last executing test programs: 13m11.870905111s ago: executing program 0 (id=1274): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) (async) recvmmsg$auto(r0, &(0x7f0000000300)={{0x0, 0x22, &(0x7f0000000280)={0x0, 0x40009}, 0xc, &(0x7f00000002c0), 0x404, 0x8}, 0x5a57}, 0xd, 0x1, 0x0) (async) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) (async) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae78, 0xffffffffffffffff) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) ioctl$auto_DMA_HEAP_IOCTL_ALLOC(r2, 0x5420, 0x0) close_range$auto(0x2, 0x8, 0x0) 13m11.649772831s ago: executing program 0 (id=1276): socket$nl_generic(0x10, 0x3, 0x10) r0 = open(&(0x7f0000000100)='./file0\x00', 0x201c2, 0x10e) socket(0xa, 0x1, 0x1) r1 = bpf$auto(0x6, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x400009, 0x100, 0x9b72, 0x2, 0xfffffffffffffeff) r2 = geteuid() sendmsg$auto_MAC802154_HWSIM_CMD_SET_EDGE(r0, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[], 0x10fc}, 0x1, 0x0, 0x0, 0x4000010}, 0x4000800) statx$auto(r1, &(0x7f0000000040)='./file0\x00', 0x9, 0xbcb, &(0x7f0000000200)={0x3, 0x3, 0x96c, 0x3ff42a69, r2, 0x0, 0x9, 0x0, 0x3, 0xfffffffffffffff7, 0x9, 0x402, {0xc7d, 0x2}, {0x2a4f2b70, 0x9}, {0x7ff, 0x2}, {0x4}, 0x7, 0x8, 0x9, 0x9, 0xffffffff7fffffff, 0x2, 0x8, 0x4, 0x10, 0x9, 0x7cb025ee, 0x1000000f, [0x9, 0xe96, 0x8000000000000001, 0xffffffffffffffc5, 0x4, 0xfffffffffffff801, 0xffffffffffffff00, 0x7, 0x10b]}) socket(0x15, 0x1, 0x0) read$auto_hwsim_fops_group_(r0, &(0x7f0000000000)=""/13, 0xd) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfd, 0x8000) pidfd_open$auto(0x0, 0xffffffff) iopl$auto(0x3) memfd_create$auto(&(0x7f0000000000)='&$\x00', 0xc) rseq$auto(&(0x7f0000000000)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x1) bind$auto(0x4, 0xfffffffffffffffe, 0x0) mknod$auto(&(0x7f0000000180)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x0f\x18\xc5\x82-s\x83\xe6\xaeR\x81\r_\x0e\x19\x12\x85\bvf(e\xday)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbHL9aD\xb4\x80\xed\xba>\"\xb6\x7f\xa3f\x1d\a\xa1\x87\x84uA\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e', 0x1, 0x4) r3 = socket(0xa, 0x801, 0x106) syslog$auto(0x3, &(0x7f0000000040)='V/\x00', 0x7ff) connect$auto(r3, &(0x7f0000000140), 0x55) msync$auto(0x0, 0x2000000005, 0x6) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) mmap$auto(0x1, 0x2000b, 0xdf, 0xeb1, 0x401, 0x8000) msgget$auto(0x6, 0x200) msgctl$auto(0x0, 0x0, 0x0) 13m11.25855618s ago: executing program 0 (id=1280): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000040), r0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/reg-dummy/regulator/regulator.0/requested_microamps\x00', 0x2500, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x3) mmap$auto(0x0, 0x202000d, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto(r2, 0x10e, 0x800, 0xfffffffffffffffe, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0xebf, 0x401, 0x8000) socket(0x2, 0x1, 0x0) socket(0x27, 0x800, 0x100002) sysfs$auto(0x2, 0x0, 0x0) epoll_create$auto(0x7) r3 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x1, r3, 0x0) socket(0xa, 0x80000, 0x8) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) epoll_ctl$auto(0x5, 0x3, r3, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_MODIFY(0xffffffffffffffff, 0x0, 0x20008800) close_range$auto(0x2, 0x8, 0x0) openat$auto_ftrace_event_format_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/format\x00', 0x301802, 0x0) socket(0x2, 0x5, 0x0) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x20880, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x1, 0x0, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyv1\x00', 0x200, 0x0) ioctl$auto_TIOCSETD2(r4, 0x5423, 0x0) ioctl$auto_TCFLSH2(r4, 0x8924, 0x0) sendmsg$auto_OVS_VPORT_CMD_NEW(r0, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c010000", @ANYRES16=r1, @ANYBLOB="01002ebd7000ffdbdf250100000008000900020000000800020004000000060003002a00000007010500a88113c205d70575326c5e060faa17c31009d4b064d1d8d3cb361253eff576910433f0bbea07f5c0595945881f26957dd3b4702b72ae6f8881466da40755a89580306513840b6c06bb79e68a7e3575ec0b69f4e779f7ed0331922d6235831e45eb9b36369b46ac12ef12fb22a4cc7a760e1821461617fa139e641f2352b41f8c626b10f84ab86779b48b4dcdb97858aa1574b7c4bd41076247e5dc82825383ed0cd92cc864e555c0c8f3d920789f48ee52b4c5410096d8d1cbdba7c3b186ff79b80edbe396a55848a8c72b5aeb574502601466a51f564d0a2eb42e1f5561ac4b7ecd6c88b49fd788645c04043c4a565d69e4c26bef263def62c685b7eebf7256d0a7a400080008", @ANYBLOB="94e59524fa34c8eb087d1ac86c335daab27afb1c3f10696a8004bcc38bb43521e199753656dd113c04ecaa74efa7a22066f2c40bac203d7c222aebe6a1f27313069c030b468cb8b1008000003da01bf3f34b2b9fe4f1d093d264038b"], 0x13c}, 0x1, 0x0, 0x0, 0x4000002}, 0x800) 13m10.720735347s ago: executing program 0 (id=1283): unshare$auto(0x40000080) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xffffffffffffffff, 0x56d) io_uring_setup$auto(0x6, 0x0) (async, rerun: 32) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (rerun: 64) syncfs$auto(0xffffffffffffffff) (async) socket(0x10, 0x2, 0x0) (async, rerun: 32) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x1ac}}, 0x0) (async, rerun: 32) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0xc800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) connect$auto(0x3, 0xfffffffffffffffe, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mincore$auto(0x4000000000, 0xffffffff, 0x0) (async) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x80a00, 0x0) (async) mmap$auto(0x0, 0x2, 0x1, 0x15, 0x0, 0x7ffb) (async, rerun: 64) close_range$auto(0x2, 0x8, 0x0) (rerun: 64) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) (async) r1 = openat$auto_hsr_node_table_fops_(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) pread64$auto(r1, 0x0, 0x5bbcf9f5, 0x100000001) bind$auto(0x3, &(0x7f0000000040)=@isdn={0x22, 0x9, 0xfc, 0xee, 0x2}, 0x80008) mmap$auto(0x0, 0xb, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) (async) read$auto_proc_pid_smaps_operations_internal(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) (async, rerun: 64) sendmsg$auto_NL80211_CMD_ABORT_SCAN(r0, 0x0, 0x8000) (async) r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) ioctl$auto_evdev_fops_evdev(r2, 0xfffeffff80004521, 0x0) 13m10.311411925s ago: executing program 0 (id=1285): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) r0 = socket(0x1a, 0x8000f, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fcntl$auto(0x3, 0x4, 0xa553) close_range$auto(0x2, 0x8000, 0x0) r1 = openat$auto_dfs_global_fops_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/ubifs/chk_index\x00', 0x40aa2, 0x0) r2 = openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/tracing_on\x00', 0x101000, 0x0) io_uring_setup$auto(0x9, &(0x7f0000000080)={0x42, 0x8, 0x4, 0x8000, 0x10001, 0x66d, r2, [0x8cae, 0xe, 0x3], {0x2, 0x9d06, 0x7, 0x80000000, 0x8, 0xc324, 0x18e580, 0x8000, 0x4}, {0x2101, 0x4, 0x10, 0x4, 0x1, 0x6ae, 0x6, 0x80000000, 0xffffffffffff782e}}) write$auto_dfs_global_fops_debug(r1, &(0x7f0000000d80)='0', 0x1) sendto$auto(r0, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) tkill$auto(0x1, 0x7) 13m8.038924203s ago: executing program 0 (id=1293): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyr4\x00', 0x1, 0x0) r0 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001414af"], 0x14}, 0x1, 0x0, 0x0, 0x20004082}, 0x0) socket(0x2, 0x1, 0x106) ioctl$auto(0x3, 0x8907, 0xfffffffffffff4e0) dup2$auto(0x0, 0x3) init_module$auto(0x0, 0xffff9, 0x0) prctl$auto(0x2, 0x1, 0x4, 0x5, 0x7) 13m7.593004663s ago: executing program 32 (id=1293): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyr4\x00', 0x1, 0x0) r0 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001414af"], 0x14}, 0x1, 0x0, 0x0, 0x20004082}, 0x0) socket(0x2, 0x1, 0x106) ioctl$auto(0x3, 0x8907, 0xfffffffffffff4e0) dup2$auto(0x0, 0x3) init_module$auto(0x0, 0xffff9, 0x0) prctl$auto(0x2, 0x1, 0x4, 0x5, 0x7) 5m57.536609557s ago: executing program 3 (id=3298): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mlockall$auto(0x7) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) madvise$auto(0x0, 0x2003f0, 0x15) r0 = openat$auto_nodes_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) write$auto(r0, &(0x7f0000000040)='\\!\x00', 0xc90) 5m56.061275681s ago: executing program 3 (id=3305): setregid$auto(0x81, 0x5) clone$auto(0x7fff, 0xff, &(0x7f0000000600)=0x8000, 0x0, 0x7) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/smbd_max_frmr_depth\x00', 0x900, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)=""/99, 0x63) r1 = socket(0x10, 0x2, 0xf) bpf$auto(0x0, &(0x7f0000000080)=@bpf_attr_4={0x1e, r1, 0xffffffff}, 0xd) bpf$auto(0x2, &(0x7f0000000080)=@bpf_attr_3={0x5, 0x0, 0x702955be, 0x40000, 0x4, 0x5, 0x80, 0xe4, 0xfffff800, "0566c8ee7c78a925488276d7697a12bd", 0x0, 0x5, 0xffffffffffffffff, 0x7, 0x9, 0x4, 0x7, 0x10001, 0x0, 0x8001, @attach_prog_fd=r1, 0x7e, 0x4, 0x1, 0x5, 0x3, 0xffffffffffffffff}, 0x5) io_uring_setup$auto(0xb606, &(0x7f0000000000)={0xfffffc57, 0x9d, 0x1, 0x3, 0x4a77, 0x4, r2, [0x7fffffff, 0xe0000000, 0xa], {0xa, 0x7f, 0xfff, 0x7, 0x8c6a, 0x401, 0x7, 0x7, 0x7}, {0x5, 0x5, 0x480000, 0x4, 0x1, 0x80000000, 0xfffffbab, 0x8e67, 0x27}}) semop$auto(0x4, &(0x7f0000000140)={0x0, 0xe, 0xf9a}, 0x0) socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) ioctl$auto(0xffffffffffffffff, 0x2, r1) ioctl$auto(0x3, 0x100, 0x0) close_range$auto(0x2, 0x8, 0x2) socket(0x28, 0x1, 0x0) socket(0x28, 0x5, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x55) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x55) read$auto(0x3, 0x0, 0x80) shutdown$auto(r3, 0x1) 5m55.668762756s ago: executing program 3 (id=3307): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) semtimedop$auto(0x0, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) futex$auto(0x0, 0x85, 0x10005, 0x0, 0x0, 0x10000007) read$auto(0xffffffffffffffff, 0x0, 0x2005) 5m54.632740953s ago: executing program 3 (id=3309): mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x2000c041) r0 = socket(0x2a, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000080), 0x6b) ioprio_set$auto(0x6, 0x0, 0x8) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mmap$auto(0x0, 0xff, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = socket(0x2, 0x1, 0x0) setsockopt$auto(r2, 0x6, 0x24, 0x0, 0x40) recvmmsg$auto(r1, 0x0, 0x8, 0x3, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000140)) connect$auto(r0, &(0x7f0000000040)=@can, 0x8) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) fcntl$auto(0xffffffffffffffff, 0x401, 0x5) write$auto(0x3, 0x0, 0xfffffdef) unshare$auto(0x40000080) socket(0xa, 0x3, 0x3a) epoll_wait$auto(r0, 0x0, 0x7ff, 0x6) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0xa, 0x801, 0x106) setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x2) setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x567) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x10000000000002d, 0x0) syz_genetlink_get_family_id$auto_ovs_datapath(0x0, r0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) gettid() 5m53.01671521s ago: executing program 3 (id=3312): mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8000, 0x0) close_range$auto(0x0, 0xfffffffffffff001, 0x2) r0 = socket(0x2, 0x1, 0x0) socket(0x1e, 0x1, 0x0) socket(0x10, 0x2, 0x0) r1 = memfd_secret$auto(0x1) r2 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000100), r0) sendmsg$auto_OVS_FLOW_CMD_DEL(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x38, r2, 0x20, 0x70bd28, 0x25dfdbfd, {}, [@OVS_FLOW_ATTR_CLEAR={0x4}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0x6}, @OVS_FLOW_ATTR_UFID_FLAGS={0x8}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0x2}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0x7}]}, 0x38}, 0x1, 0x0, 0x0, 0x2404c001}, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000002500), 0xffffffffffffffff) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x5ff4, 0x1) sendmsg$auto_OVS_FLOW_CMD_SET(r3, &(0x7f00000025c0)={0x0, 0x0, &(0x7f0000002580)={&(0x7f0000002540)={0x20, r4, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@OVS_FLOW_ATTR_CLEAR={0x4}, @OVS_FLOW_ATTR_UFID_FLAGS={0x8, 0xa, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x20) memfd_create$auto(&(0x7f0000000000)='\xc4--:\xdd:,./-${\x00', 0x4) mmap$auto(0x6, 0x1400000000000000, 0x3, 0x19, r1, 0x0) ftruncate$auto(0x3, 0x400180200000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, 0x0, 0x40800, 0x0) prctl$auto(0xae, 0x1, 0x4, 0x1, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysinfo$auto(0x0) io_uring_setup$auto(0x407d, 0x0) socket(0x2, 0x1, 0x106) fstatfs$auto(0x3, 0x0) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000240), r0) 5m50.535795649s ago: executing program 3 (id=3326): r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x109802, 0x0) ioctl$auto(r0, 0x9000643a, 0xc35) r1 = socket(0xa, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback}, 0x55) readv$auto(r1, &(0x7f0000000000)={&(0x7f0000000080)="b20e2febfe29f085dae9d07997ba9b0cf94dae339a1ceee7c7195fe5ec9c611343d118dec5251ebb3df46214b2e6e4127fa5a1b0d6a212a8d594f9b439deec4042cd409c63fd97cf723f558eae60f4d229020a738cb297c2c7462a05f56573174582e0c9f71766ed5e2c", 0x6}, 0x47f0) 5m50.045207785s ago: executing program 33 (id=3326): r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x109802, 0x0) ioctl$auto(r0, 0x9000643a, 0xc35) r1 = socket(0xa, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback}, 0x55) readv$auto(r1, &(0x7f0000000000)={&(0x7f0000000080)="b20e2febfe29f085dae9d07997ba9b0cf94dae339a1ceee7c7195fe5ec9c611343d118dec5251ebb3df46214b2e6e4127fa5a1b0d6a212a8d594f9b439deec4042cd409c63fd97cf723f558eae60f4d229020a738cb297c2c7462a05f56573174582e0c9f71766ed5e2c", 0x6}, 0x47f0) 37.367210993s ago: executing program 4 (id=4656): open(&(0x7f0000000140)='./file0\x00', 0x2ac40, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x4e23}, 0x67) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x2, 0xb}, 0x800009}, 0x5, 0x20000000) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) geteuid() openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/dynamic_events\x00', 0x2080, 0x0) read$auto(0x3, 0x0, 0x7) open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154) mmap$auto(0x0, 0x5, 0xfffffffffffffe01, 0x8011, 0x3, 0x8000) mremap$auto(0x0, 0x7, 0x3fd6, 0x0, 0x1ffffffe) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0xa, 0x2, 0x0) select$auto(0x3, 0x0, &(0x7f0000000100)={[0xd, 0x200, 0x0, 0xc, 0x8, 0x3, 0x6, 0x2, 0x9, 0x5e582970, 0x4000000000000000, 0x2, 0x4, 0x5, 0x8, 0x6]}, 0x0, 0x0) write$auto(0x3, 0x0, 0xfdef) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc1b7573919a8c4e4}, 0x810) bpf$auto(0x0, 0x0, 0xfbf) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0x296) select$auto(0x4, 0x0, 0x0, 0x0, 0x0) madvise$auto(0xfffffffffffffffe, 0x200000005, 0x4) unshare$auto(0x40000080) 22.625562683s ago: executing program 4 (id=4695): r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/open_files\x00', 0x200, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) r1 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000300), 0xffffffffffffffff) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x202, 0x0) poll$auto(&(0x7f0000000040)={r2, 0x7, 0x45}, 0x0, 0x2) ioctl$auto_COMEDI_SUBDINFO(r3, 0x80486402, 0x0) ioctl$auto_COMEDI_SUBDINFO(r3, 0x80486402, &(0x7f0000000180)={0x80000000, 0x5, 0xfffffff1, 0x6000000, 0x0, 0x9, 0xfffffff9, 0x3, 0x4, 0x2}) sendmsg$auto_GTP_CMD_ECHOREQ(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000005b234f971fab", @ANYRES16=r1, @ANYBLOB="010627bd7000fddbdf250300000008000200240b0000"], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x4000000) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = io_uring_setup$auto(0x6, 0x0) r5 = socket(0x10, 0x2, 0x9) setsockopt$auto(r5, 0x104000000000010e, 0x2, 0x0, 0x7fff) mprotect$auto(0x110c238000, 0x1, 0x3) ioctl$auto(r4, 0x4, r5) r6 = fspick$auto(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x6) ioctl$auto_TIOCMSET2(r6, 0x5418, 0x0) munmap$auto(0x1000000, 0x2000000c) madvise$auto(0x0, 0xffffffffffff0001, 0x9) mlockall$auto(0x3) 14.804807272s ago: executing program 4 (id=4723): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x20081, 0x0) fchown$auto(r2, 0x0, 0x0) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) syz_clone3(&(0x7f0000000200)={0x182000080, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0}, 0x58) rt_sigtimedwait$auto(&(0x7f0000000040)={0x7fffffff}, 0x0, 0x0, 0x8) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) ioctl$auto(r0, 0x8001, 0xffffffffffffffff) r4 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r4, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, 0x6) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(r4, 0x7a4, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/numa_maps\x00', 0x20000, 0x0) 8.888291269s ago: executing program 4 (id=4738): openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/mouse0\x00', 0x341, 0x0) r0 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0xd, 0x8}) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x49, &(0x7f00000003c0)="0c49ac3b9f83431c810558364b47c0965b0497439bfb19a1001feab32ee7c720fdcde8a3753eef288ac1c7594513481114a29e38921cc7cd4378", 0x5, 0x1000}, 0x5}, 0x2, 0x100) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=ANY=[@ANYRES16=r0, @ANYRES8=r1, @ANYBLOB="999324b8b6f22adeab509a3f98f40f8aef", @ANYRES32], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x4000000) stat$auto(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000200)={0x42, 0xd, 0x9, 0x97, 0x0, 0xffffffffffffffff, 0x0, 0xe, 0x2, 0x8000000000000001, 0x1f, 0x6, 0x4, 0x10001, 0x80000001, 0x3, 0x2}) open(&(0x7f0000000400)='./file0\x00', 0x200080, 0xe486d0bc75cd3cad) lstat$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000300)={0x7, 0x3, 0x9, 0xc, r2, 0x0, 0x0, 0xe004, 0x5, 0x6, 0x100000000, 0x2, 0x8000, 0x7fffffffffffffff, 0x100000001, 0x42, 0xb0ac}) 7.691098567s ago: executing program 4 (id=4740): r0 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) statx$auto(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x5, 0x4, &(0x7f00000000c0)={0x7506, 0xa54, 0x401, 0x3, 0xee00, 0xffffffffffffffff, 0x3, 0x0, 0x6, 0x7fff, 0x7, 0x2, {0x5, 0x7b01}, {0x9, 0x9}, {0x5, 0x7}, {0x3000000000, 0x9}, 0x4, 0xfb, 0x2, 0x1, 0x8, 0x8001, 0x7ff, 0x9, 0x40, 0x7, 0xd, 0x6, [0x5, 0xfffffffffffffff4, 0xb, 0x80000001, 0x84, 0x3, 0x2, 0x6ce]}) r2 = openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/ns/cgroup\x00', 0xc0, 0x0) sendmsg$auto_TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000680)={&(0x7f0000000200)={0x464, r0, 0x300, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_NAME_TABLE={0x3c6, 0x8, 0x0, 0x1, [@typed={0x64, 0xdd, 0x0, 0x0, @binary="02f0bf84aa9247c94b51e621bfb8b5adb0f6553ec579da0c0f6214175d72f1ccdbb82ae1d1b02ea8c968f47853959674bc045d1de33f7c532342ac563c916317670518e9485e6852aa81db848738ad8fa4690f5a81d1e8ce86d656950b4f7f6f"}, @typed={0x8, 0x9, 0x0, 0x0, @uid=0xffffffffffffffff}, @nested={0x22b, 0xb, 0x0, 0x1, [@typed={0x8, 0x12a, 0x0, 0x0, @uid=r1}, @generic="41ee43bf3d21c70b1c5b5662f8e939607808652862897e11e31aeb941bda16b84e4676b0df64606852f606babfcf446c439636b4985a8d66de408a6bd31169cfc0f924c455430b5e4c98f539ea7cc8a865048214a4fee81511d37082f4519c3efa61f4408876f5f2eece52de9efde3949f22828db48867a3eeae834cf8758088cdac48ecb94b8f3e51c5", @nested={0x4, 0x14b}, @nested={0x4, 0x11f}, @nested={0x4, 0xa}, @nested={0x4, 0x24}, @nested={0x4, 0x119}, @generic="a2018a845178888df14cabb87915776926021ba4f7638032f4f9d2236d11bbc253305a1e7c37ce51f772e36a566cece17e0e409e4e3a62ca2ffb98bd6eb486961816ccdea730a4b182b523bff4ede5eb300095afecf96ca53ebd96eca5a4b6acc1bd39567df733411bd0378fd419320ee243d77e3e674e73ae7c9d18079c", @nested={0x4, 0x44}, @generic="e16d9aa52a816b0ca02681a724d8e495ae19ee41e43f69b9c480effb4dc760f38494b2855cbcc3899ca3417fce0aa7d7a1223b904a580ff9814552950f162c682ebd200a0fbff096ea3a33d6f6345b44a3f87b12eec702b75ae20085a21ea384cc23bba3d53c8e865b943a597a791b5123bcc2731a391e10277fa4acd6e6303cc3b18add6cfd49412c6e9e9d1fc4466fe81c24c56056c45026a45f0a4feb23be480cd63e8dae7d9ffceb6aa9d2f0357e248a9bbc827ead346517f9d894d687abac47b27a9bcd875aafdcc09086f027d680b4159e6eb610baf9ee4c2c7d7366a238e29252c763c4ccffe5a0db935cb26a455a2dc1d95c3358a0f5cda6717792"]}, @generic="b323afb4cda7d9f3475ad0c7ec8af6fb8c7a5546009f8a0d4c3b6d14c0fc082d795a44cf7cce3672fda6c554ece7a98b177b92ce09e6d8b582a2016408007b1bb62b216351064bbad46b70738c0ab8ff49a96d5f939f37590ad9592cb90a4e8271bc545398dc6279e3a71a79bf1289f5b4db8c6aef345cdc072ea4b8c6aa70f667329490b04d50f5c3a07ccb0202506edc3e9a5e204868d71527e5b88b009ef20fa7e191842886a66f83c299514a02dad1898b3dfc1a3989056ecb82b91d5c2ad7d6d4b990e772ed3119b1294e483dffec450fe7a0286c49ff069f40a6b63042651a90ecede81e50ea8421648c13ed7044", @generic="f7578346eac89f4bc3696d6028969523cff16664e02c18256c7e62c499", @typed={0x8, 0x3e, 0x0, 0x0, @fd=r2}, @typed={0x14, 0xfe, 0x0, 0x0, @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}}]}, @TIPC_NLA_PUBL={0x88, 0x3, 0x0, 0x1, [@nested={0x82, 0x87, 0x0, 0x1, [@typed={0xc, 0x2b, 0x0, 0x0, @u64=0x2}, @generic="1afaee8eec2a80d543942929dad62cae2c446f45b83e7830ab6e036683dfcfc6f357f4c90661b4dae2455d66222bce39ec0c120f5f7329d492f73e9d325acade349eee66f5c601c39209caa44af44fe654f5203f6957e420775594b3a4569187442d389649e7fe535e3cbe581e6edd62b42c"]}]}]}, 0x464}, 0x1, 0x0, 0x0, 0x8004}, 0x1) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_GET_SEC_KEY(r3, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x24, r4, 0x800, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x7}, @NL802154_ATTR_SEC_OUT_LEVEL={0x8, 0x2a, 0xc8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x4000000) r5 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000840), 0x280002, 0x0) write$auto(r2, &(0x7f0000000880)='nl802154\x00', 0x4) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000900)={'veth1_to_hsr\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000a80)={&(0x7f0000000940)={0x120, 0x0, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x94, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3ff}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}]}, @ETHTOOL_A_CHANNELS_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}]}, @ETHTOOL_A_CHANNELS_HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0x120}}, 0x2) r7 = epoll_create$auto(0x80000000) ioctl$auto_TIOCSETD2(r7, 0x5423, 0x0) epoll_ctl$auto(r7, 0x6, r3, &(0x7f0000000b00)={0x401, 0xc0}) r8 = signalfd4$auto(r5, &(0x7f0000000b40)={0x7fff}, 0x1000, 0xffff7728) r9 = set_tid_address$auto(&(0x7f0000000bc0)=0x15) sendmsg$auto_NL802154_CMD_SET_BACKOFF_EXPONENT(r8, &(0x7f0000000d80)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000d40)={&(0x7f0000000c00)={0x114, r4, 0x400, 0x70bd26, 0x25dfdbfd, {}, [@NL802154_ATTR_PAGE={0x5, 0x7, 0xa}, @NL802154_ATTR_IFNAME={0x14, 0x4, 'bond_slave_0\x00'}, @NL802154_ATTR_PID={0x8, 0x1c, r9}, @NL802154_ATTR_SCAN_DURATION={0x5}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x5}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x6}, @NL802154_ATTR_SEC_DEVICE={0xbc, 0x2e, 0x0, 0x1, [@generic="22545c18aa6a54ec30addace2777e89bdc1c9614987c0ec9099a99ea2d75ce8574cd2fd481d8f4aac03475c952e8b32633ff69555c502e34e8d8607214bea177b11c63c8c289e076317bdb63f46f74d0fa2bf5808735876dcd341c07f51d88331743e3a189596490ae9c64983876736402fa4ac4090cbd439e562755c8b68099c1f7c527815e62b7c47002d24511be502c1070b20b3fa54948ebdcac2b0cb8ff9add7459537157be264c23acff98f72e1682e1bb5462210c"]}, @NL802154_ATTR_SUPPORTED_CHANNEL={0x8, 0x16, 0x26}]}, 0x114}, 0x1, 0x0, 0x0, 0x5}, 0x800) syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000dc0), r7) r10 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000e40), r8) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r8, &(0x7f0000000f00)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000e80)={0x28, r10, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@OVS_PACKET_ATTR_HASH={0xc, 0xb, 0xd8}, @OVS_PACKET_ATTR_MRU={0x6, 0x9, 0xffff}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x20000040) write$auto(r5, &(0x7f0000000f40)='\x00', 0x2) openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000f80), 0x210240, 0x0) r11 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000001000), r7) sendmsg$auto_NFSD_CMD_THREADS_SET(r3, &(0x7f00000010c0)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000001080)={&(0x7f0000001040)={0x20, r11, 0x400, 0x70bd25, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SCOPE={0xa, 0x4, 'tunl0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0xa6d8aef55352528d}, 0x0) r12 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_BEACON(r12, &(0x7f0000001280)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001240)={&(0x7f0000001140)={0xdc, 0x0, 0x10, 0x70bd26, 0x25dfdbfd, {}, [@NL80211_ATTR_SCAN_FREQUENCIES={0xc5, 0x2c, 0x0, 0x1, [@generic="a3cd2710a8891ed901d78906205d340656f9ad8fab6f86ce278a5763c26734ffd2df2413f046962fbe63fa17edae593c61a3407d98a3812a2afa1f48a8d1460a26977b266523231e8a7d64d3394f81a72187fedc81", @generic="c9e005a1d9cf2b376bfb4582d17ad5e87798c50026e937dac6a92e3caf33c3649b274bfa5400aa749c4e920dfe41f7dc7a1d0583dce118000f8280feb1d8446af17e45377308492afcfbe66550e0b88124229322d8493c39e7ff637f3fd201418ffab7aba342294e14df5b05"]}]}, 0xdc}, 0x1, 0x0, 0x0, 0x4044044}, 0x404c804) r13 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001300), r7) sendmsg$auto_NL80211_CMD_GET_REG(r7, &(0x7f0000001580)={&(0x7f00000012c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001540)={&(0x7f0000001340)={0x1e4, r13, 0x300, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_FRAME_MATCH={0xf0, 0x5b, "8626ec0c0693fd0a9cf8da75e9a1230658032136cec93853f6b04eb2c8cbf4c9dfeddba26adda7da7f8d5e19dcb4c46717d6ea3740c6db1d2daa47374f418b9567c5ac183f419c338a2f9f131a4c50410057bd2f791374f070ec7cea06e58fcdccaa8920e957d4630c4e08aa7578fdd195bed5f34f538a3288789ad390a35cd9e9d0a411470ca005a852585cbf0d145edc29a0b854ef2d4c648a4c0406df4defeefb06590930f6245a410e68cd73cc5d17074c7a97596b7523adc747a1101255d00bb1a08084f0c61bb5940b8333bdc088f232ef168e4a42b620e09ea8f2dbb5085b9bd69707dd900934466d"}, @NL80211_ATTR_VHT_CAPABILITY={0xd8, 0x9d, "f6499cf55453ea436a5b7686bbef50b537721a1aa90a7f2463efd2495a4053cea941afd4bb0eb22516b376c12b2926b637278dc776c8ff65361cda5223578b4721da744901bbcbc5238dd73faedb55c62f2798e30659b6d02b71624a61d43d390bb63fd7bcc299ad52be9e98b0247b50d96551011250725bdee8b3e7eb30a69bd6c18be49d57348723f1220e3dfef77ff5afbaf882c7e1bc3cfe6eb8ef572dea7b19ad959ead03e94a35d7dc12973bbe41a0c7d7702cfe3dcfb7f585248563f744315504165c743bf98f8def07ef366043866196"}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, 0x10000}]}, 0x1e4}, 0x1, 0x0, 0x0, 0x24044804}, 0x80) write$auto_snapshot_fops_user(r8, &(0x7f00000015c0)="d1691f3901e8fe84d77b43a280ae359d75b1b144421a345c36817dbbd82e54d1b074a0b60c86bc73dc8f3d0c0c3896fbbb0373e7f121b5edcc0db5493f5e597adfe4307139f5a3f66ac63362ccb0c936e7fa2a45124a3ce159bb73233c60c19f09279c87a72e8a540800c00ea6b4a7b0ca1e813e409e32bf1ce493a100a5e67655d4e1b636759616af7129f48b40fa4d571cd902bb5a4ac929dca3fd65", 0x9d) read$auto_proc_pid_maps_operations_internal(r8, &(0x7f0000001680)=""/236, 0xec) 5.820788392s ago: executing program 2 (id=4745): mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYRESDEC=0x0, @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x2008c005}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0) ioctl$auto_PPPIOCSFLAGS(r0, 0x40047459, 0x0) 4.641084506s ago: executing program 2 (id=4747): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) r0 = open(&(0x7f0000000100)='./cgroup\x00', 0x105040, 0x0) r1 = open_by_handle_at$auto(r0, &(0x7f0000000500)={0x8, 0xfe, "0100000000000000"}, 0xffffffff) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) socket(0x2, 0x1, 0x0) write$auto_media_devnode_fops_mc_devnode(r1, &(0x7f0000000140)="e95524d5ac52c40c08c1666ef71868263df77aeb32a953cc76daab72a8b7a8a9eba22568abdba122298767d9aacd77d12021d2d206d82567ea84289d18d8dcf590ad8d7ce3d6469897c75ba1d847343eaf8ede9ec2e87c0687ad9aa431f0ba04248d", 0x62) setsockopt$auto(0x3, 0x0, 0x22, 0x0, 0x28) mmap$auto(0x0, 0x402000b, 0xdf, 0x10000000000eb1, 0x401, 0x8000) ioctl$auto_PPPIOCSCOMPRESS(r0, 0x4010744d, &(0x7f00000000c0)={&(0x7f0000000080)='/dev/audio1\x00', 0x0, 0xff}) socket(0x2, 0x3, 0x106) getsockopt$auto(0x3, 0x0, 0x20, 0x0, 0x0) r2 = socket(0xa, 0x3, 0x3a) waitid$auto(0x3, 0x80000001, 0x0, 0x4, 0x0) getsockopt$auto(r2, 0x40000105, 0x1006, 0x0, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x400, 0x0) madvise$auto(0x0, 0x454, 0x9) 4.397203089s ago: executing program 1 (id=4749): mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/netfilter/nf_log\x00', 0x101000, 0x0) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc4c85513, &(0x7f0000000100)={{@raw=0x8, 0xfff, 0x20e, 0x9, "669cbbd9e97551b991bea188e0f1a57cff01facac1f00b2f6ab8635524133f9e22c7717f6050f2d2252ca5f2", @raw=0x8}, 0x0, @iec958={"31bee81a1537292d6d5cf10129461bcfe21944de67f2c7e2", "45805e24089c633fd962e093b796e736916cd56e8ba600463c8f947e52f345a1832f05560b67fb3b43f9234d4f1ac1daa73642e017db1ec71d66d872484e2a198dc86694a7d8f8384d7756ad802f6499b3fc34778aafcfefebb863950c6eed81b14c2e00f36951fbcd5e61ab4c02004ed57899112d9183f5c351b7f8f3f4c814582e3fbfab15956b11ea2f62136500", 0x0, "d8eb943c"}, "282f77b07e718ed4d99a34617774e3a82f982e0f05e516c299a28a585e87e0d908e2c8e50de5016f1de5d432da2cc20e951d8fcdc4f791a11996aad5af504c0d9927e62ef70b23a13735a4fe805c1ce1b6b1d83d21bb42794ec925b4547a3d52d4b5210392111e181719fef9d685b6534b171d76ad633f94a608b818600a6c85"}) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYBLOB='j\x00Q'], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) pread64$auto(r0, 0x0, 0x8, 0x3) 4.25400023s ago: executing program 1 (id=4750): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd7000fedbdf251600000283000180140002006e65746465767369ae00f903304aa0ede66d300000000000000500030004000000a19b04004000300b8b36efeba247d1abf1bfa0be219eabbbb4ac3031e041e7060fd9d730deab992dfcc7f55ebfd51f8b74b9530d3a97bae7a049d8c7ed0e07817e02dbc577bc980b703b329c445d8c93ebb643a8aa5ebac489ea5a9c"], 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x4040000) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) timer_create$auto(0x4, 0x0, 0x0) socket(0x2a, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000080), 0x6b) connect$auto(0x3, &(0x7f00000000c0), 0x55) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) fcntl$auto(0xffffffffffffffff, 0x401, 0x5) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x40) setsockopt$auto(0xffffffffffffffff, 0x4, 0x8001, 0x0, 0x2) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x10000000000002d, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) gettid() connect$auto(0xffffffffffffffff, 0x0, 0x55) mmap$auto(0x0, 0x5, 0x3, 0x16, 0x3, 0x8000) unshare$auto(0x40000080) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) madvise$auto(0x0, 0x20200, 0x15) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_nsim_udp_tunnels_info_reset_fops_udp_tunnels(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/ports/3/udp_ports_reset\x00', 0xb01002, 0x0) bpf$auto(0x2, &(0x7f0000000440)=@raw_tracepoint={0xd95a, r2}, 0x81) r3 = open(&(0x7f0000000200)='./cgroup\x00', 0x400, 0x23) fchdir$auto(r3) mkdir$auto(&(0x7f0000000140)='MAC80211_HWSIM\x00', 0x1) rmdir$auto(&(0x7f0000000340)='MAC80211_HWSIM\x00') 3.81974049s ago: executing program 2 (id=4752): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) clone$auto(0xb74b, 0xfffffffe, &(0x7f00000003c0)=0x99, &(0x7f0000000400)=0x4, 0xc) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_RADAR_DETECT(0xffffffffffffffff, 0x0, 0x4008000) sendmsg$auto_NL80211_CMD_STOP_NAN(0xffffffffffffffff, 0x0, 0x815) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, 0x0, 0x4000080) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) writev$auto(0xffffffffffffffff, 0x0, 0x1000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) sendmsg$auto_CTRL_CMD_GETFAMILY(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x18a2800}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB='\\\x00 \x00', @ANYRES16=0x0, @ANYBLOB="020025bd7000fbdbdf25030000000c0002006e6c3830323131000c0002006e6c38303231310005000200000000000c0002006e6c3830323131000500020000000000060001007a0000000c0002006e6c383032313100"], 0x5c}, 0x1, 0x0, 0x0, 0x91}, 0x40) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) copy_file_range$auto(0xffffffffffffffff, &(0x7f0000000140)=0xffff, 0xffffffffffffffff, &(0x7f0000000180)=0x80, 0x21c1, 0x0) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x9, 0xffc, 0x7, 0xfffffffd, 0x0, 0xee01, 0x0, 0x6, 0x1, 0x5, 0xc0f, 0x2, 0x7ff, 0x92bc, 0xffffffff, 0x6, 0x3}) r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0004, 0x19) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, 0x0}, 0x0) r1 = io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="770e0000", @ANYBLOB="44922971bafe661e967fe30194ce74ad403f7662905e38217f465f8548b87b5f300af085e9279996ae2d0d88a4c61b9b5988eee6a9e83312c751bd7255add0732e09f4b0ded08e2137d6f101606a932b38c6be2c4752207a1f34ff0a364d07e9d63f1d08f7533cdc9e0e61dc594088fd81a4a0c3ad8bb9a488feba5bc85bd005b1d46ec951a999b897a78d756d9ac9310bcd5b56659e0e", @ANYBLOB="080028bd7000fddbdf250300000808000600020000000c0014"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x405b) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYRESHEX=r0, @ANYRES16=0xffffffffffffffff], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYRESOCT=r1, @ANYBLOB="baeba1fa5d015f0585a581eda89e0c9740bed2e24edd827ec8d2829ea9ca3064d678c19f198b5e349057f4b90b46ba143ece59da2e10859110dba0f4ee4f1b1d3f4643430a6169fe1b34cca97d2da6d61b397019f21c8a7adb4fe6697b06bb2d0730f83a66d17e44b44b460a9efa9d9ee54a6b0734ffd8bd5fda80767f22eb8867d72398b7a6544327b93e3e90d3780ec2bfe4732c4b94ed67c3f74d0344c204759cea300a4d652298f3aa801a5cf7b2d040960c0752e45d759752b2e05375c6193a08a5c0568c24f1751d478928055b97e7b2508e74df306b10d4f77971dacddb1503a12476cf3810e1b08e529ef59043cf960ba4", @ANYRESOCT=r2], 0x1ac}}, 0x0) 3.633037719s ago: executing program 5 (id=4753): r0 = socket(0x1d, 0x2, 0x2) connect$auto(0x3, &(0x7f0000000180), 0x54) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x44, 0x0) fsopen$auto(0x0, 0x1) lsm_list_modules$auto(0x0, 0x0, 0x0) bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_3={0x6, 0x1, 0x10001, 0xffffffff, 0x8, 0x6, 0x5, 0xad, 0x0, "6fc7755a4150da95c1d47779aad3ce88", 0x0, 0x9, 0xffffffffffffffff, 0x1, 0x8, 0xff, 0xf5, 0x6, 0x2, 0x7, @attach_prog_fd, 0x5912, 0x80, 0x8, 0x1, 0x7}, 0x7) sendmsg$auto_NL80211_CMD_DISASSOCIATE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="48050000", @ANYRES16=0x0, @ANYBLOB="02002abd7000fbdbdf252800000011057f0084a020334a176add2e05603ae0ac0fe5c51008ee0f98090c87655f0bf4d24a0ca3a96f333a60450297fc8477cacfcab0b808c3e3c521865661f17cb552ecdc1ebd9f3a7b7db2d163f16a49e2d8448d53ceac1045aaa86b7f1ae52e5d0f9a0dca8741e57ea70b354bacc084e577654ae284024278d5ba61c0d534140b4eb3619ad76f45fa045c0716ab3070247ad2d22066a51c043d08ce35b7b1727d7fbb91d62d2c2767f0a44280faa3541389c56ddaf3276c7efe7059ef8f5887f60c7326924aa76ed26ea92cccb425a5ef290ede93feae7712f059d62fe198472a7d9f5b3789256a2cc89a1f388e8cd4138f7a80c8b468fcb9cc1358047f97dc0c61d814421b8e4a831c7c576af6d39124de02f93c26ea854ab51c06cd3c10bedc8eb9440d4c23f61b15395abe0da400eb0314eb160dba056fc3493f057685e5b82abcdf4832365c892d1222b31660714f5a36e0a3a568d3a9c0b5ddb9dca712acb6a1d95751706d3094060060509510c24ceac8cb6875e6e8112d955097c05552ab1c0fa3b1c757f26eb26583304547cb6a46ff80f352367f555bfb16b6aff867a1672ae4d5a540c123073f5fa4e8198f39d283f450844d9fcf347107a4111ad49ad68ed3c517fce2ac486594fcd2e9a433787d237b4ac9cf390d0e23f15631e4076129e7f704bdd729cc39f14ca9801eb8f89306cc959d6b5be26553c63e16e7423d81cfffd698d6cce793a59b710238b8afd06646cc87ef02e3e505b21f71447df3a096854e60abf02f08427105152c04e96286c8a09f42faa8e0b5ccc0daa35055c5c0fa1fe9e38502e2941e495b43957508fe7638970f1a92db4039f8ba090fd33a6443c59b1dc02a920bbe3ce2f358c6869f67595f7cc89d1288c6afa0059497f76b75d7a82149572f2d4c1b381f2176ccc8ab75aa1d13f508c774adfa99b84765bd1f2eceb33126bfed80ff91d0ac2fbbf891e6ebeb698f875a44d2462929469d0b353502f4aa057f1dc729f69239e5b812d5078fd19d0d083ac811dd375894135493c044ce2c4123b953627aacb6da818f8c1409fbe0f701f0a2be26ffd949cfc132f4fd8e109d625ff71b51a0acb01874f76c54974626d723fd23680eabde411b0db49ef6982eaf9a2b570e9b535b879f45fd605005c65fe9dbb93093cc6021ecab33cd67dc1ae06e42a0d36a1ed01d7a29f6d8b6f7dd06622cfa55bc1caab8238dc0bbb48c72fcd113ca1c98393684914fc90f5139c6f8ce1b7d1871ac9dd3d3c35d7575b5235b202cc69ba41980ad04267a466c6a895ca6b232d363db01bffffe08fed82f36a81f28e6fc55d098eb0a25f2d78f680fe09c9493ab477286860c69fe1680f16af0d7ef55949314f21206811c1e14223f5517de1d7ba2ae49886ada2dfafe83029139800fdd487e571507a7ca3f992a2757da684bc91c14e1bf5734cdd52c021f57a5d9bc4d5fd25d3d1f457f93ccc281a5067111efeb773b83dd8cf34e00dfabbad3f5e6c79b872902bd66d784d803a652a1f05c3c16fc7c427ea402d4891c3eb8ab925bd7e88c5f66ee81499e2849416da6ac588815a89fa01d50c2cca59d8b82a2d42e330e6bed10fef014b0bd977177aef1850f998cad9f96afaf74008142096ad431aa1d5b0f249c74629f701d95d828e0066aebfadf40a823105ecb6e4c1e7aef0d7669d8e30035379617196a0a76e117e2ef0c290afd2fcfc11098b9fb1a9fd87786040ef826ed65c97bdf1d04f2b687905a292a0b5d87dd293d686b526ca233173d9c187b1134df854b0ef38cca05e67ba99590e3143435767d71c0ea15d8d9fa1c764b0000000400a680040073000800c900020000000800a400000800000400480104005a80"], 0x548}, 0x1, 0x0, 0x0, 0x4050}, 0x0) 3.269192328s ago: executing program 5 (id=4754): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) mmap$auto(0x5, 0x1000020009, 0x4000000000e3, 0x10, 0x401, 0x2000000008000) r1 = socket(0x2b, 0x1, 0x1) listen$auto(r1, 0x6) mmap$auto(0x0, 0x20009, 0xe, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/time\x00') openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp1\x00', 0x40000, 0x0) socket(0x2, 0x3, 0x1) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) ioctl$auto(0x1, 0x890b, 0x8) r2 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), 0xffffffffffffffff) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/stat\x00', 0x143000, 0x0) read$auto_tomoyo_operations_securityfs_if(r3, 0x0, 0x0) read$auto(r3, &(0x7f0000001080)='\xefI5\x1d\xc4~\xd0>\xd2;\xbcj\xce\x18+\x9blE\x18\xa1>V\n\xa4\x90cgy\x98O\xf4\x7f\xe0\xbf\xbb\x9f\xfc\xfb\x870l0\xcf\xb4\rx\xcb\bpg0x0}) sendmsg$auto_WG_CMD_GET_DEVICE(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000002a80)=ANY=[@ANYBLOB="30110000", @ANYRES16=r2, @ANYBLOB="02002dd37000fcdbdf2500180000002c100880141001800400358008000600", @ANYRES32=r5, @ANYBLOB="0400e580c6902dbc7c2cea0f1b2cec40a9231e354d372479945c2ffe5b4468a1a94b42b2fe8314b81c649e18ad8eefdb2aacb63a9dc245ac49ecf284f61e33bf801f0b2645cbb1db4c785947e14d69e4030c481586b5e6cfeb7746a04def93d4e5f5173b3f642b6beff323926d063fc7fa381729d6d455c3aa7e85a3812e139f6897e1c65dbe39c38c368b8ee074f4c19722b1529d7042d2f8fc7ced5efff7d0d1580fb4f13abb2544dc7b4eba465ed5fa403ebd2ed9c7c28854f00d189f0fa138c2efd8eb7647f75817f2901c1c4f8ceccd7a4a590bcfccc9cadefca6ac752652d228edca6e4d960dfdb0c79b71d9e453d377c0f5531be88ca8b95849819cc4d2cbc782a223f73036cf55c303ad74e1bf06be5d1db87013aaf6c3b1de5645c7dee069f71bc99c47e900fbbafb7eaf602c87d3f53566be88ada231eb77082b03b53eb8825533418a47b4bc29153ff2cca1c0544bb02ffb0c2dc87cc0d3a086a4e14fae0225fdbf73897846b934fadf64be595f19930786494e0216d2894ab6377ed951d5f88335912fe0f928e19d57dcbf263603085e1b77758efcf44b57a960b65f9c45cb60ecd2a4d185bce803d6c7bbdb28a472a179caa468f5bbdca6cd1acbe617e36fafcdde1f4a17330219b5dd8119682dadf77506e12bc3e3f0844598f0b6021c291377bf9715163ec87775d4d5ff6179f1d671ec1c652de9f13e3ef7e9475215a4c7486ece677a46983964afb49c0d29177d3926c1dbdf33c1a01626402aa6750a8a7e31b01ad56c12e518f5971762f2cd009b805ec8bcb3725a8db66d85e494e51d2ef8136397f66e591abd2e1bd29f4f3c6db758a8031a3c48e5411a89921bdbddeb773918d897edbfe030c8ff84fb3a4a7754cfb976a1fd9c9c89b0000c5e9da8bfa3aeed1bc3607826e1e33414ee983e307e7d2164ef46145cd8fcca4d7bceba3968f0ced5dd41b53cac6cfe7523fab22fd84aeb72d3ac7cd8bcbdd31667089e0d69bec7fa63c11b6ec753e310eeb8c572785ca5ee996216b81e7563dfc6ece6bb023c6cbaa458e546dcbba109a08d6be66fbb1402753dbf48472ce4b352b3acfbb6c897b4e72f4f143938270581ee6c8ad1c3be7592e6a7db9c71a474f89f5e75923eb46cfc4f112d02f3bb750080da5648fb8e167c19880c6ac7c0052c601a97a97d0f8f57244c3fe089e546d9e70106baa1cdbce1770b1dec89f69e75c2466da486ae6c06c8b029a548d9e6afd44cf1966efccab6ee3287bf1031f6a0c5d6926054ca73721facfcc81183f642c45b306c45dfd893cc8c7bdb1f9bb66921dac97833394b7a2e38e0fe985015feaacac767316c8fa87dc85a1dfc1b009b20ba25b95090a4a7cd8be196151dedaa6e8ee85c6bd59a83ae7852eca1a4b80972ed56a15855cdcf36b9f27745ac66e824075e3090396105fb0146fc3c58e7d400793e8a4141d1eb7913870423548826f42d77a01ebe52908efc6adf20500a7530bc4aa91bdaf177ac9b855db6dad121ef156456bd02975c8195aa1db9f6d89f14f899ee5d12cddef48f5ce169283af603d206b30fabf8819663432828dcfaeaa12f6fd4211b13551adcbad188961fb5f3fb6d2f8066e12ea6ded66acfef4ff13a527da1b04468dd9c06271ed77324c4a16056f128107ee5ccad636a4ef518db5ff25443d0ddd647ece64aaaf7f23a05a68f912120365487c2147afb872b6cf1db9642008009047c685ef9221d81173ae5980ef472c732a1436a149197227b8a522e3196498799fbfbd4593620b5935148a26cd4c2bc4513e49392ef42922735a25e704eff6616a2bb38aeb2fbb17be1872f518876b4147d6751cf44d739bc91c401963667182114acfcc4bdc2303ec33aa234a64e0a74548d65bafbc096a1bd08ab17a1c378a6ef42c77165bfc296650afa67550360870a9e3cd689c61d7beea3fe88cf4bc39327d0aa9d7c4f2d5de9572b00339396aef9fcf6782b76fd8fbf13688eace3ec63313fd3e0ca2544efcfcb919a7930c6c08265a871efdfdc9f84de390ad400b867a2320b8eec4f94cf00dd66acf5108dbe4d520ad3d4a19568fd4c143417cf8c3c1d37ecb9c2d46edb403dcd2cb0fc4ac0f2afef1e09541421dc1178f862bfe539524e403326148d643fe5839a7775221a658777af79d1d61fb52b111ba00e0e37744cc5912b405891d2ff69c5a1ba8f0f946b1555aacefb4c9c9cace9a1181a5be20948e7e562c4e42b1fad5d020b029ccf8cffe965617b39b1b190448cfc1bdaaa0d80ddffa7267ec5c567dba8db247da2f188c4aebea69796de4885a996d54b001e2540f9dd4f446f1b1b9ea78d9e5422243a8abdcc5aa38da6a2d51c0e850d5b9582532f06471f7fd578be4cae7b49e4c6e9f199c0fde304c8657ff88bfda5b411c28adb181ad3a256e5ed197ff839fd067634b6c94a7f71304c3ace1024e2d9290cdc5c6ac04a5bf9ba43b47eb0bae3fb0e5688b1235f1592ba6fdcf565275cf8d70ef57d78d8c33d676921733dcb06ffb1aa811b2d68c43239c66b554b69074cd122a66b0cdcc545bc323bd66395f988c7c01856ac4a6d68416946abbf0c77f36437732be5363234aaa05b684bbc9f4c1ed97e08dd4e36595143a789a5fd98a4e635091bf5cc81541d650649422fbe3da06f2092cf5c202436b5db0ef2c639da9f3bbf5f39881ec62fd1fb5daa53b252ee6a18339ae00871b15106c0aeb3011fe9f84ced0b1ddd30da49242682d99bc04f7e13c5a705272aec1a81c4556a8bab384fb05c5662eefe30ba8358130843f1e84b51f8940877a1dfb438dd13200aa8a3f284e42634d69d317fce65bf1edfcfa2385259fa805ec3876627a1e1e2fab7dcd97bcda1f32ba62d34a0a3b6e78d0569c6eed21cfcb7fc473b69dadae0fd128d9dfa15eb2d462adf2fd7f81399bc111fa5c33cd30a28da79d402c81380cde5418a958732ec883a95f266906bb1bb67126e8b884dc147aa2d0d5f41a19d0ae07f44ee0b6c1d34b9f4c9b9c9a30b840f545f07e03aaaf7936fbe731580b67c83cecbaf7823a15b8aead7706a1d86324e304909bbacd524cbafd1e915b98c5cfb39d4ccdc17c600b6ceb35d085c7e3f00084f59c827bcce6e7467453f012ce71b9d4f253a436dcb8e0694f5a542f85b146fe60d56f4ed413783d95058a314266932e229a03c042392408741d7313545453261bedf87b4da79724d8e53731ab36122d23e9a797955d682d315a2eac5a8e4a9769979b1a5bb912626bf9d486bf94f9044df08a5bf539ce961bb6214d8e67346446745955c5d9265ae3ffcdbedc3c8ee7c1084862e03e21d2e53b283f77bdc3cca3cb8e6477f42aa71e7cbb8c8aa927607eb036010ffaf134f809d0da89dbb8a00601b7431506e80601e0533ab575632faca14bc00efb4c5ab94d6aa7a3e4444e7215bc391099df330832f77957a9685a474eff1df0acf6b0b3935d158d97bd4b7dca92b4e2051f9753d0206f4222636116a4f94a910ecd37bb0886fbf6a878abde2f49664910144e2a3e76c7bd3fb4f2f4647de12b371087e37fbab566615d34a15c3804575d5e34747f08a32542e3d7e4fc9fc65e4b5c29674102c0eda03e03697e59fa0a442f104976a0c7671e03459d2f0dc9fa4eb4baa7ed3a68c5ce29ae13d73111c613351223ece821f808a66ca298d796cfa8e123313fe1ababc660140d60b05e4f28b4944d034947eaf58b5b897ddac12eeac764a159eb345cd145865d90800180d46eb7d295b7d0aba2b5985164b49ba5b2f9d5859329eefbc77fcf5379e1ee5da6988c773a857786080ced96e54474bcb9e8f5ac0eee132fd8c05102cc2b1398937dccb4cdbd3db3858c0c3c348c75f08141bb23fe00d8b0476853df2a4f98c3c7fab4690313eeb4338523a360696f2ee7bd9b54dc06e9fc9044459eaf21d03dd6342f294f0880852a0e99f262d8a81fb44894050a36fca325c7d97477786cbd3581c08d6753c132a78530570db536b2fabd7e6aad963688ae1c642b0c6dd1dd728c59c0222e8ccf58ec4c3817a7734aea1ba93f96f04c864b2ec24a9b14154e56cdca0878619cd1cdf383fda4f855bbb755e5ee6bafa3d6258ce4e31488368a315d236e85e09ad945d58386d7fc753b5f6a8a6df3e33647e0070c0caaba8a64dc1dddd54341f62b8abf30d7abdcd21c8f898db7af7a0d3549c4a0a91559cc68e7510772578b78bc47394f0148dd2b0e99d865c6859837097c35921de387a17cd887539b7728c65e136715052aea5e941022a401d3aac7d2f87207495fa97a08fe2ab5ce5c456e9354ea8b949dcd227d2496e7c27664961842658c549517caad2f5bac643569791f0696ee8e6dc2096b8a7d3cd904535a79ab53635fa073fe46c748d7ace17553663d9100c898ed9908edfa7fc98ae794ee1c9d9da8702c0ed0a92e8018383a258f7a1313beea6162609a70351b1b494f3d1fc16d0257aef2a9dac79f6c9f3306c1d97b1a03e0ee82753eebf510a8eea668f2e3e96ab7e9c28870619e675625db4efe4cb994d4418a23560f5f0db6feedcc8baebc9197fa2c0ad113d68100f754f2b0954e2e83e678a7305c02615d9bd849f1dd96ef914a5e0f7d41bb0b7e6643d9cf0496f6c27f2d5466ae1ce6b566249dcde2ca8ee70947f53c9c99ee874b20cfdfe608fc8dd45633f1f3c6c4bc6f653753b5fd57bfa155b5fae15bb58fb4282b944ea1b0e10b184beeea7f9a750e19b0875a7608de0685d1664ed64ffce3178dfedef6d3c90f92e604629db3b3cb61e3ba833fbffa792b7f3d1d23bed20b6cbeecb6900071183bc3193d338a5f34ed5b5743979b27572ea7e26afdac7eec8be6c240287ac78e51fd5749323d02c5cba4de4d961671c2cbf4f198bc273f25be0f453f2c01122b34bca419912567a2bc267db09754a8f98fd0f12017c77f53d0abb01fac5199eda5e350b6f24220b4cd8a7f958862a6ba60aa0463ca8841f8652e2f85546edc1685ad69f7bfbefeb4ae33e0cb0131b15ce4097244736028ab91bf4d0eca666bb925c77eba54496884706a94708f2e564a4d3d94f9762e50251bbc70a2c74634eabfff9e60b7e15dc6cd9461265c85488277e0d34275f6c33b6c3d279c5f90f32c9a95f41a40b9eab4b610000618567d33189100ca30e9f9125ec6de4617cd7d1ce6400624dfaa136813af24690b25184bc56b1ec59168e3c843e3e245d1f55d30c2b9152f43f1ffc956273a25afd8eec5d529463ef613b2563c0945ef163f040acba9ff6152370ec413caace2d7ac2d110beddb2431d96f8d322639916f81b61b5a2a51363b2310be80e07d2d21f4009c8780bae02391753776a6f599a97941393faf95f9746366f851681208f01c58aeaf061f086f15e4d9f39c709a6fe5733b804a18c1523a5f16681d5df9a0526097b3f6eb454b5530cd77210fe2af1304cef17d89976ad3ba387f1d9a0782588092ea3d31597c3647a1a08c98f82d2f0475e6ee9ee0292b5cf7c92a2fe22b46aa3b11d7329e08c8051b7495f60902a62ac3770a94c78eed596e59b27cdb9dd77ed2d2e13161da5f5e3b93b7fdc629fc303087b4458e5006770d88db4e584eaffbd30228f7fb6f30e51757550630f968d881abd98be3e2a9df1449e68c859f00a82f8a08c7132024327b7300813ce358c468d4151b1ebe810e5cd88979c12c96d8e4c34c855ed2ba0f9ca543209597e9825289eec9ed2d265740dc44f49ba01b3c0d2e31384220b3891507a6974e1a02479d5b432fa03dc6b890f0714d07ef18ef031c71708008600", @ANYRESHEX, @ANYRESHEX=r9, @ANYRES32, @ANYBLOB="14000200697036746e6c3000000000000000000008000100", @ANYRES32=r10, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="060006004e240000c1000300ff4ee4a4b628ea8215af6cb852341d33ab0779de941cc9679064338a559e59b27575b1e8766abf122ac93bccdebcc3ddb282ca4530c2d9e7f902d96cd439c561a97799c620ba489d3e2dabc7792595230cacf4bc679c79badd87bc940c27365c3ef78c06e76af577bc02dcff0df8c835a22340acab425f7b72da28a792f77acefa4897eea4713438b367751899d43eab73a02bc89a524392d6da7b553a9801f102f455efe5bc6d7973604d17f0ca380b55d806ff1967f0d050eff55b78000000e3814c09792b11fad40a3bf6c9e2b0e3d4402879adb479e8796d555c55e905d4dbc5e242642d7b3ea22f82883a7e364972eca519ee93808e664c2789508e264bb31424a4887d66396ecbdb543e5c29b5b1dfcd4014075feabcd7f6e08e255d0d469e2b7a02759701db438a5600a706af0040df54e1a264ad7343115a90a2ff606d07b8620b0eab7a41b0ed01242cfd5ae574cbd87eedeada32c6baa8169321101176bf330aafa1d355fa54f137be9e57b53d10c0c52ba952357def9373b6ff0a89759e64675c64bada56d8dcb6b1de0c0cd5478ea40a3b2134cc71d1a9ebe7953dfa"], 0x1130}, 0x1, 0x0, 0x0, 0x5}, 0x8000) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x80000000}, 0x5, 0xffffffffffffffff, 0x7, 0x2e) 2.395766442s ago: executing program 1 (id=4758): sendfile$auto(0x6, 0x3, 0x0, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdf1}, 0x1) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x80011, 0x0) r1 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x80000, 0x0) close_range$auto(r0, r1, 0x2) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop7\x00', 0x6a742, 0x0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r3 = socket(0xa, 0x3, 0xff) connect$auto(r3, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) ioctl$auto(r2, 0x125d, 0x8) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(0x1, 0x1, 0x4a, &(0x7f0000000000)='\x04', 0xbb) madvise$auto(0x0, 0xffffffffffff0005, 0x6) munmap$auto(0x20001000, 0x7) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xa) lsm_list_modules$auto(0x0, &(0x7f0000000100)=0xbefc, 0x0) ioctl$auto(0x1, 0x89a0, 0x8) 2.303410761s ago: executing program 5 (id=4759): socket(0x2, 0x80002, 0x73) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfd, 0x0, 0xfffffffffffffffd) openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/0000:00:02.0/Virtual-2/edid_override\x00', 0x2200, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cuse\x00', 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r1, &(0x7f0000000440)="11000000126584", 0x7) socket(0x2, 0x1, 0x0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) read$auto(0xffffffffffffffff, 0x0, 0x71d) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x1000000, 0x80000001, 0x7, 0x6d3c, 0x5, 0x2]}, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x19, r2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff5000000000040"}, 0x55) socket(0xa, 0x5, 0x20) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) socket(0x1a, 0x1, 0x4084) socket(0x11, 0x3, 0xa74) socket(0x2b, 0x1, 0x1) socket(0x18, 0x5, 0x2) socket(0xa, 0x2, 0x73) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) clock_gettime$auto(0x1, 0x0) sendmmsg$auto(r0, 0x0, 0x9a6, 0x8fe) socket$nl_generic(0x10, 0x3, 0x10) 1.344385516s ago: executing program 1 (id=4760): mmap$auto(0x0, 0x7f, 0x1, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000013c0)='/sys/kernel/mm/transparent_hugepage/hugepages-512kB/stats/shmem_fallback\x00', 0x101700, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/4096, 0x1000) io_submit$auto(0x7, 0x7, &(0x7f0000000040)=&(0x7f0000000000)={0x7, 0x839a, 0x0, 0x2, 0xe7, 0xffffffffffffffff, 0x0, 0x3, 0x5}) bpf$auto(0x0, &(0x7f0000000000)=@raw_tracepoint={0x1a, 0xffffffffffffffff, 0x0, 0x4}, 0x7f) socket$nl_generic(0x10, 0x3, 0x10) mincore$auto(0x62, 0x5, &(0x7f0000001040)='/sys/kernel/mm/transparent_hugepage/hugepages-512kB/stats/shmem_fallback\x00') mmap$auto(0x0, 0x28, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x37, 0x0, 0x0) sendmsg$auto_IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000003b40)={0x0, 0x0, &(0x7f0000003b00)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40080}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='Z'], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0) 1.166524215s ago: executing program 1 (id=4761): mmap$auto(0x0, 0x61, 0x100001000000004, 0xfa31, 0x400, 0x8000) mremap$auto(0x0, 0xffffffffffffffff, 0x3fd6, 0x3, 0x7fffffffb000) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000000), 0x60840, 0x0) read$auto(r1, 0x0, 0x80000000) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) sendmsg$auto_NL80211_CMD_GET_WOWLAN(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000080)={&(0x7f00000001c0)={0x50c, r2, 0x200, 0x70bd27, 0x25dfdbfe, {}, [@NL80211_ATTR_IE_PROBE_RESP={0x4f0, 0x7f, "ced0bc6118c781fc59fe36ad0f63fde809309b30513d5e5611b13ad9c4d4dc41746f82794d031c6000c0dad757c771099d83b2c6b5d3e3ccffefcb2090de7780a511ab31922f97ae95e6cc3f4ba04199c1aa04e9f8cf053b3af7f29af40e2d09d3f0cb62c7142dd9bd9e3dc306a33ef8f1df81b969d6e53c8fbbe8457ca6d3b583db1252bd162c2b7c3806265b214d23faa13d750904685d9de1e097c40d0437320c07c3595d71a3b9c49fe68f077f349c30f634a04af29a056ed1259540b175f3800d4bfbb0c769ba5827f2eca3c8f78e8b1ce0d43157c4cb52e3efcea30f2bad4bd40c7ca37e43ea76725721a66e6d28c4647650e6688b9a20d33a5dd56abfa21b358e4e519d292f0450c3f3e175a54351491d4155f27f3f21e26bec5ef17142d7c58a3cdef1f7e730566fbdb2f5021975d77c434a23763cc13319da7eae1e020fb84c47acf860279998f6877757eaeb2ba0ff7312d7b51cd8431db8ca3d5edc27645984cdcb15336b30dfef8e1e3da9a1abba92da5fce1600cde47d40f76072a66cba8c0994f2396c48d18b615cf5bac715f357ae8919aff3af90b29bc59290c51abfaf459eede7732402107ab49366a29eda7fd05fc63aaf311fae7ba3d69c4973614c745620d1def87b770f91da77630c1d84a3ec55a7f8351fd1ee04580821d92221df7090b24b770ae615c46b2bb08d36396e14a49a2e28055ebf5129f006af604a166d7f9f90c5c002e211ba6b4e53be93d78519f324f623a35694b11e1ebe4a1111c2152c75ff3821f096949bf58ac066fda13ab076a259ea4b50a357f5281ffe2cc9737051c7e889bb781c9dbe02c35c98c2a5b278329a92e4f625bba78db8c6f40e30b353865281b5b2468f7757b597e324ddc76e44f4b4cccf92ad2c1af8beaf3a608ef1d825acef4995e3246c218e70d694e2048dd8b003e1020765f8a822ef5c1fff7c33fb31f435873c95ae128fb580d8e5d90d18113d848883320466efaca91d64777338c3ed7395b61d03dd3731b1e6dbba2475224bc415b68ab6ca33b0ce688ead1e91401f11fffa4696e227893c0e7193e23b17eb4cf7783374e793ab11ce693915b80ddef3ee5ae63a50aa3cb173ed70b65b01b457053b79994e6f5a4140711a17e3c66b4e233d3bff927b68d68d681065cedc301c44e070010663e4408bb123cec40059b97967bb6b780566b76394438b25bef47b1b38d34d5014fac2f2aa023b257b0889397605c5ce0eb9744e5296bf72b07226f51e5401949388da0b0e1ddd02a7aacee80884a85d43e1257721c10ab2a35a0d4ba49c70b4ce86d0fd2d7bfb144f07edcd2ea7646cbafaa579f7429aebc66e5211aea1ee33e05bcab44415b9fda7307a2d292eec96404f7bc01e325cf078bb4de63b22d890e6cc24ea52238bafd67f407fdccc7e0e78bdca7e5c3e3ed12c06b1a1c414064628c57624819695f2b6cc7fb399170df3b7f3714c7d9a58c434b0b59037cd4787c5015d8251e6ec2d6b938fcf6847961df15bb0e938a739e9d1cbc35744165d2172ebf989d8df1a4be4a19b48f46ea63a757889dabada282d845183a97f171bb58f73e556f459048d07d0afe7698b91e1289a13b517a126df7c0fb9a758354fd7e0d0cea0c352cfe0634607c2eaa815689135c38a82b176c84ef74d26de31a3a6890c5596c8e9aa946d1c77ab0aa75fcd4c912c82765f158df8462da974bb602b60c82a58cd7d951ba179b4e1890657861605389222880a6ec976c327594327aa457baf0ab1f65708"}, @NL80211_ATTR_WIPHY_ANTENNA_RX={0x8, 0x6a, 0x18}]}, 0x50c}, 0x1, 0x0, 0x0, 0x8000000}, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000100), 0x8000, 0x0) set_mempolicy$auto(0x8000, 0x0, 0x3936) openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/inject\x00', 0x1, 0x0) writev$auto(0x4, &(0x7f0000002bc0)={0x0, 0x7}, 0x7) mremap$auto(0x0, 0x2, 0x9, 0x3, 0x7fffffffb000) 1.143178539s ago: executing program 5 (id=4762): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x10, 0x2, 0x4) socket(0x10, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) ftruncate$auto(0x1ff, 0x0) unshare$auto(0x40000080) ioctl$auto_def_blk_fops_fs(0xffffffffffffffff, 0xab09, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_WOWLAN(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x22, &(0x7f0000001180)={&(0x7f0000000000)=ANY=[@ANYRESOCT=r1, @ANYRES16=r1, @ANYRESHEX=r0, @ANYRES8=r0], 0x1c}}, 0x14000080) geteuid() mmap$auto(0x0, 0x8, 0x40, 0x39f7a715, 0x2, 0x1000000000008000) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'hsr0\x00'}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000780)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRESHEX=r0, @ANYBLOB="01002abd7000fcdbdf25140000000c00018008000100", @ANYRESDEC=0x0, @ANYBLOB="05fab43384a4d8043c5336ec7734a4b46215d181269bb75bef213695a2879c950f30ba7650067f800f5be0c07aa5891177db4acfdcc831fa226b28cbb5803b3003f616b987285b66e858d6eeeb72c79e67299c85f0f2d2f266741271dac90782c565de2e180158c7c18986ccd2d858f9f829a0166cabde669a9d1a8a8ea70e983cbe98eeb369a8f8dfe0023ffbad591e50b76b623b068c8a995b17b588a5e2b279b9875a771cdb236fe11fd7223d8c37ed66c9875a4f89c73352e53d960d293fcda5943e4d31e7089dac8eb780b1da0059890854c69b2ea643375ff88711d053361b473838a032668e4740d18ea222f796759bd676b3b1b39984518a758e6ba4df58be1b18b2b10c5cfffbcf49d1abea7556c4611f915ebd5575f5e8b92f12f0e594105ed158a5177d1d06e4e15799aefedfa04d61ac8ac6a6be50f439c1b5bbac0dbbacffbbea50fc66f987d8a5a47c255ac2b1d9f0be9419c35197489c", @ANYRESOCT=r0], 0x28}, 0x1, 0x0, 0x0, 0x40448c1}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'vlan0\x00'}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'veth0_to_bridge\x00'}) sendmsg$auto_ETHTOOL_MSG_FEC_SET(0xffffffffffffffff, &(0x7f00000025c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20102d}, 0xc, &(0x7f0000002580)={&(0x7f00000003c0)=ANY=[@ANYBLOB="a6bb55ecc7d33d2e81b2a7a56810fa0cb141a8fdf62347cbb654e92e0fa3d0e852859dbb3a34e0e14ad6f36f191b0800345ade9988b63d94660de7253cc911e82bde5d98d0fe14b931acd9c50bcd4e528cbd3042d4105aaecb6e51d64127838589c051372833950dd42cc23beba894aeae93eaa95d2203545ca756f05800e2bfc46b98bfd3b6", @ANYRES16=0x0, @ANYBLOB="100028bd7000fbdbdf251e000000"], 0x14}, 0x1, 0x0, 0x0, 0x400c800}, 0x44000) socket$nl_generic(0x10, 0x3, 0x10) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_fake_panic_fops_(0xffffffffffffff9c, 0x0, 0x28001, 0x0) mlockall$auto(0x3) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) 1.124304536s ago: executing program 2 (id=4763): mmap$auto(0x0, 0x2020009, 0x3, 0x200000000000eb1, 0xfffffffffffffffb, 0x8000) gettid() close_range$auto(0x2, 0x8, 0x0) landlock_add_rule$auto(0xffffffffffffffff, 0x1, &(0x7f0000000040)="5c522d19d2c8806ba83e7a", 0x3) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) r0 = socket(0x11, 0x80003, 0x300) sendfile$auto(0x1, r0, 0x0, 0x8fb7) dup2$auto(0x0, 0x3) ioctl$auto(0x3, 0x5760, 0xfffffffffffff4e0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(r0, 0x4, &(0x7f0000000200)="08f7997c92a078acd6624bc5f7911d1a19ed235ac04d335f07943af66c64eeff0a606606c0067e3ad62f5c57a447a928d40c8ca59bb123d2fb3b146c81f1d473ec5d081532ae019cc75703d05066542e31ee90b7770049d839c73cea45", 0x3) r1 = prctl$auto(0x21, 0x0, 0xfffffffffffffffe, 0x0, 0x0) madvise$auto(0x0, 0x2000040080000005, 0xe) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x40, 0x0) read$auto_dmaengine_summary_fops_(r1, &(0x7f0000000100)=""/107, 0x6b) ioctl$auto(r2, 0x1, 0xc35) acct$auto(&(0x7f00000001c0)='/sys/bus/usb/drivers/gud/uevent\x00') mmap$auto(0x1000000, 0x200004, 0x4000000000e0, 0x40eb2, 0xd, 0x300000000000) io_uring_setup$auto(0x4bf15a08, &(0x7f0000000280)={0x590, 0x8, 0x10001, 0x6fb3, 0x8a, 0xfffffff7, 0xffffffffffffffff, [0x102, 0x9, 0x7d], {0x2, 0x7, 0x3034, 0xe, 0xf, 0x5, 0x4, 0xfffffff5, 0xf08a2b6}, {0xae, 0x200fc, 0xc, 0x0, 0x0, 0xb89, 0xd5, 0x837, 0x2d6}}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:01.3/vendor\x00', 0x20100, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x60002, 0x0) ioctl$auto(0x3, 0x8208ae63, 0x10000000000402) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) mknod$auto(&(0x7f0000000040)=':,\x00', 0xc9, 0xc8) mount$auto(&(0x7f0000000000)='pimreg\x00', &(0x7f0000000040)='\x00', 0x0, 0x10dfd057, 0x0) mount$auto(0x0, &(0x7f0000000040)=':,\x00', 0x0, 0xaa9, 0x0) memfd_secret$auto(0x0) 698.420092ms ago: executing program 1 (id=4764): unshare$auto(0x40000080) mmap$auto(0x0, 0x400025, 0xdf, 0x9b72, 0x5, 0x8000) stat$auto(0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MEDIA_GET(r0, &(0x7f0000001c00)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)={0x20, r1, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@typed={0x8, 0x1, 0x0, 0x0, @pid}]}]}, 0x20}}, 0x2000c880) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8000, 0x0) ioctl$auto(0x3, 0xc0481273, 0x38) statmount$auto(0x0, 0x0, 0x1fe, 0x9) write$auto(r2, &(0x7f0000000000)=',\x00', 0xfffffffffffffffa) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) ioctl$auto(0x3, 0x1276, 0x7) 558.296347ms ago: executing program 2 (id=4765): openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/cmdline\x00', 0x40, 0x0) open(&(0x7f0000000000)='./file0\x00', 0xa01c2, 0x84) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4044000}, 0x800) io_uring_setup$auto(0x6, 0x0) connect$auto(0x3, &(0x7f00000000c0), 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0xa, 0x7}, 0x9}, 0x10001, 0x800) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) mmap$auto(0x28000000000000, 0x9, 0x3, 0x8010, 0xffffffffffffffff, 0x8000) r1 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x582, 0x0) mmap$auto(0x1, 0x20007, 0xc3d0, 0x40000000000ebf, r0, 0x80000008000) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) readv$auto(0x0, &(0x7f0000000080)={&(0x7f0000000040), 0x6}, 0x7ff) write$auto_console_fops_tty_io(r1, &(0x7f0000001240)='4', 0x1) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_macsec(&(0x7f00000001c0), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'macsec0\x00'}) syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000000c0), r2) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r4, 0x4b63, r4) munmap$auto(0x20001000, 0x2000000c) connect$auto(0x3, 0x0, 0x54) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) 0s ago: executing program 2 (id=4766): r0 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/dynamic_events\x00', 0x542, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/mac80211_hwsim/hwsim1/ieee80211/phy1/rfkill3/state\x00', 0x40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/255, 0xff) write$auto_dynamic_events_ops_trace_dynevent(r0, &(0x7f0000000140)='!Ps\a', 0x4) r2 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x101c00, 0x0) ioctl$auto_I2C_SLAVE(r2, 0x703, 0x0) kernel console output (not intermixed with test programs): a:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 588.489686][T17650] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 588.500500][T17650] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 588.511095][T17650] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 588.521243][T17650] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 588.532000][T17650] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 588.543035][T17650] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 588.578396][T17650] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 588.603329][T17650] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 588.622935][T17650] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 588.642536][T17650] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 589.015173][T11021] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 589.025494][ T7114] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 589.041478][T11021] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 589.062047][ T7114] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 589.432062][T14354] Bluetooth: hci0: command tx timeout [ 589.633596][T17783] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2486'. [ 589.806651][T17783] veth1_macvtap: left promiscuous mode [ 590.213846][ T29] audit: type=1326 audit(4294967603.682:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17792 comm="syz.4.2490" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe132985d29 code=0x0 [ 590.370541][T17717] smc: removing net device syz_tun with user defined pnetid ETHTOOL [ 590.386959][T16541] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 590.405944][T16541] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 590.415279][T16541] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 590.424642][T16541] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 590.442203][T16541] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 590.474467][T16541] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 591.512037][T16541] Bluetooth: hci0: command tx timeout [ 591.695884][T17799] chnl_net:caif_netlink_parms(): no params data found [ 591.731104][T17809] HfR: entered promiscuous mode [ 591.866730][T17813] openvswitch: HfR: Dropping previously announced user features [ 592.272849][T17799] bridge0: port 1(bridge_slave_0) entered blocking state [ 592.280053][T17799] bridge0: port 1(bridge_slave_0) entered disabled state [ 592.288949][T17799] bridge_slave_0: entered allmulticast mode [ 592.303385][T17799] bridge_slave_0: entered promiscuous mode [ 592.352806][T17799] bridge0: port 2(bridge_slave_1) entered blocking state [ 592.362861][T17799] bridge0: port 2(bridge_slave_1) entered disabled state [ 592.370129][T17799] bridge_slave_1: entered allmulticast mode [ 592.383193][T17799] bridge_slave_1: entered promiscuous mode [ 592.440567][T17799] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 592.456108][T17799] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 592.544872][T17799] team0: Port device team_slave_0 added [ 592.638366][T17799] team0: Port device team_slave_1 added [ 592.722298][T16541] Bluetooth: hci1: command tx timeout [ 592.745119][T17799] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 592.796700][T17799] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 592.877218][T17799] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 592.916766][T17799] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 592.926282][T17799] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 592.978667][T17799] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 593.073432][T17860] sp0: Synchronizing with TNC [ 593.119872][T17863] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2503'. [ 593.144232][T17799] hsr_slave_0: entered promiscuous mode [ 593.162474][T17799] hsr_slave_1: entered promiscuous mode [ 593.170144][T17799] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 593.180062][T17799] Cannot create hsr debugfs directory [ 593.483027][T17799] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 593.617189][T17799] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 593.750576][T17799] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 593.862910][T17799] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 594.186146][T17799] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 594.262742][T17799] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 594.305828][T17799] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 594.355518][T17799] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 594.475992][T17894] bridge0: port 3(veth1_to_hsr) entered blocking state [ 594.492584][T17894] bridge0: port 3(veth1_to_hsr) entered disabled state [ 594.502583][T17894] veth1_to_hsr: entered allmulticast mode [ 594.519913][T17894] veth1_to_hsr: entered promiscuous mode [ 594.533125][T17894] bridge0: port 3(veth1_to_hsr) entered blocking state [ 594.540137][T17894] bridge0: port 3(veth1_to_hsr) entered forwarding state [ 594.734470][T17799] 8021q: adding VLAN 0 to HW filter on device bond0 [ 594.796040][T16541] Bluetooth: hci1: command tx timeout [ 594.842004][T17799] 8021q: adding VLAN 0 to HW filter on device team0 [ 594.871242][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 594.878508][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 594.950292][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 594.957503][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 595.505080][T17799] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 595.625939][T17799] veth0_vlan: entered promiscuous mode [ 595.728673][T17799] veth1_vlan: entered promiscuous mode [ 595.955940][T17799] veth0_macvtap: entered promiscuous mode [ 596.019622][T17799] veth1_macvtap: entered promiscuous mode [ 596.060824][T17799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 596.071631][T17799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 596.082333][T17799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 596.125462][T17799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 596.161962][T17799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 596.211872][T17799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 596.221737][T17799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 596.249872][T17799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 596.261286][T17799] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 596.295819][T17897] kexec: Could not allocate control_code_buffer [ 596.307357][T17799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 596.332193][T17799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 596.351571][T17799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 596.374911][T17799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 596.399199][T17799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 596.431953][T17799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 596.471685][T17799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 596.505184][T17799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 596.544897][T17799] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 596.583038][T17928] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2513'. [ 596.625165][T17799] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 596.657567][T17799] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 596.680264][T17799] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 596.713311][T17799] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 596.770574][T17928] gretap0: entered promiscuous mode [ 596.898336][T16541] Bluetooth: hci1: command tx timeout [ 596.947666][ T7113] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 596.969607][ T7113] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 596.972339][T11021] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 596.995784][T11021] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 597.437077][T17954] Invalid ELF header magic: != ELF [ 598.176001][T17975] ptrace attach of "./syz-executor exec"[11790] was attempted by "./syz-executor exec"[17975] [ 598.951947][T16541] Bluetooth: hci1: command tx timeout [ 605.268045][T18072] nfsd: Unknown parameter 'IPVS' [ 608.984394][T18136] binder: 18130:18136 ioctl c00c6211 9 returned -14 [ 610.578465][T18174] sp0: Synchronizing with TNC [ 612.927858][ T29] audit: type=1800 audit(4294967626.392:36): pid=18216 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2572" name="dbroot" dev="configfs" ino=59259 res=0 errno=0 [ 613.833483][T18236] sp0: Synchronizing with TNC [ 616.432772][T18278] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2584'. [ 620.441452][T18398] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2604'. [ 624.824707][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.831114][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.920895][T18486] kAFS: Invalid Command on /proc/fs/afs/cells file [ 625.484882][T18502] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 625.513652][T18501] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 626.625662][T18528] netlink: 1204 bytes leftover after parsing attributes in process `syz.4.2629'. [ 626.686855][T18528] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2629'. [ 628.574867][T18551] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2633'. [ 630.821949][T18587] raw_sendmsg: syz.2.2643 forgot to set AF_INET. Fix it! [ 631.087390][T18595] ptrace attach of "./syz-executor exec"[17650] was attempted by ""[18595] [ 632.576692][T18623] netlink: 334 bytes leftover after parsing attributes in process `syz.4.2651'. [ 635.363267][T18678] cifs: Unknown parameter 'T.ŸÜÛæ¨Å¼c[ŸÐê€$âæµÈ)ü±UóÑnEó-Ê™¾l®öÚ-ºŒ -¾_€™¯Ôåáª5Z äoåé¢mžÐfwYÍhº*/ÿxDlÝ©Š×ígÕkÇAí³ùÏ7ÍØØ9’ôXöa/fê_ÿAR£ˆ™‘ÈxM ‚v¬—pÿ±$^;ôØq‡3±«£n졵-6©+e„k„¾ñÇ<°kœcÔ)n.üeMÍ÷Na¨t®ÐSMÎÆ1,þ¤•u&— ³Z­HöÃìÈÁi!ݵ‡†À_¦rŠ¦8@ÅæK$Ï©Åú>x' [ 635.444147][T18684] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(2670613532.350673884.1673315752), cmd(17) [ 638.157190][T18772] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2691'. [ 638.616862][T18789] sp0: Synchronizing with TNC [ 639.790247][T18837] sp0: Synchronizing with TNC [ 639.990281][T18844] program syz.2.2708 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 640.116474][T18849] FAULT_INJECTION: forcing a failure. [ 640.116474][T18849] name failslab, interval 1, probability 0, space 0, times 0 [ 640.154475][T18849] CPU: 1 UID: 0 PID: 18849 Comm: syz.3.2710 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0 [ 640.165310][T18849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 640.175396][T18849] Call Trace: [ 640.178700][T18849] [ 640.181662][T18849] dump_stack_lvl+0x16c/0x1f0 [ 640.186383][T18849] should_fail_ex+0x497/0x5b0 [ 640.191098][T18849] ? fs_reclaim_acquire+0xae/0x150 [ 640.196255][T18849] should_failslab+0xc2/0x120 [ 640.200972][T18849] __kmalloc_node_noprof+0xd1/0x520 [ 640.206210][T18849] ? __pfx___mutex_lock+0x10/0x10 [ 640.211274][T18849] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 640.216785][T18849] __kvmalloc_node_noprof+0xad/0x1a0 [ 640.222114][T18849] traverse.part.0.constprop.0+0x392/0x640 [ 640.227964][T18849] ? __pfx_lock_release+0x10/0x10 [ 640.233031][T18849] seq_read_iter+0x934/0x12b0 [ 640.237757][T18849] seq_read+0x39f/0x4e0 [ 640.241946][T18849] ? __pfx_seq_read+0x10/0x10 [ 640.246682][T18849] full_proxy_read+0xfb/0x1b0 [ 640.251395][T18849] ? __pfx_full_proxy_read+0x10/0x10 [ 640.256718][T18849] vfs_read+0x1df/0xbe0 [ 640.260908][T18849] ? __fget_files+0x1fc/0x3a0 [ 640.265634][T18849] ? __pfx_lock_release+0x10/0x10 [ 640.270699][T18849] ? __pfx_vfs_read+0x10/0x10 [ 640.275419][T18849] ? lock_acquire+0x2f/0xb0 [ 640.279958][T18849] ? __fget_files+0x40/0x3a0 [ 640.284594][T18849] ? __fget_files+0x206/0x3a0 [ 640.289325][T18849] __x64_sys_pread64+0x1f6/0x250 [ 640.294300][T18849] ? __pfx___x64_sys_pread64+0x10/0x10 [ 640.299807][T18849] do_syscall_64+0xcd/0x250 [ 640.304355][T18849] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 640.310284][T18849] RIP: 0033:0x7fc514185d29 [ 640.314725][T18849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 640.334367][T18849] RSP: 002b:00007fc514ff3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 640.342823][T18849] RAX: ffffffffffffffda RBX: 00007fc514375fa0 RCX: 00007fc514185d29 [ 640.350835][T18849] RDX: 0000000000000001 RSI: 0000000020002480 RDI: 0000000000000003 [ 640.358835][T18849] RBP: 00007fc514ff3090 R08: 0000000000000000 R09: 0000000000000000 [ 640.366836][T18849] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 640.374845][T18849] R13: 0000000000000000 R14: 00007fc514375fa0 R15: 00007ffe60509bf8 [ 640.382864][T18849] [ 640.902216][T18874] sp0: Synchronizing with TNC [ 641.074576][T18881] sp0: Synchronizing with TNC [ 642.647500][T18922] sp0: Synchronizing with TNC [ 643.190212][T18939] netlink: 93 bytes leftover after parsing attributes in process `syz.2.2731'. [ 644.362807][T18976] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2736'. [ 644.381913][T18976] nbd: must specify a size in bytes for the device [ 644.507569][T18984] Process accounting resumed [ 646.684791][T19049] sp0: Synchronizing with TNC [ 648.043188][T19082] sp0: Synchronizing with TNC [ 648.153172][T19091] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2762'. [ 648.162509][T19091] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2762'. [ 648.178701][T19091] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2762'. [ 648.223261][T19091] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2762'. [ 648.280833][T19091] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2762'. [ 648.312810][T19091] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2762'. [ 648.329558][T19091] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2762'. [ 648.338740][T19091] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2762'. [ 648.354555][T19091] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2762'. [ 648.380729][T19091] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2762'. [ 648.415267][T19091] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2762'. [ 648.668034][T19111] FAULT_INJECTION: forcing a failure. [ 648.668034][T19111] name failslab, interval 1, probability 0, space 0, times 0 [ 648.692082][T19111] CPU: 1 UID: 0 PID: 19111 Comm: syz.3.2767 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0 [ 648.702909][T19111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 648.712994][T19111] Call Trace: [ 648.716285][T19111] [ 648.719231][T19111] dump_stack_lvl+0x16c/0x1f0 [ 648.723947][T19111] should_fail_ex+0x497/0x5b0 [ 648.728657][T19111] ? fs_reclaim_acquire+0xae/0x150 [ 648.733801][T19111] should_failslab+0xc2/0x120 [ 648.738510][T19111] __kmalloc_noprof+0xce/0x4f0 [ 648.743300][T19111] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 648.748955][T19111] ? tomoyo_realpath_from_path+0xbf/0x710 [ 648.754714][T19111] tomoyo_realpath_from_path+0xbf/0x710 [ 648.760296][T19111] ? tomoyo_path_number_perm+0x235/0x5b0 [ 648.765970][T19111] tomoyo_path_number_perm+0x248/0x5b0 [ 648.771503][T19111] ? tomoyo_path_number_perm+0x235/0x5b0 [ 648.777175][T19111] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 648.783228][T19111] ? __pfx_lock_release+0x10/0x10 [ 648.788277][T19111] ? trace_lock_acquire+0x14e/0x1f0 [ 648.793510][T19111] ? lock_acquire+0x2f/0xb0 [ 648.798033][T19111] ? __fget_files+0x40/0x3a0 [ 648.802659][T19111] ? __fget_files+0x206/0x3a0 [ 648.807369][T19111] security_file_ioctl+0x9b/0x240 [ 648.812427][T19111] __x64_sys_ioctl+0xb7/0x200 [ 648.817139][T19111] do_syscall_64+0xcd/0x250 [ 648.821676][T19111] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 648.827599][T19111] RIP: 0033:0x7fc514185d29 [ 648.832037][T19111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 648.851691][T19111] RSP: 002b:00007fc514ff3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 648.860144][T19111] RAX: ffffffffffffffda RBX: 00007fc514375fa0 RCX: 00007fc514185d29 [ 648.868142][T19111] RDX: 0000000000000001 RSI: 0000000080045505 RDI: 0000000000000003 [ 648.876139][T19111] RBP: 00007fc514ff3090 R08: 0000000000000000 R09: 0000000000000000 [ 648.884134][T19111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 648.892131][T19111] R13: 0000000000000000 R14: 00007fc514375fa0 R15: 00007ffe60509bf8 [ 648.900143][T19111] [ 648.932971][T19111] ERROR: Out of memory at tomoyo_realpath_from_path. [ 650.901400][T19153] netlink: 292 bytes leftover after parsing attributes in process `syz.4.2774'. [ 651.905897][T19157] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2776'. [ 651.936251][T19157] netdevsim netdevsim2 netdevsim2: entered allmulticast mode [ 652.489352][T19191] netlink: 'syz.4.2784': attribute type 10 has an invalid length. [ 652.598730][T19196] sp0: Synchronizing with TNC [ 652.758963][T19200] syz.4.2788 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 653.796409][T19229] __nla_validate_parse: 1 callbacks suppressed [ 653.796435][T19229] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2796'. [ 654.424023][T19243] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2799'. [ 654.953598][T16541] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 655.768607][ T29] audit: type=1800 audit(4294967669.232:37): pid=19270 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="features" dev="configfs" ino=64583 res=0 errno=0 [ 656.467620][T19298] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2810'. [ 656.581649][T19301] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2810'. [ 656.720449][T19291] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 656.738883][T19291] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 656.756839][T19309] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2812'. [ 656.759003][T19291] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 656.782946][T19291] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 656.790054][T19291] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 656.843154][T19309] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2812'. [ 656.898566][T19291] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 656.907501][T19291] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 656.937043][T19291] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 657.217799][ T29] audit: type=1806 audit(4294967670.672:38): xattr="" res=-22 [ 657.627534][T19325] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 657.637912][T19332] FAULT_INJECTION: forcing a failure. [ 657.637912][T19332] name failslab, interval 1, probability 0, space 0, times 0 [ 657.686454][T19332] CPU: 1 UID: 0 PID: 19332 Comm: syz.3.2817 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0 [ 657.697286][T19332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 657.707371][T19332] Call Trace: [ 657.710676][T19332] [ 657.713630][T19332] dump_stack_lvl+0x16c/0x1f0 [ 657.718350][T19332] should_fail_ex+0x497/0x5b0 [ 657.723066][T19332] ? fs_reclaim_acquire+0xae/0x150 [ 657.728217][T19332] should_failslab+0xc2/0x120 [ 657.732950][T19332] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 657.738358][T19332] ? __pfx_mark_lock+0x10/0x10 [ 657.743162][T19332] ? ptlock_alloc+0x1f/0x70 [ 657.747714][T19332] ptlock_alloc+0x1f/0x70 [ 657.752082][T19332] pte_alloc_one+0x74/0x390 [ 657.756615][T19332] do_pte_missing+0x1ae7/0x3e00 [ 657.761516][T19332] __handle_mm_fault+0x103c/0x2a40 [ 657.766673][T19332] ? __pfx___handle_mm_fault+0x10/0x10 [ 657.772164][T19332] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 657.777880][T19332] ? find_vma+0xc0/0x140 [ 657.782158][T19332] ? __pfx_find_vma+0x10/0x10 [ 657.786867][T19332] ? __pfx___mutex_trylock_common+0x10/0x10 [ 657.792787][T19332] handle_mm_fault+0x3fa/0xaa0 [ 657.797575][T19332] do_user_addr_fault+0x7a3/0x13f0 [ 657.802697][T19332] exc_page_fault+0x5c/0xc0 [ 657.807210][T19332] asm_exc_page_fault+0x26/0x30 [ 657.812072][T19332] RIP: 0010:__get_user_4+0x1a/0x30 [ 657.817191][T19332] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 ba 00 f0 ff ff ff 7f 00 00 48 39 c2 48 19 d2 48 09 d0 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 [ 657.836809][T19332] RSP: 0018:ffffc9000be67c50 EFLAGS: 00050202 [ 657.842890][T19332] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffc9000be67bb8 [ 657.850865][T19332] RDX: 0000000000000000 RSI: ffffffff86e52f2b RDI: ffffffff8bb17040 [ 657.858843][T19332] RBP: ffffc9000be67ee0 R08: 0000000000000000 R09: fffffbfff2039d5a [ 657.866815][T19332] R10: ffffffff901cead7 R11: 0000000000000001 R12: ffff88806b47c800 [ 657.874793][T19332] R13: 1ffff920017ccf93 R14: ffff888028723c48 R15: ffff888028820128 [ 657.882780][T19332] ? usbdev_ioctl+0x111b/0x3f90 [ 657.887651][T19332] usbdev_ioctl+0x1125/0x3f90 [ 657.892338][T19332] ? __pfx_usbdev_ioctl+0x10/0x10 [ 657.897366][T19332] ? do_vfs_ioctl+0x513/0x1950 [ 657.902134][T19332] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 657.907179][T19332] ? __pfx_lock_release+0x10/0x10 [ 657.912210][T19332] ? trace_lock_acquire+0x14e/0x1f0 [ 657.917425][T19332] ? __fget_files+0x206/0x3a0 [ 657.922115][T19332] ? __pfx_usbdev_ioctl+0x10/0x10 [ 657.927149][T19332] __x64_sys_ioctl+0x190/0x200 [ 657.931943][T19332] do_syscall_64+0xcd/0x250 [ 657.936475][T19332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 657.942378][T19332] RIP: 0033:0x7fc514185d29 [ 657.946794][T19332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 657.966410][T19332] RSP: 002b:00007fc514ff3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 657.974833][T19332] RAX: ffffffffffffffda RBX: 00007fc514375fa0 RCX: 00007fc514185d29 [ 657.982825][T19332] RDX: 0000000000000001 RSI: 0000000080045505 RDI: 0000000000000003 [ 657.990799][T19332] RBP: 00007fc514ff3090 R08: 0000000000000000 R09: 0000000000000000 [ 657.998779][T19332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 658.006756][T19332] R13: 0000000000000000 R14: 00007fc514375fa0 R15: 00007ffe60509bf8 [ 658.014742][T19332] [ 658.312162][T16541] Bluetooth: hci3: command 0x0c1a tx timeout [ 658.792148][T16541] Bluetooth: hci0: command 0x0c1a tx timeout [ 658.792180][T14354] Bluetooth: hci2: command 0x0c1a tx timeout [ 658.951862][T14354] Bluetooth: hci1: command 0x0c1a tx timeout [ 659.733934][T19374] sp0: Synchronizing with TNC [ 660.047330][T19388] FAULT_INJECTION: forcing a failure. [ 660.047330][T19388] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 660.088801][T19388] CPU: 0 UID: 0 PID: 19388 Comm: syz.2.2829 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0 [ 660.099635][T19388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 660.109740][T19388] Call Trace: [ 660.113047][T19388] [ 660.115998][T19388] dump_stack_lvl+0x16c/0x1f0 [ 660.120714][T19388] should_fail_ex+0x497/0x5b0 [ 660.125431][T19388] ? fs_reclaim_acquire+0xae/0x150 [ 660.130577][T19388] should_fail_alloc_page+0xe7/0x130 [ 660.135904][T19388] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 660.142103][T19388] __alloc_pages_noprof+0x190/0x25b0 [ 660.147434][T19388] ? __pfx_mark_lock+0x10/0x10 [ 660.152242][T19388] ? trace_event_raw_event_drv_twt_teardown_request+0xe8/0x2f0 [ 660.159827][T19388] ? __lock_acquire+0x15a9/0x3c40 [ 660.164895][T19388] ? __pfx___lock_acquire+0x10/0x10 [ 660.170128][T19388] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 660.175909][T19388] ? hlock_class+0x4e/0x130 [ 660.180455][T19388] ? __lock_acquire+0xcc5/0x3c40 [ 660.185432][T19388] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 660.191366][T19388] ? policy_nodemask+0xea/0x4e0 [ 660.196267][T19388] alloc_pages_mpol_noprof+0x2c9/0x610 [ 660.201764][T19388] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 660.207788][T19388] ? find_held_lock+0x2d/0x110 [ 660.212600][T19388] folio_alloc_mpol_noprof+0x36/0xd0 [ 660.217928][T19388] shmem_alloc_folio+0x135/0x160 [ 660.222914][T19388] shmem_alloc_and_add_folio+0x48b/0xc00 [ 660.228593][T19388] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 660.234789][T19388] ? shmem_allowable_huge_orders+0xd0/0x410 [ 660.240735][T19388] shmem_get_folio_gfp+0x689/0x1530 [ 660.245980][T19388] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 660.251678][T19388] ? filemap_map_pages+0xf92/0x16b0 [ 660.256920][T19388] shmem_fault+0x200/0xae0 [ 660.261377][T19388] ? __pfx_shmem_fault+0x10/0x10 [ 660.266360][T19388] ? do_pte_missing+0xdd7/0x3e00 [ 660.271341][T19388] ? __pfx_lock_release+0x10/0x10 [ 660.276411][T19388] __do_fault+0x10a/0x490 [ 660.280784][T19388] do_pte_missing+0xebd/0x3e00 [ 660.285608][T19388] __handle_mm_fault+0x103c/0x2a40 [ 660.290778][T19388] ? __pfx___handle_mm_fault+0x10/0x10 [ 660.296282][T19388] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 660.301973][T19388] ? find_vma+0xc0/0x140 [ 660.306261][T19388] ? __pfx_find_vma+0x10/0x10 [ 660.310975][T19388] ? __pfx___mutex_trylock_common+0x10/0x10 [ 660.316908][T19388] handle_mm_fault+0x3fa/0xaa0 [ 660.321725][T19388] do_user_addr_fault+0x7a3/0x13f0 [ 660.326885][T19388] exc_page_fault+0x5c/0xc0 [ 660.331427][T19388] asm_exc_page_fault+0x26/0x30 [ 660.336338][T19388] RIP: 0010:__get_user_4+0x1a/0x30 [ 660.341485][T19388] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 ba 00 f0 ff ff ff 7f 00 00 48 39 c2 48 19 d2 48 09 d0 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 [ 660.361129][T19388] RSP: 0018:ffffc9000b9efc50 EFLAGS: 00050202 [ 660.367235][T19388] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffc9000b9efbb8 [ 660.375240][T19388] RDX: 0000000000000000 RSI: ffffffff86e52f2b RDI: ffffffff8bb17040 [ 660.383243][T19388] RBP: ffffc9000b9efee0 R08: 0000000000000000 R09: fffffbfff2039d5a [ 660.391249][T19388] R10: ffffffff901cead7 R11: 0000000000000001 R12: ffff88802823a000 [ 660.399249][T19388] R13: 1ffff9200173df93 R14: ffff888028723c48 R15: ffff888028820128 [ 660.407267][T19388] ? usbdev_ioctl+0x111b/0x3f90 [ 660.412165][T19388] usbdev_ioctl+0x1125/0x3f90 [ 660.416892][T19388] ? __pfx_usbdev_ioctl+0x10/0x10 [ 660.421952][T19388] ? do_vfs_ioctl+0x513/0x1950 [ 660.426757][T19388] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 660.431844][T19388] ? __pfx_lock_release+0x10/0x10 [ 660.436901][T19388] ? trace_lock_acquire+0x14e/0x1f0 [ 660.442151][T19388] ? __fget_files+0x206/0x3a0 [ 660.446873][T19388] ? __pfx_usbdev_ioctl+0x10/0x10 [ 660.451939][T19388] __x64_sys_ioctl+0x190/0x200 [ 660.456748][T19388] do_syscall_64+0xcd/0x250 [ 660.461298][T19388] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.467233][T19388] RIP: 0033:0x7fe2cb985d29 [ 660.471686][T19388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 660.491328][T19388] RSP: 002b:00007fe2cc823038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 660.499781][T19388] RAX: ffffffffffffffda RBX: 00007fe2cbb75fa0 RCX: 00007fe2cb985d29 [ 660.507791][T19388] RDX: 0000000000000001 RSI: 0000000080045505 RDI: 0000000000000003 [ 660.515796][T19388] RBP: 00007fe2cc823090 R08: 0000000000000000 R09: 0000000000000000 [ 660.523804][T19388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 660.531811][T19388] R13: 0000000000000000 R14: 00007fe2cbb75fa0 R15: 00007ffea4ea18c8 [ 660.539866][T19388] [ 660.871963][T14354] Bluetooth: hci0: command 0x0c1a tx timeout [ 661.032024][T14354] Bluetooth: hci1: command 0x0c1a tx timeout [ 662.306746][T19424] sp0: Synchronizing with TNC [ 662.952018][T14354] Bluetooth: hci0: command 0x0c1a tx timeout [ 662.958884][T19438] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2839'. [ 663.121915][T14354] Bluetooth: hci1: command 0x0c1a tx timeout [ 665.916091][T19512] sp0: Synchronizing with TNC [ 668.009774][T19552] Process accounting resumed [ 669.402956][T19583] FAULT_INJECTION: forcing a failure. [ 669.402956][T19583] name failslab, interval 1, probability 0, space 0, times 0 [ 669.470676][T19583] CPU: 0 UID: 0 PID: 19583 Comm: syz.1.2865 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0 [ 669.481511][T19583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 669.491594][T19583] Call Trace: [ 669.494879][T19583] [ 669.497813][T19583] dump_stack_lvl+0x16c/0x1f0 [ 669.502504][T19583] should_fail_ex+0x497/0x5b0 [ 669.507190][T19583] ? fs_reclaim_acquire+0xae/0x150 [ 669.512319][T19583] should_failslab+0xc2/0x120 [ 669.517012][T19583] __kmalloc_node_noprof+0xd1/0x520 [ 669.522226][T19583] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 669.527699][T19583] __kvmalloc_node_noprof+0xad/0x1a0 [ 669.533000][T19583] lru_gen_seq_start+0x4f/0x240 [ 669.537864][T19583] traverse.part.0.constprop.0+0xac/0x640 [ 669.543593][T19583] ? __pfx_lock_release+0x10/0x10 [ 669.548623][T19583] seq_read_iter+0x934/0x12b0 [ 669.553319][T19583] seq_read+0x39f/0x4e0 [ 669.557477][T19583] ? __pfx_seq_read+0x10/0x10 [ 669.562176][T19583] full_proxy_read+0xfb/0x1b0 [ 669.566858][T19583] ? __pfx_full_proxy_read+0x10/0x10 [ 669.572152][T19583] vfs_read+0x1df/0xbe0 [ 669.576314][T19583] ? __fget_files+0x1fc/0x3a0 [ 669.580997][T19583] ? __pfx_lock_release+0x10/0x10 [ 669.586024][T19583] ? __pfx_vfs_read+0x10/0x10 [ 669.590712][T19583] ? lock_acquire+0x2f/0xb0 [ 669.595218][T19583] ? __fget_files+0x40/0x3a0 [ 669.599819][T19583] ? __fget_files+0x206/0x3a0 [ 669.604509][T19583] __x64_sys_pread64+0x1f6/0x250 [ 669.609456][T19583] ? __pfx___x64_sys_pread64+0x10/0x10 [ 669.614934][T19583] do_syscall_64+0xcd/0x250 [ 669.619450][T19583] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 669.625351][T19583] RIP: 0033:0x7f43c5d85d29 [ 669.629771][T19583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 669.649387][T19583] RSP: 002b:00007f43c6bd1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 669.657807][T19583] RAX: ffffffffffffffda RBX: 00007f43c5f75fa0 RCX: 00007f43c5d85d29 [ 669.665784][T19583] RDX: 0000000000000d51 RSI: 0000000020000080 RDI: 0000000000000003 [ 669.673758][T19583] RBP: 00007f43c6bd1090 R08: 0000000000000000 R09: 0000000000000000 [ 669.681733][T19583] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 669.689710][T19583] R13: 0000000000000000 R14: 00007f43c5f75fa0 R15: 00007ffd64f02f38 [ 669.697704][T19583] [ 670.319700][T19603] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 670.344143][T19603] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 670.549080][T19606] sp0: Synchronizing with TNC [ 671.179811][T19624] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2873'. [ 671.655949][T19636] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2875'. [ 671.767358][T19636] ip6gre0: entered promiscuous mode [ 671.768533][T19638] RDS: rds_bind could not find a transport for ::ffff:3.0.0.0, load rds_tcp or rds_rdma? [ 673.226404][T19652] FAULT_INJECTION: forcing a failure. [ 673.226404][T19652] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 673.241949][T19652] CPU: 1 UID: 0 PID: 19652 Comm: syz.4.2880 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0 [ 673.252769][T19652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 673.262855][T19652] Call Trace: [ 673.266154][T19652] [ 673.269105][T19652] dump_stack_lvl+0x16c/0x1f0 [ 673.273822][T19652] should_fail_ex+0x497/0x5b0 [ 673.278579][T19652] _copy_to_iter+0x4a5/0x1400 [ 673.283310][T19652] ? get_lruvec+0x9c/0x110 [ 673.287793][T19652] ? __pfx__copy_to_iter+0x10/0x10 [ 673.292958][T19652] ? __virt_addr_valid+0x1a4/0x590 [ 673.298126][T19652] ? __virt_addr_valid+0x5e/0x590 [ 673.303190][T19652] ? __phys_addr_symbol+0x30/0x80 [ 673.308272][T19652] ? __check_object_size+0x488/0x710 [ 673.313617][T19652] seq_read_iter+0x725/0x12b0 [ 673.318401][T19652] seq_read+0x39f/0x4e0 [ 673.322591][T19652] ? __pfx_seq_read+0x10/0x10 [ 673.327337][T19652] full_proxy_read+0xfb/0x1b0 [ 673.332057][T19652] ? __pfx_full_proxy_read+0x10/0x10 [ 673.337382][T19652] vfs_read+0x1df/0xbe0 [ 673.341576][T19652] ? __fget_files+0x1fc/0x3a0 [ 673.346288][T19652] ? __pfx_lock_release+0x10/0x10 [ 673.351352][T19652] ? __pfx_vfs_read+0x10/0x10 [ 673.356073][T19652] ? lock_acquire+0x2f/0xb0 [ 673.360610][T19652] ? __fget_files+0x40/0x3a0 [ 673.365257][T19652] ? __fget_files+0x206/0x3a0 [ 673.370007][T19652] __x64_sys_pread64+0x1f6/0x250 [ 673.374990][T19652] ? __pfx___x64_sys_pread64+0x10/0x10 [ 673.380515][T19652] do_syscall_64+0xcd/0x250 [ 673.385067][T19652] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 673.391001][T19652] RIP: 0033:0x7fe132985d29 [ 673.395445][T19652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 673.415091][T19652] RSP: 002b:00007fe1336e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 673.423553][T19652] RAX: ffffffffffffffda RBX: 00007fe132b75fa0 RCX: 00007fe132985d29 [ 673.431561][T19652] RDX: 0000000000000d51 RSI: 0000000020000080 RDI: 0000000000000003 [ 673.439572][T19652] RBP: 00007fe1336e1090 R08: 0000000000000000 R09: 0000000000000000 [ 673.447578][T19652] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 673.455582][T19652] R13: 0000000000000000 R14: 00007fe132b75fa0 R15: 00007ffef72d3588 [ 673.463604][T19652] [ 673.606107][T19657] sp0: Synchronizing with TNC [ 674.043903][T19671] random: crng reseeded on system resumption [ 678.948221][T19753] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2905'. [ 679.083752][T19760] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2905'. [ 679.512001][T19773] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2908'. [ 680.252987][T19798] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2914'. [ 680.336795][T19798] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2914'. [ 684.122029][T19864] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2927'. [ 685.351721][T19891] tipc: Started in network mode [ 685.371890][T19891] tipc: Node identity ffffffff, cluster identity 4711 [ 685.382613][T19891] tipc: Node number set to 4294967295 [ 685.399256][T19896] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2934'. [ 686.243970][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.250327][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 687.948143][T19954] netlink: 146 bytes leftover after parsing attributes in process `syz.4.2946'. [ 689.184447][T19977] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 690.580330][T20014] mkiss: ax0: crc mode is auto. [ 691.449174][T20031] Invalid ELF header magic: != ELF [ 691.638924][T20014] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2961'. [ 691.881465][T20032] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2967'. [ 695.453444][T20111] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 400008000000006 [ 695.497429][T20104] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2985'. [ 695.530295][T20104] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 698.063716][T20130] Invalid ELF header magic: != ELF [ 700.179249][T20193] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3004'. [ 700.228513][T20193] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3004'. [ 701.908155][T20225] can: request_module (can-proto-5) failed. [ 704.354523][T20273] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3023'. [ 706.812420][T20280] kexec: Could not allocate control_code_buffer [ 708.952340][T20356] binder: 20355:20356 ioctl c0105512 1 returned -22 [ 709.166390][T20356] openvswitch: netlink: IP tunnel attribute has 5 unknown bytes. [ 709.865603][T20372] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3044'. [ 710.040488][T20376] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3046'. [ 710.070670][T20376] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3046'. [ 711.278196][T20398] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3051'. [ 712.249512][T20418] delete_channel: no stack [ 713.224590][T20430] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 713.231248][T20430] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 713.242123][T20430] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 713.249854][T20430] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 714.471889][T14354] Bluetooth: hci3: command 0x0c1a tx timeout [ 715.272057][T14354] Bluetooth: hci1: command 0x0c1a tx timeout [ 715.272078][T16541] Bluetooth: hci0: command 0x0c1a tx timeout [ 715.278123][T14354] Bluetooth: hci2: command 0x0c1a tx timeout [ 715.830041][T20551] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3091'. [ 716.140149][T20562] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 718.282932][T20638] netlink: 1204 bytes leftover after parsing attributes in process `syz.3.3104'. [ 718.319967][T20638] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3104'. syzkaller syzkaller login: [ 720.706864][T20700] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3116'. [ 721.099172][T20709] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3118'. [ 721.385934][T20710] Process accounting resumed [ 721.430399][T20721] zero sized request [ 722.056562][T20725] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 722.141901][T20725] File: /dev/ram7 PID: 20725 Comm: syz.2.3121 [ 722.253536][T20731] rtc_cmos 00:00: Alarms can be up to one day in the future [ 730.534751][T20927] Invalid ELF header magic: != ELF [ 730.937343][T20928] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3162'. [ 730.972615][T20932] openvswitch: HfR: Dropping previously announced user features [ 730.998366][T20932] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3164'. [ 731.015442][T20932] HfR: left promiscuous mode [ 732.220739][T20939] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 733.338230][T20982] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3174'. [ 733.366428][T20982] geneve1: entered allmulticast mode [ 734.395048][T21006] [U] [ 734.397809][T21006] [U] [ 734.400574][T21006] [U] [ 734.403478][T21006] [U] [ 734.438860][T21008] netlink: 1204 bytes leftover after parsing attributes in process `syz.2.3181'. [ 734.537666][T21006] [U] [ 734.541164][T21006] [U] [ 734.543988][T21006] [U] [ 734.546748][T21006] [U] [ 734.653318][T21006] [U] [ 734.656088][T21006] [U] [ 734.658841][T21006] [U] [ 734.661653][T21006] [U] [ 734.690626][T21006] [U] [ 734.693667][T21006] [U] [ 734.696923][T21006] [U] [ 734.699742][T21006] [U] [ 734.735940][T21006] [U] [ 734.738708][T21006] [U] [ 734.741663][T21006] [U] [ 734.744388][T21006] [U] [ 734.790927][T21006] [U] [ 734.796095][T21006] [U] [ 734.799426][T21006] [U] [ 734.802363][T21006] [U] [ 734.817326][T21006] [U] [ 734.820444][T21006] [U] [ 734.823287][T21006] [U] [ 734.827007][T21006] [U] [ 734.851187][T21006] [U] [ 734.854307][T21006] [U] [ 734.857862][T21006] [U] [ 734.861841][T21006] [U] [ 734.900182][T21006] [U] [ 734.903211][T21006] [U] [ 734.906385][T21006] [U] [ 734.910474][T21006] [U] [ 734.920646][T21006] [U] [ 734.923623][T21006] [U] [ 734.926544][T21006] [U] [ 734.929636][T21006] [U] [ 734.988017][T21006] [U] [ 734.990864][T21006] [U] [ 734.994294][T21006] [U] [ 734.997914][T21006] [U] [ 735.036771][T21006] [U] [ 735.040166][T21006] [U] [ 735.043684][T21006] [U] [ 735.047473][T21006] [U] [ 735.112706][T21006] [U] [ 735.116869][T21006] [U] [ 735.119783][T21006] [U] [ 735.122825][T21006] [U] [ 735.157934][T21006] [U] [ 735.160907][T21006] [U] [ 735.164258][T21006] [U] [ 735.167606][T21006] [U] [ 735.172108][T21006] [U] [ 735.175125][T21006] [U] [ 735.177949][T21006] [U] [ 735.181659][T21006] [U] [ 735.184728][T21006] [U] [ 735.187555][T21006] [U] [ 735.190979][T21006] [U] [ 735.193709][T21006] [U] [ 735.209857][T21006] [U] [ 735.416452][T21039] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3187'. [ 737.109366][T21083] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3197'. [ 737.644172][T21094] Process accounting resumed [ 740.391972][T21156] can: request_module (can-proto-0) failed. [ 743.420243][T21221] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3225'. [ 745.420131][T21284] vmstat_refresh: nr_hugetlb -4096 [ 746.953089][T21325] syz.3.3247 (21325): /proc/21322/oom_adj is deprecated, please use /proc/21322/oom_score_adj instead. [ 747.674181][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.681488][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 749.860567][T21434] aoe: can't write to that file. [ 749.881216][T21439] aoe: can't write to that file. [ 750.683823][T21467] Invalid ELF header magic: != ELF [ 751.641601][T21494] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3282'. [ 751.655743][T21497] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3290'. [ 753.885959][T21518] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3288'. [ 755.197351][T21556] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3299'. [ 755.293804][T21556] Process accounting resumed [ 755.788420][T21567] QAT: Stopping all acceleration devices. [ 756.028784][T21575] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3302'. [ 756.358253][T21577] sg_read: process 1066 (syz.2.3304) changed security contexts after opening file descriptor, this is not allowed. [ 756.519514][T21583] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 759.762203][ T5843] Bluetooth: hci2: Malformed HCI Event [ 759.849266][T21627] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 761.773774][T21666] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3324'. [ 762.840816][T14354] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 762.867876][T14354] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 762.898810][T14354] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 762.917877][T14354] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 762.931197][T14354] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 762.943959][T14354] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 764.288326][T21687] chnl_net:caif_netlink_parms(): no params data found [ 765.104944][T21687] bridge0: port 1(bridge_slave_0) entered blocking state [ 765.114994][ T5843] Bluetooth: hci0: command tx timeout [ 765.141979][T21687] bridge0: port 1(bridge_slave_0) entered disabled state [ 765.152720][T21687] bridge_slave_0: entered allmulticast mode [ 765.161365][T21687] bridge_slave_0: entered promiscuous mode [ 765.172654][T21687] bridge0: port 2(bridge_slave_1) entered blocking state [ 765.180593][T21687] bridge0: port 2(bridge_slave_1) entered disabled state [ 765.189289][T21687] bridge_slave_1: entered allmulticast mode [ 765.197441][T21687] bridge_slave_1: entered promiscuous mode [ 765.387396][T21687] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 765.452506][T21687] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 765.573005][T21687] team0: Port device team_slave_0 added [ 765.590033][T21738] bridge0: port 3(veth1_to_hsr) entered blocking state [ 765.606487][T21738] bridge0: port 3(veth1_to_hsr) entered disabled state [ 765.622221][T21738] veth1_to_hsr: entered allmulticast mode [ 765.624300][T21744] futex_wake_op: syz.2.3342 tries to shift op by 64; fix this program [ 765.629831][T21738] veth1_to_hsr: entered promiscuous mode [ 765.649046][T21738] bridge0: port 3(veth1_to_hsr) entered blocking state [ 765.658357][T21738] bridge0: port 3(veth1_to_hsr) entered forwarding state [ 765.675914][T21687] team0: Port device team_slave_1 added [ 765.772920][T21687] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 765.792307][T21687] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 765.848416][T21687] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 765.866995][T21687] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 765.875132][T21687] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 765.904139][T21687] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 765.985309][T21687] hsr_slave_0: entered promiscuous mode [ 765.993584][T21687] hsr_slave_1: entered promiscuous mode [ 766.001215][T21687] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 766.012322][T21687] Cannot create hsr debugfs directory [ 766.287973][T21754] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3346'. [ 766.609249][T21687] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 766.633781][T21687] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 766.665030][T21687] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 766.677843][T21687] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 767.037233][T21765] Malformed UNC in devname [ 767.037233][T21765] [ 767.069466][T21765] CIFS: VFS: Malformed UNC in devname [ 767.097485][T21687] 8021q: adding VLAN 0 to HW filter on device bond0 [ 767.165919][T21687] 8021q: adding VLAN 0 to HW filter on device team0 [ 767.179202][T21768] netlink: 322 bytes leftover after parsing attributes in process `syz.1.3349'. [ 767.192308][ T5843] Bluetooth: hci0: command tx timeout [ 767.215375][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 767.224404][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 767.259402][ T7117] bridge0: port 2(bridge_slave_1) entered blocking state [ 767.266824][ T7117] bridge0: port 2(bridge_slave_1) entered forwarding state [ 767.662566][T21687] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 767.688836][T21786] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3354'. [ 768.122364][T21798] vmstat_refresh: nr_hugetlb -4608 [ 768.148732][T21687] veth0_vlan: entered promiscuous mode [ 768.186632][T21687] veth1_vlan: entered promiscuous mode [ 768.286807][T21687] veth0_macvtap: entered promiscuous mode [ 768.350731][T21687] veth1_macvtap: entered promiscuous mode [ 768.388373][T21687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 768.408167][T21687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 768.420256][T21687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 768.432273][T21687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 768.444528][T21687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 768.497120][T21687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 768.541252][T21687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 768.624864][T21687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 768.693270][T21687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 768.764966][T21687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 768.829260][T21687] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 768.892041][T21687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 768.903475][T21687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 768.915781][T21687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 768.929583][T21687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 768.941107][T21687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 768.953501][T21687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 768.963989][T21687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 768.976759][T21687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 768.987659][T21687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 769.000785][T21687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 769.012662][T21687] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 769.026047][T21687] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 769.037920][T21687] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 769.047973][T21687] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 769.059695][T21687] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 769.272923][ T5843] Bluetooth: hci0: command tx timeout [ 769.310025][ T1337] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 769.362705][ T1337] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 769.455613][ T1337] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 769.489641][ T1337] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 769.644698][T21829] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3365'. [ 770.634439][T21871] Invalid ELF header magic: != ELF [ 771.352414][T14354] Bluetooth: hci0: command tx timeout [ 771.916999][T21900] netlink: 240 bytes leftover after parsing attributes in process `syz.4.3384'. [ 773.410009][ T29] audit: type=1804 audit(8277292127.400:39): pid=21936 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3390" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/enable" dev="tracefs" ino=19680823 res=1 errno=0 [ 773.792647][T21950] netlink: 326 bytes leftover after parsing attributes in process `syz.5.3392'. [ 774.105560][T21953] Invalid ELF header magic: != ELF [ 774.669507][T21968] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3397'. [ 775.436767][T21960] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3394'. [ 775.541662][T21960] geneve1: entered allmulticast mode [ 775.874836][T21995] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3402'. [ 778.343652][T22053] vivid-007: ================= START STATUS ================= [ 778.372202][T22053] vivid-007: Generate PTS: true [ 778.400838][T22053] vivid-007: Generate SCR: true [ 778.419584][T22053] tpg source WxH: 640x360 (Y'CbCr) [ 778.498408][T22053] tpg field: 1 [ 778.526159][T22053] tpg crop: 640x360@0x0 [ 778.530907][T22053] tpg compose: 640x360@0x0 [ 778.563153][T22053] tpg colorspace: 8 [ 778.567114][T22053] tpg transfer function: 0/0 [ 778.573048][T22053] tpg Y'CbCr encoding: 0/0 [ 778.577996][T22053] tpg quantization: 0/0 [ 778.582580][T22053] tpg RGB range: 0/2 [ 778.586513][T22053] vivid-007: ================== END STATUS ================== [ 780.332454][T22087] vivid-002: ================= START STATUS ================= [ 780.431940][T22087] vivid-002: RDS Tx I/O Mode: Controls [ 780.438218][T22087] vivid-002: RDS Program ID: 32904 [ 780.521990][T22087] vivid-002: RDS Program Type: 3 [ 780.586986][T22087] vivid-002: RDS PS Name: VIVID-TX [ 780.615675][T22087] vivid-002: RDS Radio Text: This is a VIVID default Radio Text template text, change at will [ 780.687186][T22087] vivid-002: RDS Stereo: true [ 780.732608][T22087] vivid-002: RDS Artificial Head: false [ 780.787990][T22087] vivid-002: RDS Compressed: false [ 780.802682][T22087] vivid-002: RDS Dynamic PTY: false [ 780.822366][T22087] vivid-002: RDS Traffic Announcement: false [ 780.828804][T22087] vivid-002: RDS Traffic Program: true [ 780.871455][T22087] vivid-002: RDS Music: true [ 780.881754][T22087] vivid-002: ================== END STATUS ================== [ 781.020081][T22114] FAULT_INJECTION: forcing a failure. [ 781.020081][T22114] name failslab, interval 1, probability 0, space 0, times 0 [ 781.039779][T22114] CPU: 1 UID: 0 PID: 22114 Comm: syz.5.3426 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0 [ 781.051261][T22114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 781.062315][T22114] Call Trace: [ 781.066005][T22114] [ 781.069068][T22114] dump_stack_lvl+0x16c/0x1f0 [ 781.074274][T22114] should_fail_ex+0x497/0x5b0 [ 781.079350][T22114] ? fs_reclaim_acquire+0xae/0x150 [ 781.084910][T22114] should_failslab+0xc2/0x120 [ 781.090096][T22114] __kmalloc_noprof+0xce/0x4f0 [ 781.095379][T22115] vivid-002: ================= START STATUS ================= [ 781.095372][T22114] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 781.109545][T22114] ? tomoyo_realpath_from_path+0xbf/0x710 [ 781.115517][T22114] tomoyo_realpath_from_path+0xbf/0x710 [ 781.121722][T22114] ? tomoyo_path_number_perm+0x235/0x5b0 [ 781.127421][T22114] tomoyo_path_number_perm+0x248/0x5b0 [ 781.133313][T22114] ? tomoyo_path_number_perm+0x235/0x5b0 [ 781.139326][T22114] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 781.145613][T22114] ? __pfx_lock_release+0x10/0x10 [ 781.150869][T22114] ? trace_lock_acquire+0x14e/0x1f0 [ 781.156325][T22114] ? lock_acquire+0x2f/0xb0 [ 781.161242][T22114] ? __fget_files+0x40/0x3a0 [ 781.166079][T22114] ? __fget_files+0x206/0x3a0 [ 781.170819][T22114] security_file_ioctl+0x9b/0x240 [ 781.175904][T22114] __x64_sys_ioctl+0xb7/0x200 [ 781.180834][T22114] do_syscall_64+0xcd/0x250 [ 781.186277][T22114] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 781.192562][T22114] RIP: 0033:0x7f5810385d29 [ 781.197362][T22114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 781.202121][T22115] vivid-002: RDS Tx I/O Mode: [ 781.218995][T22114] RSP: 002b:00007f581114d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 781.219030][T22114] RAX: ffffffffffffffda RBX: 00007f5810575fa0 RCX: 00007f5810385d29 [ 781.219045][T22114] RDX: 0000000000000000 RSI: 0000000080045439 RDI: 0000000000000003 [ 781.219059][T22114] RBP: 00007f581114d090 R08: 0000000000000000 R09: 0000000000000000 [ 781.219074][T22114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 781.219088][T22114] R13: 0000000000000000 R14: 00007f5810575fa0 R15: 00007ffe91ea78a8 [ 781.219121][T22114] [ 781.220647][T22114] ERROR: Out of memory at tomoyo_realpath_from_path. [ 781.401917][T22115] Controls [ 781.406549][T22115] vivid-002: RDS Program ID: 32904 [ 781.431915][T22115] vivid-002: RDS Program Type: 3 [ 781.437812][T22115] vivid-002: RDS PS Name: VIVID-TX [ 781.468090][T22115] vivid-002: RDS Radio Text: This is a VIVID default Radio Text template text, change at will [ 781.482078][T22115] vivid-002: RDS Stereo: true [ 781.488444][T22115] vivid-002: RDS Artificial Head: false [ 781.494861][T22115] vivid-002: RDS Compressed: false [ 781.512639][T22115] vivid-002: RDS Dynamic PTY: false [ 781.518713][T22115] vivid-002: RDS Traffic Announcement: false [ 781.542063][T22115] vivid-002: RDS Traffic Program: true [ 781.553435][T22115] vivid-002: RDS Music: true [ 781.569991][T22115] vivid-002: ================== END STATUS ================== [ 783.104165][T22154] FAULT_INJECTION: forcing a failure. [ 783.104165][T22154] name failslab, interval 1, probability 0, space 0, times 0 [ 783.118816][T22154] CPU: 1 UID: 0 PID: 22154 Comm: syz.1.3436 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0 [ 783.131898][T22154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 783.143843][T22154] Call Trace: [ 783.147518][T22154] [ 783.150640][T22154] dump_stack_lvl+0x16c/0x1f0 [ 783.156686][T22154] should_fail_ex+0x497/0x5b0 [ 783.162387][T22154] ? fs_reclaim_acquire+0xae/0x150 [ 783.168633][T22154] should_failslab+0xc2/0x120 [ 783.173605][T22154] __kmalloc_noprof+0xce/0x4f0 [ 783.178837][T22154] ? d_absolute_path+0x137/0x1b0 [ 783.184266][T22154] ? tomoyo_encode2+0x100/0x3e0 [ 783.189231][T22154] tomoyo_encode2+0x100/0x3e0 [ 783.194138][T22154] tomoyo_realpath_from_path+0x1a7/0x710 [ 783.201750][T22154] tomoyo_path_number_perm+0x248/0x5b0 [ 783.207459][T22154] ? tomoyo_path_number_perm+0x235/0x5b0 [ 783.214090][T22154] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 783.221513][T22154] ? __pfx_lock_release+0x10/0x10 [ 783.228170][T22154] ? trace_lock_acquire+0x14e/0x1f0 [ 783.234543][T22154] ? lock_acquire+0x2f/0xb0 [ 783.239527][T22154] ? __fget_files+0x40/0x3a0 [ 783.245621][T22154] ? __fget_files+0x206/0x3a0 [ 783.251571][T22154] security_file_ioctl+0x9b/0x240 [ 783.260085][T22154] __x64_sys_ioctl+0xb7/0x200 [ 783.266539][T22154] do_syscall_64+0xcd/0x250 [ 783.271812][T22154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 783.279572][T22154] RIP: 0033:0x7f43c5d85d29 [ 783.284287][T22154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 783.308806][T22154] RSP: 002b:00007f43c6bd1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 783.317959][T22154] RAX: ffffffffffffffda RBX: 00007f43c5f75fa0 RCX: 00007f43c5d85d29 [ 783.328171][T22154] RDX: 0000000000000000 RSI: 0000000080045439 RDI: 0000000000000003 [ 783.336652][T22154] RBP: 00007f43c6bd1090 R08: 0000000000000000 R09: 0000000000000000 [ 783.345718][T22154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 783.353846][T22154] R13: 0000000000000000 R14: 00007f43c5f75fa0 R15: 00007ffd64f02f38 [ 783.363176][T22154] [ 783.411045][T22154] ERROR: Out of memory at tomoyo_realpath_from_path. [ 786.175069][T22193] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3444'. [ 786.320533][T22197] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3444'. [ 791.774354][T22299] Invalid ELF header magic: != ELF [ 793.681580][T22322] netlink: 'syz.4.3469': attribute type 64 has an invalid length. [ 793.712599][T22322] netlink: 74 bytes leftover after parsing attributes in process `syz.4.3469'. [ 794.294758][T22325] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3468'. [ 797.227344][T22352] openvswitch: HfR: Dropping previously announced user features [ 797.836439][T22331] syz.4.3470: vmalloc error: size 4194304, failed to allocated page array size 8192, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 797.874754][T22331] CPU: 1 UID: 0 PID: 22331 Comm: syz.4.3470 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0 [ 797.886607][T22331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 797.897395][T22331] Call Trace: [ 797.900786][T22331] [ 797.905745][T22331] dump_stack_lvl+0x16c/0x1f0 [ 797.910877][T22331] warn_alloc+0x24d/0x3a0 [ 797.915723][T22331] ? __pfx_warn_alloc+0x10/0x10 [ 797.921459][T22331] ? __get_vm_area_node+0x1b0/0x2f0 [ 797.927753][T22331] ? __get_vm_area_node+0x1dc/0x2f0 [ 797.933639][T22331] __vmalloc_node_range_noprof+0x1105/0x1530 [ 797.940301][T22331] ? lru_gen_seq_write+0x11b/0x1920 [ 797.947900][T22331] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 797.954517][T22331] ? __get_vm_area_node+0x1b0/0x2f0 [ 797.960131][T22331] ? __get_vm_area_node+0x1dc/0x2f0 [ 797.965576][T22331] __vmalloc_node_range_noprof+0xd85/0x1530 [ 797.973408][T22331] ? lru_gen_seq_write+0x11b/0x1920 [ 797.978835][T22331] ? lru_gen_seq_write+0x11b/0x1920 [ 797.985037][T22331] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 797.992209][T22331] ? rcu_is_watching+0x12/0xc0 [ 797.997734][T22331] ? trace_kmalloc+0x2d/0xd0 [ 798.011542][T22331] ? __kmalloc_node_noprof.cold+0x5a/0x5f [ 798.017969][T22331] ? mark_lock+0xb5/0xc60 [ 798.022783][T22331] ? lru_gen_seq_write+0x11b/0x1920 [ 798.029019][T22331] __kvmalloc_node_noprof+0x14f/0x1a0 [ 798.035558][T22331] ? lru_gen_seq_write+0x11b/0x1920 [ 798.041124][T22331] lru_gen_seq_write+0x11b/0x1920 [ 798.046284][T22331] ? find_held_lock+0x2d/0x110 [ 798.051881][T22331] ? aa_file_perm+0x4c6/0xfe0 [ 798.058641][T22331] ? __pfx_lru_gen_seq_write+0x10/0x10 [ 798.065109][T22331] ? trace_lock_acquire+0x14e/0x1f0 [ 798.071311][T22331] ? hlock_class+0x4e/0x130 [ 798.076189][T22331] ? __lock_acquire+0x15a9/0x3c40 [ 798.081534][T22331] ? __pfx_aa_file_perm+0x10/0x10 [ 798.087135][T22331] ? debugfs_file_get+0x21c/0x5c0 [ 798.093149][T22331] ? __pfx_debugfs_file_get+0x10/0x10 [ 798.099098][T22331] ? rcu_is_watching+0x12/0xc0 [ 798.104725][T22331] ? trace_lock_acquire+0x14e/0x1f0 [ 798.110509][T22331] ? full_proxy_write+0xfb/0x1b0 [ 798.115613][T22331] full_proxy_write+0xfb/0x1b0 [ 798.120645][T22331] ? __pfx_full_proxy_write+0x10/0x10 [ 798.126322][T22331] vfs_write+0x24c/0x1150 [ 798.130954][T22331] ? __fget_files+0x1fc/0x3a0 [ 798.135743][T22331] ? __pfx___mutex_lock+0x10/0x10 [ 798.141088][T22331] ? __pfx_vfs_write+0x10/0x10 [ 798.146226][T22331] ? __fget_files+0x206/0x3a0 [ 798.151175][T22331] ksys_write+0x12b/0x250 [ 798.155816][T22331] ? __pfx_ksys_write+0x10/0x10 [ 798.160803][T22331] do_syscall_64+0xcd/0x250 [ 798.165641][T22331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 798.171925][T22331] RIP: 0033:0x7fe132985d29 [ 798.176455][T22331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 798.197849][T22331] RSP: 002b:00007fe1307d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 798.207013][T22331] RAX: ffffffffffffffda RBX: 00007fe132b76160 RCX: 00007fe132985d29 [ 798.215555][T22331] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 798.224006][T22331] RBP: 00007fe132a01b08 R08: 0000000000000000 R09: 0000000000000000 [ 798.232994][T22331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 798.241458][T22331] R13: 0000000000000000 R14: 00007fe132b76160 R15: 00007ffef72d3588 [ 798.249834][T22331] [ 798.320970][T22331] Mem-Info: [ 798.332678][T22331] active_anon:61180 inactive_anon:21 isolated_anon:0 [ 798.332678][T22331] active_file:13860 inactive_file:46546 isolated_file:0 [ 798.332678][T22331] unevictable:768 dirty:854 writeback:0 [ 798.332678][T22331] slab_reclaimable:7514 slab_unreclaimable:110758 [ 798.332678][T22331] mapped:46622 shmem:43951 pagetables:1023 [ 798.332678][T22331] sec_pagetables:0 bounce:0 [ 798.332678][T22331] kernel_misc_reclaimable:0 [ 798.332678][T22331] free:1198924 free_pcp:2699 free_cma:0 [ 798.382162][ C0] vkms_vblank_simulate: vblank timer overrun [ 798.439151][T22331] Node 0 active_anon:250340kB inactive_anon:84kB active_file:55372kB inactive_file:186148kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:189212kB dirty:3416kB writeback:0kB shmem:179876kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12180kB pagetables:4180kB sec_pagetables:0kB all_unreclaimable? no [ 798.474556][ C0] vkms_vblank_simulate: vblank timer overrun [ 798.505421][T22331] Node 1 active_anon:0kB inactive_anon:0kB active_file:68kB inactive_file:36kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:32kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 798.537720][ C0] vkms_vblank_simulate: vblank timer overrun [ 798.587518][T22331] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 798.617024][ C0] vkms_vblank_simulate: vblank timer overrun [ 798.628959][T22331] lowmem_reserve[]: 0 2465 2466 0 0 [ 798.635947][T22331] Node 0 DMA32 free:868572kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:255704kB inactive_anon:84kB active_file:55372kB inactive_file:185320kB unevictable:1536kB writepending:3416kB present:3129332kB managed:2551336kB mlocked:0kB bounce:0kB free_pcp:1768kB local_pcp:556kB free_cma:0kB [ 798.670606][ C0] vkms_vblank_simulate: vblank timer overrun [ 798.676821][T22331] lowmem_reserve[]: 0 0 0 0 0 [ 798.683001][T22331] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:828kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:4kB free_cma:0kB [ 798.712659][T22331] lowmem_reserve[]: 0 0 0 0 0 [ 798.717654][T22331] Node 1 Normal free:3903496kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:68kB inactive_file:36kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:5520kB local_pcp:40kB free_cma:0kB [ 798.748469][ C0] vkms_vblank_simulate: vblank timer overrun [ 798.807020][T22331] lowmem_reserve[]: 0 0 0 0 0 [ 798.821941][T22331] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 798.855829][T22331] Node 0 DMA32: 88*4kB (UME) 79*8kB (UME) 12*16kB (U) 30*32kB (UME) 121*64kB (UME) 435*128kB (UME) 301*256kB (UME) 125*512kB (ME) 72*1024kB (UME) 18*2048kB (UME) 133*4096kB (UM) = 861976kB [ 798.914040][T22331] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 798.959417][T22331] Node 1 Normal: 188*4kB (UME) 47*8kB (UME) 36*16kB (UME) 181*32kB (UME) 97*64kB (UME) 43*128kB (UME) 13*256kB (UME) 10*512kB (UME) 5*1024kB (UME) 6*2048kB (UM) 942*4096kB (UM) = 3903496kB [ 798.981357][ C0] vkms_vblank_simulate: vblank timer overrun [ 799.002479][T22331] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 799.015300][T22331] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 799.027072][T22331] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 799.060683][T22331] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 799.093404][T22331] 108957 total pagecache pages [ 799.101715][T22331] 73 pages in swap cache [ 799.135082][T22331] Free swap = 124420kB [ 799.140282][T22331] Total swap = 124996kB [ 799.148201][T22331] 2097051 pages RAM [ 799.155877][T22331] 0 pages HighMem/MovableOnly [ 799.165804][T22331] 427367 pages reserved [ 799.182410][T22331] 0 pages cma reserved [ 799.613143][T22398] QAT: Device 0 not found [ 799.811169][T22406] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3488'. [ 808.468156][T22511] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3512'. [ 809.124023][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 809.130752][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 810.980740][T22562] GUP no longer grows the stack in syz.2.3520 (22562): 9000-401000 (8000) [ 811.006537][T22562] CPU: 1 UID: 0 PID: 22562 Comm: syz.2.3520 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0 [ 811.018429][T22562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 811.029395][T22562] Call Trace: [ 811.033055][T22562] [ 811.036098][T22562] dump_stack_lvl+0x16c/0x1f0 [ 811.041740][T22562] gup_vma_lookup+0x1d2/0x220 [ 811.046615][T22562] __get_user_pages+0x236/0x3b50 [ 811.052065][T22562] ? hlock_class+0x4e/0x130 [ 811.057170][T22562] ? __lock_acquire+0x15a9/0x3c40 [ 811.062437][T22562] ? __pfx___get_user_pages+0x10/0x10 [ 811.067966][T22562] __gup_longterm_locked+0x211/0x1870 [ 811.073805][T22562] ? __pfx___lock_acquire+0x10/0x10 [ 811.079135][T22562] ? __pfx___gup_longterm_locked+0x10/0x10 [ 811.085412][T22562] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 811.091731][T22562] ? rwsem_read_trylock+0x12d/0x250 [ 811.097571][T22562] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 811.103786][T22562] ? process_vm_rw_core.constprop.0+0x3ff/0x9c0 [ 811.110342][T22562] pin_user_pages_remote+0xee/0x150 [ 811.115924][T22562] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 811.121965][T22562] ? down_read+0xc9/0x330 [ 811.126346][T22562] process_vm_rw_core.constprop.0+0x42b/0x9c0 [ 811.132719][T22562] ? __pfx_mark_lock+0x10/0x10 [ 811.138039][T22562] ? find_held_lock+0x2d/0x110 [ 811.143024][T22562] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 811.149801][T22562] process_vm_rw+0x301/0x360 [ 811.156068][T22562] ? __pfx_process_vm_rw+0x10/0x10 [ 811.161490][T22562] ? __pfx___lock_acquire+0x10/0x10 [ 811.167605][T22562] ? do_user_addr_fault+0xdc7/0x13f0 [ 811.173261][T22562] ? lock_acquire+0x2f/0xb0 [ 811.178204][T22562] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 811.183979][T22562] ? do_syscall_64+0x91/0x250 [ 811.189050][T22562] ? lockdep_hardirqs_on+0x7c/0x110 [ 811.194466][T22562] do_syscall_64+0xcd/0x250 [ 811.199120][T22562] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 811.205303][T22562] RIP: 0033:0x7fe2cb985d29 [ 811.209750][T22562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 811.231575][T22562] RSP: 002b:00007fe2cc7e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 811.240899][T22562] RAX: ffffffffffffffda RBX: 00007fe2cbb76160 RCX: 00007fe2cb985d29 [ 811.249343][T22562] RDX: 0000000000000004 RSI: 0000000020000040 RDI: 0000000000000514 [ 811.257951][T22562] RBP: 00007fe2cba01b08 R08: 0000000000000006 R09: 0000000000000000 [ 811.266624][T22562] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000 [ 811.274875][T22562] R13: 0000000000000001 R14: 00007fe2cbb76160 R15: 00007ffea4ea18c8 [ 811.283238][T22562] [ 811.800406][T22569] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3522'. [ 812.987618][T22596] netlink: 'syz.5.3528': attribute type 1 has an invalid length. [ 814.294155][ T29] audit: type=1326 audit(8277292168.289:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22598 comm="syz.1.3529" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f43c5d85d29 code=0x0 [ 814.373583][T22606] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3529'. [ 817.938520][T22657] netlink: 222 bytes leftover after parsing attributes in process `syz.1.3541'. [ 820.637912][T22694] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3547'. [ 821.322766][T22694] team0 (unregistering): Port device team_slave_0 removed [ 821.338955][T22694] team0 (unregistering): Port device team_slave_1 removed [ 823.267947][T22750] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3559'. [ 823.353106][T22750] ip6gre0: entered promiscuous mode [ 823.627650][T22764] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3561'. [ 823.718035][T22763] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3562'. [ 823.786388][T22768] netlink: 4763 bytes leftover after parsing attributes in process `syz.4.3561'. [ 825.051083][T22807] openvswitch: netlink: nsh attr 1 has unexpected len 14 expected 8 [ 825.741233][T22823] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3578'. [ 825.771062][T22822] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3578'. [ 836.395425][T23004] netlink: 'syz.4.3618': attribute type 28 has an invalid length. [ 836.451934][T23004] netlink: 326 bytes leftover after parsing attributes in process `syz.4.3618'. [ 843.876146][T23100] Unable to find swap-space signature [ 847.233545][T23147] openvswitch: netlink: nsh attribute has 2 unknown bytes. [ 847.448739][T23150] Process accounting resumed [ 848.360998][T23161] nfs: Bad value for 'source' [ 848.911959][T23174] netlink: 252 bytes leftover after parsing attributes in process `syz.1.3655'. [ 848.959569][T23177] netlink: 252 bytes leftover after parsing attributes in process `syz.1.3655'. [ 850.103259][T23206] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3662'. [ 850.174814][T23206] bridge0: port 1(bridge_slave_0) entered disabled state [ 850.433243][T23206] bridge_slave_0 (unregistering): left allmulticast mode [ 850.471298][T23206] bridge_slave_0 (unregistering): left promiscuous mode [ 850.493691][T23206] bridge0: port 1(bridge_slave_0) entered disabled state [ 853.662624][T23235] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 858.139093][T23336] Process accounting resumed [ 858.218781][T23336] kernel write not supported for file /trace_marker (pid: 23336 comm: syz.5.3692) [ 858.331510][T23345] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3694'. [ 858.590042][T23338] Process accounting resumed [ 858.650201][T23338] kernel write not supported for file /trace_marker (pid: 23338 comm: syz.5.3692) [ 858.872177][T23356] netlink: 'syz.5.3697': attribute type 4 has an invalid length. [ 858.902872][T23356] netlink: 314 bytes leftover after parsing attributes in process `syz.5.3697'. [ 858.930418][T23356] IPv6: NLM_F_CREATE should be specified when creating new route [ 858.960695][T23356] netlink: 'syz.5.3697': attribute type 4 has an invalid length. [ 858.991905][T23356] netlink: 314 bytes leftover after parsing attributes in process `syz.5.3697'. [ 859.039232][T23356] netlink: 'syz.5.3697': attribute type 4 has an invalid length. [ 859.071686][T23356] netlink: 314 bytes leftover after parsing attributes in process `syz.5.3697'. [ 859.085720][T23356] netlink: 'syz.5.3697': attribute type 4 has an invalid length. [ 859.101959][T23356] netlink: 314 bytes leftover after parsing attributes in process `syz.5.3697'. [ 859.121366][T23356] netlink: 'syz.5.3697': attribute type 4 has an invalid length. [ 859.130483][T23356] netlink: 314 bytes leftover after parsing attributes in process `syz.5.3697'. [ 859.152236][T23356] netlink: 'syz.5.3697': attribute type 4 has an invalid length. [ 859.160494][T23356] netlink: 314 bytes leftover after parsing attributes in process `syz.5.3697'. [ 859.172963][T23356] netlink: 'syz.5.3697': attribute type 4 has an invalid length. [ 859.194612][T23356] netlink: 314 bytes leftover after parsing attributes in process `syz.5.3697'. [ 859.211345][T23356] netlink: 'syz.5.3697': attribute type 4 has an invalid length. [ 859.226027][T23356] netlink: 314 bytes leftover after parsing attributes in process `syz.5.3697'. [ 859.239090][T23356] netlink: 'syz.5.3697': attribute type 4 has an invalid length. [ 859.258291][T23356] netlink: 314 bytes leftover after parsing attributes in process `syz.5.3697'. [ 859.272693][T23356] netlink: 'syz.5.3697': attribute type 4 has an invalid length. [ 859.393483][T23356] kernel write not supported for file /trace_marker (pid: 23356 comm: syz.5.3697) [ 860.859131][T23368] kernel write not supported for file /trace_marker (pid: 23368 comm: syz.5.3701) [ 861.502484][T23403] block nbd7: Unsupported socket: shutdown callout must be supported. [ 861.822784][T23405] device-mapper: ioctl: Unable to rename non-existent device, to „ [ 861.988224][T23390] kernel write not supported for file /trace_marker (pid: 23390 comm: syz.5.3706) [ 863.275991][T23424] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 863.399085][T23424] kernel write not supported for file /trace_marker (pid: 23424 comm: syz.5.3713) [ 864.509514][T23455] kernel write not supported for file /trace_marker (pid: 23455 comm: syz.5.3721) [ 864.977215][T23501] __nla_validate_parse: 57 callbacks suppressed [ 864.977237][T23501] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3731'. [ 865.022050][T23501] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3731'. [ 865.151267][T23496] kernel write not supported for file /trace_marker (pid: 23496 comm: syz.5.3730) [ 866.142491][T23507] kernel write not supported for file /trace_marker (pid: 23507 comm: syz.5.3732) [ 866.930441][T23520] kernel write not supported for file /trace_marker (pid: 23520 comm: syz.5.3737) [ 868.211684][T23549] kernel write not supported for file /trace_marker (pid: 23549 comm: syz.5.3744) [ 868.424800][T23571] kernel write not supported for file /trace_marker (pid: 23571 comm: syz.5.3750) [ 868.959479][T14354] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 868.974326][T14354] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 868.984338][T14354] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 868.992915][T14354] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 869.003541][T14354] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 869.011557][T14354] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 869.525627][T23589] chnl_net:caif_netlink_parms(): no params data found [ 869.674717][T23576] kernel write not supported for file /trace_marker (pid: 23576 comm: syz.5.3753) [ 869.833074][T23589] bridge0: port 1(bridge_slave_0) entered blocking state [ 869.840431][T23589] bridge0: port 1(bridge_slave_0) entered disabled state [ 869.889759][T23589] bridge_slave_0: entered allmulticast mode [ 869.901254][T23589] bridge_slave_0: entered promiscuous mode [ 869.941453][T23589] bridge0: port 2(bridge_slave_1) entered blocking state [ 869.963383][T23589] bridge0: port 2(bridge_slave_1) entered disabled state [ 869.980344][T23589] bridge_slave_1: entered allmulticast mode [ 870.011403][T23589] bridge_slave_1: entered promiscuous mode [ 870.145305][T23614] kernel write not supported for file /trace_marker (pid: 23614 comm: syz.5.3756) [ 870.167013][T23589] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 870.206272][T23589] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 870.352669][T23589] team0: Port device team_slave_0 added [ 870.358359][T23625] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3759'. [ 870.361555][T23589] team0: Port device team_slave_1 added [ 870.528363][T11022] bridge0: port 3(syz_tun) entered disabled state [ 870.555013][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.564393][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 870.602057][T23589] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 870.631843][T23589] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 870.671880][T23589] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 870.692860][T23626] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3758'. [ 870.736773][T23589] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 870.745881][T23589] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 870.814904][T23589] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 870.943195][T23589] hsr_slave_0: entered promiscuous mode [ 870.975604][T23589] hsr_slave_1: entered promiscuous mode [ 870.993314][T23589] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 871.001745][T23589] Cannot create hsr debugfs directory [ 871.112010][T14354] Bluetooth: hci4: command tx timeout [ 871.248931][T23624] kernel write not supported for file /trace_marker (pid: 23624 comm: syz.5.3760) [ 871.557314][T23589] 8021q: adding VLAN 0 to HW filter on device bond0 [ 871.667014][T23589] 8021q: adding VLAN 0 to HW filter on device team0 [ 871.707592][T11022] bridge0: port 1(bridge_slave_0) entered blocking state [ 871.715061][T11022] bridge0: port 1(bridge_slave_0) entered forwarding state [ 871.804767][ T1337] bridge0: port 2(bridge_slave_1) entered blocking state [ 871.812578][ T1337] bridge0: port 2(bridge_slave_1) entered forwarding state [ 872.463661][T23589] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 872.484357][T23637] kernel write not supported for file /trace_marker (pid: 23637 comm: syz.5.3762) [ 872.890217][T23661] kernel write not supported for file /trace_marker (pid: 23661 comm: syz.5.3765) [ 873.173479][T23589] veth0_vlan: entered promiscuous mode [ 873.197508][T14354] Bluetooth: hci4: command tx timeout [ 873.207224][T23589] veth1_vlan: entered promiscuous mode [ 873.278458][T23589] veth0_macvtap: entered promiscuous mode [ 873.307102][T23666] kernel write not supported for file /trace_marker (pid: 23666 comm: syz.5.3766) [ 873.335665][T23589] veth1_macvtap: entered promiscuous mode [ 873.385509][T23589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 873.418726][T23589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 873.451876][T23589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 873.489216][T23589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 873.511164][T23589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 873.569720][T23589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 873.605672][T23589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 873.628076][T23589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 873.649987][T23589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 873.664200][T23589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 873.685561][T23589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 873.704633][T23589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 873.743129][T23589] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 873.751440][T23671] netlink: 338 bytes leftover after parsing attributes in process `syz.5.3767'. [ 873.821343][T23589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 873.848078][T23589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 873.878780][T23670] kernel write not supported for file /trace_marker (pid: 23670 comm: syz.5.3767) [ 873.881973][T23589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 873.923046][T23589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 873.942598][T23589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 873.962309][T23589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 873.979450][T23589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 873.994632][T23589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 874.006105][T23589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 874.017403][T23589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 874.040738][T23589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 874.057976][T23589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 874.143146][T23589] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 874.500881][ T7117] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 874.503778][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 874.518644][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 874.526286][ T7117] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 874.675486][T23682] kernel write not supported for file /trace_marker (pid: 23682 comm: syz.5.3770) [ 875.083681][T23691] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 875.125477][T23693] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3772'. [ 875.275969][T14354] Bluetooth: hci4: command tx timeout [ 875.418624][T23692] kernel write not supported for file /trace_marker (pid: 23692 comm: syz.5.3772) [ 876.293683][T23690] kexec: Could not allocate control_code_buffer [ 877.351958][T14354] Bluetooth: hci4: command tx timeout [ 878.415735][T23700] kernel write not supported for file /trace_marker (pid: 23700 comm: syz.5.3774) [ 878.899083][T23732] kernel write not supported for file /trace_marker (pid: 23732 comm: syz.5.3781) [ 879.062224][T23727] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3780'. [ 879.302193][T23735] kernel write not supported for file /trace_marker (pid: 23735 comm: syz.5.3782) [ 879.551725][T23741] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3783'. [ 880.847765][T23747] kernel write not supported for file /trace_marker (pid: 23747 comm: syz.5.3784) [ 881.301679][T23759] kernel write not supported for file /trace_marker (pid: 23759 comm: syz.5.3788) [ 882.147645][T23767] kernel write not supported for file /trace_marker (pid: 23767 comm: syz.5.3790) [ 882.438829][T23790] kernel read not supported for file /#)-\&[} (pid: 23790 comm: syz.5.3796) [ 882.438889][ T29] audit: type=1804 audit(8277292236.429:41): pid=23790 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.3796" name="#)-\&[}" dev="mqueue" ino=84906 res=1 errno=0 [ 882.527329][ T29] audit: type=1800 audit(8277292236.519:42): pid=23790 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3796" name="#)-\&[}" dev="mqueue" ino=84906 res=0 errno=0 [ 883.055011][T23788] kernel write not supported for file /trace_marker (pid: 23788 comm: syz.5.3796) [ 883.370199][T23806] kernel write not supported for file /trace_marker (pid: 23806 comm: syz.5.3798) [ 883.731482][T23737] kernel write not supported for file /trace_marker (pid: 23737 comm: syz.5.3782) [ 883.899195][T23813] kernel write not supported for file /trace_marker (pid: 23813 comm: syz.5.3799) [ 886.291195][T23874] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3812'. [ 887.698658][T23823] kernel write not supported for file /trace_marker (pid: 23823 comm: syz.5.3804) [ 888.003678][T14354] Bluetooth: hci0: command 0x0406 tx timeout [ 888.615233][T23926] netlink: 338 bytes leftover after parsing attributes in process `syz.5.3821'. [ 888.671031][T23926] netlink: 338 bytes leftover after parsing attributes in process `syz.5.3821'. [ 888.810746][T23925] Process accounting paused [ 890.087981][T23981] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3833'. [ 890.569294][T23990] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3836'. [ 892.121106][T24027] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3843'. [ 894.859366][T24076] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3854'. [ 895.652476][T24097] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 896.090175][ T29] audit: type=1804 audit(8277292250.079:43): pid=24103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.3859" name="/newroot/sys/kernel/debug/tracing/trace" dev="tracefs" ino=190 res=1 errno=0 [ 896.135825][ T29] audit: type=1804 audit(8277292250.129:44): pid=24103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.3859" name="/newroot/sys/kernel/debug/tracing/trace" dev="tracefs" ino=190 res=1 errno=0 [ 897.071968][T24110] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3860'. [ 900.183500][T24156] vivid-009: ================= START STATUS ================= [ 900.201640][T24156] vivid-009: Enable Output Cropping: true [ 900.222193][T24156] vivid-009: Enable Output Composing: true [ 900.229869][T24156] vivid-009: Enable Output Scaler: true [ 900.286035][T24156] vivid-009: Tx RGB Quantization Range: Automatic [ 900.301824][T24156] vivid-009: Transmit Mode: HDMI [ 900.336218][T24156] vivid-009: Hotplug Present: 0x00000000 [ 900.372007][T24156] vivid-009: RxSense Present: 0x00000000 [ 900.390465][T24156] vivid-009: EDID Present: 0x00000000 [ 900.411211][T24156] vivid-009: ================== END STATUS ================== [ 901.151452][ C0] vkms_vblank_simulate: vblank timer overrun [ 901.980576][T24200] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3880'. [ 904.105234][T24229] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3888'. [ 905.412674][T24254] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3894'. [ 906.069346][T24254] hsr_slave_0 (unregistering): left promiscuous mode [ 907.023864][T24246] [U] [ 907.026667][T24246] [U] [ 907.029406][T24246] [U] [ 907.032134][T24246] [U] [ 907.102742][T24246] [U] [ 907.105804][T24246] [U] [ 907.108648][T24246] [U] [ 907.111392][T24246] [U] [ 907.122094][T24246] [U] [ 907.124880][T24246] [U] [ 907.127615][T24246] [U] [ 907.130353][T24246] [U] [ 907.159806][T24246] [U] [ 907.162950][T24246] [U] [ 907.165873][T24246] [U] [ 907.169223][T24246] [U] [ 907.175335][T24246] [U] [ 907.178198][T24246] [U] [ 907.180931][T24246] [U] [ 907.183765][T24246] [U] [ 907.187238][T24246] [U] [ 907.190179][T24246] [U] [ 907.193143][T24246] [U] [ 907.196054][T24246] [U] [ 907.199189][T24246] [U] [ 907.201995][T24246] [U] [ 907.204916][T24246] [U] [ 907.207655][T24246] [U] [ 907.210855][T24246] [U] [ 907.213819][T24246] [U] [ 907.216535][T24246] [U] [ 907.219673][T24246] [U] [ 907.222671][T24246] [U] [ 907.225506][T24246] [U] [ 907.228240][T24246] [U] [ 907.231200][T24246] [U] [ 907.258773][T24246] [U] [ 907.261738][T24246] [U] [ 907.264520][T24246] [U] [ 907.267620][T24246] [U] [ 907.354558][T24252] [U] [ 907.767279][T24292] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3903'. [ 907.809889][T24292] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3903'. [ 907.886621][T24297] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3904'. [ 908.227939][T24305] Invalid ELF header magic: != ELF [ 908.582366][T24323] misc userio: Invalid payload size [ 908.621116][T24318] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3911'. [ 908.630831][T24323] misc userio: Invalid payload size [ 908.638747][T24323] misc userio: Invalid payload size [ 910.731986][T24393] Invalid ELF header magic: != ELF [ 912.152685][T24422] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3937'. [ 913.219382][T24440] vivid-009: ================= START STATUS ================= [ 913.230731][T24442] bridge0: port 3(macsec0) entered blocking state [ 913.249611][T24440] vivid-009: Enable Output Cropping: true [ 913.257250][T24442] bridge0: port 3(macsec0) entered disabled state [ 913.272274][T24442] macsec0: entered allmulticast mode [ 913.277822][T24442] veth1_macvtap: entered allmulticast mode [ 913.284602][T24440] vivid-009: Enable Output Composing: true [ 913.290493][T24440] vivid-009: Enable Output Scaler: true [ 913.309669][T24442] macsec0: entered promiscuous mode [ 913.330028][T24442] bridge0: port 3(macsec0) entered blocking state [ 913.336799][T24442] bridge0: port 3(macsec0) entered forwarding state [ 913.345168][T24440] vivid-009: Tx RGB Quantization Range: Automatic [ 913.361278][T24440] vivid-009: Transmit Mode: HDMI [ 913.370025][T24440] vivid-009: Hotplug Present: 0x00000000 [ 913.450418][T24440] vivid-009: RxSense Present: 0x00000000 [ 913.482318][T24440] vivid-009: EDID Present: 0x00000000 [ 913.488587][T24440] vivid-009: ================== END STATUS ================== [ 913.763344][T24445] bridge0: port 4(syz_tun) entered blocking state [ 913.771672][T24445] bridge0: port 4(syz_tun) entered disabled state [ 913.808099][T24445] syz_tun: entered allmulticast mode [ 913.836700][T24445] syz_tun: entered promiscuous mode [ 913.862504][T24445] bridge0: port 4(syz_tun) entered blocking state [ 913.869850][T24445] bridge0: port 4(syz_tun) entered forwarding state [ 915.155195][T24483] random: crng reseeded on system resumption [ 917.251959][T24522] sd 0:0:1:0: PR command failed: 1026 [ 917.290920][T24522] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 917.309859][T24522] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 918.453339][T24535] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3967'. [ 918.542416][T24535] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 918.626207][T24535] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 918.792921][T24535] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 918.817943][T24535] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 922.937253][ T29] audit: type=1804 audit(8277292276.929:45): pid=24628 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.3987" name="/newroot/sys/kernel/tracing/trace_marker" dev="tracefs" ino=195 res=1 errno=0 [ 922.943033][T24628] Process accounting resumed [ 922.987011][T24628] kernel write not supported for file /trace_marker (pid: 24628 comm: syz.2.3987) [ 922.999297][ T29] audit: type=1804 audit(8277292276.929:46): pid=24628 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.3987" name="/newroot/sys/kernel/tracing/trace_marker" dev="tracefs" ino=195 res=1 errno=0 [ 923.050715][T24630] Process accounting resumed [ 923.060825][T24630] kernel write not supported for file /trace_marker (pid: 24630 comm: syz.2.3987) [ 923.070853][ T29] audit: type=1804 audit(8277292277.049:47): pid=24630 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.3987" name="/newroot/sys/kernel/tracing/trace_marker" dev="tracefs" ino=195 res=1 errno=0 [ 923.208879][T24627] Process accounting resumed [ 923.232714][T24627] kernel write not supported for file /trace_marker (pid: 24627 comm: syz.2.3987) [ 924.547572][T24634] kernel write not supported for file /trace_marker (pid: 24634 comm: syz.2.3990) [ 925.023324][T24673] validate_nla: 55 callbacks suppressed [ 925.023347][T24673] netlink: 'syz.4.3999': attribute type 1 has an invalid length. [ 925.051404][T24673] netlink: 'syz.4.3999': attribute type 1 has an invalid length. [ 925.170726][T24671] kernel write not supported for file /trace_marker (pid: 24671 comm: syz.2.3997) [ 925.360005][T24685] netlink: 'syz.4.4001': attribute type 1 has an invalid length. [ 925.362718][ T29] audit: type=1806 audit(8277292279.349:48): xattr="." res=0 [ 925.900498][T24697] kernel write not supported for file /trace_marker (pid: 24697 comm: syz.2.4003) [ 926.247773][T24707] kernel write not supported for file /trace_marker (pid: 24707 comm: syz.2.4007) [ 927.519322][T24713] kernel write not supported for file /trace_marker (pid: 24713 comm: syz.2.4008) [ 927.737541][T24737] kernel write not supported for file /trace_marker (pid: 24737 comm: syz.2.4014) [ 927.924239][T24743] kernel write not supported for file /trace_marker (pid: 24743 comm: syz.2.4016) [ 928.194794][T24749] kernel write not supported for file /trace_marker (pid: 24749 comm: syz.2.4019) [ 930.007008][T24772] kernel write not supported for file /trace_marker (pid: 24772 comm: syz.2.4021) [ 930.409511][T24787] kernel write not supported for file /trace_marker (pid: 24787 comm: syz.2.4025) [ 931.574709][T24802] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 931.590398][T24802] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 931.627458][T24802] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 931.652024][T24802] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 931.784521][T24802] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 931.802039][T24802] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 931.902850][T24802] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 932.012361][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 932.018741][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.093111][T24802] kernel write not supported for file /trace_marker (pid: 24802 comm: syz.2.4030) [ 932.621614][T24829] kernel write not supported for file /trace_marker (pid: 24829 comm: syz.2.4037) [ 932.883425][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 933.152639][T24848] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4038'. [ 933.294109][T24855] kernel write not supported for file /trace_marker (pid: 24855 comm: syz.2.4038) [ 933.684755][ T5843] Bluetooth: hci0: command 0x0406 tx timeout [ 933.684950][T14354] Bluetooth: hci1: command 0x0c1a tx timeout [ 933.714682][T24869] kernel write not supported for file /trace_marker (pid: 24869 comm: syz.2.4044) [ 933.843054][T14354] Bluetooth: hci4: command 0x0c1a tx timeout [ 934.699542][T24874] kernel write not supported for file /trace_marker (pid: 24874 comm: syz.2.4047) [ 934.987978][T24897] kernel write not supported for file /trace_marker (pid: 24897 comm: syz.2.4054) [ 935.560554][T24908] kernel write not supported for file /trace_marker (pid: 24908 comm: syz.2.4055) [ 935.753681][T14354] Bluetooth: hci0: command 0x0406 tx timeout [ 935.911980][T14354] Bluetooth: hci4: command 0x0c1a tx timeout [ 936.779376][T24936] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4061'. [ 937.558153][T24936] team0: Port device team_slave_0 removed [ 937.992130][T14354] Bluetooth: hci4: command 0x0c1a tx timeout [ 938.846625][T24968] netlink: 252 bytes leftover after parsing attributes in process `syz.1.4069'. [ 938.864242][T24968] netlink: 252 bytes leftover after parsing attributes in process `syz.1.4069'. [ 939.109858][T24977] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4072'. [ 939.407940][T24983] netlink: 330 bytes leftover after parsing attributes in process `syz.1.4073'. [ 940.431929][T25001] netlink: 17 bytes leftover after parsing attributes in process `syz.1.4079'. [ 941.886778][T25037] lo: entered allmulticast mode [ 941.923738][T25037] lo: left allmulticast mode [ 942.807363][T25063] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4093'. [ 944.187195][T25105] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 945.479402][T25162] FAULT_INJECTION: forcing a failure. [ 945.479402][T25162] name failslab, interval 1, probability 0, space 0, times 0 [ 945.493447][T25162] CPU: 0 UID: 0 PID: 25162 Comm: syz.1.4117 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0 [ 945.504359][T25162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 945.514458][T25162] Call Trace: [ 945.518376][T25162] [ 945.521332][T25162] dump_stack_lvl+0x16c/0x1f0 [ 945.526063][T25162] should_fail_ex+0x497/0x5b0 [ 945.530751][T25162] ? fs_reclaim_acquire+0xae/0x150 [ 945.535966][T25162] should_failslab+0xc2/0x120 [ 945.540660][T25162] __kmalloc_node_noprof+0xd1/0x520 [ 945.545876][T25162] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 945.551356][T25162] __kvmalloc_node_noprof+0xad/0x1a0 [ 945.557118][T25162] seq_read_iter+0x82a/0x12b0 [ 945.561918][T25162] ? __mutex_trylock_common+0xea/0x250 [ 945.568293][T25162] kernfs_fop_read_iter+0x414/0x580 [ 945.573618][T25162] ? rw_verify_area+0xd0/0x700 [ 945.579153][T25162] vfs_read+0x87f/0xbe0 [ 945.584400][T25162] ? __pfx_vfs_read+0x10/0x10 [ 945.589255][T25162] ksys_read+0x12b/0x250 [ 945.593969][T25162] ? __pfx_ksys_read+0x10/0x10 [ 945.599400][T25162] do_syscall_64+0xcd/0x250 [ 945.604033][T25162] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 945.610368][T25162] RIP: 0033:0x7f43c5d85d29 [ 945.614905][T25162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 945.635295][T25162] RSP: 002b:00007f43c6bd1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 945.643986][T25162] RAX: ffffffffffffffda RBX: 00007f43c5f75fa0 RCX: 00007f43c5d85d29 [ 945.652002][T25162] RDX: 0000000000000068 RSI: 0000000020001540 RDI: 0000000000000003 [ 945.660117][T25162] RBP: 00007f43c6bd1090 R08: 0000000000000000 R09: 0000000000000000 [ 945.668102][T25162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 945.676127][T25162] R13: 0000000000000000 R14: 00007f43c5f75fa0 R15: 00007ffd64f02f38 [ 945.684260][T25162] [ 945.861693][T25166] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4119'. [ 945.986906][T25172] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4121'. [ 947.140697][T25211] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4129'. [ 948.172771][T25207] Process accounting resumed [ 948.783612][T25247] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4140'. [ 950.473213][T25289] netlink: 342 bytes leftover after parsing attributes in process `syz.5.4150'. [ 951.351347][T25301] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4152'. [ 954.814621][T25380] ptrace attach of "./syz-executor exec"[23589] was attempted by "./syz-executor exec"[25380] [ 956.915024][ T29] audit: type=1326 audit(2069.470:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25400 comm="syz.4.4173" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcfba985d29 code=0x0 [ 956.936195][ C0] vkms_vblank_simulate: vblank timer overrun [ 959.397654][T25425] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 959.406906][T25425] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 959.442182][T25425] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 959.499103][T25425] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 960.045085][T25450] openvswitch: netlink: Key 23 has unexpected len 0 expected 2 [ 960.082244][T14354] Bluetooth: hci2: command 0x0c1a tx timeout [ 961.442438][T14354] Bluetooth: hci1: command 0x0c1a tx timeout [ 961.512196][ T5843] Bluetooth: hci0: command 0x0406 tx timeout [ 961.520503][T14354] Bluetooth: hci4: command 0x0c1a tx timeout [ 965.049403][T25544] netlink: 'syz.4.4199': attribute type 2 has an invalid length. [ 965.076353][T25544] netlink: 674 bytes leftover after parsing attributes in process `syz.4.4199'. [ 968.274094][T25619] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 968.300315][T25619] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 968.342239][T25619] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 968.358853][T25619] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 969.752111][T14354] Bluetooth: hci2: command 0x0c1a tx timeout [ 970.312005][T14354] Bluetooth: hci1: command 0x0c1a tx timeout [ 970.392199][T14354] Bluetooth: hci4: command 0x0c1a tx timeout [ 970.392265][ T5843] Bluetooth: hci0: command 0x0406 tx timeout [ 970.543318][T25683] netlink: 342 bytes leftover after parsing attributes in process `syz.1.4230'. [ 970.555061][T25683] IPv6: Can't replace route, no match found [ 970.652803][T25686] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4231'. [ 970.689522][T25686] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4231'. [ 971.624435][T25720] netlink: 'syz.1.4238': attribute type 11 has an invalid length. [ 972.613486][T25751] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4245'. [ 973.647420][T25777] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4251'. [ 976.863136][T25867] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4272'. [ 977.897699][T25880] debugfs: Directory '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' with parent 'ieee80211' already present! [ 978.503498][T25824] Process accounting paused [ 982.753736][T25973] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 982.761207][T25973] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 982.772206][T25973] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 982.802120][T25973] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 983.100305][T25986] Invalid ELF header magic: != ELF [ 983.992037][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 984.792375][ T5843] Bluetooth: hci0: command 0x0406 tx timeout [ 984.793751][T14354] Bluetooth: hci1: command 0x0c1a tx timeout [ 984.872270][T14354] Bluetooth: hci4: command 0x0c1a tx timeout [ 985.117877][T26024] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4312'. [ 985.809222][T26055] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4321'. [ 987.337689][T26099] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4332'. [ 987.715863][T26103] netlink: 334 bytes leftover after parsing attributes in process `syz.4.4333'. [ 988.606150][T26135] vivid-013: ================= START STATUS ================= [ 988.620095][T26135] vivid-013: Generate PTS: true [ 988.640309][T26135] vivid-013: Generate SCR: true [ 988.656176][T26135] tpg source WxH: 640x360 (Y'CbCr) [ 988.675934][T26135] tpg field: 1 [ 988.686061][T26135] tpg crop: 640x360@0x0 [ 988.696498][T26135] tpg compose: 640x360@0x0 [ 988.704561][T26135] tpg colorspace: 8 [ 988.709701][T26135] tpg transfer function: 0/0 [ 988.717412][T26135] tpg Y'CbCr encoding: 0/0 [ 988.727336][T26135] tpg quantization: 0/0 [ 988.735039][T26135] tpg RGB range: 0/2 [ 988.740612][T26135] vivid-013: ================== END STATUS ================== [ 988.759330][T26141] vivid-013: ================= START STATUS ================= [ 988.797238][T26141] vivid-013: Generate PTS: true [ 988.808403][T26141] vivid-013: Generate SCR: true [ 988.815208][T26141] tpg source WxH: 640x360 (Y'CbCr) [ 988.820785][T26141] tpg field: 1 [ 988.831016][T26141] tpg crop: 640x360@0x0 [ 988.836754][T26141] tpg compose: 640x360@0x0 [ 988.841387][T26141] tpg colorspace: 8 [ 988.876185][T26141] tpg transfer function: 0/0 [ 988.892097][T26141] tpg Y'CbCr encoding: 0/0 [ 988.908599][T26141] tpg quantization: 0/0 [ 988.922001][T26141] tpg RGB range: 0/2 [ 988.925983][T26141] vivid-013: ================== END STATUS ================== [ 989.667702][ T29] audit: type=1400 audit(4294969398.227:50): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=26161 comm="syz.5.4347" [ 990.508358][T26178] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4354'. [ 993.180281][T26222] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4365'. [ 993.434875][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.442930][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 994.322640][T26236] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4367'. [ 994.585121][T26240] netlink: 346 bytes leftover after parsing attributes in process `syz.4.4369'. [ 997.462976][T26285] Invalid ELF header magic: != ELF [ 997.860538][T26297] netlink: 350 bytes leftover after parsing attributes in process `syz.1.4380'. [ 1000.916101][T26357] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4395'. [ 1001.137096][T26356] vivid-013: ================= START STATUS ================= [ 1001.182082][T26356] vivid-013: Generate PTS: true [ 1001.191234][T26362] Invalid ELF header magic: != ELF [ 1001.206052][T26356] vivid-013: Generate SCR: true [ 1001.211039][T26356] tpg source WxH: 640x360 (Y'CbCr) [ 1001.242102][T26356] tpg field: 1 [ 1001.245549][T26356] tpg crop: 640x360@0x0 [ 1001.422097][T26356] tpg compose: 640x360@0x0 [ 1001.487026][T26356] tpg colorspace: 8 [ 1001.490911][T26356] tpg transfer function: 0/0 [ 1001.790226][T26356] tpg Y'CbCr encoding: 0/0 [ 1001.894560][T26356] tpg quantization: 0/0 [ 1001.898810][T26356] tpg RGB range: 0/2 [ 1001.957309][T26356] vivid-013: ================== END STATUS ================== [ 1002.016803][T26367] vivid-013: ================= START STATUS ================= [ 1002.080465][T26367] vivid-013: Generate PTS: true [ 1002.116915][T26367] vivid-013: Generate SCR: true [ 1002.149568][T26367] tpg source WxH: 640x360 (Y'CbCr) [ 1002.182042][T26367] tpg field: 1 [ 1002.185498][T26367] tpg crop: 640x360@0x0 [ 1002.230702][T26367] tpg compose: 640x360@0x0 [ 1002.279932][T26367] tpg colorspace: 8 [ 1002.289309][T26367] tpg transfer function: 0/0 [ 1002.301342][T26367] tpg Y'CbCr encoding: 0/0 [ 1002.320910][T26367] tpg quantization: 0/0 [ 1002.340971][T26367] tpg RGB range: 0/2 [ 1002.359694][T26367] vivid-013: ================== END STATUS ================== [ 1003.337989][T26398] Invalid ELF header magic: != ELF [ 1004.071569][T26399] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4402'. [ 1005.985647][T26433] scsi_dev_info_list_add_str: bad dev info string 'ÖÐ' '' '' [ 1008.588437][T26467] Process accounting resumed [ 1009.004245][T26480] ovsóãƒõ9Ûõ: entered promiscuous mode [ 1009.484542][T26489] netlink: 338 bytes leftover after parsing attributes in process `syz.1.4423'. [ 1011.297530][T26532] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4432'. [ 1011.320974][T26534] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4434'. [ 1012.616033][T26559] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4439'. [ 1012.703544][T26559] macsec0: left allmulticast mode [ 1012.708890][T26559] veth1_macvtap: left allmulticast mode [ 1012.714871][T26559] macsec0: left promiscuous mode [ 1012.722481][T26559] bridge0: port 3(macsec0) entered disabled state [ 1012.742309][T26559] bridge_slave_1: left allmulticast mode [ 1012.755238][T26559] bridge_slave_1: left promiscuous mode [ 1012.772141][T26559] bridge0: port 2(bridge_slave_1) entered disabled state [ 1012.788166][T26559] bridge_slave_0: left allmulticast mode [ 1012.794876][T26559] bridge_slave_0: left promiscuous mode [ 1012.801187][T26559] bridge0: port 1(bridge_slave_0) entered disabled state [ 1016.800408][ T5843] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1016.831911][ T5843] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1016.854515][ T5843] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1016.871972][ T5843] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1016.879778][ T5843] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1016.910400][ T5843] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1017.577061][T23842] bridge0: port 4(syz_tun) entered disabled state [ 1017.707038][T23842] syz_tun (unregistering): left allmulticast mode [ 1017.721886][T23842] syz_tun (unregistering): left promiscuous mode [ 1017.745001][T23842] bridge0: port 4(syz_tun) entered disabled state [ 1017.811504][T23842] smc: removing net device syz_tun with user defined pnetid ETHTOOL [ 1018.138203][T26640] chnl_net:caif_netlink_parms(): no params data found [ 1018.416290][T26640] bridge0: port 1(bridge_slave_0) entered blocking state [ 1018.435615][T26640] bridge0: port 1(bridge_slave_0) entered disabled state [ 1018.452422][T26640] bridge_slave_0: entered allmulticast mode [ 1018.463046][T26640] bridge_slave_0: entered promiscuous mode [ 1018.498296][T26640] bridge0: port 2(bridge_slave_1) entered blocking state [ 1018.507262][T26640] bridge0: port 2(bridge_slave_1) entered disabled state [ 1018.519732][T26640] bridge_slave_1: entered allmulticast mode [ 1018.546551][T26640] bridge_slave_1: entered promiscuous mode [ 1018.612337][T26640] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1018.625685][T26640] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1018.697102][T26640] team0: Port device team_slave_0 added [ 1018.723093][T26640] team0: Port device team_slave_1 added [ 1018.788700][T26640] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1018.802090][T26640] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1018.829082][T26640] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1018.841947][T26640] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1018.849287][T26640] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1018.875641][T26640] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1018.952281][T14354] Bluetooth: hci3: command tx timeout [ 1018.974839][T26640] hsr_slave_0: entered promiscuous mode [ 1018.981553][T26640] hsr_slave_1: entered promiscuous mode [ 1018.994753][T26640] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1019.021404][T26640] Cannot create hsr debugfs directory [ 1019.538283][T26640] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1019.629448][T26640] 8021q: adding VLAN 0 to HW filter on device team0 [ 1019.684036][ T7114] bridge0: port 1(bridge_slave_0) entered blocking state [ 1019.691291][ T7114] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1019.744855][T25339] bridge0: port 2(bridge_slave_1) entered blocking state [ 1019.752132][T25339] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1020.060461][T26640] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1020.217727][T26670] kexec: Could not allocate control_code_buffer [ 1020.399415][T26696] netlink: 342 bytes leftover after parsing attributes in process `syz.1.4465'. [ 1020.437706][T26696] IPv6: Can't replace route, no match found [ 1020.605274][T26640] veth0_vlan: entered promiscuous mode [ 1020.645302][T26640] veth1_vlan: entered promiscuous mode [ 1020.679105][T26640] veth0_macvtap: entered promiscuous mode [ 1020.694324][T26640] veth1_macvtap: entered promiscuous mode [ 1020.735934][T26640] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1020.746993][T26640] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1020.757590][T26640] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1020.768143][T26640] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1020.778512][T26640] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1020.789120][T26640] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1020.799510][T26640] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1020.810306][T26640] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1020.820500][T26640] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1020.831161][T26640] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1020.841987][T26640] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1020.853106][T26640] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1020.867145][T26640] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1020.877148][T26640] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1020.887699][T26640] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1020.898005][T26640] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1020.908742][T26640] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1020.918818][T26640] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1020.929825][T26640] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1020.940646][T26640] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1020.951875][T26640] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1020.963419][T26640] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1020.973999][T26640] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1020.986874][T26640] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1020.986898][T26640] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1020.988957][T26640] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1021.033156][T14354] Bluetooth: hci3: command tx timeout [ 1021.293401][T26715] ptrace attach of "./syz-executor exec"[21687] was attempted by "./syz-executor exec"[26715] [ 1021.332005][T25339] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1021.350185][T25339] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1021.412943][T25339] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1021.431614][T25339] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1021.686419][T26738] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4475'. [ 1023.112857][T14354] Bluetooth: hci3: command tx timeout [ 1024.348308][T26804] nbd: couldn't find a device at index 0 [ 1024.525752][T26808] vivid-007: ================= START STATUS ================= [ 1024.549968][T26808] vivid-007: Generate PTS: true [ 1024.560951][T26808] vivid-007: Generate SCR: true [ 1024.589961][T26808] tpg source WxH: 640x360 (Y'CbCr) [ 1024.595963][T26808] tpg field: 1 [ 1024.599400][T26808] tpg crop: 640x360@0x0 [ 1024.627469][T26808] tpg compose: 640x360@0x0 [ 1024.635909][T26808] tpg colorspace: 8 [ 1024.639778][T26808] tpg transfer function: 0/0 [ 1024.670468][T26808] tpg Y'CbCr encoding: 0/0 [ 1024.675564][T26808] tpg quantization: 0/0 [ 1024.688759][T26808] tpg RGB range: 0/2 [ 1024.710132][T26808] vivid-007: ================== END STATUS ================== [ 1025.192424][T14354] Bluetooth: hci3: command tx timeout [ 1026.902491][T26864] Invalid ELF header len 3 [ 1027.849584][T26872] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4508'. [ 1030.037936][T26905] netlink: 326 bytes leftover after parsing attributes in process `syz.1.4514'. [ 1038.680243][T26984] Process accounting paused [ 1040.362848][T27038] netlink: 334 bytes leftover after parsing attributes in process `syz.1.4541'. [ 1041.199368][T27052] netlink: 1204 bytes leftover after parsing attributes in process `syz.4.4543'. [ 1041.300158][T27052] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4543'. [ 1041.555373][T27068] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4543'. [ 1046.452425][T27171] netlink: 338 bytes leftover after parsing attributes in process `syz.1.4565'. [ 1046.461597][T27171] hsr0: entered promiscuous mode [ 1046.474978][T27171] hsr0: entered allmulticast mode [ 1046.480671][T27171] hsr_slave_0: entered allmulticast mode [ 1046.491908][T27171] hsr_slave_1: entered allmulticast mode [ 1046.831619][T27196] openvswitch: netlink: ct_state flags 03001eac unsupported [ 1047.314219][T27177] delete_channel: no stack syzkaller syzkaller login: [ 1050.235282][T27281] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4581'. [ 1050.260112][T27281] team_slave_0: entered allmulticast mode [ 1050.304461][T27284] MTRR 1 not used [ 1051.485454][T27297] sctp: [Deprecated]: syz.2.4586 (pid 27297) Use of int in maxseg socket option. [ 1051.485454][T27297] Use struct sctp_assoc_value instead [ 1052.554146][T27321] netlink: 'syz.4.4588': attribute type 1 has an invalid length. [ 1052.646006][T27323] netlink: 'syz.4.4588': attribute type 1 has an invalid length. [ 1052.675670][T27321] netlink: 53 bytes leftover after parsing attributes in process `syz.4.4588'. [ 1052.792164][T27323] netlink: 53 bytes leftover after parsing attributes in process `syz.4.4588'. [ 1054.875825][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.884236][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 1055.588439][T27353] misc userio: Invalid payload size [ 1059.930149][T27412] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4611'. [ 1060.767861][T27420] Invalid ELF header magic: != ELF [ 1067.184379][T27506] sd 0:0:1:0: PR command failed: 1026 [ 1067.189853][T27506] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1067.218307][T27506] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1067.218765][T27504] Invalid ELF header magic: != ELF [ 1068.463530][T27521] ima: policy update failed [ 1068.469782][ T29] audit: type=1802 audit(4294967329.270:51): pid=27521 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.4633" res=0 errno=0 [ 1070.850600][T27550] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4638'. [ 1072.976823][T27579] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4646'. [ 1073.634759][T27599] netlink: 334 bytes leftover after parsing attributes in process `syz.4.4623'. [ 1076.793618][T27673] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4665'. [ 1077.605352][T27682] Invalid ELF header magic: != ELF [ 1077.653413][T27680] Invalid ELF header magic: != ELF [ 1078.861022][T27698] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4669'. [ 1080.093384][T27734] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4675'. [ 1089.616615][T27840] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4694'. [ 1093.794336][T27904] netlink: 330 bytes leftover after parsing attributes in process `syz.1.4707'. [ 1095.897097][T27936] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4715'. [ 1097.115913][T27960] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4720'. [ 1098.154196][ T29] audit: type=1326 audit(4294967367.962:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27972 comm="syz.1.4724" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f43c5d85d29 code=0x0 [ 1098.570466][T27979] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4725'. [ 1103.167406][T28022] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1103.175589][T28022] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1103.200376][T28022] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1103.212041][T28022] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1103.222245][T28022] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1103.410696][T28022] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1104.471919][T14354] Bluetooth: hci1: command 0x0c1a tx timeout [ 1105.194154][T14354] Bluetooth: hci0: command 0x0406 tx timeout [ 1105.272140][T14354] Bluetooth: hci3: command 0x0c1a tx timeout [ 1105.272148][ T5843] Bluetooth: hci4: command 0x0c1a tx timeout [ 1106.230030][T28065] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4743'. [ 1107.352322][T14354] Bluetooth: hci3: command 0x0c1a tx timeout [ 1107.977320][T28092] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4748'. [ 1108.268529][T28097] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4750'. [ 1108.667827][T28100] openvswitch: netlink: nsh attribute has unmatched MD type 0. [ 1109.434927][T14354] Bluetooth: hci3: command 0x0c1a tx timeout [ 1111.203842][T28141] netlink: 350 bytes leftover after parsing attributes in process `syz.1.4760'. [ 1112.550814][T28154] [ 1112.553215][T28154] ====================================================== [ 1112.560234][T28154] WARNING: possible circular locking dependency detected [ 1112.567255][T28154] 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0 Not tainted [ 1112.574374][T28154] ------------------------------------------------------ [ 1112.581537][T28154] syz.1.4764/28154 is trying to acquire lock: [ 1112.587700][T28154] ffff888078b85568 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: start_creating.part.0+0xb0/0x3a0 [ 1112.598375][T28154] [ 1112.598375][T28154] but task is already holding lock: [ 1112.605744][T28154] ffffffff8de395c8 (relay_channels_mutex){+.+.}-{4:4}, at: relay_open+0x324/0xa20 [ 1112.615003][T28154] [ 1112.615003][T28154] which lock already depends on the new lock. [ 1112.615003][T28154] [ 1112.625406][T28154] [ 1112.625406][T28154] the existing dependency chain (in reverse order) is: [ 1112.634457][T28154] [ 1112.634457][T28154] -> #2 (relay_channels_mutex){+.+.}-{4:4}: [ 1112.642554][T28154] __mutex_lock+0x19b/0xa60 [ 1112.647600][T28154] relay_prepare_cpu+0x2c/0x300 [ 1112.652995][T28154] cpuhp_invoke_callback+0x3d0/0xa10 [ 1112.658819][T28154] __cpuhp_invoke_callback_range+0x101/0x200 [ 1112.665366][T28154] _cpu_up+0x3fd/0x910 [ 1112.669970][T28154] cpu_up+0x1dc/0x240 [ 1112.674488][T28154] cpuhp_bringup_mask+0xdc/0x210 [ 1112.679972][T28154] bringup_nonboot_cpus+0x176/0x1c0 [ 1112.685726][T28154] smp_init+0x34/0x160 [ 1112.690333][T28154] kernel_init_freeable+0x3ad/0x8b0 [ 1112.696075][T28154] kernel_init+0x1c/0x2b0 [ 1112.700952][T28154] ret_from_fork+0x45/0x80 [ 1112.705901][T28154] ret_from_fork_asm+0x1a/0x30 [ 1112.711212][T28154] [ 1112.711212][T28154] -> #1 (cpu_hotplug_lock){++++}-{0:0}: [ 1112.718962][T28154] cpus_read_lock+0x42/0x160 [ 1112.724100][T28154] zswap_store+0x8f8/0x25f0 [ 1112.729431][T28154] swap_writepage+0x3b6/0x1120 [ 1112.734736][T28154] shmem_writepage+0xf7b/0x1490 [ 1112.740127][T28154] pageout+0x3b2/0xaa0 [ 1112.744794][T28154] shrink_folio_list+0x3025/0x42d0 [ 1112.750996][T28154] evict_folios+0x6e3/0x19c0 [ 1112.756123][T28154] try_to_shrink_lruvec+0x61e/0xa80 [ 1112.761878][T28154] shrink_lruvec+0x313/0x2ba0 [ 1112.767099][T28154] shrink_node+0x105e/0x3f20 [ 1112.772286][T28154] do_try_to_free_pages+0x35f/0x1a30 [ 1112.778205][T28154] try_to_free_mem_cgroup_pages+0x31a/0x7a0 [ 1112.784724][T28154] try_charge_memcg+0x356/0xaf0 [ 1112.790110][T28154] obj_cgroup_charge+0x179/0x4d0 [ 1112.795691][T28154] __memcg_slab_post_alloc_hook+0x1b6/0x9b0 [ 1112.802126][T28154] kmem_cache_alloc_lru_noprof+0x30d/0x3b0 [ 1112.808473][T28154] alloc_inode+0xbf/0x230 [ 1112.813340][T28154] new_inode+0x22/0x210 [ 1112.818037][T28154] __debugfs_create_file+0x11a/0x660 [ 1112.823860][T28154] debugfs_create_file_full+0x6d/0xa0 [ 1112.829774][T28154] kvm_dev_ioctl+0x14b6/0x1aa0 [ 1112.835122][T28154] __x64_sys_ioctl+0x190/0x200 [ 1112.840418][T28154] do_syscall_64+0xcd/0x250 [ 1112.845459][T28154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1112.851888][T28154] [ 1112.851888][T28154] -> #0 (&sb->s_type->i_mutex_key#3){++++}-{4:4}: [ 1112.860540][T28154] __lock_acquire+0x249e/0x3c40 [ 1112.865925][T28154] lock_acquire.part.0+0x11b/0x380 [ 1112.871565][T28154] down_write+0x93/0x200 [ 1112.876350][T28154] start_creating.part.0+0xb0/0x3a0 [ 1112.882089][T28154] __debugfs_create_file+0xa5/0x660 [ 1112.887827][T28154] debugfs_create_file_full+0x6d/0xa0 [ 1112.893740][T28154] relay_create_buf_file+0xf0/0x170 [ 1112.899512][T28154] relay_open_buf.part.0+0x760/0xb90 [ 1112.905349][T28154] relay_open+0x5e2/0xa20 [ 1112.910224][T28154] do_blk_trace_setup+0x4b4/0xac0 [ 1112.915782][T28154] __blk_trace_setup+0xd8/0x180 [ 1112.921165][T28154] blk_trace_setup+0x47/0x70 [ 1112.926287][T28154] sg_ioctl+0x7a3/0x26b0 [ 1112.931067][T28154] __x64_sys_ioctl+0x190/0x200 [ 1112.936362][T28154] do_syscall_64+0xcd/0x250 [ 1112.941403][T28154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1112.947832][T28154] [ 1112.947832][T28154] other info that might help us debug this: [ 1112.947832][T28154] [ 1112.958064][T28154] Chain exists of: [ 1112.958064][T28154] &sb->s_type->i_mutex_key#3 --> cpu_hotplug_lock --> relay_channels_mutex [ 1112.958064][T28154] [ 1112.972604][T28154] Possible unsafe locking scenario: [ 1112.972604][T28154] [ 1112.980069][T28154] CPU0 CPU1 [ 1112.985432][T28154] ---- ---- [ 1112.990794][T28154] lock(relay_channels_mutex); [ 1112.995659][T28154] lock(cpu_hotplug_lock); [ 1113.002688][T28154] lock(relay_channels_mutex); [ 1113.010067][T28154] lock(&sb->s_type->i_mutex_key#3); [ 1113.015453][T28154] [ 1113.015453][T28154] *** DEADLOCK *** [ 1113.015453][T28154] [ 1113.023599][T28154] 2 locks held by syz.1.4764/28154: [ 1113.028800][T28154] #0: ffff88802542fe78 (&q->debugfs_mutex){+.+.}-{4:4}, at: blk_trace_setup+0x33/0x70 [ 1113.038486][T28154] #1: ffffffff8de395c8 (relay_channels_mutex){+.+.}-{4:4}, at: relay_open+0x324/0xa20 [ 1113.048178][T28154] [ 1113.048178][T28154] stack backtrace: [ 1113.054066][T28154] CPU: 0 UID: 0 PID: 28154 Comm: syz.1.4764 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0 [ 1113.064834][T28154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1113.074893][T28154] Call Trace: [ 1113.078174][T28154] [ 1113.081121][T28154] dump_stack_lvl+0x116/0x1f0 [ 1113.085824][T28154] print_circular_bug+0x41c/0x610 [ 1113.090868][T28154] check_noncircular+0x31a/0x400 [ 1113.095833][T28154] ? __pfx_check_noncircular+0x10/0x10 [ 1113.101325][T28154] ? stack_trace_save+0x95/0xd0 [ 1113.106201][T28154] ? lockdep_lock+0xc6/0x200 [ 1113.110807][T28154] ? __pfx_lockdep_lock+0x10/0x10 [ 1113.115862][T28154] __lock_acquire+0x249e/0x3c40 [ 1113.120756][T28154] ? __pfx___lock_acquire+0x10/0x10 [ 1113.125980][T28154] lock_acquire.part.0+0x11b/0x380 [ 1113.131105][T28154] ? start_creating.part.0+0xb0/0x3a0 [ 1113.136497][T28154] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 1113.142139][T28154] ? rcu_is_watching+0x12/0xc0 [ 1113.146915][T28154] ? trace_lock_acquire+0x14e/0x1f0 [ 1113.152129][T28154] ? start_creating.part.0+0xb0/0x3a0 [ 1113.157543][T28154] ? lock_acquire+0x2f/0xb0 [ 1113.162075][T28154] ? start_creating.part.0+0xb0/0x3a0 [ 1113.167489][T28154] down_write+0x93/0x200 [ 1113.171789][T28154] ? start_creating.part.0+0xb0/0x3a0 [ 1113.177191][T28154] ? __pfx_down_write+0x10/0x10 [ 1113.182059][T28154] ? do_raw_spin_unlock+0x172/0x230 [ 1113.187272][T28154] ? mntput+0x10/0x90 [ 1113.191264][T28154] ? simple_pin_fs+0xa3/0x190 [ 1113.195959][T28154] start_creating.part.0+0xb0/0x3a0 [ 1113.201210][T28154] __debugfs_create_file+0xa5/0x660 [ 1113.206438][T28154] debugfs_create_file_full+0x6d/0xa0 [ 1113.211833][T28154] ? __pfx_blk_create_buf_file_callback+0x10/0x10 [ 1113.218270][T28154] relay_create_buf_file+0xf0/0x170 [ 1113.223493][T28154] relay_open_buf.part.0+0x760/0xb90 [ 1113.228829][T28154] relay_open+0x5e2/0xa20 [ 1113.233180][T28154] ? debugfs_create_file_full+0x75/0xa0 [ 1113.238751][T28154] do_blk_trace_setup+0x4b4/0xac0 [ 1113.243805][T28154] __blk_trace_setup+0xd8/0x180 [ 1113.248701][T28154] ? __pfx___blk_trace_setup+0x10/0x10 [ 1113.254187][T28154] ? do_vfs_ioctl+0x513/0x1950 [ 1113.258971][T28154] blk_trace_setup+0x47/0x70 [ 1113.263586][T28154] sg_ioctl+0x7a3/0x26b0 [ 1113.267847][T28154] ? __pfx_sg_ioctl+0x10/0x10 [ 1113.272541][T28154] ? __pfx_lock_release+0x10/0x10 [ 1113.277584][T28154] ? trace_lock_acquire+0x14e/0x1f0 [ 1113.282799][T28154] ? __fget_files+0x206/0x3a0 [ 1113.287581][T28154] ? __pfx_sg_ioctl+0x10/0x10 [ 1113.292275][T28154] __x64_sys_ioctl+0x190/0x200 [ 1113.297050][T28154] do_syscall_64+0xcd/0x250 [ 1113.301577][T28154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1113.307489][T28154] RIP: 0033:0x7f43c5d85d29 [ 1113.311922][T28154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1113.331554][T28154] RSP: 002b:00007f43c6bb0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1113.339981][T28154] RAX: ffffffffffffffda RBX: 00007f43c5f76080 RCX: 00007f43c5d85d29 [ 1113.347962][T28154] RDX: 0000000000000038 RSI: 00000000c0481273 RDI: 0000000000000003 [ 1113.355941][T28154] RBP: 00007f43c5e01b08 R08: 0000000000000000 R09: 0000000000000000 [ 1113.363924][T28154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1113.371901][T28154] R13: 0000000000000000 R14: 00007f43c5f76080 R15: 00007ffd64f02f38 [ 1113.379908][T28154] [ 1116.314692][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.321045][ T1295] ieee802154 phy1 wpan1: encryption failed: -22