last executing test programs: 9m0.028094102s ago: executing program 1 (id=191): msync$auto(0x0, 0x2000000005, 0x6) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) r0 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x40) setrlimit$auto(0x1000000007, 0x0) userfaultfd$auto(0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) r1 = socket(0x200000000000011, 0x2, 0x0) setsockopt$auto(r1, 0x4f, 0x17, 0x0, 0x4) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) select$auto(0x5, 0x0, &(0x7f0000000100)={[0x80000003, 0x200, 0x5719, 0xc, 0x0, 0x1, 0x6, 0x2, 0x81, 0x5e582970, 0x7, 0x5, 0x4, 0x0, 0x8, 0x6]}, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140), 0x55) listen$auto(0x3, 0x81) accept$auto(0x3, 0x0, 0x0) socket(0xa, 0x2, 0x0) select$auto(0x6d0c, 0x0, &(0x7f0000000100)={[0xd, 0x200, 0x800000000000008, 0x5, 0x9, 0x7, 0x6, 0x1, 0x186, 0xcd16, 0x4000000000000000, 0x14, 0x7, 0x8, 0x8, 0x6]}, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140), 0x55) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) recvfrom$auto(r0, &(0x7f0000000000)=[0x1, 0x4, 0x2, 0x200], 0x1000, 0x978, &(0x7f0000000040), &(0x7f0000000080)=0x8) sendto$auto(0x3, 0x0, 0x10, 0x11f, &(0x7f0000000140), 0x1c) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x10, 0x2, 0x4) move_pages$auto(0x0, 0x454, &(0x7f0000000580)=&(0x7f00000001c0)=[0xfffffffffffffffd], 0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), r2) 8m57.316072402s ago: executing program 1 (id=203): mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) ioperm$auto(0x4d5, 0x7, 0x3) r1 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) syncfs$auto(r1) recvmmsg$auto(0x4, &(0x7f0000000200)={{0x0, 0x4, &(0x7f0000000140)={0x0, 0x4da}, 0x4, 0x0, 0x8, 0x800}, 0x3}, 0x7, 0xe, 0x0) sendmsg$auto_NL80211_CMD_GET_STATION(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x40, 0x0, 0x2, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_COLOR_CHANGE_COUNT={0x5, 0x12f, 0x40}, @NL80211_ATTR_BSS_BASIC_RATES={0x1d, 0x24, "6733e8c45addc1837382a00762828d5c09473f36263cde7955"}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0xc000}, 0x8000) write$auto(0x3, 0x0, 0xfdef) memfd_create$auto(0xfffffffffffffffd, 0x8) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) 8m55.687912679s ago: executing program 1 (id=210): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram14\x00', 0x20201, 0x0) pwrite64$auto(r0, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\xf5\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39) 8m55.167787841s ago: executing program 1 (id=217): setitimer$auto(0x1, &(0x7f0000000000)={{0x7fe, 0x7f}, {0x800100004, 0x1}}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x2, 0x88) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) semctl$auto(0x1ff, 0x2, 0x13, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x0) setsockopt$auto(0x3, 0x0, 0x6, 0x0, 0x28) setsockopt$auto(0x3, 0x1000000, 0x24, 0x0, 0x28) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000000)=""/8, 0x8) mmap$auto(0x0, 0x8, 0x4000000000db, 0x44eb1, 0x4000000000000006, 0x300000000000) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) 8m51.208110159s ago: executing program 1 (id=240): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x5, 0x4909b6f8, 0x1ffdd, 0x7, 0x3, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x6, 0x10003, 0x4080, 0x4, 0x0, 0x7, 0x2000, 0x200, 0x8001, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x1000002000, 0x0, 0xa, 0x70624ce7, 0xefde, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x7, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x400000000005b4, 0xc, 0x0, 0x0, 0x0, 0x6, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x0, 0x6, 0xfffffffffffffffc, 0x2, 0x3, 0x4]}, 0x1fe, 0xd) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000000), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x2, 0x6, 0x0) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f0000000000)=ANY=[@ANYBLOB="b1000000", @ANYRES16, @ANYBLOB="01002dbd7000fddbdf25030000000c000180080001"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'bond_slave_1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r1, &(0x7f0000021740)={0x0, 0x0, &(0x7f0000021700)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x4004804) 8m48.67203179s ago: executing program 1 (id=253): r0 = openat$auto_tracing_saved_cmdlines_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/saved_cmdlines\x00', 0x100, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r1) r2 = socket(0x10, 0x3, 0x6) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="fc000000", @ANYRES16=r3, @ANYBLOB="01002dbd7000fedbdf2505000000e6000400110008002e00", @ANYRES16, @ANYBLOB], 0xfc}, 0x1, 0x0, 0x0, 0x400d0}, 0x50) ioperm$auto(0x0, 0x9, 0x149) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), r2) futex_waitv$auto(&(0x7f0000000000)={0xb, 0x1c380, 0x82}, 0x1, 0x0, 0x0, 0x623d) openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cpu/0/msr\x00', 0x101680, 0x0) keyctl$auto(0x2, 0x10000, 0x4, 0xe11, 0x1) r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x3c, r4, 0x1, 0x70bd2d, 0x25dfdbf9, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x11e789c}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_FD={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x48080) r5 = openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0) sendmsg$auto_L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x3c, r4, 0x8, 0x70bd28, 0x25dfdbff, {}, [@L2TP_ATTR_FD={0x8, 0x17, r5}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, 0x7}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x6b63}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0xe6}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0xe}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x4040) pread64$auto(r0, &(0x7f0000000040)='/sys/kernel/debug/tracing/saved_cmdlines\x00', 0x1, 0x2) 8m33.630480096s ago: executing program 32 (id=253): r0 = openat$auto_tracing_saved_cmdlines_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/saved_cmdlines\x00', 0x100, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r1) r2 = socket(0x10, 0x3, 0x6) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="fc000000", @ANYRES16=r3, @ANYBLOB="01002dbd7000fedbdf2505000000e6000400110008002e00", @ANYRES16, @ANYBLOB], 0xfc}, 0x1, 0x0, 0x0, 0x400d0}, 0x50) ioperm$auto(0x0, 0x9, 0x149) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), r2) futex_waitv$auto(&(0x7f0000000000)={0xb, 0x1c380, 0x82}, 0x1, 0x0, 0x0, 0x623d) openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cpu/0/msr\x00', 0x101680, 0x0) keyctl$auto(0x2, 0x10000, 0x4, 0xe11, 0x1) r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x3c, r4, 0x1, 0x70bd2d, 0x25dfdbf9, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x11e789c}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_FD={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x48080) r5 = openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0) sendmsg$auto_L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x3c, r4, 0x8, 0x70bd28, 0x25dfdbff, {}, [@L2TP_ATTR_FD={0x8, 0x17, r5}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, 0x7}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x6b63}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0xe6}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0xe}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x4040) pread64$auto(r0, &(0x7f0000000040)='/sys/kernel/debug/tracing/saved_cmdlines\x00', 0x1, 0x2) 2m15.545488361s ago: executing program 2 (id=2154): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000000)='}\x00', 0x8) renameat2$auto(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000940)={'hsr0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x58, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x200}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_IFINDEX={0x8, 0x2, r2}]}, 0x58}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x40000}, 0x40000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) socket(0x22, 0x2, 0x2) setsockopt$auto(0x6, 0x8000000000000006, 0x7, 0x0, 0x7ffffc) semctl$auto(0x7, 0x2, 0x13, 0x1) lsm_list_modules$auto(0x0, 0x0, 0x0) 2m14.387230474s ago: executing program 2 (id=2159): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) msgsnd$auto(0x5, 0x0, 0x3, 0x8) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mlock$auto(0xfbe8, 0x4) socket$nl_generic(0x10, 0x3, 0x10) stat$auto(&(0x7f0000000000)='./file0\x00', 0x0) syz_clone(0x108000, &(0x7f0000000080), 0x0, &(0x7f0000000300), 0x0, 0x0) mlock$auto(0x70, 0x8) 2m12.762571571s ago: executing program 2 (id=2167): futex_waitv$auto(0x0, 0x2fbe, 0x6a, 0x0, 0x80000001) shmat$auto(0x0, &(0x7f0000000000)='(\x00', 0x4) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) semtimedop$auto(0x2, &(0x7f0000000100)={0x8000, 0x3, 0x7ff}, 0x8, &(0x7f0000000140)={0x2, 0x8}) socket(0xa, 0x2, 0x73) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) r0 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r0, 0x29, 0x21, 0x0, 0x1ff) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) socket(0xa, 0x2, 0x0) getsockopt$auto(0x6, 0x40000000029, 0x1, 0xfffffffffffffffe, 0x0) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYRES16=r1, @ANYBLOB="1b0026"], 0x38}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) writev$auto(0xca, &(0x7f0000000080)={&(0x7f00000000c0)=[0x404], 0x1}, 0x7e) 2m11.87573323s ago: executing program 2 (id=2173): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x0) socket(0x2, 0x6, 0x0) epoll_create$auto(0x4) r0 = socket$nl_generic(0x10, 0x3, 0x10) statx$auto(0x2, 0x0, 0x1000, 0xbdfa, 0x0) epoll_ctl$auto(0x5, 0x1, r0, 0x0) capset$auto(0x0, 0xfffffffffffffffe) epoll_ctl$auto(0x5, 0x3, r0, 0x0) epoll_wait$auto(0x5, 0x0, 0x2, 0xfffffffd) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000380)='ns/user\x00') ioctl$auto(r1, 0xb704, 0x6) 2m10.846299114s ago: executing program 2 (id=2179): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_SET(r1, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000002740)={&(0x7f00000052c0)={0x18, r2, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@TIPC_NLA_MON={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x2200c851}, 0x4) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003040), r0) r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000000), 0x20800, 0x0) ioctl$auto_VHOST_NET_SET_BACKEND(r4, 0x4008af30, &(0x7f0000000080)={0x5}) r5 = openat$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f00000000c0), 0xb02, 0x0) write$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(r5, &(0x7f0000000240)="6c30d3eefd3ccc0588244f77241b1126f9df790762ca0bdd0625aa82a58c4273ea989ef83064a33594525e4d25a1ceee954b26dd2f8cc67c5f44a4ca96e957b69bd9040df6f0c85547a158afa98e23188eaab5065777f6962af1de9976922139d74152b36a82370108098022d862aee4333dcad6ab76b74573f4ffe38678f96e1eeaffea0a", 0x85) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f0000003080)={0x44, r3, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8, 0x9, 0x1}, @ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}]}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x6}, @ETHTOOL_A_CHANNELS_OTHER_COUNT={0x8, 0x8, 0x6}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000004}, 0x20008800) r6 = openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0) poll$auto(&(0x7f00000001c0)={r6, 0x4, 0xff78}, 0x40, 0x3) r8 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/set_event\x00', 0x20001, 0x0) write$auto(r8, &(0x7f0000000100)=':%(:#(&-!]\x00', 0xd40a) write$auto_dfs_global_fops_debug(r7, 0x0, 0x0) 2m10.028054973s ago: executing program 2 (id=2183): mmap$auto(0x0, 0x40000b, 0xde, 0x9b72, 0x2, 0x8000) (async, rerun: 64) madvise$auto(0x0, 0xffffffffffff0004, 0x19) (async, rerun: 64) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) (async, rerun: 32) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0) (rerun: 32) poll$auto(&(0x7f0000000040)={r3, 0xfffa, 0x6}, 0x1, 0x80000001) (async) sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYRES64=r2, @ANYRES32=r3, @ANYRES16=r1, @ANYRES8=r0, @ANYRES64=r1, @ANYBLOB="ef4a984dd5a13453f41b4ebe663c46e7c0a7c98bdb7a93c7a527b69c885778d91666fc815d776668ce27f00e0fa1a0d829219a05c3fe29a738688ce09d53438f1b48898ab2ae6b4927cdc748c6214e8edcb8439f954303ea8d4a2f242a92c0f6bd9e90db8c6d41be48c2c68d55497dc1a97fd5351fa23f88c6b9b8590394a6ad6d160aa3929b77a2bb37db608c611827cc29b9b5cef2c0da917491c49e9b4f59dbfa"], 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x20000000) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r2, 0x100, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40011}, 0x0) 1m54.941953757s ago: executing program 33 (id=2183): mmap$auto(0x0, 0x40000b, 0xde, 0x9b72, 0x2, 0x8000) (async, rerun: 64) madvise$auto(0x0, 0xffffffffffff0004, 0x19) (async, rerun: 64) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) (async, rerun: 32) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0) (rerun: 32) poll$auto(&(0x7f0000000040)={r3, 0xfffa, 0x6}, 0x1, 0x80000001) (async) sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYRES64=r2, @ANYRES32=r3, @ANYRES16=r1, @ANYRES8=r0, @ANYRES64=r1, @ANYBLOB="ef4a984dd5a13453f41b4ebe663c46e7c0a7c98bdb7a93c7a527b69c885778d91666fc815d776668ce27f00e0fa1a0d829219a05c3fe29a738688ce09d53438f1b48898ab2ae6b4927cdc748c6214e8edcb8439f954303ea8d4a2f242a92c0f6bd9e90db8c6d41be48c2c68d55497dc1a97fd5351fa23f88c6b9b8590394a6ad6d160aa3929b77a2bb37db608c611827cc29b9b5cef2c0da917491c49e9b4f59dbfa"], 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x20000000) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r2, 0x100, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40011}, 0x0) 13.023342876s ago: executing program 0 (id=2566): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon1\x00', 0x4ad03, 0x0) socketpair$auto(0x7, 0x8, 0x9, &(0x7f0000000040)=0x1) ioctl$auto_MON_IOCG_STATS(r0, 0x80089203, 0x0) 12.209884021s ago: executing program 0 (id=2569): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) (async) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) fsopen$auto(&(0x7f0000000000)='nlctrl\x00', 0x3) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) (async) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) (async) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x8f25, 0x1, 0x4, 0xf8, 0x1c280c4c, 0x3) socketpair$auto(0x1e, 0x5, 0x8, 0x0) socket(0xa, 0x801, 0x84) (async) r0 = socket(0xa, 0x801, 0x84) getsockopt$auto(r0, 0x84, 0x75, 0x0, &(0x7f0000000000)=0x9000c) r1 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0) ioctl$auto_DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, 0x0) mmap$auto(0x0, 0xffe, 0x4000ffa, 0x8000000008012, 0x8, 0xfffffffffffffffc) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) (async) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff) socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x45, 0x4909b6f8, 0x1ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x3, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x0, 0x7, 0x2100, 0x200, 0x0, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x2000, 0x0, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x0, 0x0, 0x2, 0x0, 0xffffffffffffbffd, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x2000000000000000, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x0, 0x0, 0x6, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x0, 0x3, 0xfffffffffffffffa, 0x8, 0x4000000000, 0x7]}, 0x1fe, 0xd) (async) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x45, 0x4909b6f8, 0x1ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x3, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x0, 0x7, 0x2100, 0x200, 0x0, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x2000, 0x0, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x0, 0x0, 0x2, 0x0, 0xffffffffffffbffd, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x2000000000000000, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x0, 0x0, 0x6, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x0, 0x3, 0xfffffffffffffffa, 0x8, 0x4000000000, 0x7]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) 6.489471749s ago: executing program 0 (id=2572): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x8, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') mknodat$auto(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0xff, 0x240000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000003900)='/sys/devices/virtual/net/teql0/statistics/rx_dropped\x00', 0x22400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000003940)=""/207, 0xcf) madvise$auto(0xb, 0x8, 0x4005) madvise$auto(0x0, 0x200007, 0x19) 5.364117491s ago: executing program 3 (id=2583): open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x2, 0x1, 0x0) socket(0x1, 0x2, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x0) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) close_range$auto(0x0, 0xfffffffffffff000, 0x2) 5.180698629s ago: executing program 3 (id=2584): socket(0x872b7d9518a51a5c, 0x1, 0x92e5) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2, 0xdf, 0x20eb1, 0x401, 0x80000008000) mkdir$auto(&(0x7f00000001c0)='}[,&*}\x00', 0xc001) unshare$auto(0x40000080) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x801}, 0x80) fcntl$auto(r1, 0x0, 0x9) r2 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) mq_open$auto(&(0x7f0000000200)='#)-\\&[}\x00', 0xde8, 0xb, &(0x7f0000000240)={0x9, 0x4, 0x2, 0x5}) mq_open$auto(&(0x7f0000000280)='#)-\\&[}\x00', 0x5, 0x10, 0x0) mmap$auto(0x0, 0x8001, 0x4000000000df, 0x610, 0x6, 0x300000000000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x3, 0x47, 0xdf, 0x17, 0x7, 0x40000000028000) mmap$auto(0x0, 0x6, 0xdf, 0x9b72, 0x7, 0x28000) r3 = socket$nl_generic(0x10, 0x3, 0x10) clock_nanosleep$auto(0x9, 0x3, &(0x7f0000000080)={0x100000ad, 0x7fffffffffffffff}, &(0x7f0000000180)={0x3ff, 0x6}) syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000000), r0) sendmsg$auto_GTP_CMD_NEWPDP(r3, &(0x7f0000003080)={0x0, 0x0, &(0x7f0000003040)={&(0x7f0000000300)=ANY=[@ANYRESDEC=r0, @ANYRESHEX=r3, @ANYBLOB="00002bbd7000fddbdf25000000000c00030080000000000000000800020001000000"], 0x28}, 0x1, 0x0, 0x0, 0x4000810}, 0x80) gettid() mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) r4 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x804, 0x4000000000df, 0x40eb2, 0x3fe, 0x300000000000) socket(0x11, 0x3, 0x2) io_uring_setup$auto(0x6, 0x0) clock_nanosleep$auto(0x8, 0x1, 0x0, 0xffffffffffffffff) dup3$auto(r4, r2, 0x800000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 4.125697522s ago: executing program 3 (id=2587): socket(0x2a, 0x2, 0x6) syncfs$auto(0x4) mmap$auto(0x0, 0x20009, 0x7b5f, 0x5d, 0xf20, 0x9) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ILA_CMD_ADD(0xffffffffffffffff, 0x0, 0x20040001) mlockall$auto(0x3) sendfile$auto(0x1, 0x3, 0x0, 0x6) socket(0x2a, 0x2, 0x6) (async) syncfs$auto(0x4) (async) mmap$auto(0x0, 0x20009, 0x7b5f, 0x5d, 0xf20, 0x9) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$auto_ILA_CMD_ADD(0xffffffffffffffff, 0x0, 0x20040001) (async) mlockall$auto(0x3) (async) sendfile$auto(0x1, 0x3, 0x0, 0x6) (async) 3.666095331s ago: executing program 5 (id=2588): mount_setattr$auto(0x3, 0x0, 0x0, 0x0, 0xdec) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop7\x00', 0xc441, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) ioctl$auto(0x3, 0x1269, 0x38) memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x4) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x6b000000000000) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) 3.362449417s ago: executing program 5 (id=2589): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram14\x00', 0x20201, 0x0) pwrite64$auto(r0, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x03\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39) 3.109605727s ago: executing program 5 (id=2590): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0xc0, &(0x7f0000000000)={{0x0, 0x22, 0x0, 0xa, 0x0, 0x989, 0x1}, 0x3}, 0x9a6, 0xfffffffe) io_uring_setup$auto(0x3ff, 0x0) socket(0xa, 0x3, 0x3a) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x1000, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mseal$auto(0x0, 0x7dda, 0x0) eventfd$auto(0x3) r1 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=0x4, 0x4, @old_prog_fd=r0}, 0xa3) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) ioctl$auto_DMA_HEAP_IOCTL_ALLOC(r2, 0xc0505405, 0x0) r3 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r3, 0x107, 0x1, 0x0, 0x8004) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) 2.954541994s ago: executing program 4 (id=2591): socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x3, 0x5) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x200004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x290140, 0x0) close_range$auto(0x2, 0x8, 0x0) pipe2$auto(0x0, 0x80) socket(0xa, 0x2, 0x73) syz_clone3(&(0x7f0000000280)={0x55001000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f00000000c0), {0x16}, &(0x7f00000001c0)=""/166, 0xa6, &(0x7f0000000100)=""/13, &(0x7f0000000140)=[0x0, 0xffffffffffffffff], 0x2}, 0x58) 2.376031508s ago: executing program 3 (id=2592): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000000)='}\x00', 0x8) renameat2$auto(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0xffffffffffffffff, 0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000940)={'hsr0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x58, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x200}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_IFINDEX={0x8, 0x2, r2}]}, 0x58}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x40000}, 0x40000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) socket(0x22, 0x2, 0x2) setsockopt$auto(0x6, 0x8000000000000006, 0x7, 0x0, 0x7ffffc) semctl$auto(0x7, 0x2, 0x13, 0x1) lsm_list_modules$auto(0x0, 0x0, 0x0) 1.982444884s ago: executing program 0 (id=2593): socket(0x10, 0x2, 0x4) socket(0x10, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x4) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) statmount$auto(0x0, &(0x7f0000000480)={0x7, 0x400, 0x6, 0x7, 0xc, 0x6, 0x10000, 0x10, 0x2, 0x8, 0x27, 0x8, 0x2, 0x9af1, 0xff, 0x8, 0x9, 0x4, 0x10, 0x4, 0x5, 0x44ab, 0x10000, 0x9, 0x3ff, 0x2, [0x4aad, 0x6, 0x99, 0x2, 0xa, 0x80, 0x1, 0x0, 0xffffffffffff0000, 0x76d6, 0x3, 0x3f83bc6f, 0x0, 0x7, 0x9, 0x6, 0x1, 0x7, 0xffffffff, 0x3, 0x4, 0xffffffff, 0x8000, 0x0, 0x7, 0x4, 0x3, 0x10000000, 0xffff, 0x7, 0x7fffffff, 0x10001, 0x7, 0x5, 0x7, 0x1, 0x2ba, 0x6, 0x0, 0x81, 0x5, 0x30, 0x8, 0x6, 0xeab1, 0xbe]}, 0x7fffffffffffffff, 0x9) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) eventfd$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x801, 0x106) eventfd$auto(0x0) r1 = socket(0x10, 0x3, 0x6) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r2, @ANYBLOB="01002dbd7000fedbdf2505000000f10203800800c000002e00"/38, @ANYRES32, @ANYBLOB, @ANYRES32=r0, @ANYBLOB="0800fb00", @ANYRES32=r1], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50) 1.91929113s ago: executing program 3 (id=2594): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) syz_clone3(&(0x7f0000001100)={0x40200, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) write$auto(r0, &(0x7f00000000c0)=')-(\x00', 0x80000002) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) pipe2$auto(0x0, 0x800) r1 = open(0x0, 0x261c2, 0x84) close_range$auto(0x2, 0x8000, 0x0) r2 = socket(0xa, 0x2, 0x88) r3 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000040)={0x9, "6919a16ff7bfe91772bb01df3669db0399207eb221b796443c6c74b1fe57daec", 0x90}) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f00000000c0)={0x3, "6e546c3c3a265f11056b516535b1935cf3c6b75a2aeaf8af28111479136c52c5", 0x4}) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000080)={0x1, "36a2662b59209f6bd4aafa4ed15fdb9c791daf044ae6ff089930def80ce28999", 0x2}) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r5, r4, 0x4, 0x1ff, r2, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r1, 0x0, 0x3}, 0xc) clone$auto(0x56d, 0x7, 0x0, 0x0, 0x2) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x8) sendmmsg$auto(r0, &(0x7f00000004c0)={{&(0x7f0000000140)=[0x0, 0x38116e69], 0x8000, &(0x7f0000000400)={&(0x7f00000003c0)=[0xfffffffeffffffff, 0x8], 0x1000}, 0x80000000, &(0x7f0000000440)=[0xff16, 0xfffffffffffff800, 0xa36, 0x1d, 0x100000001, 0x8, 0x9, 0x200, 0x0, 0x0], 0x5}, 0x5a}, 0x7, 0x8) syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000040), r0) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x9, 0xffc, 0x7, 0xfffffffd, 0x0, 0xee01, 0x0, 0x6, 0x1, 0x5, 0xc0f, 0x2, 0x7ff, 0x92bc, 0xffffffff, 0x6, 0x3}) socket(0x10, 0x2, 0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="770e0000", @ANYRES16=0x0, @ANYBLOB="080028bd7000fddbdf250300000008000600020000000c0014"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x405b) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) 1.829073525s ago: executing program 5 (id=2595): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfd, 0x8000) pidfd_open$auto(0x1, 0x0) move_mount$auto(0x0, 0x0, 0x4, 0x0, 0x77) iopl$auto(0x3) memfd_create$auto(&(0x7f0000000000)='&$\x00', 0xc) rseq$auto(&(0x7f0000000000)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x2, 0x1) iopl$auto(0x9) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cec2\x00', 0x801, 0x0) ioctl$auto_CEC_RECEIVE(r1, 0xc0386106, &(0x7f0000000140)={0x4, 0xe89, 0xfffffff6, 0xd, 0xfffffffe, 0x1000001, "db00000000000000000100", 0xf9, 0x2, 0x7, 0x4, 0x7, 0xe, 0x7}) bind$auto(0x4, 0xfffffffffffffffe, 0x0) mknod$auto(&(0x7f0000000180)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x0f\x18\xc5\x82-s\x83\xe6\xaeR\x81\r_\x0e\x19\x12\x85\bvf(e\xday)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbHL9aD\xb4\x80\xed\xba>\"\xb6\x7f\xa3f\x1d\a\xa1\x87\x84uA\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e', 0x1, 0x4) acct$auto(&(0x7f0000000380)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x0f\x18\xc5\x82-s\x83\xe6\xaeR\x81\r_\x0e\x19\x12\x85\bvf(e\xday)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbHL9aD\xb4\x80\xed\xba>\"\xb6\x7f\xa3f\x1d\a\xa1\x87\x84uA\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e') acct$auto(0x0) getgroups$auto(0xeda, 0x0) r2 = socket(0xa, 0x801, 0x106) statmount$auto(0x0, &(0x7f0000000040)={0x0, 0x0, 0x38, 0xffffff01, 0x9, 0x8000000000000000, 0x8, 0x7, 0x9, 0x5, 0x4, 0x9, 0x3, 0x8, 0x5, 0xf, 0x0, 0x9, 0x10001, 0x5, 0x6c, 0x1000, 0x0, 0x0, 0x0, 0x0, [0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}, 0x800, 0x0) connect$auto(0x3, &(0x7f0000000140), 0x55) mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) msgget$auto(0x0, 0x800e) syslog$auto(0x3, &(0x7f0000000040)='V/\x00', 0x7ff) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000280)={0x1, "2dbf4198f5e8304416c8ddd191f6e54ce9c9e5dc81bad0cfcbe40d7a181ce188", 0x4}) syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) shutdown$auto(0x200000003, 0x2) connect$auto(r2, &(0x7f0000000140), 0x55) msync$auto(0x0, 0x2000000005, 0x6) 1.258671644s ago: executing program 5 (id=2596): syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_3={0x2, 0xa8b, 0x18c, 0x6a, 0x0, 0x3405, 0x3, 0x9, 0xfffffff5, "63ace816ef77cf000000000000000a8b", 0x0, 0x549, 0x4, 0x7, 0x0, 0x1009, 0x4, 0xffffffffffffffff, 0xe, 0x2000005, @attach_btf_obj_fd=0x3, 0x166, 0x1, 0x4000000000006, 0x8, 0x48200003, 0xa7be}, 0x7) 1.100783416s ago: executing program 4 (id=2597): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x5, 0x4909b6f8, 0x1ffdd, 0x7, 0x3, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x6, 0x10003, 0x4080, 0x4, 0x0, 0x7, 0x2000, 0x200, 0x8001, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x1000002000, 0x0, 0xa, 0x70624ce7, 0xefde, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x7, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x400000000005b4, 0xc, 0x0, 0x0, 0x0, 0x6, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x0, 0x6, 0xfffffffffffffffc, 0x2, 0x3, 0x4]}, 0x1fe, 0xd) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000000), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x2, 0x6, 0x0) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f0000000000)=ANY=[@ANYBLOB="b1000000", @ANYRES16, @ANYBLOB="01002dbd7000fddbdf25030000000c000180080001"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'bond_slave_1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r1, &(0x7f0000021740)={0x0, 0x0, &(0x7f0000021700)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3], 0x20}, 0x1, 0xa00000000000000, 0x0, 0x40000}, 0x4004804) 975.421915ms ago: executing program 0 (id=2598): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram14\x00', 0x20201, 0x0) pwrite64$auto(r0, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\a\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39) 789.712916ms ago: executing program 4 (id=2599): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) read$auto(0x3, 0x0, 0x80) write$auto(0x4, 0x0, 0x100082) socket(0xa, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptywd\x00', 0x40400, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x5, 0x0, 0x0, 0x0, 0xa0000001) setsockopt$auto(0x3, 0x10000000084, 0x76, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) 654.019149ms ago: executing program 3 (id=2600): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0x109180, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) ioctl$auto(r0, 0x8001, 0x2deb1d8e) io_setup$auto(0x1000, &(0x7f0000000080)=0x4) ppoll$auto(&(0x7f0000000040)={r0, 0x40, 0x9}, 0x3, 0x0, 0x0, 0x8) select$auto(0x8, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) ioctl$auto_KVM_CHECK_EXTENSION(r1, 0xae03, 0x9) pkey_free$auto(0xfffffffd) 439.574174ms ago: executing program 4 (id=2601): r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80100, 0x0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x894}, 0x4) ppoll$auto(&(0x7f0000000140)={r0, 0x401, 0x2}, 0x82, 0x0, &(0x7f00000001c0)={0x6}, 0x8) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon1\x00', 0x4ad03, 0x0) ioctl$auto_MON_IOCG_STATS(r1, 0x80089203, 0x0) 232.446031ms ago: executing program 4 (id=2602): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r0, 0x43403d05, 0x0) r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon1\x00', 0x4ad03, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x113500, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x3b71, 0x0) ioctl$auto_MON_IOCG_STATS(r1, 0x80089203, 0x0) 210.509977ms ago: executing program 0 (id=2603): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000000)='}\x00', 0x8) renameat2$auto(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0xffffffffffffffff, 0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000940)={'hsr0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x58, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x200}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_IFINDEX={0x8, 0x2, r2}]}, 0x58}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x40000}, 0x40000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) socket(0x22, 0x2, 0x2) setsockopt$auto(0x6, 0x8000000000000006, 0x7, 0x0, 0x7ffffc) semctl$auto(0x7, 0x2, 0x13, 0x1) lsm_list_modules$auto(0x0, 0x0, 0x0) 130.360355ms ago: executing program 5 (id=2604): socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) socket(0x1d, 0x2, 0x6) (rerun: 64) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64) openat$auto_severities_coverage_fops_severity(0xffffffffffffff9c, &(0x7f0000000880), 0x0, 0x0) (async, rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) getpriority$auto(0x1, 0x5) madvise$auto(0x2, 0x2, 0x9) timer_create$auto(0xfffffffd, 0x0, 0x0) (async) mlockall$auto(0x7) socket(0x2, 0x801, 0x106) bind$auto(0x3, &(0x7f0000000000), 0x68) mmap$auto(0x1, 0x4, 0xdf, 0xc10, 0x2, 0x8002) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) (async) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06', &(0x7f0000000140)='nfsd\x00', 0x10000, 0x0) mount$auto(0x0, &(0x7f0000000740)='}[,&*}\x00', 0x0, 0xb, 0x0) (async) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') (async, rerun: 64) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async, rerun: 64) open(&(0x7f0000000100)='.\x00', 0x105101, 0x489) (async) getdents$auto(0x0, 0x0, 0x18) getdents$auto(0x0, 0x0, 0x100) (async) timer_settime$auto(0x0, 0xffff8000, &(0x7f00000000c0)={{0xf, 0x10007}, {0x9}}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) (async, rerun: 32) r0 = socket(0x11, 0x5, 0xfffffffc) (rerun: 32) write$auto(0x3, 0x0, 0xfffffdef) (async) sendmmsg$auto(r0, 0x0, 0x9a6, 0x3ec0) (async) fcntl$auto(0x3, 0x4, 0xa553) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x3ec0) (async) socket(0x2, 0x5, 0x0) (async) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) 0s ago: executing program 4 (id=2605): mmap$auto(0x0, 0x10000c5, 0x0, 0x40eb2, 0x402, 0x300000000000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000ac0)='/proc/irq/default_smp_affinity\x00', 0x2, 0x0) write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000b00)='lk', 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/nfs/net/nfs_client/identifier\x00', 0x400, 0x0) read$auto(r2, &(0x7f0000002440)='&\x00', 0x9) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x34, r3, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x4040000) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) r4 = socket(0x2a, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000080), 0x6b) connect$auto(0x3, &(0x7f00000000c0), 0x55) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) fcntl$auto(0xffffffffffffffff, 0x401, 0x5) write$auto(0x3, 0x0, 0xfffffdef) setsockopt$auto(0xffffffffffffffff, 0x4, 0x8001, 0x0, 0x2) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0x6, 0x9b73, 0x2, 0x8000) sysfs$auto(0x2, 0x10000000000002d, 0x0) syz_genetlink_get_family_id$auto_ovs_datapath(0x0, r4) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) gettid() connect$auto(0xffffffffffffffff, 0x0, 0x55) mmap$auto(0x0, 0xc5, 0x3, 0x16, 0x4, 0x8000) sendfile$auto(0x6, 0xffffffffffffffff, 0x0, 0x8000) unshare$auto(0x40000080) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) madvise$auto(0x0, 0x20200, 0x15) kernel console output (not intermixed with test programs): er after parsing attributes in process `syz.0.130'. [ 129.588019][ T6372] openvswitch: netlink: Flow key attr not present in new flow. [ 130.376672][ T6396] netlink: 342 bytes leftover after parsing attributes in process `syz.3.143'. [ 131.373845][ T6414] netlink: 4 bytes leftover after parsing attributes in process `syz.3.149'. [ 133.987195][ T6462] ptrace attach of "./syz-executor exec"[5839] was attempted by "./syz-executor exec"[6462] [ 135.848514][ T6491] netlink: 4 bytes leftover after parsing attributes in process `syz.3.170'. [ 138.135247][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.141877][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 139.539777][ T6543] netlink: 4 bytes leftover after parsing attributes in process `syz.3.184'. [ 143.499524][ T6601] netlink: 338 bytes leftover after parsing attributes in process `syz.2.201'. [ 143.698808][ T6602] netlink: 338 bytes leftover after parsing attributes in process `syz.2.201'. [ 144.932881][ T6620] netlink: 4 bytes leftover after parsing attributes in process `syz.0.208'. [ 145.181914][ T6626] delete_channel: no stack [ 146.584743][ T6653] netlink: 338 bytes leftover after parsing attributes in process `syz.3.222'. [ 146.661447][ T6653] netlink: 338 bytes leftover after parsing attributes in process `syz.3.222'. [ 148.128776][ T6676] netlink: 4 bytes leftover after parsing attributes in process `syz.2.229'. [ 148.703997][ T6688] netlink: 4 bytes leftover after parsing attributes in process `syz.3.234'. [ 149.194283][ T6694] netlink: 4 bytes leftover after parsing attributes in process `syz.2.236'. [ 150.214001][ T6710] netlink: 4 bytes leftover after parsing attributes in process `syz.0.243'. [ 150.723604][ T6718] block nbd0: not configured, cannot reconfigure [ 151.423799][ T6707] netlink: 338 bytes leftover after parsing attributes in process `syz.1.240'. [ 151.529417][ T6727] netlink: 338 bytes leftover after parsing attributes in process `syz.1.240'. [ 151.737765][ T6707] netlink: 'syz.1.240': attribute type 1 has an invalid length. [ 151.788857][ T6707] netlink: 'syz.1.240': attribute type 1 has an invalid length. [ 153.812757][ T6760] HfR: entered promiscuous mode [ 154.100744][ T6747] netlink: 4 bytes leftover after parsing attributes in process `syz.1.253'. [ 155.680196][ T6780] netlink: 4 bytes leftover after parsing attributes in process `syz.2.266'. [ 156.488911][ T6794] netlink: 4 bytes leftover after parsing attributes in process `syz.0.269'. [ 158.701147][ T6819] netlink: 4 bytes leftover after parsing attributes in process `syz.0.281'. [ 162.282542][ T6849] netlink: 12 bytes leftover after parsing attributes in process `syz.2.287'. [ 162.340833][ T6849] netlink: 12 bytes leftover after parsing attributes in process `syz.2.287'. [ 162.697464][ T6854] netlink: 4 bytes leftover after parsing attributes in process `syz.3.288'. [ 162.776014][ T6860] syz.2.290 uses obsolete (PF_INET,SOCK_PACKET) [ 163.154845][ T6866] netlink: 28 bytes leftover after parsing attributes in process `syz.0.293'. [ 163.466195][ T6872] kernel read not supported for file /#)-\&[} (pid: 6872 comm: syz.3.294) [ 163.475147][ T30] audit: type=1804 audit(2050.870:2): pid=6872 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.294" name="#)-\&[}" dev="mqueue" ino=12448 res=1 errno=0 [ 163.536357][ T30] audit: type=1804 audit(2050.930:3): pid=6874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.294" name="#)-\&[}" dev="mqueue" ino=12448 res=1 errno=0 [ 163.556302][ T30] audit: type=1804 audit(2050.930:4): pid=6874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.294" name="#)-\&[}" dev="mqueue" ino=12448 res=1 errno=0 [ 163.584454][ T30] audit: type=1800 audit(2050.980:5): pid=6872 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.294" name="#)-\&[}" dev="mqueue" ino=12448 res=0 errno=0 [ 168.118167][ T5836] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 168.137658][ T5836] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 168.146295][ T5836] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 168.186507][ T5836] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 168.195963][ T5836] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 168.203365][ T5836] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 168.842757][ T6933] chnl_net:caif_netlink_parms(): no params data found [ 169.069819][ T6421] syz.1.148 (6421) used greatest stack depth: 19640 bytes left [ 169.216868][ T6933] bridge0: port 1(bridge_slave_0) entered blocking state [ 169.234590][ T6933] bridge0: port 1(bridge_slave_0) entered disabled state [ 169.242285][ T6933] bridge_slave_0: entered allmulticast mode [ 169.275915][ T6933] bridge_slave_0: entered promiscuous mode [ 169.348068][ T6933] bridge0: port 2(bridge_slave_1) entered blocking state [ 169.362419][ T6933] bridge0: port 2(bridge_slave_1) entered disabled state [ 169.370318][ T6933] bridge_slave_1: entered allmulticast mode [ 169.384075][ T6933] bridge_slave_1: entered promiscuous mode [ 169.503425][ T6933] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 169.541966][ T6933] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 169.669296][ T30] audit: type=1804 audit(2048.290:6): pid=6961 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.324" name="#)-\&[}" dev="mqueue" ino=12648 res=1 errno=0 [ 169.697050][ T6961] kernel read not supported for file /#)-\&[} (pid: 6961 comm: syz.0.324) [ 169.718340][ T30] audit: type=1800 audit(2048.340:7): pid=6961 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.324" name="#)-\&[}" dev="mqueue" ino=12648 res=0 errno=0 [ 169.770458][ T30] audit: type=1804 audit(2048.360:8): pid=6961 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.324" name="#)-\&[}" dev="mqueue" ino=12648 res=1 errno=0 [ 169.834500][ T30] audit: type=1804 audit(2048.360:9): pid=6961 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.324" name="#)-\&[}" dev="mqueue" ino=12648 res=1 errno=0 [ 170.136744][ T6933] team0: Port device team_slave_0 added [ 170.146604][ T6933] team0: Port device team_slave_1 added [ 170.284629][ T5840] Bluetooth: hci4: command tx timeout [ 170.347291][ T6933] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 170.398946][ T6933] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 170.524499][ T6933] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 170.796088][ T6933] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 170.813442][ T6933] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 170.860932][ T6976] netlink: 4 bytes leftover after parsing attributes in process `syz.2.321'. [ 170.880165][ T6933] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 171.507803][ T6933] hsr_slave_0: entered promiscuous mode [ 171.529235][ T6933] hsr_slave_1: entered promiscuous mode [ 171.577575][ T6933] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 171.605813][ T6933] Cannot create hsr debugfs directory [ 172.364578][ T5840] Bluetooth: hci4: command tx timeout [ 172.473108][ T6933] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 172.589845][ T6933] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 172.594605][ T6438] syz.1.148 (6438) used greatest stack depth: 17680 bytes left [ 172.653411][ T6933] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 172.706801][ T6933] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 172.739671][ T6992] netlink: 338 bytes leftover after parsing attributes in process `syz.0.327'. [ 172.811203][ T6993] netlink: 338 bytes leftover after parsing attributes in process `syz.0.327'. [ 172.906121][ T6992] netlink: 'syz.0.327': attribute type 1 has an invalid length. [ 172.936289][ T6992] netlink: 'syz.0.327': attribute type 1 has an invalid length. [ 173.175712][ T6996] netlink: 4 bytes leftover after parsing attributes in process `syz.2.329'. [ 173.377865][ T6933] 8021q: adding VLAN 0 to HW filter on device bond0 [ 173.447714][ T6933] 8021q: adding VLAN 0 to HW filter on device team0 [ 173.678509][ T52] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.839714][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.846944][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 173.910894][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.918185][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 174.032350][ T52] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.268364][ T52] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.441593][ T52] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.452303][ T5840] Bluetooth: hci4: command tx timeout [ 174.724798][ T52] bridge_slave_1: left allmulticast mode [ 174.732308][ T52] bridge_slave_1: left promiscuous mode [ 174.771787][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.838662][ T52] bridge_slave_0: left allmulticast mode [ 174.847766][ T7037] netlink: 12 bytes leftover after parsing attributes in process `syz.3.340'. [ 174.858198][ T52] bridge_slave_0: left promiscuous mode [ 174.864002][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.900549][ T7040] netlink: 12 bytes leftover after parsing attributes in process `syz.3.340'. [ 175.279478][ T7054] netlink: 'syz.2.344': attribute type 1 has an invalid length. [ 175.292952][ T7054] netlink: 'syz.2.344': attribute type 1 has an invalid length. [ 175.531629][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 175.542999][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 175.557468][ T52] bond0 (unregistering): Released all slaves [ 175.600839][ T7051] netlink: 338 bytes leftover after parsing attributes in process `syz.2.344'. [ 175.632591][ T52] .': left promiscuous mode [ 175.691508][ T7052] netlink: 338 bytes leftover after parsing attributes in process `syz.2.344'. [ 175.759476][ T6933] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 176.525607][ T5840] Bluetooth: hci4: command tx timeout [ 176.597560][ T6933] veth0_vlan: entered promiscuous mode [ 176.823554][ T52] hsr_slave_0: left promiscuous mode [ 176.840752][ T52] hsr_slave_1: left promiscuous mode [ 176.859408][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 176.874488][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 176.884033][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 176.897930][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 176.932499][ T52] veth1_macvtap: left promiscuous mode [ 176.959764][ T52] veth0_macvtap: left promiscuous mode [ 176.974644][ T52] veth1_vlan: left promiscuous mode [ 176.985052][ T52] veth0_vlan: left promiscuous mode [ 178.791204][ T52] team0 (unregistering): Port device team_slave_1 removed [ 178.848361][ T52] team0 (unregistering): Port device team_slave_0 removed [ 179.416829][ T6933] veth1_vlan: entered promiscuous mode [ 179.545849][ T6933] veth0_macvtap: entered promiscuous mode [ 179.658748][ T7111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.354'. [ 179.692417][ T6933] veth1_macvtap: entered promiscuous mode [ 179.835494][ T6933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 179.869385][ T6933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.882990][ T6933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 179.936054][ T6933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.955745][ T6933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 179.971261][ T6933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.991672][ T6933] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 180.063266][ T6933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.095194][ T6933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.110505][ T6933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.121643][ T6933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.132021][ T6933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.143244][ T6933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.159576][ T6933] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 180.179885][ T6933] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.188850][ T6933] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.204643][ T6933] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.215923][ T6933] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.463963][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 180.476028][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 180.753645][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 180.787373][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 181.145002][ T7135] netlink: 12 bytes leftover after parsing attributes in process `syz.3.358'. [ 181.240946][ T7142] netlink: 12 bytes leftover after parsing attributes in process `syz.3.358'. [ 181.315554][ T7147] netlink: 28 bytes leftover after parsing attributes in process `syz.4.309'. [ 182.634900][ T7198] netlink: 12 bytes leftover after parsing attributes in process `syz.2.371'. [ 182.686345][ T7198] netlink: 12 bytes leftover after parsing attributes in process `syz.2.371'. [ 184.836524][ T7265] netlink: 28 bytes leftover after parsing attributes in process `syz.2.376'. [ 185.950056][ T7286] netlink: 14 bytes leftover after parsing attributes in process `syz.0.380'. [ 186.196405][ T7289] netlink: 4 bytes leftover after parsing attributes in process `syz.2.381'. [ 186.374315][ T7294] netlink: 12 bytes leftover after parsing attributes in process `syz.4.382'. [ 186.454547][ T7298] netlink: 12 bytes leftover after parsing attributes in process `syz.4.382'. [ 187.056156][ T7320] netlink: 28 bytes leftover after parsing attributes in process `syz.2.389'. [ 187.273726][ T7320] geneve1: entered allmulticast mode [ 188.555306][ T7354] netlink: 4 bytes leftover after parsing attributes in process `syz.2.396'. [ 188.906911][ T7363] netlink: 12 bytes leftover after parsing attributes in process `syz.3.398'. [ 188.974288][ T7363] netlink: 12 bytes leftover after parsing attributes in process `syz.3.398'. [ 189.694733][ T7397] netlink: 338 bytes leftover after parsing attributes in process `syz.4.401'. [ 189.762542][ T7397] netlink: 'syz.4.401': attribute type 1 has an invalid length. [ 189.793634][ T7397] netlink: 'syz.4.401': attribute type 1 has an invalid length. [ 190.061459][ T7405] __nla_validate_parse: 1 callbacks suppressed [ 190.061487][ T7405] netlink: 4 bytes leftover after parsing attributes in process `syz.0.404'. [ 191.073899][ T7427] netlink: 12 bytes leftover after parsing attributes in process `syz.4.410'. [ 191.150678][ T7427] netlink: 12 bytes leftover after parsing attributes in process `syz.4.410'. [ 191.626554][ T7434] netlink: 28 bytes leftover after parsing attributes in process `syz.4.411'. [ 193.458726][ T7458] netlink: 8 bytes leftover after parsing attributes in process `syz.2.418'. [ 193.936800][ T7472] ptrace attach of "./syz-executor exec"[5834] was attempted by "./syz-executor exec"[7472] [ 194.379250][ T7462] syz.3.420 (7462): attempted to duplicate a private mapping with mremap. This is not supported. [ 195.586118][ T7496] netlink: 4 bytes leftover after parsing attributes in process `syz.3.425'. [ 197.809454][ T7547] netlink: 4 bytes leftover after parsing attributes in process `syz.2.436'. [ 199.574820][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.584952][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 202.015297][ T7637] netlink: zone id is out of range [ 202.020575][ T7637] netlink: zone id is out of range [ 202.035275][ T7637] netlink: zone id is out of range [ 202.040472][ T7637] netlink: zone id is out of range [ 202.077225][ T7637] netlink: zone id is out of range [ 202.094492][ T7637] netlink: zone id is out of range [ 202.099879][ T7637] netlink: zone id is out of range [ 202.114674][ T7637] netlink: zone id is out of range [ 202.142618][ T7637] netlink: set zone limit has 4 unknown bytes [ 203.955156][ T7690] netlink: 4 bytes leftover after parsing attributes in process `syz.3.458'. [ 204.085130][ T7687] netlink: 4 bytes leftover after parsing attributes in process `syz.2.457'. [ 204.288919][ T7698] netlink: 338 bytes leftover after parsing attributes in process `syz.3.459'. [ 204.315339][ T7698] netlink: 338 bytes leftover after parsing attributes in process `syz.3.459'. [ 207.940718][ T7767] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 207.971614][ T7767] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 209.448845][ T7795] netlink: 4 bytes leftover after parsing attributes in process `syz.2.475'. [ 210.104997][ T7803] netlink: 330 bytes leftover after parsing attributes in process `syz.2.478'. [ 210.871028][ T7810] netlink: 338 bytes leftover after parsing attributes in process `syz.0.479'. [ 211.424120][ T7815] netlink: 338 bytes leftover after parsing attributes in process `syz.0.479'. [ 211.964664][ T54] Bluetooth: hci3: command 0x0406 tx timeout [ 211.970896][ T54] Bluetooth: hci1: command 0x0406 tx timeout [ 211.977862][ T5845] Bluetooth: hci0: command 0x0406 tx timeout [ 213.194171][ T7830] netlink: 8 bytes leftover after parsing attributes in process `syz.4.486'. [ 214.619353][ T7845] netlink: 4 bytes leftover after parsing attributes in process `syz.3.489'. [ 215.355163][ T7865] mmap: syz.2.496 (7865) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 215.987196][ T7874] netlink: 4 bytes leftover after parsing attributes in process `syz.2.498'. [ 217.279624][ T7895] netlink: 4 bytes leftover after parsing attributes in process `syz.3.506'. [ 217.435898][ T7890] netlink: 4 bytes leftover after parsing attributes in process `syz.0.505'. [ 217.546357][ T7902] netlink: 'syz.3.510': attribute type 4 has an invalid length. [ 217.565306][ T30] audit: type=1326 audit(2055.760:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7901 comm="syz.3.510" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb0a8d85d19 code=0x0 [ 217.659588][ T7900] netlink: 4 bytes leftover after parsing attributes in process `syz.4.509'. [ 218.042665][ T7912] netlink: 28 bytes leftover after parsing attributes in process `syz.4.513'. [ 218.504992][ T7920] mmap: syz.3.516 (7920): VmData 37470208 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data. [ 219.063813][ T7928] netlink: 4 bytes leftover after parsing attributes in process `syz.3.520'. [ 219.281183][ T7932] netlink: 12 bytes leftover after parsing attributes in process `syz.3.521'. [ 220.921471][ T7965] netlink: 4 bytes leftover after parsing attributes in process `syz.2.533'. [ 221.079603][ T7973] netlink: 4 bytes leftover after parsing attributes in process `syz.3.536'. [ 222.519919][ T8011] RDS: rds_bind could not find a transport for ::ffff:172.30.0.1, load rds_tcp or rds_rdma? [ 223.303525][ T8039] netlink: 4 bytes leftover after parsing attributes in process `syz.2.558'. [ 226.073914][ T8120] netlink: 4 bytes leftover after parsing attributes in process `syz.2.580'. [ 227.079968][ T8143] netlink: 4116 bytes leftover after parsing attributes in process `syz.4.587'. [ 227.125253][ T8143] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 228.652364][ T8177] capability: warning: `syz.0.600' uses 32-bit capabilities (legacy support in use) [ 229.123336][ T8180] netlink: 8 bytes leftover after parsing attributes in process `syz.2.601'. [ 229.662254][ T8193] netlink: 8 bytes leftover after parsing attributes in process `syz.4.602'. [ 230.044575][ T5840] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 230.067642][ T8202] netlink: 322 bytes leftover after parsing attributes in process `syz.0.607'. [ 230.105806][ T8202] bond0: entered promiscuous mode [ 230.114460][ T8202] bond_slave_0: entered promiscuous mode [ 230.120341][ T8202] bond_slave_1: entered promiscuous mode [ 231.891236][ T8241] netlink: 4 bytes leftover after parsing attributes in process `syz.0.620'. [ 232.105831][ T8251] netlink: 338 bytes leftover after parsing attributes in process `syz.3.624'. [ 232.150527][ T8251] netlink: 338 bytes leftover after parsing attributes in process `syz.3.624'. [ 232.175947][ T8251] netlink: 'syz.3.624': attribute type 1 has an invalid length. [ 232.191847][ T8251] netlink: 'syz.3.624': attribute type 1 has an invalid length. [ 232.269758][ T5840] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 232.414919][ T8256] svc: failed to register nfsdv3 RPC service (errno 111). [ 232.427693][ T8256] svc: failed to register nfsaclv3 RPC service (errno 111). [ 232.833984][ T8277] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 233.981236][ T8296] netlink: 4 bytes leftover after parsing attributes in process `syz.0.639'. [ 234.031490][ T8301] netlink: zone id is out of range [ 234.062155][ T8301] netlink: zone id is out of range [ 234.098663][ T8301] netlink: zone id is out of range [ 234.114157][ T8301] netlink: zone id is out of range [ 234.124287][ T8301] netlink: zone id is out of range [ 234.150419][ T8301] netlink: zone id is out of range [ 234.169858][ T8301] netlink: zone id is out of range [ 234.175850][ T8301] netlink: zone id is out of range [ 234.182028][ T8301] netlink: zone id is out of range [ 234.203941][ T8301] netlink: del zone limit has 4 unknown bytes [ 234.599684][ T8311] netlink: 338 bytes leftover after parsing attributes in process `syz.3.642'. [ 234.659135][ T8311] netlink: 338 bytes leftover after parsing attributes in process `syz.3.642'. [ 234.724634][ T8311] netlink: 'syz.3.642': attribute type 1 has an invalid length. [ 234.742628][ T8311] netlink: 'syz.3.642': attribute type 1 has an invalid length. [ 235.851789][ T8329] netlink: 4 bytes leftover after parsing attributes in process `syz.4.648'. [ 237.474735][ T8366] netlink: 8 bytes leftover after parsing attributes in process `syz.4.658'. [ 237.632267][ T8368] .': entered promiscuous mode [ 237.699898][ T8372] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 237.730047][ T8372] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 238.559086][ T8390] netlink: 338 bytes leftover after parsing attributes in process `syz.3.666'. [ 238.579542][ T8390] netlink: 338 bytes leftover after parsing attributes in process `syz.3.666'. [ 238.652652][ T8390] netlink: 'syz.3.666': attribute type 1 has an invalid length. [ 238.704392][ T8390] netlink: 'syz.3.666': attribute type 1 has an invalid length. [ 239.912723][ T8408] openvswitch: .': Dropping previously announced user features [ 240.378851][ T8419] ptrace attach of "./syz-executor exec"[6933] was attempted by ""[8419] [ 240.464087][ T8422] netlink: 338 bytes leftover after parsing attributes in process `syz.0.677'. [ 240.656875][ T8431] netlink: 'syz.0.677': attribute type 1 has an invalid length. [ 240.732140][ T8431] netlink: 'syz.0.677': attribute type 1 has an invalid length. [ 240.769170][ T8433] ptrace attach of "./syz-executor exec"[6933] was attempted by ";Å\x22çEÃîdï–2í²úTÜXò²›ÖÁsÌgÂ\x5cš^ÃZŒO1Ù;A 'ÿ»‘íYñÜÌ»A}'€’Ç¥„El½ÍlÑÚ\x07P€IŽ¦+UÀüf\x0a¸CzÈÇ0Íý:RÇ ”/\x5c%€#jŒÉ\x0b^í{|¥ÆYËê<6\x0cŒ^‘‰ôœs„`Â|ª>üÔTûâ)8UýÙM‚I:,¦\x0a§½‹b·ËHÑì6`àG„°tp¾QTü÷y˜¦Ç§ \x0bNÛ®‡S¬~wmCŒ¿@»­ŸX;åp@®‘–$L”o0îîVn3\x0a%y)ð²)|åã«xµ¯8<2ß1ë\x1bg²UûÂÚlô šÎgBCþÅ(îü–Fôüi9jÖ#’¥×„-¬-'­ÉÜ–4¦T\x0dòG\x07âmí¾Ñ±Ieœcm'Íóõñ~?\x0b\x0d×£ï.üÊ°Aç[kœ){–3Ð ;€¦ëÐpë5±t\x5cÀ¸cc$o!³•5±ñó&PôI³u8 ®ÏÕ©fU¼4LîS%ŠÏm.€&¤ŽwZÈp8-ÞªàN”ž½„¯oá_’tOïf¬Ê ,!H‡µÆs6(d˜¨ÐÁ/¤›=8Bë÷´œï7kî =]ÐßgIv±ƒ·VÏÌoGÔ3ºñù>õÇÊÆ/‘Û!Èu%ò¼4\x0cD$°MÃM4ܱöîÌfa7´æ´ËÂïlaÐ\x0abrÑè稯GÊ3måu>ÖÔPßJ§Ú鿨Ól„EÓ €Û0À»ø¨Ä \x09°7xA`»±KT3ÿ\x0bRy¹£úÎÃíøjùÚ§øl\x0dÃ|nCÅä-\x0dé½\x0d:Yã8(÷`I¿ä%´°x\x1bôè\x1bo>¯¨eôŠ}x±E#ÙƒìuÖÒ®¼ßf\x0dÆÏ#»¯ƒM¨SÞçôâ™E!Á\x0cÞ€±¿ur=…±»Ó‹+¢œ_â“~ÂÆ¡Œàúå­(ëò‘F[×<@; ¡)òø+Ëc;'ÍÖ)Ò¢A@ôuRƒEa…§¡ÝÐí÷-i®XóLÇÕ0Ø¿2«Úç\x0a~)¿QË\x22Ò¹rõˆl&ÈÒI2*‡Ù¸ɸùris]±£\x5c¼·\x09K(E‹%¦0ŒÂ±LJ!룷\x1b ½_lˆu„jô&\x22ž%D.-rˆ¥. [ 240.836089][ T8422] netlink: 338 bytes leftover after parsing attributes in process `syz.0.677'. [ 242.499889][ T8457] .': entered promiscuous mode [ 246.429294][ T8501] netlink: 338 bytes leftover after parsing attributes in process `syz.0.697'. [ 246.504721][ T8503] netlink: 338 bytes leftover after parsing attributes in process `syz.0.697'. [ 246.557204][ T8501] netlink: 'syz.0.697': attribute type 1 has an invalid length. [ 246.634434][ T8501] netlink: 'syz.0.697': attribute type 1 has an invalid length. [ 247.300638][ T8510] openvswitch: .': Dropping previously announced user features [ 252.029619][ T8592] could not allocate digest TFM handle [ 252.070296][ T8606] openvswitch: .': Dropping previously announced user features [ 252.311290][ T8594] could not allocate digest TFM handle [ 253.306817][ T8637] netlink: 24 bytes leftover after parsing attributes in process `syz.4.730'. [ 253.959848][ T8613] kexec: Could not allocate control_code_buffer [ 255.391945][ T8685] HSR: entered promiscuous mode [ 256.839235][ T8716] netlink: 28 bytes leftover after parsing attributes in process `syz.0.749'. [ 256.908085][ T8716] bridge0: port 1(bridge_slave_0) entered disabled state [ 257.020362][ T8716] bridge_slave_0 (unregistering): left allmulticast mode [ 257.042902][ T8716] bridge_slave_0 (unregistering): left promiscuous mode [ 257.067956][ T8716] bridge0: port 1(bridge_slave_0) entered disabled state [ 257.109015][ T8729] netlink: 8 bytes leftover after parsing attributes in process `syz.4.754'. [ 261.007024][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.013416][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.344642][ T8856] openvswitch: .': Dropping previously announced user features [ 261.366613][ T8852] netlink: 28 bytes leftover after parsing attributes in process `syz.4.792'. [ 261.433709][ T8852] bridge0: port 1(bridge_slave_0) entered disabled state [ 261.576429][ T8852] bridge_slave_0 (unregistering): left allmulticast mode [ 261.604509][ T8852] bridge_slave_0 (unregistering): left promiscuous mode [ 261.634980][ T8852] bridge0: port 1(bridge_slave_0) entered disabled state [ 262.635160][ T8878] netlink: 338 bytes leftover after parsing attributes in process `syz.0.800'. [ 262.675760][ T8879] netlink: 338 bytes leftover after parsing attributes in process `syz.0.800'. [ 263.699224][ T8907] netlink: 338 bytes leftover after parsing attributes in process `syz.2.812'. [ 263.726649][ T8908] netlink: 338 bytes leftover after parsing attributes in process `syz.2.812'. [ 264.386992][ T8925] netlink: 'syz.2.820': attribute type 4 has an invalid length. [ 264.395078][ T8925] netlink: 314 bytes leftover after parsing attributes in process `syz.2.820'. [ 264.636635][ T8932] openvswitch: .': Dropping previously announced user features [ 264.860019][ T8938] netlink: 338 bytes leftover after parsing attributes in process `syz.2.824'. [ 264.871640][ T8938] netlink: 338 bytes leftover after parsing attributes in process `syz.2.824'. [ 268.973536][ T8993] netlink: 330 bytes leftover after parsing attributes in process `syz.3.840'. [ 269.149780][ T9031] openvswitch: .': Dropping previously announced user features [ 270.281880][ T9052] Invalid ELF header magic: != ELF [ 270.787882][ T9059] openvswitch: .': Dropping previously announced user features [ 270.892838][ T9061] netlink: 338 bytes leftover after parsing attributes in process `syz.2.859'. [ 270.995834][ T9064] netlink: 338 bytes leftover after parsing attributes in process `syz.2.859'. [ 271.488336][ T5840] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 272.625731][ T9107] netlink: 338 bytes leftover after parsing attributes in process `syz.2.873'. [ 272.673916][ T9107] netlink: 338 bytes leftover after parsing attributes in process `syz.2.873'. [ 274.007706][ T9130] openvswitch: .': Dropping previously announced user features [ 274.155679][ T9137] netlink: 4 bytes leftover after parsing attributes in process `syz.4.881'. [ 274.212917][ T9143] netlink: 338 bytes leftover after parsing attributes in process `syz.0.885'. [ 274.233087][ T9143] netlink: 338 bytes leftover after parsing attributes in process `syz.0.885'. [ 274.646967][ T30] audit: type=1326 audit(3602.610:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9146 comm="syz.3.886" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb0a8d85d19 code=0x0 [ 276.484643][ T9176] netlink: 338 bytes leftover after parsing attributes in process `syz.2.895'. [ 276.546309][ T9176] netlink: 338 bytes leftover after parsing attributes in process `syz.2.895'. [ 276.614632][ T9180] openvswitch: .': Dropping previously announced user features [ 277.862076][ T9216] netlink: 28 bytes leftover after parsing attributes in process `syz.2.907'. [ 278.363488][ T9197] kexec: Could not allocate control_code_buffer [ 278.406458][ T9231] netlink: 'syz.4.912': attribute type 27 has an invalid length. [ 278.414275][ T9231] netlink: 334 bytes leftover after parsing attributes in process `syz.4.912'. [ 279.145490][ T30] audit: type=1326 audit(3607.110:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="syz.0.916" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6d45f85d19 code=0x0 [ 279.262172][ T9251] netlink: 334 bytes leftover after parsing attributes in process `syz.3.918'. [ 279.710740][ T9259] openvswitch: .': Dropping previously announced user features [ 279.892467][ T9262] netlink: 28 bytes leftover after parsing attributes in process `syz.3.922'. [ 279.954645][ T9262] bridge0: port 1(bridge_slave_0) entered disabled state [ 280.077213][ T9262] bridge_slave_0 (unregistering): left allmulticast mode [ 280.095198][ T9262] bridge_slave_0 (unregistering): left promiscuous mode [ 280.107985][ T9262] bridge0: port 1(bridge_slave_0) entered disabled state [ 280.723962][ T9285] netlink: 338 bytes leftover after parsing attributes in process `syz.3.930'. [ 280.761152][ T9285] netlink: 338 bytes leftover after parsing attributes in process `syz.3.930'. [ 281.077924][ T9292] netlink: 338 bytes leftover after parsing attributes in process `syz.4.931'. [ 281.134653][ T9293] netlink: 338 bytes leftover after parsing attributes in process `syz.4.931'. [ 282.316406][ T9319] netlink: 338 bytes leftover after parsing attributes in process `syz.3.941'. [ 282.370953][ T9319] netlink: 338 bytes leftover after parsing attributes in process `syz.3.941'. [ 286.065982][ T9375] netlink: 338 bytes leftover after parsing attributes in process `syz.2.955'. [ 286.098219][ T9375] netlink: 338 bytes leftover after parsing attributes in process `syz.2.955'. [ 286.167181][ T9375] netlink: 'syz.2.955': attribute type 1 has an invalid length. [ 286.200531][ T9375] netlink: 'syz.2.955': attribute type 1 has an invalid length. [ 288.614649][ T9441] netlink: 338 bytes leftover after parsing attributes in process `syz.4.978'. [ 288.664525][ T9441] netlink: 338 bytes leftover after parsing attributes in process `syz.4.978'. [ 288.709831][ T9441] netlink: 'syz.4.978': attribute type 1 has an invalid length. [ 288.724372][ T9441] netlink: 'syz.4.978': attribute type 1 has an invalid length. [ 288.861646][ T9450] netlink: 28 bytes leftover after parsing attributes in process `syz.0.979'. [ 289.080988][ T9450] bond0: (slave bond_slave_0): Releasing backup interface [ 289.107092][ T9450] bond_slave_0 (unregistering): left promiscuous mode [ 289.219474][ T9456] netlink: 342 bytes leftover after parsing attributes in process `syz.4.981'. [ 290.586848][ T9487] netlink: 338 bytes leftover after parsing attributes in process `syz.4.989'. [ 290.607240][ T9487] netlink: 338 bytes leftover after parsing attributes in process `syz.4.989'. [ 290.634859][ T9487] netlink: 'syz.4.989': attribute type 1 has an invalid length. [ 290.643240][ T9487] netlink: 'syz.4.989': attribute type 1 has an invalid length. [ 291.447952][ T9507] svc: failed to register nfsdv3 RPC service (errno 111). [ 291.467935][ T9507] svc: failed to register nfsaclv3 RPC service (errno 111). [ 292.142436][ T9522] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1000'. [ 292.171045][ T9522] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1000'. [ 292.206355][ T9522] netlink: 'syz.4.1000': attribute type 1 has an invalid length. [ 292.224402][ T9522] netlink: 'syz.4.1000': attribute type 1 has an invalid length. [ 293.089470][ T30] audit: type=1800 audit(3621.050:13): pid=9545 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1007" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 293.820747][ T5840] Bluetooth: hci4: command 0x0406 tx timeout [ 295.409161][ T9606] openvswitch: HfR: Dropping previously announced user features [ 296.679060][ T9641] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1039'. [ 296.691357][ T9641] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1039'. [ 296.702221][ T9641] netlink: 'syz.2.1039': attribute type 1 has an invalid length. [ 296.710224][ T9641] netlink: 'syz.2.1039': attribute type 1 has an invalid length. [ 298.283850][ T9670] could not allocate digest TFM handle [ 302.293546][ T9740] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1061'. [ 302.344629][ T9740] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1061'. [ 302.397248][ T9740] netlink: 'syz.3.1061': attribute type 1 has an invalid length. [ 302.447244][ T9740] netlink: 'syz.3.1061': attribute type 1 has an invalid length. [ 305.816611][ T9771] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1068'. [ 306.332811][ T9775] netlink: 'syz.4.1070': attribute type 1 has an invalid length. [ 306.379839][ T9775] netlink: 'syz.4.1070': attribute type 1 has an invalid length. [ 306.423329][ T9773] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1070'. [ 306.480029][ T9774] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1070'. [ 311.138003][ T9805] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1082'. [ 311.201277][ T9806] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1082'. [ 311.291968][ T9805] netlink: 'syz.3.1082': attribute type 1 has an invalid length. [ 311.349840][ T9805] netlink: 'syz.3.1082': attribute type 1 has an invalid length. [ 313.968144][ T9834] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 314.003316][ T9834] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 314.055002][ T9836] openvswitch: .': Dropping previously announced user features [ 314.250098][ T9840] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1093'. [ 314.304446][ T9840] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1093'. [ 314.361756][ T9840] netlink: 'syz.2.1093': attribute type 1 has an invalid length. [ 314.405358][ T9840] netlink: 'syz.2.1093': attribute type 1 has an invalid length. [ 317.035351][ T9855] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1097'. [ 317.977313][ T5840] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 318.206999][ T9877] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1105'. [ 318.255246][ T9877] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1105'. [ 318.274161][ T9877] netlink: 'syz.2.1105': attribute type 1 has an invalid length. [ 318.284624][ T9877] netlink: 'syz.2.1105': attribute type 1 has an invalid length. [ 318.722294][ T9887] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1108'. [ 318.739927][ T9887] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode [ 318.751762][ T9887] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode [ 319.220450][ T5840] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 320.262561][ T9923] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1118'. [ 321.562011][ T9941] netlink: 122 bytes leftover after parsing attributes in process `syz.0.1126'. [ 322.446796][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.453292][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.271336][ T9971] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1132'. [ 325.218965][T10014] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1146'. [ 325.253176][T10014] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1146'. [ 326.284554][ T5836] Bluetooth: hci3: Opcode 0x206a failed: -110 [ 326.291173][ T5836] Bluetooth: hci3: command 0x0406 tx timeout [ 326.895447][T10046] nbd: must specify at least one socket [ 327.203745][T10051] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1158'. [ 327.249586][T10051] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1158'. [ 327.308966][T10051] netlink: 'syz.0.1158': attribute type 1 has an invalid length. [ 327.348526][T10051] netlink: 'syz.0.1158': attribute type 1 has an invalid length. [ 329.034695][T10078] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1165'. [ 329.058980][T10078] hsr_slave_0: left promiscuous mode [ 329.554536][T10089] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1169'. [ 329.598461][T10089] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1169'. [ 329.821473][T10095] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1171'. [ 333.105094][T10144] bridge0: port 1(ipvlan1) entered blocking state [ 333.111732][T10144] bridge0: port 1(ipvlan1) entered disabled state [ 333.136295][T10144] ipvlan1: entered allmulticast mode [ 333.141672][T10144] veth0_vlan: entered allmulticast mode [ 333.193163][T10144] ipvlan1: left allmulticast mode [ 333.214430][T10144] veth0_vlan: left allmulticast mode [ 335.570021][T10174] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1191'. [ 335.885470][T10184] kernel read not supported for file /#)-\&[} (pid: 10184 comm: syz.2.1193) [ 335.891886][ T30] audit: type=1804 audit(3663.850:14): pid=10184 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1193" name="#)-\&[}" dev="mqueue" ino=24246 res=1 errno=0 [ 335.952481][ T30] audit: type=1800 audit(3663.890:15): pid=10184 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1193" name="#)-\&[}" dev="mqueue" ino=24246 res=0 errno=0 [ 336.014367][ T30] audit: type=1804 audit(3663.900:16): pid=10184 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1193" name="#)-\&[}" dev="mqueue" ino=24246 res=1 errno=0 [ 336.090256][ T30] audit: type=1804 audit(3663.900:17): pid=10184 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1193" name="#)-\&[}" dev="mqueue" ino=24246 res=1 errno=0 [ 337.085051][T10205] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1198'. [ 337.130648][T10203] h: entered promiscuous mode [ 337.485760][T10215] netlink: 'syz.2.1201': attribute type 1 has an invalid length. [ 337.493580][T10215] netlink: 'syz.2.1201': attribute type 1 has an invalid length. [ 337.604369][T10211] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1201'. [ 337.619370][T10213] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1201'. [ 339.421512][T10252] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1211'. [ 339.454533][T10261] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1211'. [ 339.484589][ T5840] Bluetooth: hci0: Opcode 0x206a failed: -110 [ 339.491618][ T5840] Bluetooth: hci0: command 0x0406 tx timeout [ 339.509387][T10252] veth1_macvtap: entered allmulticast mode [ 339.592923][T10264] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1214'. [ 339.673107][T10266] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1214'. [ 339.729842][T10264] netlink: 'syz.2.1214': attribute type 1 has an invalid length. [ 339.764611][T10264] netlink: 'syz.2.1214': attribute type 1 has an invalid length. [ 340.629281][T10279] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1219'. [ 340.664592][T10279] hsr_slave_0: left promiscuous mode [ 341.150318][T10292] nbd: must specify at least one socket [ 343.340311][T10321] netlink: 'syz.0.1231': attribute type 27 has an invalid length. [ 343.356987][T10321] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1231'. [ 343.363543][T10322] netlink: 'syz.3.1232': attribute type 3 has an invalid length. [ 345.547985][T10353] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1238'. [ 345.645656][T10356] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1238'. [ 346.286035][T10362] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1240'. [ 346.342688][T10362] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1240'. [ 346.396955][T10365] netlink: 'syz.0.1240': attribute type 1 has an invalid length. [ 346.404984][T10365] netlink: 'syz.0.1240': attribute type 1 has an invalid length. [ 346.459765][T10257] syz.4.1211: vmalloc error: size 4194304, failed to allocated page array size 8192, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 346.554562][T10257] CPU: 1 UID: 0 PID: 10257 Comm: syz.4.1211 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0 [ 346.565419][T10257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 346.575623][T10257] Call Trace: [ 346.579037][T10257] [ 346.582023][T10257] dump_stack_lvl+0x16c/0x1f0 [ 346.586770][T10257] warn_alloc+0x24d/0x3a0 [ 346.591180][T10257] ? __pfx_warn_alloc+0x10/0x10 [ 346.596112][T10257] ? __get_vm_area_node+0x1b0/0x2f0 [ 346.601367][T10257] ? __get_vm_area_node+0x1dc/0x2f0 [ 346.606638][T10257] __vmalloc_node_range_noprof+0x1105/0x1530 [ 346.612691][T10257] ? netlink_alloc_large_skb+0x96/0x130 [ 346.618308][T10257] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 346.624708][T10257] ? __get_vm_area_node+0x1b0/0x2f0 [ 346.629959][T10257] ? __get_vm_area_node+0x1dc/0x2f0 [ 346.635260][T10257] __vmalloc_node_range_noprof+0xd85/0x1530 [ 346.641215][T10257] ? netlink_alloc_large_skb+0x96/0x130 [ 346.646826][T10257] ? netlink_alloc_large_skb+0x96/0x130 [ 346.652434][T10257] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 346.658824][T10257] ? rcu_is_watching+0x12/0xc0 [ 346.663654][T10257] ? trace_kmalloc+0x2d/0xd0 [ 346.668296][T10257] ? __kmalloc_node_noprof.cold+0x5a/0x5f [ 346.674086][T10257] ? netlink_alloc_large_skb+0x96/0x130 [ 346.679690][T10257] __kvmalloc_node_noprof+0x14f/0x1a0 [ 346.685129][T10257] ? netlink_alloc_large_skb+0x96/0x130 [ 346.690730][T10257] netlink_alloc_large_skb+0x96/0x130 [ 346.696172][T10257] netlink_sendmsg+0x689/0xd70 [ 346.701004][T10257] ? __pfx_netlink_sendmsg+0x10/0x10 [ 346.706359][T10257] sock_write_iter+0x4fe/0x5b0 [ 346.711175][T10257] ? __pfx_sock_write_iter+0x10/0x10 [ 346.716530][T10257] ? bpf_lsm_file_permission+0x9/0x10 [ 346.721979][T10257] ? security_file_permission+0x71/0x210 [ 346.727688][T10257] vfs_write+0x5ae/0x1150 [ 346.732078][T10257] ? __pfx_sock_write_iter+0x10/0x10 [ 346.737426][T10257] ? __pfx_vfs_write+0x10/0x10 [ 346.742244][T10257] ? do_futex+0x123/0x350 [ 346.746660][T10257] ? __fget_files+0x40/0x3a0 [ 346.751328][T10257] ksys_write+0x207/0x250 [ 346.755721][T10257] ? __pfx_ksys_write+0x10/0x10 [ 346.760632][T10257] do_syscall_64+0xcd/0x250 [ 346.765199][T10257] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.771156][T10257] RIP: 0033:0x7fa571b85d19 [ 346.775624][T10257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 346.795295][T10257] RSP: 002b:00007fa57291c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 346.803779][T10257] RAX: ffffffffffffffda RBX: 00007fa571d76080 RCX: 00007fa571b85d19 [ 346.811823][T10257] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 346.819848][T10257] RBP: 00007fa571c01a20 R08: 0000000000000000 R09: 0000000000000000 [ 346.827869][T10257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 346.835892][T10257] R13: 0000000000000000 R14: 00007fa571d76080 R15: 00007ffd64a05518 [ 346.843931][T10257] [ 346.886869][T10257] Mem-Info: [ 346.906055][T10257] active_anon:90063 inactive_anon:0 isolated_anon:0 [ 346.906055][T10257] active_file:2845 inactive_file:56096 isolated_file:0 [ 346.906055][T10257] unevictable:768 dirty:493 writeback:0 [ 346.906055][T10257] slab_reclaimable:11951 slab_unreclaimable:104169 [ 346.906055][T10257] mapped:35506 shmem:79826 pagetables:878 [ 346.906055][T10257] sec_pagetables:0 bounce:0 [ 346.906055][T10257] kernel_misc_reclaimable:0 [ 346.906055][T10257] free:1177776 free_pcp:790 free_cma:0 [ 347.224481][T10257] Node 0 active_anon:369888kB inactive_anon:0kB active_file:11380kB inactive_file:224308kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:121240kB dirty:1968kB writeback:0kB shmem:324208kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11824kB pagetables:3564kB sec_pagetables:0kB all_unreclaimable? no [ 347.429570][T10257] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 347.694615][T10257] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 348.184647][T10257] lowmem_reserve[]: 0 2465 2466 0 0 [ 348.190013][T10257] Node 0 DMA32 free:828976kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:292284kB inactive_anon:4kB active_file:11380kB inactive_file:223484kB unevictable:1536kB writepending:1968kB present:3129332kB managed:2551344kB mlocked:0kB bounce:0kB free_pcp:24800kB local_pcp:19204kB free_cma:0kB [ 348.294351][T10257] lowmem_reserve[]: 0 0 0 0 0 [ 348.300219][T10257] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:824kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 348.394351][T10257] lowmem_reserve[]: 0 0 0 0 0 [ 348.400150][T10257] Node 1 Normal free:3911968kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 348.523445][ T5836] Bluetooth: hci3: command 0x0406 tx timeout [ 348.524587][ T5840] Bluetooth: hci3: Opcode 0x206a failed: -110 [ 348.581839][T10257] lowmem_reserve[]: 0 0 0 0 0 [ 348.605425][T10257] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 348.672998][T10257] Node 0 DMA32: 5175*4kB (UME) 1163*8kB (ME) 570*16kB (UM) 570*32kB (UME) 293*64kB (ME) 71*128kB (ME) 7*256kB (ME) 68*512kB (UME) 60*1024kB (ME) 4*2048kB (ME) 163*4096kB (M) = 859092kB [ 348.748565][T10257] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 348.852386][T10257] Node 1 Normal: 218*4kB (UM) 43*8kB (UME) 30*16kB (UME) 180*32kB (UME) 94*64kB (UME) 33*128kB (UME) 16*256kB (UME) 12*512kB (UM) 3*1024kB (UM) 1*2048kB (U) 947*4096kB (M) = 3911968kB [ 349.024632][T10257] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 349.044545][T10257] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 349.053912][T10257] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 349.094379][T10257] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 349.103749][T10257] 109736 total pagecache pages [ 349.124339][T10257] 0 pages in swap cache [ 349.128566][T10257] Free swap = 124904kB [ 349.132757][T10257] Total swap = 124996kB [ 349.146676][T10257] 2097051 pages RAM [ 349.150554][T10257] 0 pages HighMem/MovableOnly [ 349.164802][T10257] 427365 pages reserved [ 349.169023][T10257] 0 pages cma reserved [ 350.907219][T10407] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1256'. [ 350.942639][T10407] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1256'. [ 350.973691][T10407] netlink: 134 bytes leftover after parsing attributes in process `syz.2.1256'. [ 351.324525][ T5840] Bluetooth: hci3: Opcode 0x206a failed: -110 [ 351.404434][ T5840] Bluetooth: hci3: command 0x0406 tx timeout [ 354.397555][T10451] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1268'. [ 354.428533][T10450] nbd: illegal input index -33554433 [ 354.756605][T10462] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1271'. [ 355.218788][T10468] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1273'. [ 355.237916][T10471] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1273'. [ 355.250748][T10468] netlink: 'syz.4.1273': attribute type 1 has an invalid length. [ 355.261275][T10468] netlink: 'syz.4.1273': attribute type 1 has an invalid length. [ 355.592333][T10479] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1275'. [ 356.288419][ T5836] Bluetooth: hci1: command 0x0406 tx timeout [ 356.334893][ T5840] Bluetooth: hci1: Opcode 0x206a failed: -110 [ 357.347402][T10533] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1289'. [ 358.204824][T10558] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1295'. [ 358.234656][T10558] net_ratelimit: 1 callbacks suppressed [ 358.234680][T10558] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 358.364524][ T5836] Bluetooth: hci1: command 0x0406 tx timeout [ 358.364752][ T5840] Bluetooth: hci1: Opcode 0x206a failed: -110 [ 359.652058][T10575] ptrace attach of "./syz-executor exec"[5841] was attempted by "äºÖ“”\x07»!ÅF€pûM”Ö%Kž®ÜÂ\x5cˆÁ\x22òر®\x0avÓ#x!BõGN §C£‚Ò³F=Î0êÆÅêöf%º•Ê~@lRÒâ‰)µ'¬ï‡~gx¯9%\x07pÆ|׿44Ò¾'tÔ”%Òë´Þþ)T xÃQFšê¬¤`J´ú$\x5c5hqØfŒÚº¸\x0bpáý>·\x5c¯Ê¦|±†31‘rîv7Ì>3EÆ|ß/ꪳÊ{ó¥´yÐDvèæÛà¾U„+-ô9¶Sl¿²áKW3ç·V´¸¥lèðç;O’š+½ew•(ìLâtÌÛoLwä®ÄJZ{/Ü|DKzX\x0cÞ®pøœlJȬèÒÔ˜ßÛ\x0c°‘}hÜNO9U»ËÏ7xÎKQxÅîJILìIê©þ´èr‘r[NR)>^íóÄ„ÆE„ ½v\x0d{Ü“±_œ3\x5cM» 9ú̸V6jèÛS´Ä$Š=ÓeÜV÷9¸È&ÀÔ°&[Ø‚‡~j™Š@ªNŸ,0ÐH¬ºØŽµc*ͪ#æ=àJHI¦ÿé.Î|C@{¸ÖCÎZÿû俈\x09'ð³wR˜/ž€eØÜwƒßDlŠË‡èôßäÆ…¼f#a}¯gÒS‚ߥ±Ή“d^ÑþÅ&g#qÊ÷n«Ûœ€…\x5c¤Ý᛬J¿êÅ—DAPÁHÀ8ÄËÔðMLâ;`QéWkj]设‰€ä…_ƒ¢J)šAŒ‚ÂÜ;-oÓÿÊÑgÉ0\x07‰¤5ÉtürÀçCRý)©`‘q~²õÒ\x0dˆ±f_0@>Aƒ¢\x0c¤~3²\x07··|GâôöÆ·Œ¢þ5¾‘ª¸¤lÉre\x5cöÎTÓD„jÊG¼â•±xfÎU4E±Çžx¼ÅF®$\x0cô”}Ò¡,Š~ôö:ÊÙùLÞN ­\x071ÑIw—Æéôh‹òJ‚€wS5+Pd<­ï°)”mq:†\x09w¸4.Ù¬ ? «›[:qË<l—|™R,Ä|?Y² gævªÂq¼CÙôÅ~\x1b\x0a¬ÌBš2×›ë«È8¢ì`üŸŠµû\x5cÿ)Óz\x22±£e?:A/í<²ÞâyG2…Åwî¯×Õ*’Vé¡3mPÄ%›oé)døùO'tüÜ\x [ 360.268782][T10588] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1300'. [ 360.418322][T10594] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1301'. [ 360.435205][T10594] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1301'. [ 360.444557][ T5836] Bluetooth: hci1: command 0x0406 tx timeout [ 360.457190][T10594] netlink: 'syz.3.1301': attribute type 1 has an invalid length. [ 360.465651][ T5840] Bluetooth: hci1: Opcode 0x206a failed: -110 [ 360.482041][T10594] netlink: 'syz.3.1301': attribute type 1 has an invalid length. [ 360.574613][T10588] hsr_slave_0: left promiscuous mode [ 360.666737][T10588] hsr_slave_1: left promiscuous mode [ 363.416275][ T5843] Bluetooth: hci4: command 0x0406 tx timeout [ 363.424439][ T5840] Bluetooth: hci4: Opcode 0x206a failed: -110 [ 364.524765][ T5836] Bluetooth: hci0: Opcode 0x206a failed: -110 [ 364.604551][ T5840] Bluetooth: hci0: command 0x0406 tx timeout [ 364.912182][T10675] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1323'. [ 365.070917][T10680] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1324'. [ 365.248727][T10684] netlink: 'syz.3.1326': attribute type 11 has an invalid length. [ 365.291342][T10684] netlink: 'syz.3.1326': attribute type 11 has an invalid length. [ 366.475308][T10707] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1333'. [ 366.531182][T10711] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1333'. [ 366.571578][T10707] netlink: 'syz.4.1333': attribute type 1 has an invalid length. [ 366.620857][T10707] netlink: 'syz.4.1333': attribute type 1 has an invalid length. [ 366.857572][T10710] ptrace attach of "./syz-executor exec"[5834] was attempted by "*qX`@ƒG–Oª)'¦±“íF¡6׿¸2\x07Tà>`‘p×Öåb¿ÑÒ[‹¤ïÍ6K È`ß-¹Rà!~*Ñ›ac8ÏÍâvRYˆ~åü6-Å8?Re—h›­²Y¼ÅﺑK™³kP­Y‚3t[+2`b6I¬ÀÑ<Û±›&­Þ¯Þ%пÐ3‰›„™\x0c–kz¯Q[MÇ_\x22¨•Ï9ù¹·¬òÖg\x0d60´œüuýn”Cꛑ-ÀYÒ0Ö“9ÓgŒÔib›³DgâÌäÅŽ¿ãq“0>Èh£·uF§n6óç³\x0bÑ$ÉB#SE3¼;ƒåyò|»ÒZ<Ïöâ`e€ËÖº é;*—$#Ý'× ê½„ÄÛÿL7ßÿ·hnèá%&Sš±èM©^\x09å¶ÙŽR‡j±\x0bõý½Š™ªAb¸?\x0c~üKíÃBÈyŠ‘r8¯‹%Kïmª¸!“Ç©îìà£p‰‚pY¢*ïÈ\x0b„ŽÖ6 #ŸŸG‘Ñ“ÑaŽðÇsnW\x22­ó‰_û×Ï\x07öIÞ÷ ãUœdbˬ<¥u\x0cm±!”5ø×r'™ø[–ˆâ¹G#ŒÓ%äBí1g¥wJ íKwŸÑ)æEí•À‡ÄO™H55æÇsÃŽLêjigëòF¹ä;aÞ\x0a…ÔG°3רü¼|Õ§@ßpË0÷~|Î^—s«ôk5qg©›“ïˆb•wmv¿_×QÑõTŒï}“™\x1bØb\x0aþB^/ ƒ‘;?uO{Õ0&ÊóïqéiÔ—V$ÙÙ°\x09:9¢„®×kžË†¥pÞ{?÷„w¸‹×aݳW!.¹¬s’–ë礌BÁ]É$cüè&™Œ´â%5½{ü½REÿq? @f>mÐ&¦‰>À ñ×FJx8`´(³éZ+ÿ˜Mß&W:ěۮ®Ûq‹©+Ûd$¯#\x1b^8:\x07ƒcɦâ~ƒA·½ [ 367.755126][T10729] netlink: 'syz.4.1336': attribute type 1 has an invalid length. [ 367.896474][T10729] netlink: 'syz.4.1336': attribute type 1 has an invalid length. [ 367.924396][T10726] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1336'. [ 367.956118][T10728] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1336'. [ 368.953126][T10759] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1346'. [ 369.024717][T10759] hsr_slave_1: left promiscuous mode [ 369.582679][T10766] netlink: 'syz.0.1348': attribute type 1 has an invalid length. [ 369.666833][T10766] netlink: 'syz.0.1348': attribute type 1 has an invalid length. [ 370.083628][T10774] 0}^: entered promiscuous mode [ 370.161884][T10774] 1}^: entered promiscuous mode [ 370.636253][T10794] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1355'. [ 372.217004][T10811] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1360'. [ 372.274658][T10811] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1360'. [ 372.326620][T10811] netlink: 'syz.3.1360': attribute type 1 has an invalid length. [ 372.348281][T10811] netlink: 'syz.3.1360': attribute type 1 has an invalid length. [ 372.614386][ T5836] Bluetooth: hci3: Opcode 0x206a failed: -110 [ 372.614410][ T5840] Bluetooth: hci3: command 0x0406 tx timeout [ 374.611830][T10851] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1368'. [ 376.074238][T10874] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1376'. [ 378.084424][ T5840] Bluetooth: hci1: command 0x0406 tx timeout [ 378.091487][ T5836] Bluetooth: hci1: Opcode 0x206a failed: -110 [ 378.211779][T10918] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1387'. [ 378.244412][T10918] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1387'. [ 379.525934][T10948] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1397'. [ 379.558493][T10949] netlink: 179 bytes leftover after parsing attributes in process `syz.2.1396'. [ 379.604501][T10951] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1397'. [ 379.655713][T10948] netlink: 'syz.0.1397': attribute type 1 has an invalid length. [ 379.663517][T10948] netlink: 'syz.0.1397': attribute type 1 has an invalid length. [ 381.164512][ T5843] Bluetooth: hci1: command 0x0406 tx timeout [ 381.171560][ T5836] Bluetooth: hci1: Opcode 0x206a failed: -110 [ 381.459659][T10992] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1409'. [ 381.519413][T10992] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1409'. [ 381.598096][T10992] netlink: 'syz.4.1409': attribute type 1 has an invalid length. [ 381.664386][T10992] netlink: 'syz.4.1409': attribute type 1 has an invalid length. [ 382.554583][ T5836] Bluetooth: hci0: command 0x0406 tx timeout [ 382.561026][ T5840] Bluetooth: hci0: Opcode 0x206a failed: -110 [ 383.280129][T11027] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1418'. [ 383.765198][T11044] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1422'. [ 383.792478][T11044] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1422'. [ 383.843218][T11044] netlink: 'syz.2.1422': attribute type 1 has an invalid length. [ 383.879772][T11044] netlink: 'syz.2.1422': attribute type 1 has an invalid length. [ 383.890837][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.890970][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.944416][ T5840] Bluetooth: hci1: Opcode 0x206a failed: -110 [ 384.950918][ T5840] Bluetooth: hci1: command 0x0406 tx timeout [ 385.610186][T11073] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1430'. [ 385.735860][T11079] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1431'. [ 387.041294][T11094] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1436'. [ 387.092694][T11094] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1436'. [ 388.922294][T11128] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1442'. [ 389.321824][T11138] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1448'. [ 389.331989][T11140] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1448'. [ 390.372241][T11151] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1450'. [ 391.449704][T11162] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1451'. [ 393.514595][T11187] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1455'. [ 394.294079][T11208] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1464'. [ 394.584442][T11203] could not allocate digest TFM handle [ 395.666699][T11231] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1470'. [ 398.537177][T11264] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1482'. [ 401.720892][T11302] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1493'. [ 401.786014][T11304] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1493'. [ 405.876024][T11369] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1514'. [ 406.432668][T11384] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1518'. [ 407.153161][T11401] Malformed UNC in devname [ 407.153161][T11401] [ 407.160901][T11401] CIFS: VFS: Malformed UNC in devname [ 407.305949][T11395] netlink: 168 bytes leftover after parsing attributes in process `syz.3.1522'. [ 408.064735][T11417] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1529'. [ 408.085322][T11417] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1529'. [ 408.126539][T11417] netlink: 'syz.0.1529': attribute type 1 has an invalid length. [ 408.144350][T11417] netlink: 'syz.0.1529': attribute type 1 has an invalid length. [ 408.375302][T11429] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1531'. [ 408.719312][T11438] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1536'. [ 410.269889][T11460] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1542'. [ 410.340974][T11461] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1542'. [ 410.775595][T11460] netlink: 'syz.2.1542': attribute type 1 has an invalid length. [ 410.829811][T11460] netlink: 'syz.2.1542': attribute type 1 has an invalid length. [ 410.885650][T11470] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1546'. [ 410.914547][T11473] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1546'. [ 412.697215][T11520] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1558'. [ 415.831096][T11573] netlink: 146 bytes leftover after parsing attributes in process `syz.4.1576'. [ 415.872845][T11577] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1577'. [ 416.237705][T11583] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1578'. [ 416.267930][T11583] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1578'. [ 416.302098][T11583] netlink: 'syz.3.1578': attribute type 1 has an invalid length. [ 416.330669][T11583] netlink: 'syz.3.1578': attribute type 1 has an invalid length. [ 416.504620][T11585] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1579'. [ 420.514607][T11641] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1597'. [ 420.845754][T11646] netlink: 'syz.0.1598': attribute type 19 has an invalid length. [ 420.875295][T11646] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1598'. [ 421.641817][T11657] Malformed UNC in devname [ 421.641817][T11657] [ 421.663410][T11657] CIFS: VFS: Malformed UNC in devname [ 422.621097][T11672] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1606'. [ 423.292121][T11692] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1608'. [ 423.341480][T11692] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1608'. [ 423.395600][T11692] netlink: 'syz.3.1608': attribute type 1 has an invalid length. [ 423.425250][T11692] netlink: 'syz.3.1608': attribute type 1 has an invalid length. [ 425.564602][T11713] can: request_module (can-proto-0) failed. [ 425.611106][T11699] can: request_module (can-proto-0) failed. [ 425.967305][T11718] netlink: 252 bytes leftover after parsing attributes in process `syz.4.1616'. [ 429.682901][T11763] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1630'. [ 429.700029][T11768] sctp: [Deprecated]: syz.2.1629 (pid 11768) Use of int in maxseg socket option. [ 429.700029][T11768] Use struct sctp_assoc_value instead [ 433.962935][T11812] netlink: zone id is out of range [ 433.985841][T11812] netlink: zone id is out of range [ 433.991050][T11812] netlink: zone id is out of range [ 434.001737][T11812] netlink: zone id is out of range [ 434.024386][T11812] netlink: zone id is out of range [ 434.029668][T11812] netlink: zone id is out of range [ 434.104905][T11812] netlink: zone id is out of range [ 434.110157][T11812] netlink: zone id is out of range [ 434.115772][T11812] netlink: set zone limit has 4 unknown bytes [ 437.288376][T11852] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1655'. [ 438.213813][ T5840] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 438.584918][T11872] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1659'. [ 439.078715][T11878] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1662'. [ 439.118801][T11879] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1662'. [ 439.155616][T11878] netlink: 'syz.0.1662': attribute type 1 has an invalid length. [ 439.204468][T11878] netlink: 'syz.0.1662': attribute type 1 has an invalid length. [ 439.292992][T11874] netlink: zone id is out of range [ 440.586628][T11902] netlink: 74 bytes leftover after parsing attributes in process `syz.4.1672'. [ 440.841319][T11909] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1674'. [ 440.855197][T11909] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1674'. [ 440.876378][T11909] netlink: 'syz.0.1674': attribute type 1 has an invalid length. [ 440.884187][T11909] netlink: 'syz.0.1674': attribute type 1 has an invalid length. [ 444.043614][T11953] netlink: 252 bytes leftover after parsing attributes in process `syz.4.1685'. [ 444.338632][T11957] netlink: 252 bytes leftover after parsing attributes in process `syz.0.1686'. [ 445.166769][T11976] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1693'. [ 445.328332][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.337413][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 448.353249][T12024] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1706'. [ 448.703944][T12029] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1705'. [ 448.762015][T12036] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1707'. [ 448.839501][T12037] netlink: 'syz.3.1707': attribute type 1 has an invalid length. [ 448.874459][T12037] netlink: 'syz.3.1707': attribute type 1 has an invalid length. [ 449.275405][T12036] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1707'. [ 449.934194][T12052] netlink: 252 bytes leftover after parsing attributes in process `syz.2.1710'. [ 450.570314][T11234] syz.2.1470 (11234) used greatest stack depth: 17200 bytes left [ 452.706288][T12089] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1719'. [ 453.816583][T12113] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1728'. [ 453.956891][T12113] mac80211_hwsim hwsim4 wlan0: left promiscuous mode [ 454.519676][T12125] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1733'. [ 454.542252][T12125] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1733'. [ 454.867641][T12138] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1734'. [ 455.964320][ T5840] Bluetooth: hci4: Opcode 0x206a failed: -110 [ 455.974404][ T5840] Bluetooth: hci4: command 0x0406 tx timeout [ 456.704976][T12162] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1742'. [ 457.120586][T12171] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1745'. [ 457.223679][T12176] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1745'. [ 457.237480][T12182] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1746'. [ 457.289027][T12171] netlink: 'syz.0.1745': attribute type 1 has an invalid length. [ 457.319607][T12171] netlink: 'syz.0.1745': attribute type 1 has an invalid length. [ 457.686031][T12188] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1751'. [ 458.044582][ T5843] Bluetooth: hci4: command 0x0406 tx timeout [ 458.044786][ T5836] Bluetooth: hci4: Opcode 0x206a failed: -110 [ 458.163453][T12199] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1753'. [ 459.414543][T12225] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1759'. [ 459.565497][T12225] netlink: 'syz.3.1759': attribute type 1 has an invalid length. [ 459.573319][T12225] netlink: 'syz.3.1759': attribute type 1 has an invalid length. [ 459.724418][ T5840] Bluetooth: hci3: Opcode 0x206a failed: -110 [ 459.724551][ T5836] Bluetooth: hci3: command 0x0406 tx timeout [ 460.067099][T12232] __nla_validate_parse: 1 callbacks suppressed [ 460.067126][T12232] netlink: 252 bytes leftover after parsing attributes in process `syz.4.1762'. [ 462.044643][ T5840] Bluetooth: hci1: command 0x0406 tx timeout [ 462.044742][ T5836] Bluetooth: hci1: Opcode 0x206a failed: -110 [ 462.308843][T12229] kexec: Could not allocate control_code_buffer [ 462.370760][T12270] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1771'. [ 462.433739][T12270] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1771'. [ 462.486524][T12270] netlink: 'syz.4.1771': attribute type 1 has an invalid length. [ 462.527399][T12270] netlink: 'syz.4.1771': attribute type 1 has an invalid length. [ 462.645114][T12275] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1774'. [ 464.645932][T12320] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1786'. [ 466.465598][T12355] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1799'. [ 469.750381][T12372] kexec: Could not allocate control_code_buffer [ 469.765905][T12391] netlink: 252 bytes leftover after parsing attributes in process `syz.0.1809'. [ 470.413070][T12400] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1811'. [ 473.254676][T12423] openvswitch: netlink: nsh attr 1 has unexpected len 14 expected 8 [ 473.350098][T12430] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1817'. [ 473.554539][T12423] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1814'. [ 473.704780][T12436] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1820'. [ 473.748177][T12436] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1820'. [ 474.454573][T12447] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1826'. [ 474.477948][T12447] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1826'. [ 474.566336][T12447] netlink: 'syz.4.1826': attribute type 1 has an invalid length. [ 474.574148][T12447] netlink: 'syz.4.1826': attribute type 1 has an invalid length. [ 477.865412][T12499] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1841'. [ 477.904642][T12500] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1841'. [ 477.913673][T12500] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 478.114366][T12500] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 478.275430][T12500] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 478.474365][T12500] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 478.683994][T12503] ptrace attach of "./syz-executor exec"[5834] was attempted by "./syz-executor exec"[12503] [ 480.654755][T12522] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1848'. [ 482.984822][T12558] nbd: socks must be embedded in a SOCK_ITEM attr [ 484.881365][T12577] netlink: 252 bytes leftover after parsing attributes in process `syz.0.1864'. [ 485.827770][T12587] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1867'. [ 485.864343][T12587] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1867'. [ 485.891847][T12587] netlink: 'syz.2.1867': attribute type 1 has an invalid length. [ 485.914320][T12587] netlink: 'syz.2.1867': attribute type 1 has an invalid length. [ 488.197795][T12612] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1878'. [ 490.710168][T12653] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1889'. [ 490.818525][T12658] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1889'. [ 490.929672][T12653] netlink: 'syz.3.1889': attribute type 1 has an invalid length. [ 491.058052][T12653] netlink: 'syz.3.1889': attribute type 1 has an invalid length. [ 491.487291][T12664] netlink: 252 bytes leftover after parsing attributes in process `syz.4.1892'. [ 494.241303][T12702] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1902'. [ 496.724536][T12735] netlink: 252 bytes leftover after parsing attributes in process `syz.2.1911'. [ 497.463208][T12744] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1914'. [ 499.465949][T12781] netlink: 252 bytes leftover after parsing attributes in process `syz.2.1924'. [ 500.177589][T12796] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1929'. [ 500.695749][T12804] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1931'. [ 500.915975][ T5836] Bluetooth: hci0: Malformed Event: 0x2f [ 502.118949][T12838] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1937'. [ 505.016844][T12885] netlink: 252 bytes leftover after parsing attributes in process `syz.0.1952'. [ 505.780056][T12899] openvswitch: netlink: Message has 4 unknown bytes. [ 505.903560][T12903] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1955'. [ 506.269753][ T5836] Bluetooth: hci3: unexpected event 0x30 length: 54 > 3 [ 506.574545][T12918] netlink: 252 bytes leftover after parsing attributes in process `syz.2.1962'. [ 506.766832][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.773491][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 507.120742][T12931] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1966'. [ 507.161307][T12931] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1966'. [ 507.212741][T12931] netlink: 'syz.4.1966': attribute type 1 has an invalid length. [ 507.246841][T12931] netlink: 'syz.4.1966': attribute type 1 has an invalid length. [ 509.285630][T12967] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1976'. [ 509.392245][T12971] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1978'. [ 509.433484][T12971] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1978'. [ 509.481481][T12971] netlink: 'syz.2.1978': attribute type 1 has an invalid length. [ 509.527037][T12971] netlink: 'syz.2.1978': attribute type 1 has an invalid length. [ 510.300624][T12987] Process accounting resumed [ 511.043122][T13006] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1987'. [ 512.092784][T13020] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1990'. [ 512.139671][T13020] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1990'. [ 512.202249][T13020] netlink: 'syz.0.1990': attribute type 1 has an invalid length. [ 512.239822][T13020] netlink: 'syz.0.1990': attribute type 1 has an invalid length. [ 512.955674][ T5840] Bluetooth: hci4: Malformed Event: 0x2f [ 513.644621][ T5836] Bluetooth: hci1: Opcode 0x206a failed: -110 [ 513.651279][ T5836] Bluetooth: hci1: command 0x0406 tx timeout [ 514.954348][T13068] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2005'. [ 515.075358][T13068] netlink: 'syz.0.2005': attribute type 1 has an invalid length. [ 515.125326][T13068] netlink: 'syz.0.2005': attribute type 1 has an invalid length. [ 515.220909][T13071] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2005'. [ 516.506788][T13093] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2013'. [ 516.914377][T13108] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2017'. [ 516.945318][T13108] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2017'. [ 517.004728][T13108] netlink: 'syz.3.2017': attribute type 1 has an invalid length. [ 517.037226][T13108] netlink: 'syz.3.2017': attribute type 1 has an invalid length. [ 517.553549][T13114] delete_channel: no stack [ 518.122507][T13130] netlink: 252 bytes leftover after parsing attributes in process `syz.4.2025'. [ 518.493022][T13140] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2028'. [ 518.504743][T13140] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2028'. [ 518.515955][T13132] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2026'. [ 518.532189][T13140] netlink: 'syz.3.2028': attribute type 1 has an invalid length. [ 518.540648][T13140] netlink: 'syz.3.2028': attribute type 1 has an invalid length. [ 519.158380][T13149] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2033'. [ 519.804479][ T5840] Bluetooth: hci1: Opcode 0x206a failed: -110 [ 519.811067][ T5840] Bluetooth: hci1: command 0x0406 tx timeout [ 520.914550][T13180] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2041'. [ 520.935961][T13180] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2041'. [ 520.964751][T13180] netlink: 'syz.4.2041': attribute type 1 has an invalid length. [ 520.972562][T13180] netlink: 'syz.4.2041': attribute type 1 has an invalid length. [ 521.454088][T13194] netlink: 252 bytes leftover after parsing attributes in process `syz.4.2046'. [ 522.254286][T13220] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2053'. [ 522.287925][T13220] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2053'. [ 522.336442][T13220] netlink: 'syz.3.2053': attribute type 1 has an invalid length. [ 522.364424][T13220] netlink: 'syz.3.2053': attribute type 1 has an invalid length. [ 523.296772][T13238] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2059'. [ 523.614906][T13252] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2062'. [ 523.638839][T13252] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2062'. [ 524.714723][T13263] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2066'. [ 524.739660][T13263] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2066'. [ 524.795072][T13263] netlink: 'syz.4.2066': attribute type 1 has an invalid length. [ 524.802876][T13263] netlink: 'syz.4.2066': attribute type 1 has an invalid length. [ 526.807733][T13289] __nla_validate_parse: 1 callbacks suppressed [ 526.807759][T13289] netlink: 346 bytes leftover after parsing attributes in process `syz.4.2074'. [ 528.020103][T13311] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 528.089182][T13311] CIFS mount error: No usable UNC path provided in device string! [ 528.089182][T13311] [ 528.112417][T13311] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 529.719871][T13324] netlink: 252 bytes leftover after parsing attributes in process `syz.2.2081'. [ 530.352482][T13331] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2085'. [ 530.945655][T13339] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2083'. [ 530.955698][T13339] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2083'. [ 530.966983][T13339] netlink: 'syz.4.2083': attribute type 1 has an invalid length. [ 530.974882][T13339] netlink: 'syz.4.2083': attribute type 1 has an invalid length. [ 531.238960][T13350] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2088'. [ 531.524340][ T5840] Bluetooth: hci4: Malformed LE Event: 0x1b [ 531.830718][T13359] bridge0: port 3(batadv0) entered blocking state [ 531.894561][T13359] bridge0: port 3(batadv0) entered disabled state [ 531.924520][T13359] batadv0: entered allmulticast mode [ 531.972336][T13359] batadv0: entered promiscuous mode [ 532.087173][T13359] bridge0: port 3(batadv0) entered blocking state [ 532.093811][T13359] bridge0: port 3(batadv0) entered listening state [ 532.284811][ T7388] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 532.294748][ T7388] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 532.370745][T13370] netlink: 252 bytes leftover after parsing attributes in process `syz.0.2094'. [ 532.925735][T13376] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2097'. [ 532.975175][T13373] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2095'. [ 532.975626][T13376] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2097'. [ 533.088668][T13376] netlink: 'syz.3.2097': attribute type 1 has an invalid length. [ 533.114791][T13376] netlink: 'syz.3.2097': attribute type 1 has an invalid length. [ 534.193950][T13405] netlink: 252 bytes leftover after parsing attributes in process `syz.2.2105'. [ 535.350179][T13427] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2112'. [ 535.362535][T13428] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2110'. [ 535.395485][T13427] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2112'. [ 535.436306][T13427] netlink: 'syz.4.2112': attribute type 1 has an invalid length. [ 535.444119][T13427] netlink: 'syz.4.2112': attribute type 1 has an invalid length. [ 537.884538][ T5836] Bluetooth: hci3: command 0x0406 tx timeout [ 537.890648][ T5840] Bluetooth: hci3: Opcode 0x206a failed: -110 [ 538.009139][T13463] netlink: 'syz.4.2122': attribute type 1 has an invalid length. [ 538.018746][T13463] netlink: 'syz.4.2122': attribute type 1 has an invalid length. [ 538.040347][T13461] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2122'. [ 538.124333][T13462] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2122'. [ 540.535880][T13474] netlink: 252 bytes leftover after parsing attributes in process `syz.4.2126'. [ 542.116400][T13494] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2132'. [ 542.431654][T13500] HSR: entered promiscuous mode [ 542.620134][T13504] delete_channel: no stack [ 543.956194][T13529] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2143'. [ 544.818931][T13546] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2150'. [ 545.030683][T13551] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2151'. [ 545.977263][T13561] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2154'. [ 547.501400][T13587] Malformed UNC in devname [ 547.501400][T13587] [ 547.626612][T13587] CIFS: VFS: Malformed UNC in devname [ 547.727309][ C1] bridge0: port 3(batadv0) entered learning state [ 548.374863][T13606] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2168'. [ 550.914589][T13648] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2182'. [ 550.975187][T13648] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2182'. [ 551.035161][T13648] netlink: 'syz.4.2182': attribute type 1 has an invalid length. [ 551.042976][T13648] netlink: 'syz.4.2182': attribute type 1 has an invalid length. [ 552.355266][T13662] netlink: 252 bytes leftover after parsing attributes in process `syz.0.2188'. [ 553.584604][T13679] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2194'. [ 553.642082][T13679] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2194'. [ 553.694437][T13683] netlink: 'syz.0.2194': attribute type 1 has an invalid length. [ 553.743888][T13683] netlink: 'syz.0.2194': attribute type 1 has an invalid length. [ 557.580954][T13714] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2201'. [ 557.618186][T13716] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2202'. [ 558.099442][T13722] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2203'. [ 558.123255][T13722] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2203'. [ 558.200235][T13724] netlink: 'syz.3.2203': attribute type 1 has an invalid length. [ 558.230487][T13724] netlink: 'syz.3.2203': attribute type 1 has an invalid length. [ 558.634728][T13728] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2204'. [ 558.734543][T13729] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2204'. [ 558.745932][T13728] netlink: 'syz.3.2204': attribute type 1 has an invalid length. [ 558.753741][T13728] netlink: 'syz.3.2204': attribute type 1 has an invalid length. [ 559.146881][T13734] nbd: illegal input index -33554433 [ 563.084589][ C1] bridge0: port 3(batadv0) entered forwarding state [ 563.091290][ C1] bridge0: topology change detected, propagating [ 563.486809][T13780] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2220'. [ 563.568571][T13781] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2220'. [ 563.626894][T13780] netlink: 'syz.4.2220': attribute type 1 has an invalid length. [ 563.685967][T13780] netlink: 'syz.4.2220': attribute type 1 has an invalid length. [ 564.151203][T13788] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2230'. [ 564.237922][T13788] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2230'. [ 564.324952][T13788] netlink: 'syz.4.2230': attribute type 1 has an invalid length. [ 564.371223][T13788] netlink: 'syz.4.2230': attribute type 1 has an invalid length. [ 564.981059][ T30] audit: type=1326 audit(8277292183.240:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13798 comm="syz.4.2225" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa571b85d19 code=0x0 [ 566.275435][ T5836] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 566.285656][ T5836] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 566.294424][ T5836] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 566.302425][ T5836] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 566.310967][ T5836] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 566.318833][ T5836] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 567.031448][T13806] chnl_net:caif_netlink_parms(): no params data found [ 567.695862][T13806] bridge0: port 1(bridge_slave_0) entered blocking state [ 567.724336][T13806] bridge0: port 1(bridge_slave_0) entered disabled state [ 567.731634][T13806] bridge_slave_0: entered allmulticast mode [ 567.776553][T13806] bridge_slave_0: entered promiscuous mode [ 567.805972][T13806] bridge0: port 2(bridge_slave_1) entered blocking state [ 567.813115][T13806] bridge0: port 2(bridge_slave_1) entered disabled state [ 567.874554][T13806] bridge_slave_1: entered allmulticast mode [ 567.892263][T13806] bridge_slave_1: entered promiscuous mode [ 568.171197][T13806] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 568.207522][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.214143][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 568.241426][T13834] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2231'. [ 568.270482][T13806] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 568.365097][ T5836] Bluetooth: hci2: command tx timeout [ 568.840419][T13806] team0: Port device team_slave_0 added [ 568.877892][T13806] team0: Port device team_slave_1 added [ 569.211504][T13806] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 569.228868][T13806] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 569.317791][T13806] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 569.342718][T13806] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 569.356912][T13806] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 569.424309][T13806] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 569.937976][T13806] hsr_slave_0: entered promiscuous mode [ 570.022405][T13806] hsr_slave_1: entered promiscuous mode [ 570.445383][ T5836] Bluetooth: hci2: command tx timeout [ 570.970573][T13859] netlink: 252 bytes leftover after parsing attributes in process `syz.4.2240'. [ 571.189167][T13806] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 571.252898][T13806] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 571.324881][T13806] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 571.477373][T13806] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 571.718870][T13806] 8021q: adding VLAN 0 to HW filter on device bond0 [ 571.821885][T13806] 8021q: adding VLAN 0 to HW filter on device team0 [ 571.866068][ T7389] bridge0: port 1(bridge_slave_0) entered blocking state [ 571.873323][ T7389] bridge0: port 1(bridge_slave_0) entered forwarding state [ 571.945685][T11689] bridge0: port 2(bridge_slave_1) entered blocking state [ 571.952853][T11689] bridge0: port 2(bridge_slave_1) entered forwarding state [ 572.524418][ T5836] Bluetooth: hci2: command tx timeout [ 572.661265][T13882] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2247'. [ 572.951488][T13882] bond0: (slave bond_slave_0): Releasing backup interface [ 573.383264][T13806] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 573.869510][T13806] veth0_vlan: entered promiscuous mode [ 573.897099][T13806] veth1_vlan: entered promiscuous mode [ 573.983388][T13806] veth0_macvtap: entered promiscuous mode [ 573.998184][T13806] veth1_macvtap: entered promiscuous mode [ 574.017762][T13806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 574.028466][T13806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 574.038953][T13806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 574.049945][T13806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 574.060074][T13806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 574.070851][T13806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 574.082123][T13806] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 574.138484][T13806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 574.149413][T13806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 574.165116][T13806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 574.188140][T13806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 574.216061][T13806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 574.256311][T13806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 574.275381][T13806] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 574.353357][T13806] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 574.384420][T13806] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 574.393295][T13806] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 574.434289][T13806] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 574.604718][ T5836] Bluetooth: hci2: command tx timeout [ 574.860809][ T7387] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 574.898986][ T7387] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 574.992396][ T7387] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 575.009413][ T7387] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 578.710532][T13986] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2270'. [ 578.837282][T13986] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2270'. [ 578.892610][T13991] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2271'. [ 578.937014][T13993] netlink: 'syz.0.2270': attribute type 1 has an invalid length. [ 579.055065][T13993] netlink: 'syz.0.2270': attribute type 1 has an invalid length. [ 581.580990][T14023] openvswitch: netlink: Message has 4 unknown bytes. [ 581.849763][T14031] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2286'. [ 581.872609][T14031] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2286'. [ 581.905385][T14031] netlink: 'syz.3.2286': attribute type 1 has an invalid length. [ 581.933794][T14031] netlink: 'syz.3.2286': attribute type 1 has an invalid length. [ 582.871994][ T5840] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 582.882032][ T5840] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 582.906363][ T5840] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 582.938235][ T5840] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 582.948999][ T5840] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 582.957004][ T5840] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 584.300540][T11689] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 584.828572][T11689] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 585.006796][ T5836] Bluetooth: hci3: command tx timeout [ 585.506790][T11689] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 585.661986][T14040] chnl_net:caif_netlink_parms(): no params data found [ 586.006045][T11689] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 586.430941][T14040] bridge0: port 1(bridge_slave_0) entered blocking state [ 586.440615][T14040] bridge0: port 1(bridge_slave_0) entered disabled state [ 586.460303][T14040] bridge_slave_0: entered allmulticast mode [ 586.477327][T14040] bridge_slave_0: entered promiscuous mode [ 586.503683][T14040] bridge0: port 2(bridge_slave_1) entered blocking state [ 586.522343][T14040] bridge0: port 2(bridge_slave_1) entered disabled state [ 586.542703][T14040] bridge_slave_1: entered allmulticast mode [ 586.550494][T14040] bridge_slave_1: entered promiscuous mode [ 586.825930][T14040] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 586.857017][T14040] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 587.084595][ T5840] Bluetooth: hci3: command tx timeout [ 587.243110][T14040] team0: Port device team_slave_0 added [ 587.303204][T14040] team0: Port device team_slave_1 added [ 587.637996][T11689] bridge_slave_1: left allmulticast mode [ 587.643738][T11689] bridge_slave_1: left promiscuous mode [ 587.684736][T11689] bridge0: port 2(bridge_slave_1) entered disabled state [ 589.164775][ T5840] Bluetooth: hci3: command tx timeout [ 589.559246][T11689] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 589.578315][T11689] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 589.618919][T11689] bond0 (unregistering): Released all slaves [ 590.210005][T11689] .': left promiscuous mode [ 590.357676][T14040] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 590.384007][T14040] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 590.440632][T14040] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 590.744425][T11689] HSR: left promiscuous mode [ 590.859753][T14040] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 590.880126][T14040] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 590.964229][T14040] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 591.245754][ T5840] Bluetooth: hci3: command tx timeout [ 591.442677][T14098] netlink: 'syz.5.2299': attribute type 1 has an invalid length. [ 591.497465][T14098] netlink: 'syz.5.2299': attribute type 1 has an invalid length. [ 591.611785][T14094] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2299'. [ 591.722986][T14097] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2299'. [ 591.858143][T14040] hsr_slave_0: entered promiscuous mode [ 591.964745][T14040] hsr_slave_1: entered promiscuous mode [ 592.012297][T14040] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 592.029363][T14040] Cannot create hsr debugfs directory [ 595.222941][T14040] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 595.303308][T14040] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 595.356880][T14040] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 595.575795][T14040] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 596.344396][T14040] 8021q: adding VLAN 0 to HW filter on device bond0 [ 596.427853][T14040] 8021q: adding VLAN 0 to HW filter on device team0 [ 596.687993][ T29] bridge0: port 1(bridge_slave_0) entered blocking state [ 596.695275][ T29] bridge0: port 1(bridge_slave_0) entered forwarding state [ 596.724886][ T29] bridge0: port 2(bridge_slave_1) entered blocking state [ 596.732117][ T29] bridge0: port 2(bridge_slave_1) entered forwarding state [ 597.671089][T14040] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 598.010047][T14040] veth0_vlan: entered promiscuous mode [ 598.030368][T14040] veth1_vlan: entered promiscuous mode [ 598.075767][T14040] veth0_macvtap: entered promiscuous mode [ 598.085967][T14040] veth1_macvtap: entered promiscuous mode [ 598.102364][T14040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 598.113081][T14040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 598.123213][T14040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 598.133834][T14040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 598.143787][T14040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 598.154487][T14040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 598.164542][T14040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 598.175092][T14040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 598.187476][T14040] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 598.383026][T14040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 598.394269][T14040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 598.449957][T14040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 598.490607][T14040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 598.534826][T14040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 598.581040][T14040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 598.604440][T14040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 598.652535][T14040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 598.679721][T14040] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 598.761176][T14040] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 598.788839][T14040] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 598.830136][T14040] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 598.894313][T14040] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 599.316876][ T7388] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 599.335993][ T7388] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 599.441265][ T8649] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 599.470817][ T8649] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 600.179783][T11689] veth1_macvtap: left promiscuous mode [ 600.212249][T11689] veth0_macvtap: left promiscuous mode [ 600.234498][T11689] veth1_vlan: left promiscuous mode [ 600.239919][T11689] veth0_vlan: left promiscuous mode [ 601.467513][T14252] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2320'. [ 601.901680][T11689] team0 (unregistering): Port device team_slave_1 removed [ 602.023109][T11689] team0 (unregistering): Port device team_slave_0 removed [ 602.424628][ T5840] Bluetooth: hci4: unexpected event 0x01 length: 11 > 1 [ 607.424595][T14346] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2350'. [ 607.505591][T14346] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2350'. [ 607.576575][T14347] netlink: 'syz.0.2350': attribute type 1 has an invalid length. [ 607.625794][T14347] netlink: 'syz.0.2350': attribute type 1 has an invalid length. [ 608.387014][T14368] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2357'. [ 609.093077][ T5843] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 609.110215][ T5843] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 609.119205][ T5843] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 609.134504][T14389] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2363'. [ 609.154047][T14389] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2363'. [ 609.174795][T14389] netlink: 'syz.5.2363': attribute type 1 has an invalid length. [ 609.182599][T14389] netlink: 'syz.5.2363': attribute type 1 has an invalid length. [ 609.233856][ T5843] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 609.271707][ T5843] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 609.279419][ T5843] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 609.380794][ T5843] Bluetooth: hci2: unexpected event 0x0f length: 43 > 4 [ 609.738295][T14384] chnl_net:caif_netlink_parms(): no params data found [ 610.146745][T14384] bridge0: port 1(bridge_slave_0) entered blocking state [ 610.154118][T14384] bridge0: port 1(bridge_slave_0) entered disabled state [ 610.161559][T14384] bridge_slave_0: entered allmulticast mode [ 610.169252][T14384] bridge_slave_0: entered promiscuous mode [ 610.178004][T14384] bridge0: port 2(bridge_slave_1) entered blocking state [ 610.185610][T14384] bridge0: port 2(bridge_slave_1) entered disabled state [ 610.192896][T14384] bridge_slave_1: entered allmulticast mode [ 610.205574][T14384] bridge_slave_1: entered promiscuous mode [ 610.353113][T14384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 610.387574][T14384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 610.425069][T14414] netlink: 326 bytes leftover after parsing attributes in process `syz.3.2366'. [ 610.526832][T14384] team0: Port device team_slave_0 added [ 610.559355][T14384] team0: Port device team_slave_1 added [ 610.762782][T14384] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 610.830130][T14384] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 610.874493][T14384] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 610.887472][T14384] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 610.894620][T14384] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 610.921112][T14384] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 611.210140][T14384] hsr_slave_0: entered promiscuous mode [ 611.226066][T14384] hsr_slave_1: entered promiscuous mode [ 611.237350][T14384] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 611.256280][T14384] Cannot create hsr debugfs directory [ 611.404513][ T5843] Bluetooth: hci1: command tx timeout [ 611.603988][T14432] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 612.336118][T14384] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 612.617309][T14384] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 612.907332][T14384] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 613.062791][ T30] audit: type=1326 audit(8277292231.320:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14457 comm="syz.4.2376" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa571b85d19 code=0x0 [ 613.188949][T14384] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 613.484344][ T5843] Bluetooth: hci1: command tx timeout [ 613.521899][T14384] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 613.532137][T14384] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 613.612845][T14384] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 613.640542][T14384] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 614.082911][T14384] 8021q: adding VLAN 0 to HW filter on device bond0 [ 614.132548][T14384] 8021q: adding VLAN 0 to HW filter on device team0 [ 614.152890][ T8639] bridge0: port 1(bridge_slave_0) entered blocking state [ 614.160105][ T8639] bridge0: port 1(bridge_slave_0) entered forwarding state [ 614.182613][ T29] bridge0: port 2(bridge_slave_1) entered blocking state [ 614.189915][ T29] bridge0: port 2(bridge_slave_1) entered forwarding state [ 614.199634][T14476] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2379'. [ 614.331388][T14477] nbd: must specify at least one socket [ 614.807802][T14384] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 614.919373][T14384] veth0_vlan: entered promiscuous mode [ 614.975565][T14384] veth1_vlan: entered promiscuous mode [ 615.047041][T14384] veth0_macvtap: entered promiscuous mode [ 615.068069][T14384] veth1_macvtap: entered promiscuous mode [ 615.137091][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.172574][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.194217][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.214553][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.244508][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.274326][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.290938][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.316991][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.344944][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.374223][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.395606][T14384] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 615.442693][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.484629][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.524375][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.562820][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.573450][ T5843] Bluetooth: hci1: command tx timeout [ 615.582596][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.614014][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.624081][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.634761][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.644889][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.657206][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.669318][T14384] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 615.687971][T14384] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.704262][T14384] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.728603][T14384] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.780723][T14384] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 616.055326][T11689] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 616.063212][T11689] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 616.115321][T14496] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2386'. [ 616.128543][ T8649] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 616.136522][ T8649] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 616.530143][T14514] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2391'. [ 616.774004][T14521] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2393'. [ 616.805186][T14521] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2393'. [ 616.856506][T14521] netlink: 'syz.0.2393': attribute type 1 has an invalid length. [ 616.880934][T14521] netlink: 'syz.0.2393': attribute type 1 has an invalid length. [ 617.304952][T14524] netlink: ct family unspecified [ 617.338603][T14524] netlink: 'syz.4.2396': attribute type 1 has an invalid length. [ 617.654551][ T5843] Bluetooth: hci1: command tx timeout [ 619.317748][T14575] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2407'. [ 619.355490][T14575] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2407'. [ 619.470212][T14575] netlink: 'syz.3.2407': attribute type 1 has an invalid length. [ 619.544236][T14575] netlink: 'syz.3.2407': attribute type 1 has an invalid length. [ 620.475439][T14589] netlink: 252 bytes leftover after parsing attributes in process `syz.0.2411'. [ 625.235227][T14615] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2416'. [ 625.812139][T14623] delete_channel: no stack [ 625.935911][T14632] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2422'. [ 628.419209][T14667] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2434'. [ 628.589367][T14673] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2435'. [ 629.075632][T14670] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2434'. [ 629.086844][T14670] netlink: 'syz.4.2434': attribute type 1 has an invalid length. [ 629.094730][T14670] netlink: 'syz.4.2434': attribute type 1 has an invalid length. [ 629.657734][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.664920][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 631.214421][T14718] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2445'. [ 633.289542][T14748] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2452'. [ 633.727639][T14753] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2455'. [ 633.756691][T14753] IPv6: NLM_F_CREATE should be specified when creating new route [ 635.734364][T14801] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2467'. [ 636.812117][T14817] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 636.924487][T14817] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 637.493758][T14829] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2474'. [ 637.576001][T14831] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2474'. [ 637.920945][T14829] team0: Port device team_slave_0 removed [ 637.921125][T14827] QAT: Device 5 not found [ 638.339536][T14842] netlink: 504 bytes leftover after parsing attributes in process `syz.5.2478'. [ 638.582951][T14844] could not allocate digest TFM handle [ 638.679246][T14845] could not allocate digest TFM handle [ 641.564537][T14914] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2491'. [ 641.708111][T14914] netdevsim netdevsim4 netdevsim2: entered allmulticast mode [ 643.345789][T14948] netlink: 464 bytes leftover after parsing attributes in process `syz.5.2505'. [ 646.839048][T14970] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2511'. [ 646.899653][T14971] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2511'. [ 647.312674][T14970] team0: Port device team_slave_0 removed [ 647.505828][ T5840] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 647.519856][ T5840] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 647.528537][ T5840] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 647.545896][ T5840] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 647.554102][ T5840] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 647.562653][ T5840] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 648.270884][T14989] netlink: 464 bytes leftover after parsing attributes in process `syz.3.2516'. [ 648.466414][T14976] chnl_net:caif_netlink_parms(): no params data found [ 649.658351][ T5843] Bluetooth: hci0: command tx timeout [ 649.740304][T14976] bridge0: port 1(bridge_slave_0) entered blocking state [ 649.814312][T14976] bridge0: port 1(bridge_slave_0) entered disabled state [ 649.821765][T14976] bridge_slave_0: entered allmulticast mode [ 649.829072][T14976] bridge_slave_0: entered promiscuous mode [ 649.837709][T14976] bridge0: port 2(bridge_slave_1) entered blocking state [ 649.845027][T14976] bridge0: port 2(bridge_slave_1) entered disabled state [ 649.852309][T14976] bridge_slave_1: entered allmulticast mode [ 649.859665][T14976] bridge_slave_1: entered promiscuous mode [ 649.921530][T15001] kexec: Could not allocate control_code_buffer [ 650.194896][ T7387] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 650.296683][T14976] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 650.299441][T14976] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 650.765252][ T7387] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 650.934710][T14976] team0: Port device team_slave_0 added [ 651.028625][ T7387] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 651.056843][T14976] team0: Port device team_slave_1 added [ 651.196720][ T7387] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 651.368836][T14976] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 651.405807][T14976] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 651.458739][T14976] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 651.481876][T14976] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 651.500444][T14976] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 651.557230][T14976] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 651.732013][ T5840] Bluetooth: hci0: command tx timeout [ 651.932884][T14976] hsr_slave_0: entered promiscuous mode [ 651.940979][T14976] hsr_slave_1: entered promiscuous mode [ 651.967676][T14976] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 651.975580][T14976] Cannot create hsr debugfs directory [ 652.296170][ T7387] bridge_slave_1: left allmulticast mode [ 652.312632][ T7387] bridge_slave_1: left promiscuous mode [ 652.334497][ T7387] bridge0: port 2(bridge_slave_1) entered disabled state [ 653.374819][T15050] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2530'. [ 653.816560][ T5840] Bluetooth: hci0: command tx timeout [ 654.217777][ T7387] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 654.266635][ T7387] bond0 (unregistering): Released all slaves [ 654.381391][ T7387] .': left promiscuous mode [ 654.694460][ T7387] h: left promiscuous mode [ 655.894383][ T5840] Bluetooth: hci0: command tx timeout [ 656.703652][T14976] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 656.944391][T14976] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 657.017298][T14976] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 657.371194][T14976] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 657.788005][ T30] audit: type=1804 audit(8277292276.050:20): pid=15107 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2541" name="#)-\&[}" dev="mqueue" ino=42416 res=1 errno=0 [ 657.788007][T15107] kernel read not supported for file /#)-\&[} (pid: 15107 comm: syz.3.2541) [ 657.847304][ T30] audit: type=1800 audit(8277292276.110:21): pid=15107 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2541" name="#)-\&[}" dev="mqueue" ino=42416 res=0 errno=0 [ 657.904369][ T30] audit: type=1804 audit(8277292276.110:22): pid=15107 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2541" name="#)-\&[}" dev="mqueue" ino=42416 res=1 errno=0 [ 657.994289][ T30] audit: type=1804 audit(8277292276.110:23): pid=15107 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2541" name="#)-\&[}" dev="mqueue" ino=42416 res=1 errno=0 [ 658.057631][T14976] 8021q: adding VLAN 0 to HW filter on device bond0 [ 658.135039][T14976] 8021q: adding VLAN 0 to HW filter on device team0 [ 658.302626][ T29] bridge0: port 1(bridge_slave_0) entered blocking state [ 658.309829][ T29] bridge0: port 1(bridge_slave_0) entered forwarding state [ 658.355649][T15123] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2543'. [ 658.467941][T15121] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2542'. [ 658.645473][ T7388] bridge0: port 2(bridge_slave_1) entered blocking state [ 658.652695][ T7388] bridge0: port 2(bridge_slave_1) entered forwarding state [ 659.115796][T15124] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2542'. [ 659.367069][T15118] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 659.394004][T15135] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2546'. [ 660.714975][T14976] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 661.763116][T14976] veth0_vlan: entered promiscuous mode [ 661.800639][T14976] veth1_vlan: entered promiscuous mode [ 661.974580][ T7387] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 661.994355][ T7387] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 662.055093][ T7387] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 662.094337][ T7387] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 662.286614][ T7387] veth1_macvtap: left promiscuous mode [ 662.292229][ T7387] veth0_macvtap: left promiscuous mode [ 662.314401][ T7387] veth1_vlan: left promiscuous mode [ 662.319796][ T7387] veth0_vlan: left promiscuous mode [ 663.025284][T15182] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2556'. [ 663.440870][T15184] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2556'. [ 663.794976][T15181] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 664.717866][ T7387] team0 (unregistering): Port device team_slave_1 removed [ 664.992420][ T7387] team0 (unregistering): Port device team_slave_0 removed [ 667.197466][T15216] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2564'. [ 667.316208][T15216] netlink: 'syz.0.2564': attribute type 1 has an invalid length. [ 667.366185][T15216] netlink: 'syz.0.2564': attribute type 1 has an invalid length. [ 667.511576][T14976] veth0_macvtap: entered promiscuous mode [ 667.528260][T14976] veth1_macvtap: entered promiscuous mode [ 667.550624][T15217] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2564'. [ 667.739149][T14976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 667.804897][T14976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 667.844286][T14976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 667.883111][T14976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 667.904395][T14976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 667.924316][T14976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 667.935196][T14976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 667.964261][T14976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 667.984219][T14976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 667.995644][T14976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 668.025533][T14976] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 668.050919][T14976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 668.094275][T14976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 668.133473][T14976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 668.164009][T14976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 668.203135][T14976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 668.224602][T14976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 668.243961][T14976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 668.264256][T14976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 668.274681][T14976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 668.285870][T14976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 668.339592][T14976] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 668.391861][T14976] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 668.420921][T14976] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 668.444585][T14976] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 668.466069][T14976] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 668.910459][ T29] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 668.945574][ T29] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 669.064372][ T8639] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 669.082492][ T8639] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 669.867076][ T30] audit: type=1800 audit(8277292288.130:24): pid=15246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2571" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 675.219576][T15267] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2581'. [ 675.235325][T15267] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2581'. [ 675.286100][T15267] netlink: 'syz.5.2581': attribute type 1 has an invalid length. [ 675.293921][T15267] netlink: 'syz.5.2581': attribute type 1 has an invalid length. [ 675.835993][T15281] kernel read not supported for file /#)-\&[} (pid: 15281 comm: syz.3.2584) [ 675.882206][ T30] audit: type=1800 audit(8277292294.140:25): pid=15281 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2584" name="#)-\&[}" dev="mqueue" ino=42416 res=0 errno=0 [ 679.068725][T15320] Process accounting resumed [ 679.407022][T15327] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2593'. [ 679.837002][T15334] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2597'. [ 679.855363][T15334] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2597'. [ 679.900925][T15334] netlink: 'syz.4.2597': attribute type 1 has an invalid length. [ 679.923290][T15334] netlink: 'syz.4.2597': attribute type 1 has an invalid length. [ 681.136552][T15358] ------------[ cut here ]------------ [ 681.142482][T15358] WARNING: CPU: 1 PID: 15358 at mm/page_alloc.c:4727 __alloc_pages_noprof+0xeff/0x25b0 [ 681.152405][T15358] Modules linked in: [ 681.156471][T15358] CPU: 1 UID: 0 PID: 15358 Comm: syz.4.2605 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0 [ 681.167463][T15358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 681.177662][T15358] RIP: 0010:__alloc_pages_noprof+0xeff/0x25b0 [ 681.183819][T15358] Code: 24 2c 00 00 00 00 89 cd 0f 84 8b f9 ff ff 8b 34 24 48 89 da 8b 7c 24 08 e8 0e b3 fe ff e9 69 f9 ff ff c6 05 e1 44 16 0e 01 90 <0f> 0b 90 31 db e9 9f f3 ff ff 89 14 24 e8 9f a2 0c 00 8b 14 24 e9 [ 681.204024][T15358] RSP: 0018:ffffc9000485f918 EFLAGS: 00010246 [ 681.210616][T15358] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 681.218830][T15358] RDX: 0000000000000000 RSI: 0000000000000013 RDI: 0000000000040cc0 [ 681.227035][T15358] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 681.235169][T15358] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000013 [ 681.243208][T15358] R13: 0000000000040cc0 R14: 1ffff9200090bf37 R15: 00000000ffffffff [ 681.251366][T15358] FS: 00007f68502f96c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 681.260663][T15358] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 681.267450][T15358] CR2: 0000001b3360cff8 CR3: 000000006f724000 CR4: 00000000003526f0 [ 681.275579][T15358] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 681.283625][T15358] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 681.291800][T15358] Call Trace: [ 681.295214][T15358] [ 681.298406][T15358] ? __warn+0xea/0x3c0 [ 681.302559][T15358] ? __alloc_pages_noprof+0xeff/0x25b0 [ 681.308363][T15358] ? report_bug+0x3c0/0x580 [ 681.312944][T15358] ? handle_bug+0x54/0xa0 [ 681.317461][T15358] ? exc_invalid_op+0x17/0x50 [ 681.322223][T15358] ? asm_exc_invalid_op+0x1a/0x20 [ 681.327447][T15358] ? __alloc_pages_noprof+0xeff/0x25b0 [ 681.333004][T15358] ? hlock_class+0x4e/0x130 [ 681.337699][T15358] ? mark_lock+0xb5/0xc60 [ 681.342115][T15358] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 681.348021][T15358] ? __pfx_mark_lock+0x10/0x10 [ 681.352884][T15358] ? aa_file_perm+0x4c6/0xfe0 [ 681.357742][T15358] ? __pfx_lock_release+0x10/0x10 [ 681.362849][T15358] ? trace_lock_acquire+0x14e/0x1f0 [ 681.368214][T15358] ? hlock_class+0x4e/0x130 [ 681.372789][T15358] ? __lock_acquire+0x15a9/0x3c40 [ 681.377989][T15358] ___kmalloc_large_node+0x84/0x1b0 [ 681.383256][T15358] __kmalloc_large_node_noprof+0x1c/0x70 [ 681.389026][T15358] __kmalloc_node_track_caller_noprof.cold+0x5/0x5f [ 681.395767][T15358] ? __pfx_aa_file_perm+0x10/0x10 [ 681.401091][T15358] ? bitmap_parse_user+0x24/0x90 [ 681.406354][T15358] memdup_user_nul+0x2b/0x110 [ 681.411116][T15358] bitmap_parse_user+0x24/0x90 [ 681.416074][T15358] default_affinity_write+0xac/0x1c0 [ 681.421433][T15358] ? __pfx_default_affinity_write+0x10/0x10 [ 681.427515][T15358] ? trace_lock_acquire+0x14e/0x1f0 [ 681.432803][T15358] ? __pfx_default_affinity_write+0x10/0x10 [ 681.438875][T15358] proc_reg_write+0x23d/0x330 [ 681.443640][T15358] ? __pfx_proc_reg_write+0x10/0x10 [ 681.449025][T15358] vfs_write+0x24c/0x1150 [ 681.453431][T15358] ? __fget_files+0x1fc/0x3a0 [ 681.458305][T15358] ? __pfx___mutex_lock+0x10/0x10 [ 681.463412][T15358] ? __pfx_vfs_write+0x10/0x10 [ 681.468406][T15358] ? __fget_files+0x206/0x3a0 [ 681.473171][T15358] ksys_write+0x12b/0x250 [ 681.477707][T15358] ? __pfx_ksys_write+0x10/0x10 [ 681.482653][T15358] do_syscall_64+0xcd/0x250 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 681.487959][T15358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 681.493939][T15358] RIP: 0033:0x7f684f585d19 [ 681.498901][T15358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 681.518973][T15358] RSP: 002b:00007f68502f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 681.527822][T15358] RAX: ffffffffffffffda RBX: 00007f684f776080 RCX: 00007f684f585d19 [ 681.535973][T15358] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 681.544015][T15358] RBP: 00007f684f601a20 R08: 0000000000000000 R09: 0000000000000000 [ 681.552153][T15358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 681.560375][T15358] R13: 0000000000000000 R14: 00007f684f776080 R15: 00007ffccab543d8 [ 681.568639][T15358] [ 681.571715][T15358] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 681.579043][T15358] CPU: 1 UID: 0 PID: 15358 Comm: syz.4.2605 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0 [ 681.589870][T15358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 681.599997][T15358] Call Trace: [ 681.603316][T15358] [ 681.606285][T15358] dump_stack_lvl+0x3d/0x1f0 [ 681.610948][T15358] panic+0x71d/0x800 [ 681.614925][T15358] ? __pfx_panic+0x10/0x10 [ 681.619421][T15358] ? show_trace_log_lvl+0x29d/0x3d0 [ 681.624698][T15358] ? __alloc_pages_noprof+0xeff/0x25b0 [ 681.630232][T15358] check_panic_on_warn+0xab/0xb0 [ 681.635247][T15358] __warn+0xf6/0x3c0 [ 681.639190][T15358] ? __alloc_pages_noprof+0xeff/0x25b0 [ 681.644752][T15358] report_bug+0x3c0/0x580 [ 681.649118][T15358] handle_bug+0x54/0xa0 [ 681.653313][T15358] exc_invalid_op+0x17/0x50 [ 681.657860][T15358] asm_exc_invalid_op+0x1a/0x20 [ 681.662748][T15358] RIP: 0010:__alloc_pages_noprof+0xeff/0x25b0 [ 681.668859][T15358] Code: 24 2c 00 00 00 00 89 cd 0f 84 8b f9 ff ff 8b 34 24 48 89 da 8b 7c 24 08 e8 0e b3 fe ff e9 69 f9 ff ff c6 05 e1 44 16 0e 01 90 <0f> 0b 90 31 db e9 9f f3 ff ff 89 14 24 e8 9f a2 0c 00 8b 14 24 e9 [ 681.688503][T15358] RSP: 0018:ffffc9000485f918 EFLAGS: 00010246 [ 681.694606][T15358] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 681.702603][T15358] RDX: 0000000000000000 RSI: 0000000000000013 RDI: 0000000000040cc0 [ 681.710603][T15358] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 681.718611][T15358] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000013 [ 681.726614][T15358] R13: 0000000000040cc0 R14: 1ffff9200090bf37 R15: 00000000ffffffff [ 681.734645][T15358] ? hlock_class+0x4e/0x130 [ 681.739195][T15358] ? mark_lock+0xb5/0xc60 [ 681.743571][T15358] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 681.749336][T15358] ? __pfx_mark_lock+0x10/0x10 [ 681.754159][T15358] ? aa_file_perm+0x4c6/0xfe0 [ 681.758883][T15358] ? __pfx_lock_release+0x10/0x10 [ 681.763956][T15358] ? trace_lock_acquire+0x14e/0x1f0 [ 681.769197][T15358] ? hlock_class+0x4e/0x130 [ 681.773741][T15358] ? __lock_acquire+0x15a9/0x3c40 [ 681.778840][T15358] ___kmalloc_large_node+0x84/0x1b0 [ 681.784074][T15358] __kmalloc_large_node_noprof+0x1c/0x70 [ 681.789744][T15358] __kmalloc_node_track_caller_noprof.cold+0x5/0x5f [ 681.796374][T15358] ? __pfx_aa_file_perm+0x10/0x10 [ 681.801433][T15358] ? bitmap_parse_user+0x24/0x90 [ 681.806420][T15358] memdup_user_nul+0x2b/0x110 [ 681.811140][T15358] bitmap_parse_user+0x24/0x90 [ 681.815952][T15358] default_affinity_write+0xac/0x1c0 [ 681.821273][T15358] ? __pfx_default_affinity_write+0x10/0x10 [ 681.827202][T15358] ? trace_lock_acquire+0x14e/0x1f0 [ 681.832450][T15358] ? __pfx_default_affinity_write+0x10/0x10 [ 681.838377][T15358] proc_reg_write+0x23d/0x330 [ 681.843088][T15358] ? __pfx_proc_reg_write+0x10/0x10 [ 681.848333][T15358] vfs_write+0x24c/0x1150 [ 681.852696][T15358] ? __fget_files+0x1fc/0x3a0 [ 681.857410][T15358] ? __pfx___mutex_lock+0x10/0x10 [ 681.862469][T15358] ? __pfx_vfs_write+0x10/0x10 [ 681.867275][T15358] ? __fget_files+0x206/0x3a0 [ 681.871995][T15358] ksys_write+0x12b/0x250 [ 681.876355][T15358] ? __pfx_ksys_write+0x10/0x10 [ 681.881258][T15358] do_syscall_64+0xcd/0x250 [ 681.885801][T15358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 681.891733][T15358] RIP: 0033:0x7f684f585d19 [ 681.896184][T15358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 681.915836][T15358] RSP: 002b:00007f68502f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 681.924293][T15358] RAX: ffffffffffffffda RBX: 00007f684f776080 RCX: 00007f684f585d19 [ 681.932301][T15358] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 681.940297][T15358] RBP: 00007f684f601a20 R08: 0000000000000000 R09: 0000000000000000 [ 681.948295][T15358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 681.956289][T15358] R13: 0000000000000000 R14: 00007f684f776080 R15: 00007ffccab543d8 [ 681.964304][T15358] [ 681.967485][T15358] Kernel Offset: disabled [ 681.971893][T15358] Rebooting in 86400 seconds..