last executing test programs: 9m45.912810583s ago: executing program 0 (id=1476): mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000) r0 = open$dir(&(0x7f0000000000)='./file0\x00', 0x42, 0x20) open_tree$auto(r0, 0x0, 0x1001) pipe$auto(0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, r0, 0x0, 0x80008001, 0x9) write$auto(0x6, 0x0, 0x100000001) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) connect$auto(0x4, 0x0, 0x10) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) connect$auto(0x3, 0x0, 0x55) getcwd$auto(0x0, 0x3) close_range$auto(0x2, 0x8000, 0x0) 9m45.614325851s ago: executing program 0 (id=1479): syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000480), 0xffffffffffffffff) r0 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f00000041c0)={0x18, r0, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@HWSIM_ATTR_REG_STRICT_REG={0x4}]}, 0x18}}, 0x4048000) (fail_nth: 23) 9m44.904350157s ago: executing program 0 (id=1481): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) connect$auto(r0, 0x0, 0x10) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) connect$auto(0x3, 0x0, 0x55) getcwd$auto(0x0, 0x3) mmap$auto(0x0, 0x40009, 0x22ea, 0x9b72, 0x7, 0x28000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x400000, 0x0) close_range$auto(0x2, 0x8000, 0x0) 9m44.577944373s ago: executing program 0 (id=1484): bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) modify_ldt$auto(0x1, &(0x7f00000001c0), 0x10) ppoll$auto(0x0, 0xe, &(0x7f0000000080)={0x2, 0x7fffffffffffffff}, 0x0, 0x8) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) r0 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x7, 0x4a}) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x5, &(0x7f0000000180), 0x5, 0x1000}, 0x5}, 0x2, 0x100) 9m44.218187276s ago: executing program 0 (id=1488): close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2, 0x1, 0x0) socket(0x1e, 0x1, 0x0) socket(0x10, 0x2, 0x0) memfd_create$auto(&(0x7f0000000000)='\xc4--:\xdd:,./-${\x00', 0x4) mmap$auto(0x400000000000, 0x9, 0x8, 0x800000000c812, 0x3, 0x0) ftruncate$auto(0x3, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/suppress_frag_ndisc\x00', 0x418641, 0x0) ioperm$auto(0x7, 0x6, 0x1) tkill$auto(0x80000000000001, 0x7) read$auto_proc_sys_file_operations_proc_sysctl(r0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) close_range$auto(0x2, 0x8000, 0x0) socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x2, 0x0) r1 = open(0x0, 0x22240, 0x155) r2 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000002c0)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010029bd50009ddbdf251100000008000300", @ANYRES32=r6], 0x1c}, 0x1, 0x0, 0x0, 0x20018048}, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(r1, &(0x7f0000000580)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000540)={&(0x7f0000000280)={0x298, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@OVS_VPORT_ATTR_PORT_NO={0x8, 0x1, 0x3}, @OVS_VPORT_ATTR_STATS={0x44, 0x6, {0x7ff, 0x1, 0xfffffffffffffff4, 0xcb, 0x74b6434f, 0xd, 0x1, 0x6}}, @OVS_VPORT_ATTR_OPTIONS={0x211, 0x4, 0x0, 0x1, [@generic="2400dd3999c56afb4be075a285b0ab4db8b57dde782c88bff12be7f0f91b6d21eb683dda5fc9db743d8382b4d3023052aeed3ec3485991f4df778875685572c4329bb985d796b22325ef3f70d94c44a2dac532945fae4d95294058b83a5804d5abc0ba9a941430815f8bcc9483bed991feb993a2cefd91b52e8c7843a1f281bfce707d4b474954ef5c59ee92432e17", @nested={0xb4, 0xff, 0x0, 0x1, [@typed={0x8, 0x8, 0x0, 0x0, @u32=0xc}, @generic="0f85e0ccbcc6c62eabad959b58b06a319219513913f4ad8692e836cc7e7b1f83a1ba5b0452e8c8d8135429e766769bcb624a9b9f6def75d9f1b9b8c58091e380f9c3881aa39d41063c900c991f2570e3ebe1fc0fdaa616879c18790b3a40624d77162c2c33224ffbe14f130c81d747d73a62bc81c356100b80d5ef90663f9d303c0ef7c2e7830d52034aea80c9afef88c26ff596e64850cf039dc0af2f2ab9968a5d63074e7283b7"]}, @nested={0x18, 0x1e, 0x0, 0x1, [@nested={0x4, 0x138}, @typed={0x8, 0x76, 0x0, 0x0, @ipv4=@rand_addr=0x64010100}, @typed={0x8, 0x10d, 0x0, 0x0, @ipv4=@multicast2}]}, @generic, @typed={0x8, 0x10c, 0x0, 0x0, @uid}, @typed={0x14, 0x68, 0x0, 0x0, @ipv6=@private2}, @generic="f10ce89c11226532724dea7d94945cd62cf2a8fe326d528f8ce436320d68f67673f2ce12134893a8dec34dd8c27da359dfc4626d595104f2c3f82643e4eb3fdcb88b048b87c9bf0732489df1c5990d5cb498753556be2e301287cd24591a1eb0d073b200cd01bf006a1b81185c563d1a3916ee472886b85b64bde3ad46ad6c95341b3d9c28e6f69c10ed56158d6bd3f4f6f2895448bb"]}, @OVS_VPORT_ATTR_UPCALL_PID={0x4}, @OVS_VPORT_ATTR_IFINDEX={0x8, 0x8, r6}, @OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0xd2}, @OVS_VPORT_ATTR_PORT_NO={0x8, 0x1, 0xfffffffc}, @OVS_VPORT_ATTR_PORT_NO={0x8, 0x1, 0x3}]}, 0x298}, 0x1, 0x0, 0x0, 0xc851}, 0x4000000) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="1b0026bd7000fddbdf2503000000040008001c00038008001400", @ANYRES32=r1, @ANYBLOB="0f000d006f76735f7061636b6574000012000100898771f1c19f177904859082c9693560040002"], 0x4c}, 0x1, 0x0, 0x0, 0x4050}, 0xc800) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r8 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r8, 0x107, 0x1, 0x0, 0x8004) sendmsg$auto_NETDEV_CMD_NAPI_SET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="20a296edb436ea0d", @ANYRES16=0x0, @ANYBLOB="000129bd7000fcdbdf250e0000000c0007000100000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x4000001}, 0x44004) 9m44.029851702s ago: executing program 2 (id=1489): socket(0x10, 0x2, 0x0) r0 = timerfd_create$auto(0x9, 0x0) socket(0x1e, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x18, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) eventfd$auto(0x3) r1 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd, 0x400, @old_map_fd=0x3ff}, 0xa3) socket(0x10, 0x80002, 0x0) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)={0x24, 0x0, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x1}, @NETDEV_A_QUEUE_ID={0x8, 0x1, 0xffffffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x24008050) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00211459a600fbdbdf250200000008000300000000001b0004"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) socket(0x22, 0x2, 0x4) socket$nl_generic(0x10, 0x3, 0x10) setitimer$auto(0xfffffffb, &(0x7f0000000000)={{0x56, 0xfffffffffffffffa}, {0xd44b, 0x5}}, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) write$auto_snd_pcm_oss_f_reg_pcm_oss(r2, &(0x7f0000000280)="c282", 0x2) ioctl$auto_SNDCTL_DSP_SYNC(r2, 0x5001, 0x7) poll$auto(&(0x7f0000000000)={0xffffffffffffffff, 0x1, 0x8}, 0x5, 0x400) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) 9m43.641800109s ago: executing program 0 (id=1490): syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000480), 0xffffffffffffffff) r0 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f00000041c0)={0x18, r0, 0x1, 0x70bd25, 0x25dfdbfe, {0x4, 0x0, 0x300}, [@HWSIM_ATTR_REG_STRICT_REG={0x4}]}, 0x18}}, 0x4048000) 9m43.294489288s ago: executing program 32 (id=1490): syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000480), 0xffffffffffffffff) r0 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f00000041c0)={0x18, r0, 0x1, 0x70bd25, 0x25dfdbfe, {0x4, 0x0, 0x300}, [@HWSIM_ATTR_REG_STRICT_REG={0x4}]}, 0x18}}, 0x4048000) 9m42.760432063s ago: executing program 2 (id=1494): rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000000440)=ANY=[@ANYBLOB="08010000", @ANYRES16=r1, @ANYBLOB="01002cbd7000fcdbdf24010000000400080071fe0180ec00028008004400", @ANYRES32=r0, @ANYBLOB="1000fd800c00f4800400888004000a807f40888600f80aea5286e39305ff0bd278709a97855529c402fbedc97f582168de982d78cd942ff99ea23fbb1768e2ef776ee262bce6ef7e77c75da0352f39d7c96d52f44bd665e8141671bf64911682485f10170119465c548f90db6439b0d0d65c0d67073e8bec4e0000"], 0x108}, 0x1, 0x0, 0x0, 0x800}, 0x40) openat$auto_trace_options_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/options/test_nop_refuse\x00', 0x4d8085, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8001}, 0x40080) r3 = socket(0xa, 0x1, 0x1) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/swradio0\x00', 0x1600, 0x0) process_vm_readv$auto(0x0, &(0x7f0000000080)={0x0, 0x6}, 0x26, 0x0, 0x6, 0x0) readv$auto(0x3, &(0x7f0000000040)={&(0x7f0000000000), 0x36a}, 0x6) r4 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0) bpf$auto(0x0, &(0x7f0000000280)=@bpf_attr_4={0x1e, 0x4, 0xffff, r4}, 0x6f4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff) socket(0x2, 0x1, 0x106) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r5, 0x200, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="00082abd7000ffdbdf251f00000008003500fbffffff04008b00"], 0x20}, 0x1, 0x0, 0x0, 0x20000060}, 0x20000010) madvise$auto(0xfffffffffffffffe, 0xffffffffffff0005, 0x19) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) fstatfs$auto(0x3, 0xfffffffffffffffd) openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cpu/0/msr\x00', 0xf82, 0x0) r7 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000080), r4) sendmsg$auto_IOAM6_CMD_DEL_SCHEMA(r3, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1c0000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="00042dbdbc7000ffdb000800040080ffffff08df82cd92000000"], 0x24}, 0x1, 0x0, 0x0, 0x841}, 0x0) sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000080)={0x2c, r7, 0x400, 0x70bd2a, 0x25dfdbfc}, 0x2c}, 0x1, 0x0, 0x0, 0x4800}, 0x20004810) 9m41.495865024s ago: executing program 2 (id=1498): r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio1\x00', 0xba600, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ipvlan1\x00'}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = socket(0x2, 0xa, 0xa) futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x1, 0x2b, 0x0, 0x28) sendmmsg$auto(r1, &(0x7f0000000300)={{&(0x7f0000000140), 0x12, 0x0, 0x7, 0x0, 0x3, 0x1}, 0x7}, 0x8, 0x7fff) r2 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x6) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) io_uring_enter$auto(0x3, 0x8, 0x2, 0x800006, 0x0, 0xf2) writev$auto(0x9, &(0x7f0000000300)={0x0, 0x3}, 0x2) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001f80)={0x20, r4, 0xd0d58b333228212f, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r5}, @NL80211_ATTR_SCAN_SUPP_RATES={0x4}]}, 0x20}}, 0x40400c4) sendmsg$auto_NL80211_CMD_DEL_STATION(r2, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000140)={0x1a8, r4, 0x10, 0x70bd2d, 0x25dfdbfd, {}, [@NL80211_ATTR_SUPPORT_MESH_AUTH={0x4}, @NL80211_ATTR_NAN_FUNC={0x106, 0xf0, 0x0, 0x1, [@generic="8155cc139aeac0b4cc6a184333299226ec3786adf2dbc321d2e848435f48c39247eabb677f81901318cd25717f691ad824359afc4aaad433289af4cb686269540ac2afe1fc2c1c9bf533021a6a6bbcb42fa7b78358f96cf480702c6a7e65eff47f894cc3df2f57f27941ee12172690ca485d9a178d96e5ccffc805d9c3449ac11230def2150182f29fc1277ead78fe8413d02504f1544b052ee2d859d3e39c46b640eb885a1548d2b2fa6166caebb06a3218c728504e8263822ae7880986783c270d9db0c1600f594b6e31d8e31b136ccab72676bb63b6c11619692c8c615371366fab92ba6ef544849b7cfbe969d25c7d6d829f66f1c7761827", @typed={0x8, 0x70, 0x0, 0x0, @ipv4=@empty}]}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x77, 0xcd, "ad3cff9a507397b99765a87fad07e10a48de66033f2782a0365d72fdb164b83978cb5e7e421a0763dc5521a42b3ce9e5a8fe3afb4526209ac0ac06fd4e0d6d72a8f279083df81c735cdfb3394666664016acd400e161a6c1637beeb1a7490f4c49b97b17facf0d5e5dee54d8adbf511ddb3c58"}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x7b}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x20008000}, 0x800) io_uring_setup$auto(0x6, 0x0) open(0x0, 0x22240, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) utime$auto(0x0, &(0x7f0000001ac0)={0x8, 0x2}) 9m40.647077911s ago: executing program 2 (id=1501): r0 = openat$auto_regulator_summary_fops_(0xffffffffffffff9c, 0x0, 0x40000, 0x0) read$auto_regulator_summary_fops_(r0, &(0x7f00000000c0)=""/86, 0x56) 9m40.265939145s ago: executing program 2 (id=1504): close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2, 0x1, 0x0) socket(0x1e, 0x1, 0x0) socket(0x10, 0x2, 0x0) memfd_create$auto(&(0x7f0000000000)='\xc4--:\xdd:,./-${\x00', 0x4) mmap$auto(0x400000000000, 0x9, 0x8, 0x800000000c812, 0x3, 0x0) ftruncate$auto(0x3, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/suppress_frag_ndisc\x00', 0x418641, 0x0) ioperm$auto(0x7, 0x6, 0x1) tkill$auto(0x80000000000001, 0x7) read$auto_proc_sys_file_operations_proc_sysctl(r0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) close_range$auto(0x2, 0x8000, 0x0) socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x2, 0x0) r1 = open(0x0, 0x22240, 0x155) r2 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000002c0)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010029bd50009ddbdf251100000008000300", @ANYRES32=r6], 0x1c}, 0x1, 0x0, 0x0, 0x20018048}, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(r1, &(0x7f0000000580)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000540)={&(0x7f0000000280)={0x298, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@OVS_VPORT_ATTR_PORT_NO={0x8, 0x1, 0x3}, @OVS_VPORT_ATTR_STATS={0x44, 0x6, {0x7ff, 0x1, 0xfffffffffffffff4, 0xcb, 0x74b6434f, 0xd, 0x1, 0x6}}, @OVS_VPORT_ATTR_OPTIONS={0x211, 0x4, 0x0, 0x1, [@generic="2400dd3999c56afb4be075a285b0ab4db8b57dde782c88bff12be7f0f91b6d21eb683dda5fc9db743d8382b4d3023052aeed3ec3485991f4df778875685572c4329bb985d796b22325ef3f70d94c44a2dac532945fae4d95294058b83a5804d5abc0ba9a941430815f8bcc9483bed991feb993a2cefd91b52e8c7843a1f281bfce707d4b474954ef5c59ee92432e17", @nested={0xb4, 0xff, 0x0, 0x1, [@typed={0x8, 0x8, 0x0, 0x0, @u32=0xc}, @generic="0f85e0ccbcc6c62eabad959b58b06a319219513913f4ad8692e836cc7e7b1f83a1ba5b0452e8c8d8135429e766769bcb624a9b9f6def75d9f1b9b8c58091e380f9c3881aa39d41063c900c991f2570e3ebe1fc0fdaa616879c18790b3a40624d77162c2c33224ffbe14f130c81d747d73a62bc81c356100b80d5ef90663f9d303c0ef7c2e7830d52034aea80c9afef88c26ff596e64850cf039dc0af2f2ab9968a5d63074e7283b7"]}, @nested={0x18, 0x1e, 0x0, 0x1, [@nested={0x4, 0x138}, @typed={0x8, 0x76, 0x0, 0x0, @ipv4=@rand_addr=0x64010100}, @typed={0x8, 0x10d, 0x0, 0x0, @ipv4=@multicast2}]}, @generic, @typed={0x8, 0x10c, 0x0, 0x0, @uid}, @typed={0x14, 0x68, 0x0, 0x0, @ipv6=@private2}, @generic="f10ce89c11226532724dea7d94945cd62cf2a8fe326d528f8ce436320d68f67673f2ce12134893a8dec34dd8c27da359dfc4626d595104f2c3f82643e4eb3fdcb88b048b87c9bf0732489df1c5990d5cb498753556be2e301287cd24591a1eb0d073b200cd01bf006a1b81185c563d1a3916ee472886b85b64bde3ad46ad6c95341b3d9c28e6f69c10ed56158d6bd3f4f6f2895448bb"]}, @OVS_VPORT_ATTR_UPCALL_PID={0x4}, @OVS_VPORT_ATTR_IFINDEX={0x8, 0x8, r6}, @OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0xd2}, @OVS_VPORT_ATTR_PORT_NO={0x8, 0x1, 0xfffffffc}, @OVS_VPORT_ATTR_PORT_NO={0x8, 0x1, 0x3}]}, 0x298}, 0x1, 0x0, 0x0, 0xc851}, 0x4000000) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="1b0026bd7000fddbdf2503000000040008001c00038008001400", @ANYRES32=r1, @ANYBLOB="0f000d006f76735f7061636b6574000012000100898771f1c19f177904859082c9693560040002"], 0x4c}, 0x1, 0x0, 0x0, 0x4050}, 0xc800) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r8 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r8, 0x107, 0x1, 0x0, 0x8004) sendmsg$auto_NETDEV_CMD_NAPI_SET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="20a296edb436ea0d", @ANYRES16=0x0, @ANYBLOB="000129bd7000fcdbdf250e0000000c0007000100000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x4000001}, 0x44004) 9m37.530695366s ago: executing program 2 (id=1510): r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendto$auto(0x3, 0x0, 0x18, 0x101, 0x0, 0x1c) fallocate$auto(r0, 0x10000, 0x8, 0x10) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/036/001\x00', 0xa901, 0x0) ioctl$auto(r1, 0x80045519, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendto$auto(r1, &(0x7f0000000080)="07e6b6ef8e9e4fc9593fc8d01d62c10d2eeb95f03efe437e523b5988568c935afdd689c9eec66c7ea195461e7664c6fafc37a2d2c4f41ecf15e6a3b7c9b9df287be46721782df875aba4b64097e393bab90ec69c3588b43f40d94cf45a2a8aa8f9baae33008977452235af0d24a4e69664d41e6ad09403b25427101a0f0eb63ad717f13fca520ac474fa35a5263c57edf076b626123ffb0315028c603a21d689e22985a0cde755560fada5acba8ce1efaf7cfaba97b8956bbde5c1c6c21a77", 0x6, 0x20002000, &(0x7f0000000140)=@l2={0x1f, 0x6, @none, 0x200, 0x1}, 0x24) ioctl$auto(0x3, 0xc040563e, 0x38) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x2f2d00, 0x0) r2 = socket(0x10, 0x2, 0x4) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'dummy0\x00'}) r4 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x10a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setrlimit$auto(0x1000000007, 0x0) open_by_handle_at$auto(r4, &(0x7f0000000040)={0x8, 0x2, "0600000000000000"}, 0x2) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00'], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) write$auto(r2, 0x0, 0x2fe) openat$auto_hsr_node_table_fops_(0xffffffffffffff9c, 0x0, 0x2000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) madvise$auto(0x0, 0xf663, 0x15) 9m37.144881451s ago: executing program 33 (id=1510): r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendto$auto(0x3, 0x0, 0x18, 0x101, 0x0, 0x1c) fallocate$auto(r0, 0x10000, 0x8, 0x10) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/036/001\x00', 0xa901, 0x0) ioctl$auto(r1, 0x80045519, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendto$auto(r1, &(0x7f0000000080)="07e6b6ef8e9e4fc9593fc8d01d62c10d2eeb95f03efe437e523b5988568c935afdd689c9eec66c7ea195461e7664c6fafc37a2d2c4f41ecf15e6a3b7c9b9df287be46721782df875aba4b64097e393bab90ec69c3588b43f40d94cf45a2a8aa8f9baae33008977452235af0d24a4e69664d41e6ad09403b25427101a0f0eb63ad717f13fca520ac474fa35a5263c57edf076b626123ffb0315028c603a21d689e22985a0cde755560fada5acba8ce1efaf7cfaba97b8956bbde5c1c6c21a77", 0x6, 0x20002000, &(0x7f0000000140)=@l2={0x1f, 0x6, @none, 0x200, 0x1}, 0x24) ioctl$auto(0x3, 0xc040563e, 0x38) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x2f2d00, 0x0) r2 = socket(0x10, 0x2, 0x4) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'dummy0\x00'}) r4 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x10a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setrlimit$auto(0x1000000007, 0x0) open_by_handle_at$auto(r4, &(0x7f0000000040)={0x8, 0x2, "0600000000000000"}, 0x2) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00'], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) write$auto(r2, 0x0, 0x2fe) openat$auto_hsr_node_table_fops_(0xffffffffffffff9c, 0x0, 0x2000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) madvise$auto(0x0, 0xf663, 0x15) 6.416046325s ago: executing program 3 (id=4233): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/orangefs/stats/reads\x00', 0x1e9042, 0x0) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0) (async) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x22340, 0x1a1) (async, rerun: 32) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) (rerun: 32) r0 = openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x2, 0x0) write$auto_tracing_cpumask_fops_trace(r0, &(0x7f0000000100)="55cfd90bcc29798c38", 0x9) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) (async) write$auto(0x3, 0x0, 0x100085) 6.048345067s ago: executing program 3 (id=4235): r0 = socket(0x2, 0x2, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x8) sendto$auto(0x3, 0x0, 0x18, 0x101, 0x0, 0x1c) connect$auto(0x3, &(0x7f0000000140), 0x55) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x8a240, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = open(0x0, 0x261c2, 0x84) acct$auto(&(0x7f0000000200)='/proc/sys/kernel/sched_deadline_period_max_us\x00') acct$auto(0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'syz_tun\x00'}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r4 = fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) pidfd_getfd$auto(0x3, 0x1, 0x100000000) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_fd=r1, r3, 0x99, 0x8, 0x1, @relative_fd=r4, 0x5}, 0x92) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, r2, 0x0, 0x6}, 0xc) write$auto(r0, 0x0, 0x8e) openat$auto__dev_ioctl_fops_dev_ioctl(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0) 5.701222809s ago: executing program 3 (id=4239): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) socket(0x2, 0x801, 0x100) connect$auto(0x3, &(0x7f00000000c0), 0x55) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0x3, 0x800005411, 0x38) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/device_info\x00', 0x48041, 0x0) write$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f00000000c0)="e681c31a41851177897792f1d3f6bb81fd8cac7558250851119b9087fe63fb519c2d8bd4171c316a1e05a91be062feecd971012bcff9b4d2d6322f8db4a257a500f0679bee611f47950500da703a1d6513e69e2fba85f34b579da640f0f1711b39e725d0a541e1248f4d8d03ad78faaaea2fc53a40b184ce13aa2284f795241567e8f7ec7ed040c09734cab453f24bb6283b521e00cbad7e6a96d7c1d4db6b27502c6f4c4c3585fc0b21c825b286fe8dff713c08f7af2254299e1b5885a2f0624d5742610c287e0e823b3005cd94807dd2c560cfaa0686837815389bc4dc1a1de5e211507fa6a3537edf7484db6e894b1695e5128a20181ae8d46f1bcfa26d0b87d649d3902d2b31144d2656325d4911efbb264bdd3aadfd523b74d5cba0d2a1d750058a6e8238c23bf809089c14ff01e7f44ced0514d36f0d05186a9a23f21102dd5275523d1d0228dbbba027cf2016e0690f178d205af924375a4ce6b3134a5f538634dea1f6b700badd8caa936bde680008ca8d9f9b05a080873eb1ca99a76c3be9c1e3b45137cfc5afa7f0161377c5b6307c094abbcf4e6f6015ad942c669c1bf92abf3ad56195f923cc91682e6dea90b79d728bba7784be0fe2b8b9ae2d4139554e7247d30c3393cb75d2fcbe37abc7bc943ac59029c74dff7e9827cf2cfaef36f5cbe828198e7ad7e6aa94dcea32f1aa0d40bf22d50b4872719d4d3117bd1b4e295c22f12e7654720c7b60558b6b4e99d99a5d4d46b44dd9498a4676964aa1279f19e147fe643619fc9df7ce9b902f052a7ac30696c11c12f74f720724f58fec5e7d16bc7fa3c2c2012d4a135d4a9111c70b479f5fd591cf7fd4e41d0697a384519d9f98e370b7282e43a23510d60bc8df5ae6f207529042dcefa5e5080bf4d41fe6be09ba0b499c68a1b0b672186d66b9ba9886276afe52644947bb13682c521fdd299150d54e4ad050cbf93f4d3a4bb4afb2852dfe3c3a14be0384675410605cde53b049c511c1bd5ab363995c067396fff716e7b65518c20af712251fa2b33a657a86285e92015370e3ddf8684c0e37c0796692af653cacc115bc2d17a13ef743c5bb2df7d36e24f79bdb3189fa2446d97f761bcd92acf7ae6cc3a3e2aeafa502186bcf81e452a6de0bc3485baa71d2a6a064bf149cd1ded8b815b37ea27f84d11e16857536a0ee65d8be1eb9dba2777e9530a55312dd91a49b569a339365a1f43678b4adfce801dc1ef60dc2beef618b4b9ceb1fe58cf4cf15430c60db96376193a82d005b99def0eea7ccfc57e2da33ba2e16c024b4368b93c1b9506be2b8f6d89bae03259f7a336a5e9c7d7844df403722b5882f9b318463155992d36f2955a66a85e8dcc8e4a829e1ec685cdaedfb7a5950c94d507387f45acfd446c7574a502fe5ac66fc09d81d6fd8dc501ebd85204ad498bea7aee79d4a79146276cd7196dafc8bd332cd14f083a6bdce3fb182fd3d40eb06b626dea6c91c6bde48978dac8baaaf98087ff46da36e6a9f42ea6b9242331c8163eacead38be3792a03cbaceb9f239ec837c73b5a248a529b0bf44f3f321cee7a73d3b97f07b3a0704fe9970c4a7f9c61e59f1f926c1e8cc6dffff427d2d018646734752b440afe95e0842d249002138e22aec9db1d43b650511fa682a6a4a1252e851f7139d5be9b65ff1ef39d1d98225e2809ff00b4b6232ee0096377140d2a5745e5171f64001c9e17ed81b936db15dded3b973eb655bb2ca0f47adbc162bb9b78a8d31ece13d7cc0ab0534659a65b5f2233e67723c3aff82efd17899e4feca46519431d7042e6ffce716711f22e28ff779e1dd97b45f162580f7c4d938c6e8f0d19858d7b61d2a1d0432470252adc311d9413f2522de74488fa39342ffc75a13760692c2111ed9a865f1bba1c51ed4d4ceaca6a00a46c960b521606958759945912fe2b9eae420f3850021eaf53c0c9fd917c979765e4ddd7d108b9139a5bdcdc6b59c097098726f186b12ff12542c247e0b9b10eb20bb04a9a7925e9df317bae202512f76bbead72f11ed9fa1eb00b8c10f16cc78fe6035f421948de3b713ca7dd63a249fb0032725794ae46d29d38292545f33b43062552c1bc33a79f9a52df317c6d3c7fc92145eb875ae17af09a9a631592e44c318af7bd91cf5894e9c4186e5f8b8dd1ff3f65b8a7f7cbf8478feb1af30ae4f480eaf330accf94fbe13135a8f3a706a24886bcbea7cadb500ab901ab285c034910a26985e831050a3204b053310136cea36bf99bf8940a9fcd03231e6de6e1330dc5ec8afc5535f6dcdbb711825ba0280143bf6901dec3c8b43ad3514d6a0872995a3f0c2410cf1ac63ea45a2333458bef6db8a09ba3a294225b13a692307a8b383dd025a9e2f80753ffbd2b6c9d3a28b5d76d2629acc4a206f8a70854af659267b2fca2333bc8748283c50b18b50d47dfcf9a5b9c88e53011005c3a39823f10db0036aa2a64b6bb49c1bd546940e1d1339a528761be4735b2491caa4eb0139cd0d8c7c8822bfc06a975ba1b9ceb518fa22099fb5aaf577af301ce076f1441a100df38c93fbc04e64f8d65022a570af192a8c884f9e39aaac9ce7cdce7aa0cb1dee98b279a792d86eb8351d4b9f66fdb052b62cccc31d760595448a6da64d4e6c6d259011596e3e744221c762bde39d822cc37539cee836ef65479c4eb0da1a18a69532bb6956b2247b14468dec8cbdb24799d637c593bab4bd3c2c85c85613cd07857f1e4cb90284559bb8cd2c3525825be8cfbdfb644d54490da77956d3196ceb139732cbf342e36500b9533e34da7a1a0030eb0e28f893e80253192a01af225b7a09314a023311cfd7ba60ac09bb637dc86f7ca1b8a098d81a277056802fd917e24cbad4b8d78a1606931bd462bd23a43d9e6928c4aac123586bb78646b3782f172a34428ead8b79adf31b9b91f51e38336cd67869e922e68a2baf555aa1126f56a74b8a173250da90fe93a1419c5d314d502827bf42e2185f66777ae32a1560cd9048c14c6b12471b2a8225846c4162c8b0108e18f2b773f3d1f7100d2cab3260cd41331da64903bfd6d7bf1bfea2847180af681e575db595c7cc4e201dc8d9dff859481536db00c2703c993441498ca045095ef6b5d3b78682973b406601e0249795115bd11a10ba26cd3359542ea7e2a3b51f087e85919a158ff3c65d701d0ac371f8ffd55b7e2ea4874d83c0a5fde584c36c744458c20941de6754bc3e417f230dab222edf93abd0f044f90b8d4fe944e6871fd94715868cdd122e8938536e60d125af0dd3fe730af6085ac4b072d5d0f3c2968fbe903c508c3e8c9fa522a3d51322e31d853ebbd1c0be726ddab797ccc330fd7357e2a435ea95da0eaaeaadd573e8e82ada3dba18352c93dd4c1fff823a3e39fb9c2f28921bc640947a35ee5babd1dc7deb8dc3167668c0275638bab06b7addca4331d08e50778a38ed3a37eb2742408d0f93d2e166334cd16f7f06abbb77bf1bcc1f8a301689e8a0ae6e1db29e779c6af8f57ee83f7ad9c292c5565d667d474b3661ac09d6a74e72fac3d99d0c0bd12df99ad828011cb079a40af4428905b2b49298aab36cdd6050c72b7c03d07d6ef89af47bd66e138cd61827103d1e72f97677ec3a2427c45d65f7a0e71c10d9c9033e48cfd9ca12eda8a33983596ffa1e43f5d5528c35f8b77c1f2a7c061af6f6a75e954b9dfd95f9f01c6d911f77ccc27bf6a0652c2740ee4c84bc0352a17c0888895e75c00a4d53feb2e78817fd3793a94d32a8719f7ce00b0d644934c5c8ebc4754923432dadbb5ecdada2c4d315baff6375b9736bd009d296ace0063a83ad2ea4d32f642f9213e8693a8b5f12e68422a66ef9495c495d62313d0f4f6d08e2d262e8490c559af62903771f2e40b66a53ddecc676f94da684f5f39297908424914ef63784c8f1a5f0f66c4389052b622fe28e61a576223a795383024e8b9e3c8db45508e74da11ea9dc68708661c63342af20761212ae7a8eb73cbfa54e7a4314873212075881198c0dd9439d3b18574e95d95d5fcc91705dc6aefdf4516ecf7ac1237ad9d9b8b95c7a04af40738e3b4e6a68d62a04525238319c909ecb99faa10ea1715570214b7b9b6e00ead9c1554f9e0fea53d238d68b5221485a3dad4466a8c03d9f79f940907ee2343df65c58a955b29ab081ba4c61807083b5e6b733403d1f477931de3de38a2e79a33638f6041049091afa0aa0bed31710fe47fa115e6060872f76ef27aa8131c04a8da6047f028a7a65d3952f715ff1d2cbff1c3355e1a1023ddeb974fcbcafa3fe126e4f68c21f8488fb5329932b2d576acb46b972c2b570c7d8c2f3aaf8592fbec54aba08ad3e851e713542cd18fa1a0efdfe312b372d08b68cec700c540d99252395c57a76333ce9aea6f4134fe77750a80d4550e96e015e7c7d0a1467bbf086fa042261126bd7e7b73a088187f7087fbde187d543e53f443e91286a6042d9af11c510718d49c6991ace86421b838b11c3a3c493976de9b566bfe179c4d57bb7545bf03a3cfa4d729731765fbbfbe84f34ec03b73fa04f98467baa68ce1190fa81a83229e1a34c6fb9202ac2a08d811b1f3fc07f63860913674d0953a55c2e0e35daa45e9108d227ab56fb340ecb658613796b79c826cda8128ff4fc1e01b6a6e0ba1c97cb9a146e0ee88c0aa99cb6de81bf9df43cf284b41a0f3c93ceb68d6a514f685fe1bcffcc11362424e807a89dc6a81c1cf0f74bdbb9675f454437285ac468510e17fea4020333706600e7a52aaa48271470aeb804da5496eb8092707c7c0b3d28df4a137881b6f75d9869097b253692d6b61b532588d6e3e4e9f87d6946f12436f5baf752f2b820e0a61fe7282a54d997a3a0511e1a335a941c5f20c7291bf25a6df5ccb646d61ca727c2cacc2523d5b15eb6d3272a518df0646a3b5bde6f3b6e2015cb54ea98b4dc045fb05c937b4a41cb52f8bd90049bc631a1785bdc748e5e8f4dd9db4b3dd95b74eeb66bbb7a414d1fcea84c20ece7791643085be26b23c02c63d64e635ef1756da1b79d5d13fa59b71214464c4ccc16392340ed1678c4ad3d450c7ebebbcd0faadeb4d56563adc9c069eb75bb39e1a655a8523644ca271fa66b5c1f70e8d8be3717022777f8bd33af1a3b82bc77302d16a4e5b799fab0e933f536b35804e8c219d7fd3bc3357effdd4f12eb3b7461f0b7c827cfc6df3e3f153c3ac45acba3fbde03067b67771c5b64fe70843e63c574ee40450bbef0ce4fcbdf8a00c40e47aa7b93b0c9d46f6cdbc86f54493450eb84631848c4d14884e81d359e8a6132d215e76ceaf93d65447f545f5a09e51303141ede0ec121a4edd78a91eb138b1747b649bcb23bfea10826cc79023f9b2db79e31efa50ac7abb47e476d413f7d964ca374ff923c48e62362617bfb1cca0ec6bf86fd9b3945903ddbfc0381cd66770e6ca4ba3e5f2cd7f72733475873ccc80f736cd9edeaaf0ac13ed1929097ccb66df071ba2e65afaf44f04574136faf65e5f7c0edbee3e1939089cec488496b4882d9cacc82677736eeeddbb7a951c39498b678a6424f8a2b955fbcdc1b2322609949f85f66ee77e3fb2f376017f32bb911e733075ecbe3b986345a080174b7aec9c55b936bef54e5043ffe83e464555bfac73ceb102cd512974b25dbe7d5ff2bae83ee6c946dfb631e3b03705b27604417bb0d64d630ea619c3a394cb14dc105f3aa3306063916fb3b9178dbb00646e6ab63166a84dc57f0fb751c992f4816b8d5df60fcbccb2d9d5d13351b946b910a87", 0x1000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) msgsnd$auto(0x5, 0x0, 0x3, 0x8) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mlock$auto(0xfbe8, 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000002800)={'dummy0\x00'}) openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000001640), 0x40, 0x0) ppoll$auto(0x0, 0x1, 0x0, 0x0, 0x8) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000004640), r2) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_ACT(0xffffffffffffffff, &(0x7f0000004740)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40404}, 0x8800) mlock$auto(0x8001, 0xb) mlock$auto(0x7c88, 0x7fff) futex_waitv$auto(&(0x7f0000000000)={0xa, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) io_uring_setup$auto(0x40005, &(0x7f0000000000)={0x3, 0x1, 0x3ff, 0x10000007, 0x1005, 0x9, 0xffffffffffffffff, [0x5e1, 0x2e9, 0x8], {0xfffffffd, 0x0, 0x8, 0x8, 0x5, 0x100005, 0x1, 0xfffffffc, 0x7}, {0x2, 0xfff, 0xffff7fff, 0x2, 0x4000018, 0x200, 0x3, 0x0, 0x3}}) madvise$auto(0x108000, 0x800034, 0xc) bpf$auto(0xb, 0x0, 0x3) 5.200267917s ago: executing program 5 (id=4240): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/ipc\x00') r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00') close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r2 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) move_pages$auto(0x0, 0x33b, &(0x7f0000000080)=0x0, 0x0, 0x0, 0x4) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x24, 0x940, 0x1ffde, 0x3, 0x6, 0x8000002, 0x9, 0x5, 0x2, 0x4, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, [0x0, 0x0, 0x0, 0x243efbdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe6e]}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x161343, 0x100) r6 = open(&(0x7f0000000080)='./file0\x00', 0xeee00, 0x31) sendfile$auto(r5, r6, 0x0, 0x8000) read$auto_tracing_pipe_fops_trace(r6, &(0x7f0000000180)=""/33, 0x21) r7 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_NEWPDP(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="000127bd7000fddbdf250000000008000400e000000108000700", @ANYRES32=r1, @ANYBLOB="06000600ff07000008000700", @ANYRES32=r0, @ANYBLOB="566dcf4d6c9bd6774273c0080002000500000005000d00040000000800080009000000"], 0x4c}, 0x1, 0x0, 0x0, 0x20440c0}, 0x4000004) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) shmctl$auto(0x9, 0xe, 0x0) socket(0xa, 0x2, 0x73) read$auto(r4, 0x0, 0xb9) write$auto(0x3, 0x0, 0xfdef) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 3.689895906s ago: executing program 4 (id=4243): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0xfdef) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x7, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x20000804) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="720100", @ANYBLOB="12"], 0x1ac}}, 0x40000) 3.549348112s ago: executing program 5 (id=4244): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x53d181, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r0, 0x5001, 0x7) ioctl$auto_SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000040)=0x8) 3.293031665s ago: executing program 4 (id=4245): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/stat/synproxy\x00', 0x121080, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000140)=""/4096, 0x1000) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) timerfd_create$auto(0x9, 0x0) socket(0x1, 0x2, 0x0) connect$auto(0x4, &(0x7f0000000000), 0x7f) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000000)={0x34, r2, 0x1, 0x70bd2a, 0x25dfdc00, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}]}, @ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x8811}, 0x0) 3.219735785s ago: executing program 5 (id=4246): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x8, 0x8000) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) r1 = socket(0x1, 0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_REG(r1, 0x0, 0x20048895) ioctl$auto_MON_IOCX_MFETCH(r0, 0xc0109207, 0x0) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) flock$auto(r0, 0x6) mmap$auto(0x0, 0x2000000400005, 0xdf, 0x80000011, 0xffffffffffffffff, 0x8001) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r2 = openat$auto_ipsec_dbg_fops_ipsec(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim0/ports/3/ipsec\x00', 0x80a00, 0x0) ioctl$auto(0xc8, 0x400454d0, r2) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x3, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a001}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) 2.807092131s ago: executing program 4 (id=4247): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) r0 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f00000004c0), 0x101202, 0x0) write$auto_nvmf_dev_fops_fabrics(r0, &(0x7f0000001500)='7', 0x1) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) socket(0x21, 0x2, 0x2) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) fcntl$auto(0x3, 0x4, 0xa553) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x7, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) r1 = socket(0x10, 0x2, 0x4) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) 2.73183826s ago: executing program 1 (id=4248): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x7, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) 2.389830519s ago: executing program 5 (id=4249): unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="010325bd70c0ffdbdf250a000000"], 0x14}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040804) (async) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="010325bd70c0ffdbdf250a000000"], 0x14}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040804) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}}, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) r1 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000004900), 0xffffffffffffffff) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000005e00)='/sys/fs/o2cb/logmask/TCP\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000005e40)=""/103, 0x67) (async) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000005e40)=""/103, 0x67) sendmsg$auto_NL802154_CMD_STOP_BEACONS(0xffffffffffffffff, &(0x7f0000004a00)={&(0x7f00000048c0)={0x10, 0x0, 0x0, 0x5000}, 0xc, &(0x7f00000049c0)={&(0x7f0000004940)={0x4c, r1, 0x20, 0x70bd2c, 0x25dfdbfc, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_BEACON_INTERVAL={0x5, 0x26, 0x4}, @NL802154_ATTR_MIN_BE={0x5, 0x11, 0x7}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x101}, @NL802154_ATTR_SEC_ENABLED={0x5}, @NL802154_ATTR_SCAN_TYPE={0x5, 0x1f, 0x9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2400c804}, 0x4000) sendmsg$auto_NL802154_CMD_DEL_SEC_KEY(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x44, r1, 0x0, 0x70bd27, 0x25dfdbfc, {}, [@NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x1}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0x2}, @NL802154_ATTR_SUPPORTED_COMMANDS={0x4}, @NL802154_ATTR_SUPPORTED_COMMANDS={0x1c, 0x19, 0x0, 0x1, [@typed={0x18, 0xd2, 0x0, 0x0, @binary="8b49f5ec1860050436c3b66f1b75fd0ec2afae68"}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x84) 1.914943699s ago: executing program 1 (id=4250): r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x14bfc3, 0x0) mmap$auto(0x0, 0x0, 0xffffffffffffffff, 0x40eb0, r0, 0x300000000000) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x1a9382, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) write$auto(0x3, 0x0, 0xfffffdef) write$auto(r1, 0x0, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x0) read$auto(r2, 0x0, 0x1) r3 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r4 = openat$auto_fops_atomic_t_(0xffffffffffffff9c, 0x0, 0x105000, 0x0) write$auto_proc_clear_refs_operations_internal(r3, 0x0, 0xffffff4b) io_uring_setup$auto(0x0, 0x0) futex$auto(0x0, 0x1, 0x6, 0x0, 0x0, 0x80000001) gettid() mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x801, 0x84) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu0/trace\x00', 0x80800, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, r4, 0x8000) read$auto(0x3, 0x0, 0x400000) 1.865876786s ago: executing program 4 (id=4251): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x52204b}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x48, r0, 0x2, 0x70bd29, 0x25dfdbfd, {}, [@OVS_METER_ATTR_ID={0x8, 0x1, 0x828e}, @OVS_METER_ATTR_ID={0x8, 0x1, 0xfffffff0}, @OVS_METER_ATTR_KBPS={0x4}, @OVS_METER_ATTR_CLEAR={0x4}, @OVS_METER_ATTR_KBPS={0x4}, @OVS_METER_ATTR_KBPS={0x4}, @OVS_METER_ATTR_USED={0xc, 0x5, 0x4}, @OVS_METER_ATTR_MAX_METERS={0x8, 0x7, 0x7f}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x880) madvise$auto(0x100000, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mq_timedreceive$auto(0x6b76, 0x0, 0xe, 0x0, &(0x7f0000000140)={0x3, 0x8000000000000000}) r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x101000, 0x0) setreuid$auto(0x0, 0x0) read$auto(r1, 0x0, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv6/conf/veth0_vlan/disable_policy\x00', 0x40101, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r2, 0x0, 0x0) write$auto(0x3, 0x0, 0x100082) openat$auto_short_retry_limit_ops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy0/short_retry_limit\x00', 0x0, 0x0) setsockopt$auto(r1, 0x8001, 0xebf, &(0x7f00000000c0)='#,-\x00', 0x7) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) mmap$auto(0x0, 0x80000400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x11, 0x80003, 0x300) open(0x0, 0xa240, 0x15e) socket(0x2, 0x3, 0x4000003a) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) statmount$auto(0x0, &(0x7f0000000180)={0x40008, 0x1, 0x9, 0x3, 0x40, 0x101, 0x1ffde, 0x3, 0x2000000000000006, 0x2, 0x9, 0x5, 0x2, 0x7, 0xffffffffffffffff, 0x9, 0xffff, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b40000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000, 0x0, 0x8000000000000004, 0x0, 0x0, 0x0, 0x0, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80]}, 0x1fe, 0x81) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) r4 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) fchdir$auto(r4) 1.567920373s ago: executing program 1 (id=4252): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) ioperm$auto(0xfffffffffffffff8, 0x7, 0xfffffff7) sendmmsg$auto(0x15, &(0x7f0000000100)={{0x0, 0x6, &(0x7f00000000c0)={&(0x7f00000008c0), 0x9}, 0x7f, 0x0, 0x8000, 0x2}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x3}, 0x1ed7138c}, 0x7, 0x0) 1.488259657s ago: executing program 1 (id=4253): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/ipc\x00') set_tid_address$auto(0xfffffffffffffffd) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r1 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) move_pages$auto(0x0, 0x33b, &(0x7f0000000080)=0x0, 0x0, 0x0, 0x4) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x24, 0x940, 0x1ffde, 0x3, 0x6, 0x8000002, 0x9, 0x5, 0x2, 0x4, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, [0x0, 0x0, 0x0, 0x243efbdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe6e]}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x161343, 0x100) r5 = open(&(0x7f0000000080)='./file0\x00', 0xeee00, 0x31) sendfile$auto(r4, r5, 0x0, 0x8000) read$auto_tracing_pipe_fops_trace(r5, &(0x7f0000000180)=""/33, 0x21) r6 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_NEWPDP(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="000127bd7000fddbdf250000000008000400e000000108000700", @ANYRES32, @ANYBLOB="06000600ff07000008000700", @ANYRES32=r0, @ANYBLOB="566dcf4d6c9bd6774273c0080002000500000005000d00040000000800080009000000"], 0x4c}, 0x1, 0x0, 0x0, 0x20440c0}, 0x4000004) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) shmctl$auto(0x9, 0xe, 0x0) socket(0xa, 0x2, 0x73) read$auto(r3, 0x0, 0xb9) write$auto(0x3, 0x0, 0xfdef) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 1.267473027s ago: executing program 3 (id=4254): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0xfdef) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x7, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x20000804) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="720100", @ANYBLOB="12"], 0x1ac}}, 0x40000) 1.172281446s ago: executing program 5 (id=4255): open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) r0 = openat$auto_sc_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000100), 0x182c1, 0x0) sched_rr_get_interval$auto(0x0, &(0x7f0000000380)={0x100000000, 0x9}) connect$auto(r0, &(0x7f0000000140)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6}, 0x2af0) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) io_pgetevents$auto(0x5, 0x7fffffff, 0xffffffff, 0x0, 0x0, 0xffffffffffffffff) rename$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='./cgroup\x00') inotify_init1$auto(0xffffffff) r1 = openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x80800, 0x0) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdds\x1cJ\x99\x00:2\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) mmap$auto(0x4, 0x7fffffffffffffff, 0x0, 0x18, r1, 0x1) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) bpf$auto(0x18, &(0x7f0000000040)=@raw_tracepoint={0x0, 0xffffffffffffffff, 0x0, 0xff}, 0x92) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) 759.135448ms ago: executing program 5 (id=4256): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_clone3(&(0x7f0000001200)={0x200c0000, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, 0x0}, 0x58) madvise$auto(0x0, 0x20200, 0x15) mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) open(0x0, 0x261c2, 0x84) r0 = socket(0x10, 0x2, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/udp6\x00', 0x20440, 0x0) pread64$auto(r1, 0x0, 0xa0, 0xf86) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000"], 0x1ac}}, 0x4004) sendmmsg$auto(r0, 0x0, 0x3, 0x0) semctl$auto(0x0, 0x10000, 0x11, 0x3) mmap$auto(0x0, 0x2020009, 0x1, 0x210, 0xfffffffffffffffa, 0x8002) read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x80800, 0x0) read$auto(r2, 0x0, 0x2000000) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000780)='/proc/self/net/rpc/auth.rpcsec.init/channel\x00', 0x441, 0x0) write$auto(r3, &(0x7f0000000080)='/sy kernel/tracing/set_event_notrace_pid\x00', 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffbfffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x5, 0xffffffffffffd208, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x8004) mseal$auto(0x1ffff000, 0x7dda, 0x0) 709.000547ms ago: executing program 4 (id=4257): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x8, 0x8000) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) r1 = socket(0x1, 0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_REG(r1, 0x0, 0x20048895) ioctl$auto_MON_IOCX_MFETCH(r0, 0xc0109207, 0x0) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) flock$auto(r0, 0x6) mmap$auto(0x0, 0x2000000400005, 0xdf, 0x80000011, 0xffffffffffffffff, 0x8001) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r2 = openat$auto_ipsec_dbg_fops_ipsec(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim0/ports/3/ipsec\x00', 0x80a00, 0x0) ioctl$auto(0xc8, 0x400454d0, r2) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x3, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a001}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) 496.768292ms ago: executing program 1 (id=4258): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x7, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}, 0x1, 0x300}, 0x40000) 362.24176ms ago: executing program 3 (id=4259): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, 0x0, 0x24000802) mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r4 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r4, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) bind$auto(0x3, 0xfffffffffffffffd, 0x0) sendmsg$auto_GTP_CMD_ECHOREQ(r4, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="d0010000", @ANYRES16=r2, @ANYBLOB="b940e9a9f84d19cdcfbf74319c5a6f000300", @ANYRES32=r3], 0x1d0}}, 0x4000000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x4000000) 171.914762ms ago: executing program 4 (id=4260): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r0 = socket(0xa, 0x2, 0x3a) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x23, 0x80805, 0x0) memfd_secret$auto(0x0) socket(0x2b, 0x1, 0x1) setsockopt$auto(r0, 0x29, 0x14, 0x0, 0x10000110) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x7, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) r1 = socket(0x10, 0x2, 0x4) memfd_secret$auto(0x7f) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) 115.037468ms ago: executing program 1 (id=4261): r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x14bfc3, 0x0) mmap$auto(0x0, 0x0, 0xffffffffffffffff, 0x40eb0, r0, 0x300000000000) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x1a9382, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) write$auto(0x3, 0x0, 0xfffffdef) write$auto(r1, 0x0, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x0) read$auto(r2, 0x0, 0x1) r3 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r4 = openat$auto_fops_atomic_t_(0xffffffffffffff9c, 0x0, 0x105000, 0x0) write$auto_proc_clear_refs_operations_internal(r3, 0x0, 0xffffff4b) io_uring_setup$auto(0x0, 0x0) futex$auto(0x0, 0x1, 0x6, 0x0, 0x0, 0x80000001) gettid() mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x801, 0x84) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu0/trace\x00', 0x80800, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, r4, 0x8000) read$auto(0x3, 0x0, 0x400000) 0s ago: executing program 3 (id=4262): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) r1 = socket(0x1e, 0x6, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/swaps\x00', 0x40000, 0x0) select$auto(0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x8, 0x3}) poll$auto(&(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x7}, 0x100, 0xfffffffd) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) sendmsg$auto_NL80211_CMD_SET_WOWLAN(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRESHEX=0x0, @ANYBLOB="0100ff000000000000ea4900000008000300", @ANYRES32=r0], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x14040885) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETFAMILY(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4008810}, 0x30040005) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000000)=""/112, 0x70) socket(0x840000000002, 0x3, 0xff) r5 = socket(0xa, 0x3, 0x6) mq_open$auto(&(0x7f0000000000)='.\xf1e4\xdf\x16\x95kxE\xd9x\x15\xb0\xf6V\x93\xb4E\x06\xc5}l', 0x56a, 0xb275, 0x0) mq_timedreceive$auto(0x8, 0x0, 0xfffffffd, 0x0, 0x0) r6 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000100), r1) sendmsg$auto_OVS_DP_CMD_NEW(r5, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c1372005a130085066b21134f8010b7ad59aeb856106e948ddc09b048fe0349c680115f58949bd998bd855ba40f2eabb6522fc098aa111f84a63db7b685689367b1c3da0db9148161e03a5cc9f28fbf", @ANYRES16=r6, @ANYBLOB="020025bd7000fbdbdf25010000000500010000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x90}, 0x40000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/bus/usb/drivers/radio-keene/unbind\x00', 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) kernel console output (not intermixed with test programs): lave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 563.373199][T14589] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 563.422177][T14589] hsr_slave_0: entered promiscuous mode [ 563.428166][ T29] audit: type=1800 audit(8277292221.570:19): pid=14643 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2412" name="discovery_nqn" dev="configfs" ino=55232 res=0 errno=0 [ 563.450771][T14589] hsr_slave_1: entered promiscuous mode [ 563.457503][T14589] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 563.466519][T14589] Cannot create hsr debugfs directory [ 563.623298][T14646] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2413'. [ 563.716234][T14589] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 563.766269][T14648] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2414'. [ 563.834372][T14589] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 563.994037][T14589] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 564.128692][T14589] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 564.219545][ T5847] Bluetooth: hci3: command tx timeout [ 564.412807][T14589] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 564.490640][T14589] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 564.517073][T14589] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 564.545105][T14589] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 564.742169][T14589] 8021q: adding VLAN 0 to HW filter on device bond0 [ 564.803231][T14589] 8021q: adding VLAN 0 to HW filter on device team0 [ 564.876293][ T2935] bridge0: port 1(bridge_slave_0) entered blocking state [ 564.883635][ T2935] bridge0: port 1(bridge_slave_0) entered forwarding state [ 564.976058][T11322] bridge0: port 2(bridge_slave_1) entered blocking state [ 564.983301][T11322] bridge0: port 2(bridge_slave_1) entered forwarding state [ 565.148378][T14678] netlink: 'syz.5.2422': attribute type 3 has an invalid length. [ 565.163420][T14678] netlink: 332 bytes leftover after parsing attributes in process `syz.5.2422'. [ 565.425672][T14658] [U] [ 565.428483][T14658] [U] [ 565.431251][T14658] [U] [ 565.434019][T14658] [U] [ 565.447526][T14658] [U] [ 565.450357][T14658] [U] [ 565.453133][T14658] [U] [ 565.455907][T14658] [U] [ 565.470666][T14658] [U] [ 565.473467][T14658] [U] [ 565.476241][T14658] [U] [ 565.478998][T14658] [U] [ 565.517766][T14658] [U] [ 565.520588][T14658] [U] [ 565.523363][T14658] [U] [ 565.526140][T14658] [U] [ 565.533115][T14658] [U] [ 565.535915][T14658] [U] [ 565.538693][T14658] [U] [ 565.541478][T14658] [U] [ 565.558769][T14658] [U] [ 565.561687][T14658] [U] [ 565.564466][T14658] [U] [ 565.567239][T14658] [U] [ 565.579843][T14658] [U] [ 565.582672][T14658] [U] [ 565.585433][T14658] [U] [ 565.588230][T14658] [U] [ 565.604067][T14658] [U] [ 565.606873][T14658] [U] [ 565.609670][T14658] [U] [ 565.612528][T14658] [U] [ 565.626716][T14676] [U] [ 565.931705][T14589] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 566.113566][T14589] veth0_vlan: entered promiscuous mode [ 566.152962][T14589] veth1_vlan: entered promiscuous mode [ 566.265959][T14589] veth0_macvtap: entered promiscuous mode [ 566.285376][T14695] ptrace attach of "./syz-executor exec"[11650] was attempted by "./syz-executor exec"[14695] [ 566.299676][ T5847] Bluetooth: hci3: command tx timeout [ 566.307322][T14589] veth1_macvtap: entered promiscuous mode [ 566.331011][T14589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 566.355024][T14589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.380497][T14589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 566.395980][T14589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.415631][T14589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 566.427513][T14589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.455752][T14589] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 566.489696][T14589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 566.508994][T14589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.519451][T14589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 566.531902][T14589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.543740][T14589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 566.555185][T14589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.566721][T14589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 566.587664][T14589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.620474][T14589] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 566.668891][T14589] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.698849][T14589] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.729835][T14589] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.738656][T14589] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.762665][T14711] Invalid ELF header magic: != ELF [ 567.071665][ T3607] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 567.111762][ T3607] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 567.168471][T11330] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 567.194703][T11330] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 567.357412][T14718] MTRR 1 not used [ 568.330350][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.337121][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 568.379729][ T5847] Bluetooth: hci3: command tx timeout [ 568.852582][T14752] Invalid ELF header magic: != ELF [ 569.477470][T14759] MTRR 1 not used [ 569.517944][T14755] ptrace attach of "./syz-executor exec"[14589] was attempted by "./syz-executor exec"[14755] [ 569.956375][T14767] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2444'. [ 570.459733][ T5847] Bluetooth: hci3: command tx timeout [ 571.068991][T14793] zero sized request [ 571.078351][T14793] < [ 571.496608][T14803] Invalid ELF header magic: != ELF [ 572.600419][T14821] MTRR 1 not used [ 574.310005][T14831] [U] [ 574.312837][T14831] [U] [ 574.315601][T14831] [U] [ 574.318361][T14831] [U] [ 574.332164][T14831] [U] [ 574.334975][T14831] [U] [ 574.337748][T14831] [U] [ 574.340527][T14831] [U] [ 574.353900][T14831] [U] [ 574.356703][T14831] [U] [ 574.359483][T14831] [U] [ 574.362255][T14831] [U] [ 574.373833][T14831] [U] [ 574.376632][T14831] [U] [ 574.379397][T14831] [U] [ 574.382260][T14831] [U] [ 574.397382][T14831] [U] [ 574.400188][T14831] [U] [ 574.402961][T14831] [U] [ 574.405732][T14831] [U] [ 574.415635][T14831] [U] [ 574.418444][T14831] [U] [ 574.421220][T14831] [U] [ 574.423993][T14831] [U] [ 574.427339][T14831] [U] [ 574.430117][T14831] [U] [ 574.432891][T14831] [U] [ 574.435652][T14831] [U] [ 574.439628][T14831] [U] [ 574.442417][T14831] [U] [ 574.445164][T14831] [U] [ 574.447899][T14831] [U] [ 574.451218][T14831] [U] [ 574.453998][T14831] [U] [ 574.456762][T14831] [U] [ 574.459522][T14831] [U] [ 574.462779][T14843] [U] [ 579.160304][ T29] audit: type=1800 audit(8277292237.320:20): pid=14973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2495" name="trace_pipe" dev="tracefs" ino=1129 res=0 errno=0 [ 580.983594][T15026] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2510'. [ 581.269635][T15031] netlink: 'syz.3.2512': attribute type 2 has an invalid length. [ 581.286013][T15029] netlink: 'syz.3.2512': attribute type 2 has an invalid length. [ 582.387136][T15041] [U] [ 582.389955][T15041] [U] [ 582.392715][T15041] [U] [ 582.395488][T15041] [U] [ 582.430501][T15041] [U] [ 582.433305][T15041] [U] [ 582.436077][T15041] [U] [ 582.438840][T15041] [U] [ 582.513593][T15041] [U] [ 582.516410][T15041] [U] [ 582.519177][T15041] [U] [ 582.521942][T15041] [U] [ 582.554580][T15041] [U] [ 582.557405][T15041] [U] [ 582.560194][T15041] [U] [ 582.562976][T15041] [U] [ 582.601669][T15041] [U] [ 582.604479][T15041] [U] [ 582.607253][T15041] [U] [ 582.610032][T15041] [U] [ 582.649593][T15047] [U] [ 583.600202][T13881] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 583.622676][T13881] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 583.643075][T13881] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 583.655681][T13881] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 583.679809][T13881] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 583.690316][T13881] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 584.435070][T15077] chnl_net:caif_netlink_parms(): no params data found [ 584.822860][T15077] bridge0: port 1(bridge_slave_0) entered blocking state [ 584.848584][T15077] bridge0: port 1(bridge_slave_0) entered disabled state [ 584.872284][T15077] bridge_slave_0: entered allmulticast mode [ 584.897913][T15077] bridge_slave_0: entered promiscuous mode [ 584.916054][T15077] bridge0: port 2(bridge_slave_1) entered blocking state [ 584.943650][T15077] bridge0: port 2(bridge_slave_1) entered disabled state [ 584.967319][T15077] bridge_slave_1: entered allmulticast mode [ 584.987836][T15077] bridge_slave_1: entered promiscuous mode [ 585.087609][T15077] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 585.119254][T15077] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 585.185549][T15077] team0: Port device team_slave_0 added [ 585.211781][T15077] team0: Port device team_slave_1 added [ 585.288778][T15077] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 585.306182][T15077] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 585.389694][T15077] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 585.411079][T15077] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 585.430872][T15077] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 585.463084][T15077] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 585.568408][T15077] hsr_slave_0: entered promiscuous mode [ 585.580900][T15077] hsr_slave_1: entered promiscuous mode [ 585.594639][T15077] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 585.611760][T15077] Cannot create hsr debugfs directory [ 585.740555][T13881] Bluetooth: hci4: command tx timeout [ 585.808647][T15115] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2531'. [ 585.968491][T15077] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 586.056579][T15107] [U] [ 586.059394][T15107] [U] [ 586.062173][T15107] [U] [ 586.064959][T15107] [U] [ 586.073529][T15107] [U] [ 586.077297][T15107] [U] [ 586.080070][T15107] [U] [ 586.082838][T15107] [U] [ 586.096850][T15107] [U] [ 586.099677][T15107] [U] [ 586.102460][T15107] [U] [ 586.105229][T15107] [U] [ 586.137023][T15077] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 586.159126][T15107] [U] [ 586.162086][T15107] [U] [ 586.164824][T15107] [U] [ 586.167558][T15107] [U] [ 586.196285][T15107] [U] [ 586.199149][T15107] [U] [ 586.201928][T15107] [U] [ 586.204700][T15107] [U] [ 586.227089][T15107] [U] [ 586.229902][T15107] [U] [ 586.232663][T15107] [U] [ 586.235388][T15107] [U] [ 586.261295][T15107] [U] [ 586.264102][T15107] [U] [ 586.266887][T15107] [U] [ 586.268153][T15077] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 586.269632][T15107] [U] [ 586.309677][T15113] [U] [ 586.392084][T15077] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 586.574780][T15077] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 586.605254][T15077] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 586.635655][T15077] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 586.652884][T15077] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 586.822534][T15077] 8021q: adding VLAN 0 to HW filter on device bond0 [ 586.843881][T15077] 8021q: adding VLAN 0 to HW filter on device team0 [ 586.883541][T15077] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 586.894087][T15077] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 586.916437][T10909] bridge0: port 1(bridge_slave_0) entered blocking state [ 586.923692][T10909] bridge0: port 1(bridge_slave_0) entered forwarding state [ 586.936612][T10909] bridge0: port 2(bridge_slave_1) entered blocking state [ 586.943950][T10909] bridge0: port 2(bridge_slave_1) entered forwarding state [ 587.513764][T15077] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 587.666320][T15077] veth0_vlan: entered promiscuous mode [ 587.681996][T15077] veth1_vlan: entered promiscuous mode [ 587.738438][T15077] veth0_macvtap: entered promiscuous mode [ 587.766394][T15077] veth1_macvtap: entered promiscuous mode [ 587.819659][T13881] Bluetooth: hci4: command tx timeout [ 587.825068][T15077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 587.825101][T15077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 587.825123][T15077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 587.884997][T15077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 587.895129][T15077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 587.908087][T15077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 587.918247][T15077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 587.928909][T15077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 587.942241][T15077] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 587.952716][T15077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 587.964559][T15077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 587.988892][T15077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 588.027175][T15077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 588.047847][T15077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 588.077474][T15077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 588.103677][T15077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 588.132288][T15077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 588.151867][T15077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 588.173256][T15077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 588.194390][T15077] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 588.228383][T15077] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 588.271473][T15077] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 588.291264][T15077] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 588.328821][T15077] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 588.606036][T11323] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 588.615548][T11323] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 588.715848][T11322] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 588.724297][T11322] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 588.769924][T15154] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2543'. [ 589.913294][T13881] Bluetooth: hci4: command tx timeout [ 591.982506][T13881] Bluetooth: hci4: command tx timeout [ 592.081983][T15225] Process accounting resumed [ 593.948176][T15265] lo: entered allmulticast mode [ 593.983867][T15265] lo: left allmulticast mode [ 594.933123][T15271] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2572'. [ 595.100071][T15271] bond0: (slave bond_slave_0): Releasing backup interface [ 595.377925][T15293] vivid-008: ================= START STATUS ================= [ 595.397378][T15293] vivid-008: RDS Tx I/O Mode: Controls [ 595.430559][T15293] vivid-008: RDS Program ID: 32904 [ 595.435811][T15293] vivid-008: RDS Program Type: 3 [ 595.471039][T15293] vivid-008: RDS PS Name: VIVID-TX [ 595.476291][T15293] vivid-008: RDS Radio Text: This is a VIVID default Radio Text template text, change at will [ 595.513963][T15293] vivid-008: RDS Stereo: true [ 595.519258][T15293] vivid-008: RDS Artificial Head: false [ 595.548766][T15293] vivid-008: RDS Compressed: false [ 595.580004][T15293] vivid-008: RDS Dynamic PTY: false [ 595.585411][T15293] vivid-008: RDS Traffic Announcement: false [ 595.610198][T15293] vivid-008: RDS Traffic Program: true [ 595.618487][T15293] vivid-008: RDS Music: true [ 595.632229][T15293] vivid-008: ================== END STATUS ================== [ 599.867289][T15399] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2604'. [ 599.887022][T15399] bridge_slave_1: left allmulticast mode [ 599.902057][T15399] bridge_slave_1: left promiscuous mode [ 599.922158][T15399] bridge0: port 2(bridge_slave_1) entered disabled state [ 599.998489][T15399] bridge_slave_0: left allmulticast mode [ 600.029537][T15399] bridge_slave_0: left promiscuous mode [ 600.048991][T15399] bridge0: port 1(bridge_slave_0) entered disabled state [ 600.928214][T15430] netlink: 'syz.5.2613': attribute type 16 has an invalid length. [ 600.988147][T15430] netlink: 330 bytes leftover after parsing attributes in process `syz.5.2613'. [ 601.994668][T15440] [U] [ 601.997492][T15440] [U] [ 602.000264][T15440] [U] [ 602.003032][T15440] [U] [ 602.029686][T15440] [U] [ 602.032494][T15440] [U] [ 602.035244][T15440] [U] [ 602.038007][T15440] [U] [ 602.051742][T15440] [U] [ 602.054543][T15440] [U] [ 602.057424][T15440] [U] [ 602.060196][T15440] [U] [ 602.086389][T15440] [U] [ 602.089205][T15440] [U] [ 602.091971][T15440] [U] [ 602.094828][T15440] [U] [ 602.121887][T15450] [U] [ 602.592824][T15445] [U] [ 602.595627][T15445] [U] [ 602.598407][T15445] [U] [ 602.601275][T15445] [U] [ 602.605852][T15445] [U] [ 602.608646][T15445] [U] [ 602.611424][T15445] [U] [ 602.614186][T15445] [U] [ 602.618578][T15445] [U] [ 602.621390][T15445] [U] [ 602.624160][T15445] [U] [ 602.626933][T15445] [U] [ 602.634836][T15445] [U] [ 602.637647][T15445] [U] [ 602.640434][T15445] [U] [ 602.643205][T15445] [U] [ 602.648109][T15445] [U] [ 602.650907][T15445] [U] [ 602.653671][T15445] [U] [ 602.656468][T15445] [U] [ 602.662787][T15445] [U] [ 602.665583][T15445] [U] [ 602.668349][T15445] [U] [ 602.671134][T15445] [U] [ 602.674367][T15445] [U] [ 602.677125][T15445] [U] [ 602.679881][T15445] [U] [ 602.682646][T15445] [U] [ 602.685901][T15445] [U] [ 602.688671][T15445] [U] [ 602.691436][T15445] [U] [ 602.694175][T15445] [U] [ 602.698122][T15445] [U] [ 602.700906][T15445] [U] [ 602.703681][T15445] [U] [ 602.706450][T15445] [U] [ 602.710933][T15445] [U] [ 602.713717][T15445] [U] [ 602.716454][T15445] [U] [ 602.719175][T15445] [U] [ 602.732768][T15445] [U] [ 602.735565][T15445] [U] [ 602.738290][T15445] [U] [ 602.741029][T15445] [U] [ 602.760704][T15464] [U] [ 605.603742][T15530] netlink: 74 bytes leftover after parsing attributes in process `syz.1.2641'. [ 607.335130][T15579] binder: 15578:15579 unknown command 605 [ 607.346599][T15579] binder: 15578:15579 ioctl c0306201 9 returned -22 [ 608.049717][T15582] [U] [ 608.052534][T15582] [U] [ 608.055303][T15582] [U] [ 608.058075][T15582] [U] [ 608.090404][T15582] [U] [ 608.093218][T15582] [U] [ 608.095993][T15582] [U] [ 608.098757][T15582] [U] [ 608.119729][T15582] [U] [ 608.122547][T15582] [U] [ 608.125317][T15582] [U] [ 608.128089][T15582] [U] [ 608.149843][T15582] [U] [ 608.152655][T15582] [U] [ 608.155416][T15582] [U] [ 608.158182][T15582] [U] [ 608.192887][T15582] [U] [ 608.195711][T15582] [U] [ 608.198481][T15582] [U] [ 608.201261][T15582] [U] [ 608.240754][T15582] [U] [ 608.243565][T15582] [U] [ 608.246324][T15582] [U] [ 608.249083][T15582] [U] [ 608.278357][T15582] [U] [ 608.281172][T15582] [U] [ 608.283939][T15582] [U] [ 608.286710][T15582] [U] [ 608.306449][T15582] [U] [ 608.309263][T15582] [U] [ 608.312027][T15582] [U] [ 608.314797][T15582] [U] [ 608.332612][T15585] [U] [ 609.115914][T15597] [U] [ 609.118724][T15597] [U] [ 609.121508][T15597] [U] [ 609.124279][T15597] [U] [ 609.127544][T15597] [U] [ 609.130324][T15597] [U] [ 609.133093][T15597] [U] [ 609.135861][T15597] [U] [ 609.139911][T15597] [U] [ 609.142698][T15597] [U] [ 609.145467][T15597] [U] [ 609.148230][T15597] [U] [ 609.151931][T15597] [U] [ 609.154721][T15597] [U] [ 609.157485][T15597] [U] [ 609.160252][T15597] [U] [ 609.164133][T15597] [U] [ 609.166911][T15597] [U] [ 609.169684][T15597] [U] [ 609.172447][T15597] [U] [ 609.175601][T15597] [U] [ 609.178382][T15597] [U] [ 609.181180][T15597] [U] [ 609.184152][T15597] [U] [ 609.191220][T15597] [U] [ 609.194024][T15597] [U] [ 609.196797][T15597] [U] [ 609.199565][T15597] [U] [ 609.202669][T15597] [U] [ 609.205435][T15597] [U] [ 609.208212][T15597] [U] [ 609.210978][T15597] [U] [ 609.214183][T15597] [U] [ 609.216959][T15597] [U] [ 609.219730][T15597] [U] [ 609.222468][T15597] [U] [ 609.225520][T15597] [U] [ 609.228305][T15597] [U] [ 609.231074][T15597] [U] [ 609.233844][T15597] [U] [ 609.237015][T15597] [U] [ 609.239795][T15597] [U] [ 609.242563][T15597] [U] [ 609.245326][T15597] [U] [ 609.249190][T15607] [U] [ 610.293324][T15603] [U] [ 610.296229][T15603] [U] [ 610.299008][T15603] [U] [ 610.301781][T15603] [U] [ 610.317288][T15603] [U] [ 610.320113][T15603] [U] [ 610.322893][T15603] [U] [ 610.325666][T15603] [U] [ 610.337544][T15603] [U] [ 610.340358][T15603] [U] [ 610.343126][T15603] [U] [ 610.345900][T15603] [U] [ 610.359645][T15603] [U] [ 610.362459][T15603] [U] [ 610.365223][T15603] [U] [ 610.367999][T15603] [U] [ 610.382147][T15603] [U] [ 610.384995][T15603] [U] [ 610.387819][T15603] [U] [ 610.390589][T15603] [U] [ 610.401223][T15603] [U] [ 610.404010][T15603] [U] [ 610.406838][T15603] [U] [ 610.409600][T15603] [U] [ 610.427096][T15603] [U] [ 610.429909][T15603] [U] [ 610.432676][T15603] [U] [ 610.435465][T15603] [U] [ 610.444054][T15603] [U] [ 610.446848][T15603] [U] [ 610.449624][T15603] [U] [ 610.452398][T15603] [U] [ 610.456085][T15603] [U] [ 610.458982][T15603] [U] [ 610.461759][T15603] [U] [ 610.464533][T15603] [U] [ 610.486478][T15618] [U] [ 610.932364][T15653] erspan0: entered allmulticast mode [ 611.516499][T15657] [U]  [ 611.519410][T15657] [U] [ 611.522272][T15657] [U] [ 611.525074][T15657] [U] [ 611.549832][T15657] [U] [ 611.552647][T15657] [U] [ 611.555432][T15657] [U] [ 611.558201][T15657] [U] [ 611.610790][T15657] [U] [ 611.613606][T15657] [U] [ 611.616377][T15657] [U] [ 611.619152][T15657] [U] [ 611.657927][T15657] [U] [ 611.660748][T15657] [U] [ 611.663529][T15657] [U] [ 611.666313][T15657] [U] [ 611.697875][T15657] [U] [ 611.700690][T15657] [U] [ 611.703452][T15657] [U] [ 611.706218][T15657] [U] [ 611.726129][T15657] [U] [ 611.728972][T15657] [U] [ 611.731752][T15657] [U] [ 611.734556][T15657] [U] [ 611.890477][T15657] [U] [ 611.893297][T15657] [U] [ 611.896069][T15657] [U] [ 611.898841][T15657] [U] [ 611.927554][T15674] [U] [ 612.740922][T15696] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2681'. [ 613.108322][T15699] binder: 15698:15699 unknown command 610 [ 613.114313][T15699] binder: 15698:15699 ioctl c0306201 9 returned -22 [ 614.060377][T15722] netlink: 18 bytes leftover after parsing attributes in process `syz.3.2686'. [ 614.391135][T15723] [U]  [ 614.394045][T15723] [U] [ 614.396825][T15723] [U] [ 614.399601][T15723] [U] [ 614.424617][T15723] [U] [ 614.427433][T15723] [U] [ 614.430200][T15723] [U] [ 614.432968][T15723] [U] [ 614.439722][T15723] [U] [ 614.442523][T15723] [U] [ 614.445288][T15723] [U] [ 614.448053][T15723] [U] [ 614.466667][T15723] [U] [ 614.469481][T15723] [U] [ 614.472252][T15723] [U] [ 614.475014][T15723] [U] [ 614.481377][T15723] [U] [ 614.484168][T15723] [U] [ 614.486933][T15723] [U] [ 614.489709][T15723] [U] [ 614.493885][T15723] [U] [ 614.496690][T15723] [U] [ 614.499467][T15723] [U] [ 614.502258][T15723] [U] [ 614.530636][T15723] [U] [ 614.533468][T15723] [U] [ 614.536233][T15723] [U] [ 614.539003][T15723] [U] [ 614.565360][T15733] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2690'. [ 614.569787][T15723] [U] [ 614.577321][T15723] [U] [ 614.580097][T15723] [U] [ 614.582863][T15723] [U] [ 614.618038][T15736] [U] [ 614.753824][T15740] openvswitch: netlink: IPv4 tunnel dst address is zero [ 614.793726][T15709] [U] [ 614.796540][T15709] [U] [ 614.799303][T15709] [U] [ 614.802081][T15709] [U] [ 614.817207][T15709] [U] [ 614.820018][T15709] [U] [ 614.822780][T15709] [U] [ 614.825541][T15709] [U] [ 614.859784][T15709] [U] [ 614.862600][T15709] [U] [ 614.865368][T15709] [U] [ 614.868139][T15709] [U] [ 614.895160][T15709] [U] [ 614.897972][T15709] [U] [ 614.900735][T15709] [U] [ 614.903492][T15709] [U] [ 614.955844][T15709] [U] [ 614.958706][T15709] [U] [ 614.961483][T15709] [U] [ 614.964251][T15709] [U] [ 615.003338][T15731] [U] [ 617.579791][T15780] [U]  [ 617.582690][T15780] [U] [ 617.585463][T15780] [U] [ 617.588233][T15780] [U] [ 617.639619][T15780] [U] [ 617.642445][T15780] [U] [ 617.645220][T15780] [U] [ 617.647990][T15780] [U] [ 617.689748][T15786] [U] [ 618.098572][T15762] [U] [ 618.101391][T15762] [U] [ 618.104192][T15762] [U] [ 618.106961][T15762] [U] [ 618.110528][T15762] [U] [ 618.113311][T15762] [U] [ 618.116081][T15762] [U] [ 618.118840][T15762] [U] [ 618.130016][T15762] [U] [ 618.132841][T15762] [U] [ 618.135624][T15762] [U] [ 618.138483][T15762] [U] [ 618.144897][T15762] [U] [ 618.147702][T15762] [U] [ 618.150483][T15762] [U] [ 618.153255][T15762] [U] [ 618.168888][T15762] [U] [ 618.171708][T15762] [U] [ 618.174474][T15762] [U] [ 618.177243][T15762] [U] [ 618.180590][T15762] [U] [ 618.183457][T15762] [U] [ 618.186320][T15762] [U] [ 618.189171][T15762] [U] [ 618.192232][T15762] [U] [ 618.195012][T15762] [U] [ 618.197774][T15762] [U] [ 618.200547][T15762] [U] [ 618.208842][T15762] [U] [ 618.211634][T15762] [U] [ 618.214422][T15762] [U] [ 618.217183][T15762] [U] [ 618.232141][T15777] [U] [ 618.354758][T15805] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2708'. [ 619.693474][T15804] [U] [ 619.696294][T15804] [U] [ 619.699077][T15804] [U] [ 619.701843][T15804] [U] [ 619.726309][T15804] [U] [ 619.729111][T15804] [U] [ 619.731885][T15804] [U] [ 619.734649][T15804] [U] [ 619.762626][T15804] [U] [ 619.765434][T15804] [U] [ 619.768214][T15804] [U] [ 619.770988][T15804] [U] [ 619.811200][T15804] [U] [ 619.814025][T15804] [U] [ 619.816803][T15804] [U] [ 619.819924][T15804] [U] [ 619.859835][T15804] [U] [ 619.862646][T15804] [U] [ 619.865416][T15804] [U] [ 619.868197][T15804] [U] [ 619.883567][T15804] [U] [ 619.886390][T15804] [U] [ 619.889174][T15804] [U] [ 619.891958][T15804] [U] [ 619.916167][T15824] [U] [ 620.500223][T15843] binder: 15840:15843 unknown command 618 [ 620.610571][T15843] binder: 15840:15843 ioctl c0306201 9 returned -22 [ 621.492852][T15868] can: request_module (can-proto-0) failed. [ 622.002805][T15865] could not allocate digest TFM handle [ 623.061202][T15906] [U]  [ 623.064123][T15906] [U] [ 623.066909][T15906] [U] [ 623.069691][T15906] [U] [ 623.089700][T15906] [U] [ 623.092521][T15906] [U] [ 623.095290][T15906] [U] [ 623.098056][T15906] [U] [ 623.101327][T15906] [U] [ 623.104103][T15906] [U] [ 623.106929][T15906] [U] [ 623.109702][T15906] [U] [ 623.126714][T15906] [U] [ 623.129525][T15906] [U] [ 623.132293][T15906] [U] [ 623.135066][T15906] [U] [ 623.146787][T15906] [U] [ 623.149603][T15906] [U] [ 623.152374][T15906] [U] [ 623.155145][T15906] [U] [ 623.158248][T15906] [U] [ 623.161026][T15906] [U] [ 623.163792][T15906] [U] [ 623.166558][T15906] [U] [ 623.179913][T15906] [U] [ 623.182835][T15906] [U] [ 623.185612][T15906] [U] [ 623.188376][T15906] [U] [ 623.212987][T15906] [U] [ 623.215791][T15906] [U] [ 623.218557][T15906] [U] [ 623.221324][T15906] [U] [ 623.258994][T15913] [U] [ 625.237111][T15942] can: request_module (can-proto-0) failed. [ 625.474104][T15938] could not allocate digest TFM handle [ 626.381022][T15969] [U] [ 626.383846][T15969] [U] [ 626.386622][T15969] [U] [ 626.389384][T15969] [U] [ 626.429664][T15969] [U] [ 626.432473][T15969] [U] [ 626.435245][T15969] [U] [ 626.438099][T15969] [U] [ 626.472590][T15969] [U] [ 626.475414][T15969] [U] [ 626.478187][T15969] [U] [ 626.481050][T15969] [U] [ 626.510963][T15969] [U] [ 626.513818][T15969] [U] [ 626.516598][T15969] [U] [ 626.519370][T15969] [U] [ 626.546451][T15969] [U] [ 626.549274][T15969] [U] [ 626.552053][T15969] [U] [ 626.554821][T15969] [U] [ 626.572138][T15981] [U] [ 627.071501][T15989] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 627.167464][T15989] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 627.549544][T15998] Invalid ELF header magic: != ELF [ 628.468540][T16020] [U] [ 628.471369][T16020] [U] [ 628.474279][T16020] [U] [ 628.477069][T16020] [U] [ 628.505983][T16020] [U] [ 628.508802][T16020] [U] [ 628.511577][T16020] [U] [ 628.514345][T16020] [U] [ 628.542668][T16020] [U] [ 628.545523][T16020] [U] [ 628.548298][T16020] [U] [ 628.551152][T16020] [U] [ 628.619833][T16029] [U] [ 629.746195][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.752917][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 631.920322][T16088] openvswitch: netlink: VXLAN extension 13870 out of range max 1 [ 632.301187][T16088] openvswitch: netlink: VXLAN extension 13870 out of range max 1 [ 634.487558][T16143] [U] [ 634.490384][T16143] [U] [ 634.493156][T16143] [U] [ 634.495925][T16143] [U] [ 634.523109][T16143] [U] [ 634.525926][T16143] [U] [ 634.528707][T16143] [U] [ 634.531482][T16143] [U] [ 634.565336][T16143] [U] [ 634.568158][T16143] [U] [ 634.571046][T16143] [U] [ 634.573906][T16143] [U] [ 634.594858][T16143] [U] [ 634.597667][T16143] [U] [ 634.600430][T16143] [U] [ 634.603294][T16143] [U] [ 634.631317][T16143] [U] [ 634.634130][T16143] [U] [ 634.636990][T16143] [U] [ 634.639796][T16143] [U] [ 634.664456][T16148] [U] [ 635.003719][T16156] : Can't lookup blockdev [ 636.169914][T16175] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2789'. [ 638.841785][T16215] [U] [ 638.844607][T16215] [U] [ 638.847656][T16215] [U] [ 638.850430][T16215] [U] [ 638.873731][T16215] [U] [ 638.876544][T16215] [U] [ 638.879328][T16215] [U] [ 638.882107][T16215] [U] [ 638.932458][T16215] [U] [ 638.935269][T16215] [U] [ 638.938045][T16215] [U] [ 638.940812][T16215] [U] [ 638.987838][T16215] [U] [ 638.990658][T16215] [U] [ 638.993425][T16215] [U] [ 638.996204][T16215] [U] [ 639.041728][T16215] [U] [ 639.044542][T16215] [U] [ 639.047309][T16215] [U] [ 639.050125][T16215] [U] [ 639.071314][T16215] [U] [ 639.074138][T16215] [U] [ 639.076905][T16215] [U] [ 639.079765][T16215] [U] [ 639.220947][T16224] [U] [ 641.042907][ T29] audit: type=1800 audit(8277292299.190:21): pid=16248 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2809" name="discovery_nqn" dev="configfs" ino=64608 res=0 errno=0 [ 642.489893][T16294] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2814'. [ 643.007194][T16294] hsr_slave_1 (unregistering): left promiscuous mode [ 643.077199][T16302] syz.4.2818(16302): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 646.660357][T16331] [U] [ 646.663262][T16331] [U] [ 646.666060][T16331] [U] [ 646.668829][T16331] [U] [ 646.692812][T16331] [U] [ 646.695618][T16331] [U] [ 646.698404][T16331] [U] [ 646.701174][T16331] [U] [ 646.751275][T16331] [U] [ 646.754178][T16331] [U] [ 646.756950][T16331] [U] [ 646.759780][T16331] [U] [ 646.789971][T16331] [U] [ 646.792782][T16331] [U] [ 646.795548][T16331] [U] [ 646.798312][T16331] [U] [ 646.829718][T16331] [U] [ 646.832547][T16331] [U] [ 646.835318][T16331] [U] [ 646.838096][T16331] [U] [ 646.870344][T16331] [U] [ 646.873252][T16331] [U] [ 646.876112][T16331] [U] [ 646.878880][T16331] [U] [ 646.899696][T16334] [U] [ 650.076448][T16377] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2837'. [ 650.245335][T16377] hsr_slave_1 (unregistering): left promiscuous mode [ 650.435312][T16390] netlink: 350 bytes leftover after parsing attributes in process `syz.5.2839'. [ 651.105102][T16401] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2842'. [ 651.157998][T16401] openvswitch: netlink: Geneve opt len 2 is not a multiple of 4. [ 653.091928][T16437] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2852'. [ 653.362352][T16437] hsr_slave_1 (unregistering): left promiscuous mode [ 655.331168][T16493] [U] [ 655.334008][T16493] [U] [ 655.336767][T16493] [U] [ 655.339535][T16493] [U] [ 655.366634][T16493] [U] [ 655.369455][T16493] [U] [ 655.372225][T16493] [U] [ 655.375031][T16493] [U] [ 655.396851][T16493] [U] [ 655.399667][T16493] [U] [ 655.402439][T16493] [U] [ 655.405200][T16493] [U] [ 655.419787][T16493] [U] [ 655.422601][T16493] [U] [ 655.425420][T16493] [U] [ 655.428197][T16493] [U] [ 655.443258][T16493] [U] [ 655.446063][T16493] [U] [ 655.448826][T16493] [U] [ 655.451592][T16493] [U] [ 655.467277][T16501] [U] [ 657.860173][T16520] bridge0: port 3(team0) entered blocking state [ 657.866745][T16520] bridge0: port 3(team0) entered disabled state [ 657.882526][T16520] team0: entered allmulticast mode [ 657.887745][T16520] team_slave_0: entered allmulticast mode [ 657.920014][T16520] team_slave_1: entered allmulticast mode [ 657.971011][T16520] team0: entered promiscuous mode [ 657.986265][T16520] team_slave_0: entered promiscuous mode [ 658.004865][T16520] team_slave_1: entered promiscuous mode [ 658.050197][T16520] bridge0: port 3(team0) entered blocking state [ 658.058438][T16520] bridge0: port 3(team0) entered forwarding state [ 660.207589][T16577] openvswitch: netlink: Key type 187 is out of range max 32 [ 660.225303][T16578] openvswitch: netlink: Key type 187 is out of range max 32 [ 662.030201][T16616] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2894'. [ 662.061446][T16616] lo: entered promiscuous mode [ 662.061477][T16616] lo: entered allmulticast mode [ 662.778534][T16631] [U] [ 662.781353][T16631] [U] [ 662.784119][T16631] [U] [ 662.786886][T16631] [U] [ 662.816508][T16631] [U] [ 662.819310][T16631] [U] [ 662.822096][T16631] [U] [ 662.824862][T16631] [U] [ 662.845718][T16631] [U] [ 662.848522][T16631] [U] [ 662.851323][T16631] [U] [ 662.854089][T16631] [U] [ 662.878616][T16631] [U] [ 662.881454][T16631] [U] [ 662.884225][T16631] [U] [ 662.886992][T16631] [U] [ 662.922824][T16631] [U] [ 662.925646][T16631] [U] [ 662.928413][T16631] [U] [ 662.931221][T16631] [U] [ 662.962221][T16634] [U] [ 668.181703][T16690] netlink: 322 bytes leftover after parsing attributes in process `syz.5.2914'. [ 668.231688][T16691] netlink: 322 bytes leftover after parsing attributes in process `syz.5.2914'. [ 668.759754][T16696] openvswitch: netlink: Key type 261 is out of range max 32 [ 669.015839][T16703] [U] [ 669.037073][T16703] [U] [ 671.501706][T16734] [U] [ 671.504517][T16734] [U] [ 671.507295][T16734] [U] [ 671.510071][T16734] [U] [ 671.514753][T16734] [U] [ 671.517547][T16734] [U] [ 671.520300][T16734] [U] [ 671.523069][T16734] [U] [ 671.529837][T16734] [U] [ 671.532617][T16734] [U] [ 671.535388][T16734] [U] [ 671.538154][T16734] [U] [ 671.555841][T16734] [U] [ 671.558652][T16734] [U] [ 671.561458][T16734] [U] [ 671.564239][T16734] [U] [ 671.583966][T16734] [U] [ 671.586788][T16734] [U] [ 671.589558][T16734] [U] [ 671.592329][T16734] [U] [ 671.609571][T16734] [U] [ 671.612397][T16734] [U] [ 671.615171][T16734] [U] [ 671.617946][T16734] [U] [ 671.636922][T16734] [U] [ 671.639731][T16734] [U] [ 671.642505][T16734] [U] [ 671.645282][T16734] [U] [ 671.706176][T16736] [U] [ 672.471644][T16750] netlink: 322 bytes leftover after parsing attributes in process `syz.1.2932'. [ 672.550155][T16750] netlink: 322 bytes leftover after parsing attributes in process `syz.1.2932'. [ 677.538005][T16843] [U] [ 677.540810][T16843] [U] [ 677.543590][T16843] [U] [ 677.546359][T16843] [U] [ 677.563253][T16843] [U] [ 677.566059][T16843] [U] [ 677.568828][T16843] [U] [ 677.571592][T16843] [U] [ 677.588574][T16843] [U] [ 677.591386][T16843] [U] [ 677.594149][T16843] [U] [ 677.596913][T16843] [U] [ 677.608953][T16843] [U] [ 677.611759][T16843] [U] [ 677.614528][T16843] [U] [ 677.617295][T16843] [U] [ 677.634091][T16843] [U] [ 677.636897][T16843] [U] [ 677.639660][T16843] [U] [ 677.642474][T16843] [U] [ 677.663252][T16843] [U] [ 677.666065][T16843] [U] [ 677.668821][T16843] [U] [ 677.671580][T16843] [U] [ 677.688466][T16850] [U] [ 678.589059][T16870] [U] [ 678.591963][T16870] [U] [ 678.594742][T16870] [U] [ 678.597514][T16870] [U] [ 678.620060][T16870] [U] [ 678.622867][T16870] [U] [ 678.625628][T16870] [U] [ 678.628415][T16870] [U] [ 678.640111][T16870] [U] [ 678.642900][T16870] [U] [ 678.645642][T16870] [U] [ 678.648389][T16870] [U] [ 678.669632][T16870] [U] [ 678.672448][T16870] [U] [ 678.675269][T16870] [U] [ 678.678032][T16870] [U] [ 678.701022][T16870] [U] [ 678.703833][T16870] [U] [ 678.706603][T16870] [U] [ 678.709378][T16870] [U] [ 678.730173][T16870] [U] [ 678.732984][T16870] [U] [ 678.735773][T16870] [U] [ 678.738546][T16870] [U] [ 678.760342][T16870] [U] [ 678.763152][T16870] [U] [ 678.765912][T16870] [U] [ 678.768677][T16870] [U] [ 678.800192][T16870] [U] [ 678.802997][T16870] [U] [ 678.805734][T16870] [U] [ 678.808492][T16870] [U] [ 678.840025][T16870] [U] [ 678.842829][T16870] [U] [ 678.845583][T16870] [U] [ 678.848351][T16870] [U] [ 678.891774][T16876] [U] [ 679.673747][T16893] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2965'. [ 679.705944][T16893] netlink: 330 bytes leftover after parsing attributes in process `syz.5.2965'. [ 679.779606][T16897] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2965'. [ 679.831274][T16903] netlink: 330 bytes leftover after parsing attributes in process `syz.5.2965'. [ 684.640254][T17007] [U] [ 684.647193][T17007] [U] [ 685.230316][T17021] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2997'. [ 686.133168][T17038] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3007'. [ 686.200197][T17039] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3007'. [ 687.134184][T17048] [U] [ 687.153979][T17048] [U] [ 688.142381][ T5847] Bluetooth: hci3: command 0x0406 tx timeout [ 688.328742][T17074] FAULT_INJECTION: forcing a failure. [ 688.328742][T17074] name failslab, interval 1, probability 0, space 0, times 0 [ 688.377378][T17074] CPU: 1 UID: 0 PID: 17074 Comm: syz.5.3015 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 688.388250][T17074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 688.398365][T17074] Call Trace: [ 688.401696][T17074] [ 688.404672][T17074] dump_stack_lvl+0x16c/0x1f0 [ 688.409441][T17074] should_fail_ex+0x497/0x5b0 [ 688.414191][T17074] ? fs_reclaim_acquire+0xae/0x150 [ 688.419379][T17074] should_failslab+0xc2/0x120 [ 688.424222][T17074] __kmalloc_cache_noprof+0x68/0x420 [ 688.429616][T17074] sctp_stream_init_ext+0x4e/0x1b0 [ 688.434803][T17074] sctp_sendmsg_to_asoc+0x15f5/0x1ad0 [ 688.440246][T17074] ? __pfx_mark_lock+0x10/0x10 [ 688.445111][T17074] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10 [ 688.450995][T17074] ? sctp_sendmsg+0x575/0x1f10 [ 688.456015][T17074] ? mark_held_locks+0x9f/0xe0 [ 688.460875][T17074] ? sctp_sendmsg_check_sflags+0x176/0x320 [ 688.466763][T17074] sctp_sendmsg+0x129c/0x1f10 [ 688.471547][T17074] ? __pfx_sctp_sendmsg+0x10/0x10 [ 688.476737][T17074] ? __pfx_lock_release+0x10/0x10 [ 688.481824][T17074] ? __pfx___might_resched+0x10/0x10 [ 688.487183][T17074] ? aa_file_perm+0x4d5/0xfe0 [ 688.492015][T17074] ? __pfx_aa_sk_perm+0x10/0x10 [ 688.496946][T17074] ? find_held_lock+0x2d/0x110 [ 688.501791][T17074] ? __pfx_sctp_sendmsg+0x10/0x10 [ 688.506900][T17074] inet_sendmsg+0x119/0x140 [ 688.511577][T17074] sock_write_iter+0x4ac/0x5b0 [ 688.516414][T17074] ? __pfx_sock_write_iter+0x10/0x10 [ 688.521783][T17074] ? bpf_lsm_file_permission+0x9/0x10 [ 688.527243][T17074] ? security_file_permission+0x71/0x210 [ 688.532948][T17074] vfs_write+0x5ae/0x1150 [ 688.537354][T17074] ? __pfx_sock_write_iter+0x10/0x10 [ 688.542725][T17074] ? __pfx_vfs_write+0x10/0x10 [ 688.547565][T17074] ? __fget_files+0x40/0x3a0 [ 688.552263][T17074] ksys_write+0x207/0x250 [ 688.556673][T17074] ? __pfx_ksys_write+0x10/0x10 [ 688.561617][T17074] do_syscall_64+0xcd/0x250 [ 688.566207][T17074] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 688.572184][T17074] RIP: 0033:0x7fac60985d29 [ 688.576676][T17074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 688.596441][T17074] RSP: 002b:00007fac6175f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 688.604934][T17074] RAX: ffffffffffffffda RBX: 00007fac60b76160 RCX: 00007fac60985d29 [ 688.612969][T17074] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 688.621002][T17074] RBP: 00007fac6175f090 R08: 0000000000000000 R09: 0000000000000000 [ 688.629036][T17074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 688.637067][T17074] R13: 0000000000000001 R14: 00007fac60b76160 R15: 00007ffdec4c0158 [ 688.645134][T17074] [ 691.160830][T17107] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3025'. [ 691.219486][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.226664][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.245938][T17107] tc_dump_action: action bad kind [ 691.312677][T17107] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3025'. [ 696.207168][T17152] [U] [ 696.210108][T17152] [U] [ 696.212998][T17152] [U] [ 696.215778][T17152] [U] [ 696.231162][T17152] [U] [ 696.233977][T17152] [U] [ 696.236743][T17152] [U] [ 696.239571][T17152] [U] [ 696.262174][T17164] [U] [ 696.320309][T17166] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3042'. [ 696.558246][T17166] team_slave_0 (unregistering): left promiscuous mode [ 696.572754][T17166] team_slave_0 (unregistering): left allmulticast mode [ 696.604160][T17166] team0: Port device team_slave_0 removed [ 699.556757][T17239] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3062'. [ 699.578393][T17239] netlink: 'syz.5.3062': attribute type 11 has an invalid length. [ 699.794800][T17244] binder: 17243:17244 ioctl c0306201 3 returned -14 [ 703.519314][T17295] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3076'. [ 703.858398][T17295] team0: Port device team_slave_0 removed [ 704.136148][T17299] [U] [ 704.138918][T17299] [U] [ 704.141682][T17299] [U] [ 704.144405][T17299] [U] [ 704.148035][T17299] [U] [ 704.150814][T17299] [U] [ 704.153566][T17299] [U] [ 704.156326][T17299] [U] [ 704.159740][T17299] [U] [ 704.162520][T17299] [U] [ 704.165288][T17299] [U] [ 704.168054][T17299] [U] [ 704.171523][T17299] [U] [ 704.174287][T17299] [U] [ 704.177042][T17299] [U] [ 704.179778][T17299] [U] [ 704.183934][T17299] [U] [ 704.186774][T17299] [U] [ 704.189528][T17299] [U] [ 704.192299][T17299] [U] [ 704.197535][T17285] [U] [ 704.588626][T17304] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3078'. [ 705.917277][T17345] [U] [ 705.920100][T17345] [U] [ 705.922873][T17345] [U] [ 705.925645][T17345] [U] [ 705.951230][T17345] [U] [ 705.954042][T17345] [U] [ 705.956816][T17345] [U] [ 705.959590][T17345] [U] [ 706.018500][T17345] [U] [ 706.021329][T17345] [U] [ 706.024267][T17345] [U] [ 706.027036][T17345] [U] [ 706.068248][T17348] [U] [ 706.516403][T17353] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3092'. [ 708.003005][T17380] netlink: 306 bytes leftover after parsing attributes in process `syz.3.3098'. [ 708.621429][T13881] Bluetooth: hci4: command 0x0406 tx timeout [ 708.694836][T17385] [U] [ 708.697660][T17385] [U] [ 708.700439][T17385] [U] [ 708.703208][T17385] [U] [ 708.718324][T17385] [U] [ 708.721139][T17385] [U] [ 708.723911][T17385] [U] [ 708.726681][T17385] [U] [ 708.730981][T17385] [U] [ 708.733774][T17385] [U] [ 708.736542][T17385] [U] [ 708.739298][T17385] [U] [ 708.748560][T17385] [U] [ 708.751375][T17385] [U] [ 708.754137][T17385] [U] [ 708.756904][T17385] [U] [ 708.760931][T17385] [U] [ 708.763724][T17385] [U] [ 708.766499][T17385] [U] [ 708.769257][T17385] [U] [ 708.952366][T17391] [U] [ 709.203275][T17388] [U] [ 709.206080][T17388] [U] [ 709.208862][T17388] [U] [ 709.211621][T17388] [U] [ 709.214809][T17388] [U] [ 709.217584][T17388] [U] [ 709.220360][T17388] [U] [ 709.223126][T17388] [U] [ 709.226511][T17388] [U] [ 709.229279][T17388] [U] [ 709.232042][T17388] [U] [ 709.234805][T17388] [U] [ 709.237970][T17388] [U] [ 709.240739][T17388] [U] [ 709.243497][T17388] [U] [ 709.246251][T17388] [U] [ 709.249545][T17388] [U] [ 709.252330][T17388] [U] [ 709.255089][T17388] [U] [ 709.257869][T17388] [U] [ 709.262525][T17388] [U] [ 709.265318][T17388] [U] [ 709.268146][T17388] [U] [ 709.270881][T17388] [U] [ 709.274215][T17388] [U] [ 709.276983][T17388] [U] [ 709.279732][T17388] [U] [ 709.282492][T17388] [U] [ 709.286480][T17388] [U] [ 709.289258][T17388] [U] [ 709.292017][T17388] [U] [ 709.294780][T17388] [U] [ 709.298676][T17388] [U] [ 709.301466][T17388] [U] [ 709.304224][T17388] [U] [ 709.306984][T17388] [U] [ 709.310953][T17388] [U] [ 709.313729][T17388] [U] [ 709.316490][T17388] [U] [ 709.319244][T17388] [U] [ 709.323672][T17388] [U] [ 709.326452][T17388] [U] [ 709.329217][T17388] [U] [ 709.331975][T17388] [U] [ 709.335330][T17399] FAULT_INJECTION: forcing a failure. [ 709.335330][T17399] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 709.349190][T17399] CPU: 0 UID: 0 PID: 17399 Comm: syz.1.3100 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 709.360037][T17399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 709.370228][T17399] Call Trace: [ 709.373547][T17399] [ 709.376521][T17399] dump_stack_lvl+0x16c/0x1f0 [ 709.381359][T17399] should_fail_ex+0x497/0x5b0 [ 709.386195][T17399] _copy_from_iter+0x29b/0x1400 [ 709.391119][T17399] ? trace_lock_acquire+0x14e/0x1f0 [ 709.396386][T17399] ? __pfx___mutex_lock+0x10/0x10 [ 709.401477][T17399] ? __pfx___ldsem_down_read_nested+0x10/0x10 [ 709.407633][T17399] ? __pfx__copy_from_iter+0x10/0x10 [ 709.413007][T17399] ? __virt_addr_valid+0x1a4/0x590 [ 709.418202][T17399] ? __virt_addr_valid+0x5e/0x590 [ 709.423369][T17399] ? __phys_addr_symbol+0x30/0x80 [ 709.428448][T17399] ? __check_object_size+0x488/0x710 [ 709.433797][T17399] file_tty_write.constprop.0+0x48d/0x9a0 [ 709.439660][T17399] vfs_write+0x5ae/0x1150 [ 709.444036][T17399] ? __pfx_tty_write+0x10/0x10 [ 709.448846][T17399] ? __pfx_vfs_write+0x10/0x10 [ 709.453657][T17399] ? __fget_files+0x40/0x3a0 [ 709.458301][T17399] ksys_write+0x12b/0x250 [ 709.462668][T17399] ? __pfx_ksys_write+0x10/0x10 [ 709.467590][T17399] do_syscall_64+0xcd/0x250 [ 709.472144][T17399] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 709.478076][T17399] RIP: 0033:0x7f87cbd85d29 [ 709.482544][T17399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 709.502187][T17399] RSP: 002b:00007f87ccbd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 709.510637][T17399] RAX: ffffffffffffffda RBX: 00007f87cbf76080 RCX: 00007f87cbd85d29 [ 709.518727][T17399] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000006 [ 709.526830][T17399] RBP: 00007f87ccbd6090 R08: 0000000000000000 R09: 0000000000000000 [ 709.534833][T17399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 709.542833][T17399] R13: 0000000000000000 R14: 00007f87cbf76080 R15: 00007ffcd0b96038 [ 709.551384][T17399] [ 709.557570][T17401] [U] [ 711.085748][T17422] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 711.097125][T17422] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 711.139741][T17422] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 711.178873][T17422] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 711.273224][T17422] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 711.313142][T17422] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 711.355595][T17422] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 711.403248][T17422] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 711.643290][T17446] [U] [ 711.646098][T17446] [U] [ 711.648862][T17446] [U] [ 711.651632][T17446] [U] [ 711.669586][T17446] [U] [ 711.672402][T17446] [U] [ 711.675177][T17446] [U] [ 711.677942][T17446] [U] [ 711.703378][T17446] [U] [ 711.706272][T17446] [U] [ 711.709026][T17446] [U] [ 711.711785][T17446] [U] [ 711.752285][T17446] [U] [ 711.755081][T17446] [U] [ 711.757854][T17446] [U] [ 711.760612][T17446] [U] [ 711.780888][T17449] FAULT_INJECTION: forcing a failure. [ 711.780888][T17449] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 711.809485][T17450] [U] [ 711.814577][T17449] CPU: 0 UID: 0 PID: 17449 Comm: syz.4.3113 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 711.825431][T17449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 711.835541][T17449] Call Trace: [ 711.838868][T17449] [ 711.841850][T17449] dump_stack_lvl+0x16c/0x1f0 [ 711.846606][T17449] should_fail_ex+0x497/0x5b0 [ 711.851371][T17449] _copy_to_user+0x32/0xd0 [ 711.855871][T17449] simple_read_from_buffer+0xd0/0x160 [ 711.861336][T17449] proc_fail_nth_read+0x198/0x270 [ 711.866447][T17449] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 711.872073][T17449] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 711.877679][T17449] vfs_read+0x1df/0xbe0 [ 711.881874][T17449] ? __fget_files+0x1fc/0x3a0 [ 711.886583][T17449] ? __pfx___mutex_lock+0x10/0x10 [ 711.891649][T17449] ? __pfx_vfs_read+0x10/0x10 [ 711.896371][T17449] ? __fget_files+0x206/0x3a0 [ 711.901092][T17449] ksys_read+0x12b/0x250 [ 711.905367][T17449] ? __pfx_ksys_read+0x10/0x10 [ 711.910193][T17449] do_syscall_64+0xcd/0x250 [ 711.914744][T17449] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 711.920679][T17449] RIP: 0033:0x7f21dd58473c [ 711.925125][T17449] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 711.944766][T17449] RSP: 002b:00007f21de3ad030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 711.953215][T17449] RAX: ffffffffffffffda RBX: 00007f21dd776080 RCX: 00007f21dd58473c [ 711.961212][T17449] RDX: 000000000000000f RSI: 00007f21de3ad0a0 RDI: 0000000000000007 [ 711.969213][T17449] RBP: 00007f21de3ad090 R08: 0000000000000000 R09: 0000000000000000 [ 711.977221][T17449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 711.985220][T17449] R13: 0000000000000000 R14: 00007f21dd776080 R15: 00007fff4d3b4d88 [ 711.993267][T17449] [ 712.554734][ T5847] Bluetooth: hci1: command 0x0406 tx timeout [ 713.183588][ T5847] Bluetooth: hci0: command 0x0406 tx timeout [ 713.349321][ T5847] Bluetooth: hci3: command 0x0406 tx timeout [ 713.419388][ T5847] Bluetooth: hci4: command 0x0406 tx timeout [ 713.746081][T17459] [U] [ 713.748975][T17459] [U] [ 713.751737][T17459] [U] [ 713.754499][T17459] [U] [ 713.757736][T17459] [U] [ 713.760512][T17459] [U] [ 713.763276][T17459] [U] [ 713.766031][T17459] [U] [ 713.769159][T17459] [U] [ 713.771936][T17459] [U] [ 713.774698][T17459] [U] [ 713.777464][T17459] [U] [ 713.780735][T17459] [U] [ 713.783519][T17459] [U] [ 713.786291][T17459] [U] [ 713.789058][T17459] [U] [ 713.792645][T17459] [U] [ 713.795431][T17459] [U] [ 713.798196][T17459] [U] [ 713.800977][T17459] [U] [ 713.807736][T17459] [U] [ 713.810527][T17459] [U] [ 713.813321][T17459] [U] [ 713.816080][T17459] [U] [ 713.820749][T17459] [U] [ 713.823516][T17459] [U] [ 713.826272][T17459] [U] [ 713.829059][T17459] [U] [ 713.832208][T17459] [U] [ 713.834992][T17459] [U] [ 713.837752][T17459] [U] [ 713.840512][T17459] [U] [ 713.843728][T17459] [U] [ 713.846505][T17459] [U] [ 713.849271][T17459] [U] [ 713.852043][T17459] [U] [ 713.856903][T17459] [U] [ 713.859686][T17459] [U] [ 713.862454][T17459] [U] [ 713.865222][T17459] [U] [ 713.868512][T17459] [U] [ 713.871282][T17459] [U] [ 713.874016][T17459] [U] [ 713.876745][T17459] [U] [ 713.881344][T17475] [U] [ 714.619571][ T5847] Bluetooth: hci1: command 0x0406 tx timeout [ 714.657419][T17488] Process accounting resumed [ 715.285511][ T5847] Bluetooth: hci0: command 0x0406 tx timeout [ 715.419513][ T5847] Bluetooth: hci3: command 0x0406 tx timeout [ 715.499483][ T5847] Bluetooth: hci4: command 0x0406 tx timeout [ 715.970147][T17501] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3127'. [ 716.074785][T17501] netdevsim netdevsim3 netdevsim2: entered allmulticast mode [ 717.901588][T17555] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3142'. [ 717.964228][T17555] veth1_macvtap: left promiscuous mode [ 718.744731][T17573] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3147'. [ 723.310005][T17620] [U] [ 723.312821][T17620] [U] [ 723.315586][T17620] [U] [ 723.318350][T17620] [U] [ 723.396909][T17620] [U] [ 723.399735][T17620] [U] [ 723.402513][T17620] [U] [ 723.405281][T17620] [U] [ 723.504449][T17620] [U] [ 723.507267][T17620] [U] [ 723.510028][T17620] [U] [ 723.512793][T17620] [U] [ 723.543055][T17620] [U] [ 723.545873][T17620] [U] [ 723.548661][T17620] [U] [ 723.551431][T17620] [U] [ 723.656166][T17620] [U] [ 723.658994][T17620] [U] [ 723.661765][T17620] [U] [ 723.664532][T17620] [U] [ 723.727028][T17620] [U] [ 723.729853][T17620] [U] [ 723.732627][T17620] [U] [ 723.735388][T17620] [U] [ 723.809779][T17620] [U] [ 723.812601][T17620] [U] [ 723.815391][T17620] [U] [ 723.818157][T17620] [U] [ 723.857701][T17620] [U] [ 723.860515][T17620] [U] [ 723.863281][T17620] [U] [ 723.866038][T17620] [U] [ 723.920506][T17625] [U] [ 724.392251][T17650] netlink: 'syz.5.3166': attribute type 27 has an invalid length. [ 724.426469][T17650] netlink: 334 bytes leftover after parsing attributes in process `syz.5.3166'. [ 724.660309][T17659] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3168'. [ 724.790959][T17659] hsr_slave_1 (unregistering): left promiscuous mode [ 725.539064][T17677] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3172'. [ 726.411065][T17694] [U] [ 726.413942][T17694] [U] [ 726.416801][T17694] [U] [ 726.419569][T17694] [U] [ 726.432940][T17694] [U] [ 726.435738][T17694] [U] [ 726.438529][T17694] [U] [ 726.441309][T17694] [U] [ 726.458679][T17694] [U] [ 726.461494][T17694] [U] [ 726.464261][T17694] [U] [ 726.467025][T17694] [U] [ 726.489613][T17694] [U] [ 726.492414][T17694] [U] [ 726.495252][T17694] [U] [ 726.498027][T17694] [U] [ 726.531818][T17694] [U] [ 726.534627][T17694] [U] [ 726.537389][T17694] [U] [ 726.540169][T17694] [U] [ 726.559990][T17694] [U] [ 726.562972][T17694] [U] [ 726.565738][T17694] [U] [ 726.568517][T17694] [U] [ 726.591354][T17700] [U] [ 727.220684][T17718] ptm ptm0: ldisc open failed (-12), clearing slot 0 [ 727.316675][ T29] audit: type=1800 audit(4294967344.770:22): pid=17724 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3186" name="dbroot" dev="configfs" ino=68527 res=0 errno=0 [ 727.760294][T17737] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3188'. [ 727.969120][T17743] [U] [ 727.971938][T17743] [U] [ 727.974716][T17743] [U] [ 727.977498][T17743] [U] [ 727.990098][T17743] [U] [ 727.992908][T17743] [U] [ 727.995678][T17743] [U] [ 727.998456][T17743] [U] [ 728.024397][T17743] [U] [ 728.027203][T17743] [U] [ 728.029981][T17743] [U] [ 728.032754][T17743] [U] [ 728.060878][T17743] [U] [ 728.063694][T17743] [U] [ 728.066467][T17743] [U] [ 728.069231][T17743] [U] [ 728.076815][T17743] [U] [ 728.079616][T17743] [U] [ 728.082381][T17743] [U] [ 728.085150][T17743] [U] [ 728.092341][T17743] [U] [ 728.095138][T17743] [U] [ 728.097901][T17743] [U] [ 728.100665][T17743] [U] [ 728.104845][T17743] [U] [ 728.107635][T17743] [U] [ 728.110403][T17743] [U] [ 728.113175][T17743] [U] [ 728.118571][T17748] [U] [ 728.238528][T17737] team0: Port device team_slave_0 removed [ 728.720290][T17740] ptrace attach of "./syz-executor exec"[14589] was attempted by ""[17740] [ 729.812300][T17782] netlink: 326 bytes leftover after parsing attributes in process `syz.3.3198'. [ 730.126145][T17798] [U] [ 730.128980][T17798] [U] [ 730.131752][T17798] [U] [ 730.134518][T17798] [U] [ 730.159621][T17798] [U] [ 730.162519][T17798] [U] [ 730.165285][T17798] [U] [ 730.168045][T17798] [U] [ 730.199102][T17798] [U] [ 730.201906][T17798] [U] [ 730.204648][T17798] [U] [ 730.207382][T17798] [U] [ 730.234875][T17798] [U] [ 730.238131][T17798] [U] [ 730.240998][T17798] [U] [ 730.243757][T17798] [U] [ 730.281047][T17798] [U] [ 730.283866][T17798] [U] [ 730.286646][T17798] [U] [ 730.289411][T17798] [U] [ 730.400624][T17798] [U] [ 730.403437][T17798] [U] [ 730.406215][T17798] [U] [ 730.408975][T17798] [U] [ 730.444184][T17798] [U] [ 730.446979][T17798] [U] [ 730.449755][T17798] [U] [ 730.452528][T17798] [U] [ 730.480276][T17798] [U] [ 730.483084][T17798] [U] [ 730.485856][T17798] [U] [ 730.488616][T17798] [U] [ 730.542990][T17798] [U] [ 730.545814][T17798] [U] [ 730.548591][T17798] [U] [ 730.551366][T17798] [U] [ 730.623601][T17798] [U] [ 730.626410][T17798] [U] [ 730.629180][T17798] [U] [ 730.631961][T17798] [U] [ 730.661217][T17798] [U] [ 730.664026][T17798] [U] [ 730.666785][T17798] [U] [ 730.669545][T17798] [U] [ 730.689721][T17798] [U] [ 730.692514][T17798] [U] [ 730.695284][T17798] [U] [ 730.698055][T17798] [U] [ 730.731245][T17798] [U] [ 730.734059][T17798] [U] [ 730.736830][T17798] [U] [ 730.739594][T17798] [U] [ 730.759683][T17798] [U] [ 730.762484][T17798] [U] [ 730.765244][T17798] [U] [ 730.768004][T17798] [U] [ 730.805962][T17798] [U] [ 730.808788][T17798] [U] [ 730.811563][T17798] [U] [ 730.814339][T17798] [U] [ 730.839604][T17798] [U] [ 730.842407][T17798] [U] [ 730.845166][T17798] [U] [ 730.847931][T17798] [U] [ 730.866679][T17798] [U] [ 730.869482][T17798] [U] [ 730.872246][T17798] [U] [ 730.875010][T17798] [U] [ 730.912476][T17798] [U] [ 730.915281][T17798] [U] [ 730.918041][T17798] [U] [ 730.920813][T17798] [U] [ 730.949739][T17798] [U] [ 730.952642][T17798] [U] [ 730.955417][T17798] [U] [ 730.958196][T17798] [U] [ 730.993022][T17798] [U] [ 731.721810][T17826] netlink: 326 bytes leftover after parsing attributes in process `syz.1.3209'. [ 733.458163][T17838] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3211'. [ 733.593896][T17841] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3212'. [ 734.808710][T17859] [U] [ 734.811545][T17859] [U] [ 734.814306][T17859] [U] [ 734.817063][T17859] [U] [ 734.854618][T17859] [U] [ 734.857426][T17859] [U] [ 734.860190][T17859] [U] [ 734.862952][T17859] [U] [ 734.899740][T17859] [U] [ 734.902574][T17859] [U] [ 734.905335][T17859] [U] [ 734.908104][T17859] [U] [ 735.014449][T17868] [U] [ 735.530231][T17893] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3225'. [ 735.598100][T17894] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3224'. [ 735.828746][T17894] team0: Port device team_slave_0 removed [ 737.719931][T17936] netlink: 326 bytes leftover after parsing attributes in process `syz.5.3236'. [ 737.891599][T17944] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3237'. [ 737.993856][T17949] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3239'. [ 738.893401][T17975] vivid-008: ================= START STATUS ================= [ 738.909431][T17975] vivid-008: RDS Tx I/O Mode: Controls [ 738.920369][T17975] vivid-008: RDS Program ID: 32904 [ 738.935817][T17975] vivid-008: RDS Program Type: 3 [ 738.946884][T17975] vivid-008: RDS PS Name: VIVID-TX [ 738.980606][T17975] vivid-008: RDS Radio Text: This is a VIVID default Radio Text template text, change at will [ 739.018244][T17975] vivid-008: RDS Stereo: true [ 739.023521][T17975] vivid-008: RDS Artificial Head: false [ 739.040344][T17975] vivid-008: RDS Compressed: false [ 739.049481][T17975] vivid-008: RDS Dynamic PTY: false [ 739.059559][T17975] vivid-008: RDS Traffic Announcement: false [ 739.080370][T17975] vivid-008: RDS Traffic Program: true [ 739.092450][T17975] vivid-008: RDS Music: true [ 739.109415][T17975] vivid-008: ================== END STATUS ================== [ 740.759389][ T29] audit: type=1326 audit(4294967358.210:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18016 comm="syz.3.3257" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5dc2f85d29 code=0x0 [ 742.924202][T18057] erspan0: entered allmulticast mode [ 742.970292][T18060] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3266'. [ 743.532353][T18069] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 743.569130][T18069] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 743.575400][T18069] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 743.612666][T18069] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 743.896386][T18068] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3275'. [ 744.936482][T18090] [U] [ 744.939294][T18090] [U] [ 744.942074][T18090] [U] [ 744.944853][T18090] [U] [ 745.029655][T18090] [U] [ 745.032475][T18090] [U] [ 745.035246][T18090] [U] [ 745.038017][T18090] [U] [ 745.209856][T18090] [U] [ 745.212859][T18090] [U] [ 745.215629][T18090] [U] [ 745.218399][T18090] [U] [ 745.283939][T18099] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3273'. [ 745.358051][T18100] [U] [ 745.589534][ T5847] Bluetooth: hci3: command 0x0406 tx timeout [ 745.596045][ T5847] Bluetooth: hci0: command 0x0406 tx timeout [ 745.602306][T13881] Bluetooth: hci1: command 0x0406 tx timeout [ 745.669574][ T5847] Bluetooth: hci4: command 0x0406 tx timeout [ 746.089508][T18106] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3277'. [ 746.711401][T18118] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3280'. [ 748.018105][T18136] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3283'. [ 748.720586][T18145] netlink: 326 bytes leftover after parsing attributes in process `syz.3.3284'. [ 750.328610][T18162] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3287'. [ 751.300239][T18172] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3292'. [ 751.611496][T18179] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3293'. [ 751.858334][T18180] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3302'. [ 752.630446][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.639422][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 752.966972][T18211] [U] [ 752.973908][T18211] [U] [ 753.270205][T18216] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3305'. [ 753.457785][T18220] netlink: 326 bytes leftover after parsing attributes in process `syz.4.3309'. [ 755.260448][T18258] binder: 18257:18258 ioctl 40046210 800000000000003 returned -14 [ 755.319715][T18258] Process accounting resumed [ 755.327695][T18258] kernel write not supported for file /acpi/wakeup (pid: 18258 comm: syz.5.3320) [ 756.645060][T18272] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3319'. [ 759.859549][T18326] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3336'. [ 760.653027][T18315] erspan0: entered allmulticast mode [ 761.659106][T18361] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3345'. [ 762.112797][T18371] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3349'. [ 763.831901][T18412] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3359'. [ 764.717584][T18429] [U] [ 764.720403][T18429] [U] [ 764.723174][T18429] [U] [ 764.725942][T18429] [U] [ 764.759745][T18429] [U] [ 764.762553][T18429] [U] [ 764.765323][T18429] [U] [ 764.768097][T18429] [U] [ 764.792099][T18429] [U] [ 764.795238][T18429] [U] [ 764.798004][T18429] [U] [ 764.800769][T18429] [U] [ 764.850651][T18429] [U] [ 764.853476][T18429] [U] [ 764.856245][T18429] [U] [ 764.859016][T18429] [U] [ 764.880789][T18429] [U] [ 764.883614][T18429] [U] [ 764.886393][T18429] [U] [ 764.889166][T18429] [U] [ 764.947258][T18435] [U] [ 765.054115][T18442] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3368'. [ 770.883126][T18514] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3387'. [ 770.907186][T18514] HfR: entered promiscuous mode [ 770.935256][T18514] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3387'. [ 771.819904][T18527] [U] [ 771.822730][T18527] [U] [ 771.825493][T18527] [U] [ 771.828257][T18527] [U] [ 771.907300][T18527] [U] [ 771.910117][T18527] [U] [ 771.912880][T18527] [U] [ 771.915649][T18527] [U] [ 772.021427][T18527] [U] [ 772.024241][T18527] [U] [ 772.027013][T18527] [U] [ 772.029789][T18527] [U] [ 772.114533][T18527] [U] [ 772.117340][T18527] [U] [ 772.120113][T18527] [U] [ 772.122877][T18527] [U] [ 772.198075][T18527] [U] [ 772.200892][T18527] [U] [ 772.203668][T18527] [U] [ 772.206534][T18527] [U] [ 772.268922][T18527] [U] [ 772.271757][T18527] [U] [ 772.274528][T18527] [U] [ 772.277312][T18527] [U] [ 772.350099][T18527] [U] [ 772.352997][T18527] [U] [ 772.355776][T18527] [U] [ 772.358540][T18527] [U] [ 772.424905][T18527] [U] [ 772.427718][T18527] [U] [ 772.430480][T18527] [U] [ 772.433242][T18527] [U] [ 772.555574][T18527] [U] [ 774.004692][T18569] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3405'. [ 774.815888][T18576] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3402'. [ 776.570655][T18602] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3413'. [ 776.660353][T18602] bridge0: port 3(team0) entered disabled state [ 776.698773][T18602] team0: left allmulticast mode [ 776.728981][T18602] team_slave_1: left allmulticast mode [ 776.751595][T18602] team0: left promiscuous mode [ 776.772729][T18602] team_slave_1: left promiscuous mode [ 776.795440][T18602] bridge0: port 3(team0) entered disabled state [ 776.981877][T18608] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3416'. [ 777.243653][T18613] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3417'. [ 780.259227][T18660] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3429'. [ 780.408574][T18665] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3432'. [ 781.783520][T18698] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3442'. [ 782.440800][T18711] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3448'. [ 783.079819][T18731] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3454'. [ 783.711037][ T29] audit: type=1800 audit(4294967401.170:24): pid=18743 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3458" name="discovery_nqn" dev="configfs" ino=72288 res=0 errno=0 [ 784.457971][T18733] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3456'. [ 784.501006][T18733] HfR: entered promiscuous mode [ 784.539791][T18733] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3456'. [ 787.117644][T18797] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3475'. [ 787.134354][T18797] HfR: entered promiscuous mode [ 787.146744][T18797] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3475'. [ 787.951940][T18814] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3481'. [ 788.630943][T18827] serio: Serial port ptm0 [ 789.652917][T18849] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3492'. [ 789.813828][T18859] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3502'. [ 791.835024][T18894] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3508'. [ 791.965447][T18898] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3511'. [ 793.987159][T18951] scsi_strcpy_devinfo: vendor string ';íÙ/&cŒÀ' is too long [ 794.144275][T18954] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3528'. [ 794.335418][T18962] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3534'. [ 795.382000][T18989] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3551'. [ 795.536851][T18991] scsi_strcpy_devinfo: vendor string ';íÙ/&cŒÀ' is too long [ 796.817625][T19020] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3554'. [ 798.965682][T19066] sctp: [Deprecated]: syz.3.3569 (pid 19066) Use of int in maxseg socket option. [ 798.965682][T19066] Use struct sctp_assoc_value instead [ 800.022916][T19092] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3574'. [ 801.820196][T19137] openvswitch: netlink: nsh attribute has 14 unknown bytes. [ 806.448220][T19221] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3619'. [ 806.749224][T19229] FAULT_INJECTION: forcing a failure. [ 806.749224][T19229] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 806.779629][T19229] CPU: 0 UID: 0 PID: 19229 Comm: syz.4.3623 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 806.790492][T19229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 806.800616][T19229] Call Trace: [ 806.803947][T19229] [ 806.806922][T19229] dump_stack_lvl+0x16c/0x1f0 [ 806.811677][T19229] should_fail_ex+0x497/0x5b0 [ 806.816428][T19229] _copy_from_user+0x2e/0xd0 [ 806.821188][T19229] kstrtouint_from_user+0xd7/0x1c0 [ 806.826400][T19229] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 806.832195][T19229] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 806.837905][T19229] proc_fail_nth_write+0x84/0x250 [ 806.843012][T19229] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 806.848717][T19229] ? ksys_write+0x12b/0x250 [ 806.853282][T19229] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 806.858990][T19229] vfs_write+0x24c/0x1150 [ 806.863386][T19229] ? __fget_files+0x1fc/0x3a0 [ 806.868127][T19229] ? __pfx___mutex_lock+0x10/0x10 [ 806.873226][T19229] ? __pfx_vfs_write+0x10/0x10 [ 806.878082][T19229] ? __fget_files+0x206/0x3a0 [ 806.882858][T19229] ksys_write+0x12b/0x250 [ 806.887252][T19229] ? __pfx_ksys_write+0x10/0x10 [ 806.892170][T19229] do_syscall_64+0xcd/0x250 [ 806.896720][T19229] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 806.902668][T19229] RIP: 0033:0x7f21dd5847df [ 806.907111][T19229] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 806.926748][T19229] RSP: 002b:00007f21de3ce030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 806.935194][T19229] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f21dd5847df [ 806.943217][T19229] RDX: 0000000000000001 RSI: 00007f21de3ce0a0 RDI: 0000000000000004 [ 806.951214][T19229] RBP: 00007f21de3ce090 R08: 0000000000000000 R09: 0000000000000000 [ 806.959212][T19229] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 806.967208][T19229] R13: 0000000000000000 R14: 00007f21dd775fa0 R15: 00007fff4d3b4d88 [ 806.975224][T19229] [ 807.979418][ T5146] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 810.201463][T19263] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3633'. [ 810.397998][T19270] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3636'. [ 811.304729][T19294] netlink: 'syz.3.3639': attribute type 11 has an invalid length. [ 811.401443][T19296] ovàÒ½x: entered promiscuous mode [ 813.003437][T19317] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 813.030153][T19317] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 813.054718][T19317] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 813.071793][T19317] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 814.062510][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 814.068979][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 814.226749][T19371] ptrace attach of "./syz-executor exec"[10727] was attempted by "./syz-executor exec"[19371] [ 814.462545][ T5146] Bluetooth: hci1: command 0x0406 tx timeout [ 815.099335][ T5146] Bluetooth: hci4: command 0x0406 tx timeout [ 815.105564][ T5847] Bluetooth: hci3: command 0x0406 tx timeout [ 815.112058][ T5847] Bluetooth: hci0: command 0x0406 tx timeout [ 815.228070][T19390] FAULT_INJECTION: forcing a failure. [ 815.228070][T19390] name failslab, interval 1, probability 0, space 0, times 0 [ 815.240987][T19390] CPU: 1 UID: 0 PID: 19390 Comm: syz.3.3666 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 815.251834][T19390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 815.261965][T19390] Call Trace: [ 815.265382][T19390] [ 815.268367][T19390] dump_stack_lvl+0x16c/0x1f0 [ 815.273130][T19390] should_fail_ex+0x497/0x5b0 [ 815.277884][T19390] ? fs_reclaim_acquire+0xae/0x150 [ 815.283129][T19390] should_failslab+0xc2/0x120 [ 815.287894][T19390] __kmalloc_noprof+0xce/0x4f0 [ 815.292821][T19390] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 815.298519][T19390] ? tomoyo_realpath_from_path+0xbf/0x710 [ 815.304331][T19390] tomoyo_realpath_from_path+0xbf/0x710 [ 815.309952][T19390] ? tomoyo_path_number_perm+0x235/0x5b0 [ 815.315672][T19390] tomoyo_path_number_perm+0x248/0x5b0 [ 815.321211][T19390] ? tomoyo_path_number_perm+0x235/0x5b0 [ 815.326929][T19390] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 815.333024][T19390] ? __pfx_lock_release+0x10/0x10 [ 815.338118][T19390] ? trace_lock_acquire+0x14e/0x1f0 [ 815.343404][T19390] ? lock_acquire+0x2f/0xb0 [ 815.347966][T19390] ? __fget_files+0x40/0x3a0 [ 815.352630][T19390] ? __fget_files+0x206/0x3a0 [ 815.357377][T19390] security_file_ioctl+0x9b/0x240 [ 815.362467][T19390] __x64_sys_ioctl+0xb7/0x200 [ 815.367227][T19390] do_syscall_64+0xcd/0x250 [ 815.371801][T19390] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 815.377758][T19390] RIP: 0033:0x7f5dc2f85d29 [ 815.382224][T19390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 815.401986][T19390] RSP: 002b:00007f5dc3e56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 815.410476][T19390] RAX: ffffffffffffffda RBX: 00007f5dc3176080 RCX: 00007f5dc2f85d29 [ 815.418504][T19390] RDX: 0010000000000402 RSI: 000000000000541b RDI: 0000000000000003 [ 815.426533][T19390] RBP: 00007f5dc3e56090 R08: 0000000000000000 R09: 0000000000000000 [ 815.434564][T19390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 815.442678][T19390] R13: 0000000000000000 R14: 00007f5dc3176080 R15: 00007ffd0bf2ceb8 [ 815.450726][T19390] [ 815.496437][T19390] ERROR: Out of memory at tomoyo_realpath_from_path. [ 815.967101][T19397] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3668'. [ 816.164789][T19402] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3670'. [ 817.337102][T19425] binder: 19423:19425 ioctl 40044900 3 returned -22 [ 817.552791][T19415] ptrace attach of "./syz-executor exec"[14589] was attempted by "./syz-executor exec"[19415] [ 818.415784][T19451] FAULT_INJECTION: forcing a failure. [ 818.415784][T19451] name failslab, interval 1, probability 0, space 0, times 0 [ 818.429069][T19451] CPU: 0 UID: 0 PID: 19451 Comm: syz.1.3687 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 818.439914][T19451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 818.450039][T19451] Call Trace: [ 818.453363][T19451] [ 818.456352][T19451] dump_stack_lvl+0x16c/0x1f0 [ 818.461111][T19451] should_fail_ex+0x497/0x5b0 [ 818.465891][T19451] ? fs_reclaim_acquire+0xae/0x150 [ 818.471082][T19451] should_failslab+0xc2/0x120 [ 818.475842][T19451] __kmalloc_cache_noprof+0x68/0x420 [ 818.481585][T19451] ? ww_mutex_lock+0xc1/0x160 [ 818.486330][T19451] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 818.491871][T19451] ? seq_write+0xae/0xf0 [ 818.496194][T19451] memtype_get_idx+0x3d/0xc0 [ 818.500856][T19451] traverse.part.0.constprop.0+0xac/0x640 [ 818.506650][T19451] ? __pfx_lock_release+0x10/0x10 [ 818.511751][T19451] seq_read_iter+0x934/0x12b0 [ 818.516536][T19451] seq_read+0x39f/0x4e0 [ 818.520755][T19451] ? __pfx_seq_read+0x10/0x10 [ 818.525523][T19451] full_proxy_read+0xfb/0x1b0 [ 818.530274][T19451] ? __pfx_full_proxy_read+0x10/0x10 [ 818.535664][T19451] vfs_read+0x1df/0xbe0 [ 818.540059][T19451] ? __fget_files+0x1fc/0x3a0 [ 818.544781][T19451] ? __pfx_lock_release+0x10/0x10 [ 818.549842][T19451] ? __pfx_vfs_read+0x10/0x10 [ 818.554563][T19451] ? lock_acquire+0x2f/0xb0 [ 818.559103][T19451] ? __fget_files+0x40/0x3a0 [ 818.563745][T19451] ? __fget_files+0x206/0x3a0 [ 818.568469][T19451] __x64_sys_pread64+0x1f6/0x250 [ 818.573447][T19451] ? __pfx___x64_sys_pread64+0x10/0x10 [ 818.579131][T19451] do_syscall_64+0xcd/0x250 [ 818.583689][T19451] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 818.589626][T19451] RIP: 0033:0x7f87cbd85d29 [ 818.594076][T19451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 818.613751][T19451] RSP: 002b:00007f87ccbf7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 818.622206][T19451] RAX: ffffffffffffffda RBX: 00007f87cbf75fa0 RCX: 00007f87cbd85d29 [ 818.630220][T19451] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000004 [ 818.638229][T19451] RBP: 00007f87ccbf7090 R08: 0000000000000000 R09: 0000000000000000 [ 818.646242][T19451] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 818.654333][T19451] R13: 0000000000000000 R14: 00007f87cbf75fa0 R15: 00007ffcd0b96038 [ 818.662355][T19451] [ 819.811373][T19472] netlink: 'syz.4.3693': attribute type 2 has an invalid length. [ 821.069914][T19502] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3704'. [ 821.222646][T19506] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3705'. [ 823.479455][T19544] ptrace attach of "./syz-executor exec"[15077] was attempted by "./syz-executor exec"[19544] [ 825.384855][T19594] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 825.394686][T19594] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 825.585899][T19600] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3736'. [ 825.614456][T19601] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3735'. [ 826.979541][T19622] FAULT_INJECTION: forcing a failure. [ 826.979541][T19622] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 827.013504][T19622] CPU: 0 UID: 0 PID: 19622 Comm: syz.3.3743 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 827.024378][T19622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 827.034498][T19622] Call Trace: [ 827.037824][T19622] [ 827.040810][T19622] dump_stack_lvl+0x16c/0x1f0 [ 827.045586][T19622] should_fail_ex+0x497/0x5b0 [ 827.050349][T19622] _copy_to_user+0x32/0xd0 [ 827.054846][T19622] simple_read_from_buffer+0xd0/0x160 [ 827.060314][T19622] proc_fail_nth_read+0x198/0x270 [ 827.065502][T19622] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 827.071118][T19622] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 827.076715][T19622] vfs_read+0x1df/0xbe0 [ 827.080916][T19622] ? __fget_files+0x1fc/0x3a0 [ 827.085631][T19622] ? __pfx___mutex_lock+0x10/0x10 [ 827.090695][T19622] ? __pfx_vfs_read+0x10/0x10 [ 827.095415][T19622] ? __fget_files+0x206/0x3a0 [ 827.100139][T19622] ksys_read+0x12b/0x250 [ 827.104417][T19622] ? __pfx_ksys_read+0x10/0x10 [ 827.109236][T19622] do_syscall_64+0xcd/0x250 [ 827.113797][T19622] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 827.120122][T19622] RIP: 0033:0x7f5dc2f8473c [ 827.124566][T19622] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 827.144207][T19622] RSP: 002b:00007f5dc3e77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 827.152659][T19622] RAX: ffffffffffffffda RBX: 00007f5dc3175fa0 RCX: 00007f5dc2f8473c [ 827.160659][T19622] RDX: 000000000000000f RSI: 00007f5dc3e770a0 RDI: 0000000000000005 [ 827.168660][T19622] RBP: 00007f5dc3e77090 R08: 0000000000000000 R09: 0000000000000000 [ 827.176688][T19622] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 827.184686][T19622] R13: 0000000000000000 R14: 00007f5dc3175fa0 R15: 00007ffd0bf2ceb8 [ 827.192704][T19622] [ 827.637915][T19634] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3745'. [ 832.869342][T19707] FAULT_INJECTION: forcing a failure. [ 832.869342][T19707] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 832.937633][T19707] CPU: 0 UID: 0 PID: 19707 Comm: syz.5.3766 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 832.948509][T19707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 832.958625][T19707] Call Trace: [ 832.961951][T19707] [ 832.964926][T19707] dump_stack_lvl+0x16c/0x1f0 [ 832.969670][T19707] should_fail_ex+0x497/0x5b0 [ 832.974443][T19707] _copy_to_user+0x32/0xd0 [ 832.978956][T19707] simple_read_from_buffer+0xd0/0x160 [ 832.984416][T19707] proc_fail_nth_read+0x198/0x270 [ 832.989517][T19707] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 832.995144][T19707] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 833.000774][T19707] vfs_read+0x1df/0xbe0 [ 833.005002][T19707] ? __fget_files+0x1fc/0x3a0 [ 833.009747][T19707] ? __pfx___mutex_lock+0x10/0x10 [ 833.014861][T19707] ? __pfx_vfs_read+0x10/0x10 [ 833.019619][T19707] ? __fget_files+0x206/0x3a0 [ 833.024377][T19707] ksys_read+0x12b/0x250 [ 833.028685][T19707] ? __pfx_ksys_read+0x10/0x10 [ 833.033526][T19707] do_syscall_64+0xcd/0x250 [ 833.038072][T19707] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 833.044004][T19707] RIP: 0033:0x7fac6098473c [ 833.048478][T19707] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 833.068209][T19707] RSP: 002b:00007fac617a1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 833.076659][T19707] RAX: ffffffffffffffda RBX: 00007fac60b75fa0 RCX: 00007fac6098473c [ 833.084674][T19707] RDX: 000000000000000f RSI: 00007fac617a10a0 RDI: 0000000000000003 [ 833.092674][T19707] RBP: 00007fac617a1090 R08: 0000000000000000 R09: 0000000000000000 [ 833.100715][T19707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 833.108719][T19707] R13: 0000000000000001 R14: 00007fac60b75fa0 R15: 00007ffdec4c0158 [ 833.116736][T19707] [ 833.430528][T19709] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3767'. [ 835.773345][T19745] FAULT_INJECTION: forcing a failure. [ 835.773345][T19745] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 835.869240][T19745] CPU: 1 UID: 0 PID: 19745 Comm: syz.3.3769 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 835.880129][T19745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 835.890245][T19745] Call Trace: [ 835.893567][T19745] [ 835.896537][T19745] dump_stack_lvl+0x16c/0x1f0 [ 835.901285][T19745] should_fail_ex+0x497/0x5b0 [ 835.906122][T19745] _copy_to_user+0x32/0xd0 [ 835.910657][T19745] simple_read_from_buffer+0xd0/0x160 [ 835.916114][T19745] proc_fail_nth_read+0x198/0x270 [ 835.921227][T19745] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 835.926854][T19745] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 835.932513][T19745] vfs_read+0x1df/0xbe0 [ 835.936732][T19745] ? __fget_files+0x1fc/0x3a0 [ 835.941489][T19745] ? __pfx___mutex_lock+0x10/0x10 [ 835.946586][T19745] ? __pfx_vfs_read+0x10/0x10 [ 835.951339][T19745] ? __fget_files+0x206/0x3a0 [ 835.956090][T19745] ksys_read+0x12b/0x250 [ 835.960394][T19745] ? __pfx_ksys_read+0x10/0x10 [ 835.965236][T19745] do_syscall_64+0xcd/0x250 [ 835.969810][T19745] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 835.975769][T19745] RIP: 0033:0x7f5dc2f8473c [ 835.980234][T19745] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 835.999908][T19745] RSP: 002b:00007f5dc3e56030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 836.008389][T19745] RAX: ffffffffffffffda RBX: 00007f5dc3176080 RCX: 00007f5dc2f8473c [ 836.016427][T19745] RDX: 000000000000000f RSI: 00007f5dc3e560a0 RDI: 0000000000000006 [ 836.024465][T19745] RBP: 00007f5dc3e56090 R08: 0000000000000000 R09: 0000000000000000 [ 836.032592][T19745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 836.040626][T19745] R13: 0000000000000000 R14: 00007f5dc3176080 R15: 00007ffd0bf2ceb8 [ 836.048677][T19745] [ 836.148645][T13881] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 836.159547][T13881] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 836.199399][T13881] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 836.234995][T13881] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 836.244291][T13881] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 836.251996][T13881] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 836.847739][T19750] chnl_net:caif_netlink_parms(): no params data found [ 837.104059][T19750] bridge0: port 1(bridge_slave_0) entered blocking state [ 837.141556][T19750] bridge0: port 1(bridge_slave_0) entered disabled state [ 837.184779][T19750] bridge_slave_0: entered allmulticast mode [ 837.214364][T19750] bridge_slave_0: entered promiscuous mode [ 837.250271][T19750] bridge0: port 2(bridge_slave_1) entered blocking state [ 837.257521][T19750] bridge0: port 2(bridge_slave_1) entered disabled state [ 837.298484][T19750] bridge_slave_1: entered allmulticast mode [ 837.324665][T19750] bridge_slave_1: entered promiscuous mode [ 837.618987][T19750] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 837.660094][T19750] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 837.758703][T19750] team0: Port device team_slave_0 added [ 837.801625][T19750] team0: Port device team_slave_1 added [ 838.045455][T19750] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 838.079236][T19750] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 838.149605][T19750] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 838.183107][T19750] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 838.209447][T19750] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 838.288322][T19750] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 838.300411][ T5146] Bluetooth: hci1: command tx timeout [ 838.550719][T19750] hsr_slave_0: entered promiscuous mode [ 838.569867][T19750] hsr_slave_1: entered promiscuous mode [ 838.586801][T19750] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 838.619448][T19750] Cannot create hsr debugfs directory [ 839.452427][T19750] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 839.701684][T19750] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 839.964414][T19750] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 840.119415][T19827] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 840.125677][T19827] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 840.133050][T19827] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 840.150806][T19827] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 840.179440][T19827] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 840.220826][T19827] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 840.221436][T19750] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 840.564123][T19750] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 840.587488][T19750] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 840.628206][T19750] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 840.656531][T19750] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 840.758123][T19750] 8021q: adding VLAN 0 to HW filter on device bond0 [ 840.777797][T19750] 8021q: adding VLAN 0 to HW filter on device team0 [ 840.816520][ T2935] bridge0: port 1(bridge_slave_0) entered blocking state [ 840.823799][ T2935] bridge0: port 1(bridge_slave_0) entered forwarding state [ 840.873868][ T2935] bridge0: port 2(bridge_slave_1) entered blocking state [ 840.881070][ T2935] bridge0: port 2(bridge_slave_1) entered forwarding state [ 841.168320][T19750] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 841.986097][T19750] veth0_vlan: entered promiscuous mode [ 842.020829][T19750] veth1_vlan: entered promiscuous mode [ 842.113247][T19750] veth0_macvtap: entered promiscuous mode [ 842.134272][T19750] veth1_macvtap: entered promiscuous mode [ 842.150434][ T5146] Bluetooth: hci4: command 0x0406 tx timeout [ 842.156546][ T5146] Bluetooth: hci3: command 0x0406 tx timeout [ 842.163265][T13881] Bluetooth: hci0: command 0x0406 tx timeout [ 842.201810][T19750] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 842.223447][ T5146] Bluetooth: hci1: command 0x040f tx timeout [ 842.249278][T19750] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 842.281966][T19750] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 842.328080][T19750] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 842.368270][T19750] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 842.420622][T19750] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 842.449486][T19750] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 842.469024][T19750] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 842.498296][T19750] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 842.509508][T19750] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 842.531672][T19750] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 842.573575][T19750] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 842.608151][T19750] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 842.628032][T19750] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 842.638739][T19750] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 842.649005][T19750] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 842.659666][T19750] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 842.669611][T19750] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 842.680370][T19750] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 842.690472][T19750] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 842.701198][T19750] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 842.711214][T19750] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 842.721909][T19750] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 842.733676][T19750] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 842.744383][T19750] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 842.753313][T19750] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 842.762231][T19750] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 842.771108][T19750] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 843.120363][ T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 843.152115][ T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 843.273532][T11322] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 843.289227][T11322] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 844.300616][ T5146] Bluetooth: hci1: command 0x040f tx timeout [ 846.301415][T19957] ima: Unable to open file: / (-2) [ 846.429272][ T5146] Bluetooth: hci1: command 0x040f tx timeout [ 846.550928][T19956] ima: policy update failed [ 846.567442][ T29] audit: type=1802 audit(4294967464.010:25): pid=19956 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.3836" res=0 errno=0 [ 846.901496][T19971] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 846.926405][T19971] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 848.473051][ T5146] Bluetooth: hci1: command 0x040f tx timeout [ 850.539776][ T5146] Bluetooth: hci1: command 0x040f tx timeout [ 851.828000][T20057] ima: Unable to open file: / (-2) [ 851.950424][T20059] kfence: disabled [ 851.973790][T20056] ima: policy update failed [ 851.978516][ T29] audit: type=1802 audit(4294967469.430:26): pid=20056 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.3865" res=0 errno=0 [ 852.432263][T20061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3867'. [ 852.443757][T20061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3867'. [ 853.029811][T20085] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3872'. [ 853.414781][T20093] Invalid ELF header magic: != ELF [ 853.436038][T20091] Invalid ELF header magic: != ELF [ 853.607413][T20103] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3876'. [ 853.618436][T20103] veth0_macvtap: left promiscuous mode [ 854.355006][T20123] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3883'. [ 854.566309][T20129] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3885'. [ 854.866741][T20136] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3886'. [ 857.485552][T20203] netlink: 'syz.5.3906': attribute type 5 has an invalid length. [ 857.518043][T20203] netlink: 314 bytes leftover after parsing attributes in process `syz.5.3906'. [ 859.019362][T20236] netlink: 'syz.3.3915': attribute type 11 has an invalid length. [ 859.685026][T20249] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3916'. [ 860.206005][T20257] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3922'. [ 860.887961][T20276] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3926'. [ 861.114483][T20276] veth0_macvtap: left promiscuous mode [ 865.068393][T20351] serio: Serial port ptm0 [ 865.911118][T20358] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3949'. [ 865.970203][T20358] veth0_macvtap: left promiscuous mode [ 866.456085][T20367] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3954'. [ 868.130945][T20395] FAULT_INJECTION: forcing a failure. [ 868.130945][T20395] name failslab, interval 1, probability 0, space 0, times 0 [ 868.179274][T20395] CPU: 0 UID: 0 PID: 20395 Comm: syz.3.3963 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 868.190134][T20395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 868.200253][T20395] Call Trace: [ 868.203569][T20395] [ 868.206630][T20395] dump_stack_lvl+0x16c/0x1f0 [ 868.211380][T20395] should_fail_ex+0x497/0x5b0 [ 868.216115][T20395] ? fs_reclaim_acquire+0xae/0x150 [ 868.221283][T20395] should_failslab+0xc2/0x120 [ 868.226030][T20395] __kmalloc_noprof+0xce/0x4f0 [ 868.230875][T20395] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 868.236573][T20395] ? tomoyo_realpath_from_path+0xbf/0x710 [ 868.242361][T20395] tomoyo_realpath_from_path+0xbf/0x710 [ 868.248007][T20395] ? tomoyo_path_number_perm+0x235/0x5b0 [ 868.253816][T20395] tomoyo_path_number_perm+0x248/0x5b0 [ 868.259346][T20395] ? tomoyo_path_number_perm+0x235/0x5b0 [ 868.265140][T20395] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 868.271234][T20395] ? __pfx_lock_release+0x10/0x10 [ 868.276305][T20395] ? trace_lock_acquire+0x14e/0x1f0 [ 868.281572][T20395] ? lock_acquire+0x2f/0xb0 [ 868.286208][T20395] ? __fget_files+0x40/0x3a0 [ 868.290860][T20395] ? __fget_files+0x206/0x3a0 [ 868.295605][T20395] security_file_ioctl+0x9b/0x240 [ 868.300687][T20395] __x64_sys_ioctl+0xb7/0x200 [ 868.305447][T20395] do_syscall_64+0xcd/0x250 [ 868.310039][T20395] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 868.316081][T20395] RIP: 0033:0x7f5dc2f85d29 [ 868.320553][T20395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 868.340219][T20395] RSP: 002b:00007f5dc3e77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 868.348750][T20395] RAX: ffffffffffffffda RBX: 00007f5dc3175fa0 RCX: 00007f5dc2f85d29 [ 868.356862][T20395] RDX: 0000000000000038 RSI: 000000000000541b RDI: 0000000000000003 [ 868.364876][T20395] RBP: 00007f5dc3e77090 R08: 0000000000000000 R09: 0000000000000000 [ 868.373005][T20395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 868.381805][T20395] R13: 0000000000000000 R14: 00007f5dc3175fa0 R15: 00007ffd0bf2ceb8 [ 868.389853][T20395] [ 868.421299][T20395] ERROR: Out of memory at tomoyo_realpath_from_path. [ 868.664727][T20404] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3973'. [ 869.029509][T20405] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3965'. [ 869.128465][T20405] netdevsim netdevsim5 netdevsim2: entered allmulticast mode [ 870.779382][T20441] FAULT_INJECTION: forcing a failure. [ 870.779382][T20441] name failslab, interval 1, probability 0, space 0, times 0 [ 870.793017][T20441] CPU: 1 UID: 0 PID: 20441 Comm: syz.4.3975 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 870.803860][T20441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 870.813969][T20441] Call Trace: [ 870.817376][T20441] [ 870.820351][T20441] dump_stack_lvl+0x16c/0x1f0 [ 870.825091][T20441] should_fail_ex+0x497/0x5b0 [ 870.829839][T20441] ? fs_reclaim_acquire+0xae/0x150 [ 870.835016][T20441] should_failslab+0xc2/0x120 [ 870.839767][T20441] __kmalloc_noprof+0xce/0x4f0 [ 870.844600][T20441] ? d_absolute_path+0x137/0x1b0 [ 870.849606][T20441] ? tomoyo_encode2+0x100/0x3e0 [ 870.854527][T20441] tomoyo_encode2+0x100/0x3e0 [ 870.859275][T20441] tomoyo_realpath_from_path+0x1a7/0x710 [ 870.865029][T20441] tomoyo_path_number_perm+0x248/0x5b0 [ 870.870564][T20441] ? tomoyo_path_number_perm+0x235/0x5b0 [ 870.876277][T20441] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 870.882381][T20441] ? __pfx_lock_release+0x10/0x10 [ 870.887459][T20441] ? trace_lock_acquire+0x14e/0x1f0 [ 870.892730][T20441] ? lock_acquire+0x2f/0xb0 [ 870.897297][T20441] ? __fget_files+0x40/0x3a0 [ 870.901971][T20441] ? __fget_files+0x206/0x3a0 [ 870.906716][T20441] security_file_ioctl+0x9b/0x240 [ 870.911797][T20441] __x64_sys_ioctl+0xb7/0x200 [ 870.916582][T20441] do_syscall_64+0xcd/0x250 [ 870.921150][T20441] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 870.927110][T20441] RIP: 0033:0x7f0c6bb85d29 [ 870.931573][T20441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 870.951245][T20441] RSP: 002b:00007f0c6c9a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 870.959731][T20441] RAX: ffffffffffffffda RBX: 00007f0c6bd75fa0 RCX: 00007f0c6bb85d29 [ 870.967759][T20441] RDX: 0000000000000038 RSI: 000000000000541b RDI: 0000000000000003 [ 870.975786][T20441] RBP: 00007f0c6c9a3090 R08: 0000000000000000 R09: 0000000000000000 [ 870.983809][T20441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 870.991832][T20441] R13: 0000000000000000 R14: 00007f0c6bd75fa0 R15: 00007ffea5cb08f8 [ 870.999870][T20441] [ 871.369603][T20441] ERROR: Out of memory at tomoyo_realpath_from_path. [ 871.672465][T20458] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3980'. [ 871.858943][T20460] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3981'. [ 872.012285][T20458] team0: Port device team_slave_0 removed [ 872.201680][T20469] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3983'. [ 872.228621][T20468] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3983'. [ 875.490064][T20502] netlink: 330 bytes leftover after parsing attributes in process `syz.5.3993'. [ 875.502315][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 875.508706][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 875.696369][T20509] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3995'. [ 875.802672][T20502] syz.5.3993 (20502) used greatest stack depth: 20384 bytes left [ 876.926246][T20552] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4004'. [ 877.445351][T20570] netlink: 330 bytes leftover after parsing attributes in process `syz.1.4007'. [ 880.940683][T20618] ima: policy update failed [ 881.040591][ T29] audit: type=1807 audit(4294967498.370:27): UNKNOWN=$ res=0 [ 881.048094][ T29] audit: type=1802 audit(4294967498.370:28): pid=20622 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.5.4019" res=0 errno=0 [ 881.084994][T20617] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4018'. [ 881.094133][ T29] audit: type=1802 audit(4294967498.400:29): pid=20618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.4019" res=0 errno=0 [ 881.230874][T20617] netdevsim netdevsim1 netdevsim2: entered allmulticast mode [ 881.344535][T20631] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4020'. [ 882.253424][T20651] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4026'. [ 882.824656][T20665] bridge0: port 3(bond0) entered blocking state [ 882.839854][T20665] bridge0: port 3(bond0) entered disabled state [ 882.855673][T20665] bond0: entered allmulticast mode [ 882.871770][T20665] bond_slave_1: entered allmulticast mode [ 882.906126][T20665] bond0: entered promiscuous mode [ 882.938729][T20665] bond_slave_1: entered promiscuous mode [ 882.980445][T20665] bridge0: port 3(bond0) entered blocking state [ 882.986895][T20665] bridge0: port 3(bond0) entered forwarding state [ 883.025913][T20672] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4032'. [ 883.276564][T20679] netlink: 342 bytes leftover after parsing attributes in process `syz.4.4033'. [ 883.308799][T20679] netlink: 342 bytes leftover after parsing attributes in process `syz.4.4033'. [ 885.810455][T20705] syz.4.4046: vmalloc error: size 4503599627371522, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 885.855466][T20705] CPU: 1 UID: 0 PID: 20705 Comm: syz.4.4046 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 885.866425][T20705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 885.876539][T20705] Call Trace: [ 885.879865][T20705] [ 885.882842][T20705] dump_stack_lvl+0x16c/0x1f0 [ 885.887591][T20705] warn_alloc+0x24d/0x3a0 [ 885.891995][T20705] ? __pfx_warn_alloc+0x10/0x10 [ 885.896923][T20705] ? __pfx_mark_lock+0x10/0x10 [ 885.901779][T20705] ? lock_acquire.part.0+0x11b/0x380 [ 885.907147][T20705] __vmalloc_node_range_noprof+0x10df/0x1530 [ 885.913207][T20705] ? rcu_is_watching+0x12/0xc0 [ 885.918042][T20705] ? trace_contention_end+0xee/0x140 [ 885.923405][T20705] ? dvb_demux_do_ioctl+0x54d/0x1340 [ 885.928770][T20705] ? dvb_demux_do_ioctl+0x496/0x1340 [ 885.934133][T20705] ? __pfx___mutex_lock+0x10/0x10 [ 885.939327][T20705] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 885.945742][T20705] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 885.951703][T20705] ? dvb_demux_do_ioctl+0x54d/0x1340 [ 885.957065][T20705] vmalloc_noprof+0x6b/0x90 [ 885.961636][T20705] ? dvb_demux_do_ioctl+0x54d/0x1340 [ 885.966995][T20705] dvb_demux_do_ioctl+0x54d/0x1340 [ 885.972279][T20705] dvb_usercopy+0x165/0x320 [ 885.976853][T20705] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 885.982508][T20705] ? __pfx_dvb_usercopy+0x10/0x10 [ 885.987599][T20705] ? __pfx_lock_release+0x10/0x10 [ 885.992698][T20705] ? __fget_files+0x206/0x3a0 [ 885.997448][T20705] dvb_demux_ioctl+0x29/0x40 [ 886.002101][T20705] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 886.007452][T20705] __x64_sys_ioctl+0x190/0x200 [ 886.012299][T20705] do_syscall_64+0xcd/0x250 [ 886.016899][T20705] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 886.022858][T20705] RIP: 0033:0x7f0c6bb85d29 [ 886.027327][T20705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 886.047006][T20705] RSP: 002b:00007f0c6c9a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 886.055486][T20705] RAX: ffffffffffffffda RBX: 00007f0c6bd75fa0 RCX: 00007f0c6bb85d29 [ 886.063514][T20705] RDX: 0010000000000402 RSI: 0000000000006f2d RDI: 0000000000000003 [ 886.071535][T20705] RBP: 00007f0c6bc01a20 R08: 0000000000000000 R09: 0000000000000000 [ 886.079560][T20705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 886.087580][T20705] R13: 0000000000000000 R14: 00007f0c6bd75fa0 R15: 00007ffea5cb08f8 [ 886.095626][T20705] [ 886.359728][T20705] Mem-Info: [ 886.362934][T20705] active_anon:21232 inactive_anon:16 isolated_anon:0 [ 886.362934][T20705] active_file:3064 inactive_file:55326 isolated_file:0 [ 886.362934][T20705] unevictable:774 dirty:1442 writeback:0 [ 886.362934][T20705] slab_reclaimable:12306 slab_unreclaimable:115649 [ 886.362934][T20705] mapped:26515 shmem:9650 pagetables:872 [ 886.362934][T20705] sec_pagetables:0 bounce:0 [ 886.362934][T20705] kernel_misc_reclaimable:0 [ 886.362934][T20705] free:1273882 free_pcp:26752 free_cma:0 [ 886.408911][T20705] Node 0 active_anon:77428kB inactive_anon:64kB active_file:12256kB inactive_file:221296kB unevictable:1560kB isolated(anon):0kB isolated(file):0kB mapped:106056kB dirty:5768kB writeback:0kB shmem:29564kB shmem_thp:2048kB shmem_pmdmapped:2048kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11096kB pagetables:3488kB sec_pagetables:0kB all_unreclaimable? no [ 886.619039][T20705] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:8kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 886.679657][T20705] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 886.842316][T20705] lowmem_reserve[]: 0 2465 2466 0 0 [ 886.869827][T20705] Node 0 DMA32 free:1240448kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:54392kB inactive_anon:64kB active_file:12256kB inactive_file:221168kB unevictable:1560kB writepending:5768kB present:3129332kB managed:2551336kB mlocked:24kB bounce:0kB free_pcp:67664kB local_pcp:7728kB free_cma:0kB [ 887.005488][T20723] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4042'. [ 887.023737][T20705] lowmem_reserve[]: 0 0 0 0 0 [ 887.028615][T20705] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:828kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:4kB free_cma:0kB [ 887.071084][T20705] lowmem_reserve[]: 0 0 0 0 0 [ 887.127278][T20705] Node 1 Normal free:3908236kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:8kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:696kB local_pcp:472kB free_cma:0kB [ 887.209302][T20705] lowmem_reserve[]: 0 0 0 0 0 [ 887.214206][T20705] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 887.267166][T20705] Node 0 DMA32: 1641*4kB (UME) 2460*8kB (UME) 1868*16kB (UME) 594*32kB (UME) 282*64kB (UME) 290*128kB (UME) 276*256kB (UM) 129*512kB (UME) 98*1024kB (UM) 12*2048kB (UME) 212*4096kB (UME) = 1260292kB [ 887.323100][T20705] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 887.402641][T20705] Node 1 Normal: 119*4kB (UME) 66*8kB (UME) 60*16kB (UME) 185*32kB (UE) 95*64kB (UME) 30*128kB (UE) 17*256kB (UME) 8*512kB (UM) 5*1024kB (UME) 5*2048kB (UME) 944*4096kB (M) = 3908236kB [ 887.493613][T20705] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 887.511468][T20705] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 887.521463][T20705] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 887.532089][T20705] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 887.542540][T20705] 61387 total pagecache pages [ 887.547276][T20705] 45 pages in swap cache [ 887.578557][T20705] Free swap = 124340kB [ 887.619194][T20705] Total swap = 124996kB [ 887.646432][T20705] 2097051 pages RAM [ 887.659185][T20705] 0 pages HighMem/MovableOnly [ 887.670834][T20705] 427367 pages reserved [ 887.685807][T20705] 0 pages cma reserved [ 889.745103][T20769] ima: policy update failed [ 889.764258][ T29] audit: type=1802 audit(4294967507.220:30): pid=20769 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.4054" res=0 errno=0 [ 892.393672][T20812] block nbd0: not configured, cannot reconfigure [ 896.780153][T20862] block nbd0: not configured, cannot reconfigure [ 902.012074][T20921] bridge0: port 3(bond0) entered blocking state [ 902.018942][T20921] bridge0: port 3(bond0) entered disabled state [ 902.059729][T20921] bond0: entered allmulticast mode [ 902.106108][T20921] bond_slave_0: entered allmulticast mode [ 902.161153][T20917] block nbd0: not configured, cannot reconfigure [ 902.178802][T20921] bond_slave_1: entered allmulticast mode [ 902.220540][T20921] bond0: entered promiscuous mode [ 902.239345][T20921] bond_slave_0: entered promiscuous mode [ 902.253306][T20921] bond_slave_1: entered promiscuous mode [ 902.286794][T20921] bridge0: port 3(bond0) entered blocking state [ 902.293360][T20921] bridge0: port 3(bond0) entered forwarding state [ 904.677063][T20947] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4106'. [ 904.721696][T20947] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4106'. [ 905.153263][T20957] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 905.169236][T20957] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 909.626573][T21009] netlink: 342 bytes leftover after parsing attributes in process `syz.1.4115'. [ 909.772650][T21009] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4115'. [ 909.968560][T21009] bridge0: port 1(bridge_slave_0) entered disabled state [ 910.422248][T21009] bridge_slave_0 (unregistering): left allmulticast mode [ 910.459295][T21009] bridge_slave_0 (unregistering): left promiscuous mode [ 910.466559][T21009] bridge0: port 1(bridge_slave_0) entered disabled state [ 911.538292][T21029] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4121'. [ 913.567316][T21047] Process accounting resumed [ 914.037951][T21023] ima: policy update failed [ 914.054506][ T29] audit: type=1802 audit(4294967531.510:31): pid=21023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.4119" res=0 errno=0 [ 914.974642][T21069] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4132'. [ 916.347018][T21088] netlink: 1528 bytes leftover after parsing attributes in process `syz.4.4136'. [ 916.639682][T21094] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4138'. [ 919.143885][T21121] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4143'. [ 921.482881][ T5847] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 921.494528][ T5847] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 921.503469][ T5847] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 921.751128][T21150] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4153'. [ 921.788185][T21150] netlink: 114 bytes leftover after parsing attributes in process `syz.1.4153'. [ 921.893201][ T5847] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 921.901611][ T5847] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 921.908983][ T5847] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 922.861037][T21164] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4156'. [ 923.404558][T21147] chnl_net:caif_netlink_parms(): no params data found [ 923.670872][T21147] bridge0: port 1(bridge_slave_0) entered blocking state [ 923.689420][T21147] bridge0: port 1(bridge_slave_0) entered disabled state [ 923.696887][T21147] bridge_slave_0: entered allmulticast mode [ 923.704612][T21147] bridge_slave_0: entered promiscuous mode [ 923.713245][T21147] bridge0: port 2(bridge_slave_1) entered blocking state [ 923.721396][T21147] bridge0: port 2(bridge_slave_1) entered disabled state [ 923.729589][T21147] bridge_slave_1: entered allmulticast mode [ 923.736878][T21147] bridge_slave_1: entered promiscuous mode [ 923.847728][T21147] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 923.867834][T21147] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 923.989606][ T5847] Bluetooth: hci2: command tx timeout [ 924.028049][T21147] team0: Port device team_slave_0 added [ 924.082123][T21147] team0: Port device team_slave_1 added [ 924.184843][T21147] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 924.202973][T21147] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 924.241189][T21147] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 924.263434][T21147] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 924.279252][T21147] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 924.326990][T21191] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4162'. [ 924.336128][T21147] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 924.351649][T21173] Process accounting resumed [ 924.390551][T21191] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4162'. [ 924.706486][T21147] hsr_slave_0: entered promiscuous mode [ 924.729965][T21147] hsr_slave_1: entered promiscuous mode [ 924.765836][T21147] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 924.800025][T21147] Cannot create hsr debugfs directory [ 925.228520][T21147] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 925.442312][T21147] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 925.631375][T21147] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 926.001345][T21147] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 926.066464][ T5847] Bluetooth: hci2: command tx timeout [ 926.136346][T21214] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4168'. [ 926.381791][T21147] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 926.422096][T21147] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 926.442931][T21147] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 926.470209][T21147] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 926.568178][T21147] 8021q: adding VLAN 0 to HW filter on device bond0 [ 926.590180][T21147] 8021q: adding VLAN 0 to HW filter on device team0 [ 926.602345][ T3607] bridge0: port 1(bridge_slave_0) entered blocking state [ 926.609589][ T3607] bridge0: port 1(bridge_slave_0) entered forwarding state [ 926.628497][T21220] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4169'. [ 926.655275][ T3607] bridge0: port 2(bridge_slave_1) entered blocking state [ 926.662477][ T3607] bridge0: port 2(bridge_slave_1) entered forwarding state [ 926.766628][T21147] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 927.745048][T21147] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 928.189390][ T5847] Bluetooth: hci2: command tx timeout [ 928.866528][T21147] veth0_vlan: entered promiscuous mode [ 928.894065][T21147] veth1_vlan: entered promiscuous mode [ 929.106105][T21147] veth0_macvtap: entered promiscuous mode [ 929.116742][T21147] veth1_macvtap: entered promiscuous mode [ 929.169322][T21147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 929.209198][T21147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.237697][T21147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 929.258665][T21147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.279622][T21147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 929.305069][T21147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.325576][T21147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 929.341210][T21147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.351465][T21147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 929.362805][T21147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.372916][T21147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 929.383714][T21147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.395646][T21147] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 929.485057][T21147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 929.499070][T21147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.521915][T21147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 929.539236][T21147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.560148][T21147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 929.578932][T21147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.596033][T21147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 929.633212][T21147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.659031][T21147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 929.681111][T21268] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4180'. [ 929.695611][T21147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.721290][T21147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 929.747360][T21147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.766526][T21147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 929.783206][T21147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.806350][T21147] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 929.844979][T21147] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 929.879247][T21147] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 929.888040][T21147] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 929.911640][T21147] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 930.141348][T11323] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 930.159304][T11323] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 930.240095][ T5847] Bluetooth: hci2: command tx timeout [ 930.246787][ T3495] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 930.255178][ T3495] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 932.720124][T21331] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4193'. [ 936.732093][T21414] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4215'. [ 936.945874][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 936.952406][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 937.900703][T21443] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4230'. [ 938.070289][T21447] binder: 21446:21447 ioctl 40044900 800000000000003 returned -22 [ 939.520681][T21485] Process accounting resumed [ 939.615043][T21491] Process accounting resumed [ 940.611378][T21505] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4240'. [ 941.492664][T21505] team0: Port device team_slave_0 removed [ 942.633145][T21524] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 943.926945][T21548] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4253'. [ 944.001062][T21545] sg_read: process 337 (syz.4.4251) changed security contexts after opening file descriptor, this is not allowed. [ 944.492774][T21541] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4251'. [ 944.548654][T21541] macsec0: entered promiscuous mode [ 945.374516][T21573] [ 945.376930][T21573] ====================================================== [ 945.383986][T21573] WARNING: possible circular locking dependency detected [ 945.391039][T21573] 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 Not tainted [ 945.398232][T21573] ------------------------------------------------------ [ 945.405284][T21573] syz.4.4260/21573 is trying to acquire lock: [ 945.411389][T21573] ffffffff8fabf788 (rtnl_mutex){+.+.}-{4:4}, at: do_ipv6_setsockopt+0x1f4d/0x4660 [ 945.420705][T21573] [ 945.420705][T21573] but task is already holding lock: [ 945.428104][T21573] ffff888028fb66a8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x101/0xc00 [ 945.438322][T21573] [ 945.438322][T21573] which lock already depends on the new lock. [ 945.438322][T21573] [ 945.448774][T21573] [ 945.448774][T21573] the existing dependency chain (in reverse order) is: [ 945.457825][T21573] [ 945.457825][T21573] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 945.466502][T21573] __mutex_lock+0x19b/0xa60 [ 945.471601][T21573] smc_switch_to_fallback+0x2d/0xa00 [ 945.477484][T21573] smc_sendmsg+0x13d/0x520 [ 945.482486][T21573] ____sys_sendmsg+0x9ae/0xb40 [ 945.487825][T21573] ___sys_sendmsg+0x135/0x1e0 [ 945.493110][T21573] __sys_sendmsg+0x16e/0x220 [ 945.498276][T21573] do_syscall_64+0xcd/0x250 [ 945.503375][T21573] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 945.509849][T21573] [ 945.509849][T21573] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}: [ 945.517569][T21573] lock_sock_nested+0x3a/0xf0 [ 945.522845][T21573] sockopt_lock_sock+0x54/0x70 [ 945.528195][T21573] do_ip_setsockopt+0x101/0x38c0 [ 945.533706][T21573] ip_setsockopt+0x59/0xf0 [ 945.538730][T21573] raw_setsockopt+0xb8/0x290 [ 945.543892][T21573] do_sock_setsockopt+0x222/0x480 [ 945.549508][T21573] __sys_setsockopt+0x1a0/0x230 [ 945.554958][T21573] __x64_sys_setsockopt+0xbd/0x160 [ 945.560657][T21573] do_syscall_64+0xcd/0x250 [ 945.565836][T21573] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 945.572341][T21573] [ 945.572341][T21573] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 945.579620][T21573] __lock_acquire+0x249e/0x3c40 [ 945.585064][T21573] lock_acquire.part.0+0x11b/0x380 [ 945.590763][T21573] __mutex_lock+0x19b/0xa60 [ 945.595852][T21573] do_ipv6_setsockopt+0x1f4d/0x4660 [ 945.601726][T21573] ipv6_setsockopt+0xcb/0x170 [ 945.606982][T21573] tcp_setsockopt+0xa4/0x100 [ 945.612147][T21573] smc_setsockopt+0x1b4/0xc00 [ 945.617424][T21573] do_sock_setsockopt+0x222/0x480 [ 945.623044][T21573] __sys_setsockopt+0x1a0/0x230 [ 945.628482][T21573] __x64_sys_setsockopt+0xbd/0x160 [ 945.634443][T21573] do_syscall_64+0xcd/0x250 [ 945.639523][T21573] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 945.645993][T21573] [ 945.645993][T21573] other info that might help us debug this: [ 945.645993][T21573] [ 945.656521][T21573] Chain exists of: [ 945.656521][T21573] rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock [ 945.656521][T21573] [ 945.670159][T21573] Possible unsafe locking scenario: [ 945.670159][T21573] [ 945.677638][T21573] CPU0 CPU1 [ 945.683038][T21573] ---- ---- [ 945.688438][T21573] lock(&smc->clcsock_release_lock); [ 945.693867][T21573] lock(sk_lock-AF_INET); [ 945.700848][T21573] lock(&smc->clcsock_release_lock); [ 945.708785][T21573] lock(rtnl_mutex); [ 945.712812][T21573] [ 945.712812][T21573] *** DEADLOCK *** [ 945.712812][T21573] [ 945.720984][T21573] 1 lock held by syz.4.4260/21573: [ 945.726138][T21573] #0: ffff888028fb66a8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x101/0xc00 [ 945.736769][T21573] [ 945.736769][T21573] stack backtrace: [ 945.742695][T21573] CPU: 1 UID: 0 PID: 21573 Comm: syz.4.4260 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 945.753514][T21573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 945.763615][T21573] Call Trace: [ 945.767017][T21573] [ 945.770071][T21573] dump_stack_lvl+0x116/0x1f0 [ 945.774808][T21573] print_circular_bug+0x41c/0x610 [ 945.779906][T21573] check_noncircular+0x31a/0x400 [ 945.784928][T21573] ? __pfx_check_noncircular+0x10/0x10 [ 945.790454][T21573] ? hlock_class+0x4e/0x130 [ 945.795023][T21573] ? hlock_class+0x4e/0x130 [ 945.799587][T21573] ? lockdep_lock+0xc6/0x200 [ 945.804258][T21573] ? __pfx_lockdep_lock+0x10/0x10 [ 945.809355][T21573] ? __pfx_mark_lock+0x10/0x10 [ 945.814187][T21573] __lock_acquire+0x249e/0x3c40 [ 945.819109][T21573] ? __pfx___lock_acquire+0x10/0x10 [ 945.824393][T21573] ? __lock_acquire+0x15a9/0x3c40 [ 945.829497][T21573] lock_acquire.part.0+0x11b/0x380 [ 945.834670][T21573] ? do_ipv6_setsockopt+0x1f4d/0x4660 [ 945.840103][T21573] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 945.845790][T21573] ? rcu_is_watching+0x12/0xc0 [ 945.850629][T21573] ? trace_lock_acquire+0x14e/0x1f0 [ 945.855896][T21573] ? do_ipv6_setsockopt+0x1f4d/0x4660 [ 945.861352][T21573] ? lock_acquire+0x2f/0xb0 [ 945.866584][T21573] ? do_ipv6_setsockopt+0x1f4d/0x4660 [ 945.872030][T21573] __mutex_lock+0x19b/0xa60 [ 945.876593][T21573] ? do_ipv6_setsockopt+0x1f4d/0x4660 [ 945.882022][T21573] ? __pfx_mark_lock+0x10/0x10 [ 945.886867][T21573] ? do_ipv6_setsockopt+0x1f4d/0x4660 [ 945.892300][T21573] ? __pfx___mutex_lock+0x10/0x10 [ 945.897395][T21573] ? __pfx_register_lock_class+0x10/0x10 [ 945.903077][T21573] ? finish_task_switch.isra.0+0x217/0xcc0 [ 945.908942][T21573] ? __switch_to+0x749/0x1190 [ 945.913682][T21573] ? hlock_class+0x4e/0x130 [ 945.918592][T21573] ? do_ipv6_setsockopt+0x1f4d/0x4660 [ 945.924013][T21573] ? rtnl_lock+0x9/0x20 [ 945.928235][T21573] do_ipv6_setsockopt+0x1f4d/0x4660 [ 945.933498][T21573] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 945.939107][T21573] ? lock_acquire.part.0+0x11b/0x380 [ 945.944459][T21573] ? __mutex_trylock_common+0xea/0x250 [ 945.949972][T21573] ? __pfx___mutex_trylock_common+0x10/0x10 [ 945.955921][T21573] ? smc_setsockopt+0x101/0xc00 [ 945.960847][T21573] ? rcu_is_watching+0x12/0xc0 [ 945.965663][T21573] ? trace_contention_end+0xee/0x140 [ 945.970994][T21573] ? __mutex_lock+0x1cc/0xa60 [ 945.975739][T21573] ? __pfx___futex_wait+0x10/0x10 [ 945.980817][T21573] ? smc_setsockopt+0x101/0xc00 [ 945.985743][T21573] ? __pfx___mutex_lock+0x10/0x10 [ 945.990831][T21573] ? ipv6_setsockopt+0xcb/0x170 [ 945.995741][T21573] ipv6_setsockopt+0xcb/0x170 [ 946.000485][T21573] tcp_setsockopt+0xa4/0x100 [ 946.005139][T21573] smc_setsockopt+0x1b4/0xc00 [ 946.009884][T21573] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 946.015915][T21573] ? __pfx_smc_setsockopt+0x10/0x10 [ 946.021191][T21573] ? lock_acquire.part.0+0x11b/0x380 [ 946.026616][T21573] ? __pfx_smc_setsockopt+0x10/0x10 [ 946.031884][T21573] do_sock_setsockopt+0x222/0x480 [ 946.036984][T21573] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 946.042599][T21573] ? __pfx_do_futex+0x10/0x10 [ 946.047352][T21573] ? __x64_sys_futex+0x1e1/0x4c0 [ 946.052354][T21573] ? __x64_sys_futex+0x1ea/0x4c0 [ 946.057355][T21573] __sys_setsockopt+0x1a0/0x230 [ 946.062267][T21573] __x64_sys_setsockopt+0xbd/0x160 [ 946.067462][T21573] ? do_syscall_64+0x91/0x250 [ 946.072193][T21573] ? lockdep_hardirqs_on+0x7c/0x110 [ 946.077467][T21573] do_syscall_64+0xcd/0x250 [ 946.082029][T21573] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 946.087983][T21573] RIP: 0033:0x7f0c6bb85d29 [ 946.092450][T21573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 946.112115][T21573] RSP: 002b:00007f0c6c9a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 946.120584][T21573] RAX: ffffffffffffffda RBX: 00007f0c6bd75fa0 RCX: 00007f0c6bb85d29 [ 946.128594][T21573] RDX: 0000000000000014 RSI: 0000000000000029 RDI: 0000000000000003 [ 946.136605][T21573] RBP: 00007f0c6bc01a20 R08: 0000000010000110 R09: 0000000000000000 [ 946.144617][T21573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 946.152627][T21573] R13: 0000000000000000 R14: 00007f0c6bd75fa0 R15: 00007ffea5cb08f8 [ 946.160651][T21573]