last executing test programs: 2.73247881s ago: executing program 2 (id=2750): r0 = socket(0x10, 0x803, 0x0) unshare(0x60480) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x24e580, 0x0) pwritev(r1, 0x0, 0x0, 0x0, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$netlbl_calipso(0x0, r4) sendmsg$NLBL_CALIPSO_C_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r5, 0x125, 0x0, 0x0, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x24}}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'veth1_to_bridge\x00', 0x0}) sendmsg$nl_route(r6, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f00000009c0)=@RTM_GETMDB={0x18, 0x56, 0x1, 0x0, 0x0, {0x7, r8}}, 0x18}}, 0x0) sendmsg$NLBL_CALIPSO_C_REMOVE(r2, &(0x7f0000000180)={0x0, 0x4000000, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000bc67a10fc7c2a2c1bc9a27631ff59408000000000000004d6b4d83d60e787ac9e2e67c0e691620c52548d856216ff1deb9655fa2abce148ce27316125965a16aed720dd0cadcdb911aad55", @ANYRES16=r5, @ANYBLOB="01000000000000000000020000000800010003000000"], 0x1c}}, 0x0) socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes-generic)\x00'}, 0x58) r9 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r9, 0x8922, &(0x7f0000000280)={'gretap0\x00', 0x7f}) r10 = socket(0x10, 0x2, 0x0) write(r10, &(0x7f0000000000)="240000001e005f80004000000000000002000000000000000000080008000100000000ff", 0x24) ioctl$PPPOEIOCSFWD(r10, 0x4008b100, &(0x7f0000000000)={0x18, 0x0, {0x4, @remote, 'netpci0\x00'}}) r11 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r11, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)={0x28, 0x2c, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid}, @nested={0x9, 0x0, 0x0, 0x1, [@generic="976b640868"]}, @nested={0x4, 0x1}]}, 0x28}], 0x1}, 0x0) sendmsg$NL80211_CMD_STOP_AP(r0, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f00000028c0)={0x0, 0x28}}, 0x0) accept$packet(r0, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14) r13 = socket$nl_route(0x10, 0x3, 0x0) r14 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r14, 0x8933, &(0x7f0000000040)) sendmsg$nl_route(r13, &(0x7f0000000280)={0x0, 0x19, &(0x7f0000000140)={&(0x7f00000003c0)=@mpls_getroute={0xd8, 0x1a, 0x20, 0x70bd2b, 0x25dfdbfb, {0x1c, 0x10, 0x0, 0x7, 0xfe, 0x4, 0xff, 0x1, 0x2900}, [@RTA_TTL_PROPAGATE={0x5, 0x1a, 0x4}, @RTA_OIF={0x8, 0x4, r12}, @RTA_NEWDST={0x84, 0x13, [{0x5, 0x0, 0x1}, {0x26a9}, {0x3, 0x0, 0x1}, {0x2}, {0x7, 0x0, 0x1}, {0x8}, {0xfe5, 0x0, 0x1}, {0x5}, {0x7}, {0x8000}, {0x4}, {0xfc67}, {0x5, 0x0, 0x1}, {0x9, 0x0, 0x1}, {0x400, 0x0, 0x1}, {0x776f, 0x0, 0x1}, {0xb, 0x0, 0x1}, {0x6, 0x0, 0x1}, {0x38, 0x0, 0x1}, {0x4}, {0x6}, {0x8}, {0x3}, {0x200, 0x0, 0x1}, {0xffffa}, {0x7}, {0x7}, {0x3}, {0x0, 0x0, 0x1}, {0x3}, {0x8af87}, {0x7}]}, @RTA_DST={0x8}, @RTA_MULTIPATH={0xc, 0x9, {0x4000, 0x30, 0x5}}, @RTA_MULTIPATH={0xc, 0x9, {0x7, 0x11, 0x2}}, @RTA_TTL_PROPAGATE={0x5, 0x1a, 0x8}]}, 0xd8}}, 0x0) 2.606234882s ago: executing program 4 (id=2753): sendto$inet6(0xffffffffffffffff, &(0x7f0000000b00)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5a427a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd80000804de5bed98201110200b896c0000e89f68bc13bfe653b24741c7f0c35ad2c01a25810c07e95223b94bd5462b2e3bee12a44aa61278e6dac9e255bf014c3563a25f69fb06b22793a1fd077e19f49854081b2bd24a0072099262f1add7dd5bf2f71712e4b39111d2e99aa99472fbb229e7a3d0a60f537b53293b94c81d06dd10f2de333076390da1b73b791f8d8378060cf9e06b779d77ca55be6e02cb20dd0b7d9ca35b058fb968257c320f0a076544dec7156cee66047ddf43be9f0456871541843124a5d98d64232284ed23ec914a8a89b9573326de20cdd798417c6fe9b299adab1fc6c9c11ba48d3ab51c0daffd70fb8418ddf767c79370a1da6c771177b1ca5a3ed0f46d262b56904b4d83349a56cd6240400b02a3fca4248a845db9c96e84e3945a8b42e7e09e18211f748f4401a6e04e210992500"/400, 0x190, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0xfffffffd, 0x0, 0xdd}, 0x10}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000300)=ANY=[@ANYRESHEX, @ANYRESDEC=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000d40)={@ifindex, 0x24, 0x0, 0x0, &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xa, 0x0, &(0x7f0000000780)=[0x0], &(0x7f0000000cc0), &(0x7f0000000d00)=[0x0, 0x0, 0x0, 0x0]}, 0x40) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000280)='netlink_extack\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="850000002a0000003500000000000000850000000500000095000000000000001b90b31a08f54ff40571eda5c56ad924a10c7b1e6003c9325fea577f8e56fe212b358f1d0838c8119ed74e74552ce4e6c8093375e35c8250f448a6a31260c2f9fbb70400000000000000b08b7aab5fd5d24dcff1ca14025b73c2da8f550900000000000000c340b111fcee90d6d90100000001000000babdee5b76635ce4f35f985e434196b5699ba66b9cb05e5259a1f61cafa3586a2228c4581dc29931a4ca0f4967706596014dc06b99b9c9ba49b34e516e0baed5cca7aeeb0d5dcdce0900000000000100ef363c9f5ca80b125dabc3adab1179388e76c44e7328318078af6a0a1a248a7b2ca42a05f4b033e9"], &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f0000000180)=""/153}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r3, 0x0, 0xe, 0x0, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0xa68, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000004c659ce0544fa42131c3a31517b7be5338a8baab4b6d1a7912c2c5fe5a2d7ba02d0cc9488749a3834b374f39841b36f740af9707c9c71cdf691c985735bdfa709bbbcc936c96b678ebc513517157cdfa455c1eed79773e71c973fd64"], &(0x7f00000000c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003200)='netlink_extack\x00', r4}, 0x10) r5 = socket(0x200000000000011, 0x4000000000080002, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) bind$packet(r5, &(0x7f0000000240)={0x11, 0xf5, r7, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendmsg$inet(r5, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000000200)}, 0x8010) socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2b, 0x1, 0x0, 0x0, "", [@nested={0x104, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8cd1"]}]}, 0x114}], 0x1}, 0x20004080) 2.514081452s ago: executing program 2 (id=2755): r0 = epoll_create1(0x0) r1 = socket$unix(0x1, 0x1, 0x0) close(r1) socket(0x1d, 0x2, 0x6) setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0xa0028000}) r2 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r2, 0x0, 0x0, 0x9c8c4, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r2, &(0x7f0000000780)="0d0ad7c36d6617110e434332d6ac582208222cfb7c37ce1148f448455bc37f5f70c92774dcb201629979039d7c8943b207e5bdf9ab8e", 0x36, 0x6d91fb6102d8d9cc, 0x0, 0x0) r3 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, &(0x7f0000000180)={0xffffffffffffffff}) sendmsg$inet(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000200)='R', 0x1}], 0x1}, 0x0) sendto$inet6(r2, &(0x7f0000000e00)="dd11fa62c01f7cef67f2a127346208", 0xf, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x2012, r5, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r6, &(0x7f0000000740)=ANY=[], 0xfffffc8f) recvfrom(r2, &(0x7f0000001a80)=""/4096, 0x1000, 0x0, 0x0, 0x0) 2.338981393s ago: executing program 4 (id=2758): socket$netlink(0x10, 0x3, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) write$binfmt_script(r1, 0x0, 0xfffffe5d) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="3c00000010008506000000ff0100000000000000", @ANYRES32=r2, @ANYBLOB="01ff00e1c2ed00001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) socket$tipc(0x1e, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00'}, 0x10) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0108000000000000000001000000f200010073797a300000000070000000090a0133f1340b00a9ce6edc0400000000000000000100000008000ac0000000000900020073797a31000000000900010073797a30000000000800054000000025340011800a0001086c696d6974000000240002800c0001000000fd44c5509039266954833712120000000004000c0002000000ff0000000000000040fffffff9140000001000010100000000000000000000000a96a2bbcc67ba72776f5ca3952efbf736a4cbf333207703bdae4df20ee73be1976f1e565da4e22a17d1bd6cfbcc60ea095e08592569e5a21655f0bd6ac1c3be43ba0ca74299a33105ddd34bcbad23096129e0f4cc805cdfb648104684779fc6a65c3aac1edccf971d723d419f201e6be8b657851ca67e0f3d2a38fd8442e5a6d094ff27a6c49933d7474bce236b68dd58caef86000b2dcc7a498efbbc53169f96b32935c0f65f0db1d2a32c042e85a6b6c78cfe0afde07e600099225fbc947d0ee57308b3add2e2b74dd3ce051699541ed063f1ae03c57aa8f816d8cdc9e600"], 0xb8}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) r6 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x4, &(0x7f0000000900)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a200000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x70, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000b40)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="350b00000000000000000d000f000c00018008000100", @ANYRES32=r7], 0x20}}, 0x0) r8 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=@migrate={0xec, 0x21, 0x1, 0x0, 0x25dfdbff, {{@in=@multicast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}, [@migrate={0x9c, 0x11, [{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in=@broadcast, @in=@private=0xa010101, @in=@dev={0xac, 0x14, 0x14, 0x23}, 0x32, 0x0, 0x0, 0x0, 0x0, 0xa}, {@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in=@loopback, @in=@empty, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x2, 0x0, 0x0, 0x0, 0xa}]}]}, 0xec}}, 0x40008c0) socket$inet6_udp(0xa, 0x2, 0x0) r9 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'team_slave_1\x00'}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}}, 0x0) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000400)={'wlan0\x00', 0x0}) r13 = openat$tun(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r13, 0x400454ca, &(0x7f0000002280)={'pim6reg0\x00', 0x2102}) ioctl$TUNSETQUEUE(r13, 0x400454d9, &(0x7f0000000080)={'ip6tnl0\x00', 0x400}) ioctl$TUNSETQUEUE(r13, 0x400454e2, &(0x7f0000000240)={'xfrm0\x00'}) sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r10, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="0100ffffffff000000003b00000008000300", @ANYRES32=r12, @ANYBLOB="0a0006000814110000010000060066008e8800001c0033"], 0x4c}}, 0x0) 1.691477368s ago: executing program 4 (id=2766): socket$alg(0x26, 0x5, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) socket$rds(0x15, 0x5, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_udp(0xa, 0x2, 0x0) socket$packet(0x11, 0x4000000000002, 0x300) socket$inet6_sctp(0xa, 0x5, 0x84) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$alg(0x26, 0x5, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) socket(0x2a, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0x4, 0x4, 0x1, 0xffffffffffffffff, 0x1000}, 0x48) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r3}, 0x20) close(0x3) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r4 = socket$can_bcm(0x1d, 0x2, 0x2) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) sendmsg$can_bcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000500)=ANY=[@ANYBLOB="050000000300000000a9de51", @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r0, 0x6, 0x15, &(0x7f0000000040)=0x101, 0x4) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="93630100200501001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32=r5, @ANYBLOB, @ANYRES8=r2], 0x4c}}, 0x0) 1.627925026s ago: executing program 1 (id=2768): sendto$inet6(0xffffffffffffffff, &(0x7f0000000b00)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5a427a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd80000804de5bed98201110200b896c0000e89f68bc13bfe653b24741c7f0c35ad2c01a25810c07e95223b94bd5462b2e3bee12a44aa61278e6dac9e255bf014c3563a25f69fb06b22793a1fd077e19f49854081b2bd24a0072099262f1add7dd5bf2f71712e4b39111d2e99aa99472fbb229e7a3d0a60f537b53293b94c81d06dd10f2de333076390da1b73b791f8d8378060cf9e06b779d77ca55be6e02cb20dd0b7d9ca35b058fb968257c320f0a076544dec7156cee66047ddf43be9f0456871541843124a5d98d64232284ed23ec914a8a89b9573326de20cdd798417c6fe9b299adab1fc6c9c11ba48d3ab51c0daffd70fb8418ddf767c79370a1da6c771177b1ca5a3ed0f46d262b56904b4d83349a56cd6240400b02a3fca4248a845db9c96e84e3945a8b42e7e09e18211f748f4401a6e04e210992500"/400, 0x190, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0xfffffffd, 0x0, 0xdd}, 0x10}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000300)=ANY=[@ANYRESHEX, @ANYRESDEC=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000d40)={@ifindex, 0x24, 0x0, 0x0, &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xa, 0x0, &(0x7f0000000780)=[0x0], &(0x7f0000000cc0), &(0x7f0000000d00)=[0x0, 0x0, 0x0, 0x0]}, 0x40) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000280)='netlink_extack\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="850000002a0000003500000000000000850000000500000095000000000000001b90b31a08f54ff40571eda5c56ad924a10c7b1e6003c9325fea577f8e56fe212b358f1d0838c8119ed74e74552ce4e6c8093375e35c8250f448a6a31260c2f9fbb70400000000000000b08b7aab5fd5d24dcff1ca14025b73c2da8f550900000000000000c340b111fcee90d6d90100000001000000babdee5b76635ce4f35f985e434196b5699ba66b9cb05e5259a1f61cafa3586a2228c4581dc29931a4ca0f4967706596014dc06b99b9c9ba49b34e516e0baed5cca7aeeb0d5dcdce0900000000000100ef363c9f5ca80b125dabc3adab1179388e76c44e7328318078af6a0a1a248a7b2ca42a05f4b033e9"], &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f0000000180)=""/153}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r3, 0x0, 0xe, 0x0, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0xa68, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000004c659ce0544fa42131c3a31517b7be5338a8baab4b6d1a7912c2c5fe5a2d7ba02d0cc9488749a3834b374f39841b36f740af9707c9c71cdf691c985735bdfa709bbbcc936c96b678ebc513517157cdfa455c1eed79773e71c973fd64"], &(0x7f00000000c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003200)='netlink_extack\x00', r4}, 0x10) r5 = socket(0x200000000000011, 0x4000000000080002, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) bind$packet(r5, &(0x7f0000000240)={0x11, 0xf5, r7, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendmsg$inet(r5, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000000200)}, 0x8010) socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2b, 0x1, 0x0, 0x0, "", [@nested={0x104, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8cd1"]}]}, 0x114}], 0x1}, 0x20004080) 1.567554681s ago: executing program 2 (id=2770): socket$packet(0x11, 0x2, 0x300) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x20, r0, 0x6a98047402e98331, 0x0, 0x0, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x20}}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0) 1.308781657s ago: executing program 0 (id=2772): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00'}, 0x10) r0 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) r2 = accept4(r0, &(0x7f0000000040)=@pppoe={0x18, 0x0, {0x0, @local}}, &(0x7f00000000c0)=0x80, 0x80000) bind$can_j1939(r2, &(0x7f0000000380)={0x1d, r1, 0x1}, 0x18) sendmsg$can_j1939(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)="8fd81109ab1c0747", 0x8}}, 0x0) sendmmsg(r0, &(0x7f0000005300)=[{{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000000400)="bdb593", 0x3}], 0x1, &(0x7f0000001700)=ANY=[], 0x2d0}}], 0x1, 0x0) unshare(0x22020600) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x16}, @NFTA_BITWISE_XOR={0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x90}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_GET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000100)={0x38, r5, 0x1, 0x0, 0x0, {0x49}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x73}}}]}, 0x38}}, 0x0) sendmsg$DEVLINK_CMD_RATE_SET(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, r5, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@DEVLINK_ATTR_RATE_TX_SHARE={0xc, 0xa6, 0x7fff}, @DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0xf, 0xa9, @name2}, @DEVLINK_ATTR_RATE_TX_SHARE={0xc, 0xa6, 0x8000000000000000}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000800}, 0x4000000) socket$packet(0x11, 0x3, 0x300) unshare(0x22020600) epoll_create1(0x0) 1.308210189s ago: executing program 4 (id=2773): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000003380)=ANY=[@ANYBLOB="180000000300000000000000a012544f95002b000000000093adffa82255f674412d020000000000005ab527ee3697f1ed4436dd1164b1b3f427f6ba6b34f98125f30e631d273683626e00dc254d570d4a6b78a5833488cfe410090000004aa900003d3cd62f00158e6eee8501000000520a0000151d010000000100bf000000003bbd424c6e6cafbe9309aba218812868a51d129e78f6ae170bf5a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b000024b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e460a000517ebc406e89dcbb7677e6528b0856e31eb9474c0106fc48e1f8c1a5f6945ac24cf609068f6ff21e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d933bedf59ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e148bf56497e5d56d06c7551b870b2851c3f0a1aab71587a21c8f1b3369ebfcb4cb2946601b0f04edb256c604f068773f6db9d661bd7f0e2536f000000000000000055211c6f864f983d745f5865aad41d29158ae7602a2d6cd415e8351ebc283df54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121a96eb372713255012e028cb2654d493a0b4b35faae176f99b745eda2967199cc93685bb537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d0007ae4e1e347c0cff28235a6bb7aa3804b907a8f2880c5cb1cb385e6add14652003c7cdd3324f07d134d3ed07f1c10900000009dd872ec64fa6c718bbd1aa591140cff0be4c6f8df084c5e9734ae30aa9afdc7125f01ab03a9b1074407136b4506000f0916aada035df2e0452a9b39e73aeeb6eaf14652dda689e2051d9b7eb85f3f2d5ae2c51944da8d7391d5b6b97419a3b76600cd1aa0afe5f8f46df4c5124ca425d374b419a6248029d33d61dd5c844024ba757371867a79b31c6617fc3327191fbf514573f1e30d1fd2d763f3ee9218b15c1d60be2168fffcd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc97def5f07f2980005a4f81a9cf8110971b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c4407eca22debc99335583b00013c3130978fa069af8223b38ced735c2d90c6d84c30a0d87d42647489b39601be5c27696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f2d987f05c534187a6240412c8f283cc0c1eba2866dc9580000000000000007fffffffff554b82d9c162f3556076b80552d961ca74f1ffdaccf0ea5f02e03a9ccb9087e6c3b3917bb74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb01efada800e50000000000fdaf2f7b3b79a433e08074ea2462974ab2cbd247eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433d866665b98ca2002c836e89feef904c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc8d0834fb8d124638fec58faeb4c16abb440df2a694f4cdcaa4f65c22f000000000000000000000000000d503d79906958102000000000000000000001ffff0ef89b2a68d2bb2dd163e863314e8449801b52bb93f6c9084659ce777dda8563c859656a357770289a61faa95a82bf1cfb7f2f97252e9322abe282c3344fc6738b4467893b9bf0d1c8130ae6b00110635376413c29f7c6f7b7e29b9f4bddd5e328661f4615e627a6f608ad53a4168fe8e5d7d934aa289b4bd2b870000000000000000000000000000bc4b4ff50000009b777883a02ffd92dfc4cb4114b9f9cf4ad155110cd3ace2b322ae31bfa27847c799c8869a1ea5b98e525e6383ad7fd9795170e7b11e247603000000001459c7f606d721d3979676bffb3049166ab84ac1061991bd57c2566c10c296352a5105b6164e3f2491e4793e590dcc71f110da96366c40dd44a2c9882d3aa0f8a797b8fea6efcfb5276b7679f15559cdaabf5fc14add71d0bca37405ded69b77ab4a3d7487fd50c5e22adef9546abb7a2d9c085b189b5fd1f30e4e0c13f60870fde1f88d830b11002135e8e7262f29b6d7923bfbe0bd2a8be179e56b41ff3792cee2fc37eee739c3008ce740d8804f8e705f0dc59d000021363e8df94ff175b48dc8c12def681a11647946595445bf1cb7d2778cd27a6b3b2966b08be600000020a8a711d193bae0ab2db9ed9c6cb3c3de42ab89524414cae922141f7baf17ebb790ad60bd03870c39d1ad12c750837e63f9880fd70259e35590afb4843cd4e9989398eaa89cefb3aa13cab8d015cbaf1561d95362decd73b8f8cbf8269cac091cfaaa3c7e46d6e79145fc0f1d1b383752ccb40515a772356d746914540216adf4c0f44f1cff3760afa252720ec6dad3a98671ecdaff46cddffb1f05a0c0976070d603a442d014822369fa3eacbb69bd1b0a074357acd5d02161fed146ad3aa15d2b8101b7bd1e091ada78ecd50181f4b35cae1b29aff91494c916323b61f815c4e0701657087ad11eef97952921365bc898ba2c76a9b6e0052f43b1ad2dfdf3f958fc1d32e692bc8846c78a956ada453c67c1c2cdc4f8b1c94e9adc106e85b31e030d955c5578e107a6e8ca0d4dd05344c3e2af25d9a3b0f7805624016aeab271a75f0bacb101a103ef8948064569154a7de08f80e4df4c339b69431b0a5671097d89212b465b0b32275deae10a77e334c9fc074d181bdeb5be80a6249d472e78e6be57a5ccd354cf181e099605a644ecade221a2be926210b2690d09e4b7a3dea25403397439979c27d5613262de08bacecfff2d58437f422df4252c018795310c25e8fce18ed366ac2caade564ca869727a7d63c26271e17d7aba48971835530311545273d3caadeb5d2017dcddab8f38f2068f68a4111ddd587b5df4b5d8f1ce00231a2092eb2e797c491a1e66f73606fd95bbe0f10521862b6262f0259da51ff7517ace7361460a4669a97f7d0bf095c2787f00bdbfee19670d1e0ec5e6c3cb09972fa4d94993157b96d6695177c99d83716651129320924352cda7b8ead91c3301af620c1e8d703dd29ad77f54836779600bb0db3ecfbd36fa8164999898e4aaa56324e1c03a74daf593f92a8ecc03f8c8e3af9ae07dc03780cc0d69da9e3528c1693fb51998731992ceb27dcc0be5be4decefe41b78bc1847bf54b087e095172f06cfa6d4bf958b1d4544947ff1230655199db4f475006047fe83caca97758dffa53cee764f85932eb20d54241b2d515c0826dfe1f0f40ae920455a4548fb35e2a345c05b1c252b7877bb3d834b0b3579a36249146f832ef258df5127318c7017ac1a996c4f902f82deb60fd113ccf812d55ffd625057bd4ff3960992b85bc8d30edfca386be16b1c549aec52e31e1405f86c7760282901750b732ec06b0db735222a730000000000000000001ed58cd2c684667178576dbb57345b63c313e4a8fcfefe511e084c24b31a2e693946748bb73511695bc0eec1553b0f67d50678fb29ad13d2104fdd7a992574d475d3e51652fb3fda6a9fc0458f10b6d121bd48664858b51a9054d7c1d310af6a043e4b99472fbff86fea83924059419d54f07da0b6b7d6e6d61e680f151b0e"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x7}, 0x48) r1 = socket$kcm(0x29, 0x5, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmmsg$inet(r1, &(0x7f0000008dc0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000540)="888303263a9e1cd1b50fc2efc626709c96bcab98beeaa9077149fd4ffeb7b7859b0a68c39e8881cab4fdf65d791358ed734acb07149c487b4f50c5f917139e9ddd44ad39181491d09461f20f51503283b41f6018eb59e878178075bbae9936080a53e68b3cabbb85ca082bf489fa6b1abd74c346ff049623fa21722d20463695f81a234de702e58d0b7a3fcd183be373c73e607e8cfe2b65abd2cc3b97daca65b674bbd651de2ace292d1db665ae1bd9575bfd33675399566e7c5c56d3d7232a307b496f311ca8d3d15ec4c824ed0f4a672c6855c86e0d8d2ec8291a82a3f15e2cce9e", 0xe3}, {&(0x7f0000000200)="c0ce26486d164b431db4444094be80f5dfee9ba9a65a4d50b8f83f2a9024e5586a614f02b063595a8172c55e67c5d085c9bf44d4ac2cb536f9dd56007c79", 0x3e}], 0x2}}, {{0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f00000006c0)="9de6d3750349c2f3847fa4a05f94adb3d21fc68c161aea97b382463136de885846c0513c1d9af3f721cad5a7a753816b79e9af459a7719536932401f194b7c3cdd1b9f5b281e875b96304c31f9aa021642552f18aa7d269bceb614a8895c589cebc5deea722bc9efaf97ab2f098d99b96210c991e8496eae1a0558cc759f3886cc735c0cea5119c10be69068addbd4986f7a7b503ff93af91dd3d173d20ea095e56d3b9bf62b6d547efc4b5cf94bd633ef418ece871a5bdb42ffb27661c222754bbb333c1e65ec05855be1243417f27d30c5e7", 0xd3}, {&(0x7f00000002c0)="468acdb4e4cf0427161e4b334f4c94ebd825850e7c132a1217aa3b5547f1dcc73efdc575d16f90985e478231fe76ee24fcfe9799497db0cbe5954acded7a24622c2463bae7529c05a6c81e33ee93869fd7c57feff17c9cd809b1be241edcede17e4643efc8c2baed1e2442f3a236fe60e4685d2971077e625dce6f0b6c216ffcebecd763c39e87eb641e7046dd68949acc02", 0x92}, {&(0x7f0000000880)="52a67f4b", 0x4}, {&(0x7f00000008c0)="910173d811a77377207b361dd63bd456ea8e58a1e55699c4fd0206e27161045d62989959f8fa93a3437f4a33e558ce924e3be64fd73c92b733b2c178599b60cf9f37b97362210516665be1e110544d2a87c7750450a6a73dea6172b7d97667050fb8309ed2a18f0b5f4895684e", 0x6d}, {&(0x7f0000001500)="cd07e85142f8ead499f3ef72f2227c53dd9255de4766b5f33ef218a7c39a97bbd4f8385f1852a08a0e900c7f9183f6c74e7e3407bac0d64f2fe763278fbc7ea1e7111be746ae2748fc96288a8b288a6d1baf35514905bee7b70175dd6a5b1b43735e06d236ee53c79aa6f817e833618ba7321afdf30656589fb5d92a67f70e2cb1dd98e48ff65bb2569a258f78bca3682750e0584ea00629c67c6411cd532d62be01f143fe9ce39012147357e8abe37baa6cfad28b949c343c17567015b2811ea8dfd577749855bcc1cbdae064318ac83c505129a407543c355a4e902e6d43e92cf7d4a538400b7741304b9179bc8357b82081d7141a388f8659108dbd3142dca4483efd112eae795c780aa14fde5d3ad8a29f57cbbe4929ced3ec0c45c4964e627d283b4c8302ab1eac4796a40ff79106ab2b28a1a72028a56a6b4e7e44f9578970f37fc3edfdf4b51bece98270e1b3b8da8f4bad2d38d0d04220f53e70f88f9431cd8184995253d38f27fbece66f45558a0941277de0308ed8a3bd8cbaa2f12406458086f37d447d9cb471c3b075bef79673e3b27d707f1483be8949600e9259a4edb962ff5e2a47a369468814971d2a81bbdf6222dfd7334912d33b51080cecb1eb5ca9ee573abc277b75e15b8fe9b242abd74ea74a4f83bd96e3b1ae924d927bb45a7b4b879f6a689f4977d0dbd4eaa0cfe64dacb82cf3784e21cd4e136ee610c2672eaedf35918d3c82eec28ea5753ea137f8a5d2f2f8a7aceffa1d71ac75bef177945d757ddc904c46a8a69336861cf08a5c51996807008e58ebf23a7e597bb07cce48e40b8a172144c4e649090fba0ec62152f85c3c4b843bde0f6eafbaa12bd1449801d2c4bfb51317bbc4d521ea1015e73a8c9146eb37eb9583a2443d8eea2293c808efc19a5735408281f16f590e00415c43ac2ce1c3432d41525dd0137eb991d9c56c163c0d4ab2d4ce2a418ff537bf20e6152bbd81d4a2a3570a7c3053f2ceb5e9797d2c60fb069cdcb03e06aedf63ff47f7ef9551e26cf08740c74b273bcda959a1e9a84c0fa05416b99d73d402fb81754e1ccf796d9da53399d6dce3ce83303ccb4166cf36ccb0c9bddbe0e34dfbcae31b4ce8fe513570e036844ab516cf4d6293bdd388112084e6aefcc6e7967fe99aabd72a207bb4ec8fc02d5bc229ca68c9db99529208146f49f29fda53c49707d76a649aa5df7607c3ee514eb820f4d0cc55d547ecd3193c4946525af9f68f8ec2d0a6b0ccfbd8ae0a265249255c98e9e6ab3d8d82dbfb8c15a8ef69b78cc9b4f0ad5a2ce9d6793ada0b6163d9d1ed3e50f9c819ca46b40ff40b375f5e2ce6caa996af36324cbbaa63635b0e107ad01174baa553b86dba12e8ad9586727a70aee6785121e9edb5a98e01b7848734d3e044c494a4061493e1ae7fd73a2ed9b83d286e24a732966faee7705d8a2d360159acbdf18616028134c25d1a92bb45f06207701454390b87d5bcb66ec73d8c3c53049f42c85de0acc45a9379302203be199ce55154b739bfb3d27929b12163e2078905137774974b90c07960fd410fd58394bc53e7745f5627de2f0361418173763c69f8a11d93a104ad382cf385b0c6c7c3c5fc8236e6f18ae9be0543d28d54050b9e60f2f774a16be4904243d482ad3252edaccce56dcd350b6e249fe686d5adc07bc57c71aebdc243eac56f29fa24e69b8d444c54a95522beafac6230a3c4e89c6d55654a4a077f7f854d6b24f8b45da2baa5dc3e4df15c56263c7fa80642789ea712a9562a70379afe5ac584c891178d71a558e73456e53e7f9256f4c0b27daa3eab32f1e56b3dd9280053c1ec57e86fd87a725ab9a5d93e3f8e6e848afbdadb859c744f40a86486fbbd1da6a18c834bf43594aac9d0340521dea06befad18bb868e9e63578ed66c70ecfeb31ce55755a5d48de4113c7e29975643cbc53f114ed522231e410f1fe4b910e6af3d4b56918952f7f25204813b3283e20a54fd285a80988494576bd738e685edda5177eeb0e2c9816dac60302b12ec046c9feb770dec403fd4fadd1628aa4978647e8dac1825166a5be8b580b195387d901ecbf03b70d4301f6de69f691009a659c03186b8431e226022f811a6d2ce73c8bce19b09e04728b739da06054690f30c71bb3326f8d4fc80cf654a42fc6134967206e110558a6f9e9c434bf175def183da8a5c135975dd7eac8fcea1343710cd92fdcba2152b32e014cb8e87d3c500e8f439e1522da6866105e937663d8044527982d147df983ca83eaa7fb4dd5c0c79232dd687e02dc135d3067547cafb1934b5769114472beb906646ffdc44291289bc27478262295c2fa517ccd553804e73eb9150f5d451afd79f175e14b563a5e6c86e9a0eacd450be530a3e506297a751bc5800f3c45a3e18b93c21aa8c0f2d144122803361d4b59e2a21bb462c0b8bf9d8f4c91610c633fefced62b8de88bd2e56e58eb538f30b1710f8cf5e6e54db33adc53d2519351696028edda2e915a3f575ee3488b6ac2d96856fe5742ae57679e11e7baeeb7446aa3d92a834086b8b2eba58a16e54a2df19f4be02fb9ed80f9547c327ca69bfc027852c0f54eea05b0982f0a08548f16a80d17121b5c3536d072b6dd78965d7fcb1d13d8435c003050de3900f43ec378070ff24e9fe463451cd2ca1d81532121fa6a010df9e471dbd068c9de5698eb986a43640843e6ab2ae9c849603cc1ed6799cd80a9dc8937127ef006edd442b68fc79a7d31d80f255ce9593e12a219d4a38a84c2a77ae3c604ac33614aea6c8523e4f553866b801cfdbf3545370555685f2f6ae4a05745713bac8452e86536807b986037d28953cc093122c7e400f4ebd876282e831b5e45c2e2dab9c7620ef9aa3c3f733baef8eee8242e0edfc20c9f58127739c978fbda24af4068e36a0c556cf2e60be433e6c86fcaafaab94124385c14dff932713044432cfc6ce7c6ae88c1fe32097d2e223616818eb1df981cd70a9a35ad7776745b660dec25e93cf5d6157cc161b808097f49a7713c5a164cd5cd61cb44b155edd38b72c5788b5328a1090cc366fb114d658eb4f045740fa95c19a9b6fc4c758036b9ba3d566e93073a5387f850f70db48d7c4a071d2b6bcdc67113b242688fbddffcff2c369680a4f5e7f0bafc27241a95695ff39c828f5d2b4e2a5955414aae21358971a9bd5d27fb3b4980d7a2058f5a686a65a95245aa418df589d6191ddf8e2a75b80c78dece49e7cdb6dc038944c8badeb86ab903a7a2db35cff18dd46ffbc02c36461205df47e93ab492ee2c49b489c22e9d0a44766f855cc1bc37622c72ab452908860cc054e9cd245cef29667e078e09403f395a0ff222272fd39bcf8c657de071fa6b02efb062e133f4ca14dbc3041fc3d0d7f44a30c955fbe5088ec222355d0b533f506ac75cadbb646b437eccdffef7f521ff14b3716f945c3a0b532616e3fa4dd88ecff416b0c91798aac7072c610adef4e076f5609bc0a4431de4de4a7318115a3f45dd7105f0d25cf2f2eccfb949b7e9b1c6f051f1c8f61b95f665c219d1f32b7af585818e51a937f5d90b0dd2d1e68f4a9f94f8da2ab42b3c91c95871537d94fc2a191862cbbe28433c7773a3dabe82a371c47c905e46f74f4964fe4ff3551588cb97d089465d1df16daaf5617d5b677e2e77541f64ea33ad75611e1516f230d4f207f58494458b3e25a3ce1d1d098ae8a8db11fbb7783d6f3960e237c0a24e33043c21a552cedc8aa7a0838cb034070a5af237acaaacf0a4398b036cf32ddd2d614d26c53a3fdbd0fe8cd1e0064c8777ac8f9755e02ca4bf869bc94cd6bea3bab112f57aecc27e6011d4b4c8c3926abf995a39b4384f9bf410c4e3525a47d4db05f3c6c253c8adb2678c5f86dd2e5e3ffca798b5b756c0207e65a248449cd09abad3b3b8fcda337124bb66079dd1ac77949f3c8ddac7396eaf8348544164edb99e178d59c13878b8b8dbd0759cbf4b6b6d3dcb5adb4b6bf8402b93aa4a6b53789b627f68b772618cb8a9689ad282a230d6e5e125da910b4f26f72caf1eca8362b977f83bc16a798e05dfc6c7675cac8262e781db9db2250958ab6bda85ebd7c4d06681ee0f30bd062a08294ce0d459e10e3a0c2323373ec84ac3e6d99ec6134ee395b6ca8ad6e6a53dfba9a07747944cb2be0ed2fcac5c4e7c43a5da76031cec5169b3f445099322b704a5198c1018a3bce33a155e7881fac59fc526c32e954a700c4b6db8f25467b714d4b723224c1f1bcf59b2b75c577fe4acd95aea1c8ec9075945442a129a3efd5e64aa3d668be55e3c43580526e596a74baf605576606c7bab5005957371f075dbe44333465564af0eb35dfe14465d87035ee896e6fe8138ee43bc2d383e6ee51fe4ed62341d2a68ed64385ec31867f28ab33a8e0e0da7c6587432df0286d44a24ca0e85ae151307a24222fffc971b476e412a450c58d69b7b4a5d89c5f55170dc5f3689089f49894cf6d034f680067b28582ca2066d2578dec3528041289c7340355425064441b647a51bb4be746c165c10c0a2a82c8644a832a32877ea81e24a50c2e3f0fbc5b763656b6c7278cc83a94c65bbca431cefde888cd42b03299b591c756aca38f03ca7a8f61aa9a69de2ca81d7e5005fbd6c328493e2833d45fcb68cdfa761842b48aebf3570cec220dab6ab3b58e1214cf843b7201a8387077b5c1462f2b025f9c6a56f8", 0xd0b}], 0x5}}], 0x2, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000bc0)=0x2, 0x4) ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f00000001c0)={r2, r0}) write(r1, 0x0, 0x0) 1.260497056s ago: executing program 2 (id=2775): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) socket$nl_audit(0x10, 0x3, 0x9) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000000c0)={0x0, 0x695a, 0x10}, 0xc) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x143ffd, 0x7fe2, 0x1}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r2, &(0x7f0000000180), 0x20000000, 0x1000000}, 0x20) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000240)=[@in={0x2, 0x0, @rand_addr=0x64010102}], 0x10) r4 = socket$inet(0x2, 0x80001, 0x84) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB='8-', @ANYRESDEC], 0x6a) getsockopt$kcm_KCM_RECV_DISABLE(r5, 0x6, 0x1, 0x0, 0x20000000) getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000200)=@assoc_value={r6}, 0x8) 1.210632161s ago: executing program 1 (id=2776): bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x38, 0x38, 0x4, [@const={0x0, 0x0, 0x0, 0x2, 0x4}, @var={0x1, 0x0, 0x0, 0xe, 0x3}, @func_proto={0x2, 0x0, 0x0, 0x4, 0x2}, @var={0x2, 0x0, 0x0, 0x11}]}, {0x0, [0x2e, 0x5f]}}, 0x0, 0x54}, 0x20) socket(0xa, 0x3, 0x3a) r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000d40), 0x4) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xd0, 0x0, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800, 0x0, 0x3}, 0x20) setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4) r2 = socket$tipc(0x1e, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000a00)={'veth1_to_team\x00', 0x0}) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000040)=0x100, 0x4) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x3, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x4c}, [@call={0x85, 0x0, 0x0, 0x15}]}, &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x7, 0x4, 0x300, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffd}, 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={0xffffffffffffffff, &(0x7f0000000080), 0x0}, 0x20) r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_SECURITY(r4, 0x0, 0x1, &(0x7f0000000140)=0x2, 0x4) syz_genetlink_get_family_id$l2tp(&(0x7f0000002100), r4) r5 = socket$tipc(0x1e, 0x5, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x3, 0x3, &(0x7f00000000c0)=@framed={{0x46, 0xa, 0x0, 0x0, 0x0, 0x79, 0x10, 0x7c}}, &(0x7f0000000000)='GPL\x00'}, 0x90) bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) getsockopt$IP_SET_OP_VERSION(r5, 0x1, 0x53, &(0x7f0000000100), &(0x7f0000000140)=0x8) listen(r5, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x20, 0x4, &(0x7f0000000d40)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_DEST_DROPPABLE(r6, 0x10f, 0x81, 0x0, 0x0) setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f00000000c0)={0x42, 0x4}, 0x10) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4) 1.094710632s ago: executing program 4 (id=2777): socket$netlink(0x10, 0x3, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) write$binfmt_script(r1, 0x0, 0xfffffe5d) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="3c00000010008506000000ff0100000000000000", @ANYRES32=r2, @ANYBLOB="01ff00e1c2ed00001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) socket$tipc(0x1e, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00'}, 0x10) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0108000000000000000001000000f200010073797a300000000070000000090a0133f1340b00a9ce6edc0400000000000000000100000008000ac0000000000900020073797a31000000000900010073797a30000000000800054000000025340011800a0001086c696d6974000000240002800c0001000000fd44c5509039266954833712120000000004000c0002000000ff0000000000000040fffffff9140000001000010100000000000000000000000a96a2bbcc67ba72776f5ca3952efbf736a4cbf333207703bdae4df20ee73be1976f1e565da4e22a17d1bd6cfbcc60ea095e08592569e5a21655f0bd6ac1c3be43ba0ca74299a33105ddd34bcbad23096129e0f4cc805cdfb648104684779fc6a65c3aac1edccf971d723d419f201e6be8b657851ca67e0f3d2a38fd8442e5a6d094ff27a6c49933d7474bce236b68dd58caef86000b2dcc7a498efbbc53169f96b32935c0f65f0db1d2a32c042e85a6b6c78cfe0afde07e600099225fbc947d0ee57308b3add2e2b74dd3ce051699541ed063f1ae03c57aa8f816d8cdc9e600"], 0xb8}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) r6 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x4, &(0x7f0000000900)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a200000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x70, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000b40)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="350b00000000000000000d000f000c00018008000100", @ANYRES32=r7], 0x20}}, 0x0) r8 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=@migrate={0xec, 0x21, 0x1, 0x0, 0x25dfdbff, {{@in=@multicast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}, [@migrate={0x9c, 0x11, [{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in=@broadcast, @in=@private=0xa010101, @in=@dev={0xac, 0x14, 0x14, 0x23}, 0x32, 0x0, 0x0, 0x0, 0x0, 0xa}, {@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in=@loopback, @in=@empty, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x2, 0x0, 0x0, 0x0, 0xa}]}]}, 0xec}}, 0x40008c0) socket$inet6_udp(0xa, 0x2, 0x0) r9 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'team_slave_1\x00'}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}}, 0x0) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000400)={'wlan0\x00', 0x0}) r13 = openat$tun(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r13, 0x400454ca, &(0x7f0000002280)={'pim6reg0\x00', 0x2102}) ioctl$TUNSETQUEUE(r13, 0x400454d9, &(0x7f0000000080)={'ip6tnl0\x00', 0x400}) ioctl$TUNSETQUEUE(r13, 0x400454e2, &(0x7f0000000240)={'xfrm0\x00'}) sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r10, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="0100ffffffff000000003b00000008000300", @ANYRES32=r12, @ANYBLOB="0a0006000814110000010000060066008e8800001c0033"], 0x4c}}, 0x0) 960.394585ms ago: executing program 0 (id=2779): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000b40)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="2700330040000000ffffffffffff0802110000005050"], 0x44}}, 0x0) 959.746169ms ago: executing program 2 (id=2780): r0 = epoll_create1(0x0) r1 = socket$unix(0x1, 0x1, 0x0) close(r1) socket(0x1d, 0x2, 0x6) setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0xa0028000}) r2 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r2, 0x0, 0x0, 0x9c8c4, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r2, &(0x7f0000000780)="0d0ad7c36d6617110e434332d6ac582208222cfb7c37ce1148f448455bc37f5f70c92774dcb201629979039d7c8943b207e5bdf9ab8e", 0x36, 0x6d91fb6102d8d9cc, 0x0, 0x0) r3 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, &(0x7f0000000180)={0xffffffffffffffff}) sendmsg$inet(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000200)='R', 0x1}], 0x1}, 0x0) sendto$inet6(r2, &(0x7f0000000e00)="dd11fa62c01f7cef67f2a127346208", 0xf, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x2012, r5, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r6, &(0x7f0000000740)=ANY=[], 0xfffffc8f) recvfrom(r2, &(0x7f0000001a80)=""/4096, 0x1000, 0x0, 0x0, 0x0) 812.642522ms ago: executing program 3 (id=2781): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) write$binfmt_script(r2, 0x0, 0xfffffe5d) getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="3c00000010008506000000ff0100000000000000", @ANYRES32=r3, @ANYBLOB="01ff00e1c2ed00001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) r4 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'team_slave_1\x00'}]}, 0x34}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=@newqdisc={0x24, 0x10, 0x1, 0x0, 0x0, {0x10, 0x0, 0x4c, r3, {0xd}}}, 0x24}}, 0x0) 767.753417ms ago: executing program 1 (id=2782): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000180)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x2000, r0}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffffe}}]}, &(0x7f0000000200)='GPL\x00', 0xc, 0xff9, &(0x7f0000002300)=""/4089}, 0x90) 739.583925ms ago: executing program 0 (id=2783): socket$alg(0x26, 0x5, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) socket$rds(0x15, 0x5, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_udp(0xa, 0x2, 0x0) socket$packet(0x11, 0x4000000000002, 0x300) socket$inet6_sctp(0xa, 0x5, 0x84) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$alg(0x26, 0x5, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) socket(0x2a, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0x4, 0x4, 0x1, 0xffffffffffffffff, 0x1000}, 0x48) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r3}, 0x20) close(0x3) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r4 = socket$can_bcm(0x1d, 0x2, 0x2) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) sendmsg$can_bcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000500)=ANY=[@ANYBLOB="050000000300000000a9de51", @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r0, 0x6, 0x15, &(0x7f0000000040)=0x101, 0x4) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="93630100200501001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32=r5, @ANYBLOB, @ANYRES8=r2], 0x4c}}, 0x0) 735.717442ms ago: executing program 3 (id=2784): r0 = socket$inet_sctp(0x2, 0x5, 0x84) sendmmsg$inet_sctp(r0, &(0x7f0000003480)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000002580)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000030200000000000000000000000000000000020000000000", @ANYRES32=0x0, @ANYBLOB="1800"], 0x48}], 0x1, 0x0) 592.628468ms ago: executing program 3 (id=2785): socket$packet(0x11, 0x2, 0x300) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x20, r0, 0x6a98047402e98331, 0x0, 0x0, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x20}}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0) 550.76576ms ago: executing program 1 (id=2786): sendto$inet6(0xffffffffffffffff, &(0x7f0000000b00)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5a427a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd80000804de5bed98201110200b896c0000e89f68bc13bfe653b24741c7f0c35ad2c01a25810c07e95223b94bd5462b2e3bee12a44aa61278e6dac9e255bf014c3563a25f69fb06b22793a1fd077e19f49854081b2bd24a0072099262f1add7dd5bf2f71712e4b39111d2e99aa99472fbb229e7a3d0a60f537b53293b94c81d06dd10f2de333076390da1b73b791f8d8378060cf9e06b779d77ca55be6e02cb20dd0b7d9ca35b058fb968257c320f0a076544dec7156cee66047ddf43be9f0456871541843124a5d98d64232284ed23ec914a8a89b9573326de20cdd798417c6fe9b299adab1fc6c9c11ba48d3ab51c0daffd70fb8418ddf767c79370a1da6c771177b1ca5a3ed0f46d262b56904b4d83349a56cd6240400b02a3fca4248a845db9c96e84e3945a8b42e7e09e18211f748f4401a6e04e210992500"/400, 0x190, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0xfffffffd, 0x0, 0xdd}, 0x10}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000300)=ANY=[@ANYRESHEX, @ANYRESDEC=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000d40)={@ifindex, 0x24, 0x0, 0x0, &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xa, 0x0, &(0x7f0000000780)=[0x0], &(0x7f0000000cc0), &(0x7f0000000d00)=[0x0, 0x0, 0x0, 0x0]}, 0x40) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000280)='netlink_extack\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="850000002a0000003500000000000000850000000500000095000000000000001b90b31a08f54ff40571eda5c56ad924a10c7b1e6003c9325fea577f8e56fe212b358f1d0838c8119ed74e74552ce4e6c8093375e35c8250f448a6a31260c2f9fbb70400000000000000b08b7aab5fd5d24dcff1ca14025b73c2da8f550900000000000000c340b111fcee90d6d90100000001000000babdee5b76635ce4f35f985e434196b5699ba66b9cb05e5259a1f61cafa3586a2228c4581dc29931a4ca0f4967706596014dc06b99b9c9ba49b34e516e0baed5cca7aeeb0d5dcdce0900000000000100ef363c9f5ca80b125dabc3adab1179388e76c44e7328318078af6a0a1a248a7b2ca42a05f4b033e9d8a7880a116a60bd69a463a75045e8950a8e03000000000000008c4e7c6037b670a823e59267ae980c73ba09410000000000000000000000000000000042f7ae3d341b2a8e0c1681be5db38db3bf61f7ede5efbf55df1ee21b8e21b7a4a0bbc1d6a5483477260c03bf09959a71dac6b9f67019fe6ddacf40aed79f018c9fb9e9fc69425618b0d4"], &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f0000000180)=""/153}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r3, 0x0, 0xe, 0x0, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0xa68, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000004c659ce0544fa42131c3a31517b7be5338a8baab4b6d1a7912c2c5fe5a2d7ba02d0cc9488749a3834b374f39841b36f740af9707c9c71cdf691c985735bdfa709bbbcc936c96b678ebc513517157cdfa455c1eed79773e71c973fd64"], &(0x7f00000000c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003200)='netlink_extack\x00', r4}, 0x10) r5 = socket(0x200000000000011, 0x4000000000080002, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) bind$packet(r5, &(0x7f0000000240)={0x11, 0xf5, r7, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendmsg$inet(r5, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000000200)}, 0x8010) socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2b, 0x1, 0x0, 0x0, "", [@nested={0x104, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8cd1"]}]}, 0x114}], 0x1}, 0x20004080) 441.798342ms ago: executing program 0 (id=2787): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000003380)=ANY=[@ANYBLOB="180000000300000000000000a012544f95002b000000000093adffa82255f674412d020000000000005ab527ee3697f1ed4436dd1164b1b3f427f6ba6b34f98125f30e631d273683626e00dc254d570d4a6b78a5833488cfe410090000004aa900003d3cd62f00158e6eee8501000000520a0000151d010000000100bf000000003bbd424c6e6cafbe9309aba218812868a51d129e78f6ae170bf5a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b000024b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e460a000517ebc406e89dcbb7677e6528b0856e31eb9474c0106fc48e1f8c1a5f6945ac24cf609068f6ff21e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d933bedf59ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e148bf56497e5d56d06c7551b870b2851c3f0a1aab71587a21c8f1b3369ebfcb4cb2946601b0f04edb256c604f068773f6db9d661bd7f0e2536f000000000000000055211c6f864f983d745f5865aad41d29158ae7602a2d6cd415e8351ebc283df54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121a96eb372713255012e028cb2654d493a0b4b35faae176f99b745eda2967199cc93685bb537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d0007ae4e1e347c0cff28235a6bb7aa3804b907a8f2880c5cb1cb385e6add14652003c7cdd3324f07d134d3ed07f1c10900000009dd872ec64fa6c718bbd1aa591140cff0be4c6f8df084c5e9734ae30aa9afdc7125f01ab03a9b1074407136b4506000f0916aada035df2e0452a9b39e73aeeb6eaf14652dda689e2051d9b7eb85f3f2d5ae2c51944da8d7391d5b6b97419a3b76600cd1aa0afe5f8f46df4c5124ca425d374b419a6248029d33d61dd5c844024ba757371867a79b31c6617fc3327191fbf514573f1e30d1fd2d763f3ee9218b15c1d60be2168fffcd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc97def5f07f2980005a4f81a9cf8110971b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c4407eca22debc99335583b00013c3130978fa069af8223b38ced735c2d90c6d84c30a0d87d42647489b39601be5c27696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f2d987f05c534187a6240412c8f283cc0c1eba2866dc9580000000000000007fffffffff554b82d9c162f3556076b80552d961ca74f1ffdaccf0ea5f02e03a9ccb9087e6c3b3917bb74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb01efada800e50000000000fdaf2f7b3b79a433e08074ea2462974ab2cbd247eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433d866665b98ca2002c836e89feef904c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc8d0834fb8d124638fec58faeb4c16abb440df2a694f4cdcaa4f65c22f000000000000000000000000000d503d79906958102000000000000000000001ffff0ef89b2a68d2bb2dd163e863314e8449801b52bb93f6c9084659ce777dda8563c859656a357770289a61faa95a82bf1cfb7f2f97252e9322abe282c3344fc6738b4467893b9bf0d1c8130ae6b00110635376413c29f7c6f7b7e29b9f4bddd5e328661f4615e627a6f608ad53a4168fe8e5d7d934aa289b4bd2b870000000000000000000000000000bc4b4ff50000009b777883a02ffd92dfc4cb4114b9f9cf4ad155110cd3ace2b322ae31bfa27847c799c8869a1ea5b98e525e6383ad7fd9795170e7b11e247603000000001459c7f606d721d3979676bffb3049166ab84ac1061991bd57c2566c10c296352a5105b6164e3f2491e4793e590dcc71f110da96366c40dd44a2c9882d3aa0f8a797b8fea6efcfb5276b7679f15559cdaabf5fc14add71d0bca37405ded69b77ab4a3d7487fd50c5e22adef9546abb7a2d9c085b189b5fd1f30e4e0c13f60870fde1f88d830b11002135e8e7262f29b6d7923bfbe0bd2a8be179e56b41ff3792cee2fc37eee739c3008ce740d8804f8e705f0dc59d000021363e8df94ff175b48dc8c12def681a11647946595445bf1cb7d2778cd27a6b3b2966b08be600000020a8a711d193bae0ab2db9ed9c6cb3c3de42ab89524414cae922141f7baf17ebb790ad60bd03870c39d1ad12c750837e63f9880fd70259e35590afb4843cd4e9989398eaa89cefb3aa13cab8d015cbaf1561d95362decd73b8f8cbf8269cac091cfaaa3c7e46d6e79145fc0f1d1b383752ccb40515a772356d746914540216adf4c0f44f1cff3760afa252720ec6dad3a98671ecdaff46cddffb1f05a0c0976070d603a442d014822369fa3eacbb69bd1b0a074357acd5d02161fed146ad3aa15d2b8101b7bd1e091ada78ecd50181f4b35cae1b29aff91494c916323b61f815c4e0701657087ad11eef97952921365bc898ba2c76a9b6e0052f43b1ad2dfdf3f958fc1d32e692bc8846c78a956ada453c67c1c2cdc4f8b1c94e9adc106e85b31e030d955c5578e107a6e8ca0d4dd05344c3e2af25d9a3b0f7805624016aeab271a75f0bacb101a103ef8948064569154a7de08f80e4df4c339b69431b0a5671097d89212b465b0b32275deae10a77e334c9fc074d181bdeb5be80a6249d472e78e6be57a5ccd354cf181e099605a644ecade221a2be926210b2690d09e4b7a3dea25403397439979c27d5613262de08bacecfff2d58437f422df4252c018795310c25e8fce18ed366ac2caade564ca869727a7d63c26271e17d7aba48971835530311545273d3caadeb5d2017dcddab8f38f2068f68a4111ddd587b5df4b5d8f1ce00231a2092eb2e797c491a1e66f73606fd95bbe0f10521862b6262f0259da51ff7517ace7361460a4669a97f7d0bf095c2787f00bdbfee19670d1e0ec5e6c3cb09972fa4d94993157b96d6695177c99d83716651129320924352cda7b8ead91c3301af620c1e8d703dd29ad77f54836779600bb0db3ecfbd36fa8164999898e4aaa56324e1c03a74daf593f92a8ecc03f8c8e3af9ae07dc03780cc0d69da9e3528c1693fb51998731992ceb27dcc0be5be4decefe41b78bc1847bf54b087e095172f06cfa6d4bf958b1d4544947ff1230655199db4f475006047fe83caca97758dffa53cee764f85932eb20d54241b2d515c0826dfe1f0f40ae920455a4548fb35e2a345c05b1c252b7877bb3d834b0b3579a36249146f832ef258df5127318c7017ac1a996c4f902f82deb60fd113ccf812d55ffd625057bd4ff3960992b85bc8d30edfca386be16b1c549aec52e31e1405f86c7760282901750b732ec06b0db735222a730000000000000000001ed58cd2c684667178576dbb57345b63c313e4a8fcfefe511e084c24b31a2e693946748bb73511695bc0eec1553b0f67d50678fb29ad13d2104fdd7a992574d475d3e51652fb3fda6a9fc0458f10b6d121bd48664858b51a9054d7c1d310af6a043e4b99472fbff86fea83924059419d54f07da0b6b7d6e6d61e680f151b0e"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x7}, 0x48) r1 = socket$kcm(0x29, 0x5, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmmsg$inet(r1, &(0x7f0000008dc0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000540)="888303263a9e1cd1b50fc2efc626709c96bcab98beeaa9077149fd4ffeb7b7859b0a68c39e8881cab4fdf65d791358ed734acb07149c487b4f50c5f917139e9ddd44ad39181491d09461f20f51503283b41f6018eb59e878178075bbae9936080a53e68b3cabbb85ca082bf489fa6b1abd74c346ff049623fa21722d20463695f81a234de702e58d0b7a3fcd183be373c73e607e8cfe2b65abd2cc3b97daca65b674bbd651de2ace292d1db665ae1bd9575bfd33675399566e7c5c56d3d7232a307b496f311ca8d3d15ec4c824ed0f4a672c6855c86e0d8d2ec8291a82a3f15e2cce9e", 0xe3}, {&(0x7f0000000200)="c0ce26486d164b431db4444094be80f5dfee9ba9a65a4d50b8f83f2a9024e5586a614f02b063595a8172c55e67c5d085c9bf44d4ac2cb536f9dd56007c79", 0x3e}], 0x2}}, {{0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f00000006c0)="9de6d3750349c2f3847fa4a05f94adb3d21fc68c161aea97b382463136de885846c0513c1d9af3f721cad5a7a753816b79e9af459a7719536932401f194b7c3cdd1b9f5b281e875b96304c31f9aa021642552f18aa7d269bceb614a8895c589cebc5deea722bc9efaf97ab2f098d99b96210c991e8496eae1a0558cc759f3886cc735c0cea5119c10be69068addbd4986f7a7b503ff93af91dd3d173d20ea095e56d3b9bf62b6d547efc4b5cf94bd633ef418ece871a5bdb42ffb27661c222754bbb333c1e65ec05855be1243417f27d30c5e7", 0xd3}, {&(0x7f00000002c0)="468acdb4e4cf0427161e4b334f4c94ebd825850e7c132a1217aa3b5547f1dcc73efdc575d16f90985e478231fe76ee24fcfe9799497db0cbe5954acded7a24622c2463bae7529c05a6c81e33ee93869fd7c57feff17c9cd809b1be241edcede17e4643efc8c2baed1e2442f3a236fe60e4685d2971077e625dce6f0b6c216ffcebecd763c39e87eb641e7046dd68949acc02", 0x92}, {&(0x7f0000000880)="52a67f4b2e32", 0x6}, {&(0x7f00000008c0)="910173d811a77377207b361dd63bd456ea8e58a1e55699c4fd0206e27161045d62989959f8fa93a3437f4a33e558ce924e3be64fd73c92b733b2c178599b60cf9f37b97362210516665be1e110544d2a87c7750450a6a73dea6172b7d97667050fb8309ed2a18f0b5f4895684e", 0x6d}, {&(0x7f0000001500)="cd07e85142f8ead499f3ef72f2227c53dd9255de4766b5f33ef218a7c39a97bbd4f8385f1852a08a0e900c7f9183f6c74e7e3407bac0d64f2fe763278fbc7ea1e7111be746ae2748fc96288a8b288a6d1baf35514905bee7b70175dd6a5b1b43735e06d236ee53c79aa6f817e833618ba7321afdf30656589fb5d92a67f70e2cb1dd98e48ff65bb2569a258f78bca3682750e0584ea00629c67c6411cd532d62be01f143fe9ce39012147357e8abe37baa6cfad28b949c343c17567015b2811ea8dfd577749855bcc1cbdae064318ac83c505129a407543c355a4e902e6d43e92cf7d4a538400b7741304b9179bc8357b82081d7141a388f8659108dbd3142dca4483efd112eae795c780aa14fde5d3ad8a29f57cbbe4929ced3ec0c45c4964e627d283b4c8302ab1eac4796a40ff79106ab2b28a1a72028a56a6b4e7e44f9578970f37fc3edfdf4b51bece98270e1b3b8da8f4bad2d38d0d04220f53e70f88f9431cd8184995253d38f27fbece66f45558a0941277de0308ed8a3bd8cbaa2f12406458086f37d447d9cb471c3b075bef79673e3b27d707f1483be8949600e9259a4edb962ff5e2a47a369468814971d2a81bbdf6222dfd7334912d33b51080cecb1eb5ca9ee573abc277b75e15b8fe9b242abd74ea74a4f83bd96e3b1ae924d927bb45a7b4b879f6a689f4977d0dbd4eaa0cfe64dacb82cf3784e21cd4e136ee610c2672eaedf35918d3c82eec28ea5753ea137f8a5d2f2f8a7aceffa1d71ac75bef177945d757ddc904c46a8a69336861cf08a5c51996807008e58ebf23a7e597bb07cce48e40b8a172144c4e649090fba0ec62152f85c3c4b843bde0f6eafbaa12bd1449801d2c4bfb51317bbc4d521ea1015e73a8c9146eb37eb9583a2443d8eea2293c808efc19a5735408281f16f590e00415c43ac2ce1c3432d41525dd0137eb991d9c56c163c0d4ab2d4ce2a418ff537bf20e6152bbd81d4a2a3570a7c3053f2ceb5e9797d2c60fb069cdcb03e06aedf63ff47f7ef9551e26cf08740c74b273bcda959a1e9a84c0fa05416b99d73d402fb81754e1ccf796d9da53399d6dce3ce83303ccb4166cf36ccb0c9bddbe0e34dfbcae31b4ce8fe513570e036844ab516cf4d6293bdd388112084e6aefcc6e7967fe99aabd72a207bb4ec8fc02d5bc229ca68c9db99529208146f49f29fda53c49707d76a649aa5df7607c3ee514eb820f4d0cc55d547ecd3193c4946525af9f68f8ec2d0a6b0ccfbd8ae0a265249255c98e9e6ab3d8d82dbfb8c15a8ef69b78cc9b4f0ad5a2ce9d6793ada0b6163d9d1ed3e50f9c819ca46b40ff40b375f5e2ce6caa996af36324cbbaa63635b0e107ad01174baa553b86dba12e8ad9586727a70aee6785121e9edb5a98e01b7848734d3e044c494a4061493e1ae7fd73a2ed9b83d286e24a732966faee7705d8a2d360159acbdf18616028134c25d1a92bb45f06207701454390b87d5bcb66ec73d8c3c53049f42c85de0acc45a9379302203be199ce55154b739bfb3d27929b12163e2078905137774974b90c07960fd410fd58394bc53e7745f5627de2f0361418173763c69f8a11d93a104ad382cf385b0c6c7c3c5fc8236e6f18ae9be0543d28d54050b9e60f2f774a16be4904243d482ad3252edaccce56dcd350b6e249fe686d5adc07bc57c71aebdc243eac56f29fa24e69b8d444c54a95522beafac6230a3c4e89c6d55654a4a077f7f854d6b24f8b45da2baa5dc3e4df15c56263c7fa80642789ea712a9562a70379afe5ac584c891178d71a558e73456e53e7f9256f4c0b27daa3eab32f1e56b3dd9280053c1ec57e86fd87a725ab9a5d93e3f8e6e848afbdadb859c744f40a86486fbbd1da6a18c834bf43594aac9d0340521dea06befad18bb868e9e63578ed66c70ecfeb31ce55755a5d48de4113c7e29975643cbc53f114ed522231e410f1fe4b910e6af3d4b56918952f7f25204813b3283e20a54fd285a80988494576bd738e685edda5177eeb0e2c9816dac60302b12ec046c9feb770dec403fd4fadd1628aa4978647e8dac1825166a5be8b580b195387d901ecbf03b70d4301f6de69f691009a659c03186b8431e226022f811a6d2ce73c8bce19b09e04728b739da06054690f30c71bb3326f8d4fc80cf654a42fc6134967206e110558a6f9e9c434bf175def183da8a5c135975dd7eac8fcea1343710cd92fdcba2152b32e014cb8e87d3c500e8f439e1522da6866105e937663d8044527982d147df983ca83eaa7fb4dd5c0c79232dd687e02dc135d3067547cafb1934b5769114472beb906646ffdc44291289bc27478262295c2fa517ccd553804e73eb9150f5d451afd79f175e14b563a5e6c86e9a0eacd450be530a3e506297a751bc5800f3c45a3e18b93c21aa8c0f2d144122803361d4b59e2a21bb462c0b8bf9d8f4c91610c633fefced62b8de88bd2e56e58eb538f30b1710f8cf5e6e54db33adc53d2519351696028edda2e915a3f575ee3488b6ac2d96856fe5742ae57679e11e7baeeb7446aa3d92a834086b8b2eba58a16e54a2df19f4be02fb9ed80f9547c327ca69bfc027852c0f54eea05b0982f0a08548f16a80d17121b5c3536d072b6dd78965d7fcb1d13d8435c003050de3900f43ec378070ff24e9fe463451cd2ca1d81532121fa6a010df9e471dbd068c9de5698eb986a43640843e6ab2ae9c849603cc1ed6799cd80a9dc8937127ef006edd442b68fc79a7d31d80f255ce9593e12a219d4a38a84c2a77ae3c604ac33614aea6c8523e4f553866b801cfdbf3545370555685f2f6ae4a05745713bac8452e86536807b986037d28953cc093122c7e400f4ebd876282e831b5e45c2e2dab9c7620ef9aa3c3f733baef8eee8242e0edfc20c9f58127739c978fbda24af4068e36a0c556cf2e60be433e6c86fcaafaab94124385c14dff932713044432cfc6ce7c6ae88c1fe32097d2e223616818eb1df981cd70a9a35ad7776745b660dec25e93cf5d6157cc161b808097f49a7713c5a164cd5cd61cb44b155edd38b72c5788b5328a1090cc366fb114d658eb4f045740fa95c19a9b6fc4c758036b9ba3d566e93073a5387f850f70db48d7c4a071d2b6bcdc67113b242688fbddffcff2c369680a4f5e7f0bafc27241a95695ff39c828f5d2b4e2a5955414aae21358971a9bd5d27fb3b4980d7a2058f5a686a65a95245aa418df589d6191ddf8e2a75b80c78dece49e7cdb6dc038944c8badeb86ab903a7a2db35cff18dd46ffbc02c36461205df47e93ab492ee2c49b489c22e9d0a44766f855cc1bc37622c72ab452908860cc054e9cd245cef29667e078e09403f395a0ff222272fd39bcf8c657de071fa6b02efb062e133f4ca14dbc3041fc3d0d7f44a30c955fbe5088ec222355d0b533f506ac75cadbb646b437eccdffef7f521ff14b3716f945c3a0b532616e3fa4dd88ecff416b0c91798aac7072c610adef4e076f5609bc0a4431de4de4a7318115a3f45dd7105f0d25cf2f2eccfb949b7e9b1c6f051f1c8f61b95f665c219d1f32b7af585818e51a937f5d90b0dd2d1e68f4a9f94f8da2ab42b3c91c95871537d94fc2a191862cbbe28433c7773a3dabe82a371c47c905e46f74f4964fe4ff3551588cb97d089465d1df16daaf5617d5b677e2e77541f64ea33ad75611e1516f230d4f207f58494458b3e25a3ce1d1d098ae8a8db11fbb7783d6f3960e237c0a24e33043c21a552cedc8aa7a0838cb034070a5af237acaaacf0a4398b036cf32ddd2d614d26c53a3fdbd0fe8cd1e0064c8777ac8f9755e02ca4bf869bc94cd6bea3bab112f57aecc27e6011d4b4c8c3926abf995a39b4384f9bf410c4e3525a47d4db05f3c6c253c8adb2678c5f86dd2e5e3ffca798b5b756c0207e65a248449cd09abad3b3b8fcda337124bb66079dd1ac77949f3c8ddac7396eaf8348544164edb99e178d59c13878b8b8dbd0759cbf4b6b6d3dcb5adb4b6bf8402b93aa4a6b53789b627f68b772618cb8a9689ad282a230d6e5e125da910b4f26f72caf1eca8362b977f83bc16a798e05dfc6c7675cac8262e781db9db2250958ab6bda85ebd7c4d06681ee0f30bd062a08294ce0d459e10e3a0c2323373ec84ac3e6d99ec6134ee395b6ca8ad6e6a53dfba9a07747944cb2be0ed2fcac5c4e7c43a5da76031cec5169b3f445099322b704a5198c1018a3bce33a155e7881fac59fc526c32e954a700c4b6db8f25467b714d4b723224c1f1bcf59b2b75c577fe4acd95aea1c8ec9075945442a129a3efd5e64aa3d668be55e3c43580526e596a74baf605576606c7bab5005957371f075dbe44333465564af0eb35dfe14465d87035ee896e6fe8138ee43bc2d383e6ee51fe4ed62341d2a68ed64385ec31867f28ab33a8e0e0da7c6587432df0286d44a24ca0e85ae151307a24222fffc971b476e412a450c58d69b7b4a5d89c5f55170dc5f3689089f49894cf6d034f680067b28582ca2066d2578dec3528041289c7340355425064441b647a51bb4be746c165c10c0a2a82c8644a832a32877ea81e24a50c2e3f0fbc5b763656b6c7278cc83a94c65bbca431cefde888cd42b03299b591c756aca38f03ca7a8f61aa9a69de2ca81d7e5005fbd6c328493e2833d45fcb68cdfa761842b48aebf3570cec220dab6ab3b58e1214cf843b7201a8387077b5c1462f2b025f9c6a56f8", 0xd0b}], 0x5}}], 0x2, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000bc0)=0x2, 0x4) ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f00000001c0)={r2, r0}) write(r1, 0x0, 0x0) 396.660822ms ago: executing program 3 (id=2788): r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$inet6(r0, &(0x7f0000000900)={&(0x7f0000000180)={0xa, 0x4e24, 0x0, @dev}, 0x1c, 0x0, 0x0, &(0x7f00000000c0)=[@rthdr_2292={{0x28, 0x29, 0x5, {0x0, 0x2, 0x2, 0x1, 0x0, [@empty]}}}], 0x28, 0xffe0}, 0x0) 351.0874ms ago: executing program 4 (id=2789): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)=""/249, 0x101d0}], 0x1}, 0x0) r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r2, 0xffffffffffffffff}, 0x0, &(0x7f0000000500)}, 0x20) r4 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)=@o_path={&(0x7f0000000040)='./file0\x00', 0x0, 0x4018, r3}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64=r4, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0, 0x108}}, 0x0) sendmsg$nl_route(r5, &(0x7f00000005c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000580)={&(0x7f0000000640)=ANY=[@ANYBLOB="6c0000001d0008002bbd7000fcdbdf251c00000091d42fa33fadfc6a4f974e4c143860caef36083c2d7d01a815e52e59a3e90a32340dea6a6a674c97876fdc83775de791b60e97aa1f470d1ec3aec0105c2baeb1e7d4163aa1ba354506ae3e2789f9345128282c530560807b34c98fecda49bf9f32b21dca21ffeecd79f504c489944ee8e0a643a8fb5308c32c284e197d393fe3189565b8c9b384831103d3460a0d8daf12633679797c552f3d47ea4c52bb2e906a1f09de4518c607630188766018da929112a1a34669b75253447978d62b5b5a3ba701a26c99cb9bf38aa1", @ANYRES32=0x0, @ANYBLOB="1000040205000c0002000000060006004e21000005000c00fe0000000a000200eb028217d316000008000400070000001400030002000000e0000000030000000002000008000d0000010000080009001d0c0000"], 0x6c}, 0x1, 0x0, 0x0, 0x4040090}, 0x5) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002ac0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc8734c295cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f244a3c307145452ce64dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c65070020d7df0abc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r8, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r8, &(0x7f0000000200)=ANY=[@ANYBLOB="3a00030007"], 0xd) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x1c}}, 0x0) getsockname(0xffffffffffffffff, &(0x7f0000000280)=@xdp={0x2c, 0x0, 0x0}, &(0x7f0000000040)=0x80) sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="3400000010008105000000010000000000000000", @ANYRES32=r9, @ANYBLOB="0000000000000000140012800b000100627269646765"], 0x34}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000600)={'wpan3\x00'}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10) r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r11) sendmsg$NLBL_CIPSOV4_C_ADD(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="010000000000000000000100000004000480080002000100000008000100000000000400088011000c800c000b80080600008a3940"], 0x3c}}, 0x0) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x0) 313.374422ms ago: executing program 1 (id=2790): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_FLOWINFO={0x8, 0xc, 0x8}]}}}]}, 0x40}}, 0x8100) 272.280412ms ago: executing program 0 (id=2791): r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000100)={'sit0\x00', &(0x7f0000000400)={'tunl0\x00', 0x0, 0x700, 0x8, 0xffffffff, 0x7, {{0x5, 0x4, 0x2, 0x2, 0x14, 0x65, 0x0, 0x9, 0x4, 0x0, @remote, @local}}}}) 188.673332ms ago: executing program 3 (id=2792): bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@cgroup, 0xffffffffffffffff, 0x26}, 0x20) 165.386284ms ago: executing program 0 (id=2793): getpid() r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) syz_emit_ethernet(0xda, &(0x7f0000000140)={@local, @empty, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "2a1c99", 0x7, 0x11, 0x0, @empty, @mcast2, {[@srh], {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "b0575c7b4df2bddabab59df4a56afe54ba6a5d5d0d170fca692c777338468608", "29accf2af44c0e1aaaaf532417a91cadd9e65f82310f80cf64f46c761191fda0a250498ce1b5c603debf9e05d8de03dc", "3d73abde0da6c68c8d2dab5346224f905b3b904310b3bd00975f0a9f", {"6cde9c5018586db672628c1415233979", "ba3df3d8a8490bce9cafc2ab6acde477"}}}}}}}}, 0x0) 164.344246ms ago: executing program 1 (id=2794): sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000065c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0x18}}], 0x1, 0x0) r0 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x36, 0x0, 0x0, 0x20000000}, 0xa}], 0x400000000000172, 0x0) 24.650848ms ago: executing program 3 (id=2795): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001a00000020000180140002006261746164765f736c6176655f31000008000100", @ANYRES32=r3], 0x34}}, 0x0) 0s ago: executing program 2 (id=2796): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0xe) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, 0xffffffffffffffff}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xd5) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x20c9}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000440)={0x0, r3}, 0x10) kernel console output (not intermixed with test programs): ty 0, space 0, times 0 [ 241.707137][T10144] CPU: 0 UID: 0 PID: 10144 Comm: syz.4.1577 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 241.717959][T10144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 241.728042][T10144] Call Trace: [ 241.731337][T10144] [ 241.734279][T10144] dump_stack_lvl+0x241/0x360 [ 241.738984][T10144] ? __pfx_dump_stack_lvl+0x10/0x10 [ 241.744200][T10144] ? __pfx__printk+0x10/0x10 [ 241.748803][T10144] ? aa_label_sk_perm+0x4f0/0x6d0 [ 241.753859][T10144] should_fail_ex+0x3b0/0x4e0 [ 241.758562][T10144] _copy_from_user+0x2f/0xe0 [ 241.763174][T10144] copy_from_sockptr+0x62/0xa0 [ 241.767967][T10144] packet_setsockopt+0x528/0x1970 [ 241.773026][T10144] ? __pfx___might_resched+0x10/0x10 [ 241.778336][T10144] ? __pfx_packet_setsockopt+0x10/0x10 [ 241.783830][T10144] ? aa_sk_perm+0x96d/0xab0 [ 241.788365][T10144] ? __pfx_aa_sk_perm+0x10/0x10 [ 241.793246][T10144] ? __pfx_lock_acquire+0x10/0x10 [ 241.798303][T10144] ? aa_sock_opt_perm+0x79/0x120 [ 241.803271][T10144] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 241.808883][T10144] ? security_socket_setsockopt+0x87/0xb0 [ 241.814631][T10144] ? __pfx_packet_setsockopt+0x10/0x10 [ 241.820119][T10144] do_sock_setsockopt+0x3af/0x720 [ 241.825171][T10144] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 241.830738][T10144] ? __fget_files+0x29/0x470 [ 241.835354][T10144] ? __fget_files+0x3f6/0x470 [ 241.840065][T10144] __sys_setsockopt+0x1ae/0x250 [ 241.844939][T10144] __x64_sys_setsockopt+0xb5/0xd0 [ 241.849988][T10144] do_syscall_64+0xf3/0x230 [ 241.854512][T10144] ? clear_bhb_loop+0x35/0x90 [ 241.859213][T10144] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.865136][T10144] RIP: 0033:0x7fd530579e79 [ 241.869570][T10144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 241.889278][T10144] RSP: 002b:00007fd531293038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 241.897725][T10144] RAX: ffffffffffffffda RBX: 00007fd530715f80 RCX: 00007fd530579e79 [ 241.905726][T10144] RDX: 0000000000000014 RSI: 0000000000000107 RDI: 0000000000000003 [ 241.913716][T10144] RBP: 00007fd531293090 R08: 0000000000000004 R09: 0000000000000000 [ 241.921711][T10144] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001 [ 241.929795][T10144] R13: 0000000000000000 R14: 00007fd530715f80 R15: 00007ffc8cf78bb8 [ 241.937807][T10144] [ 242.357747][T10153] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1581'. [ 242.436688][T10155] team0: Port device netdevsim0 removed [ 242.443398][T10155] batman_adv: batadv2: Adding interface: netdevsim0 [ 242.461847][T10155] batman_adv: batadv2: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 242.509078][T10155] batman_adv: batadv2: Not using interface netdevsim0 (retrying later): interface not active [ 242.695316][T10167] netlink: 'syz.0.1586': attribute type 1 has an invalid length. [ 242.812592][T10167] bond9: entered promiscuous mode [ 242.911202][T10167] bond9: (slave team_slave_1): making interface the new active one [ 242.939978][T10167] team_slave_1: entered promiscuous mode [ 242.961531][T10167] bond9: (slave team_slave_1): Enslaving as an active interface with an up link [ 243.362759][T10186] __nla_validate_parse: 4 callbacks suppressed [ 243.362778][T10186] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1592'. [ 243.427697][T10188] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1591'. [ 243.450289][T10188] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1591'. [ 243.789767][T10194] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1594'. [ 244.112578][T10219] netlink: 'syz.0.1602': attribute type 1 has an invalid length. [ 244.157235][T10215] tipc: Failed to remove unknown binding: 66,1,1/0:3559557623/3559557625 [ 244.180706][T10224] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1602'. [ 244.208184][T10215] x_tables: ip_tables: osf match: only valid for protocol 6 [ 244.221595][T10224] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1602'. [ 244.259245][T10219] bond10: entered promiscuous mode [ 244.284339][T10228] FAULT_INJECTION: forcing a failure. [ 244.284339][T10228] name failslab, interval 1, probability 0, space 0, times 0 [ 244.299492][T10228] CPU: 1 UID: 0 PID: 10228 Comm: syz.2.1605 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 244.310287][T10228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 244.320355][T10228] Call Trace: [ 244.323644][T10228] [ 244.326586][T10228] dump_stack_lvl+0x241/0x360 [ 244.331293][T10228] ? __pfx_dump_stack_lvl+0x10/0x10 [ 244.336509][T10228] ? __pfx__printk+0x10/0x10 [ 244.341130][T10228] ? __kmalloc_noprof+0xb0/0x400 [ 244.346089][T10228] ? __pfx___might_resched+0x10/0x10 [ 244.351487][T10228] should_fail_ex+0x3b0/0x4e0 [ 244.356185][T10228] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 244.362448][T10228] should_failslab+0xac/0x100 [ 244.367144][T10228] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 244.373415][T10228] __kmalloc_noprof+0xd8/0x400 [ 244.378198][T10228] genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 244.384300][T10228] genl_rcv_msg+0x802/0xec0 [ 244.388825][T10228] ? mark_lock+0x9a/0x350 [ 244.393194][T10228] ? __pfx_genl_rcv_msg+0x10/0x10 [ 244.398348][T10228] ? __pfx_lock_acquire+0x10/0x10 [ 244.403401][T10228] ? __pfx_netlbl_cipsov4_add+0x10/0x10 [ 244.408968][T10228] ? __pfx___might_resched+0x10/0x10 [ 244.414257][T10228] netlink_rcv_skb+0x1e3/0x430 [ 244.419015][T10228] ? __pfx_genl_rcv_msg+0x10/0x10 [ 244.424033][T10228] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 244.429332][T10228] genl_rcv+0x28/0x40 [ 244.433304][T10228] netlink_unicast+0x7f6/0x990 [ 244.438069][T10228] ? __pfx_netlink_unicast+0x10/0x10 [ 244.443344][T10228] ? __virt_addr_valid+0x183/0x530 [ 244.448458][T10228] ? __check_object_size+0x49c/0x900 [ 244.453744][T10228] ? bpf_lsm_netlink_send+0x9/0x10 [ 244.458953][T10228] netlink_sendmsg+0x8e4/0xcb0 [ 244.463727][T10228] ? __pfx_netlink_sendmsg+0x10/0x10 [ 244.469098][T10228] ? __import_iovec+0x536/0x820 [ 244.474402][T10228] ? aa_sock_msg_perm+0x91/0x160 [ 244.479351][T10228] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 244.484636][T10228] ? security_socket_sendmsg+0x87/0xb0 [ 244.490096][T10228] ? __pfx_netlink_sendmsg+0x10/0x10 [ 244.495379][T10228] __sock_sendmsg+0x221/0x270 [ 244.500054][T10228] ____sys_sendmsg+0x525/0x7d0 [ 244.504823][T10228] ? __pfx_____sys_sendmsg+0x10/0x10 [ 244.510125][T10228] __sys_sendmsg+0x2b0/0x3a0 [ 244.514801][T10228] ? __pfx___sys_sendmsg+0x10/0x10 [ 244.519925][T10228] ? vfs_write+0x7c4/0xc90 [ 244.524377][T10228] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 244.530711][T10228] ? do_syscall_64+0x100/0x230 [ 244.535484][T10228] ? do_syscall_64+0xb6/0x230 [ 244.540163][T10228] do_syscall_64+0xf3/0x230 [ 244.544671][T10228] ? clear_bhb_loop+0x35/0x90 [ 244.549433][T10228] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.555416][T10228] RIP: 0033:0x7fb55cf79e79 [ 244.559913][T10228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 244.579512][T10228] RSP: 002b:00007fb55dd11038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 244.587917][T10228] RAX: ffffffffffffffda RBX: 00007fb55d115f80 RCX: 00007fb55cf79e79 [ 244.595879][T10228] RDX: 0000000000000000 RSI: 0000000020001ec0 RDI: 0000000000000004 [ 244.603841][T10228] RBP: 00007fb55dd11090 R08: 0000000000000000 R09: 0000000000000000 [ 244.611801][T10228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 244.619763][T10228] R13: 0000000000000000 R14: 00007fb55d115f80 R15: 00007ffe39325f78 [ 244.627740][T10228] [ 244.689306][T10233] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1607'. [ 244.699310][T10224] bond9: (slave team_slave_1): Releasing active interface [ 244.754434][T10224] team_slave_1: left promiscuous mode [ 244.809808][T10235] ieee802154 phy1 wpan1: encryption failed: -90 [ 244.850349][T10224] bond10: (slave team_slave_1): making interface the new active one [ 244.895848][T10224] team_slave_1: entered promiscuous mode [ 244.913383][T10224] bond10: (slave team_slave_1): Enslaving as an active interface with an up link [ 244.989044][T10231] lo speed is unknown, defaulting to 1000 [ 245.885383][T10273] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1621'. [ 245.974832][T10273] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1621'. [ 245.994138][T10280] FAULT_INJECTION: forcing a failure. [ 245.994138][T10280] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 246.017876][T10273] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1621'. [ 246.036196][T10280] CPU: 1 UID: 0 PID: 10280 Comm: syz.3.1625 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 246.047000][T10280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 246.057076][T10280] Call Trace: [ 246.060370][T10280] [ 246.063308][T10280] dump_stack_lvl+0x241/0x360 [ 246.068008][T10280] ? __pfx_dump_stack_lvl+0x10/0x10 [ 246.073226][T10280] ? __pfx__printk+0x10/0x10 [ 246.077830][T10280] ? aa_label_sk_perm+0x4f0/0x6d0 [ 246.082889][T10280] should_fail_ex+0x3b0/0x4e0 [ 246.087609][T10280] _copy_from_user+0x2f/0xe0 [ 246.092222][T10280] copy_from_sockptr+0x62/0xa0 [ 246.097043][T10280] packet_setsockopt+0x528/0x1970 [ 246.102070][T10280] ? __pfx___might_resched+0x10/0x10 [ 246.107352][T10280] ? __pfx_packet_setsockopt+0x10/0x10 [ 246.112808][T10280] ? rcu_read_lock_any_held+0xb7/0x160 [ 246.118263][T10280] ? aa_sk_perm+0x96d/0xab0 [ 246.122758][T10280] ? sb_end_write+0xe9/0x1c0 [ 246.127339][T10280] ? __pfx_aa_sk_perm+0x10/0x10 [ 246.132178][T10280] ? vfs_write+0x7c4/0xc90 [ 246.136593][T10280] ? aa_sock_opt_perm+0x79/0x120 [ 246.141621][T10280] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 246.147164][T10280] ? security_socket_setsockopt+0x87/0xb0 [ 246.152877][T10280] ? __pfx_packet_setsockopt+0x10/0x10 [ 246.158340][T10280] do_sock_setsockopt+0x3af/0x720 [ 246.163363][T10280] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 246.168920][T10280] __sys_setsockopt+0x1ae/0x250 [ 246.173770][T10280] __x64_sys_setsockopt+0xb5/0xd0 [ 246.178798][T10280] do_syscall_64+0xf3/0x230 [ 246.183292][T10280] ? clear_bhb_loop+0x35/0x90 [ 246.187968][T10280] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.193859][T10280] RIP: 0033:0x7f83fdd79e79 [ 246.198274][T10280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.217987][T10280] RSP: 002b:00007f83feac0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 246.226394][T10280] RAX: ffffffffffffffda RBX: 00007f83fdf15f80 RCX: 00007f83fdd79e79 [ 246.234356][T10280] RDX: 0000000000000014 RSI: 0000000000000107 RDI: 0000000000000004 [ 246.242321][T10280] RBP: 00007f83feac0090 R08: 0000000000000004 R09: 0000000000000000 [ 246.250368][T10280] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001 [ 246.258341][T10280] R13: 0000000000000000 R14: 00007f83fdf15f80 R15: 00007ffc5ef7e0e8 [ 246.266327][T10280] [ 246.372127][T10276] bridge_slave_0: left allmulticast mode [ 246.410554][T10276] bridge_slave_0: left promiscuous mode [ 246.430584][T10276] bridge0: port 1(bridge_slave_0) entered disabled state [ 246.462025][T10276] bridge_slave_1: left allmulticast mode [ 246.467908][T10276] bridge_slave_1: left promiscuous mode [ 246.498235][T10276] bridge0: port 2(bridge_slave_1) entered disabled state [ 246.553068][T10276] bond0: (slave bond_slave_0): Releasing backup interface [ 246.586514][T10276] bond_slave_0: left promiscuous mode [ 246.627975][T10276] bond0: (slave bond_slave_1): Releasing backup interface [ 246.650401][T10276] bond_slave_1: left promiscuous mode [ 246.704984][T10276] team0: Port device team_slave_0 removed [ 246.727942][T10276] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 246.742328][T10276] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 246.751844][T10276] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 246.780537][T10276] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 246.792401][T10306] syz.2.1634 uses old SIOCAX25GETINFO [ 246.829543][T10276] bond0: (slave netdevsim0): Releasing backup interface [ 246.838285][T10276] netdevsim netdevsim1 netdevsim0: left promiscuous mode [ 246.876550][T10276] bond0: (slave vlan2): Releasing backup interface [ 246.892481][T10276] batadv0: left promiscuous mode [ 246.916699][T10276] bond3: (slave ip6gretap1): Releasing backup interface [ 246.989674][T10285] team0: Port device wg2 added [ 247.167217][T10321] FAULT_INJECTION: forcing a failure. [ 247.167217][T10321] name failslab, interval 1, probability 0, space 0, times 0 [ 247.180183][T10321] CPU: 0 UID: 0 PID: 10321 Comm: syz.1.1638 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 247.190972][T10321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 247.201041][T10321] Call Trace: [ 247.204333][T10321] [ 247.207281][T10321] dump_stack_lvl+0x241/0x360 [ 247.211988][T10321] ? __pfx_dump_stack_lvl+0x10/0x10 [ 247.217216][T10321] ? __pfx__printk+0x10/0x10 [ 247.221855][T10321] should_fail_ex+0x3b0/0x4e0 [ 247.226557][T10321] ? skb_clone+0x20c/0x390 [ 247.231088][T10321] should_failslab+0xac/0x100 [ 247.235885][T10321] ? skb_clone+0x20c/0x390 [ 247.240317][T10321] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 247.245691][T10321] skb_clone+0x20c/0x390 [ 247.249928][T10321] ? dev_queue_xmit_nit+0x220/0xc10 [ 247.255208][T10321] dev_queue_xmit_nit+0x419/0xc10 [ 247.260223][T10321] ? dev_queue_xmit_nit+0x2b/0xc10 [ 247.265331][T10321] ? validate_xmit_skb+0x9f9/0x1120 [ 247.270965][T10321] dev_hard_start_xmit+0x15f/0x7e0 [ 247.276083][T10321] ? __pfx_validate_xmit_skb+0x10/0x10 [ 247.281565][T10321] __dev_queue_xmit+0x1b63/0x3e90 [ 247.286613][T10321] ? __dev_queue_xmit+0x2da/0x3e90 [ 247.291730][T10321] ? __pfx___dev_queue_xmit+0x10/0x10 [ 247.297125][T10321] ? rcu_is_watching+0x15/0xb0 [ 247.301896][T10321] ? skb_release_data+0x2b5/0x880 [ 247.306962][T10321] ? pskb_expand_head+0xc89/0x1390 [ 247.312092][T10321] ? __bpf_redirect+0x51c/0xe40 [ 247.316945][T10321] __bpf_tx_skb+0x18e/0x260 [ 247.321445][T10321] bpf_clone_redirect+0x26f/0x3d0 [ 247.326473][T10321] bpf_prog_bf17f61a12bc632f+0x5e/0x63 [ 247.331926][T10321] ? preempt_schedule+0xe1/0xf0 [ 247.336775][T10321] ? preempt_schedule_common+0x84/0xd0 [ 247.342227][T10321] ? preempt_schedule+0xe1/0xf0 [ 247.347070][T10321] ? __pfx_preempt_schedule+0x10/0x10 [ 247.352432][T10321] ? bpf_test_run+0x370/0xa90 [ 247.357097][T10321] ? __pfx_lockdep_softirqs_off+0x10/0x10 [ 247.362824][T10321] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 247.369234][T10321] ? preempt_schedule_thunk+0x1a/0x30 [ 247.374602][T10321] ? bpf_test_run+0x370/0xa90 [ 247.379266][T10321] ? __pfx___cant_migrate+0x10/0x10 [ 247.384454][T10321] ? bpf_test_run+0x370/0xa90 [ 247.389123][T10321] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 247.394839][T10321] ? bpf_test_timer_continue+0x11a/0x350 [ 247.400468][T10321] bpf_test_run+0x4f0/0xa90 [ 247.404960][T10321] ? do_syscall_64+0xf3/0x230 [ 247.409629][T10321] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 247.415692][T10321] ? bpf_test_run+0x370/0xa90 [ 247.420369][T10321] ? __pfx_bpf_test_run+0x10/0x10 [ 247.425393][T10321] ? eth_type_trans+0x3d1/0x7a0 [ 247.430253][T10321] ? __pfx_eth_type_trans+0x10/0x10 [ 247.435448][T10321] ? convert___skb_to_skb+0x41/0x620 [ 247.440726][T10321] bpf_prog_test_run_skb+0xc97/0x1820 [ 247.446110][T10321] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 247.451910][T10321] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 247.457831][T10321] bpf_prog_test_run+0x33a/0x3b0 [ 247.462777][T10321] __sys_bpf+0x48d/0x810 [ 247.467024][T10321] ? __pfx___sys_bpf+0x10/0x10 [ 247.471798][T10321] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 247.477794][T10321] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 247.484127][T10321] ? do_syscall_64+0x100/0x230 [ 247.488893][T10321] __x64_sys_bpf+0x7c/0x90 [ 247.493309][T10321] do_syscall_64+0xf3/0x230 [ 247.497810][T10321] ? clear_bhb_loop+0x35/0x90 [ 247.502487][T10321] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 247.508380][T10321] RIP: 0033:0x7ff1d4b79e79 [ 247.512791][T10321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 247.532420][T10321] RSP: 002b:00007ff1d45ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 247.540933][T10321] RAX: ffffffffffffffda RBX: 00007ff1d4d15f80 RCX: 00007ff1d4b79e79 [ 247.548908][T10321] RDX: 000000000000002c RSI: 0000000020000080 RDI: 000000000000000a [ 247.556874][T10321] RBP: 00007ff1d45ff090 R08: 0000000000000000 R09: 0000000000000000 [ 247.564840][T10321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 247.572889][T10321] R13: 0000000000000000 R14: 00007ff1d4d15f80 R15: 00007ffe792fa298 [ 247.580873][T10321] [ 247.748803][ T5280] IPVS: starting estimator thread 0... [ 247.835872][T10329] IPVS: using max 25 ests per chain, 60000 per kthread [ 247.893621][T10331] xt_l2tp: v2 doesn't support IP mode [ 247.919915][T10314] syzkaller0: entered promiscuous mode [ 247.925441][T10314] syzkaller0: entered allmulticast mode [ 248.029976][T10326] team0: Caught tx_queue_len zero misconfig [ 248.352693][T10343] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 249.867333][T10331] bond0: (slave ip6tnl2): The slave device specified does not support setting the MAC address [ 249.926445][T10331] bond0: (slave ip6tnl2): Error -95 calling set_mac_address [ 249.982108][T10350] __nla_validate_parse: 4 callbacks suppressed [ 249.982128][T10350] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1646'. [ 250.302907][T10365] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1652'. [ 250.306688][T10368] ieee802154 phy1 wpan1: encryption failed: -90 [ 250.320722][T10365] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1652'. [ 250.548470][T10373] tipc: Failed to remove unknown binding: 66,1,1/0:56116210/56116212 [ 250.556538][T10378] syzkaller1: entered promiscuous mode [ 250.562077][T10378] syzkaller1: entered allmulticast mode [ 250.584639][T10373] x_tables: ip_tables: osf match: only valid for protocol 6 [ 250.647447][T10378] bond0: (slave vlan3): Opening slave failed [ 250.783502][T10390] sctp: [Deprecated]: syz.0.1658 (pid 10390) Use of struct sctp_assoc_value in delayed_ack socket option. [ 250.783502][T10390] Use struct sctp_sack_info instead [ 250.850260][T10391] sctp: [Deprecated]: syz.2.1659 (pid 10391) Use of struct sctp_assoc_value in delayed_ack socket option. [ 250.850260][T10391] Use struct sctp_sack_info instead [ 250.886755][T10392] sctp: [Deprecated]: syz.4.1660 (pid 10392) Use of struct sctp_assoc_value in delayed_ack socket option. [ 250.886755][T10392] Use struct sctp_sack_info instead [ 250.889616][T10394] FAULT_INJECTION: forcing a failure. [ 250.889616][T10394] name failslab, interval 1, probability 0, space 0, times 0 [ 250.922260][T10394] CPU: 0 UID: 0 PID: 10394 Comm: syz.1.1661 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 250.933486][T10394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 250.943577][T10394] Call Trace: [ 250.946936][T10394] [ 250.949851][T10394] dump_stack_lvl+0x241/0x360 [ 250.954530][T10394] ? __pfx_dump_stack_lvl+0x10/0x10 [ 250.959718][T10394] ? __pfx__printk+0x10/0x10 [ 250.964295][T10394] ? fs_reclaim_acquire+0x93/0x140 [ 250.969394][T10394] ? __pfx___might_resched+0x10/0x10 [ 250.974662][T10394] ? dynamic_dname+0x141/0x1b0 [ 250.979433][T10394] should_fail_ex+0x3b0/0x4e0 [ 250.984130][T10394] ? tomoyo_encode+0x26f/0x540 [ 250.989006][T10394] should_failslab+0xac/0x100 [ 250.993710][T10394] ? tomoyo_encode+0x26f/0x540 [ 250.998661][T10394] __kmalloc_noprof+0xd8/0x400 [ 251.003435][T10394] tomoyo_encode+0x26f/0x540 [ 251.008019][T10394] ? __pfx_sockfs_dname+0x10/0x10 [ 251.013127][T10394] tomoyo_realpath_from_path+0x59e/0x5e0 [ 251.018752][T10394] tomoyo_path_number_perm+0x23a/0x880 [ 251.024208][T10394] ? tomoyo_path_number_perm+0x208/0x880 [ 251.029840][T10394] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 251.035875][T10394] ? __fget_files+0x29/0x470 [ 251.040521][T10394] ? __fget_files+0x3f6/0x470 [ 251.045238][T10394] ? __fget_files+0x29/0x470 [ 251.049918][T10394] security_file_ioctl+0x75/0xb0 [ 251.054847][T10394] __se_sys_ioctl+0x47/0x170 [ 251.059431][T10394] do_syscall_64+0xf3/0x230 [ 251.063928][T10394] ? clear_bhb_loop+0x35/0x90 [ 251.068604][T10394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.074503][T10394] RIP: 0033:0x7ff1d4b79e79 [ 251.078918][T10394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 251.098542][T10394] RSP: 002b:00007ff1d45ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 251.106945][T10394] RAX: ffffffffffffffda RBX: 00007ff1d4d15f80 RCX: 00007ff1d4b79e79 [ 251.114907][T10394] RDX: 0000000020000040 RSI: 0000000000008b05 RDI: 0000000000000003 [ 251.122864][T10394] RBP: 00007ff1d45ff090 R08: 0000000000000000 R09: 0000000000000000 [ 251.130832][T10394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 251.138814][T10394] R13: 0000000000000000 R14: 00007ff1d4d15f80 R15: 00007ffe792fa298 [ 251.146799][T10394] [ 251.154940][T10394] ERROR: Out of memory at tomoyo_realpath_from_path. [ 251.459211][T10409] lo speed is unknown, defaulting to 1000 [ 251.713551][T10414] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1667'. [ 251.736887][T10414] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1667'. [ 251.753384][T10414] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1667'. [ 252.088553][T10427] FAULT_INJECTION: forcing a failure. [ 252.088553][T10427] name failslab, interval 1, probability 0, space 0, times 0 [ 252.140487][T10427] CPU: 1 UID: 0 PID: 10427 Comm: syz.0.1672 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 252.151300][T10427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 252.161381][T10427] Call Trace: [ 252.164672][T10427] [ 252.167615][T10427] dump_stack_lvl+0x241/0x360 [ 252.172320][T10427] ? __pfx_dump_stack_lvl+0x10/0x10 [ 252.177543][T10427] ? __pfx__printk+0x10/0x10 [ 252.182156][T10427] ? ref_tracker_alloc+0x332/0x490 [ 252.187293][T10427] should_fail_ex+0x3b0/0x4e0 [ 252.191990][T10427] ? skb_clone+0x20c/0x390 [ 252.196424][T10427] should_failslab+0xac/0x100 [ 252.197835][T10429] FAULT_INJECTION: forcing a failure. [ 252.197835][T10429] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 252.201102][T10427] ? skb_clone+0x20c/0x390 [ 252.218559][T10427] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 252.223950][T10427] skb_clone+0x20c/0x390 [ 252.228212][T10427] __netlink_deliver_tap+0x3cc/0x7c0 [ 252.233534][T10427] ? netlink_deliver_tap+0x2e/0x1b0 [ 252.238753][T10427] netlink_deliver_tap+0x19d/0x1b0 [ 252.243884][T10427] netlink_unicast+0x7c4/0x990 [ 252.248676][T10427] ? __pfx_netlink_unicast+0x10/0x10 [ 252.253972][T10427] ? __virt_addr_valid+0x183/0x530 [ 252.259097][T10427] ? __check_object_size+0x49c/0x900 [ 252.264385][T10427] ? bpf_lsm_netlink_send+0x9/0x10 [ 252.269514][T10427] netlink_sendmsg+0x8e4/0xcb0 [ 252.274300][T10427] ? __pfx_netlink_sendmsg+0x10/0x10 [ 252.279599][T10427] ? __import_iovec+0x536/0x820 [ 252.284451][T10427] ? aa_sock_msg_perm+0x91/0x160 [ 252.289398][T10427] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 252.294698][T10427] ? security_socket_sendmsg+0x87/0xb0 [ 252.300180][T10427] ? __pfx_netlink_sendmsg+0x10/0x10 [ 252.305475][T10427] __sock_sendmsg+0x221/0x270 [ 252.310175][T10427] ____sys_sendmsg+0x525/0x7d0 [ 252.314956][T10427] ? __pfx_____sys_sendmsg+0x10/0x10 [ 252.320269][T10427] __sys_sendmsg+0x2b0/0x3a0 [ 252.324874][T10427] ? __pfx___sys_sendmsg+0x10/0x10 [ 252.329997][T10427] ? vfs_write+0x7c4/0xc90 [ 252.334479][T10427] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 252.340828][T10427] ? do_syscall_64+0x100/0x230 [ 252.345601][T10427] ? do_syscall_64+0xb6/0x230 [ 252.350287][T10427] do_syscall_64+0xf3/0x230 [ 252.354797][T10427] ? clear_bhb_loop+0x35/0x90 [ 252.359492][T10427] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 252.365407][T10427] RIP: 0033:0x7f9d3d379e79 [ 252.369833][T10427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 252.389453][T10427] RSP: 002b:00007f9d3e190038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 252.397890][T10427] RAX: ffffffffffffffda RBX: 00007f9d3d515f80 RCX: 00007f9d3d379e79 [ 252.403757][T10431] xt_hashlimit: overflow, try lower: 17592186044416/3744 [ 252.405853][T10427] RDX: 0000000020004000 RSI: 0000000020000280 RDI: 0000000000000003 [ 252.405871][T10427] RBP: 00007f9d3e190090 R08: 0000000000000000 R09: 0000000000000000 [ 252.405884][T10427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 252.405896][T10427] R13: 0000000000000000 R14: 00007f9d3d515f80 R15: 00007ffd7b159ec8 [ 252.405924][T10427] [ 252.450390][T10429] CPU: 0 UID: 0 PID: 10429 Comm: syz.3.1674 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 252.461175][T10429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 252.471244][T10429] Call Trace: [ 252.474531][T10429] [ 252.477474][T10429] dump_stack_lvl+0x241/0x360 [ 252.482166][T10429] ? __pfx_dump_stack_lvl+0x10/0x10 [ 252.487373][T10429] ? __pfx__printk+0x10/0x10 [ 252.491981][T10429] ? __pfx_lock_release+0x10/0x10 [ 252.497028][T10429] ? rcu_read_lock_any_held+0xb7/0x160 [ 252.502508][T10429] should_fail_ex+0x3b0/0x4e0 [ 252.507203][T10429] _copy_from_user+0x2f/0xe0 [ 252.511820][T10429] rawv6_setsockopt+0x273/0x740 [ 252.516696][T10429] ? __pfx_rawv6_setsockopt+0x10/0x10 [ 252.522091][T10429] ? aa_sock_opt_perm+0x79/0x120 [ 252.527059][T10429] ? sock_common_setsockopt+0x37/0xc0 [ 252.532466][T10429] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 252.538386][T10429] do_sock_setsockopt+0x3af/0x720 [ 252.543463][T10429] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 252.549047][T10429] __sys_setsockopt+0x1ae/0x250 [ 252.553921][T10429] __x64_sys_setsockopt+0xb5/0xd0 [ 252.558962][T10429] do_syscall_64+0xf3/0x230 [ 252.563464][T10429] ? clear_bhb_loop+0x35/0x90 [ 252.568141][T10429] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 252.574026][T10429] RIP: 0033:0x7f83fdd79e79 [ 252.578434][T10429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 252.598028][T10429] RSP: 002b:00007f83feac0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 252.606432][T10429] RAX: ffffffffffffffda RBX: 00007f83fdf15f80 RCX: 00007f83fdd79e79 [ 252.614391][T10429] RDX: 0000000000000007 RSI: 0000000000000029 RDI: 0000000000000004 [ 252.622351][T10429] RBP: 00007f83feac0090 R08: 0000000000000004 R09: 0000000000000000 [ 252.630311][T10429] R10: 00000000200003c0 R11: 0000000000000246 R12: 0000000000000001 [ 252.638270][T10429] R13: 0000000000000000 R14: 00007f83fdf15f80 R15: 00007ffc5ef7e0e8 [ 252.646275][T10429] [ 253.015267][T10449] sctp: [Deprecated]: syz.3.1676 (pid 10449) Use of struct sctp_assoc_value in delayed_ack socket option. [ 253.015267][T10449] Use struct sctp_sack_info instead [ 253.253641][T10454] Cannot find add_set index 0 as target [ 253.535428][T10466] xt_TCPMSS: Only works on TCP SYN packets [ 253.559588][T10466] netlink: 'syz.4.1683': attribute type 10 has an invalid length. [ 253.579276][T10466] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1683'. [ 253.732755][T10441] syz.3.1676 (10441) used greatest stack depth: 17632 bytes left [ 253.877406][T10485] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 253.900676][T10484] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1689'. [ 253.943417][T10484] FAULT_INJECTION: forcing a failure. [ 253.943417][T10484] name failslab, interval 1, probability 0, space 0, times 0 [ 253.965492][T10481] lo speed is unknown, defaulting to 1000 [ 253.978654][T10484] CPU: 1 UID: 0 PID: 10484 Comm: syz.0.1689 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 253.984824][T10488] netlink: 'syz.4.1690': attribute type 1 has an invalid length. [ 253.989528][T10484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 253.989545][T10484] Call Trace: [ 253.989554][T10484] [ 253.989563][T10484] dump_stack_lvl+0x241/0x360 [ 253.989592][T10484] ? __pfx_dump_stack_lvl+0x10/0x10 [ 253.989613][T10484] ? __pfx__printk+0x10/0x10 [ 253.989635][T10484] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 253.989655][T10484] ? __pfx___might_resched+0x10/0x10 [ 253.989683][T10484] should_fail_ex+0x3b0/0x4e0 [ 254.015816][T10488] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1690'. [ 254.018379][T10484] should_failslab+0xac/0x100 [ 254.057745][T10484] ? __alloc_skb+0x1c3/0x440 [ 254.062364][T10484] kmem_cache_alloc_node_noprof+0x71/0x320 [ 254.068195][T10484] __alloc_skb+0x1c3/0x440 [ 254.072635][T10484] ? __pfx___alloc_skb+0x10/0x10 [ 254.077606][T10484] ? netlink_ack_tlv_len+0x6e/0x200 [ 254.082818][T10484] netlink_ack+0x13f/0xa30 [ 254.087332][T10484] ? __pfx_lock_acquire+0x10/0x10 [ 254.092370][T10484] ? __pfx_netlbl_cipsov4_add+0x10/0x10 [ 254.097951][T10484] netlink_rcv_skb+0x262/0x430 [ 254.102724][T10484] ? __pfx_genl_rcv_msg+0x10/0x10 [ 254.107768][T10484] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 254.113106][T10484] genl_rcv+0x28/0x40 [ 254.117112][T10484] netlink_unicast+0x7f6/0x990 [ 254.121905][T10484] ? __pfx_netlink_unicast+0x10/0x10 [ 254.127204][T10484] ? __virt_addr_valid+0x183/0x530 [ 254.132332][T10484] ? __check_object_size+0x49c/0x900 [ 254.137629][T10484] ? bpf_lsm_netlink_send+0x9/0x10 [ 254.142761][T10484] netlink_sendmsg+0x8e4/0xcb0 [ 254.147558][T10484] ? __pfx_netlink_sendmsg+0x10/0x10 [ 254.152855][T10484] ? __import_iovec+0x536/0x820 [ 254.157718][T10484] ? aa_sock_msg_perm+0x91/0x160 [ 254.162670][T10484] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 254.167971][T10484] ? security_socket_sendmsg+0x87/0xb0 [ 254.173449][T10484] ? __pfx_netlink_sendmsg+0x10/0x10 [ 254.178750][T10484] __sock_sendmsg+0x221/0x270 [ 254.183456][T10484] ____sys_sendmsg+0x525/0x7d0 [ 254.188250][T10484] ? __pfx_____sys_sendmsg+0x10/0x10 [ 254.193575][T10484] __sys_sendmsg+0x2b0/0x3a0 [ 254.198194][T10484] ? __pfx___sys_sendmsg+0x10/0x10 [ 254.203326][T10484] ? vfs_write+0x7c4/0xc90 [ 254.207808][T10484] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 254.214156][T10484] ? do_syscall_64+0x100/0x230 [ 254.218939][T10484] ? do_syscall_64+0xb6/0x230 [ 254.223632][T10484] do_syscall_64+0xf3/0x230 [ 254.228152][T10484] ? clear_bhb_loop+0x35/0x90 [ 254.232847][T10484] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.238756][T10484] RIP: 0033:0x7f9d3d379e79 [ 254.243186][T10484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 254.262807][T10484] RSP: 002b:00007f9d3e190038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 254.271255][T10484] RAX: ffffffffffffffda RBX: 00007f9d3d515f80 RCX: 00007f9d3d379e79 [ 254.279373][T10484] RDX: 0000000000000000 RSI: 0000000020001ec0 RDI: 0000000000000004 [ 254.287369][T10484] RBP: 00007f9d3e190090 R08: 0000000000000000 R09: 0000000000000000 [ 254.295359][T10484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 254.303346][T10484] R13: 0000000000000000 R14: 00007f9d3d515f80 R15: 00007ffd7b159ec8 [ 254.311355][T10484] [ 254.494306][T10498] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1693'. [ 254.515742][T10498] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 254.915415][T10500] bridge0: port 3(vlan3) entered blocking state [ 254.933410][T10500] bridge0: port 3(vlan3) entered disabled state [ 254.949398][T10500] vlan3: entered allmulticast mode [ 254.968950][T10500] vlan3: left allmulticast mode [ 255.284807][T10510] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 255.534280][T10518] sctp: [Deprecated]: syz.2.1698 (pid 10518) Use of struct sctp_assoc_value in delayed_ack socket option. [ 255.534280][T10518] Use struct sctp_sack_info instead [ 255.553459][T10523] ieee802154 phy1 wpan1: encryption failed: -90 [ 255.700962][T10525] netlink: 'syz.3.1702': attribute type 1 has an invalid length. [ 255.711619][T10525] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1702'. [ 255.842774][T10529] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1704'. [ 255.978287][ T1261] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.113709][T10535] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1706'. [ 256.166249][T10535] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1706'. [ 256.455161][T10545] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1709'. [ 256.657641][T10550] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1712'. [ 256.657791][T10551] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1711'. [ 256.926055][T10562] netlink: 'syz.1.1715': attribute type 1 has an invalid length. [ 256.933837][T10562] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1715'. [ 257.173295][T10569] tipc: Started in network mode [ 257.192080][T10569] tipc: Node identity ac1414aa, cluster identity 4711 [ 257.217598][T10569] tipc: New replicast peer: 100.1.1.1 [ 257.236456][T10569] tipc: Enabled bearer , priority 10 [ 257.262192][T10576] sctp: [Deprecated]: syz.2.1717 (pid 10576) Use of struct sctp_assoc_value in delayed_ack socket option. [ 257.262192][T10576] Use struct sctp_sack_info instead [ 257.263749][T10572] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1720'. [ 258.012392][T10604] netlink: 'syz.4.1730': attribute type 1 has an invalid length. [ 258.035870][T10604] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1730'. [ 258.056013][ T54] Bluetooth: hci6: command 0x0405 tx timeout [ 258.378648][T10607] lo speed is unknown, defaulting to 1000 [ 258.382006][ T25] tipc: Node number set to 2886997162 [ 259.453817][T10654] sctp: [Deprecated]: syz.0.1741 (pid 10654) Use of struct sctp_assoc_value in delayed_ack socket option. [ 259.453817][T10654] Use struct sctp_sack_info instead [ 259.527975][T10655] netlink: 'syz.4.1744': attribute type 1 has an invalid length. [ 259.704923][T10665] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 259.929145][T10668] syz.3.1749[10668] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 259.929306][T10668] syz.3.1749[10668] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 260.033602][T10668] syz.3.1749[10668] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 260.716031][T10702] __nla_validate_parse: 9 callbacks suppressed [ 260.716051][T10702] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1761'. [ 260.763462][T10699] bond3: entered allmulticast mode [ 260.820898][T10699] bond3 (unregistering): left allmulticast mode [ 260.849088][T10714] netlink: 860 bytes leftover after parsing attributes in process `syz.3.1762'. [ 260.887278][T10699] bond3 (unregistering): Released all slaves [ 260.991029][T10717] FAULT_INJECTION: forcing a failure. [ 260.991029][T10717] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 261.009989][T10719] pim6reg: entered allmulticast mode [ 261.036289][T10717] CPU: 1 UID: 0 PID: 10717 Comm: syz.0.1764 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 261.047105][T10717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 261.057209][T10717] Call Trace: [ 261.060507][T10717] [ 261.063457][T10717] dump_stack_lvl+0x241/0x360 [ 261.068161][T10717] ? __pfx_dump_stack_lvl+0x10/0x10 [ 261.073375][T10717] ? __pfx__printk+0x10/0x10 [ 261.077990][T10717] ? snprintf+0xda/0x120 [ 261.082257][T10717] should_fail_ex+0x3b0/0x4e0 [ 261.083123][T10722] sctp: [Deprecated]: syz.1.1763 (pid 10722) Use of struct sctp_assoc_value in delayed_ack socket option. [ 261.083123][T10722] Use struct sctp_sack_info instead [ 261.087027][T10717] _copy_to_user+0x2f/0xb0 [ 261.087086][T10717] simple_read_from_buffer+0xca/0x150 [ 261.087113][T10717] proc_fail_nth_read+0x1ec/0x260 [ 261.087138][T10717] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 261.087164][T10717] ? rw_verify_area+0x520/0x6b0 [ 261.087185][T10717] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 261.087207][T10717] vfs_read+0x204/0xbc0 [ 261.087227][T10717] ? __pfx_lock_release+0x10/0x10 [ 261.087257][T10717] ? __pfx_vfs_read+0x10/0x10 [ 261.087282][T10717] ? __fget_files+0x29/0x470 [ 261.087307][T10717] ? __fget_files+0x3f6/0x470 [ 261.087342][T10717] ksys_read+0x1a0/0x2c0 [ 261.087368][T10717] ? __pfx_ksys_read+0x10/0x10 [ 261.087391][T10717] ? do_syscall_64+0x100/0x230 [ 261.087415][T10717] ? do_syscall_64+0xb6/0x230 [ 261.087454][T10717] do_syscall_64+0xf3/0x230 [ 261.087474][T10717] ? clear_bhb_loop+0x35/0x90 [ 261.087501][T10717] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.087523][T10717] RIP: 0033:0x7f9d3d3788bc [ 261.087542][T10717] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 261.087562][T10717] RSP: 002b:00007f9d3e190030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 261.087585][T10717] RAX: ffffffffffffffda RBX: 00007f9d3d515f80 RCX: 00007f9d3d3788bc [ 261.231730][T10717] RDX: 000000000000000f RSI: 00007f9d3e1900a0 RDI: 0000000000000004 [ 261.239722][T10717] RBP: 00007f9d3e190090 R08: 0000000000000000 R09: 0000000000000000 [ 261.247717][T10717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 261.255707][T10717] R13: 0000000000000000 R14: 00007f9d3d515f80 R15: 00007ffd7b159ec8 [ 261.263709][T10717] [ 261.286976][ C1] hrtimer: interrupt took 20221694 ns [ 261.516042][T10733] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1768'. [ 261.550455][T10733] netlink: 92 bytes leftover after parsing attributes in process `syz.4.1768'. [ 261.576307][T10733] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1768'. [ 262.126628][T10752] netlink: 'syz.4.1777': attribute type 1 has an invalid length. [ 262.310034][T10752] bond6: entered promiscuous mode [ 262.352521][T10759] netlink: 9412 bytes leftover after parsing attributes in process `syz.2.1780'. [ 262.383141][T10757] bond5: (slave team_slave_1): Releasing active interface [ 262.412534][T10757] team_slave_1: left promiscuous mode [ 262.427723][T10759] Cannot find del_set index 3 as target [ 262.478308][T10757] team_slave_1: entered promiscuous mode [ 262.497299][T10757] bond6: (slave team_slave_1): Enslaving as an active interface with an up link [ 262.520218][T10770] netlink: 'syz.1.1781': attribute type 1 has an invalid length. [ 262.540170][T10760] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1777'. [ 262.545851][T10770] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1781'. [ 262.571159][T10760] bond6: left promiscuous mode [ 262.590765][T10760] team_slave_1: left promiscuous mode [ 262.628296][T10760] 8021q: adding VLAN 0 to HW filter on device bond6 [ 262.645352][T10759] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1780'. [ 262.692334][T10759] vlan2: entered promiscuous mode [ 263.164456][T10796] sctp: [Deprecated]: syz.1.1786 (pid 10796) Use of struct sctp_assoc_value in delayed_ack socket option. [ 263.164456][T10796] Use struct sctp_sack_info instead [ 263.249988][T10799] FAULT_INJECTION: forcing a failure. [ 263.249988][T10799] name failslab, interval 1, probability 0, space 0, times 0 [ 263.264935][T10799] CPU: 1 UID: 0 PID: 10799 Comm: syz.4.1790 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 263.275729][T10799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 263.285809][T10799] Call Trace: [ 263.289451][T10799] [ 263.292395][T10799] dump_stack_lvl+0x241/0x360 [ 263.297128][T10799] ? __pfx_dump_stack_lvl+0x10/0x10 [ 263.302363][T10799] ? __pfx__printk+0x10/0x10 [ 263.306976][T10799] ? __kmalloc_node_noprof+0xb7/0x440 [ 263.312366][T10799] ? __pfx___might_resched+0x10/0x10 [ 263.317674][T10799] should_fail_ex+0x3b0/0x4e0 [ 263.322368][T10799] should_failslab+0xac/0x100 [ 263.327051][T10799] __kmalloc_node_noprof+0xdf/0x440 [ 263.332269][T10799] ? __kvmalloc_node_noprof+0x72/0x190 [ 263.337748][T10799] ? __pfx_vlan_setup+0x10/0x10 [ 263.342610][T10799] __kvmalloc_node_noprof+0x72/0x190 [ 263.347920][T10799] alloc_netdev_mqs+0x9b/0x1000 [ 263.352784][T10799] ? __pfx_vlan_setup+0x10/0x10 [ 263.357649][T10799] ? bpf_lsm_capable+0x9/0x10 [ 263.362360][T10799] ? security_capable+0x90/0xb0 [ 263.367232][T10799] rtnl_create_link+0x2f9/0xc20 [ 263.372104][T10799] rtnl_newlink+0x1423/0x20a0 [ 263.376809][T10799] ? rtnl_newlink+0xa71/0x20a0 [ 263.381611][T10799] ? __pfx_rtnl_newlink+0x10/0x10 [ 263.386653][T10799] ? __pfx___mutex_trylock_common+0x10/0x10 [ 263.392565][T10799] ? rcu_is_watching+0x15/0xb0 [ 263.397351][T10799] ? trace_contention_end+0x3c/0x120 [ 263.402652][T10799] ? __mutex_lock+0x2ef/0xd70 [ 263.407356][T10799] ? __pfx_lock_release+0x10/0x10 [ 263.412421][T10799] ? __pfx_rtnl_newlink+0x10/0x10 [ 263.417469][T10799] rtnetlink_rcv_msg+0x73f/0xcf0 [ 263.422428][T10799] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 263.427565][T10799] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 263.433060][T10799] ? ref_tracker_free+0x643/0x7e0 [ 263.438108][T10799] netlink_rcv_skb+0x1e3/0x430 [ 263.442888][T10799] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 263.448373][T10799] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 263.453708][T10799] ? netlink_deliver_tap+0x2e/0x1b0 [ 263.458938][T10799] netlink_unicast+0x7f6/0x990 [ 263.463733][T10799] ? __pfx_netlink_unicast+0x10/0x10 [ 263.469036][T10799] ? __virt_addr_valid+0x183/0x530 [ 263.474178][T10799] ? __check_object_size+0x49c/0x900 [ 263.479565][T10799] ? bpf_lsm_netlink_send+0x9/0x10 [ 263.484699][T10799] netlink_sendmsg+0x8e4/0xcb0 [ 263.489492][T10799] ? __pfx_netlink_sendmsg+0x10/0x10 [ 263.494811][T10799] ? aa_sock_msg_perm+0x91/0x160 [ 263.499769][T10799] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 263.505077][T10799] ? security_socket_sendmsg+0x87/0xb0 [ 263.510558][T10799] ? __pfx_netlink_sendmsg+0x10/0x10 [ 263.515854][T10799] __sock_sendmsg+0x221/0x270 [ 263.520551][T10799] ____sys_sendmsg+0x525/0x7d0 [ 263.525354][T10799] ? __pfx_____sys_sendmsg+0x10/0x10 [ 263.530770][T10799] __sys_sendmsg+0x2b0/0x3a0 [ 263.535374][T10799] ? __pfx___sys_sendmsg+0x10/0x10 [ 263.540493][T10799] ? vfs_write+0x7c4/0xc90 [ 263.545077][T10799] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 263.551431][T10799] ? do_syscall_64+0x100/0x230 [ 263.556220][T10799] ? do_syscall_64+0xb6/0x230 [ 263.560926][T10799] do_syscall_64+0xf3/0x230 [ 263.565538][T10799] ? clear_bhb_loop+0x35/0x90 [ 263.570240][T10799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.576156][T10799] RIP: 0033:0x7fd530579e79 [ 263.580581][T10799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 263.600203][T10799] RSP: 002b:00007fd531293038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 263.608638][T10799] RAX: ffffffffffffffda RBX: 00007fd530715f80 RCX: 00007fd530579e79 [ 263.616710][T10799] RDX: 0000000020004000 RSI: 0000000020000280 RDI: 0000000000000003 [ 263.624693][T10799] RBP: 00007fd531293090 R08: 0000000000000000 R09: 0000000000000000 [ 263.632676][T10799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 263.640660][T10799] R13: 0000000000000000 R14: 00007fd530715f80 R15: 00007ffc8cf78bb8 [ 263.648658][T10799] [ 263.690990][T10802] netlink: 'syz.0.1792': attribute type 1 has an invalid length. [ 263.693242][T10807] openvswitch: netlink: Missing key (keys=20040, expected=2000) [ 263.714649][T10802] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 263.994267][T10818] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1797'. [ 263.997944][T10817] Bluetooth: hci3: service_discovery: expected 4 bytes, got 7 bytes [ 264.188583][T10829] netlink: 'syz.2.1801': attribute type 3 has an invalid length. [ 264.552379][T10839] lo speed is unknown, defaulting to 1000 [ 264.771207][T10848] sctp: [Deprecated]: syz.3.1809 (pid 10848) Use of int in max_burst socket option deprecated. [ 264.771207][T10848] Use struct sctp_assoc_value instead [ 264.919568][T10856] sctp: [Deprecated]: syz.0.1808 (pid 10856) Use of struct sctp_assoc_value in delayed_ack socket option. [ 264.919568][T10856] Use struct sctp_sack_info instead [ 265.517250][T10874] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 265.606073][T10872] lo speed is unknown, defaulting to 1000 [ 265.874775][T10888] netlink: 'syz.1.1824': attribute type 10 has an invalid length. [ 265.930722][T10888] team0: Device netdevsim0 is of different type [ 265.947814][T10894] tipc: Failed to remove unknown binding: 66,1,1/0:2369095234/2369095236 [ 265.959900][T10839] delete_channel: no stack [ 265.998696][T10894] x_tables: ip_tables: osf match: only valid for protocol 6 [ 266.535238][T10905] netlink: 'syz.1.1830': attribute type 11 has an invalid length. [ 267.288388][T10915] sctp: [Deprecated]: syz.1.1832 (pid 10915) Use of struct sctp_assoc_value in delayed_ack socket option. [ 267.288388][T10915] Use struct sctp_sack_info instead [ 267.626587][T10922] __nla_validate_parse: 3 callbacks suppressed [ 267.626613][T10922] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1835'. [ 267.959873][T10931] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1840'. [ 268.027373][T10933] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1841'. [ 268.031951][T10931] netlink: 'syz.2.1840': attribute type 1 has an invalid length. [ 268.061257][T10931] netlink: 'syz.2.1840': attribute type 2 has an invalid length. [ 268.072329][T10933] bond6: (slave team_slave_1): Releasing backup interface [ 268.094846][T10931] netlink: 'syz.2.1840': attribute type 2 has an invalid length. [ 268.132604][T10939] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1841'. [ 268.135028][T10931] netlink: 'syz.2.1840': attribute type 2 has an invalid length. [ 268.176552][T10931] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1840'. [ 268.229751][T10937] bond0: entered promiscuous mode [ 268.269959][T10937] bond_slave_0: entered promiscuous mode [ 268.296437][T10937] bond_slave_1: entered promiscuous mode [ 268.317344][T10937] dummy0: entered promiscuous mode [ 268.341217][T10948] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1845'. [ 268.412763][T10946] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1844'. [ 268.471354][T10949] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1844'. [ 268.573418][T10951] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1846'. [ 268.683901][T10954] Bluetooth: hci3: service_discovery: expected 4 bytes, got 7 bytes [ 269.241817][T10973] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1855'. [ 269.256511][T10972] sctp: [Deprecated]: syz.1.1853 (pid 10972) Use of struct sctp_assoc_value in delayed_ack socket option. [ 269.256511][T10972] Use struct sctp_sack_info instead [ 269.286552][T10975] FAULT_INJECTION: forcing a failure. [ 269.286552][T10975] name failslab, interval 1, probability 0, space 0, times 0 [ 269.362927][T10975] CPU: 1 UID: 0 PID: 10975 Comm: syz.4.1856 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 269.373744][T10975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 269.383817][T10975] Call Trace: [ 269.387108][T10975] [ 269.390049][T10975] dump_stack_lvl+0x241/0x360 [ 269.394842][T10975] ? __pfx_dump_stack_lvl+0x10/0x10 [ 269.400218][T10975] ? __pfx__printk+0x10/0x10 [ 269.404838][T10975] should_fail_ex+0x3b0/0x4e0 [ 269.409544][T10975] should_failslab+0xac/0x100 [ 269.414238][T10975] ? __hw_addr_add_ex+0x1a8/0x610 [ 269.419283][T10975] __kmalloc_cache_noprof+0x6c/0x2c0 [ 269.424595][T10975] __hw_addr_add_ex+0x1a8/0x610 [ 269.429469][T10975] dev_addr_init+0x143/0x230 [ 269.434086][T10975] ? __pfx_dev_addr_init+0x10/0x10 [ 269.439231][T10975] alloc_netdev_mqs+0x2a1/0x1000 [ 269.444191][T10975] ? __pfx_vlan_setup+0x10/0x10 [ 269.449058][T10975] ? security_capable+0x90/0xb0 [ 269.453932][T10975] rtnl_create_link+0x2f9/0xc20 [ 269.458807][T10975] rtnl_newlink+0x1423/0x20a0 [ 269.463515][T10975] ? rtnl_newlink+0xa71/0x20a0 [ 269.468326][T10975] ? __pfx_rtnl_newlink+0x10/0x10 [ 269.473370][T10975] ? __pfx___mutex_trylock_common+0x10/0x10 [ 269.479288][T10975] ? rcu_is_watching+0x15/0xb0 [ 269.484083][T10975] ? trace_contention_end+0x3c/0x120 [ 269.489386][T10975] ? __mutex_lock+0x2ef/0xd70 [ 269.494099][T10975] ? __pfx_lock_release+0x10/0x10 [ 269.499159][T10975] ? __pfx_rtnl_newlink+0x10/0x10 [ 269.504204][T10975] rtnetlink_rcv_msg+0x73f/0xcf0 [ 269.509161][T10975] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 269.514308][T10975] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 269.519799][T10975] ? ref_tracker_free+0x643/0x7e0 [ 269.524859][T10975] netlink_rcv_skb+0x1e3/0x430 [ 269.529648][T10975] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 269.535133][T10975] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 269.540507][T10975] ? netlink_deliver_tap+0x2e/0x1b0 [ 269.545729][T10975] netlink_unicast+0x7f6/0x990 [ 269.550525][T10975] ? __pfx_netlink_unicast+0x10/0x10 [ 269.555827][T10975] ? __virt_addr_valid+0x183/0x530 [ 269.560961][T10975] ? __check_object_size+0x49c/0x900 [ 269.566262][T10975] ? bpf_lsm_netlink_send+0x9/0x10 [ 269.571393][T10975] netlink_sendmsg+0x8e4/0xcb0 [ 269.576189][T10975] ? __pfx_netlink_sendmsg+0x10/0x10 [ 269.581493][T10975] ? __import_iovec+0x536/0x820 [ 269.586360][T10975] ? aa_sock_msg_perm+0x91/0x160 [ 269.591315][T10975] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 269.596614][T10975] ? security_socket_sendmsg+0x87/0xb0 [ 269.602090][T10975] ? __pfx_netlink_sendmsg+0x10/0x10 [ 269.607457][T10975] __sock_sendmsg+0x221/0x270 [ 269.612152][T10975] ____sys_sendmsg+0x525/0x7d0 [ 269.616946][T10975] ? __pfx_____sys_sendmsg+0x10/0x10 [ 269.622266][T10975] __sys_sendmsg+0x2b0/0x3a0 [ 269.626879][T10975] ? __pfx___sys_sendmsg+0x10/0x10 [ 269.632005][T10975] ? vfs_write+0x7c4/0xc90 [ 269.636480][T10975] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 269.642832][T10975] ? do_syscall_64+0x100/0x230 [ 269.647621][T10975] ? do_syscall_64+0xb6/0x230 [ 269.652755][T10975] do_syscall_64+0xf3/0x230 [ 269.657273][T10975] ? clear_bhb_loop+0x35/0x90 [ 269.661978][T10975] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.667901][T10975] RIP: 0033:0x7fd530579e79 [ 269.672338][T10975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 269.691968][T10975] RSP: 002b:00007fd531293038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 269.700410][T10975] RAX: ffffffffffffffda RBX: 00007fd530715f80 RCX: 00007fd530579e79 [ 269.708405][T10975] RDX: 0000000020004000 RSI: 0000000020000280 RDI: 0000000000000003 [ 269.716484][T10975] RBP: 00007fd531293090 R08: 0000000000000000 R09: 0000000000000000 [ 269.724482][T10975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 269.732482][T10975] R13: 0000000000000000 R14: 00007fd530715f80 R15: 00007ffc8cf78bb8 [ 269.740580][T10975] [ 269.839164][T10978] netlink: 'syz.3.1857': attribute type 1 has an invalid length. [ 269.849696][T10978] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 269.857692][T10978] IPv6: NLM_F_CREATE should be set when creating new route [ 269.865623][T10978] IPv6: NLM_F_CREATE should be set when creating new route [ 270.230095][T11003] bond10: (slave team_slave_1): Releasing active interface [ 270.259185][T11003] team_slave_1: left promiscuous mode [ 270.309583][T10998] lo speed is unknown, defaulting to 1000 [ 270.752453][T11018] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 270.968883][T11031] sctp: [Deprecated]: syz.2.1875 (pid 11031) Use of struct sctp_assoc_value in delayed_ack socket option. [ 270.968883][T11031] Use struct sctp_sack_info instead [ 271.216782][T11037] sctp: [Deprecated]: syz.1.1881 (pid 11037) Use of int in max_burst socket option deprecated. [ 271.216782][T11037] Use struct sctp_assoc_value instead [ 272.323627][T11077] pim6reg: entered allmulticast mode [ 272.847705][T11097] sctp: [Deprecated]: syz.0.1897 (pid 11097) Use of struct sctp_assoc_value in delayed_ack socket option. [ 272.847705][T11097] Use struct sctp_sack_info instead [ 273.042634][T11102] __nla_validate_parse: 6 callbacks suppressed [ 273.042654][T11102] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1899'. [ 273.132858][T11102] batman_adv: batadv3: Adding interface: netdevsim0 [ 273.155729][T11102] batman_adv: batadv3: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 273.192362][T11102] batman_adv: batadv3: Not using interface netdevsim0 (retrying later): interface not active [ 273.288993][T11106] netlink: 'syz.4.1901': attribute type 11 has an invalid length. [ 273.448105][T11120] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1903'. [ 273.458498][T11120] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1903'. [ 273.648391][T11125] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1905'. [ 273.690824][T11125] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1905'. [ 273.749634][T11131] netlink: 'syz.0.1907': attribute type 1 has an invalid length. [ 273.827963][T11133] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1907'. [ 273.829531][T11131] bond11: entered promiscuous mode [ 273.838591][T11133] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1907'. [ 273.910856][T11137] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1910'. [ 273.931869][T11131] bond11: (slave team_slave_1): making interface the new active one [ 273.942092][T11131] team_slave_1: entered promiscuous mode [ 273.949847][T11131] bond11: (slave team_slave_1): Enslaving as an active interface with an up link [ 274.212965][T11150] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1914'. [ 274.563188][T11164] sctp: [Deprecated]: syz.0.1917 (pid 11164) Use of struct sctp_assoc_value in delayed_ack socket option. [ 274.563188][T11164] Use struct sctp_sack_info instead [ 274.847701][T11180] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1926'. [ 275.134701][T11187] bond7: entered allmulticast mode [ 275.150738][T11187] bond7 (unregistering): left allmulticast mode [ 275.180019][T11196] Bluetooth: hci3: service_discovery: expected 4 bytes, got 7 bytes [ 275.194024][T11187] bond7 (unregistering): Released all slaves [ 275.597781][T11209] ipvlan2: entered allmulticast mode [ 275.603138][T11209] veth0_vlan: entered allmulticast mode [ 275.638950][T11211] FAULT_INJECTION: forcing a failure. [ 275.638950][T11211] name failslab, interval 1, probability 0, space 0, times 0 [ 275.652979][T11211] CPU: 1 UID: 0 PID: 11211 Comm: syz.0.1937 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 275.663772][T11211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 275.673933][T11211] Call Trace: [ 275.677225][T11211] [ 275.680169][T11211] dump_stack_lvl+0x241/0x360 [ 275.684882][T11211] ? __pfx_dump_stack_lvl+0x10/0x10 [ 275.690118][T11211] ? __pfx__printk+0x10/0x10 [ 275.694736][T11211] ? __pfx_lock_acquire+0x10/0x10 [ 275.699796][T11211] should_fail_ex+0x3b0/0x4e0 [ 275.704484][T11211] ? inet_frag_find+0x984/0x2230 [ 275.709427][T11211] should_failslab+0xac/0x100 [ 275.714131][T11211] ? inet_frag_find+0x984/0x2230 [ 275.719090][T11211] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 275.724573][T11211] inet_frag_find+0x984/0x2230 [ 275.729358][T11211] ? kernel_text_address+0xa7/0xe0 [ 275.734484][T11211] ? __pfx_ip4_obj_cmpfn+0x10/0x10 [ 275.739617][T11211] ? __kernel_text_address+0xd/0x40 [ 275.744845][T11211] ? inet_frag_find+0x13c/0x2230 [ 275.749816][T11211] ? __pfx_inet_frag_find+0x10/0x10 [ 275.755107][T11211] ? mark_lock+0x9a/0x350 [ 275.759439][T11211] ? __lock_acquire+0x137a/0x2040 [ 275.764469][T11211] ip_defrag+0x3b5/0x2900 [ 275.768820][T11211] ? __pfx_ip_defrag+0x10/0x10 [ 275.773598][T11211] ip_check_defrag+0x39e/0x600 [ 275.778365][T11211] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10 [ 275.784977][T11211] ? __pfx_ip_check_defrag+0x10/0x10 [ 275.790270][T11211] ? seqcount_lockdep_reader_access+0x1d7/0x220 [ 275.796521][T11211] ? read_tsc+0x9/0x20 [ 275.800585][T11211] ? timekeeping_get_ns+0x2c0/0x420 [ 275.805820][T11211] packet_rcv_fanout+0x13e/0x6a0 [ 275.810763][T11211] ? ktime_get_with_offset+0x109/0x150 [ 275.816220][T11211] ? __pfx_packet_rcv_fanout+0x10/0x10 [ 275.821695][T11211] dev_queue_xmit_nit+0xad4/0xc10 [ 275.826737][T11211] ? dev_queue_xmit_nit+0x2b/0xc10 [ 275.831906][T11211] dev_hard_start_xmit+0x15f/0x7e0 [ 275.837055][T11211] ? __pfx_validate_xmit_skb+0x10/0x10 [ 275.842533][T11211] __dev_queue_xmit+0x1b63/0x3e90 [ 275.847575][T11211] ? __dev_queue_xmit+0x2da/0x3e90 [ 275.852686][T11211] ? __pfx___dev_queue_xmit+0x10/0x10 [ 275.858060][T11211] ? rcu_is_watching+0x15/0xb0 [ 275.862826][T11211] ? skb_release_data+0x2b5/0x880 [ 275.867857][T11211] ? pskb_expand_head+0xc89/0x1390 [ 275.872979][T11211] ? __bpf_redirect+0x51c/0xe40 [ 275.877828][T11211] __bpf_tx_skb+0x18e/0x260 [ 275.882330][T11211] bpf_clone_redirect+0x26f/0x3d0 [ 275.887363][T11211] bpf_prog_bf17f61a12bc632f+0x5e/0x63 [ 275.892817][T11211] ? preempt_schedule+0xe1/0xf0 [ 275.897664][T11211] ? preempt_schedule_common+0x84/0xd0 [ 275.903206][T11211] ? preempt_schedule+0xe1/0xf0 [ 275.908140][T11211] ? __pfx_preempt_schedule+0x10/0x10 [ 275.913503][T11211] ? bpf_test_run+0x370/0xa90 [ 275.918173][T11211] ? __pfx_lockdep_softirqs_off+0x10/0x10 [ 275.923998][T11211] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 275.930323][T11211] ? preempt_schedule_thunk+0x1a/0x30 [ 275.935699][T11211] ? bpf_test_run+0x370/0xa90 [ 275.940386][T11211] ? __pfx___cant_migrate+0x10/0x10 [ 275.945676][T11211] ? bpf_test_run+0x370/0xa90 [ 275.950349][T11211] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 275.956075][T11211] ? bpf_test_timer_continue+0x11a/0x350 [ 275.961710][T11211] bpf_test_run+0x4f0/0xa90 [ 275.966207][T11211] ? do_syscall_64+0xf3/0x230 [ 275.970886][T11211] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.976963][T11211] ? bpf_test_run+0x370/0xa90 [ 275.981654][T11211] ? __pfx_bpf_test_run+0x10/0x10 [ 275.986699][T11211] ? irqentry_exit+0x63/0x90 [ 275.991290][T11211] ? lockdep_hardirqs_on+0x99/0x150 [ 275.996502][T11211] ? bpf_prog_test_run_skb+0x6ce/0x1820 [ 276.002043][T11211] ? convert___skb_to_skb+0x41/0x620 [ 276.007337][T11211] bpf_prog_test_run_skb+0xc97/0x1820 [ 276.012721][T11211] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 276.018527][T11211] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 276.024324][T11211] bpf_prog_test_run+0x33a/0x3b0 [ 276.029260][T11211] __sys_bpf+0x48d/0x810 [ 276.033499][T11211] ? __pfx___sys_bpf+0x10/0x10 [ 276.038271][T11211] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 276.044254][T11211] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 276.050586][T11211] ? do_syscall_64+0x100/0x230 [ 276.055395][T11211] __x64_sys_bpf+0x7c/0x90 [ 276.059808][T11211] do_syscall_64+0xf3/0x230 [ 276.064309][T11211] ? clear_bhb_loop+0x35/0x90 [ 276.069075][T11211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.074963][T11211] RIP: 0033:0x7f9d3d379e79 [ 276.079372][T11211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 276.099000][T11211] RSP: 002b:00007f9d3e190038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 276.107413][T11211] RAX: ffffffffffffffda RBX: 00007f9d3d515f80 RCX: 00007f9d3d379e79 [ 276.115381][T11211] RDX: 000000000000002c RSI: 0000000020000080 RDI: 000000000000000a [ 276.123358][T11211] RBP: 00007f9d3e190090 R08: 0000000000000000 R09: 0000000000000000 [ 276.131325][T11211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 276.139291][T11211] R13: 0000000000000000 R14: 00007f9d3d515f80 R15: 00007ffd7b159ec8 [ 276.147271][T11211] [ 276.995358][T11247] netlink: 'syz.4.1947': attribute type 1 has an invalid length. [ 277.196312][T11256] Bluetooth: hci3: service_discovery: expected 4 bytes, got 7 bytes [ 277.323707][T11262] netlink: 'syz.1.1951': attribute type 19 has an invalid length. [ 278.130325][T11296] netlink: 'syz.2.1963': attribute type 10 has an invalid length. [ 278.152021][T11296] batman_adv: batadv3: Removing interface: netdevsim0 [ 278.180586][T11296] team0: Port device netdevsim0 added [ 278.204320][T11304] __nla_validate_parse: 9 callbacks suppressed [ 278.204359][T11304] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1961'. [ 278.649411][T11333] tipc: Failed to remove unknown binding: 66,1,1/0:4274973680/4274973682 [ 278.679166][T11330] ieee802154 phy1 wpan1: encryption failed: -90 [ 278.726831][T11334] Bluetooth: hci3: service_discovery: expected 4 bytes, got 7 bytes [ 278.745122][T11335] x_tables: ip_tables: osf match: only valid for protocol 6 [ 278.833051][T11339] bond2: (slave team_slave_1): Releasing active interface [ 278.873591][T11339] team_slave_1: left promiscuous mode [ 278.924634][T11340] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1978'. [ 278.976002][T11342] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1979'. [ 279.001334][T11342] netlink: 'syz.0.1979': attribute type 4 has an invalid length. [ 279.175054][T11353] netlink: 'syz.2.1983': attribute type 1 has an invalid length. [ 279.236696][T11357] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1984'. [ 279.244476][T11359] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1983'. [ 279.285423][T11359] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1983'. [ 279.323538][T11353] bond3: entered promiscuous mode [ 279.392643][T11353] bond3: (slave team_slave_1): making interface the new active one [ 279.423806][T11353] team_slave_1: entered promiscuous mode [ 279.434170][T11353] bond3: (slave team_slave_1): Enslaving as an active interface with an up link [ 279.455115][T11363] x_tables: duplicate underflow at hook 3 [ 279.717792][T11381] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1989'. [ 280.118304][T11394] bond3: (slave team_slave_1): Releasing active interface [ 280.135699][T11394] team_slave_1: left promiscuous mode [ 280.214946][T11396] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1993'. [ 280.274046][T11398] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1996'. [ 280.607727][T11407] veth1_macvtap: left promiscuous mode [ 280.697247][T11414] netlink: 'syz.0.2002': attribute type 1 has an invalid length. [ 280.724946][T11414] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2002'. [ 280.853671][T11420] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 280.884874][T11421] netlink: 'syz.1.2004': attribute type 1 has an invalid length. [ 280.949004][T11421] bond4: entered promiscuous mode [ 280.953471][T11425] netlink: 'syz.0.2005': attribute type 1 has an invalid length. [ 280.972163][T11425] netlink: 'syz.0.2005': attribute type 2 has an invalid length. [ 280.981660][T11425] netlink: 'syz.0.2005': attribute type 2 has an invalid length. [ 280.990478][T11421] bond4: (slave team_slave_1): making interface the new active one [ 280.990502][T11421] team_slave_1: entered promiscuous mode [ 280.992023][T11421] bond4: (slave team_slave_1): Enslaving as an active interface with an up link [ 281.040843][T11425] netlink: 'syz.0.2005': attribute type 2 has an invalid length. [ 281.112587][T11425] bond0: entered promiscuous mode [ 281.125233][T11425] bond_slave_0: entered promiscuous mode [ 281.132062][T11425] bond_slave_1: entered promiscuous mode [ 281.420593][T11438] bond11: (slave team_slave_1): Releasing active interface [ 281.448060][T11438] team_slave_1: left promiscuous mode [ 281.803566][T11453] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 281.906105][T11457] FAULT_INJECTION: forcing a failure. [ 281.906105][T11457] name failslab, interval 1, probability 0, space 0, times 0 [ 281.918838][T11457] CPU: 0 UID: 0 PID: 11457 Comm: syz.4.2013 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 281.929704][T11457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 281.939779][T11457] Call Trace: [ 281.943070][T11457] [ 281.946027][T11457] dump_stack_lvl+0x241/0x360 [ 281.950724][T11457] ? __pfx_dump_stack_lvl+0x10/0x10 [ 281.955948][T11457] ? __pfx__printk+0x10/0x10 [ 281.960561][T11457] ? __pfx_lock_acquire+0x10/0x10 [ 281.965610][T11457] should_fail_ex+0x3b0/0x4e0 [ 281.970314][T11457] ? inet_frag_find+0x984/0x2230 [ 281.975282][T11457] should_failslab+0xac/0x100 [ 281.979987][T11457] ? inet_frag_find+0x984/0x2230 [ 281.984945][T11457] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 281.990337][T11457] inet_frag_find+0x984/0x2230 [ 281.995123][T11457] ? kernel_text_address+0xa7/0xe0 [ 282.000245][T11457] ? __pfx_ip4_obj_cmpfn+0x10/0x10 [ 282.005378][T11457] ? __kernel_text_address+0xd/0x40 [ 282.010600][T11457] ? inet_frag_find+0x13c/0x2230 [ 282.015567][T11457] ? __pfx_inet_frag_find+0x10/0x10 [ 282.020785][T11457] ? mark_lock+0x9a/0x350 [ 282.025143][T11457] ? __lock_acquire+0x137a/0x2040 [ 282.030205][T11457] ip_defrag+0x3b5/0x2900 [ 282.034592][T11457] ? __pfx_ip_defrag+0x10/0x10 [ 282.039385][T11457] ip_check_defrag+0x39e/0x600 [ 282.044182][T11457] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10 [ 282.050865][T11457] ? __pfx_ip_check_defrag+0x10/0x10 [ 282.056143][T11457] ? seqcount_lockdep_reader_access+0x1d7/0x220 [ 282.062390][T11457] ? read_tsc+0x9/0x20 [ 282.066456][T11457] ? timekeeping_get_ns+0x2c0/0x420 [ 282.071654][T11457] packet_rcv_fanout+0x13e/0x6a0 [ 282.076597][T11457] ? ktime_get_with_offset+0x109/0x150 [ 282.082073][T11457] ? __pfx_packet_rcv_fanout+0x10/0x10 [ 282.087544][T11457] dev_queue_xmit_nit+0xad4/0xc10 [ 282.092674][T11457] ? dev_queue_xmit_nit+0x2b/0xc10 [ 282.097795][T11457] dev_hard_start_xmit+0x15f/0x7e0 [ 282.102921][T11457] ? __pfx_validate_xmit_skb+0x10/0x10 [ 282.108398][T11457] __dev_queue_xmit+0x1b63/0x3e90 [ 282.113437][T11457] ? __dev_queue_xmit+0x2da/0x3e90 [ 282.118572][T11457] ? __pfx___dev_queue_xmit+0x10/0x10 [ 282.123952][T11457] ? rcu_is_watching+0x15/0xb0 [ 282.128732][T11457] ? skb_release_data+0x2b5/0x880 [ 282.133773][T11457] ? pskb_expand_head+0xc89/0x1390 [ 282.138901][T11457] ? __bpf_redirect+0x51c/0xe40 [ 282.143755][T11457] __bpf_tx_skb+0x18e/0x260 [ 282.148262][T11457] bpf_clone_redirect+0x26f/0x3d0 [ 282.153304][T11457] bpf_prog_bf17f61a12bc632f+0x5e/0x63 [ 282.158756][T11457] ? preempt_schedule+0xe1/0xf0 [ 282.163603][T11457] ? preempt_schedule_common+0x84/0xd0 [ 282.169061][T11457] ? preempt_schedule+0xe1/0xf0 [ 282.173930][T11457] ? bpf_test_run+0x370/0xa90 [ 282.178620][T11457] ? __pfx_lockdep_softirqs_off+0x10/0x10 [ 282.184357][T11457] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 282.190694][T11457] ? bpf_test_run+0x370/0xa90 [ 282.195371][T11457] ? __pfx___cant_migrate+0x10/0x10 [ 282.200565][T11457] ? bpf_test_run+0x370/0xa90 [ 282.205244][T11457] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 282.211150][T11457] ? bpf_test_timer_continue+0x11a/0x350 [ 282.216784][T11457] bpf_test_run+0x4f0/0xa90 [ 282.221290][T11457] ? do_syscall_64+0xf3/0x230 [ 282.225970][T11457] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.232071][T11457] ? bpf_test_run+0x370/0xa90 [ 282.236761][T11457] ? __pfx_bpf_test_run+0x10/0x10 [ 282.241797][T11457] ? eth_type_trans+0x3d1/0x7a0 [ 282.246751][T11457] ? __pfx_eth_type_trans+0x10/0x10 [ 282.251950][T11457] ? convert___skb_to_skb+0x41/0x620 [ 282.257239][T11457] bpf_prog_test_run_skb+0xc97/0x1820 [ 282.262626][T11457] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 282.268441][T11457] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 282.274248][T11457] bpf_prog_test_run+0x33a/0x3b0 [ 282.279198][T11457] __sys_bpf+0x48d/0x810 [ 282.283445][T11457] ? __pfx___sys_bpf+0x10/0x10 [ 282.288221][T11457] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 282.294212][T11457] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 282.300556][T11457] ? do_syscall_64+0x100/0x230 [ 282.305347][T11457] __x64_sys_bpf+0x7c/0x90 [ 282.309759][T11457] do_syscall_64+0xf3/0x230 [ 282.314262][T11457] ? clear_bhb_loop+0x35/0x90 [ 282.318946][T11457] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.324836][T11457] RIP: 0033:0x7fd530579e79 [ 282.329256][T11457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 282.348868][T11457] RSP: 002b:00007fd531293038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 282.357469][T11457] RAX: ffffffffffffffda RBX: 00007fd530715f80 RCX: 00007fd530579e79 [ 282.365444][T11457] RDX: 000000000000002c RSI: 0000000020000080 RDI: 000000000000000a [ 282.373422][T11457] RBP: 00007fd531293090 R08: 0000000000000000 R09: 0000000000000000 [ 282.381391][T11457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 282.389370][T11457] R13: 0000000000000000 R14: 00007fd530715f80 R15: 00007ffc8cf78bb8 [ 282.397362][T11457] [ 282.634422][T11467] bond4: entered allmulticast mode [ 282.666399][T11462] bond5: entered allmulticast mode [ 282.765360][T11464] bond4 (unregistering): left allmulticast mode [ 282.797441][T11464] bond4 (unregistering): Released all slaves [ 282.846947][T11469] bond5 (unregistering): left allmulticast mode [ 282.861762][T11469] bond5 (unregistering): Released all slaves [ 283.055960][T11472] sctp: [Deprecated]: syz.0.2018 (pid 11472) Use of struct sctp_assoc_value in delayed_ack socket option. [ 283.055960][T11472] Use struct sctp_sack_info instead [ 283.110792][T11481] lo speed is unknown, defaulting to 1000 [ 283.129290][T11484] sctp: [Deprecated]: syz.2.2020 (pid 11484) Use of struct sctp_assoc_value in delayed_ack socket option. [ 283.129290][T11484] Use struct sctp_sack_info instead [ 283.137048][T11472] sctp: [Deprecated]: syz.0.2018 (pid 11472) Use of struct sctp_assoc_value in delayed_ack socket option. [ 283.137048][T11472] Use struct sctp_sack_info instead [ 283.407579][T11491] netlink: 'syz.3.2025': attribute type 10 has an invalid length. [ 283.435197][T11491] batman_adv: batadv2: Removing interface: netdevsim0 [ 283.456183][T11491] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 283.734023][T11501] __nla_validate_parse: 10 callbacks suppressed [ 283.734042][T11501] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2030'. [ 283.837612][T11505] netlink: 148 bytes leftover after parsing attributes in process `syz.1.2031'. [ 283.889857][T11503] bond7: entered allmulticast mode [ 283.910791][T11505] netlink: 148 bytes leftover after parsing attributes in process `syz.1.2031'. [ 283.939134][T11506] bond7 (unregistering): left allmulticast mode [ 283.987314][T11506] bond7 (unregistering): Released all slaves [ 284.311698][T11516] netlink: 'syz.3.2035': attribute type 10 has an invalid length. [ 284.475440][T11527] ieee802154 phy1 wpan1: encryption failed: -90 [ 284.893866][T11540] sctp: [Deprecated]: syz.0.2042 (pid 11540) Use of struct sctp_assoc_value in delayed_ack socket option. [ 284.893866][T11540] Use struct sctp_sack_info instead [ 285.535528][T11557] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2047'. [ 285.568701][T11557] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2047'. [ 286.029545][T11577] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2053'. [ 286.178455][T11581] team0: Port device netdevsim0 removed [ 286.205439][T11581] batman_adv: batadv2: Adding interface: netdevsim0 [ 286.230441][T11581] batman_adv: batadv2: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 286.268964][T11581] batman_adv: batadv2: Not using interface netdevsim0 (retrying later): interface not active [ 286.375130][T11579] lo speed is unknown, defaulting to 1000 [ 286.530667][T11592] netlink: 'syz.3.2057': attribute type 1 has an invalid length. [ 286.551306][T11592] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2057'. [ 286.888282][T11606] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2060'. [ 287.017701][T11608] sctp: [Deprecated]: syz.0.2061 (pid 11608) Use of struct sctp_assoc_value in delayed_ack socket option. [ 287.017701][T11608] Use struct sctp_sack_info instead [ 287.833498][T11626] bond0: entered promiscuous mode [ 287.861226][T11626] bond_slave_0: entered promiscuous mode [ 287.887424][T11626] bond_slave_1: entered promiscuous mode [ 287.907990][T11626] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 287.946496][T11629] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2070'. [ 287.983204][T11635] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2072'. [ 288.236048][T11642] bond4: entered allmulticast mode [ 288.309254][T11644] bond4 (unregistering): left allmulticast mode [ 288.356499][T11644] bond4 (unregistering): Released all slaves [ 288.416966][T11654] netlink: 'syz.3.2079': attribute type 3 has an invalid length. [ 288.537765][T11659] netlink: 'syz.1.2080': attribute type 1 has an invalid length. [ 288.762011][T11662] lo speed is unknown, defaulting to 1000 [ 288.818972][T11669] sctp: [Deprecated]: syz.1.2082 (pid 11669) Use of struct sctp_assoc_value in delayed_ack socket option. [ 288.818972][T11669] Use struct sctp_sack_info instead [ 288.943369][T11673] __nla_validate_parse: 3 callbacks suppressed [ 288.943411][T11673] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2086'. [ 289.027789][T11673] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2086'. [ 289.048035][T11679] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2085'. [ 289.120681][T11680] nlmon0: left promiscuous mode [ 289.205513][T11680] bond0: (slave vlan1): Releasing backup interface [ 289.278917][T11682] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2087'. [ 289.347269][T11678] delete_channel: no stack [ 289.433334][T11689] netlink: 'syz.3.2090': attribute type 1 has an invalid length. [ 289.512730][T11695] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2090'. [ 289.522183][T11695] netlink: 92 bytes leftover after parsing attributes in process `syz.3.2090'. [ 289.541121][T11689] bond7: entered promiscuous mode [ 289.617282][T11692] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2091'. [ 289.670807][T11692] veth0_macvtap: left promiscuous mode [ 289.846529][T11689] bond7: (slave team_slave_1): making interface the new active one [ 289.872351][T11689] team_slave_1: entered promiscuous mode [ 289.930088][T11689] bond7: (slave team_slave_1): Enslaving as an active interface with an up link [ 290.137029][T11718] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2098'. [ 290.183043][T11718] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2098'. [ 290.481576][T11730] sctp: [Deprecated]: syz.2.2103 (pid 11730) Use of struct sctp_assoc_value in delayed_ack socket option. [ 290.481576][T11730] Use struct sctp_sack_info instead [ 290.983937][T11749] netlink: 'syz.4.2110': attribute type 10 has an invalid length. [ 291.009475][T11747] netlink: 71 bytes leftover after parsing attributes in process `syz.0.2109'. [ 291.423127][T11769] bond12: entered allmulticast mode [ 291.459283][T11770] netlink: 'syz.2.2118': attribute type 1 has an invalid length. [ 291.496008][T11770] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 291.554683][T11763] bond12 (unregistering): left allmulticast mode [ 291.592067][T11763] bond12 (unregistering): Released all slaves [ 291.661710][T11777] tipc: Failed to remove unknown binding: 66,1,1/0:4038343915/4038343917 [ 291.685465][T11774] lo speed is unknown, defaulting to 1000 [ 291.693641][T11777] x_tables: ip_tables: osf match: only valid for protocol 6 [ 291.713619][T11781] pim6reg: entered allmulticast mode [ 291.888686][T11786] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 291.898889][T11786] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 291.908531][T11786] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 291.918321][T11786] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 291.958108][T11786] vxlan0: entered promiscuous mode [ 292.292009][T11804] sctp: [Deprecated]: syz.2.2128 (pid 11804) Use of struct sctp_assoc_value in delayed_ack socket option. [ 292.292009][T11804] Use struct sctp_sack_info instead [ 293.423021][T11827] netlink: 'syz.2.2135': attribute type 1 has an invalid length. [ 293.439822][T11827] netlink: 'syz.2.2135': attribute type 2 has an invalid length. [ 293.472137][T11827] netlink: 'syz.2.2135': attribute type 2 has an invalid length. [ 293.489916][T11827] netlink: 'syz.2.2135': attribute type 2 has an invalid length. [ 293.553682][T11833] netlink: 'syz.1.2137': attribute type 1 has an invalid length. [ 293.747215][T11833] bond5: entered promiscuous mode [ 293.911446][T11836] bond4: (slave team_slave_1): Releasing active interface [ 293.936755][T11836] team_slave_1: left promiscuous mode [ 294.000869][T11836] bond5: (slave team_slave_1): making interface the new active one [ 294.033257][T11836] team_slave_1: entered promiscuous mode [ 294.057427][T11836] bond5: (slave team_slave_1): Enslaving as an active interface with an up link [ 294.275507][T11865] __nla_validate_parse: 10 callbacks suppressed [ 294.275526][T11865] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2145'. [ 294.344443][T11865] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2145'. [ 294.366271][T11869] xt_limit: Overflow, try lower: 262144/524288 [ 294.368434][T11872] netlink: 'syz.1.2148': attribute type 32 has an invalid length. [ 294.373234][T11866] lo speed is unknown, defaulting to 1000 [ 294.399311][T11869] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN [ 295.275985][T11899] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2159'. [ 295.349658][T11899] bond5: (slave team_slave_1): Releasing active interface [ 295.385737][T11899] team_slave_1: left promiscuous mode [ 295.466681][T11905] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2159'. [ 295.833045][T11917] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 296.735842][T11932] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2172'. [ 296.762229][T11936] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2171'. [ 296.806871][T11932] netlink: 'syz.0.2172': attribute type 10 has an invalid length. [ 296.855142][T11932] bridge0: port 2(bridge_slave_1) entered disabled state [ 296.862902][T11932] bridge0: port 1(bridge_slave_0) entered disabled state [ 296.949188][T11932] bridge0: port 2(bridge_slave_1) entered blocking state [ 296.956449][T11932] bridge0: port 2(bridge_slave_1) entered forwarding state [ 296.963964][T11932] bridge0: port 1(bridge_slave_0) entered blocking state [ 296.971167][T11932] bridge0: port 1(bridge_slave_0) entered forwarding state [ 296.990259][T11932] bridge0: entered promiscuous mode [ 297.019568][T11932] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 297.194425][T11945] lo speed is unknown, defaulting to 1000 [ 297.229362][T11951] FAULT_INJECTION: forcing a failure. [ 297.229362][T11951] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 297.299232][T11951] CPU: 1 UID: 0 PID: 11951 Comm: syz.4.2178 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 297.310048][T11951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 297.320119][T11951] Call Trace: [ 297.323414][T11951] [ 297.326353][T11951] dump_stack_lvl+0x241/0x360 [ 297.331053][T11951] ? __pfx_dump_stack_lvl+0x10/0x10 [ 297.336275][T11951] ? __pfx__printk+0x10/0x10 [ 297.340885][T11951] ? __pfx_lock_release+0x10/0x10 [ 297.346025][T11951] should_fail_ex+0x3b0/0x4e0 [ 297.347706][T11959] netlink: 'syz.1.2182': attribute type 10 has an invalid length. [ 297.350711][T11951] _copy_from_user+0x2f/0xe0 [ 297.350744][T11951] core_sys_select+0x508/0x910 [ 297.367895][T11951] ? __pfx_core_sys_select+0x10/0x10 [ 297.373203][T11951] ? lockdep_hardirqs_on+0x99/0x150 [ 297.378445][T11951] ? __pfx_set_user_sigmask+0x10/0x10 [ 297.383839][T11951] ? __fget_files+0x3f6/0x470 [ 297.388630][T11951] __se_sys_pselect6+0x319/0x3f0 [ 297.393607][T11951] ? __pfx___se_sys_pselect6+0x10/0x10 [ 297.399091][T11951] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 297.405440][T11951] ? do_syscall_64+0x100/0x230 [ 297.410233][T11951] ? __x64_sys_pselect6+0x21/0xf0 [ 297.415283][T11951] do_syscall_64+0xf3/0x230 [ 297.416187][T11959] batman_adv: batadv3: Removing interface: netdevsim0 [ 297.419800][T11951] ? clear_bhb_loop+0x35/0x90 [ 297.419832][T11951] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.437141][T11951] RIP: 0033:0x7fd530579e79 [ 297.441575][T11951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 297.461289][T11951] RSP: 002b:00007fd531293038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e [ 297.469743][T11951] RAX: ffffffffffffffda RBX: 00007fd530715f80 RCX: 00007fd530579e79 [ 297.477728][T11951] RDX: 0000000020000940 RSI: 0000000020000900 RDI: 0000000000000040 [ 297.485715][T11951] RBP: 00007fd531293090 R08: 00000000200009c0 R09: 0000000000000000 [ 297.493700][T11951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 297.501685][T11951] R13: 0000000000000001 R14: 00007fd530715f80 R15: 00007ffc8cf78bb8 [ 297.509690][T11951] [ 297.569725][T11959] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 297.592102][T11961] netlink: 'syz.0.2183': attribute type 10 has an invalid length. [ 297.625951][T11961] batman_adv: batadv2: Removing interface: netdevsim0 [ 297.703990][T11961] team0: Port device netdevsim0 added [ 297.909654][T11969] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2185'. [ 298.115900][T11983] syz_tun: entered promiscuous mode [ 298.510136][T11983] syz_tun (unregistering): left promiscuous mode [ 298.666456][T11966] lo speed is unknown, defaulting to 1000 [ 298.779324][T11996] netlink: 'syz.4.2191': attribute type 1 has an invalid length. [ 298.829486][T12000] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2191'. [ 298.867266][T12000] netlink: 92 bytes leftover after parsing attributes in process `syz.4.2191'. [ 298.890463][T11996] bond7: entered promiscuous mode [ 298.923787][T11996] bond7: (slave team_slave_1): making interface the new active one [ 298.934015][T11996] team_slave_1: entered promiscuous mode [ 298.942924][T11996] bond7: (slave team_slave_1): Enslaving as an active interface with an up link [ 299.036481][T12003] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2193'. [ 299.544165][T12024] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2200'. [ 300.073399][T12035] lo speed is unknown, defaulting to 1000 [ 300.541543][T12048] ieee802154 phy1 wpan1: encryption failed: -90 [ 300.581345][T12050] netlink: 'syz.1.2211': attribute type 11 has an invalid length. [ 301.499010][T12079] netlink: 'syz.0.2220': attribute type 10 has an invalid length. [ 301.533724][T12079] syz_tun: entered promiscuous mode [ 301.576464][T12079] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 301.749513][T12081] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 301.778674][T12083] netlink: 'syz.3.2223': attribute type 1 has an invalid length. [ 301.863694][T12083] bond8: entered promiscuous mode [ 301.871178][T12080] netdevsim netdevsim1 netdevsim0: left promiscuous mode [ 301.889324][T12087] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2223'. [ 301.917082][T12087] bond8: left promiscuous mode [ 301.923140][T12087] 8021q: adding VLAN 0 to HW filter on device bond8 [ 302.414116][T12103] netlink: 'syz.2.2231': attribute type 1 has an invalid length. [ 302.448843][T12103] bond4: entered promiscuous mode [ 302.463186][T12103] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2231'. [ 302.484414][T12103] netlink: 92 bytes leftover after parsing attributes in process `syz.2.2231'. [ 302.538637][T12107] bond4: (slave team_slave_1): making interface the new active one [ 302.546984][T12107] team_slave_1: entered promiscuous mode [ 302.554079][T12107] bond4: (slave team_slave_1): Enslaving as an active interface with an up link [ 302.653455][T12111] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2234'. [ 303.063764][T12124] netlink: 'syz.4.2238': attribute type 1 has an invalid length. [ 303.169878][T12124] bond8: entered promiscuous mode [ 303.195079][T12132] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2238'. [ 303.244543][T12132] bond8: left promiscuous mode [ 303.259125][T12132] 8021q: adding VLAN 0 to HW filter on device bond8 [ 303.497017][T12148] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 303.525163][T12145] lo speed is unknown, defaulting to 1000 [ 303.994687][T12160] netlink: 'syz.4.2249': attribute type 10 has an invalid length. [ 304.896202][T12189] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2259'. [ 306.040603][T12229] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2269'. [ 306.117797][T12229] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check. [ 306.204721][T12238] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2274'. [ 306.228285][T12235] lo speed is unknown, defaulting to 1000 [ 306.236551][T12238] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2274'. [ 306.567047][T12254] sctp: [Deprecated]: syz.1.2277 (pid 12254) Use of struct sctp_assoc_value in delayed_ack socket option. [ 306.567047][T12254] Use struct sctp_sack_info instead [ 306.680453][T12256] netlink: 'syz.3.2281': attribute type 1 has an invalid length. [ 306.703814][T12256] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 306.716275][T12258] ieee802154 phy1 wpan1: encryption failed: -90 [ 307.027623][T12272] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2286'. [ 307.454331][T12284] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2293'. [ 308.322755][T12311] sch_tbf: burst 65535 is lower than device lo mtu (11337746) ! [ 308.861204][T12330] lo speed is unknown, defaulting to 1000 [ 309.121222][T12335] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2313'. [ 310.259914][T12372] netlink: 'syz.4.2325': attribute type 10 has an invalid length. [ 310.466750][T12378] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2324'. [ 310.527846][T12382] netlink: 'syz.3.2329': attribute type 11 has an invalid length. [ 310.831446][T12392] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 311.122690][T12404] netlink: 'syz.4.2337': attribute type 1 has an invalid length. [ 311.175404][T12404] bond9: entered promiscuous mode [ 311.190915][T12406] lo speed is unknown, defaulting to 1000 [ 311.255252][T12404] bond7: (slave team_slave_1): Releasing active interface [ 311.299183][T12404] team_slave_1: left promiscuous mode [ 311.389689][T12404] bond9: (slave team_slave_1): making interface the new active one [ 311.426388][T12404] team_slave_1: entered promiscuous mode [ 311.444970][T12404] bond9: (slave team_slave_1): Enslaving as an active interface with an up link [ 311.925185][T12427] xt_CT: You must specify a L4 protocol and not use inversions on it [ 312.431637][T12442] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2347'. [ 312.912022][T12451] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2351'. [ 312.923357][T12443] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 313.035027][T12454] bond9: entered allmulticast mode [ 313.061092][T12463] bond9 (unregistering): left allmulticast mode [ 313.094507][T12463] bond9 (unregistering): Released all slaves [ 313.144499][T12465] netlink: 'syz.2.2354': attribute type 1 has an invalid length. [ 313.204608][T12465] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 313.420421][T12467] netlink: 828 bytes leftover after parsing attributes in process `syz.4.2355'. [ 313.457820][T12471] netlink: 'syz.2.2357': attribute type 4 has an invalid length. [ 313.508298][T12471] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2357'. [ 313.518540][T12473] netlink: 'syz.3.2358': attribute type 3 has an invalid length. [ 313.518572][T12473] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2358'. [ 313.802539][T12480] lo speed is unknown, defaulting to 1000 [ 313.873863][T12489] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 313.948039][T12489] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2365'. [ 314.029835][T12489] : entered promiscuous mode [ 314.054937][T12495] netlink: 4272 bytes leftover after parsing attributes in process `syz.3.2365'. [ 314.136431][ T5235] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 314.244521][T12501] tipc: Failed to remove unknown binding: 66,1,1/2886997162:782382861/782382863 [ 314.333598][T12501] x_tables: ip_tables: osf match: only valid for protocol 6 [ 314.421024][T12507] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2369'. [ 314.628623][T12510] bond5: entered allmulticast mode [ 314.659976][T12514] netlink: 'syz.0.2372': attribute type 3 has an invalid length. [ 314.668666][T12507] bond5 (unregistering): left allmulticast mode [ 314.681136][T12507] bond5 (unregistering): Released all slaves [ 314.703155][T12514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2372'. [ 314.943991][T12525] netlink: 'syz.1.2373': attribute type 1 has an invalid length. [ 315.437735][T12548] Bluetooth: hci3: service_discovery: expected 4 bytes, got 7 bytes [ 315.737251][T12557] netlink: 'syz.4.2384': attribute type 3 has an invalid length. [ 315.766160][T12557] __nla_validate_parse: 2 callbacks suppressed [ 315.766179][T12557] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2384'. [ 315.783343][T12560] netlink: 900 bytes leftover after parsing attributes in process `syz.3.2385'. [ 316.161606][T12568] netlink: 'syz.3.2388': attribute type 1 has an invalid length. [ 316.172325][T12568] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2388'. [ 316.411592][T12575] lo speed is unknown, defaulting to 1000 [ 316.478600][T12583] netlink: 'syz.0.2395': attribute type 10 has an invalid length. [ 317.060373][T12599] netlink: 'syz.0.2401': attribute type 1 has an invalid length. [ 317.088026][T12599] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2401'. [ 317.296526][T12609] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2405'. [ 317.309924][T12609] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 317.424739][ T1261] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.544895][T12615] TCP: TCP_TX_DELAY enabled [ 317.602816][ T5281] IPVS: starting estimator thread 0... [ 317.716568][T12618] IPVS: using max 19 ests per chain, 45600 per kthread [ 318.022496][T12632] netlink: 'syz.4.2414': attribute type 1 has an invalid length. [ 318.040615][T12632] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2414'. [ 318.067953][T12629] netlink: 'syz.2.2412': attribute type 2 has an invalid length. [ 318.103466][T12638] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2415'. [ 318.224241][T12634] team0: Port device netdevsim0 removed [ 318.245048][T12634] batman_adv: batadv3: Adding interface: netdevsim0 [ 318.265741][T12634] batman_adv: batadv3: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 318.307561][T12634] batman_adv: batadv3: Not using interface netdevsim0 (retrying later): interface not active [ 318.334149][T12644] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2413'. [ 318.476585][T12650] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 318.792350][T12663] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2421'. [ 318.877213][T12667] bond9: entered allmulticast mode [ 318.947655][T12663] bond9 (unregistering): left allmulticast mode [ 318.976335][T12663] bond9 (unregistering): Released all slaves [ 319.227805][T12672] lo speed is unknown, defaulting to 1000 [ 319.357723][T12678] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 319.499198][T12681] netlink: 'syz.4.2426': attribute type 1 has an invalid length. [ 319.518214][T12681] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2426'. [ 320.099140][T12698] FAULT_INJECTION: forcing a failure. [ 320.099140][T12698] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 320.136421][T12698] CPU: 1 UID: 0 PID: 12698 Comm: syz.1.2433 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 320.147229][T12698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 320.157298][T12698] Call Trace: [ 320.160588][T12698] [ 320.163523][T12698] dump_stack_lvl+0x241/0x360 [ 320.168222][T12698] ? __pfx_dump_stack_lvl+0x10/0x10 [ 320.173445][T12698] ? __pfx__printk+0x10/0x10 [ 320.178058][T12698] ? __pfx_lock_release+0x10/0x10 [ 320.183195][T12698] ? __lock_acquire+0x137a/0x2040 [ 320.188247][T12698] should_fail_ex+0x3b0/0x4e0 [ 320.192964][T12698] _copy_from_user+0x2f/0xe0 [ 320.197580][T12698] do_ipv6_setsockopt+0x2f1/0x3630 [ 320.202717][T12698] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 320.208273][T12698] ? aa_label_sk_perm+0x4f0/0x6d0 [ 320.213300][T12698] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 320.218686][T12698] ? __pfx___might_resched+0x10/0x10 [ 320.223967][T12698] ? __lock_acquire+0x137a/0x2040 [ 320.228999][T12698] ? aa_sk_perm+0x96d/0xab0 [ 320.233584][T12698] ipv6_setsockopt+0x5c/0x1a0 [ 320.238255][T12698] rawv6_setsockopt+0x327/0x740 [ 320.243099][T12698] ? __pfx_rawv6_setsockopt+0x10/0x10 [ 320.248463][T12698] ? aa_sock_opt_perm+0x79/0x120 [ 320.253390][T12698] ? sock_common_setsockopt+0x37/0xc0 [ 320.258753][T12698] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 320.264637][T12698] do_sock_setsockopt+0x3af/0x720 [ 320.269749][T12698] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 320.275370][T12698] ? __fget_files+0x29/0x470 [ 320.279955][T12698] ? __fget_files+0x3f6/0x470 [ 320.284629][T12698] __sys_setsockopt+0x1ae/0x250 [ 320.289483][T12698] __x64_sys_setsockopt+0xb5/0xd0 [ 320.294499][T12698] do_syscall_64+0xf3/0x230 [ 320.298992][T12698] ? clear_bhb_loop+0x35/0x90 [ 320.303666][T12698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 320.309640][T12698] RIP: 0033:0x7ff1d4b79e79 [ 320.314047][T12698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 320.333731][T12698] RSP: 002b:00007ff1d45ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 320.342230][T12698] RAX: ffffffffffffffda RBX: 00007ff1d4d15f80 RCX: 00007ff1d4b79e79 [ 320.350196][T12698] RDX: 00000000000000d1 RSI: 0000000000000029 RDI: 0000000000000003 [ 320.358161][T12698] RBP: 00007ff1d45ff090 R08: 0000000000000004 R09: 0000000000000000 [ 320.366121][T12698] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 320.374080][T12698] R13: 0000000000000000 R14: 00007ff1d4d15f80 R15: 00007ffe792fa298 [ 320.382056][T12698] [ 320.521519][T12699] bond10: entered allmulticast mode [ 320.551099][T12703] bond10 (unregistering): left allmulticast mode [ 320.575535][T12703] bond10 (unregistering): Released all slaves [ 320.900138][T12719] netlink: 'syz.4.2438': attribute type 1 has an invalid length. [ 320.933277][T12721] netlink: 'syz.1.2439': attribute type 1 has an invalid length. [ 320.939499][T12719] __nla_validate_parse: 4 callbacks suppressed [ 320.939515][T12719] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2438'. [ 320.956587][T12721] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 320.966238][T12721] IPv6: NLM_F_CREATE should be set when creating new route [ 320.974166][T12721] IPv6: NLM_F_CREATE should be set when creating new route [ 321.126273][T12726] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2441'. [ 321.596200][T12753] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2449'. [ 321.685050][T12758] bond5: entered allmulticast mode [ 321.697688][T12760] netlink: 'syz.0.2452': attribute type 4 has an invalid length. [ 321.722229][T12753] bond5 (unregistering): left allmulticast mode [ 321.733832][T12753] bond5 (unregistering): Released all slaves [ 321.788177][T12760] lo speed is unknown, defaulting to 1000 [ 322.991043][T12760] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2452'. [ 323.038129][T12793] netlink: 'syz.4.2462': attribute type 1 has an invalid length. [ 323.065637][T12793] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2462'. [ 323.326192][T12799] netlink: 'syz.2.2463': attribute type 10 has an invalid length. [ 323.610149][T12802] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2464'. [ 324.177157][T12824] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2474'. [ 324.430642][T12839] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2481'. [ 324.966642][T12857] netlink: 'syz.2.2489': attribute type 1 has an invalid length. [ 324.997727][T12857] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2489'. [ 325.008150][T12866] FAULT_INJECTION: forcing a failure. [ 325.008150][T12866] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 325.039890][T12866] CPU: 0 UID: 0 PID: 12866 Comm: syz.0.2491 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 325.050706][T12866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 325.060793][T12866] Call Trace: [ 325.064178][T12866] [ 325.067122][T12866] dump_stack_lvl+0x241/0x360 [ 325.071837][T12866] ? __pfx_dump_stack_lvl+0x10/0x10 [ 325.077058][T12866] ? __pfx__printk+0x10/0x10 [ 325.081664][T12866] ? __pfx_lock_release+0x10/0x10 [ 325.086733][T12866] should_fail_ex+0x3b0/0x4e0 [ 325.091437][T12866] set_fd_set+0x3a/0xa0 [ 325.095619][T12866] core_sys_select+0x793/0x910 [ 325.100415][T12866] ? __pfx_core_sys_select+0x10/0x10 [ 325.105733][T12866] ? lockdep_hardirqs_on+0x99/0x150 [ 325.110978][T12866] ? __pfx_set_user_sigmask+0x10/0x10 [ 325.116461][T12866] ? __fget_files+0x3f6/0x470 [ 325.121170][T12866] __se_sys_pselect6+0x319/0x3f0 [ 325.126139][T12866] ? __pfx___se_sys_pselect6+0x10/0x10 [ 325.131625][T12866] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 325.137977][T12866] ? do_syscall_64+0x100/0x230 [ 325.142765][T12866] ? __x64_sys_pselect6+0x21/0xf0 [ 325.147801][T12866] do_syscall_64+0xf3/0x230 [ 325.152304][T12866] ? clear_bhb_loop+0x35/0x90 [ 325.156986][T12866] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 325.162882][T12866] RIP: 0033:0x7f9d3d379e79 [ 325.167295][T12866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 325.186906][T12866] RSP: 002b:00007f9d3e190038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e [ 325.195316][T12866] RAX: ffffffffffffffda RBX: 00007f9d3d515f80 RCX: 00007f9d3d379e79 [ 325.203278][T12866] RDX: 0000000020000940 RSI: 0000000020000900 RDI: 0000000000000040 [ 325.211245][T12866] RBP: 00007f9d3e190090 R08: 00000000200009c0 R09: 0000000000000000 [ 325.219225][T12866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 325.227192][T12866] R13: 0000000000000001 R14: 00007f9d3d515f80 R15: 00007ffd7b159ec8 [ 325.235171][T12866] [ 325.250815][T12871] ip6tnl0: Caught tx_queue_len zero misconfig [ 325.440019][T12874] netlink: 'syz.4.2494': attribute type 10 has an invalid length. [ 325.510687][T12874] team0: Port device netdevsim0 removed [ 325.535918][T12874] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 325.696293][T12889] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2501'. [ 325.748186][T12889] bond0: (slave netdevsim0): Releasing backup interface [ 325.782470][T12889] batman_adv: batadv0: Adding interface: netdevsim0 [ 325.800232][T12889] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 325.830348][T12889] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active [ 326.587627][T12915] x_tables: unsorted underflow at hook 4 [ 326.727847][T12921] netlink: 'syz.4.2514': attribute type 1 has an invalid length. [ 326.745246][T12921] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 326.810177][T12923] netlink: 5 bytes leftover after parsing attributes in process `syz.1.2515'. [ 326.821109][T12923] 0XD: renamed from gretap0 (while UP) [ 326.834165][T12923] 0XD: entered allmulticast mode [ 326.835939][T12926] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2516'. [ 326.849267][T12923] A link change request failed with some changes committed already. Interface 10XD may have been left with an inconsistent configuration, please check. [ 326.962629][T12930] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2518'. [ 326.992791][T12930] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2518'. [ 327.019856][T12931] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2517'. [ 327.419155][T12946] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2526'. [ 327.476323][T12948] netlink: 'syz.2.2527': attribute type 1 has an invalid length. [ 327.536117][T12948] bond5: entered promiscuous mode [ 327.541525][T12951] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2528'. [ 327.544140][T12955] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2527'. [ 327.599616][T12955] netlink: 92 bytes leftover after parsing attributes in process `syz.2.2527'. [ 327.630981][T12948] bond4: (slave team_slave_1): Releasing active interface [ 327.646700][T12948] team_slave_1: left promiscuous mode [ 327.712156][T12948] bond5: (slave team_slave_1): making interface the new active one [ 327.724836][T12956] tipc: Failed to remove unknown binding: 66,1,1/0:376801118/376801120 [ 327.734193][T12948] team_slave_1: entered promiscuous mode [ 327.743319][T12956] x_tables: ip_tables: osf match: only valid for protocol 6 [ 327.761437][T12948] bond5: (slave team_slave_1): Enslaving as an active interface with an up link [ 328.265496][T12974] netlink: 892 bytes leftover after parsing attributes in process `syz.2.2534'. [ 328.508043][T12980] openvswitch: netlink: VXLAN extension message has 13 unknown bytes. [ 328.637451][T12984] bond10: entered allmulticast mode [ 328.666230][T12984] bond10 (unregistering): left allmulticast mode [ 328.680954][T12984] bond10 (unregistering): Released all slaves [ 328.771049][T12991] netlink: 'syz.2.2542': attribute type 1 has an invalid length. [ 328.866847][T12991] bond6: entered promiscuous mode [ 328.965402][T12991] bond5: (slave team_slave_1): Releasing active interface [ 328.977671][T12991] team_slave_1: left promiscuous mode [ 329.046941][T12991] bond6: (slave team_slave_1): making interface the new active one [ 329.060240][T12991] team_slave_1: entered promiscuous mode [ 329.093270][T12991] bond6: (slave team_slave_1): Enslaving as an active interface with an up link [ 329.239474][T13011] netlink: 'syz.4.2548': attribute type 4 has an invalid length. [ 329.255318][T13011] netlink: 'syz.4.2548': attribute type 2 has an invalid length. [ 329.438848][T13020] lo speed is unknown, defaulting to 1000 [ 330.006753][ T54] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 330.017618][ T54] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 330.031801][ T54] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 330.048521][ T54] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 330.067609][ T54] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 330.075016][ T54] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 330.280672][T13042] netlink: 'syz.2.2559': attribute type 1 has an invalid length. [ 330.289629][T13034] lo speed is unknown, defaulting to 1000 [ 330.304462][T13045] sctp: [Deprecated]: syz.0.2560 (pid 13045) Use of int in max_burst socket option deprecated. [ 330.304462][T13045] Use struct sctp_assoc_value instead [ 332.033699][T13034] chnl_net:caif_netlink_parms(): no params data found [ 332.137102][ T5235] Bluetooth: hci8: command tx timeout [ 332.255459][T13113] __nla_validate_parse: 7 callbacks suppressed [ 332.255499][T13113] netlink: 156 bytes leftover after parsing attributes in process `syz.2.2586'. [ 332.399886][T13034] bridge0: port 1(bridge_slave_0) entered blocking state [ 332.416286][T13034] bridge0: port 1(bridge_slave_0) entered disabled state [ 332.424346][T13034] bridge_slave_0: entered allmulticast mode [ 332.433636][T13034] bridge_slave_0: entered promiscuous mode [ 332.451753][T13034] bridge0: port 2(bridge_slave_1) entered blocking state [ 332.460919][T13034] bridge0: port 2(bridge_slave_1) entered disabled state [ 332.470457][T13034] bridge_slave_1: entered allmulticast mode [ 332.480310][T13034] bridge_slave_1: entered promiscuous mode [ 332.609676][T13034] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 332.651084][T13034] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 332.726094][T13134] raw_sendmsg: syz.1.2593 forgot to set AF_INET. Fix it! [ 332.788338][T13034] team0: Port device team_slave_0 added [ 332.801966][T13034] team0: Port device team_slave_1 added [ 332.954023][T13034] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 332.971681][T13034] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 333.059762][T13034] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 333.102530][T13034] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 333.151696][T13034] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 333.234110][T13034] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 333.464986][T13164] netlink: 'syz.2.2605': attribute type 3 has an invalid length. [ 333.476847][T13034] hsr_slave_0: entered promiscuous mode [ 333.483763][T13164] netlink: 'syz.2.2605': attribute type 28 has an invalid length. [ 333.494110][T13034] hsr_slave_1: entered promiscuous mode [ 333.504988][T13164] netlink: 'syz.2.2605': attribute type 29 has an invalid length. [ 333.513365][T13164] netlink: 'syz.2.2605': attribute type 31 has an invalid length. [ 333.522506][T13034] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 333.556375][T13034] Cannot create hsr debugfs directory [ 334.096444][T13185] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2616'. [ 334.200849][T13034] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.216153][ T5235] Bluetooth: hci8: command tx timeout [ 334.309812][T13193] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2619'. [ 334.373870][T13034] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.375684][T13193] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2619'. [ 334.466685][ T5235] block nbd0: Receive control failed (result -107) [ 334.506931][T13193] nbd0: detected capacity change from 0 to 256 [ 334.540327][T13034] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.726582][T13034] bond0: (slave netdevsim0): Releasing backup interface [ 334.750480][T13034] netdevsim netdevsim3 netdevsim0 (unregistering): left promiscuous mode [ 334.779953][T13034] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.811309][T13208] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2626'. [ 335.173686][T13034] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 335.230834][T13034] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 335.266632][T13034] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 335.297752][T13034] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 335.628941][T13034] 8021q: adding VLAN 0 to HW filter on device bond0 [ 335.702587][T13034] 8021q: adding VLAN 0 to HW filter on device team0 [ 335.749056][ T3029] bridge0: port 1(bridge_slave_0) entered blocking state [ 335.756273][ T3029] bridge0: port 1(bridge_slave_0) entered forwarding state [ 335.830892][ T3029] bridge0: port 2(bridge_slave_1) entered blocking state [ 335.838203][ T3029] bridge0: port 2(bridge_slave_1) entered forwarding state [ 336.306579][ T5235] Bluetooth: hci8: command tx timeout [ 336.351235][T13258] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2648'. [ 336.405922][T13258] netlink: 'syz.0.2648': attribute type 6 has an invalid length. [ 336.464367][T13034] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 336.649774][T13034] veth0_vlan: entered promiscuous mode [ 336.670587][T13034] veth1_vlan: entered promiscuous mode [ 336.822247][T13034] veth0_macvtap: entered promiscuous mode [ 336.861028][T13034] veth1_macvtap: entered promiscuous mode [ 336.931311][T13034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.985777][T13034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.008043][T13034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 337.029821][T13034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.065992][T13034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 337.087230][T13034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.108999][T13034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 337.134822][T13034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.156179][T13034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 337.172348][T13034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.184241][T13034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 337.207150][T13034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.232401][T13034] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 337.265879][T13286] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2661'. [ 337.363899][T13290] bond12: entered allmulticast mode [ 337.402920][T13293] bond12 (unregistering): left allmulticast mode [ 337.433143][T13293] bond12 (unregistering): Released all slaves [ 337.466857][T13034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.490654][T13034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.512469][T13299] netlink: 'syz.4.2665': attribute type 1 has an invalid length. [ 337.521988][T13034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.535378][T13299] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2665'. [ 337.555132][T13034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.567803][T13034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.578850][T13034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.589118][T13034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.599679][T13034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.609671][T13034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.620195][T13034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.630161][T13034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.642637][T13034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.663297][T13034] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 337.677328][T13301] netlink: 766 bytes leftover after parsing attributes in process `syz.2.2666'. [ 337.697868][T13302] netlink: 766 bytes leftover after parsing attributes in process `syz.2.2666'. [ 337.732361][T13034] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.768344][T13034] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.791265][T13034] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.835704][T13034] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.875395][T13310] FAULT_INJECTION: forcing a failure. [ 337.875395][T13310] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 337.920205][T13310] CPU: 0 UID: 0 PID: 13310 Comm: syz.2.2669 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 337.931018][T13310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 337.941092][T13310] Call Trace: [ 337.944381][T13310] [ 337.947323][T13310] dump_stack_lvl+0x241/0x360 [ 337.952017][T13310] ? __pfx_dump_stack_lvl+0x10/0x10 [ 337.957228][T13310] ? __pfx__printk+0x10/0x10 [ 337.961837][T13310] ? __pfx_lock_release+0x10/0x10 [ 337.966881][T13310] ? seqcount_lockdep_reader_access+0x1d7/0x220 [ 337.973245][T13310] should_fail_ex+0x3b0/0x4e0 [ 337.977949][T13310] _copy_to_user+0x2f/0xb0 [ 337.982383][T13310] put_timespec64+0xfa/0x150 [ 337.987023][T13310] ? __pfx_put_timespec64+0x10/0x10 [ 337.992254][T13310] poll_select_finish+0x57d/0x7d0 [ 337.997392][T13310] ? __pfx_poll_select_finish+0x10/0x10 [ 338.002966][T13310] ? __pfx_set_user_sigmask+0x10/0x10 [ 338.008368][T13310] ? __fget_files+0x3f6/0x470 [ 338.013074][T13310] __se_sys_pselect6+0x330/0x3f0 [ 338.018050][T13310] ? __pfx___se_sys_pselect6+0x10/0x10 [ 338.023518][T13310] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 338.029859][T13310] ? do_syscall_64+0x100/0x230 [ 338.034621][T13310] ? __x64_sys_pselect6+0x21/0xf0 [ 338.039651][T13310] do_syscall_64+0xf3/0x230 [ 338.044153][T13310] ? clear_bhb_loop+0x35/0x90 [ 338.048831][T13310] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 338.054721][T13310] RIP: 0033:0x7fb55cf79e79 [ 338.059168][T13310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 338.078773][T13310] RSP: 002b:00007fb55dd11038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e [ 338.087186][T13310] RAX: ffffffffffffffda RBX: 00007fb55d115f80 RCX: 00007fb55cf79e79 [ 338.095158][T13310] RDX: 0000000020000940 RSI: 0000000020000900 RDI: 0000000000000040 [ 338.103122][T13310] RBP: 00007fb55dd11090 R08: 00000000200009c0 R09: 0000000000000000 [ 338.111185][T13310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 338.119164][T13310] R13: 0000000000000001 R14: 00007fb55d115f80 R15: 00007ffe39325f78 [ 338.127149][T13310] [ 338.366618][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 338.378873][ T5235] Bluetooth: hci8: command tx timeout [ 338.396316][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 338.465002][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 338.485751][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 338.516224][T13324] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2675'. [ 338.525364][T13326] netlink: 'syz.1.2677': attribute type 10 has an invalid length. [ 338.670177][T13329] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2678'. [ 338.826496][T13336] bond12: entered allmulticast mode [ 338.881608][T13329] bond12 (unregistering): left allmulticast mode [ 338.899822][T13329] bond12 (unregistering): Released all slaves [ 339.054311][T13349] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2686'. [ 339.145978][T13349] batman_adv: batadv0: Removing interface: netdevsim0 [ 339.204434][T13349] batman_adv: batadv1: Adding interface: netdevsim0 [ 339.226228][T13349] batman_adv: batadv1: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 339.343018][T13349] batman_adv: batadv1: Not using interface netdevsim0 (retrying later): interface not active [ 339.379860][T13362] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2691'. [ 339.401308][T13362] vlan2: entered promiscuous mode [ 339.435305][T13366] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2693'. [ 339.488081][T13366] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2693'. [ 339.788496][T13386] netlink: 'syz.2.2702': attribute type 1 has an invalid length. [ 339.806392][T13386] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 340.619352][T13416] netlink: 'syz.1.2714': attribute type 1 has an invalid length. [ 340.757258][T13416] bond6: entered promiscuous mode [ 340.768193][T13421] bond6: left promiscuous mode [ 340.847172][T13421] 8021q: adding VLAN 0 to HW filter on device bond6 [ 340.921070][T13432] FAULT_INJECTION: forcing a failure. [ 340.921070][T13432] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 340.972979][T13432] CPU: 1 UID: 0 PID: 13432 Comm: syz.3.2717 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 340.983800][T13432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 340.994142][T13432] Call Trace: [ 340.997442][T13432] [ 341.000381][T13432] dump_stack_lvl+0x241/0x360 [ 341.005169][T13432] ? __pfx_dump_stack_lvl+0x10/0x10 [ 341.010397][T13432] ? __pfx__printk+0x10/0x10 [ 341.015370][T13432] ? __pfx_lock_release+0x10/0x10 [ 341.021740][T13432] should_fail_ex+0x3b0/0x4e0 [ 341.026458][T13432] _copy_from_user+0x2f/0xe0 [ 341.031091][T13432] ____sys_sendmsg+0x2e4/0x7d0 [ 341.035911][T13432] ? __pfx_____sys_sendmsg+0x10/0x10 [ 341.041250][T13432] __sys_sendmmsg+0x3b2/0x740 [ 341.045960][T13432] ? __pfx___sys_sendmmsg+0x10/0x10 [ 341.051178][T13432] ? rcu_read_lock_sched_held+0x8d/0x130 [ 341.056866][T13432] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 341.062878][T13432] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 341.069229][T13432] ? _raw_spin_unlock_irq+0x23/0x50 [ 341.074428][T13432] ? lockdep_hardirqs_on+0x99/0x150 [ 341.079619][T13432] ? _raw_spin_unlock_irq+0x2e/0x50 [ 341.084836][T13432] ? get_signal+0x144f/0x1740 [ 341.089671][T13432] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 341.095696][T13432] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 341.102039][T13432] __x64_sys_sendmmsg+0xa0/0xb0 [ 341.106889][T13432] do_syscall_64+0xf3/0x230 [ 341.111384][T13432] ? clear_bhb_loop+0x35/0x90 [ 341.116070][T13432] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.121969][T13432] RIP: 0033:0x7f18dcb79e79 [ 341.126549][T13432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 341.146148][T13432] RSP: 002b:00007f18dda1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 341.154552][T13432] RAX: ffffffffffffffda RBX: 00007f18dcd15f80 RCX: 00007f18dcb79e79 [ 341.162517][T13432] RDX: 0000000000000001 RSI: 0000000020005300 RDI: 0000000000000005 [ 341.170476][T13432] RBP: 00007f18dda1f090 R08: 0000000000000000 R09: 0000000000000000 [ 341.178435][T13432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 341.186394][T13432] R13: 0000000000000000 R14: 00007f18dcd15f80 R15: 00007ffc0c463a58 [ 341.194365][T13432] [ 342.254960][T13483] netlink: 'syz.3.2739': attribute type 1 has an invalid length. [ 342.681109][T13501] tipc: Failed to remove unknown binding: 66,1,1/2886997162:3452013272/3452013274 [ 342.742891][T13495] x_tables: ip_tables: osf match: only valid for protocol 6 [ 342.844449][T13506] __nla_validate_parse: 7 callbacks suppressed [ 342.844466][T13506] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2747'. [ 342.892445][T13506] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2747'. [ 343.252303][T13519] netlink: 'syz.4.2753': attribute type 1 has an invalid length. [ 343.286431][T13519] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2753'. [ 343.449619][T13528] netlink: 'syz.4.2758': attribute type 1 has an invalid length. [ 343.490939][T13528] bond10: entered promiscuous mode [ 343.501666][T13528] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2758'. [ 343.510936][T13528] netlink: 92 bytes leftover after parsing attributes in process `syz.4.2758'. [ 343.545149][T13528] bond9: (slave team_slave_1): Releasing active interface [ 343.559419][T13528] team_slave_1: left promiscuous mode [ 343.661782][T13528] bond10: (slave team_slave_1): making interface the new active one [ 343.712342][T13528] team_slave_1: entered promiscuous mode [ 343.726973][T13538] sctp: [Deprecated]: syz.3.2760 (pid 13538) Use of struct sctp_assoc_value in delayed_ack socket option. [ 343.726973][T13538] Use struct sctp_sack_info instead [ 343.747313][T13528] bond10: (slave team_slave_1): Enslaving as an active interface with an up link [ 344.215434][T13559] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2766'. [ 344.267256][T13567] netlink: 'syz.1.2768': attribute type 1 has an invalid length. [ 344.295529][T13567] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2768'. [ 344.626016][T13579] sctp: [Deprecated]: syz.2.2775 (pid 13579) Use of struct sctp_assoc_value in delayed_ack socket option. [ 344.626016][T13579] Use struct sctp_sack_info instead [ 344.799940][T13583] netlink: 'syz.4.2777': attribute type 1 has an invalid length. [ 344.850601][T13592] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2777'. [ 344.861120][T13583] bond11: entered promiscuous mode [ 344.875196][T13592] netlink: 92 bytes leftover after parsing attributes in process `syz.4.2777'. [ 344.925082][T13594] netlink: 'syz.3.2781': attribute type 1 has an invalid length. [ 344.936412][T13594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2781'. [ 345.016739][T13583] bond10: (slave team_slave_1): Releasing active interface [ 345.044980][T13583] team_slave_1: left promiscuous mode [ 345.109849][T13583] bond11: (slave team_slave_1): making interface the new active one [ 345.139458][T13583] team_slave_1: entered promiscuous mode [ 345.154152][T13583] bond11: (slave team_slave_1): Enslaving as an active interface with an up link [ 345.293697][T13608] netlink: 'syz.1.2786': attribute type 1 has an invalid length. [ 345.565232][T13619] Bluetooth: hci3: service_discovery: expected 4 bytes, got 7 bytes [ 345.806368][T13629] [ 345.808742][T13629] ================================================ [ 345.815257][T13629] WARNING: lock held when returning to user space! [ 345.821769][T13629] 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 Not tainted [ 345.828970][T13629] ------------------------------------------------ [ 345.835474][T13629] syz.3.2795/13629 is leaving the kernel with locks still held! [ 345.843108][T13629] 1 lock held by syz.3.2795/13629: [ 345.848231][T13629] #0: ffffffff8fc84b88 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_act_cable_test+0x187/0x3f0 [ 353.258346][ T52] ================================================================== [ 353.266444][ T52] BUG: KASAN: slab-use-after-free in __mutex_lock+0xcf5/0xd70 [ 353.273908][ T52] Read of size 4 at addr ffff88806710bc34 by task kworker/u8:3/52 [ 353.281700][ T52] [ 353.284020][ T52] CPU: 0 UID: 0 PID: 52 Comm: kworker/u8:3 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 353.294877][ T52] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 353.304935][ T52] Workqueue: ipv6_addrconf addrconf_verify_work [ 353.311175][ T52] Call Trace: [ 353.314445][ T52] [ 353.317363][ T52] dump_stack_lvl+0x241/0x360 [ 353.322081][ T52] ? __pfx_dump_stack_lvl+0x10/0x10 [ 353.327307][ T52] ? __pfx__printk+0x10/0x10 [ 353.331887][ T52] ? _printk+0xd5/0x120 [ 353.336030][ T52] ? __virt_addr_valid+0x183/0x530 [ 353.341129][ T52] ? __virt_addr_valid+0x183/0x530 [ 353.346228][ T52] print_report+0x169/0x550 [ 353.350724][ T52] ? __virt_addr_valid+0x183/0x530 [ 353.355933][ T52] ? __virt_addr_valid+0x183/0x530 [ 353.361113][ T52] ? __virt_addr_valid+0x45f/0x530 [ 353.366208][ T52] ? __phys_addr+0xba/0x170 [ 353.370708][ T52] ? __mutex_lock+0xcf5/0xd70 [ 353.375378][ T52] kasan_report+0x143/0x180 [ 353.379877][ T52] ? __mutex_lock+0xcf5/0xd70 [ 353.384546][ T52] __mutex_lock+0xcf5/0xd70 [ 353.389051][ T52] ? addrconf_verify_work+0x19/0x30 [ 353.394238][ T52] ? __pfx_lock_acquire+0x10/0x10 [ 353.399254][ T52] ? __pfx___mutex_lock+0x10/0x10 [ 353.404271][ T52] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 353.410603][ T52] ? rcu_is_watching+0x15/0xb0 [ 353.415368][ T52] ? process_scheduled_works+0x945/0x1830 [ 353.421078][ T52] addrconf_verify_work+0x19/0x30 [ 353.426181][ T52] process_scheduled_works+0xa2c/0x1830 [ 353.431725][ T52] ? __pfx_process_scheduled_works+0x10/0x10 [ 353.437708][ T52] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 353.443247][ T52] ? assign_work+0x364/0x3d0 [ 353.447832][ T52] worker_thread+0x86d/0xd40 [ 353.452517][ T52] ? __kthread_parkme+0x169/0x1d0 [ 353.457535][ T52] ? __pfx_worker_thread+0x10/0x10 [ 353.462648][ T52] kthread+0x2f0/0x390 [ 353.466726][ T52] ? __pfx_worker_thread+0x10/0x10 [ 353.471828][ T52] ? __pfx_kthread+0x10/0x10 [ 353.476412][ T52] ret_from_fork+0x4b/0x80 [ 353.480821][ T52] ? __pfx_kthread+0x10/0x10 [ 353.485402][ T52] ret_from_fork_asm+0x1a/0x30 [ 353.490265][ T52] [ 353.493292][ T52] [ 353.495604][ T52] Allocated by task 13628: [ 353.500016][ T52] kasan_save_track+0x3f/0x80 [ 353.504691][ T52] __kasan_slab_alloc+0x66/0x80 [ 353.509600][ T52] kmem_cache_alloc_node_noprof+0x16b/0x320 [ 353.515484][ T52] dup_task_struct+0x57/0x8c0 [ 353.520154][ T52] copy_process+0x5d1/0x3e10 [ 353.524738][ T52] kernel_clone+0x226/0x8f0 [ 353.529320][ T52] __se_sys_clone3+0x2cb/0x350 [ 353.534174][ T52] do_syscall_64+0xf3/0x230 [ 353.538679][ T52] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.544582][ T52] [ 353.546895][ T52] Freed by task 13630: [ 353.550947][ T52] kasan_save_track+0x3f/0x80 [ 353.555617][ T52] kasan_save_free_info+0x40/0x50 [ 353.560630][ T52] poison_slab_object+0xe0/0x150 [ 353.565560][ T52] __kasan_slab_free+0x37/0x60 [ 353.570317][ T52] kmem_cache_free+0x145/0x350 [ 353.575072][ T52] delayed_put_task_struct+0x125/0x300 [ 353.580523][ T52] rcu_core+0xafd/0x1830 [ 353.584752][ T52] handle_softirqs+0x2c4/0x970 [ 353.589502][ T52] __irq_exit_rcu+0xf4/0x1c0 [ 353.594079][ T52] irq_exit_rcu+0x9/0x30 [ 353.598309][ T52] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 353.603936][ T52] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 353.609913][ T52] [ 353.612228][ T52] Last potentially related work creation: [ 353.617926][ T52] kasan_save_stack+0x3f/0x60 [ 353.622598][ T52] __kasan_record_aux_stack+0xac/0xc0 [ 353.627967][ T52] call_rcu+0x167/0xa70 [ 353.632112][ T52] __schedule+0x1808/0x4a60 [ 353.636603][ T52] preempt_schedule_irq+0xfb/0x1c0 [ 353.641715][ T52] irqentry_exit+0x5e/0x90 [ 353.646123][ T52] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 353.651575][ T52] [ 353.653884][ T52] The buggy address belongs to the object at ffff88806710bc00 [ 353.653884][ T52] which belongs to the cache task_struct of size 7424 [ 353.668014][ T52] The buggy address is located 52 bytes inside of [ 353.668014][ T52] freed 7424-byte region [ffff88806710bc00, ffff88806710d900) [ 353.681987][ T52] [ 353.684302][ T52] The buggy address belongs to the physical page: [ 353.690706][ T52] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888067109e00 pfn:0x67108 [ 353.700777][ T52] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 353.709269][ T52] memcg:ffff888065b46e41 [ 353.713501][ T52] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff) [ 353.721999][ T52] page_type: 0xfdffffff(slab) [ 353.726668][ T52] raw: 00fff00000000240 ffff8880166fd500 ffffea0000805610 ffffea0001f02610 [ 353.735239][ T52] raw: ffff888067109e00 0000000000040003 00000001fdffffff ffff888065b46e41 [ 353.743900][ T52] head: 00fff00000000240 ffff8880166fd500 ffffea0000805610 ffffea0001f02610 [ 353.752563][ T52] head: ffff888067109e00 0000000000040003 00000001fdffffff ffff888065b46e41 [ 353.761219][ T52] head: 00fff00000000003 ffffea00019c4201 ffffffffffffffff 0000000000000000 [ 353.769900][ T52] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 353.778650][ T52] page dumped because: kasan: bad access detected [ 353.785056][ T52] page_owner tracks the page as allocated [ 353.790925][ T52] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 2, tgid 2 (kthreadd), ts 57905778587, free_ts 14862287363 [ 353.811409][ T52] post_alloc_hook+0x1f3/0x230 [ 353.816182][ T52] get_page_from_freelist+0x2e4c/0x2f10 [ 353.821718][ T52] __alloc_pages_noprof+0x256/0x6c0 [ 353.826910][ T52] alloc_slab_page+0x5f/0x120 [ 353.831580][ T52] allocate_slab+0x5a/0x2f0 [ 353.836070][ T52] ___slab_alloc+0xcd1/0x14b0 [ 353.840991][ T52] __slab_alloc+0x58/0xa0 [ 353.845306][ T52] kmem_cache_alloc_node_noprof+0x1fe/0x320 [ 353.851184][ T52] dup_task_struct+0x57/0x8c0 [ 353.855845][ T52] copy_process+0x5d1/0x3e10 [ 353.860420][ T52] kernel_clone+0x226/0x8f0 [ 353.864907][ T52] kernel_thread+0x1bc/0x240 [ 353.869484][ T52] kthreadd+0x60d/0x810 [ 353.873629][ T52] ret_from_fork+0x4b/0x80 [ 353.878034][ T52] ret_from_fork_asm+0x1a/0x30 [ 353.882787][ T52] page last free pid 1 tgid 1 stack trace: [ 353.888574][ T52] free_unref_page+0xd22/0xea0 [ 353.893329][ T52] free_contig_range+0x9e/0x160 [ 353.898167][ T52] destroy_args+0x8a/0x890 [ 353.902570][ T52] debug_vm_pgtable+0x4be/0x550 [ 353.907404][ T52] do_one_initcall+0x248/0x880 [ 353.912178][ T52] do_initcall_level+0x157/0x210 [ 353.917107][ T52] do_initcalls+0x3f/0x80 [ 353.921590][ T52] kernel_init_freeable+0x435/0x5d0 [ 353.926777][ T52] kernel_init+0x1d/0x2b0 [ 353.931095][ T52] ret_from_fork+0x4b/0x80 [ 353.935500][ T52] ret_from_fork_asm+0x1a/0x30 [ 353.940265][ T52] [ 353.942575][ T52] Memory state around the buggy address: [ 353.948447][ T52] ffff88806710bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 353.956493][ T52] ffff88806710bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 353.964537][ T52] >ffff88806710bc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 353.972580][ T52] ^ [ 353.978192][ T52] ffff88806710bc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 353.986233][ T52] ffff88806710bd00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 353.994362][ T52] ================================================================== [ 354.005144][ T52] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 354.012535][ T52] CPU: 0 UID: 0 PID: 52 Comm: kworker/u8:3 Not tainted 6.11.0-rc4-syzkaller-00566-g7d3aed652d09 #0 [ 354.023223][ T52] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 354.033292][ T52] Workqueue: ipv6_addrconf addrconf_verify_work [ 354.039548][ T52] Call Trace: [ 354.042819][ T52] [ 354.045743][ T52] dump_stack_lvl+0x241/0x360 [ 354.050426][ T52] ? __pfx_dump_stack_lvl+0x10/0x10 [ 354.055618][ T52] ? __pfx__printk+0x10/0x10 [ 354.060198][ T52] ? rcu_is_watching+0x15/0xb0 [ 354.064962][ T52] ? lock_release+0xbf/0xa30 [ 354.069545][ T52] ? vscnprintf+0x5d/0x90 [ 354.073878][ T52] panic+0x349/0x860 [ 354.077761][ T52] ? check_panic_on_warn+0x21/0xb0 [ 354.082861][ T52] ? __pfx_panic+0x10/0x10 [ 354.087273][ T52] ? trace_irq_enable+0x2c/0x120 [ 354.092199][ T52] ? _raw_spin_unlock_irqrestore+0xd8/0x140 [ 354.098085][ T52] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 354.104056][ T52] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 354.110377][ T52] ? print_report+0x502/0x550 [ 354.115136][ T52] check_panic_on_warn+0x86/0xb0 [ 354.120069][ T52] ? __mutex_lock+0xcf5/0xd70 [ 354.124748][ T52] end_report+0x77/0x160 [ 354.128988][ T52] kasan_report+0x154/0x180 [ 354.133481][ T52] ? __mutex_lock+0xcf5/0xd70 [ 354.138156][ T52] __mutex_lock+0xcf5/0xd70 [ 354.142651][ T52] ? addrconf_verify_work+0x19/0x30 [ 354.147838][ T52] ? __pfx_lock_acquire+0x10/0x10 [ 354.152943][ T52] ? __pfx___mutex_lock+0x10/0x10 [ 354.158046][ T52] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 354.164367][ T52] ? rcu_is_watching+0x15/0xb0 [ 354.169121][ T52] ? process_scheduled_works+0x945/0x1830 [ 354.174827][ T52] addrconf_verify_work+0x19/0x30 [ 354.179843][ T52] process_scheduled_works+0xa2c/0x1830 [ 354.185424][ T52] ? __pfx_process_scheduled_works+0x10/0x10 [ 354.191392][ T52] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 354.197022][ T52] ? assign_work+0x364/0x3d0 [ 354.201604][ T52] worker_thread+0x86d/0xd40 [ 354.206202][ T52] ? __kthread_parkme+0x169/0x1d0 [ 354.211217][ T52] ? __pfx_worker_thread+0x10/0x10 [ 354.216322][ T52] kthread+0x2f0/0x390 [ 354.220385][ T52] ? __pfx_worker_thread+0x10/0x10 [ 354.225490][ T52] ? __pfx_kthread+0x10/0x10 [ 354.230273][ T52] ret_from_fork+0x4b/0x80 [ 354.234686][ T52] ? __pfx_kthread+0x10/0x10 [ 354.239275][ T52] ret_from_fork_asm+0x1a/0x30 [ 354.244035][ T52] [ 354.247292][ T52] Kernel Offset: disabled [ 354.251784][ T52] Rebooting in 86400 seconds..