last executing test programs: 4m9.624619982s ago: executing program 0 (id=411): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty25\x00', 0x20000, 0x0) pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\b\x06e\x1cJ\x99\x00:c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9', 0x8f, 0x3) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) 4m7.740550457s ago: executing program 0 (id=418): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x6, 0x0) getsockopt$auto(r0, 0x10d, 0x11, 0x0, &(0x7f0000000000)=0xb) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop3/queue/rq_affinity\x00', 0x100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000003c0)=""/144, 0x90) write$auto(0xffffffffffffffff, &(0x7f0000000040)='/sys/kernel/debug/dri/vkms/Writeback-1/edid_override\x00', 0x5) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x149040, 0x0) ioctl$auto(0x3, 0x5453, 0x38) write$auto(0xffffffffffffffff, &(0x7f0000000080)='/sys/kernel/debug/dri/vkms/Writeback-1/edid_override\x00', 0x3) 4m4.116470836s ago: executing program 0 (id=424): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_hsr(&(0x7f00000013c0), 0xffffffffffffffff) r0 = socket(0xa, 0x801, 0x84) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000021}, 0x8004) connect$auto(0x3, &(0x7f0000000140), 0x55) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) socket(0x2c, 0x2, 0x140) keyctl$auto(0x8, 0x5, 0x6, 0x6, 0x7) writev$auto(0xca, &(0x7f0000000080)={&(0x7f0000000040), 0xa}, 0x7e) unshare$auto(0x200) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00') r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') io_uring_setup$auto(0x6, 0x0) setns(r2, 0x0) umount2$auto(&(0x7f0000000080)='.\x00', 0x3) setns(r1, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x1, 0x7, 0x686, 0x7181, 0x1ffdf, 0x7, 0x0, 0x8, 0x9, 0x352, 0x4, 0x200000000002, 0x384, 0x9, 0x8, 0x10006, 0x400007f, 0x0, 0x0, 0xe, 0x22000, 0x100007, 0x0, 0x84, [0x3, 0x2, 0xffffffffffffffff, 0x2, 0x0, 0x402000, 0x0, 0xe, 0x1, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x8, 0x3, 0x400000007, 0x0, 0x8, 0x1, 0x8, 0x4010000000000, 0xfffffffffffffffe, 0x1, 0x2f, 0x0, 0x3, 0x1006, 0x400000000005b8, 0xffff, 0x7, 0x100, 0x0, 0x7, 0x2, 0x88a, 0x40, 0xfffffffffffffffc, 0x8, 0xa38, 0x4, 0x3, 0xfffffffffffffffc, 0x2, 0x8, 0x10000000007, 0xc567]}, 0x1fe, 0xd) shmget$auto(0x400, 0x10563, 0x568c12f2) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) mprotect$auto(0x1ffff000, 0x8007, 0x0) sendmsg$auto_NL802154_CMD_NEW_SEC_LEVEL(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=ANY=[@ANYRES16=r2, @ANYRES16=r2, @ANYRES32=0x0, @ANYRES32=r0, @ANYRES16=r0, @ANYRES32=r0, @ANYBLOB="ac394db8e41b069ca5ccc85979fc080634e9195b1e9b1ea36d1b517943c195a68382e972dffcd8a41d591d14de6c127eeaff562e3350b6a0d494fffffff94d00085a793b2bdaa116d77161bc6eb1fd1878efa61637bbda837a60e96e5e06d3e186f3fb3b25dad88aa4d77bf33490836bdd0e27d2009c564a24de8bccd4a4a4d9110460ed16977041f68248b10df21690d3e8ad35e65c06e932d0f2c55d63b4d986d9253d2daf9708cdea"], 0x1d0}, 0x1, 0x0, 0x0, 0x8000}, 0x4) r3 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r3, 0xfffffff7effffd05, &(0x7f00000001c0)) sendfile$auto(0xffffffffffffffff, r3, &(0x7f0000000100)=0xcc20, 0xd) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket(0x2, 0x801, 0x106) socket(0xf, 0x80805, 0x0) keyctl$auto(0x1fd, 0x1, 0x4, 0x7, 0xbbc) open(0x0, 0x12ba7e, 0x145) 4m2.567368098s ago: executing program 0 (id=428): r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000db, 0xebd, 0x3, 0xfffffffffffffffc) io_uring_setup$auto(0x6, 0x0) lsm_set_self_attr$auto(0x1, 0x0, 0x80, 0x0) socket(0xa, 0x2, 0x3a) fspick$auto(0x926, 0x0, 0x10) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x47, 0x32b, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x80, 0x7, 0x0, 0x7, 0x0, 0x200, 0x0, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x5, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x400000000005b8, 0x0, 0x0, 0x0, 0x4000000000, 0x6, 0xffffffffffffffff, 0x0, 0x8000000000008, 0xfffffffffffffffc, 0x3, 0xa38, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x0, 0x0, 0x0, 0x3]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x8, 0x3) r2 = socket(0x2, 0x6, 0x0) getsockopt$auto(r2, 0x10d, 0xc, 0x0, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) r3 = getuid() msgctl$auto(0x1, 0x5, &(0x7f0000000300)={{0x2, 0xffffffffffffffff, 0xee00, 0x80e8, 0x401, 0x0, 0xa}, 0x0, &(0x7f00000002c0)=0x7, 0x8, 0x4, 0x80000000, 0x7fff, 0x101, 0x4, 0x7ff, 0xfeff}) setresuid$auto(r3, 0x0, r4) sendmsg$auto_NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)={0x518, 0x0, 0x4, 0x70bd2a, 0x25dfdbff, {}, [@NL80211_ATTR_FRAME={0x1a3, 0x33, "7f48b200200b70fb607288173e35e81571d7067d0b3134c5f1b7c3f3319c16e526589141816aa34f4b60f1e14ec3e194430501ce3f596fc5b3348fce862444e3513f6f029a3b983af839586ef692034a69e9700b839563d4235a2e983eb22884af9ebacb353a2ceb17a4b29dafd0c9be4e5de096441eef87c6e2d30b154c897f31e32372c7e2d08466ae39b94d3c0309aa53e150c8074bb507bc1f3c43d82c9e17e416c9cde329e62bbafecb813cf7581a5b3fe5bd104a26122ebdb9ac6cbfb641a22ae16870626a337aa93d5bcdd6f9d9dfa1d5b83afd340ea65a60c4d5e3f6b7bad3f437a099d2c6b9a2bd0d422d062188e4355fac94751b69fa36eac8d88bc6d42478532c37ff4fc986ccb4fc26cf5fc45f50481afcae2c2317b1db92444762ba629c2b5218302fa5c96c85bfa2df5810e81b883c51f8ef7822fa182d5c3a7aadfbce3ea276625b031f5c320cf8a8a8954945eeb3a39414b9fc5a78e1347bf6f8501b8d13c06c6ec957c1f45e64ca3e7687e0398e383cade8d2677af868efc0e599b0ff19ee1df3c1f4807be3a3b6e10fab42bf3b788d9735e478b567dc"}, @NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0x6}, @NL80211_ATTR_REKEY_DATA={0x353, 0x7a, 0x0, 0x1, [@nested={0x324, 0x140, 0x0, 0x1, [@nested={0x3c, 0x137, 0x0, 0x1, [@nested={0x4, 0x73}, @nested={0x4, 0xdb}, @typed={0x8, 0xa, 0x0, 0x0, @fd=r2}, @typed={0x8, 0x131, 0x0, 0x0, @uid=r3}, @typed={0x14, 0x5a, 0x0, 0x0, @ipv6=@loopback}, @typed={0xc, 0x7a, 0x0, 0x0, @u64=0x5}]}, @nested={0x5c, 0x146, 0x0, 0x1, [@typed={0x8, 0x89, 0x0, 0x0, @ipv4=@loopback}, @nested={0x4, 0x86}, @typed={0x46, 0x127, 0x0, 0x0, @binary="a221d5c01eefc0ace62ed64bc833bd4e42015e2ed47164d91f18271d270f6b11cb077313c76a83315dc19f7a1abf9e38d0f1d5674412c25ac7d65cdc1aed31e7d0fe"}, @nested={0x4, 0xc0}]}, @nested={0x285, 0x7b, 0x0, 0x1, [@generic="e8983d49d84e4393d355dc86a4618da3f6d5ec53eefdd2f9dea00151401f436729451169b935d7003ebbbcca072ac11663e4b78507cad7031542e821c5baa7929a382b5f0244228082c1d1fc135d7b5bbca52fcee7cba3ba5691d9494be6c5b719c1482b23f67dea80176ed4dd280391637089c109fb918f66f192c9ab3ba8d5643cdbf8d0418f3660574c88ab3519292f2e1bbe364418336295304abd7c3cfb56e5504341189321d1322c1c93cf908bbc0c74d3275a634c861e154184c4e94fbd57991512744d6479f19f5d51835533e6b95e423db2e602a1af28bccb51459da12ea865d9adcae3b4be980efd19db", @nested={0x4, 0xce}, @generic="ea7045dd86acd9fa48e6f9aa3a70ddc23a6bbb8cf4b37eeef9c7b18d83170a2347eef18fc6c0958ecf9eb662a1d1acdfc7c548d07721b383e25d46e7579452784deab1f43b7c3a9befda3d91b0fbfa0520c045dcf0ebe948019af0f8cd41db5460514322eb898130b31788f35fc85d7fb069afa360b8abe06838c1432e18949d3e4e705f478d8b74cbb93cee7a295635dd46b94137c6200b728ab674963368bec2733ee6e87289d486959ed8532e76172335133a32f51f7b6acefd306acf6931f5fa72ed462e02a8697fbe27b6e47bf01edf164baa57d965c208da8fe15cff", @generic="62767ff57be15361d5f3", @generic="f11b82c4a59077be7edb9c7e7c14e79f60e61ec1314b56d9c3081d8fc575a56ea39c39b3473bb4804a5e220612d25798ec2d4b37c2ff077ae8712b25722cfe32c9c280bee2652d04a75129668dbe7eeb9a11af9647353574b25f43181ffb8b4c1526d7c4464efa03d99bbc22f3956a5139f509588226c93a2ddbd4f0cd7f72a368f756272f76d987532992b78a44a0e7a0e6daaec10c1aee83e1a6f47e0e364356b4a13228"]}]}, @nested={0x4, 0x14d, 0x0, 0x1, [@generic]}, @generic="2d945dfdfc273c35ac4f6a9dd709a22d659e9dc3e602ee5217942ff5387500e368ab3f6a7bedca"]}, @NL80211_ATTR_DISABLE_EHT={0x4}]}, 0x518}}, 0x4c090) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) clock_gettime$auto(0x0, &(0x7f0000000000)={0x6, 0x10001}) capget$auto(&(0x7f0000000040)={0x5, 0xffffffffffffffff}, &(0x7f0000000080)={0x3, 0x8, 0xc0000}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00082dbd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100aaaaaaaaaa35000008000200", @ANYRES32, @ANYBLOB="060006000500000008002e"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 3m58.552598859s ago: executing program 0 (id=445): unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x3, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x6, 0x5, 0x0) r0 = socket(0x2, 0x5, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x82, 0x0) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x48000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) waitid$auto(0xf, 0xffffffffffffffff, &(0x7f0000000180)={@_si_pad}, 0x6, &(0x7f0000000200)={{0xa9, 0xec}, {0x7fff, 0x8}, 0xa03, 0x29, 0xfffffffffffffff8, 0x80000001, 0x3c04400f, 0xb, 0xa, 0x8, 0x80000001, 0x8, 0xa, 0xfffffffffffffffa, 0x2, 0xfffffffffffffff0}) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) 3m56.080401923s ago: executing program 0 (id=460): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/team_slave_1/anycast_delay\x00', 0x143402, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/kernel/perf_cpu_time_max_percent\x00', 0xa042, 0x0) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x2000c041) r2 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000080), 0x6b) syz_genetlink_get_family_id$auto_ovs_meter(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x202000d, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x20000002}, 0x8000, 0x0, 0x6) prctl$auto(0xffffffff, 0x4000007, 0x0, 0xb, 0x2002000008) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xfffffffffffeffff, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) msgrcv$auto(0x4, 0x0, 0x5, 0x8, 0x5) personality$auto(0x4) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x8512) bind$auto(0xffffffffffffffff, &(0x7f0000000300), 0x68) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, &(0x7f0000003240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x40) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x0, 0x1, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x8040) write$auto(0x3, 0x0, 0xfffffdef) setsockopt$auto(0xffffffffffffffff, 0x4, 0x8001, 0x0, 0x2) unshare$auto(0x1c85ce59) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) socket(0x26, 0xa, 0x0) mmap$auto(0x0, 0x1, 0x4000000000df, 0x44eb2, 0x3, 0x300000000000) mmap$auto(0x6, 0x100, 0xdf, 0x9b7e, 0x2, 0x7ffd) socket(0x11, 0x80003, 0x300) mincore$auto(0x6, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendfile$auto(r1, r0, 0x0, 0x48) 3m41.041162344s ago: executing program 32 (id=460): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/team_slave_1/anycast_delay\x00', 0x143402, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/kernel/perf_cpu_time_max_percent\x00', 0xa042, 0x0) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x2000c041) r2 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000080), 0x6b) syz_genetlink_get_family_id$auto_ovs_meter(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x202000d, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x20000002}, 0x8000, 0x0, 0x6) prctl$auto(0xffffffff, 0x4000007, 0x0, 0xb, 0x2002000008) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xfffffffffffeffff, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) msgrcv$auto(0x4, 0x0, 0x5, 0x8, 0x5) personality$auto(0x4) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x8512) bind$auto(0xffffffffffffffff, &(0x7f0000000300), 0x68) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, &(0x7f0000003240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x40) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x0, 0x1, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x8040) write$auto(0x3, 0x0, 0xfffffdef) setsockopt$auto(0xffffffffffffffff, 0x4, 0x8001, 0x0, 0x2) unshare$auto(0x1c85ce59) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) socket(0x26, 0xa, 0x0) mmap$auto(0x0, 0x1, 0x4000000000df, 0x44eb2, 0x3, 0x300000000000) mmap$auto(0x6, 0x100, 0xdf, 0x9b7e, 0x2, 0x7ffd) socket(0x11, 0x80003, 0x300) mincore$auto(0x6, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendfile$auto(r1, r0, 0x0, 0x48) 3m35.644541834s ago: executing program 3 (id=560): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x15, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) setsockopt$auto(r0, 0x114, 0x1, 0x0, 0x1c) 3m35.444380685s ago: executing program 3 (id=561): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyr4\x00', 0x1, 0x0) r0 = socket(0x2, 0x2, 0x88) setsockopt$auto(r0, 0x88, 0xa, &(0x7f0000000000)='\xba\xba\xd3\xc8[&P\x9c\xe7AJz\'\x91\xce=B}v+7n\xa2r0\x92\xc3\x0eE\x96\xf63\xec\xe0\xb2\f\xa86v\xeb\xf1\xcb\xd4\xa9\v\xe1\xcc\x18', 0x80000e) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3ff, 0x8000) connect$auto(0x3, &(0x7f00000000c0), 0x55) sendmmsg$auto(0x3, 0x0, 0x7, 0x0) r1 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001414af"], 0x14}, 0x1, 0x0, 0x0, 0x20004082}, 0x0) 3m35.155602777s ago: executing program 3 (id=562): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async, rerun: 64) mmap$auto(0x1000, 0x400005, 0xee, 0x15, 0x2, 0x8000) (async, rerun: 64) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) (async, rerun: 32) io_uring_setup$auto(0x6, 0x0) (async, rerun: 32) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32) clock_nanosleep$auto(0x7, 0x6, 0x0, &(0x7f0000000040)={0x3, 0x2}) (async, rerun: 32) madvise$auto(0x0, 0x2003ec, 0x14) 3m34.340434869s ago: executing program 3 (id=567): openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000003240), 0x20001, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x200000000004, 0x8000) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000180), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0x800, 0x9b72, 0x2, 0x8000) eventfd$auto(0x3) sendmsg$auto_NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000a80)=ANY=[@ANYBLOB="88030000", @ANYRES16=0x0, @ANYBLOB="00042cbd7000ffdbdf2501000005000900000008000200ba4d24064d02088014000400200100000000000000000000000000024b355a7d87f7b4f825a4a32d7dfa4ee030a8ba8339836473c6adba8b7388e7f88d51c075f83f22a245691267852d736f73b58f947976a14944c5f83e3de059bd70c89a7d2c62db2b6f455e5749a8814a762bc1f104ffec1a139bb0679c984bef8347332d48ff772a0af2bf248adab10c5040d1af4a74769649db6c36f033c580991b176adb52448ed07ad8a08b7702a852f1000c80ac3e30a94c5b0434db050d91bd33fad83a5fb91445bed981a2c4498e92b08be4b372bebc7a78d712f5a27dbb7f6a9f4eb0380904000280080016000600000008002b0000000000000000", @ANYRES32, @ANYBLOB="68a8105d08ce306178305fb4613924c9e754c150257c028dcb51de1fcccdce0696066efcdae939f778a147bda713ffe2a9f3f267b71b6fb15c748d05d1cbaa37757798b91f63f6f92d2f6d3322ccb4238f20945854c197e4e02431baeb82189b9b8df92443e8af715b967afb9f2ca7e823aec8aef56f85a48e711ca58408739186a4bfbb9f819de994b628151ae6e9067dc860584ac9fe7c3aa9b2b970026e9581d7e9aa4e69000000ae00898004007d80718351b22d3fa00912d4dda46ef4fbaffee1f1cb4d5df53271891e787e2a3b4c794a9e499f42f00f419c585f0d242bbe989333e78196568e9e82885c2f264f63e73b161604520d41f4115ef7ed7962be13b3ee99a36e9dd09da67cd8c3deeea8673ec353fe340b735e73881d72d8227062660a36e0fc84fcb5c1356ef7dcd4b983d1b8232f528672f39e11084cd66e6dc23001b39d0611a1a0255e52cdb7aed03300340c96b00000000000080002000700000008010b80d6a878d8fe755a7537a430b0b07684800e6eb252478fd4ea56aa568a157040b88fa8824641bb79f0a9846f9304ade1006e72eafe1e10f09de86f2422f3f25f2d2cc8de914490a9503d8784735342b937dcf85340c678bc74c2c236adb4ef2fadac113a94cf8825d0b0999cbef9c0e198121b085f1ff77bc7a09ec5db78383155c73e06d16d85c9527debcd2a8afa4df2cfd5182f88c3619a581c17a4508c8548a14ed6047fcce184ab6fd3cdb37d78e6abedb9970fdf15d1dcf38ad9988f89d1effcac1b46d071c2dcdfed3b3e923d9e033a3929d14b953e18c68f0fcac05b5a334234542ab5cfb4e7967dd22a29deae5e098dee7656d4ef97d9e9edae7a8194acbd609a"], 0x388}, 0x1, 0x0, 0x0, 0x801}, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2f212dbd7000fcdbdf252100000008000300", @ANYRES32=r2, @ANYBLOB="08009e00"], 0x24}}, 0x4000000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x123002, 0x0) ioctl$auto_SNDCTL_DSP_SUBDIVIDE(r3, 0xc0045009, 0x0) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) socket(0xa, 0x1, 0x88) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/wireless\x00', 0x400, 0x0) pread64$auto(r4, &(0x7f0000000080)='\xd5u+~\xa7x\xe0VQ\x1a6\xcf\xce\xfa\xfbN\x19\b\xf64\r\x122i\xd6\x0e\xfa\x96\x9aV:\xe1G\x14\xb2\xd4N\x0e#jX:\xd0\xe4\xa9\xda\xaf\x98\x94G\xa8\xb4\xa7uPc\x1ang\xdb\xb4\xa7\xad\x1b\xcbonh\xd8\x99\x03\x10\xb0\xa5\xfey\xd5F,70\xecG\x8a\fz\x95\x7f\xb0Y{\xdd\xa1\xa3E\x03\xd4\xc67U\x93\xe3A{\n\xfc\xa4\x0e_\xf8\x94\xc3a\x00\xe6\xea4\xa2\x7ft\xeb\x8b$\x16\x0e\xe8j\xcaI\xe0c\x05\x12(\v\xef\xc5Z\xfb\xed\xa3\x01\x001\xa5\x18%\xae/\x1b6\xaa\xf5ysD\xa6\xee\xbf\xc0v\"\x93\x96\"\xcak.\x0e_\xb3\xf7\xac\x9e\xbd/w\xdf\xfc\xe24z\x0f\x8f\b\xbe\xda\xfb\xd0Jj\x97\xfa{\x9d\xfd\xfb\x14\x1f\xb0\xe7\b#\xb9\x01\xf7\xf5\x1c1\xfbNX\xd9\xf0\x97@\xff(\x99\x13M\xadM\b\xf5\xcd\xa3\xe1Q|\r\x18\xd5\xb4\x1c\xa5\xfd\xdf\x98\xd9\xa7\xf3u\xa8ak\xfaHS\xfa\x12\x85\x85\x14\b\x9c\x15\xc10\xb3\xd5.\x13\xc6\xb6\xbak:\xbf\x8f\xcd\x7f\a\xb8', 0x1ff, 0x5) r5 = io_uring_setup$auto(0x8000, &(0x7f0000000140)={0x2, 0x8, 0x3, 0x0, 0x7, 0x101, 0xffffffffffffffff, [0x95, 0x9], {0xffffff80, 0x9, 0x10, 0xb831, 0x3, 0xdbb, 0x3, 0xee9, 0x2}, {0x8001, 0x6, 0x8, 0x1, 0x8, 0x0, 0x4, 0x6, 0xf}}) r7 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r5, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[], 0x14}}, 0x24000044) mmap$auto(0x2, 0x37c8, 0xdf, 0x810, r6, 0x28000) sendmsg$auto_BATADV_CMD_TP_METER(r7, 0x0, 0x40) close_range$auto(0x2, 0x8, 0x0) r8 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000080), 0xffffffffffffffff) r9 = socket(0x10, 0x2, 0xf) sendmsg$auto_NFSD_CMD_THREADS_SET(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="39030000000000000e493985231c58670e335b83ca4aee620e86b7b5bac934", @ANYRES16=r8, @ANYBLOB="01002dbd7000ffdbdf2502000000"], 0x14}, 0x1, 0x0, 0x0, 0x40000021}, 0x8004) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, 0x0, 0x0) 3m32.364174334s ago: executing program 3 (id=571): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/watchdog\x00', 0x800, 0x0) read$auto_proc_sys_file_operations_proc_sysctl(r0, 0x0, 0x0) mmap$auto(0x1000000000000001, 0x20009, 0x6, 0xeb1, r0, 0x8000) r1 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/conf/wg0/drop_gratuitous_arp\x00', 0x202, 0x0) sendfile$auto(r2, r2, 0x0, 0x7) epoll_wait$auto(r2, &(0x7f0000000000)={0x800}, 0x7fffffff, 0xfffffc00) getdents$auto(r1, 0x0, 0x400018) timer_create$auto(0xfffffffa, 0x0, 0x0) timer_gettime$auto(0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WOWLAN(r3, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000000080)={0x1c, r4, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x4000000) r6 = socketpair$auto(0x2, 0x4, 0x8000000000000000, 0x0) readv$auto(r1, &(0x7f00000002c0)={&(0x7f0000000240)="d7d77031849c3169c9494b802755ffb5a52ec5b062a43095e9d5a5cf5e4f24a547aef44846dc00a0d078679ee4b7d7a5f235a9937aff835ad4e373e6b2162ccd112f92d1192b3c95f05c341f094e501beb74a1220643c14a7af4142cb8b0b5858346ae42a329fe", 0x7}, 0x12) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) tkill$auto(0x80000000000001, 0x7) mkdir$auto(&(0x7f0000000140)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000180)='nfsd\x00`\xf0\xc3\xd3x\xb0\xe3\xc7\xfcW6\xe7\xd1?T\xd9X?\xf7\x00\x87H+T\xd0tqlmxDz\xc0V\xab\xab\xcf_\xb7\xa1Y\xcd\x18\x02\x1f\xdc\xf6\x8c\xce\xcf_r\x99|\xee\x1a\xd0\xca\xc7\x14\x15\r\x91{\xcc\x92\xd2\xf6<>\xd2\xbf\'\x9ea\xdb\x1b\xf4\xa9\xc1\xef#\x80\x03=\xb1]1\x91\x13`\x1f\x94\x95!g\x00J!\xeb\x13\a\x02o\xa5\x12hj;\x12\x98\x06O\x9e\\\\D\x06\xb4\xad\xbf\x0f\x8d\x95[\xec\xcc\x1b\xcbl/\x85\xfb\xe5\xf8#;J\xc9m\xf8\xf8\x1e\x9dA\xd4\x0e\a\x14\xd2\x17J[\x15\xf6', 0x3, &(0x7f0000000180)) r7 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x40, 0x0) shutdown$auto(r6, 0x6) ioctl$sock_SIOCGIFINDEX(r7, 0x4605, 0x0) setns(0xffffffffffffffff, 0x0) keyctl$auto(0x5, 0x0, 0xee00, 0x6, 0x91a) semtimedop$auto(0x0, &(0x7f00000001c0)={0x7, 0x82, 0x1}, 0x5, 0x0) unshare$auto(0x8000000) 3m30.965864399s ago: executing program 3 (id=575): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_COALESCE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0xc0, r0, 0x8, 0x2, 0x25dfdbfe, {}, [@NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_SSID={0x14, 0x34, "8b18a7235bcbb3e25fd5067b7ed859f9"}, @NL80211_ATTR_RECEIVE_MULTICAST={0x4}, @NL80211_ATTR_MLO_TTLM_DLINK={0x90, 0x148, "55e8f7207a5235aa96b756119938caa5736432bfa156dcb143e1e64d373411f25e885c02a3c2652d4e8113867d8ed18dd95e141ce33b4ee59b90ddeed11a557110492cee682cc542693ae106df9316c8a50f3cc475a0ca83e88c2da58811aee0f0f74c4aeb7d778a85617d658d763a62c9ea94df8a216ab5ab87722158a9bdf865fc54be1d22c59184d66fb9"}]}, 0xc0}, 0x1, 0x0, 0x0, 0x40000}, 0x40004) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x6, 0x100000000, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) migrate_pages$auto(0x0, 0x2, 0x0, 0x0) socket(0xa, 0x1, 0x0) listen$auto(0x3, 0x81) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd) socket(0x1d, 0x2, 0x6) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x5, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @my=0x1}, 0x55) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/afs/servers\x00', 0x100, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000040)=""/88, 0x58) 3m30.733770339s ago: executing program 33 (id=575): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_COALESCE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0xc0, r0, 0x8, 0x2, 0x25dfdbfe, {}, [@NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_SSID={0x14, 0x34, "8b18a7235bcbb3e25fd5067b7ed859f9"}, @NL80211_ATTR_RECEIVE_MULTICAST={0x4}, @NL80211_ATTR_MLO_TTLM_DLINK={0x90, 0x148, "55e8f7207a5235aa96b756119938caa5736432bfa156dcb143e1e64d373411f25e885c02a3c2652d4e8113867d8ed18dd95e141ce33b4ee59b90ddeed11a557110492cee682cc542693ae106df9316c8a50f3cc475a0ca83e88c2da58811aee0f0f74c4aeb7d778a85617d658d763a62c9ea94df8a216ab5ab87722158a9bdf865fc54be1d22c59184d66fb9"}]}, 0xc0}, 0x1, 0x0, 0x0, 0x40000}, 0x40004) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x6, 0x100000000, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) migrate_pages$auto(0x0, 0x2, 0x0, 0x0) socket(0xa, 0x1, 0x0) listen$auto(0x3, 0x81) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd) socket(0x1d, 0x2, 0x6) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x5, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @my=0x1}, 0x55) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/afs/servers\x00', 0x100, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000040)=""/88, 0x58) 2.522454284s ago: executing program 4 (id=1691): openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mtd0ro\x00', 0x28082, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) socket(0xa, 0x5, 0x0) r0 = socket(0x2b, 0x1, 0x1) r1 = fanotify_init$auto(0x5, 0x2000000000002) read$auto_transaction_log_fops_(r1, &(0x7f0000000280)=""/123, 0x7b) socket(0x2, 0x801, 0x100) r2 = openat$auto_ima_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000380), 0x4000, 0x0) connect$auto(r2, &(0x7f00000000c0)=@l2={0x1f, 0x6, @any, 0x7, 0x2}, 0x55) getsockopt$auto(0xffffffffffffffff, 0x6, 0x23, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000140), 0x382, 0x0) r3 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) ioctl$auto_USB_RAW_IOCTL_EP_READ(r3, 0xc0085508, &(0x7f0000000180)={0x1, 0x1ff, 0x9, "1567fa945503300a22a3cee853085ec002b03030e21aa4ad3f4c5441b027afc9bde5a7cba28eb56f658b3c833a0dd3b1056aae6db6061dc4ddcbbde9af15e8e8850bcca14317ddb569b1d3670f732b07ece212bfc0474dbcc05767d252aafff4ee392c35c5c2823f3882cfb566cf34718fd721509030b7c94165b0c8b1608fe49d741b52957c975ed4aa157ef55dca53568e8b631f01b8b90f42f8c0413f1d9fc897b779a750439f1e0fb00f218216a54dcfd9887ff7a020e86e64b62ad9d6a1819e1a578b3f94be5bc893294fc93a8d109789a166a1"}) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptys0\x00', 0x101e81, 0x0) mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa) rt_sigaction$auto(0xfffffffe, &(0x7f0000000340)={&(0x7f0000000080)=0x0, 0x7fffffffffffffff, 0x0, {0x5}}, 0x0, 0x8) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) rt_sigaction$auto(0x4, &(0x7f0000000300)={&(0x7f0000000240)=0x0, 0x0, 0x0, {0x1}}, 0x0, 0x8) r4 = gettid() rt_sigqueueinfo$auto(r4, 0x1, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_POWER_STATE(r0, 0x40045431, 0x0) 2.228904616s ago: executing program 5 (id=1694): openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000180)='/dev/binderfs/binder0\x00', 0x40, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty12\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x11, 0x3, 0x80000) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000140), 0x382, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptys0\x00', 0x101e81, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000000), r0) fchownat$auto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0xf18) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x20000080) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0xa, 0x801, 0x106) fstatfs$auto(0x3, 0x0) clone3$auto(&(0x7f0000000000)={0x200, 0x5, 0x7, 0x2, 0x7, 0x87, 0x8, 0xb, 0x9, 0x2, 0xcb6}, 0xaa) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x4100, 0x0) ioctl$auto_PPPIOCUNBRIDGECHAN(r1, 0x7434, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x2, 0x1) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/buffer_size_kb\x00', 0x101000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/nbd9/sched/batching\x00', 0x0, 0x0) socket(0xa, 0x3, 0x100) 1.91198708s ago: executing program 1 (id=1695): socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x12, 0x940, 0x1ffe0, 0x6, 0x6, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4002, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) syz_open_procfs$namespace(0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000005300)='/sys/devices/virtual/bdi/7:11/read_ahead_kb\x00', 0x200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000005340)=""/175, 0xaf) set_mempolicy$auto(0x2, 0x0, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semctl$auto(0x7, 0x2, 0x13, 0x1) r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0x43403d05, 0x0) move_pages$auto(0x0, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x403c6f2b, 0x0) 1.776408038s ago: executing program 1 (id=1696): socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x12, 0x940, 0x1ffe0, 0x6, 0x6, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4002, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) syz_open_procfs$namespace(0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000005300)='/sys/devices/virtual/bdi/7:11/read_ahead_kb\x00', 0x200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000005340)=""/175, 0xaf) set_mempolicy$auto(0x2, 0x0, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semctl$auto(0x7, 0x2, 0x13, 0x1) r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0x43403d05, 0x0) move_pages$auto(0x0, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) setsockopt$auto(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x8004) ioctl$auto_dvb_demux_fops_dmxdev(0xffffffffffffffff, 0x403c6f2b, 0x0) close_range$auto(0x2, 0x8000, 0x0) 1.745049689s ago: executing program 5 (id=1697): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) fstatfs$auto(0x0, 0x0) r0 = socket(0x2b, 0x1, 0x1) mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa) rt_sigaction$auto(0x1, &(0x7f00000001c0)={&(0x7f0000000080)=0x0, 0x7fffffffffffffff, 0x0, {0x5}}, 0x0, 0x8) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) rt_sigaction$auto(0x4, &(0x7f0000000300)={&(0x7f0000000240)=0x0, 0x0, 0x0, {0x1}}, 0x0, 0x8) r1 = gettid() rt_sigqueueinfo$auto(r1, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0xa, 0x801, 0x84) mmap$auto(0x3, 0x2, 0x7, 0x110, r0, 0x5) r3 = io_uring_setup$auto(0x6, 0x0) io_uring_enter$auto(0x3, 0x0, 0x1, 0x3, 0x0, 0x2) io_uring_enter$auto(r0, 0x1, 0x10003, 0xb, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r4, 0xc004743e, 0x0) mmap$auto(0x0, 0x20009, 0x7, 0xeb1, 0x401, 0x8000) r5 = syz_clone(0x800, &(0x7f0000000240)="091a171ca6cd2eccd5c8ca61c6ffee17129f81d82e1b962fa4dce819f8f416da283caeede6ec01421afdb5957005cc17410fdab566809cc48a41fb740da7c10260f0a875ce88afeff2fe7f27fb3e87902a21e958aaffbae1cc9f6cca3d4401f3bd277e1863adccf9c0c97676c36b4bf691d8ccd6f17c5f8283baf666ee2eceac785776b6972ce165f4d1a902385e006138daa4e9ffc952bcb02c2c030bb211cfe3d5d3748f78ac4e4a6b2fa8e5f5c458ad8a73e0e16ddfe95b3f88c3449fe4a86aa2ca82215c7656c150b616d09650bd3a4371413cdcfb3bcfa3cd09ce74a8b00626d5", 0xe3, &(0x7f0000000140), &(0x7f0000000340), &(0x7f0000000380)="1d1e641d4a98d2d29173d2fbeb4e3736f616da264139dccea6c621f0fca943cb9ff857933d0b148b58f418b82acaaabea819b83d3d8724aa7bf130eceaf0811dc504aa4398b7c4c010f00745fac3078cc6cbeeaa") ioctl$auto_SNDRV_CTL_IOCTL_ELEM_UNLOCK(r3, 0x40405515, &(0x7f0000000400)={@inferred=r5, 0x1, 0x7, 0x9, "bb408fb26f441ef80726b898123d212fbee81bcdca71785c59d0ca270f57b2e72a0dacb31506fa9d5794a1b2", @raw=0x1}) r6 = syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000100), r2) sendmsg$auto_HANDSHAKE_CMD_ACCEPT(r3, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)={0x2c, r6, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@HANDSHAKE_A_ACCEPT_HANDLER_CLASS={0x8, 0x2, 0x1ff}, @HANDSHAKE_A_ACCEPT_HANDLER_CLASS={0x8, 0x2, 0x1800}, @HANDSHAKE_A_ACCEPT_HANDLER_CLASS={0x8, 0x2, 0xfffeffff}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x10) ioctl$auto_PPPIOCSMRRU(r4, 0x4004743b, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r3, 0xc05c6104, &(0x7f0000000000)={"9fdfdeed", 0xa4f, 0x3, 0x5, 0x0, 0x2, "360f2243b4713fcce99ba6cf33f1cb", "ce6557f7", "3fe8d7c2", "6d239aa5", ["e9990a40887ca3ced54b5475", "5c0bc40c78d9e4e1ab5db3bf", "8dc521482983ef75ced871a0", "1a8a4184d4f2b6772055b3cd"]}) 1.596257532s ago: executing program 1 (id=1699): ioctl$auto_FUSE_DEV_IOC_BACKING_OPEN(0xffffffffffffffff, 0x4010e501, &(0x7f0000000180)={0xffffffffffffffff, 0x10001}) mmap$auto(0x2, 0x20009, 0x4000000000df, 0xeb1, r0, 0x8000) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000380)=ANY=[@ANYBLOB="c9ce4c66eacc90074f0d3437a59f3450148faed99a427420e52ae6a018ecdc9dbc31f03dbe40a7489376b6409a44f789bd3e01a966c794d0f1d2ccd359a0d71c3469a4ffb0d818e3a72bfd556f345949b43f990ce707a025bb5c14a6c72eb0f2f6153f10ba99a180b745782eda2ebae707a4f242eb7658ee9732831117a9473fccb6465cee1dd0e4926e94bac3cea3880356eb9307587edcf03db66eeea40d47dc88", @ANYRESDEC=r1, @ANYBLOB="41004bbd7000fbdbdf250a000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x20008814) open(&(0x7f0000000000)='./file0\x00', 0xa61c2, 0x84) bind$auto(0x3, 0x0, 0x6b) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) write$auto(0x3, 0x0, 0xfffffdef) fallocate$auto(0x8000000000000003, 0x0, 0xf, 0xcbd5d) newfstatat$auto(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={0x208, 0x2, 0xb32, 0xe29, 0xee01, 0xffffffffffffffff, 0x0, 0x5, 0x7eacb662, 0x2139, 0x5, 0xf89b, 0xffffffffffffffff, 0x100000001, 0xfffffffffffffff7, 0x8, 0x2}, 0x3250) symlink$auto(0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x8, 0x3, 0x101) madvise$auto(0x0, 0xffffffffffff0005, 0x19) move_pages$auto(0x0, 0xd0, 0x0, &(0x7f0000001140), 0x0, 0x2) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mount$auto(0x0, 0x0, 0x0, 0x7fffffff, 0x0) connect$auto(0x3, 0x0, 0x55) ioctl$auto(0x3, 0x8008551d, 0x1) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) 1.453993003s ago: executing program 4 (id=1700): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x24048804}, 0x800) sendmsg$auto_TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000001e80)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000540)=ANY=[], 0x190c}, 0x1, 0x0, 0x0, 0x41}, 0x4004840) r0 = socket(0x10, 0x2, 0x4) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r1, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43344b15bd494886e355cf6d92c8fe670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014100005800c00c50003000000000000000c02368008027a8087010c800800e800", @ANYRES32=r0, @ANYBLOB="0800fb"], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) socket(0x10, 0x3, 0x6) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x3, 0x0, 0x0, 0x8}, 0x7}, 0x3, 0x8000000) 1.393187579s ago: executing program 2 (id=1701): r0 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x80, 0x7, 0x0, 0x7, 0x2000, 0x200, 0x0, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x0, 0x0, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x0, 0x0, 0x400000000005b8, 0xc, 0x3, 0x0, 0x0, 0x6, 0xffffffffffffffff, 0x890, 0x8000000000008, 0xfffffffffffffffa, 0x3, 0xa38, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x4000000000]}, 0x1fe, 0x200d) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfd, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/block/nbd5/rqos/wbt/wb_normal\x00', 0x2000, 0x0) read$auto(r1, 0x0, 0x3) write$auto(0xffffffffffffffff, 0x0, 0x800000) 1.308773772s ago: executing program 4 (id=1702): mmap$auto(0x2, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r0 = pipe2$auto(0x0, 0x80) mmap$auto(0x7fffffff, 0x10004, 0xdf, 0x16, r0, 0x7) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x22, 0x2, 0x1) getsockopt$auto(0x6, 0x11b, 0x1d05, 0xfffffffffffffffd, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x3, 0x73) arch_prctl$auto(0x2, 0x2) setsockopt$auto(0x400000000000003, 0xff, 0xc, 0x0, 0xfff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram0\x00', 0x442, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000080)) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x100) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x17, 0xfffffffffffffff6, 0x8000) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x80000, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x2, 0x88) close_range$auto(0x0, 0xfffffffffffff000, 0x2) 1.235241937s ago: executing program 2 (id=1703): r0 = socket(0xa, 0x6, 0x0) listen$auto(r0, 0x5ed) r1 = socket(0x1d, 0x3, 0x1) getsockopt$auto(r1, 0x65, 0x1, 0xffffffffffffffff, 0x0) sendmsg$auto_NL80211_CMD_JOIN_IBSS(r1, &(0x7f0000000000)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0x50, &(0x7f0000000040)={0xfffffffffffffffc}}, 0x24008011) 1.163462972s ago: executing program 1 (id=1704): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r1, 0x8, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x4}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_TT_FLAGS={0x8, 0x15, 0x6}]}, 0x2c}}, 0x4000) r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000180), r0) sendmsg$auto_L2TP_CMD_SESSION_CREATE(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x5c, r2, 0x100, 0x70bd29, 0x25dfdbff, {}, [@L2TP_ATTR_FD={0x8, 0x17, r0}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @private1}, @L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @local}, @L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0x1}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0xae1}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4) newfstatat$auto(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={0x8, 0xe, 0x80000000, 0x400, 0xee01, 0x0, 0x0, 0x0, 0x5, 0x7, 0x100000001, 0x2, 0x1, 0x7f, 0x7fff, 0xfffffffffffffffa, 0x7}, 0x9) getpriority$auto(0xffff4ae1, r3) r5 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/sg1\x00', 0x12c00, 0x0) read$auto_sg_fops_sg(r5, &(0x7f0000000400)=""/218, 0xda) (async) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000540), r0) sendmsg$auto_NL80211_CMD_SET_CHANNEL(r0, &(0x7f0000000640)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x70, r6, 0x4, 0x70bd25, 0x25dfdbff, {}, [@NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x6}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'hsr0\x00'}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x5}, @NL80211_ATTR_COLOR_CHANGE_ELEMS={0x24, 0x131, 0x0, 0x1, [@NL80211_ATTR_MLO_LINK_DISABLED={0x4}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_SCAN_FREQ_KHZ={0xc, 0x124, 0x0, 0x1, [@typed={0x8, 0x11, 0x0, 0x0, @u32=0x1ff}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0x8}]}, @NL80211_ATTR_MAX_HW_TIMESTAMP_PEERS={0x6, 0x143, 0x3ff}, @NL80211_ATTR_STA_VLAN={0x8, 0x14, 0x9}, @NL80211_ATTR_CONTROL_PORT={0x4}]}, 0x70}, 0x1, 0x0, 0x0, 0x40000}, 0x88c8) (async) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000680)='/sys/kernel/security/tomoyo/exception_policy\x00', 0x880, 0x0) (async) sendmsg$auto_NL80211_CMD_SET_WIPHY(r0, &(0x7f0000000800)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000700)={0xb4, r6, 0x400, 0x70bd25, 0x25dfdbfd, {}, [@NL80211_ATTR_WIPHY_SELF_MANAGED_REG={0x4}, @NL80211_ATTR_HANDLE_DFS={0x4}, @NL80211_ATTR_BSS_BASIC_RATES={0x1d, 0x24, "3b4dbbb6b675fba607479e513a1ebe56ed55111c08abd3d9c4"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0xd}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x5}, @NL80211_ATTR_MAC_MASK={0x65, 0xd7, "35ab68bf561cad2138dc2fe9444044ef81c95f6da6253722d5ffb97cfdffc14f5f89bdc8a8a45dd3cccc7f2e3b62780ebbf58502aa1929e3f74633a59ecefddb68ea35edeb2cd1e8f40597c94a024f615be99ab1a256d27232944a0310cf9f267d"}]}, 0xb4}, 0x1, 0x0, 0x0, 0x48100}, 0x4000000) (async) r7 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000840)='/dev/snd/midiC2D1\x00', 0x0, 0x0) r8 = fcntl$auto(0xffffffffffffffff, 0x6b, 0x0) ioctl$auto_evdev_fops_evdev(r8, 0x4d, &(0x7f0000000880)="7d739d7a50378b17eb67757280accc558791ffb1b2737facf4baae651f4e2635ee2c415ee68e4fcf20c53580b16306bf431101c82fff7cb4a8748c9579f71adee556758f3df49c27b6a64431a2a0bd19447e7851c109") (async) stat$auto(&(0x7f0000000900)='./file0\x00', &(0x7f0000000940)={0x7, 0xfc34, 0x736f, 0x2c6, r3, r4, 0x0, 0x6, 0x100, 0x200, 0x6963, 0x6, 0x2, 0x6, 0xd1c6, 0x100000000, 0x401}) sendmmsg$auto(r7, &(0x7f0000000bc0)={{&(0x7f0000000a00)="d24cb0b7d8801268fc99143b6b22a8", 0xf, &(0x7f0000000b40)={&(0x7f0000000a40)="837416fdf60464c1f36ed3d37721b3e66a41e4b2ee478e9365af4d67b36d385e9d1c505232b9b65562ab84683348c547068e5c9a40790c975af6e39e218490d19d3310bb665d158dd79ab795225d2628276c72428aceef951e831761145d4bb55ba5741412aab2306272bf0a7e03cd5c4f90b0b50937562013efdf73e4cf2dc26e4dd2b3d1d74f823aa5a66edc4e237844c23d5fa3a0a0165ff99efb134ff03d607d5eb9cd98fa2e1eace26e48a931316beb7e7981941bd7679c83312504ec85f78bd451a8bd17b0a830c4d454", 0x7}, 0x9cbd, &(0x7f0000000b80)="b11555e329", 0x9, 0x2}}, 0x7fff, 0x401) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000c00)='/sys/bus/thunderbolt/uevent\x00', 0x10000, 0x0) (async) r10 = socketpair$auto(0x2, 0x1, 0x8, &(0x7f0000000c40)=0xff) (async) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000c80), r0) statmount$auto(&(0x7f0000000cc0)={0x20d, @raw=0x8001, 0x1, 0xd5, 0xa99}, &(0x7f0000000d00)={0x80, 0x3, 0xb85b, 0x4, 0x5, 0x0, 0xf, 0xfffffff7, 0x0, 0x10, 0xd, 0xdf49, 0x7, 0x74e, 0x28, 0x4, 0x6, 0x1000, 0x0, 0x1, 0x5b, 0x6, 0xffffffff, 0x40, 0x0, 0xfffffffa, [0x509, 0xffffffffffffffff, 0x5f, 0x2, 0x5, 0x2, 0x8, 0x0, 0x8, 0x0, 0x9, 0x4, 0xfff, 0x18, 0x0, 0x2, 0x76a8e3c5, 0x3, 0x5, 0xaa, 0x2, 0x7, 0x1ff, 0x5, 0x0, 0x1, 0x1, 0xc1, 0x5, 0x4, 0x7fffffffffffffff, 0x4ff4, 0x5, 0x0, 0x1ff, 0x100, 0x7, 0xff, 0x7, 0x100, 0x7fff, 0xffffffff, 0x1, 0x2, 0x4, 0xfffffffffffffffb], "010c41b383a594b4a1b11fcccba354e9763933e1fea2fa4e7ae2cd3bc146110c785c6023a46b205e51bdf445d026ce8a5e94df09229f6c11ac1914c1d845911bbb47f3c9339fd495921549cd98f2c0337908a2f868e8470bf9f98a7273f52936e0d3a6b82a585ec02d1483586f1c034c7843a12602735cbebdc92317985aefaf35babfab0fa47c2b8c639f8f5eb68a08765490cc0e33c3c126fd492d0e3059981c8b4ac172c3f3e75f9522cc0eb8"}, 0x0, 0x0) (async) setfsgid$auto(r9) r11 = socket$nl_generic(0x10, 0x3, 0x10) r12 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001000), r0) sendmsg$auto_ETHTOOL_MSG_FEC_SET(r11, &(0x7f00000010c0)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001080)={&(0x7f0000001040)={0x14, r12, 0x400, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4004000}, 0x44010) (async) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001500)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000014c0)={&(0x7f0000001140)={0x360, 0x0, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@MAC802154_HWSIM_ATTR_RADIO_EDGES={0x173, 0x3, 0x0, 0x1, [@generic="398a066f760f04085b038136d5ee23c2a0f1fcc07d34838e1ab875b4b9444521c5857718e593ecb4e81e60c4a72cf63be4f843c51fc8674b3a6abf19a16a830de5088348d8a6e3b1b20a80e98c40825851c15dfe7cf41958545137feb77dfba88cbfc016a27f6d805098895b2bc1bcb98f89c57d8326eb0cfbd26e2b43a7c69aaa6eb8cc7b24418eef4f515e4fd144296c368476804ad4925038a81aa9862e1165b703f0cf65", @generic="62e38554155facf7fac3d52c9180d1227f511ed27d6214800db290e0fc3e7f7f5c1c39dc2460df7a023d167dc41bbff1acc8380e848088a322204fe74a80bf0ee2c180ec04290c3b93406c7fc614202d8caa0d90a2e988fcb198e3cb1dc6fd974967ca799424744aa4ab65c033044ad982d10c946acd2ce43f5e0e6d974944665f4a906f01380e55655a0cabfbdcb94cdbde933eafcfefa4cd404ebe1853d9be3093f5fa74103b373e674476ed293b21ce0ecd62d0e2a85ac51e1cbb451831f0ae40e633723ca7b730"]}, @MAC802154_HWSIM_ATTR_RADIO_EDGE={0xb4, 0x2, 0x0, 0x1, [@typed={0xc, 0xd7, 0x0, 0x0, @u64}, @nested={0xa4, 0x57, 0x0, 0x1, [@nested={0x4, 0xb7}, @typed={0x4, 0x43, 0x0, 0x0, @binary}, @generic="62350615271049dbb3cae66aa08390686dfe07f7065472ef1800b974fa63bead8b376e7a23dcfea8ffc47d72487707e7223e3112f7f508f7d717bf837a215015820108929ef81bfce70eae5cb1a4c8d15f9aed6aecbd4bfdc40596bf4dffc4cc0508df4cccf74698b8793d99e12b8be8f847cda719e1ac50c6fef9a5beca09c5d866c1674a52f3f8cbf2a116e0384b4379c9b926ba0d436e"]}]}, @MAC802154_HWSIM_ATTR_RADIO_EDGE={0x122, 0x2, 0x0, 0x1, [@generic="dd8c3a1d7b487fee552f7b30cbb94b1a49c53eaddd537af6843fa205e4bb8592839a57869b513fd432e96563fa2b7893022d2e4921808fba061b3ecbc9bec8bc36800b886c4f0accaa83da45cd71cadbd89190b63b460fc2f8191d91a698ae8041cd1d326ede974aaedf34425e155ede92d5e827eb5a214b360229debc2929b89680cbd1f516040db546698e025551d218e9dba97acc41526dc19ad557b967689d487b6b8841aca90fbc233bfa", @typed={0xc, 0xbf, 0x0, 0x0, @u64=0xfffffffffffffeff}, @generic="af92778f44d6b93f9e1e9749671d60597e882694f6f8bdf5fd65670c592647a957f82a14e1bdeb518703174959ef65896ba1db424bb1b0f9a2b93747a2d6f5bafa79c23517218b52b97f85eb336da98f241ee8980e7c859e9746a960ddbf65ee70a36e1158"]}]}, 0x360}, 0x1, 0x0, 0x0, 0x20008000}, 0x8000) (async) syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000001540), r10) (async) r13 = syz_genetlink_get_family_id$auto_nfc(&(0x7f00000015c0), r8) sendmsg$auto_NFC_CMD_ENABLE_SE(r0, &(0x7f0000001680)={&(0x7f0000001580)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001640)={&(0x7f0000001600)={0x38, r13, 0x20, 0x70bd28, 0x25dfdbfb, {}, [@NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0x9}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x2}, @NFC_ATTR_FIRMWARE_NAME={0x9, 0x14, 'hsr0\x00'}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x8040}, 0x24000065) 1.122643553s ago: executing program 2 (id=1705): socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x12, 0x940, 0x1ffe0, 0x6, 0x6, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4002, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) syz_open_procfs$namespace(0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000005300)='/sys/devices/virtual/bdi/7:11/read_ahead_kb\x00', 0x200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000005340)=""/175, 0xaf) set_mempolicy$auto(0x2, 0x0, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semctl$auto(0x7, 0x2, 0x13, 0x1) r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0x43403d05, 0x0) r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x403c6f2b, 0x0) 976.658088ms ago: executing program 2 (id=1706): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x80000011, 0x401, 0x8000) syslog$auto(0x4, &(0x7f0000000080)='\x00\x00\x00', 0xffffff7f) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00') syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x402000b, 0xdf, 0x10000000000eb1, 0x401, 0x8000) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x2584, 0x0) ioctl$auto(0x3, 0x40045542, 0xb551) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/midi2\x00', 0x204100, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x1000000000000d) getdents$auto(r0, 0x0, 0x205) 901.05732ms ago: executing program 1 (id=1707): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r1 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) r2 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000140), r1) sendmsg$auto_NBD_CMD_DISCONNECT(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x64, r2, 0x20, 0x70bd29, 0x25dfdbfd, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0xd}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x6}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x9}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x7}, @NBD_ATTR_INDEX={0x8, 0x1, 0x7f}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x5}]}, 0x64}, 0x1, 0x0, 0x0, 0x80}, 0x4000000) connect$auto(r1, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socket(0xa, 0x2, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r3 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1ff, 0x7, 0x25, 0x4909b6f5, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x3, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84, [0x20000003, 0x3, 0x0, 0x50100000000000, 0x0, 0x2000, 0x0, 0xe, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0x0, 0x4000, 0x0, 0x2, 0xfffffffffffffffd, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x1, 0x10000000000, 0xffffffffffffffff, 0x3, 0xfffffffffffeffff, 0x0, 0x292, 0x0, 0x400000000005b8, 0x9, 0x0, 0x200000000, 0x0, 0x6, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0x8000000000000000, 0x9, 0xa38, 0x0, 0x3, 0xfffffffffffffffc, 0x2, 0x1, 0x4]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0xf7374674b920089e) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) sendmsg$auto_HANDSHAKE_CMD_ACCEPT(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x33580}}, 0x4064890) 899.876852ms ago: executing program 4 (id=1708): socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x12, 0x940, 0x1ffe0, 0x6, 0x6, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4002, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) syz_open_procfs$namespace(0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000005300)='/sys/devices/virtual/bdi/7:11/read_ahead_kb\x00', 0x200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000005340)=""/175, 0xaf) set_mempolicy$auto(0x2, 0x0, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semctl$auto(0x7, 0x2, 0x13, 0x1) r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0x43403d05, 0x0) move_pages$auto(0x0, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) setsockopt$auto(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x8004) ioctl$auto_dvb_demux_fops_dmxdev(0xffffffffffffffff, 0x403c6f2b, 0x0) close_range$auto(0x2, 0x8000, 0x0) 798.744647ms ago: executing program 2 (id=1709): openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/mtd0ro\x00', 0x28082, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'dummy0\x00'}) futex$auto(&(0x7f00000001c0)=0x1, 0x8c, 0x1, 0x0, 0x0, 0x1) r1 = socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) fsopen$auto(&(0x7f0000000000)='nlctrl\x00', 0x3) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) r2 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff) madvise$auto(0x6, 0x1, 0xb) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000001100)={0x14, r2, 0x301, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0xc040810) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) bpf$auto(0xfffff001, 0x0, 0xa3) writev$auto(0xca, &(0x7f0000000080)={&(0x7f0000000040), 0x1}, 0x7e) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) read$auto(0x4, 0x0, 0xfdef) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r4, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000dc0)={0x34, r3, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@ETHTOOL_A_MODULE_EEPROM_OFFSET={0x8, 0x2, 0xf7}, @ETHTOOL_A_MODULE_EEPROM_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x4004084}, 0x82) read$auto(r4, 0x0, 0x2184689f) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) r5 = openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0) write$auto_cpu_latency_qos_fops_qos(r5, 0x0, 0x0) 718.574045ms ago: executing program 4 (id=1710): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_COALESCE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0xac, r0, 0x8, 0x2, 0x25dfdbfe, {}, [@NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_RECEIVE_MULTICAST={0x4}, @NL80211_ATTR_MLO_TTLM_DLINK={0x90, 0x148, "55e8f7207a5235aa96b756119938caa5736432bfa156dcb143e1e64d373411f25e885c02a3c2652d4e8113867d8ed18dd95e141ce33b4ee59b90ddeed11a557110492cee682cc542693ae106df9316c8a50f3cc475a0ca83e88c2da58811aee0f0f74c4aeb7d778a85617d658d763a62c9ea94df8a216ab5ab87722158a9bdf865fc54be1d22c59184d66fb9"}]}, 0xac}, 0x1, 0x0, 0x0, 0x40000}, 0x40004) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x6, 0x100000000, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) migrate_pages$auto(0x0, 0x2, 0x0, 0x0) socket(0xa, 0x1, 0x0) listen$auto(0x3, 0x81) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x5, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @my=0x1}, 0x55) 683.194135ms ago: executing program 5 (id=1711): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_COALESCE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0xac, r0, 0x8, 0x2, 0x25dfdbfe, {}, [@NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_RECEIVE_MULTICAST={0x4}, @NL80211_ATTR_MLO_TTLM_DLINK={0x90, 0x148, "55e8f7207a5235aa96b756119938caa5736432bfa156dcb143e1e64d373411f25e885c02a3c2652d4e8113867d8ed18dd95e141ce33b4ee59b90ddeed11a557110492cee682cc542693ae106df9316c8a50f3cc475a0ca83e88c2da58811aee0f0f74c4aeb7d778a85617d658d763a62c9ea94df8a216ab5ab87722158a9bdf865fc54be1d22c59184d66fb9"}]}, 0xac}, 0x1, 0x0, 0x0, 0x40000}, 0x40004) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x6, 0x100000000, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) migrate_pages$auto(0x0, 0x2, 0x0, 0x0) socket(0xa, 0x1, 0x0) listen$auto(0x3, 0x81) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x5, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @my=0x1}, 0x55) 518.986403ms ago: executing program 2 (id=1712): ioctl$auto_FUSE_DEV_IOC_BACKING_OPEN(0xffffffffffffffff, 0x4010e501, &(0x7f0000000180)={0xffffffffffffffff, 0x10001}) mmap$auto(0x2, 0x20009, 0x4000000000df, 0xeb1, r0, 0x8000) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000380)=ANY=[@ANYBLOB="c9ce4c66eacc90074f0d3437a59f3450148faed99a427420e52ae6a018ecdc9dbc31f03dbe40a7489376b6409a44f789bd3e01a966c794d0f1d2ccd359a0d71c3469a4ffb0d818e3a72bfd556f345949b43f990ce707a025bb5c14a6c72eb0f2f6153f10ba99a180b745782eda2ebae707a4f242eb7658ee9732831117a9473fccb6465cee1dd0e4926e94bac3cea3880356eb9307587edcf03db66eeea40d47dc88", @ANYRESDEC=r1, @ANYBLOB="41004bbd7000fbdbdf250a000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x20008814) open(&(0x7f0000000000)='./file0\x00', 0xa61c2, 0x84) bind$auto(0x3, 0x0, 0x6b) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) write$auto(0x3, 0x0, 0xfffffdef) fallocate$auto(0x8000000000000003, 0x0, 0xf, 0xcbd5d) newfstatat$auto(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={0x208, 0x2, 0xb32, 0xe29, 0xee01, 0xffffffffffffffff, 0x0, 0x5, 0x7eacb662, 0x2139, 0x5, 0xf89b, 0xffffffffffffffff, 0x100000001, 0xfffffffffffffff7, 0x8, 0x2}, 0x3250) symlink$auto(0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x8, 0x3, 0x101) madvise$auto(0x0, 0xffffffffffff0005, 0x19) move_pages$auto(0x0, 0xd0, 0x0, &(0x7f0000001140), 0x0, 0x2) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mount$auto(0x0, 0x0, 0x0, 0x7fffffff, 0x0) connect$auto(0x3, 0x0, 0x55) ioctl$auto(0x3, 0x8008551d, 0x1) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) 378.821204ms ago: executing program 4 (id=1713): mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x400, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) r1 = socket(0x34, 0x5, 0xfff) socket(0x10, 0x2, 0x15) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/timers\x00', 0x0, 0x0) mlockall$auto(0x7) mmap$auto(0x80000000000000, 0x8000000020009, 0x1000df, 0x10011, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x24004810}, 0x800) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16, @ANYBLOB="09a644fa416e4bd7bcf58c900d412a933d6e565c4e66e342e1f3d34f6e2018b16bf53aeb82511fa47eaefdd9a04818d007f10028d8f9df4b5ff48c312e9efb35fb51818979fd75004dd24a536d383cc7cf61a42a168d3d89f27716901f0e593659a41cd268bc368af648dd8a8741ec38c98717019f37fe8ec02b626cf837464675023a2cbd3c19cb7dfe3356fcca3c1a47ba9adc380ba58164fa554aca3c0f2667fe03e222bdc5f64670915feda11dcf510734468ff1594548d201b676deb1479f111d7a32ff3416c2bda9913edb00c25057629b01f50dd3e7f39d335467e32b6494b5142ec43f660d7f583e9c28d9ee4c56cc6fc428b7e0f896334c4b96"], 0x28}, 0x1, 0x0, 0x0, 0x4004000}, 0x2000c800) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYRES16=r4, @ANYRES32=r2, @ANYBLOB="00000000000000000000000000ad"], 0x14}, 0x1, 0x0, 0x0, 0x4c894}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYRESHEX=r3, @ANYRESHEX=r4, @ANYBLOB="d1345b75563ae2902f07bec129271826d8bc3b37a53e79b643e611112fcc0de345b9738898c1524aaaa071a2fd2acbe36e924bea1481f1a9224e6f0543ffeced98c1f9ccbc91c2be0ed8992d854fb853d3f5af4cc530ad7cc568c4917ddf915c4ee56b63b8adfb957744db3c429b83df3c843caf2ca5a30ef2fe4e0041f61e2cdf1b48855f4c001e4d5b6336a090cc8163ee920f95bf4b135bb0ffb45938aa70c2", @ANYRES8=r3, @ANYRES64=r2], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0) inotify_rm_watch$auto(0xffffffffffffffff, 0x84e4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) madvise$auto(0x0, 0x2000040080000004, 0xe) modify_ldt$auto(0x1, 0x0, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0xfffffffffffffffd, 0xffffffffffff0002, 0x19) mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x8000000000000000, 0x2) madvise$auto(0x100, 0x1010001, 0x100000003) setgroups$auto(0xe32, &(0x7f0000000040)=0x9) 269.394999ms ago: executing program 1 (id=1714): r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000700)='/dev/binderfs/binder0\x00', 0x2280, 0x0) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') (async) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x181902, 0x0) openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000000140)='/dev/media11\x00', 0x40, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) (async) socket(0x2, 0x801, 0x100) (async) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/mnt\x00') (async) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socketpair$auto(0x40400001, 0x8, 0x200, 0x0) (async) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) ioctl$auto(r2, 0x540a, 0x0) (async) ioctl$auto_TIOCSTI2(r2, 0x5412, 0x0) (async) mmap$auto_binder_fops_binder_internal(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1, 0x12, r0, 0x100000000) (async) r3 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r3, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/node/node0/hugepages/hugepages-1048576kB/demote\x00', 0x1, 0x0) (async) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/user\x00') ioctl$NS_GET_PARENT(r4, 0xb702, 0x0) (async) ioperm$auto(0x4d5, 0x7, 0x3) (async) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) (async) r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) write$auto(r5, 0x0, 0x0) (async) io_uring_setup$auto(0xa, 0x0) (async) readv$auto(r1, &(0x7f00000000c0)={0x0, 0x1000}, 0x1) r6 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000001440)={0x0, 0x0, &(0x7f0000001400)={&(0x7f0000000240)={0x14, r6, 0x6c5679fc7dece1a9, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008000) 228.326752ms ago: executing program 5 (id=1715): socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x88) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty46\x00', 0x424800, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup\x00', &(0x7f0000000040)={0x101201, 0x0, 0x7}, 0x18) ioctl$auto(r0, 0x540a, r0) 92.792986ms ago: executing program 5 (id=1716): socket(0x2, 0x1, 0x106) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f00000000c0), r0) sendmsg$auto_SMC_NETLINK_DUMP_UEID(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r1, 0x315, 0x70bd2b, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20008805}, 0x4004000) socketpair$auto(0xffffffff, 0x5, 0x1, 0x0) connect$auto(0x3, 0x0, 0x55) setsockopt$auto(0x3, 0x6, 0x19, 0x0, 0xfb3) madvise$auto(0x0, 0xffffffffffff0001, 0x9) connect$auto(0x3, 0x0, 0x55) 0s ago: executing program 5 (id=1717): mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r0, &(0x7f0000001680)="a7", 0x1) r1 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) clone$auto(0x100000000, 0x1, 0x0, 0x0, 0x37) write$auto_proc_mem_operations_base(r1, &(0x7f0000001680)="a7", 0x82000) kernel console output (not intermixed with test programs): 827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.694136][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.705979][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.724709][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.739292][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.764088][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.782822][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.827229][ T1106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.839043][ T5827] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.851489][ T5827] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.860619][ T1106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.861456][ T5827] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.877350][ T5827] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.979916][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.002418][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.083323][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.096409][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.175453][ T1106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.183296][ T1106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.277042][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.297876][ T5898] vivid-013: ================= START STATUS ================= [ 72.304509][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.309041][ T5898] vivid-013: Generate PTS: [ 72.314235][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.314964][ T5898] true [ 72.318766][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.348251][ T5898] [ 72.361023][ T5898] vivid-013: Generate SCR: true [ 72.387525][ T5898] tpg source WxH: 640x360 (Y'CbCr) [ 72.393114][ T5898] tpg field: 1 [ 72.407631][ T5898] tpg crop: 640x360@0x0 [ 72.424300][ T5898] tpg compose: 640x360@0x0 [ 72.437755][ T5898] tpg colorspace: 8 [ 72.452665][ T5898] tpg transfer function: 0/0 [ 72.459614][ T5898] tpg Y'CbCr encoding: 0/0 [ 72.487720][ T5898] tpg quantization: 0/0 [ 72.491929][ T5898] tpg RGB range: 0/2 [ 72.511791][ T5898] vivid-013: ================== END STATUS ================== [ 73.315080][ T5921] Zero length message leads to an empty skb [ 73.505389][ T5841] Bluetooth: hci2: command tx timeout [ 73.510844][ T5841] Bluetooth: hci3: command tx timeout [ 73.516347][ T5837] Bluetooth: hci0: command tx timeout [ 73.584097][ T5841] Bluetooth: hci1: command tx timeout [ 73.864322][ T5933] random: crng reseeded on system resumption [ 73.956280][ T5936] HnR: entered promiscuous mode [ 73.977395][ T5936] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13'. [ 74.015160][ T5938] tipc: Started in network mode [ 74.020089][ T5938] tipc: Node identity ee00, cluster identity 4711 [ 74.053868][ T5938] tipc: Node number set to 60928 [ 74.060289][ T5936] HnR: left promiscuous mode [ 74.602463][ T5947] vivid-013: ================= START STATUS ================= [ 74.616679][ T5947] vivid-013: Generate PTS: true [ 74.623212][ T5947] vivid-013: Generate SCR: true [ 74.632151][ T5947] tpg source WxH: 640x360 (Y'CbCr) [ 74.641261][ T5947] tpg field: 1 [ 74.646876][ T5947] tpg crop: 640x360@0x0 [ 74.651249][ T5947] tpg compose: 640x360@0x0 [ 74.659966][ T5947] tpg colorspace: 8 [ 74.665553][ T5947] tpg transfer function: 0/0 [ 74.671129][ T5947] tpg Y'CbCr encoding: 0/0 [ 74.700221][ T5947] tpg quantization: 0/0 [ 74.743875][ T5947] tpg RGB range: 0/2 [ 74.750187][ T5947] vivid-013: ================== END STATUS ================== [ 75.584563][ T5841] Bluetooth: hci3: command tx timeout [ 75.587917][ T5832] Bluetooth: hci0: command tx timeout [ 75.590021][ T5841] Bluetooth: hci2: command tx timeout [ 75.664699][ T5841] Bluetooth: hci1: command tx timeout [ 76.266805][ T6000] vivid-013: ================= START STATUS ================= [ 76.314942][ T6000] vivid-013: Generate PTS: true [ 76.319881][ T6000] vivid-013: Generate SCR: true [ 76.333788][ T6000] tpg source WxH: 640x360 (Y'CbCr) [ 76.339177][ T6000] tpg field: 1 [ 76.342574][ T6000] tpg crop: 640x360@0x0 [ 76.370900][ T6000] tpg compose: 640x360@0x0 [ 76.386059][ T6000] tpg colorspace: 8 [ 76.394084][ T6000] tpg transfer function: 0/0 [ 76.421424][ T6000] tpg Y'CbCr encoding: 0/0 [ 76.453901][ T6000] tpg quantization: 0/0 [ 76.476709][ T6000] tpg RGB range: 0/2 [ 76.492051][ T6000] vivid-013: ================== END STATUS ================== [ 76.866171][ T6015] capability: warning: `syz.0.39' uses 32-bit capabilities (legacy support in use) [ 77.193564][ T6020] netlink: 334 bytes leftover after parsing attributes in process `syz.2.41'. [ 77.462307][ T6027] openvswitch: netlink: Flow actions attr not present in new flow. [ 78.519865][ T6050] vivid-013: ================= START STATUS ================= [ 78.544321][ T6050] vivid-013: Generate PTS: true [ 78.549251][ T6050] vivid-013: Generate SCR: true [ 78.555292][ T6050] tpg source WxH: 640x360 (Y'CbCr) [ 78.555325][ T6050] tpg field: 1 [ 78.555336][ T6050] tpg crop: 640x360@0x0 [ 78.555356][ T6050] tpg compose: 640x360@0x0 [ 78.555375][ T6050] tpg colorspace: 8 [ 78.555386][ T6050] tpg transfer function: 0/0 [ 78.555400][ T6050] tpg Y'CbCr encoding: 0/0 [ 78.555412][ T6050] tpg quantization: 0/0 [ 78.555424][ T6050] tpg RGB range: 0/2 [ 78.555437][ T6050] vivid-013: ================== END STATUS ================== [ 78.961910][ T6061] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 79.169934][ T6070] tipc: Started in network mode [ 79.175171][ T6070] tipc: Node identity ee00, cluster identity 4711 [ 79.182396][ T6070] tipc: Node number set to 60928 [ 79.767341][ T6083] vivid-013: ================= START STATUS ================= [ 79.790744][ T6083] vivid-013: Generate PTS: true [ 79.806066][ T6083] vivid-013: Generate SCR: true [ 79.823202][ T6083] tpg source WxH: 640x360 (Y'CbCr) [ 79.845170][ T6083] tpg field: 1 [ 79.858999][ T6083] tpg crop: 640x360@0x0 [ 79.870280][ T6083] tpg compose: 640x360@0x0 [ 79.878351][ T6083] tpg colorspace: 8 [ 79.882197][ T6083] tpg transfer function: 0/0 [ 79.888052][ T6083] tpg Y'CbCr encoding: 0/0 [ 79.892578][ T6083] tpg quantization: 0/0 [ 79.900306][ T6083] tpg RGB range: 0/2 [ 79.905891][ T6083] vivid-013: ================== END STATUS ================== [ 80.469682][ T6097] process 'syz.2.70' launched ':,' with NULL argv: empty string added [ 80.754416][ T6103] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 81.128773][ T6110] vivid-013: ================= START STATUS ================= [ 81.136933][ T6110] vivid-013: Generate PTS: true [ 81.142924][ T6110] vivid-013: Generate SCR: true [ 81.148234][ T6110] tpg source WxH: 640x360 (Y'CbCr) [ 81.153462][ T6110] tpg field: 1 [ 81.157114][ T6110] tpg crop: 640x360@0x0 [ 81.163622][ T6110] tpg compose: 640x360@0x0 [ 81.171276][ T6110] tpg colorspace: 8 [ 81.203361][ T6110] tpg transfer function: 0/0 [ 81.213261][ T6110] tpg Y'CbCr encoding: 0/0 [ 81.233874][ T6110] tpg quantization: 0/0 [ 81.238075][ T6110] tpg RGB range: 0/2 [ 81.241995][ T6110] vivid-013: ================== END STATUS ================== [ 81.415167][ T6117] netlink: 8 bytes leftover after parsing attributes in process `syz.2.74'. [ 81.605420][ T6131] FAULT_INJECTION: forcing a failure. [ 81.605420][ T6131] name failslab, interval 1, probability 0, space 0, times 1 [ 81.644007][ T6131] CPU: 0 UID: 0 PID: 6131 Comm: syz.0.80 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 [ 81.654588][ T6131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 81.664684][ T6131] Call Trace: [ 81.668025][ T6131] [ 81.670960][ T6131] dump_stack_lvl+0x16c/0x1f0 [ 81.675660][ T6131] should_fail_ex+0x497/0x5b0 [ 81.680347][ T6131] ? fs_reclaim_acquire+0xae/0x150 [ 81.685466][ T6131] should_failslab+0xc2/0x120 [ 81.690160][ T6131] __kmalloc_noprof+0xce/0x4f0 [ 81.694934][ T6131] ? d_absolute_path+0x137/0x1b0 [ 81.699887][ T6131] ? tomoyo_encode2+0x100/0x3e0 [ 81.704747][ T6131] tomoyo_encode2+0x100/0x3e0 [ 81.709435][ T6131] tomoyo_realpath_from_path+0x1a7/0x710 [ 81.715080][ T6131] tomoyo_path_number_perm+0x248/0x5b0 [ 81.720552][ T6131] ? tomoyo_path_number_perm+0x235/0x5b0 [ 81.726199][ T6131] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 81.732215][ T6131] ? __pfx_lock_release+0x10/0x10 [ 81.737251][ T6131] ? trace_lock_acquire+0x14e/0x1f0 [ 81.742460][ T6131] ? lock_acquire+0x2f/0xb0 [ 81.746966][ T6131] ? __fget_files+0x40/0x3a0 [ 81.751565][ T6131] ? __fget_files+0x206/0x3a0 [ 81.756256][ T6131] security_file_ioctl+0x9b/0x240 [ 81.761285][ T6131] __x64_sys_ioctl+0xb7/0x200 [ 81.765969][ T6131] do_syscall_64+0xcd/0x250 [ 81.770480][ T6131] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.776391][ T6131] RIP: 0033:0x7fc4f0785d29 [ 81.780807][ T6131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.800429][ T6131] RSP: 002b:00007fc4f1656038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 81.808847][ T6131] RAX: ffffffffffffffda RBX: 00007fc4f0975fa0 RCX: 00007fc4f0785d29 [ 81.816821][ T6131] RDX: 0000000020000000 RSI: 00000000c1105517 RDI: 0000000000000004 [ 81.824793][ T6131] RBP: 00007fc4f1656090 R08: 0000000000000000 R09: 0000000000000000 [ 81.832763][ T6131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 81.840739][ T6131] R13: 0000000000000000 R14: 00007fc4f0975fa0 R15: 00007ffcc98f9318 [ 81.848740][ T6131] [ 81.952689][ T9] cfg80211: failed to load regulatory.db [ 81.995122][ T6131] ERROR: Out of memory at tomoyo_realpath_from_path. [ 82.774640][ T6152] openvswitch: netlink: nsh attribute has 2 unknown bytes. [ 85.735470][ T6201] netlink: 4 bytes leftover after parsing attributes in process `syz.0.103'. [ 86.028265][ T6211] syz.1.105 uses obsolete (PF_INET,SOCK_PACKET) [ 88.910381][ T6278] ima: policy update failed [ 88.951143][ T29] audit: type=1802 audit(1735010815.977:2): pid=6278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.125" res=0 errno=0 [ 89.274374][ T6284] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 89.370063][ T6284] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 89.432675][ T6284] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 89.508496][ T6284] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 89.542672][ T6284] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 89.576971][ T6284] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 89.604422][ T6284] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 89.644139][ T6284] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 89.665425][ T6284] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 89.701633][ T6284] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 90.200796][ T6298] lo: entered allmulticast mode [ 90.244247][ T6297] lo: left allmulticast mode [ 90.778959][ T6313] syz.3.134 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 91.712794][ T6307] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 91.838071][ T6335] netlink: 28 bytes leftover after parsing attributes in process `syz.1.141'. [ 92.000126][ T6334] zswap: compressor not available [ 93.949951][ T6391] erspan0: entered allmulticast mode [ 93.969786][ T6390] netlink: 'syz.0.152': attribute type 1 has an invalid length. [ 95.841447][ T6412] netlink: 8 bytes leftover after parsing attributes in process `syz.3.161'. [ 96.786674][ T6440] net_ratelimit: 55 callbacks suppressed [ 96.786697][ T6440] netlink: zone id is out of range [ 96.786724][ T6440] netlink: zone id is out of range [ 96.786734][ T6440] netlink: zone id is out of range [ 96.786743][ T6440] netlink: zone id is out of range [ 96.786752][ T6440] netlink: zone id is out of range [ 96.786762][ T6440] netlink: zone id is out of range [ 96.786770][ T6440] netlink: zone id is out of range [ 96.786822][ T6440] netlink: zone id is out of range [ 96.786844][ T6440] netlink: set zone limit has 4 unknown bytes [ 100.913190][ T6515] netlink: 130 bytes leftover after parsing attributes in process `syz.2.193'. [ 101.407132][ T6415] syz.0.162 (6415) used greatest stack depth: 20880 bytes left [ 102.211379][ T6529] netlink: 4 bytes leftover after parsing attributes in process `syz.3.196'. [ 102.254956][ T6529] tc_dump_action: action bad kind [ 104.247384][ T6561] FAULT_INJECTION: forcing a failure. [ 104.247384][ T6561] name failslab, interval 1, probability 0, space 0, times 0 [ 104.260145][ T6561] CPU: 0 UID: 0 PID: 6561 Comm: syz.1.205 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 [ 104.270756][ T6561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 104.280851][ T6561] Call Trace: [ 104.284147][ T6561] [ 104.287101][ T6561] dump_stack_lvl+0x16c/0x1f0 [ 104.291814][ T6561] should_fail_ex+0x497/0x5b0 [ 104.296529][ T6561] ? fs_reclaim_acquire+0xae/0x150 [ 104.301675][ T6561] should_failslab+0xc2/0x120 [ 104.306386][ T6561] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 104.312230][ T6561] ? __alloc_skb+0x2b3/0x380 [ 104.316859][ T6561] __alloc_skb+0x2b3/0x380 [ 104.321307][ T6561] ? __pfx___alloc_skb+0x10/0x10 [ 104.326275][ T6561] ? lock_acquire+0x2f/0xb0 [ 104.330808][ T6561] netlink_alloc_large_skb+0x69/0x130 [ 104.336210][ T6561] netlink_sendmsg+0x689/0xd70 [ 104.341012][ T6561] ? __pfx_netlink_sendmsg+0x10/0x10 [ 104.346327][ T6561] ____sys_sendmsg+0x9ae/0xb40 [ 104.351105][ T6561] ? copy_msghdr_from_user+0x10b/0x160 [ 104.356575][ T6561] ? __pfx_____sys_sendmsg+0x10/0x10 [ 104.361876][ T6561] ___sys_sendmsg+0x135/0x1e0 [ 104.366564][ T6561] ? __pfx____sys_sendmsg+0x10/0x10 [ 104.371779][ T6561] ? __pfx_lock_release+0x10/0x10 [ 104.376802][ T6561] ? trace_lock_acquire+0x14e/0x1f0 [ 104.382016][ T6561] ? __fget_files+0x206/0x3a0 [ 104.386704][ T6561] __sys_sendmsg+0x16e/0x220 [ 104.391305][ T6561] ? __pfx___sys_sendmsg+0x10/0x10 [ 104.396439][ T6561] do_syscall_64+0xcd/0x250 [ 104.400949][ T6561] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.406852][ T6561] RIP: 0033:0x7f687b785d29 [ 104.411271][ T6561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 104.430886][ T6561] RSP: 002b:00007f687c540038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 104.439306][ T6561] RAX: ffffffffffffffda RBX: 00007f687b975fa0 RCX: 00007f687b785d29 [ 104.447279][ T6561] RDX: 0000000000009800 RSI: 00000000200007c0 RDI: 0000000000000003 [ 104.455249][ T6561] RBP: 00007f687c540090 R08: 0000000000000000 R09: 0000000000000000 [ 104.463217][ T6561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 104.471186][ T6561] R13: 0000000000000000 R14: 00007f687b975fa0 R15: 00007ffd00cf50b8 [ 104.479168][ T6561] [ 105.365703][ T6588] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 106.201141][ T6608] netlink: 342 bytes leftover after parsing attributes in process `syz.1.218'. [ 106.432389][ T6615] netlink: 326 bytes leftover after parsing attributes in process `syz.1.220'. [ 106.768640][ T6623] netlink: 8 bytes leftover after parsing attributes in process `syz.2.222'. [ 106.781635][ T6629] netlink: 342 bytes leftover after parsing attributes in process `syz.3.225'. [ 106.801987][ T6629] raw_sendmsg: syz.3.225 forgot to set AF_INET. Fix it! [ 106.820848][ T6629] netlink: 342 bytes leftover after parsing attributes in process `syz.3.225'. [ 107.708062][ T6660] FAULT_INJECTION: forcing a failure. [ 107.708062][ T6660] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 107.769374][ T6660] CPU: 0 UID: 0 PID: 6660 Comm: syz.1.233 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 [ 107.780027][ T6660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 107.790109][ T6660] Call Trace: [ 107.793407][ T6660] [ 107.796398][ T6660] dump_stack_lvl+0x16c/0x1f0 [ 107.801113][ T6660] should_fail_ex+0x497/0x5b0 [ 107.805830][ T6660] _copy_from_user+0x2e/0xd0 [ 107.810462][ T6660] __sys_bpf+0x4266/0x57a0 [ 107.814909][ T6660] ? __pfx___sys_bpf+0x10/0x10 [ 107.819699][ T6660] ? vfs_write+0x306/0x1150 [ 107.824235][ T6660] ? __mutex_unlock_slowpath+0x164/0x690 [ 107.829915][ T6660] ? fput+0x67/0x440 [ 107.833838][ T6660] ? ksys_write+0x1ba/0x250 [ 107.838367][ T6660] ? __pfx_ksys_write+0x10/0x10 [ 107.843264][ T6660] __x64_sys_bpf+0x78/0xc0 [ 107.847714][ T6660] ? lockdep_hardirqs_on+0x7c/0x110 [ 107.852943][ T6660] do_syscall_64+0xcd/0x250 [ 107.857486][ T6660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.863466][ T6660] RIP: 0033:0x7f687b785d29 [ 107.867903][ T6660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 107.887539][ T6660] RSP: 002b:00007f687c540038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 107.895985][ T6660] RAX: ffffffffffffffda RBX: 00007f687b975fa0 RCX: 00007f687b785d29 [ 107.903983][ T6660] RDX: 000000000000000c RSI: 00000000200001c0 RDI: 0000000000000003 [ 107.911980][ T6660] RBP: 00007f687c540090 R08: 0000000000000000 R09: 0000000000000000 [ 107.919979][ T6660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 107.927979][ T6660] R13: 0000000000000000 R14: 00007f687b975fa0 R15: 00007ffd00cf50b8 [ 107.935990][ T6660] [ 109.884991][ T6696] netlink: 28 bytes leftover after parsing attributes in process `syz.3.245'. [ 109.940042][ T6696] bridge_slave_1: left allmulticast mode [ 109.990307][ T6696] bridge_slave_1: left promiscuous mode [ 110.044550][ T6696] bridge0: port 2(bridge_slave_1) entered disabled state [ 110.091652][ T6696] bridge_slave_0: left allmulticast mode [ 110.110605][ T6696] bridge_slave_0: left promiscuous mode [ 110.166802][ T6696] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.763836][ T6743] sp0: Synchronizing with TNC [ 112.709502][ T6760] netlink: 'syz.2.265': attribute type 2 has an invalid length. [ 113.035060][ T6758] ICMPv6: process `syz.3.264' is using deprecated sysctl (syscall) net.ipv6.neigh.virt_wifi0.retrans_time - use net.ipv6.neigh.virt_wifi0.retrans_time_ms instead [ 117.941160][ T6839] netlink: 28 bytes leftover after parsing attributes in process `syz.2.287'. [ 117.968811][ T6839] mac80211_hwsim hwsim7 wlan0: entered promiscuous mode [ 117.999156][ T6839] mac80211_hwsim hwsim7 wlan0: entered allmulticast mode [ 118.355276][ T6850] binder: binder_mmap: 6848 0-1000 bad vm_flags failed -1 [ 119.035621][ T5841] Bluetooth: hci0: unexpected event 0x06 length: 4 > 3 [ 119.058675][ T6860] netlink: 8 bytes leftover after parsing attributes in process `syz.1.293'. [ 119.511406][ T6875] netlink: 342 bytes leftover after parsing attributes in process `syz.1.297'. [ 119.965490][ T6882] FAULT_INJECTION: forcing a failure. [ 119.965490][ T6882] name failslab, interval 1, probability 0, space 0, times 0 [ 120.004534][ T6882] CPU: 1 UID: 0 PID: 6882 Comm: syz.1.300 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 [ 120.015186][ T6882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 120.025280][ T6882] Call Trace: [ 120.028575][ T6882] [ 120.031536][ T6882] dump_stack_lvl+0x16c/0x1f0 [ 120.036251][ T6882] should_fail_ex+0x497/0x5b0 [ 120.040961][ T6882] ? fs_reclaim_acquire+0xae/0x150 [ 120.046108][ T6882] should_failslab+0xc2/0x120 [ 120.050819][ T6882] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 120.056661][ T6882] ? __alloc_skb+0x2b3/0x380 [ 120.061316][ T6882] __alloc_skb+0x2b3/0x380 [ 120.065767][ T6882] ? __pfx___alloc_skb+0x10/0x10 [ 120.070744][ T6882] ? lock_acquire+0x2f/0xb0 [ 120.075296][ T6882] netlink_alloc_large_skb+0x69/0x130 [ 120.080703][ T6882] netlink_sendmsg+0x689/0xd70 [ 120.085506][ T6882] ? __pfx_netlink_sendmsg+0x10/0x10 [ 120.090838][ T6882] ____sys_sendmsg+0x9ae/0xb40 [ 120.095638][ T6882] ? copy_msghdr_from_user+0x10b/0x160 [ 120.101134][ T6882] ? __pfx_____sys_sendmsg+0x10/0x10 [ 120.106467][ T6882] ___sys_sendmsg+0x135/0x1e0 [ 120.111179][ T6882] ? __pfx____sys_sendmsg+0x10/0x10 [ 120.116431][ T6882] ? __pfx_lock_release+0x10/0x10 [ 120.121479][ T6882] ? trace_lock_acquire+0x14e/0x1f0 [ 120.126718][ T6882] ? __fget_files+0x206/0x3a0 [ 120.131439][ T6882] __sys_sendmsg+0x16e/0x220 [ 120.136065][ T6882] ? __pfx___sys_sendmsg+0x10/0x10 [ 120.141228][ T6882] do_syscall_64+0xcd/0x250 [ 120.145762][ T6882] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.151688][ T6882] RIP: 0033:0x7f687b785d29 [ 120.156124][ T6882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.175760][ T6882] RSP: 002b:00007f687c540038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 120.184214][ T6882] RAX: ffffffffffffffda RBX: 00007f687b975fa0 RCX: 00007f687b785d29 [ 120.192217][ T6882] RDX: 0000000020000084 RSI: 0000000020000080 RDI: 0000000000000003 [ 120.200209][ T6882] RBP: 00007f687c540090 R08: 0000000000000000 R09: 0000000000000000 [ 120.208187][ T6882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 120.216164][ T6882] R13: 0000000000000000 R14: 00007f687b975fa0 R15: 00007ffd00cf50b8 [ 120.224158][ T6882] [ 121.109630][ T6902] netlink: 4 bytes leftover after parsing attributes in process `syz.3.306'. [ 122.115142][ T6922] netlink: 146 bytes leftover after parsing attributes in process `syz.3.312'. [ 122.150465][ T6917] netlink: 326 bytes leftover after parsing attributes in process `syz.2.311'. [ 124.461783][ T6962] syz.1.322: vmalloc error: size 4503599627371522, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 124.504020][ T6962] CPU: 1 UID: 0 PID: 6962 Comm: syz.1.322 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 [ 124.514676][ T6962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 124.524771][ T6962] Call Trace: [ 124.528077][ T6962] [ 124.531030][ T6962] dump_stack_lvl+0x16c/0x1f0 [ 124.535749][ T6962] warn_alloc+0x24d/0x3a0 [ 124.540129][ T6962] ? __pfx_warn_alloc+0x10/0x10 [ 124.545021][ T6962] ? __pfx_mark_lock+0x10/0x10 [ 124.549839][ T6962] ? lock_acquire.part.0+0x11b/0x380 [ 124.555177][ T6962] __vmalloc_node_range_noprof+0x10df/0x1530 [ 124.561206][ T6962] ? rcu_is_watching+0x12/0xc0 [ 124.566016][ T6962] ? trace_contention_end+0xee/0x140 [ 124.571353][ T6962] ? dvb_demux_do_ioctl+0x54d/0x1340 [ 124.576683][ T6962] ? dvb_demux_do_ioctl+0x496/0x1340 [ 124.582020][ T6962] ? __pfx___mutex_lock+0x10/0x10 [ 124.587084][ T6962] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 124.593456][ T6962] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 124.599398][ T6962] ? dvb_demux_do_ioctl+0x54d/0x1340 [ 124.604731][ T6962] vmalloc_noprof+0x6b/0x90 [ 124.609274][ T6962] ? dvb_demux_do_ioctl+0x54d/0x1340 [ 124.614607][ T6962] dvb_demux_do_ioctl+0x54d/0x1340 [ 124.619771][ T6962] dvb_usercopy+0x165/0x320 [ 124.624322][ T6962] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 124.629901][ T6962] ? __pfx_dvb_usercopy+0x10/0x10 [ 124.634936][ T6962] ? __pfx_lock_release+0x10/0x10 [ 124.639994][ T6962] ? __fget_files+0x206/0x3a0 [ 124.644731][ T6962] dvb_demux_ioctl+0x29/0x40 [ 124.649341][ T6962] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 124.654636][ T6962] __x64_sys_ioctl+0x190/0x200 [ 124.659409][ T6962] do_syscall_64+0xcd/0x250 [ 124.663926][ T6962] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.669834][ T6962] RIP: 0033:0x7f687b785d29 [ 124.674263][ T6962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.693883][ T6962] RSP: 002b:00007f687c51f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 124.702318][ T6962] RAX: ffffffffffffffda RBX: 00007f687b976080 RCX: 00007f687b785d29 [ 124.710338][ T6962] RDX: 0010000000000402 RSI: 0000000000006f2d RDI: 0000000000000003 [ 124.718313][ T6962] RBP: 00007f687b801aa8 R08: 0000000000000000 R09: 0000000000000000 [ 124.726287][ T6962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 124.734260][ T6962] R13: 0000000000000000 R14: 00007f687b976080 R15: 00007ffd00cf50b8 [ 124.742249][ T6962] [ 124.899441][ T6962] Mem-Info: [ 124.902757][ T6962] active_anon:72158 inactive_anon:50016 isolated_anon:0 [ 124.902757][ T6962] active_file:5888 inactive_file:48515 isolated_file:0 [ 124.902757][ T6962] unevictable:768 dirty:197 writeback:0 [ 124.902757][ T6962] slab_reclaimable:10252 slab_unreclaimable:94511 [ 124.902757][ T6962] mapped:42373 shmem:117853 pagetables:1057 [ 124.902757][ T6962] sec_pagetables:0 bounce:0 [ 124.902757][ T6962] kernel_misc_reclaimable:0 [ 124.902757][ T6962] free:1217328 free_pcp:4016 free_cma:0 [ 124.964332][ T6962] Node 0 active_anon:288932kB inactive_anon:200064kB active_file:23552kB inactive_file:193984kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:169492kB dirty:788kB writeback:0kB shmem:470176kB shmem_thp:2048kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10836kB pagetables:4228kB sec_pagetables:0kB all_unreclaimable? no [ 125.024197][ T6962] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 125.103965][ T6962] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 125.163792][ T6962] lowmem_reserve[]: 0 2465 2466 0 0 [ 125.169120][ T6962] Node 0 DMA32 free:955424kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:287644kB inactive_anon:200064kB active_file:23552kB inactive_file:193156kB unevictable:1536kB writepending:792kB present:3129332kB managed:2551336kB mlocked:0kB bounce:0kB free_pcp:8564kB local_pcp:7880kB free_cma:0kB [ 125.210303][ T6962] lowmem_reserve[]: 0 0 0 0 0 [ 125.221079][ T6962] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:828kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 125.271558][ T6962] lowmem_reserve[]: 0 0 0 0 0 [ 125.276429][ T6962] Node 1 Normal free:3895136kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:12140kB local_pcp:8520kB free_cma:0kB [ 125.312473][ T6962] lowmem_reserve[]: 0 0 0 0 0 [ 125.318618][ T6962] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 125.331752][ T6962] Node 0 DMA32: 2*4kB (ME) 9*8kB (UE) 5*16kB (UE) 39*32kB (UME) 3*64kB (UME) 1*128kB (U) 0*256kB 1*512kB (M) 3*1024kB (UE) 4*2048kB (UME) 230*4096kB (M) = 955584kB [ 125.353957][ T6962] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 125.369768][ T6962] Node 1 Normal: 50*4kB (UME) 47*8kB (UME) 26*16kB (UME) 182*32kB (UME) 81*64kB (UME) 25*128kB (UME) 10*256kB (UM) 7*512kB (UE) 5*1024kB (UM) 5*2048kB (UM) 942*4096kB (UM) = 3895136kB [ 125.396111][ T6962] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 125.405844][ T6962] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 125.416030][ T6962] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 125.426880][ T6962] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 125.436260][ T6962] 169735 total pagecache pages [ 125.441082][ T6962] 76 pages in swap cache [ 125.445398][ T6962] Free swap = 87132kB [ 125.449476][ T6962] Total swap = 124996kB [ 125.453647][ T6962] 2097051 pages RAM [ 125.457907][ T6962] 0 pages HighMem/MovableOnly [ 125.462610][ T6962] 427367 pages reserved [ 125.472579][ T6962] 0 pages cma reserved [ 125.861327][ T6974] netlink: 4 bytes leftover after parsing attributes in process `syz.1.326'. [ 126.191821][ T6977] netlink: 4 bytes leftover after parsing attributes in process `syz.2.325'. [ 126.835804][ T6987] netlink: 8 bytes leftover after parsing attributes in process `syz.1.330'. [ 131.435093][ T7063] netlink: 342 bytes leftover after parsing attributes in process `syz.2.353'. [ 131.922314][ T7054] can: request_module (can-proto-0) failed. [ 132.206765][ T7078] program syz.3.358 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 132.224961][ T7078] futex_wake_op: syz.3.358 tries to shift op by 64; fix this program [ 132.486925][ T7085] netlink: 'syz.1.359': attribute type 21 has an invalid length. [ 132.514135][ T7085] netlink: 326 bytes leftover after parsing attributes in process `syz.1.359'. [ 132.952152][ T7091] FAULT_INJECTION: forcing a failure. [ 132.952152][ T7091] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 132.973925][ T7091] CPU: 1 UID: 0 PID: 7091 Comm: syz.2.361 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 [ 132.984583][ T7091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 132.994671][ T7091] Call Trace: [ 132.997975][ T7091] [ 133.000929][ T7091] dump_stack_lvl+0x16c/0x1f0 [ 133.005645][ T7091] should_fail_ex+0x497/0x5b0 [ 133.010360][ T7091] _copy_from_user+0x2e/0xd0 [ 133.014991][ T7091] copy_msghdr_from_user+0x99/0x160 [ 133.020234][ T7091] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 133.026082][ T7091] ? __lock_acquire+0xcc5/0x3c40 [ 133.031070][ T7091] ___sys_sendmsg+0xff/0x1e0 [ 133.035694][ T7091] ? __pfx____sys_sendmsg+0x10/0x10 [ 133.040915][ T7091] ? trace_lock_acquire+0x14e/0x1f0 [ 133.046140][ T7091] __sys_sendmmsg+0x201/0x420 [ 133.050835][ T7091] ? __pfx___sys_sendmmsg+0x10/0x10 [ 133.056062][ T7091] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 133.062073][ T7091] ? fput+0x67/0x440 [ 133.065976][ T7091] ? ksys_write+0x1ba/0x250 [ 133.070484][ T7091] ? __pfx_ksys_write+0x10/0x10 [ 133.075342][ T7091] __x64_sys_sendmmsg+0x9c/0x100 [ 133.080295][ T7091] ? lockdep_hardirqs_on+0x7c/0x110 [ 133.085503][ T7091] do_syscall_64+0xcd/0x250 [ 133.090018][ T7091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.095926][ T7091] RIP: 0033:0x7ff155b85d29 [ 133.100342][ T7091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.119952][ T7091] RSP: 002b:00007ff156a72038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 133.128370][ T7091] RAX: ffffffffffffffda RBX: 00007ff155d76080 RCX: 00007ff155b85d29 [ 133.136352][ T7091] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000003 [ 133.144350][ T7091] RBP: 00007ff156a72090 R08: 0000000000000000 R09: 0000000000000000 [ 133.152334][ T7091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 133.160320][ T7091] R13: 0000000000000000 R14: 00007ff155d76080 R15: 00007ffd69dd5d08 [ 133.168315][ T7091] [ 133.197400][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.203988][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.945107][ T7101] netlink: 24 bytes leftover after parsing attributes in process `syz.1.360'. [ 134.713909][ T7106] netlink: 334 bytes leftover after parsing attributes in process `syz.2.366'. [ 135.911767][ T7139] netlink: 4 bytes leftover after parsing attributes in process `syz.2.373'. [ 136.254769][ T7146] netlink: 8 bytes leftover after parsing attributes in process `syz.2.376'. [ 136.298139][ T7146] netlink: 8 bytes leftover after parsing attributes in process `syz.2.376'. [ 136.480355][ T7114] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 138.295169][ T7142] syz.0.375 (7142) used greatest stack depth: 20592 bytes left [ 139.432958][ T7193] netlink: 338 bytes leftover after parsing attributes in process `syz.2.391'. [ 139.467578][ T7193] netlink: 338 bytes leftover after parsing attributes in process `syz.2.391'. [ 143.223920][ T7262] netlink: 4 bytes leftover after parsing attributes in process `syz.1.414'. [ 144.769288][ T7274] netlink: 'syz.2.419': attribute type 10 has an invalid length. [ 147.818787][ T7294] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 149.706941][ T7313] netlink: 28 bytes leftover after parsing attributes in process `syz.3.427'. [ 149.819841][ T7313] veth1_macvtap: left promiscuous mode [ 149.923896][ T7315] netlink: 28 bytes leftover after parsing attributes in process `syz.0.428'. [ 149.979559][ T7315] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode [ 150.085759][ T7315] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode [ 150.399784][ T7318] bridge0: port 3(team0) entered blocking state [ 150.449461][ T7318] bridge0: port 3(team0) entered disabled state [ 150.488516][ T7318] team0: entered allmulticast mode [ 150.493690][ T7318] team_slave_0: entered allmulticast mode [ 150.542725][ T7318] team_slave_1: entered allmulticast mode [ 150.607902][ T7318] team0: entered promiscuous mode [ 150.673935][ T7318] team_slave_0: entered promiscuous mode [ 150.739810][ T7318] team_slave_1: entered promiscuous mode [ 150.901939][ T7318] bridge0: port 3(team0) entered blocking state [ 150.908365][ T7318] bridge0: port 3(team0) entered forwarding state [ 151.807004][ T7346] snd_aloop snd_aloop.0: control 1:6:6:^ [ 151.807004][ T7346] :0 is already present [ 152.117889][ T7347] scsi_strcpy_devinfo: vendor string ';/&c' is too long [ 152.169439][ T7342] netlink: 350 bytes leftover after parsing attributes in process `syz.1.437'. [ 154.315474][ T7382] netlink: 342 bytes leftover after parsing attributes in process `syz.3.449'. [ 154.526837][ T7386] Process accounting resumed [ 154.555576][ T7390] netlink: 28 bytes leftover after parsing attributes in process `syz.3.452'. [ 154.607327][ T7393] netlink: 302 bytes leftover after parsing attributes in process `syz.3.452'. [ 156.195311][ T7421] ======================================================= [ 156.195311][ T7421] WARNING: The mand mount option has been deprecated and [ 156.195311][ T7421] and is ignored by this kernel. Remove the mand [ 156.195311][ T7421] option from the mount to silence this warning. [ 156.195311][ T7421] ======================================================= [ 156.317659][ T6231] syz.0.104 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 156.383949][ T6231] CPU: 0 UID: 0 PID: 6231 Comm: syz.0.104 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 [ 156.394598][ T6231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 156.404687][ T6231] Call Trace: [ 156.407985][ T6231] [ 156.410937][ T6231] dump_stack_lvl+0x16c/0x1f0 [ 156.415654][ T6231] dump_header+0x101/0x900 [ 156.420114][ T6231] oom_kill_process+0x270/0xa60 [ 156.424998][ T6231] ? mem_cgroup_out_of_memory+0x8d/0x270 [ 156.430665][ T6231] out_of_memory+0x351/0x1700 [ 156.435388][ T6231] ? __pfx_out_of_memory+0x10/0x10 [ 156.440525][ T6231] ? rcu_read_unlock+0x17/0x60 [ 156.445326][ T6231] ? find_held_lock+0x2d/0x110 [ 156.450141][ T6231] mem_cgroup_out_of_memory+0x207/0x270 [ 156.455717][ T6231] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 156.461825][ T6231] ? do_raw_spin_unlock+0x172/0x230 [ 156.467065][ T6231] try_charge_memcg+0x54c/0xaf0 [ 156.471961][ T6231] ? __pfx_try_charge_memcg+0x10/0x10 [ 156.477381][ T6231] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 156.482881][ T6231] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 156.488377][ T6231] ? get_mem_cgroup_from_mm+0x131/0x5f0 [ 156.493958][ T6231] __mem_cgroup_charge+0x9b/0x280 [ 156.499026][ T6231] shmem_alloc_and_add_folio+0x507/0xc00 [ 156.504697][ T6231] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 156.510627][ T6231] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 156.516808][ T6231] ? shmem_huge_global_enabled+0x176/0x250 [ 156.522665][ T6231] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 156.528598][ T6231] shmem_get_folio_gfp+0x689/0x1530 [ 156.533841][ T6231] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 156.539506][ T6231] ? mark_held_locks+0x9f/0xe0 [ 156.544332][ T6231] ? timestamp_truncate+0x21f/0x2e0 [ 156.549571][ T6231] shmem_write_begin+0x161/0x300 [ 156.554549][ T6231] ? __pfx_shmem_write_begin+0x10/0x10 [ 156.560051][ T6231] ? inode_set_ctime_current+0x2a7/0x900 [ 156.565723][ T6231] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270 [ 156.572617][ T6231] ? __pfx_inode_set_ctime_current+0x10/0x10 [ 156.578641][ T6231] generic_perform_write+0x2ba/0x920 [ 156.583972][ T6231] ? __pfx_generic_perform_write+0x10/0x10 [ 156.589815][ T6231] ? __mark_inode_dirty+0x2a5/0xe50 [ 156.595057][ T6231] ? generic_update_time+0xcf/0xf0 [ 156.600203][ T6231] ? mnt_put_write_access_file+0x45/0xf0 [ 156.605875][ T6231] shmem_file_write_iter+0x10e/0x140 [ 156.611197][ T6231] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 156.617038][ T6231] __kernel_write_iter+0x318/0xa80 [ 156.622185][ T6231] ? __pfx___kernel_write_iter+0x10/0x10 [ 156.627844][ T6231] ? get_dump_page+0x15b/0x230 [ 156.632650][ T6231] ? __pfx___might_resched+0x10/0x10 [ 156.637972][ T6231] dump_user_range+0x389/0x8c0 [ 156.642787][ T6231] ? __pfx_dump_user_range+0x10/0x10 [ 156.648116][ T6231] ? elf_coredump_extra_notes_write+0xbe/0x430 [ 156.654307][ T6231] ? __pfx_writenote+0x10/0x10 [ 156.659107][ T6231] elf_core_dump+0x2787/0x3880 [ 156.663918][ T6231] ? __pfx_elf_core_dump+0x10/0x10 [ 156.669052][ T6231] ? kasan_save_stack+0x42/0x60 [ 156.673934][ T6231] ? kasan_save_stack+0x33/0x60 [ 156.678819][ T6231] ? kasan_save_track+0x14/0x30 [ 156.683702][ T6231] ? __kasan_kmalloc+0xaa/0xb0 [ 156.688505][ T6231] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 156.693999][ T6231] ? do_coredump+0x1665/0x43e0 [ 156.698799][ T6231] ? get_signal+0x23f3/0x2610 [ 156.703573][ T6231] ? rcu_is_watching+0x12/0xc0 [ 156.708380][ T6231] ? trace_lock_acquire+0x14e/0x1f0 [ 156.713617][ T6231] ? __pfx_sort+0x10/0x10 [ 156.717980][ T6231] ? get_signal+0x23f3/0x2610 [ 156.722692][ T6231] ? do_coredump+0x2dd5/0x43e0 [ 156.727489][ T6231] do_coredump+0x2dd5/0x43e0 [ 156.732127][ T6231] ? __pfx_do_coredump+0x10/0x10 [ 156.737095][ T6231] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 156.743093][ T6231] get_signal+0x23f3/0x2610 [ 156.747661][ T6231] ? __pfx_get_signal+0x10/0x10 [ 156.752543][ T6231] ? rcu_is_watching+0x12/0xc0 [ 156.757342][ T6231] ? trace_irq_disable.constprop.0+0xea/0x140 [ 156.763453][ T6231] arch_do_signal_or_restart+0x90/0x7e0 [ 156.769037][ T6231] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 156.775237][ T6231] ? do_user_addr_fault+0xa4b/0x13f0 [ 156.780558][ T6231] irqentry_exit_to_user_mode+0x13f/0x280 [ 156.786322][ T6231] asm_exc_page_fault+0x26/0x30 [ 156.791205][ T6231] RIP: 0033:0x0 [ 156.794687][ T6231] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 156.802070][ T6231] RSP: 002b:000000000000000f EFLAGS: 00010217 [ 156.808174][ T6231] RAX: 0000000000000000 RBX: 00007fc4f0976080 RCX: 00007fc4f0785d29 [ 156.816172][ T6231] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000003 [ 156.824163][ T6231] RBP: 00007fc4f0801aa8 R08: 0000000000000002 R09: 0000000000000000 [ 156.832159][ T6231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 156.840148][ T6231] R13: 0000000000000001 R14: 00007fc4f0976080 R15: 00007ffcc98f9318 [ 156.848175][ T6231] [ 156.870345][ T6231] memory: usage 307180kB, limit 307200kB, failcnt 17474 [ 156.877375][ T6231] memory+swap: usage 431744kB, limit 9007199254740988kB, failcnt 0 [ 156.924781][ T6231] kmem: usage 3204kB, limit 9007199254740988kB, failcnt 0 [ 156.931942][ T6231] Memory cgroup stats for /syz0: [ 156.932253][ T6231] cache 310489088 [ 156.961912][ T6231] rss 307200 [ 156.966177][ T6231] rss_huge 0 [ 156.974597][ T6231] shmem 310489088 [ 156.978264][ T6231] mapped_file 52301824 [ 156.990084][ T6231] dirty 0 [ 156.993056][ T6231] writeback 0 [ 157.022630][ T6231] workingset_refault_anon 251 [ 157.038730][ T6231] workingset_refault_file 108 [ 157.043543][ T6231] swap 127553536 [ 157.071357][ T6231] swapcached 438272 [ 157.075425][ T6231] pgpgin 149711 [ 157.078904][ T6231] pgpgout 73726 [ 157.082377][ T6231] pgfault 44329 [ 157.085896][ T6231] pgmajfault 86 [ 157.089380][ T6231] inactive_anon 179216384 [ 157.093721][ T6231] active_anon 132018176 [ 157.097946][ T6231] inactive_file 0 [ 157.101594][ T6231] active_file 0 [ 157.105147][ T6231] unevictable 0 [ 157.108624][ T6231] hierarchical_memory_limit 314572800 [ 157.114042][ T6231] hierarchical_memsw_limit 9223372036854771712 [ 157.120213][ T6231] total_cache 310489088 [ 157.124463][ T6231] total_rss 307200 [ 157.128198][ T6231] total_rss_huge 0 [ 157.140026][ T7426] binder: 7422:7426 ioctl c0046209 ffffffffffffffff returned -22 [ 157.185628][ T6231] total_shmem 310489088 [ 157.189926][ T6231] total_mapped_file 52301824 [ 157.196725][ T6231] total_dirty 0 [ 157.200299][ T6231] total_writeback 0 [ 157.236943][ T6231] total_workingset_refault_anon 251 [ 157.242192][ T6231] total_workingset_refault_file 108 [ 157.267151][ T6231] total_swap 127553536 [ 157.278798][ T6231] total_swapcached 438272 [ 157.303488][ T6231] total_pgpgin 149711 [ 157.307710][ T6231] total_pgpgout 73726 [ 157.311730][ T6231] total_pgfault 44329 [ 157.316863][ T6231] total_pgmajfault 86 [ 157.320873][ T6231] total_inactive_anon 179216384 [ 157.324956][ T7430] kAFS: Invalid Command on /proc/fs/afs/cells file [ 157.325763][ T6231] total_active_anon 132018176 [ 157.373833][ T6231] total_inactive_file 0 [ 157.391931][ T6231] total_active_file 0 [ 157.396109][ T6231] total_unevictable 0 [ 157.410303][ T6231] anon_cost 0 [ 157.413628][ T6231] file_cost 0 [ 157.417086][ T6231] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.104,pid=6221,uid=0 [ 157.435838][ T6231] Memory cgroup out of memory: Killed process 6221 (syz.0.104) total-vm:130964kB, anon-rss:768kB, file-rss:56028kB, shmem-rss:17664kB, UID:0 pgtables:224kB oom_score_adj:1000 [ 157.634725][ T7432] ICMPv6: process `syz.1.465' is using deprecated sysctl (syscall) net.ipv6.neigh.virt_wifi0.retrans_time - use net.ipv6.neigh.virt_wifi0.retrans_time_ms instead [ 159.775310][ T7453] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 160.930608][ T7475] netlink: 4 bytes leftover after parsing attributes in process `syz.3.471'. [ 160.986306][ T7475] netlink: 4 bytes leftover after parsing attributes in process `syz.3.471'. [ 163.305885][ T7517] openvswitch: netlink: IP tunnel TTL not specified. [ 164.085000][ T7532] mmap: syz.2.494 (7532) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 164.698771][ T6221] syz.0.104 (6221) used greatest stack depth: 15456 bytes left [ 167.882807][ T7620] Invalid ELF header magic: != ELF [ 168.034558][ T7621] Invalid ELF header magic: != ELF [ 169.088702][ T7634] netlink: 286 bytes leftover after parsing attributes in process `syz.3.517'. [ 170.254917][ T7657] netlink: 4 bytes leftover after parsing attributes in process `syz.3.525'. [ 171.691746][ T5832] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 171.706617][ T5832] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 171.716223][ T5832] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 171.733973][ T5832] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 171.742441][ T5832] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 171.751351][ T5832] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 172.387266][ T7695] chnl_net:caif_netlink_parms(): no params data found [ 173.107526][ T7695] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.133250][ T7695] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.166201][ T7695] bridge_slave_0: entered allmulticast mode [ 173.173247][ T7695] bridge_slave_0: entered promiscuous mode [ 173.207813][ T7695] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.235064][ T7695] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.243308][ T7695] bridge_slave_1: entered allmulticast mode [ 173.281691][ T7695] bridge_slave_1: entered promiscuous mode [ 173.477156][ T7730] Invalid ELF header magic: != ELF [ 173.626034][ T7695] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 173.685195][ T7695] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 173.823947][ T5832] Bluetooth: hci4: command tx timeout [ 174.261828][ T7695] team0: Port device team_slave_0 added [ 174.308675][ T7695] team0: Port device team_slave_1 added [ 174.627619][ T7695] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 174.635538][ T7695] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 174.708199][ T7695] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 174.753449][ T7767] Process accounting resumed [ 174.821774][ T7695] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 174.839865][ T7695] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 174.904391][ T7695] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 175.279183][ T7695] hsr_slave_0: entered promiscuous mode [ 175.307770][ T7695] hsr_slave_1: entered promiscuous mode [ 175.348325][ T7695] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 175.358764][ T7695] Cannot create hsr debugfs directory [ 175.903885][ T5832] Bluetooth: hci4: command tx timeout [ 176.107561][ T7695] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 176.141397][ T7695] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 176.204893][ T7695] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 176.298634][ T7695] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 176.636298][ T7695] 8021q: adding VLAN 0 to HW filter on device bond0 [ 176.724637][ T7695] 8021q: adding VLAN 0 to HW filter on device team0 [ 176.752656][ T1098] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.760705][ T1098] bridge0: port 1(bridge_slave_0) entered forwarding state [ 176.781284][ T7800] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 176.819586][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.826741][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 176.837117][ T7801] netlink: 4 bytes leftover after parsing attributes in process `syz.3.561'. [ 176.939276][ T7695] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 176.969604][ T7695] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 177.373524][ T7695] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 177.879057][ T7844] random: crng reseeded on system resumption [ 177.984227][ T5832] Bluetooth: hci4: command tx timeout [ 178.162871][ T7695] veth0_vlan: entered promiscuous mode [ 178.189095][ T7695] veth1_vlan: entered promiscuous mode [ 178.210503][ T7695] veth0_macvtap: entered promiscuous mode [ 178.282096][ T7695] veth1_macvtap: entered promiscuous mode [ 178.309229][ T7695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 178.328382][ T7695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.344937][ T7695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 178.363136][ T7695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.388548][ T7695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 178.416141][ T7695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.429716][ T7695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 178.465908][ T7695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.504941][ T7695] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 178.520072][ T7695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 178.566071][ T7695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.594217][ T7695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 178.625192][ T7695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.681713][ T7695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 178.723783][ T7695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.737231][ T7695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 178.753898][ T7695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.773526][ T7695] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 178.977305][ T7695] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.022269][ T7695] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.074430][ T7695] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.118974][ T7695] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.422533][ T7845] warning: `syz.3.567' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 180.110847][ T5832] Bluetooth: hci4: command tx timeout [ 180.609598][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 180.615779][ T7875] nfsd: Unknown parameter 'nfsd' [ 180.645282][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 180.884390][ T3529] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 180.914058][ T3529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 181.113608][ T1106] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 181.407601][ T1106] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 181.587094][ T1106] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 181.804770][ T7900] netlink: 4 bytes leftover after parsing attributes in process `syz.2.578'. [ 181.886734][ T1106] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 182.219842][ T1106] bridge_slave_1: left allmulticast mode [ 182.239543][ T1106] bridge_slave_1: left promiscuous mode [ 182.262331][ T1106] bridge0: port 2(bridge_slave_1) entered disabled state [ 182.301522][ T1106] bridge_slave_0: left allmulticast mode [ 182.334393][ T1106] bridge_slave_0: left promiscuous mode [ 182.340151][ T1106] bridge0: port 1(bridge_slave_0) entered disabled state [ 182.367035][ T5841] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 182.390336][ T5841] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 182.400541][ T5841] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 182.411840][ T5841] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 182.423523][ T5841] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 182.434084][ T5841] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 183.448971][ T1106] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 183.479509][ T1106] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 183.503635][ T1106] bond0 (unregistering): Released all slaves [ 184.463985][ T5832] Bluetooth: hci1: command tx timeout [ 184.598615][ T1106] hsr_slave_0: left promiscuous mode [ 184.630528][ T1106] hsr_slave_1: left promiscuous mode [ 184.654583][ T1106] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 184.683962][ T1106] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 184.703466][ T1106] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 184.725145][ T1106] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 184.801753][ T1106] veth1_macvtap: left promiscuous mode [ 184.815884][ T1106] veth0_macvtap: left promiscuous mode [ 184.821523][ T1106] veth1_vlan: left promiscuous mode [ 184.856896][ T1106] veth0_vlan: left promiscuous mode [ 186.444881][ T1106] team0 (unregistering): Port device team_slave_1 removed [ 186.550080][ T5832] Bluetooth: hci1: command tx timeout [ 186.564882][ T1106] team0 (unregistering): Port device team_slave_0 removed [ 187.418288][ T7914] chnl_net:caif_netlink_parms(): no params data found [ 187.845407][ T7914] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.852539][ T7914] bridge0: port 1(bridge_slave_0) entered disabled state [ 187.873710][ T7914] bridge_slave_0: entered allmulticast mode [ 187.902250][ T7914] bridge_slave_0: entered promiscuous mode [ 187.926008][ T7914] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.944382][ T7914] bridge0: port 2(bridge_slave_1) entered disabled state [ 187.951649][ T7914] bridge_slave_1: entered allmulticast mode [ 188.006624][ T7914] bridge_slave_1: entered promiscuous mode [ 188.041992][ T8050] netlink: 28 bytes leftover after parsing attributes in process `syz.2.609'. [ 188.381053][ T8050] team_slave_0 (unregistering): left promiscuous mode [ 188.464067][ T8050] team_slave_0 (unregistering): left allmulticast mode [ 188.489068][ T8050] team0: Port device team_slave_0 removed [ 188.642421][ T5832] Bluetooth: hci1: command tx timeout [ 188.876329][ T7914] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 188.945222][ T7914] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 189.150708][ T7914] team0: Port device team_slave_0 added [ 189.160090][ T7914] team0: Port device team_slave_1 added [ 189.255514][ T7914] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 189.262505][ T7914] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 189.299932][ T7914] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 189.381330][ T7914] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 189.398468][ T7914] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 189.449862][ T7914] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 189.609158][ T7914] hsr_slave_0: entered promiscuous mode [ 189.635119][ T7914] hsr_slave_1: entered promiscuous mode [ 189.650269][ T7914] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 189.664039][ T7914] Cannot create hsr debugfs directory [ 190.351356][ T7914] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 190.398075][ T7914] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 190.517380][ T7914] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 190.706396][ T7914] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 190.764940][ T54] Bluetooth: hci1: command tx timeout [ 190.915562][ T7914] 8021q: adding VLAN 0 to HW filter on device bond0 [ 190.932202][ T7914] 8021q: adding VLAN 0 to HW filter on device team0 [ 190.952118][ T7839] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.959294][ T7839] bridge0: port 1(bridge_slave_0) entered forwarding state [ 190.988217][ T7839] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.995372][ T7839] bridge0: port 2(bridge_slave_1) entered forwarding state [ 191.060520][ T7914] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 191.121731][ T7914] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 191.506867][ T54] Bluetooth: hci2: command 0x0406 tx timeout [ 191.512961][ T54] Bluetooth: hci0: command 0x0406 tx timeout [ 191.882260][ T7914] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 192.552433][ T7914] veth0_vlan: entered promiscuous mode [ 192.581906][ T7914] veth1_vlan: entered promiscuous mode [ 192.681122][ T7914] veth0_macvtap: entered promiscuous mode [ 192.707570][ T7914] veth1_macvtap: entered promiscuous mode [ 192.745564][ T7914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 192.769163][ T7914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.800767][ T7914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 192.820714][ T8168] netlink: 4 bytes leftover after parsing attributes in process `syz.4.624'. [ 192.829598][ T7914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.870733][ T7914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 192.904226][ T7914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.922125][ T7914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 192.969839][ T7914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.997294][ T7914] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 193.042331][ T7914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.093922][ T7914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.116448][ T7914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.140265][ T7914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.159664][ T7914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.170625][ T7914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.181072][ T7914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.207661][ T7914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.219068][ T7914] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 193.260889][ T7914] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.270819][ T7914] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.288836][ T7914] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.308056][ T7914] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.601007][ T7748] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 193.601597][ T7751] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 193.610508][ T7748] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 193.672660][ T7751] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 194.465891][ T8228] device-mapper: ioctl: Invalid data size in the ioctl structure: 0 [ 194.549090][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.556016][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.816718][ T8247] Invalid input. Must be >= 4608 [ 194.826610][ T8246] netlink: 32 bytes leftover after parsing attributes in process `syz.1.639'. [ 196.034332][ T8282] netlink: 28 bytes leftover after parsing attributes in process `syz.1.644'. [ 196.093820][ T8282] hsr_slave_0: left promiscuous mode [ 196.130050][ T8282] hsr_slave_1: left promiscuous mode [ 196.915568][ T8308] netlink: 'syz.2.649': attribute type 1 has an invalid length. [ 196.953930][ T8306] netlink: 'syz.2.649': attribute type 1 has an invalid length. [ 198.832665][ T8363] netlink: 342 bytes leftover after parsing attributes in process `syz.1.662'. [ 199.893949][ T8381] netlink: 4 bytes leftover after parsing attributes in process `syz.1.668'. [ 200.396918][ T8392] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 200.414289][ T8392] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 200.595546][ T8392] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 200.628160][ T8392] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 200.709214][ T8392] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 200.729771][ T8392] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 200.921506][ T8392] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 200.967738][ T8392] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 200.985904][ T8392] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 201.104693][ T8392] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 202.463991][ T5832] Bluetooth: hci0: command 0x0406 tx timeout [ 202.624051][ T5832] Bluetooth: hci2: command 0x0406 tx timeout [ 202.893859][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout [ 203.023826][ T5841] Bluetooth: hci1: command 0x0c1a tx timeout [ 204.315941][ T8483] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 204.546826][ T5841] Bluetooth: hci0: command 0x0406 tx timeout [ 204.704326][ T5841] Bluetooth: hci2: command 0x0406 tx timeout [ 204.943968][ T5841] Bluetooth: hci4: command 0x0c1a tx timeout [ 205.124360][ T5841] Bluetooth: hci1: command 0x0c1a tx timeout [ 206.352680][ T29] audit: type=1804 audit(1735010933.377:3): pid=8523 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.701" name="/newroot/sys/kernel/tracing/trace_options" dev="tracefs" ino=24 res=1 errno=0 [ 206.406761][ T29] audit: type=1804 audit(1735010933.447:4): pid=8526 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.701" name="/newroot/sys/kernel/tracing/trace_options" dev="tracefs" ino=24 res=1 errno=0 [ 207.024103][ T5841] Bluetooth: hci4: command 0x0c1a tx timeout [ 207.189075][ T5841] Bluetooth: hci1: command 0x0c1a tx timeout [ 207.759207][ T8563] openvswitch: netlink: Key 23 has unexpected len 0 expected 2 [ 208.135851][ T8559] netlink: 4 bytes leftover after parsing attributes in process `syz.5.708'. [ 211.486848][ T8649] nvme_fabrics: missing parameter 'transport=%s' [ 211.493425][ T8649] nvme_fabrics: missing parameter 'nqn=%s' [ 211.507804][ T8632] [U] [ 211.510771][ T8632] [U] [ 211.513495][ T8632] [U] [ 211.516226][ T8632] [U] [ 211.540251][ T8632] [U] [ 211.543006][ T8632] [U] [ 211.545740][ T8632] [U] [ 211.548469][ T8632] [U] [ 211.566972][ T8639] [U] [ 213.514855][ T8727] netlink: 246 bytes leftover after parsing attributes in process `syz.1.736'. [ 214.040661][ T8730] netlink: 4 bytes leftover after parsing attributes in process `syz.4.738'. [ 214.983851][ T8762] nvme_fabrics: missing parameter 'transport=%s' [ 214.990273][ T8762] nvme_fabrics: missing parameter 'nqn=%s' [ 215.641029][ T8784] netlink: 4 bytes leftover after parsing attributes in process `syz.4.747'. [ 217.405958][ T8819] netlink: 342 bytes leftover after parsing attributes in process `syz.2.754'. [ 218.205994][ T8832] unsupported nla_type 32969 [ 220.173860][ T8876] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 222.279076][ T29] audit: type=1800 audit(1735010949.317:5): pid=8928 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.783" name="features" dev="configfs" ino=21364 res=0 errno=0 [ 222.344069][ T29] audit: type=1800 audit(1735010949.357:6): pid=8928 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.783" name="dbroot" dev="configfs" ino=21365 res=0 errno=0 [ 222.421241][ T29] audit: type=1800 audit(1735010949.457:7): pid=8930 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.783" name="features" dev="configfs" ino=21373 res=0 errno=0 [ 223.880586][ T8949] netlink: 4 bytes leftover after parsing attributes in process `syz.1.790'. [ 224.102810][ T8956] netlink: 334 bytes leftover after parsing attributes in process `syz.1.793'. [ 225.299873][ T8968] netlink: 334 bytes leftover after parsing attributes in process `syz.5.796'. [ 225.621769][ T8980] futex_wake_op: syz.5.801 tries to shift op by 64; fix this program [ 226.107998][ T8995] netlink: 28 bytes leftover after parsing attributes in process `syz.5.805'. [ 226.450547][ T8995] team0 (unregistering): Port device team_slave_0 removed [ 226.488005][ T8995] team0 (unregistering): Port device team_slave_1 removed [ 226.577354][ T9003] netlink: 338 bytes leftover after parsing attributes in process `syz.1.807'. [ 226.602240][ T9003] netlink: 338 bytes leftover after parsing attributes in process `syz.1.807'. [ 226.755177][ T9011] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 228.616194][ T9059] netlink: 146 bytes leftover after parsing attributes in process `syz.5.827'. [ 228.850303][ T9075] netlink: 334 bytes leftover after parsing attributes in process `syz.4.830'. [ 229.056037][ T9080] netlink: 'syz.4.832': attribute type 11 has an invalid length. [ 231.481564][ T29] audit: type=1800 audit(1735010958.517:8): pid=9108 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.840" name="dbroot" dev="configfs" ino=22920 res=0 errno=0 [ 231.627103][ T9116] netlink: zone id is out of range [ 231.643265][ T9116] netlink: zone id is out of range [ 231.662015][ T9116] netlink: zone id is out of range [ 231.683103][ T9116] netlink: get zone limit has 4 unknown bytes [ 232.559690][ T9120] FAULT_INJECTION: forcing a failure. [ 232.559690][ T9120] name failslab, interval 1, probability 0, space 0, times 0 [ 232.580702][ T9120] CPU: 0 UID: 0 PID: 9120 Comm: syz.5.844 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 [ 232.591344][ T9120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 232.601431][ T9120] Call Trace: [ 232.604734][ T9120] [ 232.607692][ T9120] dump_stack_lvl+0x16c/0x1f0 [ 232.612409][ T9120] should_fail_ex+0x497/0x5b0 [ 232.617121][ T9120] ? fs_reclaim_acquire+0xae/0x150 [ 232.622267][ T9120] should_failslab+0xc2/0x120 [ 232.626982][ T9120] __kmalloc_noprof+0xce/0x4f0 [ 232.631786][ T9120] ? tomoyo_encode2+0x100/0x3e0 [ 232.636674][ T9120] tomoyo_encode2+0x100/0x3e0 [ 232.641387][ T9120] tomoyo_realpath_from_path+0x1a7/0x710 [ 232.647054][ T9120] ? tomoyo_path_number_perm+0x235/0x5b0 [ 232.652732][ T9120] tomoyo_path_number_perm+0x248/0x5b0 [ 232.658232][ T9120] ? tomoyo_path_number_perm+0x235/0x5b0 [ 232.663907][ T9120] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 232.669954][ T9120] ? __pfx_lock_release+0x10/0x10 [ 232.675003][ T9120] ? trace_lock_acquire+0x14e/0x1f0 [ 232.680237][ T9120] ? lock_acquire+0x2f/0xb0 [ 232.684760][ T9120] ? __fget_files+0x40/0x3a0 [ 232.689367][ T9120] ? __fget_files+0x206/0x3a0 [ 232.694057][ T9120] security_file_ioctl+0x9b/0x240 [ 232.699090][ T9120] __x64_sys_ioctl+0xb7/0x200 [ 232.703777][ T9120] do_syscall_64+0xcd/0x250 [ 232.708289][ T9120] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.714207][ T9120] RIP: 0033:0x7f9240b85d29 [ 232.718623][ T9120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 232.738234][ T9120] RSP: 002b:00007f9241962038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 232.746664][ T9120] RAX: ffffffffffffffda RBX: 00007f9240d75fa0 RCX: 00007f9240b85d29 [ 232.754650][ T9120] RDX: 0000000000000002 RSI: 00000000800455cc RDI: 0000000000000011 [ 232.762629][ T9120] RBP: 00007f9241962090 R08: 0000000000000000 R09: 0000000000000000 [ 232.770607][ T9120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 232.778583][ T9120] R13: 0000000000000000 R14: 00007f9240d75fa0 R15: 00007ffd2b1e39e8 [ 232.786574][ T9120] [ 232.873859][ T9120] ERROR: Out of memory at tomoyo_realpath_from_path. [ 233.741053][ T9135] netlink: 'syz.5.849': attribute type 11 has an invalid length. [ 235.001689][ T9161] FAULT_INJECTION: forcing a failure. [ 235.001689][ T9161] name failslab, interval 1, probability 0, space 0, times 0 [ 235.030659][ T9161] CPU: 0 UID: 0 PID: 9161 Comm: syz.4.857 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 [ 235.041301][ T9161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 235.051387][ T9161] Call Trace: [ 235.054688][ T9161] [ 235.057642][ T9161] dump_stack_lvl+0x16c/0x1f0 [ 235.062356][ T9161] should_fail_ex+0x497/0x5b0 [ 235.067070][ T9161] ? fs_reclaim_acquire+0xae/0x150 [ 235.072217][ T9161] should_failslab+0xc2/0x120 [ 235.076928][ T9161] __kmalloc_noprof+0xce/0x4f0 [ 235.081727][ T9161] ? d_absolute_path+0x137/0x1b0 [ 235.086705][ T9161] ? tomoyo_encode2+0x100/0x3e0 [ 235.091592][ T9161] tomoyo_encode2+0x100/0x3e0 [ 235.096309][ T9161] tomoyo_realpath_from_path+0x1a7/0x710 [ 235.102007][ T9161] tomoyo_path_number_perm+0x248/0x5b0 [ 235.107502][ T9161] ? tomoyo_path_number_perm+0x235/0x5b0 [ 235.113174][ T9161] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 235.119225][ T9161] ? __pfx_lock_release+0x10/0x10 [ 235.124293][ T9161] ? trace_lock_acquire+0x14e/0x1f0 [ 235.129536][ T9161] ? lock_acquire+0x2f/0xb0 [ 235.134065][ T9161] ? __fget_files+0x40/0x3a0 [ 235.138700][ T9161] ? __fget_files+0x206/0x3a0 [ 235.143409][ T9161] security_file_ioctl+0x9b/0x240 [ 235.148476][ T9161] __x64_sys_ioctl+0xb7/0x200 [ 235.153185][ T9161] do_syscall_64+0xcd/0x250 [ 235.157728][ T9161] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.163657][ T9161] RIP: 0033:0x7f4282385d29 [ 235.168105][ T9161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 235.187739][ T9161] RSP: 002b:00007f4283148038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 235.196187][ T9161] RAX: ffffffffffffffda RBX: 00007f4282576080 RCX: 00007f4282385d29 [ 235.204184][ T9161] RDX: 0000000000000f15 RSI: 000000008004551a RDI: 0000000000000003 [ 235.212175][ T9161] RBP: 00007f4283148090 R08: 0000000000000000 R09: 0000000000000000 [ 235.220170][ T9161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 235.228163][ T9161] R13: 0000000000000000 R14: 00007f4282576080 R15: 00007ffd2d99b7c8 [ 235.236177][ T9161] [ 235.248171][ T9161] ERROR: Out of memory at tomoyo_realpath_from_path. [ 236.875351][ T9197] netlink: 28 bytes leftover after parsing attributes in process `syz.5.867'. [ 237.366509][ T9210] Invalid ELF header magic: != ELF [ 237.961683][ T9221] netlink: 4 bytes leftover after parsing attributes in process `syz.5.875'. [ 239.630315][ T9271] netlink: 16 bytes leftover after parsing attributes in process `syz.1.890'. [ 239.719643][ T9273] netlink: 244 bytes leftover after parsing attributes in process `syz.5.891'. [ 241.139659][ T9290] netlink: 28 bytes leftover after parsing attributes in process `syz.4.896'. [ 241.585804][ T9290] bond0: (slave bond_slave_1): Releasing backup interface [ 242.860488][ T9313] syz.4.901: vmalloc error: size 18446744073709551615, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 242.930699][ T9313] CPU: 0 UID: 0 PID: 9313 Comm: syz.4.901 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 [ 242.941360][ T9313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 242.941447][ T9322] misc userio: The device must be registered before sending interrupts [ 242.951416][ T9313] Call Trace: [ 242.951449][ T9313] [ 242.951460][ T9313] dump_stack_lvl+0x16c/0x1f0 [ 242.951499][ T9313] warn_alloc+0x24d/0x3a0 [ 242.975324][ T9313] ? __pfx_warn_alloc+0x10/0x10 [ 242.980233][ T9313] ? lock_acquire.part.0+0x11b/0x380 [ 242.985578][ T9313] __vmalloc_node_range_noprof+0x10df/0x1530 [ 242.991613][ T9313] ? rcu_is_watching+0x12/0xc0 [ 242.995458][ T9322] netlink: 16 bytes leftover after parsing attributes in process `syz.1.905'. [ 242.996418][ T9313] ? trace_contention_end+0xee/0x140 [ 243.010568][ T9313] ? __mutex_lock+0x1cc/0xa60 [ 243.015283][ T9313] ? tomoyo_path_number_perm+0x46d/0x5b0 [ 243.020962][ T9313] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 243.026025][ T9313] ? dvb_dvr_do_ioctl+0x7e/0x290 [ 243.031004][ T9313] ? __pfx___mutex_lock+0x10/0x10 [ 243.036065][ T9313] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 243.042434][ T9313] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 243.048464][ T9313] ? do_vfs_ioctl+0x513/0x1950 [ 243.053263][ T9313] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 243.058329][ T9313] vmalloc_noprof+0x6b/0x90 [ 243.062867][ T9313] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 243.067930][ T9313] dvb_dvr_do_ioctl+0x15d/0x290 [ 243.072825][ T9313] dvb_usercopy+0x165/0x320 [ 243.077362][ T9313] ? __pfx_dvb_dvr_do_ioctl+0x10/0x10 [ 243.082771][ T9313] ? __pfx_dvb_usercopy+0x10/0x10 [ 243.087827][ T9313] ? __pfx_lock_release+0x10/0x10 [ 243.092895][ T9313] ? __fget_files+0x206/0x3a0 [ 243.097613][ T9313] dvb_dvr_ioctl+0x29/0x40 [ 243.102101][ T9313] ? __pfx_dvb_dvr_ioctl+0x10/0x10 [ 243.107254][ T9313] __x64_sys_ioctl+0x190/0x200 [ 243.112055][ T9313] do_syscall_64+0xcd/0x250 [ 243.116600][ T9313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.122534][ T9313] RIP: 0033:0x7f4282385d29 [ 243.127027][ T9313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 243.146667][ T9313] RSP: 002b:00007f4283148038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 243.155116][ T9313] RAX: ffffffffffffffda RBX: 00007f4282576080 RCX: 00007f4282385d29 [ 243.163121][ T9313] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000006 [ 243.171132][ T9313] RBP: 00007f4282401aa8 R08: 0000000000000000 R09: 0000000000000000 [ 243.179134][ T9313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 243.187134][ T9313] R13: 0000000000000000 R14: 00007f4282576080 R15: 00007ffd2d99b7c8 [ 243.195152][ T9313] [ 243.323348][ T9313] Mem-Info: [ 243.326918][ T9313] active_anon:68403 inactive_anon:0 isolated_anon:0 [ 243.326918][ T9313] active_file:4685 inactive_file:51483 isolated_file:0 [ 243.326918][ T9313] unevictable:768 dirty:304 writeback:0 [ 243.326918][ T9313] slab_reclaimable:10733 slab_unreclaimable:99210 [ 243.326918][ T9313] mapped:36083 shmem:61496 pagetables:944 [ 243.326918][ T9313] sec_pagetables:0 bounce:0 [ 243.326918][ T9313] kernel_misc_reclaimable:0 [ 243.326918][ T9313] free:1266431 free_pcp:3902 free_cma:0 [ 243.665136][ T9313] Node 0 active_anon:275412kB inactive_anon:0kB active_file:18740kB inactive_file:205856kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:144832kB dirty:1216kB writeback:0kB shmem:246448kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11772kB pagetables:3476kB sec_pagetables:0kB all_unreclaimable? no [ 243.893904][ T9313] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 243.913866][ T9326] GUP no longer grows the stack in syz.1.907 (9326): 14000-401000 (4000) [ 243.943345][ T9326] CPU: 1 UID: 0 PID: 9326 Comm: syz.1.907 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 [ 243.953982][ T9326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 243.964047][ T9326] Call Trace: [ 243.967327][ T9326] [ 243.970260][ T9326] dump_stack_lvl+0x16c/0x1f0 [ 243.974953][ T9326] gup_vma_lookup+0x1d2/0x220 [ 243.979643][ T9326] __get_user_pages+0x236/0x3b50 [ 243.984602][ T9326] ? hlock_class+0x4e/0x130 [ 243.989119][ T9326] ? __lock_acquire+0x15a9/0x3c40 [ 243.994174][ T9326] ? __pfx___get_user_pages+0x10/0x10 [ 243.999595][ T9326] __gup_longterm_locked+0x211/0x1870 [ 244.004999][ T9326] ? __pfx___lock_acquire+0x10/0x10 [ 244.010231][ T9326] ? __pfx___gup_longterm_locked+0x10/0x10 [ 244.016054][ T9326] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 244.021711][ T9326] ? rwsem_read_trylock+0x12d/0x250 [ 244.026928][ T9326] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 244.032483][ T9326] ? process_vm_rw_core.constprop.0+0x3ff/0x9c0 [ 244.038746][ T9326] pin_user_pages_remote+0xee/0x150 [ 244.043966][ T9326] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 244.049799][ T9326] ? down_read+0xc9/0x330 [ 244.054156][ T9326] process_vm_rw_core.constprop.0+0x42b/0x9c0 [ 244.060255][ T9326] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 244.066881][ T9326] process_vm_rw+0x301/0x360 [ 244.071487][ T9326] ? __pfx_process_vm_rw+0x10/0x10 [ 244.076611][ T9326] ? __pfx_futex_wake+0x10/0x10 [ 244.081474][ T9326] ? up_write+0x1b2/0x520 [ 244.085820][ T9326] ? __pfx___do_sys_mremap+0x10/0x10 [ 244.091136][ T9326] ? xfd_validate_state+0x5d/0x180 [ 244.096256][ T9326] ? rcu_is_watching+0x12/0xc0 [ 244.101037][ T9326] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 244.106683][ T9326] ? do_syscall_64+0x91/0x250 [ 244.111371][ T9326] ? lockdep_hardirqs_on+0x7c/0x110 [ 244.116575][ T9326] do_syscall_64+0xcd/0x250 [ 244.121088][ T9326] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.126993][ T9326] RIP: 0033:0x7f687b785d29 [ 244.131408][ T9326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 244.151019][ T9326] RSP: 002b:00007f687c51f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 244.159435][ T9326] RAX: ffffffffffffffda RBX: 00007f687b976080 RCX: 00007f687b785d29 [ 244.167440][ T9326] RDX: 0000000000000004 RSI: 0000000020000040 RDI: 0000000000000382 [ 244.175412][ T9326] RBP: 00007f687b801aa8 R08: 0000000000000006 R09: 0000000000000000 [ 244.183383][ T9326] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000 [ 244.191372][ T9326] R13: 0000000000000000 R14: 00007f687b976080 R15: 00007ffd00cf50b8 [ 244.199372][ T9326] [ 244.513396][ T9313] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 244.517451][ T9325] netlink: 4 bytes leftover after parsing attributes in process `syz.1.907'. [ 244.630099][ T9313] lowmem_reserve[]: 0 2465 2466 0 0 [ 244.672490][ T9325] netlink: 4 bytes leftover after parsing attributes in process `syz.1.907'. [ 244.681584][ T9313] Node 0 DMA32 free:1151656kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:264476kB inactive_anon:0kB active_file:18740kB inactive_file:205028kB unevictable:1536kB writepending:1636kB present:3129332kB managed:2551336kB mlocked:0kB bounce:0kB free_pcp:18432kB local_pcp:6520kB free_cma:0kB [ 244.771080][ T9313] lowmem_reserve[]: 0 0 0 0 0 [ 244.817281][ T9313] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:828kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 244.982867][ T9313] lowmem_reserve[]: 0 0 0 0 0 [ 245.016657][ T9313] Node 1 Normal free:3901072kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:6308kB local_pcp:5724kB free_cma:0kB [ 245.270568][ T9313] lowmem_reserve[]: 0 0 0 0 0 [ 245.303393][ T9313] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 245.437800][ T9313] Node 0 DMA32: 5468*4kB (UM) 962*8kB (UME) 755*16kB (UME) 192*32kB (UME) 135*64kB (UME) 99*128kB (UME) 212*256kB (UME) 145*512kB (UME) 110*1024kB (UME) 35*2048kB (UME) 199*4096kB (M) = 1197040kB [ 245.603422][ T9313] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 245.790428][ T9313] Node 1 Normal: 42*4kB (UME) 47*8kB (UME) 23*16kB (UME) 182*32kB (UME) 83*64kB (UME) 25*128kB (UME) 11*256kB (UM) 8*512kB (UME) 6*1024kB (UM) 5*2048kB (UM) 943*4096kB (UM) = 3901072kB [ 245.952949][ T9313] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 246.012970][ T9313] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 246.089421][ T9313] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 246.154426][ T9313] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 246.187569][ T9313] 69196 total pagecache pages [ 246.198061][ T9313] 0 pages in swap cache [ 246.206802][ T9313] Free swap = 124476kB [ 246.216734][ T9313] Total swap = 124996kB [ 246.225446][ T9313] 2097051 pages RAM [ 246.232780][ T9313] 0 pages HighMem/MovableOnly [ 246.243444][ T9313] 427367 pages reserved [ 246.252240][ T9313] 0 pages cma reserved [ 246.517381][ T9361] misc userio: The device must be registered before sending interrupts [ 246.539293][ T9361] netlink: 16 bytes leftover after parsing attributes in process `syz.1.916'. [ 246.920591][ T9367] netlink: 4 bytes leftover after parsing attributes in process `syz.2.917'. [ 247.147829][ T9372] netlink: 4 bytes leftover after parsing attributes in process `syz.5.918'. [ 247.161697][ T9372] netlink: 4 bytes leftover after parsing attributes in process `syz.5.918'. [ 248.385195][ T9416] misc userio: The device must be registered before sending interrupts [ 248.407781][ T9416] netlink: 16 bytes leftover after parsing attributes in process `syz.4.931'. [ 250.025046][ T9455] netlink: 16 bytes leftover after parsing attributes in process `syz.2.948'. [ 250.704165][ T9468] Process accounting resumed [ 251.543882][ T9496] netlink: 16 bytes leftover after parsing attributes in process `syz.4.959'. [ 252.825347][ T5832] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 252.851054][ T5832] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 252.862576][ T5832] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 252.872762][ T5832] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 252.882402][ T5832] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 252.891313][ T5832] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 253.461653][ T9514] chnl_net:caif_netlink_parms(): no params data found [ 253.715407][ T9530] netlink: 16 bytes leftover after parsing attributes in process `syz.2.971'. [ 253.777431][ T9514] bridge0: port 1(bridge_slave_0) entered blocking state [ 253.794349][ T9514] bridge0: port 1(bridge_slave_0) entered disabled state [ 253.801594][ T9514] bridge_slave_0: entered allmulticast mode [ 253.847887][ T9514] bridge_slave_0: entered promiscuous mode [ 253.881912][ T9514] bridge0: port 2(bridge_slave_1) entered blocking state [ 253.903911][ T9514] bridge0: port 2(bridge_slave_1) entered disabled state [ 253.921529][ T9514] bridge_slave_1: entered allmulticast mode [ 253.943316][ T9514] bridge_slave_1: entered promiscuous mode [ 254.066173][ T9514] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 254.082897][ T9514] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 254.168524][ T9514] team0: Port device team_slave_0 added [ 254.196504][ T9514] team0: Port device team_slave_1 added [ 254.326899][ T9514] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 254.353810][ T9514] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 254.442572][ T9514] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 254.485851][ T9514] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 254.492849][ T9514] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 254.563796][ T9514] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 254.943924][ T5832] Bluetooth: hci0: command tx timeout [ 254.956072][ T9514] hsr_slave_0: entered promiscuous mode [ 254.980364][ T9514] hsr_slave_1: entered promiscuous mode [ 255.711465][ T9514] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.844308][ T9514] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.983364][ T9514] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.997294][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.997346][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.196530][ T9514] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 256.454068][ T9566] misc userio: The device must be registered before sending interrupts [ 256.496461][ T9566] netlink: 16 bytes leftover after parsing attributes in process `syz.4.981'. [ 256.607827][ T9514] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 256.620726][ T9514] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 256.633632][ T9514] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 256.650542][ T9514] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 256.950558][ T9514] 8021q: adding VLAN 0 to HW filter on device bond0 [ 257.023827][ T5832] Bluetooth: hci0: command tx timeout [ 257.036533][ T9514] 8021q: adding VLAN 0 to HW filter on device team0 [ 257.068402][ T7836] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.075649][ T7836] bridge0: port 1(bridge_slave_0) entered forwarding state [ 257.275205][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.282360][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 257.718512][ T9514] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 257.809388][ T9514] veth0_vlan: entered promiscuous mode [ 257.839899][ T9514] veth1_vlan: entered promiscuous mode [ 257.907860][ T9514] veth0_macvtap: entered promiscuous mode [ 257.927040][ T9514] veth1_macvtap: entered promiscuous mode [ 257.962989][ T9514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 257.993778][ T9514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 258.003634][ T9514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 258.043971][ T9514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 258.063932][ T9514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 258.083783][ T9514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 258.093635][ T9514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 258.123786][ T9514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 258.133648][ T9514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 258.173786][ T9514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 258.195069][ T9514] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 258.204746][ T9514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 258.223876][ T9514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 258.233726][ T9514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 258.244276][ T9514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 258.254139][ T9514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 258.264755][ T9514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 258.274713][ T9514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 258.285284][ T9514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 258.295156][ T9514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 258.305668][ T9514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 258.316499][ T9514] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 258.356224][ T9514] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 258.373954][ T9514] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 258.382694][ T9514] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 258.393786][ T9514] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 258.561632][ T7751] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 258.573257][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 258.612069][ T7751] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 258.614959][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 259.104425][ T5832] Bluetooth: hci0: command tx timeout [ 260.074227][ T9615] misc userio: The device must be registered before sending interrupts [ 260.102452][ T9615] netlink: 16 bytes leftover after parsing attributes in process `syz.2.993'. [ 260.794295][ T9627] netlink: 222 bytes leftover after parsing attributes in process `syz.4.998'. [ 261.119383][ T9640] netlink: 'syz.4.1003': attribute type 11 has an invalid length. [ 261.184380][ T5832] Bluetooth: hci0: command tx timeout [ 261.587039][ T9657] misc userio: The device must be registered before sending interrupts [ 261.645045][ T9657] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1009'. [ 261.834973][ T9663] netlink: 334 bytes leftover after parsing attributes in process `syz.5.1012'. [ 263.323909][ T9716] misc userio: The device must be registered before sending interrupts [ 263.365838][ T9716] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1027'. [ 263.414138][ T9720] misc userio: The device must be registered before sending interrupts [ 263.432544][ T9720] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1028'. [ 263.470645][ T9722] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1029'. [ 263.480156][ T9722] tc_dump_action: action bad kind [ 265.119852][ T9770] misc userio: The device must be registered before sending interrupts [ 265.143038][ T9771] misc userio: The device must be registered before sending interrupts [ 265.146247][ T9770] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1047'. [ 265.182644][ T9771] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1048'. [ 265.640185][ T29] audit: type=1804 audit(1735010992.677:9): pid=9780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1050" name="/newroot/sys/kernel/debug/tracing/trace" dev="tracefs" ino=25 res=1 errno=0 [ 265.738925][ T9779] Process accounting resumed [ 265.750585][ T9779] kernel write not supported for file /trace (pid: 9779 comm: syz.4.1050) [ 266.229109][ T9784] kernel write not supported for file /trace (pid: 9784 comm: syz.4.1052) [ 267.299839][ T9803] kernel write not supported for file /trace (pid: 9803 comm: syz.4.1059) [ 267.554436][ T9825] misc userio: The device must be registered before sending interrupts [ 267.584576][ T9825] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1064'. [ 267.660049][ T9818] zswap: compressor not available [ 268.374907][ T9821] kernel write not supported for file /trace (pid: 9821 comm: syz.4.1064) [ 269.177987][ T9853] misc userio: The device must be registered before sending interrupts [ 269.337963][ T9843] kernel write not supported for file /trace (pid: 9843 comm: syz.4.1069) [ 269.876233][ T9863] kernel write not supported for file /trace (pid: 9863 comm: syz.4.1073) [ 270.106921][ T9868] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1075'. [ 270.141229][ T9868] vcan0: entered promiscuous mode [ 270.231561][ T9869] kernel write not supported for file /trace (pid: 9869 comm: syz.4.1076) [ 270.614656][ T9878] kernel write not supported for file /trace (pid: 9878 comm: syz.4.1080) [ 271.103188][ T9883] kernel write not supported for file /trace (pid: 9883 comm: syz.4.1082) [ 271.160639][ T9898] misc userio: The device must be registered before sending interrupts [ 271.567173][ T9897] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1085'. [ 271.648950][ T9901] kernel write not supported for file /trace (pid: 9901 comm: syz.4.1087) [ 271.823787][ T29] audit: type=1804 audit(1735010998.857:10): pid=9905 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.1088" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/enable" dev="tracefs" ino=19680823 res=1 errno=0 [ 272.863179][ T9907] kernel write not supported for file /trace (pid: 9907 comm: syz.4.1089) [ 273.381743][ T9927] kernel write not supported for file /trace (pid: 9927 comm: syz.4.1094) [ 273.531860][ T9936] misc userio: The device must be registered before sending interrupts [ 274.185679][ T9864] kernel write not supported for file /trace (pid: 9864 comm: syz.4.1073) [ 274.676167][ T9942] kernel write not supported for file /trace (pid: 9942 comm: syz.4.1108) [ 276.076820][ T9955] kernel write not supported for file /trace (pid: 9955 comm: syz.4.1102) [ 276.990292][ T9982] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1113'. [ 277.111122][ T9984] misc userio: The device must be registered before sending interrupts [ 277.842313][ T9968] kernel write not supported for file /trace (pid: 9968 comm: syz.4.1106) [ 278.010077][ T9991] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1114'. [ 278.065429][ T9996] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 278.221304][ T9991] bond0: (slave bond_slave_1): Releasing backup interface [ 278.260335][ T9994] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1117'. [ 278.513676][T10003] kernel write not supported for file /trace (pid: 10003 comm: syz.4.1115) [ 278.688439][T10009] misc userio: The device must be registered before sending interrupts [ 278.897977][T10014] misc userio: The device must be registered before sending interrupts [ 278.968548][T10014] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1119'. [ 279.262968][T10010] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1118'. [ 279.952246][ T9952] kernel write not supported for file /trace (pid: 9952 comm: syz.4.1102) [ 280.055677][T10013] kernel write not supported for file /trace (pid: 10013 comm: syz.4.1118) [ 281.298811][T10051] misc userio: The device must be registered before sending interrupts [ 281.407928][T10031] kernel write not supported for file /trace (pid: 10031 comm: syz.4.1123) [ 282.253166][T10060] kernel write not supported for file /trace (pid: 10060 comm: syz.4.1142) [ 282.548286][T10064] kernel write not supported for file /trace (pid: 10064 comm: syz.4.1135) [ 282.885306][T10015] kernel write not supported for file /trace (pid: 10015 comm: syz.4.1118) [ 283.023560][T10073] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1139'. [ 283.332636][T10069] kernel write not supported for file /trace (pid: 10069 comm: syz.4.1138) [ 283.684033][T10089] misc userio: The device must be registered before sending interrupts [ 283.741520][T10089] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1145'. [ 284.053549][T10084] kernel write not supported for file /trace (pid: 10084 comm: syz.4.1144) [ 284.250281][T10094] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1147'. [ 284.410329][T10094] team0: Port device team_slave_0 removed [ 284.629022][T10094] kernel write not supported for file /trace (pid: 10094 comm: syz.4.1147) [ 285.222318][T10105] kernel write not supported for file /trace (pid: 10105 comm: syz.4.1150) [ 285.421833][T10114] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 285.489579][T10114] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 285.532038][T10114] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 285.586603][T10114] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 285.621112][T10114] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 285.639682][T10118] kernel write not supported for file /trace (pid: 10118 comm: syz.4.1153) [ 285.682783][T10114] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 285.782930][T10127] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1155'. [ 285.811836][T10127] mac80211_hwsim hwsim11 wlan0: entered promiscuous mode [ 285.829415][T10127] mac80211_hwsim hwsim11 wlan0: entered allmulticast mode [ 286.317033][T10127] kernel write not supported for file /trace (pid: 10127 comm: syz.4.1155) [ 286.483857][T10136] misc userio: The device must be registered before sending interrupts [ 286.522152][T10136] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1158'. [ 286.721294][T10133] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1156'. [ 286.755374][T10133] tc_dump_action: action bad kind [ 286.771594][T10140] netlink: 130 bytes leftover after parsing attributes in process `syz.5.1161'. [ 287.410354][T10136] kernel write not supported for file /trace (pid: 10136 comm: syz.4.1158) [ 287.424466][ T5832] Bluetooth: hci2: command 0x0406 tx timeout [ 287.504009][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout [ 287.593949][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 287.674143][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 287.723353][T10153] program syz.2.1164 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 287.741978][T10153] futex_wake_op: syz.2.1164 tries to shift op by 64; fix this program [ 287.823721][T10149] kernel write not supported for file /trace (pid: 10149 comm: syz.4.1165) [ 289.487132][T10156] kernel write not supported for file /trace (pid: 10156 comm: syz.4.1166) [ 289.744052][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 290.094688][T10170] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1168'. [ 291.098554][T10174] kernel write not supported for file /trace (pid: 10174 comm: syz.4.1170) [ 291.320633][T10191] misc userio: The device must be registered before sending interrupts [ 291.356823][T10191] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1174'. [ 291.518484][T10183] kernel write not supported for file /trace (pid: 10183 comm: syz.4.1171) [ 291.662367][T10199] kernel write not supported for file /trace (pid: 10199 comm: syz.4.1176) [ 291.825404][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 292.330471][T10209] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1187'. [ 292.794361][T10205] kernel write not supported for file /trace (pid: 10205 comm: syz.4.1187) [ 293.035856][T10219] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 293.173013][T10216] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1181'. [ 293.182080][T10216] tc_dump_action: action bad kind [ 293.316135][T10223] kernel write not supported for file /trace (pid: 10223 comm: syz.4.1182) [ 293.466815][T10229] kernel write not supported for file /trace (pid: 10229 comm: syz.4.1184) [ 293.756643][T10240] misc userio: The device must be registered before sending interrupts [ 293.795861][T10240] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1188'. [ 294.220970][T10242] kernel write not supported for file /trace (pid: 10242 comm: syz.4.1185) [ 294.360198][T10228] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 294.515922][T10233] kernel write not supported for file /trace (pid: 10233 comm: syz.4.1185) [ 294.665010][T10253] program syz.1.1192 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 294.692939][T10253] futex_wake_op: syz.1.1192 tries to shift op by 64; fix this program [ 294.769360][T10250] kernel write not supported for file /trace (pid: 10250 comm: syz.4.1191) [ 294.989608][T10255] kernel write not supported for file /trace (pid: 10255 comm: syz.4.1194) [ 295.367259][T10258] bridge0: port 3(team0) entered blocking state [ 295.375097][T10258] bridge0: port 3(team0) entered disabled state [ 295.381511][T10258] team0: entered allmulticast mode [ 295.387248][T10258] team_slave_1: entered allmulticast mode [ 295.396170][T10258] team0: entered promiscuous mode [ 295.401303][T10258] team_slave_1: entered promiscuous mode [ 295.407729][T10258] bridge0: port 3(team0) entered blocking state [ 295.414122][T10258] bridge0: port 3(team0) entered forwarding state [ 295.457509][T10258] kernel write not supported for file /trace (pid: 10258 comm: syz.4.1195) [ 295.681271][T10263] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 295.974334][T10267] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1197'. [ 295.983447][T10267] tc_dump_action: action bad kind [ 296.491861][T10267] Process accounting paused [ 296.619656][T10287] misc userio: The device must be registered before sending interrupts [ 296.637381][T10287] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1202'. [ 296.869071][T10265] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 298.435423][T10317] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1210'. [ 299.082659][T10325] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1211'. [ 299.391410][T10309] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 299.980965][T10339] misc userio: The device must be registered before sending interrupts [ 300.584267][T10351] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 300.592829][T10351] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 300.626769][T10351] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 300.632874][T10351] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 300.776877][T10356] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1221'. [ 302.008655][T10381] misc userio: The device must be registered before sending interrupts [ 302.041299][T10381] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1236'. [ 302.640260][ T5841] Bluetooth: hci4: command 0x0c1a tx timeout [ 302.646597][ T5841] Bluetooth: hci2: command 0x0406 tx timeout [ 302.707268][ T5841] Bluetooth: hci1: command 0x0c1a tx timeout [ 302.714414][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 303.193027][T10396] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1232'. [ 303.412912][T10400] misc userio: The device must be registered before sending interrupts [ 303.618838][T10396] team0 (unregistering): Port device team_slave_0 removed [ 303.658881][T10396] team0 (unregistering): Port device team_slave_1 removed [ 304.520151][T10411] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1238'. [ 304.531212][T10417] misc userio: The device must be registered before sending interrupts [ 304.582745][T10417] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1239'. [ 304.957331][T10428] misc userio: The device must be registered before sending interrupts [ 304.996990][T10428] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1240'. [ 305.850699][T10439] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 305.981798][T10444] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1245'. [ 306.007329][T10444] bridge0: port 3(team0) entered disabled state [ 306.169903][T10444] team0 (unregistering): left allmulticast mode [ 306.180128][T10444] team_slave_1: left allmulticast mode [ 306.190063][T10444] team0 (unregistering): left promiscuous mode [ 306.200340][T10444] team_slave_1: left promiscuous mode [ 306.207091][T10444] bridge0: port 3(team0) entered disabled state [ 306.235134][T10444] team0 (unregistering): Port device team_slave_1 removed [ 306.868360][T10456] misc userio: The device must be registered before sending interrupts [ 308.016547][T10473] zswap: compressor not available [ 308.534605][T10494] misc userio: The device must be registered before sending interrupts [ 308.598658][T10494] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1259'. [ 309.228623][T10502] misc userio: The device must be registered before sending interrupts [ 309.252912][T10502] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1262'. [ 311.079209][T10524] HSR: entered promiscuous mode [ 311.102528][T10524] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1267'. [ 311.664809][T10534] zswap: compressor not available [ 313.261939][T10559] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1276'. [ 313.384557][T10559] hsr_slave_1 (unregistering): left promiscuous mode [ 313.428524][T10563] FAULT_INJECTION: forcing a failure. [ 313.428524][T10563] name failslab, interval 1, probability 0, space 0, times 0 [ 313.501992][T10563] CPU: 1 UID: 0 PID: 10563 Comm: syz.1.1277 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 [ 313.512820][T10563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 313.522887][T10563] Call Trace: [ 313.526170][T10563] [ 313.529106][T10563] dump_stack_lvl+0x16c/0x1f0 [ 313.533796][T10563] should_fail_ex+0x497/0x5b0 [ 313.538481][T10563] ? fs_reclaim_acquire+0xae/0x150 [ 313.543601][T10563] should_failslab+0xc2/0x120 [ 313.548290][T10563] __kmalloc_cache_noprof+0x68/0x420 [ 313.553586][T10563] rtnl_newlink+0x108/0x1d70 [ 313.558184][T10563] ? hlock_class+0x4e/0x130 [ 313.562691][T10563] ? __lock_acquire+0xcc5/0x3c40 [ 313.567632][T10563] ? __pfx_rtnl_newlink+0x10/0x10 [ 313.572665][T10563] ? __pfx___lock_acquire+0x10/0x10 [ 313.577866][T10563] ? aa_get_newest_label+0x376/0x680 [ 313.583173][T10563] ? find_held_lock+0x2d/0x110 [ 313.587962][T10563] ? find_held_lock+0x2d/0x110 [ 313.592740][T10563] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 313.597857][T10563] ? __pfx_lock_release+0x10/0x10 [ 313.602881][T10563] ? trace_lock_acquire+0x14e/0x1f0 [ 313.608094][T10563] ? __pfx_rtnl_newlink+0x10/0x10 [ 313.613126][T10563] rtnetlink_rcv_msg+0x95b/0xea0 [ 313.618078][T10563] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 313.623545][T10563] ? __pfx___dev_queue_xmit+0x10/0x10 [ 313.628933][T10563] netlink_rcv_skb+0x165/0x410 [ 313.633701][T10563] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 313.639174][T10563] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 313.644494][T10563] ? netlink_deliver_tap+0x1ae/0xca0 [ 313.649784][T10563] netlink_unicast+0x53c/0x7f0 [ 313.654555][T10563] ? __pfx_netlink_unicast+0x10/0x10 [ 313.659844][T10563] ? __phys_addr_symbol+0x30/0x80 [ 313.664875][T10563] ? __check_object_size+0x488/0x710 [ 313.670172][T10563] netlink_sendmsg+0x8b8/0xd70 [ 313.674948][T10563] ? __pfx_netlink_sendmsg+0x10/0x10 [ 313.680244][T10563] __sys_sendto+0x488/0x4f0 [ 313.684756][T10563] ? __pfx___sys_sendto+0x10/0x10 [ 313.689786][T10563] ? reacquire_held_locks+0x20b/0x4c0 [ 313.695161][T10563] ? do_user_addr_fault+0xdc7/0x13f0 [ 313.700472][T10563] __x64_sys_sendto+0xe0/0x1c0 [ 313.705242][T10563] ? do_syscall_64+0x91/0x250 [ 313.709925][T10563] ? lockdep_hardirqs_on+0x7c/0x110 [ 313.715130][T10563] do_syscall_64+0xcd/0x250 [ 313.719638][T10563] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 313.725544][T10563] RIP: 0033:0x7f2b56387bbc [ 313.729962][T10563] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 313.749571][T10563] RSP: 002b:00007f2b57169ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 313.757990][T10563] RAX: ffffffffffffffda RBX: 00007f2b57169fc0 RCX: 00007f2b56387bbc [ 313.765962][T10563] RDX: 0000000000000020 RSI: 00007f2b5716a010 RDI: 0000000000000003 [ 313.773931][T10563] RBP: 0000000000000000 R08: 00007f2b57169f14 R09: 000000000000000c [ 313.781903][T10563] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 313.789873][T10563] R13: 00007f2b57169f68 R14: 00007f2b5716a010 R15: 0000000000000000 [ 313.797873][T10563] [ 314.460819][T10576] misc userio: The device must be registered before sending interrupts [ 314.585479][T10582] misc userio: The device must be registered before sending interrupts [ 314.619080][T10582] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1283'. [ 315.508138][T10586] netlink: 'syz.5.1285': attribute type 19 has an invalid length. [ 315.533915][T10586] netlink: 310 bytes leftover after parsing attributes in process `syz.5.1285'. [ 316.177766][T10599] misc userio: The device must be registered before sending interrupts [ 316.238999][T10597] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1287'. [ 316.892842][T10611] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1291'. [ 317.073367][T10612] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 317.400853][T10620] misc userio: The device must be registered before sending interrupts [ 317.429785][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.440459][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.637686][T10623] misc userio: The device must be registered before sending interrupts [ 317.714360][T10623] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1301'. [ 319.458304][T10659] misc userio: The device must be registered before sending interrupts [ 319.544619][T10659] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1307'. [ 320.507854][T10677] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 320.915814][T10685] [U] fȏ9H߰O(BhLg*)J%6 [ 320.922295][T10685] [U] L [ 323.728123][T10734] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1326'. [ 324.723953][T10753] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1330'. [ 324.753912][T10753] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1330'. [ 326.287929][T10792] can0: slcan on ptm0. [ 326.685716][T10791] can0 (unregistered): slcan off ptm0. [ 326.859660][T10783] Process accounting resumed [ 326.903856][T10783] kernel write not supported for file /trace (pid: 10783 comm: syz.4.1346) [ 327.482170][T10820] kernel write not supported for file /trace (pid: 10820 comm: syz.4.1347) [ 328.338352][T10848] kernel write not supported for file /trace (pid: 10848 comm: syz.4.1351) [ 328.607126][T10861] mkiss: ax0: crc mode is auto. [ 329.708767][T10888] misc userio: The device must be registered before sending interrupts [ 329.731323][T10888] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1359'. [ 329.743286][T10877] kernel write not supported for file /trace (pid: 10877 comm: syz.4.1355) [ 330.653556][T10908] netlink: 330 bytes leftover after parsing attributes in process `syz.5.1364'. [ 330.740680][T10915] netlink: 330 bytes leftover after parsing attributes in process `syz.5.1364'. [ 330.775288][T10908] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1364'. [ 330.819881][T10915] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1364'. [ 330.871547][T10919] mkiss: ax0: crc mode is auto. [ 331.629771][T10932] kernel write not supported for file /trace (pid: 10932 comm: syz.4.1360) [ 332.479005][T10830] kernel write not supported for file /trace (pid: 10830 comm: syz.4.1347) [ 332.949298][T10954] kernel write not supported for file /trace (pid: 10954 comm: syz.4.1370) [ 333.267859][T10979] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1376'. [ 333.321312][T10979] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1376'. [ 333.396551][T10979] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1376'. [ 333.427996][T10979] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1376'. [ 333.502699][T10978] kernel write not supported for file /trace (pid: 10978 comm: syz.4.1376) [ 333.591587][T10989] Process accounting resumed [ 334.297156][T10991] kernel write not supported for file /trace (pid: 10991 comm: syz.4.1382) [ 334.809870][T11008] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1386'. [ 335.275487][T11022] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1391'. [ 335.313221][T11022] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1391'. [ 335.377802][T11024] mkiss: ax0: crc mode is auto. [ 335.388581][T11022] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1391'. [ 335.418350][T11022] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1391'. [ 335.537811][T11005] kernel write not supported for file /trace (pid: 11005 comm: syz.4.1387) [ 335.730415][T11030] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1395'. [ 335.759459][T11025] kernel write not supported for file /trace (pid: 11025 comm: syz.4.1394) [ 336.560411][T11042] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1399'. [ 336.952599][T11037] kernel write not supported for file /trace (pid: 11037 comm: syz.4.1397) [ 338.268124][T11060] kernel write not supported for file /trace (pid: 11060 comm: syz.4.1402) [ 339.465890][T11092] kernel write not supported for file /trace (pid: 11092 comm: syz.4.1408) [ 339.761721][T11126] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1410'. [ 340.557488][T11154] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1418'. [ 340.658913][T11154] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 340.693182][T11154] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 340.737938][T11154] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 340.759492][T11137] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1409'. [ 340.774786][T11154] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 341.018972][T11145] kernel write not supported for file /trace (pid: 11145 comm: syz.4.1409) [ 341.103529][T11043] kernel write not supported for file /trace (pid: 11043 comm: syz.4.1397) [ 341.728693][T11167] kernel write not supported for file /trace (pid: 11167 comm: syz.4.1420) [ 342.210383][T11173] netlink: 146 bytes leftover after parsing attributes in process `syz.2.1424'. [ 342.951449][T11177] kernel write not supported for file /trace (pid: 11177 comm: syz.4.1430) [ 343.367549][T11193] kernel write not supported for file /trace (pid: 11193 comm: syz.4.1427) [ 344.419636][T11215] netlink: 'syz.5.1436': attribute type 11 has an invalid length. [ 345.642414][T11233] netlink: 'syz.2.1442': attribute type 19 has an invalid length. [ 345.664075][T11233] netlink: 310 bytes leftover after parsing attributes in process `syz.2.1442'. [ 345.924546][T11202] kernel write not supported for file /trace (pid: 11202 comm: syz.4.1432) [ 346.334012][T11255] ICMPv6: process `syz.5.1445' is using deprecated sysctl (syscall) net.ipv6.neigh.virt_wifi0.retrans_time - use net.ipv6.neigh.virt_wifi0.retrans_time_ms instead [ 346.771280][T11256] kernel write not supported for file /trace (pid: 11256 comm: syz.4.1443) [ 347.263203][T11169] kernel write not supported for file /trace (pid: 11169 comm: syz.4.1420) [ 347.490231][T11278] erspan0: entered allmulticast mode [ 347.852054][T11269] nbd: couldn't find device at index 486539264 [ 348.805380][T11299] netlink: 'syz.2.1455': attribute type 11 has an invalid length. [ 349.237210][T11270] kernel write not supported for file /trace (pid: 11270 comm: syz.4.1449) [ 349.780613][T11305] kernel write not supported for file /trace (pid: 11305 comm: syz.4.1457) [ 350.991541][T11312] kernel write not supported for file /trace (pid: 11312 comm: syz.4.1466) [ 351.063261][T11328] misc userio: No port type given on /dev/userio [ 351.076951][T11328] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1461'. [ 352.086220][T11340] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 352.606693][T11329] kernel write not supported for file /trace (pid: 11329 comm: syz.4.1463) [ 352.871702][T11350] hugetlbfs: syz.4.1468 (11350): Using mlock ulimits for SHM_HUGETLB is obsolete [ 352.986946][T11350] kernel write not supported for file /trace (pid: 11350 comm: syz.4.1468) [ 353.448844][T11357] kernel write not supported for file /trace (pid: 11357 comm: syz.4.1470) [ 354.429934][T11379] erspan0: entered allmulticast mode [ 355.011067][T11377] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 356.156979][T11364] kernel write not supported for file /trace (pid: 11364 comm: syz.4.1472) [ 357.244249][T11406] Process accounting paused [ 357.330018][T11411] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1484'. [ 357.340107][T11411] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1484'. [ 358.819973][T11438] batman_adv: Routing algorithm '' is not supported [ 359.109051][T11447] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 359.504468][T11465] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1497'. [ 361.061317][T11494] nvme_fcloop: unknown parameter or missing value '/' [ 361.376302][T11505] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1507'. [ 363.332645][T11555] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1521'. [ 363.514660][T11559] misc userio: The device must be registered before sending interrupts [ 363.554355][T11559] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1522'. [ 364.626492][T11588] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1533'. [ 364.635802][T11588] IPv6: NLM_F_CREATE should be specified when creating new route [ 364.643719][T11588] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 364.651494][T11588] IPv6: NLM_F_CREATE should be set when creating new route [ 364.658879][T11588] IPv6: NLM_F_CREATE should be set when creating new route [ 364.666174][T11588] IPv6: NLM_F_CREATE should be set when creating new route [ 364.821571][T11594] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1535'. [ 367.169272][T11645] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1551'. [ 367.195344][T11643] Process accounting resumed [ 367.976506][T11651] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1553'. [ 368.007924][T11657] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1555'. [ 368.906361][T11663] zero sized request [ 368.951891][T11663] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1556'. [ 369.448321][T11667] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1558'. [ 370.975398][T11681] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1563'. [ 371.542359][T11712] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1570'. [ 372.109823][T11730] netlink: 338 bytes leftover after parsing attributes in process `syz.5.1577'. [ 372.119802][T11730] netlink: 338 bytes leftover after parsing attributes in process `syz.5.1577'. [ 372.272544][T11727] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1576'. [ 372.794232][T11743] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1581'. [ 373.142237][T11752] misc userio: The device must be registered before sending interrupts [ 373.167966][T11752] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1590'. [ 373.483408][T11759] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1586'. [ 373.559233][T11759] hsr_slave_1 (unregistering): left promiscuous mode [ 373.838302][T11770] Invalid ELF header magic: != ELF [ 374.035200][T11775] random: crng reseeded on system resumption [ 375.142165][T11796] sctp: [Deprecated]: syz.2.1599 (pid 11796) Use of struct sctp_assoc_value in delayed_ack socket option. [ 375.142165][T11796] Use struct sctp_sack_info instead [ 375.293676][T11804] misc userio: The device must be registered before sending interrupts [ 375.305497][T11804] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1601'. [ 375.700790][T11813] openvswitch: netlink: IP tunnel dst address not specified [ 376.068804][T11820] Invalid ELF header magic: != ELF [ 376.592140][T11837] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1611'. [ 377.139989][T11845] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1614'. [ 377.698108][T11857] misc userio: The device must be registered before sending interrupts [ 377.717597][T11857] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1618'. [ 378.059040][T11861] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1619'. [ 378.874211][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.880598][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.942226][T11878] sctp: [Deprecated]: syz.5.1623 (pid 11878) Use of struct sctp_assoc_value in delayed_ack socket option. [ 378.942226][T11878] Use struct sctp_sack_info instead [ 379.293142][T11867] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1621'. [ 380.215752][T11897] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1627'. [ 380.268221][T11904] netlink: 334 bytes leftover after parsing attributes in process `syz.5.1630'. [ 380.279251][T11905] misc userio: The device must be registered before sending interrupts [ 380.295702][T11905] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1632'. [ 380.583120][T11911] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1634'. [ 380.631577][T11911] hsr_slave_1 (unregistering): left promiscuous mode [ 380.851717][T11916] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1635'. [ 381.156644][T11924] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1637'. [ 381.462232][T11918] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1636'. [ 381.971303][T11939] sctp: [Deprecated]: syz.1.1644 (pid 11939) Use of struct sctp_assoc_value in delayed_ack socket option. [ 381.971303][T11939] Use struct sctp_sack_info instead [ 382.412927][T11952] misc userio: The device must be registered before sending interrupts [ 382.471716][T11950] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1646'. [ 382.592020][T11957] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1649'. [ 382.603006][T11957] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1649'. [ 382.668391][T11958] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1648'. [ 382.968944][T11964] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1651'. [ 383.007473][T11964] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 383.106172][T11964] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 383.193392][T11967] netlink: 'syz.2.1651': attribute type 46 has an invalid length. [ 383.854171][T11974] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1652'. [ 385.179547][T11999] misc userio: The device must be registered before sending interrupts [ 386.142299][T12005] __nla_validate_parse: 1 callbacks suppressed [ 386.142322][T12005] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1664'. [ 386.868062][T12017] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1666'. [ 387.423066][T12047] misc userio: The device must be registered before sending interrupts [ 387.476913][T12047] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1675'. [ 388.601665][T12071] netlink: 338 bytes leftover after parsing attributes in process `syz.5.1682'. [ 388.620693][T12071] netlink: 338 bytes leftover after parsing attributes in process `syz.5.1682'. [ 389.398821][T12090] misc userio: The device must be registered before sending interrupts [ 389.475613][T12090] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1689'. [ 389.777642][T12100] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1692'. [ 389.792884][T12100] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1692'. [ 390.385774][T12106] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1693'. [ 390.740851][T12125] netlink: 252 bytes leftover after parsing attributes in process `syz.4.1700'. [ 391.596762][T12150] __nla_validate_parse: 2 callbacks suppressed [ 391.596782][T12150] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1707'. [ 391.622762][T12150] team_slave_0: entered allmulticast mode [ 391.796131][T12167] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1713'. [ 392.137778][T12168] ------------[ cut here ]------------ [ 392.143331][T12168] WARNING: CPU: 0 PID: 12168 at kernel/trace/trace.c:8326 tracing_buffers_mmap_close+0xe3/0x130 [ 392.154211][T12168] Modules linked in: [ 392.158137][T12168] CPU: 0 UID: 0 PID: 12168 Comm: syz.1.1714 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 [ 392.169885][T12168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 392.180871][T12168] RIP: 0010:tracing_buffers_mmap_close+0xe3/0x130 [ 392.187416][T12168] Code: 75 46 48 8b 7b 08 e8 5c 89 ff ff 31 ff 89 c3 89 c6 e8 d1 66 fb ff 85 db 75 0a 48 83 c4 08 5b e9 83 64 fb ff e8 7e 64 fb ff 90 <0f> 0b 90 48 83 c4 08 5b e9 70 64 fb ff e8 0b d4 5d 00 eb 87 e8 34 [ 392.207131][T12168] RSP: 0018:ffffc9000c6d7bb8 EFLAGS: 00010293 [ 392.213232][T12168] RAX: 0000000000000000 RBX: 00000000ffffffed RCX: ffffffff819deabf [ 392.221337][T12168] RDX: ffff88802cac3c00 RSI: ffffffff819dead2 RDI: 0000000000000005 [ 392.229401][T12168] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000 [ 392.237464][T12168] R10: 00000000ffffffed R11: 0000000000000000 R12: ffffffff819de9f0 [ 392.245630][T12168] R13: 0000000000000001 R14: ffff8880653b5070 R15: 0000000000000ff9 [ 392.253631][T12168] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 392.262670][T12168] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 392.270150][T12168] CR2: 0000001b2fffbff8 CR3: 000000006f11a000 CR4: 00000000003526f0 [ 392.279125][T12168] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 392.287216][T12168] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 392.295256][T12168] Call Trace: [ 392.298561][T12168] [ 392.301522][T12168] ? __warn+0xea/0x3c0 [ 392.305712][T12168] ? tracing_buffers_mmap_close+0xe3/0x130 [ 392.311561][T12168] ? report_bug+0x3c0/0x580 [ 392.316170][T12168] ? handle_bug+0x54/0xa0 [ 392.320540][T12168] ? exc_invalid_op+0x17/0x50 [ 392.325321][T12168] ? asm_exc_invalid_op+0x1a/0x20 [ 392.330390][T12168] ? __pfx_tracing_buffers_mmap_close+0x10/0x10 [ 392.336747][T12168] ? tracing_buffers_mmap_close+0xcf/0x130 [ 392.342616][T12168] ? tracing_buffers_mmap_close+0xe2/0x130 [ 392.349280][T12168] ? tracing_buffers_mmap_close+0xe3/0x130 [ 392.355184][T12168] ? tracing_buffers_mmap_close+0xe2/0x130 [ 392.361034][T12168] remove_vma+0x91/0x1b0 [ 392.365409][T12168] exit_mmap+0x4e2/0xb20 [ 392.370523][T12168] ? __pfx_exit_mmap+0x10/0x10 [ 392.376265][T12168] ? __pfx_mark_lock+0x10/0x10 [ 392.381104][T12168] __mmput+0x12a/0x4c0 [ 392.385260][T12168] mmput+0x62/0x70 [ 392.389025][T12168] do_exit+0x9ba/0x2d70 [ 392.393218][T12168] ? __pfx_do_exit+0x10/0x10 [ 392.397915][T12168] ? preempt_schedule_thunk+0x1a/0x30 [ 392.403325][T12168] do_group_exit+0xd3/0x2a0 [ 392.407994][T12168] __x64_sys_exit_group+0x3e/0x50 [ 392.413057][T12168] x64_sys_call+0x151f/0x1720 [ 392.417839][T12168] do_syscall_64+0xcd/0x250 [ 392.422383][T12168] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 392.428350][T12168] RIP: 0033:0x7f2b56385d29 [ 392.432792][T12168] Code: Unable to access opcode bytes at 0x7f2b56385cff. [ 392.439990][T12168] RSP: 002b:00007ffc213be1a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 392.448521][T12168] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2b56385d29 [ 392.456586][T12168] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000 [ 392.464772][T12168] RBP: 00007ffc213be1fc R08: 00007ffc213be28f R09: 000000000005f9f7 [ 392.473595][T12168] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000032 [ 392.482504][T12168] R13: 000000000005f9f7 R14: 00007ffc213be250 R15: 00007ffc213be250 [ 392.490567][T12168] [ 392.493613][T12168] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 392.500907][T12168] CPU: 0 UID: 0 PID: 12168 Comm: syz.1.1714 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 [ 392.511687][T12168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 392.521762][T12168] Call Trace: [ 392.525067][T12168] [ 392.528016][T12168] dump_stack_lvl+0x3d/0x1f0 [ 392.532647][T12168] panic+0x71d/0x800 [ 392.536588][T12168] ? __pfx_panic+0x10/0x10 [ 392.541045][T12168] ? show_trace_log_lvl+0x29d/0x3d0 [ 392.546288][T12168] ? check_panic_on_warn+0x1f/0xb0 [ 392.551436][T12168] ? tracing_buffers_mmap_close+0xe3/0x130 [ 392.557301][T12168] check_panic_on_warn+0xab/0xb0 [ 392.562285][T12168] __warn+0xf6/0x3c0 [ 392.566217][T12168] ? tracing_buffers_mmap_close+0xe3/0x130 [ 392.572059][T12168] report_bug+0x3c0/0x580 [ 392.576426][T12168] handle_bug+0x54/0xa0 [ 392.580621][T12168] exc_invalid_op+0x17/0x50 [ 392.585160][T12168] asm_exc_invalid_op+0x1a/0x20 [ 392.590041][T12168] RIP: 0010:tracing_buffers_mmap_close+0xe3/0x130 [ 392.596493][T12168] Code: 75 46 48 8b 7b 08 e8 5c 89 ff ff 31 ff 89 c3 89 c6 e8 d1 66 fb ff 85 db 75 0a 48 83 c4 08 5b e9 83 64 fb ff e8 7e 64 fb ff 90 <0f> 0b 90 48 83 c4 08 5b e9 70 64 fb ff e8 0b d4 5d 00 eb 87 e8 34 [ 392.616104][T12168] RSP: 0018:ffffc9000c6d7bb8 EFLAGS: 00010293 [ 392.622174][T12168] RAX: 0000000000000000 RBX: 00000000ffffffed RCX: ffffffff819deabf [ 392.630147][T12168] RDX: ffff88802cac3c00 RSI: ffffffff819dead2 RDI: 0000000000000005 [ 392.638118][T12168] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000 [ 392.646088][T12168] R10: 00000000ffffffed R11: 0000000000000000 R12: ffffffff819de9f0 [ 392.654057][T12168] R13: 0000000000000001 R14: ffff8880653b5070 R15: 0000000000000ff9 [ 392.662030][T12168] ? __pfx_tracing_buffers_mmap_close+0x10/0x10 [ 392.668375][T12168] ? tracing_buffers_mmap_close+0xcf/0x130 [ 392.674191][T12168] ? tracing_buffers_mmap_close+0xe2/0x130 [ 392.680007][T12168] ? tracing_buffers_mmap_close+0xe2/0x130 [ 392.685819][T12168] remove_vma+0x91/0x1b0 [ 392.690072][T12168] exit_mmap+0x4e2/0xb20 [ 392.694322][T12168] ? __pfx_exit_mmap+0x10/0x10 [ 392.699094][T12168] ? __pfx_mark_lock+0x10/0x10 [ 392.703885][T12168] __mmput+0x12a/0x4c0 [ 392.707957][T12168] mmput+0x62/0x70 [ 392.711679][T12168] do_exit+0x9ba/0x2d70 [ 392.715846][T12168] ? __pfx_do_exit+0x10/0x10 [ 392.720441][T12168] ? preempt_schedule_thunk+0x1a/0x30 [ 392.725822][T12168] do_group_exit+0xd3/0x2a0 [ 392.730333][T12168] __x64_sys_exit_group+0x3e/0x50 [ 392.735364][T12168] x64_sys_call+0x151f/0x1720 [ 392.740048][T12168] do_syscall_64+0xcd/0x250 [ 392.744559][T12168] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 392.750463][T12168] RIP: 0033:0x7f2b56385d29 [ 392.754877][T12168] Code: Unable to access opcode bytes at 0x7f2b56385cff. [ 392.761888][T12168] RSP: 002b:00007ffc213be1a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 392.770305][T12168] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2b56385d29 [ 392.778277][T12168] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000 [ 392.786248][T12168] RBP: 00007ffc213be1fc R08: 00007ffc213be28f R09: 000000000005f9f7 [ 392.794234][T12168] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000032 [ 392.802209][T12168] R13: 000000000005f9f7 R14: 00007ffc213be250 R15: 00007ffc213be250 [ 392.810189][T12168] [ 392.813341][T12168] Kernel Offset: disabled [ 392.817803][T12168] Rebooting in 86400 seconds..