last executing test programs: 3m58.188983168s ago: executing program 0 (id=648): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0) set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001680), 0xffffffffffffffff) madvise$auto(0x0, 0xffffff7fffff0005, 0x8) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) ioctl$auto_VHOST_NET_SET_BACKEND(0xffffffffffffffff, 0x4008af30, &(0x7f00000000c0)={0x2a08000, r0}) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000040), r4) sendmsg$auto_NL80211_CMD_SET_WIPHY_NETNS(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="01002dbd7000fcdbdf253100000008000300", @ANYRES32=r3, @ANYBLOB="82bd2e25d7783da750a5f35142c3dc84890a75db14e9a2ff42c587f61dfc0e20124c79bbb87fa84b9696094904b4b2efbf8922029228b5cf16aab6d6a0401145ebcb5ac8017d3f037f489d3f4839089e3cccbf3df281ca1ccbb4d5eb01615ae5935a8264b773285b408dbf10b33ea5b214b705d299b59d17d0d766c945282b8f0035e768d9751fdbce84329abe5e80cf72be2abf80e5a06eb6826f2f2102b48bc7aaaafe01151e00c502246c0dffe619ceb29905131f5e649fbf1f582b2f005536d51557c5ce3a25710870572ff674c47d35d8dfc176d25d3ab94af83f1278eaa10c0cdc2ad3cb68646eaa34d865"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000) 3m57.033735894s ago: executing program 0 (id=652): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000a80)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2f212cbd7000fcdbdf252100000008000300", @ANYRES32=r2, @ANYBLOB="08009e00064c"], 0x24}}, 0x4000000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) r3 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) timer_create$auto(0x9, 0x0, 0x0) timer_settime$auto(0x0, 0x9, &(0x7f00000000c0)={{0x4, 0x10007}, {0x9}}, 0x0) timer_gettime$auto(0x0, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x4000000) 3m56.884576335s ago: executing program 0 (id=653): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x1, 0x0) futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x18c841, 0x0) r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x6, 0x493) io_uring_setup$auto(0x6, 0x0) clock_nanosleep$auto(0x8, 0x1, 0x0, 0xffffffffffffffff) sysinfo$auto(0x0) ioctl$auto_DMA_HEAP_IOCTL_ALLOC(r0, 0x400454a4, 0x0) 3m55.852304604s ago: executing program 0 (id=662): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) fanotify_init$auto(0x8003dbb, 0x1) r0 = open(&(0x7f0000000140)='./file1\x00', 0x3e1c0, 0x4) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x3) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x58) r1 = openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x242, 0x0) read$auto_sco_debugfs_fops_(r1, &(0x7f0000000140)=""/211, 0xd3) fanotify_init$auto(0x5, 0x7) ioctl$auto_SNAPSHOT_FREEZE(r0, 0xc0045878, 0x0) write$auto(0x3, 0x0, 0xfdf3) 3m55.653709996s ago: executing program 0 (id=663): select$auto(0x9, &(0x7f0000000000)={[0x2, 0x9, 0x81, 0x5f, 0x5, 0x0, 0x2a5, 0x2235, 0xd, 0x1, 0x7fffffff, 0x3, 0x12, 0x37d, 0x1b, 0x4]}, &(0x7f0000000080)={[0x9, 0x7fffffffffffffff, 0x97, 0x0, 0x4, 0xffffffff7fffffff, 0xcf58, 0x0, 0x438, 0xd7, 0x5, 0x6, 0x80000000, 0x6, 0x5, 0x9]}, &(0x7f0000000180)={[0xfffffffffffffff8, 0x239, 0x5, 0x6, 0x3, 0xfffffffffffffffb, 0x1, 0x6, 0xac, 0x5, 0x5, 0x5, 0x7, 0x5, 0xfffffffffffffff9, 0x7]}, &(0x7f0000000100)={0xffffffffffffffff, 0x9}) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(r0, 0x8, 0x1) fcntl$auto(r0, 0x10, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) ioctl$auto(r3, 0xc0045405, 0x3) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) fsopen$auto(0x0, 0x2) clone$auto(0x0, 0x6, 0x0, 0x0, 0xd47) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000f9dbdf250100000006000200010000000500070058000000080009000800000008000a000800000014001f000000000000000000000000000000000014002000"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) select$auto(0x9, &(0x7f0000000000)={[0x2, 0x9, 0x81, 0x5f, 0x5, 0x0, 0x2a5, 0x2235, 0xd, 0x1, 0x7fffffff, 0x3, 0x12, 0x37d, 0x1b, 0x4]}, &(0x7f0000000080)={[0x9, 0x7fffffffffffffff, 0x97, 0x0, 0x4, 0xffffffff7fffffff, 0xcf58, 0x0, 0x438, 0xd7, 0x5, 0x6, 0x80000000, 0x6, 0x5, 0x9]}, &(0x7f0000000180)={[0xfffffffffffffff8, 0x239, 0x5, 0x6, 0x3, 0xfffffffffffffffb, 0x1, 0x6, 0xac, 0x5, 0x5, 0x5, 0x7, 0x5, 0xfffffffffffffff9, 0x7]}, &(0x7f0000000100)={0xffffffffffffffff, 0x9}) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) fcntl$auto(r0, 0x8, 0x1) (async) fcntl$auto(r0, 0x10, 0x2) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) (async) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) (async) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) (async) ioctl$auto(r3, 0xc0045405, 0x3) (async) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) (async) fsopen$auto(0x0, 0x2) (async) clone$auto(0x0, 0x6, 0x0, 0x0, 0xd47) (async) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000f9dbdf250100000006000200010000000500070058000000080009000800000008000a000800000014001f000000000000000000000000000000000014002000"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) (async) 3m55.087869317s ago: executing program 0 (id=667): mmap$auto(0x0, 0x20009, 0xdf, 0x18, 0x401, 0x7ffe) setrlimit$auto(0x1000000007, 0x0) mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000380)={0x8, 0x1, 0x9, 0x3, 0x7, 0x2, 0x5, 0x3, 0x2000000000210006, 0x0, 0x7, 0x5, 0x2, 0x7, 0xaf, 0x800000000000009, 0x2, 0x3, 0x105, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, [0x1b16, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x77, 0x0, 0x0, 0x0, 0x4, 0x0, 0xc06f, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x7, 0x10001, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x107, 0x6, 0x0, 0xfffffffffffffffe, 0x4, 0x0, 0x80000000000], "09e5a6a32344bf2d0c7f16ef506a"}, 0x1fe, 0x81) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRESOCT=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030009000000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a000100aaaaaaaaaabb00000a000500aaaaaaaaaa3700000800040011"], 0x58}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc5}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) io_uring_setup$auto(0x6, 0x0) io_submit$auto(0x2, 0x7e, &(0x7f00000004c0)=&(0x7f0000000480)={0xfffffffffffffffc, 0xd, 0x8, 0x5, 0xe, 0xffffffffffffffff, 0xf, 0x4, 0x0, 0x0, 0xcb8}) socket(0x21, 0x2, 0x2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/raw\x00', 0x2000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/dummy_hcd.4/usb5/5-0:1.0/ep_81/uevent\x00', 0xa42, 0x0) mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x4000000028000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0004, 0x19) madvise$auto(0x0, 0x200007, 0x8) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) prctl$auto(0x4, 0x7, 0x800, 0x1, 0x10) acct$auto(&(0x7f0000000140)='/sys/devices/msr/perf_event_mux_interval_ms\x00') mprotect$auto(0x1ffff003, 0x8000000000000004, 0xd) listxattrat$auto(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x1000, 0x0, 0x9) madvise$auto(0x0, 0x2003f0, 0x15) getxattrat$auto(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, 0xb91) 3m39.782537167s ago: executing program 32 (id=667): mmap$auto(0x0, 0x20009, 0xdf, 0x18, 0x401, 0x7ffe) setrlimit$auto(0x1000000007, 0x0) mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000380)={0x8, 0x1, 0x9, 0x3, 0x7, 0x2, 0x5, 0x3, 0x2000000000210006, 0x0, 0x7, 0x5, 0x2, 0x7, 0xaf, 0x800000000000009, 0x2, 0x3, 0x105, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, [0x1b16, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x77, 0x0, 0x0, 0x0, 0x4, 0x0, 0xc06f, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x7, 0x10001, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x107, 0x6, 0x0, 0xfffffffffffffffe, 0x4, 0x0, 0x80000000000], "09e5a6a32344bf2d0c7f16ef506a"}, 0x1fe, 0x81) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRESOCT=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030009000000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a000100aaaaaaaaaabb00000a000500aaaaaaaaaa3700000800040011"], 0x58}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc5}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) io_uring_setup$auto(0x6, 0x0) io_submit$auto(0x2, 0x7e, &(0x7f00000004c0)=&(0x7f0000000480)={0xfffffffffffffffc, 0xd, 0x8, 0x5, 0xe, 0xffffffffffffffff, 0xf, 0x4, 0x0, 0x0, 0xcb8}) socket(0x21, 0x2, 0x2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/raw\x00', 0x2000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/dummy_hcd.4/usb5/5-0:1.0/ep_81/uevent\x00', 0xa42, 0x0) mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x4000000028000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0004, 0x19) madvise$auto(0x0, 0x200007, 0x8) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) prctl$auto(0x4, 0x7, 0x800, 0x1, 0x10) acct$auto(&(0x7f0000000140)='/sys/devices/msr/perf_event_mux_interval_ms\x00') mprotect$auto(0x1ffff003, 0x8000000000000004, 0xd) listxattrat$auto(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x1000, 0x0, 0x9) madvise$auto(0x0, 0x2003f0, 0x15) getxattrat$auto(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, 0xb91) 5.01914321s ago: executing program 3 (id=1773): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001980)={0x28, r1, 0xd0d58b333228212f, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}, @NL80211_ATTR_MAC={0xa, 0x6, "1fc82117366d"}]}, 0x28}}, 0x4000000) close_range$auto(r0, 0xfffffffffffff000, 0x2) socket(0x28, 0x805, 0x0) socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000000000)='./file0\x00', 0xa61c2, 0x84) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) sched_setattr$auto(0x0, &(0x7f00000002c0)={0x1000, 0x4e, 0x1d, 0xc, 0x6, 0x5f02, 0x82, 0x9, 0x877, 0x6}, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r5, r4, 0x4, 0x1ff, r3, @relative_id=0x13, 0xe600}, 0xf) r6 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r6, 0x0, 0x3}, 0xc) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) 4.612198476s ago: executing program 3 (id=1780): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/default_smp_affinity\x00', 0x40000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) writev$auto(0x8000, &(0x7f0000000040)={0x0, 0x1000000000004}, 0x2bc) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x16, &(0x7f0000000040), 0x1) io_uring_register$auto(0x2, 0x16, &(0x7f0000000040), 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x4, 0x8002) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) ioctl$auto_TIOCGDEV2(r0, 0x5459, 0x0) 4.522460256s ago: executing program 3 (id=1782): mmap$auto(0x0, 0x20009, 0xc0000000, 0xeb1, 0x40000000000a3, 0x8002) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r0, r0, 0x103fff) syz_genetlink_get_family_id$auto_l2tp(0x0, r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0xffffffdd, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x8, 0x100, 0x5) mbind$auto(0x2000, 0x2, 0x100000000, 0x0, 0x6, 0x2) mmap$auto(0x0, 0x95, 0x3, 0xeb1, 0xfffffffffffffffd, 0x8000) setregid$auto(0x0, 0x3) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) wait4$auto(0x0, 0xfffffffffffffffc, 0x60000002, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) setpriority$auto(0xc100000000000000, 0x0, 0x9) close_range$auto(r1, r0, 0x0) madvise$auto(0x0, 0x200009, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) epoll_create$auto(0x840342e) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) connect$auto(0x3, 0x0, 0x55) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x1, 0x8000) pidfd_open$auto(0x1, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x10, 0x800, 0x7f) setresuid$auto(0x60, 0x0, 0x8000) bind$auto(r2, &(0x7f00000000c0)=@nl=@proc={0x10, 0x0, 0x25dfdbfc, 0x10}, 0x9) clone$auto(0x200, 0x20000000000001, 0xffffffffffffffff, 0x0, 0x5) mbind$auto(0x2af, 0x4, 0xfffffffdfffffff1, 0x0, 0x9, 0x5) 3.827733484s ago: executing program 2 (id=1784): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x4, 0x10) prctl$auto(0x1000000003b, 0x1, 0x9, 0x5, 0x3) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x7, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) ioctl$auto__ctl_fops_dm_ioctl(r0, 0x4048aec9, 0x0) socket(0x1a, 0x4, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0xd, 0x4, 0x276) prlimit64$auto(0x0, 0x8, 0x0, 0x0) 3.784255154s ago: executing program 4 (id=1785): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000680), r3) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000006c0)={'batadv0\x00', 0x0}) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/netfs/requests\x00', 0x141001, 0x0) lseek$auto(r5, 0x100, 0x1) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000014c0)=ANY=[@ANYRESDEC=r2, @ANYRESDEC=r2, @ANYRES32=r2, @ANYRESOCT=r2], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x9800) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000340), r0) sendmsg$auto_NL80211_CMD_UPDATE_FT_IES(r2, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x30, r6, 0x4, 0x70bd2c, 0x25dfdbff, {}, [@NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x7}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x4c}, @NL80211_ATTR_RECEIVE_MULTICAST={0x4}, @NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x2f}]}, 0x30}, 0x1, 0x0, 0x0, 0x20041844}, 0xc052) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r0, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000001540)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYRESDEC=r1, @ANYRESDEC=0x0, @ANYBLOB="08000100", @ANYRES32=r4, @ANYBLOB="0c000180080003000200000088e986f59580a764eebd547ec1f60ae838aa0f68f9e84b40"], 0x58}, 0x1, 0x0, 0x0, 0x4890}, 0x0) r7 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x60200, 0x0) read$auto_proc_iter_file_ops_compat_inode(r7, &(0x7f00000004c0)=""/4096, 0x1000) r8 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) flock$auto(r8, 0x5) setns(r8, 0x40000000) read$auto_proc_iter_file_ops_compat_inode(r7, &(0x7f0000000080)=""/229, 0x10c) 3.451554384s ago: executing program 4 (id=1787): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) close_range$auto(0x2, 0x8, 0x0) ppoll$auto(&(0x7f0000000040)={0xffffffffffffffff, 0x1, 0x6}, 0xe291, &(0x7f00000000c0)={0xcf7, 0x2}, &(0x7f0000000100)={0x2}, 0x8) read$auto_snd_rawmidi_f_ops_rawmidi(r0, &(0x7f0000000140)=""/131, 0x83) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) 3.423449106s ago: executing program 2 (id=1788): r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001680), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x829c, &(0x7f0000000000)={0x3, 0x6, 0x2, 0x0, 0x10001, 0x4, r0, [0x0, 0x2424, 0x7], {0x9, 0x6, 0x5, 0x8, 0xf14b, 0xc, 0x7, 0x32dbe21b, 0x8}, {0x1, 0x0, 0x1, 0x3, 0xe8, 0x2, 0xfffff56f, 0x3, 0x8}}) (async) sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(r2, &(0x7f0000002300)={0x0, 0x0, &(0x7f00000022c0)={&(0x7f0000002280)={0x14, r1, 0x311, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0xc801}, 0x10040) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PHY_GET(r3, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f00000000c0)={0x20, r4, 0x301, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_PHY_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x2404c012}, 0x80) 3.388138447s ago: executing program 3 (id=1789): socket(0xa, 0x801, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) r0 = socket(0x1d, 0x3, 0x1) getsockopt$auto(r0, 0x65, 0x6, 0xffffffffffffffff, 0x0) socket(0x15, 0x1, 0xfffffffd) pipe2$auto(&(0x7f00000001c0), 0x2a) setreuid$auto(0x0, 0x20000000004) fcntl$auto(0x0, 0x407, 0x8100000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) 3.145722575s ago: executing program 1 (id=1790): mmap$auto(0x0, 0x400006, 0x10000000df, 0x9b72, 0x5, 0x8004) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x1, 0x9, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) madvise$auto(0x0, 0xffffffffffff0001, 0x14) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/bind_mode\x00', 0xa000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/4096, 0x1000) socket(0xa, 0x6, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x4, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20000, 0x1) faccessat2$auto(r1, &(0x7f0000000040)='./file0\x00', 0x0, 0x10) set_mempolicy_home_node$auto(0x8000, 0x10001, 0x0, 0x0) madvise$auto(0x6, 0x1a83, 0x18f9) 3.145505929s ago: executing program 2 (id=1791): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd7000fedbdf251600000283000180140002006e65746465767369ae00f903304aa0ede66d300000000000000500030004000000a19b04004000300b8b36efeba247d1abf1bfa0be219eabbbb4ac3031e041e7060fd9d730deab992dfcc7f55ebfd51f8b74b9530d3a97bae7a049d8c7ed0e07817e02dbc577bc980b703b329c445d8c93ebb643a8aa5ebac489ea5a9c"], 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x4040000) mmap$auto(0x400000000, 0x400003, 0xfffffffffffffffb, 0x9b73, 0x4000000f, 0x8000) timer_create$auto(0x4, 0x0, 0x0) socket(0x2a, 0x1, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r2 = socket(0xa, 0x801, 0x100) getsockopt$auto(r2, 0x40000000029, 0x10, 0xfffffffffffffffe, 0x0) bind$auto(0x3, &(0x7f0000000080), 0x6b) connect$auto(0x3, &(0x7f00000000c0), 0x55) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) fcntl$auto(0xffffffffffffffff, 0x401, 0x5) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x40) setsockopt$auto(0xffffffffffffffff, 0x4, 0x8001, 0x0, 0x2) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x10000000000002d, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) gettid() connect$auto(0xffffffffffffffff, 0x0, 0x55) mmap$auto(0x0, 0x5, 0x1, 0x16, 0x3, 0x6) unshare$auto(0x40000080) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) madvise$auto(0x0, 0x20200, 0x15) mmap$auto(0xffffffffffff02e1, 0x20009, 0x4000000000df, 0x8000000eb1, 0x3ff, 0x8000) r3 = open(&(0x7f0000000200)='./cgroup\x00', 0x400, 0x23) fchdir$auto(r3) mkdir$auto(&(0x7f0000000140)='MAC80211_HWSIM\x00', 0x1) 2.201812445s ago: executing program 4 (id=1792): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x403, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x2b, 0x1, 0x0) sendmsg$auto_NLBL_CIPSOV4_C_REMOVE(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x2404c040) socket(0x2, 0x800, 0x4) socket(0x2, 0x1, 0x0) socket(0x2, 0x6, 0x0) epoll_create$auto(0x4) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x2, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x0, 0x80000001, 0x7, 0x6d3c, 0x5, 0x2]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) connect$auto(0x3, 0x0, 0x55) 1.254044074s ago: executing program 4 (id=1793): mmap$auto(0x0, 0x20009, 0x4000200000df, 0xeb1, 0x404, 0x8000) r0 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) ioctl$auto_RNDGETENTCNT(r0, 0x80045200, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) mmap$auto(0x10001, 0x800, 0x3e3d, 0x10010, 0x100000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000001100)={0x14, r1, 0x301, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0xc040810) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x8001, 0x400, 0x5, 0x10, 0x6, 0x9) mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) read$auto(0x4, 0x0, 0xfdef) 1.253881913s ago: executing program 1 (id=1794): close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) iopl$auto(0x3) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0) landlock_restrict_self$auto(r0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000000, 0x5, 0x8, 0x940, 0x1ffde, 0x3, 0x2000000000000006, 0x2, 0x9, 0x5, 0x2, 0x8, 0xae, 0x9, 0x0, 0x7, 0x5, 0x7, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, [0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x400000, 0x0, 0x80000000000, 0x3, 0x0, 0x8000000000000000, 0x80000000000000, 0x0, 0xfffffffffffffffd, 0x0, 0xfffffffffffffbfe, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x8, 0xfffffffffffffffe]}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 1.087026687s ago: executing program 3 (id=1795): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x2, 0x0) bpf$auto(0x0, &(0x7f00000004c0)=@bpf_attr_5={@target_ifindex, 0xffffffffffffffff, 0x4, 0xa, 0xffffffffffffffff, @relative_id=0x3, 0x91}, 0x3ff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='f\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) read$auto(r0, &(0x7f000000be80)='batadv0\x00', 0xf) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f000000c180), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r4 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000a80), 0x8c0001, 0x0) ioctl$auto_TUNGETVNETHDRSZ(r4, 0x800454d7, 0x0) sendmsg$auto_TIPC_NL_NAME_TABLE_GET(r0, &(0x7f000000ca40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYRES8=r2, @ANYRES8=r3, @ANYRESHEX=r3], 0x14}, 0x1, 0x0, 0x0, 0x841}, 0x40800) 985.511816ms ago: executing program 2 (id=1796): acct$auto(&(0x7f0000000280)='/sys/kernel/config/t\xda\xe8\xda\x1f[\x03+\xbdC\x14\x02\x00\x00\x00\x00\x00\x00\x00o[e/alua/lu_gps/default_lu_gp/lu_gp_id\x00\x95\xc4e\xb7\x82m\x00\x00\x00\x00 \xdb\xa3\xe6\xfa~\xc8\xd1\xe1\x1eu:xO\xb4\x062U:\xb8\xc2\x83>\x96`~\xe9/\x11!\xfai\xcfUK\x06\xbdnb&\xc9\x8b\xae\x9f7\xef\xba\xa4B\x99\xa4\xa9I\xb2\xad\xa5\x1e\x9a\x997T\x1d\xe0-\x19\xdf\xf9;\xbb\x0e\x88G\xdb\x12hE\xa9\xf8\xcf&1\xb7xH\x1d8%\xaa\xf1O\a\x8a\x81\xc44\xed.\x1d\xcc\xc3R/\x01\x0eZ\xe2\xa4\x7fX\x8b\xd5\x03\xad\x11\xea\xb0i\xb3\x9d\x9f\xe5\xc3\xf8\x10\xdaF6\xabJ\x9dJ\x94B@?\x83\xb8eMs9,\xeb\x93\xd0\xc0$\n\xab\a\v\x06\xae\xd6\x00\x02\x00\x00\x00\x00\x00\x00t\xc5D\xcd\tm\xbfp\xfb^\xb571\xc6^\x06\x00\x00\x00\x00\x00\x00\x00\xedt\xb32\xd4\f\x8f\x80\x85@\x1br\xe8\xd0\x99-\r\x9e\x1c\xb5\xcd\x8e\xc9\v\x94\a\x03\fP)\xdd\xa6\n}\xf0%\xbd8\xb7\x00\x97\x90\x05\xc8\xe8\x93\xf7B\x1b\xba\xa3f\x04\x9e\'\xa6\xbf\xb7\x83\xaa\x1fu;\x03Y[H\xed`Lnt\xf35\xa4N\xfd\x04)\xc2\xa0\xca!#\x88\x8b\x9dp\x93\x9bZ\xf9B,x\xce\xc6n\xb4x\"\x1fr-\xbe\x1d\x1em\bE\x1eG\xf3\x18\x7f\x80\x81\xbf.\x13\xb14z\x1fA\xca\xf6\xb8bA\xc7{\xf9\x9dr\x8b\a\x9f\xc4\x01\x00\x00\x80\x9a\xddv;3@\xf0\xd36\xf9\x8f#\xecw\x88<\xae\bn@t\x8d\\\x86\x97L\xa2\x17\xb1\xda\x19\xb3`0L0v=\xbb\x18\xec\xf8\x12\x9e\xad\xa2\x01djH\x87\xd7K\xf4\xd2\xdc\x99\x18\xa2`\xb3N\xd6\x02\xfc\x14/\x114\x9a\xd5\x85\xa8\xfe\x1d*o\x8bdaj\x11\xcb\xb74\x93\xc2\x1e\xca\x81 \xa8\xb4\xb69S\xd1\x8b\x9d\x00\x00\x00\x00\x00\x00\x00\x19\x00\xdb\x87\x9c\x9c0\xe26IaH\t\xc7tf{6\xfc\xb1V\x14\xb5\x95\xb6\xfb?\xeb\xe1\xa9V\x9a\xbdW\xa5Y\x95\x98$\x89i\x83*y\x1c\x06\xf23\xbekc6\x16VN\x93\xcb\x1d\xda\x002R\x9eu[\x8cGX\x93\x01\xf4F\xa1%]\xb3\x7f\xc6\x8c/\xcd;\xf6sX`erJ\x1eN\x1b\xf3i\x0e\x88\xd1\x83\xde\xa8Lr\xdcV\xf8\x87\xdft\xb0\xbcN\x01e\xcaS\xa9\xd6S\xbf\xb7\xfa\xa8\x1b\xb4\x84\xe6\xc5\x92\xff\xc1\xd3\xb3\xb6\xf1\xfdm\xd9\xd2\x893\xafQm}N(\x19=\xb4z\xc8/j\x11\x97\x8a<\f\x8f\x86\xb7\xe6\xc0_\x01\x11\xe8+u\xc72~\x0e\x01&\xb9\xf4\xb1\x91\xbbnR\xc6$\x1a\xaf\xfdg\xf5\xfc5\x92\x02FVm.\xc1\xe4y\xf0\x9d%\xbe\xa5fe\xe8\n\x12ymUS\xe3\xe6\xb7?Z\xc0RxU7Ny\x18`\xcf^c\xef\xa6\x90\xa8|h\xf8V\x80\xa3\x18%~!\xb9lhl\x16~\xed\xeb5>\x06\x1c`uU\x99W\xa3hc\xf2\x15\x0f\xcd\xb5') mmap$auto(0x20000000, 0x10000001, 0xdf, 0x9b7f, 0x0, 0x100000000008000) ioctl$auto(0xc8, 0xffffffff800454dd, 0x4000000000008) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdc, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) read$auto(0x3, 0x0, 0x80) madvise$auto(0x0, 0x3, 0x66) socket(0xa, 0x1, 0x84) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0xffffffbfffffffff, 0x8000) io_uring_setup$auto(0x1, 0x0) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20881, 0x0) ioctl$auto_evdev_fops_evdev(r0, 0x400445a0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) seccomp$auto(0x7d5d, 0x8, 0xfffffffffffffffc) mprotect$auto(0x9, 0x5, 0x200) socket(0xa, 0x2, 0x2) semctl$auto(0x1ff, 0x2, 0x13, 0x1) io_uring_setup$auto(0x40005, &(0x7f0000000000)={0x6, 0x1, 0x400, 0x100007, 0x6, 0x6, 0x7, [0x1, 0x2e9, 0x3], {0x0, 0x1, 0x8, 0x7, 0x5, 0x5, 0x1, 0xfffffffc, 0x7}, {0x4, 0xfff, 0xffff7ffe, 0x2, 0x8, 0x200, 0x3, 0x0, 0x1}}) setsockopt$auto(0x400000000000003, 0x29, 0x30, 0x0, 0x20000) mmap$auto(0x0, 0x8, 0x1000000004, 0x8b72, 0x2, 0x8000) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) mmap$auto(0x0, 0x4, 0x4000000020df, 0x40eb2, 0x402, 0x300000000000) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x80800, 0x0) mmap$auto(0x0, 0xfffffffffffffffa, 0x7, 0x18, 0x9b, 0x7) read$auto(r2, 0x0, 0x39b8) openat$auto_fops_ulong_ro_(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/ieee80211/phy18/netdev:wlan1/stations/08:02:11:00:00:00/rx_fragments\x00', 0x133101, 0x0) 715.547924ms ago: executing program 1 (id=1797): r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x20) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2, 0x1, 0x0) socket(0x1e, 0x5, 0x0) socket(0x10, 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) memfd_create$auto(&(0x7f0000000000)='\xc4--:\xdd:,./-${\x00', 0x4) mmap$auto(0x0, 0x8, 0x1000000016, 0x13, 0x3, 0x400180000000) mmap$auto(0x8000000, 0x8, 0x1000000016, 0x13, 0x3, 0x180000000) socket(0x1e, 0x1, 0x0) mmap$auto(0x8000000, 0x8, 0x1000000016, 0x13, 0x3, 0x180000000) execveat$auto(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 559.326707ms ago: executing program 1 (id=1798): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0) ioctl$auto_dvb_dvr_fops_dmxdev(r0, 0x3, &(0x7f0000000040)="9c8f01abb2e9aebe959d3dd61aadfe98c0e0026a8ffc6423da36141a5160588970fe84a871de22cc69dae0447c298000d770d57155b9e6156f104327496cc451713a8a1994b3edbf735f3705570349b2cadcbcacbb80e4c4e1280a1c") mmap$auto(0x0, 0x2000c, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) ioctl$auto(r0, 0x402c542d, 0x38) 497.160755ms ago: executing program 2 (id=1799): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/overcommit_memory\x00', 0xf22437c730143eb6, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) mprotect$auto(0x6, 0x5, 0x9) r0 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) write$auto_random_fops_random(r0, &(0x7f0000000040)="9acc", 0x2) 395.41512ms ago: executing program 1 (id=1800): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/scsi/drivers/st/debug_flag\x00', 0x501, 0x0) keyctl$auto(0x6, 0x407, 0xbf, 0x0, 0x400002) r0 = openat$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) pread64$auto(r0, 0x0, 0x9, 0x7) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000003fc0)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20a02, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xc01) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000fedbdf250100000008000a00080000000500070058000000080009009c781e01060002000500000006001b004e23000014001f007897fbd700"/74], 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x48080) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xc) openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/error_log\x00', 0x382, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(0x3, 0x4b4d, 0x38) read$auto(r3, 0x0, 0x9) 351.26037ms ago: executing program 2 (id=1801): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vbi11\x00', 0x80700, 0x0) mmap$auto(0x0, 0x100000000, 0x80000df, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) mmap$auto(0x0, 0x2000000000400008, 0xdf, 0x2009b72, 0xffffffffffffffff, 0x3792cd2f) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) madvise$auto(0x0, 0xffffffffffffffff, 0x19) signalfd4$auto(0xffffffff, &(0x7f0000000080)={0x8000}, 0x8, 0x0) io_uring_setup$auto(0xa, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) unshare$auto(0x40000080) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2, 0x1, 0x0) socket(0x1e, 0x1, 0x0) socket(0x10, 0x2, 0x0) memfd_create$auto(&(0x7f0000000000)='\xc4--:\xdd:,./-${\x00', 0x4) mmap$auto(0x0, 0x8, 0x1000000016, 0x13, 0x3, 0x400180000000) mmap$auto(0x8000000, 0x8, 0x1000000016, 0x13, 0x3, 0x180000000) ftruncate$auto(0x3, 0x0) mknod$auto(0x0, 0xc9, 0xc8) mmap$auto(0x9, 0x8, 0xdf, 0x9b7d, 0x2, 0x8000) nanosleep$auto(0x0, 0x0) add_key$auto(0x0, 0x0, 0x0, 0x6, 0x100) r0 = socket(0x3008bcb91a0c5d7d, 0xa, 0xe7a) socket(0x8, 0x5, 0x106) syz_genetlink_get_family_id$auto_nl80211(0x0, r0) socket(0x2, 0x1, 0x106) unshare$auto(0x40000080) mmap$auto(0x200000007, 0xa, 0x4, 0x13, 0x8001, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xfffffffffffffffd, 0x40000008000) 276.270424ms ago: executing program 1 (id=1802): r0 = socket(0x10, 0x2, 0x0) r1 = syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000003c0)={0x14, 0x0, 0x100, 0x70bd2a, 0x25dfdbfb}, 0x14}}, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) recvmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x2009, 0x0, 0x5, 0x0, 0x1, 0x4}, 0x4}, 0x10000, 0x300, 0x0) rename$auto(0x0, 0x0) sendmsg$auto_HANDSHAKE_CMD_DONE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYRES16=r1, @ANYRES32=r1, @ANYBLOB='d\x00\x00\x00', @ANYRES8=r0, @ANYRES32=r0], 0x64}, 0x1, 0x0, 0x0, 0x20000800}, 0x20048c10) sendmsg$auto_HANDSHAKE_CMD_ACCEPT(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="ffff"], 0x14}}, 0x4000808) 212.281033ms ago: executing program 4 (id=1810): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x14, 0x940, 0x1ffe0, 0x8003, 0x6, 0x6, 0x7, 0x5, 0x2, 0x9, 0x6, 0x9, 0x2, 0x3, 0x2, 0x7}, 0x1fe, 0x7) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @private=0xa010100}, 0x6a) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x20000800) r3 = socket(0x2, 0x5, 0x0) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0xff80}, 0x7, 0x0, 0x2, 0xb}, 0x40000fff}, 0x5, 0x7fffffff) r4 = socket(0x2, 0x5, 0x0) r5 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f00000001c0), r2) sendmsg$auto_IEEE802154_SCAN_REQ(r4, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, r5, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@IEEE802154_ATTR_STATUS={0x5, 0x3, 0x8}, @IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0) sendmsg$auto_IEEE802154_LIST_IFACE(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, r5, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0xe}, @IEEE802154_ATTR_LBT_ENABLED={0x5}, @IEEE802154_ATTR_PHY_NAME={0xc, 0x1f, '+@&%,*$.'}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}]}, 0x38}, 0x1, 0x0, 0x0, 0x20040000}, 0x8080) 105.372995ms ago: executing program 3 (id=1803): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8000, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x0, 0x0) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_PEER_MEASUREMENT_START(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r0, 0x200, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40080}, 0x8040) io_uring_setup$auto(0x3ff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd10\x00', 0x10800, 0x0) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd10\x00', 0x10800, 0x0) mremap$auto(0x110c230000, 0x4, 0x4, 0x7, 0x100000000) mmap$auto(0x0, 0x8, 0x329, 0x10011, 0x2, 0x8000) (async) mmap$auto(0x0, 0x8, 0x329, 0x10011, 0x2, 0x8000) clone$auto(0x4, 0x400, 0xfffffffffffffffe, 0xfffffffffffffffc, 0xd1) (async) clone$auto(0x4, 0x400, 0xfffffffffffffffe, 0xfffffffffffffffc, 0xd1) 0s ago: executing program 4 (id=1804): inotify_init1$auto(0x0) inotify_init1$auto(0x785f) r0 = socket(0x1d, 0xa, 0x3) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x8001, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/icmp6\x00', 0x2109c1, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000080)=""/186, 0xba) fcntl$auto(r0, 0x1ff, 0x2) r2 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000180), r0) sendmsg$auto_GTP_CMD_NEWPDP(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x38, r2, 0x800, 0x70bd27, 0x25dfdbfd, {}, [@GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_PEER_ADDRESS={0x8, 0x4, @local}, @GTPA_MS_ADDR6={0x14, 0xc, @dev={0xfe, 0x80, '\x00', 0xd}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x20000850) socketpair$auto(0x2, 0x2b, 0xfffffff9, &(0x7f0000000280)=0x4) r3 = socket(0x1f, 0x6, 0xfffffffa) r4 = openat$auto_fault_around_bytes_fops_(0xffffffffffffff9c, &(0x7f00000002c0), 0x203, 0x0) read$auto_fault_around_bytes_fops_(r4, &(0x7f0000000300)=""/238, 0xee) r5 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000400), 0x412040, 0x0) signalfd4$auto(r5, &(0x7f0000000440)={0x9}, 0x9, 0x7) ioctl$auto(r0, 0x80000000, 0xfff) r6 = socket(0x10, 0x3, 0x7fff) readv$auto(0x1, &(0x7f0000000500)={&(0x7f0000000480)="a720773bb192d1d21aa82eda8e4e87ea54498958691a474ad7ae0d9a75dd04df98d974e1ada8ac5d3a0cb85844b591f3e5d701755c8a6dcbc717a0791c4c40d5218ab61bdc4ecb2260952d4f4d75f62fb20ca22fcdf87e4f6ce734ab5a6e3b29595bb867f2730f21a2869655004830acc183f5839e", 0x6}, 0x2) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000580), r3) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000700)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc4, r7, 0x4, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_HW_TIMESTAMP_ENABLED={0x4}, @NL80211_ATTR_FILS_CACHE_ID={0xac, 0xfd, "dac0cfdb4f1a87e41bec9fa1f567fba146e9b2fd9650761bd4dca6f1688fcdb0e5c86c23801fd3d1dfc59f5f24b394ff06142068e7429d0f89731b9e35f64870a79f7ea988e22de9c66a793984d6b29eae44605648d3276db34fc43b47c7042292e835cb4011ecf14dad593d8df428c0ca3fad9d0c2b891f1074a30d849a03a224487314a7a33765de52fd34d71ac953902a0c1e94d6f5b5e98301403840502682172f709b7fcb86"}]}, 0xc4}, 0x1, 0x0, 0x0, 0x8000}, 0x80) socketpair$auto(0x8, 0x80000001, 0x80000001, &(0x7f0000000740)=0x1) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000780)='/dev/bus/usb/003/001\x00', 0x8000, 0x0) io_uring_register$auto(r4, 0x1, &(0x7f00000007c0)="eb06a31a1bde6dec5610454e017c6b5b142bf0cf16bd5bd83f8cf19bcaf597bd28efbc176905b33f71702670f0436f3572c16641900cc16a1f11eeffb35184d9e1cb197998f990d970baac8bdb126b80a02f158a60836296355e", 0xa0000000) socketpair$auto(0x0, 0xfff, 0xffffffff, &(0x7f0000000840)=0x9) write$auto(r0, &(0x7f0000000880)='\x00', 0xfffffffffffffffd) bpf$auto(0x6, &(0x7f00000008c0)=@bpf_attr_7={@prog_id=0x1, 0x0, 0x3}, 0x7a53) r8 = openat$auto_show_traces_fops_trace(0xffffffffffffff9c, &(0x7f0000000980)='/sys/kernel/tracing/available_tracers\x00', 0x0, 0x0) r9 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000009c0)='/sys/kernel/debug/lru_gen\x00', 0x200, 0x0) close_range$auto(r8, r9, 0x4) sendmsg$auto_NL802154_CMD_DEL_SEC_DEV(r6, &(0x7f0000001040)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000001000)={&(0x7f0000000a80)={0x578, 0x0, 0x300, 0x70bd2a, 0x25dfdbff, {}, [@NL802154_ATTR_COORDINATOR={0x55c, 0x1e, 0x0, 0x1, [@nested={0x54, 0x123, 0x0, 0x1, [@typed={0x8, 0x3c, 0x0, 0x0, @u32=0x6}, @nested={0x4, 0x6f}, @nested={0x4, 0x121}, @typed={0x8, 0x2a, 0x0, 0x0, @u32=0x9}, @typed={0xc, 0x110, 0x0, 0x0, @u64=0xfffffffffffffffc}, @typed={0x2a, 0x14a, 0x0, 0x0, @str='/sys/kernel/tracing/available_tracers\x00'}]}, @nested={0x9a, 0xf9, 0x0, 0x1, [@nested={0x4, 0x145}, @nested={0x4, 0x75}, @typed={0x8, 0x5a, 0x0, 0x0, @pid}, @generic="7dcadbbe9eeb702e2a22247117d4a4eda8fe5a16cc442783e5a5c15ba4d7a527ed6a89aee7775afc71906eb66ae3d204ac81edb5d66de98a8c178ec258cb8f496cd5a0f0e7c4f2a1bf4b48d25cab208dd95151c8fb48b0d08496aad9dc13c44a0bc01d6bc39486ee0989af0ad8c0c02868f2ec528c9365cce60f79f94b157aa6ff9d34061b06"]}, @generic="5d82389687f44310ec70e8af12dbb72389409130aef697f47204a1f04e16b24e83f6ae8f77a1180c259f290b238a7311f6d9019cf44e81edcdc39d744b8939efa0e3698e0637887a0668536f5f9b0bfa4d107098eeb5f6e1fce017c60cb50569f115d1f5d8157def773a8efd1e8e9886593b587d56b58d6aa124bb8e5cca8ff3a534da237b107522c802e57edfd5389f535dca30ce1c81e88755e07d90a47c40d0883839912eae816f928f8445108fb8b84a601c842d43a6afe276e2a44ec54e7a74cf209f54c2edb2d18fbe7d5e3bb0c4fb8ee49f2819745d96f78b51ce4e8f3056a8f145c580d4fb80587851946a73cc68ca349183c5b617cfac68b3", @generic="aa42841c6fd5bba66893b9a41e568c5635665a49af0f9f653fa4c50ebe6ceb44544d70977523d5dc69ac2af638d26b22f285f85fa4ebc394e366f085ea33f6ba63f04fc135ba7c8a5260702803717211656a58a9e09b77466c751a9ce8bc49503192b9c315c6498d96971ee92a58bb90bb6c62823ece7cc14043d027d5658fd9cacd40eae7da7d9dc9a5ff1d575b270327c179ab6a650a1c0a1850918927d1c5360a7f66ac161fd226dda7e8f71e8426912531382c202286793752c71675f32b11449ff80539a64dce518efd8548f3a1f7f9fa4deb7a1261d823ffbae0a1d0", @nested={0xad, 0xc9, 0x0, 0x1, [@generic="19dc30132af267d57d955ccf73674c557dc909bf4bd4579e6d77b67f399b23005a387f42c888aa398bf0f110c6a26b5a3579ef6728e80155f3339b00d79aadef754aa56845c85719977c58928f9870ef9b347fe8dc44e3b3ae6052913e50284832d794632c41cfde974f5e6ac09891c8cbcb4d646fd0939d01e09d23ab63b655252c779fdf", @typed={0x6, 0x8e, 0x0, 0x0, @str='.\x00'}, @typed={0x14, 0x78, 0x0, 0x0, @ipv6=@mcast1}, @typed={0x8, 0x6f, 0x0, 0x0, @pid}]}, @nested={0x1dc, 0xc1, 0x0, 0x1, [@typed={0x8, 0x99, 0x0, 0x0, @u32=0x200}, @nested={0x4, 0xfa}, @typed={0x8, 0xbe, 0x0, 0x0, @ipv4=@private=0xa010102}, @typed={0x8, 0x86, 0x0, 0x0, @uid=0xee00}, @typed={0xbf, 0x83, 0x0, 0x0, @binary="f2a5f925e87e99e2ff87459042fc7a5a2b44b3fe7973fa18b2d72b17ede49039935cb5743530a57bc719f3f7761eff0add41d8668a19c868ecc9e95ba9adade840e31747551fd4b1e6dcc542d68453fa07251910292c4b6ce921d9bba437eee7b0ef3d89ea087c63e39963e33420015a388b8e882368bd2ec03e6cfe99c47ecaa1c5e7ebbe0851ef3827a803db76038d9ff0b5f41aabd28f1dbb19a2b1323f3b301b5b384b869ffa716c76e554b18f6ab83366308eb3d128ce0c59"}, @nested={0x4, 0xa9}, @typed={0xf1, 0xdf, 0x0, 0x0, @binary="70a73846ef1763594f7e87db677ea8f3b44f2b0662de772e2fb646cd733709a4e282fac805d4e620acd83b2ee691ca1a4da2f038cdc48947bfafc12b4b46f43a0d9767477ae6883cf7c746a65715d79c73b5f954a77f9c56cdc81d8e9c9a2dba4a82abdb43e65f4b9b9567acb540b2e0969271ac14beb2471a249ebf1cb26a56790d3028a44eed100f44ec18ecbc7b8361c45c514ac2bdfa2b2283b1c7d736da7ec6094bde2b3b4db87eb3cb1a27f91304f1ada91bb0e14d73de1c32043813073b28849c54ead3b90d52ec09b14d85e3769ddc812be9364e3320d954c7bfefa0abcc71114c49771774f62365ee"}, @nested={0x4, 0x147}]}]}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0x9}]}, 0x578}, 0x1, 0x0, 0x0, 0x40044}, 0x4010) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.10.46' (ED25519) to the list of known hosts. [ 65.276270][ T5817] cgroup: Unknown subsys name 'net' [ 65.433501][ T5817] cgroup: Unknown subsys name 'cpuset' [ 65.441865][ T5817] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 66.758050][ T5817] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 68.506191][ T5837] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 68.514509][ T5837] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 68.522478][ T5837] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 68.541158][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 68.548284][ T5839] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 68.549226][ T5838] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 68.556444][ T5839] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 68.563884][ T5838] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 68.570986][ T5839] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 68.577437][ T5838] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 68.583811][ T5839] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 68.591879][ T5838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 68.598786][ T5839] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 68.605209][ T5838] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 68.612288][ T5839] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 68.618597][ T5838] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 68.626072][ T5839] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 68.639699][ T5840] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 68.641017][ T55] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 68.653775][ T5838] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 68.661599][ T5840] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 68.685959][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 68.693636][ T5838] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 68.701085][ T5838] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 68.968199][ T5829] chnl_net:caif_netlink_parms(): no params data found [ 69.094796][ T5826] chnl_net:caif_netlink_parms(): no params data found [ 69.113282][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 69.181316][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.188504][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.196298][ T5829] bridge_slave_0: entered allmulticast mode [ 69.203169][ T5829] bridge_slave_0: entered promiscuous mode [ 69.230243][ T5827] chnl_net:caif_netlink_parms(): no params data found [ 69.247785][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.255066][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.262645][ T5829] bridge_slave_1: entered allmulticast mode [ 69.269185][ T5829] bridge_slave_1: entered promiscuous mode [ 69.315886][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.346649][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.367034][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.374478][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.382374][ T5826] bridge_slave_0: entered allmulticast mode [ 69.388901][ T5826] bridge_slave_0: entered promiscuous mode [ 69.396296][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.406024][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.413393][ T5826] bridge_slave_1: entered allmulticast mode [ 69.419963][ T5826] bridge_slave_1: entered promiscuous mode [ 69.445147][ T5829] team0: Port device team_slave_0 added [ 69.478287][ T5829] team0: Port device team_slave_1 added [ 69.503871][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.514371][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.521697][ T5828] bridge_slave_0: entered allmulticast mode [ 69.528286][ T5828] bridge_slave_0: entered promiscuous mode [ 69.543039][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.549998][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.576059][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.588899][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.596065][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.603433][ T5827] bridge_slave_0: entered allmulticast mode [ 69.609972][ T5827] bridge_slave_0: entered promiscuous mode [ 69.617921][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.625312][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.632792][ T5827] bridge_slave_1: entered allmulticast mode [ 69.639820][ T5827] bridge_slave_1: entered promiscuous mode [ 69.648515][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.658031][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.665267][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.672669][ T5828] bridge_slave_1: entered allmulticast mode [ 69.679215][ T5828] bridge_slave_1: entered promiscuous mode [ 69.686522][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.693648][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.719887][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.744630][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.771353][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.814967][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.826063][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.837686][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.849749][ T5826] team0: Port device team_slave_0 added [ 69.890120][ T5826] team0: Port device team_slave_1 added [ 69.907138][ T5829] hsr_slave_0: entered promiscuous mode [ 69.914659][ T5829] hsr_slave_1: entered promiscuous mode [ 69.924504][ T5828] team0: Port device team_slave_0 added [ 69.933127][ T5827] team0: Port device team_slave_0 added [ 69.941338][ T5828] team0: Port device team_slave_1 added [ 69.966158][ T5827] team0: Port device team_slave_1 added [ 69.995973][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.003186][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.029773][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.042153][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.049120][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.075141][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.100210][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.107440][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.133867][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.145510][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.152897][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.179901][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.211256][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.218200][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.244551][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.256405][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.263391][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.289541][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.334187][ T5826] hsr_slave_0: entered promiscuous mode [ 70.341090][ T5826] hsr_slave_1: entered promiscuous mode [ 70.347186][ T5826] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.355514][ T5826] Cannot create hsr debugfs directory [ 70.388058][ T5827] hsr_slave_0: entered promiscuous mode [ 70.394586][ T5827] hsr_slave_1: entered promiscuous mode [ 70.400926][ T5827] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.408475][ T5827] Cannot create hsr debugfs directory [ 70.476444][ T5828] hsr_slave_0: entered promiscuous mode [ 70.482904][ T5828] hsr_slave_1: entered promiscuous mode [ 70.489342][ T5828] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.497065][ T5828] Cannot create hsr debugfs directory [ 70.710787][ T5829] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 70.729828][ T5829] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 70.736951][ T5838] Bluetooth: hci3: command tx timeout [ 70.742800][ T5144] Bluetooth: hci2: command tx timeout [ 70.743077][ T5144] Bluetooth: hci1: command tx timeout [ 70.753356][ T5829] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 70.772881][ T5829] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 70.810610][ T5144] Bluetooth: hci0: command tx timeout [ 70.818662][ T5826] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 70.832353][ T5826] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 70.842705][ T5826] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 70.861081][ T5826] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 70.910635][ T5828] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 70.930639][ T5828] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 70.952233][ T5828] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 70.974176][ T5828] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 70.998775][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.020204][ T5827] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 71.038365][ T5829] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.046999][ T5827] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 71.057192][ T5827] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 71.071906][ T5827] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 71.102339][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.109624][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.142765][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.149885][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.255305][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.305769][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.336718][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.343840][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.356235][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.363394][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.390210][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.405576][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.448471][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.462951][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.470052][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.479249][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.486397][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.527611][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.546199][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.553310][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.567671][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.592721][ T3561] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.599824][ T3561] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.617104][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.627234][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.656042][ T5827] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 71.672822][ T5827] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 71.758160][ T5828] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 71.791034][ T5828] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 71.843335][ T5829] veth0_vlan: entered promiscuous mode [ 71.882063][ T5829] veth1_vlan: entered promiscuous mode [ 71.890947][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.961901][ T5829] veth0_macvtap: entered promiscuous mode [ 71.978132][ T5829] veth1_macvtap: entered promiscuous mode [ 71.998262][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.052352][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.065430][ T5826] veth0_vlan: entered promiscuous mode [ 72.076141][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.103752][ T5829] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.113219][ T5829] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.124179][ T5829] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.133644][ T5829] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.144860][ T5826] veth1_vlan: entered promiscuous mode [ 72.166460][ T5827] veth0_vlan: entered promiscuous mode [ 72.190018][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.227420][ T5827] veth1_vlan: entered promiscuous mode [ 72.279491][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.305322][ T5826] veth0_macvtap: entered promiscuous mode [ 72.305439][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.334390][ T5826] veth1_macvtap: entered promiscuous mode [ 72.373835][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.382695][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.388046][ T5827] veth0_macvtap: entered promiscuous mode [ 72.405267][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.426301][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.438306][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.447930][ T5828] veth0_vlan: entered promiscuous mode [ 72.467310][ T5829] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 72.468721][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.497951][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.509346][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.525465][ T5827] veth1_macvtap: entered promiscuous mode [ 72.542488][ T5826] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.551370][ T5826] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.560098][ T5826] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.570198][ T5826] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.586946][ T5828] veth1_vlan: entered promiscuous mode [ 72.612690][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.624729][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.635348][ T5889] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 72.636238][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.663568][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.675110][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.705613][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.716628][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.728801][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.741463][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.754485][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.789386][ T5827] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.798869][ T5827] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.808274][ T5827] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.817893][ T5144] Bluetooth: hci1: command tx timeout [ 72.821263][ T5831] Bluetooth: hci2: command tx timeout [ 72.826232][ T5827] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.829242][ T5838] Bluetooth: hci3: command tx timeout [ 72.891017][ T5838] Bluetooth: hci0: command tx timeout [ 72.919874][ T5828] veth0_macvtap: entered promiscuous mode [ 72.941712][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.949572][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.979577][ T5828] veth1_macvtap: entered promiscuous mode [ 73.059992][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.076903][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.087328][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.103256][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.114745][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.130119][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.152095][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.166326][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.179678][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.200100][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.221407][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.231552][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.244029][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.254992][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.270752][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.283716][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.319132][ T5828] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.333933][ T5828] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.337443][ T5891] Zero length message leads to an empty skb [ 73.343407][ T5828] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.358282][ T5828] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.383426][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.415151][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.529828][ T3440] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.548450][ T3440] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.593351][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.613603][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.654393][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.662529][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.922207][ T5898] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6'. [ 74.050993][ T5902] svc: failed to register nfsdv3 RPC service (errno 111). [ 74.078103][ T5902] svc: failed to register nfsaclv3 RPC service (errno 111). [ 74.862519][ T5926] netlink: 346 bytes leftover after parsing attributes in process `syz.0.13'. [ 74.891099][ T5838] Bluetooth: hci1: command tx timeout [ 74.896549][ T5838] Bluetooth: hci3: command tx timeout [ 74.903167][ T5831] Bluetooth: hci2: command tx timeout [ 74.970629][ T5838] Bluetooth: hci0: command tx timeout [ 75.276276][ T29] audit: type=1326 audit(1734198150.534:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5934 comm="syz.0.16" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff1fab85d19 code=0x0 [ 76.046289][ T5943] process 'syz.1.17' launched ':,' with NULL argv: empty string added [ 76.374073][ T5954] netlink: 'syz.0.21': attribute type 1 has an invalid length. [ 76.767307][ T5961] netlink: 74 bytes leftover after parsing attributes in process `syz.1.23'. [ 76.971154][ T5838] Bluetooth: hci1: command tx timeout [ 76.980727][ T5831] Bluetooth: hci2: command tx timeout [ 76.986189][ T5838] Bluetooth: hci3: command tx timeout [ 77.051224][ T5838] Bluetooth: hci0: command tx timeout [ 77.171661][ T5967] syz.1.25 uses obsolete (PF_INET,SOCK_PACKET) [ 78.830513][ T5987] could not allocate digest TFM handle [ 79.444519][ T6008] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 80.422775][ T6024] netlink: 74 bytes leftover after parsing attributes in process `syz.0.39'. [ 81.137972][ T6035] netlink: 'syz.1.43': attribute type 1 has an invalid length. [ 81.858889][ T831] cfg80211: failed to load regulatory.db [ 81.916494][ T6054] netlink: 74 bytes leftover after parsing attributes in process `syz.2.49'. [ 83.342648][ T6074] netlink: 'syz.2.56': attribute type 1 has an invalid length. [ 84.023461][ T29] audit: type=1326 audit(1734198159.274:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6078 comm="syz.2.59" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2491d85d19 code=0x0 [ 85.876332][ T6109] netlink: 346 bytes leftover after parsing attributes in process `syz.2.65'. [ 86.955487][ T29] audit: type=1326 audit(1734198162.214:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6126 comm="syz.1.72" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd920d85d19 code=0x0 [ 88.025095][ T6143] netlink: 346 bytes leftover after parsing attributes in process `syz.1.76'. [ 89.645423][ T6159] svc: failed to register nfsdv3 RPC service (errno 111). [ 89.669587][ T6159] svc: failed to register nfsaclv3 RPC service (errno 111). [ 90.395747][ T6166] netlink: 4 bytes leftover after parsing attributes in process `syz.2.82'. [ 91.801510][ T6179] svc: failed to register nfsdv3 RPC service (errno 111). [ 91.850262][ T6179] svc: failed to register nfsaclv3 RPC service (errno 111). [ 91.925978][ T6181] netlink: 346 bytes leftover after parsing attributes in process `syz.3.85'. [ 94.273059][ T6216] netlink: 4 bytes leftover after parsing attributes in process `syz.0.94'. [ 96.038363][ T6253] netlink: 330 bytes leftover after parsing attributes in process `syz.3.108'. [ 96.064720][ T6253] : renamed from wg0 [ 96.390512][ T6259] ptrace attach of "./syz-executor exec"[5828] was attempted by ""[6259] [ 97.494234][ T6298] warning: `syz.3.122' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 97.547768][ T6298] netlink: 4 bytes leftover after parsing attributes in process `syz.3.122'. [ 97.570897][ T6300] netlink: 4 bytes leftover after parsing attributes in process `syz.3.122'. [ 97.741585][ T6307] netlink: 7 bytes leftover after parsing attributes in process `syz.0.124'. [ 97.763207][ T6310] netlink: 28 bytes leftover after parsing attributes in process `syz.3.125'. [ 97.772425][ T6307] netlink: 7 bytes leftover after parsing attributes in process `syz.0.124'. [ 97.810465][ T6310] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 97.830648][ T6310] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 97.858533][ T6310] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 97.886123][ T6310] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 97.920809][ T6317] netlink: 28 bytes leftover after parsing attributes in process `syz.0.124'. [ 98.055564][ T6317] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 98.070622][ T6317] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 98.099673][ T6317] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 98.120718][ T6317] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 98.231656][ T6319] netlink: 122 bytes leftover after parsing attributes in process `syz.1.127'. [ 98.271386][ T6319] netlink: 122 bytes leftover after parsing attributes in process `syz.1.127'. [ 98.358833][ T6326] netlink: 8 bytes leftover after parsing attributes in process `syz.2.130'. [ 98.773042][ T6342] bridge0: port 3(hsr0) entered blocking state [ 98.792678][ T6342] bridge0: port 3(hsr0) entered disabled state [ 98.799042][ T6342] hsr0: entered allmulticast mode [ 98.819144][ T6342] hsr_slave_0: entered allmulticast mode [ 98.827726][ T6342] hsr_slave_1: entered allmulticast mode [ 98.838822][ T6342] hsr0: entered promiscuous mode [ 98.846727][ T6342] bridge0: port 3(hsr0) entered blocking state [ 98.853268][ T6342] bridge0: port 3(hsr0) entered forwarding state [ 99.399453][ T6370] ======================================================= [ 99.399453][ T6370] WARNING: The mand mount option has been deprecated and [ 99.399453][ T6370] and is ignored by this kernel. Remove the mand [ 99.399453][ T6370] option from the mount to silence this warning. [ 99.399453][ T6370] ======================================================= [ 99.438618][ T6374] mmap: syz.0.141 (6374) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 100.380815][ T6415] netlink: 4 bytes leftover after parsing attributes in process `syz.1.154'. [ 100.712172][ T29] audit: type=1800 audit(2048.390:5): pid=6426 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.156" name="dbroot" dev="configfs" ino=11400 res=0 errno=0 [ 100.718697][ T6425] zero sized request [ 100.777707][ T6426] zero sized request [ 102.121430][ T6470] type: 46848 invalid [ 102.709642][ T6462] Invalid ELF header magic: != ELF [ 103.163432][ T6473] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 103.182260][ T6473] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 103.214295][ T6473] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 103.256916][ T6473] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 103.264376][ T6473] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 103.284646][ T6473] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 103.311969][ T6473] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 103.318026][ T6473] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 103.348693][ T6473] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 103.364196][ T6473] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 103.370234][ T6473] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 103.435325][ T6473] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 104.572573][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 104.881874][ T6544] __nla_validate_parse: 2 callbacks suppressed [ 104.881895][ T6544] netlink: 8 bytes leftover after parsing attributes in process `syz.2.191'. [ 105.141049][ T6557] netlink: 4 bytes leftover after parsing attributes in process `syz.1.194'. [ 105.281585][ T6562] netlink: 44 bytes leftover after parsing attributes in process `syz.2.195'. [ 105.309126][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 105.370459][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout [ 105.376580][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 105.664911][ T6569] netlink: 8 bytes leftover after parsing attributes in process `syz.3.197'. [ 106.051629][ T6579] netlink: 12 bytes leftover after parsing attributes in process `syz.3.200'. [ 106.410115][ T6586] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 106.650576][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 107.380684][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 107.400134][ T6618] netlink: 36 bytes leftover after parsing attributes in process `syz.1.209'. [ 107.450984][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 107.457049][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout [ 107.732893][ T6625] IPVS: length: 11322 != 8 [ 108.058433][ T6635] netlink: 28 bytes leftover after parsing attributes in process `syz.1.214'. [ 108.098348][ T6635] ipvlan1: entered allmulticast mode [ 108.114118][ T6635] veth0_vlan: entered allmulticast mode [ 108.730611][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 108.773580][ T6652] netlink: 8 bytes leftover after parsing attributes in process `syz.0.216'. [ 109.253824][ T6662] netlink: 'syz.0.218': attribute type 1 has an invalid length. [ 109.276982][ T6656] netlink: 330 bytes leftover after parsing attributes in process `syz.1.217'. [ 109.351294][ T6656] : renamed from wg0 (while UP) [ 109.458663][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 109.530696][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 109.536791][ T5144] Bluetooth: hci2: command 0x0c1a tx timeout [ 109.551767][ T6670] netlink: 4 bytes leftover after parsing attributes in process `syz.0.220'. [ 111.981056][ T6729] netlink: 28 bytes leftover after parsing attributes in process `syz.3.232'. [ 112.034011][ T6729] geneve1: entered allmulticast mode [ 113.978199][ T6769] netlink: 28 bytes leftover after parsing attributes in process `syz.3.244'. [ 114.152096][ T6769] bond0: (slave bond_slave_0): Releasing backup interface [ 115.292018][ T6782] netlink: 334 bytes leftover after parsing attributes in process `syz.1.250'. [ 116.880793][ T6806] netlink: 4 bytes leftover after parsing attributes in process `syz.1.256'. [ 117.481225][ T6812] sp0: Synchronizing with TNC [ 118.665707][ T3561] [drm:drm_crtc_add_crc_entry] *ERROR* Overflow of CRC buffer, userspace reads too slow. [ 118.814170][ T6824] netlink: 326 bytes leftover after parsing attributes in process `syz.0.259'. [ 119.006541][ T6824] openvswitch: netlink: VXLAN extension 0 has unexpected len 1 expected 0 [ 120.525026][ T5838] Bluetooth: hci0: SCO packet for unknown connection handle 0 [ 126.687202][ T6959] netlink: 28 bytes leftover after parsing attributes in process `syz.1.297'. [ 127.943960][ T6997] netlink: 334 bytes leftover after parsing attributes in process `syz.2.306'. [ 128.386323][ T7010] netlink: 8 bytes leftover after parsing attributes in process `syz.3.311'. [ 128.734946][ T7025] netlink: 222 bytes leftover after parsing attributes in process `syz.2.316'. [ 128.762020][ T7025] netlink: 4 bytes leftover after parsing attributes in process `syz.2.316'. [ 128.803948][ T7025] netlink: 222 bytes leftover after parsing attributes in process `syz.2.316'. [ 129.016442][ T7034] syz.0.317 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 129.548919][ T7058] netlink: 'syz.2.324': attribute type 1 has an invalid length. [ 129.946498][ T7066] netlink: 14 bytes leftover after parsing attributes in process `syz.0.326'. [ 130.525796][ T7087] netlink: 28 bytes leftover after parsing attributes in process `syz.1.335'. [ 130.670208][ T7093] netlink: 'syz.2.336': attribute type 1 has an invalid length. [ 130.688722][ T7093] netlink: 322 bytes leftover after parsing attributes in process `syz.2.336'. [ 132.216900][ T7150] netlink: 28 bytes leftover after parsing attributes in process `syz.3.346'. [ 132.678717][ T7173] netlink: 8 bytes leftover after parsing attributes in process `syz.2.349'. [ 132.747477][ T7146] netlink: 472 bytes leftover after parsing attributes in process `syz.3.346'. [ 133.055772][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.062211][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.777300][ T7253] netlink: 'syz.1.371': attribute type 1 has an invalid length. [ 135.370596][ T7274] netlink: 334 bytes leftover after parsing attributes in process `syz.0.377'. [ 135.615736][ T7283] nbd: must specify at least one socket [ 136.616748][ T7325] netlink: 334 bytes leftover after parsing attributes in process `syz.1.388'. [ 137.146555][ T7345] netlink: 342 bytes leftover after parsing attributes in process `syz.1.391'. [ 139.385506][ T7423] netlink: 4 bytes leftover after parsing attributes in process `syz.3.410'. [ 139.909725][ T7433] netlink: 4 bytes leftover after parsing attributes in process `syz.3.407'. [ 139.938915][ T7433] netlink: 4 bytes leftover after parsing attributes in process `syz.3.407'. [ 139.989702][ T7433] netlink: 4 bytes leftover after parsing attributes in process `syz.3.407'. [ 140.014563][ T7433] netlink: 4 bytes leftover after parsing attributes in process `syz.3.407'. [ 140.035041][ T7433] netlink: 4 bytes leftover after parsing attributes in process `syz.3.407'. [ 140.062256][ T7433] netlink: 4 bytes leftover after parsing attributes in process `syz.3.407'. [ 140.083863][ T7433] netlink: 4 bytes leftover after parsing attributes in process `syz.3.407'. [ 140.112098][ T7433] netlink: 4 bytes leftover after parsing attributes in process `syz.3.407'. [ 140.137501][ T7433] netlink: 4 bytes leftover after parsing attributes in process `syz.3.407'. [ 140.261647][ T7441] openvswitch: netlink: VXLAN extension 0 has unexpected len 1 expected 0 syzkaller syzkaller login: [ 141.956923][ T7474] openvswitch: netlink: VXLAN extension 0 has unexpected len 1 expected 0 [ 148.645997][ T7605] __nla_validate_parse: 61 callbacks suppressed [ 148.646019][ T7605] netlink: 8 bytes leftover after parsing attributes in process `syz.0.460'. [ 149.543176][ T7645] netlink: 4 bytes leftover after parsing attributes in process `syz.0.463'. [ 149.568736][ T7639] netlink: 4 bytes leftover after parsing attributes in process `syz.0.463'. [ 150.161493][ T7670] netlink: 8 bytes leftover after parsing attributes in process `syz.3.471'. [ 150.629906][ T7675] netlink: 8 bytes leftover after parsing attributes in process `syz.1.472'. [ 154.295801][ T7788] netlink: 28 bytes leftover after parsing attributes in process `syz.2.498'. [ 154.343673][ T7788] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 154.504432][ T7794] netlink: 'syz.2.498': attribute type 46 has an invalid length. [ 154.562775][ T7788] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 154.982022][ T7781] Invalid ELF header magic: != ELF [ 156.798053][ T7869] netlink: 28 bytes leftover after parsing attributes in process `syz.0.518'. [ 156.970850][ T7878] netlink: 'syz.0.518': attribute type 46 has an invalid length. [ 156.999858][ T7876] netlink: 342 bytes leftover after parsing attributes in process `syz.3.519'. [ 157.320986][ T7890] netlink: 28 bytes leftover after parsing attributes in process `syz.2.520'. [ 157.333093][ T7890] mac80211_hwsim hwsim8 wlan0: entered promiscuous mode [ 157.341253][ T7890] mac80211_hwsim hwsim8 wlan0: entered allmulticast mode [ 158.433013][ T7922] ALSA: mixer_oss: invalid OSS volume ' ' [ 158.453986][ T7924] netlink: 28 bytes leftover after parsing attributes in process `syz.3.530'. [ 158.653009][ T7928] netlink: 'syz.3.530': attribute type 46 has an invalid length. [ 160.333425][ T7973] netlink: 40 bytes leftover after parsing attributes in process `syz.1.540'. [ 161.572247][ T8002] netlink: 28 bytes leftover after parsing attributes in process `syz.1.545'. [ 162.500247][ T8018] netlink: 4 bytes leftover after parsing attributes in process `syz.2.549'. [ 163.439031][ T8056] netlink: 342 bytes leftover after parsing attributes in process `syz.1.557'. [ 163.473308][ T8056] netlink: 4 bytes leftover after parsing attributes in process `syz.1.557'. [ 163.510413][ T8057] netlink: 342 bytes leftover after parsing attributes in process `syz.3.555'. [ 163.603912][ T8059] netlink: 28 bytes leftover after parsing attributes in process `syz.0.556'. [ 164.680538][ T8087] netlink: 72 bytes leftover after parsing attributes in process `syz.2.563'. [ 165.525308][ T8099] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 165.532221][ T8099] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 166.150506][ T8117] dyndbg: bad flag-op 4, at start of 4 [ 166.156284][ T8117] dyndbg: flags parse failed [ 166.593776][ T8132] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 166.600244][ T8132] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 166.914079][ T8139] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 167.169757][ T8149] netlink: 28 bytes leftover after parsing attributes in process `syz.1.581'. [ 167.422056][ T8126] netlink: 8 bytes leftover after parsing attributes in process `syz.3.576'. [ 167.453850][ T8155] could not allocate digest TFM handle [ 168.714561][ T8184] program syz.3.592 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 169.325868][ T8205] Process accounting resumed [ 169.336120][ T8205] kstrtoul() returned -22 for lu_gp_id [ 170.636335][ T8225] netlink: 342 bytes leftover after parsing attributes in process `syz.2.603'. [ 170.913003][ T8230] HfR: entered promiscuous mode [ 170.970174][ T8234] netlink: 28 bytes leftover after parsing attributes in process `syz.2.605'. [ 170.980865][ T8230] netlink: 12 bytes leftover after parsing attributes in process `syz.1.606'. [ 170.993771][ T8230] HfR: left promiscuous mode [ 171.108835][ T8234] bridge_slave_1: left allmulticast mode [ 171.125225][ T8234] bridge_slave_1: left promiscuous mode [ 171.186914][ T8234] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.225621][ T8234] bridge_slave_0: left allmulticast mode [ 171.239909][ T8234] bridge_slave_0: left promiscuous mode [ 171.257552][ T8234] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.763377][ T8257] program syz.0.613 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 173.290826][ T8304] netlink: 28 bytes leftover after parsing attributes in process `syz.2.625'. [ 173.644559][ T8308] cgroup: fork rejected by pids controller in /syz3 [ 173.996465][ T8355] HfR: entered promiscuous mode [ 174.090747][ T8355] netlink: 12 bytes leftover after parsing attributes in process `syz.0.629'. [ 174.110523][ T8355] HfR: left promiscuous mode [ 174.540974][ T8368] random: crng reseeded on system resumption [ 175.473163][ T8381] could not allocate digest TFM handle [ 180.392994][ T8436] HfR: entered promiscuous mode [ 180.729136][ T8431] syz.1.646 (8431) used greatest stack depth: 21312 bytes left [ 181.073270][ T8443] netlink: 12 bytes leftover after parsing attributes in process `syz.3.644'. [ 181.219243][ T8443] HfR: left promiscuous mode [ 182.775770][ T8513] Process accounting resumed [ 182.793671][ T8513] kernel write not supported for file /tomoyo/query (pid: 8513 comm: syz.2.666) [ 182.874065][ T8521] bridge0: port 3(macvlan0) entered blocking state [ 182.892826][ T8521] bridge0: port 3(macvlan0) entered disabled state [ 182.899557][ T8521] macvlan0: entered allmulticast mode [ 182.921147][ T8521] veth1_vlan: entered allmulticast mode [ 182.928199][ T8521] macvlan0: entered promiscuous mode [ 182.941301][ T8521] bridge0: port 3(macvlan0) entered blocking state [ 182.947971][ T8521] bridge0: port 3(macvlan0) entered forwarding state [ 182.959508][ T8510] Process accounting resumed [ 182.978190][ T8510] kernel write not supported for file /tomoyo/query (pid: 8510 comm: syz.2.666) [ 183.314495][ T8522] kernel write not supported for file /tomoyo/query (pid: 8522 comm: syz.2.668) [ 183.523485][ T8535] kernel write not supported for file /tomoyo/query (pid: 8535 comm: syz.2.671) [ 183.988896][ T8541] kernel write not supported for file /tomoyo/query (pid: 8541 comm: syz.2.672) [ 184.069440][ T8538] kernel write not supported for file /tomoyo/query (pid: 8538 comm: syz.2.672) [ 184.480666][ T8547] kernel write not supported for file /tomoyo/query (pid: 8547 comm: syz.2.673) [ 184.685694][ T8552] kernel write not supported for file /tomoyo/query (pid: 8552 comm: syz.2.676) [ 184.817201][ T8562] kernel write not supported for file /tomoyo/query (pid: 8562 comm: syz.2.677) [ 185.015237][ T8563] kernel write not supported for file /tomoyo/query (pid: 8563 comm: syz.2.678) [ 186.594594][ T8577] netlink: 144 bytes leftover after parsing attributes in process `syz.2.681'. [ 187.331320][ T8588] netlink: 28 bytes leftover after parsing attributes in process `syz.2.686'. [ 187.362139][ T8589] netlink: 28 bytes leftover after parsing attributes in process `syz.2.686'. [ 187.583225][ T8486] syz.3.658 (8486) used greatest stack depth: 20304 bytes left [ 188.613502][ T8603] warn_unsupported: 3 callbacks suppressed [ 188.613521][ T8603] kernel write not supported for file /tomoyo/query (pid: 8603 comm: syz.2.686) [ 189.049299][ T8590] kernel write not supported for file /tomoyo/query (pid: 8590 comm: syz.2.686) [ 189.180854][ T8604] kernel write not supported for file /tomoyo/query (pid: 8604 comm: syz.2.686) [ 189.753724][ T8611] kernel write not supported for file /tomoyo/query (pid: 8611 comm: syz.2.691) [ 190.613657][ T8619] kernel write not supported for file /tomoyo/query (pid: 8619 comm: syz.2.695) [ 193.512195][ T8643] kernel write not supported for file /tomoyo/query (pid: 8643 comm: syz.2.696) [ 193.688959][ T8627] kernel write not supported for file /tomoyo/query (pid: 8627 comm: syz.2.696) [ 193.993216][ T8648] kernel write not supported for file /tomoyo/query (pid: 8648 comm: syz.2.702) [ 194.154521][ T8651] Process accounting resumed [ 194.494555][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.521014][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.030481][ T29] audit: type=1326 audit(8277292084.169:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8660 comm="syz.2.705" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2491d85d19 code=0x0 [ 197.465325][ T8671] : renamed from bridge_slave_0 (while UP) [ 197.563424][ T8673] netlink: 4 bytes leftover after parsing attributes in process `syz.1.715'. [ 200.103096][ T5144] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 200.113381][ T5144] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 200.121270][ T5144] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 200.130150][ T5144] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 200.137984][ T5144] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 200.145344][ T5144] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 200.574511][ T8689] sctp: [Deprecated]: syz.1.711 (pid 8689) Use of struct sctp_assoc_value in delayed_ack socket option. [ 200.574511][ T8689] Use struct sctp_sack_info instead [ 201.023405][ T8693] netlink: 'syz.1.712': attribute type 1 has an invalid length. [ 201.522148][ T8686] chnl_net:caif_netlink_parms(): no params data found [ 202.001811][ T8686] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.008959][ T8686] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.040644][ T8686] bridge_slave_0: entered allmulticast mode [ 202.047705][ T8686] bridge_slave_0: entered promiscuous mode [ 202.072608][ T8686] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.079743][ T8686] bridge0: port 2(bridge_slave_1) entered disabled state [ 202.100586][ T8686] bridge_slave_1: entered allmulticast mode [ 202.107631][ T8686] bridge_slave_1: entered promiscuous mode [ 202.171488][ T5144] Bluetooth: hci4: command tx timeout [ 202.455388][ T8686] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 202.722953][ T8686] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 202.845582][ T8686] team0: Port device team_slave_0 added [ 202.893974][ T8686] team0: Port device team_slave_1 added [ 203.026408][ T8686] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 203.074213][ T8686] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.173604][ T8686] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 203.215325][ T8686] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 203.246391][ T8686] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.358426][ T8686] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 203.825211][ T8686] hsr_slave_0: entered promiscuous mode [ 203.892544][ T8686] hsr_slave_1: entered promiscuous mode [ 203.923032][ T8686] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 203.976197][ T8686] Cannot create hsr debugfs directory [ 204.046257][ T8719] netlink: 8 bytes leftover after parsing attributes in process `syz.2.719'. [ 204.265493][ T5144] Bluetooth: hci4: command tx timeout [ 206.330476][ T5144] Bluetooth: hci4: command tx timeout [ 206.410073][ T8731] netlink: 11244 bytes leftover after parsing attributes in process `syz.2.723'. [ 206.438853][ T8731] netlink: 16 bytes leftover after parsing attributes in process `syz.2.723'. [ 206.475091][ T8735] netlink: 326 bytes leftover after parsing attributes in process `syz.2.723'. [ 206.697291][ T8686] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 206.741916][ T8686] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 206.804785][ T8686] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 206.851827][ T8686] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 207.108912][ T8686] 8021q: adding VLAN 0 to HW filter on device bond0 [ 207.157439][ T8686] 8021q: adding VLAN 0 to HW filter on device team0 [ 207.205007][ T7154] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.212185][ T7154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 207.246546][ T7154] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.254702][ T7154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 207.325778][ T8686] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 207.669927][ T8686] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 208.410490][ T5144] Bluetooth: hci4: command tx timeout [ 208.508739][ T8686] veth0_vlan: entered promiscuous mode [ 208.567398][ T8686] veth1_vlan: entered promiscuous mode [ 208.666651][ T8686] veth0_macvtap: entered promiscuous mode [ 208.712185][ T8686] veth1_macvtap: entered promiscuous mode [ 209.052408][ T8686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 209.082476][ T8686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 209.109691][ T8686] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 209.145488][ T8686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 209.172974][ T8686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 209.183368][ T8686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 209.202937][ T8686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 209.226072][ T8686] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 209.264668][ T8686] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.298890][ T8686] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.333925][ T8686] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.390442][ T8686] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.150034][ T8771] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.192480][ T8771] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.271950][ T8769] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.279819][ T8769] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 213.271117][ T8841] netlink: 8 bytes leftover after parsing attributes in process `syz.4.742'. [ 213.304259][ T8845] netlink: 8 bytes leftover after parsing attributes in process `syz.4.742'. [ 218.025823][ T8896] svc: failed to register nfsdv3 RPC service (errno 111). [ 218.078660][ T8896] svc: failed to register nfsaclv3 RPC service (errno 111). [ 219.376170][ T29] audit: type=1800 audit(8277292108.519:7): pid=8913 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.759" name="members" dev="configfs" ino=23550 res=0 errno=0 [ 219.750863][ T8931] netlink: 4 bytes leftover after parsing attributes in process `syz.1.761'. [ 219.891543][ T8931] netlink: 4 bytes leftover after parsing attributes in process `syz.1.761'. [ 220.613975][ T8955] netlink: 28 bytes leftover after parsing attributes in process `syz.1.766'. [ 220.666786][ T8955] bridge0: port 1() entered disabled state [ 220.745711][ T8958] program syz.4.765 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 220.847485][ T8955]  (unregistering): left allmulticast mode [ 220.860482][ T8955]  (unregistering): left promiscuous mode [ 220.878106][ T8955] bridge0: port 1() entered disabled state [ 220.953138][ T8958] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 224.493421][ T8977] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 224.499894][ T8977] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 224.522726][ T8961] Process accounting paused [ 224.653432][ T29] audit: type=1800 audit(8277292113.789:8): pid=8979 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.772" name="features" dev="configfs" ino=22282 res=0 errno=0 [ 224.715530][ T29] audit: type=1800 audit(8277292113.799:9): pid=8979 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.772" name="dbroot" dev="configfs" ino=22283 res=0 errno=0 [ 225.166211][ T8942] syz.3.762 (8942) used greatest stack depth: 20000 bytes left [ 230.049837][ T9098] netlink: 8 bytes leftover after parsing attributes in process `syz.1.803'. [ 230.111395][ T9100] nfs: Unknown parameter 'DGzиiFϢ&MjoC#oXo\FBnj>./file0' [ 231.827604][ T9140] netlink: 338 bytes leftover after parsing attributes in process `syz.4.813'. [ 231.840051][ T9140] netlink: 338 bytes leftover after parsing attributes in process `syz.4.813'. [ 231.856921][ T9138] netlink: 252 bytes leftover after parsing attributes in process `syz.1.812'. [ 238.678770][ T9260] netlink: 28 bytes leftover after parsing attributes in process `syz.1.840'. [ 238.912537][ T9260] veth0_macvtap: left promiscuous mode [ 241.235421][ T9267] : Can't lookup blockdev [ 243.733319][ T9334] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ekx' [ 243.856024][ T9338] netlink: 326 bytes leftover after parsing attributes in process `syz.1.862'. [ 246.262734][ T29] audit: type=1800 audit(8277292135.409:10): pid=9398 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.876" name="version" dev="configfs" ino=25393 res=0 errno=0 [ 247.351929][ T9412] netlink: 306 bytes leftover after parsing attributes in process `syz.4.878'. [ 247.512409][ T9419] bdi 31:0: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead. [ 248.884571][ T9462] netlink: 8 bytes leftover after parsing attributes in process `syz.1.890'. [ 248.901432][ T9464] netlink: 8 bytes leftover after parsing attributes in process `syz.1.890'. [ 249.676862][ T9478] netlink: 8 bytes leftover after parsing attributes in process `syz.1.894'. [ 249.686343][ T9477] netlink: 28 bytes leftover after parsing attributes in process `syz.2.895'. [ 250.696765][ T9498] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 250.932695][ T9502] Process accounting resumed [ 255.933092][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.939466][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.955753][ T9590] netlink: 28 bytes leftover after parsing attributes in process `syz.4.923'. [ 260.863360][ T9635] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 263.088861][ T9680] netlink: 38 bytes leftover after parsing attributes in process `syz.4.948'. [ 263.175160][ T9682] synth uevent: /devices/virtual/bluetooth/hci4/hci4:200: unknown uevent action string [ 263.198118][ T9682] bluetooth hci4:200: uevent: failed to send synthetic uevent: -22 [ 263.590238][ T9698] netlink: 28 bytes leftover after parsing attributes in process `syz.2.953'. [ 263.690950][ T9698] bond0: (slave bond_slave_0): Releasing backup interface [ 263.718196][ T9693] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 267.151935][ T9753] Process accounting resumed [ 267.430066][ T9761] netlink: 4 bytes leftover after parsing attributes in process `syz.4.969'. [ 267.559196][ T8328] syz.3.626 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 267.650047][ T29] audit: type=1800 audit(8277292156.779:11): pid=9765 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.970" name="dbroot" dev="configfs" ino=26351 res=0 errno=0 [ 267.770773][ T8328] CPU: 0 UID: 0 PID: 8328 Comm: syz.3.626 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 267.781425][ T8328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 267.791510][ T8328] Call Trace: [ 267.794801][ T8328] [ 267.797756][ T8328] dump_stack_lvl+0x16c/0x1f0 [ 267.802478][ T8328] dump_header+0x101/0x900 [ 267.806941][ T8328] oom_kill_process+0x270/0xa60 [ 267.812088][ T8328] ? mem_cgroup_out_of_memory+0x8d/0x270 [ 267.817794][ T8328] out_of_memory+0x351/0x1700 [ 267.822516][ T8328] ? __pfx_out_of_memory+0x10/0x10 [ 267.827673][ T8328] ? rcu_read_unlock+0x17/0x60 [ 267.832481][ T8328] ? find_held_lock+0x2d/0x110 [ 267.837303][ T8328] mem_cgroup_out_of_memory+0x207/0x270 [ 267.842889][ T8328] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 267.849006][ T8328] ? do_raw_spin_unlock+0x172/0x230 [ 267.854251][ T8328] try_charge_memcg+0x54c/0xaf0 [ 267.859149][ T8328] ? __pfx_try_charge_memcg+0x10/0x10 [ 267.864562][ T8328] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 267.870053][ T8328] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 267.875547][ T8328] ? get_mem_cgroup_from_mm+0x131/0x5f0 [ 267.881132][ T8328] __mem_cgroup_charge+0x9b/0x280 [ 267.886197][ T8328] shmem_alloc_and_add_folio+0x507/0xc00 [ 267.891869][ T8328] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 267.897797][ T8328] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 267.903980][ T8328] ? shmem_huge_global_enabled+0x176/0x250 [ 267.909829][ T8328] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 267.915763][ T8328] shmem_get_folio_gfp+0x689/0x1530 [ 267.921009][ T8328] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 267.926675][ T8328] ? mark_held_locks+0x9f/0xe0 [ 267.931476][ T8328] ? timestamp_truncate+0x21f/0x2e0 [ 267.936726][ T8328] shmem_write_begin+0x161/0x300 [ 267.941707][ T8328] ? __pfx_shmem_write_begin+0x10/0x10 [ 267.947202][ T8328] ? inode_set_ctime_current+0x2a7/0x900 [ 267.952877][ T8328] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270 [ 267.959766][ T8328] ? __pfx_inode_set_ctime_current+0x10/0x10 [ 267.965787][ T8328] generic_perform_write+0x2ba/0x920 [ 267.971116][ T8328] ? __pfx_generic_perform_write+0x10/0x10 [ 267.976950][ T8328] ? __mark_inode_dirty+0x2a5/0xe50 [ 267.982195][ T8328] ? generic_update_time+0xcf/0xf0 [ 267.987342][ T8328] ? mnt_put_write_access_file+0x45/0xf0 [ 267.993017][ T8328] shmem_file_write_iter+0x10e/0x140 [ 267.998338][ T8328] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 268.004178][ T8328] __kernel_write_iter+0x318/0xa80 [ 268.009325][ T8328] ? __pfx___kernel_write_iter+0x10/0x10 [ 268.014985][ T8328] ? get_dump_page+0x15b/0x230 [ 268.019786][ T8328] ? __pfx___might_resched+0x10/0x10 [ 268.025105][ T8328] ? copy_mc_enhanced_fast_string+0xa/0x13 [ 268.030960][ T8328] dump_user_range+0x389/0x8c0 [ 268.035771][ T8328] ? __pfx_dump_user_range+0x10/0x10 [ 268.041090][ T8328] ? elf_coredump_extra_notes_write+0xbe/0x430 [ 268.047285][ T8328] ? __pfx_writenote+0x10/0x10 [ 268.052089][ T8328] elf_core_dump+0x2787/0x3880 [ 268.056895][ T8328] ? __pfx_elf_core_dump+0x10/0x10 [ 268.062039][ T8328] ? try_to_wake_up+0x949/0x1490 [ 268.067007][ T8328] ? __pfx_lock_release+0x10/0x10 [ 268.072096][ T8328] ? rwsem_wake.isra.0+0xbe/0x120 [ 268.077177][ T8328] ? rcu_is_watching+0x12/0xc0 [ 268.081970][ T8328] ? trace_lock_acquire+0x14e/0x1f0 [ 268.087200][ T8328] ? __pfx_sort+0x10/0x10 [ 268.091567][ T8328] ? get_signal+0x23f3/0x2610 [ 268.096289][ T8328] ? do_coredump+0x2dd5/0x43e0 [ 268.101091][ T8328] do_coredump+0x2dd5/0x43e0 [ 268.105733][ T8328] ? __pfx_do_coredump+0x10/0x10 [ 268.110710][ T8328] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 268.116766][ T8328] get_signal+0x23f3/0x2610 [ 268.121314][ T8328] ? force_sig_fault+0xad/0xf0 [ 268.126112][ T8328] ? __pfx_get_signal+0x10/0x10 [ 268.130989][ T8328] ? __pfx_is_prefetch.constprop.0+0x10/0x10 [ 268.137009][ T8328] arch_do_signal_or_restart+0x90/0x7e0 [ 268.142592][ T8328] ? trace_irq_disable.constprop.0+0xea/0x140 [ 268.148697][ T8328] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 268.154880][ T8328] ? __bad_area_nosemaphore+0x334/0x6a0 [ 268.160473][ T8328] ? do_user_addr_fault+0x920/0x13f0 [ 268.165796][ T8328] irqentry_exit_to_user_mode+0x13f/0x280 [ 268.171552][ T8328] asm_exc_page_fault+0x26/0x30 [ 268.176437][ T8328] RIP: 0033:0x100000 [ 268.180372][ T8328] Code: Unable to access opcode bytes at 0xfffd6. [ 268.186790][ T8328] RSP: 002b:000000000000000a EFLAGS: 00010217 [ 268.192865][ T8328] RAX: 0000000000000000 RBX: 00007fea2ff75fa0 RCX: 00007fea2fd85d19 [ 268.200841][ T8328] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 268.208815][ T8328] RBP: 00007fea2fe01a20 R08: 0000000000000002 R09: 0000000000000000 [ 268.216789][ T8328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 268.224761][ T8328] R13: 0000000000000000 R14: 00007fea2ff75fa0 R15: 00007fffa509beb8 [ 268.232749][ T8328] [ 268.293818][ T8328] memory: usage 307200kB, limit 307200kB, failcnt 21905 [ 268.331989][ T8328] memory+swap: usage 432164kB, limit 9007199254740988kB, failcnt 0 [ 268.378665][ T8328] kmem: usage 4208kB, limit 9007199254740988kB, failcnt 0 [ 268.430482][ T8328] Memory cgroup stats for /syz3: [ 268.430808][ T8328] cache 310132736 [ 268.439571][ T8328] rss 98304 [ 268.446618][ T8328] rss_huge 0 [ 268.467208][ T8328] shmem 310132736 [ 268.502064][ T9775] netlink: 146 bytes leftover after parsing attributes in process `syz.4.975'. [ 268.513340][ T8328] mapped_file 0 [ 268.516842][ T8328] dirty 0 [ 268.519804][ T8328] writeback 0 [ 268.531726][ T8328] workingset_refault_anon 1341 [ 268.536543][ T8328] workingset_refault_file 130 [ 268.552540][ T8328] swap 127963136 [ 268.556147][ T8328] swapcached 32768 [ 268.559889][ T8328] pgpgin 303905 [ 268.577292][ T8328] pgpgout 230201 [ 268.583998][ T8328] pgfault 114533 [ 268.587585][ T8328] pgmajfault 317 [ 268.610371][ T8328] inactive_anon 85008384 [ 268.625234][ T8328] active_anon 225255424 [ 268.629428][ T8328] inactive_file 0 [ 268.635136][ T8328] active_file 0 [ 268.638633][ T8328] unevictable 0 [ 268.642166][ T8328] hierarchical_memory_limit 314572800 [ 268.660397][ T8328] hierarchical_memsw_limit 9223372036854771712 [ 268.673902][ T8328] total_cache 310132736 [ 268.678096][ T8328] total_rss 98304 [ 268.700512][ T8328] total_rss_huge 0 [ 268.704359][ T8328] total_shmem 310132736 [ 268.708540][ T8328] total_mapped_file 0 [ 268.727105][ T8328] total_dirty 0 [ 268.736406][ T8328] total_writeback 0 [ 268.740250][ T8328] total_workingset_refault_anon 1341 [ 268.760415][ T8328] total_workingset_refault_file 130 [ 268.765708][ T8328] total_swap 127963136 [ 268.769797][ T8328] total_swapcached 32768 [ 268.780093][ T8328] total_pgpgin 303905 [ 268.784596][ T8328] total_pgpgout 230201 [ 268.788691][ T8328] total_pgfault 114533 [ 268.800418][ T8328] total_pgmajfault 317 [ 268.804523][ T8328] total_inactive_anon 85008384 [ 268.819517][ T8328] total_active_anon 225255424 [ 268.824649][ T8328] total_inactive_file 0 [ 268.828834][ T8328] total_active_file 0 [ 268.856895][ T8328] total_unevictable 0 [ 268.861551][ T8328] anon_cost 0 [ 268.870612][ T8328] file_cost 0 [ 268.873934][ T8328] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.232,pid=6733,uid=0 [ 268.903567][ T8328] Memory cgroup out of memory: Killed process 6733 (syz.3.232) total-vm:114416kB, anon-rss:964kB, file-rss:28988kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 269.054438][ T8333] syz.3.626 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 269.157249][ T8333] CPU: 0 UID: 0 PID: 8333 Comm: syz.3.626 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 269.167904][ T8333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 269.177992][ T8333] Call Trace: [ 269.181294][ T8333] [ 269.184249][ T8333] dump_stack_lvl+0x16c/0x1f0 [ 269.188962][ T8333] dump_header+0x101/0x900 [ 269.193421][ T8333] oom_kill_process+0x270/0xa60 [ 269.198309][ T8333] ? mem_cgroup_out_of_memory+0x8d/0x270 [ 269.203968][ T8333] out_of_memory+0x351/0x1700 [ 269.208662][ T8333] ? __pfx_out_of_memory+0x10/0x10 [ 269.213779][ T8333] ? rcu_read_unlock+0x17/0x60 [ 269.218554][ T8333] ? find_held_lock+0x2d/0x110 [ 269.223329][ T8333] mem_cgroup_out_of_memory+0x207/0x270 [ 269.228885][ T8333] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 269.234974][ T8333] ? do_raw_spin_unlock+0x172/0x230 [ 269.240188][ T8333] try_charge_memcg+0x54c/0xaf0 [ 269.245053][ T8333] ? __pfx_try_charge_memcg+0x10/0x10 [ 269.250439][ T8333] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 269.256337][ T8333] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 269.261802][ T8333] ? get_mem_cgroup_from_mm+0x131/0x5f0 [ 269.267351][ T8333] __mem_cgroup_charge+0x9b/0x280 [ 269.272391][ T8333] shmem_alloc_and_add_folio+0x507/0xc00 [ 269.278029][ T8333] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 269.283928][ T8333] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 269.290083][ T8333] ? shmem_huge_global_enabled+0x176/0x250 [ 269.295900][ T8333] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 269.301801][ T8333] shmem_get_folio_gfp+0x689/0x1530 [ 269.307011][ T8333] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 269.312646][ T8333] ? find_held_lock+0x2d/0x110 [ 269.317425][ T8333] shmem_write_begin+0x161/0x300 [ 269.322370][ T8333] ? __pfx_shmem_write_begin+0x10/0x10 [ 269.327829][ T8333] ? timestamp_truncate+0x21f/0x2e0 [ 269.333037][ T8333] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270 [ 269.339904][ T8333] generic_perform_write+0x2ba/0x920 [ 269.345205][ T8333] ? __pfx_generic_perform_write+0x10/0x10 [ 269.351022][ T8333] ? inode_needs_update_time.part.0+0x191/0x270 [ 269.357277][ T8333] shmem_file_write_iter+0x10e/0x140 [ 269.362581][ T8333] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 269.368393][ T8333] __kernel_write_iter+0x318/0xa80 [ 269.373532][ T8333] ? __pfx___kernel_write_iter+0x10/0x10 [ 269.379166][ T8333] ? get_dump_page+0x15b/0x230 [ 269.383941][ T8333] ? __pfx___might_resched+0x10/0x10 [ 269.389229][ T8333] ? copy_mc_enhanced_fast_string+0xa/0x13 [ 269.395051][ T8333] dump_user_range+0x389/0x8c0 [ 269.399833][ T8333] ? __pfx_dump_user_range+0x10/0x10 [ 269.405132][ T8333] ? elf_coredump_extra_notes_write+0xbe/0x430 [ 269.411299][ T8333] ? __pfx_writenote+0x10/0x10 [ 269.416075][ T8333] elf_core_dump+0x2787/0x3880 [ 269.420854][ T8333] ? __pfx_elf_core_dump+0x10/0x10 [ 269.425977][ T8333] ? __switch_to+0x749/0x1190 [ 269.430661][ T8333] ? put_task_struct_rcu_user+0x4f/0xc0 [ 269.436259][ T8333] ? rcu_is_watching+0x12/0xc0 [ 269.441032][ T8333] ? trace_lock_acquire+0x14e/0x1f0 [ 269.446241][ T8333] ? __pfx_sort+0x10/0x10 [ 269.450578][ T8333] ? get_signal+0x23f3/0x2610 [ 269.455265][ T8333] ? do_coredump+0x2dd5/0x43e0 [ 269.460037][ T8333] do_coredump+0x2dd5/0x43e0 [ 269.464647][ T8333] ? __pfx_do_coredump+0x10/0x10 [ 269.469596][ T8333] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 269.475558][ T8333] get_signal+0x23f3/0x2610 [ 269.480070][ T8333] ? force_sig_fault+0xad/0xf0 [ 269.484836][ T8333] ? __pfx_get_signal+0x10/0x10 [ 269.489686][ T8333] ? __pfx_is_prefetch.constprop.0+0x10/0x10 [ 269.495687][ T8333] arch_do_signal_or_restart+0x90/0x7e0 [ 269.501244][ T8333] ? trace_irq_disable.constprop.0+0xea/0x140 [ 269.507312][ T8333] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 269.513475][ T8333] ? __bad_area_nosemaphore+0x334/0x6a0 [ 269.519042][ T8333] ? do_user_addr_fault+0x920/0x13f0 [ 269.524336][ T8333] irqentry_exit_to_user_mode+0x13f/0x280 [ 269.530063][ T8333] asm_exc_page_fault+0x26/0x30 [ 269.534919][ T8333] RIP: 0033:0x100000 [ 269.538820][ T8333] Code: Unable to access opcode bytes at 0xfffd6. [ 269.545226][ T8333] RSP: 002b:000000000000000a EFLAGS: 00010217 [ 269.551330][ T8333] RAX: 0000000000000000 RBX: 00007fea2ff75fa0 RCX: 00007fea2fd85d19 [ 269.559387][ T8333] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 269.567363][ T8333] RBP: 00007fea2fe01a20 R08: 0000000000000002 R09: 0000000000000000 [ 269.575337][ T8333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 269.583308][ T8333] R13: 0000000000000000 R14: 00007fea2ff75fa0 R15: 00007fffa509beb8 [ 269.591297][ T8333] [ 269.622058][ T8333] memory: usage 306740kB, limit 307200kB, failcnt 22028 [ 269.629317][ T8333] memory+swap: usage 427820kB, limit 9007199254740988kB, failcnt 0 [ 269.710688][ T8333] kmem: usage 3588kB, limit 9007199254740988kB, failcnt 0 [ 269.717857][ T8333] Memory cgroup stats for /syz3: [ 269.718185][ T8333] cache 310054912 [ 269.740432][ T8333] rss 98304 [ 269.743798][ T8333] rss_huge 0 [ 269.747013][ T8333] shmem 310054912 [ 269.800437][ T8333] mapped_file 0 [ 269.803954][ T8333] dirty 0 [ 269.806907][ T8333] writeback 0 [ 269.810211][ T8333] workingset_refault_anon 1341 [ 269.880429][ T8333] workingset_refault_file 130 [ 269.966847][ T8333] swap 124018688 [ 270.007400][ T8333] swapcached 69632 [ 270.051281][ T8333] pgpgin 303974 [ 270.054793][ T8333] pgpgout 230280 [ 270.091040][ T8333] pgfault 114533 [ 270.094637][ T8333] pgmajfault 317 [ 270.098192][ T8333] inactive_anon 82628608 [ 270.131535][ T8333] active_anon 225538048 [ 270.166192][ T8333] inactive_file 0 [ 270.169879][ T8333] active_file 0 [ 270.241709][ T8333] unevictable 0 [ 270.263529][ T8333] hierarchical_memory_limit 314572800 [ 270.297491][ T8333] hierarchical_memsw_limit 9223372036854771712 [ 270.372808][ T8333] total_cache 310054912 [ 270.377029][ T8333] total_rss 98304 [ 270.387094][ T8333] total_rss_huge 0 [ 270.442118][ T9790] netlink: 28 bytes leftover after parsing attributes in process `syz.2.979'. [ 270.468574][ T8333] total_shmem 310054912 [ 270.478460][ T9790] veth0_macvtap: left promiscuous mode [ 270.486161][ T8333] total_mapped_file 0 [ 270.490182][ T8333] total_dirty 0 [ 270.537689][ T8333] total_writeback 0 [ 270.543953][ T8333] total_workingset_refault_anon 1341 [ 270.569895][ T8333] total_workingset_refault_file 130 [ 270.612852][ T8333] total_swap 124018688 [ 270.729944][ T8333] total_swapcached 69632 [ 270.814222][ T8333] total_pgpgin 303974 [ 270.818266][ T8333] total_pgpgout 230280 [ 270.822426][ T8333] total_pgfault 114533 [ 270.826506][ T8333] total_pgmajfault 317 [ 270.945466][ T8333] total_inactive_anon 82628608 [ 270.950292][ T8333] total_active_anon 225538048 [ 270.962841][ T8333] total_inactive_file 0 [ 270.967034][ T8333] total_active_file 0 [ 270.973661][ T8333] total_unevictable 0 [ 270.977677][ T8333] anon_cost 0 [ 270.983800][ T8333] file_cost 0 [ 270.987115][ T8333] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.626,pid=8338,uid=0 [ 271.062459][ T8333] Memory cgroup out of memory: Killed process 8338 (syz.3.626) total-vm:98664kB, anon-rss:796kB, file-rss:30272kB, shmem-rss:0kB, UID:0 pgtables:140kB oom_score_adj:1000 [ 271.387676][ T9802] netlink: 28 bytes leftover after parsing attributes in process `syz.1.980'. [ 271.501296][ T9802] geneve1: entered allmulticast mode [ 273.236860][ T31] oom_reaper: reaped process 8338 (syz.3.626), now anon-rss:76kB, file-rss:27688kB, shmem-rss:0kB [ 274.646705][ T8331] syz.3.626 (8331) used greatest stack depth: 18584 bytes left [ 274.731659][ T9844] FAULT_INJECTION: forcing a failure. [ 274.731659][ T9844] name failslab, interval 1, probability 0, space 0, times 0 [ 274.762775][ T9844] CPU: 0 UID: 0 PID: 9844 Comm: syz.4.991 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 274.773440][ T9844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 274.783530][ T9844] Call Trace: [ 274.786834][ T9844] [ 274.789800][ T9844] dump_stack_lvl+0x16c/0x1f0 [ 274.794526][ T9844] should_fail_ex+0x497/0x5b0 [ 274.799239][ T9844] ? fs_reclaim_acquire+0xae/0x150 [ 274.804385][ T9844] should_failslab+0xc2/0x120 [ 274.809102][ T9844] __kmalloc_noprof+0xce/0x4f0 [ 274.813909][ T9844] ? lsm_blob_alloc+0x68/0x90 [ 274.818625][ T9844] lsm_blob_alloc+0x68/0x90 [ 274.823163][ T9844] security_prepare_creds+0x30/0x270 [ 274.828487][ T9844] prepare_creds+0x53e/0x750 [ 274.833117][ T9844] __sys_setuid+0x9a/0x440 [ 274.837659][ T9844] do_syscall_64+0xcd/0x250 [ 274.842203][ T9844] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 274.848127][ T9844] RIP: 0033:0x7f5c5d585d19 [ 274.852570][ T9844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 274.872212][ T9844] RSP: 002b:00007f5c5e38e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000069 [ 274.880660][ T9844] RAX: ffffffffffffffda RBX: 00007f5c5d776080 RCX: 00007f5c5d585d19 [ 274.888658][ T9844] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee00 [ 274.896653][ T9844] RBP: 00007f5c5e38e090 R08: 0000000000000000 R09: 0000000000000000 [ 274.904667][ T9844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 274.912668][ T9844] R13: 0000000000000000 R14: 00007f5c5d776080 R15: 00007fff73c6bb58 [ 274.920687][ T9844] [ 275.368152][ T9859] netlink: 342 bytes leftover after parsing attributes in process `syz.4.996'. [ 275.388290][ T9860] netlink: 342 bytes leftover after parsing attributes in process `syz.4.996'. [ 275.455906][ T9859] netlink: 274 bytes leftover after parsing attributes in process `syz.4.996'. [ 275.480035][ T9860] netlink: 274 bytes leftover after parsing attributes in process `syz.4.996'. [ 276.370845][ T9882] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1002'. [ 277.541152][ T9922] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1011'. [ 279.460904][ T8326] syz.3.626 (8326) used greatest stack depth: 18448 bytes left [ 279.898600][ T8329] syz.3.626 (8329) used greatest stack depth: 18048 bytes left [ 280.462063][ T9978] netlink: 'syz.1.1027': attribute type 2 has an invalid length. [ 281.894552][T10033] Process accounting resumed [ 283.113828][T10056] nfsd: Unknown parameter 'nfsd' [ 283.982911][T10067] could not allocate digest TFM handle [ 285.161871][ T5842] udevd[5842]: inotify_add_watch(7, /dev/sda1, 10) failed: No such file or directory [ 287.094922][T10147] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1068'. [ 287.367486][T10149] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1069'. [ 288.186668][T10173] netlink: 'syz.2.1073': attribute type 9 has an invalid length. [ 289.965741][ T29] audit: type=1326 audit(8277292179.109:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10238 comm="syz.2.1087" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2491d85d19 code=0x0 [ 291.520406][T10255] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1091'. [ 292.741015][T10294] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1101'. [ 293.731409][T10329] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1106'. [ 295.220359][T10355] netlink: Conntrack attr has 16 unknown bytes [ 295.385260][T10357] capability: warning: `syz.2.1117' uses 32-bit capabilities (legacy support in use) [ 295.456093][T10359] netlink: 'syz.4.1116': attribute type 4 has an invalid length. [ 295.495884][T10359] rtc_cmos 00:00: Alarms can be up to one day in the future [ 295.893361][ T29] audit: type=1326 audit(8277292185.012:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10366 comm="syz.4.1120" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5c5d585d19 code=0x0 [ 297.424011][ T5842] udevd[5842]: inotify_add_watch(7, /dev/sda1, 10) failed: No such file or directory [ 299.584811][T10425] netlink: 'syz.2.1135': attribute type 4 has an invalid length. [ 299.600526][T10425] rtc_cmos 00:00: Alarms can be up to one day in the future [ 299.997997][T10439] netlink: 'syz.2.1138': attribute type 13 has an invalid length. [ 300.279927][T10444] netlink: Conntrack attr has 16 unknown bytes [ 300.739230][T10458] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1144'. [ 300.860834][T10458] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 300.915299][T10458] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 301.567097][T10467] netlink: 'syz.3.1145': attribute type 4 has an invalid length. [ 301.646598][T10467] rtc_cmos 00:00: Alarms can be up to one day in the future [ 302.436336][T10507] kernel read not supported for file /#)-\"[} (pid: 10507 comm: syz.3.1155) [ 302.465621][ T29] audit: type=1800 audit(8277292191.595:14): pid=10507 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1155" name=23292D5C225B7D dev="mqueue" ino=30761 res=0 errno=0 [ 302.531378][T10510] netlink: 'syz.3.1156': attribute type 10 has an invalid length. [ 302.541956][T10510] netlink: 'syz.3.1156': attribute type 13 has an invalid length. [ 305.247753][T10564] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1168'. [ 305.499809][T10554] ptm ptm62: ldisc open failed (-12), clearing slot 62 [ 306.558573][T10583] tipc: Started in network mode [ 306.607812][T10583] tipc: Node identity ffffffff, cluster identity 4711 [ 306.645633][T10583] tipc: Node number set to 4294967295 [ 307.484227][T10605] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1177'. [ 308.412531][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 311.058774][T10683] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1199'. [ 312.987513][T10732] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1211'. [ 313.010596][T10731] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1211'. [ 313.151668][T10732] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode [ 315.312252][T10742] kexec: Could not allocate control_code_buffer [ 317.359301][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.365704][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 319.772957][ T5842] udevd[5842]: inotify_add_watch(7, /dev/sda1, 10) failed: No such file or directory [ 319.890599][T10800] kexec: Could not allocate control_code_buffer [ 320.538234][T10838] FAULT_INJECTION: forcing a failure. [ 320.538234][T10838] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 320.563793][T10838] CPU: 0 UID: 0 PID: 10838 Comm: syz.2.1239 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 320.574617][T10838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 320.584680][T10838] Call Trace: [ 320.587965][T10838] [ 320.590986][T10838] dump_stack_lvl+0x16c/0x1f0 [ 320.595693][T10838] should_fail_ex+0x497/0x5b0 [ 320.600396][T10838] _copy_from_user+0x2e/0xd0 [ 320.605001][T10838] move_addr_to_kernel+0x68/0x160 [ 320.610070][T10838] __copy_msghdr+0x386/0x470 [ 320.614674][T10838] copy_msghdr_from_user+0xc2/0x160 [ 320.619896][T10838] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 320.626415][T10838] ? __lock_acquire+0xcc5/0x3c40 [ 320.631382][T10838] ___sys_sendmsg+0xff/0x1e0 [ 320.635984][T10838] ? __pfx____sys_sendmsg+0x10/0x10 [ 320.641200][T10838] ? trace_lock_acquire+0x14e/0x1f0 [ 320.646420][T10838] __sys_sendmmsg+0x201/0x420 [ 320.651108][T10838] ? __pfx___sys_sendmmsg+0x10/0x10 [ 320.656326][T10838] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 320.662325][T10838] ? fput+0x67/0x440 [ 320.666233][T10838] ? ksys_write+0x1ba/0x250 [ 320.670834][T10838] ? __pfx_ksys_write+0x10/0x10 [ 320.675698][T10838] __x64_sys_sendmmsg+0x9c/0x100 [ 320.680645][T10838] ? lockdep_hardirqs_on+0x7c/0x110 [ 320.685850][T10838] do_syscall_64+0xcd/0x250 [ 320.690362][T10838] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 320.696263][T10838] RIP: 0033:0x7f2491d85d19 [ 320.700684][T10838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 320.720298][T10838] RSP: 002b:00007f2492b12038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 320.728718][T10838] RAX: ffffffffffffffda RBX: 00007f2491f75fa0 RCX: 00007f2491d85d19 [ 320.736690][T10838] RDX: 00000000fffffff3 RSI: 00000000200001c0 RDI: 0000000000000003 [ 320.744663][T10838] RBP: 00007f2492b12090 R08: 0000000000000000 R09: 0000000000000000 [ 320.752641][T10838] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 320.760613][T10838] R13: 0000000000000000 R14: 00007f2491f75fa0 R15: 00007ffe178e9538 [ 320.768601][T10838] [ 321.655294][T10867] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1247'. [ 321.849151][T10870] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1249'. [ 322.123647][T10878] FAULT_INJECTION: forcing a failure. [ 322.123647][T10878] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 322.138652][T10881] netlink: 'syz.3.1247': attribute type 46 has an invalid length. [ 322.180667][T10878] CPU: 1 UID: 0 PID: 10878 Comm: syz.2.1250 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 322.191496][T10878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 322.201576][T10878] Call Trace: [ 322.204875][T10878] [ 322.207829][T10878] dump_stack_lvl+0x16c/0x1f0 [ 322.212541][T10878] should_fail_ex+0x497/0x5b0 [ 322.217258][T10878] _copy_from_user+0x2e/0xd0 [ 322.221883][T10878] ____sys_sendmsg+0x56e/0xb40 [ 322.226675][T10878] ? __pfx_____sys_sendmsg+0x10/0x10 [ 322.231991][T10878] ? __lock_acquire+0xcc5/0x3c40 [ 322.236984][T10878] ___sys_sendmsg+0x135/0x1e0 [ 322.241697][T10878] ? __pfx____sys_sendmsg+0x10/0x10 [ 322.246945][T10878] ? trace_lock_acquire+0x14e/0x1f0 [ 322.252200][T10878] __sys_sendmmsg+0x201/0x420 [ 322.256919][T10878] ? __pfx___sys_sendmmsg+0x10/0x10 [ 322.262166][T10878] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 322.268195][T10878] ? fput+0x67/0x440 [ 322.272125][T10878] ? ksys_write+0x1ba/0x250 [ 322.276656][T10878] ? __pfx_ksys_write+0x10/0x10 [ 322.281548][T10878] __x64_sys_sendmmsg+0x9c/0x100 [ 322.286523][T10878] ? lockdep_hardirqs_on+0x7c/0x110 [ 322.291760][T10878] do_syscall_64+0xcd/0x250 [ 322.296303][T10878] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.302238][T10878] RIP: 0033:0x7f2491d85d19 [ 322.306687][T10878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 322.326334][T10878] RSP: 002b:00007f2492b12038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 322.334792][T10878] RAX: ffffffffffffffda RBX: 00007f2491f75fa0 RCX: 00007f2491d85d19 [ 322.342797][T10878] RDX: 00000000fffffff3 RSI: 00000000200001c0 RDI: 0000000000000003 [ 322.350822][T10878] RBP: 00007f2492b12090 R08: 0000000000000000 R09: 0000000000000000 [ 322.358826][T10878] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 322.366835][T10878] R13: 0000000000000000 R14: 00007f2491f75fa0 R15: 00007ffe178e9538 [ 322.374857][T10878] [ 322.429484][T10880] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 323.551288][T10901] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1257'. [ 323.792095][T10901] netlink: 118 bytes leftover after parsing attributes in process `syz.2.1257'. [ 323.911678][T10929] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1261'. [ 324.557185][ T5838] Bluetooth: hci4: command 0x0406 tx timeout [ 327.214939][T11020] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 327.221454][T11020] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 330.823149][T11090] openvswitch: netlink: Message has 4 unknown bytes. [ 333.206828][T11136] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1311'. [ 333.925768][T11154] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1316'. [ 341.635682][T11293] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 341.644023][T11293] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 341.650405][T11293] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 341.658083][T11293] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 341.664089][T11293] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 341.705079][T11296] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1350'. [ 341.714399][T11296] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode [ 342.198215][T11323] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 342.204762][T11323] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 343.451839][T11345] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1364'. [ 343.664044][ T5144] Bluetooth: hci4: command 0x0406 tx timeout [ 343.664063][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout [ 343.664106][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 343.670411][ T5144] Bluetooth: hci1: command 0x0c1a tx timeout [ 345.752876][ T5144] Bluetooth: hci4: command 0x0406 tx timeout [ 346.029778][T11391] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 346.036266][T11391] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 347.513061][T11419] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1384'. [ 348.576057][T11461] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1393'. [ 349.815557][T11476] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1397'. [ 351.690682][T11516] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1408'. [ 352.478368][T11532] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1410'. [ 354.836211][T11611] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1424'. [ 355.415860][T11632] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1429'. [ 355.787834][T11641] sd 0:0:1:0: PR command failed: 1026 [ 355.798937][T11641] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 355.822724][T11641] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 356.655671][T11671] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1440'. [ 357.781429][T11687] netlink: 'syz.1.1444': attribute type 28 has an invalid length. [ 357.816866][T11687] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1444'. [ 359.224230][T11703] kAFS: No cell specified [ 360.690777][T11741] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1458'. [ 360.774913][T11741] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1458'. [ 361.911171][T11777] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1468'. [ 362.031832][T11777] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1468'. [ 362.098442][T11773] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1468'. [ 362.766871][T11791] sp0: Synchronizing with TNC [ 363.851573][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 364.497722][T11845] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1486'. [ 364.752993][T11845] bond0: (slave bond_slave_1): Releasing backup interface [ 366.081952][T11881] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1496'. [ 366.123743][T11879] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1496'. [ 366.164688][T11879] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1496'. [ 366.283483][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 366.612687][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 366.622666][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 366.631222][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 366.639859][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 366.939197][T11893] netlink: 122 bytes leftover after parsing attributes in process `syz.4.1500'. [ 367.136110][T11901] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1503'. [ 368.519828][ T29] audit: type=1326 audit(2057.484:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11924 comm="syz.4.1509" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5c5d585d19 code=0x0 [ 369.844693][T11946] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1514'. [ 370.743584][T11960] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1519'. [ 371.285256][T11960] bond0: (slave bond_slave_1): Releasing backup interface [ 371.305182][T11972] cgroup: fork rejected by pids controller in /syz1 [ 372.813337][T12050] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1532'. [ 375.958256][T12137] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1553'. [ 376.114940][T12137] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 376.133018][T12137] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 376.180759][T12137] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 376.194593][T12137] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 376.970376][T12160] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1558'. [ 377.014237][T12160] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1558'. [ 377.690796][T12182] ima: policy update failed [ 377.708605][ T29] audit: type=1802 audit(2066.659:16): pid=12182 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1564" res=0 errno=0 [ 377.738943][T12193] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1566'. [ 378.169726][T12216] netlink: 146 bytes leftover after parsing attributes in process `syz.1.1573'. [ 378.338052][T12224] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1575'. [ 378.374911][T12224] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1575'. [ 378.768984][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.775677][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 380.682517][T12303] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 380.708648][ C1] vkms_vblank_simulate: vblank timer overrun [ 380.748604][T12303] CIFS mount error: No usable UNC path provided in device string! [ 380.748604][T12303] [ 380.782887][T12303] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 381.424933][T12310] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1595'. [ 383.956219][T12361] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1612'. [ 384.600279][T12392] netlink: 'syz.1.1619': attribute type 11 has an invalid length. [ 384.712190][T12392] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1619'. [ 385.563947][T12420] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1625'. [ 385.599030][T12420] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 385.715119][T12420] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 385.834587][T12425] pty pty206: ldisc open failed (-12), clearing slot 206 [ 387.568398][T12498] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1647'. [ 387.844584][T12513] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1653'. [ 387.863980][T12513] mac80211_hwsim hwsim21 : renamed from wlan0 [ 388.083739][T12522] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 388.174009][T12522] svc: failed to register nfsdv3 RPC service (errno 111). [ 388.213908][T12522] svc: failed to register nfsaclv3 RPC service (errno 111). [ 389.903396][T12557] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1664'. [ 390.436840][T12557] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 390.457647][T12557] bond0 (unregistering): Released all slaves [ 390.984468][T12573] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1665'. [ 394.845419][T12610] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 394.856345][T12610] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 398.351312][T12672] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 398.361015][T12672] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 398.566003][T12677] sd 0:0:1:0: PR command failed: 1026 [ 398.577038][T12677] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 398.583980][T12677] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 399.583114][T12711] erspan0: entered allmulticast mode [ 399.731506][T12712] bridge0: port 3(macvlan0) entered blocking state [ 399.743166][T12712] bridge0: port 3(macvlan0) entered disabled state [ 399.749943][T12712] macvlan0: entered allmulticast mode [ 399.755437][T12712] veth1_vlan: entered allmulticast mode [ 399.763511][T12712] macvlan0: entered promiscuous mode [ 399.770709][T12712] bridge0: port 3(macvlan0) entered blocking state [ 399.777370][T12712] bridge0: port 3(macvlan0) entered forwarding state [ 402.274362][T12776] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1719'. [ 403.238897][T12795] mmap: syz.1.1724 (12795): VmData 37470208 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data. [ 403.274494][T12795] netlink: 'syz.1.1724': attribute type 4 has an invalid length. [ 403.282276][T12795] netlink: 314 bytes leftover after parsing attributes in process `syz.1.1724'. [ 405.789763][T12833] erspan0: entered allmulticast mode [ 406.476049][T12856] erspan0: entered allmulticast mode [ 406.895946][T12863] netlink: 266 bytes leftover after parsing attributes in process `syz.3.1738'. [ 406.915665][T12863] IPv6: NLM_F_CREATE should be specified when creating new route [ 408.326173][ T29] audit: type=1800 audit(2097.314:17): pid=12916 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1757" name="features" dev="configfs" ino=39761 res=0 errno=0 [ 412.935832][T12964] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1768'. [ 412.947546][T12964] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1768'. [ 413.115625][T12974] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1772'. [ 413.138096][T12974] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1772'. [ 413.816594][T13016] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1783'. [ 413.964798][T13016] hsr_slave_1 (unregistering): left promiscuous mode [ 415.031486][T13068] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1791'. [ 417.282615][T13089] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1794'. [ 417.883887][T13110] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1810'. [ 417.955756][T13110] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1810'. [ 418.164053][T13114] ================================================================== [ 418.172162][T13114] BUG: KASAN: slab-out-of-bounds in __rb_map_vma+0x9ab/0xae0 [ 418.179566][T13114] Read of size 8 at addr ffff88802420c7b8 by task syz.3.1803/13114 [ 418.187475][T13114] [ 418.189808][T13114] CPU: 0 UID: 0 PID: 13114 Comm: syz.3.1803 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 418.200593][T13114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 418.210751][T13114] Call Trace: [ 418.214039][T13114] [ 418.216984][T13114] dump_stack_lvl+0x116/0x1f0 [ 418.221689][T13114] print_report+0xc3/0x620 [ 418.226138][T13114] ? __virt_addr_valid+0x5e/0x590 [ 418.231185][T13114] ? __phys_addr+0xc6/0x150 [ 418.235720][T13114] kasan_report+0xd9/0x110 [ 418.240165][T13114] ? __rb_map_vma+0x9ab/0xae0 [ 418.244876][T13114] ? __rb_map_vma+0x9ab/0xae0 [ 418.249585][T13114] __rb_map_vma+0x9ab/0xae0 [ 418.254131][T13114] ? __pfx___rb_map_vma+0x10/0x10 [ 418.259179][T13114] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 418.264991][T13114] ring_buffer_map+0x56e/0x9b0 [ 418.269761][T13114] tracing_buffers_mmap+0xa6/0x120 [ 418.274873][T13114] __mmap_region+0x1786/0x2670 [ 418.279643][T13114] ? __pfx___lock_acquire+0x10/0x10 [ 418.284851][T13114] ? __pfx___mmap_region+0x10/0x10 [ 418.289967][T13114] ? hlock_class+0x4e/0x130 [ 418.294470][T13114] ? mark_lock+0xb5/0xc60 [ 418.298825][T13114] ? cap_mmap_addr+0x53/0x320 [ 418.303504][T13114] mmap_region+0x127/0x320 [ 418.307920][T13114] do_mmap+0xc00/0xfc0 [ 418.311994][T13114] vm_mmap_pgoff+0x1ba/0x360 [ 418.316587][T13114] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 418.321707][T13114] ? __fget_files+0x206/0x3a0 [ 418.326389][T13114] ksys_mmap_pgoff+0x32c/0x5c0 [ 418.331153][T13114] ? rcu_is_watching+0x12/0xc0 [ 418.335916][T13114] __x64_sys_mmap+0x125/0x190 [ 418.340591][T13114] do_syscall_64+0xcd/0x250 [ 418.345095][T13114] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 418.350990][T13114] RIP: 0033:0x7fea2fd85d19 [ 418.355411][T13114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 418.375019][T13114] RSP: 002b:00007fea30bee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 418.383430][T13114] RAX: ffffffffffffffda RBX: 00007fea2ff75fa0 RCX: 00007fea2fd85d19 [ 418.391408][T13114] RDX: 0000000000000329 RSI: 0000000000000008 RDI: 0000000000000000 [ 418.399376][T13114] RBP: 00007fea2fe01a20 R08: 0000000000000002 R09: 0000000000008000 [ 418.407344][T13114] R10: 0000000000010011 R11: 0000000000000246 R12: 0000000000000000 [ 418.415322][T13114] R13: 0000000000000000 R14: 00007fea2ff75fa0 R15: 00007fffa509beb8 [ 418.423296][T13114] [ 418.426315][T13114] [ 418.428630][T13114] Allocated by task 13114: [ 418.433033][T13114] kasan_save_stack+0x33/0x60 [ 418.437712][T13114] kasan_save_track+0x14/0x30 [ 418.442390][T13114] __kasan_kmalloc+0xaa/0xb0 [ 418.446978][T13114] __kmalloc_noprof+0x21a/0x4f0 [ 418.451831][T13114] ring_buffer_map+0x1e1/0x9b0 [ 418.456591][T13114] tracing_buffers_mmap+0xa6/0x120 [ 418.461706][T13114] __mmap_region+0x1786/0x2670 [ 418.466490][T13114] mmap_region+0x127/0x320 [ 418.470933][T13114] do_mmap+0xc00/0xfc0 [ 418.475011][T13114] vm_mmap_pgoff+0x1ba/0x360 [ 418.479695][T13114] ksys_mmap_pgoff+0x32c/0x5c0 [ 418.484475][T13114] __x64_sys_mmap+0x125/0x190 [ 418.489158][T13114] do_syscall_64+0xcd/0x250 [ 418.493670][T13114] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 418.499663][T13114] [ 418.501986][T13114] The buggy address belongs to the object at ffff88802420c780 [ 418.501986][T13114] which belongs to the cache kmalloc-32 of size 32 [ 418.515858][T13114] The buggy address is located 32 bytes to the right of [ 418.515858][T13114] allocated 24-byte region [ffff88802420c780, ffff88802420c798) [ 418.530346][T13114] [ 418.532661][T13114] The buggy address belongs to the physical page: [ 418.539071][T13114] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2420c [ 418.547829][T13114] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 418.554930][T13114] page_type: f5(slab) [ 418.558907][T13114] raw: 00fff00000000000 ffff88801ac41780 dead000000000100 dead000000000122 [ 418.567524][T13114] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 418.576110][T13114] page dumped because: kasan: bad access detected [ 418.582537][T13114] page_owner tracks the page as allocated [ 418.588259][T13114] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP), pid 5842, tgid 5842 (udevd), ts 137525104912, free_ts 137484038372 [ 418.605999][T13114] post_alloc_hook+0x2d1/0x350 [ 418.610774][T13114] get_page_from_freelist+0xfce/0x2f80 [ 418.616240][T13114] __alloc_pages_noprof+0x223/0x25b0 [ 418.621546][T13114] alloc_pages_mpol_noprof+0x2c9/0x610 [ 418.627027][T13114] new_slab+0x2c9/0x410 [ 418.631190][T13114] ___slab_alloc+0xce2/0x1650 [ 418.635869][T13114] __slab_alloc.constprop.0+0x56/0xb0 [ 418.641242][T13114] __kmalloc_cache_noprof+0xf6/0x420 [ 418.646552][T13114] kmem_cache_free+0x2ef/0x4c0 [ 418.651319][T13114] __fput+0x686/0xb60 [ 418.655311][T13114] __fput_sync+0xa1/0xc0 [ 418.659648][T13114] __x64_sys_close+0x86/0x100 [ 418.664333][T13114] do_syscall_64+0xcd/0x250 [ 418.668844][T13114] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 418.674760][T13114] page last free pid 7340 tgid 7340 stack trace: [ 418.681075][T13114] free_unref_page+0x661/0x1080 [ 418.685931][T13114] tlb_finish_mmu+0x237/0x7b0 [ 418.690613][T13114] exit_mmap+0x3df/0xb20 [ 418.694856][T13114] __mmput+0x12a/0x4c0 [ 418.698923][T13114] mmput+0x62/0x70 [ 418.702641][T13114] do_exit+0x9bf/0x2d70 [ 418.706800][T13114] do_group_exit+0xd3/0x2a0 [ 418.711304][T13114] __x64_sys_exit_group+0x3e/0x50 [ 418.716331][T13114] x64_sys_call+0x151f/0x1720 [ 418.721017][T13114] do_syscall_64+0xcd/0x250 [ 418.725520][T13114] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 418.731416][T13114] [ 418.733732][T13114] Memory state around the buggy address: [ 418.739366][T13114] ffff88802420c680: fa fb fb fb fc fc fc fc 00 00 00 00 fc fc fc fc [ 418.747432][T13114] ffff88802420c700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 418.755498][T13114] >ffff88802420c780: 00 00 00 fc fc fc fc fc 00 00 00 00 fc fc fc fc [ 418.763574][T13114] ^ [ 418.769475][T13114] ffff88802420c800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 418.777548][T13114] ffff88802420c880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 418.785618][T13114] ================================================================== [ 418.796647][T13117] can: request_module (can-proto-3) failed. [ 418.889498][T13114] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 418.896743][T13114] CPU: 0 UID: 0 PID: 13114 Comm: syz.3.1803 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 418.907531][T13114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 418.917610][T13114] Call Trace: [ 418.920922][T13114] [ 418.923873][T13114] dump_stack_lvl+0x3d/0x1f0 [ 418.928500][T13114] panic+0x71d/0x800 [ 418.932435][T13114] ? __pfx_panic+0x10/0x10 [ 418.936886][T13114] ? irqentry_exit+0x3b/0x90 [ 418.941507][T13114] ? lockdep_hardirqs_on+0x7c/0x110 [ 418.946738][T13114] ? preempt_schedule_thunk+0x1a/0x30 [ 418.952138][T13114] ? preempt_schedule_common+0x44/0xc0 [ 418.957641][T13114] ? check_panic_on_warn+0x1f/0xb0 [ 418.962782][T13114] check_panic_on_warn+0xab/0xb0 [ 418.967746][T13114] end_report+0x117/0x180 [ 418.972103][T13114] kasan_report+0xe9/0x110 [ 418.976533][T13114] ? __rb_map_vma+0x9ab/0xae0 [ 418.981235][T13114] ? __rb_map_vma+0x9ab/0xae0 [ 418.985912][T13114] __rb_map_vma+0x9ab/0xae0 [ 418.990415][T13114] ? __pfx___rb_map_vma+0x10/0x10 [ 418.995448][T13114] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 419.001282][T13114] ring_buffer_map+0x56e/0x9b0 [ 419.006046][T13114] tracing_buffers_mmap+0xa6/0x120 [ 419.011173][T13114] __mmap_region+0x1786/0x2670 [ 419.015968][T13114] ? __pfx___lock_acquire+0x10/0x10 [ 419.021169][T13114] ? __pfx___mmap_region+0x10/0x10 [ 419.026279][T13114] ? hlock_class+0x4e/0x130 [ 419.030777][T13114] ? mark_lock+0xb5/0xc60 [ 419.035117][T13114] ? cap_mmap_addr+0x53/0x320 [ 419.039800][T13114] mmap_region+0x127/0x320 [ 419.044242][T13114] do_mmap+0xc00/0xfc0 [ 419.048329][T13114] vm_mmap_pgoff+0x1ba/0x360 [ 419.052936][T13114] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 419.058042][T13114] ? __fget_files+0x206/0x3a0 [ 419.062716][T13114] ksys_mmap_pgoff+0x32c/0x5c0 [ 419.072955][T13114] ? rcu_is_watching+0x12/0xc0 [ 419.077721][T13114] __x64_sys_mmap+0x125/0x190 [ 419.082422][T13114] do_syscall_64+0xcd/0x250 [ 419.086933][T13114] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 419.092830][T13114] RIP: 0033:0x7fea2fd85d19 [ 419.097376][T13114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 419.117001][T13114] RSP: 002b:00007fea30bee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 419.125421][T13114] RAX: ffffffffffffffda RBX: 00007fea2ff75fa0 RCX: 00007fea2fd85d19 [ 419.133386][T13114] RDX: 0000000000000329 RSI: 0000000000000008 RDI: 0000000000000000 [ 419.141359][T13114] RBP: 00007fea2fe01a20 R08: 0000000000000002 R09: 0000000000008000 [ 419.149378][T13114] R10: 0000000000010011 R11: 0000000000000246 R12: 0000000000000000 [ 419.157349][T13114] R13: 0000000000000000 R14: 00007fea2ff75fa0 R15: 00007fffa509beb8 [ 419.165333][T13114] [ 419.168596][T13114] Kernel Offset: disabled [ 419.172918][T13114] Rebooting in 86400 seconds..