last executing test programs: 19.772329583s ago: executing program 0 (id=635): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/nr_hugepages\x00', 0x642, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x60, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x200}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IF1_AGE={0x8, 0x3, 0x400}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_IFINDEX={0x8}, @HSR_A_IFINDEX={0x8}]}, 0x60}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) r0 = socket(0x2, 0x1, 0x106) setsockopt$auto(r0, 0x6, 0x1, &(0x7f0000000040)='l2tp\x00', 0x7) madvise$auto(0x1, 0x5, 0x3) bind$auto(0x3, &(0x7f0000000080), 0x6d) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x402000b, 0xdf, 0x10000000000eb1, 0x401, 0x8000) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) mlock$auto(0x5, 0xffffffffffff1bd4) ioctl$auto(0x3, 0x80dc5521, 0xb551) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB='h'], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 16.530177216s ago: executing program 0 (id=644): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socket(0xa, 0x2, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x0, 0x8000) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) close_range$auto(0x2, 0x8, 0x0) statmount$auto(&(0x7f0000000000)={0x3, @inferred, 0xc616, 0x0, 0x120000}, 0x0, 0x3ff, 0x1) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) move_pages$auto(r0, 0x1002, 0x0, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) 12.875963283s ago: executing program 0 (id=663): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) ioperm$auto(0x7fb, 0x1, 0x4000007) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r0 = gettid() prctl$auto(0x8, 0x1, r0, 0x6, 0x7fffffff) memfd_create$auto(0x0, 0xe) ftruncate$auto(0x0, 0x8800000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020109, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 7.016273539s ago: executing program 0 (id=685): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x10001, 0x0) mount$auto(0x0, &(0x7f0000000740)='}[,&*}\x00', 0x0, 0xfffe, 0x0) memfd_create$auto(&(0x7f00000002c0)='IPVS\x00', 0x1) mount$auto(0x0, &(0x7f0000000240)='}[,&*}\x00', 0x0, 0x7f, &(0x7f00000002c0)) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000005340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="01002bbd7000fcdbdf2506"], 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x20000000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x200, 0x1) r2 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101000, 0x0) fanotify_mark$auto(0x0, 0x31, 0x9, r2, 0x0) r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r3, 0x0, 0x400018) r4 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f00000000c0), r0) r5 = socket(0x22, 0x2, 0x800088) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r7, r6, 0x4, 0x1ff, r5, @relative_id=0x13, 0xe600}, 0xf) sendmsg$auto_OVS_VPORT_CMD_GET(r0, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0xf4, r4, 0x200, 0x70bd27, 0x25dfdbfe, {}, [@OVS_VPORT_ATTR_UPCALL_PID={0xc5, 0x5, "19a662394715bacbd690d83be1720e7589287c64f2945863d7101ae5d4e59470f7b6d010aacedf139b560c104bdcf80b214d9f7613a0c9e09934a93afa13ec94b100a7a9f75803631793e7ab20bd02057625f9eb9c72d6730c521da29f750bb175104bea34cec74c9d21a22fbdb7f53b3b0eb2fd37f1b32fc1d21fdeb840a7a53210bd1015e3669a6cdcf2d60d01ddd2ff294cae52da1802fbdca26821155fdd2a500b0df4ac3c11f258e0b0fcc95a3ac96e40e996584481a9470ced97b3ccccf6"}, @OVS_VPORT_ATTR_PORT_NO={0x8}, @OVS_VPORT_ATTR_IFINDEX={0x8, 0x8, r7}, @OVS_VPORT_ATTR_NETNSID={0x8, 0x9, 0x5}]}, 0xf4}, 0x1, 0x0, 0x0, 0x24000805}, 0x0) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000040), r0) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000280)={&(0x7f0000000800)={0x2f0, r1, 0x800, 0x70bd29, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SOCK_ADDR={0xa0, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x8a, 0x1, "15091227a1bfad1784d0c74a0ee9b03ba28ae7aac11f4017b8aca712f73254a66eff0b903bb687e6a45dba927fe0ce92a87b97b08961232ddc6c97d4c604a289409f145badc5d2d4002a4a9117cfc001cd0c1a1a88df86eda99d2efd02833dd41d9a236d0b10a7befb96ea903a0d7a4053652eb5b31af881f220dbb53d0087d30b183d2bc589"}, @NFSD_A_SOCK_TRANSPORT_NAME={0xe, 0x2, 'ovs_vport\x00'}]}, @NFSD_A_SERVER_SOCK_ADDR={0xe4, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0xb1, 0x1, "73ef96c638991268d9e1e548980963c3df1ee7a888f7362dfb1d8b5b57161c3c9991e30ebe82605f5572074b763457160c2c7ef72d9c093de4108fbe38670a26443f5774b14dbcd5ea5104b9af1309ba9ad8c44abfe05229277b7fdd5a33099aeefd055dcd2454d9232f712ad494778ac15754ac75bd49c9a105358bd4c025b91dd7ac03d58fccbfe30b45d5e5d7b6a910e5551f2936bb2e213fdca7163a30b70efea1b4396c51860c614a46f3"}, @NFSD_A_SOCK_ADDR={0x29, 0x1, "8df0b04eac8553f58910619a71fdf5d86a8d6589077f42d728850c58ea508f93a70de40011"}]}, @NFSD_A_SERVER_SOCK_ADDR={0x158, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_TRANSPORT_NAME={0xbd, 0x2, 'nfsd\x00\x1ds\xfd\xe3\x02\x16%\xd9\xb4\x95\x12P\xc0\xab\xf8\xf1\xac\xb2\x03\xcd\x18\xce\bV\xa8\x91\x8d\xbb\xbfr\x80\b\xd4dJ\xc0h\x90\xfd+\xae\xc4\x94\x86e\xa9\xf5\x14$\x80\x99b\x91\xfb!\xb6\xd7\xe4\xdf\r\x89\x87\xf4(oUr\xe7\xcc\xa37\x82^\x9f\xf3|W\xdbkw\x13?\x8c\x8e\x19,%U\xb6\x89\x06{\xf4h\x95\x0e\x0f\xce\x824\xde\xaea\xd5T\xb87\xc8\x18\xc1\xaeOf\xe4\x1eXsZ\xa8\x9f{K\xe7;\x8ede\xef\x83Q\xe3=\xe6O\xf5\xf3\x88i2\xedH^+\x8a\x1d\xd61h\x91\x8d\xf0N\xb1\xe8\x9f\xb8\xac\xdd5\x84+Xw\x9d\x89>\x915\xac\xd5\x9d\bI\xcf\xaeJf\xe7\xfa\x9a'}, @NFSD_A_SOCK_ADDR={0x8c, 0x1, "b8fc6c269a0abe79a46fa4c44c95ddcb6f16e440e83c09f8577b18dc0c0383d4aa09fb0dc4f3e55790de1b8932b55950ee639159a1aca13d56d4eeb90d377cde2f2c12af618c68e51ad75fecf3433b23087f526ab1d0326b53cd2cedecd3b15715d2ae5439c9623b0b98a96f123dd6779e53591e978024c1662de96c64e370f63377ad5f64ba38dd"}, @NFSD_A_SOCK_TRANSPORT_NAME={0x7, 0x2, '(,\x00'}]}]}, 0x2f0}, 0x1, 0x0, 0x0, 0x8c5}, 0x0) 4.668060846s ago: executing program 1 (id=695): socket$nl_generic(0x10, 0x3, 0x10) symlink$auto(0x0, &(0x7f0000000040)='./file0\x00') rename$auto(0x0, 0x0) r0 = io_uring_setup$auto(0x6, 0x0) signalfd$auto(r0, &(0x7f0000000180)={0x1}, 0x7) r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x4002, 0x9) renameat$auto(r0, &(0x7f0000000000)='./file0\x00', r1, &(0x7f0000000140)='./file0\x00') ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = gettid() mmap$auto(0x8000000000000, 0x5, 0xdf, 0x9b72, 0x7, 0x2) process_vm_writev$auto(r2, &(0x7f0000000000)={0x0, 0x7ff}, 0x3, &(0x7f0000000080)={0x0, 0x800007}, 0x4, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) clone$auto(0x2003b46, 0x5c8a, 0xfffffffffffffffc, 0x0, 0x9) unshare$auto(0x28) mmap$auto(0x0, 0x2020009, 0x81, 0xeb1, 0xfffffffffffffffa, 0x8000) bpf$auto(0xb, &(0x7f00000000c0)=@test={0xffffffffffffffff, 0xa, 0xa, 0x80000001, 0x108800000, 0xff, 0x6, 0x2be2a3fd, 0x7ffc, 0x10000, 0x2, 0x7, 0xfffff890, 0x1, 0x2}, 0x80) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80805, 0x0) socket(0x2, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x1fe, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) uname$auto(0x0) setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0x90) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) 4.226233281s ago: executing program 3 (id=696): ioperm$auto(0xaf, 0xe, 0x991b) memfd_create$auto(&(0x7f00000002c0)='IPVS\x00', 0x7) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x420202, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/loadavg\x00', 0x200, 0x0) read$auto_proc_single_file_operations_base(r2, &(0x7f0000000180)=""/52, 0x34) mmap$auto(0x1, 0xc, 0x9c12, 0xffffffffffffffff, 0x10006, 0x2ffffffffffd) mremap$auto(0x0, 0x8, 0x3fd7, 0x3, 0x8) mprotect$auto(0x1ffff000, 0x810002, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xef1, 0xfffffffffffffffa, 0x8000) read$auto(r0, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xfdef) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="110b27bd7000ffdbdf250900000008000300", @ANYRES32=0x0, @ANYBLOB="08000200", @ANYRES32=0x0, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x1000) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) socket(0xa, 0x801, 0x106) connect$auto(0x3, &(0x7f0000000140), 0x55) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x403, 0x8000) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) close_range$auto(0x0, 0xffffeffe, 0x2) pipe$auto(0x0) pipe$auto(0x0) tee$auto(0x2000000000000, 0x3, 0x3ff, 0x9) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x24, 0x0, 0x9) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) 3.997538605s ago: executing program 2 (id=697): mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a1942, 0x0) socket(0x2, 0x5, 0x0) socketpair$auto(0x1e, 0x1, 0x0, 0x0) ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, 0x0) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x8924, 0x0) 3.891335876s ago: executing program 1 (id=698): r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x161202, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x1e, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r1 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) io_uring_setup$auto(0x8, 0x0) ioctl$auto_USB_RAW_IOCTL_EP_READ(r1, 0xc0085508, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) ioctl$auto(r0, 0x5385, 0xbb1) 3.720797758s ago: executing program 2 (id=699): mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x2000c041) r0 = socket(0x2a, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000080), 0x6b) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000140)) connect$auto(r0, &(0x7f0000000040)=@tipc=@id={0x1e, 0x3, 0x3, {0x4e21}}, 0x6) recvfrom$auto(0xffffffffffffffff, 0x0, 0x0, 0x100, 0x0, 0xfffffffffffffffd) r1 = fcntl$auto(0xffffffffffffffff, 0x401, 0x5) write$auto(0x3, 0x0, 0xfffffdef) unshare$auto(0x40000080) socket(0xa, 0x3, 0x3a) epoll_wait$auto(r0, &(0x7f0000000000)={0x7, 0x800000000000009}, 0x7ff, 0x6) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x567) mmap$auto(0x0, 0x400008, 0xdf, 0x20009b70, 0x2, 0x2) sysfs$auto(0x2, 0x10000000000002d, 0x0) syz_genetlink_get_family_id$auto_ovs_datapath(0x0, r1) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) gettid() connect$auto(0xffffffffffffffff, 0x0, 0x55) mmap$auto(0x0, 0x6, 0x3, 0x16, 0x3, 0x8000) sendfile$auto(0x6, r0, 0x0, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r1, 0x7fff) mmap$auto(0x0, 0x27, 0xdf, 0x9b72, 0x1000, 0x28000) setrlimit$auto(0xb, 0x0) r2 = getpid() mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mincore$auto(0x1000, 0x8001, 0x0) r3 = gettid() rt_tgsigqueueinfo$auto(r2, r3, 0x21, 0x0) 3.717427429s ago: executing program 1 (id=700): r0 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) mmap$auto(0x0, 0xda, 0x1, 0xeb1, 0x40000000000a5, 0x8000) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, 0x0, 0x8800) recvfrom$auto(0x3, 0x0, 0x5, 0x101, 0x0, 0xfffffffffffffffd) open(0x0, 0xa61c2, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) write$auto(0x3, 0x0, 0xfffffdef) socket(0x8, 0x3, 0x101) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x105000, 0x0) move_pages$auto(0x0, 0xd0, 0x0, &(0x7f0000001140), 0x0, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) read$auto_qrtr_tun_ops_tun(0xffffffffffffffff, 0x0, 0x34) 3.300721313s ago: executing program 2 (id=701): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) keyctl$auto(0xe, 0x8000000000000000, 0x9b, 0x400000000004, 0xa) close_range$auto(0x2, 0x8, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x401c5820, 0x0) unshare$auto(0x40000080) clock_nanosleep$auto(0x2, 0x1000, 0x0, 0x0) msgctl$auto(0x5, 0x401, &(0x7f0000000280)={{0x0, 0xffffffffffffffff, 0x0, 0x2, 0x1000, 0x8000, 0xa}, &(0x7f0000000200)=0x3, 0x0, 0x7f, 0x8, 0xc313, 0x9, 0x7fffffffffffffff, 0x6a7b, 0x7, 0x4}) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x200, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000080)=0x3) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x48041, 0x0) write$auto(r1, 0x0, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x5, 0x8000) write$auto(0x3, 0x0, 0x5c8) r2 = socket$nl_generic(0x10, 0x3, 0x10) stat$auto(0x0, 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), r2) read$auto(r2, 0x0, 0x1f36) sendmsg$auto_NL80211_CMD_GET_WIPHY(r2, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r3, @ANYBLOB="810b25bd7080fbdbdf2501"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) open(0x0, 0x0, 0xe1d2b27bdc14aabc) r4 = socket(0x10, 0x2, 0x6) r5 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x2) timerfd_create$auto(0x9, 0x0) socket(0xa, 0x1, 0x0) setsockopt$auto(0x1, 0x6, 0x12, &(0x7f0000000040)='\x00\x89e\xad\x97\xc5\xe8\x91g\xc1\xceE\xea=\x0f\xf4\xba4\x05>y/21\xfd\'\xc7\x1c\xaeV`\xc7^\x05\"H\xb8\x12\x99\x1fF\xdc\xc4\x02FV\x04D&9?\xa8d\xc97B\x9f)\xc6\xbb\x15_\xfd\xa5\xaf\xf8\xb8\x8a\x186\xa9\x0eY;\x9a\xe32T\xddn\xa6zK\xef\xf7\x04\x81\xb4\xb7;\x12\x1ch$\xbd\xd1x\x15\xa8\x9c\xba\x83\xa7\xbdwf8\xc03z|\xcd\xbc\xa1+8\xcet\x960\a\x80\x88!\x9e\x96\xcd\xb5oB\xc1L\xb2\xb1\xe6\xf9\x92\xd4\xcd\v0|G\xb7\xc3+\xb5\xa9\xb4\x05>ry\xa1\xf1)#\xc0\x8d(', 0x8) sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x28, r5, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@NL802154_ATTR_IFNAME={0x14, 0x4, 'ip6erspan0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x20008000}, 0x8044) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.1/usb2/2-0:1.0/usb2-port1/disable\x00', 0x102, 0x0) sendfile$auto(r6, r6, 0x0, 0x7) 3.214741054s ago: executing program 3 (id=703): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd12\x00', 0x8001, 0x0) ioctl$auto_def_blk_fops_fs(r0, 0xab08, 0x0) (async) madvise$auto(0x4, 0x68, 0x3) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r1 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x302, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000002c80)='/proc/thread-self/net/rpc/nfsd.fh/channel\x00', 0x80, 0x0) ioctl$auto(r2, 0x400, 0x8) syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$auto_IMADDTIMER(r1, 0x80044940, 0x0) 2.900731945s ago: executing program 3 (id=705): setresuid$auto(0x2, 0xffffffffffffffff, 0x200) socket(0x2, 0x3, 0xa) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = pipe$auto(0x0) pipe$auto(0x0) read$auto(0x3, 0x0, 0x80) setsockopt$auto(0x3, 0x0, 0xa, 0x0, 0x10000) connect$auto(0x3, &(0x7f00000000c0), 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x3f00) mmap$auto(0x0, 0x400008, 0x400000000000df, 0x19, 0x2, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xc, 0x940, 0x1ffde, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x2, 0x7, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10]}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = socket(0x2, 0x1, 0x0) bind$auto(r2, &(0x7f0000000040)=@isdn={0x22, 0xe, 0x8, 0x8, 0x5}, 0x67) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd13\x00', 0x30c40, 0x0) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x2, 0xb}, 0x800009}, 0x5, 0x20000000) rseq$auto(0x0, 0x8000, 0x0, 0x6) geteuid() ioctl$auto__ctl_fops_dm_ioctl(r0, 0x5, &(0x7f0000000380)="f473e62cc102c049a7a0c6f04f3dc0fae624d2681dfcd792606ed2d5209f9279d133d3e21b216bba4a83588def7c7d5d4631ae02d06f073951a81f90575a378de2619623aaf81951c93b65dab6654929080eaae2cb1f19ae8c5082768b8d83b7c86fdfabaa14164ebd27e57c043ac29ada99a6f86a4c20b83fc3708c4264a03653305d45e8a128136eecb0d89ed8bcf7eaacd0c781eec7bce4cf1522f52bd2fc50b8c6bfb0a7bba621451690335f347eb13af4b091f9a40e01aaada288286518c9cac16f") 2.735938306s ago: executing program 1 (id=707): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) mmap$auto(0x0, 0x8, 0x4000000000df, 0x44eb1, 0x6, 0x300000000000) mmap$auto(0x0, 0x8, 0x4000000000df, 0x44eb1, 0x6, 0x300000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) mbind$auto(0xf400, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0) clone3$auto(0x0, 0x40) 2.553720921s ago: executing program 2 (id=708): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'ip6tnl0\x00', 0x0}) sendmsg$auto_MACSEC_CMD_UPD_OFFLOAD(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f00000012c0)=ANY=[@ANYBLOB="44010000", @ANYRES16=r1, @ANYBLOB="01002dbd7000fddbdf250a00000008000100", @ANYRES32=r3, @ANYBLOB="280109800c00ea006d61637365633000e7002e80ea546656278c93952f9101afd392a22ad5dee5c3d6fea5031c8d17ca812af7fe7b240d9f6a3469659743be1864c7db436e9e76d49111fd550a1ca8b35a7d9748c7374ce3c5ee0cb000d2af41cf3ff5ca2140a4345cd86d7fa409604cd47536c8c89ac53fcf904f2040e3fa588f7845d5a5a3c758d76a6ea3243d41523307b728c1eae2fae8f36da92dc889cdc79fd55c8d4d0ad53e9f9120101cf27eaf1d15ddb64f597c46cf34373303f61cfc19c15f173d7f0d2f6870beddf607a1ebd3b22caddd7f9fd609a1115beabcf4f867ddee569d307ebe1240f53b7999a06b1f915f882e7e0008004300", @ANYRES32, @ANYBLOB="0b0042006d6163736563000014002d00fc010000000000000000000000000001080001"], 0x144}, 0x1, 0x0, 0x0, 0x4040085}, 0x0) 2.290370703s ago: executing program 2 (id=709): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0xa, 0x5, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x0, @local}, 0x69) mmap$auto(0x6, 0x2020009, 0x100000003, 0xeb1, 0xfffffffffffffffa, 0x3) setsockopt$auto(0x3, 0x10000000084, 0x1e, 0x0, 0x8) mremap$auto(0x0, 0xffffffffffffffff, 0x401, 0x3, 0x7fffffffb000) prctl$auto(0x23, 0x7, 0xffffffffffffffff, 0xfffffffffffffffd, 0x0) epoll_create$auto(0x4) rename$auto(&(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000100)='./cgroup.cpu/cpuset.cpus\x00') mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = socket(0x2, 0x1, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000000800)='./file0\x00', 0x6041, 0x0) socket(0x2, 0x801, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0xfffffff7, 0x20000000) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x55) mmap$auto(0x0, 0x2000000000020006, 0x4000000000e3, 0x100000011, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48010}, 0x13d28836f4cdbd31) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) sysfs$auto(0x2, 0x10000000000002e, 0x0) r2 = fsopen$auto(0x0, 0x1) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, r2, 0x8000) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x200280, 0x0) socket(0x2, 0x80805, 0x6) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) 1.9048643s ago: executing program 3 (id=710): mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a1942, 0x0) socket(0x2, 0x5, 0x0) socketpair$auto(0x1e, 0x1, 0x0, 0x0) ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, 0x0) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x8924, 0x0) 988.072898ms ago: executing program 0 (id=711): socket$nl_generic(0x10, 0x3, 0x10) symlink$auto(0x0, &(0x7f0000000040)='./file0\x00') rename$auto(0x0, 0x0) r0 = io_uring_setup$auto(0x6, 0x0) signalfd$auto(r0, &(0x7f0000000180)={0x1}, 0x7) r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x4002, 0x9) renameat$auto(r0, &(0x7f0000000000)='./file0\x00', r1, &(0x7f0000000140)='./file0\x00') ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = gettid() mmap$auto(0x8000000000000, 0x5, 0xdf, 0x9b72, 0x7, 0x2) process_vm_writev$auto(r2, &(0x7f0000000000)={0x0, 0x7ff}, 0x3, &(0x7f0000000080)={0x0, 0x800007}, 0x4, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) clone$auto(0x2003b46, 0x5c8a, 0xfffffffffffffffc, 0x0, 0x9) unshare$auto(0x28) mmap$auto(0x0, 0x2020009, 0x81, 0xeb1, 0xfffffffffffffffa, 0x8000) bpf$auto(0xb, &(0x7f00000000c0)=@test={0xffffffffffffffff, 0xa, 0xa, 0x80000001, 0x108800000, 0xff, 0x6, 0x2be2a3fd, 0x7ffc, 0x10000, 0x2, 0x7, 0xfffff890, 0x1, 0x2}, 0x80) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80805, 0x0) socket(0x2, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x1fe, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) uname$auto(0x0) setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0x90) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) 987.939705ms ago: executing program 1 (id=712): r0 = socket(0x10, 0x2, 0xc) r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x2c, r1, 0x100, 0x70bd25, 0x25dfdbfe, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0xff}, @CTRL_ATTR_OP={0x8, 0xa, 0x16}, @CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={0x1c, r1, 0x100, 0x70bd29, 0x25dfdbfb, {0xa, 0x0, 0xa00}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0xfffd}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20044801}, 0x10004090) listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1) 987.76459ms ago: executing program 2 (id=713): mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x2000c041) r0 = socket(0x2a, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000080), 0x6b) connect$auto(0x3, &(0x7f00000000c0), 0x55) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) fcntl$auto(0xffffffffffffffff, 0x401, 0x5) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, 0x0, 0x40) write$auto(0x3, 0x0, 0xfffffdef) setsockopt$auto(0xffffffffffffffff, 0x4, 0x8001, 0x0, 0x2) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x10000000000002d, 0x0) syz_genetlink_get_family_id$auto_ovs_datapath(0x0, r0) mbind$auto(0x100000fff, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) r1 = gettid() connect$auto(0xffffffffffffffff, 0x0, 0x55) mmap$auto(0x0, 0x5, 0x3, 0x16, 0x3, 0x8000) sendfile$auto(0x6, 0xffffffffffffffff, 0x0, 0x8000) unshare$auto(0x40000080) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) madvise$auto(0x0, 0x20200, 0x15) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) fchdir$auto(0xffffffffffffffff) rmdir$auto(&(0x7f0000000340)='MAC80211_HWSIM\x00') process_vm_readv$auto(r1, &(0x7f0000000040)={0x0, 0x8}, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x6, 0x0) move_pages$auto(r1, 0x4, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x3, 0x0, 0x0) 986.857884ms ago: executing program 3 (id=719): mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a1942, 0x0) socket(0x2, 0x5, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TCFLSH2(r0, 0x8924, 0x0) 9.760459ms ago: executing program 0 (id=714): ioperm$auto(0xaf, 0xe, 0x991b) memfd_create$auto(&(0x7f00000002c0)='IPVS\x00', 0x7) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x420202, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/loadavg\x00', 0x200, 0x0) read$auto_proc_single_file_operations_base(r2, &(0x7f0000000180)=""/52, 0x34) mmap$auto(0x1, 0xc, 0x9c12, 0xffffffffffffffff, 0x10006, 0x2ffffffffffd) mremap$auto(0x0, 0x8, 0x3fd7, 0x3, 0x8) mprotect$auto(0x1ffff000, 0x810002, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xef1, 0xfffffffffffffffa, 0x8000) read$auto(r0, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xfdef) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="110b27bd7000ffdbdf250900000008000300", @ANYRES32=0x0, @ANYBLOB="08000200", @ANYRES32=0x0, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x1000) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) socket(0xa, 0x801, 0x106) connect$auto(0x3, &(0x7f0000000140), 0x55) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x403, 0x8000) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) close_range$auto(0x0, 0xffffeffe, 0x2) pipe$auto(0x0) pipe$auto(0x0) tee$auto(0x2000000000000, 0x3, 0x3ff, 0x9) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x24, 0x0, 0x9) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) 9.598886ms ago: executing program 1 (id=715): mmap$auto(0x0, 0x0, 0x1, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) fanotify_init$auto(0x5, 0x2000000000002) socket(0x2, 0x801, 0x100) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) socket(0x28, 0x6, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0xc4}, 0x6, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x2300, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x1e, 0x0) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/036/001\x00', 0xa901, 0x0) ioctl$auto(r0, 0x80045519, 0x4) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyz7\x00', 0x540401, 0x0) ioctl$auto(r1, 0x80045439, 0x553) 0s ago: executing program 3 (id=716): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) keyctl$auto(0xe, 0x8000000000000000, 0x9b, 0x400000000004, 0xa) close_range$auto(0x2, 0x8, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x401c5820, 0x0) unshare$auto(0x40000080) clock_nanosleep$auto(0x2, 0x1000, 0x0, 0x0) msgctl$auto(0x5, 0x401, &(0x7f0000000280)={{0x0, 0xffffffffffffffff, 0x0, 0x2, 0x1000, 0x8000, 0xa}, &(0x7f0000000200)=0x3, 0x0, 0x7f, 0x8, 0xc313, 0x9, 0x7fffffffffffffff, 0x6a7b, 0x7, 0x4}) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x200, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000080)=0x3) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x48041, 0x0) write$auto(r1, 0x0, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x5, 0x8000) write$auto(0x3, 0x0, 0x5c8) r2 = socket$nl_generic(0x10, 0x3, 0x10) stat$auto(0x0, 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), r2) read$auto(r2, 0x0, 0x1f36) sendmsg$auto_NL80211_CMD_GET_WIPHY(r2, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r3, @ANYBLOB="810b25bd7080fbdbdf2501"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) open(0x0, 0x0, 0xe1d2b27bdc14aabc) r4 = socket(0x10, 0x2, 0x6) r5 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x2) timerfd_create$auto(0x9, 0x0) socket(0xa, 0x1, 0x0) setsockopt$auto(0x1, 0x6, 0x12, &(0x7f0000000040)='\x00\x89e\xad\x97\xc5\xe8\x91g\xc1\xceE\xea=\x0f\xf4\xba4\x05>y/21\xfd\'\xc7\x1c\xaeV`\xc7^\x05\"H\xb8\x12\x99\x1fF\xdc\xc4\x02FV\x04D&9?\xa8d\xc97B\x9f)\xc6\xbb\x15_\xfd\xa5\xaf\xf8\xb8\x8a\x186\xa9\x0eY;\x9a\xe32T\xddn\xa6zK\xef\xf7\x04\x81\xb4\xb7;\x12\x1ch$\xbd\xd1x\x15\xa8\x9c\xba\x83\xa7\xbdwf8\xc03z|\xcd\xbc\xa1+8\xcet\x960\a\x80\x88!\x9e\x96\xcd\xb5oB\xc1L\xb2\xb1\xe6\xf9\x92\xd4\xcd\v0|G\xb7\xc3+\xb5\xa9\xb4\x05>ry\xa1\xf1)#\xc0\x8d(', 0x8) sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x28, r5, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@NL802154_ATTR_IFNAME={0x14, 0x4, 'ip6erspan0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x20008000}, 0x8044) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.1/usb2/2-0:1.0/usb2-port1/disable\x00', 0x102, 0x0) sendfile$auto(r6, r6, 0x0, 0x7) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.117' (ED25519) to the list of known hosts. [ 84.115698][ T5822] cgroup: Unknown subsys name 'net' [ 84.231531][ T5822] cgroup: Unknown subsys name 'cpuset' [ 84.241990][ T5822] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 85.955201][ T5822] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 87.972695][ T5834] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 87.992299][ T5841] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 88.001867][ T5841] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 88.010851][ T5841] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 88.020089][ T5845] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 88.039113][ T5846] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 88.043553][ T5843] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.053861][ T5846] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 88.055748][ T5843] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.068806][ T5843] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 88.076534][ T5843] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 88.084880][ T5843] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.092501][ T5843] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 88.092885][ T5841] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 88.101360][ T5843] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 88.108782][ T5841] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 88.121823][ T5841] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 88.121835][ T5843] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.148412][ T5841] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 88.157504][ T5841] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 88.165570][ T5841] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 88.166335][ T5843] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 88.180874][ T5841] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 88.190057][ T5841] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.524523][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 88.620584][ T5842] chnl_net:caif_netlink_parms(): no params data found [ 88.665596][ T5836] chnl_net:caif_netlink_parms(): no params data found [ 88.820914][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.830486][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.839765][ T5831] bridge_slave_0: entered allmulticast mode [ 88.848185][ T5831] bridge_slave_0: entered promiscuous mode [ 88.877558][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.884756][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.892495][ T5842] bridge_slave_0: entered allmulticast mode [ 88.900092][ T5842] bridge_slave_0: entered promiscuous mode [ 88.907274][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.914618][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.922469][ T5831] bridge_slave_1: entered allmulticast mode [ 88.929632][ T5831] bridge_slave_1: entered promiscuous mode [ 88.954351][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.961825][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.969168][ T5842] bridge_slave_1: entered allmulticast mode [ 88.976041][ T5842] bridge_slave_1: entered promiscuous mode [ 89.010291][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.031840][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 89.054680][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.065000][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.072460][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.079823][ T5836] bridge_slave_0: entered allmulticast mode [ 89.086859][ T5836] bridge_slave_0: entered promiscuous mode [ 89.101338][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.122478][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.129878][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.137095][ T5836] bridge_slave_1: entered allmulticast mode [ 89.144319][ T5836] bridge_slave_1: entered promiscuous mode [ 89.160783][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.218745][ T5831] team0: Port device team_slave_0 added [ 89.251287][ T5831] team0: Port device team_slave_1 added [ 89.269030][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.285453][ T5842] team0: Port device team_slave_0 added [ 89.304700][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.334915][ T5842] team0: Port device team_slave_1 added [ 89.343634][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.352116][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.361331][ T5837] bridge_slave_0: entered allmulticast mode [ 89.369988][ T5837] bridge_slave_0: entered promiscuous mode [ 89.379887][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.391455][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.418577][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.451831][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.459181][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.466376][ T5837] bridge_slave_1: entered allmulticast mode [ 89.474002][ T5837] bridge_slave_1: entered promiscuous mode [ 89.481002][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.488367][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.514831][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.581663][ T5836] team0: Port device team_slave_0 added [ 89.588829][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.595820][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.622665][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.635252][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.643830][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.672922][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.714362][ T5831] hsr_slave_0: entered promiscuous mode [ 89.721469][ T5831] hsr_slave_1: entered promiscuous mode [ 89.732304][ T5836] team0: Port device team_slave_1 added [ 89.755541][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.770365][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.801465][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.808613][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.834755][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.879802][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.887805][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.913846][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.928050][ T5837] team0: Port device team_slave_0 added [ 89.954056][ T5837] team0: Port device team_slave_1 added [ 89.974950][ T5842] hsr_slave_0: entered promiscuous mode [ 89.982806][ T5842] hsr_slave_1: entered promiscuous mode [ 89.989571][ T5842] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.997856][ T5842] Cannot create hsr debugfs directory [ 90.026748][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.034013][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.060850][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.104660][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.111881][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.139155][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.160885][ T5836] hsr_slave_0: entered promiscuous mode [ 90.168777][ T5841] Bluetooth: hci2: command tx timeout [ 90.168781][ T5838] Bluetooth: hci0: command tx timeout [ 90.174342][ T5836] hsr_slave_1: entered promiscuous mode [ 90.186145][ T5836] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.194102][ T5836] Cannot create hsr debugfs directory [ 90.247679][ T5841] Bluetooth: hci1: command tx timeout [ 90.247687][ T5838] Bluetooth: hci3: command tx timeout [ 90.294851][ T5837] hsr_slave_0: entered promiscuous mode [ 90.301632][ T5837] hsr_slave_1: entered promiscuous mode [ 90.309369][ T5837] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.317135][ T5837] Cannot create hsr debugfs directory [ 90.541774][ T5831] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 90.573775][ T5831] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 90.587215][ T5831] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 90.610691][ T5831] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 90.689205][ T5842] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 90.721984][ T5842] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 90.738241][ T5842] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 90.754913][ T5842] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 90.805231][ T5836] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 90.819894][ T5836] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 90.830499][ T5836] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 90.860831][ T5836] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 90.923092][ T5837] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 90.936358][ T5837] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 90.953681][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.964136][ T5837] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 90.984422][ T5837] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 91.026343][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.060865][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.068420][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.102657][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.109846][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.235440][ T5831] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 91.269402][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.286931][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.335302][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.370113][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.387988][ T5842] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.410730][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.417921][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.430791][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.438000][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.465813][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.473095][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.490831][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.498044][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.514344][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.545263][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.552417][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.582667][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.590280][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.636362][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.726639][ T5837] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 91.820836][ T5831] veth0_vlan: entered promiscuous mode [ 91.881265][ T5831] veth1_vlan: entered promiscuous mode [ 91.959711][ T5831] veth0_macvtap: entered promiscuous mode [ 91.989614][ T5831] veth1_macvtap: entered promiscuous mode [ 92.028428][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.072962][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.101325][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.116435][ T5831] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.130101][ T5831] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.140672][ T5831] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.149880][ T5831] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.219541][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.251208][ T5841] Bluetooth: hci0: command tx timeout [ 92.251222][ T5838] Bluetooth: hci2: command tx timeout [ 92.309094][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.327989][ T5841] Bluetooth: hci3: command tx timeout [ 92.333712][ T5841] Bluetooth: hci1: command tx timeout [ 92.348066][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.384965][ T5836] veth0_vlan: entered promiscuous mode [ 92.393806][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.468540][ T5837] veth0_vlan: entered promiscuous mode [ 92.474883][ T5836] veth1_vlan: entered promiscuous mode [ 92.524377][ T5842] veth0_vlan: entered promiscuous mode [ 92.539082][ T5837] veth1_vlan: entered promiscuous mode [ 92.556266][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.566025][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.569063][ T5842] veth1_vlan: entered promiscuous mode [ 92.614305][ T5836] veth0_macvtap: entered promiscuous mode [ 92.666746][ T5836] veth1_macvtap: entered promiscuous mode [ 92.712666][ T5831] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 92.733213][ T5837] veth0_macvtap: entered promiscuous mode [ 92.783415][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.810954][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.850312][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.886543][ T5842] veth0_macvtap: entered promiscuous mode [ 92.910304][ T5837] veth1_macvtap: entered promiscuous mode [ 92.919350][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.936132][ T5897] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1'. [ 92.945635][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.963728][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.976113][ T5842] veth1_macvtap: entered promiscuous mode [ 93.012512][ T5836] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.025608][ T5897] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1'. [ 93.035106][ T5836] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.045126][ T5836] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.061540][ T5836] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.283872][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.306403][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.324050][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.335185][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.352392][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.372174][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.383147][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.395999][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.406910][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.422641][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.434063][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.451657][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.479752][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.492515][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.502997][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.513659][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.525859][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.541972][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.553227][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.563455][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.574684][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.587067][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.597982][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.613529][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.646698][ T5842] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.656538][ T5842] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.666392][ T5842] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.675413][ T5842] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.692837][ T5837] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.701711][ T5837] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.710645][ T5837] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.719535][ T5837] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.748151][ T3001] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.756056][ T3001] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.839364][ T1109] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.852803][ T1109] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.937077][ T1109] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.951433][ T1109] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.026121][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.047607][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.148461][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.156747][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.210667][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.222242][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.328061][ T5841] Bluetooth: hci0: command tx timeout [ 94.328099][ T5838] Bluetooth: hci2: command tx timeout [ 94.408057][ T5838] Bluetooth: hci1: command tx timeout [ 94.413580][ T5838] Bluetooth: hci3: command tx timeout [ 94.523443][ T5899] sp0: Synchronizing with TNC [ 95.125421][ T5918] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7'. [ 95.172875][ T5903] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4'. [ 96.407922][ T5841] Bluetooth: hci2: command tx timeout [ 96.408365][ T5838] Bluetooth: hci0: command tx timeout [ 96.487830][ T5838] Bluetooth: hci3: command tx timeout [ 96.493473][ T5838] Bluetooth: hci1: command tx timeout [ 96.696875][ T5955] sp0: Synchronizing with TNC [ 96.802559][ T5958] netlink: 28 bytes leftover after parsing attributes in process `syz.1.20'. [ 97.465166][ T977] cfg80211: failed to load regulatory.db [ 97.717547][ T5957] netlink: 4 bytes leftover after parsing attributes in process `syz.0.18'. [ 98.129583][ T5977] netlink: 'syz.0.24': attribute type 64 has an invalid length. [ 98.178066][ T5977] netlink: 74 bytes leftover after parsing attributes in process `syz.0.24'. [ 98.260622][ T5973] Zero length message leads to an empty skb [ 98.703836][ T5972] Process accounting resumed [ 99.061270][ T6000] netlink: 28 bytes leftover after parsing attributes in process `syz.3.31'. [ 99.887398][ T6017] sp0: Synchronizing with TNC [ 100.365676][ T6014] netlink: 4 bytes leftover after parsing attributes in process `syz.2.33'. [ 101.718477][ T6025] Process accounting resumed [ 102.163922][ T6063] netlink: 28 bytes leftover after parsing attributes in process `syz.0.44'. [ 102.778281][ T6080] ima: policy update failed [ 102.784926][ T29] audit: type=1802 audit(1734741537.693:2): pid=6080 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.51" res=0 errno=0 [ 103.031717][ T6071] netlink: 4 bytes leftover after parsing attributes in process `syz.1.47'. [ 104.260071][ T6101] Process accounting resumed [ 105.133323][ T6128] netlink: 28 bytes leftover after parsing attributes in process `syz.3.63'. [ 105.326691][ T6132] netlink: 306 bytes leftover after parsing attributes in process `syz.1.66'. [ 105.391522][ T6135] netlink: 306 bytes leftover after parsing attributes in process `syz.1.66'. [ 105.761001][ T6140] can: request_module (can-proto-0) failed. [ 105.803491][ T6140] kernel read not supported for file /#)-\&[} (pid: 6140 comm: syz.1.67) [ 105.812351][ T29] audit: type=1804 audit(1734741540.713:3): pid=6140 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.67" name="#)-\&[}" dev="mqueue" ino=8265 res=1 errno=0 [ 105.863711][ T29] audit: type=1800 audit(1734741540.753:4): pid=6140 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.67" name="#)-\&[}" dev="mqueue" ino=8265 res=0 errno=0 [ 105.927538][ T29] audit: type=1804 audit(1734741540.763:5): pid=6140 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.67" name="#)-\&[}" dev="mqueue" ino=8265 res=1 errno=0 [ 105.973711][ T29] audit: type=1804 audit(1734741540.763:6): pid=6140 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.67" name="#)-\&[}" dev="mqueue" ino=8265 res=1 errno=0 [ 106.241521][ T6133] netlink: 4 bytes leftover after parsing attributes in process `syz.2.65'. [ 106.270352][ T6149] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 107.276415][ T6152] Process accounting resumed [ 108.915897][ T6205] MTRR 1 not used [ 109.173439][ T6210] netlink: 4 bytes leftover after parsing attributes in process `syz.2.91'. [ 109.993291][ T6230] syz.2.97 uses obsolete (PF_INET,SOCK_PACKET) [ 111.556560][ T6262] netlink: 342 bytes leftover after parsing attributes in process `syz.2.108'. [ 112.432873][ T6279] netlink: 334 bytes leftover after parsing attributes in process `syz.1.113'. [ 114.179862][ T6312] FAULT_INJECTION: forcing a failure. [ 114.179862][ T6312] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 114.206347][ T6312] CPU: 0 UID: 0 PID: 6312 Comm: syz.2.121 Not tainted 6.13.0-rc3-syzkaller-00193-ge9b8ffafd20a #0 [ 114.217075][ T6312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 114.227302][ T6312] Call Trace: [ 114.230833][ T6312] [ 114.233833][ T6312] dump_stack_lvl+0x16c/0x1f0 [ 114.239110][ T6312] should_fail_ex+0x497/0x5b0 [ 114.243976][ T6312] _copy_to_user+0x32/0xd0 [ 114.248646][ T6312] simple_read_from_buffer+0xd0/0x160 [ 114.254106][ T6312] proc_fail_nth_read+0x198/0x270 [ 114.259291][ T6312] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 114.264972][ T6312] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 114.270948][ T6312] vfs_read+0x1df/0xbe0 [ 114.275179][ T6312] ? __fget_files+0x1fc/0x3a0 [ 114.279919][ T6312] ? __pfx___mutex_lock+0x10/0x10 [ 114.286423][ T6312] ? __pfx_vfs_read+0x10/0x10 [ 114.291187][ T6312] ? __fget_files+0x206/0x3a0 [ 114.296211][ T6312] ksys_read+0x12b/0x250 [ 114.300761][ T6312] ? __pfx_ksys_read+0x10/0x10 [ 114.305588][ T6312] do_syscall_64+0xcd/0x250 [ 114.310348][ T6312] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.316399][ T6312] RIP: 0033:0x7fc47578473c [ 114.321041][ T6312] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 114.341677][ T6312] RSP: 002b:00007fc47651c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 114.350456][ T6312] RAX: ffffffffffffffda RBX: 00007fc475975fa0 RCX: 00007fc47578473c [ 114.358765][ T6312] RDX: 000000000000000f RSI: 00007fc47651c0a0 RDI: 0000000000000004 [ 114.366799][ T6312] RBP: 00007fc47651c090 R08: 0000000000000000 R09: 0000000000000000 [ 114.374900][ T6312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 114.383015][ T6312] R13: 0000000000000000 R14: 00007fc475975fa0 R15: 00007ffefb3763d8 [ 114.391250][ T6312] [ 115.272473][ T6326] mmap: syz.2.123 (6326) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 115.314947][ T6324] netlink: 28 bytes leftover after parsing attributes in process `syz.2.123'. [ 115.785409][ T6342] FAULT_INJECTION: forcing a failure. [ 115.785409][ T6342] name failslab, interval 1, probability 0, space 0, times 1 [ 115.817524][ T6342] CPU: 1 UID: 0 PID: 6342 Comm: syz.2.130 Not tainted 6.13.0-rc3-syzkaller-00193-ge9b8ffafd20a #0 [ 115.828314][ T6342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 115.838428][ T6342] Call Trace: [ 115.841752][ T6342] [ 115.844735][ T6342] dump_stack_lvl+0x16c/0x1f0 [ 115.849491][ T6342] should_fail_ex+0x497/0x5b0 [ 115.854250][ T6342] ? fs_reclaim_acquire+0xae/0x150 [ 115.859439][ T6342] should_failslab+0xc2/0x120 [ 115.864210][ T6342] __kmalloc_node_noprof+0xd1/0x520 [ 115.869495][ T6342] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 115.875099][ T6342] ? _copy_from_user+0x59/0xd0 [ 115.880146][ T6342] __kvmalloc_node_noprof+0xad/0x1a0 [ 115.885529][ T6342] __do_sys_listmount+0x1be/0xe90 [ 115.890645][ T6342] ? __pfx___do_sys_listmount+0x10/0x10 [ 115.896262][ T6342] ? ksys_write+0x1ba/0x250 [ 115.900821][ T6342] do_syscall_64+0xcd/0x250 [ 115.905371][ T6342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 115.911315][ T6342] RIP: 0033:0x7fc475785d29 [ 115.915762][ T6342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 115.935506][ T6342] RSP: 002b:00007fc47651c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 115.943970][ T6342] RAX: ffffffffffffffda RBX: 00007fc475975fa0 RCX: 00007fc475785d29 [ 115.951983][ T6342] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000020000100 [ 115.960013][ T6342] RBP: 00007fc47651c090 R08: 0000000000000000 R09: 0000000000000000 [ 115.968021][ T6342] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001 [ 115.976102][ T6342] R13: 0000000000000001 R14: 00007fc475975fa0 R15: 00007ffefb3763d8 [ 115.984236][ T6342] [ 117.811554][ T29] audit: type=1807 audit(1734741552.723:7): UNKNOWN=$ res=0 [ 117.834349][ T29] audit: type=1802 audit(1734741552.723:8): pid=6371 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.3.141" res=0 errno=0 [ 118.081012][ T6373] sg_write: process 105 (syz.3.141) changed security contexts after opening file descriptor, this is not allowed. [ 118.623905][ T6370] ima: policy update failed [ 118.640961][ T29] audit: type=1802 audit(1734741553.553:9): pid=6370 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.141" res=0 errno=0 [ 120.653446][ T29] audit: type=1807 audit(1734741555.563:10): UNKNOWN=$ res=0 [ 120.670294][ T29] audit: type=1802 audit(1734741555.563:11): pid=6415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.1.153" res=0 errno=0 [ 121.222829][ T6429] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 121.451822][ T6414] ima: policy update failed [ 121.473763][ T29] audit: type=1802 audit(1734741556.383:12): pid=6414 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.153" res=0 errno=0 [ 123.720341][ T29] audit: type=1807 audit(1734741558.633:13): UNKNOWN=$ res=0 [ 123.736145][ T29] audit: type=1802 audit(1734741558.633:14): pid=6478 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.169" res=0 errno=0 [ 123.826294][ T6479] batman_adv: Routing algorithm '' is not supported [ 124.548429][ T6477] ima: policy update failed [ 124.567495][ T29] audit: type=1802 audit(1734741559.473:15): pid=6477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.169" res=0 errno=0 [ 124.648419][ T6492] FAULT_INJECTION: forcing a failure. [ 124.648419][ T6492] name failslab, interval 1, probability 0, space 0, times 0 [ 124.753019][ T6492] CPU: 1 UID: 0 PID: 6492 Comm: syz.1.175 Not tainted 6.13.0-rc3-syzkaller-00193-ge9b8ffafd20a #0 [ 124.763798][ T6492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 124.773925][ T6492] Call Trace: [ 124.777275][ T6492] [ 124.780268][ T6492] dump_stack_lvl+0x16c/0x1f0 [ 124.785033][ T6492] should_fail_ex+0x497/0x5b0 [ 124.789801][ T6492] ? fs_reclaim_acquire+0xae/0x150 [ 124.795019][ T6492] should_failslab+0xc2/0x120 [ 124.799882][ T6492] __kmalloc_noprof+0xce/0x4f0 [ 124.804745][ T6492] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 124.810448][ T6492] ? tomoyo_realpath_from_path+0xbf/0x710 [ 124.816253][ T6492] ? rcu_is_watching+0x12/0xc0 [ 124.821194][ T6492] tomoyo_realpath_from_path+0xbf/0x710 [ 124.826848][ T6492] tomoyo_check_open_permission+0x2ad/0x3c0 [ 124.832846][ T6492] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 124.839453][ T6492] ? lock_acquire.part.0+0x11b/0x380 [ 124.844783][ T6492] ? find_held_lock+0x2d/0x110 [ 124.849625][ T6492] ? __pfx_hook_file_open+0x10/0x10 [ 124.854882][ T6492] ? lock_acquire+0x2f/0xb0 [ 124.859426][ T6492] tomoyo_file_open+0x6b/0x90 [ 124.864155][ T6492] security_file_open+0x84/0x1e0 [ 124.869171][ T6492] do_dentry_open+0x57e/0x1ea0 [ 124.874011][ T6492] ? inode_permission+0xdd/0x5f0 [ 124.879014][ T6492] vfs_open+0x82/0x3f0 [ 124.883133][ T6492] ? may_open+0x1f2/0x400 [ 124.887535][ T6492] path_openat+0x1e6a/0x2d60 [ 124.892287][ T6492] ? __pfx_path_openat+0x10/0x10 [ 124.897802][ T6492] ? __pfx___lock_acquire+0x10/0x10 [ 124.903433][ T6492] ? lock_acquire.part.0+0x11b/0x380 [ 124.908763][ T6492] ? find_held_lock+0x2d/0x110 [ 124.913661][ T6492] do_filp_open+0x20c/0x470 [ 124.918213][ T6492] ? __pfx_do_filp_open+0x10/0x10 [ 124.923281][ T6492] ? find_held_lock+0x2d/0x110 [ 124.928187][ T6492] ? alloc_fd+0x41f/0x760 [ 124.932581][ T6492] do_sys_openat2+0x17a/0x1e0 [ 124.937357][ T6492] ? __pfx_do_sys_openat2+0x10/0x10 [ 124.942607][ T6492] ? __fget_files+0x206/0x3a0 [ 124.947337][ T6492] __x64_sys_openat+0x175/0x210 [ 124.952337][ T6492] ? __pfx___x64_sys_openat+0x10/0x10 [ 124.957762][ T6492] ? ksys_write+0x1ba/0x250 [ 124.962316][ T6492] do_syscall_64+0xcd/0x250 [ 124.966866][ T6492] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.972812][ T6492] RIP: 0033:0x7f0756985d29 [ 124.977266][ T6492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.996926][ T6492] RSP: 002b:00007f07577ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 125.005400][ T6492] RAX: ffffffffffffffda RBX: 00007f0756b75fa0 RCX: 00007f0756985d29 [ 125.013542][ T6492] RDX: 0000000000000040 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 125.021651][ T6492] RBP: 00007f07577ad090 R08: 0000000000000000 R09: 0000000000000000 [ 125.029655][ T6492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 125.037662][ T6492] R13: 0000000000000001 R14: 00007f0756b75fa0 R15: 00007ffcc3ad0f18 [ 125.045806][ T6492] [ 125.061059][ T6492] ERROR: Out of memory at tomoyo_realpath_from_path. [ 125.758723][ T6514] ima: Unable to open file: /«ï‘%í¢=Hw#_é>…àj (-2) [ 125.759074][ T6512] ima: policy update failed [ 125.787809][ T29] audit: type=1802 audit(1734741560.703:16): pid=6512 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.183" res=0 errno=0 [ 126.192574][ T6521] batman_adv: Routing algorithm '' is not supported [ 126.281064][ T29] audit: type=1807 audit(1734741561.193:17): UNKNOWN=$ res=0 [ 126.295651][ T29] audit: type=1802 audit(1734741561.193:18): pid=6525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.186" res=0 errno=0 [ 126.932267][ T6533] netlink: 8 bytes leftover after parsing attributes in process `syz.3.189'. [ 127.110628][ T6524] ima: policy update failed [ 127.115398][ T29] audit: type=1802 audit(1734741562.023:19): pid=6524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.186" res=0 errno=0 [ 127.357029][ T6542] FAULT_INJECTION: forcing a failure. [ 127.357029][ T6542] name failslab, interval 1, probability 0, space 0, times 0 [ 127.389495][ T6542] CPU: 0 UID: 0 PID: 6542 Comm: syz.2.191 Not tainted 6.13.0-rc3-syzkaller-00193-ge9b8ffafd20a #0 [ 127.400371][ T6542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 127.410583][ T6542] Call Trace: [ 127.413924][ T6542] [ 127.417459][ T6542] dump_stack_lvl+0x16c/0x1f0 [ 127.422360][ T6542] should_fail_ex+0x497/0x5b0 [ 127.427306][ T6542] ? fs_reclaim_acquire+0xae/0x150 [ 127.432730][ T6542] should_failslab+0xc2/0x120 [ 127.437592][ T6542] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 127.443488][ T6542] ? __alloc_skb+0x2b3/0x380 [ 127.448265][ T6542] __alloc_skb+0x2b3/0x380 [ 127.452762][ T6542] ? __pfx___alloc_skb+0x10/0x10 [ 127.457785][ T6542] ? rcu_is_watching+0x12/0xc0 [ 127.462620][ T6542] ? trace_kmem_cache_alloc+0x2d/0xd0 [ 127.468079][ T6542] ? kmem_cache_alloc_noprof+0x21b/0x3b0 [ 127.473790][ T6542] ? audit_log_start+0x2bc/0x7e0 [ 127.478839][ T6542] audit_log_start+0x2e1/0x7e0 [ 127.483715][ T6542] ? __pfx_audit_log_start+0x10/0x10 [ 127.489126][ T6542] ima_parse_add_rule+0x293/0x4560 [ 127.494337][ T6542] ? __mutex_trylock_common+0xea/0x250 [ 127.499874][ T6542] ? __pfx___mutex_trylock_common+0x10/0x10 [ 127.506107][ T6542] ? ima_write_policy+0x155/0x4e0 [ 127.512831][ T6542] ? rcu_is_watching+0x12/0xc0 [ 127.517766][ T6542] ? trace_contention_end+0xee/0x140 [ 127.523884][ T6542] ? __pfx_ima_parse_add_rule+0x10/0x10 [ 127.529516][ T6542] ? ima_write_policy+0x155/0x4e0 [ 127.534907][ T6542] ? __pfx_lock_release+0x10/0x10 [ 127.540970][ T6542] ? __pfx___mutex_lock+0x10/0x10 [ 127.546064][ T6542] ? lock_acquire+0x2f/0xb0 [ 127.550739][ T6542] ? __might_fault+0xe3/0x190 [ 127.556377][ T6542] ? ima_write_policy+0x20d/0x4e0 [ 127.561874][ T6542] ima_write_policy+0x20d/0x4e0 [ 127.566957][ T6542] ? __pfx_ima_write_policy+0x10/0x10 [ 127.572850][ T6542] ? trace_lock_acquire+0x14e/0x1f0 [ 127.578510][ T6542] ? ksys_write+0x12b/0x250 [ 127.583445][ T6542] ? __pfx_ima_write_policy+0x10/0x10 [ 127.588969][ T6542] vfs_write+0x24c/0x1150 [ 127.593366][ T6542] ? __fget_files+0x1fc/0x3a0 [ 127.598101][ T6542] ? __pfx___mutex_lock+0x10/0x10 [ 127.603187][ T6542] ? __pfx_vfs_write+0x10/0x10 [ 127.608007][ T6542] ? __fget_files+0x206/0x3a0 [ 127.612821][ T6542] ksys_write+0x12b/0x250 [ 127.617197][ T6542] ? __pfx_ksys_write+0x10/0x10 [ 127.622250][ T6542] do_syscall_64+0xcd/0x250 [ 127.626812][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.632787][ T6542] RIP: 0033:0x7fc475785d29 [ 127.637262][ T6542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 127.657099][ T6542] RSP: 002b:00007fc47651c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 127.665560][ T6542] RAX: ffffffffffffffda RBX: 00007fc475975fa0 RCX: 00007fc475785d29 [ 127.673783][ T6542] RDX: 0000000000000013 RSI: 0000000020000080 RDI: 0000000000000003 [ 127.681907][ T6542] RBP: 00007fc47651c090 R08: 0000000000000000 R09: 0000000000000000 [ 127.689924][ T6542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 127.698019][ T6542] R13: 0000000000000000 R14: 00007fc475975fa0 R15: 00007ffefb3763d8 [ 127.706053][ T6542] [ 127.736152][ T6542] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 127.764113][ T6542] audit: out of memory in audit_log_start [ 127.782643][ T29] audit: type=1802 audit(1734741562.693:20): pid=6542 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.191" res=0 errno=0 [ 127.816300][ T6537] ima: policy update failed [ 128.036493][ T6547] batman_adv: Routing algorithm '' is not supported [ 128.823539][ T6579] binder: 6578:6579 ioctl c0105512 1 returned -22 [ 129.067973][ T6561] Process accounting paused [ 129.954158][ T6619] mkiss: ax0: crc mode is auto. [ 130.244370][ T6628] FAULT_INJECTION: forcing a failure. [ 130.244370][ T6628] name failslab, interval 1, probability 0, space 0, times 0 [ 130.264535][ T6623] batman_adv: Routing algorithm '' is not supported [ 130.271407][ T6628] CPU: 0 UID: 0 PID: 6628 Comm: syz.3.212 Not tainted 6.13.0-rc3-syzkaller-00193-ge9b8ffafd20a #0 [ 130.282075][ T6628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 130.292190][ T6628] Call Trace: [ 130.295514][ T6628] [ 130.298495][ T6628] dump_stack_lvl+0x16c/0x1f0 [ 130.303248][ T6628] should_fail_ex+0x497/0x5b0 [ 130.307998][ T6628] ? fs_reclaim_acquire+0xae/0x150 [ 130.313180][ T6628] should_failslab+0xc2/0x120 [ 130.317948][ T6628] __kmalloc_noprof+0xce/0x4f0 [ 130.322794][ T6628] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 130.328523][ T6628] ? tomoyo_realpath_from_path+0xbf/0x710 [ 130.334342][ T6628] tomoyo_realpath_from_path+0xbf/0x710 [ 130.339971][ T6628] ? tomoyo_path_number_perm+0x235/0x5b0 [ 130.345710][ T6628] tomoyo_path_number_perm+0x248/0x5b0 [ 130.351336][ T6628] ? tomoyo_path_number_perm+0x235/0x5b0 [ 130.357144][ T6628] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 130.363347][ T6628] ? __pfx_lock_release+0x10/0x10 [ 130.368445][ T6628] ? trace_lock_acquire+0x14e/0x1f0 [ 130.373738][ T6628] ? lock_acquire+0x2f/0xb0 [ 130.378337][ T6628] ? __fget_files+0x40/0x3a0 [ 130.383005][ T6628] ? __fget_files+0x206/0x3a0 [ 130.387763][ T6628] security_file_ioctl+0x9b/0x240 [ 130.392861][ T6628] __x64_sys_ioctl+0xb7/0x200 [ 130.397606][ T6628] do_syscall_64+0xcd/0x250 [ 130.402202][ T6628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.408178][ T6628] RIP: 0033:0x7f4c58f85d29 [ 130.412655][ T6628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.432329][ T6628] RSP: 002b:00007f4c59d1e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 130.440812][ T6628] RAX: ffffffffffffffda RBX: 00007f4c59175fa0 RCX: 00007f4c58f85d29 [ 130.448849][ T6628] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000007 [ 130.456970][ T6628] RBP: 00007f4c59d1e090 R08: 0000000000000000 R09: 0000000000000000 [ 130.465008][ T6628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 130.473044][ T6628] R13: 0000000000000000 R14: 00007f4c59175fa0 R15: 00007ffc0ce077b8 [ 130.481196][ T6628] [ 130.493988][ T6628] ERROR: Out of memory at tomoyo_realpath_from_path. [ 130.515558][ T6628] mkiss: ax0: crc mode is auto. [ 130.574082][ T6632] binder: 6631:6632 ioctl c0105512 1 returned -22 [ 131.337724][ T6651] erspan0: entered allmulticast mode [ 131.598996][ T6659] netlink: zone id is out of range [ 131.604493][ T6659] netlink: zone id is out of range [ 131.663616][ T6659] netlink: zone id is out of range [ 131.695086][ T6659] netlink: get zone limit has 4 unknown bytes [ 132.025996][ T6665] erspan0: entered allmulticast mode [ 132.223982][ T6675] binder: 6673:6675 ioctl c0105512 1 returned -22 [ 132.454037][ T6669] Process accounting paused [ 132.558112][ T6682] FAULT_INJECTION: forcing a failure. [ 132.558112][ T6682] name failslab, interval 1, probability 0, space 0, times 0 [ 132.584260][ T6682] CPU: 0 UID: 0 PID: 6682 Comm: syz.3.230 Not tainted 6.13.0-rc3-syzkaller-00193-ge9b8ffafd20a #0 [ 132.594979][ T6682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 132.605106][ T6682] Call Trace: [ 132.608437][ T6682] [ 132.611507][ T6682] dump_stack_lvl+0x16c/0x1f0 [ 132.616267][ T6682] should_fail_ex+0x497/0x5b0 [ 132.621130][ T6682] should_failslab+0xc2/0x120 [ 132.625892][ T6682] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 132.631524][ T6682] ? skb_clone+0x190/0x3f0 [ 132.636046][ T6682] skb_clone+0x190/0x3f0 [ 132.640380][ T6682] netlink_deliver_tap+0xafd/0xca0 [ 132.645565][ T6682] netlink_unicast+0x5e1/0x7f0 [ 132.650383][ T6682] ? __pfx_netlink_unicast+0x10/0x10 [ 132.655711][ T6682] ? __phys_addr_symbol+0x30/0x80 [ 132.660778][ T6682] ? __check_object_size+0x488/0x710 [ 132.666120][ T6682] netlink_sendmsg+0x8b8/0xd70 [ 132.670933][ T6682] ? __pfx_netlink_sendmsg+0x10/0x10 [ 132.676278][ T6682] ____sys_sendmsg+0x9ae/0xb40 [ 132.681174][ T6682] ? copy_msghdr_from_user+0x10b/0x160 [ 132.686740][ T6682] ? __pfx_____sys_sendmsg+0x10/0x10 [ 132.692083][ T6682] ___sys_sendmsg+0x135/0x1e0 [ 132.696821][ T6682] ? __pfx____sys_sendmsg+0x10/0x10 [ 132.702266][ T6682] ? __pfx_lock_release+0x10/0x10 [ 132.707500][ T6682] ? trace_lock_acquire+0x14e/0x1f0 [ 132.712756][ T6682] ? __fget_files+0x206/0x3a0 [ 132.717481][ T6682] __sys_sendmsg+0x16e/0x220 [ 132.722145][ T6682] ? __pfx___sys_sendmsg+0x10/0x10 [ 132.727361][ T6682] do_syscall_64+0xcd/0x250 [ 132.731911][ T6682] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 132.737846][ T6682] RIP: 0033:0x7f4c58f85d29 [ 132.742295][ T6682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 132.761953][ T6682] RSP: 002b:00007f4c59d1e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 132.770410][ T6682] RAX: ffffffffffffffda RBX: 00007f4c59175fa0 RCX: 00007f4c58f85d29 [ 132.778431][ T6682] RDX: 0000000000000010 RSI: 0000000020003e40 RDI: 0000000000000003 [ 132.786453][ T6682] RBP: 00007f4c59d1e090 R08: 0000000000000000 R09: 0000000000000000 [ 132.794520][ T6682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 132.802523][ T6682] R13: 0000000000000000 R14: 00007f4c59175fa0 R15: 00007ffc0ce077b8 [ 132.810563][ T6682] [ 132.908405][ T6680] synth uevent: /module/vxlan: unknown uevent action string [ 132.918540][ T6680] synth uevent: /module/vxlan: unknown uevent action string [ 133.007314][ T6682] netlink: zone id is out of range [ 133.007357][ T6682] netlink: zone id is out of range [ 133.007370][ T6682] netlink: zone id is out of range [ 133.007383][ T6682] netlink: get zone limit has 4 unknown bytes [ 133.395537][ T6694] netlink: 1 bytes leftover after parsing attributes in process `syz.2.232'. syzkaller syzkaller login: [ 134.335150][ T6713] binder: 6712:6713 ioctl c0105512 1 returned -22 [ 134.689710][ T6718] mkiss: ax0: crc mode is auto. [ 134.868061][ T6720] Process accounting paused [ 135.137530][ T6728] binder: 6725:6728 ioctl c0105512 1 returned -22 [ 136.126762][ T6734] synth uevent: /module/vxlan: unknown uevent action string [ 136.137112][ T6734] synth uevent: /module/vxlan: unknown uevent action string [ 136.188715][ T6750] FAULT_INJECTION: forcing a failure. [ 136.188715][ T6750] name failslab, interval 1, probability 0, space 0, times 0 syzkaller syzkaller login: [ 136.298163][ T6750] CPU: 1 UID: 0 PID: 6750 Comm: syz.2.246 Not tainted 6.13.0-rc3-syzkaller-00193-ge9b8ffafd20a #0 [ 136.308872][ T6750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 136.319010][ T6750] Call Trace: [ 136.322379][ T6750] [ 136.325457][ T6750] dump_stack_lvl+0x16c/0x1f0 [ 136.330227][ T6750] should_fail_ex+0x497/0x5b0 [ 136.335017][ T6750] ? fs_reclaim_acquire+0xae/0x150 [ 136.340209][ T6750] should_failslab+0xc2/0x120 [ 136.344979][ T6750] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 136.350975][ T6750] ? __alloc_skb+0x2b3/0x380 [ 136.355662][ T6750] __alloc_skb+0x2b3/0x380 [ 136.360161][ T6750] ? __pfx___alloc_skb+0x10/0x10 [ 136.365245][ T6750] ? lock_acquire+0x2f/0xb0 [ 136.369814][ T6750] netlink_alloc_large_skb+0x69/0x130 [ 136.375313][ T6750] netlink_sendmsg+0x689/0xd70 [ 136.380117][ T6750] ? __pfx_netlink_sendmsg+0x10/0x10 [ 136.385447][ T6750] ____sys_sendmsg+0x9ae/0xb40 [ 136.390250][ T6750] ? copy_msghdr_from_user+0x10b/0x160 [ 136.395767][ T6750] ? __pfx_____sys_sendmsg+0x10/0x10 [ 136.401105][ T6750] ___sys_sendmsg+0x135/0x1e0 [ 136.405833][ T6750] ? __pfx____sys_sendmsg+0x10/0x10 [ 136.411091][ T6750] ? __pfx_lock_release+0x10/0x10 [ 136.416235][ T6750] ? trace_lock_acquire+0x14e/0x1f0 [ 136.421501][ T6750] ? __fget_files+0x206/0x3a0 [ 136.426259][ T6750] __sys_sendmsg+0x16e/0x220 [ 136.430898][ T6750] ? __pfx___sys_sendmsg+0x10/0x10 [ 136.436434][ T6750] do_syscall_64+0xcd/0x250 [ 136.440989][ T6750] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.446928][ T6750] RIP: 0033:0x7fc475785d29 [ 136.451372][ T6750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 136.471024][ T6750] RSP: 002b:00007fc4764fb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 136.479476][ T6750] RAX: ffffffffffffffda RBX: 00007fc475976080 RCX: 00007fc475785d29 [ 136.487479][ T6750] RDX: 0000000020000000 RSI: 0000000020005380 RDI: 0000000000000003 [ 136.495504][ T6750] RBP: 00007fc4764fb090 R08: 0000000000000000 R09: 0000000000000000 [ 136.503505][ T6750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 136.511508][ T6750] R13: 0000000000000001 R14: 00007fc475976080 R15: 00007ffefb3763d8 [ 136.519524][ T6750] [ 136.638199][ T6751] mkiss: ax0: crc mode is auto. [ 136.732957][ T6744] syz.3.245 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 137.349835][ T6764] Process accounting paused [ 138.414586][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.423397][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.480821][ T6787] FAULT_INJECTION: forcing a failure. [ 138.480821][ T6787] name failslab, interval 1, probability 0, space 0, times 0 [ 138.503263][ T6787] CPU: 1 UID: 0 PID: 6787 Comm: syz.1.257 Not tainted 6.13.0-rc3-syzkaller-00193-ge9b8ffafd20a #0 [ 138.514534][ T6787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 138.524837][ T6787] Call Trace: [ 138.528188][ T6787] [ 138.531190][ T6787] dump_stack_lvl+0x16c/0x1f0 [ 138.535959][ T6787] should_fail_ex+0x497/0x5b0 [ 138.540720][ T6787] ? fs_reclaim_acquire+0xae/0x150 [ 138.545945][ T6787] should_failslab+0xc2/0x120 [ 138.550722][ T6787] __kmalloc_node_track_caller_noprof+0xcf/0x520 [ 138.557246][ T6787] ? bitmap_parse_user+0x24/0x90 [ 138.562285][ T6787] memdup_user_nul+0x2b/0x110 [ 138.567056][ T6787] bitmap_parse_user+0x24/0x90 [ 138.571919][ T6787] tracing_cpumask_write+0xfc/0x1a0 [ 138.577208][ T6787] ? __pfx_tracing_cpumask_write+0x10/0x10 [ 138.583107][ T6787] ? ksys_write+0x12b/0x250 [ 138.587699][ T6787] ? __pfx_tracing_cpumask_write+0x10/0x10 [ 138.593605][ T6787] vfs_write+0x24c/0x1150 [ 138.598018][ T6787] ? __fget_files+0x1fc/0x3a0 [ 138.602787][ T6787] ? __pfx___mutex_lock+0x10/0x10 [ 138.607910][ T6787] ? __pfx_vfs_write+0x10/0x10 [ 138.612773][ T6787] ? __fget_files+0x206/0x3a0 [ 138.617548][ T6787] ksys_write+0x12b/0x250 [ 138.621960][ T6787] ? __pfx_ksys_write+0x10/0x10 [ 138.626902][ T6787] do_syscall_64+0xcd/0x250 [ 138.631494][ T6787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.637472][ T6787] RIP: 0033:0x7f0756985d29 [ 138.641954][ T6787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.661720][ T6787] RSP: 002b:00007f07577ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 138.670221][ T6787] RAX: ffffffffffffffda RBX: 00007f0756b75fa0 RCX: 00007f0756985d29 [ 138.678618][ T6787] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 138.686658][ T6787] RBP: 00007f07577ad090 R08: 0000000000000000 R09: 0000000000000000 [ 138.694697][ T6787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 138.702748][ T6787] R13: 0000000000000000 R14: 00007f0756b75fa0 R15: 00007ffcc3ad0f18 [ 138.710801][ T6787] [ 139.174995][ T6794] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 syzkaller syzkaller login: [ 139.811362][ T6796] ======================================================= [ 139.811362][ T6796] WARNING: The mand mount option has been deprecated and [ 139.811362][ T6796] and is ignored by this kernel. Remove the mand [ 139.811362][ T6796] option from the mount to silence this warning. [ 139.811362][ T6796] ======================================================= [ 140.209061][ T6805] synth uevent: /module/vxlan: unknown uevent action string [ 140.258170][ T6805] synth uevent: /module/vxlan: unknown uevent action string [ 144.810818][ T6871] synth uevent: /module/vxlan: unknown uevent action string [ 145.237494][ T6867] synth uevent: /module/vxlan: unknown uevent action string [ 147.434532][ T6905] netlink: 85 bytes leftover after parsing attributes in process `syz.3.288'. [ 148.481086][ T6915] mkiss: ax0: crc mode is auto. [ 149.575730][ T6921] mkiss: ax0: crc mode is auto. [ 151.364202][ T6946] synth uevent: /module/vxlan: unknown uevent action string [ 151.431669][ T6946] synth uevent: /module/vxlan: unknown uevent action string [ 151.477397][ T6945] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 151.483880][ T6945] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 151.886883][ T6942] kexec: Could not allocate control_code_buffer [ 151.950983][ T6945] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 152.045306][ T6945] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 152.117571][ T6945] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 152.248628][ T6945] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 152.495694][ T6945] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 152.532144][ T6945] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 152.739402][ T6945] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 152.842330][ T6945] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 152.860466][ T6963] netlink: 334 bytes leftover after parsing attributes in process `syz.0.305'. [ 152.869764][ T6945] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 152.887028][ T6945] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 153.047983][ T5841] Bluetooth: hci0: command 0x0c1a tx timeout [ 154.087691][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout [ 154.132068][ T6982] sp0: Synchronizing with TNC [ 154.567494][ T5841] Bluetooth: hci1: command 0x0c1a tx timeout [ 154.887549][ T5841] Bluetooth: hci3: command 0x0c1a tx timeout [ 155.137521][ T5841] Bluetooth: hci0: command 0x0c1a tx timeout [ 156.168103][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout [ 156.340849][ T7009] netlink: 28 bytes leftover after parsing attributes in process `syz.2.318'. [ 156.647386][ T5841] Bluetooth: hci1: command 0x0c1a tx timeout [ 156.968788][ T5841] Bluetooth: hci3: command 0x0c1a tx timeout [ 157.207484][ T5841] Bluetooth: hci0: command 0x0c1a tx timeout [ 158.253631][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout [ 158.434072][ T7031] netlink: 296 bytes leftover after parsing attributes in process `syz.2.322'. [ 158.727466][ T5841] Bluetooth: hci1: command 0x0c1a tx timeout [ 159.048020][ T5841] Bluetooth: hci3: command 0x0c1a tx timeout [ 159.469925][ T7030] Process accounting resumed [ 159.905466][ T7041] netlink: 28 bytes leftover after parsing attributes in process `syz.3.325'. [ 160.123180][ T7041] netdevsim netdevsim3 netdevsim2: entered allmulticast mode [ 161.154016][ T7078] netlink: 346 bytes leftover after parsing attributes in process `syz.3.335'. [ 161.183940][ T7078] tmpfs: Unknown parameter '€' [ 161.298311][ T7080] sp0: Synchronizing with TNC [ 161.410803][ T7083] svc: failed to register nfsdv3 RPC service (errno 111). [ 161.427196][ T7083] svc: failed to register nfsaclv3 RPC service (errno 111). [ 161.706795][ T7081] netlink: 28 bytes leftover after parsing attributes in process `syz.2.336'. [ 161.981161][ T7094] [U] [ 161.984273][ T7094] [U] [ 161.987052][ T7094] [U] [ 161.989831][ T7094] [U] [ 162.018086][ T7094] [U] [ 162.020905][ T7094] [U] [ 162.023688][ T7094] [U] [ 162.026461][ T7094] [U] [ 162.053767][ T7094] [U] [ 162.056585][ T7094] [U] [ 162.059363][ T7094] [U] [ 162.062136][ T7094] [U] [ 162.101532][ T7094] [U] [ 162.104355][ T7094] [U] [ 162.107173][ T7094] [U] [ 162.109939][ T7094] [U] [ 162.173131][ T7096] [U] [ 162.484227][ T7109] nbd: must specify at least one socket [ 162.994257][ T7121] svc: failed to register nfsdv3 RPC service (errno 111). [ 163.014882][ T7124] netlink: 4 bytes leftover after parsing attributes in process `syz.0.355'. [ 163.023077][ T7121] svc: failed to register nfsaclv3 RPC service (errno 111). [ 163.214705][ T7085] Process accounting resumed [ 163.336792][ T7130] netlink: 4 bytes leftover after parsing attributes in process `syz.3.348'. [ 163.539718][ T7134] sp0: Synchronizing with TNC [ 164.225969][ T7136] netlink: 28 bytes leftover after parsing attributes in process `syz.1.350'. [ 164.761844][ T7167] svc: failed to register nfsdv3 RPC service (errno 111). [ 164.817866][ T7167] svc: failed to register nfsaclv3 RPC service (errno 111). [ 164.859855][ T7171] netlink: 4 bytes leftover after parsing attributes in process `syz.2.361'. [ 164.913486][ T7150] Process accounting resumed [ 165.105722][ T7177] sp0: Synchronizing with TNC [ 166.705081][ T7194] netlink: 28 bytes leftover after parsing attributes in process `syz.0.368'. [ 167.165680][ T7212] netlink: 4 bytes leftover after parsing attributes in process `syz.3.374'. [ 167.413082][ T7215] sp0: Synchronizing with TNC [ 167.480251][ T7216] svc: failed to register nfsdv3 RPC service (errno 111). [ 167.538286][ T7216] svc: failed to register nfsaclv3 RPC service (errno 111). [ 167.684884][ T7215] Process accounting resumed [ 168.148615][ T7231] FAULT_INJECTION: forcing a failure. [ 168.148615][ T7231] name failslab, interval 1, probability 0, space 0, times 0 [ 168.209081][ T7231] CPU: 1 UID: 0 PID: 7231 Comm: syz.1.378 Not tainted 6.13.0-rc3-syzkaller-00193-ge9b8ffafd20a #0 [ 168.219853][ T7231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 168.230057][ T7231] Call Trace: [ 168.233496][ T7231] [ 168.236512][ T7231] dump_stack_lvl+0x16c/0x1f0 [ 168.241404][ T7231] should_fail_ex+0x497/0x5b0 [ 168.246253][ T7231] ? fs_reclaim_acquire+0xae/0x150 [ 168.251454][ T7231] should_failslab+0xc2/0x120 [ 168.256219][ T7231] __kmalloc_cache_noprof+0x68/0x420 [ 168.261595][ T7231] copy_mount_options+0x55/0x190 [ 168.266711][ T7231] __x64_sys_mount+0x1ad/0x320 [ 168.271564][ T7231] ? __pfx___x64_sys_mount+0x10/0x10 [ 168.277040][ T7231] do_syscall_64+0xcd/0x250 [ 168.281629][ T7231] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.287611][ T7231] RIP: 0033:0x7f0756985d29 [ 168.292086][ T7231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 168.311857][ T7231] RSP: 002b:00007f07577ad038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 168.320448][ T7231] RAX: ffffffffffffffda RBX: 00007f0756b75fa0 RCX: 00007f0756985d29 [ 168.328486][ T7231] RDX: 0000000000000000 RSI: 9999999999999999 RDI: 0000000000000000 [ 168.336508][ T7231] RBP: 00007f07577ad090 R08: 9999999999999999 R09: 0000000000000000 [ 168.344512][ T7231] R10: 0000800100000801 R11: 0000000000000246 R12: 0000000000000001 [ 168.352537][ T7231] R13: 0000000000000001 R14: 00007f0756b75fa0 R15: 00007ffcc3ad0f18 [ 168.360560][ T7231] [ 169.832246][ T7248] netlink: 28 bytes leftover after parsing attributes in process `syz.3.383'. [ 170.815367][ T7267] sp0: Synchronizing with TNC [ 171.564674][ T7272] svc: failed to register nfsdv3 RPC service (errno 111). [ 171.585796][ T7272] svc: failed to register nfsaclv3 RPC service (errno 111). [ 172.175578][ T7285] netlink: 4 bytes leftover after parsing attributes in process `syz.1.390'. [ 172.347990][ T7274] netlink: 28 bytes leftover after parsing attributes in process `syz.2.398'. [ 175.168894][ T7320] sp0: Synchronizing with TNC [ 175.987936][ T7313] netlink: 28 bytes leftover after parsing attributes in process `syz.1.401'. [ 176.083681][ T7313] netdevsim netdevsim1 netdevsim2: entered allmulticast mode [ 178.989870][ T7372] netlink: 28 bytes leftover after parsing attributes in process `syz.0.416'. [ 179.041174][ T7372] netdevsim netdevsim0 netdevsim2: entered allmulticast mode [ 182.755526][ T7435] netlink: 28 bytes leftover after parsing attributes in process `syz.2.430'. [ 182.813984][ T7435] netdevsim netdevsim2 netdevsim2: entered allmulticast mode [ 183.102886][ T7455] netlink: 12 bytes leftover after parsing attributes in process `syz.3.437'. [ 183.772264][ T7440] kexec: Could not allocate control_code_buffer [ 185.987442][ T7504] can: request_module (can-proto-0) failed. [ 186.066929][ T7504] openvswitch: netlink: nsh attr 1 has unexpected len 14 expected 8 [ 186.584052][ T7508] netlink: 28 bytes leftover after parsing attributes in process `syz.3.447'. [ 188.032933][ T7537] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 188.835230][ T7547] netlink: 8 bytes leftover after parsing attributes in process `syz.3.464'. [ 188.900635][ T7548] netlink: 8 bytes leftover after parsing attributes in process `syz.3.464'. [ 189.046280][ T7499] kexec: Could not allocate control_code_buffer [ 189.877057][ T7563] sp0: Synchronizing with TNC [ 190.252853][ T7562] Process accounting paused [ 190.618893][ T7578] binder: 7577:7578 ioctl 400c620e 9 returned -22 [ 191.676694][ T7600] mmap: syz.3.482 (7600): VmData 37523456 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 191.749300][ T7605] sp0: Synchronizing with TNC [ 192.750554][ T7624] tc_dump_action: action bad kind [ 193.897565][ T7590] kexec: Could not allocate control_code_buffer [ 194.337863][ T7639] sp0: Synchronizing with TNC [ 194.836579][ T7649] netlink: 334 bytes leftover after parsing attributes in process `syz.0.499'. [ 195.610511][ T7649] Process accounting paused [ 196.181002][ T7683] sp0: Synchronizing with TNC [ 197.639812][ T7707] netlink: 28 bytes leftover after parsing attributes in process `syz.0.516'. [ 198.416548][ T7659] Process accounting paused [ 198.576118][ T7669] kexec: Could not allocate control_code_buffer [ 198.632896][ T7720] sp0: Synchronizing with TNC [ 199.850247][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.856934][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.098906][ T7752] netlink: 'syz.2.527': attribute type 1 has an invalid length. [ 200.520641][ T7759] sp0: Synchronizing with TNC [ 202.749808][ T7796] netlink: 'syz.1.538': attribute type 1 has an invalid length. [ 203.008291][ T7779] can0: slcan on ttyS2. [ 203.045789][ T7795] netlink: 28 bytes leftover after parsing attributes in process `syz.0.535'. [ 203.686255][ T7812] sp0: Synchronizing with TNC [ 203.735813][ T7778] can0 (unregistered): slcan off ttyS2. [ 204.869892][ T7762] kexec: Could not allocate control_code_buffer [ 206.973713][ T7873] netlink: 'syz.3.548': attribute type 1 has an invalid length. [ 207.545722][ T7887] netlink: 'syz.3.551': attribute type 1 has an invalid length. [ 211.648748][ T7941] process 'syz.1.564' launched ':,' with NULL argv: empty string added [ 212.638494][ T7962] netlink: 'syz.0.567': attribute type 1 has an invalid length. [ 215.831849][ T8012] sp0: Synchronizing with TNC [ 216.408168][ T8022] netlink: 'syz.1.583': attribute type 1 has an invalid length. [ 216.610367][ T8027] netlink: 'syz.2.586': attribute type 4 has an invalid length. [ 216.968518][ T8034] netlink: 28 bytes leftover after parsing attributes in process `syz.2.589'. [ 218.124914][ T8051] mkiss: ax0: crc mode is auto. [ 218.644993][ T8060] sp0: Synchronizing with TNC [ 218.854526][ T8062] netlink: 8 bytes leftover after parsing attributes in process `syz.2.596'. [ 219.187740][ T8072] netlink: 'syz.3.599': attribute type 1 has an invalid length. [ 219.589489][ T8080] netlink: 28 bytes leftover after parsing attributes in process `syz.3.600'. [ 219.996871][ T8086] mkiss: ax0: crc mode is auto. [ 220.561004][ T8073] Process accounting resumed [ 220.758503][ T8098] netlink: 'syz.2.608': attribute type 1 has an invalid length. [ 221.058648][ T8103] sp0: Synchronizing with TNC [ 221.483346][ T8111] netlink: 342 bytes leftover after parsing attributes in process `syz.3.612'. [ 222.120898][ T8122] netlink: 'syz.2.617': attribute type 1 has an invalid length. [ 222.214391][ T8124] mkiss: ax0: crc mode is auto. [ 223.983684][ T8137] FAULT_INJECTION: forcing a failure. [ 223.983684][ T8137] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 224.034415][ T8137] CPU: 0 UID: 0 PID: 8137 Comm: syz.3.621 Not tainted 6.13.0-rc3-syzkaller-00193-ge9b8ffafd20a #0 [ 224.045377][ T8137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 224.055572][ T8137] Call Trace: [ 224.058881][ T8137] [ 224.061832][ T8137] dump_stack_lvl+0x16c/0x1f0 [ 224.066617][ T8137] should_fail_ex+0x497/0x5b0 [ 224.071348][ T8137] _copy_to_user+0x32/0xd0 [ 224.077325][ T8137] simple_read_from_buffer+0xd0/0x160 [ 224.082766][ T8137] proc_fail_nth_read+0x198/0x270 [ 224.087851][ T8137] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 224.093451][ T8137] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 224.099587][ T8137] vfs_read+0x1df/0xbe0 [ 224.103798][ T8137] ? __fget_files+0x1fc/0x3a0 [ 224.108631][ T8137] ? __pfx___mutex_lock+0x10/0x10 [ 224.113726][ T8137] ? __pfx_vfs_read+0x10/0x10 [ 224.118490][ T8137] ? __fget_files+0x206/0x3a0 [ 224.123424][ T8137] ksys_read+0x12b/0x250 [ 224.127821][ T8137] ? __pfx_ksys_read+0x10/0x10 [ 224.132685][ T8137] ? syscall_user_dispatch+0x77/0x140 [ 224.138208][ T8137] do_syscall_64+0xcd/0x250 [ 224.142848][ T8137] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 224.148787][ T8137] RIP: 0033:0x7f4c58f8473c [ 224.153235][ T8137] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 224.172970][ T8137] RSP: 002b:00007f4c59cfd030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 224.181421][ T8137] RAX: ffffffffffffffda RBX: 00007f4c59176080 RCX: 00007f4c58f8473c [ 224.189442][ T8137] RDX: 000000000000000f RSI: 00007f4c59cfd0a0 RDI: 0000000000000003 [ 224.197512][ T8137] RBP: 00007f4c59cfd090 R08: 0000000000000000 R09: 0000000000000000 [ 224.205588][ T8137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 224.213647][ T8137] R13: 0000000000000000 R14: 00007f4c59176080 R15: 00007ffc0ce077b8 [ 224.221692][ T8137] [ 224.224846][ C0] vkms_vblank_simulate: vblank timer overrun [ 224.301030][ T8139] sp0: Synchronizing with TNC [ 224.754618][ T8144] Process accounting resumed [ 225.680795][ T8152] netlink: 'syz.3.628': attribute type 1 has an invalid length. [ 226.174405][ T8120] Process accounting resumed [ 226.968755][ T8179] netlink: 'syz.1.638': attribute type 1 has an invalid length. [ 228.210084][ T8193] netlink: 28 bytes leftover after parsing attributes in process `syz.1.641'. [ 228.893584][ T8190] Process accounting resumed [ 229.853092][ T8195] netlink: 'syz.3.647': attribute type 1 has an invalid length. [ 231.324257][ T8225] netlink: 'syz.2.656': attribute type 1 has an invalid length. [ 232.964312][ T8245] syz.0.644 (8245) used greatest stack depth: 19760 bytes left [ 236.689334][ T8300] netlink: 8 bytes leftover after parsing attributes in process `syz.2.678'. [ 237.035610][ T8297] netlink: 8 bytes leftover after parsing attributes in process `syz.2.678'. [ 238.891658][ T8236] syz.1.660 (8236) used greatest stack depth: 17728 bytes left [ 239.501780][ T8318] nfsd: Unknown parameter 'IPVS' [ 240.751073][ T8334] mkiss: ax0: crc mode is auto. [ 242.172841][ T8356] netlink: 'syz.2.706': attribute type 1 has an invalid length. [ 243.129281][ T8378] block nbd12: NBD_DISCONNECT [ 243.489386][ T8376] netlink: 4 bytes leftover after parsing attributes in process `syz.2.701'. [ 243.589767][ T8389] netlink: 28 bytes leftover after parsing attributes in process `syz.3.705'. [ 245.408027][ T8409] netlink: 'syz.1.712': attribute type 1 has an invalid length. [ 245.438629][ T8409] netlink: 'syz.1.712': attribute type 1 has an invalid length. [ 246.408237][ T5874] [ 246.410636][ T5874] ====================================================== [ 246.417695][ T5874] WARNING: possible circular locking dependency detected [ 246.424750][ T5874] 6.13.0-rc3-syzkaller-00193-ge9b8ffafd20a #0 Not tainted [ 246.431894][ T5874] ------------------------------------------------------ [ 246.439064][ T5874] kworker/1:3/5874 is trying to acquire lock: [ 246.445205][ T5874] ffffffff8fabfc48 (rtnl_mutex){+.+.}-{4:4}, at: smc_vlan_by_tcpsk+0x251/0x620 [ 246.454277][ T5874] [ 246.454277][ T5874] but task is already holding lock: [ 246.461681][ T5874] ffff888032889958 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_connect_work+0x53c/0xae0 [ 246.471103][ T5874] [ 246.471103][ T5874] which lock already depends on the new lock. [ 246.471103][ T5874] [ 246.481545][ T5874] [ 246.481545][ T5874] the existing dependency chain (in reverse order) is: [ 246.490785][ T5874] [ 246.490785][ T5874] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}: [ 246.498471][ T5874] lock_sock_nested+0x3a/0xf0 [ 246.503708][ T5874] sockopt_lock_sock+0x54/0x70 [ 246.509029][ T5874] do_ip_setsockopt+0x101/0x38c0 [ 246.514514][ T5874] ip_setsockopt+0x59/0xf0 [ 246.519476][ T5874] do_sock_setsockopt+0x222/0x480 [ 246.525046][ T5874] __sys_setsockopt+0x1a0/0x230 [ 246.530469][ T5874] __x64_sys_setsockopt+0xbd/0x160 [ 246.536137][ T5874] do_syscall_64+0xcd/0x250 [ 246.541202][ T5874] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.547663][ T5874] [ 246.547663][ T5874] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 246.554908][ T5874] __lock_acquire+0x249e/0x3c40 [ 246.560408][ T5874] lock_acquire.part.0+0x11b/0x380 [ 246.566063][ T5874] __mutex_lock+0x19b/0xa60 [ 246.571123][ T5874] smc_vlan_by_tcpsk+0x251/0x620 [ 246.576782][ T5874] __smc_connect+0x466/0x4890 [ 246.582002][ T5874] smc_connect_work+0x54f/0xae0 [ 246.587410][ T5874] process_one_work+0x958/0x1b30 [ 246.592892][ T5874] worker_thread+0x6c8/0xf00 [ 246.598220][ T5874] kthread+0x2c1/0x3a0 [ 246.602850][ T5874] ret_from_fork+0x45/0x80 [ 246.607812][ T5874] ret_from_fork_asm+0x1a/0x30 [ 246.613133][ T5874] [ 246.613133][ T5874] other info that might help us debug this: [ 246.613133][ T5874] [ 246.623372][ T5874] Possible unsafe locking scenario: [ 246.623372][ T5874] [ 246.630830][ T5874] CPU0 CPU1 [ 246.636204][ T5874] ---- ---- [ 246.641583][ T5874] lock(sk_lock-AF_INET); [ 246.646026][ T5874] lock(rtnl_mutex); [ 246.652556][ T5874] lock(sk_lock-AF_INET); [ 246.659515][ T5874] lock(rtnl_mutex); [ 246.663526][ T5874] [ 246.663526][ T5874] *** DEADLOCK *** [ 246.663526][ T5874] [ 246.671765][ T5874] 3 locks held by kworker/1:3/5874: [ 246.676978][ T5874] #0: ffff888030816948 ((wq_completion)smc_hs_wq){+.+.}-{0:0}, at: process_one_work+0x12cd/0x1b30 [ 246.687739][ T5874] #1: ffffc9000408fd80 ((work_completion)(&smc->connect_work)){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30 [ 246.699544][ T5874] #2: ffff888032889958 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_connect_work+0x53c/0xae0 [ 246.709345][ T5874] [ 246.709345][ T5874] stack backtrace: [ 246.715248][ T5874] CPU: 1 UID: 0 PID: 5874 Comm: kworker/1:3 Not tainted 6.13.0-rc3-syzkaller-00193-ge9b8ffafd20a #0 [ 246.726033][ T5874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 246.736125][ T5874] Workqueue: smc_hs_wq smc_connect_work [ 246.741705][ T5874] Call Trace: [ 246.745016][ T5874] [ 246.748064][ T5874] dump_stack_lvl+0x116/0x1f0 [ 246.752777][ T5874] print_circular_bug+0x41c/0x610 [ 246.757848][ T5874] check_noncircular+0x31a/0x400 [ 246.762828][ T5874] ? __pfx_check_noncircular+0x10/0x10 [ 246.768328][ T5874] ? __lock_acquire+0x2077/0x3c40 [ 246.773399][ T5874] ? lockdep_lock+0xc6/0x200 [ 246.778023][ T5874] ? __pfx_lockdep_lock+0x10/0x10 [ 246.783093][ T5874] __lock_acquire+0x249e/0x3c40 [ 246.788009][ T5874] ? __pfx___lock_acquire+0x10/0x10 [ 246.793255][ T5874] ? __pfx_lock_release+0x10/0x10 [ 246.798579][ T5874] lock_acquire.part.0+0x11b/0x380 [ 246.803718][ T5874] ? smc_vlan_by_tcpsk+0x251/0x620 [ 246.808861][ T5874] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 246.814521][ T5874] ? rcu_is_watching+0x12/0xc0 [ 246.819319][ T5874] ? trace_lock_acquire+0x14e/0x1f0 [ 246.824563][ T5874] ? smc_vlan_by_tcpsk+0x251/0x620 [ 246.829703][ T5874] ? lock_acquire+0x2f/0xb0 [ 246.834226][ T5874] ? smc_vlan_by_tcpsk+0x251/0x620 [ 246.839375][ T5874] __mutex_lock+0x19b/0xa60 [ 246.843914][ T5874] ? smc_vlan_by_tcpsk+0x251/0x620 [ 246.849076][ T5874] ? smc_vlan_by_tcpsk+0x251/0x620 [ 246.854219][ T5874] ? __pfx___mutex_lock+0x10/0x10 [ 246.859277][ T5874] ? smc_vlan_by_tcpsk+0x32e/0x620 [ 246.864420][ T5874] ? smc_vlan_by_tcpsk+0x251/0x620 [ 246.869575][ T5874] smc_vlan_by_tcpsk+0x251/0x620 [ 246.874552][ T5874] ? __pfx_smc_vlan_by_tcpsk+0x10/0x10 [ 246.880041][ T5874] __smc_connect+0x466/0x4890 [ 246.884752][ T5874] ? __pfx___smc_connect+0x10/0x10 [ 246.889884][ T5874] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 246.895373][ T5874] ? mark_held_locks+0x9f/0xe0 [ 246.900178][ T5874] ? __local_bh_enable_ip+0xa4/0x120 [ 246.905493][ T5874] smc_connect_work+0x54f/0xae0 [ 246.910369][ T5874] ? __pfx_smc_connect_work+0x10/0x10 [ 246.915774][ T5874] ? lock_acquire+0x2f/0xb0 [ 246.920300][ T5874] ? process_one_work+0x8bb/0x1b30 [ 246.925450][ T5874] process_one_work+0x958/0x1b30 [ 246.930418][ T5874] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 246.936124][ T5874] ? __pfx_process_one_work+0x10/0x10 [ 246.941517][ T5874] ? rcu_is_watching+0x12/0xc0 [ 246.946338][ T5874] ? assign_work+0x1a0/0x250 [ 246.950986][ T5874] worker_thread+0x6c8/0xf00 [ 246.955612][ T5874] ? __pfx_worker_thread+0x10/0x10 [ 246.960749][ T5874] kthread+0x2c1/0x3a0 [ 246.964847][ T5874] ? _raw_spin_unlock_irq+0x23/0x50 [ 246.970072][ T5874] ? __pfx_kthread+0x10/0x10 [ 246.974698][ T5874] ret_from_fork+0x45/0x80 [ 246.979138][ T5874] ? __pfx_kthread+0x10/0x10 [ 246.983759][ T5874] ret_from_fork_asm+0x1a/0x30 [ 246.988566][ T5874] [ 247.461435][ T8429] netlink: 4 bytes leftover after parsing attributes in process `syz.3.716'.