last executing test programs: 16.201242694s ago: executing program 0 (id=1243): mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) (async) memfd_create$auto(0xfffffffffffffffd, 0xa) (async) socket(0xa, 0x5, 0x0) shutdown$auto(0x200000003, 0x2) (async) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="00000000000000e900"}, 0x56) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) stat$auto(&(0x7f0000000000)='..\x00\x00', 0x0) (async) mprotect$auto(0x1fffeffd, 0x8000000000000001, 0xfffffffffffffffa) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') (async) fchdir$auto(0xf4400000000) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) io_uring_setup$auto(0x6, 0x0) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async) fanotify_init$auto(0x200, 0x2010000000000) (async) syz_genetlink_get_family_id$auto_ovs_datapath(0x0, 0xffffffffffffffff) (async) socket(0x6, 0x1, 0x10001) (async) socket(0xa, 0x2, 0x0) (async) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') (async) socket(0x2, 0x3, 0xa) (async) mknodat$auto(0x6, &(0x7f0000000000)='/%\'\'T}\x00', 0x4, 0x4) (async) connect$auto(0x3, 0x0, 0x55) recvmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x9, &(0x7f0000000080)={0x0, 0x9}, 0x7, 0x0, 0x1, 0x4}, 0x4}, 0x10000, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) fanotify_mark$auto(0x0, 0x401, 0xa, 0x4, 0x0) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) 14.003105712s ago: executing program 0 (id=1248): mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x9, &(0x7f0000000300)={{&(0x7f0000000080)="63a96ec667a4e980eccf9adaebfce3eface581daf9d3fa61ded2a5427680fefa2efb6d937645574419d2d3682ac73492c977af3fefbe74b619c7677e6ef5244bb60c495622cc56df4d2c701f21cb673943e77a947450db848c3dc0fbd98bd49f10aee7463b0d39cc74644517fa89055f5c7fd65a1eba19c6d160af32dd6c911800a5affd4f4a0c2564c4296b8b394b36a8", 0xaa, &(0x7f0000000200)={&(0x7f0000000140)="00c365a080b40214214cbf56c36cb34295801df54eaeb5d8f66d1f5ac572f56d3ec4f0f49e76faaa54c8b59d1053fa403510064bad9989756b8af55ec5507f338be4cf5a0258ad9109e85ea486c7e4ce103e4873be961bb24252909b5b08d24ff40345d87f77d8a74f62a3d26d7fbc863c738da3498eb6a3c93946de99bc71760a0cd0d7f71ef2aaf19a9c146fbdc22415b2e6debe29b16b5693", 0xfd7}, 0x5, &(0x7f0000000240)="4cbecebef90077d782a8fa85ea7b0b411e5452a3eacef822cf085793a80ab8a7c8998fedc66ed75af5b0a60ee7ab74816c12bf69f0349e51e7b48a8af0360b3c492f6e5c24aeef3192eab80cbf52f127c40c0e0f382bed7eec04c36f942ff2670a6dfbc4fc7321e229ac25780ecbcbbd65a38a41c9d24aa6bc3648cec3504a417c0f83d4d6ea0da6a2d33c7879c0dbb83588", 0x4, 0x81}, 0xe}, 0x3, 0x2) (async) sendmmsg$auto(0x9, &(0x7f0000000300)={{&(0x7f0000000080)="63a96ec667a4e980eccf9adaebfce3eface581daf9d3fa61ded2a5427680fefa2efb6d937645574419d2d3682ac73492c977af3fefbe74b619c7677e6ef5244bb60c495622cc56df4d2c701f21cb673943e77a947450db848c3dc0fbd98bd49f10aee7463b0d39cc74644517fa89055f5c7fd65a1eba19c6d160af32dd6c911800a5affd4f4a0c2564c4296b8b394b36a8", 0xaa, &(0x7f0000000200)={&(0x7f0000000140)="00c365a080b40214214cbf56c36cb34295801df54eaeb5d8f66d1f5ac572f56d3ec4f0f49e76faaa54c8b59d1053fa403510064bad9989756b8af55ec5507f338be4cf5a0258ad9109e85ea486c7e4ce103e4873be961bb24252909b5b08d24ff40345d87f77d8a74f62a3d26d7fbc863c738da3498eb6a3c93946de99bc71760a0cd0d7f71ef2aaf19a9c146fbdc22415b2e6debe29b16b5693", 0xfd7}, 0x5, &(0x7f0000000240)="4cbecebef90077d782a8fa85ea7b0b411e5452a3eacef822cf085793a80ab8a7c8998fedc66ed75af5b0a60ee7ab74816c12bf69f0349e51e7b48a8af0360b3c492f6e5c24aeef3192eab80cbf52f127c40c0e0f382bed7eec04c36f942ff2670a6dfbc4fc7321e229ac25780ecbcbbd65a38a41c9d24aa6bc3648cec3504a417c0f83d4d6ea0da6a2d33c7879c0dbb83588", 0x4, 0x81}, 0xe}, 0x3, 0x2) syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000040), 0xffffffffffffffff) listen$auto(0x1, 0x6) vmsplice$auto(0x1, &(0x7f0000000000)={&(0x7f0000000100), 0x5}, 0x6, 0x8) (async) vmsplice$auto(0x1, &(0x7f0000000000)={&(0x7f0000000100), 0x5}, 0x6, 0x8) close_range$auto(0x2, 0x8, 0x0) 13.425750787s ago: executing program 0 (id=1251): mmap$auto(0x4, 0x200004, 0x4000000000df, 0x15, 0x402, 0x1000) vmsplice$auto(0x200, &(0x7f0000000200)={&(0x7f0000000100)="16964ba8e1055c570a1e473af5673e350e516c6bd63141d45df7e2138e5144e201e8353bd3e9e81e91cbecb1cd792fcb6acfbe7d83a7373f0a2dc07af076942f09e04f886c80cdd9f819ec2f09fcc5758ac8ef754a60d66d8bd45166bc629b2e06694b852caa34bf323dde8f963a4f48a2341393c77a1b886b12920a5387ae040e0b04f629d48fa031850c4fcd1c8d54aa5e00f0511e7ceb17b0ad29596f0b58e38fd9e19a0b58a1338b3a3408295c68c589dd60350ed42fd5b564795bf09c59a3660b4eb1e28053759305d9047daaf0ca28dfefc382e7bd67e15d06f438b65f65e1c81374d3d70a707c7a7b3a06b075dd55106bc8e31868e060d1c3f6fb8b", 0x3}, 0x3, 0xffff) r0 = socket(0x15, 0x5, 0x0) setsockopt$auto(0xffff57f4, 0x7fff, 0x7, 0x0, 0x0) mlockall$auto(0x7) lstat$auto(&(0x7f0000000000)='\x00', &(0x7f0000000040)={0x3, 0x0, 0xf5, 0xeeb, 0xfffffff5, 0x81, 0x0, 0x6, 0x4, 0xab, 0x5, 0x4, 0x7fffffff, 0x80, 0x5, 0xb, 0x31, [0x1, 0x9, 0x8]}) mlockall$auto(0x800) r1 = socket(0xa, 0x6, 0x0) write$auto(0x3, 0x0, 0x81) connect$auto(0x3, &(0x7f0000000000)={0xa, @sockaddr_1_1}, 0x53) mprotect$auto(0x0, 0x8000000000000001, 0x6) r2 = socket(0x10, 0x3, 0x4) r3 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)={0x14, r3, 0x1, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4048000}, 0x4000000) r4 = syz_genetlink_get_family_id$auto_802_15_4_MAC(&(0x7f00000003c0), r1) sendmsg$auto_IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x48, r4, 0x2, 0x70bd2d, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x7}, @IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0xfffc}, @IEEE802154_ATTR_SRC_HW_ADDR={0xc, 0xc, 0x8}, @IEEE802154_ATTR_SRC_HW_ADDR={0xc, 0xc, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x8000) 12.594269755s ago: executing program 0 (id=1255): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) semctl$auto(0x1ff, 0x2, 0x13, 0x1) socket(0x25, 0x2, 0x8) socket$nl_generic(0x10, 0x3, 0x10) setresgid$auto(0x800, 0x28000000000000, 0xffffffffffffffff) setregid$auto(0xffffffffffffffff, 0x4000000000000000) socket(0x1d, 0x2, 0x2) connect$auto(0x5, 0x0, 0x9) 11.794061177s ago: executing program 0 (id=1259): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async, rerun: 32) bpf$auto(0x16, 0xffffffffffffffff, 0x0) (rerun: 32) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/pid\x00') ioctl$NS_GET_PARENT(r0, 0x541b, 0x1000000000000) (async) ioperm$auto(0x800, 0x5, 0xd) (async) madvise$auto(0x1ffff000, 0x7, 0x4) (async, rerun: 64) write$auto(0x5, 0x0, 0x3) (rerun: 64) socket(0x28, 0xb, 0x7) (async) getgroups$auto(0xeda, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x2b, 0x1, 0x1) socket(0x1, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) userfaultfd$auto(0x1) socket$nl_generic(0x10, 0x3, 0x10) (async) setresuid$auto(0x0, 0x8, 0x8000) (async) setfsuid$auto(0x8000000000000000) (async) setresuid$auto(0x2, 0x8, 0xa000) socket(0x21, 0x2, 0xa) setsockopt$auto(0x6, 0x1, 0x2a, &(0x7f00000003c0)='ns/cgroup\x00', 0xc) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async) ioperm$auto(0x3, 0x5, 0x149) (async) sysfs$auto(0x2, 0x4, 0x0) mmap$auto(0xfffffffffffffffe, 0x8, 0xdf, 0x9b72, 0x594, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) socket(0x2, 0x0, 0x0) (async) socket(0x1a, 0x2, 0x8005) 9.556022505s ago: executing program 0 (id=1269): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) setresgid$auto(0x81, 0x800000a0, 0x8) ioperm$auto(0x3, 0x5, 0x149) r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/ipc\x00') setns(r0, 0x0) socket(0x2, 0x2, 0x1) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(0x4, &(0x7f0000000000)={{0x0, 0x6, &(0x7f00000002c0)={0x0, 0x4000000006}, 0x1, 0x0, 0x1, 0x6977}, 0xed7138c}, 0xffffffff, 0x9) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x80000, 0x6) fcntl$auto(0x8000000000000001, 0x6, 0x8) sendfile$auto(0x1, 0x3, 0x0, 0x400001000) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mprotect$auto(0x0, 0x800000, 0x6) open(0x0, 0x7ffd, 0x0) r2 = socket(0x28, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) open(&(0x7f0000000080)='./cgroup\x00', 0x40001, 0x6) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) read$auto(0x3, 0x0, 0xfdef) r3 = socket(0x2, 0x6, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0) socket(0x5, 0x2, 0x0) ioctl$auto(0x3, 0x89e1, 0x91) futex$auto(&(0x7f0000000000)=0xf0fe, 0x5, 0x4, 0x0, &(0x7f0000000080)=0x9, 0x1000000) r4 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), r2) sendmsg$auto_OVS_FLOW_CMD_SET(r1, &(0x7f00000025c0)={0x0, 0x0, &(0x7f0000002580)={&(0x7f0000000040)=ANY=[@ANYBLOB="061da755a08eaec63edd7959e0389b463c897e41b5ba71053040f8e1d2df825d771e2f83d54f92800a3e1f2fefa5751c89ba530578ac904338a2b4fcd06b6844093b5dae15224b41553aa3d21d7da935c869c2f79afc8ed194cef5a99418d6cc61c678e2a1a731f08a61e705bde9fea55416b423b7cf6eb8caca8fc41c5bc6bbaeb5f15957e89aed6582b1ade8f8dbdff2596d1fa4ba07734f80669e82a9ee706d745ff832004d56adf4a80513506cd6b00aebaadbd45d64d3fd770525ccb3ef669f", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbcf25040000000400060004000100"], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x0) 7.641859518s ago: executing program 2 (id=1273): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x9) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x9) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2) socket(0xa, 0x2, 0xfffffffe) socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ila(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_ILA_CMD_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="01070000000000000025030000000500070009000000d6ac9484da8b8c80f023d585436a6e2254f7a596eb5692aa51bb9dba99999cc6612e49815977dce09420215bf99eb5d44cb0b0a2e27e2817146b228603af5712fddd0b00a095c877eb117e24f05ea07722c957515efdf8ab21cf"], 0x1c}, 0x1, 0x0, 0x0, 0x4004}, 0x4040090) socket(0x29, 0x2, 0x0) sendmmsg$auto(0x2, &(0x7f0000000240)={{&(0x7f0000000300), 0x6, &(0x7f00000001c0)={&(0x7f0000000100)="56d04d0208d61f700b16d0daac2cec6e963bd864dd4c2b59b4fa7e5dd61a329ac90aa7c55e34eb6c0ccdf6a8c60394a48b3ea4ec4afe128013ecb621f8ee563a0a1533ae65599ad5370744835cdfab6162526ae2ef5e0add19fd9851f74e134663bd8fda7e93a3a398c7d31b19d4bcb796fd1de6c2", 0x10}, 0xa, &(0x7f0000000200), 0x2, 0xfff}, 0x2}, 0x5, 0xfe64) mknod$auto(&(0x7f0000000180)='\xb2{(\\)[{[\x00', 0x2d, 0x8) open(&(0x7f0000000000)='./file1\x00', 0x10677d, 0x37e5c9853cd1b9db) (async) open(&(0x7f0000000000)='./file1\x00', 0x10677d, 0x37e5c9853cd1b9db) socket(0x15, 0x5, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x4, 0x10000008000) io_uring_setup$auto(0x6, &(0x7f0000000040)={0x3ff, 0x1, 0x4, 0x0, 0x101, 0x3ff, 0x3, [0x2, 0x5, 0x2], {0x101, 0x8, 0x0, 0x7, 0x372, 0x6, 0x3, 0x723, 0x7f}, {0xfffffc03, 0x1, 0x2, 0x5, 0x6cea, 0x0, 0x29d, 0x4}}) (async) io_uring_setup$auto(0x6, &(0x7f0000000040)={0x3ff, 0x1, 0x4, 0x0, 0x101, 0x3ff, 0x3, [0x2, 0x5, 0x2], {0x101, 0x8, 0x0, 0x7, 0x372, 0x6, 0x3, 0x723, 0x7f}, {0xfffffc03, 0x1, 0x2, 0x5, 0x6cea, 0x0, 0x29d, 0x4}}) pipe2$auto(0x0, 0x80) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) semctl$auto(0x1ff, 0x2, 0x13, 0x1) memfd_secret$auto(0x0) (async) memfd_secret$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) getsockopt$auto(0x1, 0x2, 0x2a, 0xfffffffffffffffe, 0x0) keyctl$auto(0x2000000000000018, 0xffffffffbffffffd, 0x0, 0x8, 0x9) fanotify_init$auto(0x65, 0x2) socket(0x2, 0x1, 0x106) (async) socket(0x2, 0x1, 0x106) 6.769861502s ago: executing program 2 (id=1276): mmap$auto(0x4000000, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x4000000, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x47397612, 0x8000000000000000, 0x0) (async) socketpair$auto(0x1, 0x47397612, 0x8000000000000000, 0x0) fcntl$auto(0x3, 0x4, 0xa553) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) socket(0xf, 0x3, 0x2) (async) socket(0xf, 0x3, 0x2) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x6, 0x15, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x0, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x80000001]}, 0x0, 0x0) (async) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x6, 0x15, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x0, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x80000001]}, 0x0, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2c, 0x5, 0x4) (async) socket(0x2c, 0x5, 0x4) socket(0x15, 0x5, 0x0) setsockopt$auto(0x3, 0x114, 0x5, 0x0, 0x1) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_handshake(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) open(&(0x7f0000000080)='./cgroup\x00', 0x40001, 0x6) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) (async) io_uring_setup$auto(0x6, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) read$auto(0x3, 0x0, 0xfdef) clone$auto(0xf4c0, 0xfffffffffffffff6, 0xfffffffffffffffc, 0x0, 0xffffffffffffff7e) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x2) pipe$auto(0x0) fcntl$auto(0x8000000000000001, 0x26, 0x2) (async) fcntl$auto(0x8000000000000001, 0x26, 0x2) setsockopt$auto(0x0, 0x484, 0xe, 0x0, 0xd9) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0x2b, 0x1, 0x1) mmap$auto(0x7ff, 0x2020029, 0x20000000007, 0x4000000000000017, 0xfffffffffffffffe, 0x2) pipe2$auto(0x0, 0x81) keyctl$auto(0x2000000000000018, 0xffffffffbffffffd, 0x0, 0x8, 0x9) fanotify_init$auto(0x65, 0x2) 6.76966408s ago: executing program 1 (id=1277): mmap$auto(0x5, 0x4, 0x3, 0x16, 0x402, 0x300000000000) mknod$auto(&(0x7f0000000000)='}[,&*}\x00', 0x1, 0x4) execve$auto(&(0x7f0000000040)='(-[$}[/$\x00', &(0x7f00000000c0)=&(0x7f0000000080)='\x00', &(0x7f0000000140)=&(0x7f0000000100)='\x00') memfd_create$auto(&(0x7f0000000180)='IPVS\x00', 0x4d) mount$auto(0x0, &(0x7f0000000280)='}[,&*}\x00', &(0x7f00000002c0)='\x00', 0x8, 0x0) ftruncate$auto(0x3, 0x0) vmsplice$auto(0x1, &(0x7f0000000000)={0x0, 0x40005}, 0x6, 0x8) 6.100879774s ago: executing program 1 (id=1279): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_VERSION_SET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r1, 0x300, 0x70bd28, 0x25dfdbfc, {}, [@NFSD_A_SERVER_PROTO_VERSION={0x7, 0x1, "8353ed"}, @NFSD_A_SERVER_PROTO_VERSION={0x7, 0x1, "a3cfeb"}, @NFSD_A_SERVER_PROTO_VERSION={0x7, 0x1, "8868a6"}]}, 0x2c}, 0x1, 0x0, 0x0, 0x15}, 0x20000817) 5.709984503s ago: executing program 1 (id=1281): r0 = syz_genetlink_get_family_id$auto_TIPCv2(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_BEARER_DISABLE(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000080)={0x14, r0, 0x1, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x24000081}, 0x40000) (fail_nth: 8) 5.703017492s ago: executing program 2 (id=1282): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) stat$auto(&(0x7f0000000000)='..\x00\x00', 0x0) r0 = socket(0x11, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r0, 0x8955, &(0x7f0000000bc0)={'vxcan1\x00'}) close_range$auto(0x20, 0xffffeff5, 0xffffffff) r1 = getpid() syz_open_procfs$namespace(r1, &(0x7f0000000000)='ns/cgroup\x00') r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00') close_range$auto(0x0, 0xfffffffffffff000, 0x2) r3 = socket$nl_generic(0x10, 0x3, 0x10) pidfd_open$auto(0x1, 0x0) ioctl$NS_GET_PARENT(r2, 0xff07, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x10, 0x2, 0xc) socket(0x2, 0x801, 0x100) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) io_uring_setup$auto(0x6, 0x0) futex$auto(&(0x7f0000000080)=0x2948, 0x0, 0x2948, 0x0, 0x0, 0x5) socket(0x2, 0x5, 0x0) getsockopt$auto(0x6, 0x40000000084, 0x1d, 0xfffffffffffffffe, 0x0) socket(0x2, 0x5, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000080), r3) setsockopt$auto(0x3, 0x10000000084, 0x83, 0x0, 0x8) 4.567295993s ago: executing program 3 (id=1283): mmap$auto(0x0, 0xc, 0x4000000000df, 0x64eb2, 0x10006, 0x300000000000) prctl$auto(0x1000000003b, 0xa, 0x4, 0x5, 0x7) io_getevents$auto(0x1, 0x401, 0x0, 0x0, &(0x7f00000000c0)={0x1, 0x6}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x65, 0x2) iopl$auto(0x3) mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000) io_uring_setup$auto(0x48, 0x0) io_uring_register$auto(0x100000001, 0x0, 0xffffffffffffffff, 0x8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 4.370082176s ago: executing program 2 (id=1284): socket(0xa, 0x801, 0x106) open(0x0, 0x261c2, 0x80) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8947, 0x0) mq_open$auto(0x0, 0x76d4, 0x10fe, &(0x7f0000000100)={0x7, 0xfffffffffffffff9, 0x4, 0x1fffd, [0x8, 0x0, 0x40, 0x4]}) r0 = socket(0x29, 0x80000, 0x7f) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) close_range$auto(0x40200000000, 0xffffffffffffefff, 0x2) socket$nl_generic(0x10, 0x3, 0x10) mremap$auto(0x2, 0x5, 0x8, 0x2, 0x4) socket(0x11, 0x3, 0x2) socket(0x2, 0x2, 0x0) socket(0x2, 0x2, 0x0) connect$auto(0x3, &(0x7f0000000040)={0x2, @sockaddr_1_1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) dup2$auto(0x0, 0x3) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x2020009, 0xffffffffffffffff, 0xeb1, 0xfffffffffffffefb, 0x8000) timer_settime$auto(0x5, 0xffff8000, &(0x7f0000000040)={{0xf, 0x7}, {0x9}}, &(0x7f0000000080)={{0xffffc3bc, 0x6}, {0x3, 0x1}}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) shmctl$auto(0x4, 0xffffffffffffffff, 0xffffffffffffffff) getrandom$auto(0x0, 0x6000000, 0x3) madvise$auto(0x0, 0x3, 0x15) sendmsg$auto_VDPA_CMD_DEV_GET(r0, 0x0, 0x24044090) fcntl$auto(0x3, 0x4, 0x9) ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb701, 0x0) r1 = socket(0x29, 0x2, 0x0) sendmsg$auto_VDPA_CMD_DEV_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={0x0, 0xfffffffffffffe87}, 0x1, 0x0, 0x0, 0x24048044}, 0x0) connect$auto(0x3, &(0x7f0000000140)={0xa, @sa_data_min="c4040000000000000000000200"}, 0x55) setreuid$auto(0x2, 0x7) 3.393597164s ago: executing program 3 (id=1285): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0x29, 0x5, 0x0) write$auto(0x3, 0x0, 0xfffffdef) close_range$auto(0xfffffff8, 0x808000, 0x2) madvise$auto(0x9, 0xffffffff, 0x0) 3.375010431s ago: executing program 1 (id=1286): r0 = socket(0x29, 0x2, 0x0) sendmsg$auto_HWSIM_CMD_GET_RADIO(r0, &(0x7f0000001100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000010c0)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x70bd25, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000001}, 0x8080) mseal$auto(0x1ffff000, 0x7dda, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) madvise$auto(0x0, 0x5, 0x8) madvise$auto(0x0, 0xffffffffffff0005, 0x19) dup2$auto(0x0, 0x3) 2.953870948s ago: executing program 1 (id=1287): mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0xa156) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000080), r0) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c00b5d80ca9d60000", @ANYRES16=r1, @ANYBLOB="01002dbd7000ffdbdf250200000008000100ffffff7f0500040000000000080001008d6f0000"], 0x2c}, 0x1, 0x0, 0x0, 0x40000021}, 0x8004) mmap$auto(0x0, 0x8, 0xdf, 0x209b72, 0x4e477f5a, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/net\x00') socket(0x1d, 0x3, 0x1) getsockopt$auto(0x6, 0x65, 0x2, 0xffffffffffffffff, 0x0) keyctl$auto(0x15, 0x725fffffffb, 0x69c9, 0x2, 0x6) setreuid$auto(0xffffffff, 0xffffffffffffffff) keyctl$auto(0x0, 0x10, 0x1, 0x8, 0x7fcb629d) mmap$auto(0x2, 0x8, 0x9, 0x11, 0x5, 0x1) r2 = socket$nl_generic(0x10, 0x3, 0x10) prctl$auto(0x16, 0x4db, 0xa, 0x6, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r2, 0xffffffffffffffff, 0x4048041) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) syz_genetlink_get_family_id$auto_802_15_4_MAC(0x0, 0xffffffffffffffff) socket(0x2, 0x6, 0x1) setsockopt$auto(0x3, 0x0, 0x10000000000000, 0xfffffffffffffffc, 0x28) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) adjtimex$auto(&(0x7f0000000000)={0x3, 0x0, 0x80000000, 0xfffffffffffffffe, 0x80000000000ffff, 0x7, 0x400, 0x0, 0xfffffffffffffffb, 0x0, 0x100000000, {0x5, 0x334c}, 0x3, 0x4, 0x8000, 0xf64, 0x0, 0x400, 0x10000000008, 0x8, 0x1, 0x0, 0x5}) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0x1) bind$auto(0x7, &(0x7f0000000000)={0x11, @sockaddr_1_1}, 0x3e) getcpu$auto(&(0x7f0000001140), &(0x7f0000001180)=0x80, 0x0) 2.803173355s ago: executing program 2 (id=1288): r0 = socket(0x1, 0x1, 0x1) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x3}, 0x18, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x6) close_range$auto(0x4000000000000, 0x5, 0x4000000000002) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) getdents64$auto(0x0, 0xffffffffffffffff, 0x73bfca64) ioperm$auto(0x3, 0xe, 0x2000000000000149) lsetxattr$auto(0x0, 0xffffffffffffffff, 0x0, 0xfff, 0x1) getsockopt$auto(0x4, 0x6, 0x17, 0xfffffffffffffffc, 0x0) madvise$auto(0x0, 0x1000, 0x13) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) 2.773406769s ago: executing program 3 (id=1289): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x2, 0xc) r2 = socket(0x2, 0x1, 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r2) sendmsg$auto_NL80211_CMD_SET_FILS_AAD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, r3, 0x8, 0x70bd2b, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_INDOOR={0x4}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'gretap0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) epoll_create$auto(0x4) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) socket(0x2c, 0x3, 0x0) init_module$auto(0x0, 0xffffc, 0xfffffffffffffffe) sendmsg$auto_NL80211_CMD_DEL_TX_TS(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f0000000040)={0x22c, r3, 0x400, 0x70bd2d, 0x25dfdbfc, {}, [@NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_MLO_TTLM_DLINK={0xd0, 0x148, "64131be37642cd5c25ba565a147fa8dbfa3a35ddec69a3fe0ad3ff23056db38aaf977086644f4d7386e8e69f883e6f02b55e8744bcd674710a4d0473731c3b87f52949fe02ec1099ae7fdebd62cd4b94278f92829f34f697441f5996d90650e040b9dda26dbafdcfc326f279f0da26146fd237b6fa5dc92e2bffdfad633ce106d670c304ec220987f9f55d804de9e3b2022aee4cdc9b2ca84f95c279401b2377c7e13762770284b39d4962b432695c5a8a4f62df553a292b0d45468eced168262474c7b5399da965bd5bcdd1"}, @NL80211_ATTR_MLO_TTLM_ULINK={0xad, 0x149, "a24400feb98f73957f4dad77cc25571869fe76d53a7a3ac5dae0f72d9ab857ac8b0724e27289adddf326bc4596abc3ef7055d054db30758af3a13ab9f6c685ef2a2b5957b10fdc6dd2db454f746d41d1c2031c687ac0dde9b3c6c18e8ccd1a2c681aa1920b75a70b7cbde37d5caa17e30631dfa4f7007c154e8aa2733a42d8c59267a95d15b96f42f488fd1818300af5a9e83233d3574b89a4d7b2fe2507ebf5f00afc1fac15ba3398"}, @NL80211_ATTR_S1G_CAPABILITY={0x94, 0x128, "4b9873027bc2cc4e664b5e743b10f77b3a4906662cf36c28d9e64280e1d723941ab450f7bbea0a17a5cb8e5b0d0fd2a1adf7397f57d2031d713cc9fd85a75c7f72360abaeb7a561829709e4007d64fb14a8fedb4b7861b4d349384567d5d97cbe21204bb8b616acc0c99c4d54c588bd1fe9f446075af16cacdf52ecd294965be67a2cd82a66878b65eb28afa5356fcc0"}]}, 0x22c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40040) epoll_wait$auto(0x1, 0x0, 0x9, 0x80000001) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x5, 0x6, 0xfffffff3) madvise$auto(0x1ffff000, 0x7, 0x100000000) mkdirat$auto(0x5, 0x0, 0x8000000000000001) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x10, 0x2, 0xc) (async) socket(0x2, 0x1, 0x0) (async) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r2) (async) sendmsg$auto_NL80211_CMD_SET_FILS_AAD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, r3, 0x8, 0x70bd2b, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_INDOOR={0x4}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'gretap0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x4) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) epoll_create$auto(0x4) (async) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) (async) socket(0x2c, 0x3, 0x0) (async) init_module$auto(0x0, 0xffffc, 0xfffffffffffffffe) (async) sendmsg$auto_NL80211_CMD_DEL_TX_TS(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f0000000040)={0x22c, r3, 0x400, 0x70bd2d, 0x25dfdbfc, {}, [@NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_MLO_TTLM_DLINK={0xd0, 0x148, "64131be37642cd5c25ba565a147fa8dbfa3a35ddec69a3fe0ad3ff23056db38aaf977086644f4d7386e8e69f883e6f02b55e8744bcd674710a4d0473731c3b87f52949fe02ec1099ae7fdebd62cd4b94278f92829f34f697441f5996d90650e040b9dda26dbafdcfc326f279f0da26146fd237b6fa5dc92e2bffdfad633ce106d670c304ec220987f9f55d804de9e3b2022aee4cdc9b2ca84f95c279401b2377c7e13762770284b39d4962b432695c5a8a4f62df553a292b0d45468eced168262474c7b5399da965bd5bcdd1"}, @NL80211_ATTR_MLO_TTLM_ULINK={0xad, 0x149, "a24400feb98f73957f4dad77cc25571869fe76d53a7a3ac5dae0f72d9ab857ac8b0724e27289adddf326bc4596abc3ef7055d054db30758af3a13ab9f6c685ef2a2b5957b10fdc6dd2db454f746d41d1c2031c687ac0dde9b3c6c18e8ccd1a2c681aa1920b75a70b7cbde37d5caa17e30631dfa4f7007c154e8aa2733a42d8c59267a95d15b96f42f488fd1818300af5a9e83233d3574b89a4d7b2fe2507ebf5f00afc1fac15ba3398"}, @NL80211_ATTR_S1G_CAPABILITY={0x94, 0x128, "4b9873027bc2cc4e664b5e743b10f77b3a4906662cf36c28d9e64280e1d723941ab450f7bbea0a17a5cb8e5b0d0fd2a1adf7397f57d2031d713cc9fd85a75c7f72360abaeb7a561829709e4007d64fb14a8fedb4b7861b4d349384567d5d97cbe21204bb8b616acc0c99c4d54c588bd1fe9f446075af16cacdf52ecd294965be67a2cd82a66878b65eb28afa5356fcc0"}]}, 0x22c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40040) (async) epoll_wait$auto(0x1, 0x0, 0x9, 0x80000001) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) socket(0x5, 0x6, 0xfffffff3) (async) madvise$auto(0x1ffff000, 0x7, 0x100000000) (async) mkdirat$auto(0x5, 0x0, 0x8000000000000001) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) 2.117972922s ago: executing program 2 (id=1290): close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/time\x00') r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000580), 0xffffffffffffffff) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) socket(0x2, 0x80002, 0x73) write$auto(0x3, 0x0, 0x81) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) munlock$auto(0xd, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xf, 0x3, 0x2) socket(0xf, 0x3, 0x2) close_range$auto(0x2, 0x8000, 0x0) mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0x4, 0x20008000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) creat$auto(0x0, 0xffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) mknod$auto(&(0x7f0000000280)='$}\x00', 0x0, 0xfffffffd) rename$auto(&(0x7f0000000180)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', &(0x7f0000000000)='$}\x00') r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) fsconfig$auto(0x0, 0x80e, 0xfffffffffffffffe, 0xffffffffffffffff, 0x87d) sendmsg$auto_NL80211_CMD_CRIT_PROTOCOL_STOP(r1, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000400)=ANY=[@ANYBLOB="9b381d3199a6dbd9bf4d04bbaae8163a5426b465a9d56ff0cdf36be612e82bd8a1437d6bf5ddc77c1d8c9a95e540461b6fe102ad03a4f63f104302f8b80b9e2b9380b3f7c0bf81ce0cdf8a754ae7f9c825042450123860f01370a05abb61af778c74d9cc00da7be107e532bf16136f84eb218825c5ed85637334183a36b1eb704846a267e4839ee130de3108f0675b62baa7cba99a00d4836a9f67", @ANYRES16=r2, @ANYBLOB="0c0e2abd7000ffdbdf256300000004004601"], 0x18}, 0x1, 0x0, 0x0, 0x8008800}, 0x8014) socket(0x29, 0x2, 0x0) setresuid$auto(0x1, 0xffff, 0x81) io_uring_setup$auto(0x48, 0x0) socket(0xa, 0x5, 0x0) 1.482642699s ago: executing program 3 (id=1291): close_range$auto(0x0, 0xfffffffffffff000, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00') socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/pid\x00') socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x5, 0x0) setsockopt$auto(0x4, 0x84, 0x2, 0xfffffffffffffffe, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x5, 0x0) setsockopt$auto(0x6, 0x84, 0x64, 0xffffffffffffffff, 0x0) 1.070063592s ago: executing program 3 (id=1292): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) stat$auto(&(0x7f0000000000)='..\x00\x00', 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/time\x00') close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) pidfd_open$auto(0x1, 0x0) ioctl$NS_GET_PARENT(r0, 0xff07, 0x0) socket(0x2, 0x5, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x83, 0x0, 0x8) 534.006576ms ago: executing program 3 (id=1293): r0 = syz_genetlink_get_family_id$auto_TIPCv2(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) msync$auto(0x1ffff000, 0x100000000005, 0x400000004) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) clone$auto(0x81000005, 0x6, 0xfffffffffffffffd, 0xffffffffffffffff, 0x80000001) madvise$auto(0x0, 0x5, 0x9) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0x20001002, 0xd7b0, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x1000004000008) sendmsg$auto_TIPC_NL_BEARER_DISABLE(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r0, @ANYBLOB="01002dbd7000fbdbdf4ff4aee1f7"], 0x14}, 0x1, 0x0, 0x0, 0x24000081}, 0x40000) 0s ago: executing program 1 (id=1294): socket(0xa, 0x2, 0x88) mmap$auto(0x5, 0x400008, 0x7, 0x400000ff3, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x3, 0x6) r1 = socket(0x2, 0xa, 0xe57a) socket(0x2b, 0x1, 0x1) socket(0xa, 0x801, 0x106) setsockopt$auto(0x6, 0x8000000000000006, 0x6, 0x0, 0x7ffffc) r2 = syz_genetlink_get_family_id$auto_vdpa(&(0x7f00000000c0), r0) sendmsg$auto_VDPA_CMD_DEV_NEW(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x38, r2, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@VDPA_ATTR_MGMTDEV_DEV_NAME={0x9, 0x2, ')}^*%'}, @VDPA_ATTR_DEV_NET_CFG_MAX_VQP={0x6, 0xc, 0x8}, @VDPA_ATTR_DEV_NET_CFG_MTU={0x6, 0xd, 0x5}, @VDPA_ATTR_DEV_NAME={0x8, 0x4, '}\\[.'}]}, 0x38}}, 0x24020094) connect$auto(0x3, &(0x7f0000000040)={0x2, @sa_data_min="a925719202e046f5903fcb9df4c7"}, 0x55) socket(0x1d, 0x2, 0x6) connect$auto(0x3, &(0x7f0000000000)={0x2, @sa_data_min="0800e00000000000c1728d2af766"}, 0x55) kernel console output (not intermixed with test programs): im2: renamed from eth2 [ 203.331389][ T6133] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 203.619815][ T2465] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 203.634395][ T2465] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 203.735178][ T2465] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 203.743862][ T2465] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 203.812669][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 203.821475][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 203.835145][ T2898] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 203.856906][ T2898] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 203.974214][ T6133] 8021q: adding VLAN 0 to HW filter on device bond0 [ 204.074903][ T6133] 8021q: adding VLAN 0 to HW filter on device team0 [ 204.149969][ T2465] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.157169][ T2465] bridge0: port 1(bridge_slave_0) entered forwarding state [ 204.225158][ T2465] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.232389][ T2465] bridge0: port 2(bridge_slave_1) entered forwarding state [ 204.801084][ T6133] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 204.962441][ T6133] veth0_vlan: entered promiscuous mode [ 205.013530][ T6133] veth1_vlan: entered promiscuous mode [ 205.085027][ T6133] veth0_macvtap: entered promiscuous mode [ 205.114670][ T6133] veth1_macvtap: entered promiscuous mode [ 205.158239][ T6133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 205.171060][ T6133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.181152][ T6133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 205.191722][ T6133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.202127][ T6133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 205.212744][ T6133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.222755][ T6133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 205.240004][ T6133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.262448][ T6133] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 205.302944][ T6133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 205.327952][ T6133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.352942][ T6133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 205.388633][ T6133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.399294][ T6133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 205.426807][ T6133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.448557][ T6133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 205.496748][ T6133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.515915][ T6133] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 205.565855][ T6133] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.609095][ T6133] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.636594][ T6133] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.645404][ T6133] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.003021][ T2898] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 206.029954][ T2898] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 206.096774][ T2465] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 206.104746][ T2465] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 207.346916][ T6345] syz.2.121 (6345): attempted to duplicate a private mapping with mremap. This is not supported. [ 207.739445][ T6358] raw_sendmsg: syz.1.124 forgot to set AF_INET. Fix it! [ 211.936836][ T6440] can: request_module (can-proto-5) failed. [ 219.342862][ T6558] ======================================================= [ 219.342862][ T6558] WARNING: The mand mount option has been deprecated and [ 219.342862][ T6558] and is ignored by this kernel. Remove the mand [ 219.342862][ T6558] option from the mount to silence this warning. [ 219.342862][ T6558] ======================================================= [ 222.066527][ T5245] Bluetooth: hci4: command 0x0406 tx timeout [ 224.933255][ T6660] Invalid ELF header magic: != ELF [ 224.954748][ T6659] delete_channel: no stack [ 225.172612][ T6663] block nbd0: not configured, cannot reconfigure [ 225.449142][ T3426] bridge_slave_1: left allmulticast mode [ 225.455038][ T3426] bridge_slave_1: left promiscuous mode [ 225.465337][ T3426] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.702993][ T3426] bridge_slave_0: left allmulticast mode [ 225.708968][ T3426] bridge_slave_0: left promiscuous mode [ 225.733641][ T3426] bridge0: port 1(bridge_slave_0) entered disabled state [ 228.133126][ T3426] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 228.164666][ T3426] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 228.227437][ T3426] bond0 (unregistering): Released all slaves [ 228.700021][ T6699] netlink: 28 bytes leftover after parsing attributes in process `syz.3.214'. [ 228.723918][ T6699] nbd: must specify at least one socket [ 230.486627][ T3426] hsr_slave_0: left promiscuous mode [ 230.616847][ T3426] hsr_slave_1: left promiscuous mode [ 230.782953][ T3426] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 230.797126][ T3426] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 230.847815][ T3426] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 230.855290][ T3426] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 230.996662][ T3426] veth1_macvtap: left promiscuous mode [ 231.002350][ T3426] veth0_macvtap: left promiscuous mode [ 231.026765][ T3426] veth1_vlan: left promiscuous mode [ 231.032147][ T3426] veth0_vlan: left promiscuous mode [ 233.163489][ T3426] team0 (unregistering): Port device team_slave_1 removed [ 233.319619][ T3426] team0 (unregistering): Port device team_slave_0 removed [ 233.542981][ T6732] svc: failed to register nfsdv3 RPC service (errno 111). [ 233.608527][ T6732] svc: failed to register nfsaclv3 RPC service (errno 111). [ 234.346311][ T6737] svc: failed to register nfsdv3 RPC service (errno 111). [ 234.384601][ T6737] svc: failed to register nfsaclv3 RPC service (errno 111). [ 237.449758][ T6774] Process accounting resumed [ 244.147117][ T6926] netlink: get zone limit has 4 unknown bytes [ 244.572089][ T6941] Process accounting resumed [ 250.853961][ T7036] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 252.138019][ T7054] netlink: 68 bytes leftover after parsing attributes in process `syz.1.310'. [ 258.100907][ T7173] syz.2.334(7173): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 260.940485][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.946902][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.336286][ T7238] FAULT_INJECTION: forcing a failure. [ 261.336286][ T7238] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 261.476592][ T7238] CPU: 1 UID: 0 PID: 7238 Comm: syz.0.350 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 261.486945][ T7238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 261.497060][ T7238] Call Trace: [ 261.500381][ T7238] [ 261.503351][ T7238] dump_stack_lvl+0x16c/0x1f0 [ 261.508117][ T7238] should_fail_ex+0x497/0x5b0 [ 261.512863][ T7238] _copy_to_user+0x30/0xc0 [ 261.517358][ T7238] simple_read_from_buffer+0xd0/0x160 [ 261.522802][ T7238] proc_fail_nth_read+0x198/0x270 [ 261.527890][ T7238] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 261.533513][ T7238] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 261.539125][ T7238] vfs_read+0x1ce/0xbd0 [ 261.543332][ T7238] ? __fget_files+0x23a/0x3f0 [ 261.548146][ T7238] ? fdget_pos+0x24c/0x360 [ 261.552613][ T7238] ? __pfx_lock_release+0x10/0x10 [ 261.557704][ T7238] ? trace_lock_acquire+0x14a/0x1d0 [ 261.562972][ T7238] ? __pfx_vfs_read+0x10/0x10 [ 261.567701][ T7238] ? __pfx___mutex_lock+0x10/0x10 [ 261.572886][ T7238] ? __fget_files+0x244/0x3f0 [ 261.577628][ T7238] ksys_read+0x12f/0x260 [ 261.581924][ T7238] ? __pfx_ksys_read+0x10/0x10 [ 261.586762][ T7238] do_syscall_64+0xcd/0x250 [ 261.591337][ T7238] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.597290][ T7238] RIP: 0033:0x7fcadf37ca3c [ 261.601763][ T7238] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 261.621438][ T7238] RSP: 002b:00007fcae01e3030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 261.629931][ T7238] RAX: ffffffffffffffda RBX: 00007fcadf536058 RCX: 00007fcadf37ca3c [ 261.637970][ T7238] RDX: 000000000000000f RSI: 00007fcae01e30a0 RDI: 0000000000000003 [ 261.645995][ T7238] RBP: 00007fcae01e3090 R08: 0000000000000000 R09: 0000000000000000 [ 261.654015][ T7238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 261.662125][ T7238] R13: 0000000000000000 R14: 00007fcadf536058 R15: 00007ffd26163438 [ 261.670169][ T7238] [ 262.367955][ T7253] netlink: 12 bytes leftover after parsing attributes in process `syz.2.356'. [ 264.710747][ T7304] FAULT_INJECTION: forcing a failure. [ 264.710747][ T7304] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 264.866456][ T7304] CPU: 1 UID: 0 PID: 7304 Comm: syz.1.368 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 264.876785][ T7304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 264.886881][ T7304] Call Trace: [ 264.890195][ T7304] [ 264.893165][ T7304] dump_stack_lvl+0x16c/0x1f0 [ 264.897908][ T7304] should_fail_ex+0x497/0x5b0 [ 264.902665][ T7304] _copy_to_user+0x30/0xc0 [ 264.907128][ T7304] simple_read_from_buffer+0xd0/0x160 [ 264.912561][ T7304] proc_fail_nth_read+0x198/0x270 [ 264.917650][ T7304] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 264.923270][ T7304] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 264.928877][ T7304] vfs_read+0x1ce/0xbd0 [ 264.933082][ T7304] ? __fget_files+0x23a/0x3f0 [ 264.937807][ T7304] ? fdget_pos+0x24c/0x360 [ 264.942294][ T7304] ? __pfx_lock_release+0x10/0x10 [ 264.947380][ T7304] ? trace_lock_acquire+0x14a/0x1d0 [ 264.952645][ T7304] ? __pfx_vfs_read+0x10/0x10 [ 264.957373][ T7304] ? __pfx___mutex_lock+0x10/0x10 [ 264.962481][ T7304] ? __fget_files+0x244/0x3f0 [ 264.967216][ T7304] ksys_read+0x12f/0x260 [ 264.971511][ T7304] ? __pfx_ksys_read+0x10/0x10 [ 264.976344][ T7304] do_syscall_64+0xcd/0x250 [ 264.980932][ T7304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 264.986887][ T7304] RIP: 0033:0x7f2aee37ca3c [ 264.991349][ T7304] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 265.011007][ T7304] RSP: 002b:00007f2aef232030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 265.019484][ T7304] RAX: ffffffffffffffda RBX: 00007f2aee536058 RCX: 00007f2aee37ca3c [ 265.027502][ T7304] RDX: 000000000000000f RSI: 00007f2aef2320a0 RDI: 0000000000000004 [ 265.035521][ T7304] RBP: 00007f2aef232090 R08: 0000000000000000 R09: 0000000000000000 [ 265.043538][ T7304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 265.051554][ T7304] R13: 0000000000000000 R14: 00007f2aee536058 R15: 00007fff266e3de8 [ 265.059584][ T7304] [ 266.253518][ T5245] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 266.262920][ T5245] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 266.276334][ T5245] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 266.291652][ T5245] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 266.305291][ T5245] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 266.315537][ T5245] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 266.460746][ T3426] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.399236][ T3426] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.640695][ T7332] chnl_net:caif_netlink_parms(): no params data found [ 268.355367][ T3426] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.386624][ T5236] Bluetooth: hci0: command tx timeout [ 268.793890][ T7332] bridge0: port 1(bridge_slave_0) entered blocking state [ 268.821411][ T7332] bridge0: port 1(bridge_slave_0) entered disabled state [ 268.839900][ T7332] bridge_slave_0: entered allmulticast mode [ 268.858880][ T7332] bridge_slave_0: entered promiscuous mode [ 268.959313][ T3426] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 269.041820][ T7332] bridge0: port 2(bridge_slave_1) entered blocking state [ 269.055841][ T7332] bridge0: port 2(bridge_slave_1) entered disabled state [ 269.072936][ T7332] bridge_slave_1: entered allmulticast mode [ 269.086542][ T7332] bridge_slave_1: entered promiscuous mode [ 269.425740][ T7332] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 269.463768][ T7332] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 269.743140][ T7332] team0: Port device team_slave_0 added [ 270.230423][ T7332] team0: Port device team_slave_1 added [ 270.498136][ T5236] Bluetooth: hci0: command tx timeout [ 270.875365][ T7332] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 270.906061][ T7332] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 270.967004][ T7332] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 270.998761][ T7332] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 271.025475][ T7332] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 271.103949][ T7332] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 271.680011][ T3426] bridge_slave_1: left allmulticast mode [ 271.685733][ T3426] bridge_slave_1: left promiscuous mode [ 271.722054][ T3426] bridge0: port 2(bridge_slave_1) entered disabled state [ 271.967307][ T3426] bridge_slave_0: left allmulticast mode [ 271.973132][ T3426] bridge_slave_0: left promiscuous mode [ 272.035547][ T3426] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.142386][ T30] audit: type=1326 audit(1727577449.696:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7411 comm="syz.3.388" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc5a317dff9 code=0x0 [ 272.565692][ T5236] Bluetooth: hci0: command tx timeout [ 274.616553][ T5236] Bluetooth: hci0: command tx timeout [ 275.257199][ T3426] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 275.363126][ T3426] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 275.469215][ T3426] bond0 (unregistering): Released all slaves [ 275.554883][ T7332] hsr_slave_0: entered promiscuous mode [ 275.597015][ T7332] hsr_slave_1: entered promiscuous mode [ 275.639051][ T7332] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 275.646883][ T7332] Cannot create hsr debugfs directory [ 278.502119][ T3426] hsr_slave_0: left promiscuous mode [ 278.600097][ T3426] hsr_slave_1: left promiscuous mode [ 278.713224][ T3426] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 278.721358][ T3426] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 278.757285][ T3426] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 278.764769][ T3426] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 278.841608][ T3426] veth1_macvtap: left promiscuous mode [ 278.874289][ T3426] veth0_macvtap: left promiscuous mode [ 278.880121][ T3426] veth1_vlan: left promiscuous mode [ 278.885473][ T3426] veth0_vlan: left promiscuous mode [ 280.537515][ T3426] team0 (unregistering): Port device team_slave_1 removed [ 280.749729][ T3426] team0 (unregistering): Port device team_slave_0 removed [ 282.928850][ T7332] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 283.001031][ T7332] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 283.068504][ T7332] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 283.120081][ T7332] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 283.378186][ T7332] 8021q: adding VLAN 0 to HW filter on device bond0 [ 283.396748][ T7332] 8021q: adding VLAN 0 to HW filter on device team0 [ 283.408190][ T6455] bridge0: port 1(bridge_slave_0) entered blocking state [ 283.415433][ T6455] bridge0: port 1(bridge_slave_0) entered forwarding state [ 283.499158][ T5245] Bluetooth: hci1: command 0x0406 tx timeout [ 283.528513][ T6455] bridge0: port 2(bridge_slave_1) entered blocking state [ 283.535677][ T6455] bridge0: port 2(bridge_slave_1) entered forwarding state [ 283.663391][ T7332] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 283.673889][ T7332] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 284.162849][ T7332] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 284.329566][ T7332] veth0_vlan: entered promiscuous mode [ 284.355319][ T7573] syz.1.415 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 284.369716][ T7332] veth1_vlan: entered promiscuous mode [ 284.448781][ T7332] veth0_macvtap: entered promiscuous mode [ 284.486345][ T7332] veth1_macvtap: entered promiscuous mode [ 284.557268][ T7332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 284.572737][ T7332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.617176][ T7332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 284.642453][ T7332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.686511][ T7332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 284.730531][ T7332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.771445][ T7332] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 284.832996][ T7332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.857276][ T7332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.903279][ T7332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.925665][ T7332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.935607][ T7332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.960802][ T7332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.979593][ T7332] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 285.033587][ T7332] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 285.052972][ T7332] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 285.081565][ T7332] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 285.110988][ T7332] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 285.487960][ T6462] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 285.495851][ T6448] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 285.496361][ T6462] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 285.504454][ T6448] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 290.663062][ T7704] block nbd9: not configured, cannot reconfigure [ 293.736559][ T5245] Bluetooth: hci5: command 0x0406 tx timeout [ 295.045649][ T7764] could not allocate digest TFM handle [ 296.406611][ T7779] svc: failed to register nfsdv3 RPC service (errno 101). [ 296.477815][ T7779] svc: failed to register nfsaclv3 RPC service (errno 101). [ 299.619707][ T7852] FAULT_INJECTION: forcing a failure. [ 299.619707][ T7852] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 299.746718][ T7852] CPU: 0 UID: 0 PID: 7852 Comm: syz.3.477 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 299.757042][ T7852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 299.767144][ T7852] Call Trace: [ 299.770438][ T7852] [ 299.773400][ T7852] dump_stack_lvl+0x16c/0x1f0 [ 299.778220][ T7852] should_fail_ex+0x497/0x5b0 [ 299.782942][ T7852] _copy_from_user+0x30/0xf0 [ 299.787565][ T7852] sctp_setsockopt+0x422/0xb880 [ 299.792453][ T7852] ? __pfx_sctp_setsockopt+0x10/0x10 [ 299.797781][ T7852] ? __pfx_aa_sk_perm+0x10/0x10 [ 299.802665][ T7852] ? __pfx_lock_release+0x10/0x10 [ 299.807735][ T7852] ? proc_fail_nth_write+0xa0/0x250 [ 299.812974][ T7852] ? sock_common_setsockopt+0x2e/0xf0 [ 299.818418][ T7852] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 299.824448][ T7852] do_sock_setsockopt+0x222/0x480 [ 299.829517][ T7852] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 299.835101][ T7852] ? __pfx_vfs_write+0x10/0x10 [ 299.839907][ T7852] ? do_sys_openat2+0xb1/0x1e0 [ 299.844730][ T7852] ? fdget+0x176/0x210 [ 299.848840][ T7852] __sys_setsockopt+0x1a4/0x270 [ 299.853737][ T7852] ? __pfx___sys_setsockopt+0x10/0x10 [ 299.859159][ T7852] ? ksys_write+0x1ad/0x260 [ 299.863695][ T7852] ? __pfx_ksys_write+0x10/0x10 [ 299.868586][ T7852] __x64_sys_setsockopt+0xbd/0x160 [ 299.873746][ T7852] ? do_syscall_64+0x91/0x250 [ 299.878470][ T7852] ? lockdep_hardirqs_on+0x7c/0x110 [ 299.883703][ T7852] do_syscall_64+0xcd/0x250 [ 299.888249][ T7852] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.894176][ T7852] RIP: 0033:0x7fc5a317dff9 [ 299.898613][ T7852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 299.918255][ T7852] RSP: 002b:00007fc5a3f42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 299.926696][ T7852] RAX: ffffffffffffffda RBX: 00007fc5a3335f80 RCX: 00007fc5a317dff9 [ 299.934690][ T7852] RDX: 0000000000000023 RSI: 0000010000000084 RDI: 0000000000000003 [ 299.942682][ T7852] RBP: 00007fc5a3f42090 R08: 0000000000000008 R09: 0000000000000000 [ 299.950675][ T7852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 299.958665][ T7852] R13: 0000000000000000 R14: 00007fc5a3335f80 R15: 00007fffa3b9d628 [ 299.966683][ T7852] [ 303.859528][ T7912] could not allocate digest TFM handle [ 304.895285][ T7936] nbd: must specify a device to reconfigure [ 306.522909][ T7978] nbd: must specify a device to reconfigure [ 308.582454][ T8038] FAULT_INJECTION: forcing a failure. [ 308.582454][ T8038] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 308.595958][ T8038] CPU: 1 UID: 0 PID: 8038 Comm: syz.0.524 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 308.606259][ T8038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 308.616451][ T8038] Call Trace: [ 308.619774][ T8038] [ 308.622738][ T8038] dump_stack_lvl+0x16c/0x1f0 [ 308.627487][ T8038] should_fail_ex+0x497/0x5b0 [ 308.632242][ T8038] _copy_from_user+0x30/0xf0 [ 308.636880][ T8038] copy_msghdr_from_user+0x99/0x160 [ 308.642143][ T8038] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 308.648202][ T8038] ? __pfx___lock_acquire+0x10/0x10 [ 308.653477][ T8038] ___sys_sendmsg+0xff/0x1e0 [ 308.658146][ T8038] ? __pfx____sys_sendmsg+0x10/0x10 [ 308.663434][ T8038] ? lock_acquire+0x2f/0xb0 [ 308.668003][ T8038] ? __fget_files+0x40/0x3f0 [ 308.672658][ T8038] ? fdget+0x176/0x210 [ 308.676799][ T8038] __sys_sendmsg+0x117/0x1f0 [ 308.681459][ T8038] ? __pfx___sys_sendmsg+0x10/0x10 [ 308.686638][ T8038] ? __fget_files+0x244/0x3f0 [ 308.691375][ T8038] do_syscall_64+0xcd/0x250 [ 308.695916][ T8038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.701853][ T8038] RIP: 0033:0x7fae58b7dff9 [ 308.706286][ T8038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 308.725920][ T8038] RSP: 002b:00007fae585ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 308.734360][ T8038] RAX: ffffffffffffffda RBX: 00007fae58d35f80 RCX: 00007fae58b7dff9 [ 308.742408][ T8038] RDX: 0000000000040010 RSI: 0000000020001b40 RDI: 0000000000000003 [ 308.750403][ T8038] RBP: 00007fae585ff090 R08: 0000000000000000 R09: 0000000000000000 [ 308.758392][ T8038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 308.766382][ T8038] R13: 0000000000000000 R14: 00007fae58d35f80 R15: 00007fff065eb9f8 [ 308.774401][ T8038] [ 314.218453][ T5245] Bluetooth: hci6: command 0x0406 tx timeout [ 317.238184][ T8174] FAULT_INJECTION: forcing a failure. [ 317.238184][ T8174] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 317.329819][ T8174] CPU: 1 UID: 0 PID: 8174 Comm: syz.2.554 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 317.340140][ T8174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 317.350215][ T8174] Call Trace: [ 317.353509][ T8174] [ 317.356456][ T8174] dump_stack_lvl+0x16c/0x1f0 [ 317.361171][ T8174] should_fail_ex+0x497/0x5b0 [ 317.365888][ T8174] _copy_from_iter+0x29b/0x13e0 [ 317.370772][ T8174] ? __pfx__copy_from_iter+0x10/0x10 [ 317.376083][ T8174] ? __virt_addr_valid+0x1a4/0x590 [ 317.381260][ T8174] ? __virt_addr_valid+0x5e/0x590 [ 317.386322][ T8174] ? __phys_addr_symbol+0x30/0x80 [ 317.391383][ T8174] ? __check_object_size+0x488/0x710 [ 317.396712][ T8174] netlink_sendmsg+0x813/0xd70 [ 317.401515][ T8174] ? __pfx_netlink_sendmsg+0x10/0x10 [ 317.406843][ T8174] ____sys_sendmsg+0x9ae/0xb40 [ 317.411637][ T8174] ? copy_msghdr_from_user+0x10b/0x160 [ 317.417138][ T8174] ? __pfx_____sys_sendmsg+0x10/0x10 [ 317.422463][ T8174] ? __pfx___lock_acquire+0x10/0x10 [ 317.427711][ T8174] ___sys_sendmsg+0x135/0x1e0 [ 317.432435][ T8174] ? __pfx____sys_sendmsg+0x10/0x10 [ 317.437688][ T8174] ? lock_acquire+0x2f/0xb0 [ 317.442232][ T8174] ? __fget_files+0x40/0x3f0 [ 317.446858][ T8174] ? fdget+0x176/0x210 [ 317.450961][ T8174] __sys_sendmsg+0x117/0x1f0 [ 317.455590][ T8174] ? __pfx___sys_sendmsg+0x10/0x10 [ 317.460743][ T8174] ? __fget_files+0x244/0x3f0 [ 317.465468][ T8174] do_syscall_64+0xcd/0x250 [ 317.470010][ T8174] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.475936][ T8174] RIP: 0033:0x7f576777dff9 [ 317.480375][ T8174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 317.500008][ T8174] RSP: 002b:00007f57684dd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 317.508450][ T8174] RAX: ffffffffffffffda RBX: 00007f5767935f80 RCX: 00007f576777dff9 [ 317.516447][ T8174] RDX: 0000000000040010 RSI: 0000000020001b40 RDI: 0000000000000003 [ 317.524439][ T8174] RBP: 00007f57684dd090 R08: 0000000000000000 R09: 0000000000000000 [ 317.532446][ T8174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 317.540437][ T8174] R13: 0000000000000000 R14: 00007f5767935f80 R15: 00007fffdb132c58 [ 317.548597][ T8174] [ 321.131797][ T8218] FAULT_INJECTION: forcing a failure. [ 321.131797][ T8218] name failslab, interval 1, probability 0, space 0, times 0 [ 321.226480][ T8218] CPU: 1 UID: 0 PID: 8218 Comm: syz.2.563 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 321.236908][ T8218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 321.247030][ T8218] Call Trace: [ 321.250354][ T8218] [ 321.253321][ T8218] dump_stack_lvl+0x16c/0x1f0 [ 321.258087][ T8218] should_fail_ex+0x497/0x5b0 [ 321.262836][ T8218] should_failslab+0xc2/0x120 [ 321.267577][ T8218] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 321.273019][ T8218] ? skb_clone+0x190/0x3f0 [ 321.277507][ T8218] skb_clone+0x190/0x3f0 [ 321.281816][ T8218] netlink_deliver_tap+0xb26/0xcf0 [ 321.287003][ T8218] netlink_unicast+0x5e1/0x7f0 [ 321.291828][ T8218] ? __pfx_netlink_unicast+0x10/0x10 [ 321.297175][ T8218] ? __phys_addr_symbol+0x30/0x80 [ 321.302270][ T8218] ? __check_object_size+0x488/0x710 [ 321.307619][ T8218] netlink_sendmsg+0x8b8/0xd70 [ 321.312444][ T8218] ? __pfx_netlink_sendmsg+0x10/0x10 [ 321.317830][ T8218] ____sys_sendmsg+0x9ae/0xb40 [ 321.322665][ T8218] ? copy_msghdr_from_user+0x10b/0x160 [ 321.328196][ T8218] ? __pfx_____sys_sendmsg+0x10/0x10 [ 321.333555][ T8218] ? __pfx___lock_acquire+0x10/0x10 [ 321.338829][ T8218] ___sys_sendmsg+0x135/0x1e0 [ 321.343578][ T8218] ? __pfx____sys_sendmsg+0x10/0x10 [ 321.348877][ T8218] ? lock_acquire+0x2f/0xb0 [ 321.353444][ T8218] ? __fget_files+0x40/0x3f0 [ 321.358101][ T8218] ? fdget+0x176/0x210 [ 321.362238][ T8218] __sys_sendmsg+0x117/0x1f0 [ 321.366910][ T8218] ? __pfx___sys_sendmsg+0x10/0x10 [ 321.372095][ T8218] ? __fget_files+0x244/0x3f0 [ 321.376850][ T8218] do_syscall_64+0xcd/0x250 [ 321.381409][ T8218] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.387358][ T8218] RIP: 0033:0x7f576777dff9 [ 321.391815][ T8218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 321.411476][ T8218] RSP: 002b:00007f57684dd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 321.419942][ T8218] RAX: ffffffffffffffda RBX: 00007f5767935f80 RCX: 00007f576777dff9 [ 321.427991][ T8218] RDX: 0000000000040010 RSI: 0000000020001b40 RDI: 0000000000000003 [ 321.436008][ T8218] RBP: 00007f57684dd090 R08: 0000000000000000 R09: 0000000000000000 [ 321.444027][ T8218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 321.452042][ T8218] R13: 0000000000000000 R14: 00007f5767935f80 R15: 00007fffdb132c58 [ 321.460090][ T8218] [ 321.507634][ T8218] nbd: couldn't find a device at index 0 [ 322.390833][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.397372][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.837402][ T8251] FAULT_INJECTION: forcing a failure. [ 323.837402][ T8251] name failslab, interval 1, probability 0, space 0, times 0 [ 323.876561][ T8251] CPU: 0 UID: 0 PID: 8251 Comm: syz.2.573 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 323.886901][ T8251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 323.897011][ T8251] Call Trace: [ 323.900326][ T8251] [ 323.903292][ T8251] dump_stack_lvl+0x16c/0x1f0 [ 323.908032][ T8251] should_fail_ex+0x497/0x5b0 [ 323.912770][ T8251] ? fs_reclaim_acquire+0xae/0x160 [ 323.918027][ T8251] should_failslab+0xc2/0x120 [ 323.922778][ T8251] __kmalloc_noprof+0xcb/0x410 [ 323.927614][ T8251] ? __pfx___mutex_trylock_common+0x10/0x10 [ 323.933582][ T8251] ? genl_rcv_msg+0x580/0x800 [ 323.938358][ T8251] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 323.945903][ T8251] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 323.951449][ T8251] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 323.957603][ T8251] ? __radix_tree_lookup+0x21f/0x2c0 [ 323.962964][ T8251] genl_rcv_msg+0x565/0x800 [ 323.967535][ T8251] ? __pfx_genl_rcv_msg+0x10/0x10 [ 323.972626][ T8251] ? __pfx_nbd_genl_reconfigure+0x10/0x10 [ 323.978444][ T8251] netlink_rcv_skb+0x165/0x410 [ 323.983265][ T8251] ? __pfx_genl_rcv_msg+0x10/0x10 [ 323.988370][ T8251] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 323.993721][ T8251] ? down_read+0xc9/0x330 [ 323.998115][ T8251] ? __pfx_down_read+0x10/0x10 [ 324.002959][ T8251] ? netlink_deliver_tap+0x1ae/0xcf0 [ 324.008326][ T8251] genl_rcv+0x28/0x40 [ 324.012367][ T8251] netlink_unicast+0x53c/0x7f0 [ 324.017200][ T8251] ? __pfx_netlink_unicast+0x10/0x10 [ 324.022544][ T8251] ? __phys_addr_symbol+0x30/0x80 [ 324.027627][ T8251] ? __check_object_size+0x488/0x710 [ 324.032980][ T8251] netlink_sendmsg+0x8b8/0xd70 [ 324.037807][ T8251] ? __pfx_netlink_sendmsg+0x10/0x10 [ 324.043164][ T8251] ____sys_sendmsg+0x9ae/0xb40 [ 324.047985][ T8251] ? copy_msghdr_from_user+0x10b/0x160 [ 324.053505][ T8251] ? __pfx_____sys_sendmsg+0x10/0x10 [ 324.058858][ T8251] ? __pfx___lock_acquire+0x10/0x10 [ 324.064132][ T8251] ___sys_sendmsg+0x135/0x1e0 [ 324.068887][ T8251] ? __pfx____sys_sendmsg+0x10/0x10 [ 324.074179][ T8251] ? lock_acquire+0x2f/0xb0 [ 324.078747][ T8251] ? __fget_files+0x40/0x3f0 [ 324.083420][ T8251] ? fdget+0x176/0x210 [ 324.087548][ T8251] __sys_sendmsg+0x117/0x1f0 [ 324.092209][ T8251] ? __pfx___sys_sendmsg+0x10/0x10 [ 324.097390][ T8251] ? __fget_files+0x244/0x3f0 [ 324.102238][ T8251] do_syscall_64+0xcd/0x250 [ 324.106805][ T8251] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 324.112756][ T8251] RIP: 0033:0x7f576777dff9 [ 324.117303][ T8251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 324.136976][ T8251] RSP: 002b:00007f57684dd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 324.145449][ T8251] RAX: ffffffffffffffda RBX: 00007f5767935f80 RCX: 00007f576777dff9 [ 324.153472][ T8251] RDX: 0000000000040010 RSI: 0000000020001b40 RDI: 0000000000000003 [ 324.161489][ T8251] RBP: 00007f57684dd090 R08: 0000000000000000 R09: 0000000000000000 [ 324.169505][ T8251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 324.177519][ T8251] R13: 0000000000000000 R14: 00007f5767935f80 R15: 00007fffdb132c58 [ 324.185563][ T8251] [ 336.308478][ T8410] kexec: Could not allocate control_code_buffer [ 340.331754][ T8472] netlink: 64 bytes leftover after parsing attributes in process `syz.2.635'. [ 342.218187][ T8494] nbd: couldn't find a device at index 768 [ 342.522895][ T6450] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.940452][ T6450] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 343.456490][ T6450] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 343.768784][ T6450] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 343.836982][ T5245] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 343.845368][ T5245] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 343.853159][ T5245] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 343.861617][ T5245] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 343.869436][ T5245] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 343.876828][ T5245] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 344.530105][ T6450] bridge_slave_1: left allmulticast mode [ 344.535826][ T6450] bridge_slave_1: left promiscuous mode [ 344.588079][ T6450] bridge0: port 2(bridge_slave_1) entered disabled state [ 344.761161][ T6450] bridge_slave_0: left allmulticast mode [ 344.789419][ T6450] bridge_slave_0: left promiscuous mode [ 344.800456][ T6450] bridge0: port 1(bridge_slave_0) entered disabled state [ 345.517930][ T8557] netlink: 8 bytes leftover after parsing attributes in process `syz.3.653'. [ 345.896933][ T5236] Bluetooth: hci2: command tx timeout [ 346.988874][ T6450] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 347.272218][ T6450] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 347.373302][ T6450] bond0 (unregistering): Released all slaves [ 347.476771][ T8512] chnl_net:caif_netlink_parms(): no params data found [ 347.996543][ T5236] Bluetooth: hci2: command tx timeout [ 348.048956][ T8585] netlink: 148 bytes leftover after parsing attributes in process `syz.1.656'. [ 348.433590][ T8512] bridge0: port 1(bridge_slave_0) entered blocking state [ 348.452685][ T8512] bridge0: port 1(bridge_slave_0) entered disabled state [ 348.462787][ T8512] bridge_slave_0: entered allmulticast mode [ 348.483555][ T8512] bridge_slave_0: entered promiscuous mode [ 348.562323][ T8512] bridge0: port 2(bridge_slave_1) entered blocking state [ 348.586589][ T8512] bridge0: port 2(bridge_slave_1) entered disabled state [ 348.593827][ T8512] bridge_slave_1: entered allmulticast mode [ 348.610978][ T8512] bridge_slave_1: entered promiscuous mode [ 349.818342][ T8590] svc: failed to register nfsdv3 RPC service (errno 111). [ 349.863349][ T8590] svc: failed to register nfsaclv3 RPC service (errno 111). [ 349.973934][ T8512] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 350.057632][ T5236] Bluetooth: hci2: command tx timeout [ 350.123947][ T8512] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 351.410290][ T8512] team0: Port device team_slave_0 added [ 351.886488][ T6450] hsr_slave_0: left promiscuous mode [ 352.004652][ T6450] hsr_slave_1: left promiscuous mode [ 352.076533][ T6450] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 352.084034][ T6450] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 352.136581][ T5236] Bluetooth: hci2: command tx timeout [ 352.197201][ T6450] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 352.216454][ T6450] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 352.326549][ T6450] veth1_macvtap: left promiscuous mode [ 352.332154][ T6450] veth0_macvtap: left promiscuous mode [ 352.366709][ T6450] veth1_vlan: left promiscuous mode [ 352.372104][ T6450] veth0_vlan: left promiscuous mode [ 352.725541][ T8639] netlink: 8 bytes leftover after parsing attributes in process `syz.0.666'. [ 355.127190][ T8657] FAULT_INJECTION: forcing a failure. [ 355.127190][ T8657] name failslab, interval 1, probability 0, space 0, times 0 [ 355.238927][ T8657] CPU: 0 UID: 0 PID: 8657 Comm: syz.0.672 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 355.249254][ T8657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 355.259353][ T8657] Call Trace: [ 355.262664][ T8657] [ 355.265632][ T8657] dump_stack_lvl+0x16c/0x1f0 [ 355.270384][ T8657] should_fail_ex+0x497/0x5b0 [ 355.275129][ T8657] ? fs_reclaim_acquire+0xae/0x160 [ 355.280306][ T8657] should_failslab+0xc2/0x120 [ 355.285056][ T8657] __kmalloc_noprof+0xcb/0x410 [ 355.289891][ T8657] ? rcu_is_watching+0x12/0xc0 [ 355.294717][ T8657] tomoyo_encode2+0x100/0x3e0 [ 355.299437][ T8657] tomoyo_realpath_from_path+0x1a7/0x710 [ 355.305097][ T8657] ? tomoyo_path_number_perm+0x232/0x5b0 [ 355.310771][ T8657] tomoyo_path_number_perm+0x245/0x5b0 [ 355.316266][ T8657] ? tomoyo_path_number_perm+0x232/0x5b0 [ 355.321934][ T8657] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 355.327986][ T8657] ? trace_lock_acquire+0x14a/0x1d0 [ 355.333212][ T8657] ? lock_acquire+0x2f/0xb0 [ 355.337746][ T8657] ? __fget_files+0x40/0x3f0 [ 355.342361][ T8657] ? __fget_files+0x244/0x3f0 [ 355.347082][ T8657] security_file_ioctl+0x9b/0x240 [ 355.352159][ T8657] __x64_sys_ioctl+0xbb/0x220 [ 355.356877][ T8657] do_syscall_64+0xcd/0x250 [ 355.361431][ T8657] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 355.367371][ T8657] RIP: 0033:0x7fae58b7dff9 [ 355.371810][ T8657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 355.391528][ T8657] RSP: 002b:00007fae585ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 355.399977][ T8657] RAX: ffffffffffffffda RBX: 00007fae58d35f80 RCX: 00007fae58b7dff9 [ 355.407969][ T8657] RDX: 0000000000000000 RSI: 0000000040047459 RDI: 0000000000000003 [ 355.415961][ T8657] RBP: 00007fae585ff090 R08: 0000000000000000 R09: 0000000000000000 [ 355.423952][ T8657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 355.431959][ T8657] R13: 0000000000000000 R14: 00007fae58d35f80 R15: 00007fff065eb9f8 [ 355.439970][ T8657] [ 355.543385][ T6450] team0 (unregistering): Port device team_slave_1 removed [ 355.563666][ T8657] ERROR: Out of memory at tomoyo_realpath_from_path. [ 355.807584][ T6450] team0 (unregistering): Port device team_slave_0 removed [ 357.352784][ T8512] team0: Port device team_slave_1 added [ 357.440173][ T8512] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 357.448840][ T8512] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 357.485241][ T8512] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 357.537615][ T8512] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 357.544712][ T8512] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 357.629671][ T8512] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 357.959937][ T8512] hsr_slave_0: entered promiscuous mode [ 357.986993][ T8512] hsr_slave_1: entered promiscuous mode [ 358.054909][ T8512] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 358.066864][ T8512] Cannot create hsr debugfs directory [ 359.410904][ T8723] workqueue: name exceeds WQ_NAME_LEN. Truncating to: ýÿÿÿÿÿÿÿ-œä¾ž6y“Õ¼ŸÜ§ L¨¦÷ k† [ 359.624490][ T8512] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 359.644718][ T8512] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 359.668506][ T8512] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 359.688985][ T8512] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 359.879225][ T8512] 8021q: adding VLAN 0 to HW filter on device bond0 [ 359.921363][ T8512] 8021q: adding VLAN 0 to HW filter on device team0 [ 359.974237][ T6448] bridge0: port 1(bridge_slave_0) entered blocking state [ 359.981455][ T6448] bridge0: port 1(bridge_slave_0) entered forwarding state [ 360.008494][ T6448] bridge0: port 2(bridge_slave_1) entered blocking state [ 360.015681][ T6448] bridge0: port 2(bridge_slave_1) entered forwarding state [ 360.051085][ T8512] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 360.061794][ T8512] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 360.749625][ T8512] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 360.853303][ T8512] veth0_vlan: entered promiscuous mode [ 360.908653][ T8512] veth1_vlan: entered promiscuous mode [ 361.135212][ T6450] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 361.231784][ T8512] veth0_macvtap: entered promiscuous mode [ 361.245005][ T8766] netlink: 4 bytes leftover after parsing attributes in process `syz.1.692'. [ 361.287555][ T8512] veth1_macvtap: entered promiscuous mode [ 361.362131][ T6450] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 361.468201][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.496870][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.536662][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.566456][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.576333][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.646667][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.677944][ T8512] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 361.704456][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 361.746595][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.786586][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 361.815766][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.832734][ T5245] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 361.842698][ T5245] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 361.852068][ T5245] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 361.860850][ T5245] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 361.875856][ T5245] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 361.883615][ T5245] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 361.892275][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 361.902876][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.914369][ T8512] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 362.010519][ T6450] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 362.054543][ T8512] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.096974][ T8512] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.105839][ T8512] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.136559][ T8512] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.214230][ T6450] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 362.732799][ T6462] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 362.756489][ T6462] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 362.872428][ T6457] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 362.908749][ T6457] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 362.974796][ T8802] svc: failed to register nfsdv3 RPC service (errno 111). [ 363.015106][ T6450] bridge_slave_1: left allmulticast mode [ 363.024280][ T6450] bridge_slave_1: left promiscuous mode [ 363.041358][ T6450] bridge0: port 2(bridge_slave_1) entered disabled state [ 363.137808][ T8802] svc: failed to register nfsaclv3 RPC service (errno 111). [ 363.180970][ T6450] bridge_slave_0: left allmulticast mode [ 363.196949][ T6450] bridge_slave_0: left promiscuous mode [ 363.202766][ T6450] bridge0: port 1(bridge_slave_0) entered disabled state [ 363.896703][ T5236] Bluetooth: hci3: command tx timeout [ 365.125781][ T6450] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 365.149467][ T6450] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 365.175725][ T6450] bond0 (unregistering): Released all slaves [ 365.563902][ T8779] chnl_net:caif_netlink_parms(): no params data found [ 365.731974][ T8879] netlink: 'syz.1.704': attribute type 11 has an invalid length. [ 365.976710][ T5236] Bluetooth: hci3: command tx timeout [ 366.132357][ T6450] hsr_slave_0: left promiscuous mode [ 366.268648][ T6450] hsr_slave_1: left promiscuous mode [ 366.355404][ T6450] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 366.389945][ T6450] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 366.406084][ T6450] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 366.434281][ T6450] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 366.480928][ T6450] veth1_macvtap: left promiscuous mode [ 366.496518][ T6450] veth0_macvtap: left promiscuous mode [ 366.502234][ T6450] veth1_vlan: left promiscuous mode [ 366.516521][ T6450] veth0_vlan: left promiscuous mode [ 367.619493][ T6450] team0 (unregistering): Port device team_slave_1 removed [ 367.674475][ T6450] team0 (unregistering): Port device team_slave_0 removed [ 368.056489][ T5236] Bluetooth: hci3: command tx timeout [ 368.336703][ T8779] bridge0: port 1(bridge_slave_0) entered blocking state [ 368.346560][ T8779] bridge0: port 1(bridge_slave_0) entered disabled state [ 368.359326][ T8779] bridge_slave_0: entered allmulticast mode [ 368.367319][ T8779] bridge_slave_0: entered promiscuous mode [ 368.385622][ T8779] bridge0: port 2(bridge_slave_1) entered blocking state [ 368.405572][ T8779] bridge0: port 2(bridge_slave_1) entered disabled state [ 368.413018][ T8779] bridge_slave_1: entered allmulticast mode [ 368.420877][ T8779] bridge_slave_1: entered promiscuous mode [ 368.475008][ T8899] FAULT_INJECTION: forcing a failure. [ 368.475008][ T8899] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 368.489351][ T8899] CPU: 1 UID: 0 PID: 8899 Comm: syz.1.705 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 368.499632][ T8899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 368.509714][ T8899] Call Trace: [ 368.513019][ T8899] [ 368.516001][ T8899] dump_stack_lvl+0x16c/0x1f0 [ 368.520740][ T8899] should_fail_ex+0x497/0x5b0 [ 368.525480][ T8899] _copy_from_user+0x30/0xf0 [ 368.530121][ T8899] do_sock_getsockopt+0x319/0x870 [ 368.535297][ T8899] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 368.540903][ T8899] ? __fget_files+0x244/0x3f0 [ 368.545644][ T8899] __sys_getsockopt+0x1a1/0x270 [ 368.550574][ T8899] ? __pfx___sys_getsockopt+0x10/0x10 [ 368.556007][ T8899] ? fput+0x30/0x390 [ 368.559977][ T8899] ? ksys_write+0x1ad/0x260 [ 368.564538][ T8899] ? __pfx_ksys_write+0x10/0x10 [ 368.569433][ T8899] __x64_sys_getsockopt+0xbd/0x160 [ 368.574594][ T8899] ? do_syscall_64+0x91/0x250 [ 368.579317][ T8899] ? lockdep_hardirqs_on+0x7c/0x110 [ 368.584559][ T8899] do_syscall_64+0xcd/0x250 [ 368.589113][ T8899] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.595060][ T8899] RIP: 0033:0x7f2aee37dff9 [ 368.599516][ T8899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 368.619191][ T8899] RSP: 002b:00007f2aef253038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 368.627853][ T8899] RAX: ffffffffffffffda RBX: 00007f2aee535f80 RCX: 00007f2aee37dff9 [ 368.635870][ T8899] RDX: 0000000000000001 RSI: 000000000000006b RDI: 0000000000000006 [ 368.643889][ T8899] RBP: 00007f2aef253090 R08: 0000000000000000 R09: 0000000000000000 [ 368.651897][ T8899] R10: 9999999999999999 R11: 0000000000000246 R12: 0000000000000001 [ 368.659904][ T8899] R13: 0000000000000000 R14: 00007f2aee535f80 R15: 00007fff266e3de8 [ 368.667943][ T8899] [ 368.694925][ T8779] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 368.739650][ T8779] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 368.863631][ T8779] team0: Port device team_slave_0 added [ 368.926831][ T8779] team0: Port device team_slave_1 added [ 369.002999][ T8779] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 369.020206][ T8779] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 369.076737][ T8779] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 369.108724][ T8779] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 369.115711][ T8779] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 369.173161][ T8779] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 369.315184][ T8779] hsr_slave_0: entered promiscuous mode [ 369.376846][ T8779] hsr_slave_1: entered promiscuous mode [ 370.146941][ T5236] Bluetooth: hci3: command tx timeout [ 370.470230][ T8779] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 370.515809][ T8779] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 370.559312][ T8779] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 370.591211][ T8779] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 370.672909][ T8969] delete_channel: no stack [ 370.829402][ T8779] 8021q: adding VLAN 0 to HW filter on device bond0 [ 370.937284][ T8779] 8021q: adding VLAN 0 to HW filter on device team0 [ 370.955552][ T6450] bridge0: port 1(bridge_slave_0) entered blocking state [ 370.962775][ T6450] bridge0: port 1(bridge_slave_0) entered forwarding state [ 371.029386][ T6450] bridge0: port 2(bridge_slave_1) entered blocking state [ 371.036567][ T6450] bridge0: port 2(bridge_slave_1) entered forwarding state [ 371.399861][ T8992] nbd: couldn't find a device at index 0 [ 371.680183][ T8779] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 371.822091][ T8779] veth0_vlan: entered promiscuous mode [ 371.879523][ T8779] veth1_vlan: entered promiscuous mode [ 371.973585][ T8779] veth0_macvtap: entered promiscuous mode [ 371.994065][ T8779] veth1_macvtap: entered promiscuous mode [ 372.066602][ T8779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 372.086983][ T8779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.106076][ T8779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 372.132430][ T8779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.144622][ T8779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 372.185764][ T8779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.198146][ T8779] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 372.249205][ T8779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 372.276505][ T8779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.300888][ T8779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 372.320258][ T8779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.345422][ T8779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 372.370255][ T8779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.407806][ T8779] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 372.462377][ T8779] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.500389][ T8779] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.513938][ T8779] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.523299][ T8779] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.777097][ T3426] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 372.784982][ T3426] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 372.854826][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 372.891587][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 373.241311][ T9060] nbd: couldn't find a device at index 0 [ 376.497276][ T9138] nbd: couldn't find a device at index 0 [ 377.994067][ T9166] netlink: 'syz.3.762': attribute type 11 has an invalid length. [ 379.074461][ T9185] ptrace attach of "./syz-executor exec"[8779] was attempted by "./syz-executor exec"[9185] [ 380.695014][ T9223] netlink: 148 bytes leftover after parsing attributes in process `syz.3.775'. [ 383.821475][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.836491][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 387.918601][ T9316] netlink: 5 bytes leftover after parsing attributes in process `syz.2.802'. [ 391.018539][ T5245] Bluetooth: hci0: command 0x0406 tx timeout [ 393.832491][ T5245] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 393.841245][ T5245] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 393.849044][ T5245] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 393.857158][ T5245] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 393.867398][ T5245] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 393.878706][ T5245] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 394.861445][ T9363] chnl_net:caif_netlink_parms(): no params data found [ 395.976732][ T5236] Bluetooth: hci4: command tx timeout [ 396.253963][ T9031] syz.0.729 (9031) used greatest stack depth: 18176 bytes left [ 397.027870][ T9363] bridge0: port 1(bridge_slave_0) entered blocking state [ 397.035041][ T9363] bridge0: port 1(bridge_slave_0) entered disabled state [ 397.056317][ T9363] bridge_slave_0: entered allmulticast mode [ 397.063529][ T9363] bridge_slave_0: entered promiscuous mode [ 397.118639][ T9363] bridge0: port 2(bridge_slave_1) entered blocking state [ 397.125768][ T9363] bridge0: port 2(bridge_slave_1) entered disabled state [ 397.172251][ T9363] bridge_slave_1: entered allmulticast mode [ 397.197683][ T9363] bridge_slave_1: entered promiscuous mode [ 397.583708][ T9363] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 397.616113][ T9363] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 398.064455][ T5236] Bluetooth: hci4: command tx timeout [ 398.076024][ T9363] team0: Port device team_slave_0 added [ 398.084322][ T9363] team0: Port device team_slave_1 added [ 398.304895][ T9363] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 398.312379][ T9363] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 398.374680][ T9363] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 398.419479][ T9363] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 398.436744][ T9363] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 398.488997][ T9363] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 399.298257][ T9363] hsr_slave_0: entered promiscuous mode [ 399.306839][ T9363] hsr_slave_1: entered promiscuous mode [ 399.319966][ T9363] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 399.330318][ T9363] Cannot create hsr debugfs directory [ 399.744601][ T6455] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 400.018713][ T6455] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 400.136596][ T5236] Bluetooth: hci4: command tx timeout [ 400.415400][ T6455] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 400.592693][ T6455] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 400.614532][ T5245] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 400.626915][ T5245] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 400.636617][ T5245] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 400.666620][ T5245] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 400.676617][ T5245] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 400.686625][ T5245] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 400.997158][ T9409] Process accounting resumed [ 401.212547][ T6455] bridge_slave_1: left allmulticast mode [ 401.241306][ T6455] bridge_slave_1: left promiscuous mode [ 401.254507][ T6455] bridge0: port 2(bridge_slave_1) entered disabled state [ 401.301162][ T6455] bridge_slave_0: left allmulticast mode [ 401.307288][ T6455] bridge_slave_0: left promiscuous mode [ 401.316545][ T6455] bridge0: port 1(bridge_slave_0) entered disabled state [ 402.217138][ T5236] Bluetooth: hci4: command tx timeout [ 402.777843][ T5236] Bluetooth: hci0: command tx timeout [ 403.715565][ T6455] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 403.812628][ T6455] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 403.891846][ T6455] bond0 (unregistering): Released all slaves [ 404.863788][ T5236] Bluetooth: hci0: command tx timeout [ 405.463416][ T9414] chnl_net:caif_netlink_parms(): no params data found [ 406.487146][ T6455] hsr_slave_0: left promiscuous mode [ 406.535164][ T6455] hsr_slave_1: left promiscuous mode [ 406.549703][ T6455] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 406.586531][ T6455] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 406.643262][ T6455] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 406.675739][ T6455] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 406.876097][ T6455] veth1_macvtap: left promiscuous mode [ 406.902520][ T6455] veth0_macvtap: left promiscuous mode [ 406.937703][ T5236] Bluetooth: hci0: command tx timeout [ 406.943685][ T6455] veth1_vlan: left promiscuous mode [ 406.958897][ T6455] veth0_vlan: left promiscuous mode [ 409.017980][ T5236] Bluetooth: hci0: command tx timeout [ 409.918106][ T6455] team0 (unregistering): Port device team_slave_1 removed [ 410.658314][ T6455] team0 (unregistering): Port device team_slave_0 removed [ 414.538056][ T9414] bridge0: port 1(bridge_slave_0) entered blocking state [ 414.545281][ T9414] bridge0: port 1(bridge_slave_0) entered disabled state [ 414.653316][ T9414] bridge_slave_0: entered allmulticast mode [ 414.667768][ T9414] bridge_slave_0: entered promiscuous mode [ 414.711792][ T9414] bridge0: port 2(bridge_slave_1) entered blocking state [ 414.738673][ T9414] bridge0: port 2(bridge_slave_1) entered disabled state [ 414.745883][ T9414] bridge_slave_1: entered allmulticast mode [ 414.807900][ T9414] bridge_slave_1: entered promiscuous mode [ 415.020336][ T9414] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 415.074122][ T9363] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 415.100936][ T9363] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 415.167714][ T9414] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 415.226669][ T9363] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 415.244417][ T9363] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 415.471341][ T9414] team0: Port device team_slave_0 added [ 415.480315][ T9414] team0: Port device team_slave_1 added [ 415.754567][ T9414] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 415.767842][ T9414] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 415.878397][ T9414] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 415.978637][ T9414] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 416.024681][ T9414] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 416.193164][ T9414] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 417.204569][ T9414] hsr_slave_0: entered promiscuous mode [ 417.227573][ T9414] hsr_slave_1: entered promiscuous mode [ 417.236018][ T9414] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 417.249380][ T9414] Cannot create hsr debugfs directory [ 417.544577][ T9363] 8021q: adding VLAN 0 to HW filter on device bond0 [ 417.693271][ T9363] 8021q: adding VLAN 0 to HW filter on device team0 [ 417.739162][ T3426] bridge0: port 1(bridge_slave_0) entered blocking state [ 417.746308][ T3426] bridge0: port 1(bridge_slave_0) entered forwarding state [ 417.835693][ T3426] bridge0: port 2(bridge_slave_1) entered blocking state [ 417.842983][ T3426] bridge0: port 2(bridge_slave_1) entered forwarding state [ 417.996072][ T9414] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 418.240765][ T9414] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 418.418939][ T9414] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 418.629252][ T9414] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 418.780291][ T9363] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 418.902261][ T9363] veth0_vlan: entered promiscuous mode [ 419.082593][ T9363] veth1_vlan: entered promiscuous mode [ 419.145964][ T9414] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 419.271275][ T9414] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 419.287831][ T9414] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 419.350708][ T9414] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 419.452142][ T9363] veth0_macvtap: entered promiscuous mode [ 419.461720][ T9363] veth1_macvtap: entered promiscuous mode [ 419.480069][ T9363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 419.490616][ T9363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.501253][ T9363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 419.512081][ T9363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.522196][ T9363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 419.535151][ T9363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.546752][ T9363] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 419.557104][ T9363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 419.600720][ T9363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.612290][ T9363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 419.628257][ T9363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.643951][ T9363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 419.681317][ T9363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.702326][ T9363] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 419.876690][ T9363] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 419.916063][ T9363] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 419.942392][ T9363] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 419.961569][ T9363] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.360669][ T9414] 8021q: adding VLAN 0 to HW filter on device bond0 [ 420.454604][ T9414] 8021q: adding VLAN 0 to HW filter on device team0 [ 420.489028][ T6455] bridge0: port 1(bridge_slave_0) entered blocking state [ 420.496220][ T6455] bridge0: port 1(bridge_slave_0) entered forwarding state [ 420.553610][ T6448] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 420.569582][ T6455] bridge0: port 2(bridge_slave_1) entered blocking state [ 420.576756][ T6455] bridge0: port 2(bridge_slave_1) entered forwarding state [ 420.622623][ T9414] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 420.633108][ T9414] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 420.650408][ T6448] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 422.054445][ T9599] Process accounting resumed [ 422.192077][ T6459] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 422.208882][ T6459] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 422.354885][ T9414] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 422.395175][ T9414] veth0_vlan: entered promiscuous mode [ 422.407763][ T9414] veth1_vlan: entered promiscuous mode [ 422.451848][ T9414] veth0_macvtap: entered promiscuous mode [ 422.461307][ T9414] veth1_macvtap: entered promiscuous mode [ 422.477076][ T9414] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.487691][ T9414] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.497817][ T9414] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.508609][ T9414] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.518779][ T9414] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.529539][ T9414] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.539932][ T9414] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.550789][ T9414] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.566102][ T9414] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 422.575805][ T9414] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 422.586616][ T9414] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.596684][ T9414] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 422.608533][ T9414] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.618955][ T9414] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 422.629674][ T9414] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.639800][ T9414] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 422.650667][ T9414] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.662699][ T9414] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 422.716268][ T9414] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 422.725599][ T9414] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 422.734592][ T9414] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 422.743838][ T9414] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 422.959722][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 422.968105][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 422.969422][ T6450] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 423.021183][ T6450] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 432.165342][ T9824] netlink: 4 bytes leftover after parsing attributes in process `syz.2.918'. [ 439.586618][ T9945] ptrace attach of ""[5970] was attempted by "./syz-executor exec"[9945] [ 442.064656][ T6450] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 443.074587][ T6450] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 443.253997][ T9994] netlink: 12 bytes leftover after parsing attributes in process `syz.0.959'. [ 443.280339][ T5245] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 443.299121][ T5245] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 443.309199][ T5245] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 443.317309][ T5245] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 443.325505][ T5245] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 443.333223][ T5245] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 443.333432][ T9993] delete_channel: no stack [ 443.933105][ T6450] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 444.861394][ T6450] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 445.258998][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.265351][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.425879][ T5236] Bluetooth: hci1: command tx timeout [ 445.786675][ T9995] chnl_net:caif_netlink_parms(): no params data found [ 446.494919][ T6450] bridge_slave_1: left allmulticast mode [ 446.516442][ T6450] bridge_slave_1: left promiscuous mode [ 446.522215][ T6450] bridge0: port 2(bridge_slave_1) entered disabled state [ 446.706279][ T6450] bridge_slave_0: left allmulticast mode [ 446.716388][ T6450] bridge_slave_0: left promiscuous mode [ 446.722167][ T6450] bridge0: port 1(bridge_slave_0) entered disabled state [ 447.505642][ T5236] Bluetooth: hci1: command tx timeout [ 449.603106][ T5236] Bluetooth: hci1: command tx timeout [ 449.670194][T10052] FAULT_INJECTION: forcing a failure. [ 449.670194][T10052] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 449.758090][T10052] CPU: 1 UID: 0 PID: 10052 Comm: syz.0.970 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 449.768496][T10052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 449.778586][T10052] Call Trace: [ 449.781893][T10052] [ 449.784851][T10052] dump_stack_lvl+0x16c/0x1f0 [ 449.789700][T10052] should_fail_ex+0x497/0x5b0 [ 449.794437][T10052] _copy_from_user+0x30/0xf0 [ 449.799080][T10052] smc_setsockopt+0x308/0xc00 [ 449.803803][T10052] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 449.809741][T10052] ? __pfx_smc_setsockopt+0x10/0x10 [ 449.815017][T10052] ? __pfx_smc_setsockopt+0x10/0x10 [ 449.820279][T10052] do_sock_setsockopt+0x222/0x480 [ 449.825362][T10052] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 449.830977][T10052] ? fdget+0x176/0x210 [ 449.835108][T10052] __sys_setsockopt+0x1a4/0x270 [ 449.840019][T10052] ? __pfx___sys_setsockopt+0x10/0x10 [ 449.845450][T10052] ? fput+0x30/0x390 [ 449.849447][T10052] ? ksys_write+0x1ad/0x260 [ 449.853988][T10052] ? __pfx_ksys_write+0x10/0x10 [ 449.858882][T10052] __x64_sys_setsockopt+0xbd/0x160 [ 449.864044][T10052] ? do_syscall_64+0x91/0x250 [ 449.868773][T10052] ? lockdep_hardirqs_on+0x7c/0x110 [ 449.874019][T10052] do_syscall_64+0xcd/0x250 [ 449.878574][T10052] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.884513][T10052] RIP: 0033:0x7f986a17dff9 [ 449.888962][T10052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 449.908626][T10052] RSP: 002b:00007f986afc9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 449.917090][T10052] RAX: ffffffffffffffda RBX: 00007f986a335f80 RCX: 00007f986a17dff9 [ 449.925122][T10052] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 449.933135][T10052] RBP: 00007f986afc9090 R08: 0000000000000028 R09: 0000000000000000 [ 449.941142][T10052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 449.949241][T10052] R13: 0000000000000000 R14: 00007f986a335f80 R15: 00007fff99a4d438 [ 449.957267][T10052] [ 450.184193][ T6450] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 450.249578][ T6450] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 450.328533][ T6450] bond0 (unregistering): Released all slaves [ 450.373123][ T9995] bridge0: port 1(bridge_slave_0) entered blocking state [ 450.403772][ T9995] bridge0: port 1(bridge_slave_0) entered disabled state [ 450.416948][ T9995] bridge_slave_0: entered allmulticast mode [ 450.428218][ T9995] bridge_slave_0: entered promiscuous mode [ 450.445010][ T9995] bridge0: port 2(bridge_slave_1) entered blocking state [ 450.468010][ T9995] bridge0: port 2(bridge_slave_1) entered disabled state [ 450.495884][ T9995] bridge_slave_1: entered allmulticast mode [ 450.509682][ T9995] bridge_slave_1: entered promiscuous mode [ 451.322554][ T9995] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 451.390269][ T9995] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 451.657042][ T5236] Bluetooth: hci1: command tx timeout [ 451.729839][ T5245] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 451.756546][ T5245] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 451.764478][ T5245] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 451.864497][ T5245] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 451.896874][ T5245] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 451.930270][ T5245] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 452.633666][ T9995] team0: Port device team_slave_0 added [ 452.920351][ T9995] team0: Port device team_slave_1 added [ 453.976728][ T5236] Bluetooth: hci5: command tx timeout [ 453.985868][ T9995] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 454.003813][ T9995] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 454.097165][ T9995] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 454.275502][ T9995] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 454.299049][ T9995] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 454.417154][ T9995] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 455.297544][ T9995] hsr_slave_0: entered promiscuous mode [ 455.349635][ T9995] hsr_slave_1: entered promiscuous mode [ 455.357724][ T9995] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 455.404971][ T9995] Cannot create hsr debugfs directory [ 456.056852][ T5236] Bluetooth: hci5: command tx timeout [ 456.666152][T10136] delete_channel: no stack [ 456.871615][T10080] chnl_net:caif_netlink_parms(): no params data found [ 457.699729][ T6450] hsr_slave_0: left promiscuous mode [ 457.740788][ T6450] hsr_slave_1: left promiscuous mode [ 457.791182][ T6450] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 457.799752][ T6450] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 457.867118][ T6450] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 457.874589][ T6450] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 457.921049][ T6450] veth1_macvtap: left promiscuous mode [ 457.936489][ T6450] veth0_macvtap: left promiscuous mode [ 457.942149][ T6450] veth1_vlan: left promiscuous mode [ 457.957666][ T6450] veth0_vlan: left promiscuous mode [ 458.137309][ T5236] Bluetooth: hci5: command tx timeout [ 459.069041][ T6450] team0 (unregistering): Port device team_slave_1 removed [ 459.121595][ T6450] team0 (unregistering): Port device team_slave_0 removed [ 460.216478][ T5236] Bluetooth: hci5: command tx timeout [ 460.536524][T10080] bridge0: port 1(bridge_slave_0) entered blocking state [ 460.555533][T10080] bridge0: port 1(bridge_slave_0) entered disabled state [ 460.565788][T10080] bridge_slave_0: entered allmulticast mode [ 460.581664][T10080] bridge_slave_0: entered promiscuous mode [ 460.613196][T10080] bridge0: port 2(bridge_slave_1) entered blocking state [ 460.636600][T10080] bridge0: port 2(bridge_slave_1) entered disabled state [ 460.643853][T10080] bridge_slave_1: entered allmulticast mode [ 460.674968][T10080] bridge_slave_1: entered promiscuous mode [ 460.841359][T10080] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 460.893865][T10080] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 461.037982][T10080] team0: Port device team_slave_0 added [ 461.128233][T10080] team0: Port device team_slave_1 added [ 461.136459][ T9995] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 461.189872][ T9995] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 461.370143][ T9995] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 461.459369][ T9995] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 461.531723][T10080] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 461.538885][T10080] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 461.616354][T10080] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 461.648725][T10080] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 461.655738][T10080] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 461.740715][T10080] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 462.228849][ T6450] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 462.332931][T10080] hsr_slave_0: entered promiscuous mode [ 462.361986][T10080] hsr_slave_1: entered promiscuous mode [ 462.373695][T10080] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 462.383524][T10080] Cannot create hsr debugfs directory [ 462.481364][T10243] Invalid ELF header magic: != ELF [ 462.548621][ T6450] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 462.821625][ T6450] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 463.088660][ T6450] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 463.202464][ T9995] 8021q: adding VLAN 0 to HW filter on device bond0 [ 463.380799][ T9995] 8021q: adding VLAN 0 to HW filter on device team0 [ 463.452351][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 463.459533][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 463.524658][ T5245] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 463.533499][ T5245] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 463.542734][ T5245] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 463.558633][ T5245] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 463.567707][ T5245] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 463.575047][ T5245] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 463.642311][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 463.649492][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 463.834027][ T6450] bridge_slave_1: left allmulticast mode [ 463.846461][ T6450] bridge_slave_1: left promiscuous mode [ 463.852297][ T6450] bridge0: port 2(bridge_slave_1) entered disabled state [ 463.878896][ T6450] bridge_slave_0: left allmulticast mode [ 463.884597][ T6450] bridge_slave_0: left promiscuous mode [ 463.902838][ T6450] bridge0: port 1(bridge_slave_0) entered disabled state [ 464.626883][ T6450] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 464.647478][ T6450] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 464.688994][ T6450] bond0 (unregistering): Released all slaves [ 465.422687][ T9995] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 465.656596][ T5236] Bluetooth: hci3: command tx timeout [ 465.892004][ T6450] hsr_slave_0: left promiscuous mode [ 465.954106][ T6450] hsr_slave_1: left promiscuous mode [ 465.973929][ T6450] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 465.986741][ T6450] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 466.007168][ T6450] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 466.014616][ T6450] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 466.067293][ T6450] veth1_macvtap: left promiscuous mode [ 466.076901][ T6450] veth0_macvtap: left promiscuous mode [ 466.082528][ T6450] veth1_vlan: left promiscuous mode [ 466.113645][ T6450] veth0_vlan: left promiscuous mode [ 466.757247][ T6450] team0 (unregistering): Port device team_slave_1 removed [ 466.809379][ T6450] team0 (unregistering): Port device team_slave_0 removed [ 467.446624][T10275] chnl_net:caif_netlink_parms(): no params data found [ 467.594878][T10080] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 467.657103][T10080] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 467.728310][T10080] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 467.736425][ T5245] Bluetooth: hci3: command tx timeout [ 467.756996][T10080] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 467.791413][ T9995] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 467.811067][T10275] bridge0: port 1(bridge_slave_0) entered blocking state [ 467.826653][T10275] bridge0: port 1(bridge_slave_0) entered disabled state [ 467.833858][T10275] bridge_slave_0: entered allmulticast mode [ 467.839878][ T5245] Bluetooth: hci2: command 0x0406 tx timeout [ 467.849264][T10275] bridge_slave_0: entered promiscuous mode [ 467.858374][T10275] bridge0: port 2(bridge_slave_1) entered blocking state [ 467.865518][T10275] bridge0: port 2(bridge_slave_1) entered disabled state [ 467.873296][T10275] bridge_slave_1: entered allmulticast mode [ 467.880506][T10275] bridge_slave_1: entered promiscuous mode [ 467.981239][T10275] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 467.992957][T10275] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 468.039918][T10275] team0: Port device team_slave_0 added [ 468.065901][T10275] team0: Port device team_slave_1 added [ 468.134673][T10275] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 468.146703][T10275] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 468.203721][T10275] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 468.220192][ T9995] veth0_vlan: entered promiscuous mode [ 468.243066][ T9995] veth1_vlan: entered promiscuous mode [ 468.259580][T10275] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 468.275362][T10275] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 468.314245][T10275] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 468.411201][T10275] hsr_slave_0: entered promiscuous mode [ 468.427182][T10275] hsr_slave_1: entered promiscuous mode [ 468.558591][ T6450] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 468.610871][ T9995] veth0_macvtap: entered promiscuous mode [ 468.651572][ T6450] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 468.693713][ T9995] veth1_macvtap: entered promiscuous mode [ 468.750348][ T6450] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 468.795096][ T9995] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 468.813784][ T9995] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 468.837178][ T9995] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 468.856359][ T9995] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 468.866259][ T9995] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 468.886367][ T9995] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 468.898714][ T9995] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 468.920313][T10080] 8021q: adding VLAN 0 to HW filter on device bond0 [ 468.985768][ T6450] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 469.021571][T10080] 8021q: adding VLAN 0 to HW filter on device team0 [ 469.040537][ T9995] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 469.054475][ T9995] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.066398][ T9995] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 469.086579][ T9995] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.105275][ T9995] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 469.126526][ T9995] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.147769][ T9995] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 469.171171][ T6455] bridge0: port 1(bridge_slave_0) entered blocking state [ 469.178319][ T6455] bridge0: port 1(bridge_slave_0) entered forwarding state [ 469.200542][ T9995] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.216386][ T9995] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.225120][ T9995] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.241697][ T9995] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.263417][ T6455] bridge0: port 2(bridge_slave_1) entered blocking state [ 469.270646][ T6455] bridge0: port 2(bridge_slave_1) entered forwarding state [ 469.480073][ T6450] bridge_slave_1: left allmulticast mode [ 469.485779][ T6450] bridge_slave_1: left promiscuous mode [ 469.497858][ T6450] bridge0: port 2(bridge_slave_1) entered disabled state [ 469.524887][ T6450] bridge_slave_0: left allmulticast mode [ 469.531105][ T6450] bridge_slave_0: left promiscuous mode [ 469.543238][ T6450] bridge0: port 1(bridge_slave_0) entered disabled state [ 469.824291][ T5236] Bluetooth: hci3: command tx timeout [ 470.276981][ T6450] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 470.300412][ T6450] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 470.311975][ T6450] bond0 (unregistering): Released all slaves [ 470.419494][ T6455] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 470.445681][ T6455] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 470.786256][ T6459] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 470.826650][ T6459] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 471.210794][ T6450] hsr_slave_0: left promiscuous mode [ 471.256543][ T6450] hsr_slave_1: left promiscuous mode [ 471.303260][ T6450] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 471.323518][ T6450] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 471.367132][ T6450] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 471.386414][ T6450] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 471.455842][ T6450] veth1_macvtap: left promiscuous mode [ 471.484050][ T6450] veth0_macvtap: left promiscuous mode [ 471.503595][ T6450] veth1_vlan: left promiscuous mode [ 471.517745][ T6450] veth0_vlan: left promiscuous mode [ 471.906280][ T5236] Bluetooth: hci3: command tx timeout [ 472.925346][ T6450] team0 (unregistering): Port device team_slave_1 removed [ 472.982810][ T6450] team0 (unregistering): Port device team_slave_0 removed [ 473.680148][T10275] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 473.713447][T10275] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 473.770721][T10275] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 473.798137][T10275] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 473.852284][T10080] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 474.061744][T10080] veth0_vlan: entered promiscuous mode [ 474.126792][T10080] veth1_vlan: entered promiscuous mode [ 474.160091][T10080] veth0_macvtap: entered promiscuous mode [ 474.169590][T10080] veth1_macvtap: entered promiscuous mode [ 474.185079][T10080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.195941][T10080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.206246][T10080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.218367][T10080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.228925][T10080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.239422][T10080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.250631][T10080] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 474.263296][T10275] 8021q: adding VLAN 0 to HW filter on device bond0 [ 474.336936][T10080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.347467][T10080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.366469][T10080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.396597][T10080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.411421][T10080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.422295][T10080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.433963][T10080] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 474.446889][T10080] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.455647][T10080] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.464933][T10080] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.474023][T10080] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.621052][T10275] 8021q: adding VLAN 0 to HW filter on device team0 [ 474.645080][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 474.652361][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 474.705239][ T6462] bridge0: port 2(bridge_slave_1) entered blocking state [ 474.712467][ T6462] bridge0: port 2(bridge_slave_1) entered forwarding state [ 474.773352][ T6450] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 474.785160][ T6450] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 474.864153][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 474.880119][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 475.369232][T10275] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 475.492036][T10275] veth0_vlan: entered promiscuous mode [ 475.538608][T10275] veth1_vlan: entered promiscuous mode [ 475.681446][T10275] veth0_macvtap: entered promiscuous mode [ 475.704890][T10275] veth1_macvtap: entered promiscuous mode [ 475.744322][T10275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 475.765773][T10275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.786022][T10275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 475.796979][T10275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.827750][T10275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 475.866412][T10275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.876270][T10275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 475.916447][T10275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.929763][T10275] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 475.960257][T10275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 475.981261][T10275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.999426][T10275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 476.023247][T10275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.053528][T10275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 476.079580][T10275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.103129][T10275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 476.124321][T10275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.156166][T10275] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 476.209127][T10275] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.227801][T10275] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.246523][T10275] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.276107][T10275] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.518081][ T6451] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 476.543879][ T6451] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 476.606915][ T6448] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 476.614798][ T6448] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 478.161664][T10500] nbd: must specify at least one socket [ 480.033920][T10550] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 482.162402][T10603] netlink: 'syz.3.1065': attribute type 11 has an invalid length. [ 483.082087][T10598] Process accounting resumed [ 495.378352][T10811] FAULT_INJECTION: forcing a failure. [ 495.378352][T10811] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 495.563746][T10811] CPU: 0 UID: 0 PID: 10811 Comm: syz.1.1113 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 495.574339][T10811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 495.584440][T10811] Call Trace: [ 495.587755][T10811] [ 495.590732][T10811] dump_stack_lvl+0x16c/0x1f0 [ 495.595482][T10811] should_fail_ex+0x497/0x5b0 [ 495.600230][T10811] _copy_to_user+0x30/0xc0 [ 495.604705][T10811] simple_read_from_buffer+0xd0/0x160 [ 495.610150][T10811] proc_fail_nth_read+0x198/0x270 [ 495.615236][T10811] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 495.620857][T10811] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 495.626475][T10811] vfs_read+0x1ce/0xbd0 [ 495.630682][T10811] ? __fget_files+0x23a/0x3f0 [ 495.635416][T10811] ? fdget_pos+0x24c/0x360 [ 495.639879][T10811] ? __pfx_lock_release+0x10/0x10 [ 495.644976][T10811] ? trace_lock_acquire+0x14a/0x1d0 [ 495.650257][T10811] ? __pfx_vfs_read+0x10/0x10 [ 495.654982][T10811] ? __pfx___mutex_lock+0x10/0x10 [ 495.660101][T10811] ? __fget_files+0x244/0x3f0 [ 495.664838][T10811] ksys_read+0x12f/0x260 [ 495.669123][T10811] ? __pfx_ksys_read+0x10/0x10 [ 495.673937][T10811] do_syscall_64+0xcd/0x250 [ 495.678494][T10811] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 495.684472][T10811] RIP: 0033:0x7faca537ca3c [ 495.688923][T10811] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 495.708577][T10811] RSP: 002b:00007faca6097030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 495.717056][T10811] RAX: ffffffffffffffda RBX: 00007faca5535f80 RCX: 00007faca537ca3c [ 495.725075][T10811] RDX: 000000000000000f RSI: 00007faca60970a0 RDI: 0000000000000007 [ 495.733090][T10811] RBP: 00007faca6097090 R08: 0000000000000000 R09: 0000000000000000 [ 495.741122][T10811] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 495.749131][T10811] R13: 0000000000000000 R14: 00007faca5535f80 R15: 00007ffde90e0fd8 [ 495.757170][T10811] [ 499.022602][T10840] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1121'. [ 499.969594][T10863] netlink: 229 bytes leftover after parsing attributes in process `syz.2.1127'. [ 501.989330][T10929] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1144'. [ 506.699945][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.706383][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.808338][T11037] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1167'. [ 507.217515][T11044] netlink: 235 bytes leftover after parsing attributes in process `syz.0.1168'. [ 515.270782][ T5245] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 515.280711][T11188] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 515.289294][T11188] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 515.315554][T11188] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 515.326761][T11188] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 515.334177][T11188] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 516.323024][T11185] chnl_net:caif_netlink_parms(): no params data found [ 517.141907][T11185] bridge0: port 1(bridge_slave_0) entered blocking state [ 517.173317][T11185] bridge0: port 1(bridge_slave_0) entered disabled state [ 517.201214][T11185] bridge_slave_0: entered allmulticast mode [ 517.217302][T11185] bridge_slave_0: entered promiscuous mode [ 517.239116][T11185] bridge0: port 2(bridge_slave_1) entered blocking state [ 517.269020][T11185] bridge0: port 2(bridge_slave_1) entered disabled state [ 517.296666][T11185] bridge_slave_1: entered allmulticast mode [ 517.313946][T11185] bridge_slave_1: entered promiscuous mode [ 517.416599][ T5236] Bluetooth: hci4: command tx timeout [ 517.736906][ T6459] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 517.930979][T11185] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 517.972555][T11185] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 518.112347][ T6459] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 518.429354][ T6459] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 518.492365][T11185] team0: Port device team_slave_0 added [ 518.500925][T11185] team0: Port device team_slave_1 added [ 518.628938][ T6459] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 518.956463][T11185] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 518.963454][T11185] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 519.036712][T11185] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 519.117720][T11185] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 519.170141][T11185] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 519.237653][T11185] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 519.496715][ T5236] Bluetooth: hci4: command tx timeout [ 519.519657][T11185] hsr_slave_0: entered promiscuous mode [ 519.546699][T11185] hsr_slave_1: entered promiscuous mode [ 519.579174][T11185] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 519.608320][T11185] Cannot create hsr debugfs directory [ 519.615366][ T6459] bridge_slave_1: left allmulticast mode [ 519.622205][ T6459] bridge_slave_1: left promiscuous mode [ 519.634831][ T6459] bridge0: port 2(bridge_slave_1) entered disabled state [ 519.660181][ T6459] bridge_slave_0: left allmulticast mode [ 519.665990][ T6459] bridge_slave_0: left promiscuous mode [ 519.676558][ T6459] bridge0: port 1(bridge_slave_0) entered disabled state [ 520.633828][ T6459] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 520.672683][ T6459] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 520.720901][ T6459] bond0 (unregistering): Released all slaves [ 521.365764][ T30] audit: type=1326 audit(2147484013.418:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11255 comm="syz.1.1222" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7faca537dff9 code=0x0 [ 521.576694][ T5236] Bluetooth: hci4: command tx timeout [ 521.736059][ T6459] hsr_slave_0: left promiscuous mode [ 521.759315][ T6459] hsr_slave_1: left promiscuous mode [ 521.773442][ T6459] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 521.793187][ T6459] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 521.837618][ T6459] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 521.852992][ T6459] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 521.902158][ T6459] veth1_macvtap: left promiscuous mode [ 521.914178][ T6459] veth0_macvtap: left promiscuous mode [ 521.927264][ T6459] veth1_vlan: left promiscuous mode [ 521.937933][ T6459] veth0_vlan: left promiscuous mode [ 523.447273][ T6459] team0 (unregistering): Port device team_slave_1 removed [ 523.500431][ T6459] team0 (unregistering): Port device team_slave_0 removed [ 523.660093][T11188] Bluetooth: hci4: command tx timeout [ 524.134039][T11290] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1230'. [ 524.154847][T11188] Bluetooth: hci0: command 0x0406 tx timeout [ 524.602026][T11185] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 524.659350][T11185] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 524.727978][T11185] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 524.753312][T11185] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 525.104000][T11185] 8021q: adding VLAN 0 to HW filter on device bond0 [ 525.151983][T11332] Process accounting resumed [ 525.174009][T11334] Process accounting resumed [ 525.176066][T11185] 8021q: adding VLAN 0 to HW filter on device team0 [ 525.201411][ T6456] bridge0: port 1(bridge_slave_0) entered blocking state [ 525.208627][ T6456] bridge0: port 1(bridge_slave_0) entered forwarding state [ 525.283242][ T6461] bridge0: port 2(bridge_slave_1) entered blocking state [ 525.290421][ T6461] bridge0: port 2(bridge_slave_1) entered forwarding state [ 525.320850][T11338] Process accounting resumed [ 525.939932][T11360] FAULT_INJECTION: forcing a failure. [ 525.939932][T11360] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 526.016377][T11360] CPU: 1 UID: 0 PID: 11360 Comm: syz.2.1242 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 526.026890][T11360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 526.037003][T11360] Call Trace: [ 526.038182][T11185] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 526.040304][T11360] [ 526.040322][T11360] dump_stack_lvl+0x16c/0x1f0 [ 526.054812][T11360] should_fail_ex+0x497/0x5b0 [ 526.059581][T11360] _copy_from_iter+0x29b/0x13e0 [ 526.064511][T11360] ? __pfx__copy_from_iter+0x10/0x10 [ 526.069863][T11360] ? __virt_addr_valid+0x1a4/0x590 [ 526.075048][T11360] ? __virt_addr_valid+0x5e/0x590 [ 526.080140][T11360] ? __phys_addr_symbol+0x30/0x80 [ 526.085220][T11360] ? __check_object_size+0x488/0x710 [ 526.090577][T11360] netlink_sendmsg+0x813/0xd70 [ 526.095408][T11360] ? __pfx_netlink_sendmsg+0x10/0x10 [ 526.100768][T11360] ____sys_sendmsg+0x9ae/0xb40 [ 526.105575][T11360] ? copy_msghdr_from_user+0x10b/0x160 [ 526.111081][T11360] ? __pfx_____sys_sendmsg+0x10/0x10 [ 526.116417][T11360] ? __pfx___lock_acquire+0x10/0x10 [ 526.121685][T11360] ___sys_sendmsg+0x135/0x1e0 [ 526.126410][T11360] ? __pfx____sys_sendmsg+0x10/0x10 [ 526.131675][T11360] ? lock_acquire+0x2f/0xb0 [ 526.136226][T11360] ? __fget_files+0x40/0x3f0 [ 526.140864][T11360] ? fdget+0x176/0x210 [ 526.144969][T11360] __sys_sendmsg+0x117/0x1f0 [ 526.149612][T11360] ? __pfx___sys_sendmsg+0x10/0x10 [ 526.154773][T11360] ? __fget_files+0x244/0x3f0 [ 526.159508][T11360] do_syscall_64+0xcd/0x250 [ 526.164061][T11360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 526.169995][T11360] RIP: 0033:0x7f3c2817dff9 [ 526.174437][T11360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 526.194082][T11360] RSP: 002b:00007f3c28fe2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 526.202531][T11360] RAX: ffffffffffffffda RBX: 00007f3c28335f80 RCX: 00007f3c2817dff9 [ 526.210555][T11360] RDX: 0000000000040000 RSI: 0000000020000c00 RDI: 0000000000000003 [ 526.218570][T11360] RBP: 00007f3c28fe2090 R08: 0000000000000000 R09: 0000000000000000 [ 526.226586][T11360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 526.234671][T11360] R13: 0000000000000000 R14: 00007f3c28335f80 R15: 00007ffdab72aea8 [ 526.242695][T11360] [ 526.279094][T11185] veth0_vlan: entered promiscuous mode [ 526.297733][T11185] veth1_vlan: entered promiscuous mode [ 526.360290][T11185] veth0_macvtap: entered promiscuous mode [ 526.428923][T11185] veth1_macvtap: entered promiscuous mode [ 526.445537][T11185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 526.456676][T11185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 526.466950][T11185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 526.477722][T11185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 526.487869][T11185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 526.498660][T11185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 526.508782][T11185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 526.520560][T11185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 526.532716][T11185] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 526.544504][T11185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 526.555114][T11185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 526.565053][T11185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 526.575578][T11185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 526.585522][T11185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 526.596074][T11185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 526.606053][T11185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 526.616846][T11185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 526.628747][T11185] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 526.712718][T11185] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 526.721637][T11185] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 526.730750][T11185] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 526.739996][T11185] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 527.068452][ T6449] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 527.097218][ T6449] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 527.130146][ T6461] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 527.158310][ T6461] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 528.475775][T11402] FAULT_INJECTION: forcing a failure. [ 528.475775][T11402] name failslab, interval 1, probability 0, space 0, times 0 [ 528.560386][T11402] CPU: 0 UID: 0 PID: 11402 Comm: syz.3.1252 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 528.570900][T11402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 528.581010][T11402] Call Trace: [ 528.584329][T11402] [ 528.587304][T11402] dump_stack_lvl+0x16c/0x1f0 [ 528.592059][T11402] should_fail_ex+0x497/0x5b0 [ 528.596817][T11402] should_failslab+0xc2/0x120 [ 528.601571][T11402] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 528.607018][T11402] ? skb_clone+0x190/0x3f0 [ 528.611514][T11402] skb_clone+0x190/0x3f0 [ 528.615834][T11402] netlink_deliver_tap+0xb26/0xcf0 [ 528.621102][T11402] netlink_unicast+0x5e1/0x7f0 [ 528.625933][T11402] ? __pfx_netlink_unicast+0x10/0x10 [ 528.631295][T11402] ? __phys_addr_symbol+0x30/0x80 [ 528.636387][T11402] ? __check_object_size+0x488/0x710 [ 528.641763][T11402] netlink_sendmsg+0x8b8/0xd70 [ 528.646596][T11402] ? __pfx_netlink_sendmsg+0x10/0x10 [ 528.651989][T11402] ____sys_sendmsg+0x9ae/0xb40 [ 528.656814][T11402] ? copy_msghdr_from_user+0x10b/0x160 [ 528.662411][T11402] ? __pfx_____sys_sendmsg+0x10/0x10 [ 528.667788][T11402] ? __pfx___lock_acquire+0x10/0x10 [ 528.673097][T11402] ___sys_sendmsg+0x135/0x1e0 [ 528.677874][T11402] ? __pfx____sys_sendmsg+0x10/0x10 [ 528.683174][T11402] ? lock_acquire+0x2f/0xb0 [ 528.687745][T11402] ? __fget_files+0x40/0x3f0 [ 528.692584][T11402] ? fdget+0x176/0x210 [ 528.696723][T11402] __sys_sendmsg+0x117/0x1f0 [ 528.701393][T11402] ? __pfx___sys_sendmsg+0x10/0x10 [ 528.706578][T11402] ? __fget_files+0x244/0x3f0 [ 528.711344][T11402] do_syscall_64+0xcd/0x250 [ 528.715928][T11402] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 528.721890][T11402] RIP: 0033:0x7f280197dff9 [ 528.726368][T11402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 528.746126][T11402] RSP: 002b:00007f28026d3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 528.754705][T11402] RAX: ffffffffffffffda RBX: 00007f2801b35f80 RCX: 00007f280197dff9 [ 528.762741][T11402] RDX: 0000000000040000 RSI: 0000000020000c00 RDI: 0000000000000003 [ 528.770773][T11402] RBP: 00007f28026d3090 R08: 0000000000000000 R09: 0000000000000000 [ 528.778796][T11402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 528.786825][T11402] R13: 0000000000000000 R14: 00007f2801b35f80 R15: 00007ffd8c9d4bd8 [ 528.794961][T11402] [ 530.306375][T11435] FAULT_INJECTION: forcing a failure. [ 530.306375][T11435] name failslab, interval 1, probability 0, space 0, times 0 [ 530.387510][T11435] CPU: 1 UID: 0 PID: 11435 Comm: syz.3.1262 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 530.398019][T11435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 530.408148][T11435] Call Trace: [ 530.411504][T11435] [ 530.414484][T11435] dump_stack_lvl+0x16c/0x1f0 [ 530.419239][T11435] should_fail_ex+0x497/0x5b0 [ 530.423991][T11435] ? fs_reclaim_acquire+0xae/0x160 [ 530.429180][T11435] should_failslab+0xc2/0x120 [ 530.433937][T11435] __kmalloc_noprof+0xcb/0x410 [ 530.438808][T11435] ? __pfx___mutex_trylock_common+0x10/0x10 [ 530.444784][T11435] ? genl_rcv_msg+0x580/0x800 [ 530.449536][T11435] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 530.456735][T11435] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 530.462265][T11435] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 530.468419][T11435] ? __radix_tree_lookup+0x21f/0x2c0 [ 530.473789][T11435] genl_rcv_msg+0x565/0x800 [ 530.478372][T11435] ? __pfx_genl_rcv_msg+0x10/0x10 [ 530.483468][T11435] ? __pfx_tipc_nl_bearer_disable+0x10/0x10 [ 530.489546][T11435] netlink_rcv_skb+0x165/0x410 [ 530.494376][T11435] ? __pfx_genl_rcv_msg+0x10/0x10 [ 530.499474][T11435] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 530.504854][T11435] ? down_read+0xc9/0x330 [ 530.509259][T11435] ? __pfx_down_read+0x10/0x10 [ 530.514104][T11435] ? netlink_deliver_tap+0x1ae/0xcf0 [ 530.519456][T11435] genl_rcv+0x28/0x40 [ 530.523497][T11435] netlink_unicast+0x53c/0x7f0 [ 530.528416][T11435] ? __pfx_netlink_unicast+0x10/0x10 [ 530.533771][T11435] ? __phys_addr_symbol+0x30/0x80 [ 530.539242][T11435] ? __check_object_size+0x488/0x710 [ 530.544615][T11435] netlink_sendmsg+0x8b8/0xd70 [ 530.549452][T11435] ? __pfx_netlink_sendmsg+0x10/0x10 [ 530.554817][T11435] ____sys_sendmsg+0x9ae/0xb40 [ 530.559649][T11435] ? copy_msghdr_from_user+0x10b/0x160 [ 530.565189][T11435] ? __pfx_____sys_sendmsg+0x10/0x10 [ 530.570639][T11435] ? __pfx___lock_acquire+0x10/0x10 [ 530.575993][T11435] ___sys_sendmsg+0x135/0x1e0 [ 530.580751][T11435] ? __pfx____sys_sendmsg+0x10/0x10 [ 530.586060][T11435] ? lock_acquire+0x2f/0xb0 [ 530.590688][T11435] ? __fget_files+0x40/0x3f0 [ 530.595464][T11435] ? fdget+0x176/0x210 [ 530.599693][T11435] __sys_sendmsg+0x117/0x1f0 [ 530.604368][T11435] ? __pfx___sys_sendmsg+0x10/0x10 [ 530.609554][T11435] ? __fget_files+0x244/0x3f0 [ 530.614319][T11435] do_syscall_64+0xcd/0x250 [ 530.618896][T11435] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 530.624868][T11435] RIP: 0033:0x7f280197dff9 [ 530.629349][T11435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 530.649045][T11435] RSP: 002b:00007f28026d3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 530.657523][T11435] RAX: ffffffffffffffda RBX: 00007f2801b35f80 RCX: 00007f280197dff9 [ 530.665548][T11435] RDX: 0000000000040000 RSI: 0000000020000c00 RDI: 0000000000000003 [ 530.673574][T11435] RBP: 00007f28026d3090 R08: 0000000000000000 R09: 0000000000000000 [ 530.681601][T11435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 530.689716][T11435] R13: 0000000000000000 R14: 00007f2801b35f80 R15: 00007ffd8c9d4bd8 [ 530.697758][T11435] [ 531.771394][ T6460] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 532.290767][ T6460] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 532.914975][T11465] delete_channel: no stack [ 533.031804][T11188] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 533.040423][ T6460] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 533.052340][T11188] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 533.060573][T11188] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 533.069381][T11188] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 533.079144][T11188] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 533.086789][T11188] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 533.249275][T11470] FAULT_INJECTION: forcing a failure. [ 533.249275][T11470] name failslab, interval 1, probability 0, space 0, times 0 [ 533.334229][T11470] CPU: 1 UID: 0 PID: 11470 Comm: syz.2.1272 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 533.344736][T11470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 533.354849][T11470] Call Trace: [ 533.358181][T11470] [ 533.361152][T11470] dump_stack_lvl+0x16c/0x1f0 [ 533.365904][T11470] should_fail_ex+0x497/0x5b0 [ 533.370661][T11470] ? fs_reclaim_acquire+0xae/0x160 [ 533.375844][T11470] should_failslab+0xc2/0x120 [ 533.380593][T11470] kmem_cache_alloc_node_noprof+0x71/0x310 [ 533.386491][T11470] ? __alloc_skb+0x2b3/0x380 [ 533.391163][T11470] __alloc_skb+0x2b3/0x380 [ 533.395655][T11470] ? __pfx___alloc_skb+0x10/0x10 [ 533.400669][T11470] ? genl_rcv_msg+0x4bd/0x800 [ 533.405424][T11470] netlink_ack+0x164/0xb20 [ 533.409917][T11470] netlink_rcv_skb+0x327/0x410 [ 533.414744][T11470] ? __pfx_genl_rcv_msg+0x10/0x10 [ 533.419833][T11470] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 533.425190][T11470] ? down_read+0xc9/0x330 [ 533.429594][T11470] ? __pfx_down_read+0x10/0x10 [ 533.434534][T11470] ? netlink_deliver_tap+0x1ae/0xcf0 [ 533.439887][T11470] genl_rcv+0x28/0x40 [ 533.443940][T11470] netlink_unicast+0x53c/0x7f0 [ 533.448856][T11470] ? __pfx_netlink_unicast+0x10/0x10 [ 533.454199][T11470] ? __phys_addr_symbol+0x30/0x80 [ 533.459277][T11470] ? __check_object_size+0x488/0x710 [ 533.464632][T11470] netlink_sendmsg+0x8b8/0xd70 [ 533.469459][T11470] ? __pfx_netlink_sendmsg+0x10/0x10 [ 533.474832][T11470] ____sys_sendmsg+0x9ae/0xb40 [ 533.479738][T11470] ? copy_msghdr_from_user+0x10b/0x160 [ 533.485267][T11470] ? __pfx_____sys_sendmsg+0x10/0x10 [ 533.490624][T11470] ? __pfx___lock_acquire+0x10/0x10 [ 533.495911][T11470] ___sys_sendmsg+0x135/0x1e0 [ 533.500660][T11470] ? __pfx____sys_sendmsg+0x10/0x10 [ 533.505951][T11470] ? lock_acquire+0x2f/0xb0 [ 533.510521][T11470] ? __fget_files+0x40/0x3f0 [ 533.515174][T11470] ? fdget+0x176/0x210 [ 533.519298][T11470] __sys_sendmsg+0x117/0x1f0 [ 533.523950][T11470] ? __pfx___sys_sendmsg+0x10/0x10 [ 533.529128][T11470] ? __fget_files+0x244/0x3f0 [ 533.533902][T11470] do_syscall_64+0xcd/0x250 [ 533.538575][T11470] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 533.544525][T11470] RIP: 0033:0x7f3c2817dff9 [ 533.548998][T11470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 533.568663][T11470] RSP: 002b:00007f3c28fe2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 533.577131][T11470] RAX: ffffffffffffffda RBX: 00007f3c28335f80 RCX: 00007f3c2817dff9 [ 533.585178][T11470] RDX: 0000000000040000 RSI: 0000000020000c00 RDI: 0000000000000003 [ 533.593196][T11470] RBP: 00007f3c28fe2090 R08: 0000000000000000 R09: 0000000000000000 [ 533.601215][T11470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 533.609230][T11470] R13: 0000000000000000 R14: 00007f3c28335f80 R15: 00007ffdab72aea8 [ 533.617268][T11470] [ 533.781935][ T6460] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 534.185125][T11467] chnl_net:caif_netlink_parms(): no params data found [ 534.859283][T11467] bridge0: port 1(bridge_slave_0) entered blocking state [ 534.878268][T11467] bridge0: port 1(bridge_slave_0) entered disabled state [ 534.885558][T11467] bridge_slave_0: entered allmulticast mode [ 534.916701][T11467] bridge_slave_0: entered promiscuous mode [ 534.934242][ T6460] bridge_slave_1: left allmulticast mode [ 534.946483][ T6460] bridge_slave_1: left promiscuous mode [ 534.952243][ T6460] bridge0: port 2(bridge_slave_1) entered disabled state [ 535.119109][ T6460] bridge_slave_0: left allmulticast mode [ 535.130388][ T6460] bridge_slave_0: left promiscuous mode [ 535.147091][ T6460] bridge0: port 1(bridge_slave_0) entered disabled state [ 535.186448][T11188] Bluetooth: hci3: command tx timeout [ 537.256456][T11188] Bluetooth: hci3: command tx timeout [ 537.637271][ T6460] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 537.727121][ T6460] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 537.786908][ T6460] bond0 (unregistering): Released all slaves [ 537.858278][T11467] bridge0: port 2(bridge_slave_1) entered blocking state [ 537.865457][T11467] bridge0: port 2(bridge_slave_1) entered disabled state [ 537.896849][T11467] bridge_slave_1: entered allmulticast mode [ 537.908863][T11467] bridge_slave_1: entered promiscuous mode [ 538.347579][T11467] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 538.686739][T11467] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 539.050415][T11467] team0: Port device team_slave_0 added [ 539.070803][T11467] team0: Port device team_slave_1 added [ 539.344469][T11188] Bluetooth: hci3: command tx timeout [ 539.634321][T11544] Invalid ELF header magic: != ELF [ 539.807783][T11467] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 539.830762][T11467] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 539.908962][T11467] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 540.019989][T11547] Invalid ELF header magic: != ELF [ 540.173819][ T6460] hsr_slave_0: left promiscuous mode [ 540.487407][ T6460] hsr_slave_1: left promiscuous mode [ 540.602695][ T6460] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 540.627105][ T6460] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 540.647177][ T6460] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 540.673709][ T6460] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 540.804040][ T6460] veth1_macvtap: left promiscuous mode [ 540.826483][ T6460] veth0_macvtap: left promiscuous mode [ 540.836758][ T6460] veth1_vlan: left promiscuous mode [ 540.842207][ T6460] veth0_vlan: left promiscuous mode [ 541.416586][T11188] Bluetooth: hci3: command tx timeout [ 541.896581][ T31] INFO: task syz.2.809:9339 blocked for more than 143 seconds. [ 541.920531][ T31] Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 541.946378][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 541.955275][ T31] task:syz.2.809 state:D stack:28592 pid:9339 tgid:9336 ppid:8512 flags:0x00000004 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 542.105086][ T31] Call Trace: [ 542.108766][ T31] [ 542.112222][ T31] __schedule+0xef5/0x5750 [ 542.116907][ T31] ? __pfx___lock_acquire+0x10/0x10 [ 542.122287][ T31] ? __pfx___schedule+0x10/0x10 [ 542.127360][ T31] ? schedule+0x298/0x350 [ 542.131776][ T31] ? __pfx_lock_release+0x10/0x10 [ 542.137686][ T31] ? trace_lock_acquire+0x14a/0x1d0 [ 542.142955][ T31] ? lock_acquire+0x2f/0xb0 [ 542.147592][ T31] ? schedule+0x1fd/0x350 [ 542.151979][ T31] schedule+0xe7/0x350 [ 542.156120][ T31] schedule_timeout+0x258/0x2a0 [ 542.161207][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 542.166802][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 542.172076][ T31] __wait_for_common+0x3e1/0x600 [ 542.177162][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 542.182775][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 542.188464][ T31] ? __pfx_try_to_wake_up+0x10/0x10 [ 542.193834][ T31] wait_for_completion_state+0x1c/0x40 [ 542.199581][ T31] do_coredump+0x82f/0x4160 [ 542.204160][ T31] ? hlock_class+0x4e/0x130 [ 542.208899][ T31] ? stack_depot_save_flags+0x28/0x900 [ 542.214939][ T31] ? __pfx_do_coredump+0x10/0x10 [ 542.220096][ T31] ? kmem_cache_free+0x152/0x4b0 [ 542.225103][ T31] ? syscall_exit_to_user_mode+0x150/0x2a0 [ 542.231026][ T31] ? do_syscall_64+0xda/0x250 [ 542.235772][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 542.242040][ T31] get_signal+0x237c/0x26d0 [ 542.246687][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 542.251946][ T31] ? __pfx_get_signal+0x10/0x10 [ 542.256928][ T31] ? force_sig_info_to_task+0x3a0/0x660 [ 542.262529][ T31] arch_do_signal_or_restart+0x90/0x7e0 [ 542.268205][ T31] ? __pfx_force_exit_sig+0x10/0x10 [ 542.273451][ T31] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 542.279839][ T31] syscall_exit_to_user_mode+0x150/0x2a0 [ 542.285533][ T31] do_syscall_64+0xda/0x250 [ 542.290261][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 542.296580][ T31] RIP: 0033:0x7fe7b277dff9 [ 542.301050][ T31] RSP: 002b:00007fe7b21ff0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 542.309587][ T31] RAX: ffffffffffffffda RBX: 00007fe7b2936138 RCX: 00007fe7b277dff9 [ 542.317893][ T31] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe7b293613c [ 542.325904][ T31] RBP: 00007fe7b2936130 R08: 00007fe7b34cf080 R09: 0000000000000000 [ 542.334267][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe7b293613c [ 542.342458][ T31] R13: 0000000000000000 R14: 00007ffc19fdbd80 R15: 00007ffc19fdbe68 [ 542.350580][ T31] [ 542.353697][ T31] [ 542.353697][ T31] Showing all locks held in the system: [ 542.361660][ T31] 1 lock held by khungtaskd/31: [ 542.366732][ T31] #0: ffffffff8ddb77c0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x7f/0x390 [ 542.376881][ T31] 2 locks held by dhcpcd/4898: [ 542.381704][ T31] #0: ffff88807cf516c8 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: __netlink_dump_start+0x154/0x980 [ 542.394970][ T31] #1: ffffffff8fac2868 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x18f/0x1f0 [ 542.404054][ T31] 2 locks held by getty/4991: [ 542.408943][ T31] #0: ffff8880322420a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 542.419078][ T31] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfba/0x1480 [ 542.429514][ T31] 3 locks held by kworker/u8:18/6457: [ 542.434926][ T31] #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1212/0x1b30 [ 542.446420][ T31] #1: ffffc90003fc7d80 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30 [ 542.457008][ T31] #2: ffffffff8fac2868 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0x51/0xc0 [ 542.466218][ T31] 5 locks held by kworker/u8:20/6460: [ 542.471724][ T31] #0: ffff88801baed948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1212/0x1b30 [ 542.482321][ T31] #1: ffffc90003fe7d80 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30 [ 542.492904][ T31] #2: ffffffff8faacc50 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xbb/0xb40 [ 542.502538][ T31] #3: ffffffff8fac2868 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0x8f/0x9b0 [ 542.512952][ T31] #4: ffffffff8ddc3138 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock+0x282/0x3b0 [ 542.526625][ T31] 2 locks held by kworker/u8:21/6461: [ 542.532046][ T31] #0: ffff888145ac1148 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_one_work+0x1212/0x1b30 [ 542.543032][ T31] #1: ffffc900035cfd80 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30 [ 542.554757][ T31] 1 lock held by syz.2.809/9338: [ 542.559829][ T31] 1 lock held by syz-executor/9995: [ 542.565131][ T31] 2 locks held by syz.2.1258/11461: [ 542.570466][ T31] 2 locks held by syz.3.1267/11463: [ 542.575704][ T31] 2 locks held by syz.3.1267/11466: [ 542.581042][ T31] 1 lock held by syz-executor/11467: [ 542.586519][ T31] #0: ffffffff8fac2868 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 542.596367][ T31] 2 locks held by syz.2.1290/11562: [ 542.601644][ T31] 2 locks held by syz.3.1293/11567: [ 542.606952][ T31] [ 542.609313][ T31] ============================================= [ 542.609313][ T31] [ 542.620040][ T31] NMI backtrace for cpu 0 [ 542.624408][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 542.634608][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 542.644712][ T31] Call Trace: [ 542.648022][ T31] [ 542.650982][ T31] dump_stack_lvl+0x116/0x1f0 [ 542.655745][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 542.660743][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 542.666783][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 542.672815][ T31] watchdog+0xf0c/0x1240 [ 542.677279][ T31] ? __pfx_watchdog+0x10/0x10 [ 542.682095][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 542.687324][ T31] ? __kthread_parkme+0x148/0x220 [ 542.692527][ T31] ? __pfx_watchdog+0x10/0x10 [ 542.697250][ T31] kthread+0x2c1/0x3a0 [ 542.701354][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 542.706592][ T31] ? __pfx_kthread+0x10/0x10 [ 542.711319][ T31] ret_from_fork+0x45/0x80 [ 542.715760][ T31] ? __pfx_kthread+0x10/0x10 [ 542.720473][ T31] ret_from_fork_asm+0x1a/0x30 [ 542.725299][ T31] [ 542.728962][ T31] Sending NMI from CPU 0 to CPUs 1: [ 542.734257][ C1] NMI backtrace for cpu 1 [ 542.734272][ C1] CPU: 1 UID: 0 PID: 11567 Comm: syz.3.1293 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 542.734303][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 542.734317][ C1] RIP: 0010:unwind_next_frame+0x22/0x20c0 [ 542.734349][ C1] Code: 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 b8 00 00 00 00 00 fc ff df 48 89 fa 41 57 48 c1 ea 03 41 56 41 55 49 89 fd 41 54 55 53 <48> 83 ec 38 0f b6 04 02 84 c0 74 08 3c 03 0f 8e 48 0a 00 00 41 8b [ 542.734374][ C1] RSP: 0018:ffffc90003cf6ee0 EFLAGS: 00000a02 [ 542.734395][ C1] RAX: dffffc0000000000 RBX: ffffc90003cf6f18 RCX: 0000000000000000 [ 542.734413][ C1] RDX: 1ffff9200079ede3 RSI: ffffffff81532f68 RDI: ffffc90003cf6f18 [ 542.734430][ C1] RBP: ffffc90003cf6fa8 R08: ffffc90003cf6f4c R09: ffffffff90ad706e [ 542.734447][ C1] R10: ffffc90003cf6f18 R11: 0000000000004fbf R12: ffffffff817892d0 [ 542.734464][ C1] R13: ffffc90003cf6f18 R14: 0000000000000000 R15: ffff88807d020000 [ 542.734482][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 542.734506][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 542.734524][ C1] CR2: 000055557ee717d0 CR3: 000000000db7c000 CR4: 00000000003526f0 [ 542.734541][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 542.734557][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 542.734573][ C1] Call Trace: [ 542.734580][ C1] [ 542.734589][ C1] ? nmi_cpu_backtrace+0x1d8/0x390 [ 542.734619][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 542.734657][ C1] ? nmi_handle+0x1a9/0x5c0 [ 542.734684][ C1] ? unwind_next_frame+0x22/0x20c0 [ 542.734711][ C1] ? default_do_nmi+0x6a/0x160 [ 542.734734][ C1] ? exc_nmi+0x170/0x1e0 [ 542.734757][ C1] ? end_repeat_nmi+0xf/0x53 [ 542.734790][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 542.734822][ C1] ? get_signal+0x2658/0x26d0 [ 542.734849][ C1] ? unwind_next_frame+0x22/0x20c0 [ 542.734876][ C1] ? unwind_next_frame+0x22/0x20c0 [ 542.734902][ C1] ? unwind_next_frame+0x22/0x20c0 [ 542.734929][ C1] [ 542.734936][ C1] [ 542.734944][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 542.734974][ C1] arch_stack_walk+0x95/0x100 [ 542.735008][ C1] ? get_signal+0x2658/0x26d0 [ 542.735054][ C1] stack_trace_save+0x95/0xd0 [ 542.735082][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 542.735115][ C1] save_stack+0x162/0x1f0 [ 542.735145][ C1] ? __pfx_save_stack+0x10/0x10 [ 542.735173][ C1] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 542.735213][ C1] ? free_unref_folios+0x956/0x1310 [ 542.735249][ C1] ? folios_put_refs+0x551/0x750 [ 542.735294][ C1] ? free_pages_and_swap_cache+0x36d/0x510 [ 542.735325][ C1] ? __tlb_batch_free_encoded_pages+0xf9/0x290 [ 542.735366][ C1] ? tlb_flush_mmu+0xe9/0x590 [ 542.735402][ C1] ? unmap_page_range+0x1bf4/0x3ce0 [ 542.735434][ C1] ? unmap_single_vma+0x194/0x2b0 [ 542.735465][ C1] ? unmap_vmas+0x22f/0x490 [ 542.735495][ C1] ? exit_mmap+0x1c6/0xb30 [ 542.735526][ C1] ? __mmput+0x12a/0x480 [ 542.735552][ C1] ? mmput+0x62/0x70 [ 542.735576][ C1] ? do_exit+0x9bf/0x2d70 [ 542.735609][ C1] ? do_group_exit+0xd3/0x2a0 [ 542.735644][ C1] ? get_signal+0x2658/0x26d0 [ 542.735676][ C1] __reset_page_owner+0x8d/0x400 [ 542.735710][ C1] free_unref_folios+0x956/0x1310 [ 542.735752][ C1] folios_put_refs+0x551/0x750 [ 542.735791][ C1] ? __pfx_folios_put_refs+0x10/0x10 [ 542.735829][ C1] ? lock_acquire+0x2f/0xb0 [ 542.735867][ C1] ? mlock_drain_local+0x6f/0x4f0 [ 542.735895][ C1] free_pages_and_swap_cache+0x36d/0x510 [ 542.735928][ C1] ? __pfx_free_pages_and_swap_cache+0x10/0x10 [ 542.735966][ C1] ? __pfx___lock_acquire+0x10/0x10 [ 542.736004][ C1] ? hlock_class+0x4e/0x130 [ 542.736046][ C1] ? folio_memcg_unlock+0x5c/0x120 [ 542.736078][ C1] ? __pfx___might_resched+0x10/0x10 [ 542.736103][ C1] ? find_held_lock+0x2d/0x110 [ 542.736134][ C1] __tlb_batch_free_encoded_pages+0xf9/0x290 [ 542.736177][ C1] tlb_flush_mmu+0xe9/0x590 [ 542.736217][ C1] unmap_page_range+0x1bf4/0x3ce0 [ 542.736289][ C1] ? __pfx_unmap_page_range+0x10/0x10 [ 542.736325][ C1] ? mas_next_slot+0xf00/0x1620 [ 542.736372][ C1] ? uprobe_munmap+0x20/0x5c0 [ 542.736401][ C1] unmap_single_vma+0x194/0x2b0 [ 542.736440][ C1] unmap_vmas+0x22f/0x490 [ 542.736479][ C1] ? __pfx_unmap_vmas+0x10/0x10 [ 542.736518][ C1] ? __pfx_lock_release+0x10/0x10 [ 542.736567][ C1] ? lock_acquire+0x2f/0xb0 [ 542.736609][ C1] ? mlock_drain_local+0x6f/0x4f0 [ 542.736638][ C1] exit_mmap+0x1c6/0xb30 [ 542.736671][ C1] ? trace_contention_end+0xea/0x140 [ 542.736710][ C1] ? __pfx_exit_mmap+0x10/0x10 [ 542.736741][ C1] ? __mutex_lock+0x1a6/0x9c0 [ 542.736789][ C1] __mmput+0x12a/0x480 [ 542.736815][ C1] mmput+0x62/0x70 [ 542.736838][ C1] do_exit+0x9bf/0x2d70 [ 542.736872][ C1] ? get_signal+0x8fb/0x26d0 [ 542.736898][ C1] ? __pfx_do_exit+0x10/0x10 [ 542.736930][ C1] ? do_raw_spin_lock+0x12d/0x2c0 [ 542.736957][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 542.736985][ C1] do_group_exit+0xd3/0x2a0 [ 542.737021][ C1] get_signal+0x2658/0x26d0 [ 542.737052][ C1] ? __pfx_get_signal+0x10/0x10 [ 542.737080][ C1] ? __pfx_do_futex+0x10/0x10 [ 542.737111][ C1] arch_do_signal_or_restart+0x90/0x7e0 [ 542.737146][ C1] ? __do_sys_clone+0xba/0x100 [ 542.737176][ C1] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 542.737220][ C1] syscall_exit_to_user_mode+0x150/0x2a0 [ 542.737260][ C1] do_syscall_64+0xda/0x250 [ 542.737295][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 542.737326][ C1] RIP: 0033:0x7f280197dff9 [ 542.737344][ C1] Code: Unable to access opcode bytes at 0x7f280197dfcf. [ 542.737356][ C1] RSP: 002b:00007f28026d3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 542.737380][ C1] RAX: fffffffffffffff4 RBX: 00007f2801b35f80 RCX: 00007f280197dff9 [ 542.737397][ C1] RDX: ffffffff81000000 RSI: 0000000000000006 RDI: 0000000081000005 [ 542.737413][ C1] RBP: 00007f28019f0296 R08: 0000000080000001 R09: 0000000000000000 [ 542.737430][ C1] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 542.737446][ C1] R13: 0000000000000000 R14: 00007f2801b35f80 R15: 00007ffd8c9d4bd8 [ 542.737467][ C1] ? 0xffffffff81000000 [ 542.737485][ C1] [ 542.738256][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 542.738273][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 542.738312][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 542.738331][ T31] Call Trace: [ 542.738341][ T31] [ 542.738353][ T31] dump_stack_lvl+0x3d/0x1f0 [ 542.738403][ T31] panic+0x71d/0x800 [ 542.738448][ T31] ? __pfx_panic+0x10/0x10 [ 542.738493][ T31] ? preempt_schedule_thunk+0x1a/0x30 [ 542.738533][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 542.738583][ T31] ? preempt_schedule_thunk+0x1a/0x30 [ 542.738620][ T31] ? watchdog+0xd76/0x1240 [ 542.738666][ T31] ? watchdog+0xd69/0x1240 [ 542.738718][ T31] watchdog+0xd87/0x1240 [ 542.738771][ T31] ? __pfx_watchdog+0x10/0x10 [ 542.738818][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 542.738861][ T31] ? __kthread_parkme+0x148/0x220 [ 542.738903][ T31] ? __pfx_watchdog+0x10/0x10 [ 542.738951][ T31] kthread+0x2c1/0x3a0 [ 542.738986][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 542.739032][ T31] ? __pfx_kthread+0x10/0x10 [ 542.739074][ T31] ret_from_fork+0x45/0x80 [ 542.739104][ T31] ? __pfx_kthread+0x10/0x10 [ 542.739143][ T31] ret_from_fork_asm+0x1a/0x30 [ 542.739206][ T31] [ 543.473164][ T31] Kernel Offset: disabled [ 543.477507][ T31] Rebooting in 86400 seconds..