last executing test programs: 6m32.821942678s ago: executing program 2 (id=1451): sendmsg$auto_GTP_CMD_ECHOREQ(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x0, 0x203, 0x70bd25, 0x25dfdbff, {}, [@GTPA_LINK={0x8, 0x1, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0xa, 0x3, 0xff) setsockopt$auto(0x400000000000003, 0x29, 0x16, 0x0, 0x20056b) r0 = socket(0xa, 0x3, 0xff) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000700), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_CHANNEL(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000880)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="000427bd704f6935d0ff436aa95653b88d51329200fddbdf2541000000080ab000", @ANYRES32=r3, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4080}, 0x20000000) r4 = socket(0xa, 0x801, 0x106) setsockopt$auto(0x3, 0x588, 0x6, 0x0, 0x4) socket(0x10, 0x2, 0x0) socket(0xa, 0x801, 0x84) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) ppoll$auto(&(0x7f0000000080)={r4, 0xdf0f, 0x5}, 0xb, &(0x7f0000000180)={0x1000}, &(0x7f00000001c0)={0x6}, 0x8) recvfrom$auto(r5, &(0x7f0000000280)=[0xf059, 0x2, 0x1020000, 0x7, 0x4, 0x1, 0xffffffffffffffff, 0x6000000000000], 0x2, 0xd, &(0x7f00000002c0)={0x3, @sockaddr_1_1={"87c9ab870f60fa4a20e639f201cda59c0182f75e1e6bc1929db5a4e7b32c7cc771ec4f07cd1c98f70e55e40ee8d529b2126cdcdc317d038fb1d728c49b16f50d10107ff3a218a3779efb89c4d46d7843d36f4ffeb0c710cea8f5ace39693c80a16f00ee0fe05629889a8f07c4bc1839733e9cd500e8157c9be1fa2766611fa85a8f6f946c3e11d8c45d9a237702265929ce10cb45e090f382195d7dd49866873bcfbe6ba265b2ba321e32e905a200fd68b58"}}, &(0x7f0000000380)=0x5a3) fcntl$auto(0x3, 0x4, 0xa553) socketpair$auto(0x3, 0x5, 0x7, 0x0) accept$auto(r0, &(0x7f0000000400)={0xfffc, @sa_data_min="5a525116195ae575f961a8f887ff"}, &(0x7f0000000440)=0x5) setsockopt$auto(0x3, 0x0, 0x13, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000040)={0xa, @sa_data_min="c054fdab44b93e00"}, 0x69) select$auto(0x3, 0x0, &(0x7f0000000100)={[0x9, 0x294c, 0x0, 0x9, 0xfffffffffffffffc, 0x3, 0x6, 0x2, 0x9, 0xffff, 0x4000000000000000, 0xd, 0x3, 0x200000201, 0x7, 0x6]}, 0x0, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff) connect$auto(r6, &(0x7f0000000000)={0x8, @sa_data_min="8c43b8a56853eeda87bb571b40f4"}, 0x8) io_cancel$auto(0xfffffffffffffffb, &(0x7f00000002c0)={0x9, 0x400, 0x2, 0x400, 0x73, 0x4, 0x49, 0x1000, 0x6, 0x0, 0x6, r6}, &(0x7f0000000300)={0xfffffffffffffffd, 0x1, 0x323c99f1, 0x5}) accept4$auto(r8, 0x0, 0x0, 0x0) sendmsg$auto_TCP_METRICS_CMD_GET(r6, &(0x7f0000000c00)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b00)={0x14, r7, 0x89c1beb01534ff9b, 0x70bd29, 0x25dfdbfb}, 0x14}}, 0x8998) 6m31.371045373s ago: executing program 2 (id=1457): syz_clone(0xa8024400, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) getsockopt$auto(0x6, 0x40000000084, 0x14, 0xfffffffffffffffe, 0x0) r0 = socket(0x1e, 0x1, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0xa, 0x801, 0x84) close_range$auto(0x0, r0, 0x2) socket(0xa, 0x2, 0x0) setsockopt$auto(0x0, 0x1, 0x32, &(0x7f00000000c0)='\x00', 0xbb) socket(0x2, 0x1, 0xfffffffc) modify_ldt$auto(0x9, 0xfffffffffffffffc, 0x23b94) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) lseek$auto(0x3, 0x7ffffffffffffffd, 0x2) setsockopt$auto(0x1, 0x1, 0x28, &(0x7f0000000000)='\x00', 0xbb) listen$auto(0x3, 0x83) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') socket(0x2a, 0x2, 0x0) ioctl$auto(0x3, 0x8915, 0xfffffffffffff4e0) mmap$auto(0x96df, 0x40009, 0xdf, 0x9b72, 0x7, 0x28002) close_range$auto(0xffffffffffffffff, 0xfffffffffffff000, 0x8) bpf$auto(0x5, &(0x7f0000000000)=@iter_create={0x15, 0x8}, 0x7) mprotect$auto(0x1ffff000, 0x8000000000002001, 0x4) bpf$auto(0x0, &(0x7f0000000000)=@bpf_attr_7={@btf_id=0xe9f, 0x4, 0x1c}, 0xa3) socketpair$auto(0x84f, 0x5, 0x8000000000000000, 0x0) bpf$auto(0x3, 0x0, 0x0) accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd) 6m30.608748167s ago: executing program 32 (id=1458): r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="1b000000", @ANYBLOB="1a00279e"], 0x1ac}, 0x1, 0x0, 0x6558000000000000, 0x40}, 0x40000) 6m29.82132936s ago: executing program 2 (id=1462): close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NETDEV_CMD_NAPI_GET(r2, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000000)={0x1c, r1, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@NETDEV_A_NAPI_ID={0x8, 0x2, 0x1ff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40801}, 0x4) r3 = syz_genetlink_get_family_id$auto_SMC_GEN_NETLINK(&(0x7f0000000100), r0) sendmsg$auto_SMC_NETLINK_GET_FBACK_STATS(r2, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)={0x4c, r3, 0x100, 0x70bd26, 0x25dfdbfb, {}, [0x5, 0x4, 0x377, 0x7fff, 0x2, 0x1, 0x0]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000800}, 0xfa9e738c57f61b8b) pidfd_open$auto(0x1, 0x0) socket(0x8, 0xa, 0x80) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x14, 0x0, 0x1, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x4000804) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0xa, 0x2, 0x88) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) connect$auto(0x3, &(0x7f0000000000)={0x2, @sa_data_min="0800e00000000000c1728d2af766"}, 0x55) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000180), 0xffffffffffffffff) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0xe000) 6m27.974649957s ago: executing program 2 (id=1464): inotify_init1$auto(0x3000000000000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) io_uring_setup$auto(0x6, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0x8000, 0x0) open(0x0, 0x22240, 0x155) r0 = open(0x0, 0xa240, 0x1de) close_range$auto(0x2, 0x8000, 0x0) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) clone$auto(0x1ff00, 0x0, &(0x7f0000002040)=0x7, 0x0, 0x9) socket(0xa, 0x3, 0x73) socket(0xa, 0x5, 0x10000) r1 = socket(0xa, 0x5, 0x0) getsockopt$auto(r1, 0x84, 0x9, 0x0, &(0x7f0000000080)=0x9c8) pipe2$auto(&(0x7f0000000140)=0x2, 0x800) sendto$auto(0x3, 0x0, 0x18, 0x101, &(0x7f0000000140)={0x2, @sockaddr_1_1}, 0x1c) ioctl$auto(r0, 0x1ff, 0x649f) 6m26.044709625s ago: executing program 2 (id=1469): set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) clone$auto(0xf500, 0x6, 0x0, 0x0, 0xd47) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) dup$auto(r0) set_mempolicy$auto(0x400, &(0x7f0000000040)=0x2, 0x800) socket$nl_generic(0x10, 0x3, 0x10) syz_clone(0x2900000, &(0x7f0000000180), 0x0, 0x0, 0x0, 0x0) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) timer_create$auto(0x2, 0x0, 0x0) timer_create$auto(0x7, 0x0, &(0x7f0000000980)=0x4) prctl$auto(0x1000000003b, 0x1, 0x9, 0x5, 0x3) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) memfd_secret$auto(0x72df6d71) 6m20.029178725s ago: executing program 2 (id=1484): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x9, 0x6, 0xffffffff, 0x2}, 0x9, 0x0, 0x6) rseq$auto(&(0x7f00000001c0)={0x2, 0xc, 0x1, 0x10, 0x4, 0x5, "cd2ea731589421a13c8ba0a577bf51f6e5703bb1ef4c306db12f11d6c2345be7fac062da65df49e4dd6a244aa6301131227ce099d9d7ba57a1bfce6b9faf7f324674bf2e45171e58a177beb537ee6f6a94fb52d3ed23b648bb368312980a969baec126a0514047"}, 0x1, 0x5, 0x8c) prctl$auto(0x1000000003b, 0x1, 0x9, 0x5, 0x4) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) io_getevents$auto(0x4, 0x1, 0x8000000000000003, 0xfffffffffffffffc, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/mnt\x00') ioctl$auto(0x3, 0x4020940c, 0x5) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000080), 0xffffffffffffffff) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) syz_genetlink_get_family_id$auto_IPVS(0x0, 0xffffffffffffffff) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x407ff, 0x3f, 0x4, 0x0, 0x5f, 0x0, 0x3}, 0x804) sendmsg$auto_BATADV_CMD_GET_BLA_CLAIM(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x54, r1, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_TT_ADDRESS={0xa, 0x10, "bcef7295169d"}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x6}, @BATADV_ATTR_TPMETER_COOKIE={0x8, 0xd, 0x9}, @BATADV_ATTR_MCAST_FLAGS_PRIV={0x8, 0x27, 0xb}, @BATADV_ATTR_BANDWIDTH_UP={0x8, 0x1b, 0x1}, @BATADV_ATTR_ROUTER={0xa, 0x1d, "9ccee8f9be5e"}]}, 0x54}, 0x1, 0x0, 0x0, 0x8000}, 0x4000) madvise$auto(0x3, 0x0, 0x4) 6m4.945940059s ago: executing program 33 (id=1484): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x9, 0x6, 0xffffffff, 0x2}, 0x9, 0x0, 0x6) rseq$auto(&(0x7f00000001c0)={0x2, 0xc, 0x1, 0x10, 0x4, 0x5, "cd2ea731589421a13c8ba0a577bf51f6e5703bb1ef4c306db12f11d6c2345be7fac062da65df49e4dd6a244aa6301131227ce099d9d7ba57a1bfce6b9faf7f324674bf2e45171e58a177beb537ee6f6a94fb52d3ed23b648bb368312980a969baec126a0514047"}, 0x1, 0x5, 0x8c) prctl$auto(0x1000000003b, 0x1, 0x9, 0x5, 0x4) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) io_getevents$auto(0x4, 0x1, 0x8000000000000003, 0xfffffffffffffffc, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/mnt\x00') ioctl$auto(0x3, 0x4020940c, 0x5) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000080), 0xffffffffffffffff) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) syz_genetlink_get_family_id$auto_IPVS(0x0, 0xffffffffffffffff) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x407ff, 0x3f, 0x4, 0x0, 0x5f, 0x0, 0x3}, 0x804) sendmsg$auto_BATADV_CMD_GET_BLA_CLAIM(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x54, r1, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_TT_ADDRESS={0xa, 0x10, "bcef7295169d"}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x6}, @BATADV_ATTR_TPMETER_COOKIE={0x8, 0xd, 0x9}, @BATADV_ATTR_MCAST_FLAGS_PRIV={0x8, 0x27, 0xb}, @BATADV_ATTR_BANDWIDTH_UP={0x8, 0x1b, 0x1}, @BATADV_ATTR_ROUTER={0xa, 0x1d, "9ccee8f9be5e"}]}, 0x54}, 0x1, 0x0, 0x0, 0x8000}, 0x4000) madvise$auto(0x3, 0x0, 0x4) 3m57.519314316s ago: executing program 1 (id=2085): r0 = socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x2000c041) bind$auto(0x3, &(0x7f0000000080)={0x2, @sockaddr_1_1}, 0x6b) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) write$auto(0x3, 0x0, 0xfffffdef) syz_genetlink_get_family_id$auto_netdev(0x0, r0) sendmsg$auto_NETDEV_CMD_NAPI_GET0(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0, 0x44}, 0x1, 0x0, 0x44, 0x22028055}, 0x0) 3m57.22852836s ago: executing program 1 (id=2087): r0 = socket$nl_generic(0x10, 0x3, 0x10) epoll_pwait2$auto(0xffffffffffffffff, 0x0, 0x10001, 0x0, &(0x7f0000000080)={0xffffffff}, 0x1) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000001480), r0) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001540)={&(0x7f00000014c0)={0x2c, r1, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x9}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0xf}, @NFSD_A_SERVER_SCOPE={0x6, 0x4, '[\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40081}, 0xc4) 3m56.168507376s ago: executing program 1 (id=2089): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) personality$auto(0xfffffffc) uname$auto(0x0) sendmsg$auto_NL80211_CMD_GET_FTM_RESPONDER_STATS(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x14, 0x0, 0x4, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x4000010) mprotect$auto(0x37fffffffffff, 0x8010000000000001, 0xd) r0 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r0, 0x29, 0x48, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\x87\x02\x1c\xfd\xac\xc7\xaa\n\xf9\x19\xc4#<^\x91\x1d\xda\xc4m\xef\xff(i\xc6@\x91_\vBj\x0eQ\xceV\'C\x8c\x01\x80\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\x00\x00\x00\x00\xe4\xa5\xfe\xb5', 0x10000110) uname$auto(&(0x7f0000000180)={"be6c503b829a74e9db2844b58f3201fe21a33c666b7ab04f30a508e974f79196db2bdb2a44a0cbc46443c0094c5c480e300ed094a4dbce30567eab90391e80274f", "535de2a476f59b72623fcf701bbc189eccaa2503b982052941411dae77a873a16d48a8b6a353e4004db0d4f3a411dbae28197810668cfc4a4f10485961125af01b", "8dfc54e13bb6e4ee12996dbcf88eacc06d375fd0c7d6d211b3a908b52ee6549475eb7bd69bbb336fe4282ec891ce7689675da616d3b02aebb396fac9017cb661a3", "8b111b5e59fbdbe46d4aa2fdb4cfb7ae5bbe018860e11936c3f49aa576835426ee787b6b829634ea36c60297935c349c390f8399a90e952822af93ea95fbe3d1b9", "0e5ac65df716343fd4dfca15910275a84e93571423d4036d7bb0e6d87f6614bcadf2219a6171c4f0bf2f43f048f7484ce8dbc35069af72c657b77181dc039bbdcf", "8ed98847ea6af0343a5db80b9fe0203b3a4edbba4a412657dd06197bec0783c073c4f0526bb5b1dd619c6363d473359d1412da35c55d09af97d43fd5ccc6455d7d"}) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0x9, 0x0, 0x2) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x4008000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x1, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x80) 3m55.627594398s ago: executing program 1 (id=2090): mmap$auto(0x4000000000000002, 0x400018, 0xdf, 0x9b70, 0x6, 0x8000000000000001) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendto$auto(0x4, 0x0, 0xff, 0x6, 0x0, 0xe) 3m55.315990747s ago: executing program 1 (id=2092): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) clone$auto(0x3, 0x9, 0x0, 0x0, 0x10001) r0 = socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) tkill$auto(0x1, 0x7) getsockopt$auto(r0, 0x84, 0x3, 0x0, 0x0) r1 = socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x2000c041) bind$auto(0x3, &(0x7f0000000080)={0x2, @sockaddr_1_1}, 0x6b) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) write$auto(0x3, 0x0, 0xfffffdef) syz_genetlink_get_family_id$auto_netdev(0x0, r1) sendmsg$auto_NETDEV_CMD_NAPI_GET0(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x22028055}, 0x0) 3m51.382529865s ago: executing program 1 (id=2115): r0 = socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000080)={0x2, @sockaddr_1_1}, 0x6b) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000100), r0) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, r1, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@NETDEV_A_QUEUE_ID={0x8, 0x1, 0x7fffffff}, @NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x6}, @NETDEV_A_QUEUE_TYPE={0x8}, @NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x478c}, @NETDEV_A_QUEUE_IFINDEX={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x880}, 0x40) 3m51.086714754s ago: executing program 34 (id=2115): r0 = socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000080)={0x2, @sockaddr_1_1}, 0x6b) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000100), r0) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, r1, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@NETDEV_A_QUEUE_ID={0x8, 0x1, 0x7fffffff}, @NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x6}, @NETDEV_A_QUEUE_TYPE={0x8}, @NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x478c}, @NETDEV_A_QUEUE_IFINDEX={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x880}, 0x40) 2m37.02863241s ago: executing program 5 (id=2501): pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1cJ\x99\x8a>c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) 2m36.909108083s ago: executing program 5 (id=2502): socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) io_pgetevents$auto(0x8, 0x4, 0x6871a176, 0x0, 0x0, 0x0) mlockall$auto(0x7) mprotect$auto(0x0, 0x8000000000000001, 0x6) clone3$auto(0x0, 0x40) setsockopt$auto(0x3, 0x10000000084, 0x72, 0x0, 0xc) 2m36.1532254s ago: executing program 5 (id=2507): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_SEG6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_DUMPHMAC(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x14, r1, 0x307, 0x70bd38, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0xf0}, 0x20040000) 2m36.053356537s ago: executing program 5 (id=2508): socket(0xa, 0x801, 0x106) socket(0xa, 0x5, 0x84) readahead$auto(0xffffffffffffffff, 0x6, 0x9) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x83, 0x0, 0x8) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000021}, 0x8004) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x40008000) socket(0x2, 0x801, 0x100) pipe$auto(&(0x7f0000000080)) socketpair$auto(0x3, 0x5, 0x7, 0x0) setsockopt$auto(0x3, 0x0, 0xf, 0x0, 0xb) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000000)={0x2, @sockaddr_1_1}, 0x55) sendmmsg$auto(r0, &(0x7f0000000000)={{0x0, 0x8, 0x0, 0xe, &(0x7f0000000a40)=[0x8e, 0x100000001], 0x8e, 0x40}, 0x8}, 0x1, 0x8) ioctl$auto(0x3, 0x80000541b, 0x38) 2m35.669266598s ago: executing program 5 (id=2511): close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x3, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x3, 0xff) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x2000c041) socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000080)={0x2, @sockaddr_1_1}, 0x6b) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) socket(0xa, 0x3, 0x100) select$auto(0xfffffffd, 0x0, 0x0, 0x0, 0x0) settimeofday$auto(&(0x7f0000000180)={0x1ed5d7403, 0x1}, 0x0) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) madvise$auto(0x0, 0xffffffffffff0005, 0x19) close_range$auto(0x0, 0xfffffffffffff000, 0x0) fanotify_init$auto(0x5, 0x2) socket$nl_generic(0x10, 0x3, 0x10) pidfd_open$auto(0x1, 0x0) pidfd_send_signal$auto(0x2, 0x7, 0x0, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semctl$auto(0x1ff, 0x2, 0x13, 0x1) lsm_list_modules$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697b}, 0xed7138c}, 0x9a6, 0x0) write$auto(0x3, 0x0, 0xfffffdef) shutdown$auto(0x200000003, 0x2) connect$auto(0x3, 0x0, 0x55) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) sendfile$auto(0x1, 0x3, 0x0, 0xc01) 2m34.839020958s ago: executing program 5 (id=2514): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000003640), r0) sendmsg$auto_WG_CMD_GET_DEVICE(r0, &(0x7f0000003740)={0x0, 0x0, &(0x7f0000003700)={&(0x7f0000001140)={0x28, r1, 0x686f00e90a3cc359, 0x70bd2d, 0x25dfdc02, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x40840) (fail_nth: 4) 2m34.366445967s ago: executing program 35 (id=2514): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000003640), r0) sendmsg$auto_WG_CMD_GET_DEVICE(r0, &(0x7f0000003740)={0x0, 0x0, &(0x7f0000003700)={&(0x7f0000001140)={0x28, r1, 0x686f00e90a3cc359, 0x70bd2d, 0x25dfdc02, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x40840) (fail_nth: 4) 2m4.837722555s ago: executing program 0 (id=2656): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x801, 0x100) write$auto(0x3, 0x0, 0x81) setsockopt$auto(0x1, 0x1, 0x33, &(0x7f0000000000)='\x00', 0xbb) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xf7s\x1cJ\x99\x8a>c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) 2m4.68747173s ago: executing program 0 (id=2658): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0x26, 0x80805, 0x0) dup2$auto(0x0, 0x3) bind$auto(0x3, 0x0, 0x6b) ioperm$auto(0x4fcb, 0x1003, 0x80) fallocate$auto(0x3, 0x0, 0xe, 0x8ec5) mlockall$auto(0x7) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/net\x00') setns(r0, 0x40000000) write$auto(r0, &(0x7f0000000000)='\\\x00', 0x8) rename$auto(0x0, 0x0) shmat$auto(0x0, 0x0, 0x0) 2m4.499793595s ago: executing program 0 (id=2660): shmctl$auto(0x0, 0xb, 0x0) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1cJ\x99\x8a>c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) fanotify_init$auto(0x5, 0x401) 2m4.311749916s ago: executing program 0 (id=2662): unshare$auto(0x200) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/user\x00') setns(r0, 0x0) clone$auto(0xfffffffe20000, 0x4, 0xfffffffffffffffc, 0xfffffffffffffffc, 0xfa6) (async) clone$auto(0xfffffffe20000, 0x4, 0xfffffffffffffffc, 0xfffffffffffffffc, 0xfa6) 2m4.05709663s ago: executing program 0 (id=2664): prctl$auto(0x1000000001c, 0x5, 0x8, 0x9, 0x80001) setreuid$auto(0x15, 0x5) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffe, @_sigpoll={0x52, 0x7}}}) prctl$auto(0x0, 0x5, 0xffffffffffff218c, 0x1, 0xfffffffffffffff8) 2m3.687556122s ago: executing program 0 (id=2667): ioctl$auto(0xffffffffffffffff, 0xc0047dca, 0x8000000000003) 2m3.420690975s ago: executing program 36 (id=2667): ioctl$auto(0xffffffffffffffff, 0xc0047dca, 0x8000000000003) 2m0.973092729s ago: executing program 7 (id=2676): socket(0x2, 0x1, 0x0) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x44000) bind$auto(0x3, &(0x7f0000000080)={0x2, @sockaddr_1_1}, 0x6b) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) sendmsg$auto_TIPC_NL_LINK_RESET_STATS(0xffffffffffffffff, 0x0, 0x2000c000) select$auto(0x3, 0x0, 0x0, 0x0, 0x0) statx$auto(0x2, 0x0, 0x1000, 0xbdfa, 0x0) munmap$auto(0x1000000, 0x2000000c) utimensat$auto(0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x81000, 0x1ff}, 0x4) connect$auto(0x3, 0x0, 0x55) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28) move_pages$auto(0x3, 0x8, 0xfffffffffffffffe, 0xfffffffffffffffd, 0xfffffffffffffffe, 0x3) connect$auto(0x3, &(0x7f0000000100)={0x2, @sa_data_min="a1c53c12ef1e9d9e4892f91de512"}, 0x7) 2m0.067579866s ago: executing program 7 (id=2680): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x403, 0x8000) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) close_range$auto(0x0, 0xffffeffe, 0x2) socket(0x2b, 0x1, 0x1) connect$auto(0x3, 0xfffffffffffffffe, 0x0) pipe$auto(0x0) pipe$auto(0x0) tee$auto(0x2000000000000, 0x3, 0x3ff, 0x9) 1m59.894049793s ago: executing program 7 (id=2682): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000002500), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, r3, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80) r4 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_DEL(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0xe00000000000000, 0x0, 0x20040011}, 0x20000000) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000500)={'gretap0\x00', 0x0}) socket(0xa, 0x23af690fef30229, 0x9) sendmsg$auto_OVS_DP_CMD_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x28, r1, 0x5, 0x70bd29, 0x25dfdbfc, {}, [@OVS_DP_ATTR_IFINDEX={0x8, 0x9, r7}, @OVS_DP_ATTR_NAME={0xb, 0x1, '.\x02:\xb6-$\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000c000}, 0x4000024) 1m59.339554942s ago: executing program 7 (id=2683): r0 = socket(0x2, 0x801, 0x100) poll$auto(0x0, 0x2, 0x43) sendmsg$auto_WG_CMD_GET_DEVICE(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x88d0}, 0x2000c041) semctl$auto(0xffffffff, 0xfffffffffffffffa, 0xfffffffe, 0x95cc) bind$auto(0x3, &(0x7f0000000080)={0x2, @sockaddr_1_1}, 0x6b) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) shutdown$auto(0x200000003, 0x2) socket(0x2, 0x801, 0x100) poll$auto(&(0x7f0000000d40)={0x3, 0x1, 0xa}, 0x5, 0x400) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400088a1}, 0x8004) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) close_range$auto(0x2, 0x8000, 0x0) 1m59.085695525s ago: executing program 7 (id=2685): ioperm$auto(0x7, 0x6, 0x80) fallocate$auto(0x3, 0x0, 0xe, 0x8ec5) pipe2$auto(&(0x7f0000000000)=0xffffffffffffffff, 0x3) io_uring_setup$auto(0x200, &(0x7f0000000040)={0x9, 0xb, 0x8, 0x7f0b, 0x648, 0x1, r0, [0x9fce, 0x8000, 0xfffffffc], {0x5, 0xdce, 0x4, 0x0, 0x2, 0x2, 0x3, 0xe, 0x3}, {0x7, 0x8, 0xfffffffb, 0x10000, 0x2, 0x3, 0xfff, 0x9, 0x99}}) mlockall$auto(0x7) clone3$auto(&(0x7f0000000000)={0x3ffffffff, 0x4, 0x63, 0x3, 0x6, 0x0, 0x7, 0x8, 0x8fa1, 0x1, 0x8000000003}, 0x294) ioperm$auto(0x3, 0xe, 0x2000000000000149) fstatfs$auto(0x1, &(0x7f00000000c0)={0x7fffffffffffffff, 0x10000, 0x2, 0x8d, 0x1, 0x1, 0x7ff, {[0x4c, 0x401]}, 0x6, 0x1, 0x4, [0x1, 0x1, 0x200, 0x7ff]}) rename$auto(0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) sendmsg$auto_IPVS_CMD_ZERO(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x4000840) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socket(0xa, 0x801, 0x84) connect$auto(0x3, &(0x7f0000000000)={0x2, @sa_data_min="0800e00000000000c1728d2af766"}, 0x55) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r1 = socket(0x18, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(r1, 0x80487436, 0x0) ioperm$auto(0xfffffffffffffff7, 0x9, 0x8) shmat$auto(0x0, 0x0, 0x0) 1m56.048530236s ago: executing program 7 (id=2693): socket(0x2, 0x2, 0x1) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x3, 0xa) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) socket(0x26, 0x80805, 0x0) mmap$auto(0x0, 0x2020009, 0x4, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) getrandom$auto(0x0, 0x6000000, 0x3) capget$auto(&(0x7f0000000040)={0x7f, 0x0}, &(0x7f0000000080)={0x5, 0x9, 0xff}) syz_open_procfs$namespace(r0, &(0x7f00000000c0)='ns/net\x00') mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) msync$auto(0x0, 0x5, 0x0) socket(0x2c, 0x80003, 0x0) lseek$auto(0xffffffffffffffff, 0x1000000003, 0x1) fcntl$auto(0x0, 0x0, 0x8001) socket(0xa, 0x2, 0x3a) io_uring_setup$auto(0x6, 0x0) 1m55.699830583s ago: executing program 37 (id=2693): socket(0x2, 0x2, 0x1) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x3, 0xa) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) socket(0x26, 0x80805, 0x0) mmap$auto(0x0, 0x2020009, 0x4, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) getrandom$auto(0x0, 0x6000000, 0x3) capget$auto(&(0x7f0000000040)={0x7f, 0x0}, &(0x7f0000000080)={0x5, 0x9, 0xff}) syz_open_procfs$namespace(r0, &(0x7f00000000c0)='ns/net\x00') mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) msync$auto(0x0, 0x5, 0x0) socket(0x2c, 0x80003, 0x0) lseek$auto(0xffffffffffffffff, 0x1000000003, 0x1) fcntl$auto(0x0, 0x0, 0x8001) socket(0xa, 0x2, 0x3a) io_uring_setup$auto(0x6, 0x0) 40.979320211s ago: executing program 6 (id=3028): ioprio_set$auto(0x10, 0x9, 0x2) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40040021}, 0x8011) (async) socket(0xa, 0x6, 0x0) (async) prctl$auto(0x4, 0x1, 0x3ff, 0x8000000000000001, 0x9) (async) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) 40.650034584s ago: executing program 6 (id=3030): socket(0xa, 0x3, 0x33) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) pselect6$auto(0x2, 0x0, &(0x7f00000000c0)={[0x1, 0xb44f, 0x2e9, 0x1, 0xfffffffff0000000, 0x0, 0x1, 0x4, 0x1, 0x7, 0x4, 0x4, 0x10003, 0x2e0, 0xffffffffffffffff, 0x2]}, 0x0, 0x0, &(0x7f0000000280)) futex$auto(&(0x7f0000000080)=0x2, 0x9b6, 0x4, &(0x7f0000000240)={0x0, 0xc7}, &(0x7f0000000280)=0x1, 0xffffff7f) setsockopt$auto(0x400000000000003, 0x29, 0x7, 0x0, 0x401) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000021}, 0x8004) fsopen$auto(&(0x7f00000001c0)='nfsd\x00', 0x1) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c40900448dc7fe8000"}, 0x55) mmap$auto(0x0, 0x4, 0x4000000000de, 0x40ebe, 0x401, 0x300000000000) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="2b0128bd7000fedbdf250000000000000800060000000800080090f4ffff08000500050000000c000300030000000000000008000000"], 0x3}, 0x1, 0x0, 0x0, 0x8010}, 0x24004141) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x8, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xc57138c}, 0x9a6, 0xe000) clone$auto(0x40083b42, 0x5c84, 0xfffffffffffffffe, 0x0, 0x100000000000f) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00') ioctl$NS_GET_PARENT(r0, 0x5460, 0x0) write$auto(0x3, 0x0, 0xffd8) 39.335232529s ago: executing program 6 (id=3033): r0 = socket(0xa, 0x2, 0x0) setsockopt$auto(r0, 0x29, 0x37, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110) setsockopt$auto(0x400000000000003, 0x29, 0x3b, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) socket(0xa, 0x801, 0x106) listen$auto(0x3, 0x83) getsockopt$auto(0x0, 0x7fff, 0x628e8c92, 0x0, 0x0) ioperm$auto(0x7, 0x6, 0x2) fanotify_init$auto(0x5, 0x2) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00', @ANYRES16, @ANYBLOB="010026bd7000fedbdf250a00"], 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x22048814) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1b000000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8000, 0x0) socket(0xf, 0x3, 0x2) bpf$auto(0x0, &(0x7f0000000000)=@link_update={0xa, @new_map_fd=0x2, 0x7, @old_prog_fd=0x13b}, 0xa3) bpf$auto(0x0, &(0x7f0000000100)=@link_create={@prog_fd=0x1, @target_fd=0xa, 0x3, 0x8, @tracing={0x4, 0xffffffff}}, 0xfbf) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x800}, 0xc) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x801, 0x84) setsockopt$auto(0x3, 0x10000000084, 0x72, 0x0, 0xc) sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, 0x0, 0x880) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(0x3, 0x400, 0x1) fremovexattr$auto(0x3, &(0x7f0000000080)='\\-\x00') nanosleep$auto(0x0, 0x0) 38.108312935s ago: executing program 6 (id=3037): r0 = socket(0x5, 0x4, 0x4c) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_FRAME_WAIT_CANCEL(r0, &(0x7f0000000580)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000540)={&(0x7f00000000c0)={0x468, r1, 0x8, 0x70bd27, 0x25dfdbfc, {}, [@NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0xcb}, @NL80211_ATTR_IE_RIC={0x442, 0xb2, "67f4eb23e53e953cbb6c50f2ef5f7e080996385a5493d6789de56ed8d4b5f10b6e29f78d390e2d79f62f05a22b293060af40eec25b5e40ce2028f5f1411b281d80ff2c2c8922d2eea19c0037ffa960abe3eb292ab40a5a7df24ca7ecd6d8112ec926abbf6a926dfad09cd556ec30fdcded4c0dd9edb76518510310da597c2e3cfc839f5dc600dafeda914bf7214d12e62c6ac1e7f16b57d402b2b05209f41dc03efb0a10db1b471fa19ff8062905c8051f598fefde737ccb3a9b01b0716d7d456e5713f0b47c5d1e3560e92f2b375ccc95f607c398fa3cab5708b5e72d04ecad254f9d2ef9752036f7fab85a6da8f0178d644d35874691b26105b7d90583cb02c8c26b22020dd6815d7b2253468ad070a46e93ba6ad0bacfef44c54e778c1a0b528894034c077b77578be84d15bac690e4f010653047e11e234f772bf2e3f7595990aaccb3c15319206fae202093726c9dd682aaff6f868759ed97562be4d433b7b5a0cd713e042ade019d503a03930d1427a7579d0dab3567f4680fed2f5f805bb54e43a79a6b162bb5ac140d5303a0171445feba7a2d9b587a9f3aa4f572e4e602957f29df112bcc8543d8de17a37db04e1c0a0829ef59512770144c548b4560e66fa4f8cc3e898d1ca36a0c3b35be371a6cd169a170a4635fd4bf75ff80398e080a778113a25ded1bf5048090f85d27dc6854116d89bab867eba52153a803a0134581aeae19adfc9670e70b1006c7aa4af233f740c38b863e310e803be8f161e0afc6995af47bfdd22644cf791ad12b0936d2b44ff26ce08e4b625848f8a04dc71f3965596a1c8f8b96a66c08f3e307db3dc5c0f2c59de035fde59f172cda6088fa67e894ab41f3a9df86b5aaecddcaef10f56148b7a10f4cda72052b0e02360bb5e066ca87a2656c9793381d900ec04978aaa1e7688b3e21a7ee303571839f4440ce218d69ce3759b19ee305a055d00f2d4989835d037774711ab0f0466ca35c0d879d7624bff6277d5d454a2178926dbf5d5c5ee4908d9ef7fce73b783242d67832d1439f4a35ae57f60d88e5ada350effce3d8e7a40f9e6dfef99d50375931ed446f588c2b59b16e15abe959c75d300224f42b7a5448fd46e2548856741fbd3aa7b0555ef8eb706e5c45dd077de769a447c1d6064b84b2b95348bc263f20c9383048d586e96799e8b90b485f86059bfda77ff70bcc2147649b29380abba672fd3fd396732319038844706f87d049f4436538a3639b86b8f85713d0b63e665ef25cfcdcbf0e2df799ef2dccbcf3f34771e52848e9abf2dc9889772f77e99f6a162b6bf50189fbed41c881a2a20e5a22ee3f3da814c2bbcfafdd82b738580b71dd9f888dae3b0515c4ab1d43fd5a944ab3aa9549ac8bb35e366a8ca4ca7c2ee1b167f7c7740f453ab30450ebdc8f4687d533acfedff8c5d5e9fceb7f6dccb038cf19dbf403b32953764b169c1a0085763cf66e5eb2de52cac6bb6a362fb9aeccd5faf033b50771ec68531d8a478d8f8b8ea34820f9c158bf2fe35cc6"}, @NL80211_ATTR_COLOR_CHANGE_COLOR={0x5, 0x130, 0x3}]}, 0x468}, 0x1, 0x0, 0x0, 0x440d0}, 0x11) close_range$auto(0x2, 0x8, 0x0) adjtimex$auto(0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x8, 0x4, 0x9b72, 0x2, 0x8000) r2 = socket(0x1d, 0x3, 0x1) getsockopt$auto(r2, 0x65, 0x1, 0xffffffffffffffff, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x15, 0x5, 0x0) socket(0xa, 0x801, 0x106) memfd_create$auto(0x0, 0xa) socket(0x2, 0x3, 0xa) socket(0xa, 0x801, 0x84) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(r3, &(0x7f0000000000)={{0x0, 0x8, 0x0, 0xe, &(0x7f0000000a40)=[0x8e, 0x100000001], 0x8e, 0x8}, 0x8}, 0x1, 0xb) read$auto(0x3, 0x0, 0x8ec0) 37.602149914s ago: executing program 6 (id=3038): r0 = syz_clone(0x0, &(0x7f0000000000)="9eebd54242a524f730a67c68e14110e5c022964f47d14534056e996546eaf068c760e9252ba54d7b602d5872f112f1f7198a39731949708883f74738fcb8", 0x3e, &(0x7f0000000100), &(0x7f0000000080), &(0x7f0000000280)="6829fe94d7b3c47b7693a9e3f418a3fc5b01e9220501d5572f1641222a32d31258884a3a5af0af51d9da490f6031010b4533657337e6b6072d47e54018a6c208bd6162d07eeb30c9ac9725c37acd46d938c6d25acf8b3e8bd9311b0db90b0c0829390b614ec7e9128e5ffb36037e554648739c977b45e5fd536a0dfbd13deea57ba47ba541df6a5bbd3f130bb2863ea05d662d4b83841856d7af9f78e36ab05b666cd77cf47034233ea2def7ae4b8d3f4a887b663e84c5828ed5a71695638846146fa642bda285959dac8b25fb7485c28598a59572427f28912a266333c3f6f51ee92573235640a9b30da8a019bfd87dd99a80ca47167393319f0d48c4cf9d0a5e25624f7a255669997a16103967e83fdd4dc03f0b691afe35e14152bd58803e388fefbdc1f0d983d5e1c71f1ff32e697765e45d8fc61a707dd7508eaaa2622e111398f78a17eba2de") mmap$auto(0x0, 0xa, 0x72, 0x8b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x9) socket(0xa, 0x5, 0x0) listen$auto(0x3, 0x81) io_uring_setup$auto(0x6, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x6) close_range$auto(0x2, 0x8000, 0x0) open(0x0, 0xa22c0, 0x155) open(0x0, 0xa240, 0x1de) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) migrate_pages$auto(0x1, 0x9, 0x0, &(0x7f0000000840)=0x2) madvise$auto(0x0, 0xffffffffffff0001, 0x15) getpgid(r0) move_pages$auto(r0, 0xeb, &(0x7f0000000040)=&(0x7f0000000000)=[0xab0, 0x4], &(0x7f0000000080)=0x7, &(0x7f00000000c0)=0xfffffe01, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_LEAVE_MESH(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=ANY=[@ANYBLOB="e595cef2cfab7e6d187e3b1400", @ANYRES16=r2, @ANYBLOB="01002cbd7000fbdbdf2545000000"], 0x14}}, 0x20000000) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000940), r1) r3 = syz_genetlink_get_family_id$auto_NLBL_UNLBL(&(0x7f0000000a80), r1) sendmsg$auto_NLBL_UNLABEL_C_STATICREMOVEDEF(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f0000000240)={0x14, r3, 0x400, 0x70bd2b, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x8000) mq_open$auto(&(0x7f00000020c0)='.\xf1\x00', 0x56a, 0x2d, 0x0) syz_clone(0xc21c080, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) add_key$auto(&(0x7f0000000180)='.\x00', &(0x7f00000001c0)='.\xf1\x00', &(0x7f0000000200), 0x8, 0x2) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) connect$auto(0x4, 0x0, 0x10) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) 34.710751946s ago: executing program 6 (id=3050): open(0x0, 0x1e9c42, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) socket(0x2c, 0x80003, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sysinfo$auto(0x0) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/time\x00') clone$auto(0x60003b46, 0x7, 0x0, 0x0, 0x800000000002) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x23, 0x80805, 0x0) memfd_secret$auto(0x0) socket(0xa, 0x801, 0x100) select$auto(0xffffffff, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x9, 0x3, 0x1, 0x2000000000000002, 0x9, 0x5e58296f, 0xff, 0x10, 0x4, 0xaab, 0x5, 0x4006]}, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x8) 34.361362901s ago: executing program 38 (id=3050): open(0x0, 0x1e9c42, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) socket(0x2c, 0x80003, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sysinfo$auto(0x0) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/time\x00') clone$auto(0x60003b46, 0x7, 0x0, 0x0, 0x800000000002) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x23, 0x80805, 0x0) memfd_secret$auto(0x0) socket(0xa, 0x801, 0x100) select$auto(0xffffffff, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x9, 0x3, 0x1, 0x2000000000000002, 0x9, 0x5e58296f, 0xff, 0x10, 0x4, 0xaab, 0x5, 0x4006]}, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x8) 3.956965743s ago: executing program 4 (id=3174): r0 = socket(0x2, 0x801, 0x100) sendmsg$auto_WG_CMD_GET_DEVICE(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x88d0}, 0x2000c041) bind$auto(0x3, &(0x7f0000000080)={0x2, @sockaddr_1_1}, 0x6b) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) shutdown$auto(0x200000003, 0x2) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x8004) connect$auto(0x3, 0x0, 0x55) close_range$auto(0x2, 0x8000, 0x0) 3.886238159s ago: executing program 9 (id=3175): open$dir(&(0x7f0000000080)='./cgroup.cpu/cgroup.procs\x00', 0x80280, 0x40) r0 = syz_open_procfs$namespace(0xffffffffffffffff, 0x0) pipe2$auto(&(0x7f00000000c0)=r0, 0x800) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000001140), r2) sendmsg$auto_WG_CMD_SET_DEVICE(r2, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f0000000040)=ANY=[@ANYBLOB="3d00003aea6fa89d8e39e345b19b801ac41b8d00", @ANYRES16=r3, @ANYBLOB="210026bd7000fedbdf250100000008000500010000001400020077673000"/42], 0x30}, 0x1, 0x0, 0x0, 0x841}, 0x80) seccomp$auto(0x1, 0x10000a, 0xfffffffffffffffc) sendmsg$auto_WG_CMD_GET_DEVICE(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r3, 0x2, 0x70bd29, 0x25dfdbfe, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e23}]}, 0x1c}}, 0x20000845) r4 = open$dir(&(0x7f0000000000)='./file0\x00', 0x2, 0x208) fsopen$auto(&(0x7f0000000200)='\x00', 0x1) write$auto(r4, &(0x7f0000000040)='-&\\\'$^\x00', 0x8) 3.646896447s ago: executing program 4 (id=3178): socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mq_open$auto(0x0, 0x3ff, 0x7, &(0x7f0000000140)={0x7, 0x2f05, 0xa509, 0x4}) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) execve$auto(&(0x7f0000000040)=':,\x00', 0x0, 0x0) madvise$auto(0x0, 0x2000040080000004, 0xe) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) connect$auto(0x3, &(0x7f0000000000)={0x2, @sa_data_min="0800e00000000000c1728d2af766"}, 0x55) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x20040010}, 0x40040c0) connect$auto(0x3, &(0x7f0000000140)={0xa}, 0x55) socket(0x2b, 0x1, 0x1) listen$auto(0x3, 0x83) mmap$auto(0x0, 0x20009, 0x4, 0xeb1, 0x401, 0x8000) setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x9) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x10a, 0x0, 0x1, 0x1}, 0xed7138c}, 0x7, 0x0) 3.49899171s ago: executing program 9 (id=3180): syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x7) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), r0) sendmsg$auto_OVS_DP_CMD_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x38, r1, 0x374fe8f90a25151b, 0x70bd27, 0x25dfdbff, {}, [@OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x9}, @OVS_DP_ATTR_IFINDEX={0x8}, @OVS_DP_ATTR_NAME={0x13, 0x1, 'MAC80211_HWSIM\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x4880}, 0x4000) mprotect$auto(0x5fffeffd, 0x8000000000000001, 0x100000000) syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00') 3.210318633s ago: executing program 4 (id=3183): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000a00), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_NODE_GET(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x14, 0x0, 0x4, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x50) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000001fc0), r2) r3 = syz_genetlink_get_family_id$auto_ila(&(0x7f00000022c0), r2) sendmsg$auto_ILA_CMD_DEL(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002340)={&(0x7f0000000080)={0x14, r3, 0x1, 0x70bd24, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x20000000) sendmsg$auto_MACSEC_CMD_ADD_RXSA(r0, &(0x7f0000001c80)={0x0, 0x0, &(0x7f0000001c40)={&(0x7f0000000ac0)={0x1c, r1, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@MACSEC_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000804}, 0x8880) r4 = socket(0xa, 0x801, 0x106) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'veth1_vlan\x00'}) 3.013088849s ago: executing program 8 (id=3184): r0 = socket(0x2, 0x801, 0x100) poll$auto(0x0, 0x2, 0x43) sendmsg$auto_WG_CMD_GET_DEVICE(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x88d0}, 0x2000c041) bind$auto(0x3, &(0x7f0000000080)={0x2, @sockaddr_1_1}, 0x6b) connect$auto(r0, &(0x7f0000000100)={0x0, @sa_data_min="00db9c00"}, 0x3) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) shutdown$auto(0x200000003, 0x2) 3.008714601s ago: executing program 9 (id=3185): mlockall$auto(0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_pgetevents$auto(0x76d, 0x2, 0xa31f, 0x0, 0x0, &(0x7f0000000700)={&(0x7f00000006c0)}) r0 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r0, 0x29, 0x3b, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110) setsockopt$auto(0x400000000000003, 0x29, 0x36, 0xffffffffffffffff, 0x0) io_uring_setup$auto(0x6, 0x0) prctl$auto(0x59616d61, 0xffffffffffffffff, 0x6, 0x8, 0xfff) madvise$auto(0x0, 0x200007, 0x19) 2.779038268s ago: executing program 8 (id=3187): r0 = socket(0x2, 0x801, 0x100) sendmsg$auto_WG_CMD_GET_DEVICE(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x88d0}, 0x2000c041) bind$auto(0x3, &(0x7f0000000080)={0x2, @sockaddr_1_1}, 0x6b) connect$auto(0x3, &(0x7f00000000c0)={0x2, @sockaddr_1_1}, 0x55) shutdown$auto(0x200000003, 0x2) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x8004) connect$auto(0x3, 0x0, 0x55) close_range$auto(0x2, 0x8000, 0x0) 2.745055535s ago: executing program 4 (id=3188): mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) r0 = socket(0xa, 0x5, 0x0) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) sendmsg$auto_NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000180)={0x110, r1, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0xdbed}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x7fffffff}, @NL80211_ATTR_FILS_NONCES={0xd2, 0xf3, "370e2b1e65d6d5611e8d08ec2a8a30c02ab19e29ff9f6e4d0ef691091726ad437fca6d9e6fa84112cccee7705d8bd0c5decc86378b84ef0e90d6454e356418cc7c93a642be530fcde176defd4f94c6acdf4c86463b77de72ab9f652fa65ecb3a3ccb72aa092435af9cead4fd3118fe749e8dedd7dc8a4abd3494b038274d19a8f7fd90cee3f47a6e7cb620db81749665512e2605ea2ea2e48494f09f15bc05d3abb435d9cdd351fc03c2c542fc744329e5931ba8a10ddb312a488cff1c74e9630decb5dba9969c84ebd12ad1454b"}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0xffffffff}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x4}, @NL80211_ATTR_WIPHY_NAME={0x6, 0x2, '^\x00'}]}, 0x110}, 0x1, 0x0, 0x0, 0x4000040}, 0x10) r2 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) flock$auto(r2, 0x5) (async) r3 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) flock$auto(r3, 0x6) shutdown$auto(0x200000003, 0x2) (async) pipe$auto(&(0x7f00000002c0)=r2) shutdown$auto(r4, 0x401) select$auto(0x3, 0x0, &(0x7f0000000100)={[0xd, 0x200, 0x0, 0xc, 0xc, 0x3, 0x6, 0x2, 0x9, 0x4, 0x0, 0x3, 0x4, 0x5, 0x8, 0x9]}, 0x0, 0x0) (async) setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x8) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) 2.732694999s ago: executing program 9 (id=3189): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002800), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={0x0}, 0x1, 0x0, 0x0, 0x4008810}, 0x14) 2.556092836s ago: executing program 9 (id=3190): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mlock$auto(0x9, 0x6) (async) socket(0xa, 0x1, 0x84) (async, rerun: 32) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 32) io_uring_setup$auto(0x6, 0x0) (async) io_uring_setup$auto(0x6, 0x0) (async) io_uring_setup$auto(0x6, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) r0 = open(0x0, 0x22240, 0x154) execveat$auto(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) (async) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) (async) setsockopt$auto(0x3, 0x10000000084, 0x80, 0x0, 0x8) select$auto(0x6d0c, 0x0, &(0x7f0000000100)={[0xd, 0x200, 0x800000000000008, 0xc, 0x9, 0x3, 0x6, 0x1, 0x40009, 0x5e582972, 0x4000000000000000, 0x14, 0x93, 0x8, 0x8, 0x6]}, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4aeed448dc7fe8000"}, 0x55) (async) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 32) semctl$auto(0x1ff, 0x2, 0x13, 0x1) (async, rerun: 32) lsm_list_modules$auto(0x0, 0x0, 0x0) fcntl$auto(0x2, 0x5, 0x1) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000040000fdef}, 0x1) syz_genetlink_get_family_id$auto_MAC80211_HWSIM(0x0, 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004084}, 0x48000) (async) syz_genetlink_get_family_id$auto_MAC80211_HWSIM(0x0, 0xffffffffffffffff) (async) ppoll$auto(0x0, 0x9eba, &(0x7f0000000140)={0x5852, 0x1000}, 0x0, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) 2.389585707s ago: executing program 8 (id=3191): keyctl$auto(0x1d, 0x725fffffffb, 0x69c9, 0x2, 0x6) socket(0x11, 0x80003, 0x300) mkdir$auto(0x0, 0x8001) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff) socket(0x22, 0x2, 0x2) bind$auto(0x7, &(0x7f0000000180)={0x2, @sockaddr_1_1}, 0x6) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000200), r0) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[], 0x1c}}, 0x4008894) unshare$auto(0x20000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x6, 0xa, 0xfffffffc) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) socketpair$auto(0x3, 0x5, 0x7, 0x0) setsockopt$auto(0xffffffffffffffff, 0x0, 0x1a, 0x0, 0xd) keyctl$auto(0x300, 0x1ff, 0x3, 0x9e3f, 0x6) bind$auto(0x3, &(0x7f0000000040)={0xa}, 0x69) mount$auto(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\x83\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)\x1f\xbby\xe5\xc4w\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0Z>\xe1=\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x00'/192, 0x4, 0x0) r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') setns(r3, 0x0) close_range$auto(r2, r1, 0x2) mount$auto(0x0, &(0x7f0000000000)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06', 0x0, 0x10001, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2) mmap$auto(0x0, 0x9, 0x8, 0x9b72, 0x8000000000000000, 0x8000400000008000) io_uring_setup$auto(0x6, 0x0) timerfd_create$auto(0x9, 0xfffffffd) 2.261015259s ago: executing program 4 (id=3192): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000380), r0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000c40), r2) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r2, &(0x7f0000001d40)={0x0, 0x0, &(0x7f0000001d00)={&(0x7f0000000340)={0x38, r3, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_MRU={0x6, 0x9, 0x9}, @OVS_PACKET_ATTR_ACTIONS={0x4}, @OVS_PACKET_ATTR_KEY={0x4}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "f80378e3f0cd5b806905f038a814"}]}, 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x80000) (async) madvise$auto(0x0, 0xffffffffffff0004, 0x19) madvise$auto(0x0, 0x80000001, 0x8) (async) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) (async) r4 = socket(0x11, 0x80003, 0x300) sysfs$auto(0x4, 0x8, 0xe) (async) setsockopt$auto(r4, 0x107, 0x12, 0x0, 0x4) sendmsg$auto_MACSEC_CMD_UPD_OFFLOAD(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)={0x84, r1, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@MACSEC_ATTR_OFFLOAD={0x4}, @MACSEC_ATTR_RXSC_CONFIG={0x69, 0x2, "598b01fc92e919d6b15977bd899093aa25badd59f1ca6850f67b7e73ba66ae4e916862c2df59c4fc61f8d4509d2af8907fe8af088469729ea950bdd9e1a30494e0427c01248198c59b46a722d20a121a136a8474ba613330e296a66b548a1e2e251219245d"}]}, 0x84}, 0x1, 0x0, 0x0, 0x4000001}, 0x40080) 1.703706154s ago: executing program 3 (id=3194): open(&(0x7f0000000000)='./file0\x00', 0x7ffd, 0x10c) socket(0xf, 0x3, 0x2) bpf$auto(0x0, &(0x7f0000000100)=@link_create={@prog_fd=0x1, @target_fd=0xa, 0x3, 0x8, @perf_event={0x95}}, 0xfbf) clock_nanosleep$auto(0x5, 0xc, &(0x7f0000000040)={0x3, 0x9}, &(0x7f0000000080)={0x3, 0x8}) bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) 1.564957535s ago: executing program 4 (id=3195): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = open(&(0x7f0000000000)='./file0\x00', 0xa01c2, 0x84) socket(0xa, 0x5, 0x0) connect$auto(0x3, &(0x7f0000000080)={0xa, @sockaddr_1_1={"138a0bb65b60d0"}}, 0x52) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = gettid() readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x8}, 0x400) kill$auto(r1, 0x7) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r2 = socket(0x2b, 0x1, 0x1) setsockopt$auto(r2, 0x11e, 0x1, 0x0, 0x2) socket(0xa, 0x801, 0x106) socket(0xa, 0x2, 0x0) r3 = syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000080), r0) sendmsg$auto_THERMAL_GENL_CMD_CDEV_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r3, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@THERMAL_GENL_ATTR_TZ_ID={0x8, 0x2, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000280)={'veth1\x00', 0x0}) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r5, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000000)={0x2c, r6, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x1}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r7}, @NETDEV_A_QUEUE_ID={0x8, 0x1, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x22048814) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) socket(0xa, 0x801, 0x106) setreuid$auto(0x0, 0x20000000004) setsockopt$auto(0x3, 0x1, 0x24, 0x0, 0x9) socket(0xa, 0x801, 0x100) getsockopt$auto(0x6, 0x11e, 0x1, 0xfffffffffffffffe, 0x0) read$auto(r0, 0x0, 0x80000001) 1.564812352s ago: executing program 9 (id=3196): unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) ioctl$auto(0xffffffffffffffff, 0x400454d9, 0x5c8c) mlockall$auto(0x7) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x4d, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020019, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlockall$auto(0x4) r0 = socket$nl_generic(0x10, 0x3, 0x10) memfd_create$auto(&(0x7f0000000000)='!\x00', 0x16) mmap$auto(0x3, 0x2020009, 0x4, 0xebf, 0xfffffffffffffffa, 0x400000008000) alarm$auto(0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x80000001, 0x8) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, 0x0, 0x48000) r1 = open$dir(&(0x7f0000000040)='./file1\x00', 0x200, 0x0) fanotify_mark$auto(0x0, 0x11, 0x9, r1, 0x0) io_cancel$auto(0x10, &(0x7f0000000080)={0x6, 0x8, 0x8, 0x1, 0x2, r0, 0x80, 0x6, 0x6040, 0x0, 0x4, r0}, &(0x7f00000000c0)={0x9, 0xb9, 0x0, 0x4}) linkat$auto(r1, &(0x7f0000000040)='./file0\x00', r2, &(0x7f0000000100)='./file0\x00', 0x81) writev$auto(0x5, &(0x7f0000000540)={0x0, 0x1}, 0x7) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x48000) pipe2$auto(0x0, 0x80) r3 = gettid() tkill$auto(r3, 0x7) 1.514751761s ago: executing program 8 (id=3197): close_range$auto(0x7, 0xfffffffffffffff8, 0x2) socket(0x840000000002, 0x3, 0xff) socket(0xa, 0x2, 0x0) socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x6, 0x4000000000df, 0xeb1, 0x400, 0x8000) socket(0x2, 0x3, 0x1) statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0) ioctl$auto(0x3, 0x8912, 0x46) close_range$auto(0x0, 0xfffffffffffff000, 0x2) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="ac010600", @ANYBLOB="1e00df"], 0x1ac}}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4044000}, 0x800) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2) socket(0xa, 0x2, 0x0) socket(0x21, 0x2, 0xa) sendmmsg$auto(0x2, &(0x7f0000000240)={{0x0, 0x6, &(0x7f00000001c0)={0x0, 0x10}, 0x2, &(0x7f0000000200), 0xd8, 0xfff}, 0x2}, 0x5, 0xfe64) socket(0x2, 0x801, 0x84) socket(0xa, 0x3, 0x6) getsockopt$auto(0x3, 0xff, 0x99, 0xfffffffffffffffe, 0xfffffffffffffffd) listen$auto(0x3, 0x9) sendfile$auto(0x1, 0x3, 0x0, 0xc01) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB=','], 0x1ac}}, 0x40000) epoll_create$auto(0x4f4f) 1.466008121s ago: executing program 3 (id=3198): r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x10100, 0x30, 0x5}, 0x18) pipe2$auto(&(0x7f0000000080)=r0, 0x6) timerfd_settime$auto(r1, 0xb1, &(0x7f00000000c0)={{0x2, 0x2}, {0x8, 0x8d10}}, &(0x7f0000000100)={{0x0, 0xbb5}, {0x9, 0x729c}}) select$auto(0x8, &(0x7f0000000140)={[0xf, 0x8, 0x2, 0x9, 0x1, 0x6, 0x8001, 0x9, 0x3, 0xf13, 0xb1, 0x1000, 0x4, 0x0, 0x2]}, &(0x7f00000001c0)={[0xf, 0x0, 0x6, 0x24d5f97f, 0x5, 0xfffffffffffffffc, 0x100000000, 0x80000001, 0x44d6, 0x4, 0x2, 0xe579, 0x4, 0x8, 0x10001, 0x5]}, &(0x7f0000000240)={[0x0, 0x0, 0x4, 0x2, 0x1ff, 0x4, 0x1, 0x35e9, 0x1, 0x5, 0xffffffffffffffff, 0x9, 0x3, 0x0, 0xd93d, 0x37a]}, &(0x7f00000002c0)={0x9, 0x401}) unshare$auto(0x8) syz_clone3(&(0x7f0000001440)={0xa080000, &(0x7f0000000300)=0xffffffffffffffff, &(0x7f0000000340)=0x0, &(0x7f0000000380), {0x14}, &(0x7f00000003c0)=""/6, 0x6, &(0x7f0000000400)=""/4096, &(0x7f0000001400)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2, {r1}}, 0x58) listen$auto(r2, 0x9) r4 = syz_genetlink_get_family_id$auto_TIPCv2(&(0x7f0000001500), r1) sendmsg$auto_TIPC_NL_PEER_REMOVE(r1, &(0x7f0000001980)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001940)={&(0x7f0000001540)={0x3f8, r4, 0xa24, 0x70bd29, 0x25dfdbfe, {}, [@TIPC_NLA_PUBL={0x7a, 0x3, "e4220807fdbbd00c81850b2f78e6ec848bfdb9875bb4a8fbd43b7b7f907341b101d44fc1906befd630c906a39fa02386deb775e370335df3b94a79644d94ba7c1f3f07c410184b7f67f4b0bb72b13ebc72fe0deb74984ee6616f89ebe35e0d190ede46426d7bcba2a28a88191e186fdff0606bbdbe70"}, @TIPC_NLA_UNSPEC={0x4e, 0x0, "c73c6ca120c2872c8e7772739763e03353583a26c87b35acce57c7781677764c175ace8e4e2c9b868606835d190c5930df8bc63db205c1ee669e501a6921ec28f2ce9ddc3f7935ed35f3"}, @TIPC_NLA_PUBL={0x98, 0x3, "c8cf04733321466421071369c2c6c821ed4f3f21f871b6e55b52b61ca48d6e1766ec86f11e29dbf1c60cbecebed26f15affecb8bcc6cf1d3ca32e161ed81a4c3102a79e3e810b2d99e6375b4f53f9f2005d7aa6343c84f8cd4e75967102fdb2572a9df033c7eb8e93675fe77c85e0365ac774a09ae6b70e72d494b5496847975b522cc6393d16b2c1ef13133af4571cd2c93a368"}, @TIPC_NLA_UNSPEC={0xa1, 0x0, "9a67c9f8641fa8a4a6343dad05662f1bfa401dc5f24ee1e75778a049e075e407454a0ba6e1928e995ae94b9f6a589345451bb28f6c759916a43fc79882a3bd8c42b8fb35502aea67cfb3cbc4f5870e9f52f9e2d923029a55ad70e947be3283ff2a256a2ffb2c05692707ed711764fa63eaa2eb45252a66fdd60fb774e9270de2e2deb8c4d5e2aa8a4b1972f911e247a6b6b1ba054518f21e9491f804f2"}, @TIPC_NLA_BEARER={0xe7, 0x1, "9d6bb8a133646dda5f734b4edaec56e10d9f9d3224ddba45440fd1450f8bf8bc27401f07d33e59ab79ad69ae2a21522e3f54fee59f092b83177bc227b29f3f3c7ddbf54c31477714dd4a11acf4532acb5edcc2d9e898b0859cd969e8eefdb3b9bb74eab418172e66a849b95e50986ea24577f492ea56a7088d6f95d11ff22a0a236891ee046e3630152c50a941fafe95840b2f2748157a2953637a71dec4ad0f624ade27d7d2173dd583f63b0c72a42784213389f880de9212076203d941f4846af3411b09359dd155047da216f355b2c17ac268710b47c9749ea6dc6dd78106cc7979"}, @TIPC_NLA_NODE={0xf1, 0x6, "20b87fd55bf9552f10ec3d781899460e8098e8cb03d0be143624a3b85b4797b9f358fbeebf4a2ccfc65d863e0fa3e60f4da93fe95400b66ca2686c369711db8ba931d959794ebf84482e6f47f537cb625f08bc6447c6e09c56bbea6c9127555e0841cfe5815e12ab938af317bd13e306b114438d5641ab6f22ecec52cc81c0387678cc5da2f2f358dc7ac15f7c5af7b5341da0b8b8a99d7e6aea9e72ed9325c076a50bd096ba890d881509380e1da1a0fc5a99f49691820ff9c052f3aba94c947f816ca31274f380307672ca3fc1d89b7f2b93d6733c9d8ba4c9d82f2cbe8b9779377efd195eb976b8d4297382"}]}, 0x3f8}, 0x1, 0x0, 0x0, 0x840}, 0x40800) utimes$auto(&(0x7f00000019c0)='./file0\x00', &(0x7f0000001a00)={0x43c7, 0x5}) r5 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001a80), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001ac0)={'veth0_macvtap\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001b00)={'syz_tun\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001b40)={'nicvf0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001b80)={'veth1_vlan\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000001bc0)={'veth0_to_bond\x00', 0x0}) sendmsg$auto_NETDEV_CMD_DEV_GET(r1, &(0x7f0000001cc0)={&(0x7f0000001a40)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000001c80)={&(0x7f0000001c00)={0x54, r5, 0x8, 0x70bd26, 0x25dfdbff, {}, [@NETDEV_A_DEV_IFINDEX={0x8}, @NETDEV_A_DEV_IFINDEX={0x8, 0x1, r6}, @NETDEV_A_DEV_IFINDEX={0x8, 0x1, r7}, @NETDEV_A_DEV_IFINDEX={0x8}, @NETDEV_A_DEV_IFINDEX={0x8, 0x1, r8}, @NETDEV_A_DEV_IFINDEX={0x8, 0x1, r9}, @NETDEV_A_DEV_IFINDEX={0x8, 0x1, r10}, @NETDEV_A_DEV_IFINDEX={0x8}]}, 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x881) timer_settime$auto(0x4, 0x8, &(0x7f0000001d00)={{0x3, 0x100}, {0x6f01, 0x9}}, &(0x7f0000001d40)={{0x7f, 0xb772}, {0x1, 0x3582}}) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001f80)={&(0x7f0000001d80)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001f40)={&(0x7f0000001dc0)={0x154, 0x0, 0x100, 0x70bd2c, 0x25dfdbfc, {}, [@HWSIM_ATTR_ADDR_TRANSMITTER={0xa8, 0x2, "6ad154a776b0742e71b343d4160149580235c6944320a0b696a5fa1d34c1daea73cdfc6ba7c00191e943319aa4f1b3788aa8dbe89c6f01e31500a514e36262e72a4337838b33addb468f88ea833fae67bc1bcff3cfb3e15283d909227ecbeef7ec03659429ac01f636a42ecad0114cbe25756b6369bc9dc9c5135c4a230ce22b440ce4f15c9f3ef69733d6e294ecff1ea9a1c2fcf6c2a0391bec2ab1310b3711e0e6b44b"}, @HWSIM_ATTR_FLAGS={0x8, 0x4, 0xc}, @HWSIM_ATTR_CIPHER_SUPPORT={0x8d, 0x18, "1929cc1ae22225c3191cd2c334292417b941e698a25df404418018b21220927755719c1b9782d8e9bf0a714da65c85d6ab657d5877ef4a765a3ffc47289828dc433ee590733e6ebc054ed2e642897619decd83c2f51bc7e334bb1ed5b196b6b2e20d3fab69369aedb52dd2c4a92a7a55ea3098f9dbabcf7546308da198b9cb12691c080eba75837876"}]}, 0x154}, 0x1, 0x0, 0x0, 0x40005}, 0x11) syz_clone3(&(0x7f00000031c0)={0x10108100, &(0x7f0000001fc0)=0xffffffffffffffff, &(0x7f0000002000), &(0x7f0000002040), {0x31}, &(0x7f0000002080)=""/220, 0xdc, &(0x7f0000002180)=""/4096, &(0x7f0000003180)=[r3], 0x1, {r1}}, 0x58) listen$auto(r11, 0x9) mprotect$auto(0xacc7, 0xa7bd, 0x8) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000003240)={'bond_slave_0\x00'}) r12 = syz_genetlink_get_family_id$auto_802_15_4_MAC(&(0x7f00000032c0), r1) sendmsg$auto_IEEE802154_ASSOCIATE_RESP(r1, &(0x7f00000033c0)={&(0x7f0000003280)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000003380)={&(0x7f0000003300)={0x54, r12, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEST_SHORT_ADDR={0x6}, @IEEE802154_ATTR_SF_ORD={0x5, 0x18, 0x1}, @IEEE802154_ATTR_BCN_ORD={0x5, 0x17, 0x8}, @IEEE802154_ATTR_DEV_NAME={0x14, 0x1, 'team_slave_0\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, 0xffffffff80000001}, @IEEE802154_ATTR_LLSEC_ENABLED={0x5, 0x29, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x81}, 0x8010) syz_clone3(0xfffffffffffffffc, 0x0) set_mempolicy$auto(0x5, &(0x7f0000003400)=0x100000000, 0xb3) unshare$auto(0x3) r13 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_COALESCE(r13, &(0x7f0000003600)={&(0x7f0000003440)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000035c0)={&(0x7f00000034c0)={0xf8, 0x0, 0x800, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_KEY={0x67, 0x50, "80c0eb4356c816418c9dfe8278f9a5953ce2217ecbe4d3ee4e3d2d042ccc81c725335b38fbc860b752f412159575e66c74961d4de05650e08411610eaf446f321f2b2d7804b7969ac9086318e1616da5e64ca012bcd7dfb671d86643d89231999b615b"}, @NL80211_ATTR_PBSS={0x4}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, 0x8}, @NL80211_ATTR_SCAN_SUPP_RATES={0x6a, 0x7d, "07ef76eb1aece56d99617aba7a3ccb6e6012244bc1b0343b14aa1fb59c3e29fc833df5fc260608f96fd07a661636168fcdccfb6579bd629d6a0b7aab9ee1fd60220ddf0ab3992d1ab77f018bec78ce4e37114ffaff9f56a4a8152f58806881ab7ee6d5281e3a"}, @NL80211_ATTR_DISABLE_EHT={0x4}]}, 0xf8}, 0x1, 0x0, 0x0, 0x800}, 0x10) 1.051878195s ago: executing program 3 (id=3199): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002800), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f0000002840)={0x14, r1, 0x1, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x14) (fail_nth: 1) 921.498039ms ago: executing program 8 (id=3200): socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x5, 0x3, 0x2, &(0x7f0000000000)=0x7fffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0xa, 0x3, 0x6) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) socket(0x1e, 0x5, 0x3) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x10001, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x11, 0x80003, 0x300) io_uring_setup$auto(0x6, 0x0) open(0x0, 0xa240, 0x15e) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) eventfd$auto(0x3) setsockopt$auto(r0, 0x107, 0x14, 0x0, 0x4) pipe2$auto(&(0x7f0000000140)=0x2, 0x800) sendto$auto(0x3, 0x0, 0x18, 0x101, &(0x7f0000000140)={0x2, @sockaddr_1_1}, 0x1c) setsockopt$auto(0x3, 0x10000000084, 0x17, 0x0, 0x3ff) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002800), r1) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) 501.027389ms ago: executing program 3 (id=3201): mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) socket(0x1e, 0x1, 0x0) socket(0x10, 0x2, 0x0) memfd_create$auto(&(0x7f0000000000)='\xc4--:\xdd:,./-${\x00', 0x4) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x100) socket(0x2a, 0x2, 0x6) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x3}, 0xed7138c}, 0x7, 0x0) socket(0xa, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) eventfd$auto(0x3) r2 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r2, @new_prog_fd=0x4, 0x4, @old_map_fd=r1}, 0xa3) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x2, 0x8000) capget$auto(0x0, &(0x7f0000000140)={0x8, 0xfff, 0xe2}) 287.186503ms ago: executing program 3 (id=3202): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000002500), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, r3, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80) r4 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_DEL(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x7400, 0x20040011}, 0x20000000) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000500)={'gretap0\x00', 0x0}) socket(0xa, 0x23af690fef30229, 0x9) sendmsg$auto_OVS_DP_CMD_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x28, r1, 0x5, 0x70bd29, 0x25dfdbfc, {}, [@OVS_DP_ATTR_IFINDEX={0x8, 0x9, r7}, @OVS_DP_ATTR_NAME={0xb, 0x1, '.\x02:\xb6-$\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000c000}, 0x4000024) 171.960709ms ago: executing program 8 (id=3203): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r0 = syz_genetlink_get_family_id$auto_IPVS(&(0x7f0000000100), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_IPVS_CMD_GET_INFO(r1, &(0x7f0000001440)={0x0, 0x0, &(0x7f0000001400)={&(0x7f00000012c0)={0x14, r0, 0x401, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x4) fchdir$auto(r1) mlock$auto(0xfbe8, 0x4) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) 0s ago: executing program 3 (id=3204): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x3, 0x6) listen$auto(0x3, 0x81) ioperm$auto(0x1, 0x6, 0x2) openat$dir(0xffffffffffffff9c, 0x0, 0x2102, 0x11) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEC_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0xf8, r1, 0x1, 0x70bd29, 0x25dfdbff, {}, [@ETHTOOL_A_FEC_MODES={0xb1, 0x2, "2c78bbd486144602543afaeb48d47db230b6fccb9f80b12beea70a54c3483404b46defc5a6c58345e6c94e7db5b8ab5f5221193805b2ef79d3446602cfc96a7d1658196a32c8dd8df733ce0a63af950057b5c92dc5f5b4999bb85648256f90341a3b7337d7f730259c684b365df552f8adf3c94f9bda3ce361db0a26c6f35395b710a25d8eb22e1727e6d0b07c5aeceae60bc34f49c784c0ebeebf540cb0452b506f03373588ee9395ea65b508"}, @ETHTOOL_A_FEC_MODES={0x2d, 0x2, "3be8bb442d4da77fbd1c9d22056a193ed43e12dafea2be2deaca9fdc7232db838b4b0bfc8d0000008d"}]}, 0xf8}, 0x1, 0x0, 0x0, 0x4014}, 0x4800) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="2e00f5"], 0x1ac}}, 0x40000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) sendmsg$auto_NCSI_CMD_SET_PACKAGE_MASK(r2, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c004}, 0x40080c0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) pipe2$auto(0x0, 0x80) ioctl$auto(0x1, 0x5760, 0x100000101) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) syz_genetlink_get_family_id$auto_nl80211(0x0, r0) kernel console output (not intermixed with test programs): dump_page+0xfb/0x220 [ 477.457800][T14329] ? __pfx_get_dump_page+0x10/0x10 [ 477.462960][T14329] ? free_unref_page+0x6f5/0x1080 [ 477.468026][T14329] ? copy_mc_enhanced_fast_string+0xa/0x13 [ 477.473879][T14329] dump_user_range+0x135/0x8a0 [ 477.478696][T14329] ? __pfx_dump_user_range+0x10/0x10 [ 477.484018][T14329] ? elf_coredump_extra_notes_write+0xbe/0x430 [ 477.490221][T14329] ? __pfx_writenote+0x10/0x10 [ 477.495031][T14329] elf_core_dump+0x2766/0x3840 [ 477.499848][T14329] ? __pfx_elf_core_dump+0x10/0x10 [ 477.504995][T14329] ? kasan_save_stack+0x42/0x60 [ 477.509880][T14329] ? kasan_save_stack+0x33/0x60 [ 477.514771][T14329] ? __kasan_kmalloc+0xaa/0xb0 [ 477.519563][T14329] ? __kmalloc_node_noprof+0x211/0x440 [ 477.525056][T14329] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 477.530552][T14329] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 477.536472][T14329] ? asm_exc_page_fault+0x26/0x30 [ 477.541579][T14329] ? rcu_is_watching+0x12/0xc0 [ 477.546375][T14329] ? trace_lock_acquire+0x14a/0x1d0 [ 477.551601][T14329] ? get_signal+0x237c/0x26d0 [ 477.556315][T14329] ? do_coredump+0x2c42/0x4160 [ 477.561111][T14329] do_coredump+0x2c42/0x4160 [ 477.565749][T14329] ? __pfx_do_coredump+0x10/0x10 [ 477.570722][T14329] ? kmem_cache_free+0x152/0x4b0 [ 477.575695][T14329] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 477.581615][T14329] ? asm_exc_page_fault+0x26/0x30 [ 477.586739][T14329] get_signal+0x237c/0x26d0 [ 477.591282][T14329] ? force_sig_fault+0xad/0xf0 [ 477.596076][T14329] ? __pfx_get_signal+0x10/0x10 [ 477.600973][T14329] arch_do_signal_or_restart+0x90/0x7e0 [ 477.606556][T14329] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 477.612746][T14329] ? __bad_area_nosemaphore+0x334/0x6a0 [ 477.618340][T14329] ? do_user_addr_fault+0x920/0x13f0 [ 477.623670][T14329] irqentry_exit_to_user_mode+0x13f/0x280 [ 477.629422][T14329] asm_exc_page_fault+0x26/0x30 [ 477.634308][T14329] RIP: 0033:0x401000 [ 477.638230][T14329] Code: Unable to access opcode bytes at 0x400fd6. [ 477.644740][T14329] RSP: 002b:000000000000000a EFLAGS: 00010282 [ 477.650834][T14329] RAX: 0000000000000003 RBX: 00007fc1e4735f80 RCX: 00007fc1e457e719 [ 477.658830][T14329] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000002020003b46 [ 477.666822][T14329] RBP: 00007fc1e45f175e R08: 8000000000000001 R09: 0000000000000000 [ 477.674817][T14329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 477.682818][T14329] R13: 0000000000000000 R14: 00007fc1e4735f80 R15: 00007fff34579428 [ 477.690830][T14329] [ 478.095728][ T5846] Bluetooth: hci3: command 0x0406 tx timeout [ 478.278500][T14398] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1935'. [ 481.483007][T14447] net_ratelimit: 1 callbacks suppressed [ 481.483027][T14447] netlink: zone id is out of range [ 481.538203][T14447] netlink: zone id is out of range [ 481.543359][T14447] netlink: zone id is out of range [ 481.608160][T14447] netlink: zone id is out of range [ 481.655321][T14447] netlink: zone id is out of range [ 481.694218][T14447] netlink: zone id is out of range [ 481.699430][T14447] netlink: zone id is out of range [ 481.717623][T14447] netlink: zone id is out of range [ 481.753154][T14447] netlink: zone id is out of range [ 481.779008][T14447] netlink: set zone limit has 4 unknown bytes [ 485.104464][T14547] kernel read not supported for file /#)-\&[} (pid: 14547 comm: syz.4.1976) [ 485.156488][ T29] audit: type=1800 audit(8277262651.919:8): pid=14547 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1976" name="#)-\&[}" dev="mqueue" ino=45445 res=0 errno=0 [ 488.994465][T14642] svc: failed to register nfsdv3 RPC service (errno 111). [ 489.042923][T14642] svc: failed to register nfsaclv3 RPC service (errno 111). [ 489.066536][T14636] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2005'. [ 489.125177][T14636] veth0_macvtap: left promiscuous mode [ 489.134447][T14636] macvtap0: entered promiscuous mode [ 489.139779][T14636] macvtap0: entered allmulticast mode [ 490.038875][T14658] HSR: entered promiscuous mode [ 495.632374][T14783] netlink: 2 bytes leftover after parsing attributes in process `syz.4.2045'. [ 495.804368][T14787] nbd: must specify at least one socket [ 497.670738][ T29] audit: type=1326 audit(8277262664.419:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.5.2057" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f20c337e719 code=0x0 [ 501.600255][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.606760][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.722578][ T29] audit: type=1326 audit(8277262669.479:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14901 comm="syz.4.2077" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc1e457e719 code=0x0 [ 504.777413][T14939] svc: failed to register nfsdv3 RPC service (errno 111). [ 504.825347][T14939] svc: failed to register nfsaclv3 RPC service (errno 111). [ 505.628452][T14944] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2088'. [ 507.269802][T14967] HfR: entered promiscuous mode [ 507.311265][T14967] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2096'. [ 507.354227][T14967] HfR: left promiscuous mode [ 508.544407][T14996] bridge0: port 3(syz_tun) entered blocking state [ 508.564298][T14996] bridge0: port 3(syz_tun) entered disabled state [ 508.575127][T14996] syz_tun: entered allmulticast mode [ 508.582928][T14996] syz_tun: entered promiscuous mode [ 508.617126][T14996] bridge0: port 3(syz_tun) entered blocking state [ 508.623642][T14996] bridge0: port 3(syz_tun) entered forwarding state [ 509.021003][ T8297] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 509.297526][ T8297] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 509.430829][ T8297] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 509.752359][ T8297] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 510.237726][ T8297] bridge_slave_1: left allmulticast mode [ 510.243426][ T8297] bridge_slave_1: left promiscuous mode [ 510.274312][ T8297] bridge0: port 2(bridge_slave_1) entered disabled state [ 510.345797][ T8297] bridge_slave_0: left allmulticast mode [ 510.353071][ T8297] bridge_slave_0: left promiscuous mode [ 510.363308][ T8297] bridge0: port 1(bridge_slave_0) entered disabled state [ 511.044458][T15054] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 511.064192][T15054] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 511.072325][T15054] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 511.085354][T15054] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 511.092956][T15054] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 511.100607][T15054] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 511.414820][T15059] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 512.234646][ T8297] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 512.345401][ T8297] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 512.411710][ T8297] bond0 (unregistering): Released all slaves [ 512.615260][ T8297] HfR: left promiscuous mode [ 512.837296][ T8297] HSR: left promiscuous mode [ 513.010704][T15104] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2128'. [ 513.060834][T15098] HfR: entered promiscuous mode [ 513.100485][T15104] HfR: left promiscuous mode [ 513.214155][T15054] Bluetooth: hci2: command tx timeout [ 513.657199][T15052] chnl_net:caif_netlink_parms(): no params data found [ 514.358488][T15052] bridge0: port 1(bridge_slave_0) entered blocking state [ 514.373225][T15052] bridge0: port 1(bridge_slave_0) entered disabled state [ 514.402607][T15052] bridge_slave_0: entered allmulticast mode [ 514.418124][T15052] bridge_slave_0: entered promiscuous mode [ 514.443087][T15052] bridge0: port 2(bridge_slave_1) entered blocking state [ 514.461128][T15052] bridge0: port 2(bridge_slave_1) entered disabled state [ 514.478499][T15052] bridge_slave_1: entered allmulticast mode [ 514.493171][T15052] bridge_slave_1: entered promiscuous mode [ 515.274216][T15054] Bluetooth: hci2: command tx timeout [ 515.523379][T15052] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 515.559492][T15052] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 515.700502][T15201] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2139'. [ 515.729279][ T8297] hsr_slave_0: left promiscuous mode [ 515.744896][ T8297] hsr_slave_1: left promiscuous mode [ 515.772450][ T8297] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 515.804216][ T8297] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 515.854964][ T8297] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 515.862388][ T8297] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 515.948299][ T8297] veth1_macvtap: left promiscuous mode [ 515.982241][ T8297] veth0_macvtap: left promiscuous mode [ 515.995017][ T8297] veth1_vlan: left promiscuous mode [ 516.000357][ T8297] veth0_vlan: left promiscuous mode [ 517.364334][T15054] Bluetooth: hci2: command tx timeout [ 518.305154][ T8297] team0 (unregistering): Port device team_slave_1 removed [ 518.425204][ T8297] team0 (unregistering): Port device team_slave_0 removed [ 519.404257][T15200] HfR: entered promiscuous mode [ 519.421423][T15052] team0: Port device team_slave_0 added [ 519.434184][T15054] Bluetooth: hci2: command tx timeout [ 519.515400][T15052] team0: Port device team_slave_1 added [ 519.521315][T15201] HfR: left promiscuous mode [ 519.675876][T15052] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 519.682860][T15052] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 519.774314][T15052] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 519.826437][T15052] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 519.872325][T15052] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 519.968247][T15052] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 520.106399][T15052] hsr_slave_0: entered promiscuous mode [ 520.121322][T15052] hsr_slave_1: entered promiscuous mode [ 520.143665][T15052] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 520.153231][T15052] Cannot create hsr debugfs directory [ 520.540066][T15052] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 520.559200][T15052] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 520.573128][T15052] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 520.606480][T15052] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 520.744976][T15052] 8021q: adding VLAN 0 to HW filter on device bond0 [ 520.773816][T15052] 8021q: adding VLAN 0 to HW filter on device team0 [ 520.796286][ T8291] bridge0: port 1(bridge_slave_0) entered blocking state [ 520.803452][ T8291] bridge0: port 1(bridge_slave_0) entered forwarding state [ 520.846657][ T8302] bridge0: port 2(bridge_slave_1) entered blocking state [ 520.853770][ T8302] bridge0: port 2(bridge_slave_1) entered forwarding state [ 521.342079][T15052] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 521.740913][T15052] veth0_vlan: entered promiscuous mode [ 521.797398][T15052] veth1_vlan: entered promiscuous mode [ 521.857492][T15052] veth0_macvtap: entered promiscuous mode [ 521.892779][T15052] veth1_macvtap: entered promiscuous mode [ 521.923052][T15052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 521.949864][T15052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 521.960227][T15052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 521.977836][T15052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 521.990262][T15052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 522.013907][T15052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 522.024202][T15052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 522.034963][T15052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 522.046518][T15052] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 522.082938][T15052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 522.096364][T15052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 522.106639][T15052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 522.118083][T15052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 522.128930][T15052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 522.141430][T15052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 522.158859][T15052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 522.171955][T15052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 522.213730][T15052] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 522.269108][T15052] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 522.280980][T15052] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 522.317585][T15052] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 522.333168][T15052] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 522.455651][T15309] HfR: entered promiscuous mode [ 522.565087][T15309] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2153'. [ 522.606063][ T8285] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 522.619030][ T8285] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 522.744841][T15309] HfR: left promiscuous mode [ 522.873428][ T8305] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 522.910615][ T8305] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 526.144500][ T5847] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 526.180689][ T5847] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 526.192718][ T5847] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 526.202652][ T5847] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 526.211739][ T5847] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 526.254375][ T5847] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 526.777414][T15416] chnl_net:caif_netlink_parms(): no params data found [ 526.930544][T15425] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2171'. [ 527.876713][ T8297] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 528.000448][T15416] bridge0: port 1(bridge_slave_0) entered blocking state [ 528.024256][T15416] bridge0: port 1(bridge_slave_0) entered disabled state [ 528.054368][T15416] bridge_slave_0: entered allmulticast mode [ 528.061478][T15416] bridge_slave_0: entered promiscuous mode [ 528.280380][ T8297] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 528.314444][ T5847] Bluetooth: hci4: command tx timeout [ 528.359947][T15416] bridge0: port 2(bridge_slave_1) entered blocking state [ 528.388341][T15416] bridge0: port 2(bridge_slave_1) entered disabled state [ 528.431069][T15416] bridge_slave_1: entered allmulticast mode [ 528.455080][T15416] bridge_slave_1: entered promiscuous mode [ 529.026339][T15462] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2176'. [ 529.077598][ T8297] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 529.201231][T15460] HfR: entered promiscuous mode [ 529.231302][T15462] HfR: left promiscuous mode [ 529.276629][ T5847] Bluetooth: hci1: command 0x0406 tx timeout [ 529.290428][T15416] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 529.334193][T15416] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 529.504816][ T8297] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 529.740529][T15416] team0: Port device team_slave_0 added [ 529.760492][T15416] team0: Port device team_slave_1 added [ 530.125851][T15416] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 530.132839][T15416] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 530.185707][T15416] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 530.387087][T15416] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 530.395957][T15054] Bluetooth: hci4: command tx timeout [ 530.430310][T15416] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 530.544183][T15416] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 530.860659][T15416] hsr_slave_0: entered promiscuous mode [ 530.873036][T15416] hsr_slave_1: entered promiscuous mode [ 530.906746][T15416] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 530.924190][T15416] Cannot create hsr debugfs directory [ 530.939396][ T8297] bridge_slave_1: left allmulticast mode [ 530.945952][ T8297] bridge_slave_1: left promiscuous mode [ 530.964337][ T8297] bridge0: port 2(bridge_slave_1) entered disabled state [ 531.021011][ T8297] bridge_slave_0: left allmulticast mode [ 531.026869][ T8297] bridge_slave_0: left promiscuous mode [ 531.032585][ T8297] bridge0: port 1(bridge_slave_0) entered disabled state [ 531.674984][ T8297] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 531.697968][ T8297] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 531.729035][ T8297] bond0 (unregistering): Released all slaves [ 532.474662][T15054] Bluetooth: hci4: command tx timeout [ 532.912997][T15497] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2182'. [ 532.963115][T15497] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2182'. [ 533.943204][ T8297] hsr_slave_0: left promiscuous mode [ 533.953488][ T8297] hsr_slave_1: left promiscuous mode [ 533.973038][ T8297] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 533.999450][ T8297] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 534.031741][ T8297] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 534.064260][ T8297] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 534.134537][ T8297] veth1_macvtap: left promiscuous mode [ 534.140221][ T8297] veth1_vlan: left promiscuous mode [ 534.166077][ T8297] veth0_vlan: left promiscuous mode [ 534.564269][T15054] Bluetooth: hci4: command tx timeout [ 535.366180][ T8297] team0 (unregistering): Port device team_slave_1 removed [ 535.439854][ T8297] team0 (unregistering): Port device team_slave_0 removed [ 536.454897][T15416] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 536.486826][T15416] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 536.507952][T15416] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 536.591782][T15416] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 536.622723][T15573] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2197'. [ 536.847692][T15416] 8021q: adding VLAN 0 to HW filter on device bond0 [ 536.897839][T15416] 8021q: adding VLAN 0 to HW filter on device team0 [ 536.928077][ T8289] bridge0: port 1(bridge_slave_0) entered blocking state [ 536.935229][ T8289] bridge0: port 1(bridge_slave_0) entered forwarding state [ 536.955561][ T8289] bridge0: port 2(bridge_slave_1) entered blocking state [ 536.962681][ T8289] bridge0: port 2(bridge_slave_1) entered forwarding state [ 537.133822][T15416] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 537.161876][T15416] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 537.949780][T15416] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 538.058197][T15416] veth0_vlan: entered promiscuous mode [ 538.102833][T15416] veth1_vlan: entered promiscuous mode [ 538.197991][T15416] veth0_macvtap: entered promiscuous mode [ 538.232102][T15416] veth1_macvtap: entered promiscuous mode [ 538.290426][T15416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 538.313962][T15416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 538.366637][T15416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 538.402414][T15416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 538.439172][T15416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 538.471321][T15416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 538.502289][T15416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 538.519008][T15416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 538.545583][T15416] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 538.576716][T15416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 538.595147][T15416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 538.614120][T15416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 538.644207][T15416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 538.654040][T15416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 538.704562][T15416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 538.738502][T15416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 538.778508][T15416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 538.813673][T15416] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 538.851276][T15416] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 538.880504][T15416] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 538.909848][T15416] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 538.959332][T15416] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 539.152056][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 539.174850][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 539.288480][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 539.331089][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 541.222760][T15685] bridge0: port 4(netdevsim0) entered blocking state [ 541.236454][T15685] bridge0: port 4(netdevsim0) entered disabled state [ 541.253824][T15685] netdevsim netdevsim5 netdevsim0: entered allmulticast mode [ 541.265435][T15685] netdevsim netdevsim5 netdevsim0: entered promiscuous mode [ 541.297049][T15690] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2211'. [ 541.314635][T15685] bridge0: port 4(netdevsim0) entered blocking state [ 541.321444][T15685] bridge0: port 4(netdevsim0) entered forwarding state [ 541.396197][T15686] HSR: entered promiscuous mode [ 544.047380][T15780] ptrace attach of "./syz-executor exec"[15416] was attempted by "./syz-executor exec"[15780] [ 545.859718][T15851] netlink: 'syz.0.2235': attribute type 11 has an invalid length. [ 546.191257][T15867] nfsd: Unknown parameter 'ÿiÏ ¨]*Ý' [ 546.400989][T15878] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2240'. [ 546.431978][T15878] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2240'. [ 546.598986][T15878] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2240'. [ 549.924803][T15962] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2256'. [ 549.962680][T15947] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2256'. [ 551.429197][T16004] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2267'. [ 552.498553][T16011] delete_channel: no stack [ 555.310186][T16079] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2288'. [ 555.385523][T16076] netlink: 'syz.5.2288': attribute type 11 has an invalid length. [ 555.618667][T16077] bridge0: port 3(netdevsim0) entered blocking state [ 555.648054][T16077] bridge0: port 3(netdevsim0) entered disabled state [ 555.668398][T16077] netdevsim netdevsim6 netdevsim0: entered allmulticast mode [ 555.735745][T16077] netdevsim netdevsim6 netdevsim0: entered promiscuous mode [ 555.752987][T16077] bridge0: port 3(netdevsim0) entered blocking state [ 555.759859][T16077] bridge0: port 3(netdevsim0) entered forwarding state [ 557.210453][T16140] HfR: entered promiscuous mode [ 557.261645][T16140] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2305'. [ 557.276500][T16140] HfR: left promiscuous mode [ 557.850938][T16166] netlink: 'syz.6.2314': attribute type 1 has an invalid length. [ 558.599082][T16198] FAULT_INJECTION: forcing a failure. [ 558.599082][T16198] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 558.612408][T16198] CPU: 0 UID: 0 PID: 16198 Comm: syz.6.2326 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 558.623203][T16198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 558.633281][T16198] Call Trace: [ 558.636575][T16198] [ 558.639521][T16198] dump_stack_lvl+0x16c/0x1f0 [ 558.644229][T16198] should_fail_ex+0x497/0x5b0 [ 558.648942][T16198] _copy_from_user+0x2e/0xd0 [ 558.653567][T16198] do_ipv6_setsockopt+0x99f/0x4800 [ 558.658739][T16198] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 558.664325][T16198] ? __pfx___lock_acquire+0x10/0x10 [ 558.669562][T16198] ? hlock_class+0x4e/0x130 [ 558.674108][T16198] ? __pfx___might_resched+0x10/0x10 [ 558.679409][T16198] ? __pfx___lock_acquire+0x10/0x10 [ 558.684646][T16198] ? aa_sk_perm+0x2f5/0xb20 [ 558.689186][T16198] ? __pfx_aa_sk_perm+0x10/0x10 [ 558.694073][T16198] ? ipv6_setsockopt+0xcb/0x170 [ 558.698950][T16198] ? sock_common_setsockopt+0x2e/0xf0 [ 558.704355][T16198] ipv6_setsockopt+0xcb/0x170 [ 558.709068][T16198] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 558.714997][T16198] do_sock_setsockopt+0x222/0x480 [ 558.720047][T16198] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 558.725616][T16198] ? fdget+0x176/0x210 [ 558.729689][T16198] __sys_setsockopt+0x1a4/0x270 [ 558.734546][T16198] ? __pfx___sys_setsockopt+0x10/0x10 [ 558.739922][T16198] ? fput+0x30/0x390 [ 558.743829][T16198] ? ksys_write+0x1ad/0x260 [ 558.748334][T16198] ? __pfx_ksys_write+0x10/0x10 [ 558.753192][T16198] __x64_sys_setsockopt+0xbd/0x160 [ 558.758309][T16198] ? do_syscall_64+0x91/0x250 [ 558.762996][T16198] ? lockdep_hardirqs_on+0x7c/0x110 [ 558.768198][T16198] do_syscall_64+0xcd/0x250 [ 558.772710][T16198] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 558.778619][T16198] RIP: 0033:0x7f960057e719 [ 558.783034][T16198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 558.802641][T16198] RSP: 002b:00007f960133b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 558.811055][T16198] RAX: ffffffffffffffda RBX: 00007f9600735f80 RCX: 00007f960057e719 [ 558.819027][T16198] RDX: 000000000000001e RSI: 0000000000000029 RDI: 0000000000000003 [ 558.826998][T16198] RBP: 00007f960133b090 R08: 00000000000001ff R09: 0000000000000000 [ 558.834967][T16198] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 558.842935][T16198] R13: 0000000000000000 R14: 00007f9600735f80 R15: 00007ffe89096c48 [ 558.850917][T16198] [ 560.212983][T16240] FAULT_INJECTION: forcing a failure. [ 560.212983][T16240] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 560.227404][T16240] CPU: 1 UID: 0 PID: 16240 Comm: syz.0.2337 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 560.238211][T16240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 560.248286][T16240] Call Trace: [ 560.251584][T16240] [ 560.254536][T16240] dump_stack_lvl+0x16c/0x1f0 [ 560.259247][T16240] should_fail_ex+0x497/0x5b0 [ 560.263961][T16240] _copy_to_user+0x32/0xd0 [ 560.268417][T16240] simple_read_from_buffer+0xd0/0x160 [ 560.273833][T16240] proc_fail_nth_read+0x198/0x270 [ 560.278894][T16240] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 560.284478][T16240] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 560.290062][T16240] vfs_read+0x1df/0xbe0 [ 560.294253][T16240] ? __fget_files+0x23a/0x3f0 [ 560.298958][T16240] ? fdget_pos+0x24c/0x360 [ 560.303401][T16240] ? __pfx_lock_release+0x10/0x10 [ 560.308471][T16240] ? trace_lock_acquire+0x14a/0x1d0 [ 560.313702][T16240] ? __pfx_vfs_read+0x10/0x10 [ 560.318406][T16240] ? __pfx___mutex_lock+0x10/0x10 [ 560.323478][T16240] ? __fget_files+0x244/0x3f0 [ 560.328194][T16240] ksys_read+0x12f/0x260 [ 560.332468][T16240] ? __pfx_ksys_read+0x10/0x10 [ 560.337273][T16240] do_syscall_64+0xcd/0x250 [ 560.341808][T16240] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 560.347745][T16240] RIP: 0033:0x7f6f0eb7d15c [ 560.352182][T16240] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 560.371811][T16240] RSP: 002b:00007f6f0f90a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 560.380252][T16240] RAX: ffffffffffffffda RBX: 00007f6f0ed35f80 RCX: 00007f6f0eb7d15c [ 560.388247][T16240] RDX: 000000000000000f RSI: 00007f6f0f90a0a0 RDI: 0000000000000004 [ 560.396245][T16240] RBP: 00007f6f0f90a090 R08: 0000000000000000 R09: 0000000000000000 [ 560.404239][T16240] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 560.412235][T16240] R13: 0000000000000000 R14: 00007f6f0ed35f80 R15: 00007ffecb9da0e8 [ 560.420246][T16240] [ 562.897931][T16312] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2361'. [ 563.037242][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.043775][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.898825][T16342] netlink: 334 bytes leftover after parsing attributes in process `syz.6.2370'. [ 565.917275][T16440] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2397'. [ 569.251365][T16522] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2422'. [ 569.280862][T16522] HfR: entered promiscuous mode [ 569.515393][T16526] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2423'. [ 569.583171][T16058] bridge0: port 3(syz_tun) entered disabled state [ 569.659869][T16058] syz_tun (unregistering): left allmulticast mode [ 569.674278][T16058] syz_tun (unregistering): left promiscuous mode [ 569.680711][T16058] bridge0: port 3(syz_tun) entered disabled state [ 570.127307][ T8291] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 570.519053][ T8291] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 570.562067][ T5847] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 570.571215][ T5847] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 570.579485][ T5847] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 570.588916][ T5847] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 570.596618][ T5847] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 570.603964][ T5847] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 571.212326][ T8291] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 571.558659][ T8291] bridge0: port 4(netdevsim0) entered disabled state [ 571.701945][ T8291] netdevsim netdevsim5 netdevsim0 (unregistering): left allmulticast mode [ 571.720924][ T8291] netdevsim netdevsim5 netdevsim0 (unregistering): left promiscuous mode [ 571.753472][ T8291] bridge0: port 4(netdevsim0) entered disabled state [ 571.856114][ T8291] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 571.918532][T16567] Invalid ELF header magic: != ELF [ 572.280664][T16543] chnl_net:caif_netlink_parms(): no params data found [ 572.634540][ T5847] Bluetooth: hci0: command tx timeout [ 572.721891][ T8291] bridge_slave_1: left allmulticast mode [ 572.728108][ T8291] bridge_slave_1: left promiscuous mode [ 572.733827][ T8291] bridge0: port 2(bridge_slave_1) entered disabled state [ 572.873328][ T8291] bridge_slave_0: left allmulticast mode [ 572.880575][ T8291] bridge_slave_0: left promiscuous mode [ 572.887751][ T8291] bridge0: port 1(bridge_slave_0) entered disabled state [ 573.603882][ T8291] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 573.633354][ T8291] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 573.696150][ T8291] bond0 (unregistering): Released all slaves [ 574.504889][T16543] bridge0: port 1(bridge_slave_0) entered blocking state [ 574.529370][T16543] bridge0: port 1(bridge_slave_0) entered disabled state [ 574.546158][T16543] bridge_slave_0: entered allmulticast mode [ 574.553193][T16543] bridge_slave_0: entered promiscuous mode [ 574.589452][T16543] bridge0: port 2(bridge_slave_1) entered blocking state [ 574.604704][T16543] bridge0: port 2(bridge_slave_1) entered disabled state [ 574.622086][T16543] bridge_slave_1: entered allmulticast mode [ 574.630666][T16543] bridge_slave_1: entered promiscuous mode [ 574.716688][ T5847] Bluetooth: hci0: command tx timeout [ 574.729254][T16543] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 574.868259][T16543] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 575.309595][T16543] team0: Port device team_slave_0 added [ 575.358814][ T8291] hsr_slave_0: left promiscuous mode [ 575.371002][ T8291] hsr_slave_1: left promiscuous mode [ 575.383780][ T8291] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 575.402204][ T8291] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 575.427599][ T8291] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 575.444325][ T8291] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 575.496201][ T8291] veth1_macvtap: left promiscuous mode [ 575.501843][ T8291] veth1_vlan: left promiscuous mode [ 575.514335][ T8291] veth0_vlan: left promiscuous mode [ 575.652919][T16635] netlink: zone id is out of range [ 575.670590][T16635] netlink: zone id is out of range [ 575.701441][T16635] netlink: zone id is out of range [ 575.708878][T16635] netlink: zone id is out of range [ 575.730435][T16635] netlink: zone id is out of range [ 575.756546][T16635] netlink: zone id is out of range [ 575.778018][T16635] netlink: zone id is out of range [ 575.811311][T16635] netlink: zone id is out of range [ 576.169854][ T29] audit: type=1800 audit(4294967303.090:11): pid=16635 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.2446" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 576.313251][T16643] delete_channel: no stack [ 576.630002][ T8291] team0 (unregistering): Port device team_slave_1 removed [ 576.708043][ T8291] team0 (unregistering): Port device team_slave_0 removed [ 576.795196][ T5847] Bluetooth: hci0: command tx timeout [ 577.160276][T16543] team0: Port device team_slave_1 added [ 577.291092][T16543] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 577.313897][T16543] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 577.375786][T16543] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 577.401605][T16543] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 577.431387][T16543] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 577.471151][T16543] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 577.579454][T16676] FAULT_INJECTION: forcing a failure. [ 577.579454][T16676] name failslab, interval 1, probability 0, space 0, times 0 [ 577.598192][T16543] hsr_slave_0: entered promiscuous mode [ 577.601463][T16676] CPU: 0 UID: 0 PID: 16676 Comm: syz.4.2457 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 577.614527][T16676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 577.624607][T16676] Call Trace: [ 577.627902][T16676] [ 577.630853][T16676] dump_stack_lvl+0x16c/0x1f0 [ 577.635569][T16676] should_fail_ex+0x497/0x5b0 [ 577.640278][T16676] ? fs_reclaim_acquire+0xae/0x150 [ 577.645425][T16676] should_failslab+0xc2/0x120 [ 577.650140][T16676] __kmalloc_noprof+0xcb/0x410 [ 577.654947][T16676] copy_splice_read+0x1a8/0xb90 [ 577.659838][T16676] ? look_up_lock_class+0x59/0x150 [ 577.664979][T16676] ? __pfx_copy_splice_read+0x10/0x10 [ 577.670391][T16676] ? __pfx_register_lock_class+0x10/0x10 [ 577.676073][T16676] ? __pfx_copy_splice_read+0x10/0x10 [ 577.681477][T16676] do_splice_read+0x282/0x370 [ 577.686193][T16676] splice_direct_to_actor+0x2a4/0xa40 [ 577.691604][T16676] ? __pfx_direct_splice_actor+0x10/0x10 [ 577.697282][T16676] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 577.703214][T16676] ? __fget_files+0x23a/0x3f0 [ 577.707921][T16676] do_splice_direct+0x178/0x250 [ 577.712805][T16676] ? __pfx_do_splice_direct+0x10/0x10 [ 577.718213][T16676] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 577.724151][T16676] do_sendfile+0xb0c/0xe40 [ 577.728605][T16676] ? __pfx_do_sendfile+0x10/0x10 [ 577.733576][T16676] ? __fget_files+0x244/0x3f0 [ 577.738292][T16676] __x64_sys_sendfile64+0x1da/0x220 [ 577.743528][T16676] ? ksys_write+0x1ad/0x260 [ 577.748069][T16676] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 577.753833][T16676] do_syscall_64+0xcd/0x250 [ 577.758367][T16676] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 577.764302][T16676] RIP: 0033:0x7fc1e457e719 [ 577.768744][T16676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 577.788377][T16676] RSP: 002b:00007fc1e5391038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 577.796821][T16676] RAX: ffffffffffffffda RBX: 00007fc1e4735f80 RCX: 00007fc1e457e719 [ 577.804816][T16676] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 577.812806][T16676] RBP: 00007fc1e5391090 R08: 0000000000000000 R09: 0000000000000000 [ 577.820798][T16676] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 577.828790][T16676] R13: 0000000000000000 R14: 00007fc1e4735f80 R15: 00007fff34579428 [ 577.836798][T16676] [ 577.841784][T16543] hsr_slave_1: entered promiscuous mode [ 578.875177][ T5847] Bluetooth: hci0: command tx timeout [ 579.356200][T16543] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 579.376668][T16543] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 579.396286][T16543] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 579.424423][T16543] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 579.577782][T16543] 8021q: adding VLAN 0 to HW filter on device bond0 [ 579.656538][T16543] 8021q: adding VLAN 0 to HW filter on device team0 [ 579.762054][ T8305] bridge0: port 1(bridge_slave_0) entered blocking state [ 579.769235][ T8305] bridge0: port 1(bridge_slave_0) entered forwarding state [ 579.810070][ T8305] bridge0: port 2(bridge_slave_1) entered blocking state [ 579.817260][ T8305] bridge0: port 2(bridge_slave_1) entered forwarding state [ 580.259183][T16543] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 580.731337][T16543] veth0_vlan: entered promiscuous mode [ 580.762975][T16543] veth1_vlan: entered promiscuous mode [ 580.829320][T16543] veth0_macvtap: entered promiscuous mode [ 580.851104][T16543] veth1_macvtap: entered promiscuous mode [ 580.883996][T16543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 580.906361][T16543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 580.926000][T16543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 580.948569][T16543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 580.970834][T16543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 580.993765][T16543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.030254][T16543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 581.060096][T16543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.090215][T16543] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 581.137369][T16543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 581.159701][T16543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.188942][T16543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 581.215451][T16543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.235354][T16543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 581.271427][T16543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.294997][T16831] FAULT_INJECTION: forcing a failure. [ 581.294997][T16831] name failslab, interval 1, probability 0, space 0, times 0 [ 581.302978][T16543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 581.324324][T16831] CPU: 0 UID: 0 PID: 16831 Comm: syz.6.2485 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 581.335122][T16831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 581.345201][T16831] Call Trace: [ 581.348498][T16831] [ 581.351449][T16831] dump_stack_lvl+0x16c/0x1f0 [ 581.356166][T16831] should_fail_ex+0x497/0x5b0 [ 581.360878][T16831] ? fs_reclaim_acquire+0xae/0x150 [ 581.364133][T16543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.366004][T16831] should_failslab+0xc2/0x120 [ 581.380484][T16831] __kmalloc_node_noprof+0xd1/0x440 [ 581.385723][T16831] ? seq_read_iter+0xd8/0x12b0 [ 581.390522][T16831] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 581.396025][T16831] __kvmalloc_node_noprof+0xad/0x1a0 [ 581.401354][T16831] traverse.part.0.constprop.0+0x392/0x640 [ 581.407201][T16831] ? alloc_pages_bulk_noprof+0x77c/0x1110 [ 581.411864][T16543] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 581.412949][T16831] seq_read_iter+0x934/0x12b0 [ 581.424838][T16831] kernfs_fop_read_iter+0x414/0x580 [ 581.430074][T16831] copy_splice_read+0x620/0xb90 [ 581.434968][T16831] ? __pfx_copy_splice_read+0x10/0x10 [ 581.440381][T16831] ? __pfx_register_lock_class+0x10/0x10 [ 581.441398][T16543] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 581.446048][T16831] ? __pfx_copy_splice_read+0x10/0x10 [ 581.446084][T16831] do_splice_read+0x282/0x370 [ 581.446121][T16831] splice_direct_to_actor+0x2a4/0xa40 [ 581.446158][T16831] ? __pfx_direct_splice_actor+0x10/0x10 [ 581.446201][T16831] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 581.446238][T16831] ? __fget_files+0x23a/0x3f0 [ 581.446269][T16831] do_splice_direct+0x178/0x250 [ 581.446304][T16831] ? __pfx_do_splice_direct+0x10/0x10 [ 581.446339][T16831] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 581.446386][T16831] do_sendfile+0xb0c/0xe40 [ 581.446420][T16831] ? __pfx_do_sendfile+0x10/0x10 [ 581.446446][T16831] ? __fget_files+0x244/0x3f0 [ 581.474113][T16543] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 581.476120][T16831] __x64_sys_sendfile64+0x1da/0x220 [ 581.476157][T16831] ? ksys_write+0x1ad/0x260 [ 581.482075][T16543] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 581.486674][T16831] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 581.486718][T16831] do_syscall_64+0xcd/0x250 [ 581.486748][T16831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 581.486784][T16831] RIP: 0033:0x7f960057e719 [ 581.486804][T16831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 581.486825][T16831] RSP: 002b:00007f960133b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 581.486851][T16831] RAX: ffffffffffffffda RBX: 00007f9600735f80 RCX: 00007f960057e719 [ 581.486868][T16831] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 581.486882][T16831] RBP: 00007f960133b090 R08: 0000000000000000 R09: 0000000000000000 [ 581.486899][T16831] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 581.486914][T16831] R13: 0000000000000000 R14: 00007f9600735f80 R15: 00007ffe89096c48 [ 581.486945][T16831] [ 581.508252][T16834] netlink: zone id is out of range [ 581.508265][T16834] netlink: zone id is out of range [ 581.508274][T16834] netlink: zone id is out of range [ 581.508283][T16834] netlink: zone id is out of range [ 581.508293][T16834] netlink: del zone limit has 4 unknown bytes [ 581.675051][T16543] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 581.900640][ T8305] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 581.908585][ T8305] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 581.973969][ T8291] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 581.981911][ T8291] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 583.098509][T16884] FAULT_INJECTION: forcing a failure. [ 583.098509][T16884] name failslab, interval 1, probability 0, space 0, times 0 [ 583.143303][T16884] CPU: 0 UID: 0 PID: 16884 Comm: syz.6.2490 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 583.154110][T16884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 583.164183][T16884] Call Trace: [ 583.167474][T16884] [ 583.170419][T16884] dump_stack_lvl+0x16c/0x1f0 [ 583.175125][T16884] should_fail_ex+0x497/0x5b0 [ 583.179823][T16884] ? fs_reclaim_acquire+0xae/0x150 [ 583.184968][T16884] should_failslab+0xc2/0x120 [ 583.189676][T16884] kmem_cache_alloc_node_noprof+0x71/0x310 [ 583.195516][T16884] ? __alloc_skb+0x2b3/0x380 [ 583.200137][T16884] __alloc_skb+0x2b3/0x380 [ 583.204580][T16884] ? __pfx___alloc_skb+0x10/0x10 [ 583.209553][T16884] netlink_alloc_large_skb+0x69/0x130 [ 583.214959][T16884] netlink_sendmsg+0x689/0xd70 [ 583.219758][T16884] ? __pfx_netlink_sendmsg+0x10/0x10 [ 583.225084][T16884] ____sys_sendmsg+0x9ae/0xb40 [ 583.229881][T16884] ? copy_msghdr_from_user+0x10b/0x160 [ 583.235370][T16884] ? __pfx_____sys_sendmsg+0x10/0x10 [ 583.240692][T16884] ? __pfx___lock_acquire+0x10/0x10 [ 583.245931][T16884] ___sys_sendmsg+0x135/0x1e0 [ 583.250635][T16884] ? __pfx____sys_sendmsg+0x10/0x10 [ 583.255872][T16884] ? lock_acquire+0x2f/0xb0 [ 583.260403][T16884] ? __fget_files+0x40/0x3f0 [ 583.265029][T16884] ? fdget+0x176/0x210 [ 583.269129][T16884] __sys_sendmsg+0x117/0x1f0 [ 583.273743][T16884] ? __pfx___sys_sendmsg+0x10/0x10 [ 583.278877][T16884] ? __fget_files+0x244/0x3f0 [ 583.283597][T16884] do_syscall_64+0xcd/0x250 [ 583.288126][T16884] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 583.294051][T16884] RIP: 0033:0x7f960057e719 [ 583.298486][T16884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 583.318119][T16884] RSP: 002b:00007f960133b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 583.326560][T16884] RAX: ffffffffffffffda RBX: 00007f9600735f80 RCX: 00007f960057e719 [ 583.334556][T16884] RDX: 0000000000040840 RSI: 0000000020003740 RDI: 0000000000000003 [ 583.342544][T16884] RBP: 00007f960133b090 R08: 0000000000000000 R09: 0000000000000000 [ 583.350537][T16884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 583.358529][T16884] R13: 0000000000000000 R14: 00007f9600735f80 R15: 00007ffe89096c48 [ 583.366536][T16884] [ 585.867564][ T8285] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 586.238957][T15054] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 586.268025][T15054] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 586.277533][T15054] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 586.285722][T15054] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 586.293297][T15054] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 586.301363][T15054] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 586.311427][ T8285] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 586.597461][ T8285] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 586.760350][ T8285] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 586.804248][T16964] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2513'. [ 586.906373][T16964] hsr_slave_0: entered allmulticast mode [ 587.124363][ T8285] bridge_slave_1: left allmulticast mode [ 587.134328][ T8285] bridge_slave_1: left promiscuous mode [ 587.140097][ T8285] bridge0: port 2(bridge_slave_1) entered disabled state [ 587.159383][ T8285] bridge_slave_0: left allmulticast mode [ 587.176644][ T8285] bridge_slave_0: left promiscuous mode [ 587.182359][ T8285] bridge0: port 1(bridge_slave_0) entered disabled state [ 587.675342][T16983] FAULT_INJECTION: forcing a failure. [ 587.675342][T16983] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 587.702353][T16983] CPU: 1 UID: 0 PID: 16983 Comm: syz.4.2517 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 587.713165][T16983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 587.723222][T16983] Call Trace: [ 587.726500][T16983] [ 587.729430][T16983] dump_stack_lvl+0x16c/0x1f0 [ 587.734124][T16983] should_fail_ex+0x497/0x5b0 [ 587.738826][T16983] _copy_from_iter+0x29b/0x1400 [ 587.743692][T16983] ? __pfx__copy_from_iter+0x10/0x10 [ 587.748984][T16983] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 587.754967][T16983] ? tun_build_skb.constprop.0+0x1b8/0x1120 [ 587.760871][T16983] ? __pfx_lock_release+0x10/0x10 [ 587.765905][T16983] ? trace_lock_acquire+0x14a/0x1d0 [ 587.771111][T16983] copy_page_from_iter+0xa5/0x120 [ 587.776144][T16983] tun_build_skb.constprop.0+0x294/0x1120 [ 587.781882][T16983] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 587.788047][T16983] ? __pfx___lock_acquire+0x10/0x10 [ 587.793268][T16983] ? __lock_acquire+0xbdd/0x3ce0 [ 587.798220][T16983] tun_get_user+0x872/0x3d70 [ 587.802828][T16983] ? __pfx_tun_get_user+0x10/0x10 [ 587.807867][T16983] ? find_held_lock+0x2d/0x110 [ 587.812644][T16983] ? __pfx_lock_release+0x10/0x10 [ 587.817690][T16983] tun_chr_write_iter+0xdc/0x210 [ 587.822641][T16983] vfs_write+0x5ae/0x1150 [ 587.826975][T16983] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 587.832534][T16983] ? trace_lock_acquire+0x14a/0x1d0 [ 587.837740][T16983] ? __pfx_vfs_write+0x10/0x10 [ 587.842508][T16983] ? __fget_files+0x40/0x3f0 [ 587.847113][T16983] __x64_sys_pwrite64+0x200/0x260 [ 587.852142][T16983] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 587.857701][T16983] do_syscall_64+0xcd/0x250 [ 587.862208][T16983] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 587.868113][T16983] RIP: 0033:0x7fc1e457e719 [ 587.872528][T16983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 587.892134][T16983] RSP: 002b:00007fc1e5391038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012 [ 587.900548][T16983] RAX: ffffffffffffffda RBX: 00007fc1e4735f80 RCX: 00007fc1e457e719 [ 587.908519][T16983] RDX: 000000000000004e RSI: 0000000020000000 RDI: 00000000000000c8 [ 587.916493][T16983] RBP: 00007fc1e5391090 R08: 0000000000000000 R09: 0000000000000000 [ 587.924467][T16983] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 587.932440][T16983] R13: 0000000000000001 R14: 00007fc1e4735f80 R15: 00007fff34579428 [ 587.940438][T16983] [ 587.953255][ T5847] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 587.962217][ T5847] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 587.972271][ T5847] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 587.980315][ T5847] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 588.089003][ T5847] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 588.096851][ T5847] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 588.394366][T15054] Bluetooth: hci1: command tx timeout [ 588.614248][ T8285] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 588.676489][ T8285] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 588.704735][ T8285] bond0 (unregistering): Released all slaves [ 588.747441][T16957] chnl_net:caif_netlink_parms(): no params data found [ 588.856828][ T8285] HSR: left promiscuous mode [ 589.002507][T16957] bridge0: port 1(bridge_slave_0) entered blocking state [ 589.012503][T16957] bridge0: port 1(bridge_slave_0) entered disabled state [ 589.022194][T16957] bridge_slave_0: entered allmulticast mode [ 589.029780][T16957] bridge_slave_0: entered promiscuous mode [ 589.052642][T16957] bridge0: port 2(bridge_slave_1) entered blocking state [ 589.064148][T16957] bridge0: port 2(bridge_slave_1) entered disabled state [ 589.079633][T16957] bridge_slave_1: entered allmulticast mode [ 589.098316][T16957] bridge_slave_1: entered promiscuous mode [ 589.221987][T16957] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 589.257629][T16957] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 589.468569][T16957] team0: Port device team_slave_0 added [ 589.510945][ T8285] hsr_slave_0: left promiscuous mode [ 589.523426][ T8285] hsr_slave_1: left promiscuous mode [ 589.538547][ T8285] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 589.554385][ T8285] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 589.572055][ T8285] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 589.593604][ T8285] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 589.645387][ T8285] veth1_macvtap: left promiscuous mode [ 589.650947][ T8285] veth0_macvtap: left promiscuous mode [ 589.674239][ T8285] veth1_vlan: left promiscuous mode [ 589.680001][ T8285] veth0_vlan: left promiscuous mode [ 590.164596][T15054] Bluetooth: hci0: command tx timeout [ 590.210254][ T8285] team0 (unregistering): Port device team_slave_1 removed [ 590.251787][ T8285] team0 (unregistering): Port device team_slave_0 removed [ 590.475476][T15054] Bluetooth: hci1: command tx timeout [ 590.695019][T16957] team0: Port device team_slave_1 added [ 590.734716][T17030] team0: entered allmulticast mode [ 590.739860][T17030] team_slave_0: entered allmulticast mode [ 590.754191][T17030] team_slave_1: entered allmulticast mode [ 590.878409][T16957] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 590.887775][T16957] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 590.922008][T16957] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 590.947804][T16984] chnl_net:caif_netlink_parms(): no params data found [ 590.981326][T16957] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 590.990804][T16957] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 591.019960][T16957] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 591.264524][T16957] hsr_slave_0: entered promiscuous mode [ 591.274212][T16957] hsr_slave_1: entered promiscuous mode [ 591.280529][T16957] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 591.288610][T16957] Cannot create hsr debugfs directory [ 591.502269][T16984] bridge0: port 1(bridge_slave_0) entered blocking state [ 591.543585][T16984] bridge0: port 1(bridge_slave_0) entered disabled state [ 591.560517][T16984] bridge_slave_0: entered allmulticast mode [ 591.582633][T16984] bridge_slave_0: entered promiscuous mode [ 591.601772][T16984] bridge0: port 2(bridge_slave_1) entered blocking state [ 591.623285][T16984] bridge0: port 2(bridge_slave_1) entered disabled state [ 591.640038][T16984] bridge_slave_1: entered allmulticast mode [ 591.658248][T16984] bridge_slave_1: entered promiscuous mode [ 591.918104][T16984] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 591.946868][T16984] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 592.117236][ T8285] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 592.234641][T15054] Bluetooth: hci0: command tx timeout [ 592.363427][ T8285] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 592.431549][T16984] team0: Port device team_slave_0 added [ 592.440823][T16984] team0: Port device team_slave_1 added [ 592.554248][T15054] Bluetooth: hci1: command tx timeout [ 592.560873][ T8285] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 592.737120][ T8285] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 592.781113][T16984] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 592.804995][T16984] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 592.874165][T16984] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 592.902575][T16984] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 592.910212][T16984] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 592.937693][T16984] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 593.075314][T16984] hsr_slave_0: entered promiscuous mode [ 593.083745][T16984] hsr_slave_1: entered promiscuous mode [ 593.113461][T16984] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 593.122525][T16984] Cannot create hsr debugfs directory [ 593.346440][T16957] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 593.356364][T16957] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 593.392061][ T8285] bridge_slave_1: left allmulticast mode [ 593.398255][ T8285] bridge_slave_1: left promiscuous mode [ 593.403979][ T8285] bridge0: port 2(bridge_slave_1) entered disabled state [ 593.425910][ T8285] bridge_slave_0: left allmulticast mode [ 593.431612][ T8285] bridge_slave_0: left promiscuous mode [ 593.441541][ T8285] bridge0: port 1(bridge_slave_0) entered disabled state [ 594.189329][ T8285] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 594.208800][ T8285] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 594.226509][ T8285] bond0 (unregistering): Released all slaves [ 594.257346][T16957] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 594.314301][T15054] Bluetooth: hci0: command tx timeout [ 594.425701][T16957] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 594.634221][T15054] Bluetooth: hci1: command tx timeout [ 594.931839][ T8285] hsr_slave_0: left promiscuous mode [ 594.950368][ T8285] hsr_slave_1: left promiscuous mode [ 594.977580][ T8285] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 594.993222][ T8285] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 595.035953][ T8285] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 595.053998][ T8285] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 595.090322][ T8285] veth1_macvtap: left promiscuous mode [ 595.115894][ T8285] veth0_macvtap: left promiscuous mode [ 595.137080][ T8285] veth1_vlan: left promiscuous mode [ 595.153804][ T8285] veth0_vlan: left promiscuous mode [ 596.031671][ T8285] team0 (unregistering): Port device team_slave_1 removed [ 596.091317][ T8285] team0 (unregistering): Port device team_slave_0 removed [ 596.396671][T15054] Bluetooth: hci0: command tx timeout [ 596.627616][T16984] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 596.692158][T16984] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 596.749686][T16984] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 596.833844][T16984] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 596.925520][T16957] 8021q: adding VLAN 0 to HW filter on device bond0 [ 597.043804][T16957] 8021q: adding VLAN 0 to HW filter on device team0 [ 597.076277][ T8305] bridge0: port 1(bridge_slave_0) entered blocking state [ 597.083407][ T8305] bridge0: port 1(bridge_slave_0) entered forwarding state [ 597.130383][ T8305] bridge0: port 2(bridge_slave_1) entered blocking state [ 597.137514][ T8305] bridge0: port 2(bridge_slave_1) entered forwarding state [ 597.259164][T16957] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 597.303001][T16984] 8021q: adding VLAN 0 to HW filter on device bond0 [ 597.360469][T16984] 8021q: adding VLAN 0 to HW filter on device team0 [ 597.402992][ T8302] bridge0: port 1(bridge_slave_0) entered blocking state [ 597.410150][ T8302] bridge0: port 1(bridge_slave_0) entered forwarding state [ 597.472526][ T8291] bridge0: port 2(bridge_slave_1) entered blocking state [ 597.479690][ T8291] bridge0: port 2(bridge_slave_1) entered forwarding state [ 597.608829][T16957] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 597.702754][T16957] veth0_vlan: entered promiscuous mode [ 597.736475][T16957] veth1_vlan: entered promiscuous mode [ 597.830921][T16957] veth0_macvtap: entered promiscuous mode [ 597.877272][T16957] veth1_macvtap: entered promiscuous mode [ 597.925989][T16957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 597.959779][T16957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 597.984482][T16957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 598.004887][T16957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 598.016014][T16957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 598.030185][T16957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 598.043791][T16957] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 598.077594][T16957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 598.093200][T16957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 598.112376][T16957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 598.123651][T16957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 598.136002][T16957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 598.146753][T16957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 598.159533][T16957] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 598.181794][T16957] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 598.197601][T16957] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 598.208169][T16957] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 598.217665][T16957] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 598.242026][T16984] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 598.439629][ T8302] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 598.458037][ T8302] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 598.545280][ T8291] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 598.556271][ T8291] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 598.754972][T17239] FAULT_INJECTION: forcing a failure. [ 598.754972][T17239] name failslab, interval 1, probability 0, space 0, times 0 [ 598.813265][T17239] CPU: 0 UID: 0 PID: 17239 Comm: syz.0.2509 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 598.824083][T17239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 598.834159][T17239] Call Trace: [ 598.837453][T17239] [ 598.840406][T17239] dump_stack_lvl+0x16c/0x1f0 [ 598.845118][T17239] should_fail_ex+0x497/0x5b0 [ 598.849824][T17239] ? fs_reclaim_acquire+0xae/0x150 [ 598.854974][T17239] should_failslab+0xc2/0x120 [ 598.859377][T16984] veth0_vlan: entered promiscuous mode [ 598.859674][T17239] __kmalloc_cache_noprof+0x6b/0x310 [ 598.870422][T17239] ? pidlist_array_load+0x529/0x9d0 [ 598.875665][T17239] pidlist_array_load+0x529/0x9d0 [ 598.880731][T17239] ? __pfx_pidlist_array_load+0x10/0x10 [ 598.886322][T17239] ? rcu_is_watching+0x12/0xc0 [ 598.891115][T17239] ? trace_lock_acquire+0x14a/0x1d0 [ 598.896360][T17239] cgroup_pidlist_start+0x3a3/0x4f0 [ 598.899126][T16984] veth1_vlan: entered promiscuous mode [ 598.901580][T17239] ? __pfx_cgroup_seqfile_start+0x10/0x10 [ 598.901617][T17239] kernfs_seq_start+0xd8/0x240 [ 598.917548][T17239] ? __kvmalloc_node_noprof+0x7c/0x1a0 [ 598.923052][T17239] traverse.part.0.constprop.0+0xac/0x640 [ 598.928809][T17239] ? alloc_pages_bulk_noprof+0x77c/0x1110 [ 598.934584][T17239] seq_read_iter+0x934/0x12b0 [ 598.939312][T17239] kernfs_fop_read_iter+0x414/0x580 [ 598.944550][T17239] copy_splice_read+0x620/0xb90 [ 598.949457][T17239] ? __pfx_copy_splice_read+0x10/0x10 [ 598.954879][T17239] ? __pfx_register_lock_class+0x10/0x10 [ 598.960578][T17239] ? __pfx_copy_splice_read+0x10/0x10 [ 598.965989][T17239] do_splice_read+0x282/0x370 [ 598.970713][T17239] splice_direct_to_actor+0x2a4/0xa40 [ 598.976127][T17239] ? __pfx_direct_splice_actor+0x10/0x10 [ 598.981806][T17239] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 598.984874][T16984] veth0_macvtap: entered promiscuous mode [ 598.987721][T17239] ? __fget_files+0x23a/0x3f0 [ 598.987757][T17239] do_splice_direct+0x178/0x250 [ 599.003020][T17239] ? __pfx_do_splice_direct+0x10/0x10 [ 599.008428][T17239] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 599.014373][T17239] do_sendfile+0xb0c/0xe40 [ 599.018831][T17239] ? __pfx_do_sendfile+0x10/0x10 [ 599.023804][T17239] ? __fget_files+0x244/0x3f0 [ 599.028510][T17239] __x64_sys_sendfile64+0x1da/0x220 [ 599.033722][T17239] ? ksys_write+0x1ad/0x260 [ 599.038230][T17239] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 599.043969][T17239] do_syscall_64+0xcd/0x250 [ 599.048484][T17239] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 599.054446][T17239] RIP: 0033:0x7fc92b37e719 [ 599.058866][T17239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 599.078476][T17239] RSP: 002b:00007fc92b1f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 599.086892][T17239] RAX: ffffffffffffffda RBX: 00007fc92b535f80 RCX: 00007fc92b37e719 [ 599.094864][T17239] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 599.102836][T17239] RBP: 00007fc92b1f9090 R08: 0000000000000000 R09: 0000000000000000 [ 599.110821][T17239] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 599.118799][T17239] R13: 0000000000000000 R14: 00007fc92b535f80 R15: 00007ffc623d2ed8 [ 599.126785][T17239] [ 599.132046][T16984] veth1_macvtap: entered promiscuous mode [ 599.152983][T16984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 599.165278][T16984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 599.175951][T16984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 599.224783][T16984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 599.263973][T16984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 599.292728][T16984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 599.309429][T16984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 599.319939][T16984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 599.331216][T16984] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 599.340747][T16984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 599.351286][T16984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 599.361474][T16984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 599.372141][T16984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 599.382055][T16984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 599.392562][T16984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 599.402694][T16984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 599.415100][T16984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 599.426215][T16984] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 599.437030][T17262] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2557'. [ 599.554702][T16984] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 599.563605][T17261] openvswitch: HfR: Dropping previously announced user features [ 599.573645][T16984] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 599.594586][T16984] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 599.603313][T16984] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 599.638740][T17262] HfR: left promiscuous mode [ 599.735542][T17273] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2559'. [ 599.772172][T17270] HfR: entered promiscuous mode [ 599.811755][T17273] HfR: left promiscuous mode [ 599.889633][ T8289] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 599.903990][ T8289] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 600.002322][ T8305] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 600.030768][ T8305] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 601.607971][T17330] HfR: entered promiscuous mode [ 601.651852][T17330] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2568'. [ 601.718727][T17330] HfR: left promiscuous mode [ 603.822466][T17407] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 603.894283][T17407] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 605.545988][T17460] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2591'. [ 605.636644][T17467] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2591'. [ 605.888678][T17486] HfR: entered promiscuous mode [ 605.946547][T17486] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2595'. [ 606.062757][T17486] HfR: left promiscuous mode [ 606.484813][T17502] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2599'. [ 606.826563][T17513] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2601'. [ 608.268350][T17544] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2606'. [ 608.294653][T17540] HfR: entered promiscuous mode [ 608.334859][T17544] HfR: left promiscuous mode [ 609.630390][T17576] RDS: rds_bind could not find a transport for ::ffff:246.65.210.234, load rds_tcp or rds_rdma? [ 610.069229][T17583] HfR: entered promiscuous mode [ 610.083607][T17583] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2617'. [ 610.090214][T17584] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 610.099617][T17583] HfR: left promiscuous mode [ 610.474644][T17594] svc: failed to register nfsdv3 RPC service (errno 111). [ 610.540852][T17594] svc: failed to register nfsaclv3 RPC service (errno 111). [ 610.690938][T17613] Process accounting resumed [ 610.727871][T17613] Process accounting resumed [ 610.905270][T17598] svc: failed to register nfsdv3 RPC service (errno 111). [ 610.929592][T17598] svc: failed to register nfsaclv3 RPC service (errno 111). [ 611.211658][T17626] HfR: entered promiscuous mode [ 611.234881][T17626] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2630'. [ 611.260069][T17626] HfR: left promiscuous mode [ 612.629487][T17665] netlink: 109 bytes leftover after parsing attributes in process `syz.4.2638'. [ 613.087075][T17668] netlink: 342 bytes leftover after parsing attributes in process `syz.6.2639'. [ 614.448717][T17692] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2646'. [ 616.409079][T17718] svc: failed to register nfsdv3 RPC service (errno 111). [ 616.442169][T17718] svc: failed to register nfsaclv3 RPC service (errno 111). [ 617.181168][T17735] delete_channel: no stack [ 617.843685][T17757] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2665'. [ 618.151121][ T8302] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 618.280969][ T8302] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 618.497169][ T5847] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 618.519504][ T5847] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 618.537691][ T5847] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 618.563545][ T5847] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 618.575674][ T5847] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 618.582986][ T5847] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 618.613100][ T8302] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 619.420382][ T8302] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 619.959038][T17767] chnl_net:caif_netlink_parms(): no params data found [ 620.147082][ T8302] bridge_slave_1: left allmulticast mode [ 620.152777][ T8302] bridge_slave_1: left promiscuous mode [ 620.164263][ T8302] bridge0: port 2(bridge_slave_1) entered disabled state [ 620.188959][ T8302] bridge_slave_0: left allmulticast mode [ 620.197585][ T8302] bridge_slave_0: left promiscuous mode [ 620.227776][ T8302] bridge0: port 1(bridge_slave_0) entered disabled state [ 620.634982][ T5847] Bluetooth: hci1: command tx timeout [ 621.143564][T17833] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2678'. [ 621.247619][ T8302] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 621.268284][ T8302] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 621.287506][ T8302] bond0 (unregistering): Released all slaves [ 621.340663][T17831] HfR: entered promiscuous mode [ 621.383335][T17833] HfR: left promiscuous mode [ 621.429436][T17767] bridge0: port 1(bridge_slave_0) entered blocking state [ 621.448507][T17767] bridge0: port 1(bridge_slave_0) entered disabled state [ 621.481314][T17767] bridge_slave_0: entered allmulticast mode [ 621.504664][T17767] bridge_slave_0: entered promiscuous mode [ 621.673980][T17767] bridge0: port 2(bridge_slave_1) entered blocking state [ 621.692653][T17767] bridge0: port 2(bridge_slave_1) entered disabled state [ 621.710591][T17767] bridge_slave_1: entered allmulticast mode [ 621.741170][T17767] bridge_slave_1: entered promiscuous mode [ 621.939924][T17767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 621.979198][T17767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 622.010163][T17856] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2682'. [ 622.090799][T17854] HfR: entered promiscuous mode [ 622.165802][T17856] HfR: left promiscuous mode [ 622.246699][ T8302] hsr_slave_0: left promiscuous mode [ 622.263661][ T8302] hsr_slave_1: left promiscuous mode [ 622.302493][ T8302] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 622.318684][ T8302] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 622.367275][ T8302] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 622.400236][ T8302] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 622.487035][ T8302] veth1_macvtap: left promiscuous mode [ 622.500664][ T8302] veth0_macvtap: left promiscuous mode [ 622.518767][ T8302] veth1_vlan: left promiscuous mode [ 622.527981][ T8302] veth0_vlan: left promiscuous mode [ 622.717696][ T5847] Bluetooth: hci1: command tx timeout [ 623.804252][ T8302] team0 (unregistering): Port device team_slave_1 removed [ 623.868038][ T8302] team0 (unregistering): Port device team_slave_0 removed [ 624.513003][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.519684][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.794356][ T5847] Bluetooth: hci1: command tx timeout [ 625.368183][T17767] team0: Port device team_slave_0 added [ 625.392306][T17767] team0: Port device team_slave_1 added [ 625.557536][T17767] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 625.573395][T17767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 625.630418][T17767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 625.656187][T17767] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 625.685030][T17767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 625.772421][T17767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 625.965795][T17767] hsr_slave_0: entered promiscuous mode [ 625.982580][T17767] hsr_slave_1: entered promiscuous mode [ 626.338341][ T8302] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.510030][ T8302] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.598942][T15054] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 626.610592][T15054] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 626.620309][T15054] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 626.628506][T15054] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 626.636979][T15054] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 626.650967][T15054] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 626.703042][ T8302] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.843855][T17767] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 626.874358][ T5847] Bluetooth: hci1: command tx timeout [ 626.919554][T17767] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 626.941668][T17767] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 626.951523][T17767] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 627.006220][ T8302] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 627.376496][T17921] chnl_net:caif_netlink_parms(): no params data found [ 627.417062][T17767] 8021q: adding VLAN 0 to HW filter on device bond0 [ 627.539970][ T8302] bridge_slave_1: left allmulticast mode [ 627.555218][ T8302] bridge_slave_1: left promiscuous mode [ 627.568682][ T8302] bridge0: port 2(bridge_slave_1) entered disabled state [ 627.600881][ T8302] bridge_slave_0: left allmulticast mode [ 627.614196][ T8302] bridge_slave_0: left promiscuous mode [ 627.619958][ T8302] bridge0: port 1(bridge_slave_0) entered disabled state [ 628.714338][ T5847] Bluetooth: hci0: command tx timeout [ 629.065188][ T8302] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 629.123510][ T8302] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 629.162631][ T8302] bond0 (unregistering): Released all slaves [ 629.247882][T17767] 8021q: adding VLAN 0 to HW filter on device team0 [ 629.322088][ T8305] bridge0: port 1(bridge_slave_0) entered blocking state [ 629.329264][ T8305] bridge0: port 1(bridge_slave_0) entered forwarding state [ 629.423545][ T8305] bridge0: port 2(bridge_slave_1) entered blocking state [ 629.430733][ T8305] bridge0: port 2(bridge_slave_1) entered forwarding state [ 630.154956][T17921] bridge0: port 1(bridge_slave_0) entered blocking state [ 630.162214][T17921] bridge0: port 1(bridge_slave_0) entered disabled state [ 630.199220][T17921] bridge_slave_0: entered allmulticast mode [ 630.216562][T17921] bridge_slave_0: entered promiscuous mode [ 630.233638][T17921] bridge0: port 2(bridge_slave_1) entered blocking state [ 630.243787][T17921] bridge0: port 2(bridge_slave_1) entered disabled state [ 630.260908][T17921] bridge_slave_1: entered allmulticast mode [ 630.271185][T17921] bridge_slave_1: entered promiscuous mode [ 630.512938][T17921] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 630.553082][T17921] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 630.606592][T17767] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 630.623669][T17984] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2701'. [ 630.638555][T17984] bridge0: port 2(bridge_slave_1) entered disabled state [ 630.658909][ T8302] hsr_slave_0: left promiscuous mode [ 630.680055][ T8302] hsr_slave_1: left promiscuous mode [ 630.700855][ T8302] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 630.731196][ T8302] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 630.739857][ T8302] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 630.753556][ T8302] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 630.794307][ T5847] Bluetooth: hci0: command tx timeout [ 630.795568][ T8302] veth1_macvtap: left promiscuous mode [ 630.827752][ T8302] veth0_macvtap: left promiscuous mode [ 630.833490][ T8302] veth1_vlan: left promiscuous mode [ 630.839051][ T8302] veth0_vlan: left promiscuous mode [ 631.518042][ T8302] team0 (unregistering): Port device team_slave_1 removed [ 631.556943][ T8302] team0 (unregistering): Port device team_slave_0 removed [ 632.000432][T17921] team0: Port device team_slave_0 added [ 632.021892][T17921] team0: Port device team_slave_1 added [ 632.098606][T17921] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 632.124456][T17921] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 632.174359][T17921] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 632.188153][T17921] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 632.195627][T17921] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 632.238481][T17921] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 632.302564][T18015] svc: failed to register nfsdv3 RPC service (errno 111). [ 632.322490][T18015] svc: failed to register nfsaclv3 RPC service (errno 111). [ 632.390288][T17921] hsr_slave_0: entered promiscuous mode [ 632.409507][T17921] hsr_slave_1: entered promiscuous mode [ 632.423156][T17921] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 632.453748][T17921] Cannot create hsr debugfs directory [ 632.696664][T17767] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 632.807512][T17921] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 632.843751][T17921] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 632.874551][ T5847] Bluetooth: hci0: command tx timeout [ 632.886987][T17921] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 633.012602][T17921] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 633.290292][T17921] 8021q: adding VLAN 0 to HW filter on device bond0 [ 633.337442][T17921] 8021q: adding VLAN 0 to HW filter on device team0 [ 633.348439][ T6947] bridge0: port 1(bridge_slave_0) entered blocking state [ 633.355622][ T6947] bridge0: port 1(bridge_slave_0) entered forwarding state [ 633.432840][T17921] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 633.443360][T17921] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 633.526876][ T6947] bridge0: port 2(bridge_slave_1) entered blocking state [ 633.534017][ T6947] bridge0: port 2(bridge_slave_1) entered forwarding state [ 633.690546][T17767] veth0_vlan: entered promiscuous mode [ 633.742965][T17767] veth1_vlan: entered promiscuous mode [ 633.800264][T17921] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 633.902474][T17767] veth0_macvtap: entered promiscuous mode [ 633.912528][T17767] veth1_macvtap: entered promiscuous mode [ 633.965795][T17767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 633.994359][T17767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 634.014161][T17767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 634.044200][T17767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 634.054377][T17767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 634.065120][T17767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 634.077341][T17767] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 634.092146][T17767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 634.134137][T17767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 634.154936][T17767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 634.184244][T17767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 634.204020][T17767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 634.219522][T17767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 634.233118][T17767] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 634.381515][T17767] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 634.405816][T17767] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 634.421096][T17767] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 634.431852][T17767] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 634.496781][T18086] HfR: entered promiscuous mode [ 634.505803][T18086] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2713'. [ 634.519166][T18086] HfR: left promiscuous mode [ 634.587107][T17921] veth0_vlan: entered promiscuous mode [ 634.636822][T17921] veth1_vlan: entered promiscuous mode [ 634.669217][ T8302] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 634.702265][ T8302] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 634.761209][ T8302] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 634.805565][ T8302] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 634.852076][T17921] veth0_macvtap: entered promiscuous mode [ 634.864037][T17921] veth1_macvtap: entered promiscuous mode [ 634.899548][T17921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 634.925217][T17921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 634.946494][T17921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 634.954752][ T5847] Bluetooth: hci0: command tx timeout [ 634.957334][T17921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 634.972213][T17921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 634.983258][T17921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 635.004897][T17921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 635.024410][T17921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 635.053705][T17921] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 635.065533][T17921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 635.082696][T17921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 635.115425][T17921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 635.129960][T17921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 635.140326][T17921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 635.151287][T17921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 635.163353][T17921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 635.179974][T17921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 635.193162][T17921] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 635.221319][T17921] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 635.272666][T17921] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 635.297823][T17921] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 635.313328][T17921] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 635.519768][ T8305] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 635.551763][ T8305] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 635.594712][ T8289] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 635.603831][ T8289] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 635.782885][T18120] HfR: entered promiscuous mode [ 635.810419][T18120] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2721'. [ 635.860890][T18120] HfR: left promiscuous mode [ 636.348563][T18149] HfR: entered promiscuous mode [ 636.382895][T18149] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2728'. [ 636.430449][T18149] HfR: left promiscuous mode [ 636.798920][ T5847] Bluetooth: hci2: command 0x0406 tx timeout [ 637.175403][T18184] HfR: entered promiscuous mode [ 637.217574][T18184] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2734'. [ 637.243102][T18184] HfR: left promiscuous mode [ 638.883862][T18232] svc: failed to register nfsdv3 RPC service (errno 111). [ 638.909154][T18232] svc: failed to register nfsaclv3 RPC service (errno 111). [ 639.244460][T18239] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 639.288235][T18239] svc: failed to register nfsdv3 RPC service (errno 111). [ 639.323349][T18239] svc: failed to register nfsaclv3 RPC service (errno 111). [ 640.683521][T18292] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2752'. [ 642.243305][T18345] could not allocate digest TFM handle [ 642.582139][T18359] could not allocate digest TFM handle [ 643.179648][T18406] HfR: entered promiscuous mode [ 643.219694][T18406] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2771'. [ 643.254343][T18406] HfR: left promiscuous mode [ 643.459224][T18415] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2773'. [ 646.202394][T18524] netlink: 20 bytes leftover after parsing attributes in process `syz.9.2792'. [ 646.812612][T18532] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2793'. [ 647.758566][T18570] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2800'. [ 653.641159][T18704] HfR: entered promiscuous mode [ 653.669784][T18704] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2820'. [ 653.702032][T18704] HfR: left promiscuous mode [ 653.803944][T18708] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2821'. [ 653.847040][T18711] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2821'. [ 653.876499][T18711] macvtap0: entered promiscuous mode [ 653.892228][T18711] macvtap0: entered allmulticast mode [ 653.943680][T18711] veth0_macvtap: entered allmulticast mode [ 654.373464][ T29] audit: type=1326 audit(8277292042.130:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18712 comm="syz.9.2822" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4b42f7e719 code=0x0 [ 654.563737][T18731] HfR: entered promiscuous mode [ 654.640629][T18731] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2827'. [ 654.679997][T18731] HfR: left promiscuous mode [ 655.330529][T18741] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2828'. [ 655.833996][T18767] ptrace attach of "./syz-executor exec"[17921] was attempted by "./syz-executor exec"[18767] [ 662.344537][T18907] FAULT_INJECTION: forcing a failure. [ 662.344537][T18907] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 662.379664][T18907] CPU: 1 UID: 0 PID: 18907 Comm: syz.6.2858 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 662.390472][T18907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 662.400547][T18907] Call Trace: [ 662.403842][T18907] [ 662.406787][T18907] dump_stack_lvl+0x16c/0x1f0 [ 662.411496][T18907] should_fail_ex+0x497/0x5b0 [ 662.416206][T18907] _copy_from_user+0x2e/0xd0 [ 662.418962][T18891] svc: failed to register nfsdv3 RPC service (errno 111). [ 662.420809][T18907] do_sock_getsockopt+0x319/0x870 [ 662.432946][T18907] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 662.438506][T18907] ? __fget_files+0x244/0x3f0 [ 662.443199][T18907] __sys_getsockopt+0x1a1/0x270 [ 662.448057][T18907] ? __pfx___sys_getsockopt+0x10/0x10 [ 662.453433][T18907] ? fput+0x30/0x390 [ 662.457338][T18907] ? ksys_write+0x1ad/0x260 [ 662.461843][T18907] ? __pfx_ksys_write+0x10/0x10 [ 662.466703][T18907] __x64_sys_getsockopt+0xbd/0x160 [ 662.471817][T18907] ? do_syscall_64+0x91/0x250 [ 662.476500][T18907] ? lockdep_hardirqs_on+0x7c/0x110 [ 662.481702][T18907] do_syscall_64+0xcd/0x250 [ 662.486221][T18907] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 662.492134][T18907] RIP: 0033:0x7f960057e719 [ 662.496550][T18907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 662.516158][T18907] RSP: 002b:00007f960133b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 662.524578][T18907] RAX: ffffffffffffffda RBX: 00007f9600735f80 RCX: 00007f960057e719 [ 662.532552][T18907] RDX: 000000000000001c RSI: 0000200000000001 RDI: 0000000000000003 [ 662.540526][T18907] RBP: 00007f960133b090 R08: 0000000000000000 R09: 0000000000000000 [ 662.548497][T18907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 662.556470][T18907] R13: 0000000000000000 R14: 00007f9600735f80 R15: 00007ffe89096c48 [ 662.564451][T18907] [ 662.709053][T18891] svc: failed to register nfsaclv3 RPC service (errno 111). [ 666.137496][T19008] FAULT_INJECTION: forcing a failure. [ 666.137496][T19008] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 666.174295][T19008] CPU: 1 UID: 0 PID: 19008 Comm: syz.9.2876 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 666.185113][T19008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 666.195205][T19008] Call Trace: [ 666.198499][T19008] [ 666.201450][T19008] dump_stack_lvl+0x16c/0x1f0 [ 666.206161][T19008] should_fail_ex+0x497/0x5b0 [ 666.210878][T19008] _copy_from_user+0x2e/0xd0 [ 666.215506][T19008] copy_msghdr_from_user+0x99/0x160 [ 666.220740][T19008] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 666.226597][T19008] ? __pfx___lock_acquire+0x10/0x10 [ 666.231836][T19008] ___sys_sendmsg+0xff/0x1e0 [ 666.236459][T19008] ? __pfx____sys_sendmsg+0x10/0x10 [ 666.241704][T19008] ? lock_acquire+0x2f/0xb0 [ 666.246243][T19008] ? __fget_files+0x40/0x3f0 [ 666.250880][T19008] ? fdget+0x176/0x210 [ 666.254981][T19008] __sys_sendmsg+0x117/0x1f0 [ 666.259600][T19008] ? __pfx___sys_sendmsg+0x10/0x10 [ 666.264740][T19008] ? __fget_files+0x244/0x3f0 [ 666.269465][T19008] do_syscall_64+0xcd/0x250 [ 666.273997][T19008] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 666.279930][T19008] RIP: 0033:0x7f4b42f7e719 [ 666.284367][T19008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 666.304006][T19008] RSP: 002b:00007f4b43ccd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 666.312451][T19008] RAX: ffffffffffffffda RBX: 00007f4b43135f80 RCX: 00007f4b42f7e719 [ 666.320454][T19008] RDX: 0000000000010040 RSI: 0000000020002300 RDI: 0000000000000004 [ 666.328460][T19008] RBP: 00007f4b43ccd090 R08: 0000000000000000 R09: 0000000000000000 [ 666.336458][T19008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 666.344458][T19008] R13: 0000000000000000 R14: 00007f4b43135f80 R15: 00007fff3d8498d8 [ 666.352458][T19008] [ 670.864598][T19125] HSR: entered promiscuous mode [ 671.175911][T19144] FAULT_INJECTION: forcing a failure. [ 671.175911][T19144] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 671.214201][T19144] CPU: 1 UID: 0 PID: 19144 Comm: syz.4.2901 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 671.224999][T19144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 671.235055][T19144] Call Trace: [ 671.238333][T19144] [ 671.241264][T19144] dump_stack_lvl+0x16c/0x1f0 [ 671.245952][T19144] should_fail_ex+0x497/0x5b0 [ 671.250638][T19144] _copy_from_iter+0x29b/0x1400 [ 671.255499][T19144] ? __pfx__copy_from_iter+0x10/0x10 [ 671.260786][T19144] ? __virt_addr_valid+0x1a4/0x590 [ 671.265914][T19144] ? __virt_addr_valid+0x5e/0x590 [ 671.270940][T19144] ? __phys_addr_symbol+0x30/0x80 [ 671.275968][T19144] ? __check_object_size+0x488/0x710 [ 671.281265][T19144] netlink_sendmsg+0x813/0xd70 [ 671.286045][T19144] ? __pfx_netlink_sendmsg+0x10/0x10 [ 671.291349][T19144] ____sys_sendmsg+0x9ae/0xb40 [ 671.296128][T19144] ? copy_msghdr_from_user+0x10b/0x160 [ 671.301594][T19144] ? __pfx_____sys_sendmsg+0x10/0x10 [ 671.306899][T19144] ? __pfx___lock_acquire+0x10/0x10 [ 671.312108][T19144] ___sys_sendmsg+0x135/0x1e0 [ 671.316830][T19144] ? __pfx____sys_sendmsg+0x10/0x10 [ 671.322052][T19144] ? lock_acquire+0x2f/0xb0 [ 671.326567][T19144] ? __fget_files+0x40/0x3f0 [ 671.331171][T19144] ? fdget+0x176/0x210 [ 671.335248][T19144] __sys_sendmsg+0x117/0x1f0 [ 671.339851][T19144] ? __pfx___sys_sendmsg+0x10/0x10 [ 671.344966][T19144] ? __fget_files+0x244/0x3f0 [ 671.349664][T19144] do_syscall_64+0xcd/0x250 [ 671.354179][T19144] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 671.360095][T19144] RIP: 0033:0x7fc1e457e719 [ 671.364513][T19144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 671.384127][T19144] RSP: 002b:00007fc1e5391038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 671.392544][T19144] RAX: ffffffffffffffda RBX: 00007fc1e4735f80 RCX: 00007fc1e457e719 [ 671.400523][T19144] RDX: 0000000000010040 RSI: 0000000020002300 RDI: 0000000000000004 [ 671.408495][T19144] RBP: 00007fc1e5391090 R08: 0000000000000000 R09: 0000000000000000 [ 671.416465][T19144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 671.424436][T19144] R13: 0000000000000000 R14: 00007fc1e4735f80 R15: 00007fff34579428 [ 671.432417][T19144] [ 673.753736][T19219] FAULT_INJECTION: forcing a failure. [ 673.753736][T19219] name failslab, interval 1, probability 0, space 0, times 0 [ 673.877887][T19219] CPU: 1 UID: 0 PID: 19219 Comm: syz.8.2912 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 673.888709][T19219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 673.898787][T19219] Call Trace: [ 673.902092][T19219] [ 673.905041][T19219] dump_stack_lvl+0x16c/0x1f0 [ 673.909759][T19219] should_fail_ex+0x497/0x5b0 [ 673.914478][T19219] should_failslab+0xc2/0x120 [ 673.919192][T19219] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 673.924599][T19219] ? skb_clone+0x190/0x3f0 [ 673.929048][T19219] skb_clone+0x190/0x3f0 [ 673.933325][T19219] netlink_deliver_tap+0xb26/0xcf0 [ 673.938481][T19219] netlink_unicast+0x5e1/0x7f0 [ 673.943285][T19219] ? __pfx_netlink_unicast+0x10/0x10 [ 673.948609][T19219] ? __phys_addr_symbol+0x30/0x80 [ 673.953666][T19219] ? __check_object_size+0x488/0x710 [ 673.958987][T19219] netlink_sendmsg+0x8b8/0xd70 [ 673.963798][T19219] ? __pfx_netlink_sendmsg+0x10/0x10 [ 673.969129][T19219] ____sys_sendmsg+0x9ae/0xb40 [ 673.973922][T19219] ? copy_msghdr_from_user+0x10b/0x160 [ 673.979407][T19219] ? __pfx_____sys_sendmsg+0x10/0x10 [ 673.984739][T19219] ? __pfx___lock_acquire+0x10/0x10 [ 673.989986][T19219] ___sys_sendmsg+0x135/0x1e0 [ 673.994696][T19219] ? __pfx____sys_sendmsg+0x10/0x10 [ 673.999941][T19219] ? lock_acquire+0x2f/0xb0 [ 674.004477][T19219] ? __fget_files+0x40/0x3f0 [ 674.009107][T19219] ? fdget+0x176/0x210 [ 674.013204][T19219] __sys_sendmsg+0x117/0x1f0 [ 674.017831][T19219] ? __pfx___sys_sendmsg+0x10/0x10 [ 674.022970][T19219] ? __fget_files+0x244/0x3f0 [ 674.027702][T19219] do_syscall_64+0xcd/0x250 [ 674.032236][T19219] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 674.038170][T19219] RIP: 0033:0x7fdde6d7e719 [ 674.042607][T19219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 674.062241][T19219] RSP: 002b:00007fdde7ab7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 674.070681][T19219] RAX: ffffffffffffffda RBX: 00007fdde6f35f80 RCX: 00007fdde6d7e719 [ 674.078673][T19219] RDX: 0000000000010040 RSI: 0000000020002300 RDI: 0000000000000004 [ 674.086667][T19219] RBP: 00007fdde7ab7090 R08: 0000000000000000 R09: 0000000000000000 [ 674.094661][T19219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 674.102659][T19219] R13: 0000000000000000 R14: 00007fdde6f35f80 R15: 00007ffc405c2cb8 [ 674.110673][T19219] [ 678.749425][T19357] netlink: 'syz.8.2930': attribute type 5 has an invalid length. [ 682.524697][T19485] FAULT_INJECTION: forcing a failure. [ 682.524697][T19485] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 682.579691][T19485] CPU: 1 UID: 0 PID: 19485 Comm: syz.8.2952 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 682.590491][T19485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 682.600547][T19485] Call Trace: [ 682.603823][T19485] [ 682.606756][T19485] dump_stack_lvl+0x16c/0x1f0 [ 682.611446][T19485] should_fail_ex+0x497/0x5b0 [ 682.616130][T19485] _copy_from_user+0x2e/0xd0 [ 682.620725][T19485] sk_getsockopt+0x1c9/0x3330 [ 682.625412][T19485] ? hlock_class+0x4e/0x130 [ 682.629924][T19485] ? __pfx_sk_getsockopt+0x10/0x10 [ 682.635049][T19485] ? __pfx___lock_acquire+0x10/0x10 [ 682.640254][T19485] ? __lock_acquire+0xbdd/0x3ce0 [ 682.645207][T19485] ? find_held_lock+0x2d/0x110 [ 682.649980][T19485] ? __might_fault+0x13b/0x190 [ 682.654752][T19485] ? __pfx_lock_release+0x10/0x10 [ 682.659789][T19485] ? trace_lock_acquire+0x14a/0x1d0 [ 682.665006][T19485] ? lock_acquire+0x2f/0xb0 [ 682.669519][T19485] ? __might_fault+0xe3/0x190 [ 682.674199][T19485] ? __might_fault+0xe3/0x190 [ 682.678886][T19485] do_sock_getsockopt+0x699/0x870 [ 682.683924][T19485] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 682.689478][T19485] ? __fget_files+0x244/0x3f0 [ 682.694168][T19485] __sys_getsockopt+0x1a1/0x270 [ 682.699027][T19485] ? __pfx___sys_getsockopt+0x10/0x10 [ 682.704412][T19485] ? fput+0x30/0x390 [ 682.708316][T19485] ? ksys_write+0x1ad/0x260 [ 682.712820][T19485] ? __pfx_ksys_write+0x10/0x10 [ 682.717675][T19485] __x64_sys_getsockopt+0xbd/0x160 [ 682.722791][T19485] ? do_syscall_64+0x91/0x250 [ 682.727482][T19485] ? lockdep_hardirqs_on+0x7c/0x110 [ 682.732683][T19485] do_syscall_64+0xcd/0x250 [ 682.737198][T19485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 682.743107][T19485] RIP: 0033:0x7fdde6d7e719 [ 682.747524][T19485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 682.767146][T19485] RSP: 002b:00007fdde7ab7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 682.775577][T19485] RAX: ffffffffffffffda RBX: 00007fdde6f35f80 RCX: 00007fdde6d7e719 [ 682.783559][T19485] RDX: 000000000000001c RSI: 0000200000000001 RDI: 0000000000000003 [ 682.791539][T19485] RBP: 00007fdde7ab7090 R08: 0000000000000000 R09: 0000000000000000 [ 682.799513][T19485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 682.807489][T19485] R13: 0000000000000000 R14: 00007fdde6f35f80 R15: 00007ffc405c2cb8 [ 682.815482][T19485] [ 685.678346][T19538] HfR: entered promiscuous mode [ 685.927945][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.935634][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.108563][T19547] RDS: rds_bind could not find a transport for f4e:2ebe:827d:913d:36ba:27f7:fd1d:9b81, load rds_tcp or rds_rdma? [ 686.194612][T19547] RDS: rds_bind could not find a transport for f4e:2ebe:827d:913d:36ba:27f7:fd1d:9b81, load rds_tcp or rds_rdma? [ 686.334548][T19547] RDS: rds_bind could not find a transport for f4e:2ebe:827d:913d:36ba:27f7:fd1d:9b81, load rds_tcp or rds_rdma? [ 686.466941][T19547] RDS: rds_bind could not find a transport for f4e:2ebe:827d:913d:36ba:27f7:fd1d:9b81, load rds_tcp or rds_rdma? [ 686.673493][T19547] RDS: rds_bind could not find a transport for f4e:2ebe:827d:913d:36ba:27f7:fd1d:9b81, load rds_tcp or rds_rdma? [ 686.779440][T19547] RDS: rds_bind could not find a transport for f4e:2ebe:827d:913d:36ba:27f7:fd1d:9b81, load rds_tcp or rds_rdma? [ 686.868223][T19547] RDS: rds_bind could not find a transport for f4e:2ebe:827d:913d:36ba:27f7:fd1d:9b81, load rds_tcp or rds_rdma? [ 686.914139][ T29] audit: type=1326 audit(8277292074.665:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19567 comm="syz.4.2975" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc1e457e719 code=0x0 [ 686.954611][T19547] RDS: rds_bind could not find a transport for f4e:2ebe:827d:913d:36ba:27f7:fd1d:9b81, load rds_tcp or rds_rdma? [ 690.812466][T19630] HfR: entered promiscuous mode [ 692.251952][T19634] Process accounting resumed [ 699.714270][T19742] netlink: 11 bytes leftover after parsing attributes in process `syz.6.3018'. [ 699.729242][T19743] netlink: 11 bytes leftover after parsing attributes in process `syz.6.3018'. [ 699.813602][T19762] netlink: 11 bytes leftover after parsing attributes in process `syz.6.3018'. [ 699.890448][T19756] netlink: 11 bytes leftover after parsing attributes in process `syz.6.3018'. [ 699.948305][T19742] netlink: 11 bytes leftover after parsing attributes in process `syz.6.3018'. [ 700.056357][T19743] netlink: 11 bytes leftover after parsing attributes in process `syz.6.3018'. [ 700.546010][T19778] unsupported nlmsg_type 40 [ 702.915701][T19808] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 703.117925][T19808] svc: failed to register nfsdv3 RPC service (errno 111). [ 703.230902][T19808] svc: failed to register nfsaclv3 RPC service (errno 111). [ 703.663680][T19819] netlink: 'syz.4.3036': attribute type 21 has an invalid length. [ 703.711504][T19819] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3036'. [ 704.284310][T19829] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3039'. [ 704.422052][T19834] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3040'. [ 706.277736][ T8305] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 706.475689][ T8305] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 707.060958][ T8305] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 707.534451][ T8305] bridge0: port 3(netdevsim0) entered disabled state [ 707.741333][ T8305] netdevsim netdevsim6 netdevsim0 (unregistering): left allmulticast mode [ 707.784152][ T8305] netdevsim netdevsim6 netdevsim0 (unregistering): left promiscuous mode [ 707.793434][ T8305] bridge0: port 3(netdevsim0) entered disabled state [ 707.860488][T15054] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 707.870306][T15054] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 707.881375][T15054] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 707.892180][T15054] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 707.906716][T15054] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 707.914044][T15054] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 707.956794][ T8305] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 708.731920][ T8305] bridge_slave_1: left allmulticast mode [ 708.744162][ T8305] bridge_slave_1: left promiscuous mode [ 708.749888][ T8305] bridge0: port 2(bridge_slave_1) entered disabled state [ 708.904932][ T8305] bridge_slave_0: left allmulticast mode [ 708.910763][ T8305] bridge_slave_0: left promiscuous mode [ 708.933785][ T8305] bridge0: port 1(bridge_slave_0) entered disabled state [ 710.003460][ T5847] Bluetooth: hci2: command tx timeout [ 710.981524][ T8305] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 711.074737][ T8305] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 711.154802][ T8305] bond0 (unregistering): Released all slaves [ 711.204302][T19920] tc_dump_action: action bad kind [ 711.237252][T19879] chnl_net:caif_netlink_parms(): no params data found [ 711.636480][T19879] bridge0: port 1(bridge_slave_0) entered blocking state [ 711.659394][T19879] bridge0: port 1(bridge_slave_0) entered disabled state [ 711.688208][T19879] bridge_slave_0: entered allmulticast mode [ 711.710969][T19879] bridge_slave_0: entered promiscuous mode [ 711.942766][T19879] bridge0: port 2(bridge_slave_1) entered blocking state [ 711.958641][T19879] bridge0: port 2(bridge_slave_1) entered disabled state [ 711.997709][T19879] bridge_slave_1: entered allmulticast mode [ 712.018861][T19879] bridge_slave_1: entered promiscuous mode [ 712.082221][ T5847] Bluetooth: hci2: command tx timeout [ 712.322712][T19879] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 712.378906][T19879] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 713.270048][T19879] team0: Port device team_slave_0 added [ 713.419257][ T8305] hsr_slave_0: left promiscuous mode [ 713.519834][ T8305] hsr_slave_1: left promiscuous mode [ 713.702361][ T8305] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 713.724401][ T8305] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 713.764746][ T8305] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 713.772176][ T8305] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 713.875121][ T8305] veth1_macvtap: left promiscuous mode [ 713.894290][ T8305] veth0_macvtap: left promiscuous mode [ 713.899910][ T8305] veth1_vlan: left promiscuous mode [ 713.917589][ T8305] veth0_vlan: left promiscuous mode [ 714.162565][ T5847] Bluetooth: hci2: command tx timeout [ 714.343467][T19995] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3078'. [ 716.095864][ T8305] team0 (unregistering): Port device team_slave_1 removed [ 716.170771][ T8305] team0 (unregistering): Port device team_slave_0 removed [ 716.242870][ T5847] Bluetooth: hci2: command tx timeout [ 716.908683][T19879] team0: Port device team_slave_1 added [ 716.977226][T19879] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 716.991451][T19879] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 717.024944][T19879] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 717.040706][T19879] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 717.048906][T19879] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 717.077705][T19879] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 717.165573][T19879] hsr_slave_0: entered promiscuous mode [ 717.172055][T19879] hsr_slave_1: entered promiscuous mode [ 717.178963][T19879] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 717.195790][T19879] Cannot create hsr debugfs directory [ 717.538491][T20006] netlink: 40 bytes leftover after parsing attributes in process `syz.9.3079'. [ 717.772902][T20006] HSR: entered promiscuous mode [ 718.574468][T20041] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3086'. [ 719.057523][T19879] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 719.120962][T19879] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 719.147754][T19879] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 719.199534][T19879] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 719.351144][T19879] 8021q: adding VLAN 0 to HW filter on device bond0 [ 719.390111][T19879] 8021q: adding VLAN 0 to HW filter on device team0 [ 719.430034][ T8285] bridge0: port 1(bridge_slave_0) entered blocking state [ 719.437193][ T8285] bridge0: port 1(bridge_slave_0) entered forwarding state [ 719.512456][T19879] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 719.523483][T19879] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 719.536588][ T6932] bridge0: port 2(bridge_slave_1) entered blocking state [ 719.543698][ T6932] bridge0: port 2(bridge_slave_1) entered forwarding state [ 720.138444][T19879] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 720.263622][T19879] veth0_vlan: entered promiscuous mode [ 720.310955][T19879] veth1_vlan: entered promiscuous mode [ 720.378491][T19879] veth0_macvtap: entered promiscuous mode [ 720.412790][T19879] veth1_macvtap: entered promiscuous mode [ 720.487118][T19879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 720.528575][T19879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 720.556732][T19879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 720.582659][T19879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 720.609886][T19879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 720.634861][T19879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 720.681346][T19879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 720.709479][T19879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 720.759113][T19879] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 720.914504][T19879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 720.932913][T19879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 720.944964][T19879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 720.956685][T19879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 720.966980][T19879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 720.977624][T19879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 721.013552][T19879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 721.039304][T19879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 721.061250][T19879] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 721.073792][T19879] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 721.082596][T19879] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 721.091492][T19879] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 721.100411][T19879] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 721.394344][ T8285] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 721.442552][ T8285] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 721.513941][ T6947] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 721.584455][T20124] openvswitch: HfR: Dropping previously announced user features [ 721.595115][ T6947] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 727.575869][T20347] FAULT_INJECTION: forcing a failure. [ 727.575869][T20347] name failslab, interval 1, probability 0, space 0, times 0 [ 727.657533][T20347] CPU: 1 UID: 0 PID: 20347 Comm: syz.9.3133 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 727.668348][T20347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 727.678425][T20347] Call Trace: [ 727.681717][T20347] [ 727.684667][T20347] dump_stack_lvl+0x16c/0x1f0 [ 727.689377][T20347] should_fail_ex+0x497/0x5b0 [ 727.694079][T20347] ? fs_reclaim_acquire+0xae/0x150 [ 727.699229][T20347] should_failslab+0xc2/0x120 [ 727.703952][T20347] kmem_cache_alloc_node_noprof+0x71/0x310 [ 727.709802][T20347] ? copy_process+0x49c/0x6ee0 [ 727.714598][T20347] ? _raw_spin_unlock_irq+0x23/0x50 [ 727.719844][T20347] copy_process+0x49c/0x6ee0 [ 727.724465][T20347] ? get_pid_task+0xfc/0x250 [ 727.729073][T20347] ? __pfx_lock_release+0x10/0x10 [ 727.734118][T20347] ? trace_lock_acquire+0x14a/0x1d0 [ 727.739331][T20347] ? __pfx_copy_process+0x10/0x10 [ 727.744364][T20347] ? find_held_lock+0x2d/0x110 [ 727.749138][T20347] kernel_clone+0xfd/0x960 [ 727.753562][T20347] ? __pfx_kernel_clone+0x10/0x10 [ 727.758601][T20347] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 727.764590][T20347] ? 0xffffffff81000000 [ 727.768745][T20347] __do_sys_clone+0xba/0x100 [ 727.773340][T20347] ? __pfx___do_sys_clone+0x10/0x10 [ 727.778547][T20347] ? 0xffffffff81000000 [ 727.782713][T20347] do_syscall_64+0xcd/0x250 [ 727.787223][T20347] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 727.793129][T20347] RIP: 0033:0x7f4b42f7e719 [ 727.797546][T20347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 727.817162][T20347] RSP: 002b:00007f4b43cac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 727.825585][T20347] RAX: ffffffffffffffda RBX: 00007f4b43136058 RCX: 00007f4b42f7e719 [ 727.833562][T20347] RDX: 9999999999999999 RSI: 0000000000000009 RDI: 0000000000000021 [ 727.841543][T20347] RBP: 00007f4b43cac090 R08: 0000000000000006 R09: 0000000000000000 [ 727.849524][T20347] R10: ffffffff81000000 R11: 0000000000000246 R12: 0000000000000001 [ 727.857493][T20347] R13: 0000000000000000 R14: 00007f4b43136058 R15: 00007fff3d8498d8 [ 727.865479][T20347] ? 0xffffffff81000000 [ 727.869646][T20347] [ 733.873317][T20511] netlink: 20 bytes leftover after parsing attributes in process `syz.8.3153'. [ 737.084050][T20624] HfR: entered promiscuous mode [ 737.758320][T20647] netlink: 'syz.8.3169': attribute type 11 has an invalid length. [ 737.831571][T20647] netlink: 'syz.8.3169': attribute type 11 has an invalid length. [ 740.403214][T20755] netlink: 334 bytes leftover after parsing attributes in process `syz.8.3197'. [ 740.617048][ T6932] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 740.804331][T20766] FAULT_INJECTION: forcing a failure. [ 740.804331][T20766] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 740.830548][T20766] CPU: 0 UID: 0 PID: 20766 Comm: syz.3.3199 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 740.841518][T20766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 740.851647][T20766] Call Trace: [ 740.854947][T20766] [ 740.857900][T20766] dump_stack_lvl+0x16c/0x1f0 [ 740.862606][T20766] should_fail_ex+0x497/0x5b0 [ 740.867316][T20766] _copy_from_user+0x2e/0xd0 [ 740.871941][T20766] copy_msghdr_from_user+0x99/0x160 [ 740.877173][T20766] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 740.883021][T20766] ? __pfx___lock_acquire+0x10/0x10 [ 740.888263][T20766] ___sys_sendmsg+0xff/0x1e0 [ 740.892886][T20766] ? __pfx____sys_sendmsg+0x10/0x10 [ 740.898137][T20766] ? lock_acquire+0x2f/0xb0 [ 740.902691][T20766] ? __fget_files+0x40/0x3f0 [ 740.907322][T20766] ? fdget+0x176/0x210 [ 740.911426][T20766] __sys_sendmsg+0x117/0x1f0 [ 740.916049][T20766] ? __pfx___sys_sendmsg+0x10/0x10 [ 740.921188][T20766] ? __fget_files+0x244/0x3f0 [ 740.925917][T20766] do_syscall_64+0xcd/0x250 [ 740.930453][T20766] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 740.936387][T20766] RIP: 0033:0x7fef84b7e719 [ 740.940828][T20766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 740.960462][T20766] RSP: 002b:00007fef85a3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 740.968909][T20766] RAX: ffffffffffffffda RBX: 00007fef84d35f80 RCX: 00007fef84b7e719 [ 740.976907][T20766] RDX: 0000000000000014 RSI: 00000000200028c0 RDI: 0000000000000003 [ 740.984902][T20766] RBP: 00007fef85a3f090 R08: 0000000000000000 R09: 0000000000000000 [ 740.992886][T20766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 741.000858][T20766] R13: 0000000000000000 R14: 00007fef84d35f80 R15: 00007ffe1c1f4198 [ 741.008842][T20766] [ 741.072808][T15054] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 741.082394][T15054] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 741.090391][T15054] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 741.098528][T15054] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 741.106832][T15054] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 741.114282][T15054] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 741.212334][ T6932] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 741.511684][ T6932] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 741.566614][T20785] HfR: entered promiscuous mode [ 741.600881][T20748] ------------[ cut here ]------------ [ 741.606669][T20748] skb_assert_len [ 741.679392][T20748] WARNING: CPU: 1 PID: 20748 at include/linux/skbuff.h:2679 __dev_queue_xmit+0x22cf/0x4350 [ 741.690183][T20748] Modules linked in: [ 741.694506][T20748] CPU: 1 UID: 0 PID: 20748 Comm: syz.4.3195 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 741.705487][T20748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 741.715758][T20748] RIP: 0010:__dev_queue_xmit+0x22cf/0x4350 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 741.721624][T20748] Code: 67 16 9b f8 40 84 ed 75 25 e8 7d 14 9b f8 c6 05 b4 1c 14 07 01 90 48 c7 c6 40 f0 7a 8c 48 c7 c7 e0 be 7a 8c e8 a2 93 5c f8 90 <0f> 0b 90 90 e8 58 14 9b f8 0f b6 2d 8e 1c 14 07 31 ff 89 ee e8 28 [ 741.741357][T20748] RSP: 0018:ffffc9000440f188 EFLAGS: 00010286 [ 741.747739][T20748] RAX: 0000000000000000 RBX: ffff88802176f3c0 RCX: ffffc90005221000 [ 741.755888][T20748] RDX: 0000000000040000 RSI: ffffffff814e3566 RDI: 0000000000000001 [ 741.763896][T20748] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 741.771923][T20748] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88802176f3d0 [ 741.780030][T20748] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888047c96000 [ 741.788439][T20748] FS: 00007fc1e53916c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 741.797821][T20748] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 741.804633][T20748] CR2: 000055557b44e808 CR3: 0000000053b70000 CR4: 00000000003526f0 [ 741.812639][T20748] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 741.821056][T20748] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 741.829120][T20748] Call Trace: [ 741.832424][T20748] [ 741.835501][T20748] ? __warn+0xea/0x3d0 [ 741.839607][T20748] ? preempt_schedule_notrace+0x62/0xe0 [ 741.845226][T20748] ? __dev_queue_xmit+0x22cf/0x4350 [ 741.850479][T20748] ? report_bug+0x3c0/0x580 [ 741.855068][T20748] ? handle_bug+0x54/0xa0 [ 741.859434][T20748] ? exc_invalid_op+0x17/0x50 [ 741.864229][T20748] ? asm_exc_invalid_op+0x1a/0x20 [ 741.869306][T20748] ? __warn_printk+0x1a6/0x350 [ 741.874141][T20748] ? __dev_queue_xmit+0x22cf/0x4350 [ 741.876502][T20793] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3204'. [ 741.879364][T20748] ? __dev_queue_xmit+0x22ce/0x4350 [ 741.893956][T20748] ? netlink_sendmsg+0x8b8/0xd70 [ 741.899331][T20748] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 741.905513][T20748] ? __pfx___dev_queue_xmit+0x10/0x10 [ 741.911104][T20748] ? rcu_is_watching+0x12/0xc0 [ 741.916068][T20748] ? trace_kmem_cache_alloc+0x2d/0xe0 [ 741.921481][T20748] ? __copy_skb_header+0x2e8/0x5b0 [ 741.926685][T20748] ? __skb_clone+0x570/0x760 [ 741.931316][T20748] netlink_deliver_tap+0xa8a/0xcf0 [ 741.936512][T20748] netlink_unicast+0x6b4/0x7f0 [ 741.941319][T20748] ? __pfx_netlink_unicast+0x10/0x10 [ 741.946701][T20748] ? __nla_parse+0x40/0x60 [ 741.948409][T20795] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3204'. [ 741.951142][T20748] netdev_nl_queue_get_doit+0x37f/0x6a0 [ 741.965783][T20748] genl_family_rcv_msg_doit+0x202/0x2f0 [ 741.971379][T20748] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 741.977557][T20748] ? __radix_tree_lookup+0x21f/0x2c0 [ 741.982875][T20748] genl_rcv_msg+0x565/0x800 [ 741.987457][T20748] ? __pfx_genl_rcv_msg+0x10/0x10 [ 741.992862][T20748] ? __pfx_netdev_nl_queue_get_doit+0x10/0x10 [ 741.999612][T20748] netlink_rcv_skb+0x165/0x410 [ 742.004479][T20748] ? __pfx_genl_rcv_msg+0x10/0x10 [ 742.009695][T20748] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 742.015214][T20748] ? down_read+0xc9/0x330 [ 742.019579][T20748] ? __pfx_down_read+0x10/0x10 [ 742.024450][T20748] ? netlink_deliver_tap+0x1ae/0xcf0 [ 742.029778][T20748] genl_rcv+0x28/0x40 [ 742.033797][T20748] netlink_unicast+0x53c/0x7f0 [ 742.038665][T20748] ? __pfx_netlink_unicast+0x10/0x10 [ 742.043991][T20748] ? __phys_addr_symbol+0x30/0x80 [ 742.049162][T20748] ? __check_object_size+0x488/0x710 [ 742.054544][T20748] netlink_sendmsg+0x8b8/0xd70 [ 742.059357][T20748] ? __pfx_netlink_sendmsg+0x10/0x10 [ 742.064742][T20748] ____sys_sendmsg+0x9ae/0xb40 [ 742.069542][T20748] ? copy_msghdr_from_user+0x10b/0x160 [ 742.075281][T20748] ? __pfx_____sys_sendmsg+0x10/0x10 [ 742.080617][T20748] ? __pfx___lock_acquire+0x10/0x10 [ 742.085897][T20748] ___sys_sendmsg+0x135/0x1e0 [ 742.090615][T20748] ? __pfx____sys_sendmsg+0x10/0x10 [ 742.096273][T20748] ? lock_acquire+0x2f/0xb0 [ 742.100818][T20748] ? __fget_files+0x40/0x3f0 [ 742.105848][T20748] ? fdget+0x176/0x210 [ 742.109958][T20748] __sys_sendmsg+0x117/0x1f0 [ 742.114776][T20748] ? __pfx___sys_sendmsg+0x10/0x10 [ 742.119936][T20748] ? __x64_sys_futex+0x1e1/0x4c0 [ 742.125103][T20748] do_syscall_64+0xcd/0x250 [ 742.129648][T20748] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 742.135636][T20748] RIP: 0033:0x7fc1e457e719 [ 742.140084][T20748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 742.159910][T20748] RSP: 002b:00007fc1e5391038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 742.168487][T20748] RAX: ffffffffffffffda RBX: 00007fc1e4735f80 RCX: 00007fc1e457e719 [ 742.176543][T20748] RDX: 0000000022048814 RSI: 0000000020001640 RDI: 0000000000000009 [ 742.184573][T20748] RBP: 00007fc1e45f175e R08: 0000000000000000 R09: 0000000000000000 [ 742.192571][T20748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 742.200988][T20748] R13: 0000000000000000 R14: 00007fc1e4735f80 R15: 00007fff34579428 [ 742.209398][T20748] [ 742.212459][T20748] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 742.219758][T20748] CPU: 1 UID: 0 PID: 20748 Comm: syz.4.3195 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 742.230544][T20748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 742.240618][T20748] Call Trace: [ 742.243911][T20748] [ 742.246855][T20748] dump_stack_lvl+0x3d/0x1f0 [ 742.251477][T20748] panic+0x71d/0x800 [ 742.255413][T20748] ? __pfx_panic+0x10/0x10 [ 742.259866][T20748] ? show_trace_log_lvl+0x29d/0x3d0 [ 742.265110][T20748] ? __dev_queue_xmit+0x22cf/0x4350 [ 742.270348][T20748] check_panic_on_warn+0xab/0xb0 [ 742.275332][T20748] __warn+0xf6/0x3d0 [ 742.279262][T20748] ? preempt_schedule_notrace+0x62/0xe0 [ 742.284845][T20748] ? __dev_queue_xmit+0x22cf/0x4350 [ 742.290091][T20748] report_bug+0x3c0/0x580 [ 742.294454][T20748] handle_bug+0x54/0xa0 [ 742.298639][T20748] exc_invalid_op+0x17/0x50 [ 742.303170][T20748] asm_exc_invalid_op+0x1a/0x20 [ 742.308054][T20748] RIP: 0010:__dev_queue_xmit+0x22cf/0x4350 [ 742.313894][T20748] Code: 67 16 9b f8 40 84 ed 75 25 e8 7d 14 9b f8 c6 05 b4 1c 14 07 01 90 48 c7 c6 40 f0 7a 8c 48 c7 c7 e0 be 7a 8c e8 a2 93 5c f8 90 <0f> 0b 90 90 e8 58 14 9b f8 0f b6 2d 8e 1c 14 07 31 ff 89 ee e8 28 [ 742.333525][T20748] RSP: 0018:ffffc9000440f188 EFLAGS: 00010286 [ 742.339615][T20748] RAX: 0000000000000000 RBX: ffff88802176f3c0 RCX: ffffc90005221000 [ 742.347589][T20748] RDX: 0000000000040000 RSI: ffffffff814e3566 RDI: 0000000000000001 [ 742.355561][T20748] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 742.363535][T20748] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88802176f3d0 [ 742.371511][T20748] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888047c96000 [ 742.379496][T20748] ? __warn_printk+0x1a6/0x350 [ 742.384284][T20748] ? __dev_queue_xmit+0x22ce/0x4350 [ 742.389499][T20748] ? netlink_sendmsg+0x8b8/0xd70 [ 742.394447][T20748] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 742.400542][T20748] ? __pfx___dev_queue_xmit+0x10/0x10 [ 742.405953][T20748] ? rcu_is_watching+0x12/0xc0 [ 742.410725][T20748] ? trace_kmem_cache_alloc+0x2d/0xe0 [ 742.416111][T20748] ? __copy_skb_header+0x2e8/0x5b0 [ 742.421236][T20748] ? __skb_clone+0x570/0x760 [ 742.425840][T20748] netlink_deliver_tap+0xa8a/0xcf0 [ 742.430966][T20748] netlink_unicast+0x6b4/0x7f0 [ 742.435742][T20748] ? __pfx_netlink_unicast+0x10/0x10 [ 742.441036][T20748] ? __nla_parse+0x40/0x60 [ 742.445478][T20748] netdev_nl_queue_get_doit+0x37f/0x6a0 [ 742.451052][T20748] genl_family_rcv_msg_doit+0x202/0x2f0 [ 742.456620][T20748] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 742.462715][T20748] ? __radix_tree_lookup+0x21f/0x2c0 [ 742.468012][T20748] genl_rcv_msg+0x565/0x800 [ 742.472524][T20748] ? __pfx_genl_rcv_msg+0x10/0x10 [ 742.477568][T20748] ? __pfx_netdev_nl_queue_get_doit+0x10/0x10 [ 742.483662][T20748] netlink_rcv_skb+0x165/0x410 [ 742.488442][T20748] ? __pfx_genl_rcv_msg+0x10/0x10 [ 742.493474][T20748] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 742.498784][T20748] ? down_read+0xc9/0x330 [ 742.503123][T20748] ? __pfx_down_read+0x10/0x10 [ 742.507901][T20748] ? netlink_deliver_tap+0x1ae/0xcf0 [ 742.513201][T20748] genl_rcv+0x28/0x40 [ 742.517194][T20748] netlink_unicast+0x53c/0x7f0 [ 742.521972][T20748] ? __pfx_netlink_unicast+0x10/0x10 [ 742.527270][T20748] ? __phys_addr_symbol+0x30/0x80 [ 742.532301][T20748] ? __check_object_size+0x488/0x710 [ 742.537601][T20748] netlink_sendmsg+0x8b8/0xd70 [ 742.542380][T20748] ? __pfx_netlink_sendmsg+0x10/0x10 [ 742.547689][T20748] ____sys_sendmsg+0x9ae/0xb40 [ 742.552467][T20748] ? copy_msghdr_from_user+0x10b/0x160 [ 742.557933][T20748] ? __pfx_____sys_sendmsg+0x10/0x10 [ 742.563241][T20748] ? __pfx___lock_acquire+0x10/0x10 [ 742.568457][T20748] ___sys_sendmsg+0x135/0x1e0 [ 742.573150][T20748] ? __pfx____sys_sendmsg+0x10/0x10 [ 742.578365][T20748] ? lock_acquire+0x2f/0xb0 [ 742.582877][T20748] ? __fget_files+0x40/0x3f0 [ 742.587481][T20748] ? fdget+0x176/0x210 [ 742.591555][T20748] __sys_sendmsg+0x117/0x1f0 [ 742.596159][T20748] ? __pfx___sys_sendmsg+0x10/0x10 [ 742.601281][T20748] ? __x64_sys_futex+0x1e1/0x4c0 [ 742.606240][T20748] do_syscall_64+0xcd/0x250 [ 742.610751][T20748] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 742.616655][T20748] RIP: 0033:0x7fc1e457e719 [ 742.621071][T20748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 742.640681][T20748] RSP: 002b:00007fc1e5391038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 742.649098][T20748] RAX: ffffffffffffffda RBX: 00007fc1e4735f80 RCX: 00007fc1e457e719 [ 742.657077][T20748] RDX: 0000000022048814 RSI: 0000000020001640 RDI: 0000000000000009 [ 742.665051][T20748] RBP: 00007fc1e45f175e R08: 0000000000000000 R09: 0000000000000000 [ 742.673024][T20748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 742.680997][T20748] R13: 0000000000000000 R14: 00007fc1e4735f80 R15: 00007fff34579428 [ 742.688979][T20748] [ 742.692239][T20748] Kernel Offset: disabled [ 742.696604][T20748] Rebooting in 86400 seconds..