last executing test programs: 7m37.261943905s ago: executing program 0 (id=1069): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB='J\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd7000fcdbdf25020000002c00018028003c8008001b"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000e00), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_TDLS_OPER(r0, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000000e40)={0x3c, r1, 0x1, 0x70bd2a, 0x25dfdbfe, {}, [@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, "e59954082586bc3ad68380a90659c016443901a24cd21d8a4e5e9deb34bdf7318e8589eb"}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40008c5}, 0x40000c4) mmap$auto(0x0, 0x400008, 0xdf, 0xcf5, 0xffffffffffffffff, 0x100000000008000) write$auto(0x800000000000c8, 0x0, 0x1a) mmap$auto(0x6, 0x9, 0x6, 0x32d4, 0x10000, 0x80000001) ioctl$auto(0xc8, 0xffffffff800454dd, 0x4000000000008) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x7b, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) mmap$auto(0x0, 0x7fffffffffffffff, 0xdf, 0x15, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) read$auto(0x3, 0x0, 0x80) madvise$auto(0x0, 0x3, 0x66) socket(0xa, 0x1, 0x84) 7m36.405222394s ago: executing program 0 (id=1070): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0x19d0, 0xfffffffffffffffa, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYRESHEX=r0, @ANYRES32, @ANYRESOCT=r1], 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x4044820) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x100000000005d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd) fcntl$auto(0xff80000000000000, 0x4, 0xfffffffffffffffc) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) clone$auto(0x440f, 0x6, &(0x7f00000000c0)=0x10001, &(0x7f0000000180)=0x9, 0x8) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="810b25bd7000ffdbdf253200000008000300", @ANYRES32=r5], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) semctl$auto(0x7, 0x2, 0x13, 0x1) lsm_list_modules$auto(0x0, 0x0, 0x0) r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000240)='/dev/admmidi2\x00', 0x101000, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_INFO(r6, 0x810c5701, &(0x7f0000003380)={0xfffffff9, 0xb, 0x7, 0x7ff, 0x8, "eb6183a2c44a716ca16333e5d5d5351305a348104d4c2603478adc3fe84e9d879df7cbd09efda00b5ac99df1e1bbb3b8b5c55fcd284101dfb7554a5fbd869d2e", "0aa103434fc7dee45be80fe485a0977a1026393bf2eec447c39915b2aa33b88417240f775d9caf5bc2ce8df08cfcde40c156df5242859e388d35b287edc71aa0318a1964d2bc3e90fbb1535ca82b3e2d", "d34a0894567dc0ddd1005e535387aef3980a59435ce9fa35cfb2ef3309cf0c00", 0x0, 0x3, "1ea5929b319155851b096df0b3658c31be86cf6a22ab0ee97972edccac84883839797849c42718c1267dccd63557d3e968fda5c156ad7d93759ce32a4caac2e8"}) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) io_uring_setup$auto(0x40005, &(0x7f0000000000)={0x6, 0x1, 0x400, 0x7, 0x1005, 0x6, 0x7, [0x4, 0x2e9, 0x8], {0x0, 0x1, 0x8, 0x7, 0x5, 0x100005, 0x1, 0x0, 0x7}, {0x4, 0xfff, 0xffff7fff, 0x2, 0x8, 0x200, 0x3, 0x0, 0x3}}) madvise$auto(0x108000, 0x800034, 0x9) times$auto(&(0x7f00000001c0)={0x7fffffff, 0x4, 0x9, 0x4}) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/block/loop3/pm_only\x00', 0x8a8003, 0x0) 7m33.786218037s ago: executing program 0 (id=1074): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)={0x254, 0x0, 0x6a78653b2808c649, 0x70bd2b, 0x25dfdbff, {}, [@NL80211_ATTR_S1G_CAPABILITY_MASK={0x7d, 0x129, "b034167f67a3fc2b5a5996d4f84de4bd4240f47cd6c80ffc62f3b860e2bbd5ec4cce56f72f88f5c290c1cb8557d478ed87490d16c346e972502896d69a29be9e489be8e5ae8c9e06c8ef2bd3bb75eea4a774ce164de86f4f0be0fa23ae483bd325ca260f8df3bd1af063c3d949261554c7df88894e6cbc76a5"}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x3}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0xe4f4}, @NL80211_ATTR_STA_FLAGS={0x1a5, 0x11, 0x0, 0x1, [@nested={0x18, 0x147, 0x0, 0x1, [@typed={0x14, 0x143, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x28}}]}, @typed={0x8, 0xde, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x14, 0x10f, 0x0, 0x0, @ipv6=@local}, @typed={0x14, 0x4a, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @loopback}}, @generic="d49e5a83c8eada75a2f1f1293e98c271c3ec44b0d1fd2242f4dd813c2a5bbb1d3f464f0869eae0c0df7eb76d06d0eb89251ead3880cc8cbb90c079de94beb888eab94b707a511a", @generic="14f9dca56c8a9966152aa4fc1e4d150b8c5992b52071e54b0bd6a01d9af0c9d52a906a63e162d7166af00445d7186bf37c6107577a3c937c3b7dfd404938616b5fedcd696d6a9b3482e247585f625498c4aefee8c31c4298b2b28b6ce29ad60ad94d0fea35483b7ea1a6789854e088a5a10cfb744061ee11c045a7567b0d82159e07898091a879e86c5ede9a2c24cc669127401e5e10a172fe94139cf88add846370555dfda344758e432230f637160f1d2a18ea29adea4e5dc6f06f4cfd2a8e8d8a027db59f49e58830f992b4ee57d6396a86eef2815f589d5d60719797a1031ec53198700d044b50c14460a0ebebb1a533bf19e4808af51b773946c4964ee25cae264071908b96aca1fdf4141a41ecfc37"]}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x81}]}, 0x254}, 0x1, 0x0, 0x0, 0x4000004}, 0x5) recvmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x4, 0x0, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0) socket(0xa, 0x801, 0x106) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x0, 0x33, 0x0, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_SET(r1, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000002740)={&(0x7f0000000300)=ANY=[@ANYBLOB="64160000", @ANYRES16=r2, @ANYBLOB="01002bbd7000fddbdf25110000004f160980a703ed80fc01b380f80102801f69a14d4b4a0d0324073e976b676072e40124800400eb8004004e803f0079002f7379732f6b65726e656c2f64656275672f6e657464657673696d2f6e657464657673696d332f7073616d706c652f6c6174656e63795f6d61780000b4ecf7a98db4d534a6a94d16847dac9336fd38fe8f44b736efb5933af979682e483fb5bb3955206013bcb74f449988a3af924b2d956d7f666ef2176e2e6eeecedd7d4524dee4796aeec5243226b15559ef39e79083e5fc692762bde69a7afda9ca75465446cf1ce86d34631750ea168b2d47754dc71c289d270dc89e47a0a3275ba443db3bfb1bedcc4da109ef90898d52dc1bfba1a7a4e81d3a3de3cc4d10156e81f6205d17f218badcfad61a229593f9a02001941e385610f686d4a302df31a051dad684ac4455942276ce14a4f0cd4433fdb9021272c8b8e0c512da195cd2cf4fdc196d68d36448623d439ce64fda56e575098c0154f6fc8e4427bfeec66d9ea0b208fab3a9f503ce298c69b9cf4d14f3721b1b7abda1c614bca2231b3d83012985a649f436eb39dda509192aa5bfa5059feaaac96dad4655afb2323c4cc73dac2febd20b4e6c66edc01f65b9bcdf73fe6d150374b98cd5a84a92e9580ecd7c0b3645a9a8fa4e830a19c66c916421a7df2b337ebf139c5aa30789478547fbc0cc005b1491c43269529c804b8caaa907009900232e0000e100a68008007b00ff070000d5823b037a8f6e502702cbbc2dcec4e4b0f254d161351f47dd30fda60617f2cd1aa14dd7fa4cea12289d32d719ff0c893d2cdaad2090fe8390c68321f4b9d30225ccb53abf518811560dddb0d51cb7bac558afc5d61c24d48159cf54fc882bf2b09d02cecd0306db58fd0e76d356fb32ff1526685e8138ac22820aa9aa146a54d506317d091891bc0ba588f84f2f71f9450941eb004e8711590555aa6a6f7dbd8267faff9e6aa2291f9edab9d7b057c53db2523e4f0483170926734f3d8849f705cf9db0e8a3b934248dba12ca04000680040028000000000505ac86a1fa25ede5d24b06f5037ab95b8a02609f4b4b6f5dc4a7ecf45beee76ea237a1a113a3c551616be176d4a70af920d29a8d8ba1503b8281c79e4945fc724512d6492bb3cd61c365e77af523a7773427fe3f6a28c1eacfd582e872e7b0df290924b4b41a02ddfc4cc3ce4e11b442e3bd570ac54858af98c7acacf81b34ec232cffffbdd723ce0d4e8699be060f8dfb189bb40bd1bc2df5738afd8e9e70abc656515dfd87f163958bc5f3b507ec9ad68912411f45bf8d641b0be4915eba4d994a000800"], 0x1664}, 0x1, 0x0, 0x0, 0x2200c851}, 0x4) 7m32.968101756s ago: executing program 0 (id=1077): madvise$auto(0x0, 0x2000040080000004, 0xe) openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000b00)='/proc/thread-self/smaps\x00', 0x42000, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) r0 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) pipe$auto(&(0x7f0000001480)=0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) socket(0x1e, 0x5, 0x0) r4 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000013c0)=ANY=[@ANYBLOB="18000000", @ANYRES8=r4, @ANYRES8=r3, @ANYRES32], 0x18}}, 0x80) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_NET_GET(r5, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000400)={0x14, r6, 0x492a92567041df2f, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x20000000) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x10048884) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) sendmsg$auto_NL80211_CMD_ADD_LINK_STA(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)={0x14, 0x0, 0x1, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x40) sendmsg$auto_NL80211_CMD_CHANNEL_SWITCH(r3, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x3c, 0x0, 0x23eb131eae09b689, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_STA_PLINK_STATE={0x5}, @NL80211_ATTR_SSID={0x14, 0x34, "8d351f22fc7d65791e42b1a50813faec"}, @NL80211_ATTR_HW_TIMESTAMP_ENABLED={0x4}, @NL80211_ATTR_CIPHER_SUITE_GROUP={0x8, 0x4a, 0xad}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4001}, 0x40) sendmsg$auto_IPVS_CMD_GET_DAEMON(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f0000002880)=ANY=[@ANYBLOB="88130000", @ANYRES16=0x0, @ANYBLOB="010025bd7000fbdbdf250b00000043130380a8110a80242f39931ca1c7b4377e38d50812547794a06be634cf46e7d76a55ab2b1408d304bb47e066cd26f9a67027f2ca15fcbb011f7b927d7afa56dc11d252d760e9d44dea83d5c88a93f0c4c1e0e68a7316253c8da122b748e4995ad865fa0ef1ff88d3bce1e61f613597e1d859114df1fde58b3366cded3db4cdaae34888b983bd867ee6b8b1588190f29fdb49b2f967aa52a503c55062ac1d6fa29e4eea5aa93b54c12bd0da8af5c57fff81facbd54b9e75cfce92a517172de414e16da5ae7c0be3079435392ed5d3aa5ff9e4c239bc02f7cc73e8f25b88dd2af05241340f7b3cd54120fd4ebaf33a8d67c3653797c99944cf17232e34116b144d2c9b90627b161abfaefc087cc6bcf1eee4c13752e3d2648c3978cc9657b207493653dae92603cd481c70618a9a9add6ed63b004fee43cefdc887ba5854cb3d8465334f356dd40f13d532c7bf284714b0b510e849400f9dcafbfbd736f133bc1d0558d52769656e8a2ed52d8c787f180f85f4501da69f037b3898bd938f44be5476768f23032a3ff945970e6ae98761f33cb616366038777e3980919b6094b0f26459756d39643c6df413954c4a3454c061a744672b15d5a6ec0b9fa413204976522e47ae297c6478ecf7f8d282217fd24031ed26064e5cae6b073eb8c58ebe6a22b7f27a93b5b542181f0143c2dafe4eea68843c291fab93e9233c2ab3f4015d4bf39f9cd18c706e67ab223d749475323478b5b275ac9d587a4d58e6d775b4297c84dc28c9d345b01bbca874087dfda4b11e51523d9b26dab2b371be199bf66d3cba755a4a7f5dffc8e9bdc30cea6e9401fdc65f8e848d4081eddcbe18afe140ea33a20d7879a3b96cc2b00fb42a09c52f5acf69c8d44ca35974bd05f6cd2a43238ec755d8ed806a485e916404b7368869733290437fbcbd733fedea7cbbd93953268a6321e40d3f09cd71565d407a3a657b7eb1fbda87f3b5d9acf024b02f63b2612f18240cfbf50722a2807c6d3197675013d3e28f4952b6a0c5a2b5caa93956feb86b0cbe00b530fbfadd940e41b8d1cc0a98ab8816b9086982ad60327d9c9dd4c22d777ee0d664c4ad31f033f3835816c8ea3a475c3f000cc2396b59a8579fd92731be58b3328eb37c2db982d5ad0d3ebe982ac09fb9990e183051336e50e6e62ecc8f13dd46d7006d64f8a703bad274513ef48e4e7522f61ecf2f21379b2f91604276a9443b3d896aa37b0a9dc602218585dfdc06dc32385907c1bc733f180943f66d961d6914bbff579fd43b017f24ddb698a7eb48f103b7e62f413b9bbbb9a89f64539392ef3bff1532906b8f493c70ca72bfae093be0036289195d80923ba2e7176a65b5c8e365256f3cbfb558037ed5b72788348dc5b531c53bc1a80df67417fe21898fe9c40aae2917bee6ef6c3518a4843d3936c1975a724400a612463a43fde8f60bcc9eb5cce2b5f2de44e13cee424d24cde10468c15139a946b1a0c5f2669fbf4836f8df455aea2ce9888dff2d7f1a071f3acc6b41bb78ecf86500b9524ddf03b8d99a51db0b508158b96a2257ec3aa7c66a132b2058fa044ead711023ca64fcb62045349363a4536b14e544d5ee1301be89956f411930331a4bde494f58258d2298daac6185bf61245e695c81929370cf1c857a19f3964278bbf47f2735f6a6b332afc7c4d09ed53c9982193724f293147fccf917c513d156c2eb49e84416781acbebefb88c93de8dda62a56bbc630dbe2985e95cf29a80e2431f5857c33892d1931f29b9e8fbc42b1b3f86b896badefdcfd7af876a0251110c7ad057fcb2c44707a717f49bec7f662191f7361e84dcabe5798eda7c1218a53f73f960fb3e422cef8385e42f83d11097c573a782b0f276e9fc9b9510042482e740f80cec80cf371a34aa004ffd31bec56f9865da64990b215b48b20d88ec1f2d7c979ad6cd100c8a17451b544c7d5c65765b4b6a27a3fdc3e37e9fec0bfbf3453b16022ea2468f7105c229c4efde40580977740ff8de2630b10bfe94f30f470b8c36eb956fda48d08ae973c0f65014ec0d3273b6846bc9aa507ef6e5073a05cef9c48fe0682dd09de96f742163dad378487129c54af2ab5324f2b07500d2f7961e591201d9cd227929dd88312e9bff0721d6f0feae8083d44a0559fa249680e5c3dfeb0b294cce38ceede118d5929b4e7c444316abbbff270b0aa10ef86c12a2c4780ea0833aa58f4a9efe173cc770a8be49b1888372d0f1a4b54a1ff02bde070cdc71c90b40db3bf4abc4acceea13ef1d599c9029b905f9b18f1c4550a34304ffb3954dd07065aad7282b6700673000696bdae7fb9bf210f2d99755fd932efc2a69c2eb2a6fdaf6a228d98a19f484804469961d36c1805cdd467ea2b1e74341125bc55413b0b7c0818c164e164bc9b12de423253d35445cfbab426dc445fe86fd31fdd8b33a8c0edfe3e19a39734fea13cfb3a3e226b6650d2b89a5557d25b2c197c94e536c8b850086776fd6243061f39feba671a9eaa7f442d11f73a757f386480be6a462b2339b0fd6f7cf613002fefa03de9e3ecb9a32e6b2f5e92b5586986589598ec587eb17c49634ed864774472f3572ae41642b78a79098971e0b9000150de91a5505f01b5d9e45e31c471e8ec4732ca8090fb2ea7b15c7fde0f78dbf74564f5470c1ac11a62a09c4b7c5d4fc36d11a2a7c55de38b1a53d80a5a7a4fac966182a278a7595d7081a260e2af370d2eb73dda158d7913738ddae9bdcc578515516ed6ddcb406de967cd36facb3da77352aed1fd1120934999f3b35794649c7baf03649c05ca117ff8eea21aa75e2499b247cb0fd6f8d7ed0ed962cb98b0115fd55e97298bb2837f0788396d62e2a36a7c12d799d3c91fe1b6b7f1d30bd98de355b80ba7974916702c87087936426faff8f526d0d03b191f5de32d52f29c78eda6b0b6edcb50aa70815cfbda49ef8c12bd44b3a19acdec7399607e41d65ce59300e40d0bb8d0801d9bf3496262c66f114bc6a9e2950f67458c2dc63020afd7acf9d787641dd9fcc93eb59982e73d2028a020a5498ccb6b3b42376d659894d0ad75555cf0ba07c37c8e105f14d65eeac52ea8bfb192f2bdff6f946041536cfe29bf7b3b9dc4c8255e406c8c28afa1f15e17fd0f2678e442323e71f1773ac6770c5069a52c9a93b349c99066c36e2b124afb58b2859b235386cfc22181ed5dea434c69457a79f976608e9e11bacfef49833331769ce7602a6d9a160c6d7e889f08abb72e43a1fc8a74d32b749cf5da1bb037290c516741fd3d4c70d6f0e919524d2b2c9de7bece7922c2e5181c042f97b31bc92c1d4e9e0944c5d92f4706536c1107e41d6c01932563710bb37461005ba00a2b72a78afcfda204c668b8aac7572d8b81f1cd1c55fcc6b28240c66010400586ddb441074c351c17d17af1fc6d95c5b19c8913faf914de8a1aabd4ba0b9827d8596b9fa83480dd060ff10814e7bfc966c3f90eb348dca25da168e23a4fb430e4300c26cc7c8981de1e6bf4f496f766436f0929f78346f2de79ee5ec70e2388aef83f031025ae0711c3ead1031ac173cd9dd169eef893e53920b4d0c8ea7ca171267ed2e38d7d044b785bee0254f4aae20a1f31ed5549822ad100c7ab160bf1a78da44f7435361468868308f19255cab39bc5021b88c1f62bee8b7e4f0da31494f63c74e096bb77fc25a0b0cc158f6d11b2e2b7dfc20d00ccff368239a9cdd833df7de1251184ec1b72eebf4deee3b15815d309f0916d2a391d4faf0b1a674012b262c1f825654aa9efd53362e8fdf6c63dcb7f91a1bcc67913abb4d17880430a753e13e1d77cae4ef86c7231afaea91bd565246028521cc04f6263ce83f8fb8000b69e0e1a9e58d023e1898201ecae087ba429f0b935c83767a1433224cf9786f8b885f562be992a3bef76f3a7bb98ddfbe8f91ad3923c1770d8b13ffddfe01c7d4f746c9cf80379a972183dc7143c1cacb443ab18ebbd60c790fb9ff3b30ca7f12088162f9777f42c484b9e12225c6b5cba3ed3277effb4df49f13413dd4123761160357f1f81c85d7068cc3940ff7dea60a66e56f74a161de060901598b2ae884fda17fa3fa726d96cb50ac8b2798f52232fddaf865807800fd499699f2aea64673a5bfddeb99b000e28b85d57927ca09a21906158382fc1fbd962faac19bff25b0a0daaf6829f986ab2183d99882727e13fa7173aedba027ccd729d4fa8c48e8ce0216dda66e328f81d2b15a1848d71ddc2e40ad150eb10fa5199d217737bbcccab6635d55d99a259adb0c7fa8134001ca38f0a4138b3c61099828bdf83f2499b813d9bb0983c1878fda8ffb746b4158c02cd393f45b4d28bac57e1f8087c28c370b0249ab9dbdcbc9592876a067ba11b281b6d1265f1e28b1f49b1aad1549a6fca54813e90b39fb05d0bf587aaef04e00058d95458a27d2e494348dac225fcbd5423eb6b42b2620be2c584b08abccdca2d3f618c6a7837a117db06ca59f733a1a76513c3fede9a890176ef3452c6af6682c31de40aa8168e5d366b71fc88a9258ab84be9546dd072c7fee267bdcca2ba3acc1abbc381d61a946bd615dd67a50906513bf3566098c1caac664e97be97987d818e88037422c803379265c436f043c5f859558b30b0445d4a87c8dda1372c6e5d22fc4e7145572b26311b05066223fe8afbb88021104852392124eb69576e0bb98fb870e7ae7c478191fb47476aa39a1d5b921f69a65c1dae349ff0741052c439f5ecc2218d2ffeca621ee0ff2437108ac9f64c91d1597eb6f55a88dd4d837a9df6bd46019c50f04aebe5a4282e794c9d40ecddf214856c006774f77eea30586d1f98cc0a436d9be67891588bed45e05cc6e98086c0733f29fd6325b6a16274dee40378de188bbd15542057d8e80fac01d29fac58187f5a86776affd6f94f83e1bf860f724e4112dd97a516461c8cd2350bb1d29cee8b256d1e4f953f8ad4e6b5e7840ad6607d5b244b8128fc25d1f46b60482313825b80609f34d274d111d4374081855d2c99a757e6a188d00c413a0943a59be6dbf77f68cfc9422ce7a1db05c5e96292adedbaef88d9f979e6478f7993e69ba9efcba76d332688b9153d8794feac7d2053f7e5efb5a80bad40cbb90a1f5386747b2ad0b6b4f352f11bd7b61adc02aa12b26aebfa86894cc268ceb1165e9ee95e8a99f9e00222a9b9b4213685dc96a1b08db0dd5df86fe120326af08d07c964a8c6e90023407f1d09ac8cfab3fdffd0911d3f079a8fd715514d7f3cdb6301dfccf0d4cec7c0166bc6f60d74c7189e7587b2ad0f1f5cb8e85885662b42297651c2a3614990ec844d736f4cf248718e2106979e1261d40049bc33b1662a0a3e06663c376846c8d13239fa89d652956f71e44a589e47d862a8a5125f6ae039a1df81fbd28bbd8b9a5bca2020a4ff55cff49899cf946e3b8a471d44c5072771f17053457e9d20f735fdf307091c49fb54689a113e1098910263d91df1975ace71e2f339d2f75d78fceb25d0ea89dd3d74b1327da8935942d9af18ec066dc4cbdba65111d1b9f9c5150a52b1c36c23ba5b04a41d2f71f2a430648840cedf7697dad22b9beb497a046d4e4e9227fc00481c9b6f11edf8e3f17306a4e679d9eae1c8b5a36242216e3140b7a02b33bbceacbc8086c24b5d9c05538109cdb3538663798ec073a841373dd60585a962342d66bed2622a1868b87b1cecba830818fc9bdf2a177f38f6ae4f29e096831d31ecea8d7d20639f6d1ee83b46011e0e02b47b212c87486ab0672fd81eaa77b20bc308b8fc660956c252a6cb1e3d79b620273d96e2c2203ed5da8ab85c7c18f697a4160d26dd619513ccbbcc1cb3da8b13f2ba68bf8cd5a2671cce6306df396614badd1a0243826ea56c3e8ad12276627fd709d71c19291f3163659403a86c81a244a0c34b1f10eb13e6d166e01028ab35fed1a815e43ce718ebd8fbcfde1c275a795653723f5eb264029f41e4e33d3ea51c543ff28b24c9f9a624cd3c10b0400098004004780040091800400a180003f4bb178c306a9a0988fad60d79b24c6cb1c374ef4d57fe45f045647b2e15bfe894feb522572d2554024c0e92c51b42f0a8df24477a1d2008309400a2f425495a8bafd742f7aee6f44e8d8a7bfea1a56ead8a504290b9eac474802d7f20a1d21c635304d9dbecadedf6173db0edb9522c5cf9e573ea3f8f6718192ea4465e5cbc9bfe260e2c20f69a54f1431b51c5a6fe6fa5d8bd8d6cfdaca1587d73b914461116908dbe0c0b1ccf69e71944e521533a3227225d8fa9fe4cc4eddfb38218fb4946ac02461fdd0f8a67c5cdb71bd28115727033b8234c8fc3d61817221ecc1a1c6dcb4e124f5a37846bb895d851982975cbb5aa8f4e3c50795c556627d3348ce31900c008f00ff07000000000000af3f38c375e8a7918418f896c7730fd04a661c18e95517f48e009d801400ac0000000000000000000000ffff7f00000104001d800400a2800efd3cb6b07ad6f6c1b3f5f4cc6e271f8c417e3ff1415307568da7ea3956495eb0a179e118fcb2a774f075912a554e850d2fc14d7dea773428f6c89c09fe4ae9808254a18ba5f0517cf116cfe8825918ac7d7397344722d37af9a02c717d9896a4e1cf51c0e43f47e5f32fd8cc910000080019000a010102f8f652b8ea661f920c117a48453cbc723303f69f8acc36b27281047787cc0a13987ff2277c1be0eafa85d0cfaed586aa48bf3d1ab680809a2c838124f3df3ca9d7b23f560a714abe68037bf70c44f900facf9fa5e783162c330955dc62c9c143a25f83073c2d9706a270fb6c00c8808c95d511df2453c0f600cde1b095726445ef970c796045ad589bd41f9499f2e282a300da6da5bb859835dd7eceeb30b1248322232cf5fc0a982f8e9e84c9747c73aa2524aa614e7fe0a0420d2755872dca9da46298fb6f9eb84bff352017e28a5dd50b1004009d800400bd000008000500ffffffff080005003b00000008000400070000001000018009000a00275b5d2b0000000008000500942e0000"], 0x1388}, 0x1, 0x0, 0x0, 0x50}, 0x40844) ppoll$auto(&(0x7f0000000100)={r0, 0x9, 0x101}, 0x7, 0x0, 0x0, 0x8) shmget$auto(0x5d189ee5, 0x8000000000000000, 0x5) 7m31.718826754s ago: executing program 0 (id=1081): r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) io_uring_setup$auto(0x6, 0x0) (async, rerun: 64) setreuid$auto(0x1, 0x3) (rerun: 64) tkill$auto(0x1, 0x7) (async) swapon$auto(0x0, 0x3) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) (async) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x4040000) (async) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) (async) socket(0x2a, 0x1, 0x0) (async, rerun: 32) bind$auto(0x3, &(0x7f0000000080), 0x6b) (rerun: 32) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/cpuidle/uevent\x00', 0x20b42, 0x0) (async, rerun: 64) mprotect$auto(0x8, 0x8000000000000001, 0xd) (async, rerun: 64) acct$auto(&(0x7f0000000040)='\x00') acct$auto(0x0) connect$auto(0x3, &(0x7f00000000c0), 0x55) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) fcntl$auto(r1, 0x3ff, 0x5) (async) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x40) setsockopt$auto(0xffffffffffffffff, 0x4, 0x8001, 0x0, 0x2) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 32) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) (rerun: 32) gettid() connect$auto(0xffffffffffffffff, 0x0, 0x55) (async) mmap$auto(0x0, 0x5, 0x3, 0x16, 0x3, 0x8000) (async) unshare$auto(0x40000080) (async) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) madvise$auto(0x0, 0x20200, 0x15) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) open(&(0x7f0000000200)='./cgroup\x00', 0x400, 0x23) 7m29.695858421s ago: executing program 0 (id=1083): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000100)='/dev/usbmon4\x00', 0xc00, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x24, 0x940, 0x1ffde, 0x3, 0x3, 0x8000002, 0x9, 0x5, 0x2, 0x4, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, [0x0, 0x0, 0x0, 0x243efbdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffd, 0x0, 0xfffffffffffffffc, 0x0, 0x8001, 0x80, 0xe6e, 0x0, 0x0, 0x0, 0x2]}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r0 = socket(0x10, 0x2, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/set_event\x00', 0x20001, 0x0) write$auto(r1, &(0x7f0000000480)='nbd\x00', 0x4) mmap$auto(0xfffffffffffffffe, 0x400008, 0xb, 0x9b77, 0x3ff, 0x8000000000000000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) ioperm$auto(0x7, 0x6, 0x80) setsockopt$auto(0x3, 0x400010f, 0x100, 0x0, 0xfff) listmount$auto(&(0x7f0000000140)={0x4, @inferred, 0x8, 0x4, 0x3ff}, &(0x7f0000000440)=0x10, 0x8, 0x8) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) stat$auto(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x0, 0x5, 0x7, 0x8000, 0xee00, 0xffffffffffffffff, 0x0, 0x6, 0x4ff, 0x8, 0x800, 0xa, 0xa58, 0x3, 0x4, 0xce, 0x8}) shmctl$auto(0x9, 0x92c00000, &(0x7f0000000240)={{0x2, 0x0, 0xee01, 0x9e5, 0x4, 0xfff, 0x7}, 0xb, 0x3, 0x10000000, 0x35, @inferred, @inferred, 0x2, 0x0, &(0x7f00000001c0), &(0x7f0000000200)}) r4 = getgid() shmctl$auto(0x0, 0x1, &(0x7f0000000380)={{0x5, r3, r4, 0xa9, 0x0, 0x52, 0x3}, 0x6e98e4ec, 0x2, 0x7fffffffffffffff, 0x1, @inferred, @inferred, 0x1d1b, 0x0, &(0x7f0000000300), &(0x7f0000000340)}) chown$auto(&(0x7f0000000080)='./cgroup.cpu/cgroup.procs\x00', 0x0, r4) setfsgid$auto(r4) shmctl$auto(0x6, 0x4, &(0x7f00000001c0)={{0x7, 0xee00, 0x0, 0x7d, 0xe5a61ce, 0xb97, 0x1}, 0x5, 0x9, 0x8, 0x8, @inferred, @inferred, 0x362, 0x0, &(0x7f00000004c0)="bb188662ce07e4", &(0x7f0000000080)}) r6 = getegid() madvise$auto(0x2005, 0xfffffffffffffffe, 0x2) setresgid$auto(r4, r5, r6) fstat$auto(r0, &(0x7f0000000380)={0x27, 0x1, 0x3, 0x1, r2, r4, 0x0, 0x9, 0x6, 0x9, 0x200, 0xd0ac159200000, 0xb95, 0x100000000, 0x34ba, 0xffffffff00000000, 0xe}) socket(0xa, 0x5, 0x0) socket(0xa, 0x2, 0x0) getsockopt$auto(0x4, 0x1, 0x4b, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x3, 0x4, 0x4000000000dc, 0x40eb2, 0xa1c, 0x8) 7m29.314928148s ago: executing program 32 (id=1083): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000100)='/dev/usbmon4\x00', 0xc00, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x24, 0x940, 0x1ffde, 0x3, 0x3, 0x8000002, 0x9, 0x5, 0x2, 0x4, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, [0x0, 0x0, 0x0, 0x243efbdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffd, 0x0, 0xfffffffffffffffc, 0x0, 0x8001, 0x80, 0xe6e, 0x0, 0x0, 0x0, 0x2]}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r0 = socket(0x10, 0x2, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/set_event\x00', 0x20001, 0x0) write$auto(r1, &(0x7f0000000480)='nbd\x00', 0x4) mmap$auto(0xfffffffffffffffe, 0x400008, 0xb, 0x9b77, 0x3ff, 0x8000000000000000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) ioperm$auto(0x7, 0x6, 0x80) setsockopt$auto(0x3, 0x400010f, 0x100, 0x0, 0xfff) listmount$auto(&(0x7f0000000140)={0x4, @inferred, 0x8, 0x4, 0x3ff}, &(0x7f0000000440)=0x10, 0x8, 0x8) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) stat$auto(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x0, 0x5, 0x7, 0x8000, 0xee00, 0xffffffffffffffff, 0x0, 0x6, 0x4ff, 0x8, 0x800, 0xa, 0xa58, 0x3, 0x4, 0xce, 0x8}) shmctl$auto(0x9, 0x92c00000, &(0x7f0000000240)={{0x2, 0x0, 0xee01, 0x9e5, 0x4, 0xfff, 0x7}, 0xb, 0x3, 0x10000000, 0x35, @inferred, @inferred, 0x2, 0x0, &(0x7f00000001c0), &(0x7f0000000200)}) r4 = getgid() shmctl$auto(0x0, 0x1, &(0x7f0000000380)={{0x5, r3, r4, 0xa9, 0x0, 0x52, 0x3}, 0x6e98e4ec, 0x2, 0x7fffffffffffffff, 0x1, @inferred, @inferred, 0x1d1b, 0x0, &(0x7f0000000300), &(0x7f0000000340)}) chown$auto(&(0x7f0000000080)='./cgroup.cpu/cgroup.procs\x00', 0x0, r4) setfsgid$auto(r4) shmctl$auto(0x6, 0x4, &(0x7f00000001c0)={{0x7, 0xee00, 0x0, 0x7d, 0xe5a61ce, 0xb97, 0x1}, 0x5, 0x9, 0x8, 0x8, @inferred, @inferred, 0x362, 0x0, &(0x7f00000004c0)="bb188662ce07e4", &(0x7f0000000080)}) r6 = getegid() madvise$auto(0x2005, 0xfffffffffffffffe, 0x2) setresgid$auto(r4, r5, r6) fstat$auto(r0, &(0x7f0000000380)={0x27, 0x1, 0x3, 0x1, r2, r4, 0x0, 0x9, 0x6, 0x9, 0x200, 0xd0ac159200000, 0xb95, 0x100000000, 0x34ba, 0xffffffff00000000, 0xe}) socket(0xa, 0x5, 0x0) socket(0xa, 0x2, 0x0) getsockopt$auto(0x4, 0x1, 0x4b, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x3, 0x4, 0x4000000000dc, 0x40eb2, 0xa1c, 0x8) 3m42.893655597s ago: executing program 3 (id=1726): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008000) write$auto(0x800000000000c8, 0x0, 0x1a) mmap$auto(0x6, 0x9, 0x6, 0x32d4, 0x10000, 0x80000001) ioctl$auto(0xc8, 0xffffffff800454dd, 0x4000000000008) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x7b, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) mmap$auto(0x0, 0x7fffffffffffffff, 0xdf, 0x15, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x101200, 0x0) read$auto_tracing_buffers_fops_trace(r0, &(0x7f0000000040)=""/111, 0x6f) close_range$auto(0x0, 0xfffffffffffff000, 0x0) getsockopt$auto(0xffffffffffffffff, 0x84, 0x1b, 0x0, &(0x7f0000000040)=0x400) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x4, 0x4000000020df, 0x40eb2, 0x402, 0x300000000000) capset$auto(0x0, 0x0) r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/pagemap\x00', 0x583d02, 0x0) read$auto(r1, 0x0, 0x39b8) mmap$auto(0x0, 0x20009, 0xdf, 0xeb5, 0x40000000000a5, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) 3m42.440766899s ago: executing program 4 (id=1728): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/netlink\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) socket(0x1e, 0x1, 0x0) socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x405, 0x8000) move_pages$auto(0x1, 0x9, 0x0, 0x0, 0x0, 0x2) setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x567) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xa, 0xb5, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0x10) semtimedop$auto(0x0, &(0x7f00000001c0)={0x7, 0x82, 0x1}, 0x5, 0x0) mmap$auto(0x6, 0x2020009, 0xc6e1, 0xeb1, 0xfffffffffffffffa, 0x8002) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000780)='/proc/sys/net/sctp/udp_port\x00', 0x101000, 0x0) semctl$auto(0x8000000000000000, 0x92e, 0x11, 0x929) r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x2a8802, 0x0) read$auto_proc_pagemap_operations_internal(r1, &(0x7f0000000080)=""/250, 0xfa) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) ioctl$auto_PPPIOCGDEBUG(r2, 0x4004743c, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/neigh/veth1_to_hsr/unres_qlen\x00', 0x141201, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r3, 0x0, 0x0) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB='J\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd7000fcdbdf25020000002c00018028003c8008001b"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x48000) recvfrom$auto(r4, &(0x7f0000000180)="93042ce08da77c9886fac17c2894d1f3be6847987c00e5edc547777244115f26171f8a89abdc4255af0a4a3bf1e51c8d", 0x6, 0x800, &(0x7f0000000280)=@ax25={0x3, @bcast, 0x3}, &(0x7f0000000300)=0x30e) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) pread64$auto(r0, 0x0, 0x8, 0x8000) 3m40.942457906s ago: executing program 4 (id=1731): r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x28082, 0x0) ioctl$auto_PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2c, 0x2d, 0x0, 0x3}) (async) ioctl$auto_PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2c, 0x2d, 0x0, 0x3}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/zswap/parameters/enabled\x00', 0xa001, 0x0) write$auto(r1, 0x0, 0x3) setsockopt$auto(0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000180)='\b+l\xf1\xef\\%\xe9p\xd1\f#\xa2\x80\x1d\x87Q\'F\xd1\xff\xf7/0\n\xd3\xc5\x89\xf6;x\xdd\x8aM\xb4\x8f1\x15\x89l\x9b-w\x8e\xf0\xbf\xca|\xce3c1w\x1c(\x8e\x1f\xa4\xb9\xc7gO\xb0\xee\xa5\x11l\xa2w\xbc\xdf\x9d5\xa2\xc6=\x85`\xde\xbcq\x15\xfa\x9c!m\xc0\xb9B\x1e\x90]\x84\xbe\x0e~a\x02\x8fvm\xf9\t\x9d\xbb4[\x81\f\xbc\xe2S\x93\xe1\x89\xb5\xde\xc2\xcc=D\xc1V\xaa', 0x9) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x15) (async) socket(0x10, 0x2, 0x15) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/swradio0\x00', 0x1601, 0x0) getsockopt$auto(r2, 0x5, 0xb419, &(0x7f0000000000)='/dev/swradio0\x00', &(0x7f0000000080)=0x2) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0x1f, 0x6, 0x20000001) sendmmsg$auto(r3, &(0x7f0000000000)={{&(0x7f0000000040), 0xc88, 0x0, 0x0, &(0x7f0000000140), 0x8, 0x80000000}, 0x5}, 0x3b8b, 0x800) (async) sendmmsg$auto(r3, &(0x7f0000000000)={{&(0x7f0000000040), 0xc88, 0x0, 0x0, &(0x7f0000000140), 0x8, 0x80000000}, 0x5}, 0x3b8b, 0x800) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000200)={0x4080, 0x149, 0x3a}, 0x18) mmap$auto(0x0, 0x7, 0xdf, 0x20eb5, 0x40000000000a5, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) shmctl$auto(0x9, 0xe, 0x0) (async) shmctl$auto(0x9, 0xe, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x5, 0x0, 0x102) (async) bpf$auto(0x5, 0x0, 0x102) sendmsg$auto_MAC802154_HWSIM_CMD_GET_RADIO(0xffffffffffffffff, &(0x7f0000001600)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000015c0)={&(0x7f0000001f40)=ANY=[], 0x5208}, 0x1, 0x0, 0x0, 0x4}, 0x4c000) (async) sendmsg$auto_MAC802154_HWSIM_CMD_GET_RADIO(0xffffffffffffffff, &(0x7f0000001600)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000015c0)={&(0x7f0000001f40)=ANY=[], 0x5208}, 0x1, 0x0, 0x0, 0x4}, 0x4c000) connect$auto(0x3, 0x0, 0x54) (async) connect$auto(0x3, 0x0, 0x54) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0xc8, 0x2, 0x9, 0xffffffffffff8001, 0xbef) madvise$auto(0x0, 0xfdffffffffff0005, 0x19) 3m39.664057506s ago: executing program 4 (id=1736): mmap$auto(0x2000000, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x40090) close_range$auto(0x2, 0x8, 0x0) read$auto_def_blk_fops_fs(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/partitions\x00', 0x200, 0x0) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) mmap$auto(0x2000, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) 3m38.625011271s ago: executing program 4 (id=1738): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) fallocate$auto(r0, 0xff, 0x4, 0x8) r1 = socket(0x10, 0x2, 0x0) r2 = socket(0x1c, 0x3, 0x1) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TRIP(r2, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="c8e50000", @ANYRES16=0x0, @ANYBLOB="000427bd7000fddbdf250200000004020d8014005b00ff010000000000000000000000000001ec002580040048800800b300485352000400fb80b2b6ed28bb76d1522fe9fef1787afe5ed4a773fcf9fa6bffc158d7c6f681353dbae450e1a199897bff36f771843536aa4db8fc4e7c429149d4edd8f59bab9ca4810bd02a55d8a37c6b43a6245e2d108a6ae12618898ee805c3b6e2db888d0f8d131e54cd419828fa185f0dbb4bbd0810bbc5d8123a31f64e5bf848600f1efaf9ed1b269bb0c1e3e8484d4388b26cc598be2aaafb6096bd89b66d764ff25a671c8074073872b8e0f11d3242a1ad095ed0e348f16a03f2319b06477fecb8c7ea5b1d4e91ed048e699cdd72e5b60e24ef62e83698497679bfb40f004400534d435f504e455449440000ed001e009a638f86b86c5828ef57301f3b99dd84068dccd2f6b37fa537bf7cd5ab95eb0057e2685989444e868ed62058dd19d31bc181f42866f5f49a435b33a7350d6bbb546efb76cc665575eb48e5e98dddb2277a37280939d3d6e601bb6800b27e1ed31221e9c364c3c101b7ee8f31111649aa5de9e3563acc7078f0791930f8e51892c82175a2efbbc9845009ad22f1846d449df26a2323aba2a4beafa3a338ef04dbba1c9dd70d278e2d86184f4e682e20ac43f2406614848b91ed44a04d5d0407ff2f82fd93da7e6d6b90e62545877327cc0dd113ac482b3b5b3310c250edadf2552d47d429fd9b05b14c000000a00015800be6ae3016ec00d2e838a8c132ef137c709d7e4fd5727c445b00ad7f4e21c4a04135e379591f530f4dfc59dcf200644ff039fdf97b7eb5e5236612cef6436d1eedd5c85b8ef3d656b7e1e31009b2aa9beb496dcf3f4b2781d0c565ed95da9b4562a81cee88fcaba68714a60b3b997e4a6ef3f4bf8fd96d1feeda3a95a46551d3c2563b3bff16c236a50e1044155dab3c2d01c3f1ae2e34fd81da86b208000700fdffffff0800080004000000"], 0x2c8}, 0x1, 0x0, 0x0, 0xc4}, 0x40040) madvise$auto(0x20000000001, 0xffffffffffff0005, 0x19) socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000680), r1) newfstatat$auto(r0, &(0x7f00000006c0)='./file0\x00', &(0x7f0000000840)={0x2, 0x7, 0x5, 0x6, 0x0, 0xee00, 0x0, 0x3, 0x2, 0xe24, 0x4, 0x7fffffffffffffff, 0x790, 0x5, 0x200, 0x3, 0x1}, 0x1) r5 = clone$auto(0x401, 0x100000001, &(0x7f0000000700)=0x100934, &(0x7f0000000740)=0xb84, 0xfffffffffffffffa) sendmsg$auto_NL80211_CMD_SET_HW_TIMESTAMP(0xffffffffffffffff, &(0x7f0000001c00)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001bc0)={&(0x7f0000001c40)={0x137c, r3, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0x6b}, @NL80211_ATTR_KEY_DATA={0x18, 0x7, "91770dbfda1710dcca11206ea050792ad1c50a86"}, @NL80211_ATTR_SAE_PWE={0x5, 0x12a, 0x34}, @NL80211_ATTR_BSS_SELECT={0x1338, 0xe3, 0x0, 0x1, [@nested={0x103c, 0x107, 0x0, 0x1, [@typed={0x8, 0x9b, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @generic="a43f333daacd419447bf2b1599789fefc3b968fd93bbac50a4bbbd0fc19dcc8a176b1a1a3521c3936f8cde4c4b2d7e50b8964cf909fad036cd7b6318d0d5ee9d49fbb3d48ac53235731de6cda19585dc7e9eecc64d387fc979e220dae39eb7e7c42c7ddb6ed3ecdd385d931171c49570375b8922bb27052a4f948f2d2f1bb7da723a589330032fa5159604729d1c483e00525823050382d26c2b155dc4f71a28f9e7da5b0fee2028760e08fc2115c5a2899434292b98c969e399428badfd575caefbe714aa34f0d180c7a9d1d4e52badafe06b6bbde77726813489338470a5715b9ef1db517463a72f70d92bb4bc5c1d952fdd5f27f3466bf8eadda314664860f21f918e2175c852be6727dbbc503bbd42e07a33536d04e7a25703407244b4cdf086aa162cc8b82d2a2a6dd953e24a66eb566ad5158b87e3d4703cb43411857a69ffe48c5c3aa845991259e25059b66ccfcfb7f1e40df6a8b62bcd7b16568ccecc8bb78e41a5f722f4c08248047efb587d8f57f07c10be0a77e7b7566c9ed18a1872b5e04fb9057db3ad48c744bf3d2460c0accf77fd482cdf9f45589165165a99d95bef5572775cf3178cb681d13dd83a456f880266b356ee7aaeb9e64921e4d0773f98de683a6ba3e48088198ad48c03f51cd0f112206e3e5d52387c0800cfd5bcf96e1ba61cfa79ab086dd13ccc0efde13b64b61feac330de702a5015100dd7663b221943db86d1919676ab7fdb464f8b4b1099cf8f7e2c99f99fe87c2a53cd1faa8b54c10d5560cd29c94bf857e6ef8c8df7f80332c319c0058ef00ecf5d55c281b376f96fcbb53ceb25b32611b04c6847ec35c01ed6d7cf69584b4c465aac020c61bf26a23e67e14066f4b5464f8735894b49edf69cddb1cf44e6d00912c497a98d1140a42e9655340284ebee8921656cbfda20efd2f917c6199d325c872014943695aa33bb4ac66de6ee174295f9869fa928d53cf13e14f2705538b80205b721dd5bee43ecb4828c207d7cb959405999fbbfe49289ff3212b0a3d16547c75c894dd321b7360442d0ef54c44701212ddfff729d7989268e09cc64eb65c6f6d73d4b52d74761d239da924016b799a20b9066bbe3adbe1f131c437302db8941369ff6458aa10f45d56bce851429da34398b6873cbe78e89ea00ad39f16ab285e167df6c5baa6234f3ebba4a4c2b658c3221a8a6bc6567b592dfff8bfb8703d0def76962fe12dc3effab26a98709893a27365fcfc30d45966b22b3aba98336d6314cb613021a21c74a8b23263036f4682e6dbe199923789ed30969140966588905f2c9f9836588e452f91773539f2c57d70579448c53e9e61742843d7ae50e21b114e04f20f731b1c15cf6ee519135915da79dee1af8bad36bd8f8be4e07d2cbf539e9b4c461453748fa566fe0f6c607732b014a1b4e97d6499b62556a1fe0da7d1c3472eafa6ca1b3458a9da1c49f0b65603fb1062e36dc81f2c1db61fb8711e2a46ecef64e50a2a09b36ce488fdf7e5e07910866f8e06d980de8d685e3fe962da8a60f90c5613a9257d2ea06ff6794c0451efe571fdb40a51e3cd05b5a03ccc7553bec824336f94c088a7e6642d68f1bef9139f27d3f75379e93a2d3dad7a8e4b38a21dc196e12c0346dab028f72c2632944b946c534e1cdd97b31f68e8cb6e9e1e3b88864d8b589f8bc8f25bab2c1d0f2288918593d584daa4563b9ad4c2f6339c49fe6cbbbca277e373a83c96d43aafc5ecd45bcd5e3810642c7f76355cd3beab9de92488f10086e5de4acd8283738b41409a3975b5cfd619889cc6816da9caac1ac7ed7995e44308a7997ff19677a27450aaedb398093239bc356a4c9562d43bc2ef4f2e2b868a1703d94bb3be1abdd645361804d83b5503e08348f563b08abdbb2c09cfd233d8862ad1d86052b752c1a448819ecf0435fbbbe50ccf53fd20b98f546b8f1151b375e5288f4fd0e5c2e111e9940624915907c8d5aef840d2e12341bda01c315e10523a8cbad0e10344c2755096aa358126e6d5e15b514532a4296a064a8f928cd8724c85d5c1bbed89288a01df0196b948983b817298a91b83a55279cf4983c037453cc6c42e87365c30888ad2b6226edda2ae0bdb99f9f8f601060e86683206ea42d73feeccc843af90353010be7621a7182664a05612e2a01ae976f2c7bad5614d4eb29f8bfeee015ee4dff67beb0a1c86d045fa620ca7c5a766502e08dfbdd8a12ec548c3527fecb31d626afc64d91615fbf446787301b949229b5a7b7957e0bbf1ffefa97ca6709f6f701587347bfa0ddccccfe618348aa9f043ef4ba9f36cefd5d82efd85b9f11bd9e247d947208dc12c04d1006dfb3cafd086ceae303e44c5ec51c396ee214bf1a9b14bb6e5b22c9dca98cca443cb9da5bb71b6ba435afe559735e7d4ad5994840edbf40e99e470a587f236028e214147e0ae353e965741f08eafaedb9a681497347a4db6acfdb971727a743ebcc27efe5e5a11c3d225a5a862d70307c03c8d41a56251d4851f9e9d623018aa3b6661db28bb7dac0705ad701a821fdc63221528ac6f0ad84c9589b778d9975282328a4b5d519bb32e52fd903f0cecceacbc7da28bb22d7c30e0120520950aa597011b8a9c41fb5c0cebcee450c986d9fbfe4309e35c01004b5f717958c8815d5337428b674ce9ab7b777491975cce665dbaa8db54de078754ec2d29153014c46059e5b3fb2900636fd14781aa77b88f2b1bd171e5e88ba6e9853235493547375768eef72db3711dface48576f92f91f5ba69d31fe3d1075ce8946aa3a94054bc1ce1313e87a5b15504d5a55ce074206f84112632174b469cfff5f0ac62d97efae7b8b6654e4867f04bd5fe3fe2d5b6541f194e45ee4f44745091c8b99ce38483a6455e747efe1f4516d91db234801d497c48efbecf7cd04655fade8f18d2ab8f7e6c767a27bb89e9873dac67e4d081e88de7312d63007be11fbf5ab9c0aa6d6b792cd73b1122a6f831b32e9350f61c2e936a140babcf0618da403f559011f99cc9c093c70e613bbd5bc9cc03be854704b5496376b5dc8c4b5980e54d791bedb0e23620f3b72d6e7352d8d4bfe6df367345d1cf3266615654c75e74385f0e02b90d464f40d3063f50eca41343538dec3ddc8084e67334ab599e4cc15143f891143e6508d85ed88ca792b691c7259818af5c2e9ecf62043a245de1e865aaf07a00234f0e2e9f022f49814b54b5c99c47610fa7d3517a09b7c31314b2a7cbad19f20dfa7506615af47a2435ea3c17192d5a1dee864b33bfe8be8c20319cd595a8ff5e90c7faa1236636ba7402c88a068b5210c8e0bd1f022559c41e54d30f27bb4e107dcc16cf7f3e9e3b7a45872af02671344e462d612e6af7f11b8a5295db9ad395b11ca0c2868f7772b141e7768dd82cbd1c4a5ab8bbe60415f6415a9c33ad6b2d5afe388f700e717a3283d51b4605b978bc5fdc168ff17d74722ade0f9139a784fd7a93511c212510b6a480d0ccadc19e3de48500e30af44703399fcb68621fb20436f9b40deb62d0e865371e295d6dbecc1a56b9d64dda696448e5c872df1e4db76e5060683a3838d6fb8fe132e22bbe3a6d6db65a70c89da59fe70a3d12beeffe19af898be863a7988babd75da2d45ce11959d768b6dd0f8ed9937c6cd64a3b4e2c0ef1e514ec93327c1211f5052d1184c3df45e8c0652cab2165a10901730bc62e2e0686f3702ec35e37a9c57cda685ec2bb6614f48f2f0433e16aae74ccb693c2c52c807481d00fcdbed2b225161c8470ec1c93cce47151415aba221d57993396721541a46d42c25e252a1e1c3a525f8762390a522e31d5eb437f89b17fe54ff870febc872230a3067bd52cc0cd11990925635734fc654f0c3592ca6976813105f2e73ca165be1406f725136d1869157aebd5415844e2b636df520cda3fa3dfbfd2842749a0b33e242ec5ffe624ef1de9d5b1b7bd0297ac0e5a9de4ebf0710e7a4073f6aa5c6db0e9f275f67aee3e74e58de334e587af69eacea36871e13964b9773263104893a056fe2c951b3278d91e8f122c0972cd7c9826028bf6287c1fb263e1753141b08061eb02e96b101adf17a838bd4a0685e16a29e5c3b789d4de6423155b8e18c519404bfb980891bb3ddef685153e01a102aca2537bb283a6e37e120f82ca86597319cc6046752d1f79f1b6743a9a698c97966d4de56d2cb81e7656e177a98ea8765c1534a6fae6cd2c7d599f69b3793ebaf59c576fff557f2e39ccabf3cfa7ada73783c36bf62693cc8bbdaecd41b75c006ea32bd27e9a72684e0a5ce4b3d376658c522557c552fc02bbd56175a4be12de1c33bffea66b226ab13bf1d3dcceb83b2ddf274ba5892e56937b247eebf260a650b45bd8162df3746d9a9acf96b56f15a009f701d630ad54bb724e7f3d79addc861f710bb369e9e7297ff84d644249c90b7959e5b7b462ea8c69bd513dcfe750686b2814a75b0f348ea0342121f29f108c42868797136aee383b8ccb389da79eacbcb7d1e244e0e84bd0db9a01d2341e14bd9858a8c3086ac3c4facfe8f6327ad9bbd662b980f34ea8f83d68abc92ceacf3f32c9c0d68a7adadc6bd506d892dc58c7c4a873b17990f2aada13ea84890b79c74f7c851cdaef1a566078d740f9ef01f2a5e0c290592a3ea0fe533b8379bb2598c2470cd0f9faca8714af12e4a862a90cdbd7d7aba2f472ba92e998d5621959f15f80ccb8042c8f149326d0421ec571c0a990c227bb33497bb7c6e4aa06679e75c7c9f07f426d6043dbf313796ca5f4f215d24179106c263f999820f0b7d10b4b1f5830a387d3bcdb36b54ffbee5824a95d45d629c3dd2b005f68aeaa7fd043dd62a202e5cff4c172d419a8d15b8adf30abf868d17824656a9f9c14cc3efd9dd851d2035b1dff775efde50ccf4fcc4516498e8025e3bbcda43a2c1198779365dba44172d35f0af7e0b6876e30aa9714b402ea5394b4ef9eef38f9edccf1d227535fcd3a2eef588778bf18158b8635adcc4302002c00580129d92afe31b412bc62381a0de20a4be0b3db99bcc71b0f29737e2f73c4ef6f51acffbd3dbb5b0578ddb2d6bda4d8204e11234663d69057b6b1605fd54be63ef83b0762ce7de95648342ba0b755f446f1f748f87d40aa750bc947466362e79077bd278ec78adff8f81a4adb243e7ccb4288b53e5632cfd405cb4ac5c3530d380faeaf138308371c374bf503cf047f56584f7e4b5b0f51d0859eb578d0f55a3d8f5c416bcf18e6fc93d632812916253396b3eadc16c2a8c51d0ee4043ced42477e6fab612756985a469efc0043e30f6f248bf677fbf8e8dfff8def4c9d8207edab2b01d7790e4137d99b3c9afdbe82ec2b2bbb7197956a9e8ede2441111b163a296312c1eb49a99af34625ebc60996c31dfcf9c12131ac8dce92c4f19a0130b2431d1b8662e9b2eb4f5b3d3e06fe3fc94cbc810696cf97b3cc3c8625883635cacb28250ecaece1091f052ee67caf3a019558b3dfa2c76deb48ed14ed31118033e7f04a837cf7fcd00dcd1054175d5db2188c6c3a7370ec8804d3f12186c733ef85d4724d13b84c29c6654b167dc87f9c4da2d57f56a2cda8dce1dcb72b8a38c9d10f1563f56277ef464d67a5f81263ba806a4f55e53bbedbefa9a874fa39824b72304b0acdce93b3103c6615a7c3c1ff22b524fb5d16aebd04a4e4d22906c03a7084f3a4227bc92cbc6130f2326d76c95f8045aaa8d59820688594a56b76e2e857cac8cf3ed6930777e0b1289c2e1a8e9926481f913a15eeb13cd4a610a9", @nested={0x4, 0xa7}, @typed={0x8, 0x75, 0x0, 0x0, @uid=r4}, @generic="a31002da27c42062640677d85504a4fd3ff815dd0782940d1fd129c01a0893a3a0d782b9"]}, @nested={0xf9, 0x14, 0x0, 0x1, [@generic="3984cdb27605c5d4286ea23d9ca2997f5b022a69b5fcd0aed2c8a8049532e609f9a8b3d7a85d188aefd04fb4744c4eca71da00e88caa0625a1ec14c38fd12cf79b06bdbb91a9799c41a6df92e69bb0165ce5ee15df7598fd44886f752a955b8dae3c18891f19e9ef5dcf24034377c4a058bf71b9cde7b75394d11e99f9445a62dcec444e56a7190a74f64d043c26309d2c6d1bdc6ab2b81f544c2c8343ec15d5fc4ece38a93f25382430a3e3bde4a8bc1172a32300eda07e0248ecf0fd82568180ca048359d0196ae01de0788d8242a1eddc32e5fb29b3a926b7e5c106ac2f08080d40d09d659bd08c35a76b6b2a4003f2f5b3a58d"]}, @nested={0x1fc, 0xf, 0x0, 0x1, [@nested={0x4, 0xd3}, @nested={0x4, 0x49}, @typed={0xcb, 0x3b, 0x0, 0x0, @binary="8a9b5c2cd7c18b16e59523f96b7fe0e06fc8fcfe12b43bf62303e3ee508934af38c4dba26b3dc49003e69ee746343c53d25681107ed1ef930666bd40d3a1ca687a1e922f0f8deb9adda0d29b95a89d04ba72499531b7d41d93ba8984eb0d0bfc1f4b46c8543ee7b4be96d66fffe704da288646728fa3b6d714a2e4bbc346566402a7de879df7ba9ae613d6b9bde47a6f99c394f81910bc351616b9c7d1d6457b636981ac8a84ca04e4e2ca7eb76dbdd4e580c5b5a731def6fd85748533b157e7ac7bc67f53c38c"}, @generic="80f2e8514a7283511f4bd13e0ec7e5b1d33e10712f28a052c5b22b63929b3217d3134c472b7175f6d150826ac0d5a00f01f73edd1ca9e84b74ad259aaced7d718db1d6de984d2240e58523e79a007181661f495a896ee302f29fcc6f3325d04bf1de30964738983f7af33219addff68158ba", @nested={0x4, 0xb3}, @nested={0x4, 0x85}, @typed={0x8, 0x5a, 0x0, 0x0, @pid=r5}, @typed={0xf, 0xbe, 0x0, 0x0, @str='SMC_PNETID\x00'}, @generic="11371fbcd8d9900a533f46fe469478c10b14c4ee01ed3a7ba313e81c91c5b4714e4ffdb1f614f1d2b28dd83bfd31b4ee359422697c666633b41b9a256c8ca090c3ead4e4f9602a9f76274f5e43e71b164979bef20f3a32493033f66689ae1d212ffe20b3b727bfd36a8cd596833860fa596dc178fc03b144188a891150bf1908efa7da42aea68c6a16cb447bb809f094a825"]}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x4}]}, 0x137c}, 0x1, 0x0, 0x0, 0x27bebf7e6bcc6bad}, 0x200440c5) lsm_list_modules$auto(&(0x7f0000000140)=0x3, &(0x7f0000000180), 0x6) lsm_list_modules$auto(&(0x7f00000005c0)=0x9, &(0x7f0000000600)=0x9, 0x9) madvise$auto(0x0, 0x0, 0x1b) madvise$auto(0x800000000, 0xfffffffffffffbf8, 0x3) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_SMC_PNETID_ADD(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="0000009295ca5a562dfddd77885eb476e4cd44fc3a8aaf541fc8fa125ad80997326c74da21aa61a1230d46be", @ANYRES16=r7, @ANYBLOB="638429bd7000fedbdf25020000030c00020073797a5f74756e000c000100657468746f6f6c00"], 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x1c054) io_uring_register$auto(r0, 0x10000, &(0x7f0000000000)="8417c768565e250fc75eb222c3788fcfa24f26606a", 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x23, 0x80805, 0x0) socket(0x2, 0x7, 0x8) madvise$auto(0x0, 0xffffffffffff0005, 0x19) getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0) syz_genetlink_get_family_id$auto_hsr(&(0x7f0000004400), 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 3m37.497445401s ago: executing program 3 (id=1740): socket(0x10, 0x3, 0x0) r0 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000002c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r1, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000b40)={0x1c, r0, 0x101, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x60048400}, 0x800) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mlock$auto(0x4, 0x0) mlock$auto(0x7c89, 0x47fff) mlock2$auto(0x1, 0x8001, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='@', @ANYRES16, @ANYBLOB="1b0026bd7400fddbdf250300000004"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00'], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x1}, 0x3, 0x0) 3m36.725827151s ago: executing program 3 (id=1742): unshare$auto(0x200) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') mmap$auto(0xffffffffffffffff, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xffffffffffffffff, 0x0) r0 = io_uring_setup$auto(0x6, 0x0) rseq$auto(0xfffffffffffffffd, 0xc93, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'syzkaller1\x00'}) socket(0x840000000002, 0x3, 0x6) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x4) ioperm$auto(0x7fb, 0x1, 0x4000007) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000280)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6nA6\x1a\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x2, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) getcwd$auto(0x0, 0xffffffffffffffff) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r2 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000240), r2) gettid() r3 = getpid() process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) write$auto(0x3, 0x0, 0xfdef) bind$auto(0x3, 0xfffffffffffffffd, 0x0) prctl$auto(0x8000, 0x2d8d, 0xfdf2b4b, 0x6, 0x100000000) 3m35.531291665s ago: executing program 3 (id=1744): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000140)=""/212, 0xd4) 3m34.972274374s ago: executing program 3 (id=1745): mmap$auto(0x2000000, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x40090) close_range$auto(0x2, 0x8, 0x0) read$auto_def_blk_fops_fs(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/partitions\x00', 0x200, 0x0) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) (fail_nth: 5) 3m33.764945388s ago: executing program 3 (id=1747): mmap$auto(0x2000000, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x40090) close_range$auto(0x2, 0x8, 0x0) read$auto_def_blk_fops_fs(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/partitions\x00', 0x200, 0x0) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) mmap$auto(0x200000, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) 3m33.177354818s ago: executing program 4 (id=1750): mmap$auto(0x2000000, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) write$auto(0x0, 0x0, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x40090) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0xad, 0x0, 0x200, 0x8}, 0x801}, 0xfffffff9, 0x10, 0x0) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = wait4$auto(0x0, &(0x7f0000000040)=0x8, 0x4, &(0x7f0000000080)={{0x5, 0x8}, {0x5, 0x8}, 0x6, 0x80, 0xb12, 0x4, 0x1ff, 0xfffffffffffffff7, 0x487d1db8, 0x80000000, 0x4, 0x8, 0x6b, 0x3e, 0x524, 0x7}) prctl$auto(0x59616d61, 0x7, r2, 0x5, 0xfffffffffffffffb) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f00000006c0)={0x2a8, r1, 0x20, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_NAN_FUNC={0x1d7, 0xf0, 0x0, 0x1, [@generic="f0ac4a289a68db64719bfff1ae58d91227c8a57ecbf290c27e4dbe95b1dfbbc4b633f1548cceae1705d9813845c0e468e8d306dc5f6f3922a204eef94a6b4e3885a53c81f5d21d4619d4578934a57d2cfa7239ff540ad654c04db3945023d42931f7d88dd1921d1bbb687b5c13bad17312a75006f2a0a3743a3fd0e4dbb6ed23ff2bcd52ea02aa", @typed={0x8, 0xa9, 0x0, 0x0, @pid=r2}, @generic="b88292a46d2857d00b8a421d76fe", @generic="031dd8b82ca2f884568998e80cbaa4b74bb5b21c6a83bc8aa15966bd6d614ad2416ce6a0ad9554f86f3775dedc0d254c3f77a09b10436dff57e64b1fd2c49a2533eff3b172fe3ab72a99f85165219dcfd52f9482c6", @generic="b2008442cbde03e403c256a3e21f5242d6ca18be7c437838e0c89d69f9fe703bdfee72ce5f7a9baf3925b349db95f195313d435be5454715faa2ee2d424101872ea97faeef98c611bba34648c112c638a140e12cb5b53cdd76c79c94c85abefcb4710622f4814292f44563ffb4552a896f78658fa6bdf261d0811347cb70f5a7b46b778fd28d6893befce1154db43b4413f1072438531a4bcbb95dd32ccb3478104c6fa792334dc88800a3674c7f9a7e88c8a23d27653e2dab7c7e0ee6784fe6650e2d75556f81c18a83f1764ad07b631a161ad49c04db76fe5830ab4b9126562d"]}, @NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0x5580}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x4}, @NL80211_ATTR_MLD_ADDR={0x5e, 0x13a, "3aee68864c9d2b6451be40aed0bc3cb7717636402a19dffcde577028a64c38f42094e36a3af2de718df33cab59d771c31c3aa73e52f801d139b3e0011eb87020b38fe86838a9b61d6d5e21de7f995f90c96490bbf9a7c931f630"}, @NL80211_ATTR_MESH_PEER_AID={0x6}, @NL80211_ATTR_WOWLAN_TRIGGERS={0xe, 0x75, 0x0, 0x1, [@generic="de18523e490295822c84"]}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x32, 0x6e, 0x0, 0x1, [@generic="313cfbc74794e20097edcf1300163ca54a4615521f9c3cc8a44977a60e1d7fb1053744cba2bcce3686ca7fb6dc2a"]}]}, 0x2a8}, 0x1, 0x0, 0x0, 0x20009001}, 0x20008c40) close_range$auto(0x2, 0x8, 0x0) read$auto_def_blk_fops_fs(0xffffffffffffffff, 0x0, 0x0) msgctl$auto(0x0, 0x5, &(0x7f0000000640)={{0xd, 0xee00, 0x0, 0xffffffff, 0xa, 0x6, 0x1955}, &(0x7f00000001c0)=0x4, &(0x7f0000000600)=0x5, 0xa, 0x8000000000000000, 0x8, 0x1256, 0xbb, 0x8, 0xfb5, 0xb4, @raw=0x800, @raw=0x4}) fsconfig$auto(r0, 0x3, &(0x7f0000000180)='\\.*{\x00', &(0x7f0000000280)="89871ab3d413166927920cd27e29fe664dd501a2395e37de3c86dce6ecdcd53514710c62f7fa856f5922f433c1e2847f9c6940a1426a1333d9a2b5e9dcda7168bc4d9b1889ebd0770cd460a7a795384321a4fd4d06350dab2193b1caa092d2a208838ffbf0b4ae2ee2572488716df92c0bfdd5344d", r3) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/partitions\x00', 0x200, 0x0) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) 3m30.965159185s ago: executing program 1 (id=1755): mmap$auto(0x2000000, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x40090) close_range$auto(0x2, 0x8, 0x0) read$auto_def_blk_fops_fs(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/partitions\x00', 0x200, 0x0) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) (fail_nth: 6) 3m30.811641076s ago: executing program 4 (id=1756): open(&(0x7f0000000340)='./file0\x00', 0x6ad81, 0x20) semtimedop$auto(0x6, &(0x7f0000000040)={0x5, 0x7, 0xd5}, 0x1b680000, &(0x7f0000000300)={0x29715862, 0x3}) chmod$auto(&(0x7f00000000c0)='./file0\x00', 0x6) execve$auto(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)=&(0x7f0000000200)='team_slave_1\x00', 0x0) execve$auto(&(0x7f0000000100)='./file0\x00', &(0x7f00000002c0)=&(0x7f0000000280)='team_slave_1\x00', &(0x7f0000000000)=&(0x7f0000000180)='{\xff\xffcv\x14QP=qj\xca\x1cB0\xcf\x02Z\x9b\xb2\xf5\b=#t\xbfAe\xd2\x92?~\x1chD\x15\x00\xf6\f\xf3\xc8\x12\xd1S\xb1\xe3-\xa0\xb7\xef\x91\xa29KAN\xae.\xb9-\xa6*d\xa7\xa4\xc6\x93p\xf1,\tn$\xb2\xa39`6\xf4)\xca\xf0\xca\xaaeo') 3m30.091979841s ago: executing program 1 (id=1757): r0 = socket(0x25, 0x1, 0x0) connect$auto(r0, &(0x7f0000000040)=@generic={0x25, "835aabaf5dc454e38226799f73aa"}, 0x18) r1 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000540)='/dev/cpu/0/msr\x00', 0x0, 0x0) ioctl$auto_X86_IOC_RDMSR_REGS(r1, 0xc02063a0, &(0x7f0000000bc0)=[0x7, 0x83, 0x9, 0x4, 0x1000, 0x7, 0x777, 0x9]) write$auto_msr_fops_msr(r1, &(0x7f0000000080)="b67ff2654e0af534603200c48e90be767ff551c046", 0x15) io_uring_setup$auto(0x0, &(0x7f00000000c0)={0x0, 0x5, 0x2, 0x1ff, 0x0, 0x1, r1, [0x1, 0x200, 0x8], {0x10000, 0x0, 0x4, 0x4, 0x1000, 0x7, 0x0, 0x2, 0x100000000}, {0x8, 0x1, 0x0, 0x6, 0x7, 0x4bdb, 0x8, 0x100, 0x1}}) timer_settime$auto(0xf2, 0x0, &(0x7f0000000000)={{0x4cb4, 0xffffffffffffff27}, {0xd7c5, 0x3}}, &(0x7f0000000040)={{0x6, 0x7}, {0x401, 0x7}}) socket(0x25, 0x1, 0x0) (async) connect$auto(r0, &(0x7f0000000040)=@generic={0x25, "835aabaf5dc454e38226799f73aa"}, 0x18) (async) openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000540)='/dev/cpu/0/msr\x00', 0x0, 0x0) (async) ioctl$auto_X86_IOC_RDMSR_REGS(r1, 0xc02063a0, &(0x7f0000000bc0)=[0x7, 0x83, 0x9, 0x4, 0x1000, 0x7, 0x777, 0x9]) (async) write$auto_msr_fops_msr(r1, &(0x7f0000000080)="b67ff2654e0af534603200c48e90be767ff551c046", 0x15) (async) io_uring_setup$auto(0x0, &(0x7f00000000c0)={0x0, 0x5, 0x2, 0x1ff, 0x0, 0x1, r1, [0x1, 0x200, 0x8], {0x10000, 0x0, 0x4, 0x4, 0x1000, 0x7, 0x0, 0x2, 0x100000000}, {0x8, 0x1, 0x0, 0x6, 0x7, 0x4bdb, 0x8, 0x100, 0x1}}) (async) timer_settime$auto(0xf2, 0x0, &(0x7f0000000000)={{0x4cb4, 0xffffffffffffff27}, {0xd7c5, 0x3}}, &(0x7f0000000040)={{0x6, 0x7}, {0x401, 0x7}}) (async) 3m26.90489396s ago: executing program 1 (id=1760): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlock$auto(0x4, 0x0) mlock$auto(0x401, 0x1) mlock$auto(0x7c89, 0x47fff) clone$auto(0x3, 0x7, 0x0, 0x0, 0xdd6) mlock2$auto(0x200, 0x8001, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/pci/00/02.0\x00', 0x210800, 0x0) 3m26.385068257s ago: executing program 1 (id=1763): unshare$auto(0x200) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') setns(r0, 0x0) syz_clone(0x98280000, 0x0, 0xf400, 0x0, 0x0, 0x0) 3m21.86147086s ago: executing program 1 (id=1769): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x3ff, 0x0) mmap$auto(0x0, 0xbb0c, 0x329, 0x10011, 0x2, 0x20008000) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000) 3m19.032432209s ago: executing program 1 (id=1770): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) fallocate$auto(r0, 0xff, 0x4, 0x8) 3m18.140849312s ago: executing program 33 (id=1747): mmap$auto(0x2000000, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x40090) close_range$auto(0x2, 0x8, 0x0) read$auto_def_blk_fops_fs(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/partitions\x00', 0x200, 0x0) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) mmap$auto(0x200000, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) 3m12.144312416s ago: executing program 34 (id=1756): open(&(0x7f0000000340)='./file0\x00', 0x6ad81, 0x20) semtimedop$auto(0x6, &(0x7f0000000040)={0x5, 0x7, 0xd5}, 0x1b680000, &(0x7f0000000300)={0x29715862, 0x3}) chmod$auto(&(0x7f00000000c0)='./file0\x00', 0x6) execve$auto(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)=&(0x7f0000000200)='team_slave_1\x00', 0x0) execve$auto(&(0x7f0000000100)='./file0\x00', &(0x7f00000002c0)=&(0x7f0000000280)='team_slave_1\x00', &(0x7f0000000000)=&(0x7f0000000180)='{\xff\xffcv\x14QP=qj\xca\x1cB0\xcf\x02Z\x9b\xb2\xf5\b=#t\xbfAe\xd2\x92?~\x1chD\x15\x00\xf6\f\xf3\xc8\x12\xd1S\xb1\xe3-\xa0\xb7\xef\x91\xa29KAN\xae.\xb9-\xa6*d\xa7\xa4\xc6\x93p\xf1,\tn$\xb2\xa39`6\xf4)\xca\xf0\xca\xaaeo') 3m3.033323029s ago: executing program 35 (id=1770): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) fallocate$auto(r0, 0xff, 0x4, 0x8) 1m54.979694997s ago: executing program 7 (id=1932): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/ptyq3\x00', 0x40001, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0xfdef) 1m53.407058048s ago: executing program 7 (id=1938): mmap$auto(0xfffffffffffffffd, 0x20009, 0x4000000000df, 0x12, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x26, 0x5, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) unshare$auto(0x40000080) writev$auto(0x1, 0x0, 0x1) ioctl$auto(0xc8, 0x400454dc, 0x10) r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/mice\x00', 0x42, 0x0) write$auto_mousedev_fops_mousedev(r2, &(0x7f0000000040)='\\', 0x1) mmap$auto(0x100000000000000, 0x20009, 0xe1, 0xeb1, 0x401, 0x3) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x800, 0x6) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) timer_create$auto(0xfffffffd, 0x0, 0x0) timer_settime$auto(0x0, 0x10001, &(0x7f00000000c0)={{0xf, 0x45af}, {0x9000, 0xfffffffffffffffd}}, 0x0) timer_gettime$auto(0x0, 0x0) socket(0x8, 0x805, 0x0) io_uring_setup$auto(0x3ff, 0x0) io_uring_setup$auto(0x1, &(0x7f0000000000)={0x13, 0x10002, 0x7f, 0x5, 0x6, 0x5, r2, [], {0x2, 0x42005, 0x2, 0x8, 0x400, 0xb533, 0x101, 0x5, 0x80000000}, {0x7, 0xd, 0x6e68, 0x8, 0x6b, 0x86fe, 0x0, 0x0, 0xb3}}) r3 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000003040), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(r0, &(0x7f0000003240)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000000200)=ANY=[@ANYBLOB="1361ae2a82229026cc4e422a84cdb29e182f", @ANYRES16=r3, @ANYBLOB="5d8928bd7000fcdbdf6502000000000002000c0004800400f98002000000080001", @ANYRES32, @ANYRES64=r1], 0x2c}, 0x1, 0x0, 0x0, 0x400c0}, 0x40) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/if_inet6\x00', 0x0, 0x0) pread64$auto(r4, 0x0, 0x40, 0x2) 1m51.095586007s ago: executing program 7 (id=1943): mmap$auto(0x2000000, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x40090) close_range$auto(0x2, 0x8, 0x0) select$auto(0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff) read$auto_def_blk_fops_fs(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/partitions\x00', 0x200, 0x0) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) 1m50.127075179s ago: executing program 7 (id=1957): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/reg-dummy/regulator/regulator.0/num_users\x00', 0x400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000001c0)=""/176, 0xb0) r1 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0xa00, 0x0) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) (async, rerun: 64) ioctl$auto_FUSE_DEV_IOC_BACKING_OPEN(0xffffffffffffffff, 0x4010e501, &(0x7f0000000040)={r1, 0x81}) (rerun: 64) ioctl$auto__ctl_fops_dm_ioctl(r3, 0xa, &(0x7f0000000100)="6e650dee5a00903dde9ee36e61a18b237a99cb1bf4a904d2084a8a363fa2dcb516f3532423fed137a0be696482894173e7595c86e366365f0bdfa140d5887b6f79b3fee07c5cce712a4cb75bbd7504daed69c221397645e3d9cb86ba06093cad02cef3fa4e6d55db2935d5c1607630fdd02d8369") (async) getgid() (async) ioctl$auto(r2, 0x2285, 0x1cfc4b42) (async) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x6, 0x15, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x0, 0xe, 0xd59, 0x800000101, 0xff, 0x2, 0x80000001]}, 0x0, 0x0) 1m49.19982752s ago: executing program 7 (id=1953): sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x4f, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYBLOB="00a378af20555485130326bd7800fedbdf"], 0x14}, 0x1, 0x0, 0x0, 0x4c894}, 0x4) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x40000, &(0x7f0000000340)=@query={@target_fd=r0, 0xf, 0x5, 0x8, 0x9, @prog_cnt=0x8, 0x0, 0x401, 0x8000000000000001, 0x4, 0x5}, 0x6f4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xf) r3 = bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) r4 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000006900)='/sys/kernel/config/target/dbroot\x00', 0x189002, 0x0) ioctl$auto_IOCTL_VMCI_VERSION(r1, 0x79f, 0x0) write$auto(r4, 0x0, 0x6) read$auto_configfs_file_operations_configfs_internal(r4, &(0x7f00000000c0)=""/244, 0xf4) sendmsg$auto_NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYRESHEX=r4, @ANYRES32=r4, @ANYRES32=r4], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4004800) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000400), r3) sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r2, &(0x7f00000005c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000580)={&(0x7f0000000440)={0x114, r5, 0x10, 0x70bd25, 0x25dfdbfe, {}, [@HWSIM_ATTR_RX_RATE={0x8, 0x5, 0x7}, @HWSIM_ATTR_USE_CHANCTX={0x4}, @HWSIM_ATTR_REG_HINT_ALPHA2={0x25, 0xb, '/sys/kernel/config/target/dbroot\x00'}, @HWSIM_ATTR_MLO_SUPPORT={0x4}, @HWSIM_ATTR_FREQ={0x8, 0x13, 0x10001}, @HWSIM_ATTR_TX_INFO_FLAGS={0xb5, 0x15, "e033ad16781ba68bec63f48dcc482e486d262d791290c8e8a75d3380235944b1dc3687b8e4bb3bfaf7d8d7a48c66a85751fdf64ce772e9048b4f789be7d4a87b7c4befba276de7713ce3db99ffe8b15fc5fea793ddabdf268a3c13c6c5ef2a88c8070dca5e0d0cbb9a1ff1f8475f23c44841b236bf6700ac1b7c5d0615cc5e887ae9fabe6f821eee3a458f1b43fd0223443e63a094e28b960e77cf63d62c5dbe00739710fa453cce21943c90149d8ff3a4"}, @HWSIM_ATTR_CHANNELS={0x8, 0x9, 0xfffffffc}]}, 0x114}, 0x1, 0x0, 0x0, 0x4000}, 0x4004) r6 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c00"], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1m48.043359713s ago: executing program 7 (id=1955): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.1/usb2/2-0:1.0/usb2-port1/disable\x00', 0x102, 0x0) sendfile$auto(r0, r0, 0x0, 0x7) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) r1 = io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200007, 0x19) (async) mmap$auto(0x7, 0x3, 0x9, 0x13, r1, 0xf) (async) open(0x0, 0x1a1043, 0x2a) 1m32.908140782s ago: executing program 36 (id=1955): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.1/usb2/2-0:1.0/usb2-port1/disable\x00', 0x102, 0x0) sendfile$auto(r0, r0, 0x0, 0x7) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) r1 = io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200007, 0x19) (async) mmap$auto(0x7, 0x3, 0x9, 0x13, r1, 0xf) (async) open(0x0, 0x1a1043, 0x2a) 10.540590879s ago: executing program 5 (id=2258): mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) madvise$auto(0x0, 0x2000040080000004, 0xe) set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x7b, 0x4) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/orangefs/cache_timeout_msecs\x00', 0xca800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/255, 0xff) keyctl$auto(0xe, 0x2, 0x16efae4c, 0x8000005092, 0x61f93bdb) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x7, 0x0, 0x1f, 0xb}, 0x3}, 0x6, 0x20002000) madvise$auto(0x0, 0xffffffffffff0004, 0x19) r2 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) splice$auto(0x4, 0x0, 0x2, 0x0, 0x1000, 0xf) read$auto_ftrace_subsystem_filter_fops_trace_events(r2, &(0x7f0000000180)=""/220, 0xdc) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 8.993084625s ago: executing program 5 (id=2262): set_tid_address$auto(0xfffffffffffffffd) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r0 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) r1 = bpf$auto(0x5, &(0x7f0000000000)=@iter_create={0x19, 0x5}, 0x7) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) move_pages$auto(0x0, 0x33b, &(0x7f0000000080)=0x0, 0x0, 0x0, 0x4) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x24, 0x940, 0x1ffde, 0x3, 0x6, 0x8000002, 0x9, 0x5, 0x2, 0x4, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, [0x0, 0x0, 0x0, 0x243efbdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe6e]}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) r3 = open(&(0x7f0000000080)='./file0\x00', 0xeee00, 0x31) sendfile$auto(0xffffffffffffffff, r3, 0x0, 0x8000) read$auto_tracing_pipe_fops_trace(r3, &(0x7f0000000180)=""/33, 0x21) syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_NEWPDP(r0, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYRES8=r1, @ANYRESDEC=r1, @ANYBLOB="53d38febb50b49695b2767ae6a58ca036eea1df9cc25e9009a4a5989788abcbad786fea8c8ca03377bdd6ff7e3838c35af7afe79852074f5d06e4d708df4ac84e8819fac08eccb78300c64084f51153ca7592f4f00421b3f85bbfb30dd218ef1369248b08d0dc765d4583b4753df077e60", @ANYRES32=r0, @ANYRES32, @ANYBLOB="566dcf4d6c9bd6774273c0080202000500000005000d09040000000800080809000000"], 0x4c}, 0x1, 0x0, 0x0, 0x20440c0}, 0x4000004) shmctl$auto(0x9, 0xe, 0x0) socket(0xa, 0x2, 0x73) write$auto(0x3, 0x0, 0xfdef) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 8.803825605s ago: executing program 8 (id=2263): r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/fib_trie\x00', 0x20200, 0x0) openat$auto_evm_key_ops_evm_secfs(0xffffffffffffff9c, &(0x7f00000000c0), 0x40802, 0x0) writev$auto(0x4, &(0x7f0000000080)={0x0, 0x8}, 0x1) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x55) recvmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x1008, 0x0, 0x0, 0x0, 0x2, 0x100}, 0x803}, 0x908, 0x6, 0x0) 8.44960724s ago: executing program 8 (id=2265): mmap$auto(0x0, 0x20009, 0x6, 0xeb1, 0x7f, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x80a00, 0x0) ioctl$auto(r0, 0x4b41, 0x92b6) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) ioctl$auto_evdev_fops_evdev(r1, 0x40104593, 0x0) 7.952152819s ago: executing program 8 (id=2266): socket(0x15, 0xa, 0x0) close_range$auto(0x2, 0x8, 0x0) 7.441893566s ago: executing program 8 (id=2267): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) clock_nanosleep$auto(0x2, 0x1000, 0x0, 0x0) setsockopt$auto(0xffffffffffffffff, 0x29, 0x21, 0x0, 0x1ff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0) splice$auto(r0, &(0x7f0000000000), r0, &(0x7f0000000100)=0x1, 0x4d, 0xb) ioctl$auto_RTC_WKALM_RD(r0, 0x80287010, 0x0) connect$auto(0xffffffffffffffff, 0x0, 0x58) madvise$auto(0xe2ca, 0x7fffffffffffffff, 0xa) sched_setattr$auto(0x0, &(0x7f0000000740)={0x1, 0x7, 0x1, 0x7, 0xffffffff, 0x7ffffffe, 0x1, 0x7, 0x7, 0xffffffff}, 0xfffffffe) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x1) r1 = prctl$auto(0x1000000003b, 0x1, 0x0, 0x6, 0x4) read$auto_proc_pid_cmdline_ops_base(r1, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x201, 0x0) newfstatat$auto(0xffffffffffffff9c, 0x0, 0x0, 0x1000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop1\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb3, 0x403, 0x8000) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) close_range$auto(0x0, 0xffffeffe, 0x2) pipe$auto(0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="1400b987c1ab3e438838667b51ca1c29cec232c49ccff604a9249a3b6fe7a4e7aa61f8ee2303dd5916f795696c608ce78edc5a5dc3c9e7754b791340341f5dae2ee05097a56dcb1ae0615aba8b8d024faa79b92222", @ANYRES16=r3, @ANYBLOB="000c26bd7400fddbdf2503000000"], 0x14}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) pipe$auto(0x0) tee$auto(0x2000000000000, 0x3, 0x3ff, 0x9) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) open(0x0, 0x4242, 0xe1d2b27bdc14abb5) clone$auto(0x7ff, 0x48, 0x0, 0x0, 0x2) 7.108288514s ago: executing program 5 (id=2268): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) r0 = socket(0x18, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x40047459, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r1, 0x0, 0x3}, 0xc) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETPAGEFILE(r1, 0x7a9, 0x0) madvise$auto(0x0, 0xffffffffffff0004, 0x19) syz_clone3(&(0x7f0000000200)={0x182000080, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) poll$auto(&(0x7f0000000d40)={0x3, 0x1, 0xa}, 0x5, 0x400) ioctl$auto_CEC_S_MODE(r2, 0x40046109, &(0x7f0000002c40)=0xd0) kill$auto(0x0, 0x21) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = mq_open$auto(&(0x7f0000000000)='\xbe\xf2\x82\xe7\x14g\xb5\xeeMQ\x13\xa2_g\xbf\t\xfa\xf2_N\xb0{\xf9\xb57v\xeeG\xd9l\xbf\x86q w\x96\xd9\xe9\xa8\xe1\xf0\xc7\x1f\x1e\xc4\xc4\x89u\x83\xe8}\xbd\x7fO\x91\xc1UVW.\xb6\xad\x04u\x02w.\xec`O\xc1\x0e\x15\xe7:\xc9\x1bK\xcddY\x03\x95\xd1\xae\xc1\x9b\x96\x9faj\xd2\xfc\xfc\x1f7\xaf\xcan\xf6\xc0wK\xce\xe7Q\xae\xc9Hg\x01\xef\xda[\xe5\xa3\xa3%\'\x8f\xcf\x96X:\x04Dkt\x7f\xde\x80\x01\xddX\x91\x88\xa1\t\xc3\xf1\xfe[\x93$O8 b\xb4\x92\xf4\xbc\xc5\xb9\x989\xfcF\xec\xdc@\xdd\xdaeM\xe0U\xc8;\xf5\xe7$Q8\xd2\x87\xdd\xc5\x9d\xc5\xe8\xb5\xb5\xb8\xdfD\xd0\xe8t\x8aS\xaa\xbe\xaa\xba\x9e^0\x1a\xf8Y\xf5Jp\bu\xba\x98\x00\xf0H5\xa9u\x0e\xc4\x04\x13\xf58p\x9f\x11\xc07\xefS*|\xd87\x12\xd8\xce\xde0\xd82;\xcd\x18\r\xccI\x99\n\xd2\x86', 0xdd1, 0x8, 0x0) mq_notify$auto(0x4, &(0x7f0000000040)={@sival_ptr=0x0, @inferred, 0x1}) openat$auto_tracing_readme_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/README\x00', 0x400000, 0x0) mq_notify$auto(r3, &(0x7f0000000040)={@sival_int=0x4, @raw=0x3ff}) r5 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_S_MODE(r5, 0x40046109, &(0x7f0000002c40)=0xd0) ioctl$auto_CEC_S_MODE(r5, 0x40046109, &(0x7f0000000000)=0x1) madvise$auto(0x0, 0x200007, 0x8) r6 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000180), r4) sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(r3, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x1c, r6, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@NL802154_ATTR_SCAN_TYPE={0x5, 0x1f, 0xe2}]}, 0x1c}}, 0x40) madvise$auto(0x0, 0x2003f0, 0x15) 6.449166805s ago: executing program 2 (id=2270): r0 = socket(0x2b, 0x1, 0x1) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x121041, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x8, 0x1000000004, 0x13, 0x3, 0x110000000) madvise$auto(0x0, 0xffffffffffff0004, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) ioperm$auto(0x7, 0x6, 0x2) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x200004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) mlockall$auto(0x7) mmap$auto(0x0, 0x400008, 0xdf, 0xfffffffffffffff8, 0x2, 0x8000) madvise$auto(0x2000000000009, 0xffffffffffff0004, 0x2) r2 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0) ioctl$auto_RTC_PARAM_SET(r2, 0x40187014, &(0x7f0000000100)={0x5, @ptr=0xffffffffffffff7f, 0xf54}) madvise$auto(0x0, 0x200007, 0x8) r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), r0) sendmsg$auto_HWSIM_CMD_REGISTER(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYRES32=r3, @ANYRES64=0x0, @ANYRESOCT=0x0], 0x1c}, 0x1, 0x0, 0x0, 0x2000c001}, 0x5) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) getsockopt$auto(r0, 0x6, 0x12, 0xfffffffffffffffc, 0x0) getrlimit$auto(0x5, &(0x7f0000000140)={0x7, 0xe5c5}) 5.909774303s ago: executing program 6 (id=2271): mlockall$auto(0x7) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/dfscache\x00', 0x40080, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) r0 = openat$auto_bsg_fops_bsg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bsg/0:0:0:0\x00', 0x4001, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x10000000000048, 0x0) r1 = fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0x4010ae67, r1) mmap$auto(0x27, 0x4000a, 0x7, 0x9b72, r0, 0x3) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x80502, 0x0) write$auto_tty_fops_tty_io(r3, 0x0, 0x0) 5.608076123s ago: executing program 6 (id=2272): mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x60e03, 0x0) write$auto(r0, 0x0, 0xfffffffffffffffe) r1 = clone$auto(0x7, 0x2, &(0x7f0000000040)=0x1, &(0x7f00000000c0)=0x6, 0x1ff) mlockall$auto(0x7) mmap$auto(0x0, 0x8, 0x1000000004, 0x8b72, 0x6, 0x8000) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) ioctl$auto(r2, 0x40045109, 0x3) capset$auto(&(0x7f0000000100)={0x19980330, r1}, 0x0) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x88882, 0x0) read$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffffff, &(0x7f00000001c0)=""/4096, 0x1000) 4.851664572s ago: executing program 5 (id=2273): r0 = openat$auto_proc_setgroups_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/setgroups\x00', 0x200000, 0x0) mmap$auto(0x5, 0x5, 0x1, 0xd50, r0, 0x2) (async, rerun: 64) r1 = clone$auto(0x1, 0x1ff, &(0x7f0000000040)=0x4, &(0x7f0000000080)=0x9, 0x7fffffff) (rerun: 64) r2 = prctl$auto(0x1, 0x200, r1, 0x5, 0xe4) ioctl$auto_VHOST_SET_BACKEND_FEATURES2(r2, 0x4008af25, &(0x7f00000000c0)=0x80000000) r3 = socket(0x2, 0x800, 0x4) r4 = socket$nl_generic(0x10, 0x3, 0x10) madvise$auto(0x0, 0x0, 0x9) (async) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r4) sendmsg$auto_NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r4, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x84, r5, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@NL80211_ATTR_MAC={0x52, 0x6, "360008a76463dd5576170477fb204592fde7bcdee8c715782c2761595450f12e4ae749542c14ab1412166de1f4486ece7de816d7974b108376e1763d5abd03b4bef2907bfcf83bc961ffe8ea5ec8"}, @NL80211_ATTR_ROAM_SUPPORT={0x4}, @NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x4}, @NL80211_ATTR_MESH_PEER_AID={0x6}, @NL80211_ATTR_NETNS_FD={0x8, 0xdb, r2}]}, 0x84}, 0x1, 0x0, 0x0, 0x4000800}, 0x4000080) readv$auto(r4, &(0x7f0000000300)={&(0x7f00000002c0)="38f705e4d9068ac5aea1a1df78b5763e", 0x3}, 0x7fffffff) sendmsg$auto_NL80211_CMD_NEW_KEY(r4, &(0x7f0000000440)={&(0x7f0000000340), 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x60, r5, 0x0, 0x1, 0x25dfdbfd, {}, [@NL80211_ATTR_PID={0x8, 0x52, r1}, @NL80211_ATTR_FILS_ERP_USERNAME={0x13, 0xf9, "de3af41b3eb3a862b1b0d70981ad0f"}, @NL80211_ATTR_TDLS_EXTERNAL_SETUP={0x4}, @NL80211_ATTR_MBSSID_CONFIG={0x2c, 0x132, 0x0, 0x1, [@NL80211_MBSSID_CONFIG_ATTR_MAX_INTERFACES={0x5, 0x1, 0x79}, @NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY={0x5, 0x2, 0x3}, @NL80211_MBSSID_CONFIG_ATTR_MAX_INTERFACES={0x5, 0x1, 0x18}, @NL80211_MBSSID_CONFIG_ATTR_INDEX={0x5, 0x3, 0x7f}, @NL80211_MBSSID_CONFIG_ATTR_MAX_INTERFACES={0x5, 0x1, 0x8}]}]}, 0x60}, 0x1, 0x0, 0x0, 0xd1}, 0x20008004) (async, rerun: 64) sendmsg$auto_NL80211_CMD_CRIT_PROTOCOL_START(r4, &(0x7f0000000700)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000006c0)={&(0x7f00000004c0)={0x1f8, r5, 0x2, 0x70bd27, 0x25dfdbfc, {}, [@NL80211_ATTR_FILS_ERP_USERNAME={0x6, 0xf9, "778e"}, @NL80211_ATTR_WIPHY_RTS_THRESHOLD={0x8, 0x40, 0x400}, @NL80211_ATTR_FILS_DISCOVERY={0x34, 0x126, 0x0, 0x1, [@NL80211_FILS_DISCOVERY_ATTR_INT_MAX={0x8, 0x2, 0x3ff}, @NL80211_FILS_DISCOVERY_ATTR_INT_MAX={0x8}, @NL80211_FILS_DISCOVERY_ATTR_INT_MIN={0x8, 0x1, 0xff4}, @NL80211_FILS_DISCOVERY_ATTR_INT_MAX={0x8, 0x2, 0x8}, @NL80211_FILS_DISCOVERY_ATTR_INT_MIN={0x8, 0x1, 0x80000001}, @NL80211_FILS_DISCOVERY_ATTR_INT_MIN={0x8, 0x1, 0x9}]}, @NL80211_ATTR_FILS_NONCES={0x8d, 0xf3, "2d0b26f7d94d61bd2b03fd58edc51befec6b0172ccdb2bcddd4f5dab71017f76cb41e3ded21eace6f1416b9b16b1ff5c2005c5606450b36c6eedf012e82b3cdb7fa1b911fe9e1dfbc753798af37068dd05e5e718bda24ab0a30c92eb81cd80b30fdf2753374afc9268e080333e27fa956444324ccc4282bd3ffd042395e20c7179594943d78022f5cf"}, @NL80211_ATTR_USE_MFP={0x8, 0x42, 0x2}, @NL80211_ATTR_KEY_DATA={0x5, 0x7, "f5"}, @NL80211_ATTR_SAE_PWE={0x5, 0x12a, 0xd}, @NL80211_ATTR_REG_ALPHA2={0xef, 0x21, "658033ff522026dcbbe1afdfbc18a441d2efad7ec6b3a0f4777744bbafa926b39387610d6d4e5102e2f9c302423d18fd21b6714a5bc72a284f92a955e0de7f892d060445b87137298a25615b2fc3b95495c17d050d9b04dbd54c3978001d5b15b4624545a884ad1176aa1207124566a20409871d9b67bcce652177b1ccbc8679d92b8987ef6e1da0ca468745d4c43dfbbc3655a88c55716734b9c8c7d3d207de8dc637466be9b16a9e9959769feaa4c4dc40d8a6a5f01df8e83976e07084e53be4eaccdf9c0c345b7290d82a40cbaaa1a7499ecf5d6ce1a6b968e8bd4cc15e473e4563d9b020145f1845ec"}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x7}]}, 0x1f8}, 0x1, 0x0, 0x0, 0x44000}, 0x4080) (rerun: 64) r6 = socket(0x21, 0x5, 0x2) ioctl$auto_FUSE_DEV_IOC_BACKING_OPEN(r2, 0x4010e501, &(0x7f0000000740)={r6, 0x7}) (async) r8 = syz_genetlink_get_family_id$auto_seg6(&(0x7f00000007c0), r2) sendmsg$auto_SEG6_CMD_DUMPHMAC(r3, &(0x7f0000000880)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x41010b}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x3c, r8, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x2}, @SEG6_ATTR_ALGID={0x5, 0x6, 0xd7}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x7}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x9}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0xe}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x20008000) (async) r9 = socketpair$auto(0x1, 0x2, 0x7fffffff, &(0x7f00000008c0)=0x8001) (async) r10 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000940), r7) sendmsg$auto_NL802154_CMD_DEL_INTERFACE(r4, &(0x7f0000000a40)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x7ee3f343327f3798}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)={0x5c, r10, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@NL802154_ATTR_SCAN_DURATION={0x5, 0x24, 0x4}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x40}, @NL802154_ATTR_SEC_OUT_LEVEL={0x8}, @NL802154_ATTR_IFTYPE={0x8, 0x5, 0xdd}, @NL802154_ATTR_SEC_DEVICE={0x18, 0x2e, 0x0, 0x1, [@typed={0xc, 0x5a, 0x0, 0x0, @u64=0x4}, @typed={0x8, 0x71, 0x0, 0x0, @uid=0xffffffffffffffff}]}, @NL802154_ATTR_BEACON_INTERVAL={0x5, 0x26, 0x1}, @NL802154_ATTR_MAX_ASSOCIATIONS={0x8, 0x27, 0xc}]}, 0x5c}, 0x1, 0x0, 0x0, 0x2000c010}, 0x40800) (async) prctl$auto(0x3528, 0x8, r1, 0x7, 0x1) (async, rerun: 64) openat$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffff9c, &(0x7f0000000a80), 0x109201, 0x0) (async, rerun: 64) sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000b80)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x28, r5, 0x4, 0x70bd2a, 0x25dfdbfd, {}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0xa0a}, @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0xfea}, @NL80211_ATTR_PRIVACY={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0xc000}, 0x8001) (async) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000bc0), 0x8c0, 0x0) (async) mbind$auto(0x5, 0x7f, 0x4, &(0x7f0000000c00)=0x1, 0x6, 0x0) ioctl$auto_SNDCTL_DSP_MAPOUTBUF(r7, 0x80105014, &(0x7f0000000c80)={&(0x7f0000000c40)=0x8, 0x4}) (async) io_uring_enter$auto(r2, 0x4, 0x5, 0x7a71, &(0x7f0000000cc0)="76cd58ef3b8813bd13b2c515b6e34c75370b70afbe7d07ff66987d8e47607289213260021c4586c610e4603b86458f987cdd25c27cd07b7413b28da22a4c11128a98e55fbe755bdbfa681a7afded62037ce882495a4f0f887009dca92e857de0a02aceeb04968694178120f05cd9ece970144530c6ee4e4e53fee8b015bf693c343cf7a4ee8e8f8488d5c31978418bb1e2cbb1b9860faf35763cc42dfe30a7203648f93dad953a2ae5824d57e5c9353ea67d019c4c3b13d100d5d1582bc7d6dd8a928497d0d610b58484d8a7b0e604782102749b5c06c6499d80afd36ce047418dd4650b7cd3ba91fecb5aeb7d7f3646aa60cb", 0x1) (async) sendmsg$auto_NLBL_CIPSOV4_C_LISTALL(r9, &(0x7f0000000e80)={&(0x7f0000000dc0), 0xc, &(0x7f0000000e40)={&(0x7f0000000e00)={0x2c, 0x0, 0x20, 0x70bd27, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xff}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x80}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4880}, 0x1) r11 = syz_genetlink_get_family_id$auto_nlbl_cipsov4(&(0x7f0000000f00), r7) sendmsg$auto_NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000fc0)={&(0x7f0000000ec0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000f80)={&(0x7f0000000f40)={0x24, r11, 0x600, 0x70bd28, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3}, @NLBL_CIPSOV4_A_TAG={0x5, 0x3, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x8004}, 0x0) 4.836668352s ago: executing program 6 (id=2274): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) ioperm$auto(0x800, 0x5, 0xd) semget$auto(0x6, 0x10, 0x7fffffffffffffff) pread64$auto(0x0, 0x0, 0x1, 0x100000000000f) (async) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) semtimedop$auto(0x0, 0x0, 0xeb, 0x0) madvise$auto(0x2, 0x0, 0x800) 3.665275463s ago: executing program 2 (id=2275): eventfd$auto(0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSMRRU(r0, 0x4004743b, 0x0) readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x80002, 0x73) socket(0x21, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) r1 = openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000000), 0x32000, 0x0) mmap$auto(0x0, 0x0, 0xe2, 0xcb1, r1, 0x8040001008000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x401, 0x8000) setitimer$auto(0x2, &(0x7f0000000040)={{0x0, 0x5}, {0x0, 0x8}}, 0x0) unshare$auto(0x40000080) socket(0xa, 0x3, 0x100) setitimer$auto(0x2, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) madvise$auto(0x4951, 0x0, 0xffbffff9) socket(0x28, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x6, 0x7bd6, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0x8000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x11, 0x80003, 0x300) 3.46385564s ago: executing program 6 (id=2276): syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') madvise$auto(0x0, 0xffffffffffff0005, 0x19) ioctl$auto(0x3, 0x8b0a, 0x8d) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) r0 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/meminfo\x00', 0x0, 0x0) ppoll$auto(&(0x7f00000000c0)={r0, 0xf81, 0x27f}, 0x3, 0x0, 0x0, 0x8) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/wlan1/forwarding\x00', 0x202, 0x0) sendfile$auto(r2, r1, 0x0, 0x401) socket(0x2, 0x80802, 0x0) setsockopt$auto(0x3, 0x0, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x0, @multicast1}, 0x55) close_range$auto(0x2, 0x8, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8000, 0x0) sysfs$auto(0x2, 0x100000000000037, 0x0) fsopen$auto(0x0, 0x1) fsconfig$auto(r3, 0x1, &(0x7f00000001c0)='+\x00', &(0x7f0000000280), 0x0) socket(0x11, 0x80003, 0x300) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) 3.242427646s ago: executing program 8 (id=2277): io_submit$auto(0x4, 0x8001, &(0x7f0000000100)=&(0x7f00000000c0)={0x80000003, 0x7, 0x3, 0x1ff, 0xfe01, 0xffffffffffffffff, 0x84, 0x3, 0x0, 0x0, 0x1ffd}) sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(0xffffffffffffffff, &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8040}, 0x24004054) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/ieee80211/phy0/netdev:wlan0/uapsd_queues\x00', 0x20c02, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000000), r0) socket$nl_generic(0x10, 0x3, 0x10) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/orangefs/slot_timeout_secs\x00', 0x102, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000040)=""/128, 0x80) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mlockall$auto(0x7) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7ffd) r2 = getpid() socket(0xa, 0x801, 0x106) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x0, 0x33, 0x0, 0x4) process_vm_readv$auto(r2, &(0x7f0000000040)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f00000000c0), 0xf}, 0x6, 0x0) r3 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0) ioctl$auto_I2C_SMBUS(r3, 0x720, 0x4) 3.037895623s ago: executing program 5 (id=2278): mmap$auto(0x0, 0x428, 0xdf, 0xeb1, 0x401, 0x8000) (async) getrandom$auto(0x0, 0x6000000, 0x3) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0xc00, 0x0) ioctl$auto(r0, 0x4b4c, 0x38) 2.64774744s ago: executing program 6 (id=2279): socket(0x11, 0x2, 0x300) mbind$auto(0xe96, 0x8, 0x10000, &(0x7f0000000000)=0x3, 0xb, 0x7) socket(0xa, 0x3, 0xa) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x6, 0x15, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x0, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x80000001]}, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x28, 0x1, 0x0) getsockopt$auto(r0, 0x28, 0x2, 0x0, 0x0) r1 = socket(0x6, 0x800, 0x83) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'tunl0\x00'}) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x400}, 0x5, &(0x7f00000000c0), 0x200002, 0x8}, 0x803}, 0xa, 0x10, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r3 = socket(0x2, 0x2, 0x1) bpf$auto(0x0, &(0x7f0000000000)=@bpf_attr_4={0x1b, r3, 0x1004, r3}, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = socket(0x29, 0x2, 0x0) getcwd$auto(&(0x7f00000000c0)='/sys/kernel/debug/tracing/trace_pipe\x00', 0xffff) getsockopt$auto(r4, 0x119, 0x6, 0x0, 0x0) write$auto(r4, &(0x7f0000000040)='^*(/+-\x00', 0x7fff) init_module$auto(0xffffffffffffffff, 0x8001, 0xfffffffffffffffe) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r5, &(0x7f0000005380)={0x0, 0x59, &(0x7f0000005340)={&(0x7f0000000000)={0x14, r6, 0x1, 0x70bd2b, 0x25df9bfc}, 0x14}, 0x1, 0x0, 0x0, 0x2004c010}, 0x20000000) close_range$auto(0xffffffffffffffff, r2, 0x80) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000003fc0)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20a02, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) 2.52779513s ago: executing program 2 (id=2280): pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x00\rs\x1cJ\x99\x00:c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL1\x03\xf1`\x9f\x1e\t\x00\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0pr\xfa\xa2@X\xb9_\xdd(\xd1\x14^\xbe\xa2', 0x6, 0x55) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x2, 0x4, 0x8201, 0x2, 0x8, 0xc, 0xe3, 0x4000000002, 0x3}, 0x6f4) r0 = socket(0x6, 0x800, 0x83) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'tunl0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'pimreg1\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syz_tun\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'macvtap0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'veth1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f00000003c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c010000", @ANYRES16=r1, @ANYBLOB="00042cbd7000fbdbdf25110000005c00018008000300090000000800030001ffffff0800030066000000080003000180000008000100", @ANYRES32=r2, @ANYBLOB="140002007767310000000000000000000000000008000100", @ANYRES32=r3, @ANYBLOB="1400020076657468315f766c616e00000000000004000180500001801400020067656e6576653100000000000000000008000300000000001400020069703665727370616e300000000000001400020076657468305f766972745f776966690008000100", @ANYRES32=0x0, @ANYBLOB="1c0001450100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r5, @ANYBLOB="080003003939ffff1400018008000300fcffffff080003000400000058000180080003000000000008000100", @ANYRES32=r6, @ANYBLOB="08000100", @ANYRES32=r7, @ANYBLOB="1400020076657468305f746f5f626174616476001400020073797a6b616c6c6572310000000000001400020076657468315f6d616376746170000000"], 0x14c}, 0x1, 0x0, 0x0, 0x40000}, 0x80d4) mprotect$auto(0xfff, 0x80000000, 0x4) r8 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000440), r0) sendmsg$auto_IEEE802154_DISASSOCIATE_REQ(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x40, r8, 0x4, 0x70bd2a, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DURATION={0x5, 0x15, 0x3}, @IEEE802154_ATTR_CSMA_RETRIES={0x5, 0x25, 0x7}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x2}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x4}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, 0x6}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000061}, 0x14) r9 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000580), 0x4000, 0x0) read$auto_mISDN_fops_timerdev(r9, &(0x7f00000005c0)=""/71, 0x47) ioctl$auto_IMADDTIMER(r9, 0x80044940, &(0x7f0000000640)=0x8) r10 = semctl$auto(0xff, 0x161, 0x3, 0x8) r11 = prctl$auto(0x2, 0x1, r10, 0x2, 0x3) r12 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f00000006c0), r11) sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r0, &(0x7f0000000f40)={&(0x7f0000000680), 0xc, &(0x7f0000000f00)={&(0x7f0000000700)={0x7d4, r12, 0x800, 0x70bd2a, 0x25dfdbfd, {}, [@IOAM6_ATTR_SC_DATA={0x105, 0x5, "cca84e2abfad3f4e1cf24ff988da7908049c0705606918d1c7b5b2e80f40f4e44ffe8ae39fde58ef8404c63dc7796295542ab06d501f38d6744242a3c3a834ee991d0aab06ef5908bb15d8d017bc7df7d55567eb41d567bc872e24e7edc167242121dd9b1447535445fd1d2515c1fbc77249167e549c5afb8fd8c57848158625a37eac4bad2e340399b3716c8253f94f506449a44492fb4217dc34297aa25c049df933e7db0788a7de0cfb179cb4ff9e46296a0ce2e51c25df5fb08b7f2d821618084f0bdd3066a156efccc2a7ee04a12a15d86a93e99f6825c8ea21dfcbd924dc1ca47784548c33e4a1b46d4d4621e962e618cc3d1f7fa806e308394d04c87333"}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x9}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x1}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x2}, @IOAM6_ATTR_SC_ID={0x8}, @IOAM6_ATTR_SC_DATA={0x2af, 0x5, "088d16c9d4ff88050ae9ae19e1c3f31943f347680507a646ba60e28356e63c99d99b45fed17b1bf4dc83d241ce2340cc9acf96d71229efeef683a3e75f5c29355c456821c66fe759d13c85ce17fa72d79a7d4cd80eddeb9cbc098a9ed6fa3cefdfdb60d92809a61cf5f0df9d51f8a3fa028a083600be19a8d0d8db320f5cbecfcc4ad63d68af0b54b668a2f076f60fa5293795aae98563c236567330a67ecfb46d1bf3535903856e7aeefd57ee1df4ad26c1bf618f9dc86b624907121543bf0e00dd6dfd2e244ff3581986db44599981e0715d56578f7a045641acd5c251787209149ea24ed9ed676d363e9805b2e108c032d3252bacf999b04928f02591826dc20ae075a1df07de2581e7503ed8f278fbc5c5ea70c7e3d5023ac57d5592855ea250d7e205347329f518e9585f73100f59aa3c06b1c917e89c2aad92ef0d715cbfeac91eb28b32f48bfd890351772df0eb0e2e7762bb5336585b2025ac6fe9f7db61ba135171723fc76d77dbbd0fd0b132217f23825cf7403aff9ce68caa005e10db5a1ff27db6eefe37c31d07771946fdf032c4fed0d32c759403b738c94b55a3475cab6be44dd60b4dd4c7cc01795e8d32933c68e02929ec2639ab8622208d61982e42b588ec18cfacee4ca41085d7ea3506e7a08b29eced8b0061e2cd00778ddc89fa0a562ec02ec04e8fbbde7658d1b99f1dcfd0ef0670bc411cc86c5338f78cf57b142f4d24ae89b3bcdac5faa835ac2cc0407a03e3fbcaf86ba4cb0cd619b032133191b045bb1a06029dd53a8b42aa8a24e7cda7a6e278d25f9ac460c836c3d56a5dfb51784c4e3a36c5861851a3ba40f5928af8faddfbf990419f82367d01d80277eac05d1f067501e8a0882deb22c9c01af7b72d9fa9f1cec2faa9aa4c7720519e9d50d4c30d416b09cd779b2ea6b26d49e26bad72a21f227931ad758c6512f933e529a569fa62"}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x200}, @IOAM6_ATTR_SC_DATA={0x1cc, 0x5, "c109f0583aed0cbb450efc1e1accc38ba3291d22186ace2e01ce31bcf1abdffda862e05222c1736f97abdfdf55907c7658f2722aae2386727f6e186517a1f0f50d8a93e373c50df921543f6af46e143039bd197afab7ee8418dc9bb06db69bc8ff9ad4fb85a2aa5ae4906e5cfd81a53dc43e4ced47760689a3ac96078768f0c9541548449fe04dd8fdd53515dd2111d8127bcc20fb0ae80116579501c1753f60c747f3da5c8430e1d499681e7bc44b386833177efc43ec48c95abfc398e484cb936eff2b7dc205cef48e20ad4588015041d30a0254887ed11ab685ecfe719f30797a293786f8c464f87cd6f6abfba6709aa6219884badd74b4861c820189200f8a9ba27c478d0270ddfb9648775772a9ba92bb227ab9118f173d4e371eb6b35035a3882dfd728ac1acb7bd2ff3b4c8e774c1a9dd425485723f6bd854745847b540a34715710bcff256cd4424b2eb68bdf687e82016060275d94b7d2b902e199b525a4b7b1228faa30d05f56b5c5c023fd98572bf308b8a4ae50e7c5ce7fde3880ac4b6d9c9d07010e0d26cc4c8d5f7aba8ca6d19fe3ffe1ca9eddca5d21e3dda4465b4c4acf185fc31647b448a74321a26c2ef28878944715cd87d63e87430f0037509302e2f561d"}, @IOAM6_ATTR_SC_DATA={0x20b, 0x5, "21a0cef941d607e6ec9b9c35032618e89b14a19c40c529f2dccd6b2fd23b39a764b691ccccf2c6ed57eff176b4f2a48be70f1ddd9f9a5dbc545e75e43b88768b09b012c88d9e104e1d67952935f1682534a3633c079a9a0ab02c681112446022bd1dad3eb6d3b0dfd3a318642fd113d7421822373543544db9586810414fd773f960e1891a0590765849d7d724bb9e972ac7e6df230e23c14884d66998f854b9bcc46f7c63e5e157fb723ec2e6163c59aaa2b9d79481a4fb21f6c5eed1ed64743b7b7dee64fc4f42f07ff9378466b9ca05353caee0df0b381f71e857d014e64f77975edfae7c9a759ed9cc14e9fa263d32b4fabd75ca32e32901cb347ae48eb2f42e4f6251a634b9fac9708226e3ce683b37e913992123e0e4c2d1b1122437f1fa17e1c2974aae2b0933626cf0487a996facaa6c295022a7c2f1570ff2793ddcf41b279bd9e286a686ae1e387d200c421e77af3d464fa4df43ac88426ebef3b86708ad669090196c2467b2551083e4909b3847e4c5ae9815d8507a0f102b778371e93ababcf020c9024074eb11cb6fe6fd95025dd1a708005453df204e7b2d4751bc820959dc1fb2d985d20e884eaca5ef604c9d7ad56fa203b22f6eb69bdf23ce6c4c961ae907163a8cce19622a3519b4dfc2936070cc4299bdc31eea70ce77c08c1e5dc5e7e281126aef14e7ff2d81a1d1e3d9f2d7763e83a3cf377145fc6616b726baee0155"}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x217}]}, 0x7d4}, 0x1, 0x0, 0x0, 0x4000}, 0xc004) r13 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000f80), 0x20000, 0x0) read$auto_rtc_dev_fops_dev(r13, &(0x7f0000000fc0)=""/174, 0xae) sendmsg$auto_IEEE802154_LLSEC_DEL_SECLEVEL(r0, &(0x7f0000001140)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001100)={&(0x7f00000010c0)={0x3c, r8, 0x0, 0x70bd2d, 0x25dfdbfd, {}, [@IEEE802154_ATTR_CCA_MODE={0x5, 0x23, 0x9}, @IEEE802154_ATTR_CSMA_MAX_BE={0x5, 0x27, 0xd5}, @IEEE802154_ATTR_REASON={0x5, 0x12, 0x9}, @IEEE802154_ATTR_PAN_COORD={0x5}, @IEEE802154_ATTR_DEST_PAN_ID={0x6, 0x10, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x2402c801) r14 = semctl$auto(0x0, 0x80, 0x3, 0x3) r15 = getpgid(r10) syz_clone3(&(0x7f0000001380)={0xa01080, &(0x7f0000001180), &(0x7f00000011c0), &(0x7f0000001200), {0x17}, &(0x7f0000001240)=""/15, 0xf, &(0x7f0000001280)=""/158, &(0x7f0000001340)=[r10, r14, r15], 0x3, {r11}}, 0x58) sysfs$auto(0x6c, 0x4f000000000000, 0x5) syz_genetlink_get_family_id$auto_ila(&(0x7f0000001440), r11) 1.780012142s ago: executing program 5 (id=2281): mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) io_uring_setup$auto(0x7, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='/sys/devices/virtual/net/nr5/queues/rx-0/rps_flow_cnt\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22242, 0x155) r0 = socket(0x2, 0x80802, 0x0) setsockopt$auto(r0, 0x11, 0x67, 0x0, 0x8) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000140), 0x55) socket(0x10, 0x2, 0x0) socket(0x10, 0x2, 0x4) socket(0x2, 0x5, 0x0) openat$auto_binder_ctl_fops_binderfs(0xffffffffffffff9c, 0x0, 0x800, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0xf, 0x6, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 775.302955ms ago: executing program 6 (id=2282): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) r0 = socket(0x18, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x40047459, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r1, 0x0, 0x3}, 0xc) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETPAGEFILE(r1, 0x7a9, 0x0) madvise$auto(0x0, 0xffffffffffff0004, 0x19) syz_clone3(&(0x7f0000000200)={0x182000080, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) poll$auto(&(0x7f0000000d40)={0x3, 0x1, 0xa}, 0x5, 0x400) ioctl$auto_CEC_S_MODE(r2, 0x40046109, &(0x7f0000002c40)=0xd0) kill$auto(0x0, 0x21) r3 = socket$nl_generic(0x10, 0x3, 0x10) mq_open$auto(&(0x7f0000000000)='\xbe\xf2\x82\xe7\x14g\xb5\xeeMQ\x13\xa2_g\xbf\t\xfa\xf2_N\xb0{\xf9\xb57v\xeeG\xd9l\xbf\x86q w\x96\xd9\xe9\xa8\xe1\xf0\xc7\x1f\x1e\xc4\xc4\x89u\x83\xe8}\xbd\x7fO\x91\xc1UVW.\xb6\xad\x04u\x02w.\xec`O\xc1\x0e\x15\xe7:\xc9\x1bK\xcddY\x03\x95\xd1\xae\xc1\x9b\x96\x9faj\xd2\xfc\xfc\x1f7\xaf\xcan\xf6\xc0wK\xce\xe7Q\xae\xc9Hg\x01\xef\xda[\xe5\xa3\xa3%\'\x8f\xcf\x96X:\x04Dkt\x7f\xde\x80\x01\xddX\x91\x88\xa1\t\xc3\xf1\xfe[\x93$O8 b\xb4\x92\xf4\xbc\xc5\xb9\x989\xfcF\xec\xdc@\xdd\xdaeM\xe0U\xc8;\xf5\xe7$Q8\xd2\x87\xdd\xc5\x9d\xc5\xe8\xb5\xb5\xb8\xdfD\xd0\xe8t\x8aS\xaa\xbe\xaa\xba\x9e^0\x1a\xf8Y\xf5Jp\bu\xba\x98\x00\xf0H5\xa9u\x0e\xc4\x04\x13\xf58p\x9f\x11\xc07\xefS*|\xd87\x12\xd8\xce\xde0\xd82;\xcd\x18\r\xccI\x99\n\xd2\x86', 0xdd1, 0x8, 0x0) mq_notify$auto(0x4, &(0x7f0000000040)={@sival_ptr=0x0, @inferred, 0x1}) openat$auto_tracing_readme_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/README\x00', 0x400000, 0x0) mq_notify$auto(r3, &(0x7f0000000040)={@sival_int=0x4, @raw=0x3ff}) r4 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_S_MODE(r4, 0x40046109, &(0x7f0000002c40)=0xd0) 733.106368ms ago: executing program 2 (id=2283): socket(0x2, 0x1, 0x0) socket(0x2, 0x1, 0x0) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x0) close_range$auto(0x2, 0x8000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000000), 0x68) connect$auto(0x3, &(0x7f0000000000), 0x55) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) bind$auto(0x3, 0x0, 0x68) write$auto(0x3, 0x0, 0xfffffdef) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) syz_clone(0xcc81455747ec94b6, 0x0, 0x0, 0x0, 0x0, 0x0) 593.575878ms ago: executing program 8 (id=2284): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) pkey_free$auto(0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) madvise$auto(0x0, 0x3, 0x67) move_pages$auto(0x0, 0x91, 0x0, 0x0, 0x0, 0x0) rt_tgsigqueueinfo$auto(0x0, 0x0, 0x40, &(0x7f0000000400)={@siginfo_0_0={0x3, 0x1c51, 0x7, @_sigchld={0x0, 0xffffffffffffffff, 0x4d, 0x8, 0x9}}}) munmap$auto(0x0, 0xffffffff) socket(0xa, 0x3, 0x73) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x47, 0x8000) mbind$auto(0x0, 0x5, 0x6, &(0x7f0000000000)=0x6, 0x8, 0x3) setsockopt$auto(0x400000000000003, 0xff, 0xc, 0x0, 0xfff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) pkey_free$auto(0x0) (async) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) (async) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000) (async) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) (async) madvise$auto(0x0, 0x3, 0x67) (async) move_pages$auto(0x0, 0x91, 0x0, 0x0, 0x0, 0x0) (async) rt_tgsigqueueinfo$auto(0x0, 0x0, 0x40, &(0x7f0000000400)={@siginfo_0_0={0x3, 0x1c51, 0x7, @_sigchld={0x0, 0xffffffffffffffff, 0x4d, 0x8, 0x9}}}) (async) munmap$auto(0x0, 0xffffffff) (async) socket(0xa, 0x3, 0x73) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x47, 0x8000) (async) mbind$auto(0x0, 0x5, 0x6, &(0x7f0000000000)=0x6, 0x8, 0x3) (async) setsockopt$auto(0x400000000000003, 0xff, 0xc, 0x0, 0xfff) (async) 246.796176ms ago: executing program 2 (id=2285): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f00000001c0), r1) sendmsg$auto_TCP_METRICS_CMD_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x8040}, 0x44000) (async) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) (async) io_uring_setup$auto(0x2df3, &(0x7f0000000000)={0xd4, 0x41, 0x7f, 0x6, 0x3, 0x5, r0, [0x8, 0x40, 0x1], {0x455a790c, 0x4, 0xfffffbff, 0x10, 0x4, 0x7, 0x1, 0x9, 0x2}, {0x0, 0x2, 0x8, 0xb4a, 0x9, 0xfe, 0x0, 0xffffb097, 0x3}}) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000300), r0) (async) read$auto(r0, &(0x7f0000000100)='nl80211\x00', 0xbe62) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000001100), r3) (async) openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, 0x0, 0x121c01, 0x0) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) (async) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) recvmmsg$auto(0x4, &(0x7f0000000200)={{0x0, 0x4, &(0x7f0000000140)={0x0, 0x4da}, 0x4, 0x0, 0x8, 0x800}, 0x1000}, 0xffffffff, 0x0, 0x0) sendmsg$auto_NETDEV_CMD_NAPI_GET(r4, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000340)=ANY=[], 0x1c}}, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_rfcomm_dlc_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x2682, 0x0) read$auto_rfcomm_dlc_debugfs_fops_(r5, &(0x7f0000000080)=""/96, 0x60) (async) r6 = socket$nl_generic(0x10, 0x3, 0x10) (async) r7 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000180), r2) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r6, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000001380)={0x18, r7, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@HWSIM_ATTR_DESTROY_RADIO_ON_CLOSE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) (async) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r8 = getsockopt$auto(0x6, 0x107, 0x14, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, r8) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={0x0}}, 0x4001) (async) close_range$auto(0x2, 0x8000, 0x0) 0s ago: executing program 2 (id=2286): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = memfd_create$auto(0x0, 0xe) r2 = socket(0x2, 0x1, 0x106) setsockopt$auto(r2, 0x1, 0x21, 0x0, 0x9) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x69) syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r0) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x20000040}, 0x5c090) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) open(0x0, 0x149443, 0x0) r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg1\x00', 0x82802, 0x0) ioctl$auto(r3, 0x2285, 0x1cfc4b42) r4 = openat$auto_component_list_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0xa00, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/security/tomoyo/exception_policy\x00', 0x2, 0x0) socket(0xa, 0x2, 0x0) socket(0xa, 0x5, 0x5) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55) io_cancel$auto(0x7fff, &(0x7f0000000040)={0x1, 0x3, 0x5, 0x2, 0x80, 0xffffffffffffffff, 0x6, 0xbdbc, 0x0, 0x0, 0x2}, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES16=0x0], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, 0x0, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) close_range$auto(r4, r5, 0x8) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff) kernel console output (not intermixed with test programs): [ 246.001636][ T8961] netlink: 4 bytes leftover after parsing attributes in process `syz.0.737'. [ 246.752476][ T8971] : entered promiscuous mode [ 252.839727][ T9046] netlink: 48 bytes leftover after parsing attributes in process `syz.3.759'. [ 252.901385][ T9051] : entered promiscuous mode [ 253.544048][ T9063] HSR: entered promiscuous mode [ 253.553781][ T9064] openvswitch: HSR: Dropping previously announced user features [ 253.651789][ T9066] delete_channel: no stack [ 253.657380][ T9066] delete_channel: no stack [ 255.592081][ T9088] : entered promiscuous mode [ 260.844454][ T9153] openvswitch: : Dropping previously announced user features [ 261.294266][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.300935][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 270.194256][ T9221] netlink: 8 bytes leftover after parsing attributes in process `syz.2.793'. [ 270.221391][ T9221] HSR: entered promiscuous mode [ 272.684745][ T9259] netlink: 326 bytes leftover after parsing attributes in process `syz.0.803'. [ 272.885140][ T9259] veth0_macvtap: left promiscuous mode [ 282.347825][ T29] audit: type=1800 audit(4294967350.400:8): pid=9381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.831" name="discovery_nqn" dev="configfs" ino=23489 res=0 errno=0 [ 287.869414][ T9425] netlink: 342 bytes leftover after parsing attributes in process `syz.3.844'. [ 295.126886][ T9488] openvswitch: netlink: nsh attribute has unmatched MD type 0. [ 295.554813][ T9496] netlink: 4 bytes leftover after parsing attributes in process `syz.0.864'. [ 295.572704][ T9496] tc_dump_action: action bad kind [ 299.453660][ T9556] vivid-013: ================= START STATUS ================= [ 299.461734][ T9556] vivid-013: Generate PTS: true [ 299.467574][ T9556] vivid-013: Generate SCR: true [ 299.472615][ T9556] tpg source WxH: 640x360 (Y'CbCr) [ 299.479058][ T9556] tpg field: 1 [ 299.482484][ T9556] tpg crop: 640x360@0x0 [ 299.489182][ T9556] tpg compose: 640x360@0x0 [ 299.493923][ T9556] tpg colorspace: 8 [ 299.501095][ T9556] tpg transfer function: 0/0 [ 299.516902][ T9556] tpg Y'CbCr encoding: 0/0 [ 299.523375][ T9556] tpg quantization: 0/0 [ 299.532052][ T9556] tpg RGB range: 0/2 [ 299.540500][ T9556] vivid-013: ================== END STATUS ================== [ 300.749545][ T9567] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 300.924618][ T9568] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 303.447638][ T9598] netlink: 28 bytes leftover after parsing attributes in process `syz.0.886'. [ 303.538069][ T9598] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 303.690907][ T9598] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 304.975636][ T9624] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 305.625519][ T9625] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 309.601887][ T9672] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 309.712510][ T9673] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 311.795301][ T9712] Process accounting resumed [ 313.946372][ T9744] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 314.315149][ T9746] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 314.993774][ T9751] netlink: 322 bytes leftover after parsing attributes in process `syz.1.914'. [ 315.963590][ T9769] netlink: 'syz.0.922': attribute type 4 has an invalid length. [ 315.980397][ T9769] netlink: 314 bytes leftover after parsing attributes in process `syz.0.922'. [ 317.788206][ T9789] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 318.411987][ T9791] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 319.085361][ T5145] Bluetooth: hci0: unexpected event 0x06 length: 4 > 3 [ 320.998361][ T29] audit: type=1800 audit(8277292071.246:9): pid=9832 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.938" name="members" dev="configfs" ino=25731 res=0 errno=0 [ 322.088992][ T9841] netlink: 342 bytes leftover after parsing attributes in process `syz.3.942'. [ 322.674722][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.681404][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 331.658042][ T9961] openvswitch: netlink: Message has 20 unknown bytes. [ 333.299620][ T29] audit: type=1800 audit(8277292083.542:10): pid=9984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.976" name="dbroot" dev="configfs" ino=26675 res=0 errno=0 [ 338.834929][T10058] netlink: 2 bytes leftover after parsing attributes in process `syz.1.992'. [ 338.879744][T10055] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 400008000010006 [ 339.130650][T10061] erspan0: entered allmulticast mode [ 347.652536][T10160] ima: policy update failed [ 347.663935][ T29] audit: type=1802 audit(8277292097.919:11): pid=10160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1016" res=0 errno=0 [ 352.539223][T10215] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1029'. [ 352.570540][T10215] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1029'. [ 356.442029][T10233] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1037'. [ 359.881246][T10290] can: request_module (can-proto-4) failed. [ 360.111272][T10297] Invalid ELF header magic: != ELF [ 366.347238][T10348] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1064'. [ 366.476207][T10348] hsr_slave_0: left promiscuous mode [ 366.608830][T10348] hsr_slave_1: left promiscuous mode [ 370.294389][T10390] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 370.302931][T10390] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 370.354682][T10390] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 370.360849][T10390] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 371.591809][T10403] netlink: 'syz.0.1074': attribute type 2 has an invalid length. [ 371.923639][ T5145] Bluetooth: hci0: command 0x0c1a tx timeout [ 372.324321][ T5145] Bluetooth: hci3: command 0x040f tx timeout [ 372.402584][ T5145] Bluetooth: hci2: command 0x0c1a tx timeout [ 372.408695][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 375.865157][T10445] netlink: 'syz.1.1085': attribute type 23 has an invalid length. [ 376.220424][ T5847] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 376.250354][ T5847] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 376.259811][ T5847] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 376.269895][ T5847] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 376.280409][ T5847] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 376.287853][ T5847] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 376.335299][T10455] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1088'. [ 377.166620][T10455] team0: Port device team_slave_0 removed [ 377.745195][T10451] chnl_net:caif_netlink_parms(): no params data found [ 378.430316][ T5145] Bluetooth: hci1: command tx timeout [ 378.702255][T10451] bridge0: port 1(bridge_slave_0) entered blocking state [ 378.721475][T10451] bridge0: port 1(bridge_slave_0) entered disabled state [ 378.745896][T10451] bridge_slave_0: entered allmulticast mode [ 378.760229][T10451] bridge_slave_0: entered promiscuous mode [ 378.784216][T10451] bridge0: port 2(bridge_slave_1) entered blocking state [ 378.803624][T10451] bridge0: port 2(bridge_slave_1) entered disabled state [ 378.825685][T10451] bridge_slave_1: entered allmulticast mode [ 378.858058][T10451] bridge_slave_1: entered promiscuous mode [ 379.063825][T10451] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 379.111639][T10451] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 379.580587][T10451] team0: Port device team_slave_0 added [ 379.621448][T10451] team0: Port device team_slave_1 added [ 379.851038][T10451] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 379.860822][T10451] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 379.948622][T10451] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 380.130265][T10451] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 380.137302][T10451] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 380.248163][T10451] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 380.478331][ T5145] Bluetooth: hci1: command tx timeout [ 380.648836][T10451] hsr_slave_0: entered promiscuous mode [ 380.703878][T10451] hsr_slave_1: entered promiscuous mode [ 380.788249][T10451] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 380.795959][T10451] Cannot create hsr debugfs directory [ 382.088368][T10451] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 382.133308][T10451] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 382.148285][T10451] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 382.229667][T10451] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 382.567079][ T5145] Bluetooth: hci1: command tx timeout [ 382.654962][T10451] 8021q: adding VLAN 0 to HW filter on device bond0 [ 382.740768][T10451] 8021q: adding VLAN 0 to HW filter on device team0 [ 382.755808][ T7501] bridge0: port 1(bridge_slave_0) entered blocking state [ 382.763126][ T7501] bridge0: port 1(bridge_slave_0) entered forwarding state [ 382.812946][ T7489] bridge0: port 2(bridge_slave_1) entered blocking state [ 382.820118][ T7489] bridge0: port 2(bridge_slave_1) entered forwarding state [ 383.418268][T10451] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 384.092009][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 384.098615][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.140876][T10451] veth0_vlan: entered promiscuous mode [ 384.177538][T10451] veth1_vlan: entered promiscuous mode [ 384.240229][T10451] veth0_macvtap: entered promiscuous mode [ 384.280013][T10451] veth1_macvtap: entered promiscuous mode [ 384.305232][T10524] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1100'. [ 384.334142][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 384.376156][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.406195][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 384.416761][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.451008][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 384.487832][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.528366][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 384.566191][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.586084][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 384.607134][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.635391][T10451] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 384.642719][ T5145] Bluetooth: hci1: command tx timeout [ 384.710369][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 384.744008][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.782484][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 384.816187][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.835484][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 384.846366][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.885934][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 384.905241][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.915372][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 384.926278][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.961481][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 384.986303][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.007168][T10451] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 385.474973][T10524] team0: Port device team_slave_0 removed [ 385.626507][T10451] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.635304][T10451] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.675471][T10451] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.684264][T10451] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 386.021186][T10536] can: request_module (can-proto-0) failed. [ 386.226267][ T7501] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 386.234199][ T7501] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 386.381477][ T7500] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 386.425600][ T7500] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 391.823668][T10602] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1120'. [ 399.420662][T10670] ubi0: attaching mtd0 [ 399.427347][T10670] ubi0: scanning is finished [ 399.509464][T10670] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 399.860779][T10670] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 408.155394][T10743] delete_channel: no stack [ 410.593923][T10787] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1164'. [ 410.803112][T10787] netdevsim netdevsim1 netdevsim2: entered allmulticast mode [ 414.752117][T10826] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 400008000010006 [ 416.920488][ T5145] Bluetooth: hci1: ACL packet too small [ 417.768722][T10867] device-mapper: ioctl: device name cannot be "control", ".", or ".." [ 418.680520][T10866] netlink: 74 bytes leftover after parsing attributes in process `syz.3.1183'. [ 420.557060][T10888] : Can't lookup blockdev [ 420.643152][T10900] netlink: zone id is out of range [ 420.649755][T10900] netlink: zone id is out of range [ 420.654989][T10900] netlink: zone id is out of range [ 420.660460][T10900] netlink: get zone limit has 4 unknown bytes [ 421.439206][T10912] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1195'. [ 421.712328][T10912] bond0: (slave bond_slave_0): Releasing backup interface [ 422.344752][T10924] netlink: 'syz.4.1196': attribute type 23 has an invalid length. [ 422.998718][T10941] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1200'. [ 423.027681][T10930] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1197'. [ 424.487770][T10959] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1205'. [ 425.035891][T10959] bond0: (slave bond_slave_0): Releasing backup interface [ 427.154818][T10263] syz.2.1044 (10263) used greatest stack depth: 17200 bytes left [ 427.414741][T10985] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 427.420941][T10985] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 427.542167][T10985] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 427.569070][T10985] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 427.602566][T10985] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 427.614704][ T29] audit: type=1800 audit(4294967301.622:12): pid=10992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1208" name="lu_gp_id" dev="configfs" ino=31627 res=0 errno=0 [ 427.695690][T10985] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 428.889916][ T5145] Bluetooth: hci0: command 0x0c1a tx timeout [ 429.057710][ T29] audit: type=1107 audit(4294967303.073:13): pid=11007 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 429.493872][ T5145] Bluetooth: hci3: command 0x040f tx timeout [ 429.573768][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 429.581847][ T5145] Bluetooth: hci2: command 0x0c1a tx timeout [ 430.052818][T11026] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1219'. [ 430.093607][T11024] netlink: 'syz.1.1228': attribute type 39 has an invalid length. [ 430.112579][T11024] netlink: 'syz.1.1228': attribute type 40 has an invalid length. [ 430.121178][T11024] netlink: 'syz.1.1228': attribute type 41 has an invalid length. [ 430.133801][T11024] netlink: 'syz.1.1228': attribute type 44 has an invalid length. [ 430.142189][T11024] netlink: 'syz.1.1228': attribute type 46 has an invalid length. [ 430.150131][T11024] netlink: 'syz.1.1228': attribute type 47 has an invalid length. [ 430.158480][T11024] netlink: 'syz.1.1228': attribute type 48 has an invalid length. [ 430.166531][T11024] netlink: 'syz.1.1228': attribute type 49 has an invalid length. [ 430.174682][T11024] netlink: 'syz.1.1228': attribute type 50 has an invalid length. [ 430.183278][T11024] netlink: 6 bytes leftover after parsing attributes in process `syz.1.1228'. [ 430.685452][T11026] bond0: (slave bond_slave_0): Releasing backup interface [ 430.835023][T11037] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1222'. [ 431.655372][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 433.733058][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 434.641737][T11104] Invalid ELF header magic: != ELF [ 436.276575][T11120] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1242'. [ 443.857003][T11289] netlink: 'syz.3.1276': attribute type 1 has an invalid length. [ 444.453920][T11291] HfR: entered promiscuous mode [ 444.559344][T11304] openvswitch: HfR: Dropping previously announced user features [ 444.726164][T11291] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1267'. [ 444.964798][ T29] audit: type=1800 audit(8277292043.684:14): pid=11320 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1283" name="lu_gp_id" dev="configfs" ino=33226 res=0 errno=0 [ 445.240409][T11324] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1284'. [ 445.325368][T11324] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 445.493417][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.499976][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.844848][T11324] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 446.723223][T11345] Process accounting resumed [ 446.871096][ T29] audit: type=1326 audit(8277292045.595:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11350 comm="syz.3.1291" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a01385d29 code=0x0 [ 447.411989][T11368] Invalid ELF header magic: != ELF [ 448.140354][T11369] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1294'. [ 448.259998][T11375] Process accounting resumed [ 448.424905][T11371] Process accounting resumed [ 449.490783][T11391] netlink: 'syz.4.1301': attribute type 1 has an invalid length. [ 450.197259][T11421] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(0.0.0), cmd(49) [ 450.392321][T11420] netlink: 'syz.1.1315': attribute type 1 has an invalid length. [ 450.617760][T11423] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1307'. [ 450.709820][T11423] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 451.144805][T11423] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 451.970652][T11438] Process accounting resumed [ 452.982954][ T29] audit: type=1326 audit(8277292051.707:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11455 comm="syz.4.1318" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3fd4d85d29 code=0x0 [ 453.632313][T11470] Invalid ELF header magic: != ELF [ 453.637252][T11474] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1323'. [ 456.700065][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 456.709226][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 457.473920][ T5145] Bluetooth: hci0: unexpected event 0x02 length: 0 < 1 [ 459.772177][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 459.781319][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 460.409908][T11586] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(0.0.0), cmd(49) [ 461.698746][T11582] Process accounting resumed [ 461.959650][T11601] Process accounting resumed [ 462.133475][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 462.458997][T11608] Invalid ELF header magic: != ELF [ 465.194091][T11628] netlink: 326 bytes leftover after parsing attributes in process `syz.4.1348'. [ 465.927922][T11612] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1344'. [ 466.312729][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 466.412863][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 466.422667][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 466.537860][ T5145] Bluetooth: hci1: unexpected event 0x02 length: 0 < 1 [ 466.712862][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 466.872966][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 468.665101][T11662] lo: entered allmulticast mode [ 468.745242][T11662] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1354'. [ 468.840320][T11662] lo: left allmulticast mode [ 469.842399][T11680] FAULT_INJECTION: forcing a failure. [ 469.842399][T11680] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 469.950764][T11680] CPU: 1 UID: 0 PID: 11680 Comm: syz.2.1360 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 469.961608][T11680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 469.971693][T11680] Call Trace: [ 469.974994][T11680] [ 469.977946][T11680] dump_stack_lvl+0x16c/0x1f0 [ 469.982672][T11680] should_fail_ex+0x497/0x5b0 [ 469.987430][T11680] _copy_from_user+0x2e/0xd0 [ 469.992074][T11680] core_sys_select+0x2b6/0xa10 [ 469.996892][T11680] ? __pfx_core_sys_select+0x10/0x10 [ 470.002231][T11680] ? find_held_lock+0x2d/0x110 [ 470.007067][T11680] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 470.013090][T11680] kern_select+0x15e/0x1e0 [ 470.017555][T11680] ? __pfx_kern_select+0x10/0x10 [ 470.022563][T11680] ? __pfx_ksys_write+0x10/0x10 [ 470.027569][T11680] __x64_sys_select+0xbd/0x160 [ 470.032490][T11680] ? do_syscall_64+0x91/0x250 [ 470.037228][T11680] ? lockdep_hardirqs_on+0x7c/0x110 [ 470.042470][T11680] do_syscall_64+0xcd/0x250 [ 470.047045][T11680] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 470.052969][T11680] RIP: 0033:0x7faa76985d29 [ 470.057404][T11680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 470.077033][T11680] RSP: 002b:00007faa77713038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 470.085467][T11680] RAX: ffffffffffffffda RBX: 00007faa76b75fa0 RCX: 00007faa76985d29 [ 470.093456][T11680] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005 [ 470.101465][T11680] RBP: 00007faa77713090 R08: 0000000000000000 R09: 0000000000000000 [ 470.109477][T11680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 470.117501][T11680] R13: 0000000000000000 R14: 00007faa76b75fa0 R15: 00007ffc2117caa8 [ 470.125512][T11680] [ 475.525206][ T5145] Bluetooth: hci2: unexpected event 0x02 length: 0 < 1 [ 476.291437][T11715] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1366'. [ 476.377763][T11713] Invalid ELF header magic: != ELF [ 476.387001][T11716] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 477.983867][T11717] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1365'. [ 480.533497][T11756] netlink: 326 bytes leftover after parsing attributes in process `syz.3.1376'. [ 480.923377][T11765] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1380'. [ 481.019925][T11763] syz.2.1379 (11763): drop_caches: 0 [ 481.315943][T11766] can0: slcan on ptm0. [ 481.673286][T11762] can0 (unregistered): slcan off ptm0. [ 484.067227][T11786] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 491.498199][T11938] sg_write: process 325 (syz.4.1416) changed security contexts after opening file descriptor, this is not allowed. [ 491.799082][T11945] netlink: 4460 bytes leftover after parsing attributes in process `syz.2.1419'. [ 493.319826][T11978] netlink: 'syz.2.1429': attribute type 17 has an invalid length. [ 493.360617][T11978] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1429'. [ 493.466800][T11983] Process accounting resumed [ 493.543254][T11981] netlink: 'syz.2.1429': attribute type 17 has an invalid length. [ 493.567944][T11980] netlink: 'syz.3.1428': attribute type 9 has an invalid length. [ 493.577690][T11981] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1429'. [ 496.443859][T12032] erspan0: entered allmulticast mode [ 496.962891][T12062] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1445'. [ 501.203832][T12122] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1458'. [ 501.234653][T12122] macvlan1: entered allmulticast mode [ 501.240139][T12122] veth1_vlan: entered allmulticast mode [ 506.469381][T12197] kexec: Could not allocate control_code_buffer [ 506.961597][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.972705][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 510.539106][T12254] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1489'. [ 510.793166][T12260] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 519.175352][T12399] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1529'. [ 522.944089][T12423] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1534'. [ 525.296204][T12452] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1543'. [ 526.294343][T12324] Process accounting resumed [ 527.203310][T12467] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR [ 533.179908][T12529] Process accounting resumed [ 540.555465][T12590] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1578'. [ 540.576944][T12590] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1578'. [ 542.626849][T12608] Process accounting resumed [ 548.424904][T12657] netlink: 346 bytes leftover after parsing attributes in process `syz.1.1594'. [ 553.635211][T12716] Process accounting resumed [ 555.205367][T12721] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1610'. [ 556.929211][T12723] Process accounting paused [ 556.995521][T12763] Process accounting resumed [ 561.780786][T12832] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1636'. [ 561.804465][T12832] vxcan1: entered promiscuous mode [ 563.284928][T12841] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1639'. [ 563.372820][T12841] netdevsim netdevsim3 netdevsim2: entered allmulticast mode [ 563.712226][T12863] cifs: Unknown parameter 'T.ŸÜÛæ¨Å¼c[ŸÐê€$âæµÈ)ü±UóÑnEó-Ê™¾l®öÚ-ºŒ -¾_€™¯Ôåáª5Z äoåé¢mžÐfwYÍhº*/ÿxDlÝ©Š×ígÕkÇAí³ùÏ7ÍØØ9’ôXöa/fê_ÿAR£ˆ™‘ÈxM ‚v¬—pÿ±$^;ôØq‡3±«£n졵-6©+e„k„¾ñÇ<°kœcÔ)n.üeMÍ÷Na¨t®ÐSMÎÆ1,' [ 565.183434][ T29] audit: type=1807 audit(8277292163.897:17): UNKNOWN=$ res=0 [ 565.207213][T12885] ima: policy update failed [ 565.225019][ T29] audit: type=1802 audit(8277292163.927:18): pid=12885 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.3.1648" res=0 errno=0 [ 565.292329][ T29] audit: type=1802 audit(8277292163.937:19): pid=12885 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1648" res=0 errno=0 [ 565.869510][T12882] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 567.356927][T12916] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1655'. [ 567.506044][T12916] bridge0: port 1(bridge_slave_0) entered disabled state [ 567.997522][T12916] bridge_slave_0 (unregistering): left allmulticast mode [ 568.028516][T12916] bridge_slave_0 (unregistering): left promiscuous mode [ 568.108291][T12916] bridge0: port 1(bridge_slave_0) entered disabled state [ 568.375362][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.381957][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 572.896558][T13009] syz.3.1681(13009): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 584.763817][T13072] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1696'. [ 586.535684][T13090] vivid-013: ================= START STATUS ================= [ 586.612019][T13090] vivid-013: Generate PTS: true [ 586.762638][T13090] vivid-013: Generate SCR: true [ 586.769852][T13090] tpg source WxH: 640x360 (Y'CbCr) [ 586.778963][T13090] tpg field: 1 [ 586.792619][T13090] tpg crop: 640x360@0x0 [ 586.822192][T13090] tpg compose: 640x360@0x0 [ 586.850279][T13090] tpg colorspace: 8 [ 586.868474][T13090] tpg transfer function: 0/0 [ 586.888529][T13090] tpg Y'CbCr encoding: 0/0 [ 586.916285][T13090] tpg quantization: 0/0 [ 586.941035][T13090] tpg RGB range: 0/2 [ 586.961372][T13090] vivid-013: ================== END STATUS ================== [ 587.555396][T13098] FAULT_INJECTION: forcing a failure. [ 587.555396][T13098] name failslab, interval 1, probability 0, space 0, times 0 [ 587.631365][T13098] CPU: 1 UID: 0 PID: 13098 Comm: syz.3.1703 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 587.642237][T13098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 587.652350][T13098] Call Trace: [ 587.655680][T13098] [ 587.658660][T13098] dump_stack_lvl+0x16c/0x1f0 [ 587.663413][T13098] should_fail_ex+0x497/0x5b0 [ 587.668168][T13098] ? fs_reclaim_acquire+0xae/0x150 [ 587.673364][T13098] should_failslab+0xc2/0x120 [ 587.678134][T13098] __kmalloc_cache_noprof+0x68/0x420 [ 587.683496][T13098] ? __mutex_unlock_slowpath+0x164/0x690 [ 587.689231][T13098] resv_map_alloc+0x46/0x400 [ 587.693918][T13098] hugetlbfs_get_inode+0x343/0x740 [ 587.699106][T13098] ? __fget_files+0x206/0x3a0 [ 587.703858][T13098] hugetlb_file_setup+0x15b/0x620 [ 587.708960][T13098] ksys_mmap_pgoff+0x189/0x5c0 [ 587.713794][T13098] __x64_sys_mmap+0x125/0x190 [ 587.718579][T13098] do_syscall_64+0xcd/0x250 [ 587.723154][T13098] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 587.729119][T13098] RIP: 0033:0x7f3a01385d29 [ 587.733585][T13098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 587.753260][T13098] RSP: 002b:00007f3a020fb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 587.761827][T13098] RAX: ffffffffffffffda RBX: 00007f3a01576080 RCX: 00007f3a01385d29 [ 587.769862][T13098] RDX: 0000000000000002 RSI: 0000000000200006 RDI: 0000000000000000 [ 587.777899][T13098] RBP: 00007f3a020fb090 R08: 0000000000000602 R09: 0000300000000000 [ 587.785935][T13098] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000001 [ 587.793973][T13098] R13: 0000000000000001 R14: 00007f3a01576080 R15: 00007ffee8efab78 [ 587.802077][T13098] [ 588.476333][ T29] audit: type=1807 audit(8277292187.197:20): UNKNOWN=$ res=0 [ 588.484088][T13092] ima: policy update failed [ 588.532498][ T29] audit: type=1802 audit(8277292187.197:21): pid=13092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.4.1700" res=0 errno=0 [ 588.602620][ T29] audit: type=1802 audit(8277292187.207:22): pid=13092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.1700" res=0 errno=0 [ 588.639544][T13091] Process accounting resumed [ 589.826996][T13102] syz.2.1702: vmalloc error: size 2711552, failed to allocated page array size 5296, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 589.947312][T13102] CPU: 0 UID: 0 PID: 13102 Comm: syz.2.1702 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 589.958184][T13102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 589.968305][T13102] Call Trace: [ 589.971628][T13102] [ 589.974604][T13102] dump_stack_lvl+0x16c/0x1f0 [ 589.979351][T13102] warn_alloc+0x24d/0x3a0 [ 589.983755][T13102] ? __pfx_warn_alloc+0x10/0x10 [ 589.988686][T13102] ? __get_vm_area_node+0x1b0/0x2f0 [ 589.993956][T13102] ? __get_vm_area_node+0x1dc/0x2f0 [ 589.999237][T13102] __vmalloc_node_range_noprof+0x1105/0x1530 [ 590.005295][T13102] ? __lruvec_stat_mod_folio+0xa0/0x360 [ 590.010914][T13102] ? lock_acquire+0x2f/0xb0 [ 590.015567][T13102] ? bpf_check+0x206/0xc870 [ 590.020125][T13102] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 590.026518][T13102] ? rcu_is_watching+0x12/0xc0 [ 590.031480][T13102] ? trace_kmalloc+0x2d/0xd0 [ 590.036178][T13102] ? __kmalloc_node_noprof.cold+0x5a/0x5f [ 590.041965][T13102] ? __kvmalloc_node_noprof+0x6f/0x1a0 [ 590.047480][T13102] ? ktime_get+0x206/0x300 [ 590.051949][T13102] ? bpf_check+0x206/0xc870 [ 590.056499][T13102] vzalloc_noprof+0x6b/0x90 [ 590.061051][T13102] ? bpf_check+0x206/0xc870 [ 590.065602][T13102] bpf_check+0x206/0xc870 [ 590.069977][T13102] ? hlock_class+0x4e/0x130 [ 590.074534][T13102] ? __lock_acquire+0x15a9/0x3c40 [ 590.079604][T13102] ? __pfx___lock_acquire+0x10/0x10 [ 590.084871][T13102] ? __pfx_bpf_check+0x10/0x10 [ 590.089703][T13102] ? find_held_lock+0x2d/0x110 [ 590.094515][T13102] ? bpf_prog_load+0xd45/0x2670 [ 590.099400][T13102] ? __pfx_lock_release+0x10/0x10 [ 590.104456][T13102] ? trace_lock_acquire+0x14e/0x1f0 [ 590.109704][T13102] ? bpf_prog_load+0xd45/0x2670 [ 590.114595][T13102] ? ktime_get_with_offset+0x273/0x3a0 [ 590.120198][T13102] ? lockdep_hardirqs_on+0x7c/0x110 [ 590.125442][T13102] ? read_tsc+0x9/0x20 [ 590.129564][T13102] ? ktime_get_with_offset+0x20f/0x3a0 [ 590.135118][T13102] ? bpf_obj_name_cpy+0x156/0x1b0 [ 590.140258][T13102] bpf_prog_load+0xe3f/0x2670 [ 590.144999][T13102] ? __pfx_bpf_prog_load+0x10/0x10 [ 590.150244][T13102] ? find_held_lock+0x2d/0x110 [ 590.155118][T13102] ? __might_fault+0x13b/0x190 [ 590.159967][T13102] ? __might_fault+0xe3/0x190 [ 590.164720][T13102] __sys_bpf+0x5677/0x57a0 [ 590.169224][T13102] ? __pfx___lock_acquire+0x10/0x10 [ 590.174480][T13102] ? __pfx___sys_bpf+0x10/0x10 [ 590.179326][T13102] ? do_user_addr_fault+0xdc7/0x13f0 [ 590.184679][T13102] ? reacquire_held_locks+0x20b/0x4c0 [ 590.190094][T13102] ? do_user_addr_fault+0xdc7/0x13f0 [ 590.195430][T13102] ? find_held_lock+0x59/0x110 [ 590.200262][T13102] ? lock_acquire+0x2f/0xb0 [ 590.204812][T13102] __x64_sys_bpf+0x78/0xc0 [ 590.209269][T13102] ? lockdep_hardirqs_on+0x7c/0x110 [ 590.214513][T13102] do_syscall_64+0xcd/0x250 [ 590.219077][T13102] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 590.225013][T13102] RIP: 0033:0x7faa76985d29 [ 590.229467][T13102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 590.249211][T13102] RSP: 002b:00007faa776d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 590.257672][T13102] RAX: ffffffffffffffda RBX: 00007faa76b76160 RCX: 00007faa76985d29 [ 590.265680][T13102] RDX: 000000000000000a RSI: 0000000020001080 RDI: 0000000000000005 [ 590.273685][T13102] RBP: 00007faa76a01aa8 R08: 0000000000000000 R09: 0000000000000000 [ 590.281700][T13102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 590.289724][T13102] R13: 0000000000000000 R14: 00007faa76b76160 R15: 00007ffc2117caa8 [ 590.297757][T13102] [ 590.434759][T13102] Mem-Info: [ 590.438626][T13102] active_anon:102813 inactive_anon:60055 isolated_anon:0 [ 590.438626][T13102] active_file:16220 inactive_file:40886 isolated_file:0 [ 590.438626][T13102] unevictable:773 dirty:216 writeback:0 [ 590.438626][T13102] slab_reclaimable:11361 slab_unreclaimable:105708 [ 590.438626][T13102] mapped:49818 shmem:142861 pagetables:1128 [ 590.438626][T13102] sec_pagetables:0 bounce:0 [ 590.438626][T13102] kernel_misc_reclaimable:0 [ 590.438626][T13102] free:1150656 free_pcp:8920 free_cma:0 [ 590.633550][T13102] Node 0 active_anon:411952kB inactive_anon:238172kB active_file:64880kB inactive_file:163476kB unevictable:1556kB isolated(anon):0kB isolated(file):0kB mapped:200272kB dirty:860kB writeback:0kB shmem:566960kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12200kB pagetables:4412kB sec_pagetables:0kB all_unreclaimable? no [ 590.903717][T13102] Node 1 active_anon:0kB inactive_anon:2048kB active_file:0kB inactive_file:68kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:3584kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 591.152953][T13102] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 591.324374][T13102] lowmem_reserve[]: 0 2465 2466 0 0 [ 591.361652][T13102] Node 0 DMA32 free:723060kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:407608kB inactive_anon:237460kB active_file:64880kB inactive_file:162648kB unevictable:1556kB writepending:868kB present:3129332kB managed:2551336kB mlocked:20kB bounce:0kB free_pcp:5648kB local_pcp:2040kB free_cma:0kB [ 591.477899][T13102] lowmem_reserve[]: 0 0 0 0 0 [ 591.502601][T13102] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:828kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 591.624216][T13129] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1709'. [ 591.672679][T13129] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1709'. [ 591.722634][T13102] lowmem_reserve[]: 0 0 0 0 0 [ 591.727487][T13102] Node 1 Normal free:3874804kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:2048kB active_file:0kB inactive_file:68kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:27976kB local_pcp:22052kB free_cma:0kB [ 591.832567][T13102] lowmem_reserve[]: 0 0 0 0 0 [ 591.837834][T13102] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 591.922504][T13102] Node 0 DMA32: 2383*4kB (UME) 726*8kB (UME) 396*16kB (UME) 363*32kB (UME) 132*64kB (UME) 445*128kB (UME) 168*256kB (UM) 28*512kB (UME) 12*1024kB (UME) 4*2048kB (UME) 135*4096kB (M) = 729484kB [ 592.068003][T13102] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 592.142496][T13102] Node 1 Normal: 158*4kB (UME) 6*8kB (ME) 8*16kB (ME) 226*32kB (UME) 121*64kB (UME) 37*128kB (UME) 22*256kB (UME) 13*512kB (UM) 4*1024kB (ME) 6*2048kB (ME) 934*4096kB (M) = 3874856kB [ 592.302542][T13102] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 592.312194][T13102] Node 0 hugepages_total=6 hugepages_free=0 hugepages_surp=3 hugepages_size=2048kB [ 592.452482][T13102] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 592.542489][T13102] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 592.552017][T13102] 197575 total pagecache pages [ 592.672492][T13102] 483 pages in swap cache [ 592.677068][T13102] Free swap = 105168kB [ 592.681453][T13102] Total swap = 124996kB [ 592.762719][T13102] 2097051 pages RAM [ 592.766610][T13102] 0 pages HighMem/MovableOnly [ 592.771332][T13102] 427367 pages reserved [ 592.852598][T13102] 0 pages cma reserved [ 596.536669][T13161] FAULT_INJECTION: forcing a failure. [ 596.536669][T13161] name failslab, interval 1, probability 0, space 0, times 0 [ 596.642710][T13161] CPU: 0 UID: 0 PID: 13161 Comm: syz.4.1715 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 596.653946][T13161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 596.664064][T13161] Call Trace: [ 596.667400][T13161] [ 596.670386][T13161] dump_stack_lvl+0x16c/0x1f0 [ 596.675402][T13161] should_fail_ex+0x497/0x5b0 [ 596.680162][T13161] ? fs_reclaim_acquire+0xae/0x150 [ 596.685361][T13161] should_failslab+0xc2/0x120 [ 596.690151][T13161] __kmalloc_cache_noprof+0x68/0x420 [ 596.695519][T13161] resv_map_alloc+0x7e/0x400 [ 596.700192][T13161] hugetlbfs_get_inode+0x343/0x740 [ 596.705384][T13161] ? __fget_files+0x206/0x3a0 [ 596.710230][T13161] hugetlb_file_setup+0x15b/0x620 [ 596.715339][T13161] ksys_mmap_pgoff+0x189/0x5c0 [ 596.720183][T13161] __x64_sys_mmap+0x125/0x190 [ 596.724934][T13161] do_syscall_64+0xcd/0x250 [ 596.729515][T13161] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 596.735546][T13161] RIP: 0033:0x7f3fd4d85d29 [ 596.740030][T13161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 596.759714][T13161] RSP: 002b:00007f3fd5b9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 596.768208][T13161] RAX: ffffffffffffffda RBX: 00007f3fd4f76080 RCX: 00007f3fd4d85d29 [ 596.776240][T13161] RDX: 0000000000000002 RSI: 0000000000200006 RDI: 0000000000000000 [ 596.784270][T13161] RBP: 00007f3fd5b9f090 R08: 0000000000000602 R09: 0000300000000000 [ 596.792301][T13161] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000001 [ 596.800345][T13161] R13: 0000000000000001 R14: 00007f3fd4f76080 R15: 00007ffe600d6af8 [ 596.808408][T13161] [ 601.223884][T13182] nbd: nbd7 already in use [ 604.613951][T13235] devtmpfs: Bad value for 'gid' [ 604.619037][T13235] devtmpfs: Bad value for 'gid' [ 605.257472][T13243] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1737'. [ 605.400207][ T29] audit: type=1326 audit(8277292204.117:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13242 comm="syz.2.1737" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7faa76985d29 code=0x0 [ 607.761011][T13260] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1740'. [ 610.403824][T13282] FAULT_INJECTION: forcing a failure. [ 610.403824][T13282] name failslab, interval 1, probability 0, space 0, times 0 [ 610.552599][T13282] CPU: 0 UID: 0 PID: 13282 Comm: syz.3.1745 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 610.563461][T13282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 610.573572][T13282] Call Trace: [ 610.576897][T13282] [ 610.579889][T13282] dump_stack_lvl+0x16c/0x1f0 [ 610.584639][T13282] should_fail_ex+0x497/0x5b0 [ 610.589404][T13282] ? fs_reclaim_acquire+0xae/0x150 [ 610.594685][T13282] should_failslab+0xc2/0x120 [ 610.599440][T13282] kmem_cache_alloc_lru_noprof+0x73/0x3b0 [ 610.605242][T13282] ? __d_alloc+0x35/0x8c0 [ 610.609660][T13282] __d_alloc+0x35/0x8c0 [ 610.613906][T13282] d_alloc_pseudo+0x1c/0xc0 [ 610.618512][T13282] alloc_file_pseudo+0xd2/0x200 [ 610.623448][T13282] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 610.628998][T13282] ? hugetlbfs_get_inode+0x323/0x740 [ 610.634365][T13282] hugetlb_file_setup+0x4cd/0x620 [ 610.639469][T13282] ksys_mmap_pgoff+0x189/0x5c0 [ 610.644309][T13282] __x64_sys_mmap+0x125/0x190 [ 610.649056][T13282] do_syscall_64+0xcd/0x250 [ 610.653633][T13282] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 610.659598][T13282] RIP: 0033:0x7f3a01385d29 [ 610.664069][T13282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 610.683750][T13282] RSP: 002b:00007f3a020fb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 610.692236][T13282] RAX: ffffffffffffffda RBX: 00007f3a01576080 RCX: 00007f3a01385d29 [ 610.700268][T13282] RDX: 0000000000000002 RSI: 0000000000200006 RDI: 0000000000000000 [ 610.708301][T13282] RBP: 00007f3a020fb090 R08: 0000000000000602 R09: 0000300000000000 [ 610.716334][T13282] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000001 [ 610.724372][T13282] R13: 0000000000000001 R14: 00007f3a01576080 R15: 00007ffee8efab78 [ 610.732422][T13282] [ 627.557029][ T5847] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 627.570754][ T5847] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 627.585365][ T5847] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 627.595916][ T5847] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 627.663162][ T5847] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 627.752544][ T5847] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 628.857155][T13384] chnl_net:caif_netlink_parms(): no params data found [ 629.635919][T13384] bridge0: port 1(bridge_slave_0) entered blocking state [ 629.675145][T13384] bridge0: port 1(bridge_slave_0) entered disabled state [ 629.702685][T13384] bridge_slave_0: entered allmulticast mode [ 629.710048][T13384] bridge_slave_0: entered promiscuous mode [ 629.754963][T13384] bridge0: port 2(bridge_slave_1) entered blocking state [ 629.773954][T13384] bridge0: port 2(bridge_slave_1) entered disabled state [ 629.792767][T13384] bridge_slave_1: entered allmulticast mode [ 629.800133][T13384] bridge_slave_1: entered promiscuous mode [ 629.810472][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.810613][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 629.985721][ T5847] Bluetooth: hci4: command tx timeout [ 630.557883][T13384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 630.624676][T13384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 632.042810][ T5847] Bluetooth: hci4: command tx timeout [ 632.688438][T13384] team0: Port device team_slave_0 added [ 632.729766][T13384] team0: Port device team_slave_1 added [ 633.476425][T13384] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 633.513353][ T5145] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 633.529340][T13384] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 633.529374][ T5145] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 633.567857][ T5145] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 633.582907][ T5145] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 633.602709][ T5145] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 633.613728][ T5145] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 633.655793][T13384] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 633.727719][T13384] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 633.775827][T13384] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 633.913482][T13384] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 634.122642][ T5847] Bluetooth: hci4: command tx timeout [ 634.178164][T13162] Process accounting paused [ 635.723060][ T5847] Bluetooth: hci5: command tx timeout [ 636.032287][T13222] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 636.204229][ T5847] Bluetooth: hci4: command tx timeout [ 636.637257][T13384] hsr_slave_0: entered promiscuous mode [ 636.683261][T13384] hsr_slave_1: entered promiscuous mode [ 636.742959][T13384] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 636.750624][T13384] Cannot create hsr debugfs directory [ 637.382122][T13419] Invalid ELF header magic: != ELF [ 637.677326][T13222] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 637.822586][ T5847] Bluetooth: hci5: command tx timeout [ 638.557352][T13222] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 639.736671][T13222] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 639.892656][ T5847] Bluetooth: hci5: command tx timeout [ 640.013414][T13403] chnl_net:caif_netlink_parms(): no params data found [ 641.507777][T13403] bridge0: port 1(bridge_slave_0) entered blocking state [ 641.533624][T13403] bridge0: port 1(bridge_slave_0) entered disabled state [ 641.562879][T13403] bridge_slave_0: entered allmulticast mode [ 641.570203][T13403] bridge_slave_0: entered promiscuous mode [ 641.627004][T13403] bridge0: port 2(bridge_slave_1) entered blocking state [ 641.662661][T13403] bridge0: port 2(bridge_slave_1) entered disabled state [ 641.670058][T13403] bridge_slave_1: entered allmulticast mode [ 641.704942][T13403] bridge_slave_1: entered promiscuous mode [ 641.733581][T13384] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 641.957036][T13384] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 641.991513][ T5847] Bluetooth: hci5: command tx timeout [ 642.176610][ T5145] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 642.233101][ T5145] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 642.250523][ T5145] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 642.286865][ T5145] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 642.319917][ T5145] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 642.341354][ T5145] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 642.755622][T13384] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 643.047624][T13403] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 643.082674][T13384] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 643.402769][T13403] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 643.423118][T13222] bridge_slave_1: left allmulticast mode [ 643.428857][T13222] bridge_slave_1: left promiscuous mode [ 643.445090][T13222] bridge0: port 2(bridge_slave_1) entered disabled state [ 643.703401][T13222] bridge_slave_0: left allmulticast mode [ 643.709147][T13222] bridge_slave_0: left promiscuous mode [ 643.734550][T13222] bridge0: port 1(bridge_slave_0) entered disabled state [ 644.452546][ T5145] Bluetooth: hci3: command tx timeout [ 645.577361][T13222] erspan0 (unregistering): left allmulticast mode [ 646.522831][ T5145] Bluetooth: hci3: command tx timeout [ 647.949867][T13222] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 648.108577][T13222] bond0 (unregistering): Released all slaves [ 648.603230][ T5145] Bluetooth: hci3: command tx timeout [ 648.998792][T13222] : left promiscuous mode [ 649.139401][T13403] team0: Port device team_slave_0 added [ 649.185301][T13403] team0: Port device team_slave_1 added [ 649.460295][T13222] HSR: left promiscuous mode [ 649.698192][T13403] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 649.713592][T13403] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 649.739552][ C0] vkms_vblank_simulate: vblank timer overrun [ 649.792605][T13403] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 649.816510][T13403] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 649.824654][T13403] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 649.851669][T13403] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 650.096953][T13384] 8021q: adding VLAN 0 to HW filter on device bond0 [ 650.150632][T13384] 8021q: adding VLAN 0 to HW filter on device team0 [ 650.702591][ T5145] Bluetooth: hci3: command tx timeout [ 650.747065][T13403] hsr_slave_0: entered promiscuous mode [ 650.763908][T13403] hsr_slave_1: entered promiscuous mode [ 650.793477][T13403] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 650.801136][T13403] Cannot create hsr debugfs directory [ 651.077071][T13441] chnl_net:caif_netlink_parms(): no params data found [ 651.461667][T13221] bridge0: port 1(bridge_slave_0) entered blocking state [ 651.469025][T13221] bridge0: port 1(bridge_slave_0) entered forwarding state [ 651.671448][T13221] bridge0: port 2(bridge_slave_1) entered blocking state [ 651.678705][T13221] bridge0: port 2(bridge_slave_1) entered forwarding state [ 651.901881][T13441] bridge0: port 1(bridge_slave_0) entered blocking state [ 651.909327][T13441] bridge0: port 1(bridge_slave_0) entered disabled state [ 651.934270][T13441] bridge_slave_0: entered allmulticast mode [ 651.951537][T13441] bridge_slave_0: entered promiscuous mode [ 652.116364][T13441] bridge0: port 2(bridge_slave_1) entered blocking state [ 652.139944][T13441] bridge0: port 2(bridge_slave_1) entered disabled state [ 652.164464][T13441] bridge_slave_1: entered allmulticast mode [ 652.184360][T13441] bridge_slave_1: entered promiscuous mode [ 652.317796][T13222] hsr_slave_0: left promiscuous mode [ 652.372600][T13222] hsr_slave_1: left promiscuous mode [ 652.393821][T13222] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 652.401345][T13222] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 652.423584][T13222] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 652.431096][T13222] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 652.496071][T13222] veth1_macvtap: left promiscuous mode [ 652.502037][T13222] veth0_macvtap: left promiscuous mode [ 652.509999][T13222] veth1_vlan: left promiscuous mode [ 652.515633][T13222] veth0_vlan: left promiscuous mode [ 653.261401][T13222] team0 (unregistering): Port device team_slave_1 removed [ 653.967165][T13384] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 653.978266][T13384] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 653.998964][T13441] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 654.016278][T13441] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 654.145771][T13441] team0: Port device team_slave_0 added [ 654.166668][T13441] team0: Port device team_slave_1 added [ 654.375907][T13441] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 654.386256][T13441] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 654.472911][T13441] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 654.516112][T13441] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 654.542358][T13441] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 654.601449][T13441] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 654.647165][T13403] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 654.705293][T13403] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 654.745100][T13384] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 654.824290][T13403] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 654.849094][T13403] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 654.898876][T13441] hsr_slave_0: entered promiscuous mode [ 654.913782][T13441] hsr_slave_1: entered promiscuous mode [ 654.936375][T13441] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 654.962887][T13441] Cannot create hsr debugfs directory [ 655.338642][T13403] 8021q: adding VLAN 0 to HW filter on device bond0 [ 655.447102][T13441] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 655.503056][T13441] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 655.524122][T13441] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 655.546362][T13403] 8021q: adding VLAN 0 to HW filter on device team0 [ 655.574927][T13441] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 655.625820][T13384] veth0_vlan: entered promiscuous mode [ 655.684225][ T7487] bridge0: port 1(bridge_slave_0) entered blocking state [ 655.691386][ T7487] bridge0: port 1(bridge_slave_0) entered forwarding state [ 655.716877][T13384] veth1_vlan: entered promiscuous mode [ 655.756688][ T6898] bridge0: port 2(bridge_slave_1) entered blocking state [ 655.763905][ T6898] bridge0: port 2(bridge_slave_1) entered forwarding state [ 655.848013][T13384] veth0_macvtap: entered promiscuous mode [ 655.887853][T13384] veth1_macvtap: entered promiscuous mode [ 655.967463][T13384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 656.012433][T13384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 656.035552][T13384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 656.059490][T13384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 656.073479][T13384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 656.097383][T13384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 656.116992][T13384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 656.135255][T13384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 656.150559][T13384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 656.164010][T13384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 656.184324][T13384] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 656.262980][T13384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 656.293330][T13384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 656.310882][T13384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 656.321740][T13384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 656.331681][T13384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 656.342469][T13384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 656.352559][T13384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 656.363392][T13384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 656.376199][T13384] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 656.416059][T13384] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 656.434504][T13384] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 656.452566][T13384] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 656.461369][T13384] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 656.489533][T13441] 8021q: adding VLAN 0 to HW filter on device bond0 [ 656.569433][T13403] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 656.608972][T13441] 8021q: adding VLAN 0 to HW filter on device team0 [ 656.717800][ T6898] bridge0: port 1(bridge_slave_0) entered blocking state [ 656.725408][ T6898] bridge0: port 1(bridge_slave_0) entered forwarding state [ 656.744693][ T6898] bridge0: port 2(bridge_slave_1) entered blocking state [ 656.751897][ T6898] bridge0: port 2(bridge_slave_1) entered forwarding state [ 656.851032][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 656.872065][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 657.015299][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 657.052975][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 657.460075][T13403] veth0_vlan: entered promiscuous mode [ 657.574575][T13403] veth1_vlan: entered promiscuous mode [ 657.637707][T13441] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 657.807732][T13403] veth0_macvtap: entered promiscuous mode [ 657.861359][T13403] veth1_macvtap: entered promiscuous mode [ 657.933027][T13403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 657.952909][T13403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 657.976866][T13403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 657.998096][T13403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.018792][T13403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 658.040365][T13403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.061857][T13403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 658.084067][T13403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.102565][T13403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 658.123902][T13403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.136676][T13403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 658.149977][T13403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.163641][T13403] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 658.243145][T13403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 658.258618][T13403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.269130][T13589] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 658.282822][T13589] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 658.283580][T13403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 658.288906][T13589] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 658.325989][T13403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.352571][T13403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 658.383088][T13403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.402536][T13403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 658.422542][T13403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.453577][T13403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 658.472500][T13403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.497339][T13589] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 658.497587][T13403] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 658.529429][T13589] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 658.536506][T13589] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 658.545958][T13589] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 658.596957][T13589] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 658.613039][T13403] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 658.622036][T13403] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 658.652748][T13589] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 658.659089][T13403] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 658.671806][T13403] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 658.792816][T13589] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 659.357453][ T7487] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 659.382474][ T7487] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 659.507171][T13441] veth0_vlan: entered promiscuous mode [ 659.576356][T13215] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 659.587323][T13215] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 659.636884][T13441] veth1_vlan: entered promiscuous mode [ 659.747475][T13441] veth0_macvtap: entered promiscuous mode [ 659.789541][T13441] veth1_macvtap: entered promiscuous mode [ 659.870407][T13441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 659.927421][T13441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 659.968266][T13441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 660.000943][T13441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.015266][T13441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 660.036433][T13441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.071813][T13441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 660.112643][T13441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.134672][T13441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 660.148263][T13441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.160294][T13441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 660.203209][T13441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.222675][T13441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 660.252513][T13441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.281616][T13441] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 660.288947][ T5145] Bluetooth: hci0: command 0x0c1a tx timeout [ 660.362894][ T5145] Bluetooth: hci4: command 0x0c1a tx timeout [ 660.405771][T13441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 660.467522][T13441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.512672][T13441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 660.563363][T13441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.602716][ T5145] Bluetooth: hci3: command 0x0c1a tx timeout [ 660.608859][ T5145] Bluetooth: hci5: command 0x0c1a tx timeout [ 660.615602][T13441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 660.673675][T13441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.752473][T13441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 660.788637][T13441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.837356][T13441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 660.868966][T13441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.905278][T13441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 660.936816][T13441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.973754][T13441] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 661.147142][T13441] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 661.165073][T13441] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 661.182460][T13441] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 661.193787][T13441] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 661.955367][ T79] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 662.012545][ T79] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 662.137364][T13215] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 662.172727][T13215] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 662.447324][ T5145] Bluetooth: hci4: command 0x0c1a tx timeout [ 662.684328][ T5145] Bluetooth: hci5: command 0x0c1a tx timeout [ 662.690502][ T5847] Bluetooth: hci3: command 0x0c1a tx timeout [ 664.523045][ T5145] Bluetooth: hci4: command 0x0c1a tx timeout [ 664.762941][ T5145] Bluetooth: hci5: command 0x0c1a tx timeout [ 664.770419][ T5847] Bluetooth: hci3: command 0x0c1a tx timeout [ 671.957506][T13852] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1837'. [ 674.798591][T13891] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1849'. [ 677.963769][T13962] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1861'. [ 678.434199][T13975] FAULT_INJECTION: forcing a failure. [ 678.434199][T13975] name failslab, interval 1, probability 0, space 0, times 0 [ 678.542650][T13975] CPU: 1 UID: 0 PID: 13975 Comm: syz.6.1862 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 678.553511][T13975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 678.563635][T13975] Call Trace: [ 678.566965][T13975] [ 678.569949][T13975] dump_stack_lvl+0x16c/0x1f0 [ 678.574713][T13975] should_fail_ex+0x497/0x5b0 [ 678.579469][T13975] ? fs_reclaim_acquire+0xae/0x150 [ 678.584665][T13975] should_failslab+0xc2/0x120 [ 678.589443][T13975] __kmalloc_node_noprof+0xd1/0x520 [ 678.594740][T13975] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 678.600289][T13975] __kvmalloc_node_noprof+0xad/0x1a0 [ 678.605666][T13975] seq_read_iter+0x82a/0x12b0 [ 678.610425][T13975] ? __mutex_trylock_common+0xea/0x250 [ 678.615978][T13975] kernfs_fop_read_iter+0x414/0x580 [ 678.621359][T13975] ? rw_verify_area+0xd0/0x700 [ 678.626213][T13975] vfs_read+0x87f/0xbe0 [ 678.630453][T13975] ? __pfx_vfs_read+0x10/0x10 [ 678.635234][T13975] ksys_read+0x12b/0x250 [ 678.639549][T13975] ? __pfx_ksys_read+0x10/0x10 [ 678.644411][T13975] do_syscall_64+0xcd/0x250 [ 678.648993][T13975] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 678.654976][T13975] RIP: 0033:0x7fcb05385d29 [ 678.659434][T13975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 678.679287][T13975] RSP: 002b:00007fcb0628c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 678.687745][T13975] RAX: ffffffffffffffda RBX: 00007fcb05575fa0 RCX: 00007fcb05385d29 [ 678.695844][T13975] RDX: 00000000000000d4 RSI: 0000000020000140 RDI: 0000000000000003 [ 678.703856][T13975] RBP: 00007fcb0628c090 R08: 0000000000000000 R09: 0000000000000000 [ 678.711897][T13975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 678.719999][T13975] R13: 0000000000000000 R14: 00007fcb05575fa0 R15: 00007fff11ef62c8 [ 678.728030][T13975] [ 680.690845][ T29] audit: type=1800 audit(8277292279.337:24): pid=14017 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1869" name="lu_gp_id" dev="configfs" ino=45939 res=0 errno=0 [ 681.801392][T14044] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1873'. [ 682.114679][T14050] FAULT_INJECTION: forcing a failure. [ 682.114679][T14050] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 682.390245][T14050] CPU: 0 UID: 0 PID: 14050 Comm: syz.5.1874 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 682.401129][T14050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 682.411254][T14050] Call Trace: [ 682.414593][T14050] [ 682.417572][T14050] dump_stack_lvl+0x16c/0x1f0 [ 682.422336][T14050] should_fail_ex+0x497/0x5b0 [ 682.427096][T14050] _copy_to_iter+0x29b/0x1400 [ 682.431856][T14050] ? trace_lock_acquire+0x14e/0x1f0 [ 682.437225][T14050] ? __pfx_lock_release+0x10/0x10 [ 682.442332][T14050] ? __pfx__copy_to_iter+0x10/0x10 [ 682.447537][T14050] ? __virt_addr_valid+0x1a4/0x590 [ 682.452736][T14050] ? __virt_addr_valid+0x5e/0x590 [ 682.457830][T14050] ? __phys_addr_symbol+0x30/0x80 [ 682.462928][T14050] ? __check_object_size+0x488/0x710 [ 682.468300][T14050] seq_read_iter+0xd00/0x12b0 [ 682.473095][T14050] kernfs_fop_read_iter+0x414/0x580 [ 682.478380][T14050] ? rw_verify_area+0xd0/0x700 [ 682.483233][T14050] vfs_read+0x87f/0xbe0 [ 682.487457][T14050] ? __pfx_vfs_read+0x10/0x10 [ 682.492205][T14050] ksys_read+0x12b/0x250 [ 682.496521][T14050] ? __pfx_ksys_read+0x10/0x10 [ 682.501383][T14050] do_syscall_64+0xcd/0x250 [ 682.505978][T14050] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 682.511964][T14050] RIP: 0033:0x7f6105185d29 [ 682.516440][T14050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 682.536129][T14050] RSP: 002b:00007f6105ee0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 682.544621][T14050] RAX: ffffffffffffffda RBX: 00007f6105375fa0 RCX: 00007f6105185d29 [ 682.552661][T14050] RDX: 00000000000000d4 RSI: 0000000020000140 RDI: 0000000000000003 [ 682.560700][T14050] RBP: 00007f6105ee0090 R08: 0000000000000000 R09: 0000000000000000 [ 682.568824][T14050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 682.576903][T14050] R13: 0000000000000000 R14: 00007f6105375fa0 R15: 00007ffcc8882be8 [ 682.584967][T14050] [ 683.453936][T14067] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1876'. [ 683.956135][T14074] FAULT_INJECTION: forcing a failure. [ 683.956135][T14074] name failslab, interval 1, probability 0, space 0, times 0 [ 684.163775][T14074] CPU: 1 UID: 0 PID: 14074 Comm: syz.6.1877 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 684.175116][T14074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 684.185241][T14074] Call Trace: [ 684.188573][T14074] [ 684.191555][T14074] dump_stack_lvl+0x16c/0x1f0 [ 684.193015][T14077] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1878'. [ 684.196279][T14074] should_fail_ex+0x497/0x5b0 [ 684.210327][T14074] ? fs_reclaim_acquire+0xae/0x150 [ 684.215524][T14074] should_failslab+0xc2/0x120 [ 684.220378][T14074] __kmalloc_noprof+0xce/0x4f0 [ 684.225246][T14074] ? do_sys_poll+0x24b/0xde0 [ 684.229914][T14074] do_sys_poll+0x24b/0xde0 [ 684.234440][T14074] ? __pfx_mark_lock+0x10/0x10 [ 684.239316][T14074] ? __pfx_do_sys_poll+0x10/0x10 [ 684.244358][T14074] ? __pfx___lock_acquire+0x10/0x10 [ 684.249688][T14074] ? __mutex_unlock_slowpath+0x164/0x690 [ 684.255403][T14074] ? set_user_sigmask+0x217/0x2a0 [ 684.260502][T14074] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 684.266582][T14074] ? __pfx_set_user_sigmask+0x10/0x10 [ 684.272032][T14074] ? __fget_files+0x206/0x3a0 [ 684.276796][T14074] __x64_sys_ppoll+0x25a/0x2d0 [ 684.281622][T14074] ? __pfx___x64_sys_ppoll+0x10/0x10 [ 684.286950][T14074] ? ksys_write+0x1ba/0x250 [ 684.291508][T14074] ? __pfx_ksys_write+0x10/0x10 [ 684.296504][T14074] do_syscall_64+0xcd/0x250 [ 684.301059][T14074] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 684.307010][T14074] RIP: 0033:0x7fcb05385d29 [ 684.311459][T14074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 684.331116][T14074] RSP: 002b:00007fcb0628c038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f [ 684.339575][T14074] RAX: ffffffffffffffda RBX: 00007fcb05575fa0 RCX: 00007fcb05385d29 [ 684.347587][T14074] RDX: 0000000000000000 RSI: 0000000000000020 RDI: 0000000020000080 [ 684.355609][T14074] RBP: 00007fcb0628c090 R08: 0000000000000008 R09: 0000000000000000 [ 684.363615][T14074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 684.371655][T14074] R13: 0000000000000000 R14: 00007fcb05575fa0 R15: 00007fff11ef62c8 [ 684.379679][T14074] [ 688.369979][T14130] FAULT_INJECTION: forcing a failure. [ 688.369979][T14130] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 688.433664][T14130] CPU: 1 UID: 0 PID: 14130 Comm: syz.7.1885 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 688.444537][T14130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 688.454691][T14130] Call Trace: [ 688.458018][T14130] [ 688.460994][T14130] dump_stack_lvl+0x16c/0x1f0 [ 688.465748][T14130] should_fail_ex+0x497/0x5b0 [ 688.470512][T14130] _copy_to_user+0x32/0xd0 [ 688.475007][T14130] simple_read_from_buffer+0xd0/0x160 [ 688.480454][T14130] proc_fail_nth_read+0x198/0x270 [ 688.485567][T14130] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 688.491197][T14130] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 688.496837][T14130] vfs_read+0x1df/0xbe0 [ 688.501073][T14130] ? __fget_files+0x1fc/0x3a0 [ 688.505829][T14130] ? __pfx___mutex_lock+0x10/0x10 [ 688.510909][T14130] ? __pfx_vfs_read+0x10/0x10 [ 688.515730][T14130] ? __fget_files+0x206/0x3a0 [ 688.520467][T14130] ksys_read+0x12b/0x250 [ 688.524766][T14130] ? __pfx_ksys_read+0x10/0x10 [ 688.529585][T14130] do_syscall_64+0xcd/0x250 [ 688.534229][T14130] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 688.540190][T14130] RIP: 0033:0x7f486498473c [ 688.544638][T14130] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 688.564466][T14130] RSP: 002b:00007f4865814030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 688.573283][T14130] RAX: ffffffffffffffda RBX: 00007f4864b75fa0 RCX: 00007f486498473c [ 688.581284][T14130] RDX: 000000000000000f RSI: 00007f48658140a0 RDI: 0000000000000004 [ 688.589315][T14130] RBP: 00007f4865814090 R08: 0000000000000000 R09: 0000000000000000 [ 688.597319][T14130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 688.605322][T14130] R13: 0000000000000000 R14: 00007f4864b75fa0 R15: 00007ffecd161b58 [ 688.613433][T14130] [ 689.321889][T14133] FAULT_INJECTION: forcing a failure. [ 689.321889][T14133] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 689.445931][T14133] CPU: 1 UID: 0 PID: 14133 Comm: syz.2.1888 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 689.456809][T14133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 689.466927][T14133] Call Trace: [ 689.470251][T14133] [ 689.473226][T14133] dump_stack_lvl+0x16c/0x1f0 [ 689.477984][T14133] should_fail_ex+0x497/0x5b0 [ 689.482756][T14133] _copy_from_user+0x2e/0xd0 [ 689.487423][T14133] do_sys_poll+0x1d6/0xde0 [ 689.491903][T14133] ? __pfx_mark_lock+0x10/0x10 [ 689.496761][T14133] ? __pfx_do_sys_poll+0x10/0x10 [ 689.501797][T14133] ? __pfx___lock_acquire+0x10/0x10 [ 689.507132][T14133] ? __mutex_unlock_slowpath+0x164/0x690 [ 689.512855][T14133] ? set_user_sigmask+0x217/0x2a0 [ 689.517930][T14133] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 689.523983][T14133] ? __pfx_set_user_sigmask+0x10/0x10 [ 689.529446][T14133] ? __fget_files+0x206/0x3a0 [ 689.534193][T14133] __x64_sys_ppoll+0x25a/0x2d0 [ 689.539032][T14133] ? __pfx___x64_sys_ppoll+0x10/0x10 [ 689.544392][T14133] ? ksys_write+0x1ba/0x250 [ 689.548961][T14133] ? __pfx_ksys_write+0x10/0x10 [ 689.553912][T14133] do_syscall_64+0xcd/0x250 [ 689.558495][T14133] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 689.564466][T14133] RIP: 0033:0x7faa76985d29 [ 689.568930][T14133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 689.588783][T14133] RSP: 002b:00007faa77713038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f [ 689.597270][T14133] RAX: ffffffffffffffda RBX: 00007faa76b75fa0 RCX: 00007faa76985d29 [ 689.605425][T14133] RDX: 0000000000000000 RSI: 0000000000000020 RDI: 0000000020000080 [ 689.613450][T14133] RBP: 00007faa77713090 R08: 0000000000000008 R09: 0000000000000000 [ 689.621483][T14133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 689.629552][T14133] R13: 0000000000000000 R14: 00007faa76b75fa0 R15: 00007ffc2117caa8 [ 689.637613][T14133] [ 691.273153][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.279596][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.475068][T14150] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1893'. [ 703.036095][T14211] FAULT_INJECTION: forcing a failure. [ 703.036095][T14211] name failslab, interval 1, probability 0, space 0, times 0 [ 703.065713][T14211] CPU: 1 UID: 0 PID: 14211 Comm: syz.7.1910 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 703.076589][T14211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 703.086715][T14211] Call Trace: [ 703.090057][T14211] [ 703.093044][T14211] dump_stack_lvl+0x16c/0x1f0 [ 703.097812][T14211] should_fail_ex+0x497/0x5b0 [ 703.102572][T14211] ? fs_reclaim_acquire+0xae/0x150 [ 703.108303][T14211] should_failslab+0xc2/0x120 [ 703.113085][T14211] __kmalloc_cache_noprof+0x68/0x420 [ 703.118456][T14211] snd_pcm_oss_change_params_locked+0x242/0x3a50 [ 703.124873][T14211] ? trace_contention_end+0xee/0x140 [ 703.130235][T14211] ? __mutex_lock+0x1cc/0xa60 [ 703.135021][T14211] ? __pfx___lock_acquire+0x10/0x10 [ 703.140279][T14211] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 703.147120][T14211] ? __pfx___mutex_lock+0x10/0x10 [ 703.152343][T14211] ? snd_pcm_stream_unlock_irq+0x90/0xb0 [ 703.158056][T14211] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 703.163428][T14211] snd_pcm_oss_set_trigger.isra.0+0x211/0x6b0 [ 703.169591][T14211] ? lockdep_hardirqs_on+0x7c/0x110 [ 703.174899][T14211] snd_pcm_oss_poll+0x51f/0xac0 [ 703.179879][T14211] ? lock_acquire+0x2f/0xb0 [ 703.184547][T14211] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 703.190025][T14211] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 703.195482][T14211] do_sys_poll+0x524/0xde0 [ 703.200006][T14211] ? __pfx_do_sys_poll+0x10/0x10 [ 703.205058][T14211] ? __pfx___lock_acquire+0x10/0x10 [ 703.210340][T14211] ? __pfx_pollwake+0x10/0x10 [ 703.215102][T14211] ? __pfx_pollwake+0x10/0x10 [ 703.219858][T14211] ? __pfx_pollwake+0x10/0x10 [ 703.224618][T14211] ? __pfx_pollwake+0x10/0x10 [ 703.229465][T14211] ? __pfx_pollwake+0x10/0x10 [ 703.234265][T14211] ? __pfx_pollwake+0x10/0x10 [ 703.239014][T14211] ? __pfx_pollwake+0x10/0x10 [ 703.243766][T14211] ? __mutex_unlock_slowpath+0x164/0x690 [ 703.249658][T14211] ? set_user_sigmask+0x217/0x2a0 [ 703.254765][T14211] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 703.260832][T14211] ? __pfx_set_user_sigmask+0x10/0x10 [ 703.266286][T14211] ? __fget_files+0x206/0x3a0 [ 703.271043][T14211] __x64_sys_ppoll+0x25a/0x2d0 [ 703.275885][T14211] ? __pfx___x64_sys_ppoll+0x10/0x10 [ 703.281247][T14211] ? ksys_write+0x1ba/0x250 [ 703.285822][T14211] ? __pfx_ksys_write+0x10/0x10 [ 703.290799][T14211] do_syscall_64+0xcd/0x250 [ 703.295376][T14211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 703.301357][T14211] RIP: 0033:0x7f4864985d29 [ 703.305838][T14211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 703.325623][T14211] RSP: 002b:00007f4865814038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f [ 703.334118][T14211] RAX: ffffffffffffffda RBX: 00007f4864b75fa0 RCX: 00007f4864985d29 [ 703.342150][T14211] RDX: 0000000000000000 RSI: 0000000000000020 RDI: 0000000020000080 [ 703.350180][T14211] RBP: 00007f4865814090 R08: 0000000000000008 R09: 0000000000000000 [ 703.358212][T14211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 703.366247][T14211] R13: 0000000000000000 R14: 00007f4864b75fa0 R15: 00007ffecd161b58 [ 703.374307][T14211] [ 704.674020][ T29] audit: type=1800 audit(8277292303.397:25): pid=14221 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1913" name="dbroot" dev="configfs" ino=46320 res=0 errno=0 [ 704.707903][T14222] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1913'. [ 704.777451][T14222] lo: entered promiscuous mode [ 704.802878][T14222] lo: entered allmulticast mode [ 706.158028][T14238] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1917'. [ 706.894834][T14246] FAULT_INJECTION: forcing a failure. [ 706.894834][T14246] name failslab, interval 1, probability 0, space 0, times 0 [ 706.946542][T14246] CPU: 0 UID: 0 PID: 14246 Comm: syz.5.1920 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 706.957415][T14246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 706.967537][T14246] Call Trace: [ 706.970871][T14246] [ 706.973858][T14246] dump_stack_lvl+0x16c/0x1f0 [ 706.978621][T14246] should_fail_ex+0x497/0x5b0 [ 706.983380][T14246] ? fs_reclaim_acquire+0xae/0x150 [ 706.988577][T14246] should_failslab+0xc2/0x120 [ 706.993331][T14246] __kmalloc_noprof+0xce/0x4f0 [ 706.998184][T14246] ? unwind_get_return_address+0x59/0xa0 [ 707.003883][T14246] ? constrain_params_by_rules+0x176/0xca0 [ 707.009872][T14246] constrain_params_by_rules+0x176/0xca0 [ 707.015601][T14246] ? stack_trace_save+0x95/0xd0 [ 707.020555][T14246] ? stack_depot_save_flags+0x28/0x9e0 [ 707.026126][T14246] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 707.032359][T14246] ? __kasan_kmalloc+0xaa/0xb0 [ 707.037192][T14246] ? snd_pcm_oss_change_params_locked+0x242/0x3a50 [ 707.043776][T14246] ? snd_pcm_oss_make_ready+0xe6/0x1b0 [ 707.049303][T14246] ? snd_pcm_oss_set_trigger.isra.0+0x211/0x6b0 [ 707.055634][T14246] ? rcu_is_watching+0x12/0xc0 [ 707.060488][T14246] ? snd_interval_refine+0x2fa/0x580 [ 707.065890][T14246] snd_pcm_hw_refine+0x7ec/0xad0 [ 707.071174][T14246] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 707.076840][T14246] ? _snd_pcm_hw_param_min+0x259/0x630 [ 707.082404][T14246] snd_pcm_oss_change_params_locked+0x651/0x3a50 [ 707.088836][T14246] ? __pfx___lock_acquire+0x10/0x10 [ 707.094114][T14246] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 707.100964][T14246] ? __pfx___mutex_lock+0x10/0x10 [ 707.106089][T14246] ? snd_pcm_stream_unlock_irq+0x90/0xb0 [ 707.111816][T14246] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 707.117179][T14246] snd_pcm_oss_set_trigger.isra.0+0x211/0x6b0 [ 707.123308][T14246] ? lockdep_hardirqs_on+0x7c/0x110 [ 707.128590][T14246] snd_pcm_oss_poll+0x51f/0xac0 [ 707.133494][T14246] ? lock_acquire+0x2f/0xb0 [ 707.138049][T14246] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 707.143485][T14246] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 707.148916][T14246] do_sys_poll+0x524/0xde0 [ 707.153398][T14246] ? __pfx_do_sys_poll+0x10/0x10 [ 707.158434][T14246] ? __pfx___lock_acquire+0x10/0x10 [ 707.163730][T14246] ? __pfx_pollwake+0x10/0x10 [ 707.168502][T14246] ? __pfx_pollwake+0x10/0x10 [ 707.173334][T14246] ? __pfx_pollwake+0x10/0x10 [ 707.178084][T14246] ? __pfx_pollwake+0x10/0x10 [ 707.182848][T14246] ? __pfx_pollwake+0x10/0x10 [ 707.187588][T14246] ? __pfx_pollwake+0x10/0x10 [ 707.192324][T14246] ? __pfx_pollwake+0x10/0x10 [ 707.197072][T14246] ? __mutex_unlock_slowpath+0x164/0x690 [ 707.202781][T14246] ? set_user_sigmask+0x217/0x2a0 [ 707.207859][T14246] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 707.213947][T14246] ? __pfx_set_user_sigmask+0x10/0x10 [ 707.219375][T14246] ? __fget_files+0x206/0x3a0 [ 707.224117][T14246] __x64_sys_ppoll+0x25a/0x2d0 [ 707.228940][T14246] ? __pfx___x64_sys_ppoll+0x10/0x10 [ 707.234281][T14246] ? ksys_write+0x1ba/0x250 [ 707.238835][T14246] ? __pfx_ksys_write+0x10/0x10 [ 707.243758][T14246] do_syscall_64+0xcd/0x250 [ 707.248329][T14246] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 707.254284][T14246] RIP: 0033:0x7f6105185d29 [ 707.258739][T14246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 707.278401][T14246] RSP: 002b:00007f6105ee0038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f [ 707.286875][T14246] RAX: ffffffffffffffda RBX: 00007f6105375fa0 RCX: 00007f6105185d29 [ 707.294910][T14246] RDX: 0000000000000000 RSI: 0000000000000020 RDI: 0000000020000080 [ 707.302922][T14246] RBP: 00007f6105ee0090 R08: 0000000000000008 R09: 0000000000000000 [ 707.310931][T14246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 707.318947][T14246] R13: 0000000000000000 R14: 00007f6105375fa0 R15: 00007ffcc8882be8 [ 707.326982][T14246] [ 709.469638][T14289] openvswitch: netlink: IPv4 tunnel dst address is zero [ 709.866151][T14295] FAULT_INJECTION: forcing a failure. [ 709.866151][T14295] name failslab, interval 1, probability 0, space 0, times 0 [ 709.929125][T14295] CPU: 1 UID: 0 PID: 14295 Comm: syz.6.1931 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 709.940000][T14295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 709.950121][T14295] Call Trace: [ 709.953455][T14295] [ 709.956440][T14295] dump_stack_lvl+0x16c/0x1f0 [ 709.961209][T14295] should_fail_ex+0x497/0x5b0 [ 709.966003][T14295] ? fs_reclaim_acquire+0xae/0x150 [ 709.971187][T14295] should_failslab+0xc2/0x120 [ 709.976038][T14295] __kmalloc_cache_noprof+0x68/0x420 [ 709.981401][T14295] ? _snd_pcm_hw_param_min+0x259/0x630 [ 709.986937][T14295] snd_pcm_oss_change_params_locked+0x6e5/0x3a50 [ 709.993357][T14295] ? __pfx___lock_acquire+0x10/0x10 [ 709.998606][T14295] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 710.005415][T14295] ? __pfx___mutex_lock+0x10/0x10 [ 710.010500][T14295] ? snd_pcm_stream_unlock_irq+0x90/0xb0 [ 710.016191][T14295] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 710.021587][T14295] snd_pcm_oss_set_trigger.isra.0+0x211/0x6b0 [ 710.027741][T14295] ? lockdep_hardirqs_on+0x7c/0x110 [ 710.033017][T14295] snd_pcm_oss_poll+0x51f/0xac0 [ 710.037928][T14295] ? lock_acquire+0x2f/0xb0 [ 710.042544][T14295] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 710.048019][T14295] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 710.053468][T14295] do_sys_poll+0x524/0xde0 [ 710.057944][T14295] ? __pfx_do_sys_poll+0x10/0x10 [ 710.063047][T14295] ? __pfx___lock_acquire+0x10/0x10 [ 710.068316][T14295] ? __pfx_pollwake+0x10/0x10 [ 710.073036][T14295] ? __pfx_pollwake+0x10/0x10 [ 710.077844][T14295] ? __pfx_pollwake+0x10/0x10 [ 710.082605][T14295] ? __pfx_pollwake+0x10/0x10 [ 710.087369][T14295] ? __pfx_pollwake+0x10/0x10 [ 710.092089][T14295] ? __pfx_pollwake+0x10/0x10 [ 710.096810][T14295] ? __pfx_pollwake+0x10/0x10 [ 710.101537][T14295] ? __mutex_unlock_slowpath+0x164/0x690 [ 710.107217][T14295] ? set_user_sigmask+0x217/0x2a0 [ 710.112275][T14295] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 710.118300][T14295] ? __pfx_set_user_sigmask+0x10/0x10 [ 710.123741][T14295] ? __fget_files+0x206/0x3a0 [ 710.128489][T14295] __x64_sys_ppoll+0x25a/0x2d0 [ 710.133388][T14295] ? __pfx___x64_sys_ppoll+0x10/0x10 [ 710.138740][T14295] ? ksys_write+0x1ba/0x250 [ 710.143285][T14295] ? __pfx_ksys_write+0x10/0x10 [ 710.148322][T14295] do_syscall_64+0xcd/0x250 [ 710.152891][T14295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 710.158846][T14295] RIP: 0033:0x7fcb05385d29 [ 710.163305][T14295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 710.183845][T14295] RSP: 002b:00007fcb0628c038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f [ 710.192327][T14295] RAX: ffffffffffffffda RBX: 00007fcb05575fa0 RCX: 00007fcb05385d29 [ 710.200340][T14295] RDX: 0000000000000000 RSI: 0000000000000020 RDI: 0000000020000080 [ 710.208437][T14295] RBP: 00007fcb0628c090 R08: 0000000000000008 R09: 0000000000000000 [ 710.216558][T14295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 710.224825][T14295] R13: 0000000000000000 R14: 00007fcb05575fa0 R15: 00007fff11ef62c8 [ 710.232886][T14295] [ 711.542874][T14309] bridge0: port 3(veth1_to_hsr) entered blocking state [ 711.550183][T14309] bridge0: port 3(veth1_to_hsr) entered disabled state [ 711.569141][T14309] veth1_to_hsr: entered allmulticast mode [ 711.600096][T14309] veth1_to_hsr: entered promiscuous mode [ 711.617042][T14309] bridge0: port 3(veth1_to_hsr) entered blocking state [ 711.624220][T14309] bridge0: port 3(veth1_to_hsr) entered forwarding state [ 712.699939][T14313] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 712.708352][T14331] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1940'. [ 713.542089][T14337] Invalid ELF header magic: != ELF [ 716.200027][ T29] audit: type=1800 audit(8277292314.917:26): pid=14385 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.1953" name="dbroot" dev="configfs" ino=46834 res=0 errno=0 [ 716.220254][ C0] vkms_vblank_simulate: vblank timer overrun [ 717.206804][T14391] openvswitch: netlink: IPv4 tunnel dst address is zero [ 720.142743][T14420] erspan0: entered allmulticast mode [ 720.810001][T14431] RDS: rds_bind could not find a transport for fe80::3030:3030:3a30:302f, load rds_tcp or rds_rdma? [ 721.585804][T14446] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1969'. [ 726.233036][T14489] netlink: 'syz.5.1979': attribute type 3 has an invalid length. [ 726.373200][T14489] netlink: 'syz.5.1979': attribute type 3 has an invalid length. [ 727.178332][T14501] FAULT_INJECTION: forcing a failure. [ 727.178332][T14501] name failslab, interval 1, probability 0, space 0, times 0 [ 727.233796][T14501] CPU: 0 UID: 0 PID: 14501 Comm: syz.2.1982 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 727.244674][T14501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 727.254798][T14501] Call Trace: [ 727.258136][T14501] [ 727.261115][T14501] dump_stack_lvl+0x16c/0x1f0 [ 727.265869][T14501] should_fail_ex+0x497/0x5b0 [ 727.270626][T14501] ? fs_reclaim_acquire+0xae/0x150 [ 727.275848][T14501] should_failslab+0xc2/0x120 [ 727.280615][T14501] __kmalloc_cache_noprof+0x68/0x420 [ 727.285973][T14501] ? snd_pcm_hw_param_first+0x301/0x6b0 [ 727.291596][T14501] ? snd_pcm_hw_param_near.constprop.0+0x73e/0x8f0 [ 727.298275][T14501] snd_pcm_hw_param_near.constprop.0+0xbe/0x8f0 [ 727.304596][T14501] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 727.311522][T14501] ? kfree+0x14f/0x4b0 [ 727.315695][T14501] ? calc_src_frames.isra.0+0x187/0x1d0 [ 727.321316][T14501] snd_pcm_oss_change_params_locked+0x1376/0x3a50 [ 727.327804][T14501] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 727.334623][T14501] ? __pfx___mutex_lock+0x10/0x10 [ 727.339714][T14501] ? snd_pcm_stream_unlock_irq+0x90/0xb0 [ 727.345404][T14501] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 727.350745][T14501] snd_pcm_oss_set_trigger.isra.0+0x211/0x6b0 [ 727.356900][T14501] ? lockdep_hardirqs_on+0x7c/0x110 [ 727.362177][T14501] snd_pcm_oss_poll+0x51f/0xac0 [ 727.367088][T14501] ? lock_acquire+0x2f/0xb0 [ 727.371638][T14501] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 727.377064][T14501] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 727.382487][T14501] do_sys_poll+0x524/0xde0 [ 727.386956][T14501] ? __pfx_do_sys_poll+0x10/0x10 [ 727.391986][T14501] ? __pfx___lock_acquire+0x10/0x10 [ 727.397228][T14501] ? __pfx_pollwake+0x10/0x10 [ 727.401943][T14501] ? __pfx_pollwake+0x10/0x10 [ 727.406661][T14501] ? __pfx_pollwake+0x10/0x10 [ 727.411812][T14501] ? __pfx_pollwake+0x10/0x10 [ 727.416560][T14501] ? __pfx_pollwake+0x10/0x10 [ 727.421281][T14501] ? __pfx_pollwake+0x10/0x10 [ 727.426002][T14501] ? __pfx_pollwake+0x10/0x10 [ 727.430754][T14501] ? __mutex_unlock_slowpath+0x164/0x690 [ 727.436434][T14501] ? set_user_sigmask+0x217/0x2a0 [ 727.441493][T14501] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 727.447517][T14501] ? __pfx_set_user_sigmask+0x10/0x10 [ 727.452932][T14501] ? __fget_files+0x206/0x3a0 [ 727.457655][T14501] __x64_sys_ppoll+0x25a/0x2d0 [ 727.462568][T14501] ? __pfx___x64_sys_ppoll+0x10/0x10 [ 727.467915][T14501] ? ksys_write+0x1ba/0x250 [ 727.472491][T14501] ? __pfx_ksys_write+0x10/0x10 [ 727.477398][T14501] do_syscall_64+0xcd/0x250 [ 727.481947][T14501] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 727.487890][T14501] RIP: 0033:0x7faa76985d29 [ 727.492341][T14501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 727.512002][T14501] RSP: 002b:00007faa77713038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f [ 727.520538][T14501] RAX: ffffffffffffffda RBX: 00007faa76b75fa0 RCX: 00007faa76985d29 [ 727.529603][T14501] RDX: 0000000000000000 RSI: 0000000000000020 RDI: 0000000020000080 [ 727.537638][T14501] RBP: 00007faa77713090 R08: 0000000000000008 R09: 0000000000000000 [ 727.545656][T14501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 727.553662][T14501] R13: 0000000000000000 R14: 00007faa76b75fa0 R15: 00007ffc2117caa8 [ 727.561795][T14501] [ 729.555767][ T29] audit: type=1800 audit(8277292328.277:27): pid=14509 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1984" name="SYSV0000000a" dev="hugetlbfs" ino=0 res=0 errno=0 [ 732.783033][T14536] Invalid ELF header magic: != ELF [ 732.803263][ T5847] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 732.814924][ T5847] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 732.825290][ T5847] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 732.835085][ T5847] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 732.861785][ T5847] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 732.869615][ T5847] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 733.547636][T14543] chnl_net:caif_netlink_parms(): no params data found [ 734.345900][T14543] bridge0: port 1(bridge_slave_0) entered blocking state [ 734.353556][T14543] bridge0: port 1(bridge_slave_0) entered disabled state [ 734.360879][T14543] bridge_slave_0: entered allmulticast mode [ 734.383910][T14543] bridge_slave_0: entered promiscuous mode [ 734.834700][T14543] bridge0: port 2(bridge_slave_1) entered blocking state [ 734.844178][T14543] bridge0: port 2(bridge_slave_1) entered disabled state [ 734.851633][T14543] bridge_slave_1: entered allmulticast mode [ 734.882705][T14543] bridge_slave_1: entered promiscuous mode [ 734.923208][ T5847] Bluetooth: hci1: command tx timeout [ 735.325948][T14543] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 735.422126][T14543] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 735.801167][T14543] team0: Port device team_slave_0 added [ 735.838892][T14543] team0: Port device team_slave_1 added [ 736.235064][T14543] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 736.242191][T14543] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 736.312883][T14543] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 736.335072][T14543] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 736.342091][T14543] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 736.410275][T14543] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 737.013028][ T5847] Bluetooth: hci1: command tx timeout [ 737.218775][T14577] Process accounting resumed [ 737.556848][T14543] hsr_slave_0: entered promiscuous mode [ 737.654526][T14543] hsr_slave_1: entered promiscuous mode [ 737.746524][T14543] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 737.782821][T14543] Cannot create hsr debugfs directory [ 738.495629][T14591] Process accounting resumed [ 738.826223][T14591] Process accounting resumed [ 739.092905][ T5847] Bluetooth: hci1: command tx timeout [ 740.700995][T13220] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 740.765559][T14618] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2006'. [ 741.163231][ T5847] Bluetooth: hci1: command tx timeout [ 741.305126][T13220] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 741.454567][T14543] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 741.565626][T14543] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 741.774600][T14634] Process accounting resumed [ 741.925363][T14637] Process accounting resumed [ 742.034580][T13220] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 742.088058][T14543] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 742.126724][T14543] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 742.234886][T13220] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 742.675584][T14543] 8021q: adding VLAN 0 to HW filter on device bond0 [ 742.796363][T14543] 8021q: adding VLAN 0 to HW filter on device team0 [ 742.928696][ T796] bridge0: port 1(bridge_slave_0) entered blocking state [ 742.935998][ T796] bridge0: port 1(bridge_slave_0) entered forwarding state [ 742.968735][ T796] bridge0: port 2(bridge_slave_1) entered blocking state [ 742.976015][ T796] bridge0: port 2(bridge_slave_1) entered forwarding state [ 743.191528][T14543] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 743.283280][T14543] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 743.348052][T13220] bridge_slave_1: left allmulticast mode [ 743.355568][T13220] bridge_slave_1: left promiscuous mode [ 743.361368][T13220] bridge0: port 2(bridge_slave_1) entered disabled state [ 743.573723][T13220] bridge_slave_0: left allmulticast mode [ 743.579746][T13220] bridge_slave_0: left promiscuous mode [ 743.589866][T13220] bridge0: port 1(bridge_slave_0) entered disabled state [ 744.262154][T14620] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 744.941971][T14682] Process accounting resumed [ 745.190906][T14692] nbd: must specify at least one socket [ 746.179133][T13220] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 746.253168][T13220] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 746.294967][T13220] bond0 (unregistering): Released all slaves [ 747.118624][T14543] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 747.766940][T13220] hsr_slave_0: left promiscuous mode [ 747.787640][T13220] hsr_slave_1: left promiscuous mode [ 747.825233][T13220] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 747.839333][T13220] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 747.865257][T13220] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 747.883082][T13220] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 747.971443][T13220] veth1_macvtap: left promiscuous mode [ 747.989131][T13220] veth0_macvtap: left promiscuous mode [ 748.003365][T13220] veth1_vlan: left promiscuous mode [ 748.008781][T13220] veth0_vlan: left promiscuous mode [ 749.900183][T13220] team0 (unregistering): Port device team_slave_1 removed [ 750.069064][T13220] team0 (unregistering): Port device team_slave_0 removed [ 750.651011][T14774] sctp: [Deprecated]: syz.6.2041 (pid 14774) Use of int in max_burst socket option deprecated. [ 750.651011][T14774] Use struct sctp_assoc_value instead [ 751.857449][T14543] veth0_vlan: entered promiscuous mode [ 751.914282][T14543] veth1_vlan: entered promiscuous mode [ 752.070634][T14543] veth0_macvtap: entered promiscuous mode [ 752.112952][T14543] veth1_macvtap: entered promiscuous mode [ 752.211628][T14543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 752.263512][T14543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 752.282589][T14543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 752.322803][T14543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 752.341620][T14543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 752.389059][T14543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 752.412517][T14543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 752.452607][T14543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 752.501347][T14543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 752.528600][T14543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 752.549152][T14543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 752.570354][T14543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 752.591605][T14543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 752.622476][T14543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 752.663078][T14543] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 752.695433][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.701988][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 752.704078][T14543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 752.744315][T14543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 752.764250][T14543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 752.775114][T14543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 752.785439][T14543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 752.796355][T14543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 752.806609][T14543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 752.827521][T14543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 752.847925][T14543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 752.869910][T14543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 752.902520][T14543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 752.922404][T14543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 752.961114][T14543] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 753.094941][T14543] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 753.130118][T14543] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 753.160418][T14543] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 753.183246][T14543] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 753.553471][ T796] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 753.606665][ T796] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 753.829331][ T796] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 753.878699][ T796] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 756.212188][T14891] netlink: 'syz.5.2052': attribute type 1 has an invalid length. [ 756.282217][T14891] netlink: 'syz.5.2052': attribute type 1 has an invalid length. [ 758.598425][T14945] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2061'. [ 759.800940][T14976] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2064'. [ 760.144738][T14984] HfR: entered promiscuous mode [ 761.784682][T15034] netlink: 326 bytes leftover after parsing attributes in process `syz.2.2074'. [ 762.096851][ T29] audit: type=1800 audit(8277292360.807:28): pid=15044 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.2076" name="lu_gp_id" dev="configfs" ino=50590 res=0 errno=0 [ 762.198701][ T29] audit: type=1800 audit(8277292360.817:29): pid=15044 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.2076" name="lu_gp_id" dev="configfs" ino=50590 res=0 errno=0 [ 762.274762][ T29] audit: type=1800 audit(8277292360.817:30): pid=15044 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.2076" name="lu_gp_id" dev="configfs" ino=50590 res=0 errno=0 [ 762.422962][ T29] audit: type=1800 audit(8277292360.827:31): pid=15044 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.2076" name="lu_gp_id" dev="configfs" ino=50590 res=0 errno=0 [ 763.401494][T15075] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR [ 766.107332][T15082] [U] [ 766.119698][T15082] [U] [ 766.122467][T15082] [U] [ 766.125240][T15082] [U] [ 766.212662][T15082] [U] [ 766.215472][T15082] [U] [ 766.218319][T15082] [U] [ 766.221102][T15082] [U] [ 766.233032][T15082] [U] [ 766.235851][T15082] [U] [ 766.238632][T15082] [U] [ 766.241402][T15082] [U] [ 766.256725][T15082] [U] [ 766.259554][T15082] [U] [ 766.262416][T15082] [U] [ 766.265184][T15082] [U] [ 766.299522][T15082] [U] [ 766.302347][T15082] [U] [ 766.305130][T15082] [U] [ 766.307920][T15082] [U] [ 766.342814][T15082] [U] [ 766.345634][T15082] [U] [ 766.348424][T15082] [U] [ 766.351220][T15082] [U] [ 766.424993][T15093] [U] [ 767.352496][T15154] netlink: 306 bytes leftover after parsing attributes in process `syz.5.2092'. [ 769.448814][T15144] Process accounting paused [ 775.775260][T15275] Process accounting paused [ 779.687632][T15423] random: crng reseeded on system resumption [ 781.062152][T15444] warning: `syz.6.2137' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 781.211265][T15451] netlink: 64 bytes leftover after parsing attributes in process `syz.6.2137'. [ 782.598726][ T29] audit: type=1800 audit(8277292381.317:32): pid=15475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.2144" name="dbroot" dev="configfs" ino=51379 res=0 errno=0 [ 782.665498][T15475] sp0: Synchronizing with TNC [ 783.169659][T15479] Process accounting resumed [ 784.655181][T15499] delete_channel: no stack [ 786.233398][T15530] Process accounting resumed [ 786.344081][T15533] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2159'. [ 787.037174][T15544] Line length is too long: Should be less than 4094 [ 788.868777][T15565] KVM: debugfs: duplicate directory 15565-3 [ 788.924097][T15565] KVM: debugfs: duplicate directory 15565-4 [ 788.931500][T15565] KVM: debugfs: duplicate directory 15565-5 [ 788.954366][T15565] KVM: debugfs: duplicate directory 15565-6 [ 788.965686][T15565] KVM: debugfs: duplicate directory 15565-7 [ 788.991206][T15565] KVM: debugfs: duplicate directory 15565-8 [ 789.035440][T15565] KVM: debugfs: duplicate directory 15565-9 [ 789.091287][T15565] KVM: debugfs: duplicate directory 15565-10 [ 789.140998][T15565] KVM: debugfs: duplicate directory 15565-11 [ 789.170775][T15565] KVM: debugfs: duplicate directory 15565-12 [ 789.203943][T15565] cgroup: fork rejected by pids controller in /syz6 [ 789.608357][T15614] Process accounting resumed [ 792.859266][ T29] audit: type=1800 audit(8277292391.577:33): pid=15649 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2179" name="dbroot" dev="configfs" ino=53359 res=0 errno=0 [ 792.956726][T15630] GUP no longer grows the stack in syz.2.2175 (15630): 14000-401000 (4000) [ 793.001210][T15630] CPU: 0 UID: 0 PID: 15630 Comm: syz.2.2175 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 793.012100][T15630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 793.022230][T15630] Call Trace: [ 793.025569][T15630] [ 793.028563][T15630] dump_stack_lvl+0x16c/0x1f0 [ 793.033327][T15630] gup_vma_lookup+0x1d2/0x220 [ 793.033940][T15649] sp0: Synchronizing with TNC [ 793.038059][T15630] __get_user_pages+0x236/0x3b50 [ 793.047829][T15630] ? __pfx___get_user_pages+0x10/0x10 [ 793.053290][T15630] ? down_read_killable+0xcc/0x380 [ 793.058492][T15630] ? __pfx_down_read_killable+0x10/0x10 [ 793.064137][T15630] ? __pfx___lock_acquire+0x10/0x10 [ 793.069425][T15630] __gup_longterm_locked+0x5ff/0x1870 [ 793.074948][T15630] ? __pfx___gup_longterm_locked+0x10/0x10 [ 793.080844][T15630] ? gup_fast_fallback+0x84c/0x2690 [ 793.086140][T15630] ? __pfx_lock_release+0x10/0x10 [ 793.091257][T15630] ? lock_acquire+0x2f/0xb0 [ 793.095834][T15630] ? ___pte_offset_map+0x42/0x540 [ 793.100943][T15630] ? sanity_check_pinned_pages+0x23/0x11e0 [ 793.106859][T15630] gup_fast_fallback+0x1802/0x2690 [ 793.112084][T15630] ? __pfx_gup_fast_fallback+0x10/0x10 [ 793.117658][T15630] pin_user_pages_fast+0xa8/0x100 [ 793.122772][T15630] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 793.128494][T15630] ? __kvmalloc_node_noprof+0x6f/0x1a0 [ 793.134049][T15630] io_pin_pages+0xe1/0x1e0 [ 793.138536][T15630] __io_uaddr_map+0x129/0x260 [ 793.143280][T15630] ? __pfx___io_uaddr_map+0x10/0x10 [ 793.148556][T15630] ? bpf_lsm_capable+0x9/0x10 [ 793.153301][T15630] ? security_capable+0x7e/0x260 [ 793.158322][T15630] io_uring_setup+0x219b/0x3230 [ 793.163272][T15630] ? __pfx_io_uring_setup+0x10/0x10 [ 793.168581][T15630] ? rcu_is_watching+0x12/0xc0 [ 793.173454][T15630] __x64_sys_io_uring_setup+0x98/0x140 [ 793.179095][T15630] do_syscall_64+0xcd/0x250 [ 793.183719][T15630] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 793.189791][T15630] RIP: 0033:0x7faa76985d29 [ 793.194283][T15630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 793.214064][T15630] RSP: 002b:00007faa776f2038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 793.222552][T15630] RAX: ffffffffffffffda RBX: 00007faa76b76080 RCX: 00007faa76985d29 [ 793.230758][T15630] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000040005 [ 793.238797][T15630] RBP: 00007faa76a01aa8 R08: 0000000000000000 R09: 0000000000000000 [ 793.246838][T15630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 793.254870][T15630] R13: 0000000000000000 R14: 00007faa76b76080 R15: 00007ffc2117caa8 [ 793.262928][T15630] [ 797.127573][T15722] netlink: 'syz.2.2197': attribute type 2 has an invalid length. [ 797.152647][T15722] netlink: 674 bytes leftover after parsing attributes in process `syz.2.2197'. [ 798.594119][T15747] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2203'. [ 798.688487][T15747] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2203'. [ 798.982581][T15749] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2203'. [ 799.043107][T15752] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2203'. [ 800.219945][T15755] Process accounting resumed [ 806.709071][T15840] Invalid ELF header magic: != ELF [ 809.868956][T15897] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2234'. [ 809.910285][T15897] bridge0: port 1(bridge_slave_0) entered disabled state [ 810.064906][T15897] bridge_slave_0 (unregistering): left allmulticast mode [ 810.074834][T15897] bridge_slave_0 (unregistering): left promiscuous mode [ 810.086797][T15897] bridge0: port 1(bridge_slave_0) entered disabled state [ 810.769557][ T29] audit: type=1800 audit(8277292047.170:34): pid=15912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.2239" name="discovery_nqn" dev="configfs" ino=53930 res=0 errno=0 [ 810.802459][T15912] netlink: 338 bytes leftover after parsing attributes in process `syz.6.2239'. [ 810.822593][T15912] IPv6: NLM_F_CREATE should be specified when creating new route [ 814.154754][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 814.161181][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 815.093071][T15996] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 815.104560][T15996] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 815.152925][T15996] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 815.159085][T15996] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 815.192184][T15996] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 815.231286][T15996] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 815.803229][T16019] netlink: 330 bytes leftover after parsing attributes in process `syz.8.2261'. [ 815.878807][ T29] audit: type=1800 audit(8277292052.280:35): pid=16019 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.2261" name="features" dev="configfs" ino=55568 res=0 errno=0 [ 816.098936][T16022] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2262'. [ 816.602442][ T5847] Bluetooth: hci0: command 0x0c1a tx timeout [ 817.168160][ T5145] Bluetooth: hci5: command 0x0c1a tx timeout [ 817.174494][ T5145] Bluetooth: hci4: command 0x0c1a tx timeout [ 817.180743][ T5847] Bluetooth: hci1: command 0x0c1a tx timeout [ 817.383648][T16022] team0: Port device team_slave_0 removed [ 819.252469][T14545] Bluetooth: hci1: command 0x0c1a tx timeout [ 821.331290][ T5847] Bluetooth: hci1: command 0x0c1a tx timeout [ 823.536079][T16098] i2c i2c-0: Invalid block write size 128 [ 823.806568][T16094] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 823.837067][T16094] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 823.856840][T16094] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 823.872725][T16094] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 824.282699][ T5847] Bluetooth: hci0: command 0x0c1a tx timeout [ 825.292705][T16144] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI [ 825.305386][T16144] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 825.313842][T16144] CPU: 1 UID: 0 PID: 16144 Comm: GC for TOMOYO Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 825.324927][T16144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 825.335123][T16144] RIP: 0010:tomoyo_gc_thread+0x1ab/0x1390 [ 825.340910][T16144] Code: 6b 55 47 fd c6 45 18 ff 4c 89 ee bf 09 00 00 00 e8 8a f1 ff ff e8 55 55 47 fd 48 89 d8 48 89 de 49 89 dd 48 c1 e8 03 83 e6 07 <42> 0f b6 0c 20 48 8d 43 07 48 89 c2 48 c1 ea 03 42 0f b6 14 22 40 [ 825.360576][T16144] RSP: 0018:ffffc9000cd47e78 EFLAGS: 00010246 [ 825.366705][T16144] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8451f9db [ 825.374834][T16144] RDX: ffff888066813c00 RSI: 0000000000000000 RDI: 0000000000000001 [ 825.382857][T16144] RBP: ffff8880267be300 R08: 0000000000000001 R09: 0000000000000000 [ 825.390869][T16144] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 825.398884][T16144] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88802d0b4c80 [ 825.406910][T16144] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 825.415900][T16144] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 825.422570][T16144] CR2: 0000555586f8b5c8 CR3: 0000000068ab0000 CR4: 00000000003526f0 [ 825.430606][T16144] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 825.438634][T16144] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 825.446664][T16144] Call Trace: [ 825.449989][T16144] [ 825.452958][T16144] ? die_addr+0x3b/0xa0 [ 825.457168][T16144] ? exc_general_protection+0x155/0x230 [ 825.462806][T16144] ? asm_exc_general_protection+0x26/0x30 [ 825.468601][T16144] ? tomoyo_gc_thread+0x17b/0x1390 [ 825.473774][T16144] ? tomoyo_gc_thread+0x1ab/0x1390 [ 825.478942][T16144] ? tomoyo_gc_thread+0x19b/0x1390 [ 825.484100][T16144] ? __kthread_parkme+0x148/0x220 [ 825.489193][T16144] ? __pfx_tomoyo_gc_thread+0x10/0x10 [ 825.494708][T16144] kthread+0x2c1/0x3a0 [ 825.498838][T16144] ? _raw_spin_unlock_irq+0x23/0x50 [ 825.504083][T16144] ? __pfx_kthread+0x10/0x10 [ 825.508732][T16144] ret_from_fork+0x45/0x80 [ 825.513200][T16144] ? __pfx_kthread+0x10/0x10 [ 825.517862][T16144] ret_from_fork_asm+0x1a/0x30 [ 825.522709][T16144] [ 825.525757][T16144] Modules linked in: [ 825.530840][T16144] ---[ end trace 0000000000000000 ]--- [ 825.617669][T16144] RIP: 0010:tomoyo_gc_thread+0x1ab/0x1390 [ 825.627524][T16144] Code: 6b 55 47 fd c6 45 18 ff 4c 89 ee bf 09 00 00 00 e8 8a f1 ff ff e8 55 55 47 fd 48 89 d8 48 89 de 49 89 dd 48 c1 e8 03 83 e6 07 <42> 0f b6 0c 20 48 8d 43 07 48 89 c2 48 c1 ea 03 42 0f b6 14 22 40 [ 825.677967][T16144] RSP: 0018:ffffc9000cd47e78 EFLAGS: 00010246 [ 825.731592][T16144] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8451f9db [ 825.796859][T16144] RDX: ffff888066813c00 RSI: 0000000000000000 RDI: 0000000000000001 [ 825.834658][T16144] RBP: ffff8880267be300 R08: 0000000000000001 R09: 0000000000000000 [ 825.880832][T16144] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 825.889310][ T5847] Bluetooth: hci1: command 0x0c1a tx timeout [ 825.903550][ T5847] Bluetooth: hci5: command 0x0c1a tx timeout [ 825.909721][ T5847] Bluetooth: hci4: command 0x0c1a tx timeout [ 825.941607][T16144] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88802d0b4c80 [ 825.950180][T16144] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 825.977103][T16144] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 825.997071][T16144] CR2: 00007faa76b452d8 CR3: 0000000033d90000 CR4: 00000000003526f0 [ 826.022597][T16144] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 826.030766][T16144] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 826.039774][T16144] Kernel panic - not syncing: Fatal exception [ 826.046205][T16144] Kernel Offset: disabled [ 826.050540][T16144] Rebooting in 86400 seconds..