôXöa/fê_ÿAR£ˆ™‘ÈxM ‚v¬—pÿ±$^;ôØq‡3±«£n졵-6©+e„k„¾ñÇ<°kœcÔ)n.üeMÍ÷Na¨t®ÐSMÎÆ1,' [ 299.160225][ T9695] netlink: 28 bytes leftover after parsing attributes in process `syz.4.928'. [ 299.175699][ T9695] netlink: 28 bytes leftover after parsing attributes in process `syz.4.928'. [ 299.259407][ T9699] netlink: 4 bytes leftover after parsing attributes in process `syz.4.928'. [ 300.384643][ T9708] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 300.451830][ T9708] CIFS mount error: No usable UNC path provided in device string! [ 300.451830][ T9708] [ 300.484312][ T9708] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 304.408768][ T9747] CIFS mount error: No usable UNC path provided in device string! [ 304.408768][ T9747] [ 304.433910][ T9747] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 305.054741][ T9753] netlink: 'syz.1.945': attribute type 2 has an invalid length. [ 306.133529][ T9775] netlink: 28 bytes leftover after parsing attributes in process `syz.4.948'. [ 306.180650][ T9775] netlink: 28 bytes leftover after parsing attributes in process `syz.4.948'. [ 306.248056][ T9777] netlink: 28 bytes leftover after parsing attributes in process `syz.0.950'. [ 306.266909][ T9777] netlink: 28 bytes leftover after parsing attributes in process `syz.0.950'. [ 306.309127][ T9775] netlink: 4 bytes leftover after parsing attributes in process `syz.4.948'. [ 306.347738][ T9780] netlink: 4 bytes leftover after parsing attributes in process `syz.0.950'. [ 307.298027][ T9789] netlink: 28 bytes leftover after parsing attributes in process `syz.0.962'. [ 307.332155][ T9789] netlink: 4 bytes leftover after parsing attributes in process `syz.0.962'. [ 308.959703][ T9826] netlink: 28 bytes leftover after parsing attributes in process `syz.2.963'. [ 309.005529][ T9826] netlink: 28 bytes leftover after parsing attributes in process `syz.2.963'. [ 311.489965][ T9859] __nla_validate_parse: 3 callbacks suppressed [ 311.489989][ T9859] netlink: 4 bytes leftover after parsing attributes in process `syz.0.972'. [ 313.787146][ T9904] netlink: 28 bytes leftover after parsing attributes in process `syz.4.984'. [ 313.837883][ T9902] netlink: 4 bytes leftover after parsing attributes in process `syz.4.984'. [ 314.532104][ T9917] netlink: 4 bytes leftover after parsing attributes in process `syz.2.989'. [ 315.718788][ T9946] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1002'. [ 315.835226][ T9946] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1002'. [ 315.876278][ T9946] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1002'. [ 321.107620][T10041] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1032'. [ 321.375999][T10037] netlink: 'syz.2.1031': attribute type 19 has an invalid length. [ 321.413999][T10037] netlink: 114 bytes leftover after parsing attributes in process `syz.2.1031'. [ 321.572252][T10041] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 321.632490][T10041] bond0 (unregistering): Released all slaves [ 322.466737][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.473290][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.884769][ T5147] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 322.895582][ T5147] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 322.904021][ T5147] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 322.912600][ T5147] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 322.921529][ T5147] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 322.933706][ T5147] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 323.481149][T10058] chnl_net:caif_netlink_parms(): no params data found [ 323.694794][T10058] bridge0: port 1(bridge_slave_0) entered blocking state [ 323.702100][T10058] bridge0: port 1(bridge_slave_0) entered disabled state [ 323.709514][T10058] bridge_slave_0: entered allmulticast mode [ 323.717316][T10058] bridge_slave_0: entered promiscuous mode [ 323.725817][T10058] bridge0: port 2(bridge_slave_1) entered blocking state [ 323.733093][T10058] bridge0: port 2(bridge_slave_1) entered disabled state [ 323.740789][T10058] bridge_slave_1: entered allmulticast mode [ 323.758419][T10058] bridge_slave_1: entered promiscuous mode [ 323.816989][T10058] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 323.839328][T10058] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 323.912726][T10058] team0: Port device team_slave_0 added [ 323.922758][T10058] team0: Port device team_slave_1 added [ 323.965026][T10058] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 323.982309][T10058] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 324.014371][T10058] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 324.033470][T10058] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 324.050849][T10058] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 324.103934][T10058] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 324.181631][T10058] hsr_slave_0: entered promiscuous mode [ 324.195199][T10058] hsr_slave_1: entered promiscuous mode [ 324.211985][T10058] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 324.224040][T10058] Cannot create hsr debugfs directory [ 324.525867][T10058] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 324.559768][T10058] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 324.603656][T10058] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 324.652492][T10058] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 324.998480][T10058] 8021q: adding VLAN 0 to HW filter on device bond0 [ 325.038193][ T5147] Bluetooth: hci2: command tx timeout [ 325.057387][T10058] 8021q: adding VLAN 0 to HW filter on device team0 [ 325.125545][ T8336] bridge0: port 1(bridge_slave_0) entered blocking state [ 325.132733][ T8336] bridge0: port 1(bridge_slave_0) entered forwarding state [ 325.196577][ T8336] bridge0: port 2(bridge_slave_1) entered blocking state [ 325.203741][ T8336] bridge0: port 2(bridge_slave_1) entered forwarding state [ 325.465273][T10058] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 325.865032][T10058] veth0_vlan: entered promiscuous mode [ 325.897652][T10058] veth1_vlan: entered promiscuous mode [ 325.989686][T10058] veth0_macvtap: entered promiscuous mode [ 326.016734][T10058] veth1_macvtap: entered promiscuous mode [ 326.072830][T10058] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 326.106121][T10058] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.136346][T10058] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 326.162894][T10058] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.196201][T10058] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 326.218514][T10058] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.239636][T10058] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 326.269117][T10058] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.296028][T10058] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 326.340684][T10058] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 326.363864][T10058] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.373734][T10058] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 326.414050][T10058] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.430153][T10058] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 326.444700][T10058] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.469663][T10058] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 326.491664][T10058] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.517250][T10058] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 326.537468][T10058] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 326.558975][T10058] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 326.581537][T10058] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 326.632411][T10058] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 326.896594][ T3469] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 326.896852][ T8334] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 326.912447][ T8334] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 326.919964][ T3469] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 327.104212][ T5147] Bluetooth: hci2: command tx timeout [ 327.154644][T10107] netlink: 'syz.0.1045': attribute type 19 has an invalid length. [ 327.162557][T10107] netlink: 114 bytes leftover after parsing attributes in process `syz.0.1045'. [ 328.574477][ T5841] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 328.585150][ T5841] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 328.595298][ T5841] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 328.619617][ T5841] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 328.639335][ T5841] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 328.649744][ T5841] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 329.172539][T10134] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 329.185990][ T5841] Bluetooth: hci2: command tx timeout [ 329.248255][T10131] chnl_net:caif_netlink_parms(): no params data found [ 329.501702][T10131] bridge0: port 1(bridge_slave_0) entered blocking state [ 329.538501][T10131] bridge0: port 1(bridge_slave_0) entered disabled state [ 329.564237][T10131] bridge_slave_0: entered allmulticast mode [ 329.604012][T10131] bridge_slave_0: entered promiscuous mode [ 329.631043][T10131] bridge0: port 2(bridge_slave_1) entered blocking state [ 329.664281][T10131] bridge0: port 2(bridge_slave_1) entered disabled state [ 329.686030][T10131] bridge_slave_1: entered allmulticast mode [ 329.693315][T10131] bridge_slave_1: entered promiscuous mode [ 329.809964][T10131] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 329.840719][T10131] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 329.943659][T10131] team0: Port device team_slave_0 added [ 329.984831][T10131] team0: Port device team_slave_1 added [ 330.199053][T10131] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 330.211043][T10131] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 330.263966][T10131] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 330.347292][T10131] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 330.375783][T10131] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 330.423293][T10131] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 330.585827][T10167] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1057'. [ 330.614499][T10167] veth0_macvtap: left promiscuous mode [ 330.639856][T10167] macvtap0: entered allmulticast mode [ 330.784806][ T5841] Bluetooth: hci0: command tx timeout [ 330.911912][T10131] hsr_slave_0: entered promiscuous mode [ 330.945294][T10131] hsr_slave_1: entered promiscuous mode [ 330.953860][T10131] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 330.963872][T10131] Cannot create hsr debugfs directory [ 331.264271][ T5841] Bluetooth: hci2: command tx timeout [ 331.669810][T10131] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 331.796875][T10131] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 331.889403][T10131] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 332.023516][T10131] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 332.249177][T10188] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1065'. [ 332.341150][T10131] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 332.358179][T10131] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 332.387293][T10131] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 332.433114][T10131] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 332.658624][T10131] 8021q: adding VLAN 0 to HW filter on device bond0 [ 332.712891][T10131] 8021q: adding VLAN 0 to HW filter on device team0 [ 332.746208][ T8334] bridge0: port 1(bridge_slave_0) entered blocking state [ 332.754192][ T8334] bridge0: port 1(bridge_slave_0) entered forwarding state [ 332.799125][ T80] bridge0: port 2(bridge_slave_1) entered blocking state [ 332.806323][ T80] bridge0: port 2(bridge_slave_1) entered forwarding state [ 332.874374][ T5841] Bluetooth: hci0: command tx timeout [ 333.026974][T10131] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 333.432862][T10131] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 333.536435][T10131] veth0_vlan: entered promiscuous mode [ 333.579932][T10131] veth1_vlan: entered promiscuous mode [ 333.619499][T10131] veth0_macvtap: entered promiscuous mode [ 333.630971][T10131] veth1_macvtap: entered promiscuous mode [ 333.649943][T10131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 333.660580][T10131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.670663][T10131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 333.681228][T10131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.691206][T10131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 333.701738][T10131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.711799][T10131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 333.722401][T10131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.732354][T10131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 333.743052][T10131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.756513][T10131] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 333.767088][T10131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 333.777739][T10131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.787648][T10131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 333.798201][T10131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.808109][T10131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 333.818868][T10131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.829064][T10131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 333.839835][T10131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.850271][T10131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 333.861051][T10131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.872166][T10131] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 333.900997][T10131] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.910935][T10131] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.920177][T10131] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.929150][T10131] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 334.256202][ T80] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 334.306799][ T80] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 334.373202][ T8336] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 334.381307][ T8336] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 334.944409][ T5841] Bluetooth: hci0: command tx timeout [ 336.040985][T10243] sg_write: data in/out 2059/170 bytes for SCSI command 0x57-- guessing data in; [ 336.040985][T10243] program syz.4.1077 not setting count and/or reply_len properly [ 336.141791][T10252] program syz.4.1077 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 336.997794][T10264] CIFS mount error: No usable UNC path provided in device string! [ 336.997794][T10264] [ 337.024336][ T5841] Bluetooth: hci0: command tx timeout [ 337.033871][T10264] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 340.425441][T10307] CIFS mount error: No usable UNC path provided in device string! [ 340.425441][T10307] [ 340.524055][T10307] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 340.794577][T10292] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1093'. [ 341.164340][T10292] bond0: (slave bond_slave_0): Releasing backup interface [ 345.741166][ T29] audit: type=1800 audit(4294967332.670:7): pid=10407 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1114" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 346.066643][T10383] sg_write: data in/out 2059/170 bytes for SCSI command 0x57-- guessing data in; [ 346.066643][T10383] program syz.1.1111 not setting count and/or reply_len properly [ 346.145615][T10383] program syz.1.1111 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 346.175315][T10416] FAULT_INJECTION: forcing a failure. [ 346.175315][T10416] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 346.209875][T10416] CPU: 1 UID: 0 PID: 10416 Comm: syz.0.1115 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 346.220726][T10416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 346.230828][T10416] Call Trace: [ 346.234147][T10416] [ 346.237116][T10416] dump_stack_lvl+0x16c/0x1f0 [ 346.241856][T10416] should_fail_ex+0x497/0x5b0 [ 346.246617][T10416] _copy_from_user+0x2e/0xd0 [ 346.251274][T10416] memdup_user+0x71/0xd0 [ 346.255578][T10416] strndup_user+0x78/0xe0 [ 346.259967][T10416] __x64_sys_mount+0x138/0x320 [ 346.264802][T10416] ? __pfx___x64_sys_mount+0x10/0x10 [ 346.270162][T10416] do_syscall_64+0xcd/0x250 [ 346.274728][T10416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.280686][T10416] RIP: 0033:0x7f5017985d19 [ 346.285152][T10416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 346.304816][T10416] RSP: 002b:00007f5018849038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 346.313285][T10416] RAX: ffffffffffffffda RBX: 00007f5017b75fa0 RCX: 00007f5017985d19 [ 346.321297][T10416] RDX: 0000000020001540 RSI: 0000000020001500 RDI: 0000000000000000 [ 346.329312][T10416] RBP: 00007f5018849090 R08: 00000000200001c0 R09: 0000000000000000 [ 346.337333][T10416] R10: 0000000000008002 R11: 0000000000000246 R12: 0000000000000001 [ 346.345348][T10416] R13: 0000000000000000 R14: 00007f5017b75fa0 R15: 00007ffe0de1fdf8 [ 346.353394][T10416] [ 346.356469][ C1] vkms_vblank_simulate: vblank timer overrun [ 349.587929][T10454] CIFS mount error: No usable UNC path provided in device string! [ 349.587929][T10454] [ 349.643925][T10454] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 349.886902][T10458] FAULT_INJECTION: forcing a failure. [ 349.886902][T10458] name failslab, interval 1, probability 0, space 0, times 0 [ 349.903966][T10458] CPU: 1 UID: 0 PID: 10458 Comm: syz.1.1127 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 349.914800][T10458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 349.924915][T10458] Call Trace: [ 349.928233][T10458] [ 349.931209][T10458] dump_stack_lvl+0x16c/0x1f0 [ 349.935951][T10458] should_fail_ex+0x497/0x5b0 [ 349.940692][T10458] ? fs_reclaim_acquire+0xae/0x150 [ 349.945868][T10458] should_failslab+0xc2/0x120 [ 349.950613][T10458] __kmalloc_cache_noprof+0x68/0x420 [ 349.956053][T10458] ? _copy_from_user+0x59/0xd0 [ 349.960897][T10458] copy_mount_options+0x55/0x190 [ 349.965915][T10458] __x64_sys_mount+0x1ad/0x320 [ 349.970745][T10458] ? __pfx___x64_sys_mount+0x10/0x10 [ 349.976114][T10458] do_syscall_64+0xcd/0x250 [ 349.980686][T10458] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.986659][T10458] RIP: 0033:0x7fbc8fd85d19 [ 349.991133][T10458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 350.010881][T10458] RSP: 002b:00007fbc8dbf6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 350.019354][T10458] RAX: ffffffffffffffda RBX: 00007fbc8ff75fa0 RCX: 00007fbc8fd85d19 [ 350.027380][T10458] RDX: 0000000020001540 RSI: 0000000020001500 RDI: 0000000000000000 [ 350.035396][T10458] RBP: 00007fbc8dbf6090 R08: 00000000200001c0 R09: 0000000000000000 [ 350.043418][T10458] R10: 0000000000008002 R11: 0000000000000246 R12: 0000000000000001 [ 350.051438][T10458] R13: 0000000000000000 R14: 00007fbc8ff75fa0 R15: 00007ffee12c4c68 [ 350.059476][T10458] [ 350.062555][ C1] vkms_vblank_simulate: vblank timer overrun [ 350.451339][ T29] audit: type=1807 audit(4294967337.340:8): UNKNOWN=òÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿ [ 350.471742][ T29] audit: type=1802 audit(4294967337.400:9): pid=10468 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.1.1130" res=0 errno=0 [ 350.562986][ C1] vkms_vblank_simulate: vblank timer overrun [ 351.217862][T10465] ima: policy update failed [ 351.256295][ T29] audit: type=1802 audit(4294967338.190:10): pid=10465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1130" res=0 errno=0 [ 352.583167][T10483] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 352.934952][T10488] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1134'. [ 353.844311][T10496] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1136'. [ 366.665459][ T5147] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 366.683484][ T5147] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 366.692116][ T5147] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 366.703987][ T5147] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 366.720318][ T5147] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 366.729210][ T5147] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 367.734424][T10539] FAULT_INJECTION: forcing a failure. [ 367.734424][T10539] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 367.821209][T10521] chnl_net:caif_netlink_parms(): no params data found [ 367.874680][T10539] CPU: 1 UID: 0 PID: 10539 Comm: syz.5.1147 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 367.885538][T10539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 367.895817][T10539] Call Trace: [ 367.899147][T10539] [ 367.902118][T10539] dump_stack_lvl+0x16c/0x1f0 [ 367.906857][T10539] should_fail_ex+0x497/0x5b0 [ 367.911598][T10539] strncpy_from_user+0x3b/0x2d0 [ 367.916775][T10539] getname_flags.part.0+0x8f/0x550 [ 367.921984][T10539] getname_flags+0x93/0xf0 [ 367.926456][T10539] user_path_at+0x24/0x60 [ 367.930842][T10539] __x64_sys_mount+0x1fc/0x320 [ 367.935677][T10539] ? __pfx___x64_sys_mount+0x10/0x10 [ 367.941127][T10539] do_syscall_64+0xcd/0x250 [ 367.945692][T10539] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 367.951644][T10539] RIP: 0033:0x7f4f7dd85d19 [ 367.956103][T10539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 367.975765][T10539] RSP: 002b:00007f4f7eb93038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 367.984251][T10539] RAX: ffffffffffffffda RBX: 00007f4f7df75fa0 RCX: 00007f4f7dd85d19 [ 367.992276][T10539] RDX: 0000000020001540 RSI: 0000000020001500 RDI: 0000000000000000 [ 368.000313][T10539] RBP: 00007f4f7eb93090 R08: 00000000200001c0 R09: 0000000000000000 [ 368.008324][T10539] R10: 0000000000008002 R11: 0000000000000246 R12: 0000000000000001 [ 368.016340][T10539] R13: 0000000000000000 R14: 00007f4f7df75fa0 R15: 00007ffd41c24058 [ 368.024380][T10539] [ 368.238053][T10548] binder: 10545:10548 ioctl 8933 20003f40 returned -22 [ 368.548270][T10521] bridge0: port 1(bridge_slave_0) entered blocking state [ 368.556211][T10521] bridge0: port 1(bridge_slave_0) entered disabled state [ 368.563735][T10521] bridge_slave_0: entered allmulticast mode [ 368.571144][T10521] bridge_slave_0: entered promiscuous mode [ 368.603348][T10521] bridge0: port 2(bridge_slave_1) entered blocking state [ 368.611120][T10521] bridge0: port 2(bridge_slave_1) entered disabled state [ 368.624134][T10521] bridge_slave_1: entered allmulticast mode [ 368.631403][T10521] bridge_slave_1: entered promiscuous mode [ 369.746718][ T5147] Bluetooth: hci3: command tx timeout [ 370.081970][T10521] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 370.130202][T10521] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 370.351977][T10521] team0: Port device team_slave_0 added [ 370.361070][T10521] team0: Port device team_slave_1 added [ 370.403930][T10573] FAULT_INJECTION: forcing a failure. [ 370.403930][T10573] name failslab, interval 1, probability 0, space 0, times 0 [ 370.417110][T10573] CPU: 0 UID: 0 PID: 10573 Comm: syz.5.1157 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 370.427951][T10573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 370.438054][T10573] Call Trace: [ 370.441369][T10573] [ 370.444343][T10573] dump_stack_lvl+0x16c/0x1f0 [ 370.449079][T10573] should_fail_ex+0x497/0x5b0 [ 370.453822][T10573] ? fs_reclaim_acquire+0xae/0x150 [ 370.459002][T10573] should_failslab+0xc2/0x120 [ 370.463750][T10573] __kmalloc_noprof+0xce/0x4f0 [ 370.468567][T10573] ? is_bpf_text_address+0x8a/0x1a0 [ 370.473822][T10573] ? tomoyo_encode2+0x100/0x3e0 [ 370.478904][T10573] tomoyo_encode2+0x100/0x3e0 [ 370.483708][T10573] ? bpf_ksym_find+0x124/0x1c0 [ 370.488509][T10573] tomoyo_encode+0x2c/0x40 [ 370.492962][T10573] tomoyo_mount_acl+0x145/0x880 [ 370.497851][T10573] ? hlock_class+0x4e/0x130 [ 370.502391][T10573] ? __lock_acquire+0x15a9/0x3c40 [ 370.507498][T10573] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 370.512910][T10573] ? __pfx___lock_acquire+0x10/0x10 [ 370.518180][T10573] ? stack_trace_save+0x95/0xd0 [ 370.523074][T10573] ? __pfx_lock_release+0x10/0x10 [ 370.528142][T10573] ? trace_lock_acquire+0x14e/0x1f0 [ 370.533377][T10573] ? tomoyo_mount_permission+0x149/0x420 [ 370.539094][T10573] ? lock_acquire+0x2f/0xb0 [ 370.543643][T10573] ? tomoyo_mount_permission+0x149/0x420 [ 370.549418][T10573] tomoyo_mount_permission+0x16e/0x420 [ 370.554917][T10573] ? tomoyo_mount_permission+0x149/0x420 [ 370.560600][T10573] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 370.566630][T10573] ? get_current_fs_domain+0x184/0x1f0 [ 370.572137][T10573] security_sb_mount+0x9b/0x260 [ 370.577051][T10573] path_mount+0x129/0x1f10 [ 370.581510][T10573] ? kmem_cache_free+0x152/0x4c0 [ 370.586488][T10573] ? __pfx_path_mount+0x10/0x10 [ 370.591382][T10573] ? putname+0x13c/0x180 [ 370.595706][T10573] __x64_sys_mount+0x294/0x320 [ 370.600539][T10573] ? __pfx___x64_sys_mount+0x10/0x10 [ 370.605902][T10573] do_syscall_64+0xcd/0x250 [ 370.610460][T10573] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 370.616398][T10573] RIP: 0033:0x7f4f7dd85d19 [ 370.620847][T10573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 370.640521][T10573] RSP: 002b:00007f4f7eb93038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 370.648975][T10573] RAX: ffffffffffffffda RBX: 00007f4f7df75fa0 RCX: 00007f4f7dd85d19 [ 370.656977][T10573] RDX: 0000000020001540 RSI: 0000000020001500 RDI: 0000000000000000 [ 370.664975][T10573] RBP: 00007f4f7eb93090 R08: 00000000200001c0 R09: 0000000000000000 [ 370.672975][T10573] R10: 0000000000008002 R11: 0000000000000246 R12: 0000000000000001 [ 370.680975][T10573] R13: 0000000000000000 R14: 00007f4f7df75fa0 R15: 00007ffd41c24058 [ 370.688996][T10573] [ 370.915188][T10577] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1160'. [ 370.956585][T10521] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 370.982216][T10521] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 371.050379][T10521] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 371.103669][T10521] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 371.131698][T10521] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 371.222752][T10521] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 371.428388][T10521] hsr_slave_0: entered promiscuous mode [ 371.474560][T10521] hsr_slave_1: entered promiscuous mode [ 371.495409][T10521] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 371.546119][T10521] Cannot create hsr debugfs directory [ 371.824064][ T5147] Bluetooth: hci3: command tx timeout [ 371.994514][T10521] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 372.017289][T10521] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 372.079581][T10521] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 372.117253][T10521] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 372.317522][T10521] 8021q: adding VLAN 0 to HW filter on device bond0 [ 372.407216][T10521] 8021q: adding VLAN 0 to HW filter on device team0 [ 372.475944][ T8334] bridge0: port 1(bridge_slave_0) entered blocking state [ 372.483191][ T8334] bridge0: port 1(bridge_slave_0) entered forwarding state [ 372.525269][ T8334] bridge0: port 2(bridge_slave_1) entered blocking state [ 372.532451][ T8334] bridge0: port 2(bridge_slave_1) entered forwarding state [ 372.857417][T10603] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1168'. [ 372.891659][T10606] FAULT_INJECTION: forcing a failure. [ 372.891659][T10606] name failslab, interval 1, probability 0, space 0, times 0 [ 372.934579][T10606] CPU: 0 UID: 0 PID: 10606 Comm: syz.4.1169 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 372.945449][T10606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 372.955647][T10606] Call Trace: [ 372.958981][T10606] [ 372.961969][T10606] dump_stack_lvl+0x16c/0x1f0 [ 372.966720][T10606] should_fail_ex+0x497/0x5b0 [ 372.971485][T10606] ? fs_reclaim_acquire+0xae/0x150 [ 372.976671][T10606] should_failslab+0xc2/0x120 [ 372.981426][T10606] __kmalloc_noprof+0xce/0x4f0 [ 372.986277][T10606] ? __kmalloc_noprof+0x23b/0x4f0 [ 372.991376][T10606] ? is_bpf_text_address+0x8a/0x1a0 [ 372.996672][T10606] ? tomoyo_realpath_from_path+0xbf/0x710 [ 373.002475][T10606] tomoyo_realpath_from_path+0xbf/0x710 [ 373.008090][T10606] ? tomoyo_fill_path_info+0x233/0x420 [ 373.013639][T10606] tomoyo_mount_acl+0x1af/0x880 [ 373.018555][T10606] ? hlock_class+0x4e/0x130 [ 373.023117][T10606] ? __lock_acquire+0x15a9/0x3c40 [ 373.028228][T10606] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 373.033661][T10606] ? __pfx___lock_acquire+0x10/0x10 [ 373.038957][T10606] ? stack_trace_save+0x95/0xd0 [ 373.043889][T10606] ? __pfx_lock_release+0x10/0x10 [ 373.049077][T10606] ? trace_lock_acquire+0x14e/0x1f0 [ 373.054347][T10606] ? tomoyo_mount_permission+0x149/0x420 [ 373.060040][T10606] ? lock_acquire+0x2f/0xb0 [ 373.064596][T10606] ? tomoyo_mount_permission+0x149/0x420 [ 373.070290][T10606] tomoyo_mount_permission+0x16e/0x420 [ 373.075807][T10606] ? tomoyo_mount_permission+0x149/0x420 [ 373.081507][T10606] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 373.087553][T10606] ? get_current_fs_domain+0x184/0x1f0 [ 373.093061][T10606] security_sb_mount+0x9b/0x260 [ 373.097965][T10606] path_mount+0x129/0x1f10 [ 373.102427][T10606] ? kmem_cache_free+0x152/0x4c0 [ 373.107411][T10606] ? __pfx_path_mount+0x10/0x10 [ 373.112309][T10606] ? putname+0x13c/0x180 [ 373.116602][T10606] __x64_sys_mount+0x294/0x320 [ 373.121424][T10606] ? __pfx___x64_sys_mount+0x10/0x10 [ 373.126764][T10606] do_syscall_64+0xcd/0x250 [ 373.131320][T10606] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 373.137252][T10606] RIP: 0033:0x7f61c5f85d19 [ 373.141697][T10606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 373.161336][T10606] RSP: 002b:00007f61c6e7c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 373.169796][T10606] RAX: ffffffffffffffda RBX: 00007f61c6175fa0 RCX: 00007f61c5f85d19 [ 373.177795][T10606] RDX: 0000000020001540 RSI: 0000000020001500 RDI: 0000000000000000 [ 373.185814][T10606] RBP: 00007f61c6e7c090 R08: 00000000200001c0 R09: 0000000000000000 [ 373.193906][T10606] R10: 0000000000008002 R11: 0000000000000246 R12: 0000000000000001 [ 373.201903][T10606] R13: 0000000000000000 R14: 00007f61c6175fa0 R15: 00007ffe7fe29828 [ 373.209923][T10606] [ 373.234264][T10606] ERROR: Out of memory at tomoyo_realpath_from_path. [ 373.265090][T10609] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1170'. [ 373.301704][T10521] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 373.905719][ T5147] Bluetooth: hci3: command tx timeout [ 373.935387][T10521] veth0_vlan: entered promiscuous mode [ 373.966655][T10521] veth1_vlan: entered promiscuous mode [ 373.998113][T10521] veth0_macvtap: entered promiscuous mode [ 374.058577][T10521] veth1_macvtap: entered promiscuous mode [ 374.097272][T10521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 374.123988][T10521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 374.154709][T10521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 374.188429][T10521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 374.219103][T10521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 374.250256][T10521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 374.284486][T10521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 374.325623][T10521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 374.353684][T10521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 374.367450][T10521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 374.377394][T10521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 374.413910][T10521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 374.433766][T10521] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 374.462968][T10521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 374.494439][T10521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 374.523857][T10521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 374.555059][T10521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 374.583666][T10521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 374.615985][T10521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 374.627625][T10521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 374.638652][T10521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 374.649582][T10521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 374.660678][T10521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 374.681662][T10521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 374.733861][T10521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 374.755396][T10521] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 374.783547][T10521] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 374.823955][T10521] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 374.848670][T10521] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 374.870059][T10521] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 375.099157][ T3569] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 375.138412][ T3569] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 375.213330][ T8334] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 375.231960][ T8334] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 375.984112][ T5147] Bluetooth: hci3: command tx timeout [ 376.338815][T10656] FAULT_INJECTION: forcing a failure. [ 376.338815][T10656] name failslab, interval 1, probability 0, space 0, times 0 [ 376.373190][T10656] CPU: 0 UID: 0 PID: 10656 Comm: syz.5.1178 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 376.384048][T10656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 376.394165][T10656] Call Trace: [ 376.397486][T10656] [ 376.400471][T10656] dump_stack_lvl+0x16c/0x1f0 [ 376.405215][T10656] should_fail_ex+0x497/0x5b0 [ 376.409954][T10656] ? fs_reclaim_acquire+0xae/0x150 [ 376.415127][T10656] should_failslab+0xc2/0x120 [ 376.419897][T10656] __kmalloc_noprof+0xce/0x4f0 [ 376.424721][T10656] ? __kmalloc_noprof+0x23b/0x4f0 [ 376.429804][T10656] ? is_bpf_text_address+0x8a/0x1a0 [ 376.435080][T10656] ? tomoyo_realpath_from_path+0xbf/0x710 [ 376.440870][T10656] tomoyo_realpath_from_path+0xbf/0x710 [ 376.446478][T10656] ? tomoyo_fill_path_info+0x233/0x420 [ 376.452016][T10656] tomoyo_mount_acl+0x1af/0x880 [ 376.456925][T10656] ? hlock_class+0x4e/0x130 [ 376.461493][T10656] ? __lock_acquire+0x15a9/0x3c40 [ 376.466598][T10656] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 376.472027][T10656] ? __pfx___lock_acquire+0x10/0x10 [ 376.477313][T10656] ? stack_trace_save+0x95/0xd0 [ 376.482237][T10656] ? __pfx_lock_release+0x10/0x10 [ 376.487341][T10656] ? trace_lock_acquire+0x14e/0x1f0 [ 376.492617][T10656] ? tomoyo_mount_permission+0x149/0x420 [ 376.498312][T10656] ? lock_acquire+0x2f/0xb0 [ 376.502958][T10656] ? tomoyo_mount_permission+0x149/0x420 [ 376.508838][T10656] tomoyo_mount_permission+0x16e/0x420 [ 376.514363][T10656] ? tomoyo_mount_permission+0x149/0x420 [ 376.520055][T10656] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 376.526115][T10656] ? get_current_fs_domain+0x184/0x1f0 [ 376.531661][T10656] security_sb_mount+0x9b/0x260 [ 376.536709][T10656] path_mount+0x129/0x1f10 [ 376.541197][T10656] ? kmem_cache_free+0x152/0x4c0 [ 376.546205][T10656] ? __pfx_path_mount+0x10/0x10 [ 376.551141][T10656] ? putname+0x13c/0x180 [ 376.555468][T10656] __x64_sys_mount+0x294/0x320 [ 376.560309][T10656] ? __pfx___x64_sys_mount+0x10/0x10 [ 376.565684][T10656] do_syscall_64+0xcd/0x250 [ 376.570262][T10656] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.576223][T10656] RIP: 0033:0x7f4f7dd85d19 [ 376.580693][T10656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 376.600363][T10656] RSP: 002b:00007f4f7eb93038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 376.608839][T10656] RAX: ffffffffffffffda RBX: 00007f4f7df75fa0 RCX: 00007f4f7dd85d19 [ 376.616863][T10656] RDX: 0000000020001540 RSI: 0000000020001500 RDI: 0000000000000000 [ 376.624895][T10656] RBP: 00007f4f7eb93090 R08: 00000000200001c0 R09: 0000000000000000 [ 376.632926][T10656] R10: 0000000000008002 R11: 0000000000000246 R12: 0000000000000001 [ 376.640953][T10656] R13: 0000000000000000 R14: 00007f4f7df75fa0 R15: 00007ffd41c24058 [ 376.648998][T10656] [ 376.698045][T10656] ERROR: Out of memory at tomoyo_realpath_from_path. [ 376.708474][T10658] CIFS mount error: No usable UNC path provided in device string! [ 376.708474][T10658] [ 376.739100][T10658] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 380.017322][T10705] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1194'. [ 383.244356][T10740] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1204'. [ 383.906975][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.915303][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 385.424636][T10779] CIFS mount error: No usable UNC path provided in device string! [ 385.424636][T10779] [ 385.437041][T10779] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 385.844693][T10786] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1217'. [ 387.250548][T10811] CIFS mount error: No usable UNC path provided in device string! [ 387.250548][T10811] [ 387.312551][T10811] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 389.504252][T10853] CIFS mount error: No usable UNC path provided in device string! [ 389.504252][T10853] [ 389.572632][T10853] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 390.690010][T10885] CIFS mount error: No usable UNC path provided in device string! [ 390.690010][T10885] [ 390.715800][T10885] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 390.895862][T10892] FAULT_INJECTION: forcing a failure. [ 390.895862][T10892] name failslab, interval 1, probability 0, space 0, times 0 [ 390.929072][T10892] CPU: 1 UID: 0 PID: 10892 Comm: syz.5.1250 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 390.940037][T10892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 390.950165][T10892] Call Trace: [ 390.953527][T10892] [ 390.956507][T10892] dump_stack_lvl+0x16c/0x1f0 [ 390.961257][T10892] should_fail_ex+0x497/0x5b0 [ 390.966007][T10892] ? fs_reclaim_acquire+0xae/0x150 [ 390.971182][T10892] should_failslab+0xc2/0x120 [ 390.975939][T10892] __kmalloc_cache_noprof+0x68/0x420 [ 390.981290][T10892] ? lockdep_init_map_type+0x16d/0x7d0 [ 390.986819][T10892] ? __pfx_smb3_init_fs_context+0x10/0x10 [ 390.992608][T10892] smb3_init_fs_context+0xad/0xa10 [ 390.997788][T10892] ? __pfx_smb3_init_fs_context+0x10/0x10 [ 391.003577][T10892] alloc_fs_context+0x54a/0x9c0 [ 391.008498][T10892] path_mount+0xbfb/0x1f10 [ 391.012978][T10892] ? kmem_cache_free+0x152/0x4c0 [ 391.017978][T10892] ? __pfx_path_mount+0x10/0x10 [ 391.022917][T10892] ? putname+0x13c/0x180 [ 391.027250][T10892] __x64_sys_mount+0x294/0x320 [ 391.032084][T10892] ? __pfx___x64_sys_mount+0x10/0x10 [ 391.037539][T10892] do_syscall_64+0xcd/0x250 [ 391.042106][T10892] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 391.048045][T10892] RIP: 0033:0x7f4f7dd85d19 [ 391.052487][T10892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 391.072134][T10892] RSP: 002b:00007f4f7eb93038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 391.080587][T10892] RAX: ffffffffffffffda RBX: 00007f4f7df75fa0 RCX: 00007f4f7dd85d19 [ 391.088591][T10892] RDX: 0000000020001540 RSI: 0000000020001500 RDI: 0000000000000000 [ 391.096591][T10892] RBP: 00007f4f7eb93090 R08: 00000000200001c0 R09: 0000000000000000 [ 391.104588][T10892] R10: 0000000000008002 R11: 0000000000000246 R12: 0000000000000002 [ 391.112583][T10892] R13: 0000000000000000 R14: 00007f4f7df75fa0 R15: 00007ffd41c24058 [ 391.120685][T10892] [ 394.122962][T10945] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1263'. [ 394.926475][T10966] netlink: 338 bytes leftover after parsing attributes in process `syz.6.1268'. [ 398.474969][T11013] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1280'. [ 398.619721][T11016] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1281'. [ 398.649330][ T29] audit: type=1800 audit(4294967385.580:11): pid=11016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1281" name="dbroot" dev="configfs" ino=30117 res=0 errno=0 [ 399.174481][T11027] CIFS mount error: No usable UNC path provided in device string! [ 399.174481][T11027] [ 399.186554][T11027] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 400.540760][T11044] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1290'. [ 401.782458][T11063] CIFS mount error: No usable UNC path provided in device string! [ 401.782458][T11063] [ 401.814995][T11063] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 402.088013][T11072] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1297'. [ 403.874303][T11113] CIFS mount error: No usable UNC path provided in device string! [ 403.874303][T11113] [ 403.907257][T11113] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 404.490762][T11126] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1313'. [ 406.051889][T11155] CIFS mount error: No usable UNC path provided in device string! [ 406.051889][T11155] [ 406.093104][T11155] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 407.100761][T11173] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1327'. [ 408.357158][T11197] CIFS mount error: No usable UNC path provided in device string! [ 408.357158][T11197] [ 408.405157][T11197] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 408.866009][T11211] Process accounting resumed [ 409.200067][T11210] Process accounting resumed [ 409.705073][T11223] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1342'. [ 410.518104][T11233] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1344'. [ 410.571561][ T29] audit: type=1800 audit(4294967397.500:12): pid=11233 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1344" name="dbroot" dev="configfs" ino=30410 res=0 errno=0 [ 411.281585][T11252] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1350'. [ 412.360271][T11271] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1355'. [ 412.500259][T11269] FAULT_INJECTION: forcing a failure. [ 412.500259][T11269] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 412.603921][T11269] CPU: 0 UID: 0 PID: 11269 Comm: syz.0.1354 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 412.614789][T11269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 412.624898][T11269] Call Trace: [ 412.628221][T11269] [ 412.631203][T11269] dump_stack_lvl+0x16c/0x1f0 [ 412.635937][T11269] should_fail_ex+0x497/0x5b0 [ 412.640852][T11269] _copy_from_iter+0x29b/0x1400 [ 412.645778][T11269] ? trace_lock_acquire+0x14e/0x1f0 [ 412.651044][T11269] ? __pfx__copy_from_iter+0x10/0x10 [ 412.656468][T11269] ? __virt_addr_valid+0x1a4/0x590 [ 412.661633][T11269] ? __virt_addr_valid+0x5e/0x590 [ 412.666700][T11269] ? __phys_addr+0xc6/0x150 [ 412.671258][T11269] ? __phys_addr_symbol+0x30/0x80 [ 412.676328][T11269] ? __check_object_size+0x488/0x710 [ 412.681662][T11269] proc_sys_call_handler+0x361/0x5d0 [ 412.687164][T11269] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 412.693023][T11269] vfs_write+0x5ae/0x1150 [ 412.697392][T11269] ? __pfx_proc_sys_write+0x10/0x10 [ 412.702644][T11269] ? __pfx___mutex_lock+0x10/0x10 [ 412.707708][T11269] ? __pfx_vfs_write+0x10/0x10 [ 412.712524][T11269] ksys_write+0x12b/0x250 [ 412.716887][T11269] ? __pfx_ksys_write+0x10/0x10 [ 412.721778][T11269] do_syscall_64+0xcd/0x250 [ 412.726319][T11269] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 412.732249][T11269] RIP: 0033:0x7f5017985d19 [ 412.736692][T11269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 412.756333][T11269] RSP: 002b:00007f5018849038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 412.764780][T11269] RAX: ffffffffffffffda RBX: 00007f5017b75fa0 RCX: 00007f5017985d19 [ 412.772776][T11269] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 412.780794][T11269] RBP: 00007f5018849090 R08: 0000000000000000 R09: 0000000000000000 [ 412.788803][T11269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 412.796808][T11269] R13: 0000000000000000 R14: 00007f5017b75fa0 R15: 00007ffe0de1fdf8 [ 412.804845][T11269] [ 413.927285][T11299] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1363'. [ 414.324368][T11303] CIFS mount error: No usable UNC path provided in device string! [ 414.324368][T11303] [ 414.363554][T11303] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 414.882980][T11304] Process accounting resumed [ 417.287857][T11344] CIFS mount error: No usable UNC path provided in device string! [ 417.287857][T11344] [ 417.324041][T11344] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 419.774152][T11380] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1382'. [ 421.276518][T11364] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1379'. [ 423.135481][T11413] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1391'. [ 423.334403][ T29] audit: type=1800 audit(4294967410.260:13): pid=11413 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1391" name="dbroot" dev="configfs" ino=31230 res=0 errno=0 [ 428.545352][T11452] cgroup: fork rejected by pids controller in /syz4 [ 429.770519][T11601] Process accounting resumed [ 430.256412][T11611] Process accounting resumed [ 435.005830][T11666] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 436.896660][T11716] Process accounting resumed [ 438.261328][T11754] zram0: detected capacity change from 0 to 8 [ 438.426242][T11754] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1452'. [ 438.436978][T11754] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1452'. [ 438.468242][T11764] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1446'. [ 439.404954][T11786] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 442.530420][T11829] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1466'. [ 442.582374][T11833] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1466'. [ 442.617309][ T3469] [drm:drm_crtc_add_crc_entry] *ERROR* Overflow of CRC buffer, userspace reads too slow. [ 445.260946][T11865] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1474'. [ 445.346646][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.367672][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 447.427644][ T5147] Bluetooth: hci2: command 0x0406 tx timeout [ 452.543958][ T5147] Bluetooth: hci0: command 0x0406 tx timeout [ 452.713473][T11971] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 456.599381][T12019] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1503'. [ 461.754879][T12047] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 464.317654][T12067] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1513'. [ 466.630980][T12111] openvswitch: netlink: nsh attribute has unmatched MD type 0. [ 467.003453][T12114] openvswitch: netlink: nsh attribute has unmatched MD type 0. [ 467.984916][T12144] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1525'. [ 468.165284][T12146] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 468.955687][T12159] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 469.004909][T12159] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 471.963380][T12232] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1553'. [ 472.805059][T12246] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1557'. [ 474.199187][ T5841] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 474.389543][T12267] netlink: 504 bytes leftover after parsing attributes in process `syz.4.1561'. [ 474.400630][T12276] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 475.197472][T12291] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 475.536794][T12299] openvswitch: netlink: nsh attr 1 has unexpected len 14 expected 8 [ 476.651221][T12323] Process accounting resumed [ 476.657431][T12319] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1579'. [ 479.635183][T12377] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 480.214675][T12386] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1596'. [ 480.285930][T12386] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1596'. [ 480.706624][T12395] FAULT_INJECTION: forcing a failure. [ 480.706624][T12395] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 480.744022][T12395] CPU: 1 UID: 0 PID: 12395 Comm: syz.5.1599 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 480.754866][T12395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 480.764954][T12395] Call Trace: [ 480.768262][T12395] [ 480.771245][T12395] dump_stack_lvl+0x16c/0x1f0 [ 480.775985][T12395] should_fail_ex+0x497/0x5b0 [ 480.780729][T12395] _copy_to_user+0x32/0xd0 [ 480.785217][T12395] simple_read_from_buffer+0xd0/0x160 [ 480.790659][T12395] proc_fail_nth_read+0x198/0x270 [ 480.795751][T12395] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 480.801369][T12395] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 480.806979][T12395] vfs_read+0x1df/0xbe0 [ 480.811199][T12395] ? __fget_files+0x1fc/0x3a0 [ 480.815933][T12395] ? __pfx___mutex_lock+0x10/0x10 [ 480.821013][T12395] ? __pfx_vfs_read+0x10/0x10 [ 480.825755][T12395] ? __fget_files+0x206/0x3a0 [ 480.830564][T12395] ksys_read+0x12b/0x250 [ 480.834840][T12395] ? __pfx_ksys_read+0x10/0x10 [ 480.839664][T12395] do_syscall_64+0xcd/0x250 [ 480.844206][T12395] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 480.850138][T12395] RIP: 0033:0x7f4f7dd8472c [ 480.854583][T12395] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 480.874228][T12395] RSP: 002b:00007f4f7eb93030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 480.882664][T12395] RAX: ffffffffffffffda RBX: 00007f4f7df75fa0 RCX: 00007f4f7dd8472c [ 480.890653][T12395] RDX: 000000000000000f RSI: 00007f4f7eb930a0 RDI: 0000000000000004 [ 480.898642][T12395] RBP: 00007f4f7eb93090 R08: 0000000000000000 R09: 0000000000000000 [ 480.906627][T12395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 480.914615][T12395] R13: 0000000000000000 R14: 00007f4f7df75fa0 R15: 00007ffd41c24058 [ 480.922640][T12395] [ 481.002798][T12390] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 483.124918][T12427] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 486.495565][T12473] Process accounting resumed [ 487.652975][T12490] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 491.732921][T12567] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1647'. [ 491.744708][T12562] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 492.032121][T12567] bond0: (slave bond_slave_0): Releasing backup interface [ 493.507541][ T5841] Bluetooth: hci3: command 0x0406 tx timeout [ 493.623068][T12600] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 493.632593][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 493.642172][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 493.651589][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 493.661679][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 493.680680][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 493.713938][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 493.732845][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 493.751164][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 493.768909][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 493.806752][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 493.832970][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 493.861281][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 493.896877][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 493.937614][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 493.975371][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 494.005781][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 494.044442][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 494.264357][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 494.274072][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 494.282476][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 494.308814][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 494.328211][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 494.344388][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 494.352683][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 494.361048][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 494.384857][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 494.393217][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 494.402001][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 494.421595][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 494.434522][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 494.442833][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 494.451358][T12601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 494.810340][ T29] audit: type=1107 audit(4295164101.731:14): pid=12606 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='À' [ 495.227281][T12611] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1657'. [ 495.760079][T12627] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 498.244453][ T29] audit: type=1326 audit(4295164105.171:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12679 comm="syz.5.1675" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4f7dd85d19 code=0x0 [ 498.321771][T12682] netlink: 2 bytes leftover after parsing attributes in process `syz.5.1675'. [ 501.554260][ T29] audit: type=1326 audit(4295164108.491:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12732 comm="syz.4.1691" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f61c5f85d19 code=0x0 [ 501.635262][T12736] netlink: 74 bytes leftover after parsing attributes in process `syz.4.1691'. [ 506.787044][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.794849][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 511.536208][T12853] netlink: 342 bytes leftover after parsing attributes in process `syz.6.1722'. [ 514.158674][ T29] audit: type=1800 audit(4295164121.091:17): pid=12902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1734" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 514.465908][T12917] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 514.586365][T12917] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 514.592419][T12917] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 514.766203][T12917] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 514.792204][T12917] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 514.891080][T12917] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 514.917993][T12917] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 514.962642][ C1] sd 0:0:1:0: [sda] tag#5804 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 514.973177][ C1] sd 0:0:1:0: [sda] tag#5804 CDB: Read(6) 08 00 00 00 10 00 00 00 00 00 00 00 [ 515.765901][T12919] kexec: Could not allocate control_code_buffer [ 515.945092][T12946] mtrr: base(0x65000) is not aligned on a size(0x0000) boundary [ 516.547307][ T5147] Bluetooth: hci4: command 0x0406 tx timeout [ 516.623924][ T5147] Bluetooth: hci2: command 0x0406 tx timeout [ 516.784013][ T5147] Bluetooth: hci0: command 0x0406 tx timeout [ 516.943886][ T5147] Bluetooth: hci3: command 0x0406 tx timeout [ 518.705218][ T5147] Bluetooth: hci2: command 0x0406 tx timeout [ 518.864336][ T5147] Bluetooth: hci0: command 0x0406 tx timeout [ 519.024020][ T5147] Bluetooth: hci3: command 0x0406 tx timeout [ 519.196987][T13010] HSR: entered promiscuous mode [ 519.607702][T13019] FAULT_INJECTION: forcing a failure. [ 519.607702][T13019] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 519.631219][T13019] CPU: 0 UID: 0 PID: 13019 Comm: syz.4.1771 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 519.642065][T13019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 519.652202][T13019] Call Trace: [ 519.655531][T13019] [ 519.658499][T13019] dump_stack_lvl+0x16c/0x1f0 [ 519.663233][T13019] should_fail_ex+0x497/0x5b0 [ 519.667978][T13019] _copy_to_user+0x32/0xd0 [ 519.672470][T13019] simple_read_from_buffer+0xd0/0x160 [ 519.677923][T13019] proc_fail_nth_read+0x198/0x270 [ 519.683039][T13019] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 519.688660][T13019] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 519.694281][T13019] vfs_read+0x1df/0xbe0 [ 519.698487][T13019] ? __fget_files+0x1fc/0x3a0 [ 519.703220][T13019] ? __pfx___mutex_lock+0x10/0x10 [ 519.708308][T13019] ? __pfx_vfs_read+0x10/0x10 [ 519.713047][T13019] ? __fget_files+0x206/0x3a0 [ 519.717793][T13019] ksys_read+0x12b/0x250 [ 519.722094][T13019] ? __pfx_ksys_read+0x10/0x10 [ 519.726934][T13019] do_syscall_64+0xcd/0x250 [ 519.731497][T13019] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 519.737451][T13019] RIP: 0033:0x7f61c5f8472c [ 519.741920][T13019] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 519.761567][T13019] RSP: 002b:00007f61c6e7c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 519.770046][T13019] RAX: ffffffffffffffda RBX: 00007f61c6175fa0 RCX: 00007f61c5f8472c [ 519.778062][T13019] RDX: 000000000000000f RSI: 00007f61c6e7c0a0 RDI: 0000000000000004 [ 519.786091][T13019] RBP: 00007f61c6e7c090 R08: 0000000000000000 R09: 0000000000000000 [ 519.794100][T13019] R10: 00000000000cbd5d R11: 0000000000000246 R12: 0000000000000001 [ 519.802118][T13019] R13: 0000000000000000 R14: 00007f61c6175fa0 R15: 00007ffe7fe29828 [ 519.810157][T13019] [ 523.284894][T13085] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1795'. [ 523.373385][T13085] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 523.865345][T13085] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 526.927168][T13167] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 526.973042][T13167] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 527.024344][T13167] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 527.030514][T13167] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 528.347078][T13169] kexec: Could not allocate control_code_buffer [ 528.943991][ T5147] Bluetooth: hci4: command 0x0406 tx timeout [ 529.023869][ T5147] Bluetooth: hci2: command 0x0406 tx timeout [ 529.104169][ T5147] Bluetooth: hci3: command 0x0406 tx timeout [ 529.110447][ T5147] Bluetooth: hci0: command 0x0406 tx timeout [ 529.852014][T13221] erspan0: entered allmulticast mode [ 530.834111][T13234] binder: 13233:13234 ioctl 40046205 800000000000003 returned -22 [ 532.115562][T13272] TCP: TCP_TX_DELAY enabled [ 532.356435][T13282] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1853'. [ 532.385722][T13282] ü: renamed from team0 [ 532.981325][T13272] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 532.987865][T13272] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 532.994528][T13272] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 533.000630][T13272] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 533.028504][T13295] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1859'. [ 533.181927][T13299] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 533.744689][T13308] netlink: 'syz.4.1864': attribute type 11 has an invalid length. [ 533.767868][T13308] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1864'. [ 534.305037][ T5841] Bluetooth: hci4: command 0x0406 tx timeout [ 534.363893][T13338] FAULT_INJECTION: forcing a failure. [ 534.363893][T13338] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 534.377261][T13338] CPU: 1 UID: 0 PID: 13338 Comm: syz.4.1872 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 534.388096][T13338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 534.398194][T13338] Call Trace: [ 534.401504][T13338] [ 534.404473][T13338] dump_stack_lvl+0x16c/0x1f0 [ 534.409216][T13338] should_fail_ex+0x497/0x5b0 [ 534.413958][T13338] ? __pfx_clear_refs_write+0x10/0x10 [ 534.419418][T13338] ? __pfx_clear_refs_write+0x10/0x10 [ 534.424842][T13338] _copy_from_user+0x2e/0xd0 [ 534.429505][T13338] clear_refs_write+0xeb/0xbf0 [ 534.434326][T13338] ? __pfx___lock_acquire+0x10/0x10 [ 534.439612][T13338] ? __pfx___lock_acquire+0x10/0x10 [ 534.444876][T13338] ? __pfx_aa_file_perm+0x10/0x10 [ 534.449948][T13338] ? __pfx_clear_refs_write+0x10/0x10 [ 534.455384][T13338] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 534.461070][T13338] ? rcu_is_watching+0x12/0xc0 [ 534.465897][T13338] ? trace_lock_acquire+0x14e/0x1f0 [ 534.471175][T13338] ? __pfx_clear_refs_write+0x10/0x10 [ 534.476604][T13338] vfs_write+0x24c/0x1150 [ 534.481000][T13338] ? __fget_files+0x1fc/0x3a0 [ 534.485741][T13338] ? __pfx___mutex_lock+0x10/0x10 [ 534.490817][T13338] ? __pfx_vfs_write+0x10/0x10 [ 534.495642][T13338] ? __fget_files+0x206/0x3a0 [ 534.500371][T13338] ksys_write+0x12b/0x250 [ 534.504732][T13338] ? __pfx_ksys_write+0x10/0x10 [ 534.509682][T13338] do_syscall_64+0xcd/0x250 [ 534.514229][T13338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 534.520177][T13338] RIP: 0033:0x7f61c5f85d19 [ 534.524632][T13338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 534.544276][T13338] RSP: 002b:00007f61c6e7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 534.552728][T13338] RAX: ffffffffffffffda RBX: 00007f61c6175fa0 RCX: 00007f61c5f85d19 [ 534.560729][T13338] RDX: 00000000ffffff4b RSI: 0000000000000000 RDI: 0000000000000004 [ 534.568725][T13338] RBP: 00007f61c6e7c090 R08: 0000000000000000 R09: 0000000000000000 [ 534.576721][T13338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 534.584723][T13338] R13: 0000000000000000 R14: 00007f61c6175fa0 R15: 00007ffe7fe29828 [ 534.592736][T13338] [ 535.112391][ T5841] Bluetooth: hci3: command 0x0406 tx timeout [ 535.119111][ T5841] Bluetooth: hci0: command 0x0406 tx timeout [ 535.123792][T13205] Bluetooth: hci2: command 0x0406 tx timeout [ 535.463292][T13359] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 536.452531][T13386] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1890'. [ 536.505200][T13386] sctp: [Deprecated]: syz.0.1890 (pid 13386) Use of int in max_burst socket option deprecated. [ 536.505200][T13386] Use struct sctp_assoc_value instead [ 536.564722][T13391] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1890'. [ 538.234770][T13428] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1901'. [ 538.768575][T13437] debugfs: Directory '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' with parent 'ieee80211' already present! [ 538.915800][T13435] erspan0: entered allmulticast mode [ 539.397544][T13442] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1905'. [ 540.660838][T13467] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1910'. [ 541.514556][T13490] program syz.6.1920 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 542.283676][T13498] erspan0: entered allmulticast mode [ 543.834861][T13532] Process accounting resumed [ 544.211638][T13539] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 544.510067][T13548] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1935'. [ 544.570314][T11067] smc: removing net device syz_tun with user defined pnetid ETHTOOL [ 544.705765][T13548] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 544.713326][T13548] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 544.759382][T13548] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 544.768305][T13548] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 545.069234][ T7803] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 545.215027][ T7803] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 545.338918][ T7803] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 545.545980][ T7803] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 546.041587][T13205] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 546.159841][ T7803] bridge_slave_1: left allmulticast mode [ 546.167064][ T7803] bridge_slave_1: left promiscuous mode [ 546.176893][ T7803] bridge0: port 2(bridge_slave_1) entered disabled state [ 546.186056][T13205] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 546.197790][T13205] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 546.207030][T13205] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 546.224096][T13205] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 546.231951][T13205] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 546.245339][ T7803] bridge_slave_0: left allmulticast mode [ 546.261351][ T7803] bridge_slave_0: left promiscuous mode [ 546.276506][ T7803] bridge0: port 1(bridge_slave_0) entered disabled state [ 546.592694][T13598] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 547.078417][ T7803] erspan0 (unregistering): left allmulticast mode [ 547.702632][ T7803] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 547.716482][ T7803] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 547.729626][ T7803] bond0 (unregistering): Released all slaves [ 547.794930][T13584] erspan0: entered allmulticast mode [ 547.892499][ T7803] HSR: left promiscuous mode [ 548.304926][ T5147] Bluetooth: hci1: command tx timeout [ 548.742663][ T7803] hsr_slave_0: left promiscuous mode [ 548.794073][ T7803] hsr_slave_1: left promiscuous mode [ 548.813578][ T7803] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 548.828984][ T7803] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 548.838852][ T7803] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 548.846847][ T7803] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 548.890573][ T7803] veth1_macvtap: left promiscuous mode [ 548.898326][ T7803] veth0_macvtap: left promiscuous mode [ 548.904634][ T7803] veth1_vlan: left promiscuous mode [ 548.909934][ T7803] veth0_vlan: left promiscuous mode [ 549.428789][ T7803] team0 (unregistering): Port device team_slave_1 removed [ 549.491905][ T7803] team0 (unregistering): Port device team_slave_0 removed [ 550.050517][T13573] chnl_net:caif_netlink_parms(): no params data found [ 550.416468][ T5147] Bluetooth: hci1: command tx timeout [ 550.575996][T13573] bridge0: port 1(bridge_slave_0) entered blocking state [ 550.583202][T13573] bridge0: port 1(bridge_slave_0) entered disabled state [ 550.604148][T13573] bridge_slave_0: entered allmulticast mode [ 550.618080][T13573] bridge_slave_0: entered promiscuous mode [ 550.654650][T13573] bridge0: port 2(bridge_slave_1) entered blocking state [ 550.672112][T13573] bridge0: port 2(bridge_slave_1) entered disabled state [ 550.690224][T13573] bridge_slave_1: entered allmulticast mode [ 550.720264][T13573] bridge_slave_1: entered promiscuous mode [ 550.997587][T13573] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 551.053930][T13573] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 551.272572][T13573] team0: Port device team_slave_0 added [ 551.298871][T13573] team0: Port device team_slave_1 added [ 551.451613][T13573] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 551.484868][T13573] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 551.530166][T13573] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 551.568043][T13573] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 551.582005][T13573] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 551.608980][T13573] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 551.957695][T13573] hsr_slave_0: entered promiscuous mode [ 552.025817][T13573] hsr_slave_1: entered promiscuous mode [ 552.076414][T13573] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 552.103919][T13573] Cannot create hsr debugfs directory [ 552.464017][ T5147] Bluetooth: hci1: command tx timeout [ 552.862872][T13573] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 552.907435][T13573] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 552.953643][T13573] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 553.034398][T13573] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 553.652735][T13573] 8021q: adding VLAN 0 to HW filter on device bond0 [ 553.675070][T13573] 8021q: adding VLAN 0 to HW filter on device team0 [ 553.688191][ T7519] bridge0: port 1(bridge_slave_0) entered blocking state [ 553.695337][ T7519] bridge0: port 1(bridge_slave_0) entered forwarding state [ 553.744876][ T7519] bridge0: port 2(bridge_slave_1) entered blocking state [ 553.752030][ T7519] bridge0: port 2(bridge_slave_1) entered forwarding state [ 553.846105][T13573] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 553.860503][T13573] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 554.288568][T13573] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 554.553993][ T5147] Bluetooth: hci1: command tx timeout [ 555.750068][T13573] veth0_vlan: entered promiscuous mode [ 555.816994][T13573] veth1_vlan: entered promiscuous mode [ 555.931599][T13573] veth0_macvtap: entered promiscuous mode [ 555.967875][T13573] veth1_macvtap: entered promiscuous mode [ 556.036801][T13573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 556.067037][T13573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.094268][T13573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 556.113888][T13573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.159946][T13573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 556.192415][T13573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.218035][T13573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 556.262956][T13573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.293979][T13573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 556.320494][T13573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.376301][T13573] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 556.437134][T13573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 556.483821][T13573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.513892][T13573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 556.553129][T13573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.584097][T13573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 556.613848][T13573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.643942][T13573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 556.671949][T13573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.725335][T13573] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 556.778642][T13573] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 556.803436][T13573] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 556.833828][T13573] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 556.842609][T13573] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 557.200502][T12101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 557.234725][T12101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 557.314123][T12100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 557.327452][T12100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 557.704779][T13756] erspan0: entered allmulticast mode [ 558.008272][T12100] erspan0 (unregistering): left allmulticast mode [ 558.386100][T13781] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1965'. [ 559.523497][T13814] netlink: 158 bytes leftover after parsing attributes in process `syz.0.1973'. [ 560.931653][T13832] erspan0: entered allmulticast mode [ 562.120223][T13869] svc: failed to register nfsdv3 RPC service (errno 111). [ 562.171924][T13869] svc: failed to register nfsaclv3 RPC service (errno 111). [ 564.107643][T13916] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1995'. [ 565.936330][T13940] netlink: 338 bytes leftover after parsing attributes in process `syz.5.1998'. [ 567.455284][T13959] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2002'. [ 568.291004][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.297634][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 573.299157][T14019] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2011'. [ 573.323169][T14019] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2011'. [ 574.231173][T14012] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2009'. [ 574.966196][T14012] ü: Port device team_slave_1 removed [ 575.989909][T14072] netlink: 'syz.5.2020': attribute type 9 has an invalid length. [ 576.813879][ T29] audit: type=1804 audit(4295164207.712:18): pid=14082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.2022" name="/newroot/sys/kernel/tracing/free_buffer" dev="tracefs" ino=1165 res=1 errno=0 [ 578.264064][T14131] FAULT_INJECTION: forcing a failure. [ 578.264064][T14131] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 578.338798][T14131] CPU: 1 UID: 0 PID: 14131 Comm: syz.7.2029 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 578.349657][T14131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 578.349992][T14121] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2026'. [ 578.360005][T14131] Call Trace: [ 578.360052][T14131] [ 578.360068][T14131] dump_stack_lvl+0x16c/0x1f0 [ 578.380006][T14131] should_fail_ex+0x497/0x5b0 [ 578.384766][T14131] _copy_to_iter+0x29b/0x1400 [ 578.389521][T14131] ? trace_lock_acquire+0x14e/0x1f0 [ 578.394792][T14131] ? __pfx__copy_to_iter+0x10/0x10 [ 578.399980][T14131] ? __virt_addr_valid+0x1a4/0x590 [ 578.405164][T14131] ? __virt_addr_valid+0x5e/0x590 [ 578.410258][T14131] ? __phys_addr_symbol+0x30/0x80 [ 578.415344][T14131] ? __check_object_size+0x488/0x710 [ 578.420701][T14131] seq_read_iter+0xd00/0x12b0 [ 578.425467][T14131] proc_reg_read_iter+0x21d/0x310 [ 578.430567][T14131] vfs_read+0x87f/0xbe0 [ 578.434802][T14131] ? __pfx_vfs_read+0x10/0x10 [ 578.439586][T14131] ksys_read+0x12b/0x250 [ 578.443905][T14131] ? __pfx_ksys_read+0x10/0x10 [ 578.448762][T14131] do_syscall_64+0xcd/0x250 [ 578.453333][T14131] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 578.459722][T14131] RIP: 0033:0x7fea77585d19 [ 578.464186][T14131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 578.483852][T14131] RSP: 002b:00007fea7842a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 578.492357][T14131] RAX: ffffffffffffffda RBX: 00007fea77775fa0 RCX: 00007fea77585d19 [ 578.500388][T14131] RDX: 00000000000000fa RSI: 0000000020000180 RDI: 0000000000000003 [ 578.508402][T14131] RBP: 00007fea7842a090 R08: 0000000000000000 R09: 0000000000000000 [ 578.516427][T14131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 578.524468][T14131] R13: 0000000000000000 R14: 00007fea77775fa0 R15: 00007ffd92c2cec8 [ 578.532627][T14131] [ 578.700528][T14121] team0: Port device team_slave_1 removed [ 579.984369][T14161] netlink: 36 bytes leftover after parsing attributes in process `syz.7.2035'. [ 580.044514][T14161] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2035'. [ 580.530207][T14191] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 580.806537][T14205] FAULT_INJECTION: forcing a failure. [ 580.806537][T14205] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 580.843896][T14205] CPU: 0 UID: 0 PID: 14205 Comm: syz.5.2042 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 580.854748][T14205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 580.864848][T14205] Call Trace: [ 580.868166][T14205] [ 580.871138][T14205] dump_stack_lvl+0x16c/0x1f0 [ 580.875878][T14205] should_fail_ex+0x497/0x5b0 [ 580.880637][T14205] _copy_to_user+0x32/0xd0 [ 580.885125][T14205] simple_read_from_buffer+0xd0/0x160 [ 580.890578][T14205] proc_fail_nth_read+0x198/0x270 [ 580.895685][T14205] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 580.901303][T14205] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 580.906916][T14205] vfs_read+0x1df/0xbe0 [ 580.911105][T14205] ? __fget_files+0x1fc/0x3a0 [ 580.915826][T14205] ? __pfx___mutex_lock+0x10/0x10 [ 580.921018][T14205] ? __pfx_vfs_read+0x10/0x10 [ 580.925742][T14205] ? __fget_files+0x206/0x3a0 [ 580.930468][T14205] ksys_read+0x12b/0x250 [ 580.934748][T14205] ? __pfx_ksys_read+0x10/0x10 [ 580.939555][T14205] do_syscall_64+0xcd/0x250 [ 580.944106][T14205] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 580.950039][T14205] RIP: 0033:0x7f4f7dd8472c [ 580.954523][T14205] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 580.974192][T14205] RSP: 002b:00007f4f7eb93030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 580.982643][T14205] RAX: ffffffffffffffda RBX: 00007f4f7df75fa0 RCX: 00007f4f7dd8472c [ 580.990816][T14205] RDX: 000000000000000f RSI: 00007f4f7eb930a0 RDI: 0000000000000004 [ 580.998815][T14205] RBP: 00007f4f7eb93090 R08: 0000000000000000 R09: 0000000000000000 [ 581.006809][T14205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 581.014807][T14205] R13: 0000000000000000 R14: 00007f4f7df75fa0 R15: 00007ffd41c24058 [ 581.022843][T14205] [ 582.334302][T14209] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2043'. [ 582.651789][T14209] team0: Port device team_slave_1 removed [ 583.410924][ T29] audit: type=1804 audit(4295164214.342:19): pid=14243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.2048" name="/newroot/sys/kernel/tracing/free_buffer" dev="tracefs" ino=1165 res=1 errno=0 [ 584.138271][T14257] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2060'. [ 584.213985][T14257] bridge_slave_1: left allmulticast mode [ 584.255658][T14257] bridge_slave_1: left promiscuous mode [ 584.261504][T14257] bridge0: port 2(bridge_slave_1) entered disabled state [ 584.434265][T14257] bridge_slave_0: left allmulticast mode [ 584.440221][T14257] bridge_slave_0: left promiscuous mode [ 584.552466][T14257] bridge0: port 1(bridge_slave_0) entered disabled state [ 586.909945][T14288] scsi_strcpy_devinfo: vendor string ';íÙ/&cŒÀ' is too long [ 586.911868][ T7519] [drm:drm_crtc_add_crc_entry] *ERROR* Overflow of CRC buffer, userspace reads too slow. [ 587.803155][T14299] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 587.849362][T14302] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 587.858545][T14301] could not allocate digest TFM handle [ 592.539016][T14396] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 592.744619][T14398] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2084'. [ 593.359401][T14410] netlink: 'syz.4.2087': attribute type 2 has an invalid length. [ 594.616646][T14433] could not allocate digest TFM handle [ 594.761650][T14435] could not allocate digest TFM handle [ 595.063218][T14439] could not allocate digest TFM handle [ 595.080761][T14442] could not allocate digest TFM handle [ 595.745160][T14471] sg_write: process 930 (syz.5.2096) changed security contexts after opening file descriptor, this is not allowed. [ 602.143391][T14580] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 611.113127][T14718] netlink: 504 bytes leftover after parsing attributes in process `syz.5.2160'. [ 611.454351][T14730] netlink: 'syz.5.2163': attribute type 2 has an invalid length. [ 611.473528][T14730] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2163'. [ 616.272215][T14835] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2187'. [ 616.304858][T14835] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2187'. [ 620.013464][ T29] audit: type=1800 audit(4295164250.942:20): pid=14916 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2205" name="lu_gp_id" dev="configfs" ino=44498 res=0 errno=0 [ 620.181709][T14920] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2205'. [ 625.634028][T15005] FAULT_INJECTION: forcing a failure. [ 625.634028][T15005] name failslab, interval 1, probability 0, space 0, times 0 [ 625.689890][T15005] CPU: 0 UID: 0 PID: 15005 Comm: syz.5.2225 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 625.700962][T15005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 625.711073][T15005] Call Trace: [ 625.714395][T15005] [ 625.717368][T15005] dump_stack_lvl+0x16c/0x1f0 [ 625.722117][T15005] should_fail_ex+0x497/0x5b0 [ 625.726860][T15005] ? fs_reclaim_acquire+0xae/0x150 [ 625.732121][T15005] should_failslab+0xc2/0x120 [ 625.736874][T15005] __kmalloc_cache_noprof+0x68/0x420 [ 625.742239][T15005] ? trace_lock_acquire+0x14e/0x1f0 [ 625.747515][T15005] alloc_pipe_info+0x10e/0x590 [ 625.752354][T15005] splice_direct_to_actor+0x793/0xa40 [ 625.757800][T15005] ? __pfx_direct_splice_actor+0x10/0x10 [ 625.763506][T15005] ? __pfx_aa_file_perm+0x10/0x10 [ 625.768598][T15005] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 625.774576][T15005] ? __fget_files+0x1fc/0x3a0 [ 625.779338][T15005] do_splice_direct+0x178/0x250 [ 625.784299][T15005] ? __pfx_do_splice_direct+0x10/0x10 [ 625.789736][T15005] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 625.795734][T15005] do_sendfile+0xaed/0xe30 [ 625.800218][T15005] ? __pfx_do_sendfile+0x10/0x10 [ 625.805215][T15005] ? __fget_files+0x206/0x3a0 [ 625.809970][T15005] __x64_sys_sendfile64+0x1da/0x220 [ 625.815250][T15005] ? ksys_write+0x1ba/0x250 [ 625.819879][T15005] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 625.825688][T15005] do_syscall_64+0xcd/0x250 [ 625.830279][T15005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 625.836243][T15005] RIP: 0033:0x7f4f7dd85d19 [ 625.840748][T15005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 625.860515][T15005] RSP: 002b:00007f4f7eb93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 625.869012][T15005] RAX: ffffffffffffffda RBX: 00007f4f7df75fa0 RCX: 00007f4f7dd85d19 [ 625.877046][T15005] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 625.885099][T15005] RBP: 00007f4f7eb93090 R08: 0000000000000000 R09: 0000000000000000 [ 625.893144][T15005] R10: 000000007fffe000 R11: 0000000000000246 R12: 0000000000000001 [ 625.901184][T15005] R13: 0000000000000000 R14: 00007f4f7df75fa0 R15: 00007ffd41c24058 [ 625.909240][T15005] [ 625.912452][ C0] vkms_vblank_simulate: vblank timer overrun [ 629.670166][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.677033][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 631.958812][T15110] [U] [ 631.962118][T15110] [U] [ 631.964960][T15110] [U] [ 631.967746][T15110] [U] [ 631.991775][T15110] [U] [ 631.994593][T15110] [U] [ 631.997409][T15110] [U] [ 632.000192][T15110] [U] [ 632.018566][T15111] [U] [ 637.132212][T15169] netlink: 342 bytes leftover after parsing attributes in process `syz.7.2267'. [ 640.572591][ T29] audit: type=1800 audit(2050.870:21): pid=15226 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm=FFFFF2FFFFFFF2FFFFFFF2FFFFFFF2 name="features" dev="configfs" ino=46100 res=0 errno=0 [ 642.587210][T15216] [U] [ 642.590022][T15216] [U] [ 642.592781][T15216] [U] [ 642.595631][T15216] [U] [ 642.634031][T15216] [U] [ 642.636842][T15216] [U] [ 642.639602][T15216] [U] [ 642.642362][T15216] [U] [ 642.693994][T15221] [U] [ 650.640269][T15327] svc: failed to register nfsdv3 RPC service (errno 111). [ 650.679861][T15327] svc: failed to register nfsaclv3 RPC service (errno 111). [ 653.254595][T15373] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2317'. [ 654.469059][T15373] HSR: entered promiscuous mode [ 655.077583][T15372] delete_channel: no stack [ 655.554229][T15395] svc: failed to register nfsdv3 RPC service (errno 111). [ 655.576924][T15395] svc: failed to register nfsaclv3 RPC service (errno 111). [ 659.349313][T15453] svc: failed to register nfsdv3 RPC service (errno 111). [ 659.369770][T15453] svc: failed to register nfsaclv3 RPC service (errno 111). [ 660.066717][T15466] erspan0: entered allmulticast mode [ 661.705995][ T3480] erspan0 (unregistering): left allmulticast mode [ 662.540533][T15518] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2346'. [ 662.579564][T15518] HSR: entered promiscuous mode [ 662.662815][T15506] svc: failed to register nfsdv3 RPC service (errno 111). [ 662.703464][T15506] svc: failed to register nfsaclv3 RPC service (errno 111). [ 664.221352][T15517] delete_channel: no stack [ 666.966691][T15598] netlink: Conntrack attr has 16 unknown bytes [ 672.704066][T13205] Bluetooth: hci1: command 0x0406 tx timeout [ 674.352088][T15725] ptrace attach of "./syz-executor exec"[6738] was attempted by "./syz-executor exec"[15725] [ 674.740226][T15735] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2398'. [ 682.118132][T15869] bridge0: port 3(batadv0) entered blocking state [ 682.124933][T15869] bridge0: port 3(batadv0) entered disabled state [ 682.131692][T15869] batadv0: entered allmulticast mode [ 682.138434][T15869] batadv0: entered promiscuous mode [ 682.144627][T15869] bridge0: port 3(batadv0) entered blocking state [ 682.151264][T15869] bridge0: port 3(batadv0) entered forwarding state [ 682.287510][T12101] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 682.297384][T12101] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 682.594665][T15883] __vm_enough_memory: pid: 15883, comm: syz.0.2435, bytes: 4503599627366400 not enough memory for the allocation [ 691.110812][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.118043][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 693.794527][T16020] netlink: 'syz.4.2469': attribute type 4 has an invalid length. [ 696.021030][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 696.061979][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 699.152839][T16101] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2489'. [ 702.182489][T16155] netlink: 'syz.0.2498': attribute type 4 has an invalid length. [ 709.036217][T16264] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2521'. [ 709.381520][T16264] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2521'. [ 710.252336][T16292] program syz.4.2528 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 714.716234][T16338] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2537'. [ 716.619466][T16382] netlink: 338 bytes leftover after parsing attributes in process `syz.7.2548'. [ 716.673751][T16382] netlink: 338 bytes leftover after parsing attributes in process `syz.7.2548'. [ 716.738868][T16382] netlink: 134 bytes leftover after parsing attributes in process `syz.7.2548'. [ 718.055991][T16409] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2557'. [ 718.972936][T16433] Invalid ELF header magic: != ELF [ 719.489719][T16448] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2568'. [ 723.145310][T16528] Invalid ELF header magic: != ELF [ 723.402409][T16531] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2587'. [ 723.422575][T16536] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2587'. [ 723.457443][T16533] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2587'. [ 726.059299][T16573] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2599'. [ 726.072400][T16573] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2599'. [ 726.087392][T16573] netlink: 134 bytes leftover after parsing attributes in process `syz.5.2599'. [ 726.298582][T16576] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2600'. [ 726.594178][T16596] Process accounting resumed [ 731.837426][T16705] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2632'. [ 738.482037][T16877] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2674'. [ 741.264428][T16929] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2690'. [ 743.095683][T16975] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2700'. [ 746.450599][T17022] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2704'. [ 747.864168][T17042] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2715'. [ 750.010662][T17073] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 750.129057][T17081] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2727'. [ 752.548794][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.555598][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 754.529120][T17170] FAULT_INJECTION: forcing a failure. [ 754.529120][T17170] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 754.552866][T17170] CPU: 1 UID: 0 PID: 17170 Comm: syz.7.2752 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 754.563722][T17170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 754.573921][T17170] Call Trace: [ 754.577260][T17170] [ 754.580248][T17170] dump_stack_lvl+0x16c/0x1f0 [ 754.585094][T17170] should_fail_ex+0x497/0x5b0 [ 754.589935][T17170] ? __pfx_clear_refs_write+0x10/0x10 [ 754.595488][T17170] ? __pfx_clear_refs_write+0x10/0x10 [ 754.600924][T17170] _copy_from_user+0x2e/0xd0 [ 754.605690][T17170] clear_refs_write+0xeb/0xbf0 [ 754.610545][T17170] ? __pfx___lock_acquire+0x10/0x10 [ 754.615834][T17170] ? __pfx___lock_acquire+0x10/0x10 [ 754.621158][T17170] ? __pfx_aa_file_perm+0x10/0x10 [ 754.626260][T17170] ? __pfx_clear_refs_write+0x10/0x10 [ 754.631728][T17170] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 754.637437][T17170] ? rcu_is_watching+0x12/0xc0 [ 754.642283][T17170] ? trace_lock_acquire+0x14e/0x1f0 [ 754.647589][T17170] ? __pfx_clear_refs_write+0x10/0x10 [ 754.653129][T17170] vfs_write+0x24c/0x1150 [ 754.657536][T17170] ? __fget_files+0x1fc/0x3a0 [ 754.662380][T17170] ? __pfx___mutex_lock+0x10/0x10 [ 754.667599][T17170] ? __pfx_vfs_write+0x10/0x10 [ 754.672468][T17170] ? __fget_files+0x206/0x3a0 [ 754.677328][T17170] ksys_write+0x12b/0x250 [ 754.681896][T17170] ? __pfx_ksys_write+0x10/0x10 [ 754.686827][T17170] do_syscall_64+0xcd/0x250 [ 754.691439][T17170] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 754.697410][T17170] RIP: 0033:0x7fea77585d19 [ 754.701898][T17170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 754.721576][T17170] RSP: 002b:00007fea7842a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 754.730076][T17170] RAX: ffffffffffffffda RBX: 00007fea77775fa0 RCX: 00007fea77585d19 [ 754.738280][T17170] RDX: 00000000ffffff4b RSI: 0000000000000000 RDI: 0000000000000005 [ 754.746575][T17170] RBP: 00007fea7842a090 R08: 0000000000000000 R09: 0000000000000000 [ 754.754610][T17170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 754.762645][T17170] R13: 0000000000000000 R14: 00007fea77775fa0 R15: 00007ffd92c2cec8 [ 754.770690][T17170] [ 754.773864][ C1] vkms_vblank_simulate: vblank timer overrun [ 756.238633][T17209] FAULT_INJECTION: forcing a failure. [ 756.238633][T17209] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 756.353539][T17209] CPU: 0 UID: 0 PID: 17209 Comm: syz.4.2764 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 756.364432][T17209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 756.374643][T17209] Call Trace: [ 756.377972][T17209] [ 756.380952][T17209] dump_stack_lvl+0x16c/0x1f0 [ 756.385700][T17209] should_fail_ex+0x497/0x5b0 [ 756.390543][T17209] _copy_to_user+0x32/0xd0 [ 756.395064][T17209] simple_read_from_buffer+0xd0/0x160 [ 756.400534][T17209] proc_fail_nth_read+0x198/0x270 [ 756.405657][T17209] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 756.411292][T17209] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 756.416927][T17209] vfs_read+0x1df/0xbe0 [ 756.421161][T17209] ? __fget_files+0x1fc/0x3a0 [ 756.425913][T17209] ? __pfx___mutex_lock+0x10/0x10 [ 756.431013][T17209] ? __pfx_vfs_read+0x10/0x10 [ 756.435772][T17209] ? __fget_files+0x206/0x3a0 [ 756.440534][T17209] ksys_read+0x12b/0x250 [ 756.444846][T17209] ? __pfx_ksys_read+0x10/0x10 [ 756.449773][T17209] do_syscall_64+0xcd/0x250 [ 756.454357][T17209] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 756.460313][T17209] RIP: 0033:0x7f61c5f8472c [ 756.464761][T17209] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 756.484408][T17209] RSP: 002b:00007f61c6e7c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 756.492878][T17209] RAX: ffffffffffffffda RBX: 00007f61c6175fa0 RCX: 00007f61c5f8472c [ 756.500904][T17209] RDX: 000000000000000f RSI: 00007f61c6e7c0a0 RDI: 0000000000000006 [ 756.508931][T17209] RBP: 00007f61c6e7c090 R08: 0000000000000000 R09: 0000000000000000 [ 756.516941][T17209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 756.524962][T17209] R13: 0000000000000000 R14: 00007f61c6175fa0 R15: 00007ffe7fe29828 [ 756.533012][T17209] [ 756.634195][T17207] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 757.514158][T17235] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2771'. [ 763.291632][T17320] netlink: 350 bytes leftover after parsing attributes in process `syz.0.2785'. [ 765.220371][T17321] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2785'. [ 770.511444][T13205] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 770.526045][T13205] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 770.535737][T13205] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 770.546570][T13205] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 770.554815][T13205] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 770.564474][T13205] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 770.963121][T17402] chnl_net:caif_netlink_parms(): no params data found [ 772.508294][T17402] bridge0: port 1(bridge_slave_0) entered blocking state [ 772.520702][T17402] bridge0: port 1(bridge_slave_0) entered disabled state [ 772.533130][T17402] bridge_slave_0: entered allmulticast mode [ 772.573116][T17402] bridge_slave_0: entered promiscuous mode [ 772.704152][ T5147] Bluetooth: hci3: command tx timeout [ 772.845638][T17402] bridge0: port 2(bridge_slave_1) entered blocking state [ 772.852899][T17402] bridge0: port 2(bridge_slave_1) entered disabled state [ 772.872595][T17402] bridge_slave_1: entered allmulticast mode [ 772.881002][T17402] bridge_slave_1: entered promiscuous mode [ 773.082716][T17402] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 773.126558][T17402] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 773.475515][T17402] team0: Port device team_slave_0 added [ 773.516267][T17402] team0: Port device team_slave_1 added [ 773.850484][T17402] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 773.861457][T17402] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 773.923475][T17402] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 773.936800][T17402] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 773.953690][T17402] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 774.011618][T17402] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 774.224469][T17402] hsr_slave_0: entered promiscuous mode [ 774.243736][T17402] hsr_slave_1: entered promiscuous mode [ 774.259958][T17402] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 774.270600][T17402] Cannot create hsr debugfs directory [ 774.705713][T17402] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 774.793606][ T5147] Bluetooth: hci3: command tx timeout [ 775.037179][T17451] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2821'. [ 775.051987][T17402] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 776.210210][T17402] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 776.524671][T17402] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 776.863558][ T5147] Bluetooth: hci3: command tx timeout [ 776.886371][T17466] [ 776.888792][T17466] ====================================================== [ 776.895859][T17466] WARNING: possible circular locking dependency detected [ 776.903006][T17466] 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 Not tainted [ 776.910159][T17466] ------------------------------------------------------ [ 776.917311][T17466] syz.5.2826/17466 is trying to acquire lock: [ 776.923413][T17466] ffffffff8fabf2c8 (rtnl_mutex){+.+.}-{4:4}, at: do_ipv6_setsockopt+0x1f4d/0x4660 [ 776.932878][T17466] [ 776.932878][T17466] but task is already holding lock: [ 776.940340][T17466] ffff888079efb8a8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x101/0xc00 [ 776.950600][T17466] [ 776.950600][T17466] which lock already depends on the new lock. [ 776.950600][T17466] [ 776.961142][T17466] [ 776.961142][T17466] the existing dependency chain (in reverse order) is: [ 776.970196][T17466] [ 776.970196][T17466] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 776.978857][T17466] __mutex_lock+0x19b/0xa60 [ 776.983922][T17466] smc_switch_to_fallback+0x2d/0xa00 [ 776.989775][T17466] smc_sendmsg+0x13d/0x520 [ 776.994836][T17466] ____sys_sendmsg+0x9ae/0xb40 [ 777.000241][T17466] ___sys_sendmsg+0x135/0x1e0 [ 777.005478][T17466] __sys_sendmsg+0x16e/0x220 [ 777.010663][T17466] do_syscall_64+0xcd/0x250 [ 777.015742][T17466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 777.022305][T17466] [ 777.022305][T17466] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}: [ 777.030002][T17466] lock_sock_nested+0x3a/0xf0 [ 777.035266][T17466] sockopt_lock_sock+0x54/0x70 [ 777.040615][T17466] do_ip_getsockopt+0x115c/0x2bf0 [ 777.046221][T17466] ip_getsockopt+0x9c/0x1e0 [ 777.051277][T17466] raw_getsockopt+0x4d/0x1e0 [ 777.056420][T17466] do_sock_getsockopt+0x3fe/0x870 [ 777.061997][T17466] __sys_getsockopt+0x12f/0x260 [ 777.067420][T17466] __x64_sys_getsockopt+0xbd/0x160 [ 777.073110][T17466] do_syscall_64+0xcd/0x250 [ 777.078195][T17466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 777.084664][T17466] [ 777.084664][T17466] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 777.091951][T17466] __lock_acquire+0x249e/0x3c40 [ 777.097471][T17466] lock_acquire.part.0+0x11b/0x380 [ 777.103217][T17466] __mutex_lock+0x19b/0xa60 [ 777.108276][T17466] do_ipv6_setsockopt+0x1f4d/0x4660 [ 777.114029][T17466] ipv6_setsockopt+0xcb/0x170 [ 777.119259][T17466] tcp_setsockopt+0xa4/0x100 [ 777.124407][T17466] smc_setsockopt+0x1b4/0xc00 [ 777.129652][T17466] do_sock_setsockopt+0x222/0x480 [ 777.135244][T17466] __sys_setsockopt+0x1a0/0x230 [ 777.140653][T17466] __x64_sys_setsockopt+0xbd/0x160 [ 777.146323][T17466] do_syscall_64+0xcd/0x250 [ 777.151379][T17466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 777.157831][T17466] [ 777.157831][T17466] other info that might help us debug this: [ 777.157831][T17466] [ 777.168636][T17466] Chain exists of: [ 777.168636][T17466] rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock [ 777.168636][T17466] [ 777.182443][T17466] Possible unsafe locking scenario: [ 777.182443][T17466] [ 777.189923][T17466] CPU0 CPU1 [ 777.195310][T17466] ---- ---- [ 777.200696][T17466] lock(&smc->clcsock_release_lock); [ 777.206092][T17466] lock(sk_lock-AF_INET); [ 777.213061][T17466] lock(&smc->clcsock_release_lock); [ 777.220981][T17466] lock(rtnl_mutex); [ 777.224987][T17466] [ 777.224987][T17466] *** DEADLOCK *** [ 777.224987][T17466] [ 777.233167][T17466] 1 lock held by syz.5.2826/17466: [ 777.238291][T17466] #0: ffff888079efb8a8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x101/0xc00 [ 777.248931][T17466] [ 777.248931][T17466] stack backtrace: [ 777.254837][T17466] CPU: 0 UID: 0 PID: 17466 Comm: syz.5.2826 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 777.265642][T17466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 777.275813][T17466] Call Trace: [ 777.279108][T17466] [ 777.282149][T17466] dump_stack_lvl+0x116/0x1f0 [ 777.286952][T17466] print_circular_bug+0x41c/0x610 [ 777.292026][T17466] check_noncircular+0x31a/0x400 [ 777.297042][T17466] ? __pfx_check_noncircular+0x10/0x10 [ 777.302545][T17466] ? __pfx_mark_lock+0x10/0x10 [ 777.307352][T17466] ? lockdep_lock+0xc6/0x200 [ 777.311977][T17466] ? __pfx_lockdep_lock+0x10/0x10 [ 777.317043][T17466] ? __pfx_mark_lock+0x10/0x10 [ 777.321851][T17466] __lock_acquire+0x249e/0x3c40 [ 777.326755][T17466] ? __pfx___lock_acquire+0x10/0x10 [ 777.332002][T17466] ? __lock_acquire+0x15a9/0x3c40 [ 777.337079][T17466] lock_acquire.part.0+0x11b/0x380 [ 777.342220][T17466] ? do_ipv6_setsockopt+0x1f4d/0x4660 [ 777.347640][T17466] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 777.353333][T17466] ? rcu_is_watching+0x12/0xc0 [ 777.358198][T17466] ? trace_lock_acquire+0x14e/0x1f0 [ 777.363481][T17466] ? do_ipv6_setsockopt+0x1f4d/0x4660 [ 777.368900][T17466] ? lock_acquire+0x2f/0xb0 [ 777.373435][T17466] ? do_ipv6_setsockopt+0x1f4d/0x4660 [ 777.378867][T17466] __mutex_lock+0x19b/0xa60 [ 777.383412][T17466] ? do_ipv6_setsockopt+0x1f4d/0x4660 [ 777.388835][T17466] ? __pfx_mark_lock+0x10/0x10 [ 777.393649][T17466] ? do_ipv6_setsockopt+0x1f4d/0x4660 [ 777.399056][T17466] ? __pfx___mutex_lock+0x10/0x10 [ 777.404117][T17466] ? __pfx_register_lock_class+0x10/0x10 [ 777.409776][T17466] ? finish_task_switch.isra.0+0x217/0xcc0 [ 777.415631][T17466] ? __switch_to+0x749/0x1190 [ 777.420368][T17466] ? hlock_class+0x4e/0x130 [ 777.424948][T17466] ? do_ipv6_setsockopt+0x1f4d/0x4660 [ 777.430354][T17466] ? rtnl_lock+0x9/0x20 [ 777.434550][T17466] do_ipv6_setsockopt+0x1f4d/0x4660 [ 777.439885][T17466] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 777.445499][T17466] ? lock_acquire.part.0+0x11b/0x380 [ 777.450825][T17466] ? __mutex_trylock_common+0xea/0x250 [ 777.456325][T17466] ? __pfx___mutex_trylock_common+0x10/0x10 [ 777.462243][T17466] ? smc_setsockopt+0x101/0xc00 [ 777.467144][T17466] ? rcu_is_watching+0x12/0xc0 [ 777.472004][T17466] ? trace_contention_end+0xee/0x140 [ 777.477364][T17466] ? __mutex_lock+0x1cc/0xa60 [ 777.482096][T17466] ? __pfx___futex_wait+0x10/0x10 [ 777.487167][T17466] ? smc_setsockopt+0x101/0xc00 [ 777.492131][T17466] ? __pfx___mutex_lock+0x10/0x10 [ 777.497207][T17466] ? ipv6_setsockopt+0xcb/0x170 [ 777.502090][T17466] ipv6_setsockopt+0xcb/0x170 [ 777.506801][T17466] tcp_setsockopt+0xa4/0x100 [ 777.511430][T17466] smc_setsockopt+0x1b4/0xc00 [ 777.516155][T17466] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 777.522175][T17466] ? __pfx_smc_setsockopt+0x10/0x10 [ 777.527429][T17466] ? __pfx_smc_setsockopt+0x10/0x10 [ 777.532670][T17466] do_sock_setsockopt+0x222/0x480 [ 777.537746][T17466] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 777.543421][T17466] ? lock_acquire+0x2f/0xb0 [ 777.547963][T17466] __sys_setsockopt+0x1a0/0x230 [ 777.552861][T17466] __x64_sys_setsockopt+0xbd/0x160 [ 777.558101][T17466] ? do_syscall_64+0x91/0x250 [ 777.562942][T17466] ? lockdep_hardirqs_on+0x7c/0x110 [ 777.568697][T17466] do_syscall_64+0xcd/0x250 [ 777.573427][T17466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 777.579576][T17466] RIP: 0033:0x7f4f7dd85d19 [ 777.584023][T17466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 777.604198][T17466] RSP: 002b:00007f4f7eb93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 777.612690][T17466] RAX: ffffffffffffffda RBX: 00007f4f7df75fa0 RCX: 00007f4f7dd85d19 [ 777.620766][T17466] RDX: 000000000000001b RSI: 0000000000000029 RDI: 0400000000000003 [ 777.628759][T17466] RBP: 00007f4f7de01a20 R08: 000000000000056b R09: 0000000000000000 [ 777.636915][T17466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 777.645283][T17466] R13: 0000000000000000 R14: 00007f4f7df75fa0 R15: 00007ffd41c24058 [ 777.653399][T17466] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 778.882863][T12101] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 778.944113][ T5147] Bluetooth: hci3: command tx timeout [ 779.009358][T12101] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 779.109684][T12101] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 779.258555][T12101] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 779.478898][T12101] bridge_slave_1: left allmulticast mode [ 779.486267][T12101] bridge_slave_1: left promiscuous mode [ 779.492049][T12101] bridge0: port 2(bridge_slave_1) entered disabled state [ 779.502529][T12101] bridge_slave_0: left allmulticast mode [ 779.509113][T12101] bridge_slave_0: left promiscuous mode [ 779.515237][T12101] bridge0: port 1(bridge_slave_0) entered disabled state [ 779.573022][T12101] erspan0 (unregistering): left allmulticast mode [ 779.660758][T12101] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 779.672030][T12101] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 779.684780][T12101] bond0 (unregistering): Released all slaves [ 779.953204][T12101] hsr_slave_0: left promiscuous mode [ 779.959435][T12101] hsr_slave_1: left promiscuous mode [ 779.969350][T12101] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 779.978794][T12101] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 779.990315][T12101] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 779.999629][T12101] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 780.010077][T12101] veth1_macvtap: left promiscuous mode [ 780.015685][T12101] veth0_macvtap: left promiscuous mode [ 780.021373][T12101] veth1_vlan: left promiscuous mode [ 780.026856][T12101] veth0_vlan: left promiscuous mode [ 780.201909][T12101] team0 (unregistering): Port device team_slave_1 removed [ 780.234321][T12101] team0 (unregistering): Port device team_slave_0 removed [ 780.872276][T12101] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 780.940965][T12101] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 780.988961][T12101] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 781.031525][T12101] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 781.170351][T12101] bridge_slave_1: left allmulticast mode [ 781.177752][T12101] bridge_slave_1: left promiscuous mode [ 781.186823][T12101] bridge0: port 2(bridge_slave_1) entered disabled state [ 781.197862][T12101] bridge_slave_0: left allmulticast mode [ 781.206206][T12101] bridge_slave_0: left promiscuous mode [ 781.212065][T12101] bridge0: port 1(bridge_slave_0) entered disabled state [ 781.221780][T12101] batadv0: left allmulticast mode [ 781.229561][T12101] batadv0: left promiscuous mode [ 781.235126][T12101] bridge0: port 3(batadv0) entered disabled state [ 781.243127][T12101] bridge_slave_1: left allmulticast mode [ 781.251999][T12101] bridge_slave_1: left promiscuous mode [ 781.259076][T12101] bridge0: port 2(bridge_slave_1) entered disabled state [ 781.270804][T12101] bridge_slave_0: left allmulticast mode [ 781.276601][T12101] bridge_slave_0: left promiscuous mode [ 781.282320][T12101] bridge0: port 1(bridge_slave_0) entered disabled state [ 781.370587][T12101] erspan0 (unregistering): left allmulticast mode [ 781.486421][T12101] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 781.496531][T12101] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 781.508353][T12101] bond0 (unregistering): Released all slaves [ 781.521799][T12101] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 781.533243][T12101] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 781.543582][T12101] bond0 (unregistering): Released all slaves [ 781.592709][T12101] HSR: left promiscuous mode [ 781.968295][T12101] hsr_slave_0: left promiscuous mode [ 781.974603][T12101] hsr_slave_1: left promiscuous mode [ 781.980698][T12101] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 781.989191][T12101] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 782.001662][T12101] hsr_slave_0: left promiscuous mode [ 782.008008][T12101] hsr_slave_1: left promiscuous mode [ 782.014356][T12101] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 782.021840][T12101] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 782.036427][T12101] veth1_macvtap: left promiscuous mode [ 782.042076][T12101] veth0_macvtap: left promiscuous mode [ 782.047992][T12101] veth1_vlan: left promiscuous mode [ 782.053339][T12101] veth0_vlan: left promiscuous mode [ 782.278833][T12101] team0 (unregistering): Port device team_slave_1 removed [ 782.318665][T12101] team0 (unregistering): Port device team_slave_0 removed [ 782.539138][T12101] team0 (unregistering): Port device team_slave_0 removed