last executing test programs: 1m13.671037285s ago: executing program 3 (id=1803): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3800000055003d0902000000fcdbdf2507000000", @ANYRES32=r1, @ANYBLOB="20000100", @ANYRES32=r1, @ANYBLOB="01030100e080000200000000000000000000000008"], 0x38}}, 0x4000000) 1m6.434157557s ago: executing program 3 (id=1803): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3800000055003d0902000000fcdbdf2507000000", @ANYRES32=r1, @ANYBLOB="20000100", @ANYRES32=r1, @ANYBLOB="01030100e080000200000000000000000000000008"], 0x38}}, 0x4000000) 56.965553587s ago: executing program 3 (id=1803): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3800000055003d0902000000fcdbdf2507000000", @ANYRES32=r1, @ANYBLOB="20000100", @ANYRES32=r1, @ANYBLOB="01030100e080000200000000000000000000000008"], 0x38}}, 0x4000000) 45.785544586s ago: executing program 3 (id=1803): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3800000055003d0902000000fcdbdf2507000000", @ANYRES32=r1, @ANYBLOB="20000100", @ANYRES32=r1, @ANYBLOB="01030100e080000200000000000000000000000008"], 0x38}}, 0x4000000) 35.359658103s ago: executing program 3 (id=1803): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3800000055003d0902000000fcdbdf2507000000", @ANYRES32=r1, @ANYBLOB="20000100", @ANYRES32=r1, @ANYBLOB="01030100e080000200000000000000000000000008"], 0x38}}, 0x4000000) 25.054701878s ago: executing program 3 (id=1803): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3800000055003d0902000000fcdbdf2507000000", @ANYRES32=r1, @ANYBLOB="20000100", @ANYRES32=r1, @ANYBLOB="01030100e080000200000000000000000000000008"], 0x38}}, 0x4000000) 2.315766815s ago: executing program 2 (id=2465): r0 = socket$inet6(0xa, 0x2, 0x0) unshare(0x62040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) socket$l2tp6(0xa, 0x2, 0x73) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) socket$pppl2tp(0x18, 0x1, 0x1) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000280)={'wg2\x00'}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast}) setsockopt$inet6_int(r0, 0x29, 0xc8, &(0x7f00000005c0)=0x1, 0x4) sendmsg$inet6(r0, &(0x7f0000000600)={&(0x7f0000000080)={0xa, 0x4e20, 0x1000000080000, @private1}, 0x1c, 0x0, 0x0, 0x0, 0x30}, 0x0) 2.001467884s ago: executing program 4 (id=2471): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="70000000100003042abd70009da1d2b900000004", @ANYRES32=0x0, @ANYBLOB="0000000000000000500012800b0001006272696467650000400002800800050000000000050029000100000006002700040000000c00220006000000000000000c002100690e0000000000000c002100"], 0x70}}, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)='\x00'/16, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xc4}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000080)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000480)='Y', 0x1}, {&(0x7f0000000100)="d3", 0x1}, {&(0x7f0000000140)="86f9c5658c11ffce43c42ff53007000000000000002bd34b7b6c2075152ae4ffd7e4c44f21d9f77889d0dd30a8242b8c5dfdd2b5f7999a064cd96920f048ed4f5dc7d80eab24f33ddebf1f8689f831cc5a7effa01ea16764190c88c0d26cf25fb90c281c0decf24c7b697dbd476e913a24128e81194675", 0x77}, {&(0x7f0000000240)="a302b358d4b04e212ed17cf4db86db612f478203a1d893", 0x17}], 0x4, 0x0, 0x0, 0x1}}], 0x1, 0x0) 1.747387607s ago: executing program 4 (id=2473): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=@ipv6_deladdrlabel={0x30, 0x49, 0x0, 0x70bd2b, 0x25dfdbfc, {0xa, 0x0, 0x3f, 0x0, 0x0, 0x4}, [@IFAL_ADDRESS={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x24}}]}, 0x30}, 0x1, 0x0, 0x0, 0x2004}, 0x4000) socket$nl_netfilter(0x10, 0x3, 0xc) (async) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x7, 0x1, 0x301, 0x0, 0x0, {0x2, 0x0, 0x3}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40014}, 0x40800) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), r2) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_INTERFACE(r3, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x20, r4, 0x400, 0x70bd2d, 0x25dfdbfc, {}, [@NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan4\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x2008010}, 0x0) (async) sendmsg$NL802154_CMD_NEW_INTERFACE(r3, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x20, r4, 0x400, 0x70bd2d, 0x25dfdbfc, {}, [@NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan4\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x2008010}, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000400)={0x1, 0x58, &(0x7f0000000380)}, 0x10) (async) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000400)={0x1, 0x58, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000440)={r5, 0x1, 0x6, @random="4072192a230e"}, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f00000004c0)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_KEY(r3, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x28, r4, 0x800, 0x70bd29, 0x4, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x820}, 0x4) (async) sendmsg$NL802154_CMD_DEL_SEC_KEY(r3, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x28, r4, 0x800, 0x70bd29, 0x4, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x820}, 0x4) pipe(&(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r8, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x20, 0x140a, 0x8, 0x70bd27, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x84) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000740), r7) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000780)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r8, &(0x7f0000000880)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x60, r9, 0x100, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_KEY_SEQ={0x11, 0xa, "e998aac0a9f6d53fe31016735d"}, @NL80211_ATTR_KEY={0x10, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP40={0x9, 0x1, "e92a208ce4"}]}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x8, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}]}, 0x60}, 0x1, 0x0, 0x0, 0x40}, 0x20044000) (async) sendmsg$NL80211_CMD_NEW_KEY(r8, &(0x7f0000000880)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x60, r9, 0x100, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_KEY_SEQ={0x11, 0xa, "e998aac0a9f6d53fe31016735d"}, @NL80211_ATTR_KEY={0x10, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP40={0x9, 0x1, "e92a208ce4"}]}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x8, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}]}, 0x60}, 0x1, 0x0, 0x0, 0x40}, 0x20044000) sendmsg$NL802154_CMD_NEW_SEC_DEV(r3, &(0x7f0000000a00)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000009c0)={&(0x7f0000000900)={0x84, r4, 0x2, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_SEC_DEVICE={0x4c, 0x2e, 0x0, 0x1, [@NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5, 0x5, 0x1}, @NL802154_DEV_ATTR_KEY_MODE={0x8, 0x6, 0x1}, @NL802154_DEV_ATTR_KEY_MODE={0x8, 0x6, 0x1}, @NL802154_DEV_ATTR_FRAME_COUNTER={0x6, 0x1, 0x1ff}, @NL802154_DEV_ATTR_EXTENDED_ADDR={0xc, 0x4, {0x300}}, @NL802154_DEV_ATTR_SHORT_ADDR={0x6, 0x3, 0xaaa2}, @NL802154_DEV_ATTR_PAN_ID={0x6, 0x2, 0x1}, @NL802154_DEV_ATTR_EXTENDED_ADDR={0xc, 0x4, {0xaaaaaaaaaaaa0302}}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x4000) openat$cgroup_int(r7, &(0x7f0000000a40)='io.bfq.weight\x00', 0x2, 0x0) (async) openat$cgroup_int(r7, &(0x7f0000000a40)='io.bfq.weight\x00', 0x2, 0x0) recvmsg$unix(r7, &(0x7f0000001e40)={&(0x7f0000000a80), 0x6e, &(0x7f0000001cc0)=[{&(0x7f0000000b00)=""/4096, 0x1000}, {&(0x7f0000001b00)=""/234, 0xea}, {&(0x7f0000001c00)=""/99, 0x63}, {&(0x7f0000001c80)=""/23, 0x17}], 0x4, &(0x7f0000001d00)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x108}, 0x12100) (async) recvmsg$unix(r7, &(0x7f0000001e40)={&(0x7f0000000a80), 0x6e, &(0x7f0000001cc0)=[{&(0x7f0000000b00)=""/4096, 0x1000}, {&(0x7f0000001b00)=""/234, 0xea}, {&(0x7f0000001c00)=""/99, 0x63}, {&(0x7f0000001c80)=""/23, 0x17}], 0x4, &(0x7f0000001d00)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x108}, 0x12100) sendto$inet(r11, &(0x7f0000001e80)="52537c4fe21ac98d1436f17f30a8926bfacfc05cf06d4b4f2e71a75312795d59381cf6adc3e77946", 0x28, 0x8800, 0x0, 0x0) sendmsg$IPSET_CMD_CREATE(r12, &(0x7f0000001f80)={&(0x7f0000001ec0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001f40)={&(0x7f0000001f00)={0x1c, 0x2, 0x6, 0x101, 0x0, 0x0, {0x3, 0x0, 0x4}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40090}, 0x4048010) socket$inet_udplite(0x2, 0x2, 0x88) (async) socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r12, 0x84, 0x6e, &(0x7f0000001fc0)=[@in={0x2, 0x4e20, @multicast1}, @in={0x2, 0x4e24, @multicast1}], 0x20) r15 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000002040), 0xffffffffffffffff) (async) r16 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000002040), 0xffffffffffffffff) sendmsg$NLBL_CALIPSO_C_LIST(r15, &(0x7f0000002100)={&(0x7f0000002000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000020c0)={&(0x7f0000002080)={0x34, r16, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x801}, 0x1) (async) sendmsg$NLBL_CALIPSO_C_LIST(r15, &(0x7f0000002100)={&(0x7f0000002000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000020c0)={&(0x7f0000002080)={0x34, r16, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x801}, 0x1) ioctl$ifreq_SIOCGIFINDEX_team(r14, 0x8933, &(0x7f0000002180)={'team0\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r13, &(0x7f0000002600)={&(0x7f0000002140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000025c0)={&(0x7f0000002380)={0x210, 0x0, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r17}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}]}, @HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7261d0b0cabbefaa}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}]}]}, 0x210}, 0x1, 0x0, 0x0, 0x4004050}, 0x20000840) 1.530685888s ago: executing program 2 (id=2475): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-generic\x00'}, 0x58) r2 = accept4(r1, 0x0, 0x0, 0x0) sendmmsg$inet(r2, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000001b80)=[{&(0x7f0000000e00)="96a67b36bd06304a08a63f14f6c3881ca6167592d6060670a396f8ab05ace2caca6b2a9ecf3471d2", 0x28}, {&(0x7f00000003c0)="fc4e566c4d7a4000", 0x8}], 0x2}}], 0x1, 0x40000) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r6 = socket(0x2a, 0x2, 0x0) getsockname$packet(r6, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) sendmsg$nl_route_sched(r6, 0x0, 0x7ab41ba021619bc5) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r7 = socket(0x40000000015, 0x5, 0x0) connect$inet(r7, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$SO_RDS_TRANSPORT(r7, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4) setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f00006dbffc), 0x4) bind$inet(r7, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$xdp(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000200)="67d8902400aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c14498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df895d9907e4afb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b907e0974f1073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf4dee8512f3bac440f5d5e4bed6b897608b01eae26a54433e5f5c74a2ee3c2fc50067be05a677ff52a7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fedb679328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e27252804059094a318c4cdeeddd5793a427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef", 0x3e5}], 0x2}, 0x0) setsockopt$RDS_CONG_MONITOR(r7, 0x114, 0x6, &(0x7f0000000680)=0x1, 0x4) sendmsg$NL80211_CMD_JOIN_MESH(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x2a, 0x2, 0x0) socket$packet(0x11, 0x3, 0x300) socket$kcm(0x10, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) pselect6(0x73, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3fe}, 0x0, 0x0) close(0x3) sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000680)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="2a003300d0000000ffffffffffff080211000000505050505050004004"], 0x50}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 1.439185897s ago: executing program 4 (id=2477): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) ioctl$F2FS_IOC_PRECACHE_EXTENTS(r0, 0xf50f, 0x0) r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x9, 0x8, 0x40, 0x42, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x1, 0xa60d000000000000}, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000000000), 0x86, r2}, 0x38) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001600)={r2, &(0x7f0000000580), &(0x7f0000000540)=""/96}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001240)={0x8, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x7, 0x1, 0xb, 0x9, 0x0, 0x20}}, {{0x5, 0x0, 0x4, 0x9, 0x0, 0x1, 0x70030000}}}, &(0x7f0000000200)='syzkaller\x00', 0x9, 0x100b, &(0x7f0000001e40)=""/4107, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1d, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 1.267641771s ago: executing program 4 (id=2479): r0 = socket$inet6(0xa, 0x802, 0x0) getsockopt$inet6_int(r0, 0x29, 0x4, &(0x7f0000000000), &(0x7f0000000040)=0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0xf00) 1.24524938s ago: executing program 1 (id=2480): openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) socket$kcm(0x2, 0xa, 0x2) socket$inet6_udplite(0xa, 0x2, 0x88) socket$kcm(0x29, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000380)='rxrpc_call\x00', r0}, 0x10) socket$nl_route(0x10, 0x3, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) pipe(&(0x7f0000000040)) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0xe, 0x4, &(0x7f00000017c0)=ANY=[@ANYBLOB="18000000000000000000000000000000711041000000000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$vsock_stream(0x28, 0x1, 0x0) socket(0x10, 0x803, 0x0) socket(0x10, 0x803, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB='@\x00', @ANYRES16=r2, @ANYBLOB="1fe8ffff0000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="21003300d0800000080211000000080211000001505050505050000000000000", @ANYRES8=r1], 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x0) 1.234423047s ago: executing program 0 (id=2481): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, 0x0, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000000)={0x0, 0x747, 0x0, 0x3}, 0xc) connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) sendmsg$inet(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000140)="bb", 0x1}], 0x1}, 0x4040004) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) shutdown(r1, 0x1) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x34, 0x3d, 0x9, 0x0, 0x0, {0x1}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0xb, 0x0, 0x0, @u64=0x7}]}]}, @typed={0x8, 0x2, 0x0, 0x0, @pid=0xffffffffffffffff}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x0) 1.206890473s ago: executing program 2 (id=2482): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)='\x00'/16, 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000000080)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000480)='Y', 0x1}, {&(0x7f0000000100)="d3", 0x1}, {&(0x7f0000000140)="86f9c5658c11ffce43c42ff53007000000000000002bd34b7b6c2075152ae4ffd7e4c44f21d9f77889d0dd30a8242b8c5dfdd2b5f7999a064cd96920f048ed4f5dc7d80eab24f33ddebf1f8689f831cc5a7effa01ea16764190c88c0d26cf25fb90c281c0decf24c7b697dbd476e913a24128e81194675", 0x77}, {&(0x7f0000000240)="a302b358d4b04e212ed17cf4db86db612f478203a1d893", 0x17}], 0x4, 0x0, 0x0, 0x1}}], 0x1, 0x0) (fail_nth: 3) 837.588583ms ago: executing program 2 (id=2483): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000740)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r1, @ANYBLOB="101000000000000008000d0005000000e4031680a40001800c00070000000000adffffff0c000400000001007019"], 0x40c}}, 0x0) 827.651519ms ago: executing program 0 (id=2484): r0 = socket$rxrpc(0x21, 0x2, 0xa) sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0xfffffffffffffd6b, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x18, 0x110}}], 0x18, 0x4c00}, 0x0) 777.974325ms ago: executing program 4 (id=2485): r0 = socket$inet6(0xa, 0x2, 0x0) unshare(0x62040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) socket$l2tp6(0xa, 0x2, 0x73) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) socket$pppl2tp(0x18, 0x1, 0x1) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000280)={'wg2\x00'}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast}) setsockopt$inet6_int(r0, 0x29, 0xc8, &(0x7f00000005c0)=0x1, 0x4) sendmsg$inet6(r0, &(0x7f0000000600)={&(0x7f0000000080)={0xa, 0x4e20, 0x1000000080000, @private1}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[], 0x30}, 0x0) 708.226561ms ago: executing program 1 (id=2486): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a181004000000000000000000000000e000a000d00000002800000121f", 0x2e}], 0x1}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.stat\x00', 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000640)='fsi_master_gpio_clock_zeros\x00', r0, 0x0, 0x3ff}, 0x18) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)=ANY=[], 0x20) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet6(0xa, 0x3, 0x9) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000cab000)) r2 = socket(0x21, 0x2, 0xa) getsockopt$nfc_llcp(r2, 0x110, 0x6, 0x0, 0x20000000) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000280)={0x0, @in={{0x2, 0x4e20, @rand_addr=0x64010102}}, 0x7, 0xf, 0x80000001, 0x5, 0x6}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000540)={r3, @in6={{0xa, 0x4e24, 0x8, @local, 0xffff7ccc}}}, &(0x7f00000001c0)=0x84) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000002060108000000000000000000000000050005000a000000050001000700000005000400030000000900020073797a310000000016000300686173683a6e6574"], 0x50}}, 0x0) sendmsg$IPSET_CMD_TEST(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)={0x2c, 0xb, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24040040}, 0x0) socket$inet_udp(0x2, 0x2, 0x0) socket$inet(0x2, 0x2, 0x1) r5 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r5, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10) sendto$inet(r5, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10) r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000b80)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000295000000000000009f33ef60916e6e893f1eeb0be2566cd0723043c47c896ce0bce66a245ad99b817fd98cd824498949714ffaac8a6f77ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb2c5ca683a4b6fc89398f2b9000f224891060017cfa6fa26fa7a34701008c61897d4a6148a1c11428607c40de60beac671e8e8fdecb03588aa623fa71f871ab5c2ff88afc6002084e5b52710800e835cf0d78e45f70983826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174bed9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632fd30bf05121438bb74e4670ab5dfe447a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffb426e1230bc1cd4c02c4c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd78a9f3fdc1f50c445e3f30e703cf05b90fbf940e6652d377474ed5f816f66ac3027460ae991e7f834dd7a7fc2a7003d1a6cf5478533584961c329fcf4fed5c9455640dcd28273dc9753cc979113f2915a3039c3ca60ec53bb1130c2d27fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc51177cce5ef265c92b7957a334ff7be2ca867fd94286e016febfdb5827efc7a6efb01d66a396f84c1ca75daa4ead099694ed03d449b185cc836bab1a41a61bd6f03a54fafcee554bbb52adf8f1d7ede9f9a711256fb45e6c3d12ff560ee69d68733d522d9bbecf52396f15976381c27015403778139808142b48ced145ca8a6da5f322d413d09cc38b832fa05dd3c799042588f9eea6f443baa759257a000000000000000000bed1dad228e11f80cfea5848e436acf6e89dfae0b3d95b911af1818e0081504811a5f3c5d1ced3e592224f1d2ca3bdb2cc89001605db6987899eb99f94265401a95ff0a5a266438f1db461b7ebedd419bc038f7d36bd2bd4b3f92cd1469b63b1ce456a96152d353a8ab65f8bae521db73ff00b5d5cac7a439ab40d97e57f23e703fd6395930b9c3485ab181a83ed568cade43111530ec584cfb48e0cc5d63e2807b2e98525a84f9ac59cf74f3ba279e228e2a0dc8da8017cba3996541008785ab8f041f0a8d1399d88a3a58765e5a0149b9d0ea54b323675149783ec057ec6d6e8e600b9eced07ddcc56b77d8ea08223"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000007c0)=ANY=[@ANYRES32, @ANYRES32=r6, @ANYBLOB="05"], 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f0000000040)=@tcp=r5}, 0x20) sendto$inet(r5, &(0x7f00000000c0)='+', 0xffffffffffffff60, 0xf405, 0x0, 0xf06) 707.693681ms ago: executing program 2 (id=2487): unshare(0x22020600) (async, rerun: 64) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16, @ANYBLOB="010040000000000002034400000008000300", @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140002"], 0x4c}}, 0x0) (async, rerun: 64) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x600000000000000, &(0x7f0000000580)=@base={0xf, 0x4, 0x4, 0x20002, 0x0, 0x1, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x48) unshare(0x2a020400) r0 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r0, 0x0, 0x0) (async) getsockname(r0, 0x0, &(0x7f0000000600)) (async) r1 = socket$unix(0x1, 0x1, 0x0) r2 = accept4$unix(r1, 0x0, &(0x7f0000000140), 0x80000) bind$unix(r2, 0x0, 0x0) listen(r1, 0x0) socket$unix(0x1, 0x1, 0x0) socket$inet6(0xa, 0x2, 0x0) (async, rerun: 64) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x1d, &(0x7f0000000000)='/proc/\x00et/\x00\x00t4/\x06\x00aK\fX\a0\x04\x00\x00\a\x00\xee'}, 0x30) (rerun: 64) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), r3) (async) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) mkdirat$cgroup(r4, &(0x7f0000000340)='syz1\x00', 0x1ff) 619.008973ms ago: executing program 1 (id=2488): bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x8, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000008110bc000000000095"], &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x16, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94) 618.864326ms ago: executing program 0 (id=2489): socket$nl_route(0x10, 0x3, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) writev(r0, &(0x7f0000001100)=[{&(0x7f0000000ac0)="4647b4f310d036b398bd576db787e7b4202ee128ae26c942fc41e537802686e886de2085218c1cc9fb2decdb2a5f89154999de0aeebf9b9c41add84afb988eeb8fee205f4c5ead67ebd46eae9f240d566809645d0b34a2bf92443c795b58407adaf5c1ae59a90e2286b970c7ff2a294056c86975580fc2acead2a2c0fb63ef762482a6bcb611d54a077f10f2d0b50927963333e33f0bb65623b2573ea622590295adcc6400a33020c725c061613d97ea443e6a515ea755340a71b780de160761a590b218e9e0db0c55e8e7d9d62bde76436e9dd8810340242880d07c94d4aabc45e071367bbbb54ff4", 0xe9}, {&(0x7f00000002c0)="aad7462373dd36629db20f63d645ae241887795dfe7d3d63b7a5", 0x1a}], 0x2) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0) r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) connect$ax25(r1, &(0x7f0000000100)={{0x3, @bcast, 0x4}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x48) 507.294392ms ago: executing program 2 (id=2490): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) listen(r0, 0x100101) socket$inet_dccp(0x2, 0x6, 0x0) accept4(r0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$can_raw(0x1d, 0x3, 0x1) socket$packet(0x11, 0x2, 0x300) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x1, 0x803, 0x0) pipe(&(0x7f0000000100)) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x28, 0x10, 0x403, 0xfffffffc, 0x3f, {0x0, 0x0, 0x0, 0x0, 0x88adeda5}, [@IFLA_LINK={0x8, 0x5, r3}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004}, 0x0) 464.165091ms ago: executing program 1 (id=2491): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000b00)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newtfilter={0x4c, 0x2c, 0xd27, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {}, {}, {0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xf1, 0x4, 0x4}]}}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x2}]}}]}, 0x4c}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 461.863593ms ago: executing program 0 (id=2492): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-generic\x00'}, 0x58) r2 = accept4(r1, 0x0, 0x0, 0x0) sendmmsg$inet(r2, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000001b80)=[{&(0x7f0000000e00)="96a67b36bd06304a08a63f14f6c3881ca6167592d6060670a396f8ab05ace2caca6b2a9ecf3471d2", 0x28}, {&(0x7f00000003c0)="fc4e566c4d7a4000", 0x8}], 0x2}}], 0x1, 0x40000) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r6 = socket(0x2a, 0x2, 0x0) getsockname$packet(r6, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) sendmsg$nl_route_sched(r6, 0x0, 0x7ab41ba021619bc5) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r7 = socket(0x40000000015, 0x5, 0x0) connect$inet(r7, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$SO_RDS_TRANSPORT(r7, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4) setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f00006dbffc), 0x4) bind$inet(r7, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$xdp(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000200)="67d8902400aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c14498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df895d9907e4afb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b907e0974f1073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf4dee8512f3bac440f5d5e4bed6b897608b01eae26a54433e5f5c74a2ee3c2fc50067be05a677ff52a7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fedb679328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e27252804059094a318c4cdeeddd5793a427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef", 0x3e5}], 0x2}, 0x0) setsockopt$RDS_CONG_MONITOR(r7, 0x114, 0x6, &(0x7f0000000680)=0x1, 0x4) sendmsg$NL80211_CMD_JOIN_MESH(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x2a, 0x2, 0x0) socket$packet(0x11, 0x3, 0x300) socket$kcm(0x10, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) pselect6(0x73, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3fe}, 0x0, 0x0) close(0x3) sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000680)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="2a003300d0000000ffffffffffff080211000000505050505050004004"], 0x50}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 315.959986ms ago: executing program 1 (id=2493): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000000c0)={'batadv0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x4000, 0x0, {0x0, 0x0, 0x0, r2}}, 0x24}}, 0x0) (fail_nth: 3) r3 = socket$packet(0x11, 0x3, 0x300) bind$packet(r3, &(0x7f0000000000)={0x11, 0x1c, r2, 0x1, 0xa0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2c}}, 0x14) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0xd8, 0x3, 0x3, 0x1a0b, 0xffffffffffffffff, 0x1, '\x00', r2, 0xffffffffffffffff, 0x5, 0x1, 0x1, 0x0, @void, @value, @void, @value}, 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000004340)={0x6, 0x4, &(0x7f00000007c0)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r4}, 0xc) 137.41059ms ago: executing program 1 (id=2494): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0) write$cgroup_int(r1, &(0x7f0000000040)=0x7fd, 0x12) ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f00000000c0)={'ip6_vti0\x00', @random="12b9dcca4ff1"}) ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f00000002c0)={0x2, &(0x7f0000000040)=[{0x1028, 0x5, 0x4, 0xffffb010}, {0x6, 0x2, 0x0, 0x3}]}) 136.675181ms ago: executing program 0 (id=2495): r0 = socket$packet(0x11, 0x3, 0x300) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbb91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x42) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000008c0)=r1, 0x4) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) writev(r2, &(0x7f0000001a00)=[{&(0x7f0000000140)="391d4726d7287a6f07", 0x9}, {&(0x7f0000000380)="3a061ffb94", 0x5}], 0x2) 12.70343ms ago: executing program 0 (id=2496): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) sendmsg$inet(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[{0x0}], 0x1}, 0x4040004) 0s ago: executing program 4 (id=2497): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr, @multicast1}, @address_request}}}}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) kernel console output (not intermixed with test programs): /0x10 [ 204.877655][T10893] should_fail_ex+0x3b0/0x4e0 [ 204.882340][T10893] should_failslab+0xac/0x100 [ 204.887022][T10893] kmem_cache_alloc_node_noprof+0x77/0x380 [ 204.892833][T10893] ? __alloc_skb+0x1c3/0x440 [ 204.897424][T10893] __alloc_skb+0x1c3/0x440 [ 204.901857][T10893] ? __pfx___alloc_skb+0x10/0x10 [ 204.906794][T10893] ? netlink_autobind+0xd6/0x2f0 [ 204.911729][T10893] ? netlink_autobind+0x2b0/0x2f0 [ 204.916768][T10893] netlink_sendmsg+0x638/0xcb0 [ 204.921622][T10893] ? __pfx_netlink_sendmsg+0x10/0x10 [ 204.926926][T10893] ? aa_sock_msg_perm+0x91/0x160 [ 204.931899][T10893] ? __pfx_netlink_sendmsg+0x10/0x10 [ 204.937199][T10893] __sock_sendmsg+0x221/0x270 [ 204.941895][T10893] ____sys_sendmsg+0x52a/0x7e0 [ 204.946674][T10893] ? __pfx_____sys_sendmsg+0x10/0x10 [ 204.951963][T10893] ? __fget_files+0x2a/0x410 [ 204.956559][T10893] ? __fget_files+0x2a/0x410 [ 204.961159][T10893] __sys_sendmsg+0x269/0x350 [ 204.965764][T10893] ? __pfx_lock_release+0x10/0x10 [ 204.970787][T10893] ? __pfx___sys_sendmsg+0x10/0x10 [ 204.975904][T10893] ? __pfx_vfs_write+0x10/0x10 [ 204.980690][T10893] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 204.987024][T10893] ? do_syscall_64+0x100/0x230 [ 204.991789][T10893] ? do_syscall_64+0xb6/0x230 [ 204.996466][T10893] do_syscall_64+0xf3/0x230 [ 205.000969][T10893] ? clear_bhb_loop+0x35/0x90 [ 205.005648][T10893] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.011537][T10893] RIP: 0033:0x7fdcfe17ff19 [ 205.015957][T10893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 205.035562][T10893] RSP: 002b:00007fdcfef94058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 205.043976][T10893] RAX: ffffffffffffffda RBX: 00007fdcfe345fa0 RCX: 00007fdcfe17ff19 [ 205.051949][T10893] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003 [ 205.059915][T10893] RBP: 00007fdcfef940a0 R08: 0000000000000000 R09: 0000000000000000 [ 205.067881][T10893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 205.075857][T10893] R13: 0000000000000000 R14: 00007fdcfe345fa0 R15: 00007fff69dfddb8 [ 205.083838][T10893] [ 205.254630][T10871] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.267951][T10871] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.285918][T10871] bridge_slave_0: entered allmulticast mode [ 205.297405][T10871] bridge_slave_0: entered promiscuous mode [ 205.329955][T10871] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.337249][T10871] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.346735][T10871] bridge_slave_1: entered allmulticast mode [ 205.388733][T10871] bridge_slave_1: entered promiscuous mode [ 205.535919][T10871] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 205.547832][T10871] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 205.589816][T10871] team0: Port device team_slave_0 added [ 205.617311][T10871] team0: Port device team_slave_1 added [ 205.825634][T10871] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 205.843165][T10871] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.882773][T10871] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 205.924752][T10871] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 205.937670][T10871] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.949471][T10916] FAULT_INJECTION: forcing a failure. [ 205.949471][T10916] name failslab, interval 1, probability 0, space 0, times 0 [ 205.991563][T10871] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 205.991734][T10916] CPU: 0 UID: 0 PID: 10916 Comm: syz.1.1818 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 206.002263][T10916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 206.002279][T10916] Call Trace: [ 206.002287][T10916] [ 206.002296][T10916] dump_stack_lvl+0x241/0x360 [ 206.002326][T10916] ? __pfx_dump_stack_lvl+0x10/0x10 [ 206.039533][T10916] ? __pfx__printk+0x10/0x10 [ 206.044159][T10916] ? __kmalloc_noprof+0xb5/0x4c0 [ 206.049122][T10916] ? __pfx___might_resched+0x10/0x10 [ 206.054439][T10916] should_fail_ex+0x3b0/0x4e0 [ 206.059147][T10916] should_failslab+0xac/0x100 [ 206.063853][T10916] __kmalloc_noprof+0xdd/0x4c0 [ 206.068648][T10916] ? bpf_test_init+0xe1/0x180 [ 206.073358][T10916] bpf_test_init+0xe1/0x180 [ 206.077898][T10916] bpf_prog_test_run_xdp+0x48e/0x11e0 [ 206.083296][T10916] ? __pfx_lock_release+0x10/0x10 [ 206.088337][T10916] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 206.094141][T10916] ? __fget_files+0x2a/0x410 [ 206.098748][T10916] ? __fget_files+0x2a/0x410 [ 206.103393][T10916] ? fput+0x21b/0x290 [ 206.107408][T10916] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 206.113241][T10916] bpf_prog_test_run+0x2e4/0x360 [ 206.118205][T10916] __sys_bpf+0x48d/0x810 [ 206.122442][T10916] ? __pfx___sys_bpf+0x10/0x10 [ 206.127256][T10916] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 206.133249][T10916] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 206.139609][T10916] ? do_syscall_64+0x100/0x230 [ 206.144376][T10916] __x64_sys_bpf+0x7c/0x90 [ 206.148792][T10916] do_syscall_64+0xf3/0x230 [ 206.153287][T10916] ? clear_bhb_loop+0x35/0x90 [ 206.157970][T10916] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.163901][T10916] RIP: 0033:0x7fbe58d7ff19 [ 206.168321][T10916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 206.187926][T10916] RSP: 002b:00007fbe59b08058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 206.196340][T10916] RAX: ffffffffffffffda RBX: 00007fbe58f45fa0 RCX: 00007fbe58d7ff19 [ 206.204313][T10916] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a [ 206.212284][T10916] RBP: 00007fbe59b080a0 R08: 0000000000000000 R09: 0000000000000000 [ 206.220255][T10916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 206.228225][T10916] R13: 0000000000000000 R14: 00007fbe58f45fa0 R15: 00007ffc88583d38 [ 206.236201][T10916] [ 206.270335][ T5846] Bluetooth: hci1: command tx timeout [ 206.338857][T10871] hsr_slave_0: entered promiscuous mode [ 206.358684][T10871] hsr_slave_1: entered promiscuous mode [ 206.368696][T10871] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 206.376308][T10871] Cannot create hsr debugfs directory [ 206.438473][T10929] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1822'. [ 206.564373][T10871] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 206.581576][T10871] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 58040 - 0 [ 206.593497][T10871] netdevsim netdevsim3 eth3 (unregistering): unset [1, 1] type 2 family 0 port 54814 - 0 [ 206.605257][T10871] netdevsim netdevsim3 eth3 (unregistering): unset [1, 2] type 2 family 0 port 6081 - 0 [ 206.632840][T10933] netlink: 'syz.2.1824': attribute type 5 has an invalid length. [ 206.682420][T10871] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 206.700270][T10871] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 58040 - 0 [ 206.722820][T10871] netdevsim netdevsim3 eth2 (unregistering): unset [1, 1] type 2 family 0 port 54814 - 0 [ 206.744768][T10871] netdevsim netdevsim3 eth2 (unregistering): unset [1, 2] type 2 family 0 port 6081 - 0 [ 206.815063][T10871] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 206.835901][T10871] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 58040 - 0 [ 206.840032][T10944] FAULT_INJECTION: forcing a failure. [ 206.840032][T10944] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 206.848225][T10871] netdevsim netdevsim3 eth1 (unregistering): unset [1, 1] type 2 family 0 port 54814 - 0 [ 206.870062][T10944] CPU: 1 UID: 0 PID: 10944 Comm: syz.4.1827 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 206.880865][T10944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 206.885995][T10871] netdevsim netdevsim3 eth1 (unregistering): unset [1, 2] type 2 family 0 port 6081 - 0 [ 206.890918][T10944] Call Trace: [ 206.890930][T10944] [ 206.890939][T10944] dump_stack_lvl+0x241/0x360 [ 206.890971][T10944] ? __pfx_dump_stack_lvl+0x10/0x10 [ 206.890993][T10944] ? __pfx__printk+0x10/0x10 [ 206.921356][T10944] ? __pfx_lock_release+0x10/0x10 [ 206.926412][T10944] should_fail_ex+0x3b0/0x4e0 [ 206.931100][T10944] _copy_from_user+0x2f/0xc0 [ 206.935695][T10944] copy_msghdr_from_user+0xae/0x680 [ 206.940917][T10944] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 206.946748][T10944] ? __fget_files+0x2a/0x410 [ 206.951338][T10944] ? __fget_files+0x2a/0x410 [ 206.956032][T10944] __sys_sendmsg+0x209/0x350 [ 206.960655][T10944] ? __pfx_lock_release+0x10/0x10 [ 206.965710][T10944] ? __pfx___sys_sendmsg+0x10/0x10 [ 206.970861][T10944] ? __pfx_vfs_write+0x10/0x10 [ 206.975678][T10944] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 206.982039][T10944] ? do_syscall_64+0x100/0x230 [ 206.986838][T10944] ? do_syscall_64+0xb6/0x230 [ 206.991521][T10944] do_syscall_64+0xf3/0x230 [ 206.996021][T10944] ? clear_bhb_loop+0x35/0x90 [ 207.000717][T10944] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.006635][T10944] RIP: 0033:0x7fdcfe17ff19 [ 207.011068][T10944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 207.030703][T10944] RSP: 002b:00007fdcfef73058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 207.039153][T10944] RAX: ffffffffffffffda RBX: 00007fdcfe346080 RCX: 00007fdcfe17ff19 [ 207.047154][T10944] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 000000000000000d [ 207.055129][T10944] RBP: 00007fdcfef730a0 R08: 0000000000000000 R09: 0000000000000000 [ 207.063102][T10944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 207.071080][T10944] R13: 0000000000000000 R14: 00007fdcfe346080 R15: 00007fff69dfddb8 [ 207.079061][T10944] [ 207.101433][T10950] ipvlan3: entered promiscuous mode [ 207.107775][T10950] 8021q: adding VLAN 0 to HW filter on device ipvlan3 [ 207.161650][T10871] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 207.171843][T10871] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 58040 - 0 [ 207.196413][T10871] netdevsim netdevsim3 eth0 (unregistering): unset [1, 1] type 2 family 0 port 54814 - 0 [ 207.218010][T10871] netdevsim netdevsim3 eth0 (unregistering): unset [1, 2] type 2 family 0 port 6081 - 0 [ 207.340769][T10957] FAULT_INJECTION: forcing a failure. [ 207.340769][T10957] name failslab, interval 1, probability 0, space 0, times 0 [ 207.360413][T10957] CPU: 1 UID: 0 PID: 10957 Comm: syz.0.1832 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 207.371233][T10957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 207.372617][T10871] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 207.381293][T10957] Call Trace: [ 207.381316][T10957] [ 207.381326][T10957] dump_stack_lvl+0x241/0x360 [ 207.381357][T10957] ? __pfx_dump_stack_lvl+0x10/0x10 [ 207.381381][T10957] ? __pfx__printk+0x10/0x10 [ 207.381409][T10957] ? ref_tracker_alloc+0x332/0x490 [ 207.381433][T10957] should_fail_ex+0x3b0/0x4e0 [ 207.381457][T10957] should_failslab+0xac/0x100 [ 207.381482][T10957] ? skb_clone+0x20c/0x390 [ 207.381502][T10957] kmem_cache_alloc_noprof+0x70/0x380 [ 207.381532][T10957] skb_clone+0x20c/0x390 [ 207.437285][T10957] __netlink_deliver_tap+0x3cc/0x7f0 [ 207.442591][T10957] ? netlink_deliver_tap+0x2e/0x1b0 [ 207.447811][T10957] netlink_deliver_tap+0x19d/0x1b0 [ 207.452944][T10957] netlink_sendskb+0x68/0x140 [ 207.457647][T10957] netlink_unicast+0x39d/0x990 [ 207.462427][T10957] ? __pfx_netlink_unicast+0x10/0x10 [ 207.467729][T10957] netlink_rcv_skb+0x262/0x430 [ 207.472519][T10957] ? __pfx_genl_rcv_msg+0x10/0x10 [ 207.477566][T10957] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 207.482871][T10957] ? __netlink_deliver_tap+0x7aa/0x7f0 [ 207.488351][T10957] genl_rcv+0x28/0x40 [ 207.492356][T10957] netlink_unicast+0x7f6/0x990 [ 207.497150][T10957] ? __pfx_netlink_unicast+0x10/0x10 [ 207.502491][T10957] ? __virt_addr_valid+0x183/0x530 [ 207.507636][T10957] ? __check_object_size+0x48e/0x900 [ 207.512953][T10957] netlink_sendmsg+0x8e4/0xcb0 [ 207.517759][T10957] ? __pfx_netlink_sendmsg+0x10/0x10 [ 207.523066][T10957] ? aa_sock_msg_perm+0x91/0x160 [ 207.528019][T10957] ? __pfx_netlink_sendmsg+0x10/0x10 [ 207.533322][T10957] __sock_sendmsg+0x221/0x270 [ 207.538033][T10957] ____sys_sendmsg+0x52a/0x7e0 [ 207.542904][T10957] ? __pfx_____sys_sendmsg+0x10/0x10 [ 207.548202][T10957] ? __fget_files+0x2a/0x410 [ 207.552817][T10957] ? __fget_files+0x2a/0x410 [ 207.557422][T10957] __sys_sendmsg+0x269/0x350 [ 207.562020][T10957] ? __pfx_lock_release+0x10/0x10 [ 207.567044][T10957] ? __pfx___sys_sendmsg+0x10/0x10 [ 207.572183][T10957] ? __pfx_vfs_write+0x10/0x10 [ 207.576999][T10957] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 207.583342][T10957] ? do_syscall_64+0x100/0x230 [ 207.588120][T10957] ? do_syscall_64+0xb6/0x230 [ 207.592826][T10957] do_syscall_64+0xf3/0x230 [ 207.597352][T10957] ? clear_bhb_loop+0x35/0x90 [ 207.602044][T10957] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.608031][T10957] RIP: 0033:0x7f463837ff19 [ 207.612464][T10957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 207.632532][T10957] RSP: 002b:00007f46361f6058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 207.640993][T10957] RAX: ffffffffffffffda RBX: 00007f4638546080 RCX: 00007f463837ff19 [ 207.648977][T10957] RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000003 [ 207.656977][T10957] RBP: 00007f46361f60a0 R08: 0000000000000000 R09: 0000000000000000 [ 207.664949][T10957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 207.672934][T10957] R13: 0000000000000001 R14: 00007f4638546080 R15: 00007ffca12cc318 [ 207.680937][T10957] [ 207.696654][T10871] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 207.728046][T10871] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 207.758639][T10871] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 207.875811][T10961] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1834'. [ 207.902575][T10871] 8021q: adding VLAN 0 to HW filter on device bond0 [ 207.935710][T10871] 8021q: adding VLAN 0 to HW filter on device team0 [ 207.947435][ T8885] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.954727][ T8885] bridge0: port 1(bridge_slave_0) entered forwarding state [ 208.002715][ T8885] bridge0: port 2(bridge_slave_1) entered blocking state [ 208.009917][ T8885] bridge0: port 2(bridge_slave_1) entered forwarding state [ 208.195744][T10871] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 208.206443][T10871] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 208.353088][ T5846] Bluetooth: hci1: command tx timeout [ 208.584220][T10974] netlink: 'syz.1.1839': attribute type 39 has an invalid length. [ 208.614424][T10871] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 208.755671][T10871] veth0_vlan: entered promiscuous mode [ 208.782571][T10871] veth1_vlan: entered promiscuous mode [ 208.821309][T10871] veth0_macvtap: entered promiscuous mode [ 208.831774][T10871] veth1_macvtap: entered promiscuous mode [ 208.846913][T10871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 208.857547][T10871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 208.868767][T10871] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 208.879669][T10871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 208.890171][T10871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 208.901156][T10871] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 208.911183][T10871] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 208.919998][T10871] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 208.928863][T10871] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 208.937609][T10871] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.112116][T10966] wg2: entered promiscuous mode [ 209.134055][T10966] wg2: entered allmulticast mode [ 209.166876][ T8881] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 209.185842][ T8881] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 209.221433][T10997] netlink: 'syz.0.1844': attribute type 2 has an invalid length. [ 209.246788][ T8881] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 209.256726][ T8881] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 209.296648][T10997] netlink: 'syz.0.1844': attribute type 10 has an invalid length. [ 209.341909][T10997] syz_tun: entered promiscuous mode [ 209.372831][T10997] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 209.591785][T11011] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1848'. [ 210.092389][T11030] netlink: 'syz.2.1853': attribute type 15 has an invalid length. [ 210.102600][ T8881] wlan1: Trigger new scan to find an IBSS to join [ 210.308958][T11036] x_tables: duplicate underflow at hook 1 [ 210.476559][T11048] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1860'. [ 210.513257][T11050] FAULT_INJECTION: forcing a failure. [ 210.513257][T11050] name failslab, interval 1, probability 0, space 0, times 0 [ 210.526308][T11050] CPU: 1 UID: 0 PID: 11050 Comm: syz.1.1863 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 210.537113][T11050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 210.547193][T11050] Call Trace: [ 210.550491][T11050] [ 210.553445][T11050] dump_stack_lvl+0x241/0x360 [ 210.558157][T11050] ? __pfx_dump_stack_lvl+0x10/0x10 [ 210.563384][T11050] ? __pfx__printk+0x10/0x10 [ 210.568003][T11050] ? kmem_cache_alloc_node_noprof+0x4f/0x380 [ 210.574013][T11050] ? __pfx___might_resched+0x10/0x10 [ 210.579330][T11050] should_fail_ex+0x3b0/0x4e0 [ 210.584035][T11050] should_failslab+0xac/0x100 [ 210.588729][T11050] kmem_cache_alloc_node_noprof+0x77/0x380 [ 210.594545][T11050] ? __alloc_skb+0x1c3/0x440 [ 210.599138][T11050] __alloc_skb+0x1c3/0x440 [ 210.603570][T11050] ? __pfx___alloc_skb+0x10/0x10 [ 210.608515][T11050] ? netlink_autobind+0xd6/0x2f0 [ 210.613456][T11050] ? netlink_autobind+0x2b0/0x2f0 [ 210.618486][T11050] netlink_sendmsg+0x638/0xcb0 [ 210.623256][T11050] ? __pfx_netlink_sendmsg+0x10/0x10 [ 210.628541][T11050] ? aa_sock_msg_perm+0x91/0x160 [ 210.633479][T11050] ? __pfx_netlink_sendmsg+0x10/0x10 [ 210.638760][T11050] __sock_sendmsg+0x221/0x270 [ 210.643443][T11050] ____sys_sendmsg+0x52a/0x7e0 [ 210.648211][T11050] ? __pfx_____sys_sendmsg+0x10/0x10 [ 210.653492][T11050] ? __fget_files+0x2a/0x410 [ 210.658078][T11050] ? __fget_files+0x2a/0x410 [ 210.662669][T11050] __sys_sendmsg+0x269/0x350 [ 210.667254][T11050] ? __pfx_lock_release+0x10/0x10 [ 210.672274][T11050] ? __pfx___sys_sendmsg+0x10/0x10 [ 210.677389][T11050] ? __pfx_vfs_write+0x10/0x10 [ 210.682171][T11050] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 210.688495][T11050] ? do_syscall_64+0x100/0x230 [ 210.693255][T11050] ? do_syscall_64+0xb6/0x230 [ 210.697930][T11050] do_syscall_64+0xf3/0x230 [ 210.702430][T11050] ? clear_bhb_loop+0x35/0x90 [ 210.707104][T11050] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.712993][T11050] RIP: 0033:0x7fbe58d7ff19 [ 210.717405][T11050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 210.737007][T11050] RSP: 002b:00007fbe59b08058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 210.745421][T11050] RAX: ffffffffffffffda RBX: 00007fbe58f45fa0 RCX: 00007fbe58d7ff19 [ 210.753390][T11050] RDX: 0000000000000000 RSI: 000000002000bf00 RDI: 0000000000000003 [ 210.761354][T11050] RBP: 00007fbe59b080a0 R08: 0000000000000000 R09: 0000000000000000 [ 210.769352][T11050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 210.777317][T11050] R13: 0000000000000000 R14: 00007fbe58f45fa0 R15: 00007ffc88583d38 [ 210.785294][T11050] [ 211.050798][ T8881] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.264867][T11068] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1869'. [ 211.303575][T11068] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1869'. [ 211.379180][ T5051] wlan1: Creating new IBSS network, BSSID be:74:79:b7:ee:a4 [ 211.386251][T11072] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1869'. [ 211.408078][ T5833] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 211.427724][ T5833] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 211.436173][ T5833] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 211.472982][ T5833] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 211.481595][ T5833] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 211.491000][ T5833] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 211.962101][T11073] chnl_net:caif_netlink_parms(): no params data found [ 212.070895][T11093] netlink: 428 bytes leftover after parsing attributes in process `syz.2.1874'. [ 212.137917][T11093] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1874'. [ 212.230326][T11098] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.369240][T11098] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.397993][T11073] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.409364][T11073] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.422259][T11073] bridge_slave_0: entered allmulticast mode [ 212.441010][T11073] bridge_slave_0: entered promiscuous mode [ 212.456924][T11073] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.477105][T11073] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.484790][T11073] bridge_slave_1: entered allmulticast mode [ 212.528758][T11073] bridge_slave_1: entered promiscuous mode [ 212.593048][T11098] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.659025][T11111] FAULT_INJECTION: forcing a failure. [ 212.659025][T11111] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 212.684042][T11111] CPU: 1 UID: 0 PID: 11111 Comm: syz.4.1880 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 212.694854][T11111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 212.704910][T11111] Call Trace: [ 212.708189][T11111] [ 212.711118][T11111] dump_stack_lvl+0x241/0x360 [ 212.715800][T11111] ? __pfx_dump_stack_lvl+0x10/0x10 [ 212.720998][T11111] ? __pfx__printk+0x10/0x10 [ 212.725595][T11111] should_fail_ex+0x3b0/0x4e0 [ 212.730285][T11111] _copy_to_user+0x31/0xb0 [ 212.734702][T11111] bpf_test_finish+0x212/0x890 [ 212.739470][T11111] ? __pfx_bpf_test_finish+0x10/0x10 [ 212.744756][T11111] ? _copy_from_user+0x99/0xc0 [ 212.749533][T11111] ? bpf_test_init+0x15a/0x180 [ 212.754297][T11111] bpf_prog_test_run_xdp+0x8f4/0x11e0 [ 212.759676][T11111] ? __pfx_lock_release+0x10/0x10 [ 212.764707][T11111] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 212.770512][T11111] ? __fget_files+0x2a/0x410 [ 212.775096][T11111] ? __fget_files+0x2a/0x410 [ 212.779682][T11111] ? fput+0x21b/0x290 [ 212.783659][T11111] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 212.789458][T11111] bpf_prog_test_run+0x2e4/0x360 [ 212.794393][T11111] __sys_bpf+0x48d/0x810 [ 212.798636][T11111] ? __pfx___sys_bpf+0x10/0x10 [ 212.803422][T11111] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 212.809402][T11111] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 212.815728][T11111] ? do_syscall_64+0x100/0x230 [ 212.820510][T11111] __x64_sys_bpf+0x7c/0x90 [ 212.824944][T11111] do_syscall_64+0xf3/0x230 [ 212.829478][T11111] ? clear_bhb_loop+0x35/0x90 [ 212.834166][T11111] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.840061][T11111] RIP: 0033:0x7fdcfe17ff19 [ 212.844495][T11111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 212.864110][T11111] RSP: 002b:00007fdcfef94058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 212.872529][T11111] RAX: ffffffffffffffda RBX: 00007fdcfe345fa0 RCX: 00007fdcfe17ff19 [ 212.880514][T11111] RDX: 0000000000000050 RSI: 0000000020000000 RDI: 000000000000000a [ 212.888490][T11111] RBP: 00007fdcfef940a0 R08: 0000000000000000 R09: 0000000000000000 [ 212.896472][T11111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 212.904443][T11111] R13: 0000000000000000 R14: 00007fdcfe345fa0 R15: 00007fff69dfddb8 [ 212.912430][T11111] [ 212.949965][T11073] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 212.998834][T11098] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.086298][ T8881] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.111281][T11073] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 213.200068][ T8881] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.240833][T11128] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1883'. [ 213.255501][T11073] team0: Port device team_slave_0 added [ 213.271113][T11073] team0: Port device team_slave_1 added [ 213.312011][T11098] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.407806][T11132] netlink: 'syz.4.1886': attribute type 1 has an invalid length. [ 213.446095][T11098] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.509821][ T8881] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.548224][T11073] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 213.555356][T11073] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 213.596642][T11073] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 213.617962][ T5833] Bluetooth: hci1: command tx timeout [ 213.630424][T11073] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 213.637570][T11073] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 213.663920][T11073] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 213.677926][T11136] sch_tbf: burst 1399 is lower than device veth0_to_team mtu (1514) ! [ 213.706212][T11098] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.724687][T11098] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.733399][T11138] sch_tbf: burst 1399 is lower than device veth0_to_team mtu (1514) ! [ 213.883113][T11073] hsr_slave_0: entered promiscuous mode [ 213.898828][T11073] hsr_slave_1: entered promiscuous mode [ 213.909909][T11073] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 213.922648][T11073] Cannot create hsr debugfs directory [ 214.122798][T11150] pim6reg1: entered promiscuous mode [ 214.128621][T11150] pim6reg1: entered allmulticast mode [ 214.363243][ T8881] bridge_slave_1: left allmulticast mode [ 214.370029][ T8881] bridge_slave_1: left promiscuous mode [ 214.387601][ T8881] bridge0: port 2(bridge_slave_1) entered disabled state [ 214.411740][ T8881] bridge_slave_0: left allmulticast mode [ 214.417436][ T8881] bridge_slave_0: left promiscuous mode [ 214.437808][ T8881] bridge0: port 1(bridge_slave_0) entered disabled state [ 214.872877][ T8881] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 214.884235][ T8881] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 214.894777][ T8881] bond0 (unregistering): Released all slaves [ 215.265284][T11182] sch_tbf: burst 1399 is lower than device veth0_to_team mtu (1514) ! [ 215.555407][ T8881] hsr_slave_0: left promiscuous mode [ 215.568940][ T8881] hsr_slave_1: left promiscuous mode [ 215.575023][ T8881] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 215.586852][ T8881] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 215.606350][ T8881] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 215.615251][ T8881] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 215.660787][ T8881] veth1_macvtap: left promiscuous mode [ 215.666982][ T8881] veth0_macvtap: left promiscuous mode [ 215.672925][ T8881] veth1_vlan: left promiscuous mode [ 215.692792][ T8881] veth0_vlan: left promiscuous mode [ 215.698752][ T5833] Bluetooth: hci1: command tx timeout [ 216.205379][ T8881] team0 (unregistering): Port device team_slave_1 removed [ 216.251128][ T8881] team0 (unregistering): Port device team_slave_0 removed [ 216.802554][T11213] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1911'. [ 216.914676][T11213] batadv2: entered promiscuous mode [ 216.932415][T11213] 8021q: adding VLAN 0 to HW filter on device batadv2 [ 216.952068][T11073] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 216.975640][T11073] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 217.018377][T11073] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 217.037509][T11073] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 217.148659][T11218] sch_tbf: burst 1399 is lower than device veth0_to_team mtu (1514) ! [ 217.332602][T11073] 8021q: adding VLAN 0 to HW filter on device bond0 [ 217.398858][T11073] 8021q: adding VLAN 0 to HW filter on device team0 [ 217.553988][T11223] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1916'. [ 217.603270][ T5051] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.610444][ T5051] bridge0: port 1(bridge_slave_0) entered forwarding state [ 217.641475][T11229] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1919'. [ 217.720246][ T5051] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.727397][ T5051] bridge0: port 2(bridge_slave_1) entered forwarding state [ 217.777931][ T5833] Bluetooth: hci1: command tx timeout [ 217.777963][T11233] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1921'. [ 218.079822][T11245] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1926'. [ 218.105368][T11247] batadv_slave_1: entered promiscuous mode [ 218.144316][T11247] batadv_slave_1: left promiscuous mode [ 218.314761][T11255] SET target dimension over the limit! [ 218.325131][T11073] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 218.445635][T11073] veth0_vlan: entered promiscuous mode [ 218.469516][T11073] veth1_vlan: entered promiscuous mode [ 218.556600][T11073] veth0_macvtap: entered promiscuous mode [ 218.598058][T11073] veth1_macvtap: entered promiscuous mode [ 218.684245][T11073] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 218.712671][T11272] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1935'. [ 218.717494][T11073] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.758934][T11073] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 218.790123][T11073] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 218.802937][T11073] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.815897][T11073] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 218.833073][T11073] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.843502][T11073] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.853221][T11073] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.862241][T11073] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.034503][T11283] netlink: 'syz.0.1940': attribute type 30 has an invalid length. [ 219.061930][T11282] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1939'. [ 219.142349][ T5051] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 219.160678][ T5051] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 219.251651][ T8883] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 219.297997][ T8883] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 219.315273][T11292] nft_compat: unsupported protocol 0 [ 219.609362][T11308] netlink: 244 bytes leftover after parsing attributes in process `syz.1.1947'. [ 219.780894][T11312] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1950'. [ 220.099915][T11318] sch_tbf: burst 1399 is lower than device veth0_to_team mtu (1514) ! [ 220.438759][ T8888] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.655031][T11337] SET target dimension over the limit! [ 220.690598][T11335] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1961'. [ 220.796072][T11333] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.041213][T11333] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.070882][ T5846] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 221.080170][ T5846] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 221.092487][ T5846] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 221.102482][ T5846] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 221.110559][ T5846] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 221.119049][ T5846] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 221.207345][T11333] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.293443][ T8888] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.338041][ T8885] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 221.347262][ T8885] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 221.382504][T11333] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.481868][ T8888] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.579425][ T8888] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.652223][T11333] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.703678][T11333] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.735474][T11333] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.778888][T11333] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.829522][T11351] chnl_net:caif_netlink_parms(): no params data found [ 221.909400][ T8888] bridge_slave_1: left allmulticast mode [ 221.915096][ T8888] bridge_slave_1: left promiscuous mode [ 221.938717][ T8888] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.960634][ T8888] bridge_slave_0: left allmulticast mode [ 221.966328][ T8888] bridge_slave_0: left promiscuous mode [ 221.979034][ T8888] bridge0: port 1(bridge_slave_0) entered disabled state [ 222.148245][T11378] __nla_validate_parse: 3 callbacks suppressed [ 222.148266][T11378] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1971'. [ 222.589435][ T8888] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 222.603862][ T8888] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 222.627260][ T8888] bond0 (unregistering): Released all slaves [ 222.845066][T11401] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1978'. [ 222.854693][T11401] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1978'. [ 222.906016][T11406] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1978'. [ 222.908222][T11403] netlink: 'syz.2.1977': attribute type 1 has an invalid length. [ 222.937341][T11403] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1977'. [ 223.218023][ T5833] Bluetooth: hci1: command tx timeout [ 223.298587][T11351] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.306036][T11351] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.323511][T11351] bridge_slave_0: entered allmulticast mode [ 223.338687][T11351] bridge_slave_0: entered promiscuous mode [ 223.347084][T11351] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.354325][T11351] bridge0: port 2(bridge_slave_1) entered disabled state [ 223.361719][T11351] bridge_slave_1: entered allmulticast mode [ 223.368763][T11351] bridge_slave_1: entered promiscuous mode [ 223.433022][T11351] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 223.452353][T11351] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 223.522710][T11427] openvswitch: netlink: VXLAN extension 0 has unexpected len 3 expected 0 [ 223.584226][T11426] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1985'. [ 223.665246][T11351] team0: Port device team_slave_0 added [ 223.734594][ T8888] hsr_slave_0: left promiscuous mode [ 223.749701][ T8888] hsr_slave_1: left promiscuous mode [ 223.755852][ T8888] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 223.777037][ T8888] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 223.804869][ T8888] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 223.812799][ T8888] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 223.841403][ T8888] veth1_macvtap: left promiscuous mode [ 223.847009][ T8888] veth0_macvtap: left promiscuous mode [ 223.852838][ T8888] veth1_vlan: left promiscuous mode [ 223.858646][ T8888] veth0_vlan: left promiscuous mode [ 224.514303][ T8888] team0 (unregistering): Port device team_slave_1 removed [ 224.577333][ T8888] team0 (unregistering): Port device team_slave_0 removed [ 225.019214][T11351] team0: Port device team_slave_1 added [ 225.034269][T11445] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1991'. [ 225.228686][T11351] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 225.256003][T11351] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 225.298162][ T5833] Bluetooth: hci1: command tx timeout [ 225.316297][T11351] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 225.328971][T11351] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 225.335966][T11351] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 225.366509][T11351] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 225.508104][T11463] openvswitch: netlink: VXLAN extension 0 has unexpected len 3 expected 0 [ 225.600635][T11351] hsr_slave_0: entered promiscuous mode [ 225.635433][T11351] hsr_slave_1: entered promiscuous mode [ 225.663696][T11351] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 225.691573][T11351] Cannot create hsr debugfs directory [ 226.388729][T11506] sctp: [Deprecated]: syz.1.2015 (pid 11506) Use of int in maxseg socket option. [ 226.388729][T11506] Use struct sctp_assoc_value instead [ 226.443656][T11506] sctp: [Deprecated]: syz.1.2015 (pid 11506) Use of int in maxseg socket option. [ 226.443656][T11506] Use struct sctp_assoc_value instead [ 226.518987][T11508] netlink: 'syz.2.2016': attribute type 10 has an invalid length. [ 226.526856][T11508] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2016'. [ 226.656787][T11351] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 226.718833][T11351] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 226.731770][T11351] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 226.732067][T11520] FAULT_INJECTION: forcing a failure. [ 226.732067][T11520] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 226.762681][T11518] sch_tbf: burst 1399 is lower than device veth0_to_team mtu (1514) ! [ 226.782303][T11520] CPU: 1 UID: 0 PID: 11520 Comm: syz.1.2019 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 226.782375][T11351] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 226.793090][T11520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 226.793105][T11520] Call Trace: [ 226.793112][T11520] [ 226.793121][T11520] dump_stack_lvl+0x241/0x360 [ 226.793152][T11520] ? __pfx_dump_stack_lvl+0x10/0x10 [ 226.793175][T11520] ? __pfx__printk+0x10/0x10 [ 226.793199][T11520] ? validate_chain+0x11e/0x5920 [ 226.793227][T11520] should_fail_ex+0x3b0/0x4e0 [ 226.793249][T11520] prepare_alloc_pages+0x1da/0x5b0 [ 226.793279][T11520] __alloc_pages_noprof+0x16f/0x710 [ 226.793301][T11520] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 226.793341][T11520] alloc_pages_mpol_noprof+0x3e8/0x680 [ 226.793372][T11520] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 226.793406][T11520] vma_alloc_folio_noprof+0x12e/0x230 [ 226.793433][T11520] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 226.879006][T11520] ? do_raw_spin_unlock+0x13c/0x8b0 [ 226.884216][T11520] folio_prealloc+0x2e/0x170 [ 226.888806][T11520] do_wp_page+0x11c4/0x5160 [ 226.893327][T11520] ? __pfx_do_wp_page+0x10/0x10 [ 226.898182][T11520] ? __pfx_validate_chain+0x10/0x10 [ 226.903385][T11520] ? __pfx_lock_acquire+0x10/0x10 [ 226.908404][T11520] ? rcu_is_watching+0x15/0xb0 [ 226.913169][T11520] ? do_raw_spin_lock+0x14f/0x370 [ 226.918189][T11520] ? __pfx___pte_offset_map+0x10/0x10 [ 226.923568][T11520] handle_pte_fault+0x111e/0x68a0 [ 226.928596][T11520] ? __pfx_validate_chain+0x10/0x10 [ 226.933798][T11520] ? __pfx_handle_pte_fault+0x10/0x10 [ 226.939167][T11520] ? __lock_acquire+0x1397/0x2100 [ 226.944214][T11520] ? mt_find+0x2a9/0x920 [ 226.948452][T11520] ? __pfx_lock_release+0x10/0x10 [ 226.953479][T11520] handle_mm_fault+0x1106/0x1bb0 [ 226.958411][T11520] ? mt_find+0x2a9/0x920 [ 226.962666][T11520] ? __pfx_handle_mm_fault+0x10/0x10 [ 226.967971][T11520] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 226.974300][T11520] ? lock_mm_and_find_vma+0x9c/0x2f0 [ 226.979582][T11520] exc_page_fault+0x2b9/0x8b0 [ 226.984265][T11520] asm_exc_page_fault+0x26/0x30 [ 226.989125][T11520] RIP: 0010:rep_movs_alternative+0x4a/0x70 [ 226.994934][T11520] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1 [ 227.014539][T11520] RSP: 0018:ffffc90002fa74b8 EFLAGS: 00050202 [ 227.020606][T11520] RAX: ffff88805bc80001 RBX: 0000000020000fc0 RCX: 00000000000004f4 [ 227.028575][T11520] RDX: 0000000000000000 RSI: ffff88805bc801de RDI: 0000000020001000 [ 227.036539][T11520] RBP: ffffc90002fa7638 R08: ffff88805bc806d1 R09: 1ffff1100b7900da [ 227.044506][T11520] R10: dffffc0000000000 R11: ffffed100b7900db R12: ffffc90002fa7d28 [ 227.052477][T11520] R13: 0000000000000534 R14: ffff88805bc8019e R15: 1ffff920005f4eac [ 227.060462][T11520] _copy_to_iter+0x529/0x1e70 [ 227.065145][T11520] ? __virt_addr_valid+0x183/0x530 [ 227.070262][T11520] ? __pfx__copy_to_iter+0x10/0x10 [ 227.075377][T11520] ? __virt_addr_valid+0x183/0x530 [ 227.080487][T11520] ? __virt_addr_valid+0x183/0x530 [ 227.085594][T11520] ? __virt_addr_valid+0x45f/0x530 [ 227.090704][T11520] ? __phys_addr_symbol+0x2f/0x70 [ 227.095728][T11520] ? __check_object_size+0x48e/0x900 [ 227.101060][T11520] __skb_datagram_iter+0x107/0x900 [ 227.106170][T11520] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 227.111807][T11520] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 227.118134][T11520] skb_copy_datagram_iter+0xd1/0x250 [ 227.123437][T11520] netlink_recvmsg+0x2d0/0x11d0 [ 227.128293][T11520] ? __pfx_netlink_recvmsg+0x10/0x10 [ 227.133582][T11520] ? iovec_from_user+0x10e/0x240 [ 227.138522][T11520] ? iovec_from_user+0x16c/0x240 [ 227.143462][T11520] ? __pfx_aa_sk_perm+0x10/0x10 [ 227.148318][T11520] ? iovec_from_user+0x1b4/0x240 [ 227.153278][T11520] ? aa_sock_msg_perm+0x91/0x160 [ 227.158212][T11520] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 227.163495][T11520] ? __pfx_netlink_recvmsg+0x10/0x10 [ 227.168779][T11520] sock_recvmsg+0x22f/0x280 [ 227.173282][T11520] ____sys_recvmsg+0x1c6/0x480 [ 227.178047][T11520] ? __pfx_____sys_recvmsg+0x10/0x10 [ 227.183353][T11520] do_recvmmsg+0x426/0xab0 [ 227.187776][T11520] ? __pfx_do_recvmmsg+0x10/0x10 [ 227.192737][T11520] ? __pfx___might_resched+0x10/0x10 [ 227.198019][T11520] ? __might_fault+0xaa/0x120 [ 227.202702][T11520] ? __pfx_lock_release+0x10/0x10 [ 227.207730][T11520] ? vfs_write+0x730/0xd30 [ 227.212167][T11520] ? get_timespec64+0x19c/0x280 [ 227.217046][T11520] __x64_sys_recvmmsg+0x1b8/0x250 [ 227.222078][T11520] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 227.227622][T11520] ? do_syscall_64+0x100/0x230 [ 227.232385][T11520] ? do_syscall_64+0xb6/0x230 [ 227.237057][T11520] do_syscall_64+0xf3/0x230 [ 227.241566][T11520] ? clear_bhb_loop+0x35/0x90 [ 227.246241][T11520] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.252138][T11520] RIP: 0033:0x7fbe58d7ff19 [ 227.256549][T11520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 227.276150][T11520] RSP: 002b:00007fbe59b08058 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 227.284564][T11520] RAX: ffffffffffffffda RBX: 00007fbe58f45fa0 RCX: 00007fbe58d7ff19 [ 227.292534][T11520] RDX: 03fffffffffffc30 RSI: 00000000200037c0 RDI: 0000000000000003 [ 227.300502][T11520] RBP: 00007fbe59b080a0 R08: 0000000020003700 R09: 0000000000000000 [ 227.308470][T11520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 227.316435][T11520] R13: 0000000000000000 R14: 00007fbe58f45fa0 R15: 00007ffc88583d38 [ 227.324416][T11520] [ 227.377592][ T5833] Bluetooth: hci1: command tx timeout [ 227.387985][T11521] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2018'. [ 227.414035][T11351] 8021q: adding VLAN 0 to HW filter on device bond0 [ 227.432593][T11351] 8021q: adding VLAN 0 to HW filter on device team0 [ 227.504505][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.511709][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 227.542289][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.549476][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 227.672037][T11537] FAULT_INJECTION: forcing a failure. [ 227.672037][T11537] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 227.699177][T11537] CPU: 0 UID: 0 PID: 11537 Comm: syz.4.2025 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 227.710084][T11537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 227.720168][T11537] Call Trace: [ 227.723465][T11537] [ 227.726415][T11537] dump_stack_lvl+0x241/0x360 [ 227.731142][T11537] ? __pfx_dump_stack_lvl+0x10/0x10 [ 227.736386][T11537] ? __pfx__printk+0x10/0x10 [ 227.740991][T11537] ? __pfx_lock_release+0x10/0x10 [ 227.746020][T11537] should_fail_ex+0x3b0/0x4e0 [ 227.750704][T11537] _copy_from_user+0x2f/0xc0 [ 227.755289][T11537] copy_msghdr_from_user+0xae/0x680 [ 227.760502][T11537] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 227.766331][T11537] ? __fget_files+0x2a/0x410 [ 227.770921][T11537] ? __fget_files+0x2a/0x410 [ 227.775511][T11537] __sys_sendmsg+0x209/0x350 [ 227.780095][T11537] ? __pfx_lock_release+0x10/0x10 [ 227.785115][T11537] ? __pfx___sys_sendmsg+0x10/0x10 [ 227.790231][T11537] ? __pfx_vfs_write+0x10/0x10 [ 227.795005][T11537] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 227.801329][T11537] ? do_syscall_64+0x100/0x230 [ 227.806085][T11537] ? do_syscall_64+0xb6/0x230 [ 227.810760][T11537] do_syscall_64+0xf3/0x230 [ 227.815266][T11537] ? clear_bhb_loop+0x35/0x90 [ 227.819940][T11537] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.825826][T11537] RIP: 0033:0x7fdcfe17ff19 [ 227.830236][T11537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 227.849834][T11537] RSP: 002b:00007fdcfef94058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 227.858259][T11537] RAX: ffffffffffffffda RBX: 00007fdcfe345fa0 RCX: 00007fdcfe17ff19 [ 227.866240][T11537] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000003 [ 227.874223][T11537] RBP: 00007fdcfef940a0 R08: 0000000000000000 R09: 0000000000000000 [ 227.882210][T11537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 227.890191][T11537] R13: 0000000000000000 R14: 00007fdcfe345fa0 R15: 00007fff69dfddb8 [ 227.898175][T11537] [ 227.914480][ T3493] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.937360][ T3493] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 227.943560][T11540] FAULT_INJECTION: forcing a failure. [ 227.943560][T11540] name failslab, interval 1, probability 0, space 0, times 0 [ 227.967620][T11540] CPU: 0 UID: 0 PID: 11540 Comm: syz.2.2026 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 227.978438][T11540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 227.988699][T11540] Call Trace: [ 227.992016][T11540] [ 227.994971][T11540] dump_stack_lvl+0x241/0x360 [ 227.999688][T11540] ? __pfx_dump_stack_lvl+0x10/0x10 [ 228.004926][T11540] ? __pfx__printk+0x10/0x10 [ 228.009548][T11540] ? __kmalloc_cache_noprof+0x48/0x390 [ 228.015137][T11540] ? __pfx___might_resched+0x10/0x10 [ 228.020452][T11540] should_fail_ex+0x3b0/0x4e0 [ 228.025193][T11540] should_failslab+0xac/0x100 [ 228.029894][T11540] __kmalloc_cache_noprof+0x70/0x390 [ 228.035182][T11540] ? fib_trie_unmerge+0x126/0xed0 [ 228.040210][T11540] fib_trie_unmerge+0x126/0xed0 [ 228.045087][T11540] ? __pfx_fib_trie_unmerge+0x10/0x10 [ 228.050490][T11540] ? trace_kmalloc+0x1f/0xd0 [ 228.055126][T11540] ? fib_nl2rule+0x371/0x1b50 [ 228.059814][T11540] ? fib_nl2rule+0x1449/0x1b50 [ 228.064765][T11540] fib_unmerge+0xc5/0x370 [ 228.069103][T11540] fib4_rule_configure+0x2a0/0xc30 [ 228.074214][T11540] ? __pfx_fib4_rule_configure+0x10/0x10 [ 228.079849][T11540] fib_nl_newrule+0x11f2/0x1d30 [ 228.084727][T11540] ? __pfx_fib_nl_newrule+0x10/0x10 [ 228.089924][T11540] ? rcu_is_watching+0x15/0xb0 [ 228.094786][T11540] ? __mutex_lock+0xaf9/0xee0 [ 228.099483][T11540] ? __pfx_fib_nl_newrule+0x10/0x10 [ 228.104681][T11540] rtnetlink_rcv_msg+0x73f/0xcf0 [ 228.109641][T11540] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 228.114792][T11540] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 228.120273][T11540] ? ref_tracker_free+0x643/0x7e0 [ 228.125307][T11540] netlink_rcv_skb+0x1e3/0x430 [ 228.130693][T11540] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 228.136280][T11540] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 228.141599][T11540] ? netlink_deliver_tap+0x2e/0x1b0 [ 228.146816][T11540] netlink_unicast+0x7f6/0x990 [ 228.151618][T11540] ? __pfx_netlink_unicast+0x10/0x10 [ 228.157001][T11540] ? __virt_addr_valid+0x183/0x530 [ 228.162120][T11540] ? __check_object_size+0x48e/0x900 [ 228.167412][T11540] netlink_sendmsg+0x8e4/0xcb0 [ 228.172227][T11540] ? __pfx_netlink_sendmsg+0x10/0x10 [ 228.177541][T11540] ? aa_sock_msg_perm+0x91/0x160 [ 228.182498][T11540] ? __pfx_netlink_sendmsg+0x10/0x10 [ 228.187785][T11540] __sock_sendmsg+0x221/0x270 [ 228.192469][T11540] ____sys_sendmsg+0x52a/0x7e0 [ 228.197244][T11540] ? __pfx_____sys_sendmsg+0x10/0x10 [ 228.202534][T11540] ? __fget_files+0x2a/0x410 [ 228.207141][T11540] ? __fget_files+0x2a/0x410 [ 228.211768][T11540] __sys_sendmsg+0x269/0x350 [ 228.216354][T11540] ? __pfx_lock_release+0x10/0x10 [ 228.221382][T11540] ? __pfx___sys_sendmsg+0x10/0x10 [ 228.226498][T11540] ? __pfx_vfs_write+0x10/0x10 [ 228.231374][T11540] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 228.237791][T11540] ? do_syscall_64+0x100/0x230 [ 228.242568][T11540] ? do_syscall_64+0xb6/0x230 [ 228.247246][T11540] do_syscall_64+0xf3/0x230 [ 228.251763][T11540] ? clear_bhb_loop+0x35/0x90 [ 228.256613][T11540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.262504][T11540] RIP: 0033:0x7f33af57ff19 [ 228.267175][T11540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 228.286801][T11540] RSP: 002b:00007f33b0383058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 228.295220][T11540] RAX: ffffffffffffffda RBX: 00007f33af745fa0 RCX: 00007f33af57ff19 [ 228.303189][T11540] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 228.311160][T11540] RBP: 00007f33b03830a0 R08: 0000000000000000 R09: 0000000000000000 [ 228.319125][T11540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 228.327090][T11540] R13: 0000000000000000 R14: 00007f33af745fa0 R15: 00007ffccf764c58 [ 228.335071][T11540] [ 228.426406][T11547] tipc: Started in network mode [ 228.431545][T11547] tipc: Node identity ff, cluster identity 4711 [ 228.437925][T11547] tipc: Enabling of bearer rejected, failed to enable media [ 228.559174][T11549] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2031'. [ 228.740244][T11351] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 228.803276][T11351] veth0_vlan: entered promiscuous mode [ 228.825877][T11351] veth1_vlan: entered promiscuous mode [ 228.884971][T11351] veth0_macvtap: entered promiscuous mode [ 228.914353][T11351] veth1_macvtap: entered promiscuous mode [ 228.950257][T11351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.961768][T11351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.974660][T11351] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 229.004143][T11351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 229.028305][T11351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.056478][T11351] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 229.075611][T11351] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.095216][T11351] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.115071][T11351] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.134325][T11351] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.292797][ T3493] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 229.302620][ T3493] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 229.328796][ T3493] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 229.348806][ T3493] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 229.458462][ T5833] Bluetooth: hci1: command tx timeout [ 229.783493][T11589] syzkaller1: entered promiscuous mode [ 229.789190][T11589] syzkaller1: entered allmulticast mode [ 231.156548][T11630] FAULT_INJECTION: forcing a failure. [ 231.156548][T11630] name failslab, interval 1, probability 0, space 0, times 0 [ 231.170854][T11630] CPU: 0 UID: 0 PID: 11630 Comm: syz.0.2057 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 231.181692][T11630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 231.191774][T11630] Call Trace: [ 231.195071][T11630] [ 231.198031][T11630] dump_stack_lvl+0x241/0x360 [ 231.202746][T11630] ? __pfx_dump_stack_lvl+0x10/0x10 [ 231.207967][T11630] ? __pfx__printk+0x10/0x10 [ 231.212608][T11630] should_fail_ex+0x3b0/0x4e0 [ 231.217324][T11630] should_failslab+0xac/0x100 [ 231.222040][T11630] ? skb_clone+0x20c/0x390 [ 231.226480][T11630] kmem_cache_alloc_noprof+0x70/0x380 [ 231.231892][T11630] skb_clone+0x20c/0x390 [ 231.236162][T11630] __netlink_deliver_tap+0x3cc/0x7f0 [ 231.241504][T11630] ? netlink_deliver_tap+0x2e/0x1b0 [ 231.246731][T11630] netlink_deliver_tap+0x19d/0x1b0 [ 231.251872][T11630] netlink_unicast+0x7c4/0x990 [ 231.256665][T11630] ? __pfx_netlink_unicast+0x10/0x10 [ 231.261967][T11630] ? __virt_addr_valid+0x183/0x530 [ 231.267110][T11630] ? __check_object_size+0x48e/0x900 [ 231.272432][T11630] netlink_sendmsg+0x8e4/0xcb0 [ 231.277199][T11630] ? __pfx_netlink_sendmsg+0x10/0x10 [ 231.282498][T11630] ? aa_sock_msg_perm+0x91/0x160 [ 231.287458][T11630] ? __pfx_netlink_sendmsg+0x10/0x10 [ 231.292765][T11630] __sock_sendmsg+0x221/0x270 [ 231.297480][T11630] ____sys_sendmsg+0x52a/0x7e0 [ 231.302302][T11630] ? __pfx_____sys_sendmsg+0x10/0x10 [ 231.307620][T11630] ? __fget_files+0x2a/0x410 [ 231.312251][T11630] ? __fget_files+0x2a/0x410 [ 231.316876][T11630] __sys_sendmsg+0x269/0x350 [ 231.321488][T11630] ? __pfx_lock_release+0x10/0x10 [ 231.326549][T11630] ? __pfx___sys_sendmsg+0x10/0x10 [ 231.331703][T11630] ? __pfx_vfs_write+0x10/0x10 [ 231.336515][T11630] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 231.342116][T11632] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2058'. [ 231.342856][T11630] ? do_syscall_64+0x100/0x230 [ 231.356563][T11630] ? do_syscall_64+0xb6/0x230 [ 231.361272][T11630] do_syscall_64+0xf3/0x230 [ 231.365796][T11630] ? clear_bhb_loop+0x35/0x90 [ 231.370493][T11630] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.376412][T11630] RIP: 0033:0x7f463837ff19 [ 231.380851][T11630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 231.400487][T11630] RSP: 002b:00007f46390a6058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 231.408937][T11630] RAX: ffffffffffffffda RBX: 00007f4638545fa0 RCX: 00007f463837ff19 [ 231.416933][T11630] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003 [ 231.424930][T11630] RBP: 00007f46390a60a0 R08: 0000000000000000 R09: 0000000000000000 [ 231.432933][T11630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 231.440924][T11630] R13: 0000000000000000 R14: 00007f4638545fa0 R15: 00007ffca12cc318 [ 231.448919][T11630] [ 231.474392][T11634] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2059'. [ 231.615256][ T5051] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 232.334735][T11652] ipvlan4: entered promiscuous mode [ 232.378240][T11652] 8021q: adding VLAN 0 to HW filter on device ipvlan4 [ 232.414444][T11654] FAULT_INJECTION: forcing a failure. [ 232.414444][T11654] name failslab, interval 1, probability 0, space 0, times 0 [ 232.479004][T11654] CPU: 0 UID: 0 PID: 11654 Comm: syz.0.2067 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 232.489840][T11654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 232.499920][T11654] Call Trace: [ 232.503216][T11654] [ 232.506171][T11654] dump_stack_lvl+0x241/0x360 [ 232.510878][T11654] ? __pfx_dump_stack_lvl+0x10/0x10 [ 232.516101][T11654] ? __pfx__printk+0x10/0x10 [ 232.520724][T11654] ? kmem_cache_alloc_node_noprof+0x4f/0x380 [ 232.526741][T11654] ? __pfx___might_resched+0x10/0x10 [ 232.532060][T11654] should_fail_ex+0x3b0/0x4e0 [ 232.536767][T11654] should_failslab+0xac/0x100 [ 232.541476][T11654] kmem_cache_alloc_node_noprof+0x77/0x380 [ 232.547331][T11654] ? __alloc_skb+0x1c3/0x440 [ 232.551946][T11654] __alloc_skb+0x1c3/0x440 [ 232.556386][T11654] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 232.562403][T11654] ? __pfx___alloc_skb+0x10/0x10 [ 232.567364][T11654] ? __local_bh_enable_ip+0x168/0x200 [ 232.572766][T11654] ? lockdep_hardirqs_on+0x99/0x150 [ 232.577993][T11654] virtio_transport_alloc_skb+0x4b/0xe90 [ 232.583658][T11654] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 232.589412][T11654] ? virtio_transport_send_pkt_info+0x1f4/0x10b0 [ 232.596368][T11654] virtio_transport_send_pkt_info+0x56f/0x10b0 [ 232.602531][T11654] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 232.608514][T11654] virtio_transport_stream_enqueue+0x155/0x200 [ 232.614664][T11654] ? __pfx_virtio_transport_stream_enqueue+0x10/0x10 [ 232.621333][T11654] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 232.627670][T11654] ? virtio_transport_stream_has_space+0x4b/0x120 [ 232.634093][T11654] ? remove_wait_queue+0x33/0x130 [ 232.639115][T11654] vsock_connectible_sendmsg+0xa40/0xf60 [ 232.644770][T11654] ? aa_sk_perm+0x96d/0xab0 [ 232.649280][T11654] ? __pfx_vsock_connectible_sendmsg+0x10/0x10 [ 232.655435][T11654] ? __pfx_woken_wake_function+0x10/0x10 [ 232.661070][T11654] ? aa_sock_msg_perm+0x91/0x160 [ 232.666005][T11654] ? __pfx_vsock_connectible_sendmsg+0x10/0x10 [ 232.672159][T11654] __sock_sendmsg+0x221/0x270 [ 232.676837][T11654] sock_write_iter+0x2d7/0x3f0 [ 232.681598][T11654] ? __pfx_sock_write_iter+0x10/0x10 [ 232.686895][T11654] do_iter_readv_writev+0x600/0x880 [ 232.692095][T11654] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 232.697815][T11654] ? bpf_lsm_file_permission+0x9/0x10 [ 232.703183][T11654] ? security_file_permission+0x74/0x280 [ 232.708814][T11654] ? rw_verify_area+0x1c3/0x6f0 [ 232.713662][T11654] vfs_writev+0x376/0xba0 [ 232.717992][T11654] ? __pfx_lock_acquire+0x10/0x10 [ 232.723012][T11654] ? __pfx_vfs_writev+0x10/0x10 [ 232.727868][T11654] ? __pfx_vfs_write+0x10/0x10 [ 232.732626][T11654] ? __fget_files+0x2a/0x410 [ 232.737209][T11654] ? __fget_files+0x395/0x410 [ 232.741883][T11654] ? __fget_files+0x2a/0x410 [ 232.746476][T11654] do_writev+0x1b6/0x360 [ 232.750714][T11654] ? __pfx_do_writev+0x10/0x10 [ 232.755470][T11654] ? do_syscall_64+0x100/0x230 [ 232.760234][T11654] ? do_syscall_64+0xb6/0x230 [ 232.764903][T11654] do_syscall_64+0xf3/0x230 [ 232.769396][T11654] ? clear_bhb_loop+0x35/0x90 [ 232.774065][T11654] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.779948][T11654] RIP: 0033:0x7f463837ff19 [ 232.784354][T11654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 232.803955][T11654] RSP: 002b:00007f46390a6058 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 232.812366][T11654] RAX: ffffffffffffffda RBX: 00007f4638545fa0 RCX: 00007f463837ff19 [ 232.820330][T11654] RDX: 0000000000000001 RSI: 00000000200002c0 RDI: 0000000000000006 [ 232.828294][T11654] RBP: 00007f46390a60a0 R08: 0000000000000000 R09: 0000000000000000 [ 232.836266][T11654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 232.844246][T11654] R13: 0000000000000000 R14: 00007f4638545fa0 R15: 00007ffca12cc318 [ 232.852234][T11654] [ 232.935251][ T5846] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 232.955793][ T5846] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 232.982748][ T5846] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 232.996038][ T5846] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 233.007789][ T5846] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 233.041274][ T5846] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 233.114118][ T5051] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 233.150579][T11661] ip6gre1: entered promiscuous mode [ 233.155837][T11661] ip6gre1: entered allmulticast mode [ 233.279328][ T5051] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 233.445482][ T5051] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 233.911615][T11662] chnl_net:caif_netlink_parms(): no params data found [ 234.065200][T11705] netlink: 'syz.0.2081': attribute type 1 has an invalid length. [ 234.077832][T11705] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2081'. [ 234.196769][T11708] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2078'. [ 234.407706][ T5051] bridge_slave_1: left allmulticast mode [ 234.413595][ T5051] bridge_slave_1: left promiscuous mode [ 234.419646][ T5051] bridge0: port 2(bridge_slave_1) entered disabled state [ 234.429968][ T5051] bridge_slave_0: left allmulticast mode [ 234.436838][ T5051] bridge_slave_0: left promiscuous mode [ 234.443195][ T5051] bridge0: port 1(bridge_slave_0) entered disabled state [ 234.613782][T11730] IPVS: set_ctl: invalid protocol: 135 0.0.0.0:20000 [ 234.891089][ T5051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 234.904188][ T5051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 234.914622][ T5051] bond0 (unregistering): Released all slaves [ 234.926499][T11724] veth1_vlan: left promiscuous mode [ 234.943999][T11662] bridge0: port 1(bridge_slave_0) entered blocking state [ 234.957578][T11662] bridge0: port 1(bridge_slave_0) entered disabled state [ 234.968072][T11662] bridge_slave_0: entered allmulticast mode [ 234.993578][T11662] bridge_slave_0: entered promiscuous mode [ 235.030570][T11726] netlink: 120 bytes leftover after parsing attributes in process `syz.4.2088'. [ 235.047353][T11726] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check. [ 235.070566][T11662] bridge0: port 2(bridge_slave_1) entered blocking state [ 235.087879][T11662] bridge0: port 2(bridge_slave_1) entered disabled state [ 235.095231][T11662] bridge_slave_1: entered allmulticast mode [ 235.117679][T11662] bridge_slave_1: entered promiscuous mode [ 235.149446][ T5846] Bluetooth: hci1: command tx timeout [ 235.375912][T11662] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 235.425071][T11662] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 235.594906][T11749] FAULT_INJECTION: forcing a failure. [ 235.594906][T11749] name failslab, interval 1, probability 0, space 0, times 0 [ 235.611799][T11749] CPU: 1 UID: 0 PID: 11749 Comm: syz.1.2097 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 235.622701][T11749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 235.632790][T11749] Call Trace: [ 235.636092][T11749] [ 235.639065][T11749] dump_stack_lvl+0x241/0x360 [ 235.643759][T11749] ? __pfx_dump_stack_lvl+0x10/0x10 [ 235.649001][T11749] ? __pfx__printk+0x10/0x10 [ 235.653604][T11749] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 235.659604][T11749] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 235.665946][T11749] should_fail_ex+0x3b0/0x4e0 [ 235.670635][T11749] should_failslab+0xac/0x100 [ 235.675337][T11749] ? dst_alloc+0x12b/0x190 [ 235.679770][T11749] kmem_cache_alloc_noprof+0x70/0x380 [ 235.685177][T11749] dst_alloc+0x12b/0x190 [ 235.689432][T11749] ip_route_output_key_hash_rcu+0x13cc/0x2390 [ 235.695529][T11749] ip_route_output_key_hash+0x193/0x2b0 [ 235.701079][T11749] ? ip_route_output_key_hash+0xdf/0x2b0 [ 235.706707][T11749] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 235.712786][T11749] ? validate_chain+0x11e/0x5920 [ 235.717851][T11749] ip_route_output_flow+0x29/0x140 [ 235.722984][T11749] udp_sendmsg+0x1732/0x2a50 [ 235.727597][T11749] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 235.733338][T11749] ? __pfx_udp_sendmsg+0x10/0x10 [ 235.738334][T11749] ? __pfx_aa_sk_perm+0x10/0x10 [ 235.743209][T11749] ? sock_rps_record_flow+0x1a/0x400 [ 235.748502][T11749] ? inet_sendmsg+0x2ba/0x390 [ 235.753201][T11749] __sock_sendmsg+0x1a6/0x270 [ 235.757903][T11749] ____sys_sendmsg+0x52a/0x7e0 [ 235.762683][T11749] ? __pfx_____sys_sendmsg+0x10/0x10 [ 235.767982][T11749] ? __fget_files+0x2a/0x410 [ 235.772593][T11749] ? __sys_sendmmsg+0x392/0x720 [ 235.777459][T11749] ? __might_fault+0xaa/0x120 [ 235.782142][T11749] __sys_sendmmsg+0x36a/0x720 [ 235.786825][T11749] ? __pfx___sys_sendmmsg+0x10/0x10 [ 235.792046][T11749] ? __pfx_lock_release+0x10/0x10 [ 235.797089][T11749] ? kstrtouint_from_user+0x128/0x190 [ 235.802486][T11749] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 235.808389][T11749] ? ksys_write+0x22a/0x2b0 [ 235.812909][T11749] ? __pfx_lock_release+0x10/0x10 [ 235.817979][T11749] ? vfs_write+0x730/0xd30 [ 235.822407][T11749] ? __mutex_unlock_slowpath+0x21e/0x790 [ 235.828079][T11749] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 235.834091][T11749] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 235.840442][T11749] ? do_syscall_64+0x100/0x230 [ 235.845223][T11749] __x64_sys_sendmmsg+0xa0/0xb0 [ 235.850088][T11749] do_syscall_64+0xf3/0x230 [ 235.854622][T11749] ? clear_bhb_loop+0x35/0x90 [ 235.859340][T11749] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.865261][T11749] RIP: 0033:0x7fbe58d7ff19 [ 235.869687][T11749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 235.889321][T11749] RSP: 002b:00007fbe59b08058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 235.897769][T11749] RAX: ffffffffffffffda RBX: 00007fbe58f45fa0 RCX: 00007fbe58d7ff19 [ 235.905754][T11749] RDX: 0400000000000077 RSI: 0000000020000180 RDI: 0000000000000003 [ 235.913738][T11749] RBP: 00007fbe59b080a0 R08: 0000000000000000 R09: 0000000000000000 [ 235.921736][T11749] R10: 0000000000007600 R11: 0000000000000246 R12: 0000000000000001 [ 235.929746][T11749] R13: 0000000000000000 R14: 00007fbe58f45fa0 R15: 00007ffc88583d38 [ 235.937759][T11749] [ 235.952915][ T5051] hsr_slave_0: left promiscuous mode [ 236.081952][ T5051] hsr_slave_1: left promiscuous mode [ 236.133405][ T5051] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 236.168227][ T5051] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 236.228889][ T5051] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 236.246594][ T5051] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 236.296515][ T5051] veth1_macvtap: left promiscuous mode [ 236.317644][ T5051] veth0_macvtap: left promiscuous mode [ 236.334773][ T5051] veth1_vlan: left promiscuous mode [ 236.340298][ T5051] veth0_vlan: left promiscuous mode [ 236.805740][ T5051] team0 (unregistering): Port device team_slave_1 removed [ 236.852638][ T5051] team0 (unregistering): Port device team_slave_0 removed [ 237.235365][ T5846] Bluetooth: hci1: command tx timeout [ 237.389143][T11662] team0: Port device team_slave_0 added [ 237.424411][T11662] team0: Port device team_slave_1 added [ 237.524028][T11662] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 237.531472][T11662] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 237.599446][T11662] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 237.627765][T11662] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 237.634801][T11662] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 237.661095][T11662] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 237.684310][T11782] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2109'. [ 237.732040][T11662] hsr_slave_0: entered promiscuous mode [ 237.772338][T11662] hsr_slave_1: entered promiscuous mode [ 237.797773][T11662] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 237.824268][T11662] Cannot create hsr debugfs directory [ 237.959151][T11798] sctp: [Deprecated]: syz.1.2114 (pid 11798) Use of int in max_burst socket option. [ 237.959151][T11798] Use struct sctp_assoc_value instead [ 238.033640][T11798] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2114'. [ 238.046032][T11798] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2114'. [ 238.374756][T11815] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2121'. [ 238.825910][T11662] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 238.845066][T11662] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 238.878137][T11662] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 238.916068][T11662] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 238.963848][T11830] sch_tbf: burst 1399 is lower than device veth0_to_team mtu (1514) ! [ 239.105053][T11662] 8021q: adding VLAN 0 to HW filter on device bond0 [ 239.120794][T11662] 8021q: adding VLAN 0 to HW filter on device team0 [ 239.133094][ T8883] bridge0: port 1(bridge_slave_0) entered blocking state [ 239.140286][ T8883] bridge0: port 1(bridge_slave_0) entered forwarding state [ 239.215325][ T8883] bridge0: port 2(bridge_slave_1) entered blocking state [ 239.222568][ T8883] bridge0: port 2(bridge_slave_1) entered forwarding state [ 239.248442][T11662] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 239.265874][T11836] ip6gre1: entered promiscuous mode [ 239.280431][T11836] ip6gre1: entered allmulticast mode [ 239.297683][ T5846] Bluetooth: hci1: command tx timeout [ 239.432414][T11841] netlink: 'syz.4.2130': attribute type 12 has an invalid length. [ 239.474879][T11843] FAULT_INJECTION: forcing a failure. [ 239.474879][T11843] name failslab, interval 1, probability 0, space 0, times 0 [ 239.492010][T11843] CPU: 1 UID: 0 PID: 11843 Comm: syz.2.2131 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 239.502821][T11843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 239.512902][T11843] Call Trace: [ 239.516195][T11843] [ 239.519145][T11843] dump_stack_lvl+0x241/0x360 [ 239.523851][T11843] ? __pfx_dump_stack_lvl+0x10/0x10 [ 239.529077][T11843] ? __pfx__printk+0x10/0x10 [ 239.533697][T11843] ? __kmalloc_node_noprof+0xb9/0x4d0 [ 239.539097][T11843] ? __pfx___might_resched+0x10/0x10 [ 239.544408][T11843] should_fail_ex+0x3b0/0x4e0 [ 239.549116][T11843] should_failslab+0xac/0x100 [ 239.553820][T11843] __kmalloc_node_noprof+0xe1/0x4d0 [ 239.559127][T11843] ? __kasan_kmalloc+0x98/0xb0 [ 239.563910][T11843] ? __kvmalloc_node_noprof+0x72/0x190 [ 239.569396][T11843] __kvmalloc_node_noprof+0x72/0x190 [ 239.574695][T11843] page_pool_create_percpu+0x2ca/0xa00 [ 239.580185][T11843] bpf_test_run_xdp_live+0x2e6/0x21f0 [ 239.585584][T11843] ? arch_stack_walk+0xfd/0x150 [ 239.590483][T11843] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 239.596302][T11843] ? mark_lock+0x9a/0x360 [ 239.600697][T11843] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 239.606628][T11843] ? __might_fault+0xaa/0x120 [ 239.611325][T11843] ? __might_fault+0xc6/0x120 [ 239.616021][T11843] ? _copy_from_user+0x99/0xc0 [ 239.620810][T11843] ? bpf_test_init+0x15a/0x180 [ 239.625599][T11843] ? xdp_convert_md_to_buff+0x5b/0x330 [ 239.631085][T11843] bpf_prog_test_run_xdp+0x805/0x11e0 [ 239.636485][T11843] ? __pfx_lock_release+0x10/0x10 [ 239.641537][T11843] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 239.647377][T11843] ? __fget_files+0x2a/0x410 [ 239.651994][T11843] ? __fget_files+0x2a/0x410 [ 239.656606][T11843] ? fput+0x21b/0x290 [ 239.660611][T11843] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 239.666445][T11843] bpf_prog_test_run+0x2e4/0x360 [ 239.671414][T11843] __sys_bpf+0x48d/0x810 [ 239.675688][T11843] ? __pfx___sys_bpf+0x10/0x10 [ 239.680489][T11843] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 239.686493][T11843] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 239.692843][T11843] ? do_syscall_64+0x100/0x230 [ 239.697635][T11843] __x64_sys_bpf+0x7c/0x90 [ 239.702077][T11843] do_syscall_64+0xf3/0x230 [ 239.706592][T11843] ? clear_bhb_loop+0x35/0x90 [ 239.711278][T11843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.717169][T11843] RIP: 0033:0x7f33af57ff19 [ 239.721594][T11843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 239.741233][T11843] RSP: 002b:00007f33b0383058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 239.749677][T11843] RAX: ffffffffffffffda RBX: 00007f33af745fa0 RCX: 00007f33af57ff19 [ 239.757675][T11843] RDX: 0000000000000050 RSI: 0000000020000000 RDI: 000000000000000a [ 239.765683][T11843] RBP: 00007f33b03830a0 R08: 0000000000000000 R09: 0000000000000000 [ 239.773683][T11843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 239.781684][T11843] R13: 0000000000000000 R14: 00007f33af745fa0 R15: 00007ffccf764c58 [ 239.789703][T11843] [ 239.801939][T11662] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 239.809125][T11843] page_pool_create_percpu() gave up with errno -12 [ 239.865377][T11662] veth0_vlan: entered promiscuous mode [ 239.889928][T11662] veth1_vlan: entered promiscuous mode [ 239.966924][T11662] veth0_macvtap: entered promiscuous mode [ 239.994092][T11662] veth1_macvtap: entered promiscuous mode [ 240.036225][T11853] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2134'. [ 240.055256][T11662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 240.079684][T11662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 240.092199][T11662] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 240.127622][T11662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 240.153283][T11662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 240.164964][T11662] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 240.175266][T11662] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 240.184689][T11662] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 240.193678][T11662] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 240.202986][T11662] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 240.320083][ T8885] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 240.335339][ T8885] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 240.401674][ T5051] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 240.410297][ T5051] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 240.448731][T11864] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2139'. [ 240.499612][T11864] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2139'. [ 240.798150][T11870] netlink: 220 bytes leftover after parsing attributes in process `syz.2.2142'. [ 241.244183][T11882] FAULT_INJECTION: forcing a failure. [ 241.244183][T11882] name failslab, interval 1, probability 0, space 0, times 0 [ 241.267743][T11882] CPU: 1 UID: 0 PID: 11882 Comm: syz.0.2146 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 241.278532][T11882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 241.288585][T11882] Call Trace: [ 241.291850][T11882] [ 241.294765][T11882] dump_stack_lvl+0x241/0x360 [ 241.299444][T11882] ? __pfx_dump_stack_lvl+0x10/0x10 [ 241.304636][T11882] ? __pfx__printk+0x10/0x10 [ 241.309246][T11882] should_fail_ex+0x3b0/0x4e0 [ 241.313947][T11882] should_failslab+0xac/0x100 [ 241.318649][T11882] ? skb_clone+0x20c/0x390 [ 241.323085][T11882] kmem_cache_alloc_noprof+0x70/0x380 [ 241.328487][T11882] skb_clone+0x20c/0x390 [ 241.332754][T11882] __netlink_deliver_tap+0x3cc/0x7f0 [ 241.338070][T11882] ? netlink_deliver_tap+0x2e/0x1b0 [ 241.343290][T11882] netlink_deliver_tap+0x19d/0x1b0 [ 241.348423][T11882] netlink_unicast+0x7c4/0x990 [ 241.353215][T11882] ? __pfx_netlink_unicast+0x10/0x10 [ 241.358519][T11882] ? __virt_addr_valid+0x183/0x530 [ 241.363654][T11882] ? __check_object_size+0x48e/0x900 [ 241.368959][T11882] netlink_sendmsg+0x8e4/0xcb0 [ 241.373730][T11882] ? __pfx_netlink_sendmsg+0x10/0x10 [ 241.379013][T11882] ? aa_sock_msg_perm+0x91/0x160 [ 241.383952][T11882] ? __pfx_netlink_sendmsg+0x10/0x10 [ 241.389236][T11882] __sock_sendmsg+0x221/0x270 [ 241.393917][T11882] ____sys_sendmsg+0x52a/0x7e0 [ 241.398689][T11882] ? __pfx_____sys_sendmsg+0x10/0x10 [ 241.403967][T11882] ? __fget_files+0x2a/0x410 [ 241.408553][T11882] ? __fget_files+0x2a/0x410 [ 241.413171][T11882] __sys_sendmsg+0x269/0x350 [ 241.417757][T11882] ? __pfx_lock_release+0x10/0x10 [ 241.422791][T11882] ? __pfx___sys_sendmsg+0x10/0x10 [ 241.427909][T11882] ? __pfx_vfs_write+0x10/0x10 [ 241.432713][T11882] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 241.439042][T11882] ? do_syscall_64+0x100/0x230 [ 241.443815][T11882] ? do_syscall_64+0xb6/0x230 [ 241.448489][T11882] do_syscall_64+0xf3/0x230 [ 241.452985][T11882] ? clear_bhb_loop+0x35/0x90 [ 241.457662][T11882] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.463553][T11882] RIP: 0033:0x7f463837ff19 [ 241.467966][T11882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 241.487564][T11882] RSP: 002b:00007f46390a6058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 241.495975][T11882] RAX: ffffffffffffffda RBX: 00007f4638545fa0 RCX: 00007f463837ff19 [ 241.504028][T11882] RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000003 [ 241.511992][T11882] RBP: 00007f46390a60a0 R08: 0000000000000000 R09: 0000000000000000 [ 241.519958][T11882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 241.528012][T11882] R13: 0000000000000000 R14: 00007f4638545fa0 R15: 00007ffca12cc318 [ 241.536002][T11882] [ 241.709843][T11872] netlink: 'syz.1.2143': attribute type 1 has an invalid length. [ 241.717904][T11872] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2143'. [ 241.777432][T11888] ip6gre1: entered promiscuous mode [ 241.786434][T11888] ip6gre1: entered allmulticast mode [ 242.016679][T11892] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2148'. [ 242.302743][ T5051] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 242.873426][ T5833] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 242.889173][ T5833] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 242.899437][ T5833] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 242.910195][ T5833] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 242.918426][ T5833] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 242.925844][ T5833] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 242.935788][T11901] openvswitch: netlink: VXLAN extension 0 has unexpected len 3 expected 0 [ 243.105130][T11913] netlink: 'syz.0.2156': attribute type 6 has an invalid length. [ 243.139410][T11915] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2157'. [ 243.149592][T11915] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2157'. [ 243.221666][T11918] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2158'. [ 243.505098][ T5051] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 243.525205][T11930] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2160'. [ 243.571004][T11928] ip6gre1: entered promiscuous mode [ 243.576289][T11928] ip6gre1: entered allmulticast mode [ 243.646030][T11904] chnl_net:caif_netlink_parms(): no params data found [ 243.727636][ T5051] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 243.841796][ T5051] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 243.961937][T11904] bridge0: port 1(bridge_slave_0) entered blocking state [ 243.970338][T11904] bridge0: port 1(bridge_slave_0) entered disabled state [ 243.995401][T11904] bridge_slave_0: entered allmulticast mode [ 244.007395][T11904] bridge_slave_0: entered promiscuous mode [ 244.024402][T11904] bridge0: port 2(bridge_slave_1) entered blocking state [ 244.035694][T11904] bridge0: port 2(bridge_slave_1) entered disabled state [ 244.048533][T11904] bridge_slave_1: entered allmulticast mode [ 244.062342][T11904] bridge_slave_1: entered promiscuous mode [ 244.160883][T11904] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 244.185016][T11904] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 244.293507][T11904] team0: Port device team_slave_0 added [ 244.321605][T11904] team0: Port device team_slave_1 added [ 244.362511][ T5051] bridge_slave_1: left allmulticast mode [ 244.372325][ T5051] bridge_slave_1: left promiscuous mode [ 244.392197][ T5051] bridge0: port 2(bridge_slave_1) entered disabled state [ 244.408104][ T5051] bridge_slave_0: left allmulticast mode [ 244.417940][ T5051] bridge_slave_0: left promiscuous mode [ 244.435498][ T5051] bridge0: port 1(bridge_slave_0) entered disabled state [ 244.911851][ T5051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 244.923453][ T5051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 244.942604][ T5051] bond0 (unregistering): Released all slaves [ 244.987728][ T5833] Bluetooth: hci1: command tx timeout [ 245.029109][T11904] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 245.047564][T11904] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 245.102068][T11971] __nla_validate_parse: 3 callbacks suppressed [ 245.102089][T11971] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2176'. [ 245.125865][T11904] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 245.214379][T11904] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 245.228917][T11904] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 245.256685][T11904] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 245.269820][T11976] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2177'. [ 245.296299][T11969] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 245.363188][T11904] hsr_slave_0: entered promiscuous mode [ 245.381631][T11904] hsr_slave_1: entered promiscuous mode [ 245.396183][T11904] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 245.411771][T11904] Cannot create hsr debugfs directory [ 245.491540][T11983] netlink: zone id is out of range [ 245.496710][T11983] netlink: zone id is out of range [ 245.535543][T11983] netlink: zone id is out of range [ 245.538571][T11985] FAULT_INJECTION: forcing a failure. [ 245.538571][T11985] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 245.541637][T11983] netlink: zone id is out of range [ 245.559118][T11985] CPU: 1 UID: 0 PID: 11985 Comm: syz.1.2181 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 245.569942][T11985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 245.580040][T11985] Call Trace: [ 245.583339][T11985] [ 245.586287][T11985] dump_stack_lvl+0x241/0x360 [ 245.590995][T11985] ? __pfx_dump_stack_lvl+0x10/0x10 [ 245.596232][T11985] ? __pfx__printk+0x10/0x10 [ 245.596815][T11983] netlink: zone id is out of range [ 245.600830][T11985] ? __pfx_lock_release+0x10/0x10 [ 245.600864][T11985] should_fail_ex+0x3b0/0x4e0 [ 245.600888][T11985] _copy_from_iter+0x21f/0x1e70 [ 245.600909][T11985] ? __virt_addr_valid+0x183/0x530 [ 245.600930][T11985] ? __pfx_lock_release+0x10/0x10 [ 245.600958][T11985] ? __alloc_skb+0x28f/0x440 [ 245.600978][T11985] ? __pfx__copy_from_iter+0x10/0x10 [ 245.601003][T11985] ? __virt_addr_valid+0x183/0x530 [ 245.601024][T11985] ? __virt_addr_valid+0x183/0x530 [ 245.601041][T11985] ? __virt_addr_valid+0x45f/0x530 [ 245.616381][T11983] netlink: zone id is out of range [ 245.620747][T11985] ? __check_object_size+0x48e/0x900 [ 245.620781][T11985] netlink_sendmsg+0x73d/0xcb0 [ 245.620811][T11985] ? __pfx_netlink_sendmsg+0x10/0x10 [ 245.620832][T11985] ? aa_sock_msg_perm+0x91/0x160 [ 245.620855][T11985] ? __pfx_netlink_sendmsg+0x10/0x10 [ 245.620872][T11985] __sock_sendmsg+0x221/0x270 [ 245.620898][T11985] ____sys_sendmsg+0x52a/0x7e0 [ 245.620926][T11985] ? __pfx_____sys_sendmsg+0x10/0x10 [ 245.620946][T11985] ? __fget_files+0x2a/0x410 [ 245.620965][T11985] ? __fget_files+0x2a/0x410 [ 245.620989][T11985] __sys_sendmsg+0x269/0x350 [ 245.621009][T11985] ? __pfx_lock_release+0x10/0x10 [ 245.621033][T11985] ? __pfx___sys_sendmsg+0x10/0x10 [ 245.621063][T11985] ? __pfx_vfs_write+0x10/0x10 [ 245.621109][T11985] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 245.621129][T11985] ? do_syscall_64+0x100/0x230 [ 245.626435][T11983] netlink: zone id is out of range [ 245.631224][T11985] ? do_syscall_64+0xb6/0x230 [ 245.631249][T11985] do_syscall_64+0xf3/0x230 [ 245.631267][T11985] ? clear_bhb_loop+0x35/0x90 [ 245.631290][T11985] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.631309][T11985] RIP: 0033:0x7fbe58d7ff19 [ 245.631327][T11985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 245.631345][T11985] RSP: 002b:00007fbe59b08058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 245.631368][T11985] RAX: ffffffffffffffda RBX: 00007fbe58f45fa0 RCX: 00007fbe58d7ff19 [ 245.631384][T11985] RDX: 0000000020000040 RSI: 0000000020000040 RDI: 0000000000000004 [ 245.631397][T11985] RBP: 00007fbe59b080a0 R08: 0000000000000000 R09: 0000000000000000 [ 245.631409][T11985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 245.631421][T11985] R13: 0000000000000000 R14: 00007fbe58f45fa0 R15: 00007ffc88583d38 [ 245.631448][T11985] [ 245.706198][T11990] netlink: 'syz.1.2183': attribute type 10 has an invalid length. [ 245.855894][T11983] netlink: zone id is out of range [ 245.861602][T11983] netlink: zone id is out of range [ 245.900773][T11991] ip6gre1: entered promiscuous mode [ 245.909330][T11991] ip6gre1: entered allmulticast mode [ 246.000228][T11990] 8021q: adding VLAN 0 to HW filter on device team0 [ 246.014615][T11990] bond0: (slave team0): Enslaving as an active interface with an up link [ 246.154815][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 246.172025][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 246.299615][ T5051] hsr_slave_0: left promiscuous mode [ 246.307081][ T5051] hsr_slave_1: left promiscuous mode [ 246.339661][ T5051] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 246.348199][ T5051] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 246.370174][ T5051] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 246.378361][ T5051] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 246.410069][ T5051] veth1_macvtap: left promiscuous mode [ 246.418164][ T5051] veth0_macvtap: left promiscuous mode [ 246.437771][ T5051] veth1_vlan: left promiscuous mode [ 246.454340][ T5051] veth0_vlan: left promiscuous mode [ 247.059509][ T5833] Bluetooth: hci1: command tx timeout [ 247.157032][ T5051] team0 (unregistering): Port device team_slave_1 removed [ 247.203371][ T5051] team0 (unregistering): Port device team_slave_0 removed [ 247.714173][T12020] netlink: 'syz.1.2189': attribute type 10 has an invalid length. [ 247.733527][T12020] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2189'. [ 247.757053][T12020] ax25_connect(): syz.1.2189 uses autobind, please contact jreuter@yaina.de [ 247.882269][T12028] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2190'. [ 248.103405][T12036] net_ratelimit: 13 callbacks suppressed [ 248.103426][T12036] openvswitch: netlink: VXLAN extension 0 has unexpected len 3 expected 0 [ 249.054789][T12065] netlink: 'syz.4.2203': attribute type 10 has an invalid length. [ 249.074007][T12065] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2203'. [ 249.113804][T12067] ax25_connect(): syz.4.2203 uses autobind, please contact jreuter@yaina.de [ 249.130427][T12065] bridge0: port 5(batadv0) entered blocking state [ 249.147897][ T5833] Bluetooth: hci1: command tx timeout [ 249.159090][T12065] bridge0: port 5(batadv0) entered disabled state [ 249.178995][T12065] batadv0: entered allmulticast mode [ 249.211172][T12065] batadv0: entered promiscuous mode [ 249.218284][T12065] bridge0: port 5(batadv0) entered blocking state [ 249.224871][T12065] bridge0: port 5(batadv0) entered forwarding state [ 249.284749][T11904] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 249.340873][T11904] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 249.358866][T12072] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2205'. [ 249.390829][T11904] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 249.445149][T11904] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 249.471964][ T52] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 249.481591][ T52] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 249.645928][T11904] 8021q: adding VLAN 0 to HW filter on device bond0 [ 249.675841][T11904] 8021q: adding VLAN 0 to HW filter on device team0 [ 249.701760][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.708907][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 249.789752][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 249.796931][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 249.875777][T11904] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 250.220635][T12106] FAULT_INJECTION: forcing a failure. [ 250.220635][T12106] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 250.235440][T11904] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 250.246376][T12104] xt_CT: No such helper "pptp" [ 250.253738][T12106] CPU: 1 UID: 0 PID: 12106 Comm: syz.4.2217 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 250.264543][T12106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 250.274643][T12106] Call Trace: [ 250.277963][T12106] [ 250.280920][T12106] dump_stack_lvl+0x241/0x360 [ 250.285638][T12106] ? __pfx_dump_stack_lvl+0x10/0x10 [ 250.290884][T12106] ? __pfx__printk+0x10/0x10 [ 250.295521][T12106] ? __pfx_lock_release+0x10/0x10 [ 250.295731][T11904] veth0_vlan: entered promiscuous mode [ 250.300551][T12106] ? __lock_acquire+0x1397/0x2100 [ 250.300583][T12106] should_fail_ex+0x3b0/0x4e0 [ 250.300607][T12106] _copy_from_user+0x2f/0xc0 [ 250.300633][T12106] kstrtouint_from_user+0xc6/0x190 [ 250.323314][T11904] veth1_vlan: entered promiscuous mode [ 250.325467][T12106] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 250.325503][T12106] ? __pfx_lock_acquire+0x10/0x10 [ 250.341743][T12106] proc_fail_nth_write+0xaa/0x2d0 [ 250.346802][T12106] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 250.352741][T12106] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 250.358415][T12106] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 250.364089][T12106] vfs_write+0x2a3/0xd30 [ 250.365553][T11904] veth0_macvtap: entered promiscuous mode [ 250.368350][T12106] ? __pfx_vfs_write+0x10/0x10 [ 250.368383][T12106] ? __fget_files+0x2a/0x410 [ 250.368403][T12106] ? __fget_files+0x395/0x410 [ 250.368420][T12106] ? __fget_files+0x2a/0x410 [ 250.380737][T11904] veth1_macvtap: entered promiscuous mode [ 250.383462][T12106] ksys_write+0x18f/0x2b0 [ 250.383495][T12106] ? __pfx_ksys_write+0x10/0x10 [ 250.405278][T11904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 250.407621][T12106] ? do_syscall_64+0x100/0x230 [ 250.407657][T12106] ? do_syscall_64+0xb6/0x230 [ 250.407677][T12106] do_syscall_64+0xf3/0x230 [ 250.407695][T12106] ? clear_bhb_loop+0x35/0x90 [ 250.407718][T12106] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.407737][T12106] RIP: 0033:0x7fdcfe17e9cf [ 250.407755][T12106] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 250.407772][T12106] RSP: 002b:00007fdcfef73050 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 250.419525][T11904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.422916][T12106] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fdcfe17e9cf [ 250.422935][T12106] RDX: 0000000000000001 RSI: 00007fdcfef730b0 RDI: 0000000000000005 [ 250.422949][T12106] RBP: 00007fdcfef730a0 R08: 0000000000000000 R09: 0000000000000027 [ 250.422962][T12106] R10: 0000000000000011 R11: 0000000000000293 R12: 0000000000000001 [ 250.422975][T12106] R13: 0000000000000001 R14: 00007fdcfe346080 R15: 00007fff69dfddb8 [ 250.429391][T11904] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 250.432137][T12106] [ 250.558355][T11904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 250.572600][T11904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.594266][T11904] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 250.609730][T11904] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.624319][T11904] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.638950][T11904] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.674873][T12114] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2218'. [ 250.676398][T11904] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.837392][ T3493] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 250.857814][ T3493] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 250.906222][ T3493] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 250.924542][ T3493] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 250.972156][T12121] ebt_among: dst integrity fail: 101 [ 251.329291][T12131] batadv_slave_1: entered promiscuous mode [ 251.493163][T12141] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2230'. [ 252.167866][T12131] batadv_slave_1: left promiscuous mode [ 252.389753][T12161] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2237'. [ 252.563954][ T8885] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 253.059957][T12164] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2241'. [ 253.127038][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 253.138811][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 253.297267][T12178] netlink: 'syz.2.2244': attribute type 11 has an invalid length. [ 253.350612][T12180] sch_tbf: burst 1399 is lower than device veth0_to_team mtu (1514) ! [ 253.379184][T12182] netlink: 'syz.0.2246': attribute type 21 has an invalid length. [ 253.612656][T12197] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2248'. [ 253.650239][T12200] FAULT_INJECTION: forcing a failure. [ 253.650239][T12200] name failslab, interval 1, probability 0, space 0, times 0 [ 253.662623][T12194] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2251'. [ 253.663425][T12200] CPU: 1 UID: 0 PID: 12200 Comm: syz.4.2252 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 253.682919][T12200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 253.693169][T12200] Call Trace: [ 253.696461][T12200] [ 253.699409][T12200] dump_stack_lvl+0x241/0x360 [ 253.704110][T12200] ? __pfx_dump_stack_lvl+0x10/0x10 [ 253.709334][T12200] ? __pfx__printk+0x10/0x10 [ 253.713951][T12200] ? __kmalloc_cache_noprof+0x48/0x390 [ 253.719444][T12200] ? __pfx___might_resched+0x10/0x10 [ 253.724756][T12200] ? rxrpc_lookup_local+0xb8/0x1890 [ 253.729986][T12200] should_fail_ex+0x3b0/0x4e0 [ 253.734672][T12200] should_failslab+0xac/0x100 [ 253.739352][T12200] __kmalloc_cache_noprof+0x70/0x390 [ 253.744637][T12200] ? rxrpc_lookup_local+0x54e/0x1890 [ 253.749931][T12200] rxrpc_lookup_local+0x54e/0x1890 [ 253.755056][T12200] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 253.761036][T12200] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 253.767359][T12200] ? __pfx_rxrpc_lookup_local+0x10/0x10 [ 253.772907][T12200] ? __local_bh_enable_ip+0x168/0x200 [ 253.778280][T12200] ? lockdep_hardirqs_on+0x99/0x150 [ 253.783479][T12200] ? __local_bh_enable_ip+0x168/0x200 [ 253.788853][T12200] ? rxrpc_sendmsg+0x127/0x920 [ 253.793614][T12200] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 253.799338][T12200] ? do_raw_spin_unlock+0x13c/0x8b0 [ 253.804539][T12200] rxrpc_sendmsg+0x4d9/0x920 [ 253.809135][T12200] ? __pfx_rxrpc_sendmsg+0x10/0x10 [ 253.814247][T12200] __sock_sendmsg+0x221/0x270 [ 253.818932][T12200] ____sys_sendmsg+0x52a/0x7e0 [ 253.823704][T12200] ? __pfx_____sys_sendmsg+0x10/0x10 [ 253.828989][T12200] ? __fget_files+0x2a/0x410 [ 253.833582][T12200] ? __fget_files+0x2a/0x410 [ 253.838183][T12200] __sys_sendmsg+0x269/0x350 [ 253.842772][T12200] ? __pfx_lock_release+0x10/0x10 [ 253.847798][T12200] ? __pfx___sys_sendmsg+0x10/0x10 [ 253.852917][T12200] ? __pfx_vfs_write+0x10/0x10 [ 253.857704][T12200] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 253.864028][T12200] ? do_syscall_64+0x100/0x230 [ 253.868789][T12200] ? do_syscall_64+0xb6/0x230 [ 253.873460][T12200] do_syscall_64+0xf3/0x230 [ 253.877958][T12200] ? clear_bhb_loop+0x35/0x90 [ 253.882635][T12200] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.888535][T12200] RIP: 0033:0x7fdcfe17ff19 [ 253.892946][T12200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 253.912575][T12200] RSP: 002b:00007fdcfef94058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 253.921003][T12200] RAX: ffffffffffffffda RBX: 00007fdcfe345fa0 RCX: 00007fdcfe17ff19 [ 253.928996][T12200] RDX: 000000000000ff00 RSI: 0000000020000000 RDI: 0000000000000004 [ 253.936982][T12200] RBP: 00007fdcfef940a0 R08: 0000000000000000 R09: 0000000000000000 [ 253.944957][T12200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 253.952933][T12200] R13: 0000000000000000 R14: 00007fdcfe345fa0 R15: 00007fff69dfddb8 [ 253.960923][T12200] [ 253.969901][ T5846] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 253.979227][ T5846] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 253.987103][ T5846] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 253.996300][ T5846] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 254.004002][ T5846] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 254.011362][ T5846] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 254.069233][ T8885] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.096018][T12191] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2250'. [ 254.130195][ T8883] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 254.138469][ T8883] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 254.319232][ T8885] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.502889][ T8885] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.546416][T12215] bond0: option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-rr(0) [ 254.694352][T12223] sch_tbf: burst 1399 is lower than device veth0_to_team mtu (1514) ! [ 254.734800][ T8885] bridge_slave_1: left allmulticast mode [ 254.757981][ T8885] bridge_slave_1: left promiscuous mode [ 254.769287][ T8885] bridge0: port 2(bridge_slave_1) entered disabled state [ 254.787282][ T8885] bridge_slave_0: left allmulticast mode [ 254.799845][ T8885] bridge_slave_0: left promiscuous mode [ 254.807104][ T8885] bridge0: port 1(bridge_slave_0) entered disabled state [ 255.236685][ T8885] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 255.249285][ T8885] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 255.260237][ T8885] bond0 (unregistering): Released all slaves [ 255.603478][T12195] chnl_net:caif_netlink_parms(): no params data found [ 255.915215][T12195] bridge0: port 1(bridge_slave_0) entered blocking state [ 255.928735][T12195] bridge0: port 1(bridge_slave_0) entered disabled state [ 255.940458][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.946081][T12260] sctp: [Deprecated]: syz.2.2271 (pid 12260) Use of int in max_burst socket option. [ 255.946081][T12260] Use struct sctp_assoc_value instead [ 255.962311][T12195] bridge_slave_0: entered allmulticast mode [ 255.979950][T12195] bridge_slave_0: entered promiscuous mode [ 256.014851][T12253] ip6gre1: entered promiscuous mode [ 256.026040][T12253] ip6gre1: entered allmulticast mode [ 256.079505][T12263] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2272'. [ 256.089228][T12195] bridge0: port 2(bridge_slave_1) entered blocking state [ 256.096499][T12195] bridge0: port 2(bridge_slave_1) entered disabled state [ 256.103881][ T5833] Bluetooth: hci1: command tx timeout [ 256.110940][T12195] bridge_slave_1: entered allmulticast mode [ 256.119261][T12195] bridge_slave_1: entered promiscuous mode [ 256.167248][ T8885] hsr_slave_0: left promiscuous mode [ 256.181809][ T8885] hsr_slave_1: left promiscuous mode [ 256.219873][ T8885] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 256.227339][ T8885] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 256.236520][T12267] netlink: 'syz.0.2273': attribute type 10 has an invalid length. [ 256.246200][ T8885] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 256.247955][T12267] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2273'. [ 256.257637][ T8885] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 256.292440][ T8885] veth1_macvtap: left promiscuous mode [ 256.301043][ T8885] veth0_macvtap: left promiscuous mode [ 256.317978][ T8885] veth1_vlan: left promiscuous mode [ 256.323386][ T8885] veth0_vlan: left promiscuous mode [ 256.784280][ T8885] team0 (unregistering): Port device team_slave_1 removed [ 256.836440][ T8885] team0 (unregistering): Port device team_slave_0 removed [ 257.250945][T12265] sch_tbf: burst 1399 is lower than device veth0_to_team mtu (1514) ! [ 257.407084][T12195] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 257.430318][T12195] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 257.544355][T12273] netlink: 'syz.0.2276': attribute type 2 has an invalid length. [ 257.582954][T12195] team0: Port device team_slave_0 added [ 257.623353][T12195] team0: Port device team_slave_1 added [ 257.668125][T12284] netlink: 'syz.0.2276': attribute type 10 has an invalid length. [ 257.743919][T12195] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 257.758894][T12195] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 257.819432][T12195] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 257.837364][T12195] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 257.846166][T12195] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 257.882182][T12195] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 257.944001][T12195] hsr_slave_0: entered promiscuous mode [ 257.951854][T12195] hsr_slave_1: entered promiscuous mode [ 257.958859][T12195] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 257.966829][T12195] Cannot create hsr debugfs directory [ 258.177918][ T5833] Bluetooth: hci1: command tx timeout [ 258.484435][T12195] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 258.507805][T12195] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 258.531175][T12195] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 258.552816][T12195] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 258.601306][T12302] netlink: 'syz.1.2287': attribute type 10 has an invalid length. [ 258.637607][T12302] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2287'. [ 258.660219][T12305] ax25_connect(): syz.1.2287 uses autobind, please contact jreuter@yaina.de [ 258.731233][T12195] 8021q: adding VLAN 0 to HW filter on device bond0 [ 258.795590][T12195] 8021q: adding VLAN 0 to HW filter on device team0 [ 258.831768][ T3493] bridge0: port 1(bridge_slave_0) entered blocking state [ 258.838945][ T3493] bridge0: port 1(bridge_slave_0) entered forwarding state [ 258.865578][ T3493] bridge0: port 2(bridge_slave_1) entered blocking state [ 258.872808][ T3493] bridge0: port 2(bridge_slave_1) entered forwarding state [ 258.956780][T12195] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 259.017568][T12195] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 259.313808][T12195] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 259.402115][T12195] veth0_vlan: entered promiscuous mode [ 259.437000][T12195] veth1_vlan: entered promiscuous mode [ 259.506728][T12195] veth0_macvtap: entered promiscuous mode [ 259.540631][T12195] veth1_macvtap: entered promiscuous mode [ 259.588145][T12195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 259.598921][T12195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 259.619991][T12195] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 259.651787][T12195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 259.667752][T12195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 259.688747][T12195] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 259.710297][T12195] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 259.719273][T12195] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 259.728095][T12195] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 259.736828][T12195] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 259.894554][T12348] ip6gre1: entered promiscuous mode [ 259.930823][T12348] ip6gre1: entered allmulticast mode [ 260.014538][ T8883] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 260.036940][ T8883] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 260.122959][ T8888] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 260.157668][ T8888] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 260.258123][ T5846] Bluetooth: hci1: command tx timeout [ 260.656940][T12368] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2312'. [ 260.667107][T12368] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2312'. [ 260.998672][T12380] openvswitch: netlink: nsh attribute has 65512 unknown bytes. [ 261.014968][T12380] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 261.448318][T12391] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2323'. [ 261.475807][T12391] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2323'. [ 261.624150][T12404] netlink: 1004 bytes leftover after parsing attributes in process `syz.1.2328'. [ 261.676751][T12401] openvswitch: netlink: VXLAN extension 0 has unexpected len 3 expected 0 [ 261.695802][T12406] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2329'. [ 261.779990][T12406] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2329'. [ 262.032184][T12416] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2333'. [ 262.439647][T12427] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2338'. [ 262.467629][T12427] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2338'. [ 262.604059][T12434] netlink: 1004 bytes leftover after parsing attributes in process `syz.4.2340'. [ 262.802429][T12445] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2341'. [ 263.067377][T12458] netlink: 'syz.0.2345': attribute type 10 has an invalid length. [ 263.088723][T12460] netlink: 'syz.4.2341': attribute type 4 has an invalid length. [ 264.135334][T12488] syzkaller0: entered promiscuous mode [ 264.146844][T12488] syzkaller0: entered allmulticast mode [ 264.155927][T12492] netlink: 'syz.4.2360': attribute type 10 has an invalid length. [ 266.977013][T12532] netlink: 'syz.2.2372': attribute type 10 has an invalid length. [ 266.986598][T12532] __nla_validate_parse: 5 callbacks suppressed [ 266.986625][T12532] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2372'. [ 267.816577][T12562] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2385'. [ 267.840111][T12556] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2383'. [ 267.860527][T12556] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2383'. [ 269.427875][ T5846] Bluetooth: hci4: link tx timeout [ 269.433565][ T5846] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 269.501844][T12619] sch_tbf: burst 1399 is lower than device veth0_to_team mtu (1514) ! [ 269.695736][T12627] FAULT_INJECTION: forcing a failure. [ 269.695736][T12627] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 269.716112][T12627] CPU: 0 UID: 0 PID: 12627 Comm: syz.0.2411 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 269.726928][T12627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 269.737010][T12627] Call Trace: [ 269.740337][T12627] [ 269.743294][T12627] dump_stack_lvl+0x241/0x360 [ 269.748052][T12627] ? __pfx_dump_stack_lvl+0x10/0x10 [ 269.753276][T12627] ? __pfx__printk+0x10/0x10 [ 269.757891][T12627] ? __pfx_lock_release+0x10/0x10 [ 269.762934][T12627] should_fail_ex+0x3b0/0x4e0 [ 269.767779][T12627] _copy_from_user+0x2f/0xc0 [ 269.772410][T12627] copy_msghdr_from_user+0xae/0x680 [ 269.777625][T12627] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 269.783449][T12627] ? __fget_files+0x2a/0x410 [ 269.788039][T12627] ? __fget_files+0x2a/0x410 [ 269.792637][T12627] __sys_sendmsg+0x209/0x350 [ 269.797231][T12627] ? __pfx_lock_release+0x10/0x10 [ 269.802519][T12627] ? __pfx___sys_sendmsg+0x10/0x10 [ 269.807638][T12627] ? __pfx_vfs_write+0x10/0x10 [ 269.812446][T12627] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 269.818795][T12627] ? do_syscall_64+0x100/0x230 [ 269.823570][T12627] ? do_syscall_64+0xb6/0x230 [ 269.828248][T12627] do_syscall_64+0xf3/0x230 [ 269.832758][T12627] ? clear_bhb_loop+0x35/0x90 [ 269.837528][T12627] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.843419][T12627] RIP: 0033:0x7f463837ff19 [ 269.847915][T12627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 269.867614][T12627] RSP: 002b:00007f46390a6058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 269.876029][T12627] RAX: ffffffffffffffda RBX: 00007f4638545fa0 RCX: 00007f463837ff19 [ 269.883993][T12627] RDX: 0000000000000080 RSI: 00000000200003c0 RDI: 0000000000000004 [ 269.892043][T12627] RBP: 00007f46390a60a0 R08: 0000000000000000 R09: 0000000000000000 [ 269.900040][T12627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 269.908015][T12627] R13: 0000000000000000 R14: 00007f4638545fa0 R15: 00007ffca12cc318 [ 269.916001][T12627] [ 269.989924][T12610] wg2: entered promiscuous mode [ 269.994966][T12610] wg2: entered allmulticast mode [ 270.636866][T12655] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2422'. [ 270.724982][T12657] sch_tbf: burst 1399 is lower than device veth0_to_team mtu (1514) ! [ 271.457590][ T5844] Bluetooth: hci4: command 0x0405 tx timeout [ 271.829143][T12690] sch_tbf: burst 1399 is lower than device veth0_to_team mtu (1514) ! [ 271.856740][T12667] FAULT_INJECTION: forcing a failure. [ 271.856740][T12667] name fail_futex, interval 1, probability 0, space 0, times 1 [ 271.880453][T12667] CPU: 0 UID: 0 PID: 12667 Comm: syz.0.2427 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 271.891453][T12667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 271.901544][T12667] Call Trace: [ 271.904839][T12667] [ 271.907823][T12667] dump_stack_lvl+0x241/0x360 [ 271.912538][T12667] ? __pfx_dump_stack_lvl+0x10/0x10 [ 271.917772][T12667] ? __pfx__printk+0x10/0x10 [ 271.922391][T12667] ? __pfx_register_lock_class+0x10/0x10 [ 271.928054][T12667] should_fail_ex+0x3b0/0x4e0 [ 271.932769][T12667] get_futex_key+0x1a4/0x1110 [ 271.937479][T12667] ? __pfx_get_futex_key+0x10/0x10 [ 271.942634][T12667] ? __lock_acquire+0x1397/0x2100 [ 271.947699][T12667] futex_wake+0x12a/0x5c0 [ 271.952077][T12667] ? __pfx_futex_wake+0x10/0x10 [ 271.957059][T12667] do_futex+0x392/0x560 [ 271.961255][T12667] ? __pfx_do_futex+0x10/0x10 [ 271.965965][T12667] ? __might_fault+0xaa/0x120 [ 271.970678][T12667] mm_release+0x193/0x430 [ 271.975046][T12667] ? exit_robust_list+0x2cf/0x2f0 [ 271.980113][T12667] ? __pfx_mm_release+0x10/0x10 [ 271.985010][T12667] ? _raw_spin_unlock_irq+0x23/0x50 [ 271.990378][T12667] ? lockdep_hardirqs_on+0x99/0x150 [ 271.995619][T12667] exit_mm+0xb0/0x310 [ 271.999632][T12667] ? __pfx_exit_mm+0x10/0x10 [ 272.004251][T12667] ? taskstats_exit+0x326/0xa60 [ 272.009141][T12667] do_exit+0x9b2/0x28e0 [ 272.013336][T12667] ? __pfx_do_exit+0x10/0x10 [ 272.017982][T12667] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 272.023388][T12667] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 272.029413][T12667] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 272.035770][T12667] ? _raw_spin_lock_irq+0xdf/0x120 [ 272.040926][T12667] do_group_exit+0x207/0x2c0 [ 272.045800][T12667] ? _raw_spin_unlock_irq+0x23/0x50 [ 272.051028][T12667] ? lockdep_hardirqs_on+0x99/0x150 [ 272.056267][T12667] get_signal+0x16b2/0x1750 [ 272.060819][T12667] ? __pfx_get_signal+0x10/0x10 [ 272.065724][T12667] arch_do_signal_or_restart+0x96/0x860 [ 272.071333][T12667] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 272.077535][T12667] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 272.083563][T12667] ? syscall_exit_to_user_mode+0xa3/0x340 [ 272.089330][T12667] syscall_exit_to_user_mode+0xce/0x340 [ 272.094916][T12667] do_syscall_64+0x100/0x230 [ 272.099542][T12667] ? clear_bhb_loop+0x35/0x90 [ 272.104252][T12667] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.110187][T12667] RIP: 0033:0x7f463837ff19 [ 272.114635][T12667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 272.134404][T12667] RSP: 002b:00007f46390a6058 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 272.142834][T12667] RAX: fffffffffffffe00 RBX: 00007f4638545fa0 RCX: 00007f463837ff19 [ 272.150825][T12667] RDX: 0400000000000284 RSI: 0000000020000040 RDI: 0000000000000003 [ 272.158801][T12667] RBP: 00007f46390a60a0 R08: 0000000000000000 R09: 0000000000000000 [ 272.166804][T12667] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 272.174791][T12667] R13: 0000000000000000 R14: 00007f4638545fa0 R15: 00007ffca12cc318 [ 272.176632][T12698] ip6gre1: entered promiscuous mode [ 272.182783][T12667] [ 272.207688][T12698] ip6gre1: entered allmulticast mode [ 273.621040][T12738] ip6gre1: entered promiscuous mode [ 273.637636][T12738] ip6gre1: entered allmulticast mode [ 273.948472][T12729] wg2: entered promiscuous mode [ 273.964504][T12729] wg2: entered allmulticast mode [ 274.463592][T12755] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2457'. [ 274.481142][T12755] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2457'. [ 274.556756][T12757] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2458'. [ 274.583519][T12757] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2458'. [ 274.606611][T12759] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2459'. [ 274.793915][T12764] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2462'. [ 274.826826][T12764] bridge3: port 1(bridge_slave_1) entered blocking state [ 274.835822][T12766] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2460'. [ 274.845504][T12764] bridge3: port 1(bridge_slave_1) entered disabled state [ 274.853015][T12764] bridge_slave_1: entered allmulticast mode [ 274.860255][T12764] bridge_slave_1: entered promiscuous mode [ 275.389489][T12789] bridge2: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 275.443939][T12791] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2472'. [ 275.467364][T12791] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2472'. [ 275.912813][T12810] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2475'. [ 275.949282][T12812] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 276.103953][T12819] FAULT_INJECTION: forcing a failure. [ 276.103953][T12819] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 276.117640][T12819] CPU: 0 UID: 0 PID: 12819 Comm: syz.2.2482 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 276.128522][T12819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 276.138580][T12819] Call Trace: [ 276.141853][T12819] [ 276.144783][T12819] dump_stack_lvl+0x241/0x360 [ 276.149476][T12819] ? __pfx_dump_stack_lvl+0x10/0x10 [ 276.154682][T12819] ? __pfx__printk+0x10/0x10 [ 276.159276][T12819] ? snprintf+0xda/0x120 [ 276.163522][T12819] should_fail_ex+0x3b0/0x4e0 [ 276.168216][T12819] _copy_to_user+0x31/0xb0 [ 276.172661][T12819] simple_read_from_buffer+0xca/0x150 [ 276.178054][T12819] proc_fail_nth_read+0x1e9/0x250 [ 276.183092][T12819] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 276.188642][T12819] ? rw_verify_area+0x55e/0x6f0 [ 276.193490][T12819] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 276.199041][T12819] vfs_read+0x1fc/0xb70 [ 276.203232][T12819] ? __pfx___mutex_lock+0x10/0x10 [ 276.208252][T12819] ? __pfx_vfs_read+0x10/0x10 [ 276.212931][T12819] ? __fget_files+0x2a/0x410 [ 276.217518][T12819] ? __fget_files+0x395/0x410 [ 276.222188][T12819] ? __fget_files+0x2a/0x410 [ 276.226780][T12819] ksys_read+0x18f/0x2b0 [ 276.231026][T12819] ? __pfx_ksys_read+0x10/0x10 [ 276.235789][T12819] ? do_syscall_64+0x100/0x230 [ 276.240555][T12819] ? do_syscall_64+0xb6/0x230 [ 276.245231][T12819] do_syscall_64+0xf3/0x230 [ 276.249734][T12819] ? clear_bhb_loop+0x35/0x90 [ 276.254412][T12819] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.260300][T12819] RIP: 0033:0x7f33af57e92c [ 276.264712][T12819] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 276.284318][T12819] RSP: 002b:00007f33b0383050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 276.292734][T12819] RAX: ffffffffffffffda RBX: 00007f33af745fa0 RCX: 00007f33af57e92c [ 276.300788][T12819] RDX: 000000000000000f RSI: 00007f33b03830b0 RDI: 0000000000000005 [ 276.308750][T12819] RBP: 00007f33b03830a0 R08: 0000000000000000 R09: 0000000000000000 [ 276.316713][T12819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 276.324677][T12819] R13: 0000000000000000 R14: 00007f33af745fa0 R15: 00007ffccf764c58 [ 276.332659][T12819] [ 276.387130][T12821] openvswitch: netlink: VXLAN extension 0 has unexpected len 3 expected 0 [ 276.387350][T12823] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check. [ 277.282453][T12863] ------------[ cut here ]------------ [ 277.288282][T12863] WARNING: CPU: 1 PID: 12863 at net/core/skbuff.c:1219 sk_skb_reason_drop+0x87/0x380 [ 277.297841][T12863] Modules linked in: [ 277.301773][T12863] CPU: 1 UID: 0 PID: 12863 Comm: syz.4.2497 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 277.312614][T12863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 277.322749][T12863] RIP: 0010:sk_skb_reason_drop+0x87/0x380 [ 277.328583][T12863] Code: 00 00 00 fc ff df 41 8d 9e 00 00 fc ff bf 01 00 fc ff 89 de e8 2a cc 0a f8 81 fb 00 00 fc ff 77 3a 4c 89 e5 e8 da c7 0a f8 90 <0f> 0b 90 eb 5e bf 01 00 00 00 89 ee e8 08 cc 0a f8 85 ed 0f 8e 49 [ 277.348289][T12863] RSP: 0018:ffffc9000b817078 EFLAGS: 00010202 [ 277.354450][T12863] RAX: ffffffff8994aa46 RBX: 00000000fffbffea RCX: ffff888026413c00 [ 277.362491][T12863] RDX: 0000000000000003 RSI: 00000000fffbffea RDI: 00000000fffc0001 [ 277.370574][T12863] RBP: dffffc0000000000 R08: ffffffff8994aa36 R09: 0000000000400000 [ 277.378617][T12863] R10: 0000000000003f38 R11: ffffed10044e4d0d R12: dffffc0000000000 [ 277.386621][T12863] R13: ffff888022726780 R14: 00000000ffffffea R15: 0000000000000000 [ 277.394624][T12863] FS: 00007fdcfef946c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 277.403610][T12863] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 277.410260][T12863] CR2: 0000001b30c1b000 CR3: 000000007cf58000 CR4: 00000000003526f0 [ 277.418296][T12863] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 277.426283][T12863] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 277.434274][T12863] Call Trace: [ 277.437593][T12863] [ 277.440548][T12863] ? __warn+0x165/0x4d0 [ 277.444729][T12863] ? sk_skb_reason_drop+0x87/0x380 [ 277.449910][T12863] ? report_bug+0x2b3/0x500 [ 277.454436][T12863] ? sk_skb_reason_drop+0x87/0x380 [ 277.459605][T12863] ? handle_bug+0x60/0x90 [ 277.463965][T12863] ? exc_invalid_op+0x1a/0x50 [ 277.468699][T12863] ? asm_exc_invalid_op+0x1a/0x20 [ 277.473742][T12863] ? sk_skb_reason_drop+0x76/0x380 [ 277.478896][T12863] ? sk_skb_reason_drop+0x86/0x380 [ 277.484036][T12863] ? sk_skb_reason_drop+0x87/0x380 [ 277.489214][T12863] ? sk_skb_reason_drop+0x86/0x380 [ 277.494340][T12863] ? ip_rcv_finish_core+0x129f/0x1b50 [ 277.499768][T12863] ip_rcv_finish_core+0xfde/0x1b50 [ 277.504927][T12863] ip_sublist_rcv+0x3b1/0xab0 [ 277.509679][T12863] ? __pfx_ip_sublist_rcv+0x10/0x10 [ 277.514897][T12863] ? skb_orphan+0xae/0xd0 [ 277.519287][T12863] ? __pfx_ip_rcv_finish+0x10/0x10 [ 277.524438][T12863] ip_list_rcv+0x42b/0x480 [ 277.528932][T12863] ? __pfx_ip_list_rcv+0x10/0x10 [ 277.533906][T12863] ? __pfx_ip_list_rcv+0x10/0x10 [ 277.538926][T12863] __netif_receive_skb_list_core+0x94e/0x980 [ 277.544951][T12863] ? __pfx___netif_receive_skb_list_core+0x10/0x10 [ 277.551541][T12863] ? netif_receive_skb_list_internal+0x4e8/0xe30 [ 277.557931][T12863] netif_receive_skb_list_internal+0xa51/0xe30 [ 277.564129][T12863] ? netif_receive_skb_list_internal+0x4e8/0xe30 [ 277.570536][T12863] ? __pfx_netif_receive_skb_list_internal+0x10/0x10 [ 277.577247][T12863] ? __pfx_eth_type_trans+0x10/0x10 [ 277.582583][T12863] ? __phys_addr+0xba/0x170 [ 277.587126][T12863] ? build_skb_around+0x111/0x260 [ 277.592195][T12863] ? __xdp_build_skb_from_frame+0x313/0x650 [ 277.598158][T12863] netif_receive_skb_list+0x55/0x4b0 [ 277.603471][T12863] bpf_test_run_xdp_live+0x1b9f/0x21f0 [ 277.608996][T12863] ? bpf_dispatcher_change_prog+0xd96/0xf20 [ 277.614932][T12863] ? bpf_test_run_xdp_live+0x5d6/0x21f0 [ 277.620639][T12863] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 277.626473][T12863] ? synchronize_rcu+0x11b/0x360 [ 277.631577][T12863] ? __pfx_synchronize_rcu+0x10/0x10 [ 277.636921][T12863] ? __pfx_bpf_dispatcher_change_prog+0x10/0x10 [ 277.643225][T12863] ? 0xffffffffa0000958 [ 277.647411][T12863] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 277.653375][T12863] ? _copy_from_user+0x99/0xc0 [ 277.658215][T12863] ? bpf_test_init+0x15a/0x180 [ 277.662994][T12863] ? xdp_convert_md_to_buff+0x5b/0x330 [ 277.668502][T12863] bpf_prog_test_run_xdp+0x805/0x11e0 [ 277.673915][T12863] ? __pfx_lock_release+0x10/0x10 [ 277.679017][T12863] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 277.684846][T12863] ? __fget_files+0x2a/0x410 [ 277.689485][T12863] ? __fget_files+0x2a/0x410 [ 277.694116][T12863] ? fput+0x21b/0x290 [ 277.698154][T12863] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 277.703986][T12863] bpf_prog_test_run+0x2e4/0x360 [ 277.708997][T12863] __sys_bpf+0x48d/0x810 [ 277.713278][T12863] ? __pfx___sys_bpf+0x10/0x10 [ 277.718122][T12863] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 277.724133][T12863] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 277.730524][T12863] ? do_syscall_64+0x100/0x230 [ 277.735323][T12863] __x64_sys_bpf+0x7c/0x90 [ 277.739823][T12863] do_syscall_64+0xf3/0x230 [ 277.744347][T12863] ? clear_bhb_loop+0x35/0x90 [ 277.749071][T12863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.755076][T12863] RIP: 0033:0x7fdcfe17ff19 [ 277.759565][T12863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 277.779255][T12863] RSP: 002b:00007fdcfef94058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 277.787746][T12863] RAX: ffffffffffffffda RBX: 00007fdcfe345fa0 RCX: 00007fdcfe17ff19 [ 277.795748][T12863] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a [ 277.803768][T12863] RBP: 00007fdcfe1f3cc8 R08: 0000000000000000 R09: 0000000000000000 [ 277.811867][T12863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 277.819897][T12863] R13: 0000000000000000 R14: 00007fdcfe345fa0 R15: 00007fff69dfddb8 [ 277.828213][T12863] [ 277.831261][T12863] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 277.838566][T12863] CPU: 1 UID: 0 PID: 12863 Comm: syz.4.2497 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 [ 277.849350][T12863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 277.859421][T12863] Call Trace: [ 277.862721][T12863] [ 277.865658][T12863] dump_stack_lvl+0x241/0x360 [ 277.870360][T12863] ? __pfx_dump_stack_lvl+0x10/0x10 [ 277.875597][T12863] ? __pfx__printk+0x10/0x10 [ 277.880226][T12863] ? vscnprintf+0x5d/0x90 [ 277.884586][T12863] panic+0x349/0x880 [ 277.888505][T12863] ? __warn+0x174/0x4d0 [ 277.892687][T12863] ? __pfx_panic+0x10/0x10 [ 277.897154][T12863] __warn+0x344/0x4d0 [ 277.901165][T12863] ? sk_skb_reason_drop+0x87/0x380 [ 277.906316][T12863] report_bug+0x2b3/0x500 [ 277.910675][T12863] ? sk_skb_reason_drop+0x87/0x380 [ 277.915814][T12863] handle_bug+0x60/0x90 [ 277.919996][T12863] exc_invalid_op+0x1a/0x50 [ 277.924522][T12863] asm_exc_invalid_op+0x1a/0x20 [ 277.929397][T12863] RIP: 0010:sk_skb_reason_drop+0x87/0x380 [ 277.935150][T12863] Code: 00 00 00 fc ff df 41 8d 9e 00 00 fc ff bf 01 00 fc ff 89 de e8 2a cc 0a f8 81 fb 00 00 fc ff 77 3a 4c 89 e5 e8 da c7 0a f8 90 <0f> 0b 90 eb 5e bf 01 00 00 00 89 ee e8 08 cc 0a f8 85 ed 0f 8e 49 [ 277.954790][T12863] RSP: 0018:ffffc9000b817078 EFLAGS: 00010202 [ 277.960893][T12863] RAX: ffffffff8994aa46 RBX: 00000000fffbffea RCX: ffff888026413c00 [ 277.968890][T12863] RDX: 0000000000000003 RSI: 00000000fffbffea RDI: 00000000fffc0001 [ 277.976886][T12863] RBP: dffffc0000000000 R08: ffffffff8994aa36 R09: 0000000000400000 [ 277.984882][T12863] R10: 0000000000003f38 R11: ffffed10044e4d0d R12: dffffc0000000000 [ 277.992870][T12863] R13: ffff888022726780 R14: 00000000ffffffea R15: 0000000000000000 [ 278.000859][T12863] ? sk_skb_reason_drop+0x76/0x380 [ 278.005986][T12863] ? sk_skb_reason_drop+0x86/0x380 [ 278.011114][T12863] ? sk_skb_reason_drop+0x86/0x380 [ 278.016257][T12863] ? ip_rcv_finish_core+0x129f/0x1b50 [ 278.021649][T12863] ip_rcv_finish_core+0xfde/0x1b50 [ 278.026860][T12863] ip_sublist_rcv+0x3b1/0xab0 [ 278.031589][T12863] ? __pfx_ip_sublist_rcv+0x10/0x10 [ 278.036814][T12863] ? skb_orphan+0xae/0xd0 [ 278.041163][T12863] ? __pfx_ip_rcv_finish+0x10/0x10 [ 278.046313][T12863] ip_list_rcv+0x42b/0x480 [ 278.050772][T12863] ? __pfx_ip_list_rcv+0x10/0x10 [ 278.055740][T12863] ? __pfx_ip_list_rcv+0x10/0x10 [ 278.060685][T12863] __netif_receive_skb_list_core+0x94e/0x980 [ 278.066693][T12863] ? __pfx___netif_receive_skb_list_core+0x10/0x10 [ 278.073218][T12863] ? netif_receive_skb_list_internal+0x4e8/0xe30 [ 278.079569][T12863] netif_receive_skb_list_internal+0xa51/0xe30 [ 278.085780][T12863] ? netif_receive_skb_list_internal+0x4e8/0xe30 [ 278.092156][T12863] ? __pfx_netif_receive_skb_list_internal+0x10/0x10 [ 278.098865][T12863] ? __pfx_eth_type_trans+0x10/0x10 [ 278.104084][T12863] ? __phys_addr+0xba/0x170 [ 278.108596][T12863] ? build_skb_around+0x111/0x260 [ 278.113656][T12863] ? __xdp_build_skb_from_frame+0x313/0x650 [ 278.119589][T12863] netif_receive_skb_list+0x55/0x4b0 [ 278.124913][T12863] bpf_test_run_xdp_live+0x1b9f/0x21f0 [ 278.130402][T12863] ? bpf_dispatcher_change_prog+0xd96/0xf20 [ 278.136352][T12863] ? bpf_test_run_xdp_live+0x5d6/0x21f0 [ 278.141946][T12863] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 278.147781][T12863] ? synchronize_rcu+0x11b/0x360 [ 278.152761][T12863] ? __pfx_synchronize_rcu+0x10/0x10 [ 278.158103][T12863] ? __pfx_bpf_dispatcher_change_prog+0x10/0x10 [ 278.164377][T12863] ? 0xffffffffa0000958 [ 278.168572][T12863] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 278.174507][T12863] ? _copy_from_user+0x99/0xc0 [ 278.179305][T12863] ? bpf_test_init+0x15a/0x180 [ 278.184094][T12863] ? xdp_convert_md_to_buff+0x5b/0x330 [ 278.189581][T12863] bpf_prog_test_run_xdp+0x805/0x11e0 [ 278.194985][T12863] ? __pfx_lock_release+0x10/0x10 [ 278.200050][T12863] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 278.205885][T12863] ? __fget_files+0x2a/0x410 [ 278.210509][T12863] ? __fget_files+0x2a/0x410 [ 278.215129][T12863] ? fput+0x21b/0x290 [ 278.219133][T12863] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 278.224973][T12863] bpf_prog_test_run+0x2e4/0x360 [ 278.229943][T12863] __sys_bpf+0x48d/0x810 [ 278.234304][T12863] ? __pfx___sys_bpf+0x10/0x10 [ 278.239108][T12863] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 278.245122][T12863] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 278.251485][T12863] ? do_syscall_64+0x100/0x230 [ 278.256245][T12863] __x64_sys_bpf+0x7c/0x90 [ 278.260676][T12863] do_syscall_64+0xf3/0x230 [ 278.265202][T12863] ? clear_bhb_loop+0x35/0x90 [ 278.269904][T12863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.275810][T12863] RIP: 0033:0x7fdcfe17ff19 [ 278.280239][T12863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 278.299960][T12863] RSP: 002b:00007fdcfef94058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 278.308405][T12863] RAX: ffffffffffffffda RBX: 00007fdcfe345fa0 RCX: 00007fdcfe17ff19 [ 278.316384][T12863] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a [ 278.324362][T12863] RBP: 00007fdcfe1f3cc8 R08: 0000000000000000 R09: 0000000000000000 [ 278.332368][T12863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 278.340356][T12863] R13: 0000000000000000 R14: 00007fdcfe345fa0 R15: 00007fff69dfddb8 [ 278.348350][T12863] [ 278.351682][T12863] Kernel Offset: disabled [ 278.356034][T12863] Rebooting in 86400 seconds..